Date
June 2, 2025, 2:10 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.047487] ================================================================== [ 12.047916] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 12.048152] Write of size 16 at addr ffff8881024e4120 by task kunit_try_catch/171 [ 12.048400] [ 12.048727] CPU: 0 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.048827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.048852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.048889] Call Trace: [ 12.048914] <TASK> [ 12.048937] dump_stack_lvl+0x73/0xb0 [ 12.048969] print_report+0xd1/0x640 [ 12.048991] ? __virt_addr_valid+0x1db/0x2d0 [ 12.049013] ? kmalloc_oob_16+0x454/0x4a0 [ 12.049033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.049059] ? kmalloc_oob_16+0x454/0x4a0 [ 12.049218] kasan_report+0x140/0x180 [ 12.049537] ? kmalloc_oob_16+0x454/0x4a0 [ 12.049594] __asan_report_store16_noabort+0x1b/0x30 [ 12.049637] kmalloc_oob_16+0x454/0x4a0 [ 12.049689] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.049730] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.049760] kunit_try_run_case+0x1a6/0x480 [ 12.049784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.049803] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.049822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.049845] ? __kthread_parkme+0x82/0x160 [ 12.049863] ? preempt_count_sub+0x50/0x80 [ 12.049885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.049916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.049942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.049967] kthread+0x257/0x310 [ 12.049985] ? __pfx_kthread+0x10/0x10 [ 12.050003] ret_from_fork+0x41/0x80 [ 12.050023] ? __pfx_kthread+0x10/0x10 [ 12.050042] ret_from_fork_asm+0x1a/0x30 [ 12.050099] </TASK> [ 12.050117] [ 12.057999] Allocated by task 171: [ 12.058340] kasan_save_stack+0x45/0x70 [ 12.058767] kasan_save_track+0x18/0x40 [ 12.059216] kasan_save_alloc_info+0x3b/0x50 [ 12.059491] __kasan_kmalloc+0xb7/0xc0 [ 12.059668] __kmalloc_cache_noprof+0x168/0x350 [ 12.059854] kmalloc_oob_16+0xa9/0x4a0 [ 12.060015] kunit_try_run_case+0x1a6/0x480 [ 12.060323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.060708] kthread+0x257/0x310 [ 12.061341] ret_from_fork+0x41/0x80 [ 12.061685] ret_from_fork_asm+0x1a/0x30 [ 12.061984] [ 12.062251] The buggy address belongs to the object at ffff8881024e4120 [ 12.062251] which belongs to the cache kmalloc-16 of size 16 [ 12.062792] The buggy address is located 0 bytes inside of [ 12.062792] allocated 13-byte region [ffff8881024e4120, ffff8881024e412d) [ 12.063498] [ 12.063671] The buggy address belongs to the physical page: [ 12.064031] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 12.064822] flags: 0x200000000000000(node=0|zone=2) [ 12.065108] page_type: f5(slab) [ 12.065427] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.066016] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 12.066594] page dumped because: kasan: bad access detected [ 12.067018] [ 12.067316] Memory state around the buggy address: [ 12.067547] ffff8881024e4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.067789] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 12.068023] >ffff8881024e4100: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 12.068631] ^ [ 12.068995] ffff8881024e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069631] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070199] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.011604] ================================================================== [ 12.011979] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 12.012432] Read of size 1 at addr ffff888100994e00 by task kunit_try_catch/169 [ 12.013001] [ 12.013174] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.013273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.013297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.013342] Call Trace: [ 12.013381] <TASK> [ 12.013405] dump_stack_lvl+0x73/0xb0 [ 12.013449] print_report+0xd1/0x640 [ 12.013482] ? __virt_addr_valid+0x1db/0x2d0 [ 12.013517] ? krealloc_uaf+0x53e/0x5e0 [ 12.013545] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.013577] ? krealloc_uaf+0x53e/0x5e0 [ 12.013607] kasan_report+0x140/0x180 [ 12.013640] ? krealloc_uaf+0x53e/0x5e0 [ 12.013692] __asan_report_load1_noabort+0x18/0x20 [ 12.013727] krealloc_uaf+0x53e/0x5e0 [ 12.013758] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.013788] ? finish_task_switch.isra.0+0x153/0x700 [ 12.013826] ? __switch_to+0x5d9/0xf60 [ 12.013873] ? __schedule+0xc49/0x27a0 [ 12.013926] ? __pfx_read_tsc+0x10/0x10 [ 12.013966] ? ktime_get_ts64+0x84/0x230 [ 12.014018] kunit_try_run_case+0x1a6/0x480 [ 12.014098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.014138] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.014178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.014223] ? __kthread_parkme+0x82/0x160 [ 12.014256] ? preempt_count_sub+0x50/0x80 [ 12.014289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.014320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.014361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.014424] kthread+0x257/0x310 [ 12.014454] ? __pfx_kthread+0x10/0x10 [ 12.014482] ret_from_fork+0x41/0x80 [ 12.014510] ? __pfx_kthread+0x10/0x10 [ 12.014536] ret_from_fork_asm+0x1a/0x30 [ 12.014580] </TASK> [ 12.014599] [ 12.022219] Allocated by task 169: [ 12.022436] kasan_save_stack+0x45/0x70 [ 12.022767] kasan_save_track+0x18/0x40 [ 12.022978] kasan_save_alloc_info+0x3b/0x50 [ 12.023255] __kasan_kmalloc+0xb7/0xc0 [ 12.023614] __kmalloc_cache_noprof+0x168/0x350 [ 12.023918] krealloc_uaf+0xbc/0x5e0 [ 12.024136] kunit_try_run_case+0x1a6/0x480 [ 12.024363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024601] kthread+0x257/0x310 [ 12.024785] ret_from_fork+0x41/0x80 [ 12.024975] ret_from_fork_asm+0x1a/0x30 [ 12.025196] [ 12.025315] Freed by task 169: [ 12.025481] kasan_save_stack+0x45/0x70 [ 12.025685] kasan_save_track+0x18/0x40 [ 12.025970] kasan_save_free_info+0x3f/0x60 [ 12.026314] __kasan_slab_free+0x56/0x70 [ 12.026684] kfree+0x123/0x3d0 [ 12.026919] krealloc_uaf+0x13e/0x5e0 [ 12.027224] kunit_try_run_case+0x1a6/0x480 [ 12.027562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.027942] kthread+0x257/0x310 [ 12.028302] ret_from_fork+0x41/0x80 [ 12.028567] ret_from_fork_asm+0x1a/0x30 [ 12.028872] [ 12.029030] The buggy address belongs to the object at ffff888100994e00 [ 12.029030] which belongs to the cache kmalloc-256 of size 256 [ 12.030119] The buggy address is located 0 bytes inside of [ 12.030119] freed 256-byte region [ffff888100994e00, ffff888100994f00) [ 12.030625] [ 12.030778] The buggy address belongs to the physical page: [ 12.030998] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994 [ 12.031731] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.032129] flags: 0x200000000000040(head|node=0|zone=2) [ 12.032389] page_type: f5(slab) [ 12.032546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.032802] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.033044] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.033676] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.034203] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000 [ 12.034708] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.035393] page dumped because: kasan: bad access detected [ 12.035554] [ 12.035636] Memory state around the buggy address: [ 12.035952] ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036603] ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.036879] >ffff888100994e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.037277] ^ [ 12.037428] ffff888100994e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.037667] ffff888100994f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.038038] ================================================================== [ 11.979727] ================================================================== [ 11.980213] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 11.980645] Read of size 1 at addr ffff888100994e00 by task kunit_try_catch/169 [ 11.981113] [ 11.981259] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.981337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.981359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.981396] Call Trace: [ 11.981424] <TASK> [ 11.981455] dump_stack_lvl+0x73/0xb0 [ 11.981766] print_report+0xd1/0x640 [ 11.981813] ? __virt_addr_valid+0x1db/0x2d0 [ 11.981851] ? krealloc_uaf+0x1b9/0x5e0 [ 11.981883] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.981935] ? krealloc_uaf+0x1b9/0x5e0 [ 11.982018] kasan_report+0x140/0x180 [ 11.982085] ? krealloc_uaf+0x1b9/0x5e0 [ 11.982122] ? krealloc_uaf+0x1b9/0x5e0 [ 11.982153] __kasan_check_byte+0x3d/0x50 [ 11.982192] krealloc_noprof+0x35/0x140 [ 11.982231] krealloc_uaf+0x1b9/0x5e0 [ 11.982268] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.982302] ? finish_task_switch.isra.0+0x153/0x700 [ 11.982339] ? __switch_to+0x5d9/0xf60 [ 11.982367] ? __schedule+0xc49/0x27a0 [ 11.982388] ? __pfx_read_tsc+0x10/0x10 [ 11.982405] ? ktime_get_ts64+0x84/0x230 [ 11.982429] kunit_try_run_case+0x1a6/0x480 [ 11.982450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.982468] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.982486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.982508] ? __kthread_parkme+0x82/0x160 [ 11.982526] ? preempt_count_sub+0x50/0x80 [ 11.982546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.982563] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.982585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.982606] kthread+0x257/0x310 [ 11.982623] ? __pfx_kthread+0x10/0x10 [ 11.982640] ret_from_fork+0x41/0x80 [ 11.982676] ? __pfx_kthread+0x10/0x10 [ 11.982715] ret_from_fork_asm+0x1a/0x30 [ 11.982759] </TASK> [ 11.982776] [ 11.992315] Allocated by task 169: [ 11.992612] kasan_save_stack+0x45/0x70 [ 11.992936] kasan_save_track+0x18/0x40 [ 11.993425] kasan_save_alloc_info+0x3b/0x50 [ 11.993668] __kasan_kmalloc+0xb7/0xc0 [ 11.993836] __kmalloc_cache_noprof+0x168/0x350 [ 11.994036] krealloc_uaf+0xbc/0x5e0 [ 11.994491] kunit_try_run_case+0x1a6/0x480 [ 11.994827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.995615] kthread+0x257/0x310 [ 11.995911] ret_from_fork+0x41/0x80 [ 11.996355] ret_from_fork_asm+0x1a/0x30 [ 11.996679] [ 11.996878] Freed by task 169: [ 11.997362] kasan_save_stack+0x45/0x70 [ 11.997602] kasan_save_track+0x18/0x40 [ 11.997786] kasan_save_free_info+0x3f/0x60 [ 11.998260] __kasan_slab_free+0x56/0x70 [ 11.998574] kfree+0x123/0x3d0 [ 11.998851] krealloc_uaf+0x13e/0x5e0 [ 11.999532] kunit_try_run_case+0x1a6/0x480 [ 11.999870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.000335] kthread+0x257/0x310 [ 12.000612] ret_from_fork+0x41/0x80 [ 12.000858] ret_from_fork_asm+0x1a/0x30 [ 12.001303] [ 12.001512] The buggy address belongs to the object at ffff888100994e00 [ 12.001512] which belongs to the cache kmalloc-256 of size 256 [ 12.002240] The buggy address is located 0 bytes inside of [ 12.002240] freed 256-byte region [ffff888100994e00, ffff888100994f00) [ 12.002835] [ 12.002995] The buggy address belongs to the physical page: [ 12.003719] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994 [ 12.004086] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.004473] flags: 0x200000000000040(head|node=0|zone=2) [ 12.004681] page_type: f5(slab) [ 12.004933] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.005311] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.005685] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.005942] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.006699] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000 [ 12.007009] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.007617] page dumped because: kasan: bad access detected [ 12.007809] [ 12.007959] Memory state around the buggy address: [ 12.008327] ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.008800] ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.009097] >ffff888100994e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.009569] ^ [ 12.009818] ffff888100994e80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.010198] ffff888100994f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.010424] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.643021] ================================================================== [ 11.643632] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 11.644038] Write of size 1 at addr ffff8881003a14c9 by task kunit_try_catch/163 [ 11.644354] [ 11.645451] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.645557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.645578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.645612] Call Trace: [ 11.645637] <TASK> [ 11.645677] dump_stack_lvl+0x73/0xb0 [ 11.645731] print_report+0xd1/0x640 [ 11.645766] ? __virt_addr_valid+0x1db/0x2d0 [ 11.645807] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.645839] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.645882] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.645932] kasan_report+0x140/0x180 [ 11.645981] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.646034] __asan_report_store1_noabort+0x1b/0x30 [ 11.646073] krealloc_less_oob_helper+0xd72/0x11d0 [ 11.646111] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.646145] ? finish_task_switch.isra.0+0x153/0x700 [ 11.646180] ? __switch_to+0x5d9/0xf60 [ 11.646216] ? __schedule+0xc49/0x27a0 [ 11.646250] ? __pfx_read_tsc+0x10/0x10 [ 11.646290] krealloc_less_oob+0x1c/0x30 [ 11.646320] kunit_try_run_case+0x1a6/0x480 [ 11.646361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.646396] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.646433] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.646473] ? __kthread_parkme+0x82/0x160 [ 11.646503] ? preempt_count_sub+0x50/0x80 [ 11.646538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.646567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.646603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.646640] kthread+0x257/0x310 [ 11.647256] ? __pfx_kthread+0x10/0x10 [ 11.647300] ret_from_fork+0x41/0x80 [ 11.647336] ? __pfx_kthread+0x10/0x10 [ 11.647368] ret_from_fork_asm+0x1a/0x30 [ 11.647426] </TASK> [ 11.647445] [ 11.661754] Allocated by task 163: [ 11.662225] kasan_save_stack+0x45/0x70 [ 11.662519] kasan_save_track+0x18/0x40 [ 11.662718] kasan_save_alloc_info+0x3b/0x50 [ 11.663026] __kasan_krealloc+0x190/0x1f0 [ 11.663448] krealloc_noprof+0xc1/0x140 [ 11.663708] krealloc_less_oob_helper+0x1ab/0x11d0 [ 11.663993] krealloc_less_oob+0x1c/0x30 [ 11.664348] kunit_try_run_case+0x1a6/0x480 [ 11.664645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.664917] kthread+0x257/0x310 [ 11.665143] ret_from_fork+0x41/0x80 [ 11.665833] ret_from_fork_asm+0x1a/0x30 [ 11.666173] [ 11.666366] The buggy address belongs to the object at ffff8881003a1400 [ 11.666366] which belongs to the cache kmalloc-256 of size 256 [ 11.667117] The buggy address is located 0 bytes to the right of [ 11.667117] allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9) [ 11.667764] [ 11.668113] The buggy address belongs to the physical page: [ 11.668605] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 11.668943] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.669581] flags: 0x200000000000040(head|node=0|zone=2) [ 11.669941] page_type: f5(slab) [ 11.670479] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.671386] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.671783] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.672301] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.672759] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 11.673432] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.673856] page dumped because: kasan: bad access detected [ 11.674415] [ 11.674525] Memory state around the buggy address: [ 11.674790] ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.675056] ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.675589] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.675899] ^ [ 11.676366] ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.676716] ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.677650] ================================================================== [ 11.879197] ================================================================== [ 11.879443] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 11.880008] Write of size 1 at addr ffff88810257e0d0 by task kunit_try_catch/167 [ 11.880351] [ 11.881082] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.881297] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.881321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.881355] Call Trace: [ 11.881380] <TASK> [ 11.881405] dump_stack_lvl+0x73/0xb0 [ 11.881867] print_report+0xd1/0x640 [ 11.881932] ? __virt_addr_valid+0x1db/0x2d0 [ 11.881975] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.882012] ? kasan_addr_to_slab+0x11/0xa0 [ 11.882106] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.882143] kasan_report+0x140/0x180 [ 11.882187] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.882235] __asan_report_store1_noabort+0x1b/0x30 [ 11.882277] krealloc_less_oob_helper+0xe25/0x11d0 [ 11.882319] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.882480] ? finish_task_switch.isra.0+0x153/0x700 [ 11.882525] ? __switch_to+0x5d9/0xf60 [ 11.882558] ? __schedule+0xc49/0x27a0 [ 11.882578] ? __pfx_read_tsc+0x10/0x10 [ 11.882600] krealloc_large_less_oob+0x1c/0x30 [ 11.882621] kunit_try_run_case+0x1a6/0x480 [ 11.882642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882681] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.882703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.882726] ? __kthread_parkme+0x82/0x160 [ 11.882745] ? preempt_count_sub+0x50/0x80 [ 11.882765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.882783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.882807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.882830] kthread+0x257/0x310 [ 11.882847] ? __pfx_kthread+0x10/0x10 [ 11.882865] ret_from_fork+0x41/0x80 [ 11.882883] ? __pfx_kthread+0x10/0x10 [ 11.882900] ret_from_fork_asm+0x1a/0x30 [ 11.882928] </TASK> [ 11.882940] [ 11.891785] The buggy address belongs to the physical page: [ 11.892257] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c [ 11.892924] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.893345] flags: 0x200000000000040(head|node=0|zone=2) [ 11.893567] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.894088] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.894720] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.895167] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.895684] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000 [ 11.896015] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.896628] page dumped because: kasan: bad access detected [ 11.896965] [ 11.897237] Memory state around the buggy address: [ 11.897442] ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.897869] ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.898609] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.899165] ^ [ 11.899810] ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.900165] ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.900729] ================================================================== [ 11.856298] ================================================================== [ 11.856806] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 11.857209] Write of size 1 at addr ffff88810257e0c9 by task kunit_try_catch/167 [ 11.857648] [ 11.857784] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.858122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.858158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.858204] Call Trace: [ 11.858234] <TASK> [ 11.858280] dump_stack_lvl+0x73/0xb0 [ 11.858338] print_report+0xd1/0x640 [ 11.858375] ? __virt_addr_valid+0x1db/0x2d0 [ 11.858402] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.858423] ? kasan_addr_to_slab+0x11/0xa0 [ 11.858444] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.858465] kasan_report+0x140/0x180 [ 11.858489] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 11.858514] __asan_report_store1_noabort+0x1b/0x30 [ 11.858536] krealloc_less_oob_helper+0xd72/0x11d0 [ 11.858559] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.858579] ? finish_task_switch.isra.0+0x153/0x700 [ 11.858602] ? __switch_to+0x5d9/0xf60 [ 11.858626] ? __schedule+0xc49/0x27a0 [ 11.858647] ? __pfx_read_tsc+0x10/0x10 [ 11.858701] krealloc_large_less_oob+0x1c/0x30 [ 11.858733] kunit_try_run_case+0x1a6/0x480 [ 11.858774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.858810] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.858848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.858896] ? __kthread_parkme+0x82/0x160 [ 11.858936] ? preempt_count_sub+0x50/0x80 [ 11.858973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.859005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.859042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.859329] kthread+0x257/0x310 [ 11.859371] ? __pfx_kthread+0x10/0x10 [ 11.859407] ret_from_fork+0x41/0x80 [ 11.859442] ? __pfx_kthread+0x10/0x10 [ 11.859477] ret_from_fork_asm+0x1a/0x30 [ 11.859516] </TASK> [ 11.859529] [ 11.869824] The buggy address belongs to the physical page: [ 11.870456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c [ 11.870891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.871198] flags: 0x200000000000040(head|node=0|zone=2) [ 11.871550] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.872039] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.872618] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.873023] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.873823] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000 [ 11.874515] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.874931] page dumped because: kasan: bad access detected [ 11.875283] [ 11.875611] Memory state around the buggy address: [ 11.875890] ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.876164] ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.876870] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.877269] ^ [ 11.877677] ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.878052] ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.878584] ================================================================== [ 11.950364] ================================================================== [ 11.950858] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 11.951577] Write of size 1 at addr ffff88810257e0eb by task kunit_try_catch/167 [ 11.952381] [ 11.952573] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.952677] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.952710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.952744] Call Trace: [ 11.952768] <TASK> [ 11.952792] dump_stack_lvl+0x73/0xb0 [ 11.952844] print_report+0xd1/0x640 [ 11.952884] ? __virt_addr_valid+0x1db/0x2d0 [ 11.952928] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.952966] ? kasan_addr_to_slab+0x11/0xa0 [ 11.953003] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.953040] kasan_report+0x140/0x180 [ 11.953254] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.953300] __asan_report_store1_noabort+0x1b/0x30 [ 11.953333] krealloc_less_oob_helper+0xd49/0x11d0 [ 11.953372] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.953409] ? finish_task_switch.isra.0+0x153/0x700 [ 11.953448] ? __switch_to+0x5d9/0xf60 [ 11.953493] ? __schedule+0xc49/0x27a0 [ 11.953535] ? __pfx_read_tsc+0x10/0x10 [ 11.953565] krealloc_large_less_oob+0x1c/0x30 [ 11.953584] kunit_try_run_case+0x1a6/0x480 [ 11.953606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.953624] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.953644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.953688] ? __kthread_parkme+0x82/0x160 [ 11.953708] ? preempt_count_sub+0x50/0x80 [ 11.953728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.953747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.953771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.953795] kthread+0x257/0x310 [ 11.953812] ? __pfx_kthread+0x10/0x10 [ 11.953829] ret_from_fork+0x41/0x80 [ 11.953848] ? __pfx_kthread+0x10/0x10 [ 11.953865] ret_from_fork_asm+0x1a/0x30 [ 11.953906] </TASK> [ 11.953921] [ 11.965759] The buggy address belongs to the physical page: [ 11.966045] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c [ 11.966592] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.967123] flags: 0x200000000000040(head|node=0|zone=2) [ 11.967508] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.967901] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.968460] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.969067] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.969700] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000 [ 11.970167] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.970728] page dumped because: kasan: bad access detected [ 11.971000] [ 11.971321] Memory state around the buggy address: [ 11.971543] ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.971787] ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.972399] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.972885] ^ [ 11.973433] ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.973894] ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.974400] ================================================================== [ 11.770817] ================================================================== [ 11.771834] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 11.772499] Write of size 1 at addr ffff8881003a14eb by task kunit_try_catch/163 [ 11.772833] [ 11.773034] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.773227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.773258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.773287] Call Trace: [ 11.773305] <TASK> [ 11.773322] dump_stack_lvl+0x73/0xb0 [ 11.773356] print_report+0xd1/0x640 [ 11.773377] ? __virt_addr_valid+0x1db/0x2d0 [ 11.773399] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.773418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.773439] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.773458] kasan_report+0x140/0x180 [ 11.773480] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 11.773503] __asan_report_store1_noabort+0x1b/0x30 [ 11.773523] krealloc_less_oob_helper+0xd49/0x11d0 [ 11.773544] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.773563] ? finish_task_switch.isra.0+0x153/0x700 [ 11.773583] ? __switch_to+0x5d9/0xf60 [ 11.773604] ? __schedule+0xc49/0x27a0 [ 11.773624] ? __pfx_read_tsc+0x10/0x10 [ 11.773645] krealloc_less_oob+0x1c/0x30 [ 11.773687] kunit_try_run_case+0x1a6/0x480 [ 11.773725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.773757] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.773791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.773833] ? __kthread_parkme+0x82/0x160 [ 11.773871] ? preempt_count_sub+0x50/0x80 [ 11.773921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.773958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.773989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.774016] kthread+0x257/0x310 [ 11.774034] ? __pfx_kthread+0x10/0x10 [ 11.774059] ret_from_fork+0x41/0x80 [ 11.774245] ? __pfx_kthread+0x10/0x10 [ 11.774306] ret_from_fork_asm+0x1a/0x30 [ 11.774372] </TASK> [ 11.774396] [ 11.785160] Allocated by task 163: [ 11.785329] kasan_save_stack+0x45/0x70 [ 11.785630] kasan_save_track+0x18/0x40 [ 11.785942] kasan_save_alloc_info+0x3b/0x50 [ 11.786243] __kasan_krealloc+0x190/0x1f0 [ 11.786708] krealloc_noprof+0xc1/0x140 [ 11.786896] krealloc_less_oob_helper+0x1ab/0x11d0 [ 11.787206] krealloc_less_oob+0x1c/0x30 [ 11.787518] kunit_try_run_case+0x1a6/0x480 [ 11.787873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.788685] kthread+0x257/0x310 [ 11.788976] ret_from_fork+0x41/0x80 [ 11.789411] ret_from_fork_asm+0x1a/0x30 [ 11.789574] [ 11.789797] The buggy address belongs to the object at ffff8881003a1400 [ 11.789797] which belongs to the cache kmalloc-256 of size 256 [ 11.790455] The buggy address is located 34 bytes to the right of [ 11.790455] allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9) [ 11.791052] [ 11.791554] The buggy address belongs to the physical page: [ 11.792253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 11.792573] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.793018] flags: 0x200000000000040(head|node=0|zone=2) [ 11.793718] page_type: f5(slab) [ 11.793874] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.794385] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.794970] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.795425] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.796273] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 11.796564] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.796789] page dumped because: kasan: bad access detected [ 11.797078] [ 11.797222] Memory state around the buggy address: [ 11.797448] ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.797798] ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.798210] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.798623] ^ [ 11.799021] ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799264] ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799748] ================================================================== [ 11.709753] ================================================================== [ 11.710422] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 11.711627] Write of size 1 at addr ffff8881003a14da by task kunit_try_catch/163 [ 11.711985] [ 11.712313] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.712399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.712421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.712453] Call Trace: [ 11.712481] <TASK> [ 11.712508] dump_stack_lvl+0x73/0xb0 [ 11.712564] print_report+0xd1/0x640 [ 11.712608] ? __virt_addr_valid+0x1db/0x2d0 [ 11.712654] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.712705] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.712738] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.712758] kasan_report+0x140/0x180 [ 11.712781] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.712805] __asan_report_store1_noabort+0x1b/0x30 [ 11.712825] krealloc_less_oob_helper+0xec8/0x11d0 [ 11.712846] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.712865] ? finish_task_switch.isra.0+0x153/0x700 [ 11.712886] ? __switch_to+0x5d9/0xf60 [ 11.712908] ? __schedule+0xc49/0x27a0 [ 11.712928] ? __pfx_read_tsc+0x10/0x10 [ 11.712948] krealloc_less_oob+0x1c/0x30 [ 11.712966] kunit_try_run_case+0x1a6/0x480 [ 11.712986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.713004] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.713024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.713046] ? __kthread_parkme+0x82/0x160 [ 11.713065] ? preempt_count_sub+0x50/0x80 [ 11.713085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.713103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.713126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.713189] kthread+0x257/0x310 [ 11.713235] ? __pfx_kthread+0x10/0x10 [ 11.713267] ret_from_fork+0x41/0x80 [ 11.713295] ? __pfx_kthread+0x10/0x10 [ 11.713313] ret_from_fork_asm+0x1a/0x30 [ 11.713342] </TASK> [ 11.713354] [ 11.724696] Allocated by task 163: [ 11.724885] kasan_save_stack+0x45/0x70 [ 11.725372] kasan_save_track+0x18/0x40 [ 11.725748] kasan_save_alloc_info+0x3b/0x50 [ 11.725950] __kasan_krealloc+0x190/0x1f0 [ 11.726272] krealloc_noprof+0xc1/0x140 [ 11.726585] krealloc_less_oob_helper+0x1ab/0x11d0 [ 11.726810] krealloc_less_oob+0x1c/0x30 [ 11.727102] kunit_try_run_case+0x1a6/0x480 [ 11.727378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.727699] kthread+0x257/0x310 [ 11.727958] ret_from_fork+0x41/0x80 [ 11.728193] ret_from_fork_asm+0x1a/0x30 [ 11.728416] [ 11.728505] The buggy address belongs to the object at ffff8881003a1400 [ 11.728505] which belongs to the cache kmalloc-256 of size 256 [ 11.729652] The buggy address is located 17 bytes to the right of [ 11.729652] allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9) [ 11.730271] [ 11.730443] The buggy address belongs to the physical page: [ 11.730834] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 11.731460] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.731709] flags: 0x200000000000040(head|node=0|zone=2) [ 11.732207] page_type: f5(slab) [ 11.732466] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.732962] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.733825] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.734456] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.734870] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 11.735417] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.735761] page dumped because: kasan: bad access detected [ 11.736221] [ 11.736377] Memory state around the buggy address: [ 11.736570] ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.737007] ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.737456] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.737924] ^ [ 11.738250] ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.739244] ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.739459] ================================================================== [ 11.901476] ================================================================== [ 11.901994] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 11.902506] Write of size 1 at addr ffff88810257e0da by task kunit_try_catch/167 [ 11.902791] [ 11.902964] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.903043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.903066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.903104] Call Trace: [ 11.903129] <TASK> [ 11.903156] dump_stack_lvl+0x73/0xb0 [ 11.903316] print_report+0xd1/0x640 [ 11.903358] ? __virt_addr_valid+0x1db/0x2d0 [ 11.903398] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.903434] ? kasan_addr_to_slab+0x11/0xa0 [ 11.903469] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.903530] kasan_report+0x140/0x180 [ 11.903573] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 11.903618] __asan_report_store1_noabort+0x1b/0x30 [ 11.903667] krealloc_less_oob_helper+0xec8/0x11d0 [ 11.903711] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.903766] ? finish_task_switch.isra.0+0x153/0x700 [ 11.903805] ? __switch_to+0x5d9/0xf60 [ 11.903848] ? __schedule+0xc49/0x27a0 [ 11.903887] ? __pfx_read_tsc+0x10/0x10 [ 11.903927] krealloc_large_less_oob+0x1c/0x30 [ 11.903980] kunit_try_run_case+0x1a6/0x480 [ 11.904023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.904058] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.904194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.904221] ? __kthread_parkme+0x82/0x160 [ 11.904242] ? preempt_count_sub+0x50/0x80 [ 11.904263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.904297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.904335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.904376] kthread+0x257/0x310 [ 11.904409] ? __pfx_kthread+0x10/0x10 [ 11.904441] ret_from_fork+0x41/0x80 [ 11.904643] ? __pfx_kthread+0x10/0x10 [ 11.904703] ret_from_fork_asm+0x1a/0x30 [ 11.904764] </TASK> [ 11.904781] [ 11.917152] The buggy address belongs to the physical page: [ 11.917334] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c [ 11.917578] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.918754] flags: 0x200000000000040(head|node=0|zone=2) [ 11.919513] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.920757] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.922444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.923105] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.923482] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000 [ 11.923934] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.924242] page dumped because: kasan: bad access detected [ 11.924548] [ 11.924916] Memory state around the buggy address: [ 11.925120] ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.925708] ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.926373] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.926740] ^ [ 11.926936] ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.927414] ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.928242] ================================================================== [ 11.928672] ================================================================== [ 11.929161] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 11.929553] Write of size 1 at addr ffff88810257e0ea by task kunit_try_catch/167 [ 11.929936] [ 11.930099] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.930187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.930211] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.930249] Call Trace: [ 11.930279] <TASK> [ 11.930308] dump_stack_lvl+0x73/0xb0 [ 11.930365] print_report+0xd1/0x640 [ 11.930413] ? __virt_addr_valid+0x1db/0x2d0 [ 11.930456] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.930687] ? kasan_addr_to_slab+0x11/0xa0 [ 11.930778] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.930956] kasan_report+0x140/0x180 [ 11.931013] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.931075] __asan_report_store1_noabort+0x1b/0x30 [ 11.931121] krealloc_less_oob_helper+0xe92/0x11d0 [ 11.931169] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.931207] ? finish_task_switch.isra.0+0x153/0x700 [ 11.931251] ? __switch_to+0x5d9/0xf60 [ 11.931301] ? __schedule+0xc49/0x27a0 [ 11.931340] ? __pfx_read_tsc+0x10/0x10 [ 11.931379] krealloc_large_less_oob+0x1c/0x30 [ 11.931509] kunit_try_run_case+0x1a6/0x480 [ 11.931533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.931553] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.931572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.931596] ? __kthread_parkme+0x82/0x160 [ 11.931615] ? preempt_count_sub+0x50/0x80 [ 11.931635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.931669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.931702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.931727] kthread+0x257/0x310 [ 11.931745] ? __pfx_kthread+0x10/0x10 [ 11.931763] ret_from_fork+0x41/0x80 [ 11.931782] ? __pfx_kthread+0x10/0x10 [ 11.931800] ret_from_fork_asm+0x1a/0x30 [ 11.931829] </TASK> [ 11.931840] [ 11.941059] The buggy address belongs to the physical page: [ 11.941786] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10257c [ 11.942348] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.942766] flags: 0x200000000000040(head|node=0|zone=2) [ 11.943418] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.943857] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.944211] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.944763] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.945219] head: 0200000000000002 ffffea0004095f01 ffffffffffffffff 0000000000000000 [ 11.945633] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.945984] page dumped because: kasan: bad access detected [ 11.946645] [ 11.946842] Memory state around the buggy address: [ 11.947119] ffff88810257df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.947629] ffff88810257e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.947983] >ffff88810257e080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.948546] ^ [ 11.948781] ffff88810257e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.949390] ffff88810257e180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.949722] ================================================================== [ 11.679200] ================================================================== [ 11.679838] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 11.680500] Write of size 1 at addr ffff8881003a14d0 by task kunit_try_catch/163 [ 11.680787] [ 11.680957] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.681039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.681079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.681114] Call Trace: [ 11.681185] <TASK> [ 11.681228] dump_stack_lvl+0x73/0xb0 [ 11.681287] print_report+0xd1/0x640 [ 11.681333] ? __virt_addr_valid+0x1db/0x2d0 [ 11.681378] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.681418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.681464] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.681518] kasan_report+0x140/0x180 [ 11.681556] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 11.681613] __asan_report_store1_noabort+0x1b/0x30 [ 11.681652] krealloc_less_oob_helper+0xe25/0x11d0 [ 11.681734] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.681773] ? finish_task_switch.isra.0+0x153/0x700 [ 11.681829] ? __switch_to+0x5d9/0xf60 [ 11.681870] ? __schedule+0xc49/0x27a0 [ 11.681911] ? __pfx_read_tsc+0x10/0x10 [ 11.681947] krealloc_less_oob+0x1c/0x30 [ 11.681967] kunit_try_run_case+0x1a6/0x480 [ 11.681989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.682009] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.682029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.682073] ? __kthread_parkme+0x82/0x160 [ 11.682130] ? preempt_count_sub+0x50/0x80 [ 11.682162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.682205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.682232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.682257] kthread+0x257/0x310 [ 11.682275] ? __pfx_kthread+0x10/0x10 [ 11.682293] ret_from_fork+0x41/0x80 [ 11.682313] ? __pfx_kthread+0x10/0x10 [ 11.682330] ret_from_fork_asm+0x1a/0x30 [ 11.682360] </TASK> [ 11.682372] [ 11.692935] Allocated by task 163: [ 11.693154] kasan_save_stack+0x45/0x70 [ 11.693341] kasan_save_track+0x18/0x40 [ 11.693806] kasan_save_alloc_info+0x3b/0x50 [ 11.694327] __kasan_krealloc+0x190/0x1f0 [ 11.694694] krealloc_noprof+0xc1/0x140 [ 11.695299] krealloc_less_oob_helper+0x1ab/0x11d0 [ 11.695792] krealloc_less_oob+0x1c/0x30 [ 11.696205] kunit_try_run_case+0x1a6/0x480 [ 11.696510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.696837] kthread+0x257/0x310 [ 11.697260] ret_from_fork+0x41/0x80 [ 11.697483] ret_from_fork_asm+0x1a/0x30 [ 11.697830] [ 11.698020] The buggy address belongs to the object at ffff8881003a1400 [ 11.698020] which belongs to the cache kmalloc-256 of size 256 [ 11.698877] The buggy address is located 7 bytes to the right of [ 11.698877] allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9) [ 11.699759] [ 11.700256] The buggy address belongs to the physical page: [ 11.700529] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 11.701048] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.701939] flags: 0x200000000000040(head|node=0|zone=2) [ 11.702397] page_type: f5(slab) [ 11.702713] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.703355] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.703897] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.704270] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.704858] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 11.705396] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.705883] page dumped because: kasan: bad access detected [ 11.706674] [ 11.706786] Memory state around the buggy address: [ 11.707011] ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.707415] ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.707816] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.708170] ^ [ 11.708462] ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.708810] ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.709050] ================================================================== [ 11.740482] ================================================================== [ 11.741116] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 11.741816] Write of size 1 at addr ffff8881003a14ea by task kunit_try_catch/163 [ 11.742477] [ 11.742691] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.742804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.742826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.742858] Call Trace: [ 11.742887] <TASK> [ 11.742915] dump_stack_lvl+0x73/0xb0 [ 11.742969] print_report+0xd1/0x640 [ 11.743011] ? __virt_addr_valid+0x1db/0x2d0 [ 11.743063] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.743099] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.743128] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.743159] kasan_report+0x140/0x180 [ 11.743239] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 11.743285] __asan_report_store1_noabort+0x1b/0x30 [ 11.743325] krealloc_less_oob_helper+0xe92/0x11d0 [ 11.743362] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.743392] ? finish_task_switch.isra.0+0x153/0x700 [ 11.743423] ? __switch_to+0x5d9/0xf60 [ 11.743453] ? __schedule+0xc49/0x27a0 [ 11.743473] ? __pfx_read_tsc+0x10/0x10 [ 11.743494] krealloc_less_oob+0x1c/0x30 [ 11.743512] kunit_try_run_case+0x1a6/0x480 [ 11.743532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.743551] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.743570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.743593] ? __kthread_parkme+0x82/0x160 [ 11.743612] ? preempt_count_sub+0x50/0x80 [ 11.743632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.743650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.743697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743721] kthread+0x257/0x310 [ 11.743738] ? __pfx_kthread+0x10/0x10 [ 11.743756] ret_from_fork+0x41/0x80 [ 11.743775] ? __pfx_kthread+0x10/0x10 [ 11.743792] ret_from_fork_asm+0x1a/0x30 [ 11.743819] </TASK> [ 11.743831] [ 11.753729] Allocated by task 163: [ 11.754179] kasan_save_stack+0x45/0x70 [ 11.754566] kasan_save_track+0x18/0x40 [ 11.754945] kasan_save_alloc_info+0x3b/0x50 [ 11.755367] __kasan_krealloc+0x190/0x1f0 [ 11.755527] krealloc_noprof+0xc1/0x140 [ 11.755957] krealloc_less_oob_helper+0x1ab/0x11d0 [ 11.756573] krealloc_less_oob+0x1c/0x30 [ 11.757053] kunit_try_run_case+0x1a6/0x480 [ 11.757310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.757712] kthread+0x257/0x310 [ 11.757972] ret_from_fork+0x41/0x80 [ 11.758233] ret_from_fork_asm+0x1a/0x30 [ 11.758607] [ 11.759274] The buggy address belongs to the object at ffff8881003a1400 [ 11.759274] which belongs to the cache kmalloc-256 of size 256 [ 11.759836] The buggy address is located 33 bytes to the right of [ 11.759836] allocated 201-byte region [ffff8881003a1400, ffff8881003a14c9) [ 11.760872] [ 11.760995] The buggy address belongs to the physical page: [ 11.761435] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 11.761837] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.762185] flags: 0x200000000000040(head|node=0|zone=2) [ 11.762584] page_type: f5(slab) [ 11.762845] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.763441] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.763889] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.764308] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.765201] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 11.765538] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.765804] page dumped because: kasan: bad access detected [ 11.766199] [ 11.766299] Memory state around the buggy address: [ 11.766628] ffff8881003a1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.767160] ffff8881003a1400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.767592] >ffff8881003a1480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.768200] ^ [ 11.768569] ffff8881003a1500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.769005] ffff8881003a1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.769369] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.576568] ================================================================== [ 11.576995] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 11.577432] Write of size 1 at addr ffff888100994ceb by task kunit_try_catch/161 [ 11.577862] [ 11.578064] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.578526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.578556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.578596] Call Trace: [ 11.578623] <TASK> [ 11.578668] dump_stack_lvl+0x73/0xb0 [ 11.578729] print_report+0xd1/0x640 [ 11.578778] ? __virt_addr_valid+0x1db/0x2d0 [ 11.578827] ? krealloc_more_oob_helper+0x823/0x930 [ 11.578864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.578899] ? krealloc_more_oob_helper+0x823/0x930 [ 11.578930] kasan_report+0x140/0x180 [ 11.578969] ? krealloc_more_oob_helper+0x823/0x930 [ 11.579012] __asan_report_store1_noabort+0x1b/0x30 [ 11.579049] krealloc_more_oob_helper+0x823/0x930 [ 11.579083] ? trace_hardirqs_on+0x37/0xe0 [ 11.579130] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.579160] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.579203] ? __pfx_krealloc_more_oob+0x10/0x10 [ 11.579270] krealloc_more_oob+0x1c/0x30 [ 11.579298] kunit_try_run_case+0x1a6/0x480 [ 11.579331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.579360] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.579390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.579429] ? __kthread_parkme+0x82/0x160 [ 11.579466] ? preempt_count_sub+0x50/0x80 [ 11.579510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.579547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.579580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.579604] kthread+0x257/0x310 [ 11.579621] ? __pfx_kthread+0x10/0x10 [ 11.579638] ret_from_fork+0x41/0x80 [ 11.579677] ? __pfx_kthread+0x10/0x10 [ 11.579697] ret_from_fork_asm+0x1a/0x30 [ 11.579726] </TASK> [ 11.579738] [ 11.589688] Allocated by task 161: [ 11.590256] kasan_save_stack+0x45/0x70 [ 11.590653] kasan_save_track+0x18/0x40 [ 11.590838] kasan_save_alloc_info+0x3b/0x50 [ 11.591015] __kasan_krealloc+0x190/0x1f0 [ 11.591371] krealloc_noprof+0xc1/0x140 [ 11.591673] krealloc_more_oob_helper+0x1aa/0x930 [ 11.592169] krealloc_more_oob+0x1c/0x30 [ 11.592769] kunit_try_run_case+0x1a6/0x480 [ 11.593332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.593687] kthread+0x257/0x310 [ 11.593977] ret_from_fork+0x41/0x80 [ 11.594460] ret_from_fork_asm+0x1a/0x30 [ 11.594754] [ 11.594855] The buggy address belongs to the object at ffff888100994c00 [ 11.594855] which belongs to the cache kmalloc-256 of size 256 [ 11.595602] The buggy address is located 0 bytes to the right of [ 11.595602] allocated 235-byte region [ffff888100994c00, ffff888100994ceb) [ 11.596598] [ 11.596895] The buggy address belongs to the physical page: [ 11.597458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994 [ 11.597916] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.598326] flags: 0x200000000000040(head|node=0|zone=2) [ 11.598773] page_type: f5(slab) [ 11.598939] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.599419] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.599910] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.601193] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.601595] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000 [ 11.602312] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.602553] page dumped because: kasan: bad access detected [ 11.602915] [ 11.603233] Memory state around the buggy address: [ 11.603569] ffff888100994b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.603977] ffff888100994c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.604785] >ffff888100994c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.605364] ^ [ 11.605693] ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.606030] ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.606722] ================================================================== [ 11.828504] ================================================================== [ 11.828924] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 11.829178] Write of size 1 at addr ffff8881025160f0 by task kunit_try_catch/165 [ 11.829847] [ 11.830065] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.830163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.830188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.830225] Call Trace: [ 11.830255] <TASK> [ 11.830284] dump_stack_lvl+0x73/0xb0 [ 11.830340] print_report+0xd1/0x640 [ 11.830385] ? __virt_addr_valid+0x1db/0x2d0 [ 11.830427] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.830461] ? kasan_addr_to_slab+0x11/0xa0 [ 11.830718] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.830767] kasan_report+0x140/0x180 [ 11.830827] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.830880] __asan_report_store1_noabort+0x1b/0x30 [ 11.830923] krealloc_more_oob_helper+0x7ed/0x930 [ 11.830963] ? __schedule+0xc49/0x27a0 [ 11.831008] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.831046] ? finish_task_switch.isra.0+0x153/0x700 [ 11.831221] ? __switch_to+0x5d9/0xf60 [ 11.831281] ? __schedule+0xc49/0x27a0 [ 11.831332] ? __pfx_read_tsc+0x10/0x10 [ 11.831375] krealloc_large_more_oob+0x1c/0x30 [ 11.831412] kunit_try_run_case+0x1a6/0x480 [ 11.831451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831486] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.831521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.831567] ? __kthread_parkme+0x82/0x160 [ 11.831605] ? preempt_count_sub+0x50/0x80 [ 11.831674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.831702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.831725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.831749] kthread+0x257/0x310 [ 11.831766] ? __pfx_kthread+0x10/0x10 [ 11.831783] ret_from_fork+0x41/0x80 [ 11.831801] ? __pfx_kthread+0x10/0x10 [ 11.831818] ret_from_fork_asm+0x1a/0x30 [ 11.831846] </TASK> [ 11.831859] [ 11.842011] The buggy address belongs to the physical page: [ 11.842422] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 11.843016] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.843875] flags: 0x200000000000040(head|node=0|zone=2) [ 11.844327] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.844963] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.845523] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.846381] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.846871] head: 0200000000000002 ffffea0004094501 ffffffffffffffff 0000000000000000 [ 11.847154] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.847562] page dumped because: kasan: bad access detected [ 11.847843] [ 11.847963] Memory state around the buggy address: [ 11.848144] ffff888102515f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.848592] ffff888102516000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.849496] >ffff888102516080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.849876] ^ [ 11.850453] ffff888102516100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.850714] ffff888102516180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.851283] ================================================================== [ 11.804879] ================================================================== [ 11.805324] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 11.805837] Write of size 1 at addr ffff8881025160eb by task kunit_try_catch/165 [ 11.806149] [ 11.806321] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.806402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.806426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.806464] Call Trace: [ 11.806490] <TASK> [ 11.806517] dump_stack_lvl+0x73/0xb0 [ 11.806567] print_report+0xd1/0x640 [ 11.806608] ? __virt_addr_valid+0x1db/0x2d0 [ 11.806646] ? krealloc_more_oob_helper+0x823/0x930 [ 11.807182] ? kasan_addr_to_slab+0x11/0xa0 [ 11.807226] ? krealloc_more_oob_helper+0x823/0x930 [ 11.807260] kasan_report+0x140/0x180 [ 11.807302] ? krealloc_more_oob_helper+0x823/0x930 [ 11.807395] __asan_report_store1_noabort+0x1b/0x30 [ 11.807473] krealloc_more_oob_helper+0x823/0x930 [ 11.807519] ? __schedule+0xc49/0x27a0 [ 11.807560] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.807598] ? finish_task_switch.isra.0+0x153/0x700 [ 11.807783] ? __switch_to+0x5d9/0xf60 [ 11.807811] ? __schedule+0xc49/0x27a0 [ 11.807830] ? __pfx_read_tsc+0x10/0x10 [ 11.807851] krealloc_large_more_oob+0x1c/0x30 [ 11.807871] kunit_try_run_case+0x1a6/0x480 [ 11.807892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.807909] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.807928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.807949] ? __kthread_parkme+0x82/0x160 [ 11.807968] ? preempt_count_sub+0x50/0x80 [ 11.807988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.808006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.808028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.808065] kthread+0x257/0x310 [ 11.808337] ? __pfx_kthread+0x10/0x10 [ 11.808358] ret_from_fork+0x41/0x80 [ 11.808377] ? __pfx_kthread+0x10/0x10 [ 11.808393] ret_from_fork_asm+0x1a/0x30 [ 11.808422] </TASK> [ 11.808434] [ 11.818457] The buggy address belongs to the physical page: [ 11.818775] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 11.819261] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.819770] flags: 0x200000000000040(head|node=0|zone=2) [ 11.820003] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.820731] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.821224] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.821642] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.822508] head: 0200000000000002 ffffea0004094501 ffffffffffffffff 0000000000000000 [ 11.822889] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.823535] page dumped because: kasan: bad access detected [ 11.823829] [ 11.823981] Memory state around the buggy address: [ 11.824354] ffff888102515f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.825182] ffff888102516000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.825474] >ffff888102516080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.826017] ^ [ 11.826704] ffff888102516100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.826933] ffff888102516180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.827574] ================================================================== [ 11.607748] ================================================================== [ 11.608566] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 11.609116] Write of size 1 at addr ffff888100994cf0 by task kunit_try_catch/161 [ 11.609592] [ 11.609788] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.609876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.609908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.609961] Call Trace: [ 11.609989] <TASK> [ 11.610019] dump_stack_lvl+0x73/0xb0 [ 11.610294] print_report+0xd1/0x640 [ 11.610340] ? __virt_addr_valid+0x1db/0x2d0 [ 11.610391] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.610442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.610488] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.610524] kasan_report+0x140/0x180 [ 11.610567] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.610619] __asan_report_store1_noabort+0x1b/0x30 [ 11.610674] krealloc_more_oob_helper+0x7ed/0x930 [ 11.610715] ? trace_hardirqs_on+0x37/0xe0 [ 11.610761] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.610794] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 11.610824] ? __pfx_krealloc_more_oob+0x10/0x10 [ 11.610849] krealloc_more_oob+0x1c/0x30 [ 11.610866] kunit_try_run_case+0x1a6/0x480 [ 11.610887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.610904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.610924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.610947] ? __kthread_parkme+0x82/0x160 [ 11.610964] ? preempt_count_sub+0x50/0x80 [ 11.610986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.611003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.611026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.611062] kthread+0x257/0x310 [ 11.611136] ? __pfx_kthread+0x10/0x10 [ 11.611168] ret_from_fork+0x41/0x80 [ 11.611197] ? __pfx_kthread+0x10/0x10 [ 11.611221] ret_from_fork_asm+0x1a/0x30 [ 11.611249] </TASK> [ 11.611261] [ 11.621808] Allocated by task 161: [ 11.621992] kasan_save_stack+0x45/0x70 [ 11.622186] kasan_save_track+0x18/0x40 [ 11.622471] kasan_save_alloc_info+0x3b/0x50 [ 11.622943] __kasan_krealloc+0x190/0x1f0 [ 11.623495] krealloc_noprof+0xc1/0x140 [ 11.624028] krealloc_more_oob_helper+0x1aa/0x930 [ 11.624430] krealloc_more_oob+0x1c/0x30 [ 11.624606] kunit_try_run_case+0x1a6/0x480 [ 11.624856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.625541] kthread+0x257/0x310 [ 11.626047] ret_from_fork+0x41/0x80 [ 11.626552] ret_from_fork_asm+0x1a/0x30 [ 11.627511] [ 11.627635] The buggy address belongs to the object at ffff888100994c00 [ 11.627635] which belongs to the cache kmalloc-256 of size 256 [ 11.628516] The buggy address is located 5 bytes to the right of [ 11.628516] allocated 235-byte region [ffff888100994c00, ffff888100994ceb) [ 11.629395] [ 11.629556] The buggy address belongs to the physical page: [ 11.629735] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100994 [ 11.630363] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.630692] flags: 0x200000000000040(head|node=0|zone=2) [ 11.630939] page_type: f5(slab) [ 11.631213] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.631499] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.632488] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.632743] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.633210] head: 0200000000000001 ffffea0004026501 ffffffffffffffff 0000000000000000 [ 11.633668] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.634112] page dumped because: kasan: bad access detected [ 11.634463] [ 11.634561] Memory state around the buggy address: [ 11.634903] ffff888100994b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.635173] ffff888100994c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.635486] >ffff888100994c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.636392] ^ [ 11.636794] ffff888100994d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.637253] ffff888100994d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.637575] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 139.516826] WARNING: CPU: 1 PID: 2180 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.517231] Modules linked in: [ 139.517473] CPU: 1 UID: 0 PID: 2180 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 139.518840] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.519217] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.519476] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.519755] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.520322] RSP: 0000:ffff888104257ce8 EFLAGS: 00010286 [ 139.520735] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.521231] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff85bfb360 [ 139.521516] RBP: ffff888104257d10 R08: 0000000000000000 R09: ffffed1020409e60 [ 139.521635] R10: ffff88810204f307 R11: 0000000000000000 R12: ffffffff85bfb348 [ 139.522087] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888104257da8 [ 139.522745] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 139.523044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.523224] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 139.523519] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf363 [ 139.523651] DR3: ffffffff87bbf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.524092] Call Trace: [ 139.524273] <TASK> [ 139.524479] drm_test_rect_calc_hscale+0x109/0x270 [ 139.524598] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.524965] ? __schedule+0xc49/0x27a0 [ 139.525133] ? __pfx_read_tsc+0x10/0x10 [ 139.525226] ? ktime_get_ts64+0x84/0x230 [ 139.525323] kunit_try_run_case+0x1a6/0x480 [ 139.525564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.526056] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.526729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.526943] ? __kthread_parkme+0x82/0x160 [ 139.527042] ? preempt_count_sub+0x50/0x80 [ 139.527734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.527958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.528303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.528698] kthread+0x257/0x310 [ 139.528950] ? __pfx_kthread+0x10/0x10 [ 139.529169] ret_from_fork+0x41/0x80 [ 139.529714] ? __pfx_kthread+0x10/0x10 [ 139.529947] ret_from_fork_asm+0x1a/0x30 [ 139.530341] </TASK> [ 139.530552] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.534203] WARNING: CPU: 0 PID: 2182 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 139.535192] Modules linked in: [ 139.535440] CPU: 0 UID: 0 PID: 2182 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 139.535839] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.535984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.536364] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 139.536619] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.537462] RSP: 0000:ffff88810843fce8 EFLAGS: 00010286 [ 139.537770] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.537912] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff85bfb398 [ 139.538214] RBP: ffff88810843fd10 R08: 0000000000000000 R09: ffffed1020f6d320 [ 139.538375] R10: ffff888107b69907 R11: 0000000000000000 R12: ffffffff85bfb380 [ 139.538572] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810843fda8 [ 139.538879] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 139.539659] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.540027] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 139.540440] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf362 [ 139.540584] DR3: ffffffff87bbf363 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.540881] Call Trace: [ 139.541062] <TASK> [ 139.541546] drm_test_rect_calc_hscale+0x109/0x270 [ 139.541729] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 139.541951] ? __schedule+0xc49/0x27a0 [ 139.542182] ? __pfx_read_tsc+0x10/0x10 [ 139.542612] ? ktime_get_ts64+0x84/0x230 [ 139.542738] kunit_try_run_case+0x1a6/0x480 [ 139.542929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.543209] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.543450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.543607] ? __kthread_parkme+0x82/0x160 [ 139.543886] ? preempt_count_sub+0x50/0x80 [ 139.544037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.544443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.544610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.544880] kthread+0x257/0x310 [ 139.545119] ? __pfx_kthread+0x10/0x10 [ 139.545506] ret_from_fork+0x41/0x80 [ 139.545726] ? __pfx_kthread+0x10/0x10 [ 139.545899] ret_from_fork_asm+0x1a/0x30 [ 139.546457] </TASK> [ 139.546613] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-__drm_connector_init
------------[ cut here ]------------ [ 136.150333] WARNING: CPU: 0 PID: 1198 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 136.151494] Modules linked in: [ 136.151782] CPU: 0 UID: 0 PID: 1198 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 136.152427] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.153067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.153917] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 136.154233] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 136.156005] RSP: 0000:ffff888107ebfc38 EFLAGS: 00010246 [ 136.156297] RAX: dffffc0000000000 RBX: ffffffff85bbdca0 RCX: 0000000000000000 [ 136.156877] RDX: 1ffffffff0b72876 RSI: ffff888106bcc010 RDI: ffffffff85b943b0 [ 136.157160] RBP: ffff888107ebfcb0 R08: 0000000000000000 R09: ffffffff85ba8f40 [ 136.157496] R10: 0000000000000003 R11: 00000000b742e506 R12: ffff888106bcc010 [ 136.158140] R13: ffff888100d19000 R14: 0000000000000000 R15: ffffffff85b94360 [ 136.158938] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 136.159349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.160071] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 136.160681] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf362 [ 136.161116] DR3: ffffffff87bbf363 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.161757] Call Trace: [ 136.162018] <TASK> [ 136.162408] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.162751] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.163120] drmm_connector_init+0xdc/0x170 [ 136.163699] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 136.163991] drm_client_modeset_test_init+0x336/0x730 [ 136.164382] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 136.164769] ? __schedule+0xc49/0x27a0 [ 136.165349] kunit_try_run_case+0x169/0x480 [ 136.165667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.166029] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 136.166619] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.166944] ? __kthread_parkme+0x82/0x160 [ 136.167610] ? preempt_count_sub+0x50/0x80 [ 136.167932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.168594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.169239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.169498] kthread+0x257/0x310 [ 136.169773] ? __pfx_kthread+0x10/0x10 [ 136.170024] ret_from_fork+0x41/0x80 [ 136.170390] ? __pfx_kthread+0x10/0x10 [ 136.170715] ret_from_fork_asm+0x1a/0x30 [ 136.170950] </TASK> [ 136.171397] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.114261] WARNING: CPU: 1 PID: 1196 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 136.115619] Modules linked in: [ 136.115993] CPU: 1 UID: 0 PID: 1196 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 136.116844] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.117304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.117929] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 136.118129] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 136.119331] RSP: 0000:ffff88810784fc38 EFLAGS: 00010246 [ 136.119829] RAX: dffffc0000000000 RBX: ffffffff85bbdca0 RCX: 0000000000000000 [ 136.120105] RDX: 1ffffffff0b72876 RSI: ffff888106a4e010 RDI: ffffffff85b943b0 [ 136.120318] RBP: ffff88810784fcb0 R08: 0000000000000000 R09: ffffffff85ba8f40 [ 136.121221] R10: 0000000000000003 R11: 00000000b742e506 R12: ffff888106a4e010 [ 136.121542] R13: ffff888100cab000 R14: 0000000000000000 R15: ffffffff85b94360 [ 136.121940] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 136.122417] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.122729] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 136.123041] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf363 [ 136.124123] DR3: ffffffff87bbf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.124704] Call Trace: [ 136.124863] <TASK> [ 136.125003] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.125657] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.126048] drmm_connector_init+0xdc/0x170 [ 136.126431] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 136.126767] drm_client_modeset_test_init+0x336/0x730 [ 136.127506] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 136.128059] ? __schedule+0xc49/0x27a0 [ 136.128448] kunit_try_run_case+0x169/0x480 [ 136.128678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.129089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 136.129319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.129723] ? __kthread_parkme+0x82/0x160 [ 136.130493] ? preempt_count_sub+0x50/0x80 [ 136.130966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.131735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.132400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.132743] kthread+0x257/0x310 [ 136.133201] ? __pfx_kthread+0x10/0x10 [ 136.133589] ret_from_fork+0x41/0x80 [ 136.133883] ? __pfx_kthread+0x10/0x10 [ 136.134376] ret_from_fork_asm+0x1a/0x30 [ 136.134658] </TASK> [ 136.134901] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.039588] WARNING: CPU: 0 PID: 1192 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 136.040206] Modules linked in: [ 136.040480] CPU: 0 UID: 0 PID: 1192 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 136.041468] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.041711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.042190] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 136.043297] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 136.044917] RSP: 0000:ffff88810784fc38 EFLAGS: 00010246 [ 136.045524] RAX: dffffc0000000000 RBX: ffffffff85bbdca0 RCX: 0000000000000000 [ 136.046115] RDX: 1ffffffff0b72876 RSI: ffff888107864010 RDI: ffffffff85b943b0 [ 136.046337] RBP: ffff88810784fcb0 R08: 0000000000000000 R09: ffffffff85ba8f40 [ 136.047301] R10: 0000000000000003 R11: 00000000b742e506 R12: ffff888107864010 [ 136.047730] R13: ffff888100d1b000 R14: 0000000000000000 R15: ffffffff85b94360 [ 136.048264] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 136.048787] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.048986] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 136.049919] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf362 [ 136.050576] DR3: ffffffff87bbf363 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.051057] Call Trace: [ 136.051700] <TASK> [ 136.051863] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.052115] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.052691] drmm_connector_init+0xdc/0x170 [ 136.052941] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 136.053277] drm_client_modeset_test_init+0x336/0x730 [ 136.053712] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 136.054001] ? __schedule+0xc49/0x27a0 [ 136.054264] kunit_try_run_case+0x169/0x480 [ 136.055006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.055429] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 136.055722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.056244] ? __kthread_parkme+0x82/0x160 [ 136.056497] ? preempt_count_sub+0x50/0x80 [ 136.056793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.057327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.057583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.057911] kthread+0x257/0x310 [ 136.058675] ? __pfx_kthread+0x10/0x10 [ 136.059017] ret_from_fork+0x41/0x80 [ 136.059420] ? __pfx_kthread+0x10/0x10 [ 136.059712] ret_from_fork_asm+0x1a/0x30 [ 136.059996] </TASK> [ 136.060338] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 136.075615] WARNING: CPU: 1 PID: 1194 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 136.075939] Modules linked in: [ 136.076150] CPU: 1 UID: 0 PID: 1194 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 136.076432] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 136.076588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 136.076813] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 136.077452] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 136.078625] RSP: 0000:ffff888102e87c38 EFLAGS: 00010246 [ 136.079166] RAX: dffffc0000000000 RBX: ffffffff85bbdca0 RCX: 0000000000000000 [ 136.079676] RDX: 1ffffffff0b72876 RSI: ffff888103446010 RDI: ffffffff85b943b0 [ 136.080502] RBP: ffff888102e87cb0 R08: 0000000000000000 R09: ffffffff85ba8f40 [ 136.081015] R10: 0000000000000003 R11: 00000000b742e506 R12: ffff888103446010 [ 136.081772] R13: ffff888100cae000 R14: 0000000000000000 R15: ffffffff85b94360 [ 136.082421] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 136.082847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.083105] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 136.083449] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf363 [ 136.084036] DR3: ffffffff87bbf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.084621] Call Trace: [ 136.085019] <TASK> [ 136.085171] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.085802] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.086386] drmm_connector_init+0xdc/0x170 [ 136.086610] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 136.086993] drm_client_modeset_test_init+0x336/0x730 [ 136.087414] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 136.087735] ? __schedule+0xc49/0x27a0 [ 136.087983] kunit_try_run_case+0x169/0x480 [ 136.088294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.089326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 136.089591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.089904] ? __kthread_parkme+0x82/0x160 [ 136.090430] ? preempt_count_sub+0x50/0x80 [ 136.090673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.090995] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.091509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.091925] kthread+0x257/0x310 [ 136.092665] ? __pfx_kthread+0x10/0x10 [ 136.092893] ret_from_fork+0x41/0x80 [ 136.093283] ? __pfx_kthread+0x10/0x10 [ 136.093601] ret_from_fork_asm+0x1a/0x30 [ 136.094026] </TASK> [ 136.094746] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 135.993423] WARNING: CPU: 0 PID: 1190 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 135.993970] Modules linked in: [ 135.994333] CPU: 0 UID: 0 PID: 1190 Comm: kunit_try_catch Tainted: G B D N 6.12.32-rc1 #1 [ 135.994644] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 135.994976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 135.995732] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 135.996041] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 135.996789] RSP: 0000:ffff88810784fc38 EFLAGS: 00010246 [ 135.997324] RAX: dffffc0000000000 RBX: ffffffff85bbdca0 RCX: 0000000000000000 [ 135.997816] RDX: 1ffffffff0b72876 RSI: ffff888107e70010 RDI: ffffffff85b943b0 [ 135.998055] RBP: ffff88810784fcb0 R08: 0000000000000000 R09: ffffffff85ba8f40 [ 135.998545] R10: 0000000000000003 R11: ffffffff818043da R12: ffff888107e70010 [ 135.999117] R13: ffff888100cf8000 R14: 0000000000000000 R15: ffffffff85b94360 [ 135.999662] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 136.000207] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 136.000452] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 136.000765] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf362 [ 136.001238] DR3: ffffffff87bbf363 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 136.001609] Call Trace: [ 136.001845] <TASK> [ 136.002037] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.002514] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 136.002877] drmm_connector_init+0xdc/0x170 [ 136.003278] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 136.003613] drm_client_modeset_test_init+0x336/0x730 [ 136.003979] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 136.004437] ? __schedule+0xc49/0x27a0 [ 136.004949] kunit_try_run_case+0x169/0x480 [ 136.005298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.005685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 136.006038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 136.006564] ? __kthread_parkme+0x82/0x160 [ 136.006917] ? preempt_count_sub+0x50/0x80 [ 136.007273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 136.007650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 136.007959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 136.008394] kthread+0x257/0x310 [ 136.008674] ? __pfx_kthread+0x10/0x10 [ 136.008953] ret_from_fork+0x41/0x80 [ 136.009404] ? __pfx_kthread+0x10/0x10 [ 136.009742] ret_from_fork_asm+0x1a/0x30 [ 136.009977] </TASK> [ 136.010373] ---[ end trace 0000000000000000 ]---
Failure - kunit - _kasan
<8>[ 225.752591] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=_kasan RESULT=fail> _kasan_atomics pass _kasan fail
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 113.142453] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.423563] ================================================================== [ 48.424038] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 48.424038] [ 48.424575] Use-after-free read at 0x(____ptrval____) (in kfence-#133): [ 48.424833] test_krealloc+0x6fd/0xbe0 [ 48.425106] kunit_try_run_case+0x1a6/0x480 [ 48.425480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.425761] kthread+0x257/0x310 [ 48.425943] ret_from_fork+0x41/0x80 [ 48.426247] ret_from_fork_asm+0x1a/0x30 [ 48.426560] [ 48.426713] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.426713] [ 48.427086] allocated by task 334 on cpu 1 at 48.422683s (0.004398s ago): [ 48.427533] test_alloc+0x365/0x10f0 [ 48.427944] test_krealloc+0xae/0xbe0 [ 48.428147] kunit_try_run_case+0x1a6/0x480 [ 48.428433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.428787] kthread+0x257/0x310 [ 48.428957] ret_from_fork+0x41/0x80 [ 48.429125] ret_from_fork_asm+0x1a/0x30 [ 48.429469] [ 48.429604] freed by task 334 on cpu 1 at 48.422975s (0.006624s ago): [ 48.430068] krealloc_noprof+0x83/0x140 [ 48.430423] test_krealloc+0x227/0xbe0 [ 48.430639] kunit_try_run_case+0x1a6/0x480 [ 48.430853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.431132] kthread+0x257/0x310 [ 48.431286] ret_from_fork+0x41/0x80 [ 48.431451] ret_from_fork_asm+0x1a/0x30 [ 48.431662] [ 48.431873] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 48.432663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.433090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.433528] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.341813] ================================================================== [ 48.342350] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 48.342350] [ 48.342723] Use-after-free read at 0x(____ptrval____) (in kfence-#132): [ 48.342970] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 48.343159] kunit_try_run_case+0x1a6/0x480 [ 48.344130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.344918] kthread+0x257/0x310 [ 48.346024] ret_from_fork+0x41/0x80 [ 48.346945] ret_from_fork_asm+0x1a/0x30 [ 48.348150] [ 48.348489] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.348489] [ 48.349121] allocated by task 332 on cpu 0 at 48.318626s (0.030488s ago): [ 48.349690] test_alloc+0x2a7/0x10f0 [ 48.350002] test_memcache_typesafe_by_rcu+0x170/0x670 [ 48.350445] kunit_try_run_case+0x1a6/0x480 [ 48.350668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.350972] kthread+0x257/0x310 [ 48.351228] ret_from_fork+0x41/0x80 [ 48.351482] ret_from_fork_asm+0x1a/0x30 [ 48.352122] [ 48.352242] freed by task 332 on cpu 0 at 48.318756s (0.033480s ago): [ 48.352680] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 48.353049] kunit_try_run_case+0x1a6/0x480 [ 48.353306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.353584] kthread+0x257/0x310 [ 48.353744] ret_from_fork+0x41/0x80 [ 48.353993] ret_from_fork_asm+0x1a/0x30 [ 48.354300] [ 48.354495] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 48.354885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.355191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.355504] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.570472] ================================================================== [ 13.570953] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.571392] Read of size 1 at addr ffff888102b8e001 by task kunit_try_catch/228 [ 13.571827] [ 13.572312] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.572375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.572389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.572410] Call Trace: [ 13.572426] <TASK> [ 13.572447] dump_stack_lvl+0x73/0xb0 [ 13.572484] print_report+0xd1/0x640 [ 13.572506] ? __virt_addr_valid+0x1db/0x2d0 [ 13.572529] ? mempool_oob_right_helper+0x31a/0x380 [ 13.572546] ? kasan_addr_to_slab+0x11/0xa0 [ 13.572565] ? mempool_oob_right_helper+0x31a/0x380 [ 13.572583] kasan_report+0x140/0x180 [ 13.572604] ? mempool_oob_right_helper+0x31a/0x380 [ 13.572626] __asan_report_load1_noabort+0x18/0x20 [ 13.572645] mempool_oob_right_helper+0x31a/0x380 [ 13.572681] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.572720] ? finish_task_switch.isra.0+0x153/0x700 [ 13.572760] mempool_kmalloc_large_oob_right+0xf3/0x150 [ 13.572797] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.572842] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.572881] ? __pfx_mempool_kfree+0x10/0x10 [ 13.572922] ? __pfx_read_tsc+0x10/0x10 [ 13.572952] ? ktime_get_ts64+0x84/0x230 [ 13.572991] kunit_try_run_case+0x1a6/0x480 [ 13.573031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.573065] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.573100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.573141] ? __kthread_parkme+0x82/0x160 [ 13.573180] ? preempt_count_sub+0x50/0x80 [ 13.573220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.573254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.573300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.573356] kthread+0x257/0x310 [ 13.573407] ? __pfx_kthread+0x10/0x10 [ 13.573438] ret_from_fork+0x41/0x80 [ 13.573468] ? __pfx_kthread+0x10/0x10 [ 13.573496] ret_from_fork_asm+0x1a/0x30 [ 13.573550] </TASK> [ 13.573573] [ 13.584658] The buggy address belongs to the physical page: [ 13.585133] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b8c [ 13.585607] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.586046] flags: 0x200000000000040(head|node=0|zone=2) [ 13.586339] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.586633] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.586991] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.587333] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.587855] head: 0200000000000002 ffffea00040ae301 ffffffffffffffff 0000000000000000 [ 13.588425] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.588755] page dumped because: kasan: bad access detected [ 13.588982] [ 13.589336] Memory state around the buggy address: [ 13.589605] ffff888102b8df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.590024] ffff888102b8df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.590479] >ffff888102b8e000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.590855] ^ [ 13.591058] ffff888102b8e080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.591572] ffff888102b8e100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.592007] ================================================================== [ 13.537023] ================================================================== [ 13.537493] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.538757] Read of size 1 at addr ffff88810262b073 by task kunit_try_catch/226 [ 13.539341] [ 13.539504] CPU: 0 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.539591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.539613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.539652] Call Trace: [ 13.539693] <TASK> [ 13.539728] dump_stack_lvl+0x73/0xb0 [ 13.539786] print_report+0xd1/0x640 [ 13.539827] ? __virt_addr_valid+0x1db/0x2d0 [ 13.539870] ? mempool_oob_right_helper+0x31a/0x380 [ 13.539909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.539951] ? mempool_oob_right_helper+0x31a/0x380 [ 13.539992] kasan_report+0x140/0x180 [ 13.540032] ? mempool_oob_right_helper+0x31a/0x380 [ 13.540074] __asan_report_load1_noabort+0x18/0x20 [ 13.540138] mempool_oob_right_helper+0x31a/0x380 [ 13.540174] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.540211] ? finish_task_switch.isra.0+0x153/0x700 [ 13.540240] mempool_kmalloc_oob_right+0xf3/0x150 [ 13.540260] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.540282] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.540304] ? __pfx_mempool_kfree+0x10/0x10 [ 13.540323] ? __pfx_read_tsc+0x10/0x10 [ 13.540343] ? ktime_get_ts64+0x84/0x230 [ 13.540370] kunit_try_run_case+0x1a6/0x480 [ 13.540394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.540413] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.540436] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.540459] ? __kthread_parkme+0x82/0x160 [ 13.540479] ? preempt_count_sub+0x50/0x80 [ 13.540499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.540518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.540541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.540565] kthread+0x257/0x310 [ 13.540582] ? __pfx_kthread+0x10/0x10 [ 13.540600] ret_from_fork+0x41/0x80 [ 13.540618] ? __pfx_kthread+0x10/0x10 [ 13.540636] ret_from_fork_asm+0x1a/0x30 [ 13.540681] </TASK> [ 13.540702] [ 13.551423] Allocated by task 226: [ 13.551634] kasan_save_stack+0x45/0x70 [ 13.551898] kasan_save_track+0x18/0x40 [ 13.552113] kasan_save_alloc_info+0x3b/0x50 [ 13.552358] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.553538] remove_element+0x11e/0x190 [ 13.553861] mempool_alloc_preallocated+0x4d/0x90 [ 13.554048] mempool_oob_right_helper+0x8b/0x380 [ 13.554401] mempool_kmalloc_oob_right+0xf3/0x150 [ 13.555034] kunit_try_run_case+0x1a6/0x480 [ 13.555258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.555481] kthread+0x257/0x310 [ 13.555740] ret_from_fork+0x41/0x80 [ 13.555971] ret_from_fork_asm+0x1a/0x30 [ 13.556210] [ 13.556360] The buggy address belongs to the object at ffff88810262b000 [ 13.556360] which belongs to the cache kmalloc-128 of size 128 [ 13.557478] The buggy address is located 0 bytes to the right of [ 13.557478] allocated 115-byte region [ffff88810262b000, ffff88810262b073) [ 13.558036] [ 13.558363] The buggy address belongs to the physical page: [ 13.558705] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262b [ 13.559010] flags: 0x200000000000000(node=0|zone=2) [ 13.559492] page_type: f5(slab) [ 13.559738] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.560554] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 13.560819] page dumped because: kasan: bad access detected [ 13.561166] [ 13.561272] Memory state around the buggy address: [ 13.561748] ffff88810262af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.562116] ffff88810262af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.562630] >ffff88810262b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.562985] ^ [ 13.563494] ffff88810262b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.563865] ffff88810262b100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.564565] ================================================================== [ 13.598252] ================================================================== [ 13.598854] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.599604] Read of size 1 at addr ffff88810262e2bb by task kunit_try_catch/230 [ 13.600268] [ 13.600413] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.600606] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.600630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.600679] Call Trace: [ 13.600706] <TASK> [ 13.600742] dump_stack_lvl+0x73/0xb0 [ 13.600800] print_report+0xd1/0x640 [ 13.600834] ? __virt_addr_valid+0x1db/0x2d0 [ 13.600860] ? mempool_oob_right_helper+0x31a/0x380 [ 13.600880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.600901] ? mempool_oob_right_helper+0x31a/0x380 [ 13.600920] kasan_report+0x140/0x180 [ 13.600942] ? mempool_oob_right_helper+0x31a/0x380 [ 13.600965] __asan_report_load1_noabort+0x18/0x20 [ 13.600984] mempool_oob_right_helper+0x31a/0x380 [ 13.601004] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.601026] ? finish_task_switch.isra.0+0x153/0x700 [ 13.601063] mempool_slab_oob_right+0xee/0x140 [ 13.601132] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.601165] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.601195] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.601225] ? __pfx_read_tsc+0x10/0x10 [ 13.601253] ? ktime_get_ts64+0x84/0x230 [ 13.601284] kunit_try_run_case+0x1a6/0x480 [ 13.601307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.601326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.601347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.601370] ? __kthread_parkme+0x82/0x160 [ 13.601389] ? preempt_count_sub+0x50/0x80 [ 13.601409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.601427] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.601450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.601474] kthread+0x257/0x310 [ 13.601491] ? __pfx_kthread+0x10/0x10 [ 13.601508] ret_from_fork+0x41/0x80 [ 13.601526] ? __pfx_kthread+0x10/0x10 [ 13.601543] ret_from_fork_asm+0x1a/0x30 [ 13.601574] </TASK> [ 13.601586] [ 13.610251] Allocated by task 230: [ 13.610553] kasan_save_stack+0x45/0x70 [ 13.610909] kasan_save_track+0x18/0x40 [ 13.611282] kasan_save_alloc_info+0x3b/0x50 [ 13.611694] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.611975] remove_element+0x11e/0x190 [ 13.612471] mempool_alloc_preallocated+0x4d/0x90 [ 13.612836] mempool_oob_right_helper+0x8b/0x380 [ 13.613336] mempool_slab_oob_right+0xee/0x140 [ 13.613717] kunit_try_run_case+0x1a6/0x480 [ 13.614123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.614657] kthread+0x257/0x310 [ 13.614971] ret_from_fork+0x41/0x80 [ 13.615326] ret_from_fork_asm+0x1a/0x30 [ 13.615695] [ 13.615860] The buggy address belongs to the object at ffff88810262e240 [ 13.615860] which belongs to the cache test_cache of size 123 [ 13.616882] The buggy address is located 0 bytes to the right of [ 13.616882] allocated 123-byte region [ffff88810262e240, ffff88810262e2bb) [ 13.617492] [ 13.617630] The buggy address belongs to the physical page: [ 13.618020] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262e [ 13.618803] flags: 0x200000000000000(node=0|zone=2) [ 13.619386] page_type: f5(slab) [ 13.619554] raw: 0200000000000000 ffff888102621500 dead000000000122 0000000000000000 [ 13.620387] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 13.620805] page dumped because: kasan: bad access detected [ 13.621213] [ 13.621363] Memory state around the buggy address: [ 13.621533] ffff88810262e180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.621875] ffff88810262e200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.622560] >ffff88810262e280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.622962] ^ [ 13.623330] ffff88810262e300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.623847] ffff88810262e380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.624136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.953804] ================================================================== [ 12.954255] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 12.954795] Read of size 1 at addr ffff888101ad0280 by task kunit_try_catch/220 [ 12.955026] [ 12.955518] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.955631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.955666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.955708] Call Trace: [ 12.955735] <TASK> [ 12.955768] dump_stack_lvl+0x73/0xb0 [ 12.955825] print_report+0xd1/0x640 [ 12.955877] ? __virt_addr_valid+0x1db/0x2d0 [ 12.955937] ? kmem_cache_double_destroy+0x1bd/0x380 [ 12.955974] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.956016] ? kmem_cache_double_destroy+0x1bd/0x380 [ 12.956202] kasan_report+0x140/0x180 [ 12.956272] ? kmem_cache_double_destroy+0x1bd/0x380 [ 12.956298] ? kmem_cache_double_destroy+0x1bd/0x380 [ 12.956336] __kasan_check_byte+0x3d/0x50 [ 12.956372] kmem_cache_destroy+0x25/0x1d0 [ 12.956409] kmem_cache_double_destroy+0x1bd/0x380 [ 12.956446] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.956480] ? finish_task_switch.isra.0+0x153/0x700 [ 12.956701] ? __switch_to+0x5d9/0xf60 [ 12.956756] ? __pfx_empty_cache_ctor+0x10/0x10 [ 12.956799] ? __pfx_read_tsc+0x10/0x10 [ 12.956824] ? ktime_get_ts64+0x84/0x230 [ 12.956849] kunit_try_run_case+0x1a6/0x480 [ 12.956874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956892] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.956913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.956935] ? __kthread_parkme+0x82/0x160 [ 12.956953] ? preempt_count_sub+0x50/0x80 [ 12.956973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.956991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.957013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957035] kthread+0x257/0x310 [ 12.957080] ? __pfx_kthread+0x10/0x10 [ 12.957101] ret_from_fork+0x41/0x80 [ 12.957119] ? __pfx_kthread+0x10/0x10 [ 12.957135] ret_from_fork_asm+0x1a/0x30 [ 12.957164] </TASK> [ 12.957177] [ 12.967229] Allocated by task 220: [ 12.967457] kasan_save_stack+0x45/0x70 [ 12.967697] kasan_save_track+0x18/0x40 [ 12.967853] kasan_save_alloc_info+0x3b/0x50 [ 12.968027] __kasan_slab_alloc+0x91/0xa0 [ 12.968316] kmem_cache_alloc_noprof+0x107/0x350 [ 12.968629] __kmem_cache_create_args+0x18a/0x280 [ 12.970172] kmem_cache_double_destroy+0xd3/0x380 [ 12.970630] kunit_try_run_case+0x1a6/0x480 [ 12.970830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.971016] kthread+0x257/0x310 [ 12.972775] ret_from_fork+0x41/0x80 [ 12.973275] ret_from_fork_asm+0x1a/0x30 [ 12.974606] [ 12.976114] Freed by task 220: [ 12.976402] kasan_save_stack+0x45/0x70 [ 12.977262] kasan_save_track+0x18/0x40 [ 12.978340] kasan_save_free_info+0x3f/0x60 [ 12.978803] __kasan_slab_free+0x56/0x70 [ 12.979037] kmem_cache_free+0x120/0x400 [ 12.979502] slab_kmem_cache_release+0x2e/0x40 [ 12.980213] kmem_cache_release+0x16/0x20 [ 12.980392] kobject_put+0x181/0x450 [ 12.980656] sysfs_slab_release+0x16/0x20 [ 12.981292] kmem_cache_destroy+0xf0/0x1d0 [ 12.981529] kmem_cache_double_destroy+0x14c/0x380 [ 12.981873] kunit_try_run_case+0x1a6/0x480 [ 12.982213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.982747] kthread+0x257/0x310 [ 12.983225] ret_from_fork+0x41/0x80 [ 12.983532] ret_from_fork_asm+0x1a/0x30 [ 12.983719] [ 12.983844] The buggy address belongs to the object at ffff888101ad0280 [ 12.983844] which belongs to the cache kmem_cache of size 208 [ 12.984896] The buggy address is located 0 bytes inside of [ 12.984896] freed 208-byte region [ffff888101ad0280, ffff888101ad0350) [ 12.985493] [ 12.985703] The buggy address belongs to the physical page: [ 12.986483] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ad0 [ 12.987022] flags: 0x200000000000000(node=0|zone=2) [ 12.987508] page_type: f5(slab) [ 12.987807] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.988153] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 12.988998] page dumped because: kasan: bad access detected [ 12.989534] [ 12.989678] Memory state around the buggy address: [ 12.989981] ffff888101ad0180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.990748] ffff888101ad0200: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.990977] >ffff888101ad0280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.991643] ^ [ 12.991845] ffff888101ad0300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.992213] ffff888101ad0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.992755] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.886502] ================================================================== [ 12.886907] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 12.887072] Read of size 1 at addr ffff888102628000 by task kunit_try_catch/218 [ 12.887198] [ 12.887267] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.887313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.887324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.887346] Call Trace: [ 12.887361] <TASK> [ 12.887383] dump_stack_lvl+0x73/0xb0 [ 12.887410] print_report+0xd1/0x640 [ 12.887432] ? __virt_addr_valid+0x1db/0x2d0 [ 12.887455] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 12.887474] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.887494] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 12.887513] kasan_report+0x140/0x180 [ 12.887534] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 12.887556] __asan_report_load1_noabort+0x18/0x20 [ 12.887575] kmem_cache_rcu_uaf+0x3e5/0x510 [ 12.887593] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.887610] ? finish_task_switch.isra.0+0x153/0x700 [ 12.887631] ? __switch_to+0x5d9/0xf60 [ 12.887655] ? __pfx_read_tsc+0x10/0x10 [ 12.887696] ? ktime_get_ts64+0x84/0x230 [ 12.887734] kunit_try_run_case+0x1a6/0x480 [ 12.887768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.887796] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.887830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.887869] ? __kthread_parkme+0x82/0x160 [ 12.887899] ? preempt_count_sub+0x50/0x80 [ 12.888637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.888694] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.888743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.888794] kthread+0x257/0x310 [ 12.888831] ? __pfx_kthread+0x10/0x10 [ 12.888870] ret_from_fork+0x41/0x80 [ 12.888915] ? __pfx_kthread+0x10/0x10 [ 12.888954] ret_from_fork_asm+0x1a/0x30 [ 12.888998] </TASK> [ 12.889012] [ 12.899285] Allocated by task 218: [ 12.899628] kasan_save_stack+0x45/0x70 [ 12.899960] kasan_save_track+0x18/0x40 [ 12.900497] kasan_save_alloc_info+0x3b/0x50 [ 12.900819] __kasan_slab_alloc+0x91/0xa0 [ 12.901275] kmem_cache_alloc_noprof+0x107/0x350 [ 12.901695] kmem_cache_rcu_uaf+0x156/0x510 [ 12.901927] kunit_try_run_case+0x1a6/0x480 [ 12.902476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902725] kthread+0x257/0x310 [ 12.903039] ret_from_fork+0x41/0x80 [ 12.903646] ret_from_fork_asm+0x1a/0x30 [ 12.903838] [ 12.903990] Freed by task 0: [ 12.904521] kasan_save_stack+0x45/0x70 [ 12.904771] kasan_save_track+0x18/0x40 [ 12.904986] kasan_save_free_info+0x3f/0x60 [ 12.905473] __kasan_slab_free+0x56/0x70 [ 12.905804] slab_free_after_rcu_debug+0xe4/0x2f0 [ 12.906325] rcu_core+0x683/0x1c80 [ 12.906592] rcu_core_si+0x12/0x20 [ 12.906876] handle_softirqs+0x209/0x730 [ 12.907362] irq_exit_rcu+0x9c/0xd0 [ 12.907967] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.908431] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.908720] [ 12.908853] Last potentially related work creation: [ 12.909235] kasan_save_stack+0x45/0x70 [ 12.909808] __kasan_record_aux_stack+0xae/0xc0 [ 12.910157] kasan_record_aux_stack_noalloc+0xf/0x20 [ 12.910680] kmem_cache_free+0x276/0x400 [ 12.911051] kmem_cache_rcu_uaf+0x195/0x510 [ 12.911612] kunit_try_run_case+0x1a6/0x480 [ 12.911811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.912159] kthread+0x257/0x310 [ 12.912422] ret_from_fork+0x41/0x80 [ 12.912746] ret_from_fork_asm+0x1a/0x30 [ 12.912932] [ 12.913071] The buggy address belongs to the object at ffff888102628000 [ 12.913071] which belongs to the cache test_cache of size 200 [ 12.913799] The buggy address is located 0 bytes inside of [ 12.913799] freed 200-byte region [ffff888102628000, ffff8881026280c8) [ 12.914829] [ 12.915034] The buggy address belongs to the physical page: [ 12.915721] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102628 [ 12.916417] flags: 0x200000000000000(node=0|zone=2) [ 12.916733] page_type: f5(slab) [ 12.917016] raw: 0200000000000000 ffff888102621280 dead000000000122 0000000000000000 [ 12.917362] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 12.918027] page dumped because: kasan: bad access detected [ 12.918648] [ 12.918806] Memory state around the buggy address: [ 12.919114] ffff888102627f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920009] ffff888102627f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920433] >ffff888102628000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.920832] ^ [ 12.921016] ffff888102628080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.921593] ffff888102628100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.922051] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 22.957376] ================================================================== [ 22.957847] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 22.957847] [ 22.958091] Invalid read at 0x(____ptrval____): [ 22.958808] test_invalid_access+0xf1/0x210 [ 22.959024] kunit_try_run_case+0x1a6/0x480 [ 22.959495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.959639] kthread+0x257/0x310 [ 22.959744] ret_from_fork+0x41/0x80 [ 22.959971] ret_from_fork_asm+0x1a/0x30 [ 22.960335] [ 22.960501] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 22.960769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.960900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.961107] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.735140] ================================================================== [ 22.735470] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 22.735470] [ 22.735848] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#127): [ 22.736601] test_kmalloc_aligned_oob_write+0x251/0x340 [ 22.736736] kunit_try_run_case+0x1a6/0x480 [ 22.736967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.737161] kthread+0x257/0x310 [ 22.737328] ret_from_fork+0x41/0x80 [ 22.737418] ret_from_fork_asm+0x1a/0x30 [ 22.737593] [ 22.737743] kfence-#127: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.737743] [ 22.738166] allocated by task 322 on cpu 0 at 22.734834s (0.003329s ago): [ 22.738317] test_alloc+0x365/0x10f0 [ 22.738551] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 22.739352] kunit_try_run_case+0x1a6/0x480 [ 22.739572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.739840] kthread+0x257/0x310 [ 22.739976] ret_from_fork+0x41/0x80 [ 22.740252] ret_from_fork_asm+0x1a/0x30 [ 22.740768] [ 22.740872] freed by task 322 on cpu 0 at 22.734987s (0.005881s ago): [ 22.741024] test_kmalloc_aligned_oob_write+0x251/0x340 [ 22.741238] kunit_try_run_case+0x1a6/0x480 [ 22.741360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.741469] kthread+0x257/0x310 [ 22.741544] ret_from_fork+0x41/0x80 [ 22.741627] ret_from_fork_asm+0x1a/0x30 [ 22.741849] [ 22.741973] CPU: 0 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 22.742452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.742590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.742797] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.526902] ================================================================== [ 22.527299] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 22.527299] [ 22.527542] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#125): [ 22.527696] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 22.527814] kunit_try_run_case+0x1a6/0x480 [ 22.527909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.528014] kthread+0x257/0x310 [ 22.528188] ret_from_fork+0x41/0x80 [ 22.528369] ret_from_fork_asm+0x1a/0x30 [ 22.528560] [ 22.528656] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.528656] [ 22.528975] allocated by task 320 on cpu 0 at 22.526577s (0.002395s ago): [ 22.529187] test_alloc+0x365/0x10f0 [ 22.529338] test_kmalloc_aligned_oob_read+0x106/0x570 [ 22.529517] kunit_try_run_case+0x1a6/0x480 [ 22.529670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.530016] kthread+0x257/0x310 [ 22.530195] ret_from_fork+0x41/0x80 [ 22.530368] ret_from_fork_asm+0x1a/0x30 [ 22.530544] [ 22.530653] CPU: 0 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 22.531029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.531251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.531740] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.678875] ================================================================== [ 18.679379] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 18.679379] [ 18.679651] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#88): [ 18.680164] test_corruption+0x217/0x3e0 [ 18.680454] kunit_try_run_case+0x1a6/0x480 [ 18.680617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.681087] kthread+0x257/0x310 [ 18.681460] ret_from_fork+0x41/0x80 [ 18.681695] ret_from_fork_asm+0x1a/0x30 [ 18.681905] [ 18.682057] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.682057] [ 18.682736] allocated by task 310 on cpu 0 at 18.678643s (0.004080s ago): [ 18.683174] test_alloc+0x2a7/0x10f0 [ 18.683367] test_corruption+0x1cc/0x3e0 [ 18.683694] kunit_try_run_case+0x1a6/0x480 [ 18.683924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.684414] kthread+0x257/0x310 [ 18.684733] ret_from_fork+0x41/0x80 [ 18.685043] ret_from_fork_asm+0x1a/0x30 [ 18.685316] [ 18.685501] freed by task 310 on cpu 0 at 18.678745s (0.006751s ago): [ 18.685817] test_corruption+0x217/0x3e0 [ 18.686078] kunit_try_run_case+0x1a6/0x480 [ 18.686541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.687011] kthread+0x257/0x310 [ 18.687337] ret_from_fork+0x41/0x80 [ 18.687666] ret_from_fork_asm+0x1a/0x30 [ 18.687963] [ 18.688106] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 18.688457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.688628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.689198] ================================================================== [ 18.055116] ================================================================== [ 18.055533] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 18.055533] [ 18.055800] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 18.056986] test_corruption+0x2d4/0x3e0 [ 18.057263] kunit_try_run_case+0x1a6/0x480 [ 18.057437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.057703] kthread+0x257/0x310 [ 18.057983] ret_from_fork+0x41/0x80 [ 18.058372] ret_from_fork_asm+0x1a/0x30 [ 18.058660] [ 18.058790] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.058790] [ 18.059378] allocated by task 308 on cpu 0 at 18.054746s (0.004627s ago): [ 18.059624] test_alloc+0x365/0x10f0 [ 18.059921] test_corruption+0xe7/0x3e0 [ 18.060214] kunit_try_run_case+0x1a6/0x480 [ 18.060535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.060788] kthread+0x257/0x310 [ 18.060946] ret_from_fork+0x41/0x80 [ 18.061187] ret_from_fork_asm+0x1a/0x30 [ 18.061451] [ 18.061592] freed by task 308 on cpu 0 at 18.054875s (0.006712s ago): [ 18.062005] test_corruption+0x2d4/0x3e0 [ 18.062185] kunit_try_run_case+0x1a6/0x480 [ 18.062521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.062897] kthread+0x257/0x310 [ 18.063138] ret_from_fork+0x41/0x80 [ 18.063375] ret_from_fork_asm+0x1a/0x30 [ 18.063596] [ 18.063742] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 18.064222] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.064500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.065045] ================================================================== [ 18.367097] ================================================================== [ 18.367477] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 18.367477] [ 18.367707] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#85): [ 18.368312] test_corruption+0x2e1/0x3e0 [ 18.368566] kunit_try_run_case+0x1a6/0x480 [ 18.368922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.369176] kthread+0x257/0x310 [ 18.369343] ret_from_fork+0x41/0x80 [ 18.369500] ret_from_fork_asm+0x1a/0x30 [ 18.369661] [ 18.369772] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.369772] [ 18.370578] allocated by task 308 on cpu 0 at 18.366732s (0.003839s ago): [ 18.371106] test_alloc+0x365/0x10f0 [ 18.371433] test_corruption+0x1cc/0x3e0 [ 18.371791] kunit_try_run_case+0x1a6/0x480 [ 18.372189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.372606] kthread+0x257/0x310 [ 18.372911] ret_from_fork+0x41/0x80 [ 18.373073] ret_from_fork_asm+0x1a/0x30 [ 18.373343] [ 18.373484] freed by task 308 on cpu 0 at 18.366870s (0.006609s ago): [ 18.373926] test_corruption+0x2e1/0x3e0 [ 18.374261] kunit_try_run_case+0x1a6/0x480 [ 18.374474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.374882] kthread+0x257/0x310 [ 18.375111] ret_from_fork+0x41/0x80 [ 18.375371] ret_from_fork_asm+0x1a/0x30 [ 18.375547] [ 18.375692] CPU: 0 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 18.376285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.376679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.377066] ================================================================== [ 18.470975] ================================================================== [ 18.471392] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 18.471392] [ 18.471629] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 18.472905] test_corruption+0x132/0x3e0 [ 18.473156] kunit_try_run_case+0x1a6/0x480 [ 18.473516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.473793] kthread+0x257/0x310 [ 18.474096] ret_from_fork+0x41/0x80 [ 18.474357] ret_from_fork_asm+0x1a/0x30 [ 18.474546] [ 18.474656] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.474656] [ 18.475374] allocated by task 310 on cpu 0 at 18.470758s (0.004611s ago): [ 18.476013] test_alloc+0x2a7/0x10f0 [ 18.476444] test_corruption+0xe7/0x3e0 [ 18.476770] kunit_try_run_case+0x1a6/0x480 [ 18.477094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.477315] kthread+0x257/0x310 [ 18.477476] ret_from_fork+0x41/0x80 [ 18.477901] ret_from_fork_asm+0x1a/0x30 [ 18.478372] [ 18.478617] freed by task 310 on cpu 0 at 18.470851s (0.007761s ago): [ 18.479183] test_corruption+0x132/0x3e0 [ 18.479405] kunit_try_run_case+0x1a6/0x480 [ 18.479587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.480000] kthread+0x257/0x310 [ 18.480194] ret_from_fork+0x41/0x80 [ 18.480439] ret_from_fork_asm+0x1a/0x30 [ 18.481156] [ 18.481356] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 18.481704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.482019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.482779] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.846871] ================================================================== [ 17.847392] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 17.847392] [ 17.847691] Invalid free of 0x(____ptrval____) (in kfence-#80): [ 17.847876] test_invalid_addr_free+0x1e3/0x260 [ 17.848296] kunit_try_run_case+0x1a6/0x480 [ 17.849086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.849897] kthread+0x257/0x310 [ 17.850297] ret_from_fork+0x41/0x80 [ 17.850541] ret_from_fork_asm+0x1a/0x30 [ 17.850646] [ 17.850742] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.850742] [ 17.851205] allocated by task 304 on cpu 0 at 17.846652s (0.004547s ago): [ 17.851466] test_alloc+0x365/0x10f0 [ 17.851629] test_invalid_addr_free+0xdc/0x260 [ 17.851821] kunit_try_run_case+0x1a6/0x480 [ 17.852093] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.852438] kthread+0x257/0x310 [ 17.852590] ret_from_fork+0x41/0x80 [ 17.852854] ret_from_fork_asm+0x1a/0x30 [ 17.853160] [ 17.853334] CPU: 0 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.853725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.853892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.854495] ================================================================== [ 17.950784] ================================================================== [ 17.951323] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 17.951323] [ 17.951693] Invalid free of 0x(____ptrval____) (in kfence-#81): [ 17.952732] test_invalid_addr_free+0xfc/0x260 [ 17.952998] kunit_try_run_case+0x1a6/0x480 [ 17.953175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.953494] kthread+0x257/0x310 [ 17.953732] ret_from_fork+0x41/0x80 [ 17.954046] ret_from_fork_asm+0x1a/0x30 [ 17.954395] [ 17.954520] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.954520] [ 17.955100] allocated by task 306 on cpu 1 at 17.950606s (0.004488s ago): [ 17.955369] test_alloc+0x2a7/0x10f0 [ 17.955698] test_invalid_addr_free+0xdc/0x260 [ 17.955955] kunit_try_run_case+0x1a6/0x480 [ 17.956308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.956625] kthread+0x257/0x310 [ 17.956830] ret_from_fork+0x41/0x80 [ 17.957137] ret_from_fork_asm+0x1a/0x30 [ 17.957447] [ 17.957586] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.958198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.958474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.958769] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 17.743076] ================================================================== [ 17.743508] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 17.743508] [ 17.743784] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 17.744169] test_double_free+0x113/0x260 [ 17.744508] kunit_try_run_case+0x1a6/0x480 [ 17.744782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.745172] kthread+0x257/0x310 [ 17.745355] ret_from_fork+0x41/0x80 [ 17.745586] ret_from_fork_asm+0x1a/0x30 [ 17.746094] [ 17.746293] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.746293] [ 17.747016] allocated by task 302 on cpu 1 at 17.742799s (0.004211s ago): [ 17.747646] test_alloc+0x2a7/0x10f0 [ 17.748012] test_double_free+0xdc/0x260 [ 17.748456] kunit_try_run_case+0x1a6/0x480 [ 17.748809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.749017] kthread+0x257/0x310 [ 17.749498] ret_from_fork+0x41/0x80 [ 17.749882] ret_from_fork_asm+0x1a/0x30 [ 17.750319] [ 17.750454] freed by task 302 on cpu 1 at 17.742876s (0.007572s ago): [ 17.750769] test_double_free+0xfb/0x260 [ 17.751051] kunit_try_run_case+0x1a6/0x480 [ 17.751398] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.751591] kthread+0x257/0x310 [ 17.751874] ret_from_fork+0x41/0x80 [ 17.752400] ret_from_fork_asm+0x1a/0x30 [ 17.752788] [ 17.753155] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.753554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.753991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.754409] ================================================================== [ 17.639019] ================================================================== [ 17.639447] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 17.639447] [ 17.639686] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.639995] test_double_free+0x1d5/0x260 [ 17.640378] kunit_try_run_case+0x1a6/0x480 [ 17.640827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.641148] kthread+0x257/0x310 [ 17.641284] ret_from_fork+0x41/0x80 [ 17.641444] ret_from_fork_asm+0x1a/0x30 [ 17.641620] [ 17.641801] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.641801] [ 17.642497] allocated by task 300 on cpu 0 at 17.638709s (0.003783s ago): [ 17.642987] test_alloc+0x365/0x10f0 [ 17.643215] test_double_free+0xdc/0x260 [ 17.643396] kunit_try_run_case+0x1a6/0x480 [ 17.643586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.643990] kthread+0x257/0x310 [ 17.644363] ret_from_fork+0x41/0x80 [ 17.644555] ret_from_fork_asm+0x1a/0x30 [ 17.644859] [ 17.644971] freed by task 300 on cpu 0 at 17.638822s (0.006145s ago): [ 17.645479] test_double_free+0x1e2/0x260 [ 17.645692] kunit_try_run_case+0x1a6/0x480 [ 17.645908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.646260] kthread+0x257/0x310 [ 17.646535] ret_from_fork+0x41/0x80 [ 17.646858] ret_from_fork_asm+0x1a/0x30 [ 17.647142] [ 17.647395] CPU: 0 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.647998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.648375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.648780] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.821531] ================================================================== [ 12.821990] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 12.822395] Free of addr ffff888102982001 by task kunit_try_catch/216 [ 12.822585] [ 12.822708] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.822785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.822806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.823288] Call Trace: [ 12.823335] <TASK> [ 12.823376] dump_stack_lvl+0x73/0xb0 [ 12.823434] print_report+0xd1/0x640 [ 12.823458] ? __virt_addr_valid+0x1db/0x2d0 [ 12.823484] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.823504] ? kmem_cache_invalid_free+0x1d9/0x470 [ 12.823525] kasan_report_invalid_free+0xfc/0x120 [ 12.823547] ? kmem_cache_invalid_free+0x1d9/0x470 [ 12.823567] ? kmem_cache_invalid_free+0x1d9/0x470 [ 12.823586] check_slab_allocation+0x11f/0x130 [ 12.823606] __kasan_slab_pre_free+0x28/0x40 [ 12.823625] kmem_cache_free+0xee/0x400 [ 12.823644] ? kmem_cache_alloc_noprof+0x107/0x350 [ 12.823685] ? kmem_cache_invalid_free+0x1d9/0x470 [ 12.823708] kmem_cache_invalid_free+0x1d9/0x470 [ 12.823728] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.823746] ? finish_task_switch.isra.0+0x153/0x700 [ 12.823766] ? __switch_to+0x5d9/0xf60 [ 12.823791] ? __pfx_read_tsc+0x10/0x10 [ 12.823809] ? ktime_get_ts64+0x84/0x230 [ 12.823832] kunit_try_run_case+0x1a6/0x480 [ 12.823854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.823871] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.823891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.823912] ? __kthread_parkme+0x82/0x160 [ 12.823930] ? preempt_count_sub+0x50/0x80 [ 12.823949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.823967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.823988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.824010] kthread+0x257/0x310 [ 12.824026] ? __pfx_kthread+0x10/0x10 [ 12.824042] ret_from_fork+0x41/0x80 [ 12.824071] ? __pfx_kthread+0x10/0x10 [ 12.824089] ret_from_fork_asm+0x1a/0x30 [ 12.824117] </TASK> [ 12.824129] [ 12.833606] Allocated by task 216: [ 12.833899] kasan_save_stack+0x45/0x70 [ 12.834422] kasan_save_track+0x18/0x40 [ 12.834746] kasan_save_alloc_info+0x3b/0x50 [ 12.834943] __kasan_slab_alloc+0x91/0xa0 [ 12.835284] kmem_cache_alloc_noprof+0x107/0x350 [ 12.835621] kmem_cache_invalid_free+0x158/0x470 [ 12.835964] kunit_try_run_case+0x1a6/0x480 [ 12.836325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836699] kthread+0x257/0x310 [ 12.836880] ret_from_fork+0x41/0x80 [ 12.837120] ret_from_fork_asm+0x1a/0x30 [ 12.837537] [ 12.837698] The buggy address belongs to the object at ffff888102982000 [ 12.837698] which belongs to the cache test_cache of size 200 [ 12.838390] The buggy address is located 1 bytes inside of [ 12.838390] 200-byte region [ffff888102982000, ffff8881029820c8) [ 12.838942] [ 12.839135] The buggy address belongs to the physical page: [ 12.839390] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102982 [ 12.839793] flags: 0x200000000000000(node=0|zone=2) [ 12.840025] page_type: f5(slab) [ 12.840276] raw: 0200000000000000 ffff888101ad0140 dead000000000122 0000000000000000 [ 12.840554] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 12.841255] page dumped because: kasan: bad access detected [ 12.841617] [ 12.841749] Memory state around the buggy address: [ 12.841938] ffff888102981f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.842384] ffff888102981f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.842871] >ffff888102982000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.843454] ^ [ 12.843719] ffff888102982080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.844057] ffff888102982100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.844476] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.778022] ================================================================== [ 12.778652] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 12.778912] Free of addr ffff888102626000 by task kunit_try_catch/214 [ 12.779161] [ 12.779348] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.779800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.779839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.779883] Call Trace: [ 12.779910] <TASK> [ 12.779944] dump_stack_lvl+0x73/0xb0 [ 12.780005] print_report+0xd1/0x640 [ 12.780049] ? __virt_addr_valid+0x1db/0x2d0 [ 12.780097] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.780133] ? kmem_cache_double_free+0x1e6/0x490 [ 12.780189] kasan_report_invalid_free+0xfc/0x120 [ 12.780373] ? kmem_cache_double_free+0x1e6/0x490 [ 12.780426] ? kmem_cache_double_free+0x1e6/0x490 [ 12.780470] check_slab_allocation+0x101/0x130 [ 12.780516] __kasan_slab_pre_free+0x28/0x40 [ 12.780551] kmem_cache_free+0xee/0x400 [ 12.780573] ? kmem_cache_alloc_noprof+0x107/0x350 [ 12.780594] ? kmem_cache_double_free+0x1e6/0x490 [ 12.780617] kmem_cache_double_free+0x1e6/0x490 [ 12.780638] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.780681] ? finish_task_switch.isra.0+0x153/0x700 [ 12.780705] ? __switch_to+0x5d9/0xf60 [ 12.780733] ? __pfx_read_tsc+0x10/0x10 [ 12.780752] ? ktime_get_ts64+0x84/0x230 [ 12.780777] kunit_try_run_case+0x1a6/0x480 [ 12.780800] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.780819] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.780840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.780863] ? __kthread_parkme+0x82/0x160 [ 12.780882] ? preempt_count_sub+0x50/0x80 [ 12.780903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.780921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.780945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.780969] kthread+0x257/0x310 [ 12.780986] ? __pfx_kthread+0x10/0x10 [ 12.781004] ret_from_fork+0x41/0x80 [ 12.781022] ? __pfx_kthread+0x10/0x10 [ 12.781039] ret_from_fork_asm+0x1a/0x30 [ 12.781082] </TASK> [ 12.781217] [ 12.792803] Allocated by task 214: [ 12.793131] kasan_save_stack+0x45/0x70 [ 12.793579] kasan_save_track+0x18/0x40 [ 12.793765] kasan_save_alloc_info+0x3b/0x50 [ 12.794126] __kasan_slab_alloc+0x91/0xa0 [ 12.794388] kmem_cache_alloc_noprof+0x107/0x350 [ 12.795075] kmem_cache_double_free+0x150/0x490 [ 12.795515] kunit_try_run_case+0x1a6/0x480 [ 12.795874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.796221] kthread+0x257/0x310 [ 12.796570] ret_from_fork+0x41/0x80 [ 12.796817] ret_from_fork_asm+0x1a/0x30 [ 12.797334] [ 12.797503] Freed by task 214: [ 12.797735] kasan_save_stack+0x45/0x70 [ 12.797999] kasan_save_track+0x18/0x40 [ 12.798447] kasan_save_free_info+0x3f/0x60 [ 12.799186] __kasan_slab_free+0x56/0x70 [ 12.799361] kmem_cache_free+0x120/0x400 [ 12.799911] kmem_cache_double_free+0x16b/0x490 [ 12.800498] kunit_try_run_case+0x1a6/0x480 [ 12.800751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.801130] kthread+0x257/0x310 [ 12.801295] ret_from_fork+0x41/0x80 [ 12.801601] ret_from_fork_asm+0x1a/0x30 [ 12.801804] [ 12.801942] The buggy address belongs to the object at ffff888102626000 [ 12.801942] which belongs to the cache test_cache of size 200 [ 12.802788] The buggy address is located 0 bytes inside of [ 12.802788] 200-byte region [ffff888102626000, ffff8881026260c8) [ 12.803756] [ 12.803988] The buggy address belongs to the physical page: [ 12.804521] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102626 [ 12.805116] flags: 0x200000000000000(node=0|zone=2) [ 12.805785] page_type: f5(slab) [ 12.806395] raw: 0200000000000000 ffff888102621140 dead000000000122 0000000000000000 [ 12.806830] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 12.807268] page dumped because: kasan: bad access detected [ 12.807510] [ 12.807671] Memory state around the buggy address: [ 12.807863] ffff888102625f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.808626] ffff888102625f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.809091] >ffff888102626000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.809728] ^ [ 12.809868] ffff888102626080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.810324] ffff888102626100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810923] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.734461] ================================================================== [ 12.735027] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 12.735488] Read of size 1 at addr ffff8881026230c8 by task kunit_try_catch/212 [ 12.735773] [ 12.735941] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.736018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.736038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.736071] Call Trace: [ 12.736093] <TASK> [ 12.736122] dump_stack_lvl+0x73/0xb0 [ 12.736171] print_report+0xd1/0x640 [ 12.736212] ? __virt_addr_valid+0x1db/0x2d0 [ 12.736251] ? kmem_cache_oob+0x404/0x530 [ 12.736283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.736319] ? kmem_cache_oob+0x404/0x530 [ 12.736350] kasan_report+0x140/0x180 [ 12.736391] ? kmem_cache_oob+0x404/0x530 [ 12.736434] __asan_report_load1_noabort+0x18/0x20 [ 12.736467] kmem_cache_oob+0x404/0x530 [ 12.736499] ? trace_hardirqs_on+0x37/0xe0 [ 12.736543] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.736577] ? finish_task_switch.isra.0+0x153/0x700 [ 12.736617] ? __switch_to+0x5d9/0xf60 [ 12.736837] ? __pfx_read_tsc+0x10/0x10 [ 12.736899] ? ktime_get_ts64+0x84/0x230 [ 12.736948] kunit_try_run_case+0x1a6/0x480 [ 12.736989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737025] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.737403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.737444] ? __kthread_parkme+0x82/0x160 [ 12.737465] ? preempt_count_sub+0x50/0x80 [ 12.737487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.737507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.737531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.737557] kthread+0x257/0x310 [ 12.737574] ? __pfx_kthread+0x10/0x10 [ 12.737592] ret_from_fork+0x41/0x80 [ 12.737611] ? __pfx_kthread+0x10/0x10 [ 12.737628] ret_from_fork_asm+0x1a/0x30 [ 12.737677] </TASK> [ 12.737695] [ 12.746337] Allocated by task 212: [ 12.746709] kasan_save_stack+0x45/0x70 [ 12.746989] kasan_save_track+0x18/0x40 [ 12.747377] kasan_save_alloc_info+0x3b/0x50 [ 12.747700] __kasan_slab_alloc+0x91/0xa0 [ 12.747889] kmem_cache_alloc_noprof+0x107/0x350 [ 12.748179] kmem_cache_oob+0x158/0x530 [ 12.748478] kunit_try_run_case+0x1a6/0x480 [ 12.748767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.749133] kthread+0x257/0x310 [ 12.749394] ret_from_fork+0x41/0x80 [ 12.749672] ret_from_fork_asm+0x1a/0x30 [ 12.749920] [ 12.750025] The buggy address belongs to the object at ffff888102623000 [ 12.750025] which belongs to the cache test_cache of size 200 [ 12.750521] The buggy address is located 0 bytes to the right of [ 12.750521] allocated 200-byte region [ffff888102623000, ffff8881026230c8) [ 12.751301] [ 12.751457] The buggy address belongs to the physical page: [ 12.752313] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102623 [ 12.752591] flags: 0x200000000000000(node=0|zone=2) [ 12.752955] page_type: f5(slab) [ 12.753366] raw: 0200000000000000 ffff888102621000 dead000000000122 0000000000000000 [ 12.753871] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 12.754503] page dumped because: kasan: bad access detected [ 12.754750] [ 12.754854] Memory state around the buggy address: [ 12.755034] ffff888102622f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.755864] ffff888102623000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.756340] >ffff888102623080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.756960] ^ [ 12.757213] ffff888102623100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.757569] ffff888102623180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.758219] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.682154] ================================================================== [ 12.683422] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 12.683902] Read of size 8 at addr ffff88810261f1c0 by task kunit_try_catch/205 [ 12.684260] [ 12.684439] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.684512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.684530] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.684562] Call Trace: [ 12.684584] <TASK> [ 12.684610] dump_stack_lvl+0x73/0xb0 [ 12.684654] print_report+0xd1/0x640 [ 12.684705] ? __virt_addr_valid+0x1db/0x2d0 [ 12.684739] ? workqueue_uaf+0x4d8/0x560 [ 12.684766] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.684804] ? workqueue_uaf+0x4d8/0x560 [ 12.684837] kasan_report+0x140/0x180 [ 12.684916] ? workqueue_uaf+0x4d8/0x560 [ 12.684991] __asan_report_load8_noabort+0x18/0x20 [ 12.685027] workqueue_uaf+0x4d8/0x560 [ 12.685071] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.685300] ? __schedule+0xc49/0x27a0 [ 12.685339] ? __pfx_read_tsc+0x10/0x10 [ 12.685411] ? ktime_get_ts64+0x84/0x230 [ 12.685538] kunit_try_run_case+0x1a6/0x480 [ 12.685617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685665] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.685705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.685733] ? __kthread_parkme+0x82/0x160 [ 12.685753] ? preempt_count_sub+0x50/0x80 [ 12.685775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.685794] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.685818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.685842] kthread+0x257/0x310 [ 12.685859] ? __pfx_kthread+0x10/0x10 [ 12.685878] ret_from_fork+0x41/0x80 [ 12.685908] ? __pfx_kthread+0x10/0x10 [ 12.685929] ret_from_fork_asm+0x1a/0x30 [ 12.685959] </TASK> [ 12.685972] [ 12.695914] Allocated by task 205: [ 12.696094] kasan_save_stack+0x45/0x70 [ 12.696335] kasan_save_track+0x18/0x40 [ 12.696759] kasan_save_alloc_info+0x3b/0x50 [ 12.697031] __kasan_kmalloc+0xb7/0xc0 [ 12.697705] __kmalloc_cache_noprof+0x168/0x350 [ 12.698115] workqueue_uaf+0x153/0x560 [ 12.698531] kunit_try_run_case+0x1a6/0x480 [ 12.698779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.698984] kthread+0x257/0x310 [ 12.699401] ret_from_fork+0x41/0x80 [ 12.699590] ret_from_fork_asm+0x1a/0x30 [ 12.699874] [ 12.700045] Freed by task 10: [ 12.700402] kasan_save_stack+0x45/0x70 [ 12.700582] kasan_save_track+0x18/0x40 [ 12.700868] kasan_save_free_info+0x3f/0x60 [ 12.701471] __kasan_slab_free+0x56/0x70 [ 12.702348] kfree+0x123/0x3d0 [ 12.702516] workqueue_uaf_work+0x12/0x20 [ 12.702677] process_one_work+0x5ee/0xf60 [ 12.702832] worker_thread+0x753/0x1200 [ 12.702980] kthread+0x257/0x310 [ 12.703111] ret_from_fork+0x41/0x80 [ 12.703248] ret_from_fork_asm+0x1a/0x30 [ 12.703386] [ 12.703469] Last potentially related work creation: [ 12.703614] kasan_save_stack+0x45/0x70 [ 12.705642] __kasan_record_aux_stack+0xae/0xc0 [ 12.706380] kasan_record_aux_stack_noalloc+0xf/0x20 [ 12.708239] __queue_work+0x67e/0xf70 [ 12.708927] queue_work_on+0x74/0xa0 [ 12.709991] workqueue_uaf+0x26e/0x560 [ 12.710579] kunit_try_run_case+0x1a6/0x480 [ 12.710935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.711313] kthread+0x257/0x310 [ 12.711559] ret_from_fork+0x41/0x80 [ 12.711737] ret_from_fork_asm+0x1a/0x30 [ 12.711889] [ 12.711976] The buggy address belongs to the object at ffff88810261f1c0 [ 12.711976] which belongs to the cache kmalloc-32 of size 32 [ 12.712572] The buggy address is located 0 bytes inside of [ 12.712572] freed 32-byte region [ffff88810261f1c0, ffff88810261f1e0) [ 12.712982] [ 12.713469] The buggy address belongs to the physical page: [ 12.713792] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 12.714275] flags: 0x200000000000000(node=0|zone=2) [ 12.714638] page_type: f5(slab) [ 12.714922] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.716887] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 12.717756] page dumped because: kasan: bad access detected [ 12.718033] [ 12.718182] Memory state around the buggy address: [ 12.718708] ffff88810261f080: 00 00 05 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.719041] ffff88810261f100: fa fb fb fb fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.719543] >ffff88810261f180: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.719978] ^ [ 12.720360] ffff88810261f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721000] ffff88810261f280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.721388] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.430925] ================================================================== [ 17.431344] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 17.431344] [ 17.431635] Use-after-free read at 0x(____ptrval____) (in kfence-#76): [ 17.431995] test_use_after_free_read+0x12a/0x270 [ 17.432454] kunit_try_run_case+0x1a6/0x480 [ 17.432642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.432855] kthread+0x257/0x310 [ 17.433060] ret_from_fork+0x41/0x80 [ 17.433361] ret_from_fork_asm+0x1a/0x30 [ 17.433683] [ 17.433933] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.433933] [ 17.434768] allocated by task 296 on cpu 1 at 17.430646s (0.004117s ago): [ 17.435050] test_alloc+0x365/0x10f0 [ 17.435280] test_use_after_free_read+0xdd/0x270 [ 17.435662] kunit_try_run_case+0x1a6/0x480 [ 17.436056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.436445] kthread+0x257/0x310 [ 17.436607] ret_from_fork+0x41/0x80 [ 17.436786] ret_from_fork_asm+0x1a/0x30 [ 17.436981] [ 17.437143] freed by task 296 on cpu 1 at 17.430758s (0.006361s ago): [ 17.437629] test_use_after_free_read+0x1e9/0x270 [ 17.437997] kunit_try_run_case+0x1a6/0x480 [ 17.438252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.438503] kthread+0x257/0x310 [ 17.438810] ret_from_fork+0x41/0x80 [ 17.439109] ret_from_fork_asm+0x1a/0x30 [ 17.439532] [ 17.439738] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.440396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.440628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.441087] ================================================================== [ 17.534889] ================================================================== [ 17.535300] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 17.535300] [ 17.535619] Use-after-free read at 0x(____ptrval____) (in kfence-#77): [ 17.536058] test_use_after_free_read+0x12a/0x270 [ 17.536461] kunit_try_run_case+0x1a6/0x480 [ 17.536746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.536972] kthread+0x257/0x310 [ 17.537894] ret_from_fork+0x41/0x80 [ 17.538374] ret_from_fork_asm+0x1a/0x30 [ 17.538724] [ 17.538855] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.538855] [ 17.539414] allocated by task 298 on cpu 0 at 17.534660s (0.004748s ago): [ 17.539907] test_alloc+0x2a7/0x10f0 [ 17.540258] test_use_after_free_read+0xdd/0x270 [ 17.540636] kunit_try_run_case+0x1a6/0x480 [ 17.541015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.541438] kthread+0x257/0x310 [ 17.541718] ret_from_fork+0x41/0x80 [ 17.541937] ret_from_fork_asm+0x1a/0x30 [ 17.542176] [ 17.542366] freed by task 298 on cpu 0 at 17.534762s (0.007599s ago): [ 17.542779] test_use_after_free_read+0xfc/0x270 [ 17.543134] kunit_try_run_case+0x1a6/0x480 [ 17.543433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.543815] kthread+0x257/0x310 [ 17.544092] ret_from_fork+0x41/0x80 [ 17.544410] ret_from_fork_asm+0x1a/0x30 [ 17.544732] [ 17.544929] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.545375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.545728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.546202] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.222843] ================================================================== [ 17.223336] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 17.223336] [ 17.223687] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#74): [ 17.224203] test_out_of_bounds_write+0x10e/0x260 [ 17.224450] kunit_try_run_case+0x1a6/0x480 [ 17.224631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.225132] kthread+0x257/0x310 [ 17.225446] ret_from_fork+0x41/0x80 [ 17.225766] ret_from_fork_asm+0x1a/0x30 [ 17.226173] [ 17.226394] kfence-#74: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.226394] [ 17.227098] allocated by task 292 on cpu 1 at 17.222623s (0.004469s ago): [ 17.227703] test_alloc+0x365/0x10f0 [ 17.228047] test_out_of_bounds_write+0xd5/0x260 [ 17.228468] kunit_try_run_case+0x1a6/0x480 [ 17.228844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.229241] kthread+0x257/0x310 [ 17.229389] ret_from_fork+0x41/0x80 [ 17.229647] ret_from_fork_asm+0x1a/0x30 [ 17.229949] [ 17.230198] CPU: 1 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.230602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.230921] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.231315] ================================================================== [ 17.326729] ================================================================== [ 17.327123] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 17.327123] [ 17.327573] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#75): [ 17.328264] test_out_of_bounds_write+0x10e/0x260 [ 17.329016] kunit_try_run_case+0x1a6/0x480 [ 17.329380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.329836] kthread+0x257/0x310 [ 17.330038] ret_from_fork+0x41/0x80 [ 17.330206] ret_from_fork_asm+0x1a/0x30 [ 17.330375] [ 17.330498] kfence-#75: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.330498] [ 17.331135] allocated by task 294 on cpu 0 at 17.326625s (0.004504s ago): [ 17.331705] test_alloc+0x2a7/0x10f0 [ 17.331926] test_out_of_bounds_write+0xd5/0x260 [ 17.332171] kunit_try_run_case+0x1a6/0x480 [ 17.332553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.332927] kthread+0x257/0x310 [ 17.333116] ret_from_fork+0x41/0x80 [ 17.333286] ret_from_fork_asm+0x1a/0x30 [ 17.333755] [ 17.333977] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.334656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.334893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.335515] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.014767] ================================================================== [ 17.015358] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 17.015358] [ 17.016067] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#72): [ 17.016538] test_out_of_bounds_read+0x127/0x4e0 [ 17.016840] kunit_try_run_case+0x1a6/0x480 [ 17.017111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.017502] kthread+0x257/0x310 [ 17.017715] ret_from_fork+0x41/0x80 [ 17.017877] ret_from_fork_asm+0x1a/0x30 [ 17.018341] [ 17.018485] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.018485] [ 17.018788] allocated by task 290 on cpu 1 at 17.014654s (0.004129s ago): [ 17.019645] test_alloc+0x2a7/0x10f0 [ 17.020071] test_out_of_bounds_read+0xee/0x4e0 [ 17.020357] kunit_try_run_case+0x1a6/0x480 [ 17.020624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020954] kthread+0x257/0x310 [ 17.021286] ret_from_fork+0x41/0x80 [ 17.021558] ret_from_fork_asm+0x1a/0x30 [ 17.021758] [ 17.021891] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.022628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.022827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.023794] ================================================================== [ 16.391019] ================================================================== [ 16.391487] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 16.391487] [ 16.391920] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#66): [ 16.392230] test_out_of_bounds_read+0x127/0x4e0 [ 16.392602] kunit_try_run_case+0x1a6/0x480 [ 16.392942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.393225] kthread+0x257/0x310 [ 16.393404] ret_from_fork+0x41/0x80 [ 16.393543] ret_from_fork_asm+0x1a/0x30 [ 16.393851] [ 16.393966] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.393966] [ 16.394290] allocated by task 288 on cpu 0 at 16.390595s (0.003690s ago): [ 16.394812] test_alloc+0x365/0x10f0 [ 16.395100] test_out_of_bounds_read+0xee/0x4e0 [ 16.395532] kunit_try_run_case+0x1a6/0x480 [ 16.395868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.396299] kthread+0x257/0x310 [ 16.396559] ret_from_fork+0x41/0x80 [ 16.396801] ret_from_fork_asm+0x1a/0x30 [ 16.397036] [ 16.397271] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 16.397635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.397818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.398104] ================================================================== [ 16.910995] ================================================================== [ 16.911403] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 16.911403] [ 16.911826] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#71): [ 16.912386] test_out_of_bounds_read+0x217/0x4e0 [ 16.912705] kunit_try_run_case+0x1a6/0x480 [ 16.913028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.913266] kthread+0x257/0x310 [ 16.913585] ret_from_fork+0x41/0x80 [ 16.913881] ret_from_fork_asm+0x1a/0x30 [ 16.914183] [ 16.914300] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.914300] [ 16.914725] allocated by task 288 on cpu 0 at 16.910690s (0.004030s ago): [ 16.915382] test_alloc+0x365/0x10f0 [ 16.915688] test_out_of_bounds_read+0x1e3/0x4e0 [ 16.915903] kunit_try_run_case+0x1a6/0x480 [ 16.916119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.916508] kthread+0x257/0x310 [ 16.916786] ret_from_fork+0x41/0x80 [ 16.917016] ret_from_fork_asm+0x1a/0x30 [ 16.917335] [ 16.917501] CPU: 0 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 16.917903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.918096] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.918713] ================================================================== [ 17.118736] ================================================================== [ 17.119187] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 17.119187] [ 17.119503] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#73): [ 17.120005] test_out_of_bounds_read+0x217/0x4e0 [ 17.120765] kunit_try_run_case+0x1a6/0x480 [ 17.121176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.121484] kthread+0x257/0x310 [ 17.121649] ret_from_fork+0x41/0x80 [ 17.121825] ret_from_fork_asm+0x1a/0x30 [ 17.121997] [ 17.122094] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.122094] [ 17.122779] allocated by task 290 on cpu 1 at 17.118636s (0.004138s ago): [ 17.123088] test_alloc+0x2a7/0x10f0 [ 17.123323] test_out_of_bounds_read+0x1e3/0x4e0 [ 17.123558] kunit_try_run_case+0x1a6/0x480 [ 17.123929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.124394] kthread+0x257/0x310 [ 17.124581] ret_from_fork+0x41/0x80 [ 17.124907] ret_from_fork_asm+0x1a/0x30 [ 17.125280] [ 17.125470] CPU: 1 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 17.125961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.126339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.126881] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-kfree_sensitive
[ 12.442459] ================================================================== [ 12.442948] BUG: KFENCE: invalid free in kfree_sensitive+0x67/0x90 [ 12.442948] [ 12.445791] Invalid free of 0x(____ptrval____) (in kfence-#45): [ 12.446113] kfree_sensitive+0x67/0x90 [ 12.447013] kmalloc_double_kzfree+0x19d/0x360 [ 12.447371] kunit_try_run_case+0x1a6/0x480 [ 12.447709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.447896] kthread+0x257/0x310 [ 12.448018] ret_from_fork+0x41/0x80 [ 12.448393] ret_from_fork_asm+0x1a/0x30 [ 12.448812] [ 12.448973] kfence-#45: 0x(____ptrval____)-0x(____ptrval____), size=16, cache=kmalloc-16 [ 12.448973] [ 12.450122] allocated by task 197 on cpu 1 at 12.422899s (0.027216s ago): [ 12.450472] kmalloc_double_kzfree+0xaa/0x360 [ 12.450789] kunit_try_run_case+0x1a6/0x480 [ 12.451033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.452474] kthread+0x257/0x310 [ 12.452781] ret_from_fork+0x41/0x80 [ 12.453004] ret_from_fork_asm+0x1a/0x30 [ 12.453359] [ 12.453491] freed by task 197 on cpu 1 at 12.422979s (0.030508s ago): [ 12.453972] kfree_sensitive+0x67/0x90 [ 12.454187] kmalloc_double_kzfree+0x12c/0x360 [ 12.454364] kunit_try_run_case+0x1a6/0x480 [ 12.454718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.455027] kthread+0x257/0x310 [ 12.455180] ret_from_fork+0x41/0x80 [ 12.455339] ret_from_fork_asm+0x1a/0x30 [ 12.455699] [ 12.455869] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.456579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.457072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.457382] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.634258] ================================================================== [ 12.634714] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.635341] Read of size 4 at addr ffff88810261f100 by task swapper/0/0 [ 12.635824] [ 12.635949] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.12.32-rc1 #1 [ 12.636059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.636086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.636133] Call Trace: [ 12.636189] <IRQ> [ 12.636235] dump_stack_lvl+0x73/0xb0 [ 12.636291] print_report+0xd1/0x640 [ 12.636454] ? __virt_addr_valid+0x1db/0x2d0 [ 12.636506] ? rcu_uaf_reclaim+0x50/0x60 [ 12.636548] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.636592] ? rcu_uaf_reclaim+0x50/0x60 [ 12.636628] kasan_report+0x140/0x180 [ 12.636675] ? rcu_uaf_reclaim+0x50/0x60 [ 12.636722] __asan_report_load4_noabort+0x18/0x20 [ 12.636758] rcu_uaf_reclaim+0x50/0x60 [ 12.636827] rcu_core+0x683/0x1c80 [ 12.636898] ? __pfx_rcu_core+0x10/0x10 [ 12.636936] ? lapic_next_event+0x19/0x30 [ 12.636968] ? handle_softirqs+0x18e/0x730 [ 12.637001] rcu_core_si+0x12/0x20 [ 12.637019] handle_softirqs+0x209/0x730 [ 12.637041] ? __pfx_handle_softirqs+0x10/0x10 [ 12.637074] irq_exit_rcu+0x9c/0xd0 [ 12.637135] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.637169] </IRQ> [ 12.637225] <TASK> [ 12.637237] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.637341] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.637447] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 2b 3b 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.637533] RSP: 0000:ffffffff86807de0 EFLAGS: 00010212 [ 12.637631] RAX: ffff88815b000000 RBX: ffffffff86818700 RCX: ffffffff854d4d75 [ 12.637698] RDX: ffffed102b606b2b RSI: 0000000000000004 RDI: 0000000000025f2c [ 12.637745] RBP: ffffffff86807de8 R08: 0000000000000001 R09: ffffed102b606b2a [ 12.637787] R10: ffff88815b035953 R11: 0000000000011c00 R12: 0000000000000000 [ 12.637831] R13: fffffbfff0d030e0 R14: ffffffff87354e08 R15: 0000000000000000 [ 12.637899] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.637958] ? default_idle+0xd/0x20 [ 12.637981] arch_cpu_idle+0xd/0x20 [ 12.638000] default_idle_call+0x48/0x80 [ 12.638019] do_idle+0x313/0x3c0 [ 12.638043] ? __pfx_do_idle+0x10/0x10 [ 12.638073] ? __call_rcu_common.constprop.0+0x2dd/0xaa0 [ 12.638143] ? do_idle+0x1a/0x3c0 [ 12.638179] cpu_startup_entry+0x5c/0x70 [ 12.638203] rest_init+0x11a/0x140 [ 12.638222] start_kernel+0x326/0x410 [ 12.638247] x86_64_start_reservations+0x1c/0x30 [ 12.638266] x86_64_start_kernel+0xcf/0xe0 [ 12.638285] common_startup_64+0x12c/0x138 [ 12.638314] </TASK> [ 12.638325] [ 12.653769] Allocated by task 203: [ 12.654072] kasan_save_stack+0x45/0x70 [ 12.654457] kasan_save_track+0x18/0x40 [ 12.654753] kasan_save_alloc_info+0x3b/0x50 [ 12.654916] __kasan_kmalloc+0xb7/0xc0 [ 12.655208] __kmalloc_cache_noprof+0x168/0x350 [ 12.655519] rcu_uaf+0xb1/0x330 [ 12.655697] kunit_try_run_case+0x1a6/0x480 [ 12.656002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.656532] kthread+0x257/0x310 [ 12.656729] ret_from_fork+0x41/0x80 [ 12.656976] ret_from_fork_asm+0x1a/0x30 [ 12.657412] [ 12.657527] Freed by task 0: [ 12.657678] kasan_save_stack+0x45/0x70 [ 12.657942] kasan_save_track+0x18/0x40 [ 12.658237] kasan_save_free_info+0x3f/0x60 [ 12.658567] __kasan_slab_free+0x56/0x70 [ 12.658778] kfree+0x123/0x3d0 [ 12.659014] rcu_uaf_reclaim+0x1f/0x60 [ 12.659742] rcu_core+0x683/0x1c80 [ 12.659951] rcu_core_si+0x12/0x20 [ 12.660545] handle_softirqs+0x209/0x730 [ 12.660910] irq_exit_rcu+0x9c/0xd0 [ 12.661186] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.661795] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.662191] [ 12.662335] Last potentially related work creation: [ 12.662685] kasan_save_stack+0x45/0x70 [ 12.663014] __kasan_record_aux_stack+0xae/0xc0 [ 12.663558] kasan_record_aux_stack_noalloc+0xf/0x20 [ 12.664139] __call_rcu_common.constprop.0+0x72/0xaa0 [ 12.664338] call_rcu+0x12/0x20 [ 12.664508] rcu_uaf+0x169/0x330 [ 12.664780] kunit_try_run_case+0x1a6/0x480 [ 12.665090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.665304] kthread+0x257/0x310 [ 12.665475] ret_from_fork+0x41/0x80 [ 12.665817] ret_from_fork_asm+0x1a/0x30 [ 12.666353] [ 12.666565] The buggy address belongs to the object at ffff88810261f100 [ 12.666565] which belongs to the cache kmalloc-32 of size 32 [ 12.667259] The buggy address is located 0 bytes inside of [ 12.667259] freed 32-byte region [ffff88810261f100, ffff88810261f120) [ 12.667850] [ 12.668007] The buggy address belongs to the physical page: [ 12.668765] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261f [ 12.669174] flags: 0x200000000000000(node=0|zone=2) [ 12.669431] page_type: f5(slab) [ 12.669875] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.670478] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 12.670879] page dumped because: kasan: bad access detected [ 12.671333] [ 12.671431] Memory state around the buggy address: [ 12.671676] ffff88810261f000: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.672252] ffff88810261f080: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 12.672731] >ffff88810261f100: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.672999] ^ [ 12.673718] ffff88810261f180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.674295] ffff88810261f200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.674621] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.545736] ================================================================== [ 12.546203] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 12.546800] Read of size 1 at addr ffff88810261ce00 by task kunit_try_catch/201 [ 12.547267] [ 12.547450] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.547540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.547563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.547598] Call Trace: [ 12.547623] <TASK> [ 12.547651] dump_stack_lvl+0x73/0xb0 [ 12.547740] print_report+0xd1/0x640 [ 12.547783] ? __virt_addr_valid+0x1db/0x2d0 [ 12.547822] ? ksize_uaf+0x19e/0x6c0 [ 12.547853] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.547893] ? ksize_uaf+0x19e/0x6c0 [ 12.547939] kasan_report+0x140/0x180 [ 12.547980] ? ksize_uaf+0x19e/0x6c0 [ 12.548018] ? ksize_uaf+0x19e/0x6c0 [ 12.548083] __kasan_check_byte+0x3d/0x50 [ 12.548129] ksize+0x20/0x60 [ 12.548162] ksize_uaf+0x19e/0x6c0 [ 12.548182] ? __pfx_ksize_uaf+0x10/0x10 [ 12.548200] ? __schedule+0xc49/0x27a0 [ 12.548220] ? __pfx_read_tsc+0x10/0x10 [ 12.548238] ? ktime_get_ts64+0x84/0x230 [ 12.548265] kunit_try_run_case+0x1a6/0x480 [ 12.548286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.548304] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.548324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.548347] ? __kthread_parkme+0x82/0x160 [ 12.548365] ? preempt_count_sub+0x50/0x80 [ 12.548388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.548406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.548429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.548453] kthread+0x257/0x310 [ 12.548470] ? __pfx_kthread+0x10/0x10 [ 12.548488] ret_from_fork+0x41/0x80 [ 12.548506] ? __pfx_kthread+0x10/0x10 [ 12.548524] ret_from_fork_asm+0x1a/0x30 [ 12.548552] </TASK> [ 12.548563] [ 12.555834] Allocated by task 201: [ 12.556145] kasan_save_stack+0x45/0x70 [ 12.556465] kasan_save_track+0x18/0x40 [ 12.556749] kasan_save_alloc_info+0x3b/0x50 [ 12.557081] __kasan_kmalloc+0xb7/0xc0 [ 12.557355] __kmalloc_cache_noprof+0x168/0x350 [ 12.557685] ksize_uaf+0xab/0x6c0 [ 12.557934] kunit_try_run_case+0x1a6/0x480 [ 12.558237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.558576] kthread+0x257/0x310 [ 12.558749] ret_from_fork+0x41/0x80 [ 12.558917] ret_from_fork_asm+0x1a/0x30 [ 12.559202] [ 12.559348] Freed by task 201: [ 12.559580] kasan_save_stack+0x45/0x70 [ 12.559867] kasan_save_track+0x18/0x40 [ 12.560167] kasan_save_free_info+0x3f/0x60 [ 12.560455] __kasan_slab_free+0x56/0x70 [ 12.560753] kfree+0x123/0x3d0 [ 12.560943] ksize_uaf+0x12d/0x6c0 [ 12.561193] kunit_try_run_case+0x1a6/0x480 [ 12.561433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.561731] kthread+0x257/0x310 [ 12.561948] ret_from_fork+0x41/0x80 [ 12.562170] ret_from_fork_asm+0x1a/0x30 [ 12.562344] [ 12.562446] The buggy address belongs to the object at ffff88810261ce00 [ 12.562446] which belongs to the cache kmalloc-128 of size 128 [ 12.562998] The buggy address is located 0 bytes inside of [ 12.562998] freed 128-byte region [ffff88810261ce00, ffff88810261ce80) [ 12.563785] [ 12.563940] The buggy address belongs to the physical page: [ 12.564317] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.564832] flags: 0x200000000000000(node=0|zone=2) [ 12.565163] page_type: f5(slab) [ 12.565395] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.565724] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.566135] page dumped because: kasan: bad access detected [ 12.566472] [ 12.566599] Memory state around the buggy address: [ 12.566906] ffff88810261cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.567315] ffff88810261cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.567562] >ffff88810261ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.567797] ^ [ 12.567947] ffff88810261ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.568208] ffff88810261cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.568436] ================================================================== [ 12.595859] ================================================================== [ 12.596393] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 12.597100] Read of size 1 at addr ffff88810261ce78 by task kunit_try_catch/201 [ 12.597364] [ 12.597525] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.597601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.597624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.597671] Call Trace: [ 12.597699] <TASK> [ 12.597728] dump_stack_lvl+0x73/0xb0 [ 12.597785] print_report+0xd1/0x640 [ 12.597829] ? __virt_addr_valid+0x1db/0x2d0 [ 12.597876] ? ksize_uaf+0x5e6/0x6c0 [ 12.597925] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.597972] ? ksize_uaf+0x5e6/0x6c0 [ 12.598013] kasan_report+0x140/0x180 [ 12.598093] ? ksize_uaf+0x5e6/0x6c0 [ 12.598147] __asan_report_load1_noabort+0x18/0x20 [ 12.598195] ksize_uaf+0x5e6/0x6c0 [ 12.598235] ? __pfx_ksize_uaf+0x10/0x10 [ 12.598278] ? __schedule+0xc49/0x27a0 [ 12.598323] ? __pfx_read_tsc+0x10/0x10 [ 12.598364] ? ktime_get_ts64+0x84/0x230 [ 12.598422] kunit_try_run_case+0x1a6/0x480 [ 12.598469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.598512] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.598555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.598601] ? __kthread_parkme+0x82/0x160 [ 12.598642] ? preempt_count_sub+0x50/0x80 [ 12.598702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.598746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.598798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.598840] kthread+0x257/0x310 [ 12.598870] ? __pfx_kthread+0x10/0x10 [ 12.598904] ret_from_fork+0x41/0x80 [ 12.598938] ? __pfx_kthread+0x10/0x10 [ 12.598968] ret_from_fork_asm+0x1a/0x30 [ 12.599012] </TASK> [ 12.599031] [ 12.606787] Allocated by task 201: [ 12.607024] kasan_save_stack+0x45/0x70 [ 12.607257] kasan_save_track+0x18/0x40 [ 12.607518] kasan_save_alloc_info+0x3b/0x50 [ 12.607837] __kasan_kmalloc+0xb7/0xc0 [ 12.608036] __kmalloc_cache_noprof+0x168/0x350 [ 12.608286] ksize_uaf+0xab/0x6c0 [ 12.608481] kunit_try_run_case+0x1a6/0x480 [ 12.608729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.608930] kthread+0x257/0x310 [ 12.609116] ret_from_fork+0x41/0x80 [ 12.609281] ret_from_fork_asm+0x1a/0x30 [ 12.609448] [ 12.609546] Freed by task 201: [ 12.609689] kasan_save_stack+0x45/0x70 [ 12.609976] kasan_save_track+0x18/0x40 [ 12.610345] kasan_save_free_info+0x3f/0x60 [ 12.610678] __kasan_slab_free+0x56/0x70 [ 12.610990] kfree+0x123/0x3d0 [ 12.611270] ksize_uaf+0x12d/0x6c0 [ 12.611512] kunit_try_run_case+0x1a6/0x480 [ 12.611824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.612217] kthread+0x257/0x310 [ 12.612476] ret_from_fork+0x41/0x80 [ 12.612735] ret_from_fork_asm+0x1a/0x30 [ 12.613011] [ 12.613187] The buggy address belongs to the object at ffff88810261ce00 [ 12.613187] which belongs to the cache kmalloc-128 of size 128 [ 12.613615] The buggy address is located 120 bytes inside of [ 12.613615] freed 128-byte region [ffff88810261ce00, ffff88810261ce80) [ 12.613994] [ 12.614170] The buggy address belongs to the physical page: [ 12.614512] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.614985] flags: 0x200000000000000(node=0|zone=2) [ 12.615354] page_type: f5(slab) [ 12.615620] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.616019] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.616291] page dumped because: kasan: bad access detected [ 12.616478] [ 12.616576] Memory state around the buggy address: [ 12.616763] ffff88810261cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.617001] ffff88810261cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.617259] >ffff88810261ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.617487] ^ [ 12.617919] ffff88810261ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.618423] ffff88810261cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.618912] ================================================================== [ 12.569146] ================================================================== [ 12.569681] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 12.570117] Read of size 1 at addr ffff88810261ce00 by task kunit_try_catch/201 [ 12.570594] [ 12.571184] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.571277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.571301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.571337] Call Trace: [ 12.571365] <TASK> [ 12.571394] dump_stack_lvl+0x73/0xb0 [ 12.571451] print_report+0xd1/0x640 [ 12.571497] ? __virt_addr_valid+0x1db/0x2d0 [ 12.571544] ? ksize_uaf+0x600/0x6c0 [ 12.571580] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.571622] ? ksize_uaf+0x600/0x6c0 [ 12.571670] kasan_report+0x140/0x180 [ 12.571711] ? ksize_uaf+0x600/0x6c0 [ 12.571751] __asan_report_load1_noabort+0x18/0x20 [ 12.571785] ksize_uaf+0x600/0x6c0 [ 12.571812] ? __pfx_ksize_uaf+0x10/0x10 [ 12.571845] ? __schedule+0xc49/0x27a0 [ 12.571884] ? __pfx_read_tsc+0x10/0x10 [ 12.571919] ? ktime_get_ts64+0x84/0x230 [ 12.571968] kunit_try_run_case+0x1a6/0x480 [ 12.572003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572037] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.572110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.572150] ? __kthread_parkme+0x82/0x160 [ 12.572184] ? preempt_count_sub+0x50/0x80 [ 12.572227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.572265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.572308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.572349] kthread+0x257/0x310 [ 12.572379] ? __pfx_kthread+0x10/0x10 [ 12.572412] ret_from_fork+0x41/0x80 [ 12.572446] ? __pfx_kthread+0x10/0x10 [ 12.572478] ret_from_fork_asm+0x1a/0x30 [ 12.572530] </TASK> [ 12.572552] [ 12.579342] Allocated by task 201: [ 12.579513] kasan_save_stack+0x45/0x70 [ 12.579713] kasan_save_track+0x18/0x40 [ 12.579972] kasan_save_alloc_info+0x3b/0x50 [ 12.580281] __kasan_kmalloc+0xb7/0xc0 [ 12.580537] __kmalloc_cache_noprof+0x168/0x350 [ 12.580845] ksize_uaf+0xab/0x6c0 [ 12.581131] kunit_try_run_case+0x1a6/0x480 [ 12.581445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.581820] kthread+0x257/0x310 [ 12.582101] ret_from_fork+0x41/0x80 [ 12.582388] ret_from_fork_asm+0x1a/0x30 [ 12.582678] [ 12.582825] Freed by task 201: [ 12.583081] kasan_save_stack+0x45/0x70 [ 12.583387] kasan_save_track+0x18/0x40 [ 12.583665] kasan_save_free_info+0x3f/0x60 [ 12.583947] __kasan_slab_free+0x56/0x70 [ 12.584267] kfree+0x123/0x3d0 [ 12.584465] ksize_uaf+0x12d/0x6c0 [ 12.584599] kunit_try_run_case+0x1a6/0x480 [ 12.584909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.585251] kthread+0x257/0x310 [ 12.585402] ret_from_fork+0x41/0x80 [ 12.585651] ret_from_fork_asm+0x1a/0x30 [ 12.585935] [ 12.586119] The buggy address belongs to the object at ffff88810261ce00 [ 12.586119] which belongs to the cache kmalloc-128 of size 128 [ 12.586607] The buggy address is located 0 bytes inside of [ 12.586607] freed 128-byte region [ffff88810261ce00, ffff88810261ce80) [ 12.587208] [ 12.587356] The buggy address belongs to the physical page: [ 12.587600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.588084] flags: 0x200000000000000(node=0|zone=2) [ 12.588326] page_type: f5(slab) [ 12.588541] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.588810] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.589075] page dumped because: kasan: bad access detected [ 12.589265] [ 12.589363] Memory state around the buggy address: [ 12.589543] ffff88810261cd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.589907] ffff88810261cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.590430] >ffff88810261ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.590925] ^ [ 12.591204] ffff88810261ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.591685] ffff88810261cf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.592178] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.514874] ================================================================== [ 12.515650] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.516129] Read of size 1 at addr ffff88810261cc7f by task kunit_try_catch/199 [ 12.516377] [ 12.516498] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.516574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.516597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.516634] Call Trace: [ 12.516882] <TASK> [ 12.516929] dump_stack_lvl+0x73/0xb0 [ 12.516990] print_report+0xd1/0x640 [ 12.517036] ? __virt_addr_valid+0x1db/0x2d0 [ 12.517179] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.517220] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.517254] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.517287] kasan_report+0x140/0x180 [ 12.517314] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.517337] __asan_report_load1_noabort+0x18/0x20 [ 12.517356] ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.517376] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.517394] ? finish_task_switch.isra.0+0x153/0x700 [ 12.517415] ? __switch_to+0x5d9/0xf60 [ 12.517438] ? __schedule+0xc49/0x27a0 [ 12.517457] ? __pfx_read_tsc+0x10/0x10 [ 12.517475] ? ktime_get_ts64+0x84/0x230 [ 12.517499] kunit_try_run_case+0x1a6/0x480 [ 12.517519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.517537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.517556] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.517580] ? __kthread_parkme+0x82/0x160 [ 12.517599] ? preempt_count_sub+0x50/0x80 [ 12.517619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.517637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.517673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.517699] kthread+0x257/0x310 [ 12.517716] ? __pfx_kthread+0x10/0x10 [ 12.517734] ret_from_fork+0x41/0x80 [ 12.517753] ? __pfx_kthread+0x10/0x10 [ 12.517770] ret_from_fork_asm+0x1a/0x30 [ 12.517798] </TASK> [ 12.517810] [ 12.528002] Allocated by task 199: [ 12.528387] kasan_save_stack+0x45/0x70 [ 12.528582] kasan_save_track+0x18/0x40 [ 12.528755] kasan_save_alloc_info+0x3b/0x50 [ 12.529207] __kasan_kmalloc+0xb7/0xc0 [ 12.529523] __kmalloc_cache_noprof+0x168/0x350 [ 12.529868] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.530624] kunit_try_run_case+0x1a6/0x480 [ 12.530996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.531255] kthread+0x257/0x310 [ 12.531525] ret_from_fork+0x41/0x80 [ 12.531745] ret_from_fork_asm+0x1a/0x30 [ 12.532032] [ 12.532150] The buggy address belongs to the object at ffff88810261cc00 [ 12.532150] which belongs to the cache kmalloc-128 of size 128 [ 12.532903] The buggy address is located 12 bytes to the right of [ 12.532903] allocated 115-byte region [ffff88810261cc00, ffff88810261cc73) [ 12.533530] [ 12.533708] The buggy address belongs to the physical page: [ 12.534231] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.534670] flags: 0x200000000000000(node=0|zone=2) [ 12.535033] page_type: f5(slab) [ 12.535322] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.535848] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.536733] page dumped because: kasan: bad access detected [ 12.537256] [ 12.537413] Memory state around the buggy address: [ 12.537738] ffff88810261cb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.538323] ffff88810261cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.538644] >ffff88810261cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.539179] ^ [ 12.539602] ffff88810261cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.539951] ffff88810261cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.540517] ================================================================== [ 12.464493] ================================================================== [ 12.464966] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 12.465706] Read of size 1 at addr ffff88810261cc73 by task kunit_try_catch/199 [ 12.466353] [ 12.466549] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.466633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.466668] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.466706] Call Trace: [ 12.466732] <TASK> [ 12.466763] dump_stack_lvl+0x73/0xb0 [ 12.466812] print_report+0xd1/0x640 [ 12.466846] ? __virt_addr_valid+0x1db/0x2d0 [ 12.466884] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.466918] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.466961] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.466999] kasan_report+0x140/0x180 [ 12.467044] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.467141] __asan_report_load1_noabort+0x18/0x20 [ 12.467174] ksize_unpoisons_memory+0x81e/0x9b0 [ 12.467206] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.467235] ? finish_task_switch.isra.0+0x153/0x700 [ 12.467271] ? __switch_to+0x5d9/0xf60 [ 12.467300] ? __schedule+0xc49/0x27a0 [ 12.467320] ? __pfx_read_tsc+0x10/0x10 [ 12.467338] ? ktime_get_ts64+0x84/0x230 [ 12.467363] kunit_try_run_case+0x1a6/0x480 [ 12.467384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.467421] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.467444] ? __kthread_parkme+0x82/0x160 [ 12.467462] ? preempt_count_sub+0x50/0x80 [ 12.467482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.467500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.467523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.467546] kthread+0x257/0x310 [ 12.467563] ? __pfx_kthread+0x10/0x10 [ 12.467581] ret_from_fork+0x41/0x80 [ 12.467599] ? __pfx_kthread+0x10/0x10 [ 12.467616] ret_from_fork_asm+0x1a/0x30 [ 12.467645] </TASK> [ 12.467672] [ 12.475579] Allocated by task 199: [ 12.475873] kasan_save_stack+0x45/0x70 [ 12.476185] kasan_save_track+0x18/0x40 [ 12.476468] kasan_save_alloc_info+0x3b/0x50 [ 12.476795] __kasan_kmalloc+0xb7/0xc0 [ 12.477063] __kmalloc_cache_noprof+0x168/0x350 [ 12.477325] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.477493] kunit_try_run_case+0x1a6/0x480 [ 12.478012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.478383] kthread+0x257/0x310 [ 12.478541] ret_from_fork+0x41/0x80 [ 12.478825] ret_from_fork_asm+0x1a/0x30 [ 12.479228] [ 12.479364] The buggy address belongs to the object at ffff88810261cc00 [ 12.479364] which belongs to the cache kmalloc-128 of size 128 [ 12.479853] The buggy address is located 0 bytes to the right of [ 12.479853] allocated 115-byte region [ffff88810261cc00, ffff88810261cc73) [ 12.480346] [ 12.480452] The buggy address belongs to the physical page: [ 12.480802] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.481418] flags: 0x200000000000000(node=0|zone=2) [ 12.481779] page_type: f5(slab) [ 12.482056] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.482731] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.483341] page dumped because: kasan: bad access detected [ 12.483614] [ 12.483772] Memory state around the buggy address: [ 12.484023] ffff88810261cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.484386] ffff88810261cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.484835] >ffff88810261cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.485390] ^ [ 12.485773] ffff88810261cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.486284] ffff88810261cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.486624] ================================================================== [ 12.488517] ================================================================== [ 12.488993] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.489614] Read of size 1 at addr ffff88810261cc78 by task kunit_try_catch/199 [ 12.489870] [ 12.490006] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.490096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.490120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.490156] Call Trace: [ 12.490182] <TASK> [ 12.490208] dump_stack_lvl+0x73/0xb0 [ 12.490758] print_report+0xd1/0x640 [ 12.490788] ? __virt_addr_valid+0x1db/0x2d0 [ 12.490812] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.490832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.490854] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.490874] kasan_report+0x140/0x180 [ 12.490896] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.490920] __asan_report_load1_noabort+0x18/0x20 [ 12.490940] ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.490959] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.490978] ? finish_task_switch.isra.0+0x153/0x700 [ 12.490998] ? __switch_to+0x5d9/0xf60 [ 12.491021] ? __schedule+0xc49/0x27a0 [ 12.491040] ? __pfx_read_tsc+0x10/0x10 [ 12.491058] ? ktime_get_ts64+0x84/0x230 [ 12.491082] kunit_try_run_case+0x1a6/0x480 [ 12.491102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491121] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.491141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.491164] ? __kthread_parkme+0x82/0x160 [ 12.491182] ? preempt_count_sub+0x50/0x80 [ 12.491203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.491222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.491246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.491270] kthread+0x257/0x310 [ 12.491287] ? __pfx_kthread+0x10/0x10 [ 12.491305] ret_from_fork+0x41/0x80 [ 12.491323] ? __pfx_kthread+0x10/0x10 [ 12.491341] ret_from_fork_asm+0x1a/0x30 [ 12.491370] </TASK> [ 12.491381] [ 12.500713] Allocated by task 199: [ 12.500875] kasan_save_stack+0x45/0x70 [ 12.501356] kasan_save_track+0x18/0x40 [ 12.501746] kasan_save_alloc_info+0x3b/0x50 [ 12.502218] __kasan_kmalloc+0xb7/0xc0 [ 12.502560] __kmalloc_cache_noprof+0x168/0x350 [ 12.502935] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.503440] kunit_try_run_case+0x1a6/0x480 [ 12.503775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.503988] kthread+0x257/0x310 [ 12.504747] ret_from_fork+0x41/0x80 [ 12.505080] ret_from_fork_asm+0x1a/0x30 [ 12.505540] [ 12.505731] The buggy address belongs to the object at ffff88810261cc00 [ 12.505731] which belongs to the cache kmalloc-128 of size 128 [ 12.506287] The buggy address is located 5 bytes to the right of [ 12.506287] allocated 115-byte region [ffff88810261cc00, ffff88810261cc73) [ 12.507041] [ 12.507216] The buggy address belongs to the physical page: [ 12.507551] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.508039] flags: 0x200000000000000(node=0|zone=2) [ 12.508538] page_type: f5(slab) [ 12.508820] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.509277] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.509770] page dumped because: kasan: bad access detected [ 12.510461] [ 12.510650] Memory state around the buggy address: [ 12.510986] ffff88810261cb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.511487] ffff88810261cb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.511883] >ffff88810261cc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.512335] ^ [ 12.512783] ffff88810261cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.513339] ffff88810261cd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.513720] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.388614] ================================================================== [ 12.389091] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 12.389562] Read of size 1 at addr ffff88810261a7a8 by task kunit_try_catch/193 [ 12.389897] [ 12.390040] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.390137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.390158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.390193] Call Trace: [ 12.390238] <TASK> [ 12.390267] dump_stack_lvl+0x73/0xb0 [ 12.390330] print_report+0xd1/0x640 [ 12.390373] ? __virt_addr_valid+0x1db/0x2d0 [ 12.390429] ? kmalloc_uaf2+0x4aa/0x520 [ 12.390469] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.390528] ? kmalloc_uaf2+0x4aa/0x520 [ 12.390566] kasan_report+0x140/0x180 [ 12.390628] ? kmalloc_uaf2+0x4aa/0x520 [ 12.390687] __asan_report_load1_noabort+0x18/0x20 [ 12.390732] kmalloc_uaf2+0x4aa/0x520 [ 12.390776] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.390814] ? finish_task_switch.isra.0+0x153/0x700 [ 12.390857] ? __switch_to+0x5d9/0xf60 [ 12.390906] ? __schedule+0xc49/0x27a0 [ 12.390941] ? __pfx_read_tsc+0x10/0x10 [ 12.390969] ? ktime_get_ts64+0x84/0x230 [ 12.390994] kunit_try_run_case+0x1a6/0x480 [ 12.391016] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.391035] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.391075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.391123] ? __kthread_parkme+0x82/0x160 [ 12.391142] ? preempt_count_sub+0x50/0x80 [ 12.391163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.391182] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.391206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.391230] kthread+0x257/0x310 [ 12.391247] ? __pfx_kthread+0x10/0x10 [ 12.391265] ret_from_fork+0x41/0x80 [ 12.391284] ? __pfx_kthread+0x10/0x10 [ 12.391302] ret_from_fork_asm+0x1a/0x30 [ 12.391331] </TASK> [ 12.391342] [ 12.400208] Allocated by task 193: [ 12.400487] kasan_save_stack+0x45/0x70 [ 12.400775] kasan_save_track+0x18/0x40 [ 12.401131] kasan_save_alloc_info+0x3b/0x50 [ 12.401316] __kasan_kmalloc+0xb7/0xc0 [ 12.401484] __kmalloc_cache_noprof+0x168/0x350 [ 12.401674] kmalloc_uaf2+0xc7/0x520 [ 12.402177] kunit_try_run_case+0x1a6/0x480 [ 12.402523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.402970] kthread+0x257/0x310 [ 12.403272] ret_from_fork+0x41/0x80 [ 12.403591] ret_from_fork_asm+0x1a/0x30 [ 12.403966] [ 12.404174] Freed by task 193: [ 12.404433] kasan_save_stack+0x45/0x70 [ 12.404742] kasan_save_track+0x18/0x40 [ 12.405076] kasan_save_free_info+0x3f/0x60 [ 12.405420] __kasan_slab_free+0x56/0x70 [ 12.405754] kfree+0x123/0x3d0 [ 12.406074] kmalloc_uaf2+0x14d/0x520 [ 12.406400] kunit_try_run_case+0x1a6/0x480 [ 12.406679] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.406994] kthread+0x257/0x310 [ 12.407293] ret_from_fork+0x41/0x80 [ 12.407484] ret_from_fork_asm+0x1a/0x30 [ 12.407668] [ 12.407770] The buggy address belongs to the object at ffff88810261a780 [ 12.407770] which belongs to the cache kmalloc-64 of size 64 [ 12.408210] The buggy address is located 40 bytes inside of [ 12.408210] freed 64-byte region [ffff88810261a780, ffff88810261a7c0) [ 12.409017] [ 12.409233] The buggy address belongs to the physical page: [ 12.409600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261a [ 12.410191] flags: 0x200000000000000(node=0|zone=2) [ 12.410489] page_type: f5(slab) [ 12.410649] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.410910] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 12.411180] page dumped because: kasan: bad access detected [ 12.411404] [ 12.411547] Memory state around the buggy address: [ 12.411965] ffff88810261a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.412522] ffff88810261a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.413017] >ffff88810261a780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.413490] ^ [ 12.413835] ffff88810261a800: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.414326] ffff88810261a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.414823] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.356955] ================================================================== [ 12.357477] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 12.357707] Write of size 33 at addr ffff88810261a700 by task kunit_try_catch/191 [ 12.358169] [ 12.358289] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.358366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.358388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.358425] Call Trace: [ 12.358450] <TASK> [ 12.358479] dump_stack_lvl+0x73/0xb0 [ 12.358531] print_report+0xd1/0x640 [ 12.358568] ? __virt_addr_valid+0x1db/0x2d0 [ 12.358609] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.358643] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.358723] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.358767] kasan_report+0x140/0x180 [ 12.358813] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.358866] kasan_check_range+0x10c/0x1c0 [ 12.358908] __asan_memset+0x27/0x50 [ 12.358949] kmalloc_uaf_memset+0x1a4/0x360 [ 12.358994] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.359039] ? __schedule+0xc49/0x27a0 [ 12.359115] ? __pfx_read_tsc+0x10/0x10 [ 12.359145] ? ktime_get_ts64+0x84/0x230 [ 12.359190] kunit_try_run_case+0x1a6/0x480 [ 12.359226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.359256] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.359291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.359334] ? __kthread_parkme+0x82/0x160 [ 12.359363] ? preempt_count_sub+0x50/0x80 [ 12.359398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.359429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.359470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.359508] kthread+0x257/0x310 [ 12.359540] ? __pfx_kthread+0x10/0x10 [ 12.359574] ret_from_fork+0x41/0x80 [ 12.359609] ? __pfx_kthread+0x10/0x10 [ 12.359641] ret_from_fork_asm+0x1a/0x30 [ 12.359704] </TASK> [ 12.359725] [ 12.367788] Allocated by task 191: [ 12.368169] kasan_save_stack+0x45/0x70 [ 12.368406] kasan_save_track+0x18/0x40 [ 12.368577] kasan_save_alloc_info+0x3b/0x50 [ 12.368758] __kasan_kmalloc+0xb7/0xc0 [ 12.368920] __kmalloc_cache_noprof+0x168/0x350 [ 12.369104] kmalloc_uaf_memset+0xaa/0x360 [ 12.369389] kunit_try_run_case+0x1a6/0x480 [ 12.369714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.370108] kthread+0x257/0x310 [ 12.370420] ret_from_fork+0x41/0x80 [ 12.371220] ret_from_fork_asm+0x1a/0x30 [ 12.371478] [ 12.371620] Freed by task 191: [ 12.371850] kasan_save_stack+0x45/0x70 [ 12.372023] kasan_save_track+0x18/0x40 [ 12.372320] kasan_save_free_info+0x3f/0x60 [ 12.372511] __kasan_slab_free+0x56/0x70 [ 12.372797] kfree+0x123/0x3d0 [ 12.372974] kmalloc_uaf_memset+0x12c/0x360 [ 12.373385] kunit_try_run_case+0x1a6/0x480 [ 12.373597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.373947] kthread+0x257/0x310 [ 12.374278] ret_from_fork+0x41/0x80 [ 12.374523] ret_from_fork_asm+0x1a/0x30 [ 12.374850] [ 12.374991] The buggy address belongs to the object at ffff88810261a700 [ 12.374991] which belongs to the cache kmalloc-64 of size 64 [ 12.375455] The buggy address is located 0 bytes inside of [ 12.375455] freed 64-byte region [ffff88810261a700, ffff88810261a740) [ 12.376096] [ 12.376238] The buggy address belongs to the physical page: [ 12.376481] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261a [ 12.377317] flags: 0x200000000000000(node=0|zone=2) [ 12.377692] page_type: f5(slab) [ 12.377963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.378400] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 12.378646] page dumped because: kasan: bad access detected [ 12.379019] [ 12.379272] Memory state around the buggy address: [ 12.379603] ffff88810261a600: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 12.380073] ffff88810261a680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.380527] >ffff88810261a700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.380885] ^ [ 12.381042] ffff88810261a780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.381828] ffff88810261a800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.382164] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.325004] ================================================================== [ 12.325598] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 12.326030] Read of size 1 at addr ffff8881024e41a8 by task kunit_try_catch/189 [ 12.326370] [ 12.326804] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.326888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.326903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.326932] Call Trace: [ 12.326949] <TASK> [ 12.326967] dump_stack_lvl+0x73/0xb0 [ 12.326999] print_report+0xd1/0x640 [ 12.327029] ? __virt_addr_valid+0x1db/0x2d0 [ 12.327063] ? kmalloc_uaf+0x322/0x380 [ 12.327486] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.327530] ? kmalloc_uaf+0x322/0x380 [ 12.327562] kasan_report+0x140/0x180 [ 12.327588] ? kmalloc_uaf+0x322/0x380 [ 12.327612] __asan_report_load1_noabort+0x18/0x20 [ 12.327632] kmalloc_uaf+0x322/0x380 [ 12.327652] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.327696] ? __schedule+0xc49/0x27a0 [ 12.327718] ? __pfx_read_tsc+0x10/0x10 [ 12.327738] ? ktime_get_ts64+0x84/0x230 [ 12.327763] kunit_try_run_case+0x1a6/0x480 [ 12.327786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.327804] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.327824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.327846] ? __kthread_parkme+0x82/0x160 [ 12.327865] ? preempt_count_sub+0x50/0x80 [ 12.327887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.327906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.327929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.327953] kthread+0x257/0x310 [ 12.327970] ? __pfx_kthread+0x10/0x10 [ 12.327987] ret_from_fork+0x41/0x80 [ 12.328006] ? __pfx_kthread+0x10/0x10 [ 12.328023] ret_from_fork_asm+0x1a/0x30 [ 12.328067] </TASK> [ 12.328150] [ 12.336211] Allocated by task 189: [ 12.336473] kasan_save_stack+0x45/0x70 [ 12.336689] kasan_save_track+0x18/0x40 [ 12.336947] kasan_save_alloc_info+0x3b/0x50 [ 12.337335] __kasan_kmalloc+0xb7/0xc0 [ 12.337516] __kmalloc_cache_noprof+0x168/0x350 [ 12.337710] kmalloc_uaf+0xab/0x380 [ 12.337861] kunit_try_run_case+0x1a6/0x480 [ 12.338576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.338993] kthread+0x257/0x310 [ 12.339253] ret_from_fork+0x41/0x80 [ 12.339649] ret_from_fork_asm+0x1a/0x30 [ 12.339963] [ 12.340092] Freed by task 189: [ 12.340259] kasan_save_stack+0x45/0x70 [ 12.340480] kasan_save_track+0x18/0x40 [ 12.340715] kasan_save_free_info+0x3f/0x60 [ 12.341008] __kasan_slab_free+0x56/0x70 [ 12.341229] kfree+0x123/0x3d0 [ 12.341389] kmalloc_uaf+0x12d/0x380 [ 12.341627] kunit_try_run_case+0x1a6/0x480 [ 12.342022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.342406] kthread+0x257/0x310 [ 12.342609] ret_from_fork+0x41/0x80 [ 12.342823] ret_from_fork_asm+0x1a/0x30 [ 12.342997] [ 12.343227] The buggy address belongs to the object at ffff8881024e41a0 [ 12.343227] which belongs to the cache kmalloc-16 of size 16 [ 12.343975] The buggy address is located 8 bytes inside of [ 12.343975] freed 16-byte region [ffff8881024e41a0, ffff8881024e41b0) [ 12.345095] [ 12.345267] The buggy address belongs to the physical page: [ 12.345755] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 12.346127] flags: 0x200000000000000(node=0|zone=2) [ 12.346546] page_type: f5(slab) [ 12.346818] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.347098] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 12.347466] page dumped because: kasan: bad access detected [ 12.347828] [ 12.347966] Memory state around the buggy address: [ 12.348420] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 12.348881] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.349734] >ffff8881024e4180: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.350071] ^ [ 12.350530] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.350817] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.351355] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.293010] ================================================================== [ 12.293525] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 12.294064] Read of size 64 at addr ffff888102978d84 by task kunit_try_catch/187 [ 12.294525] [ 12.294918] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.295010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.295030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.295062] Call Trace: [ 12.295087] <TASK> [ 12.295115] dump_stack_lvl+0x73/0xb0 [ 12.295192] print_report+0xd1/0x640 [ 12.295383] ? __virt_addr_valid+0x1db/0x2d0 [ 12.295424] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.295460] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.295497] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.295560] kasan_report+0x140/0x180 [ 12.295599] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.295644] kasan_check_range+0x10c/0x1c0 [ 12.295698] __asan_memmove+0x27/0x70 [ 12.295733] kmalloc_memmove_invalid_size+0x170/0x330 [ 12.295770] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.295808] ? __schedule+0xc49/0x27a0 [ 12.295865] ? __pfx_read_tsc+0x10/0x10 [ 12.295901] ? ktime_get_ts64+0x84/0x230 [ 12.295950] kunit_try_run_case+0x1a6/0x480 [ 12.295988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.296022] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.296074] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.296115] ? __kthread_parkme+0x82/0x160 [ 12.296264] ? preempt_count_sub+0x50/0x80 [ 12.296307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.296327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.296350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.296374] kthread+0x257/0x310 [ 12.296391] ? __pfx_kthread+0x10/0x10 [ 12.296408] ret_from_fork+0x41/0x80 [ 12.296426] ? __pfx_kthread+0x10/0x10 [ 12.296442] ret_from_fork_asm+0x1a/0x30 [ 12.296470] </TASK> [ 12.296483] [ 12.306669] Allocated by task 187: [ 12.306849] kasan_save_stack+0x45/0x70 [ 12.307051] kasan_save_track+0x18/0x40 [ 12.307505] kasan_save_alloc_info+0x3b/0x50 [ 12.307816] __kasan_kmalloc+0xb7/0xc0 [ 12.308099] __kmalloc_cache_noprof+0x168/0x350 [ 12.308605] kmalloc_memmove_invalid_size+0xad/0x330 [ 12.308968] kunit_try_run_case+0x1a6/0x480 [ 12.309237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.309853] kthread+0x257/0x310 [ 12.310326] ret_from_fork+0x41/0x80 [ 12.310770] ret_from_fork_asm+0x1a/0x30 [ 12.310944] [ 12.311038] The buggy address belongs to the object at ffff888102978d80 [ 12.311038] which belongs to the cache kmalloc-64 of size 64 [ 12.311768] The buggy address is located 4 bytes inside of [ 12.311768] allocated 64-byte region [ffff888102978d80, ffff888102978dc0) [ 12.313051] [ 12.313505] The buggy address belongs to the physical page: [ 12.313751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102978 [ 12.314378] flags: 0x200000000000000(node=0|zone=2) [ 12.314839] page_type: f5(slab) [ 12.315061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.315797] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 12.316177] page dumped because: kasan: bad access detected [ 12.316552] [ 12.316719] Memory state around the buggy address: [ 12.316975] ffff888102978c80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.317313] ffff888102978d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.317744] >ffff888102978d80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.318229] ^ [ 12.318547] ffff888102978e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.319401] ffff888102978e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.319977] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.261688] ================================================================== [ 12.262152] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 12.262721] Read of size 18446744073709551614 at addr ffff88810261a504 by task kunit_try_catch/185 [ 12.263232] [ 12.263767] CPU: 0 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.264150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.264187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.264225] Call Trace: [ 12.264251] <TASK> [ 12.264284] dump_stack_lvl+0x73/0xb0 [ 12.264345] print_report+0xd1/0x640 [ 12.264392] ? __virt_addr_valid+0x1db/0x2d0 [ 12.264437] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.264477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.264513] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.264568] kasan_report+0x140/0x180 [ 12.264592] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.264618] kasan_check_range+0x10c/0x1c0 [ 12.264638] __asan_memmove+0x27/0x70 [ 12.264677] kmalloc_memmove_negative_size+0x172/0x330 [ 12.264703] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.264725] ? __schedule+0xc49/0x27a0 [ 12.264745] ? __pfx_read_tsc+0x10/0x10 [ 12.264764] ? ktime_get_ts64+0x84/0x230 [ 12.264791] kunit_try_run_case+0x1a6/0x480 [ 12.264812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.264831] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.264851] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.264874] ? __kthread_parkme+0x82/0x160 [ 12.264893] ? preempt_count_sub+0x50/0x80 [ 12.264916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.264934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.264958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.264982] kthread+0x257/0x310 [ 12.265000] ? __pfx_kthread+0x10/0x10 [ 12.265017] ret_from_fork+0x41/0x80 [ 12.265036] ? __pfx_kthread+0x10/0x10 [ 12.265057] ret_from_fork_asm+0x1a/0x30 [ 12.265142] </TASK> [ 12.265164] [ 12.274781] Allocated by task 185: [ 12.275193] kasan_save_stack+0x45/0x70 [ 12.275484] kasan_save_track+0x18/0x40 [ 12.275754] kasan_save_alloc_info+0x3b/0x50 [ 12.276036] __kasan_kmalloc+0xb7/0xc0 [ 12.276343] __kmalloc_cache_noprof+0x168/0x350 [ 12.276534] kmalloc_memmove_negative_size+0xad/0x330 [ 12.276820] kunit_try_run_case+0x1a6/0x480 [ 12.277719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.278295] kthread+0x257/0x310 [ 12.278546] ret_from_fork+0x41/0x80 [ 12.278830] ret_from_fork_asm+0x1a/0x30 [ 12.279281] [ 12.279466] The buggy address belongs to the object at ffff88810261a500 [ 12.279466] which belongs to the cache kmalloc-64 of size 64 [ 12.279918] The buggy address is located 4 bytes inside of [ 12.279918] 64-byte region [ffff88810261a500, ffff88810261a540) [ 12.280783] [ 12.280961] The buggy address belongs to the physical page: [ 12.281419] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261a [ 12.281753] flags: 0x200000000000000(node=0|zone=2) [ 12.282554] page_type: f5(slab) [ 12.282873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.283374] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 12.283981] page dumped because: kasan: bad access detected [ 12.284493] [ 12.284634] Memory state around the buggy address: [ 12.284948] ffff88810261a400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.285414] ffff88810261a480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.285827] >ffff88810261a500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.286245] ^ [ 12.286500] ffff88810261a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.287441] ffff88810261a600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.287972] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.230510] ================================================================== [ 12.230972] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 12.231911] Write of size 16 at addr ffff88810297ab69 by task kunit_try_catch/183 [ 12.232413] [ 12.232548] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.232622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.232643] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.232692] Call Trace: [ 12.232716] <TASK> [ 12.232753] dump_stack_lvl+0x73/0xb0 [ 12.232818] print_report+0xd1/0x640 [ 12.232862] ? __virt_addr_valid+0x1db/0x2d0 [ 12.232904] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.232938] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.232971] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.233011] kasan_report+0x140/0x180 [ 12.233109] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.233173] kasan_check_range+0x10c/0x1c0 [ 12.233210] __asan_memset+0x27/0x50 [ 12.233247] kmalloc_oob_memset_16+0x167/0x330 [ 12.233284] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.233470] ? __schedule+0xc49/0x27a0 [ 12.233495] ? __pfx_read_tsc+0x10/0x10 [ 12.233514] ? ktime_get_ts64+0x84/0x230 [ 12.233540] kunit_try_run_case+0x1a6/0x480 [ 12.233563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.233580] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.233599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.233620] ? __kthread_parkme+0x82/0x160 [ 12.233639] ? preempt_count_sub+0x50/0x80 [ 12.233682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.233703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.233725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.233747] kthread+0x257/0x310 [ 12.233764] ? __pfx_kthread+0x10/0x10 [ 12.233781] ret_from_fork+0x41/0x80 [ 12.233798] ? __pfx_kthread+0x10/0x10 [ 12.233815] ret_from_fork_asm+0x1a/0x30 [ 12.233844] </TASK> [ 12.233857] [ 12.244345] Allocated by task 183: [ 12.244635] kasan_save_stack+0x45/0x70 [ 12.244969] kasan_save_track+0x18/0x40 [ 12.245467] kasan_save_alloc_info+0x3b/0x50 [ 12.245827] __kasan_kmalloc+0xb7/0xc0 [ 12.246236] __kmalloc_cache_noprof+0x168/0x350 [ 12.246448] kmalloc_oob_memset_16+0xad/0x330 [ 12.246642] kunit_try_run_case+0x1a6/0x480 [ 12.247091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247326] kthread+0x257/0x310 [ 12.247712] ret_from_fork+0x41/0x80 [ 12.247941] ret_from_fork_asm+0x1a/0x30 [ 12.248241] [ 12.248370] The buggy address belongs to the object at ffff88810297ab00 [ 12.248370] which belongs to the cache kmalloc-128 of size 128 [ 12.249284] The buggy address is located 105 bytes inside of [ 12.249284] allocated 120-byte region [ffff88810297ab00, ffff88810297ab78) [ 12.249744] [ 12.249917] The buggy address belongs to the physical page: [ 12.250580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297a [ 12.250880] flags: 0x200000000000000(node=0|zone=2) [ 12.251258] page_type: f5(slab) [ 12.251513] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.251797] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.252437] page dumped because: kasan: bad access detected [ 12.252814] [ 12.252914] Memory state around the buggy address: [ 12.253267] ffff88810297aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.253737] ffff88810297aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.254393] >ffff88810297ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.254740] ^ [ 12.255243] ffff88810297ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255666] ffff88810297ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255967] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-write-in-memset_orig
[ 12.424349] ================================================================== [ 12.425093] BUG: KFENCE: use-after-free write in memset_orig+0x72/0xb0 [ 12.425093] [ 12.425640] Use-after-free write at 0x(____ptrval____) (in kfence-#45): [ 12.426294] memset_orig+0x72/0xb0 [ 12.426587] kmalloc_double_kzfree+0x19d/0x360 [ 12.426903] kunit_try_run_case+0x1a6/0x480 [ 12.427392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.427639] kthread+0x257/0x310 [ 12.428006] ret_from_fork+0x41/0x80 [ 12.428672] ret_from_fork_asm+0x1a/0x30 [ 12.429050] [ 12.429591] kfence-#45: 0x(____ptrval____)-0x(____ptrval____), size=16, cache=kmalloc-16 [ 12.429591] [ 12.430542] allocated by task 197 on cpu 1 at 12.422899s (0.007436s ago): [ 12.431415] kmalloc_double_kzfree+0xaa/0x360 [ 12.431653] kunit_try_run_case+0x1a6/0x480 [ 12.431821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.432533] kthread+0x257/0x310 [ 12.432818] ret_from_fork+0x41/0x80 [ 12.432980] ret_from_fork_asm+0x1a/0x30 [ 12.433370] [ 12.433696] freed by task 197 on cpu 1 at 12.422979s (0.010575s ago): [ 12.434195] kfree_sensitive+0x67/0x90 [ 12.434499] kmalloc_double_kzfree+0x12c/0x360 [ 12.434982] kunit_try_run_case+0x1a6/0x480 [ 12.435499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435901] kthread+0x257/0x310 [ 12.436465] ret_from_fork+0x41/0x80 [ 12.436829] ret_from_fork_asm+0x1a/0x30 [ 12.437219] [ 12.437531] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.438215] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.438376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.439745] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.435142] ================================================================== [ 15.435538] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 15.436304] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.436870] [ 15.437021] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.437109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.437135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.437175] Call Trace: [ 15.437214] <TASK> [ 15.437251] dump_stack_lvl+0x73/0xb0 [ 15.437306] print_report+0xd1/0x640 [ 15.437582] ? __virt_addr_valid+0x1db/0x2d0 [ 15.437636] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.437696] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.437745] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.437786] kasan_report+0x140/0x180 [ 15.437836] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.437890] kasan_check_range+0x10c/0x1c0 [ 15.437952] __kasan_check_write+0x18/0x20 [ 15.438005] kasan_atomics_helper+0x16e8/0x5450 [ 15.438085] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.438126] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.438155] kasan_atomics+0x1dd/0x310 [ 15.438179] ? __pfx_kasan_atomics+0x10/0x10 [ 15.438203] ? __pfx_read_tsc+0x10/0x10 [ 15.438225] ? ktime_get_ts64+0x84/0x230 [ 15.438256] kunit_try_run_case+0x1a6/0x480 [ 15.438282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.438305] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.438329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.438357] ? __kthread_parkme+0x82/0x160 [ 15.438380] ? preempt_count_sub+0x50/0x80 [ 15.438405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.438428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.438456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.438486] kthread+0x257/0x310 [ 15.438506] ? __pfx_kthread+0x10/0x10 [ 15.438528] ret_from_fork+0x41/0x80 [ 15.438551] ? __pfx_kthread+0x10/0x10 [ 15.438572] ret_from_fork_asm+0x1a/0x30 [ 15.438605] </TASK> [ 15.438620] [ 15.448163] Allocated by task 270: [ 15.448457] kasan_save_stack+0x45/0x70 [ 15.449679] kasan_save_track+0x18/0x40 [ 15.450290] kasan_save_alloc_info+0x3b/0x50 [ 15.450732] __kasan_kmalloc+0xb7/0xc0 [ 15.451295] __kmalloc_cache_noprof+0x168/0x350 [ 15.451651] kasan_atomics+0x96/0x310 [ 15.451937] kunit_try_run_case+0x1a6/0x480 [ 15.452734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.452958] kthread+0x257/0x310 [ 15.453474] ret_from_fork+0x41/0x80 [ 15.453642] ret_from_fork_asm+0x1a/0x30 [ 15.454168] [ 15.454276] The buggy address belongs to the object at ffff888102635000 [ 15.454276] which belongs to the cache kmalloc-64 of size 64 [ 15.454876] The buggy address is located 0 bytes to the right of [ 15.454876] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.455607] [ 15.456085] The buggy address belongs to the physical page: [ 15.456768] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.457236] flags: 0x200000000000000(node=0|zone=2) [ 15.457475] page_type: f5(slab) [ 15.457750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.458171] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.458495] page dumped because: kasan: bad access detected [ 15.458815] [ 15.458928] Memory state around the buggy address: [ 15.459331] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.459745] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.460265] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.460703] ^ [ 15.461027] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.461347] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.461794] ================================================================== [ 14.822255] ================================================================== [ 14.822920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 14.823454] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.823955] [ 14.824160] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.824242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.824269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.824310] Call Trace: [ 14.824342] <TASK> [ 14.824374] dump_stack_lvl+0x73/0xb0 [ 14.824431] print_report+0xd1/0x640 [ 14.824478] ? __virt_addr_valid+0x1db/0x2d0 [ 14.824525] ? kasan_atomics_helper+0xac8/0x5450 [ 14.824568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.824616] ? kasan_atomics_helper+0xac8/0x5450 [ 14.824674] kasan_report+0x140/0x180 [ 14.824724] ? kasan_atomics_helper+0xac8/0x5450 [ 14.824784] kasan_check_range+0x10c/0x1c0 [ 14.824829] __kasan_check_write+0x18/0x20 [ 14.824872] kasan_atomics_helper+0xac8/0x5450 [ 14.824920] ? kasan_save_alloc_info+0x3b/0x50 [ 14.824964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.825015] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.825102] kasan_atomics+0x1dd/0x310 [ 14.825150] ? __pfx_kasan_atomics+0x10/0x10 [ 14.825196] ? __pfx_read_tsc+0x10/0x10 [ 14.825238] ? ktime_get_ts64+0x84/0x230 [ 14.825294] kunit_try_run_case+0x1a6/0x480 [ 14.825340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.825426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.825476] ? __kthread_parkme+0x82/0x160 [ 14.825511] ? preempt_count_sub+0x50/0x80 [ 14.825553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.825588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.825628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.825687] kthread+0x257/0x310 [ 14.825737] ? __pfx_kthread+0x10/0x10 [ 14.825777] ret_from_fork+0x41/0x80 [ 14.825826] ? __pfx_kthread+0x10/0x10 [ 14.825877] ret_from_fork_asm+0x1a/0x30 [ 14.825960] </TASK> [ 14.825989] [ 14.836039] Allocated by task 270: [ 14.836364] kasan_save_stack+0x45/0x70 [ 14.836719] kasan_save_track+0x18/0x40 [ 14.837042] kasan_save_alloc_info+0x3b/0x50 [ 14.837436] __kasan_kmalloc+0xb7/0xc0 [ 14.837788] __kmalloc_cache_noprof+0x168/0x350 [ 14.838256] kasan_atomics+0x96/0x310 [ 14.838554] kunit_try_run_case+0x1a6/0x480 [ 14.838898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.839333] kthread+0x257/0x310 [ 14.839525] ret_from_fork+0x41/0x80 [ 14.839743] ret_from_fork_asm+0x1a/0x30 [ 14.840109] [ 14.840265] The buggy address belongs to the object at ffff888102635000 [ 14.840265] which belongs to the cache kmalloc-64 of size 64 [ 14.841213] The buggy address is located 0 bytes to the right of [ 14.841213] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.841921] [ 14.842033] The buggy address belongs to the physical page: [ 14.842492] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.843024] flags: 0x200000000000000(node=0|zone=2) [ 14.843289] page_type: f5(slab) [ 14.843583] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.844021] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.844389] page dumped because: kasan: bad access detected [ 14.844717] [ 14.844881] Memory state around the buggy address: [ 14.845200] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845580] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846006] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.846471] ^ [ 14.846856] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847261] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.847611] ================================================================== [ 15.382726] ================================================================== [ 15.384313] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 15.384866] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.385405] [ 15.385590] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.385686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.385715] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.385759] Call Trace: [ 15.385796] <TASK> [ 15.385831] dump_stack_lvl+0x73/0xb0 [ 15.385888] print_report+0xd1/0x640 [ 15.385947] ? __virt_addr_valid+0x1db/0x2d0 [ 15.386002] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.386086] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.386139] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.386193] kasan_report+0x140/0x180 [ 15.386247] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.386303] kasan_check_range+0x10c/0x1c0 [ 15.386343] __kasan_check_write+0x18/0x20 [ 15.386382] kasan_atomics_helper+0x15b7/0x5450 [ 15.386453] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.386500] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.386554] kasan_atomics+0x1dd/0x310 [ 15.386609] ? __pfx_kasan_atomics+0x10/0x10 [ 15.386672] ? __pfx_read_tsc+0x10/0x10 [ 15.386709] ? ktime_get_ts64+0x84/0x230 [ 15.386765] kunit_try_run_case+0x1a6/0x480 [ 15.386824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.386877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.386924] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.386978] ? __kthread_parkme+0x82/0x160 [ 15.387016] ? preempt_count_sub+0x50/0x80 [ 15.387085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.387130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.387185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.387240] kthread+0x257/0x310 [ 15.387284] ? __pfx_kthread+0x10/0x10 [ 15.387328] ret_from_fork+0x41/0x80 [ 15.387372] ? __pfx_kthread+0x10/0x10 [ 15.387413] ret_from_fork_asm+0x1a/0x30 [ 15.387478] </TASK> [ 15.387506] [ 15.396234] Allocated by task 270: [ 15.396543] kasan_save_stack+0x45/0x70 [ 15.396880] kasan_save_track+0x18/0x40 [ 15.397156] kasan_save_alloc_info+0x3b/0x50 [ 15.397370] __kasan_kmalloc+0xb7/0xc0 [ 15.397562] __kmalloc_cache_noprof+0x168/0x350 [ 15.397792] kasan_atomics+0x96/0x310 [ 15.397997] kunit_try_run_case+0x1a6/0x480 [ 15.398358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.398777] kthread+0x257/0x310 [ 15.399099] ret_from_fork+0x41/0x80 [ 15.399410] ret_from_fork_asm+0x1a/0x30 [ 15.399734] [ 15.399901] The buggy address belongs to the object at ffff888102635000 [ 15.399901] which belongs to the cache kmalloc-64 of size 64 [ 15.400722] The buggy address is located 0 bytes to the right of [ 15.400722] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.401545] [ 15.401736] The buggy address belongs to the physical page: [ 15.402120] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.402541] flags: 0x200000000000000(node=0|zone=2) [ 15.402867] page_type: f5(slab) [ 15.403165] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.403539] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.403954] page dumped because: kasan: bad access detected [ 15.404364] [ 15.404526] Memory state around the buggy address: [ 15.404830] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405153] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405429] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.405936] ^ [ 15.406344] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.406822] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.407339] ================================================================== [ 14.516451] ================================================================== [ 14.516906] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 14.517198] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.517700] [ 14.517888] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.517984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.518011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.518087] Call Trace: [ 14.518149] <TASK> [ 14.518176] dump_stack_lvl+0x73/0xb0 [ 14.518230] print_report+0xd1/0x640 [ 14.518272] ? __virt_addr_valid+0x1db/0x2d0 [ 14.518307] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.518342] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.518381] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.518426] kasan_report+0x140/0x180 [ 14.518474] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.518526] __asan_report_load4_noabort+0x18/0x20 [ 14.518568] kasan_atomics_helper+0x4b56/0x5450 [ 14.518613] ? kasan_save_alloc_info+0x3b/0x50 [ 14.518646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.518718] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.518770] kasan_atomics+0x1dd/0x310 [ 14.518802] ? __pfx_kasan_atomics+0x10/0x10 [ 14.518834] ? __pfx_read_tsc+0x10/0x10 [ 14.518864] ? ktime_get_ts64+0x84/0x230 [ 14.518903] kunit_try_run_case+0x1a6/0x480 [ 14.518939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.518973] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.519013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.519054] ? __kthread_parkme+0x82/0x160 [ 14.519084] ? preempt_count_sub+0x50/0x80 [ 14.519177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.519218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.519266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.519315] kthread+0x257/0x310 [ 14.519352] ? __pfx_kthread+0x10/0x10 [ 14.519392] ret_from_fork+0x41/0x80 [ 14.519432] ? __pfx_kthread+0x10/0x10 [ 14.519472] ret_from_fork_asm+0x1a/0x30 [ 14.519529] </TASK> [ 14.519562] [ 14.529224] Allocated by task 270: [ 14.529401] kasan_save_stack+0x45/0x70 [ 14.532189] kasan_save_track+0x18/0x40 [ 14.532546] kasan_save_alloc_info+0x3b/0x50 [ 14.533588] __kasan_kmalloc+0xb7/0xc0 [ 14.533910] __kmalloc_cache_noprof+0x168/0x350 [ 14.534114] kasan_atomics+0x96/0x310 [ 14.534269] kunit_try_run_case+0x1a6/0x480 [ 14.534427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.534602] kthread+0x257/0x310 [ 14.536136] ret_from_fork+0x41/0x80 [ 14.536541] ret_from_fork_asm+0x1a/0x30 [ 14.537353] [ 14.538487] The buggy address belongs to the object at ffff888102635000 [ 14.538487] which belongs to the cache kmalloc-64 of size 64 [ 14.540339] The buggy address is located 0 bytes to the right of [ 14.540339] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.541409] [ 14.541530] The buggy address belongs to the physical page: [ 14.541882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.542300] flags: 0x200000000000000(node=0|zone=2) [ 14.542613] page_type: f5(slab) [ 14.542908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.544005] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.544850] page dumped because: kasan: bad access detected [ 14.545533] [ 14.545699] Memory state around the buggy address: [ 14.545877] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.546277] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.546600] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.546983] ^ [ 14.547331] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.547561] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.548443] ================================================================== [ 14.799526] ================================================================== [ 14.800439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 14.800785] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.801177] [ 14.801309] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.801389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.801416] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.801459] Call Trace: [ 14.801490] <TASK> [ 14.801523] dump_stack_lvl+0x73/0xb0 [ 14.801579] print_report+0xd1/0x640 [ 14.801628] ? __virt_addr_valid+0x1db/0x2d0 [ 14.801690] ? kasan_atomics_helper+0xa2c/0x5450 [ 14.801734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.801775] ? kasan_atomics_helper+0xa2c/0x5450 [ 14.801816] kasan_report+0x140/0x180 [ 14.801858] ? kasan_atomics_helper+0xa2c/0x5450 [ 14.801917] kasan_check_range+0x10c/0x1c0 [ 14.801959] __kasan_check_write+0x18/0x20 [ 14.801996] kasan_atomics_helper+0xa2c/0x5450 [ 14.802037] ? kasan_save_alloc_info+0x3b/0x50 [ 14.802107] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.802154] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.802203] kasan_atomics+0x1dd/0x310 [ 14.802240] ? __pfx_kasan_atomics+0x10/0x10 [ 14.802282] ? __pfx_read_tsc+0x10/0x10 [ 14.802317] ? ktime_get_ts64+0x84/0x230 [ 14.802364] kunit_try_run_case+0x1a6/0x480 [ 14.802405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.802442] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.802482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.802526] ? __kthread_parkme+0x82/0x160 [ 14.802562] ? preempt_count_sub+0x50/0x80 [ 14.802598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.802693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.802757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.802810] kthread+0x257/0x310 [ 14.802851] ? __pfx_kthread+0x10/0x10 [ 14.802894] ret_from_fork+0x41/0x80 [ 14.802934] ? __pfx_kthread+0x10/0x10 [ 14.802976] ret_from_fork_asm+0x1a/0x30 [ 14.803040] </TASK> [ 14.803097] [ 14.811397] Allocated by task 270: [ 14.811576] kasan_save_stack+0x45/0x70 [ 14.811793] kasan_save_track+0x18/0x40 [ 14.811964] kasan_save_alloc_info+0x3b/0x50 [ 14.812176] __kasan_kmalloc+0xb7/0xc0 [ 14.812340] __kmalloc_cache_noprof+0x168/0x350 [ 14.812700] kasan_atomics+0x96/0x310 [ 14.813006] kunit_try_run_case+0x1a6/0x480 [ 14.813370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.813764] kthread+0x257/0x310 [ 14.814083] ret_from_fork+0x41/0x80 [ 14.814380] ret_from_fork_asm+0x1a/0x30 [ 14.814710] [ 14.814869] The buggy address belongs to the object at ffff888102635000 [ 14.814869] which belongs to the cache kmalloc-64 of size 64 [ 14.815689] The buggy address is located 0 bytes to the right of [ 14.815689] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.816551] [ 14.816725] The buggy address belongs to the physical page: [ 14.816986] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.817273] flags: 0x200000000000000(node=0|zone=2) [ 14.817460] page_type: f5(slab) [ 14.817615] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.818172] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.818713] page dumped because: kasan: bad access detected [ 14.819127] [ 14.819288] Memory state around the buggy address: [ 14.819627] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820045] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.820430] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.820734] ^ [ 14.821075] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821316] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.821543] ================================================================== [ 14.602338] ================================================================== [ 14.602742] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 14.603629] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.604013] [ 14.604205] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.604283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.604304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.604344] Call Trace: [ 14.604379] <TASK> [ 14.604411] dump_stack_lvl+0x73/0xb0 [ 14.604682] print_report+0xd1/0x640 [ 14.604732] ? __virt_addr_valid+0x1db/0x2d0 [ 14.604780] ? kasan_atomics_helper+0x566/0x5450 [ 14.604830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.604866] ? kasan_atomics_helper+0x566/0x5450 [ 14.604906] kasan_report+0x140/0x180 [ 14.604947] ? kasan_atomics_helper+0x566/0x5450 [ 14.604991] kasan_check_range+0x10c/0x1c0 [ 14.605024] __kasan_check_write+0x18/0x20 [ 14.605060] kasan_atomics_helper+0x566/0x5450 [ 14.605251] ? kasan_save_alloc_info+0x3b/0x50 [ 14.605297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.605335] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.605378] kasan_atomics+0x1dd/0x310 [ 14.605414] ? __pfx_kasan_atomics+0x10/0x10 [ 14.605453] ? __pfx_read_tsc+0x10/0x10 [ 14.605490] ? ktime_get_ts64+0x84/0x230 [ 14.605538] kunit_try_run_case+0x1a6/0x480 [ 14.605579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605616] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.605656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.605715] ? __kthread_parkme+0x82/0x160 [ 14.605752] ? preempt_count_sub+0x50/0x80 [ 14.605798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.605836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.605864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.605891] kthread+0x257/0x310 [ 14.605922] ? __pfx_kthread+0x10/0x10 [ 14.605944] ret_from_fork+0x41/0x80 [ 14.605965] ? __pfx_kthread+0x10/0x10 [ 14.605984] ret_from_fork_asm+0x1a/0x30 [ 14.606016] </TASK> [ 14.606030] [ 14.616099] Allocated by task 270: [ 14.616291] kasan_save_stack+0x45/0x70 [ 14.616686] kasan_save_track+0x18/0x40 [ 14.616961] kasan_save_alloc_info+0x3b/0x50 [ 14.617374] __kasan_kmalloc+0xb7/0xc0 [ 14.617678] __kmalloc_cache_noprof+0x168/0x350 [ 14.617934] kasan_atomics+0x96/0x310 [ 14.618443] kunit_try_run_case+0x1a6/0x480 [ 14.618728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.618953] kthread+0x257/0x310 [ 14.619203] ret_from_fork+0x41/0x80 [ 14.619897] ret_from_fork_asm+0x1a/0x30 [ 14.620088] [ 14.620193] The buggy address belongs to the object at ffff888102635000 [ 14.620193] which belongs to the cache kmalloc-64 of size 64 [ 14.620798] The buggy address is located 0 bytes to the right of [ 14.620798] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.621571] [ 14.621747] The buggy address belongs to the physical page: [ 14.622002] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.622340] flags: 0x200000000000000(node=0|zone=2) [ 14.622657] page_type: f5(slab) [ 14.623471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.624203] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.624540] page dumped because: kasan: bad access detected [ 14.624874] [ 14.625026] Memory state around the buggy address: [ 14.625483] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.625973] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.626686] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.627008] ^ [ 14.627596] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.627945] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.628575] ================================================================== [ 15.162323] ================================================================== [ 15.162672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 15.163094] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.163425] [ 15.163605] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.163696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.163722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.163760] Call Trace: [ 15.163791] <TASK> [ 15.163819] dump_stack_lvl+0x73/0xb0 [ 15.163873] print_report+0xd1/0x640 [ 15.163917] ? __virt_addr_valid+0x1db/0x2d0 [ 15.163961] ? kasan_atomics_helper+0x1218/0x5450 [ 15.164001] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164045] ? kasan_atomics_helper+0x1218/0x5450 [ 15.164126] kasan_report+0x140/0x180 [ 15.164171] ? kasan_atomics_helper+0x1218/0x5450 [ 15.164224] kasan_check_range+0x10c/0x1c0 [ 15.164266] __kasan_check_write+0x18/0x20 [ 15.164302] kasan_atomics_helper+0x1218/0x5450 [ 15.164348] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.164392] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.164446] kasan_atomics+0x1dd/0x310 [ 15.164489] ? __pfx_kasan_atomics+0x10/0x10 [ 15.164530] ? __pfx_read_tsc+0x10/0x10 [ 15.164566] ? ktime_get_ts64+0x84/0x230 [ 15.164616] kunit_try_run_case+0x1a6/0x480 [ 15.164661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164715] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.164758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.164801] ? __kthread_parkme+0x82/0x160 [ 15.164842] ? preempt_count_sub+0x50/0x80 [ 15.164885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165020] kthread+0x257/0x310 [ 15.165086] ? __pfx_kthread+0x10/0x10 [ 15.165129] ret_from_fork+0x41/0x80 [ 15.165168] ? __pfx_kthread+0x10/0x10 [ 15.165196] ret_from_fork_asm+0x1a/0x30 [ 15.165246] </TASK> [ 15.165267] [ 15.172569] Allocated by task 270: [ 15.172859] kasan_save_stack+0x45/0x70 [ 15.173214] kasan_save_track+0x18/0x40 [ 15.173508] kasan_save_alloc_info+0x3b/0x50 [ 15.173822] __kasan_kmalloc+0xb7/0xc0 [ 15.174154] __kmalloc_cache_noprof+0x168/0x350 [ 15.174480] kasan_atomics+0x96/0x310 [ 15.174723] kunit_try_run_case+0x1a6/0x480 [ 15.174949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.175310] kthread+0x257/0x310 [ 15.175505] ret_from_fork+0x41/0x80 [ 15.175733] ret_from_fork_asm+0x1a/0x30 [ 15.175915] [ 15.176022] The buggy address belongs to the object at ffff888102635000 [ 15.176022] which belongs to the cache kmalloc-64 of size 64 [ 15.176748] The buggy address is located 0 bytes to the right of [ 15.176748] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.177609] [ 15.177790] The buggy address belongs to the physical page: [ 15.178231] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.178568] flags: 0x200000000000000(node=0|zone=2) [ 15.179798] page_type: f5(slab) [ 15.180598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.180924] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.181218] page dumped because: kasan: bad access detected [ 15.181417] [ 15.181527] Memory state around the buggy address: [ 15.181888] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182448] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.182942] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.183463] ^ [ 15.183789] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184114] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184511] ================================================================== [ 15.305643] ================================================================== [ 15.306276] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 15.306820] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.307328] [ 15.307526] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.307618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.307654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.307737] Call Trace: [ 15.307769] <TASK> [ 15.307798] dump_stack_lvl+0x73/0xb0 [ 15.307858] print_report+0xd1/0x640 [ 15.307930] ? __virt_addr_valid+0x1db/0x2d0 [ 15.307974] ? kasan_atomics_helper+0x1468/0x5450 [ 15.308017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.308084] ? kasan_atomics_helper+0x1468/0x5450 [ 15.308131] kasan_report+0x140/0x180 [ 15.308211] ? kasan_atomics_helper+0x1468/0x5450 [ 15.308285] kasan_check_range+0x10c/0x1c0 [ 15.308351] __kasan_check_write+0x18/0x20 [ 15.308396] kasan_atomics_helper+0x1468/0x5450 [ 15.308441] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.308489] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.308545] kasan_atomics+0x1dd/0x310 [ 15.308588] ? __pfx_kasan_atomics+0x10/0x10 [ 15.308628] ? __pfx_read_tsc+0x10/0x10 [ 15.308661] ? ktime_get_ts64+0x84/0x230 [ 15.308721] kunit_try_run_case+0x1a6/0x480 [ 15.308767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.308808] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.308853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.308904] ? __kthread_parkme+0x82/0x160 [ 15.308948] ? preempt_count_sub+0x50/0x80 [ 15.308997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.309040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.309104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.309159] kthread+0x257/0x310 [ 15.309201] ? __pfx_kthread+0x10/0x10 [ 15.309244] ret_from_fork+0x41/0x80 [ 15.309286] ? __pfx_kthread+0x10/0x10 [ 15.309327] ret_from_fork_asm+0x1a/0x30 [ 15.309386] </TASK> [ 15.309410] [ 15.318229] Allocated by task 270: [ 15.318549] kasan_save_stack+0x45/0x70 [ 15.318903] kasan_save_track+0x18/0x40 [ 15.319247] kasan_save_alloc_info+0x3b/0x50 [ 15.319562] __kasan_kmalloc+0xb7/0xc0 [ 15.319882] __kmalloc_cache_noprof+0x168/0x350 [ 15.320232] kasan_atomics+0x96/0x310 [ 15.320506] kunit_try_run_case+0x1a6/0x480 [ 15.320810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.321169] kthread+0x257/0x310 [ 15.321458] ret_from_fork+0x41/0x80 [ 15.321683] ret_from_fork_asm+0x1a/0x30 [ 15.321986] [ 15.322213] The buggy address belongs to the object at ffff888102635000 [ 15.322213] which belongs to the cache kmalloc-64 of size 64 [ 15.322947] The buggy address is located 0 bytes to the right of [ 15.322947] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.323303] [ 15.323391] The buggy address belongs to the physical page: [ 15.323552] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.326379] flags: 0x200000000000000(node=0|zone=2) [ 15.327100] page_type: f5(slab) [ 15.327370] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.328660] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.330003] page dumped because: kasan: bad access detected [ 15.330774] [ 15.330960] Memory state around the buggy address: [ 15.332234] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.332998] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.333977] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.334415] ^ [ 15.334728] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335010] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.335354] ================================================================== [ 15.846605] ================================================================== [ 15.847352] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 15.847930] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.848471] [ 15.848627] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.848714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.848734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.848765] Call Trace: [ 15.848799] <TASK> [ 15.848827] dump_stack_lvl+0x73/0xb0 [ 15.848876] print_report+0xd1/0x640 [ 15.848913] ? __virt_addr_valid+0x1db/0x2d0 [ 15.848952] ? kasan_atomics_helper+0x4f9a/0x5450 [ 15.848986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.849023] ? kasan_atomics_helper+0x4f9a/0x5450 [ 15.849069] kasan_report+0x140/0x180 [ 15.849106] ? kasan_atomics_helper+0x4f9a/0x5450 [ 15.849147] __asan_report_load8_noabort+0x18/0x20 [ 15.849177] kasan_atomics_helper+0x4f9a/0x5450 [ 15.849210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.849247] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.849285] kasan_atomics+0x1dd/0x310 [ 15.849318] ? __pfx_kasan_atomics+0x10/0x10 [ 15.849359] ? __pfx_read_tsc+0x10/0x10 [ 15.849393] ? ktime_get_ts64+0x84/0x230 [ 15.849432] kunit_try_run_case+0x1a6/0x480 [ 15.849467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849497] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.849534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.849582] ? __kthread_parkme+0x82/0x160 [ 15.849621] ? preempt_count_sub+0x50/0x80 [ 15.849663] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.849719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.849768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.849817] kthread+0x257/0x310 [ 15.849855] ? __pfx_kthread+0x10/0x10 [ 15.849898] ret_from_fork+0x41/0x80 [ 15.849954] ? __pfx_kthread+0x10/0x10 [ 15.849999] ret_from_fork_asm+0x1a/0x30 [ 15.850068] </TASK> [ 15.850093] [ 15.864564] Allocated by task 270: [ 15.864800] kasan_save_stack+0x45/0x70 [ 15.865381] kasan_save_track+0x18/0x40 [ 15.866088] kasan_save_alloc_info+0x3b/0x50 [ 15.866498] __kasan_kmalloc+0xb7/0xc0 [ 15.866690] __kmalloc_cache_noprof+0x168/0x350 [ 15.867018] kasan_atomics+0x96/0x310 [ 15.867372] kunit_try_run_case+0x1a6/0x480 [ 15.867611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.867853] kthread+0x257/0x310 [ 15.868166] ret_from_fork+0x41/0x80 [ 15.868374] ret_from_fork_asm+0x1a/0x30 [ 15.868691] [ 15.868808] The buggy address belongs to the object at ffff888102635000 [ 15.868808] which belongs to the cache kmalloc-64 of size 64 [ 15.869408] The buggy address is located 0 bytes to the right of [ 15.869408] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.869920] [ 15.870146] The buggy address belongs to the physical page: [ 15.870576] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.870944] flags: 0x200000000000000(node=0|zone=2) [ 15.871383] page_type: f5(slab) [ 15.871595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.872116] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.872533] page dumped because: kasan: bad access detected [ 15.872861] [ 15.873047] Memory state around the buggy address: [ 15.873266] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.873796] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.874184] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.874695] ^ [ 15.875000] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875446] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875833] ================================================================== [ 15.876780] ================================================================== [ 15.877349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 15.877865] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.878306] [ 15.878532] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.878631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.878662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.878722] Call Trace: [ 15.878765] <TASK> [ 15.878806] dump_stack_lvl+0x73/0xb0 [ 15.878869] print_report+0xd1/0x640 [ 15.878916] ? __virt_addr_valid+0x1db/0x2d0 [ 15.878988] ? kasan_atomics_helper+0x20c9/0x5450 [ 15.879033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.879116] ? kasan_atomics_helper+0x20c9/0x5450 [ 15.879170] kasan_report+0x140/0x180 [ 15.879222] ? kasan_atomics_helper+0x20c9/0x5450 [ 15.879279] kasan_check_range+0x10c/0x1c0 [ 15.879328] __kasan_check_write+0x18/0x20 [ 15.879372] kasan_atomics_helper+0x20c9/0x5450 [ 15.879426] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.879479] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.879539] kasan_atomics+0x1dd/0x310 [ 15.879579] ? __pfx_kasan_atomics+0x10/0x10 [ 15.879619] ? __pfx_read_tsc+0x10/0x10 [ 15.879656] ? ktime_get_ts64+0x84/0x230 [ 15.879743] kunit_try_run_case+0x1a6/0x480 [ 15.879793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.879835] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.879877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.879926] ? __kthread_parkme+0x82/0x160 [ 15.879967] ? preempt_count_sub+0x50/0x80 [ 15.880008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.880150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.880185] kthread+0x257/0x310 [ 15.880208] ? __pfx_kthread+0x10/0x10 [ 15.880241] ret_from_fork+0x41/0x80 [ 15.880262] ? __pfx_kthread+0x10/0x10 [ 15.880281] ret_from_fork_asm+0x1a/0x30 [ 15.880312] </TASK> [ 15.880327] [ 15.888189] Allocated by task 270: [ 15.888415] kasan_save_stack+0x45/0x70 [ 15.888678] kasan_save_track+0x18/0x40 [ 15.888967] kasan_save_alloc_info+0x3b/0x50 [ 15.889288] __kasan_kmalloc+0xb7/0xc0 [ 15.889577] __kmalloc_cache_noprof+0x168/0x350 [ 15.889904] kasan_atomics+0x96/0x310 [ 15.890192] kunit_try_run_case+0x1a6/0x480 [ 15.890546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.890995] kthread+0x257/0x310 [ 15.891313] ret_from_fork+0x41/0x80 [ 15.891616] ret_from_fork_asm+0x1a/0x30 [ 15.891946] [ 15.892143] The buggy address belongs to the object at ffff888102635000 [ 15.892143] which belongs to the cache kmalloc-64 of size 64 [ 15.892791] The buggy address is located 0 bytes to the right of [ 15.892791] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.893354] [ 15.893523] The buggy address belongs to the physical page: [ 15.893942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.894591] flags: 0x200000000000000(node=0|zone=2) [ 15.895050] page_type: f5(slab) [ 15.895374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.895950] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.896537] page dumped because: kasan: bad access detected [ 15.896964] [ 15.897179] Memory state around the buggy address: [ 15.897559] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.897887] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.898037] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.898544] ^ [ 15.898969] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899626] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899987] ================================================================== [ 15.257549] ================================================================== [ 15.258586] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 15.259677] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.260023] [ 15.260589] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.260684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.260704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.260737] Call Trace: [ 15.260764] <TASK> [ 15.260785] dump_stack_lvl+0x73/0xb0 [ 15.260834] print_report+0xd1/0x640 [ 15.260872] ? __virt_addr_valid+0x1db/0x2d0 [ 15.260908] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.260944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.260976] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.261008] kasan_report+0x140/0x180 [ 15.261041] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.261376] kasan_check_range+0x10c/0x1c0 [ 15.261426] __kasan_check_read+0x15/0x20 [ 15.261529] kasan_atomics_helper+0x13b6/0x5450 [ 15.261584] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.261639] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.261691] kasan_atomics+0x1dd/0x310 [ 15.261734] ? __pfx_kasan_atomics+0x10/0x10 [ 15.261771] ? __pfx_read_tsc+0x10/0x10 [ 15.261804] ? ktime_get_ts64+0x84/0x230 [ 15.261834] kunit_try_run_case+0x1a6/0x480 [ 15.261857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.261878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.261907] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.261944] ? __kthread_parkme+0x82/0x160 [ 15.261965] ? preempt_count_sub+0x50/0x80 [ 15.261989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262082] kthread+0x257/0x310 [ 15.262133] ? __pfx_kthread+0x10/0x10 [ 15.262154] ret_from_fork+0x41/0x80 [ 15.262175] ? __pfx_kthread+0x10/0x10 [ 15.262194] ret_from_fork_asm+0x1a/0x30 [ 15.262225] </TASK> [ 15.262238] [ 15.270891] Allocated by task 270: [ 15.271139] kasan_save_stack+0x45/0x70 [ 15.271361] kasan_save_track+0x18/0x40 [ 15.271680] kasan_save_alloc_info+0x3b/0x50 [ 15.272011] __kasan_kmalloc+0xb7/0xc0 [ 15.272343] __kmalloc_cache_noprof+0x168/0x350 [ 15.272687] kasan_atomics+0x96/0x310 [ 15.272979] kunit_try_run_case+0x1a6/0x480 [ 15.273305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.273604] kthread+0x257/0x310 [ 15.273777] ret_from_fork+0x41/0x80 [ 15.274138] ret_from_fork_asm+0x1a/0x30 [ 15.274457] [ 15.274626] The buggy address belongs to the object at ffff888102635000 [ 15.274626] which belongs to the cache kmalloc-64 of size 64 [ 15.275274] The buggy address is located 0 bytes to the right of [ 15.275274] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.275887] [ 15.276100] The buggy address belongs to the physical page: [ 15.276382] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.276947] flags: 0x200000000000000(node=0|zone=2) [ 15.277228] page_type: f5(slab) [ 15.277502] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.277873] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.278428] page dumped because: kasan: bad access detected [ 15.278814] [ 15.278923] Memory state around the buggy address: [ 15.279231] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.279605] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.280027] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.280370] ^ [ 15.280757] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281130] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.281496] ================================================================== [ 15.062475] ================================================================== [ 15.062745] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 15.062981] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.063206] [ 15.063317] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.063391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.063415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.063453] Call Trace: [ 15.063486] <TASK> [ 15.063514] dump_stack_lvl+0x73/0xb0 [ 15.063557] print_report+0xd1/0x640 [ 15.063596] ? __virt_addr_valid+0x1db/0x2d0 [ 15.063638] ? kasan_atomics_helper+0x107a/0x5450 [ 15.064608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.064763] ? kasan_atomics_helper+0x107a/0x5450 [ 15.064805] kasan_report+0x140/0x180 [ 15.064848] ? kasan_atomics_helper+0x107a/0x5450 [ 15.064899] kasan_check_range+0x10c/0x1c0 [ 15.064936] __kasan_check_write+0x18/0x20 [ 15.064970] kasan_atomics_helper+0x107a/0x5450 [ 15.065010] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.065054] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.065870] kasan_atomics+0x1dd/0x310 [ 15.065955] ? __pfx_kasan_atomics+0x10/0x10 [ 15.066007] ? __pfx_read_tsc+0x10/0x10 [ 15.066052] ? ktime_get_ts64+0x84/0x230 [ 15.066569] kunit_try_run_case+0x1a6/0x480 [ 15.066624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066683] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.066731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.066779] ? __kthread_parkme+0x82/0x160 [ 15.066819] ? preempt_count_sub+0x50/0x80 [ 15.066862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.066942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.066986] kthread+0x257/0x310 [ 15.067019] ? __pfx_kthread+0x10/0x10 [ 15.067091] ret_from_fork+0x41/0x80 [ 15.067131] ? __pfx_kthread+0x10/0x10 [ 15.067165] ret_from_fork_asm+0x1a/0x30 [ 15.067224] </TASK> [ 15.067246] [ 15.078086] Allocated by task 270: [ 15.078531] kasan_save_stack+0x45/0x70 [ 15.078932] kasan_save_track+0x18/0x40 [ 15.079256] kasan_save_alloc_info+0x3b/0x50 [ 15.079859] __kasan_kmalloc+0xb7/0xc0 [ 15.080272] __kmalloc_cache_noprof+0x168/0x350 [ 15.080488] kasan_atomics+0x96/0x310 [ 15.080720] kunit_try_run_case+0x1a6/0x480 [ 15.081031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.081254] kthread+0x257/0x310 [ 15.081517] ret_from_fork+0x41/0x80 [ 15.081801] ret_from_fork_asm+0x1a/0x30 [ 15.082012] [ 15.082267] The buggy address belongs to the object at ffff888102635000 [ 15.082267] which belongs to the cache kmalloc-64 of size 64 [ 15.082981] The buggy address is located 0 bytes to the right of [ 15.082981] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.083900] [ 15.084073] The buggy address belongs to the physical page: [ 15.084569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.084923] flags: 0x200000000000000(node=0|zone=2) [ 15.085419] page_type: f5(slab) [ 15.085712] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.085958] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.086500] page dumped because: kasan: bad access detected [ 15.086756] [ 15.086870] Memory state around the buggy address: [ 15.087310] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087849] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.088327] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.088742] ^ [ 15.089090] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089506] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.089980] ================================================================== [ 14.549535] ================================================================== [ 14.549935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 14.550476] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.550781] [ 14.550914] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.550996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.551019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.551061] Call Trace: [ 14.551102] <TASK> [ 14.551139] dump_stack_lvl+0x73/0xb0 [ 14.551195] print_report+0xd1/0x640 [ 14.551242] ? __virt_addr_valid+0x1db/0x2d0 [ 14.551279] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.551312] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.551347] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.551382] kasan_report+0x140/0x180 [ 14.551423] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.551472] kasan_check_range+0x10c/0x1c0 [ 14.551508] __kasan_check_write+0x18/0x20 [ 14.551544] kasan_atomics_helper+0x4a1/0x5450 [ 14.551581] ? kasan_save_alloc_info+0x3b/0x50 [ 14.551620] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.551709] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.551771] kasan_atomics+0x1dd/0x310 [ 14.551817] ? __pfx_kasan_atomics+0x10/0x10 [ 14.551854] ? __pfx_read_tsc+0x10/0x10 [ 14.551887] ? ktime_get_ts64+0x84/0x230 [ 14.551940] kunit_try_run_case+0x1a6/0x480 [ 14.551976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.552004] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.552035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.552111] ? __kthread_parkme+0x82/0x160 [ 14.552144] ? preempt_count_sub+0x50/0x80 [ 14.552177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.552209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.552245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.552286] kthread+0x257/0x310 [ 14.552313] ? __pfx_kthread+0x10/0x10 [ 14.552343] ret_from_fork+0x41/0x80 [ 14.552371] ? __pfx_kthread+0x10/0x10 [ 14.552400] ret_from_fork_asm+0x1a/0x30 [ 14.552448] </TASK> [ 14.552469] [ 14.560289] Allocated by task 270: [ 14.560631] kasan_save_stack+0x45/0x70 [ 14.560963] kasan_save_track+0x18/0x40 [ 14.561320] kasan_save_alloc_info+0x3b/0x50 [ 14.561506] __kasan_kmalloc+0xb7/0xc0 [ 14.561684] __kmalloc_cache_noprof+0x168/0x350 [ 14.561870] kasan_atomics+0x96/0x310 [ 14.562045] kunit_try_run_case+0x1a6/0x480 [ 14.562433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.562822] kthread+0x257/0x310 [ 14.563149] ret_from_fork+0x41/0x80 [ 14.563434] ret_from_fork_asm+0x1a/0x30 [ 14.563701] [ 14.563852] The buggy address belongs to the object at ffff888102635000 [ 14.563852] which belongs to the cache kmalloc-64 of size 64 [ 14.564515] The buggy address is located 0 bytes to the right of [ 14.564515] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.565242] [ 14.565385] The buggy address belongs to the physical page: [ 14.565565] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.565838] flags: 0x200000000000000(node=0|zone=2) [ 14.566137] page_type: f5(slab) [ 14.566367] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.566882] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.567464] page dumped because: kasan: bad access detected [ 14.567833] [ 14.567934] Memory state around the buggy address: [ 14.568102] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.568545] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.568815] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.569143] ^ [ 14.569451] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.569925] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.570189] ================================================================== [ 14.405844] ================================================================== [ 14.406286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 14.406477] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.406846] [ 14.406983] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.407043] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.407056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.407088] Call Trace: [ 14.407102] <TASK> [ 14.407129] dump_stack_lvl+0x73/0xb0 [ 14.407158] print_report+0xd1/0x640 [ 14.407180] ? __virt_addr_valid+0x1db/0x2d0 [ 14.407203] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.407226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.407248] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.407272] kasan_report+0x140/0x180 [ 14.407572] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.407602] __asan_report_load4_noabort+0x18/0x20 [ 14.407625] kasan_atomics_helper+0x4bbe/0x5450 [ 14.407647] ? kasan_save_alloc_info+0x3b/0x50 [ 14.407680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.407708] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.407735] kasan_atomics+0x1dd/0x310 [ 14.407755] ? __pfx_kasan_atomics+0x10/0x10 [ 14.407776] ? __pfx_read_tsc+0x10/0x10 [ 14.407795] ? ktime_get_ts64+0x84/0x230 [ 14.407821] kunit_try_run_case+0x1a6/0x480 [ 14.407843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.407862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.407883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.407907] ? __kthread_parkme+0x82/0x160 [ 14.407927] ? preempt_count_sub+0x50/0x80 [ 14.407950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.407970] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.407995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.408021] kthread+0x257/0x310 [ 14.408040] ? __pfx_kthread+0x10/0x10 [ 14.408059] ret_from_fork+0x41/0x80 [ 14.408078] ? __pfx_kthread+0x10/0x10 [ 14.408251] ret_from_fork_asm+0x1a/0x30 [ 14.408284] </TASK> [ 14.408297] [ 14.411879] Allocated by task 270: [ 14.411971] kasan_save_stack+0x45/0x70 [ 14.412085] kasan_save_track+0x18/0x40 [ 14.412358] kasan_save_alloc_info+0x3b/0x50 [ 14.413732] __kasan_kmalloc+0xb7/0xc0 [ 14.413840] __kmalloc_cache_noprof+0x168/0x350 [ 14.413953] kasan_atomics+0x96/0x310 [ 14.414047] kunit_try_run_case+0x1a6/0x480 [ 14.414452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.414803] kthread+0x257/0x310 [ 14.414962] ret_from_fork+0x41/0x80 [ 14.415052] ret_from_fork_asm+0x1a/0x30 [ 14.415433] [ 14.415547] The buggy address belongs to the object at ffff888102635000 [ 14.415547] which belongs to the cache kmalloc-64 of size 64 [ 14.415755] The buggy address is located 0 bytes to the right of [ 14.415755] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.415955] [ 14.416009] The buggy address belongs to the physical page: [ 14.416986] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.417227] flags: 0x200000000000000(node=0|zone=2) [ 14.417332] page_type: f5(slab) [ 14.417414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.417588] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.418013] page dumped because: kasan: bad access detected [ 14.418554] [ 14.418748] Memory state around the buggy address: [ 14.418869] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.418996] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.419468] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.419960] ^ [ 14.420261] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.421013] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.421326] ================================================================== [ 15.706752] ================================================================== [ 15.707159] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 15.707545] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.707763] [ 15.707883] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.707959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.707982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.708019] Call Trace: [ 15.708056] <TASK> [ 15.708122] dump_stack_lvl+0x73/0xb0 [ 15.708183] print_report+0xd1/0x640 [ 15.708230] ? __virt_addr_valid+0x1db/0x2d0 [ 15.708277] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.708325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.708373] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.708416] kasan_report+0x140/0x180 [ 15.708460] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.708513] kasan_check_range+0x10c/0x1c0 [ 15.708550] __kasan_check_write+0x18/0x20 [ 15.708587] kasan_atomics_helper+0x1d7b/0x5450 [ 15.708634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.708694] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.708741] kasan_atomics+0x1dd/0x310 [ 15.708781] ? __pfx_kasan_atomics+0x10/0x10 [ 15.708821] ? __pfx_read_tsc+0x10/0x10 [ 15.708860] ? ktime_get_ts64+0x84/0x230 [ 15.708913] kunit_try_run_case+0x1a6/0x480 [ 15.708961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709002] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.709046] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.709131] ? __kthread_parkme+0x82/0x160 [ 15.709175] ? preempt_count_sub+0x50/0x80 [ 15.709224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.709259] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.709299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.709345] kthread+0x257/0x310 [ 15.709381] ? __pfx_kthread+0x10/0x10 [ 15.709422] ret_from_fork+0x41/0x80 [ 15.709465] ? __pfx_kthread+0x10/0x10 [ 15.709507] ret_from_fork_asm+0x1a/0x30 [ 15.709572] </TASK> [ 15.709600] [ 15.717165] Allocated by task 270: [ 15.717469] kasan_save_stack+0x45/0x70 [ 15.717796] kasan_save_track+0x18/0x40 [ 15.718136] kasan_save_alloc_info+0x3b/0x50 [ 15.718423] __kasan_kmalloc+0xb7/0xc0 [ 15.718616] __kmalloc_cache_noprof+0x168/0x350 [ 15.718938] kasan_atomics+0x96/0x310 [ 15.719141] kunit_try_run_case+0x1a6/0x480 [ 15.719322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719634] kthread+0x257/0x310 [ 15.719870] ret_from_fork+0x41/0x80 [ 15.720155] ret_from_fork_asm+0x1a/0x30 [ 15.720461] [ 15.720615] The buggy address belongs to the object at ffff888102635000 [ 15.720615] which belongs to the cache kmalloc-64 of size 64 [ 15.721132] The buggy address is located 0 bytes to the right of [ 15.721132] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.721642] [ 15.721814] The buggy address belongs to the physical page: [ 15.722253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.722812] flags: 0x200000000000000(node=0|zone=2) [ 15.723168] page_type: f5(slab) [ 15.723321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.723569] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.723823] page dumped because: kasan: bad access detected [ 15.724018] [ 15.724144] Memory state around the buggy address: [ 15.724490] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.724962] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.725469] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.725963] ^ [ 15.726333] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726796] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.727120] ================================================================== [ 15.971573] ================================================================== [ 15.972120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 15.972603] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.973098] [ 15.973339] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.973428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.973455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.973500] Call Trace: [ 15.973542] <TASK> [ 15.973579] dump_stack_lvl+0x73/0xb0 [ 15.973636] print_report+0xd1/0x640 [ 15.973694] ? __virt_addr_valid+0x1db/0x2d0 [ 15.973746] ? kasan_atomics_helper+0x224d/0x5450 [ 15.973795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.973842] ? kasan_atomics_helper+0x224d/0x5450 [ 15.973892] kasan_report+0x140/0x180 [ 15.973944] ? kasan_atomics_helper+0x224d/0x5450 [ 15.974006] kasan_check_range+0x10c/0x1c0 [ 15.974056] __kasan_check_write+0x18/0x20 [ 15.974108] kasan_atomics_helper+0x224d/0x5450 [ 15.974145] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.974183] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.974223] kasan_atomics+0x1dd/0x310 [ 15.974255] ? __pfx_kasan_atomics+0x10/0x10 [ 15.974287] ? __pfx_read_tsc+0x10/0x10 [ 15.974318] ? ktime_get_ts64+0x84/0x230 [ 15.974358] kunit_try_run_case+0x1a6/0x480 [ 15.974392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974422] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.974454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.974490] ? __kthread_parkme+0x82/0x160 [ 15.974525] ? preempt_count_sub+0x50/0x80 [ 15.974567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.974602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.974647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.974714] kthread+0x257/0x310 [ 15.974750] ? __pfx_kthread+0x10/0x10 [ 15.974791] ret_from_fork+0x41/0x80 [ 15.974831] ? __pfx_kthread+0x10/0x10 [ 15.974872] ret_from_fork_asm+0x1a/0x30 [ 15.974935] </TASK> [ 15.974964] [ 15.985553] Allocated by task 270: [ 15.985808] kasan_save_stack+0x45/0x70 [ 15.986375] kasan_save_track+0x18/0x40 [ 15.987834] kasan_save_alloc_info+0x3b/0x50 [ 15.988182] __kasan_kmalloc+0xb7/0xc0 [ 15.988349] __kmalloc_cache_noprof+0x168/0x350 [ 15.988878] kasan_atomics+0x96/0x310 [ 15.989190] kunit_try_run_case+0x1a6/0x480 [ 15.989639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.989898] kthread+0x257/0x310 [ 15.990086] ret_from_fork+0x41/0x80 [ 15.990471] ret_from_fork_asm+0x1a/0x30 [ 15.990899] [ 15.991087] The buggy address belongs to the object at ffff888102635000 [ 15.991087] which belongs to the cache kmalloc-64 of size 64 [ 15.991751] The buggy address is located 0 bytes to the right of [ 15.991751] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.992681] [ 15.992880] The buggy address belongs to the physical page: [ 15.993283] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.993745] flags: 0x200000000000000(node=0|zone=2) [ 15.993980] page_type: f5(slab) [ 15.994281] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.994826] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.995688] page dumped because: kasan: bad access detected [ 15.995953] [ 15.996081] Memory state around the buggy address: [ 15.996481] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.996719] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.997528] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.997969] ^ [ 15.998439] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.998855] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.999370] ================================================================== [ 15.282745] ================================================================== [ 15.283150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 15.283680] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.284010] [ 15.284224] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.284322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.284349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.284384] Call Trace: [ 15.284415] <TASK> [ 15.284443] dump_stack_lvl+0x73/0xb0 [ 15.284567] print_report+0xd1/0x640 [ 15.284616] ? __virt_addr_valid+0x1db/0x2d0 [ 15.284659] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.284713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.284774] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.284821] kasan_report+0x140/0x180 [ 15.284867] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.284924] __asan_report_load8_noabort+0x18/0x20 [ 15.284982] kasan_atomics_helper+0x4eb0/0x5450 [ 15.285030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.285107] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.285176] kasan_atomics+0x1dd/0x310 [ 15.285220] ? __pfx_kasan_atomics+0x10/0x10 [ 15.285259] ? __pfx_read_tsc+0x10/0x10 [ 15.285293] ? ktime_get_ts64+0x84/0x230 [ 15.285342] kunit_try_run_case+0x1a6/0x480 [ 15.285400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.285450] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.285504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.285553] ? __kthread_parkme+0x82/0x160 [ 15.285600] ? preempt_count_sub+0x50/0x80 [ 15.285644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.285691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.285739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.285791] kthread+0x257/0x310 [ 15.285831] ? __pfx_kthread+0x10/0x10 [ 15.285872] ret_from_fork+0x41/0x80 [ 15.285920] ? __pfx_kthread+0x10/0x10 [ 15.285964] ret_from_fork_asm+0x1a/0x30 [ 15.286029] </TASK> [ 15.286080] [ 15.293970] Allocated by task 270: [ 15.294296] kasan_save_stack+0x45/0x70 [ 15.294516] kasan_save_track+0x18/0x40 [ 15.294809] kasan_save_alloc_info+0x3b/0x50 [ 15.295134] __kasan_kmalloc+0xb7/0xc0 [ 15.295406] __kmalloc_cache_noprof+0x168/0x350 [ 15.295685] kasan_atomics+0x96/0x310 [ 15.295888] kunit_try_run_case+0x1a6/0x480 [ 15.296157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.296400] kthread+0x257/0x310 [ 15.296572] ret_from_fork+0x41/0x80 [ 15.296830] ret_from_fork_asm+0x1a/0x30 [ 15.297157] [ 15.297320] The buggy address belongs to the object at ffff888102635000 [ 15.297320] which belongs to the cache kmalloc-64 of size 64 [ 15.298143] The buggy address is located 0 bytes to the right of [ 15.298143] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.298881] [ 15.299040] The buggy address belongs to the physical page: [ 15.299323] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.299747] flags: 0x200000000000000(node=0|zone=2) [ 15.299967] page_type: f5(slab) [ 15.300187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.300469] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.300767] page dumped because: kasan: bad access detected [ 15.301116] [ 15.301264] Memory state around the buggy address: [ 15.301614] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302149] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302650] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.303151] ^ [ 15.303700] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.304232] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.304727] ================================================================== [ 14.422583] ================================================================== [ 14.422874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 14.423286] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.423568] [ 14.423736] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.423782] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.423794] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.423815] Call Trace: [ 14.423829] <TASK> [ 14.423871] dump_stack_lvl+0x73/0xb0 [ 14.423913] print_report+0xd1/0x640 [ 14.423948] ? __virt_addr_valid+0x1db/0x2d0 [ 14.423972] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.423994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.424017] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.424040] kasan_report+0x140/0x180 [ 14.424074] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.424103] __asan_report_store4_noabort+0x1b/0x30 [ 14.424125] kasan_atomics_helper+0x4ba4/0x5450 [ 14.424160] ? kasan_save_alloc_info+0x3b/0x50 [ 14.424183] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.424208] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.424236] kasan_atomics+0x1dd/0x310 [ 14.424354] ? __pfx_kasan_atomics+0x10/0x10 [ 14.424379] ? __pfx_read_tsc+0x10/0x10 [ 14.424399] ? ktime_get_ts64+0x84/0x230 [ 14.424426] kunit_try_run_case+0x1a6/0x480 [ 14.424448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.424469] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.424489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.424515] ? __kthread_parkme+0x82/0x160 [ 14.424534] ? preempt_count_sub+0x50/0x80 [ 14.424556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.424576] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.424601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424626] kthread+0x257/0x310 [ 14.424644] ? __pfx_kthread+0x10/0x10 [ 14.424679] ret_from_fork+0x41/0x80 [ 14.424702] ? __pfx_kthread+0x10/0x10 [ 14.424721] ret_from_fork_asm+0x1a/0x30 [ 14.424750] </TASK> [ 14.424761] [ 14.431606] Allocated by task 270: [ 14.431862] kasan_save_stack+0x45/0x70 [ 14.432266] kasan_save_track+0x18/0x40 [ 14.432503] kasan_save_alloc_info+0x3b/0x50 [ 14.432604] __kasan_kmalloc+0xb7/0xc0 [ 14.432703] __kmalloc_cache_noprof+0x168/0x350 [ 14.432925] kasan_atomics+0x96/0x310 [ 14.433138] kunit_try_run_case+0x1a6/0x480 [ 14.433422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.433554] kthread+0x257/0x310 [ 14.433656] ret_from_fork+0x41/0x80 [ 14.433757] ret_from_fork_asm+0x1a/0x30 [ 14.433929] [ 14.434036] The buggy address belongs to the object at ffff888102635000 [ 14.434036] which belongs to the cache kmalloc-64 of size 64 [ 14.434546] The buggy address is located 0 bytes to the right of [ 14.434546] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.434907] [ 14.434959] The buggy address belongs to the physical page: [ 14.435056] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.435442] flags: 0x200000000000000(node=0|zone=2) [ 14.435734] page_type: f5(slab) [ 14.435818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.436560] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.436878] page dumped because: kasan: bad access detected [ 14.436982] [ 14.437033] Memory state around the buggy address: [ 14.437502] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.437913] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.438841] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.439260] ^ [ 14.439383] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439532] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.439842] ================================================================== [ 15.462894] ================================================================== [ 15.463289] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 15.463858] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.464348] [ 15.464640] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.464747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.464775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.464819] Call Trace: [ 15.464857] <TASK> [ 15.464890] dump_stack_lvl+0x73/0xb0 [ 15.464940] print_report+0xd1/0x640 [ 15.464976] ? __virt_addr_valid+0x1db/0x2d0 [ 15.465016] ? kasan_atomics_helper+0x1780/0x5450 [ 15.465056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.465134] ? kasan_atomics_helper+0x1780/0x5450 [ 15.465184] kasan_report+0x140/0x180 [ 15.465230] ? kasan_atomics_helper+0x1780/0x5450 [ 15.465292] kasan_check_range+0x10c/0x1c0 [ 15.465336] __kasan_check_write+0x18/0x20 [ 15.465374] kasan_atomics_helper+0x1780/0x5450 [ 15.465421] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.465472] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.465523] kasan_atomics+0x1dd/0x310 [ 15.465547] ? __pfx_kasan_atomics+0x10/0x10 [ 15.465569] ? __pfx_read_tsc+0x10/0x10 [ 15.465589] ? ktime_get_ts64+0x84/0x230 [ 15.465617] kunit_try_run_case+0x1a6/0x480 [ 15.465639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465659] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.465703] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.465729] ? __kthread_parkme+0x82/0x160 [ 15.465749] ? preempt_count_sub+0x50/0x80 [ 15.465771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.465791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.465816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.465841] kthread+0x257/0x310 [ 15.465859] ? __pfx_kthread+0x10/0x10 [ 15.465878] ret_from_fork+0x41/0x80 [ 15.465899] ? __pfx_kthread+0x10/0x10 [ 15.465929] ret_from_fork_asm+0x1a/0x30 [ 15.465962] </TASK> [ 15.465976] [ 15.475552] Allocated by task 270: [ 15.475855] kasan_save_stack+0x45/0x70 [ 15.476178] kasan_save_track+0x18/0x40 [ 15.476418] kasan_save_alloc_info+0x3b/0x50 [ 15.476736] __kasan_kmalloc+0xb7/0xc0 [ 15.476909] __kmalloc_cache_noprof+0x168/0x350 [ 15.477152] kasan_atomics+0x96/0x310 [ 15.477454] kunit_try_run_case+0x1a6/0x480 [ 15.477779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.477995] kthread+0x257/0x310 [ 15.478301] ret_from_fork+0x41/0x80 [ 15.478574] ret_from_fork_asm+0x1a/0x30 [ 15.478838] [ 15.479010] The buggy address belongs to the object at ffff888102635000 [ 15.479010] which belongs to the cache kmalloc-64 of size 64 [ 15.479588] The buggy address is located 0 bytes to the right of [ 15.479588] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.480226] [ 15.480371] The buggy address belongs to the physical page: [ 15.480560] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.481112] flags: 0x200000000000000(node=0|zone=2) [ 15.481437] page_type: f5(slab) [ 15.481596] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.481853] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.482392] page dumped because: kasan: bad access detected [ 15.482777] [ 15.482948] Memory state around the buggy address: [ 15.483316] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.483632] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.484154] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.484399] ^ [ 15.484760] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485129] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485367] ================================================================== [ 15.751442] ================================================================== [ 15.751763] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 15.752274] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.752790] [ 15.752981] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.753100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.753130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.753175] Call Trace: [ 15.753217] <TASK> [ 15.753253] dump_stack_lvl+0x73/0xb0 [ 15.753312] print_report+0xd1/0x640 [ 15.753363] ? __virt_addr_valid+0x1db/0x2d0 [ 15.753415] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.753461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.753512] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.753561] kasan_report+0x140/0x180 [ 15.753614] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.753686] kasan_check_range+0x10c/0x1c0 [ 15.753737] __kasan_check_write+0x18/0x20 [ 15.753784] kasan_atomics_helper+0x1eab/0x5450 [ 15.753831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.753875] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.753935] kasan_atomics+0x1dd/0x310 [ 15.753978] ? __pfx_kasan_atomics+0x10/0x10 [ 15.754019] ? __pfx_read_tsc+0x10/0x10 [ 15.754089] ? ktime_get_ts64+0x84/0x230 [ 15.754145] kunit_try_run_case+0x1a6/0x480 [ 15.754186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.754267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.754315] ? __kthread_parkme+0x82/0x160 [ 15.754352] ? preempt_count_sub+0x50/0x80 [ 15.754399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.754434] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.754483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.754533] kthread+0x257/0x310 [ 15.754572] ? __pfx_kthread+0x10/0x10 [ 15.754615] ret_from_fork+0x41/0x80 [ 15.754659] ? __pfx_kthread+0x10/0x10 [ 15.754712] ret_from_fork_asm+0x1a/0x30 [ 15.754776] </TASK> [ 15.754800] [ 15.762774] Allocated by task 270: [ 15.763114] kasan_save_stack+0x45/0x70 [ 15.763431] kasan_save_track+0x18/0x40 [ 15.763759] kasan_save_alloc_info+0x3b/0x50 [ 15.764133] __kasan_kmalloc+0xb7/0xc0 [ 15.764438] __kmalloc_cache_noprof+0x168/0x350 [ 15.764798] kasan_atomics+0x96/0x310 [ 15.765122] kunit_try_run_case+0x1a6/0x480 [ 15.765443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.766193] kthread+0x257/0x310 [ 15.766509] ret_from_fork+0x41/0x80 [ 15.766795] ret_from_fork_asm+0x1a/0x30 [ 15.766993] [ 15.767181] The buggy address belongs to the object at ffff888102635000 [ 15.767181] which belongs to the cache kmalloc-64 of size 64 [ 15.767716] The buggy address is located 0 bytes to the right of [ 15.767716] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.768368] [ 15.768493] The buggy address belongs to the physical page: [ 15.768708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.768991] flags: 0x200000000000000(node=0|zone=2) [ 15.769228] page_type: f5(slab) [ 15.769401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.769889] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.770483] page dumped because: kasan: bad access detected [ 15.770896] [ 15.771081] Memory state around the buggy address: [ 15.771440] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.771937] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772321] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.772575] ^ [ 15.772889] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.773391] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.773848] ================================================================== [ 15.635575] ================================================================== [ 15.635889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 15.636419] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.636701] [ 15.636879] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.636961] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.636987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.637025] Call Trace: [ 15.637116] <TASK> [ 15.637150] dump_stack_lvl+0x73/0xb0 [ 15.637208] print_report+0xd1/0x640 [ 15.637251] ? __virt_addr_valid+0x1db/0x2d0 [ 15.637318] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.637361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.637408] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.637452] kasan_report+0x140/0x180 [ 15.637516] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.637573] kasan_check_range+0x10c/0x1c0 [ 15.637616] __kasan_check_write+0x18/0x20 [ 15.637655] kasan_atomics_helper+0x1c19/0x5450 [ 15.637712] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.637778] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.637832] kasan_atomics+0x1dd/0x310 [ 15.637869] ? __pfx_kasan_atomics+0x10/0x10 [ 15.637919] ? __pfx_read_tsc+0x10/0x10 [ 15.637963] ? ktime_get_ts64+0x84/0x230 [ 15.638039] kunit_try_run_case+0x1a6/0x480 [ 15.638121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.638165] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.638213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.638285] ? __kthread_parkme+0x82/0x160 [ 15.638329] ? preempt_count_sub+0x50/0x80 [ 15.638379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.638424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.638495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.638550] kthread+0x257/0x310 [ 15.638593] ? __pfx_kthread+0x10/0x10 [ 15.638633] ret_from_fork+0x41/0x80 [ 15.638685] ? __pfx_kthread+0x10/0x10 [ 15.638747] ret_from_fork_asm+0x1a/0x30 [ 15.638813] </TASK> [ 15.638844] [ 15.646200] Allocated by task 270: [ 15.646384] kasan_save_stack+0x45/0x70 [ 15.646657] kasan_save_track+0x18/0x40 [ 15.646988] kasan_save_alloc_info+0x3b/0x50 [ 15.647340] __kasan_kmalloc+0xb7/0xc0 [ 15.647649] __kmalloc_cache_noprof+0x168/0x350 [ 15.648006] kasan_atomics+0x96/0x310 [ 15.648334] kunit_try_run_case+0x1a6/0x480 [ 15.648663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.649045] kthread+0x257/0x310 [ 15.649365] ret_from_fork+0x41/0x80 [ 15.649691] ret_from_fork_asm+0x1a/0x30 [ 15.649897] [ 15.650004] The buggy address belongs to the object at ffff888102635000 [ 15.650004] which belongs to the cache kmalloc-64 of size 64 [ 15.651875] The buggy address is located 0 bytes to the right of [ 15.651875] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.652574] [ 15.652762] The buggy address belongs to the physical page: [ 15.652996] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.653490] flags: 0x200000000000000(node=0|zone=2) [ 15.653704] page_type: f5(slab) [ 15.653868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.654131] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.654374] page dumped because: kasan: bad access detected [ 15.654565] [ 15.654793] Memory state around the buggy address: [ 15.655179] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.655712] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.656513] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.657091] ^ [ 15.657467] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658033] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.658563] ================================================================== [ 15.486639] ================================================================== [ 15.487880] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 15.488641] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.488909] [ 15.489041] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.489204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.489229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.489262] Call Trace: [ 15.489295] <TASK> [ 15.489326] dump_stack_lvl+0x73/0xb0 [ 15.489384] print_report+0xd1/0x640 [ 15.489433] ? __virt_addr_valid+0x1db/0x2d0 [ 15.489483] ? kasan_atomics_helper+0x1819/0x5450 [ 15.489529] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.489576] ? kasan_atomics_helper+0x1819/0x5450 [ 15.489623] kasan_report+0x140/0x180 [ 15.489681] ? kasan_atomics_helper+0x1819/0x5450 [ 15.489736] kasan_check_range+0x10c/0x1c0 [ 15.489771] __kasan_check_write+0x18/0x20 [ 15.489794] kasan_atomics_helper+0x1819/0x5450 [ 15.489819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.489844] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.489871] kasan_atomics+0x1dd/0x310 [ 15.489891] ? __pfx_kasan_atomics+0x10/0x10 [ 15.489929] ? __pfx_read_tsc+0x10/0x10 [ 15.489952] ? ktime_get_ts64+0x84/0x230 [ 15.489981] kunit_try_run_case+0x1a6/0x480 [ 15.490006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490027] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.490049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.490127] ? __kthread_parkme+0x82/0x160 [ 15.490148] ? preempt_count_sub+0x50/0x80 [ 15.490171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.490218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.490244] kthread+0x257/0x310 [ 15.490263] ? __pfx_kthread+0x10/0x10 [ 15.490283] ret_from_fork+0x41/0x80 [ 15.490304] ? __pfx_kthread+0x10/0x10 [ 15.490323] ret_from_fork_asm+0x1a/0x30 [ 15.490354] </TASK> [ 15.490368] [ 15.498457] Allocated by task 270: [ 15.498790] kasan_save_stack+0x45/0x70 [ 15.499168] kasan_save_track+0x18/0x40 [ 15.499530] kasan_save_alloc_info+0x3b/0x50 [ 15.499958] __kasan_kmalloc+0xb7/0xc0 [ 15.500358] __kmalloc_cache_noprof+0x168/0x350 [ 15.500739] kasan_atomics+0x96/0x310 [ 15.501079] kunit_try_run_case+0x1a6/0x480 [ 15.501448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.501749] kthread+0x257/0x310 [ 15.502006] ret_from_fork+0x41/0x80 [ 15.502387] ret_from_fork_asm+0x1a/0x30 [ 15.502783] [ 15.502999] The buggy address belongs to the object at ffff888102635000 [ 15.502999] which belongs to the cache kmalloc-64 of size 64 [ 15.503841] The buggy address is located 0 bytes to the right of [ 15.503841] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.504341] [ 15.504441] The buggy address belongs to the physical page: [ 15.504608] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.505395] flags: 0x200000000000000(node=0|zone=2) [ 15.505830] page_type: f5(slab) [ 15.506179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.506801] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.507305] page dumped because: kasan: bad access detected [ 15.507651] [ 15.507824] Memory state around the buggy address: [ 15.508260] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.508615] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.508969] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.509522] ^ [ 15.509772] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.510288] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.510763] ================================================================== [ 15.900842] ================================================================== [ 15.901279] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 15.901625] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.902299] [ 15.902462] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.902547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.902569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.902608] Call Trace: [ 15.902649] <TASK> [ 15.902695] dump_stack_lvl+0x73/0xb0 [ 15.902756] print_report+0xd1/0x640 [ 15.902808] ? __virt_addr_valid+0x1db/0x2d0 [ 15.902858] ? kasan_atomics_helper+0x4fb4/0x5450 [ 15.902910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.902954] ? kasan_atomics_helper+0x4fb4/0x5450 [ 15.902997] kasan_report+0x140/0x180 [ 15.903067] ? kasan_atomics_helper+0x4fb4/0x5450 [ 15.903121] __asan_report_load8_noabort+0x18/0x20 [ 15.903179] kasan_atomics_helper+0x4fb4/0x5450 [ 15.903230] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.903276] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.903344] kasan_atomics+0x1dd/0x310 [ 15.903387] ? __pfx_kasan_atomics+0x10/0x10 [ 15.903423] ? __pfx_read_tsc+0x10/0x10 [ 15.903461] ? ktime_get_ts64+0x84/0x230 [ 15.903514] kunit_try_run_case+0x1a6/0x480 [ 15.903564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903606] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.903653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.903726] ? __kthread_parkme+0x82/0x160 [ 15.903768] ? preempt_count_sub+0x50/0x80 [ 15.903815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.903889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.903930] kthread+0x257/0x310 [ 15.903964] ? __pfx_kthread+0x10/0x10 [ 15.904001] ret_from_fork+0x41/0x80 [ 15.904059] ? __pfx_kthread+0x10/0x10 [ 15.904228] ret_from_fork_asm+0x1a/0x30 [ 15.904294] </TASK> [ 15.904323] [ 15.915082] Allocated by task 270: [ 15.915406] kasan_save_stack+0x45/0x70 [ 15.915769] kasan_save_track+0x18/0x40 [ 15.916110] kasan_save_alloc_info+0x3b/0x50 [ 15.916475] __kasan_kmalloc+0xb7/0xc0 [ 15.916799] __kmalloc_cache_noprof+0x168/0x350 [ 15.917154] kasan_atomics+0x96/0x310 [ 15.917312] kunit_try_run_case+0x1a6/0x480 [ 15.917563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.917921] kthread+0x257/0x310 [ 15.918219] ret_from_fork+0x41/0x80 [ 15.918423] ret_from_fork_asm+0x1a/0x30 [ 15.918745] [ 15.918901] The buggy address belongs to the object at ffff888102635000 [ 15.918901] which belongs to the cache kmalloc-64 of size 64 [ 15.919434] The buggy address is located 0 bytes to the right of [ 15.919434] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.920216] [ 15.920363] The buggy address belongs to the physical page: [ 15.921140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.921469] flags: 0x200000000000000(node=0|zone=2) [ 15.921659] page_type: f5(slab) [ 15.921929] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.922392] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.922803] page dumped because: kasan: bad access detected [ 15.923030] [ 15.923202] Memory state around the buggy address: [ 15.923529] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.923784] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.924292] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.924600] ^ [ 15.924931] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.925373] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.925631] ================================================================== [ 14.630603] ================================================================== [ 14.631135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 14.631371] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.631649] [ 14.631852] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.631936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.631964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.632006] Call Trace: [ 14.632037] <TASK> [ 14.632067] dump_stack_lvl+0x73/0xb0 [ 14.632118] print_report+0xd1/0x640 [ 14.632177] ? __virt_addr_valid+0x1db/0x2d0 [ 14.632216] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.632257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.632302] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.632350] kasan_report+0x140/0x180 [ 14.632396] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.632444] kasan_check_range+0x10c/0x1c0 [ 14.632482] __kasan_check_write+0x18/0x20 [ 14.632518] kasan_atomics_helper+0x5ff/0x5450 [ 14.632556] ? kasan_save_alloc_info+0x3b/0x50 [ 14.632598] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.632649] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.632720] kasan_atomics+0x1dd/0x310 [ 14.632766] ? __pfx_kasan_atomics+0x10/0x10 [ 14.632811] ? __pfx_read_tsc+0x10/0x10 [ 14.632852] ? ktime_get_ts64+0x84/0x230 [ 14.632908] kunit_try_run_case+0x1a6/0x480 [ 14.632952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.632977] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.633000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.633025] ? __kthread_parkme+0x82/0x160 [ 14.633046] ? preempt_count_sub+0x50/0x80 [ 14.633081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.633127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.633154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633181] kthread+0x257/0x310 [ 14.633200] ? __pfx_kthread+0x10/0x10 [ 14.633219] ret_from_fork+0x41/0x80 [ 14.633240] ? __pfx_kthread+0x10/0x10 [ 14.633258] ret_from_fork_asm+0x1a/0x30 [ 14.633289] </TASK> [ 14.633304] [ 14.640868] Allocated by task 270: [ 14.641049] kasan_save_stack+0x45/0x70 [ 14.641352] kasan_save_track+0x18/0x40 [ 14.642513] kasan_save_alloc_info+0x3b/0x50 [ 14.642873] __kasan_kmalloc+0xb7/0xc0 [ 14.643223] __kmalloc_cache_noprof+0x168/0x350 [ 14.643421] kasan_atomics+0x96/0x310 [ 14.643593] kunit_try_run_case+0x1a6/0x480 [ 14.643838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.644978] kthread+0x257/0x310 [ 14.645499] ret_from_fork+0x41/0x80 [ 14.645847] ret_from_fork_asm+0x1a/0x30 [ 14.646210] [ 14.646352] The buggy address belongs to the object at ffff888102635000 [ 14.646352] which belongs to the cache kmalloc-64 of size 64 [ 14.646842] The buggy address is located 0 bytes to the right of [ 14.646842] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.647342] [ 14.647506] The buggy address belongs to the physical page: [ 14.647897] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.648189] flags: 0x200000000000000(node=0|zone=2) [ 14.648382] page_type: f5(slab) [ 14.648637] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.649178] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.649605] page dumped because: kasan: bad access detected [ 14.649884] [ 14.650052] Memory state around the buggy address: [ 14.650288] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.650632] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.651013] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.651422] ^ [ 14.651776] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652126] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.652559] ================================================================== [ 14.676774] ================================================================== [ 14.677310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 14.677711] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.677955] [ 14.678142] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.678224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.678251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.678293] Call Trace: [ 14.678325] <TASK> [ 14.678355] dump_stack_lvl+0x73/0xb0 [ 14.678410] print_report+0xd1/0x640 [ 14.678457] ? __virt_addr_valid+0x1db/0x2d0 [ 14.678503] ? kasan_atomics_helper+0x730/0x5450 [ 14.678549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.678592] ? kasan_atomics_helper+0x730/0x5450 [ 14.678639] kasan_report+0x140/0x180 [ 14.678694] ? kasan_atomics_helper+0x730/0x5450 [ 14.678742] kasan_check_range+0x10c/0x1c0 [ 14.678780] __kasan_check_write+0x18/0x20 [ 14.678817] kasan_atomics_helper+0x730/0x5450 [ 14.678860] ? kasan_save_alloc_info+0x3b/0x50 [ 14.678901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.678952] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.678998] kasan_atomics+0x1dd/0x310 [ 14.679032] ? __pfx_kasan_atomics+0x10/0x10 [ 14.679070] ? __pfx_read_tsc+0x10/0x10 [ 14.679129] ? ktime_get_ts64+0x84/0x230 [ 14.679173] kunit_try_run_case+0x1a6/0x480 [ 14.679213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679251] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.679294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.679342] ? __kthread_parkme+0x82/0x160 [ 14.679382] ? preempt_count_sub+0x50/0x80 [ 14.679432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.679472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.679520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.679570] kthread+0x257/0x310 [ 14.679609] ? __pfx_kthread+0x10/0x10 [ 14.679648] ret_from_fork+0x41/0x80 [ 14.679698] ? __pfx_kthread+0x10/0x10 [ 14.679731] ret_from_fork_asm+0x1a/0x30 [ 14.679783] </TASK> [ 14.679805] [ 14.687369] Allocated by task 270: [ 14.687547] kasan_save_stack+0x45/0x70 [ 14.687828] kasan_save_track+0x18/0x40 [ 14.688110] kasan_save_alloc_info+0x3b/0x50 [ 14.688440] __kasan_kmalloc+0xb7/0xc0 [ 14.688744] __kmalloc_cache_noprof+0x168/0x350 [ 14.689088] kasan_atomics+0x96/0x310 [ 14.689364] kunit_try_run_case+0x1a6/0x480 [ 14.689660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.690058] kthread+0x257/0x310 [ 14.690289] ret_from_fork+0x41/0x80 [ 14.690448] ret_from_fork_asm+0x1a/0x30 [ 14.690747] [ 14.690888] The buggy address belongs to the object at ffff888102635000 [ 14.690888] which belongs to the cache kmalloc-64 of size 64 [ 14.691855] The buggy address is located 0 bytes to the right of [ 14.691855] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.692547] [ 14.692733] The buggy address belongs to the physical page: [ 14.692945] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.693377] flags: 0x200000000000000(node=0|zone=2) [ 14.693781] page_type: f5(slab) [ 14.693999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.694261] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.694525] page dumped because: kasan: bad access detected [ 14.694747] [ 14.694857] Memory state around the buggy address: [ 14.695220] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.695683] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.696136] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.696596] ^ [ 14.696930] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.697503] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.697965] ================================================================== [ 14.892691] ================================================================== [ 14.893409] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 14.894015] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.894525] [ 14.894730] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.894801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.894828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.894857] Call Trace: [ 14.894883] <TASK> [ 14.894906] dump_stack_lvl+0x73/0xb0 [ 14.894953] print_report+0xd1/0x640 [ 14.894986] ? __virt_addr_valid+0x1db/0x2d0 [ 14.895020] ? kasan_atomics_helper+0x4a86/0x5450 [ 14.895078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.895120] ? kasan_atomics_helper+0x4a86/0x5450 [ 14.895162] kasan_report+0x140/0x180 [ 14.895204] ? kasan_atomics_helper+0x4a86/0x5450 [ 14.895249] __asan_report_load4_noabort+0x18/0x20 [ 14.895289] kasan_atomics_helper+0x4a86/0x5450 [ 14.895337] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.895383] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.895440] kasan_atomics+0x1dd/0x310 [ 14.895476] ? __pfx_kasan_atomics+0x10/0x10 [ 14.895521] ? __pfx_read_tsc+0x10/0x10 [ 14.895561] ? ktime_get_ts64+0x84/0x230 [ 14.895613] kunit_try_run_case+0x1a6/0x480 [ 14.895660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.895713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.895759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.895809] ? __kthread_parkme+0x82/0x160 [ 14.895848] ? preempt_count_sub+0x50/0x80 [ 14.895900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.895935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.895981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.896026] kthread+0x257/0x310 [ 14.896095] ? __pfx_kthread+0x10/0x10 [ 14.896154] ret_from_fork+0x41/0x80 [ 14.896185] ? __pfx_kthread+0x10/0x10 [ 14.896242] ret_from_fork_asm+0x1a/0x30 [ 14.896288] </TASK> [ 14.896308] [ 14.904625] Allocated by task 270: [ 14.904867] kasan_save_stack+0x45/0x70 [ 14.905177] kasan_save_track+0x18/0x40 [ 14.905482] kasan_save_alloc_info+0x3b/0x50 [ 14.905783] __kasan_kmalloc+0xb7/0xc0 [ 14.906139] __kmalloc_cache_noprof+0x168/0x350 [ 14.906503] kasan_atomics+0x96/0x310 [ 14.906794] kunit_try_run_case+0x1a6/0x480 [ 14.907148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.907457] kthread+0x257/0x310 [ 14.907648] ret_from_fork+0x41/0x80 [ 14.907962] ret_from_fork_asm+0x1a/0x30 [ 14.908211] [ 14.908374] The buggy address belongs to the object at ffff888102635000 [ 14.908374] which belongs to the cache kmalloc-64 of size 64 [ 14.908978] The buggy address is located 0 bytes to the right of [ 14.908978] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.909574] [ 14.909767] The buggy address belongs to the physical page: [ 14.910104] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.910508] flags: 0x200000000000000(node=0|zone=2) [ 14.910874] page_type: f5(slab) [ 14.911178] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.911567] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.911959] page dumped because: kasan: bad access detected [ 14.912280] [ 14.912389] Memory state around the buggy address: [ 14.912572] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912812] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.913046] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.913301] ^ [ 14.913488] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.913746] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.914275] ================================================================== [ 15.135287] ================================================================== [ 15.135620] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 15.136028] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.137004] [ 15.137156] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.137575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.137615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.137788] Call Trace: [ 15.137948] <TASK> [ 15.137990] dump_stack_lvl+0x73/0xb0 [ 15.138049] print_report+0xd1/0x640 [ 15.138127] ? __virt_addr_valid+0x1db/0x2d0 [ 15.138169] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.138206] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.138250] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.138293] kasan_report+0x140/0x180 [ 15.138487] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.138547] __asan_report_load4_noabort+0x18/0x20 [ 15.138591] kasan_atomics_helper+0x4a04/0x5450 [ 15.139082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.139312] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.139370] kasan_atomics+0x1dd/0x310 [ 15.139411] ? __pfx_kasan_atomics+0x10/0x10 [ 15.139482] ? __pfx_read_tsc+0x10/0x10 [ 15.139522] ? ktime_get_ts64+0x84/0x230 [ 15.139818] kunit_try_run_case+0x1a6/0x480 [ 15.139871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139914] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.139957] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.140043] ? __kthread_parkme+0x82/0x160 [ 15.140106] ? preempt_count_sub+0x50/0x80 [ 15.140158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.140202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.140255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.140312] kthread+0x257/0x310 [ 15.140369] ? __pfx_kthread+0x10/0x10 [ 15.140393] ret_from_fork+0x41/0x80 [ 15.140414] ? __pfx_kthread+0x10/0x10 [ 15.140433] ret_from_fork_asm+0x1a/0x30 [ 15.140464] </TASK> [ 15.140477] [ 15.148914] Allocated by task 270: [ 15.149256] kasan_save_stack+0x45/0x70 [ 15.149603] kasan_save_track+0x18/0x40 [ 15.149824] kasan_save_alloc_info+0x3b/0x50 [ 15.150221] __kasan_kmalloc+0xb7/0xc0 [ 15.150518] __kmalloc_cache_noprof+0x168/0x350 [ 15.150862] kasan_atomics+0x96/0x310 [ 15.151092] kunit_try_run_case+0x1a6/0x480 [ 15.151440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.151660] kthread+0x257/0x310 [ 15.151830] ret_from_fork+0x41/0x80 [ 15.151998] ret_from_fork_asm+0x1a/0x30 [ 15.152205] [ 15.152335] The buggy address belongs to the object at ffff888102635000 [ 15.152335] which belongs to the cache kmalloc-64 of size 64 [ 15.153203] The buggy address is located 0 bytes to the right of [ 15.153203] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.154674] [ 15.154926] The buggy address belongs to the physical page: [ 15.155582] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.155838] flags: 0x200000000000000(node=0|zone=2) [ 15.156499] page_type: f5(slab) [ 15.156758] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.157023] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.157852] page dumped because: kasan: bad access detected [ 15.158380] [ 15.158584] Memory state around the buggy address: [ 15.158964] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159502] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159817] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.160225] ^ [ 15.160508] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160971] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.161506] ================================================================== [ 15.336612] ================================================================== [ 15.337034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 15.337631] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.337983] [ 15.338238] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.338335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.338359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.338398] Call Trace: [ 15.338431] <TASK> [ 15.338463] dump_stack_lvl+0x73/0xb0 [ 15.338524] print_report+0xd1/0x640 [ 15.338572] ? __virt_addr_valid+0x1db/0x2d0 [ 15.338622] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.338683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.338728] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.338773] kasan_report+0x140/0x180 [ 15.338840] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.338896] __asan_report_store8_noabort+0x1b/0x30 [ 15.338939] kasan_atomics_helper+0x50d6/0x5450 [ 15.338986] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.339035] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.339141] kasan_atomics+0x1dd/0x310 [ 15.339185] ? __pfx_kasan_atomics+0x10/0x10 [ 15.339224] ? __pfx_read_tsc+0x10/0x10 [ 15.339258] ? ktime_get_ts64+0x84/0x230 [ 15.339290] kunit_try_run_case+0x1a6/0x480 [ 15.339314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339334] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.339357] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.339382] ? __kthread_parkme+0x82/0x160 [ 15.339402] ? preempt_count_sub+0x50/0x80 [ 15.339425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.339445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.339471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.339497] kthread+0x257/0x310 [ 15.339516] ? __pfx_kthread+0x10/0x10 [ 15.339535] ret_from_fork+0x41/0x80 [ 15.339556] ? __pfx_kthread+0x10/0x10 [ 15.339575] ret_from_fork_asm+0x1a/0x30 [ 15.339605] </TASK> [ 15.339619] [ 15.347474] Allocated by task 270: [ 15.347687] kasan_save_stack+0x45/0x70 [ 15.348000] kasan_save_track+0x18/0x40 [ 15.348340] kasan_save_alloc_info+0x3b/0x50 [ 15.348652] __kasan_kmalloc+0xb7/0xc0 [ 15.348971] __kmalloc_cache_noprof+0x168/0x350 [ 15.349347] kasan_atomics+0x96/0x310 [ 15.349662] kunit_try_run_case+0x1a6/0x480 [ 15.350025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.350391] kthread+0x257/0x310 [ 15.350691] ret_from_fork+0x41/0x80 [ 15.350915] ret_from_fork_asm+0x1a/0x30 [ 15.351257] [ 15.351400] The buggy address belongs to the object at ffff888102635000 [ 15.351400] which belongs to the cache kmalloc-64 of size 64 [ 15.351829] The buggy address is located 0 bytes to the right of [ 15.351829] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.352673] [ 15.352776] The buggy address belongs to the physical page: [ 15.353179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.353571] flags: 0x200000000000000(node=0|zone=2) [ 15.353945] page_type: f5(slab) [ 15.354273] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.354706] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.355242] page dumped because: kasan: bad access detected [ 15.355519] [ 15.355689] Memory state around the buggy address: [ 15.355952] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.356247] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.356739] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.357120] ^ [ 15.357425] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357849] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.358387] ================================================================== [ 15.774817] ================================================================== [ 15.775214] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 15.775508] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.775868] [ 15.776054] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.776171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.776198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.776241] Call Trace: [ 15.776284] <TASK> [ 15.776320] dump_stack_lvl+0x73/0xb0 [ 15.776379] print_report+0xd1/0x640 [ 15.776425] ? __virt_addr_valid+0x1db/0x2d0 [ 15.776475] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.776521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.776571] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.776622] kasan_report+0x140/0x180 [ 15.776680] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.776765] kasan_check_range+0x10c/0x1c0 [ 15.776799] __kasan_check_write+0x18/0x20 [ 15.776838] kasan_atomics_helper+0x1f44/0x5450 [ 15.776876] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.776916] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.776957] kasan_atomics+0x1dd/0x310 [ 15.776986] ? __pfx_kasan_atomics+0x10/0x10 [ 15.777016] ? __pfx_read_tsc+0x10/0x10 [ 15.777044] ? ktime_get_ts64+0x84/0x230 [ 15.778933] kunit_try_run_case+0x1a6/0x480 [ 15.779011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779090] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.779143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.779198] ? __kthread_parkme+0x82/0x160 [ 15.779243] ? preempt_count_sub+0x50/0x80 [ 15.779294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.779338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.779393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.779437] kthread+0x257/0x310 [ 15.779458] ? __pfx_kthread+0x10/0x10 [ 15.779479] ret_from_fork+0x41/0x80 [ 15.779499] ? __pfx_kthread+0x10/0x10 [ 15.779518] ret_from_fork_asm+0x1a/0x30 [ 15.779549] </TASK> [ 15.779563] [ 15.787887] Allocated by task 270: [ 15.788123] kasan_save_stack+0x45/0x70 [ 15.788357] kasan_save_track+0x18/0x40 [ 15.788553] kasan_save_alloc_info+0x3b/0x50 [ 15.788843] __kasan_kmalloc+0xb7/0xc0 [ 15.789141] __kmalloc_cache_noprof+0x168/0x350 [ 15.789492] kasan_atomics+0x96/0x310 [ 15.789816] kunit_try_run_case+0x1a6/0x480 [ 15.790187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.790583] kthread+0x257/0x310 [ 15.790849] ret_from_fork+0x41/0x80 [ 15.791110] ret_from_fork_asm+0x1a/0x30 [ 15.791350] [ 15.791509] The buggy address belongs to the object at ffff888102635000 [ 15.791509] which belongs to the cache kmalloc-64 of size 64 [ 15.792040] The buggy address is located 0 bytes to the right of [ 15.792040] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.792485] [ 15.792598] The buggy address belongs to the physical page: [ 15.792805] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.793122] flags: 0x200000000000000(node=0|zone=2) [ 15.793484] page_type: f5(slab) [ 15.793781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.794338] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.794840] page dumped because: kasan: bad access detected [ 15.795247] [ 15.795408] Memory state around the buggy address: [ 15.795685] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796030] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.796426] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.796892] ^ [ 15.797532] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.798424] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.798701] ================================================================== [ 14.870219] ================================================================== [ 14.870775] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 14.871306] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.871805] [ 14.871985] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.872081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.872108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.872144] Call Trace: [ 14.872181] <TASK> [ 14.872207] dump_stack_lvl+0x73/0xb0 [ 14.872279] print_report+0xd1/0x640 [ 14.872328] ? __virt_addr_valid+0x1db/0x2d0 [ 14.872373] ? kasan_atomics_helper+0xc71/0x5450 [ 14.872419] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.872468] ? kasan_atomics_helper+0xc71/0x5450 [ 14.872513] kasan_report+0x140/0x180 [ 14.872554] ? kasan_atomics_helper+0xc71/0x5450 [ 14.872604] kasan_check_range+0x10c/0x1c0 [ 14.872646] __kasan_check_write+0x18/0x20 [ 14.872698] kasan_atomics_helper+0xc71/0x5450 [ 14.872747] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.872791] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.872836] kasan_atomics+0x1dd/0x310 [ 14.872875] ? __pfx_kasan_atomics+0x10/0x10 [ 14.872923] ? __pfx_read_tsc+0x10/0x10 [ 14.872962] ? ktime_get_ts64+0x84/0x230 [ 14.873028] kunit_try_run_case+0x1a6/0x480 [ 14.873102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873151] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.873208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.873255] ? __kthread_parkme+0x82/0x160 [ 14.873295] ? preempt_count_sub+0x50/0x80 [ 14.873346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.873389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.873450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.873499] kthread+0x257/0x310 [ 14.873537] ? __pfx_kthread+0x10/0x10 [ 14.873574] ret_from_fork+0x41/0x80 [ 14.873625] ? __pfx_kthread+0x10/0x10 [ 14.873681] ret_from_fork_asm+0x1a/0x30 [ 14.873739] </TASK> [ 14.873764] [ 14.881518] Allocated by task 270: [ 14.881813] kasan_save_stack+0x45/0x70 [ 14.882204] kasan_save_track+0x18/0x40 [ 14.882533] kasan_save_alloc_info+0x3b/0x50 [ 14.882883] __kasan_kmalloc+0xb7/0xc0 [ 14.883251] __kmalloc_cache_noprof+0x168/0x350 [ 14.883596] kasan_atomics+0x96/0x310 [ 14.883829] kunit_try_run_case+0x1a6/0x480 [ 14.884161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884511] kthread+0x257/0x310 [ 14.884692] ret_from_fork+0x41/0x80 [ 14.884904] ret_from_fork_asm+0x1a/0x30 [ 14.885189] [ 14.885298] The buggy address belongs to the object at ffff888102635000 [ 14.885298] which belongs to the cache kmalloc-64 of size 64 [ 14.886001] The buggy address is located 0 bytes to the right of [ 14.886001] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.886707] [ 14.886894] The buggy address belongs to the physical page: [ 14.887249] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.887717] flags: 0x200000000000000(node=0|zone=2) [ 14.888091] page_type: f5(slab) [ 14.888352] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.888723] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.889209] page dumped because: kasan: bad access detected [ 14.889515] [ 14.889644] Memory state around the buggy address: [ 14.889992] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890360] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890712] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.890958] ^ [ 14.891172] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891411] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.891637] ================================================================== [ 15.112912] ================================================================== [ 15.113418] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 15.114635] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.115043] [ 15.115208] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.115290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.115318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.115360] Call Trace: [ 15.115394] <TASK> [ 15.115423] dump_stack_lvl+0x73/0xb0 [ 15.115476] print_report+0xd1/0x640 [ 15.115520] ? __virt_addr_valid+0x1db/0x2d0 [ 15.115567] ? kasan_atomics_helper+0x1149/0x5450 [ 15.115615] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.115672] ? kasan_atomics_helper+0x1149/0x5450 [ 15.115724] kasan_report+0x140/0x180 [ 15.115777] ? kasan_atomics_helper+0x1149/0x5450 [ 15.115838] kasan_check_range+0x10c/0x1c0 [ 15.115884] __kasan_check_write+0x18/0x20 [ 15.115923] kasan_atomics_helper+0x1149/0x5450 [ 15.115968] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.116006] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.116053] kasan_atomics+0x1dd/0x310 [ 15.116092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.116132] ? __pfx_read_tsc+0x10/0x10 [ 15.116170] ? ktime_get_ts64+0x84/0x230 [ 15.116221] kunit_try_run_case+0x1a6/0x480 [ 15.116265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.116307] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.116348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.116397] ? __kthread_parkme+0x82/0x160 [ 15.116438] ? preempt_count_sub+0x50/0x80 [ 15.116488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.116528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.116569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.116609] kthread+0x257/0x310 [ 15.116641] ? __pfx_kthread+0x10/0x10 [ 15.116716] ret_from_fork+0x41/0x80 [ 15.116763] ? __pfx_kthread+0x10/0x10 [ 15.116806] ret_from_fork_asm+0x1a/0x30 [ 15.116870] </TASK> [ 15.116897] [ 15.124294] Allocated by task 270: [ 15.124530] kasan_save_stack+0x45/0x70 [ 15.124809] kasan_save_track+0x18/0x40 [ 15.125044] kasan_save_alloc_info+0x3b/0x50 [ 15.125372] __kasan_kmalloc+0xb7/0xc0 [ 15.125570] __kmalloc_cache_noprof+0x168/0x350 [ 15.125773] kasan_atomics+0x96/0x310 [ 15.125955] kunit_try_run_case+0x1a6/0x480 [ 15.126183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.126399] kthread+0x257/0x310 [ 15.126597] ret_from_fork+0x41/0x80 [ 15.126893] ret_from_fork_asm+0x1a/0x30 [ 15.127240] [ 15.127402] The buggy address belongs to the object at ffff888102635000 [ 15.127402] which belongs to the cache kmalloc-64 of size 64 [ 15.128210] The buggy address is located 0 bytes to the right of [ 15.128210] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.129004] [ 15.129188] The buggy address belongs to the physical page: [ 15.129430] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.129835] flags: 0x200000000000000(node=0|zone=2) [ 15.130172] page_type: f5(slab) [ 15.130380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.130804] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.131200] page dumped because: kasan: bad access detected [ 15.131472] [ 15.131613] Memory state around the buggy address: [ 15.131807] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.132048] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.132313] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.132597] ^ [ 15.132930] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.133459] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.133989] ================================================================== [ 15.234088] ================================================================== [ 15.234556] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 15.234982] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.235417] [ 15.235645] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.235744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.235773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.235816] Call Trace: [ 15.235854] <TASK> [ 15.235888] dump_stack_lvl+0x73/0xb0 [ 15.235950] print_report+0xd1/0x640 [ 15.236001] ? __virt_addr_valid+0x1db/0x2d0 [ 15.236051] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.236095] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.236146] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.236197] kasan_report+0x140/0x180 [ 15.236249] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.236310] __asan_report_load4_noabort+0x18/0x20 [ 15.236358] kasan_atomics_helper+0x49d0/0x5450 [ 15.236404] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.236449] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.236503] kasan_atomics+0x1dd/0x310 [ 15.236547] ? __pfx_kasan_atomics+0x10/0x10 [ 15.236594] ? __pfx_read_tsc+0x10/0x10 [ 15.236630] ? ktime_get_ts64+0x84/0x230 [ 15.236712] kunit_try_run_case+0x1a6/0x480 [ 15.236763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236840] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.236900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.236954] ? __kthread_parkme+0x82/0x160 [ 15.236999] ? preempt_count_sub+0x50/0x80 [ 15.237050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.237092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.237146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.237203] kthread+0x257/0x310 [ 15.237246] ? __pfx_kthread+0x10/0x10 [ 15.237291] ret_from_fork+0x41/0x80 [ 15.237599] ? __pfx_kthread+0x10/0x10 [ 15.237680] ret_from_fork_asm+0x1a/0x30 [ 15.237748] </TASK> [ 15.237778] [ 15.246417] Allocated by task 270: [ 15.246747] kasan_save_stack+0x45/0x70 [ 15.247106] kasan_save_track+0x18/0x40 [ 15.247336] kasan_save_alloc_info+0x3b/0x50 [ 15.247530] __kasan_kmalloc+0xb7/0xc0 [ 15.247716] __kmalloc_cache_noprof+0x168/0x350 [ 15.248081] kasan_atomics+0x96/0x310 [ 15.248382] kunit_try_run_case+0x1a6/0x480 [ 15.248711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.249101] kthread+0x257/0x310 [ 15.249261] ret_from_fork+0x41/0x80 [ 15.249425] ret_from_fork_asm+0x1a/0x30 [ 15.249735] [ 15.249887] The buggy address belongs to the object at ffff888102635000 [ 15.249887] which belongs to the cache kmalloc-64 of size 64 [ 15.250676] The buggy address is located 0 bytes to the right of [ 15.250676] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.251099] [ 15.251260] The buggy address belongs to the physical page: [ 15.251629] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.252168] flags: 0x200000000000000(node=0|zone=2) [ 15.252531] page_type: f5(slab) [ 15.252777] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.253035] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.253500] page dumped because: kasan: bad access detected [ 15.253758] [ 15.253863] Memory state around the buggy address: [ 15.254229] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254488] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.254946] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.255431] ^ [ 15.255639] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.255983] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.256400] ================================================================== [ 14.460284] ================================================================== [ 14.460574] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 14.460859] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.461804] [ 14.462044] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.462154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.462190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.462451] Call Trace: [ 14.462484] <TASK> [ 14.462509] dump_stack_lvl+0x73/0xb0 [ 14.462559] print_report+0xd1/0x640 [ 14.462594] ? __virt_addr_valid+0x1db/0x2d0 [ 14.462635] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.462687] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.462729] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.462774] kasan_report+0x140/0x180 [ 14.462813] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.462857] __asan_report_store4_noabort+0x1b/0x30 [ 14.462887] kasan_atomics_helper+0x4b70/0x5450 [ 14.462923] ? kasan_save_alloc_info+0x3b/0x50 [ 14.462959] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.463003] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.463058] kasan_atomics+0x1dd/0x310 [ 14.463096] ? __pfx_kasan_atomics+0x10/0x10 [ 14.463139] ? __pfx_read_tsc+0x10/0x10 [ 14.463178] ? ktime_get_ts64+0x84/0x230 [ 14.463243] kunit_try_run_case+0x1a6/0x480 [ 14.463275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463306] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.463336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.463360] ? __kthread_parkme+0x82/0x160 [ 14.463380] ? preempt_count_sub+0x50/0x80 [ 14.463401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.463420] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.463445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.463469] kthread+0x257/0x310 [ 14.463487] ? __pfx_kthread+0x10/0x10 [ 14.463505] ret_from_fork+0x41/0x80 [ 14.463524] ? __pfx_kthread+0x10/0x10 [ 14.463542] ret_from_fork_asm+0x1a/0x30 [ 14.463571] </TASK> [ 14.463583] [ 14.474767] Allocated by task 270: [ 14.474961] kasan_save_stack+0x45/0x70 [ 14.475164] kasan_save_track+0x18/0x40 [ 14.475459] kasan_save_alloc_info+0x3b/0x50 [ 14.476042] __kasan_kmalloc+0xb7/0xc0 [ 14.476478] __kmalloc_cache_noprof+0x168/0x350 [ 14.476813] kasan_atomics+0x96/0x310 [ 14.477299] kunit_try_run_case+0x1a6/0x480 [ 14.477576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.477863] kthread+0x257/0x310 [ 14.478333] ret_from_fork+0x41/0x80 [ 14.478571] ret_from_fork_asm+0x1a/0x30 [ 14.478812] [ 14.478988] The buggy address belongs to the object at ffff888102635000 [ 14.478988] which belongs to the cache kmalloc-64 of size 64 [ 14.479940] The buggy address is located 0 bytes to the right of [ 14.479940] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.480714] [ 14.480917] The buggy address belongs to the physical page: [ 14.481402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.481965] flags: 0x200000000000000(node=0|zone=2) [ 14.482492] page_type: f5(slab) [ 14.482722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.483246] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.484067] page dumped because: kasan: bad access detected [ 14.484605] [ 14.484755] Memory state around the buggy address: [ 14.484943] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.485577] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.485990] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.486550] ^ [ 14.486854] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.487602] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.487986] ================================================================== [ 14.940678] ================================================================== [ 14.941035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 14.941472] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.941955] [ 14.942147] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.942234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.942262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.942318] Call Trace: [ 14.942350] <TASK> [ 14.942379] dump_stack_lvl+0x73/0xb0 [ 14.942443] print_report+0xd1/0x640 [ 14.942491] ? __virt_addr_valid+0x1db/0x2d0 [ 14.942560] ? kasan_atomics_helper+0xde1/0x5450 [ 14.942602] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.942672] ? kasan_atomics_helper+0xde1/0x5450 [ 14.942723] kasan_report+0x140/0x180 [ 14.942772] ? kasan_atomics_helper+0xde1/0x5450 [ 14.942827] kasan_check_range+0x10c/0x1c0 [ 14.942862] __kasan_check_write+0x18/0x20 [ 14.942896] kasan_atomics_helper+0xde1/0x5450 [ 14.942943] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.942997] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.943049] kasan_atomics+0x1dd/0x310 [ 14.943119] ? __pfx_kasan_atomics+0x10/0x10 [ 14.943162] ? __pfx_read_tsc+0x10/0x10 [ 14.943198] ? ktime_get_ts64+0x84/0x230 [ 14.943249] kunit_try_run_case+0x1a6/0x480 [ 14.943303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.943357] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.943399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.943445] ? __kthread_parkme+0x82/0x160 [ 14.943491] ? preempt_count_sub+0x50/0x80 [ 14.943538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.943592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.943640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.943706] kthread+0x257/0x310 [ 14.943745] ? __pfx_kthread+0x10/0x10 [ 14.943799] ret_from_fork+0x41/0x80 [ 14.943839] ? __pfx_kthread+0x10/0x10 [ 14.943879] ret_from_fork_asm+0x1a/0x30 [ 14.943932] </TASK> [ 14.943962] [ 14.951442] Allocated by task 270: [ 14.951619] kasan_save_stack+0x45/0x70 [ 14.951813] kasan_save_track+0x18/0x40 [ 14.952221] kasan_save_alloc_info+0x3b/0x50 [ 14.952556] __kasan_kmalloc+0xb7/0xc0 [ 14.952854] __kmalloc_cache_noprof+0x168/0x350 [ 14.953250] kasan_atomics+0x96/0x310 [ 14.953544] kunit_try_run_case+0x1a6/0x480 [ 14.953879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954373] kthread+0x257/0x310 [ 14.954584] ret_from_fork+0x41/0x80 [ 14.954777] ret_from_fork_asm+0x1a/0x30 [ 14.954961] [ 14.955064] The buggy address belongs to the object at ffff888102635000 [ 14.955064] which belongs to the cache kmalloc-64 of size 64 [ 14.955931] The buggy address is located 0 bytes to the right of [ 14.955931] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.956810] [ 14.956925] The buggy address belongs to the physical page: [ 14.957675] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.958766] flags: 0x200000000000000(node=0|zone=2) [ 14.959490] page_type: f5(slab) [ 14.960144] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.960712] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.961121] page dumped because: kasan: bad access detected [ 14.961474] [ 14.961607] Memory state around the buggy address: [ 14.961882] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962322] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.962747] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.963045] ^ [ 14.963365] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.963804] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.964119] ================================================================== [ 15.612550] ================================================================== [ 15.612928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 15.613355] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.613836] [ 15.614005] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.614123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.614151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.614205] Call Trace: [ 15.614253] <TASK> [ 15.614287] dump_stack_lvl+0x73/0xb0 [ 15.614379] print_report+0xd1/0x640 [ 15.614417] ? __virt_addr_valid+0x1db/0x2d0 [ 15.614454] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.614490] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.614523] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.614560] kasan_report+0x140/0x180 [ 15.614601] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.614651] kasan_check_range+0x10c/0x1c0 [ 15.614703] __kasan_check_write+0x18/0x20 [ 15.614746] kasan_atomics_helper+0x1b23/0x5450 [ 15.614792] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.614830] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.614867] kasan_atomics+0x1dd/0x310 [ 15.614888] ? __pfx_kasan_atomics+0x10/0x10 [ 15.614912] ? __pfx_read_tsc+0x10/0x10 [ 15.614944] ? ktime_get_ts64+0x84/0x230 [ 15.614992] kunit_try_run_case+0x1a6/0x480 [ 15.615037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.615090] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.615134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.615177] ? __kthread_parkme+0x82/0x160 [ 15.615210] ? preempt_count_sub+0x50/0x80 [ 15.615247] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.615283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.615330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.615381] kthread+0x257/0x310 [ 15.615422] ? __pfx_kthread+0x10/0x10 [ 15.615465] ret_from_fork+0x41/0x80 [ 15.615506] ? __pfx_kthread+0x10/0x10 [ 15.615547] ret_from_fork_asm+0x1a/0x30 [ 15.615611] </TASK> [ 15.615638] [ 15.625212] Allocated by task 270: [ 15.625389] kasan_save_stack+0x45/0x70 [ 15.625700] kasan_save_track+0x18/0x40 [ 15.626020] kasan_save_alloc_info+0x3b/0x50 [ 15.626404] __kasan_kmalloc+0xb7/0xc0 [ 15.626592] __kmalloc_cache_noprof+0x168/0x350 [ 15.626891] kasan_atomics+0x96/0x310 [ 15.627111] kunit_try_run_case+0x1a6/0x480 [ 15.627405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.627715] kthread+0x257/0x310 [ 15.627877] ret_from_fork+0x41/0x80 [ 15.628042] ret_from_fork_asm+0x1a/0x30 [ 15.628374] [ 15.628535] The buggy address belongs to the object at ffff888102635000 [ 15.628535] which belongs to the cache kmalloc-64 of size 64 [ 15.629197] The buggy address is located 0 bytes to the right of [ 15.629197] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.629697] [ 15.629804] The buggy address belongs to the physical page: [ 15.630199] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.630722] flags: 0x200000000000000(node=0|zone=2) [ 15.630959] page_type: f5(slab) [ 15.631253] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.631606] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.631947] page dumped because: kasan: bad access detected [ 15.632264] [ 15.632382] Memory state around the buggy address: [ 15.632561] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.632802] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633032] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.633459] ^ [ 15.633788] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.634320] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.634699] ================================================================== [ 15.090763] ================================================================== [ 15.091191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 15.091580] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.091825] [ 15.091975] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.092054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.092080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.092122] Call Trace: [ 15.092157] <TASK> [ 15.092187] dump_stack_lvl+0x73/0xb0 [ 15.092243] print_report+0xd1/0x640 [ 15.092293] ? __virt_addr_valid+0x1db/0x2d0 [ 15.092338] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.092381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.092419] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.092462] kasan_report+0x140/0x180 [ 15.092502] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.092549] __asan_report_load4_noabort+0x18/0x20 [ 15.092590] kasan_atomics_helper+0x4a1e/0x5450 [ 15.092637] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.092735] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.092804] kasan_atomics+0x1dd/0x310 [ 15.092848] ? __pfx_kasan_atomics+0x10/0x10 [ 15.092891] ? __pfx_read_tsc+0x10/0x10 [ 15.092930] ? ktime_get_ts64+0x84/0x230 [ 15.092993] kunit_try_run_case+0x1a6/0x480 [ 15.093079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.093116] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.093141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.093168] ? __kthread_parkme+0x82/0x160 [ 15.093190] ? preempt_count_sub+0x50/0x80 [ 15.093213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.093240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.093282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.093329] kthread+0x257/0x310 [ 15.093365] ? __pfx_kthread+0x10/0x10 [ 15.093412] ret_from_fork+0x41/0x80 [ 15.093451] ? __pfx_kthread+0x10/0x10 [ 15.093505] ret_from_fork_asm+0x1a/0x30 [ 15.093564] </TASK> [ 15.093589] [ 15.101449] Allocated by task 270: [ 15.101634] kasan_save_stack+0x45/0x70 [ 15.102010] kasan_save_track+0x18/0x40 [ 15.102372] kasan_save_alloc_info+0x3b/0x50 [ 15.102713] __kasan_kmalloc+0xb7/0xc0 [ 15.103009] __kmalloc_cache_noprof+0x168/0x350 [ 15.103382] kasan_atomics+0x96/0x310 [ 15.103611] kunit_try_run_case+0x1a6/0x480 [ 15.103910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.104153] kthread+0x257/0x310 [ 15.104317] ret_from_fork+0x41/0x80 [ 15.104491] ret_from_fork_asm+0x1a/0x30 [ 15.104745] [ 15.104915] The buggy address belongs to the object at ffff888102635000 [ 15.104915] which belongs to the cache kmalloc-64 of size 64 [ 15.105707] The buggy address is located 0 bytes to the right of [ 15.105707] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.106609] [ 15.106812] The buggy address belongs to the physical page: [ 15.107233] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.107586] flags: 0x200000000000000(node=0|zone=2) [ 15.107930] page_type: f5(slab) [ 15.108190] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.108619] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.108964] page dumped because: kasan: bad access detected [ 15.109281] [ 15.109479] Memory state around the buggy address: [ 15.109745] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.110186] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.110437] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.110680] ^ [ 15.111043] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111541] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112005] ================================================================== [ 14.570710] ================================================================== [ 14.571227] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 14.571749] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.572306] [ 14.572489] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.572577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.572601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.572644] Call Trace: [ 14.572691] <TASK> [ 14.572726] dump_stack_lvl+0x73/0xb0 [ 14.572783] print_report+0xd1/0x640 [ 14.572834] ? __virt_addr_valid+0x1db/0x2d0 [ 14.572883] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.572931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.572978] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.573026] kasan_report+0x140/0x180 [ 14.573103] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.573165] __asan_report_store4_noabort+0x1b/0x30 [ 14.573213] kasan_atomics_helper+0x4b3c/0x5450 [ 14.573258] ? kasan_save_alloc_info+0x3b/0x50 [ 14.573297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.573337] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.573377] kasan_atomics+0x1dd/0x310 [ 14.573412] ? __pfx_kasan_atomics+0x10/0x10 [ 14.573447] ? __pfx_read_tsc+0x10/0x10 [ 14.573476] ? ktime_get_ts64+0x84/0x230 [ 14.573520] kunit_try_run_case+0x1a6/0x480 [ 14.573560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.573595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.573632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.573689] ? __kthread_parkme+0x82/0x160 [ 14.573724] ? preempt_count_sub+0x50/0x80 [ 14.573765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.573803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.573844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.573888] kthread+0x257/0x310 [ 14.573938] ? __pfx_kthread+0x10/0x10 [ 14.573979] ret_from_fork+0x41/0x80 [ 14.574022] ? __pfx_kthread+0x10/0x10 [ 14.574096] ret_from_fork_asm+0x1a/0x30 [ 14.574164] </TASK> [ 14.574192] [ 14.588809] Allocated by task 270: [ 14.589060] kasan_save_stack+0x45/0x70 [ 14.589690] kasan_save_track+0x18/0x40 [ 14.590264] kasan_save_alloc_info+0x3b/0x50 [ 14.590584] __kasan_kmalloc+0xb7/0xc0 [ 14.590814] __kmalloc_cache_noprof+0x168/0x350 [ 14.591072] kasan_atomics+0x96/0x310 [ 14.591619] kunit_try_run_case+0x1a6/0x480 [ 14.591786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592247] kthread+0x257/0x310 [ 14.592536] ret_from_fork+0x41/0x80 [ 14.592820] ret_from_fork_asm+0x1a/0x30 [ 14.593017] [ 14.593558] The buggy address belongs to the object at ffff888102635000 [ 14.593558] which belongs to the cache kmalloc-64 of size 64 [ 14.594322] The buggy address is located 0 bytes to the right of [ 14.594322] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.594940] [ 14.595321] The buggy address belongs to the physical page: [ 14.595670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.596053] flags: 0x200000000000000(node=0|zone=2) [ 14.596635] page_type: f5(slab) [ 14.596881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.597543] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.598020] page dumped because: kasan: bad access detected [ 14.598465] [ 14.598627] Memory state around the buggy address: [ 14.598875] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.599461] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.599814] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.600287] ^ [ 14.600633] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.600978] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.601614] ================================================================== [ 15.013360] ================================================================== [ 15.013796] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 15.014344] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.014530] [ 15.014622] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.014695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.014716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.014746] Call Trace: [ 15.014772] <TASK> [ 15.014796] dump_stack_lvl+0x73/0xb0 [ 15.014839] print_report+0xd1/0x640 [ 15.014874] ? __virt_addr_valid+0x1db/0x2d0 [ 15.014910] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.014944] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.014984] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.015022] kasan_report+0x140/0x180 [ 15.015114] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.015185] kasan_check_range+0x10c/0x1c0 [ 15.015231] __kasan_check_write+0x18/0x20 [ 15.015274] kasan_atomics_helper+0xfaa/0x5450 [ 15.015320] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.015370] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.015428] kasan_atomics+0x1dd/0x310 [ 15.015474] ? __pfx_kasan_atomics+0x10/0x10 [ 15.015520] ? __pfx_read_tsc+0x10/0x10 [ 15.015560] ? ktime_get_ts64+0x84/0x230 [ 15.015619] kunit_try_run_case+0x1a6/0x480 [ 15.015659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015709] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.015747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.015796] ? __kthread_parkme+0x82/0x160 [ 15.015837] ? preempt_count_sub+0x50/0x80 [ 15.015884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015925] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.015996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.016049] kthread+0x257/0x310 [ 15.016113] ? __pfx_kthread+0x10/0x10 [ 15.016154] ret_from_fork+0x41/0x80 [ 15.016195] ? __pfx_kthread+0x10/0x10 [ 15.016236] ret_from_fork_asm+0x1a/0x30 [ 15.016299] </TASK> [ 15.016325] [ 15.026391] Allocated by task 270: [ 15.026609] kasan_save_stack+0x45/0x70 [ 15.026964] kasan_save_track+0x18/0x40 [ 15.027226] kasan_save_alloc_info+0x3b/0x50 [ 15.027507] __kasan_kmalloc+0xb7/0xc0 [ 15.027823] __kmalloc_cache_noprof+0x168/0x350 [ 15.028044] kasan_atomics+0x96/0x310 [ 15.028269] kunit_try_run_case+0x1a6/0x480 [ 15.028611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029014] kthread+0x257/0x310 [ 15.029296] ret_from_fork+0x41/0x80 [ 15.029545] ret_from_fork_asm+0x1a/0x30 [ 15.029820] [ 15.029999] The buggy address belongs to the object at ffff888102635000 [ 15.029999] which belongs to the cache kmalloc-64 of size 64 [ 15.030572] The buggy address is located 0 bytes to the right of [ 15.030572] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.031093] [ 15.031227] The buggy address belongs to the physical page: [ 15.031621] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.032128] flags: 0x200000000000000(node=0|zone=2) [ 15.032456] page_type: f5(slab) [ 15.032700] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.033127] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.033477] page dumped because: kasan: bad access detected [ 15.033835] [ 15.034024] Memory state around the buggy address: [ 15.034281] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034674] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035049] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.035536] ^ [ 15.035803] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036250] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.036607] ================================================================== [ 15.659510] ================================================================== [ 15.660065] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 15.660648] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.661620] [ 15.661868] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.661978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.662006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.662046] Call Trace: [ 15.662099] <TASK> [ 15.662134] dump_stack_lvl+0x73/0xb0 [ 15.662193] print_report+0xd1/0x640 [ 15.662236] ? __virt_addr_valid+0x1db/0x2d0 [ 15.662267] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.662292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.662317] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.662342] kasan_report+0x140/0x180 [ 15.662368] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.662398] __asan_report_load8_noabort+0x18/0x20 [ 15.662420] kasan_atomics_helper+0x4f32/0x5450 [ 15.662446] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.662472] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.662499] kasan_atomics+0x1dd/0x310 [ 15.662521] ? __pfx_kasan_atomics+0x10/0x10 [ 15.662543] ? __pfx_read_tsc+0x10/0x10 [ 15.662563] ? ktime_get_ts64+0x84/0x230 [ 15.662592] kunit_try_run_case+0x1a6/0x480 [ 15.662615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662636] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.662659] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.662711] ? __kthread_parkme+0x82/0x160 [ 15.662734] ? preempt_count_sub+0x50/0x80 [ 15.662758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.662807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662834] kthread+0x257/0x310 [ 15.662853] ? __pfx_kthread+0x10/0x10 [ 15.662874] ret_from_fork+0x41/0x80 [ 15.662895] ? __pfx_kthread+0x10/0x10 [ 15.662915] ret_from_fork_asm+0x1a/0x30 [ 15.662948] </TASK> [ 15.662961] [ 15.672147] Allocated by task 270: [ 15.672811] kasan_save_stack+0x45/0x70 [ 15.673208] kasan_save_track+0x18/0x40 [ 15.673491] kasan_save_alloc_info+0x3b/0x50 [ 15.673876] __kasan_kmalloc+0xb7/0xc0 [ 15.674330] __kmalloc_cache_noprof+0x168/0x350 [ 15.674888] kasan_atomics+0x96/0x310 [ 15.675185] kunit_try_run_case+0x1a6/0x480 [ 15.675374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.675602] kthread+0x257/0x310 [ 15.675766] ret_from_fork+0x41/0x80 [ 15.675960] ret_from_fork_asm+0x1a/0x30 [ 15.676251] [ 15.676386] The buggy address belongs to the object at ffff888102635000 [ 15.676386] which belongs to the cache kmalloc-64 of size 64 [ 15.676887] The buggy address is located 0 bytes to the right of [ 15.676887] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.677489] [ 15.677656] The buggy address belongs to the physical page: [ 15.677881] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.678336] flags: 0x200000000000000(node=0|zone=2) [ 15.678555] page_type: f5(slab) [ 15.678749] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.679284] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.679728] page dumped because: kasan: bad access detected [ 15.680084] [ 15.680243] Memory state around the buggy address: [ 15.680448] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.680814] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681123] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.681357] ^ [ 15.681547] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.681931] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.682421] ================================================================== [ 14.848426] ================================================================== [ 14.848865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 14.849278] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.849660] [ 14.849853] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.849941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.849964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.850010] Call Trace: [ 14.850043] <TASK> [ 14.850118] dump_stack_lvl+0x73/0xb0 [ 14.850177] print_report+0xd1/0x640 [ 14.850226] ? __virt_addr_valid+0x1db/0x2d0 [ 14.850272] ? kasan_atomics_helper+0xb6b/0x5450 [ 14.850317] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.850363] ? kasan_atomics_helper+0xb6b/0x5450 [ 14.850413] kasan_report+0x140/0x180 [ 14.850460] ? kasan_atomics_helper+0xb6b/0x5450 [ 14.850518] kasan_check_range+0x10c/0x1c0 [ 14.850564] __kasan_check_write+0x18/0x20 [ 14.850612] kasan_atomics_helper+0xb6b/0x5450 [ 14.850652] ? kasan_save_alloc_info+0x3b/0x50 [ 14.850711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.850760] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.850818] kasan_atomics+0x1dd/0x310 [ 14.850863] ? __pfx_kasan_atomics+0x10/0x10 [ 14.850910] ? __pfx_read_tsc+0x10/0x10 [ 14.850952] ? ktime_get_ts64+0x84/0x230 [ 14.851006] kunit_try_run_case+0x1a6/0x480 [ 14.851083] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851129] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.851173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.851223] ? __kthread_parkme+0x82/0x160 [ 14.851266] ? preempt_count_sub+0x50/0x80 [ 14.851309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.851342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.851379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.851405] kthread+0x257/0x310 [ 14.851424] ? __pfx_kthread+0x10/0x10 [ 14.851443] ret_from_fork+0x41/0x80 [ 14.851463] ? __pfx_kthread+0x10/0x10 [ 14.851480] ret_from_fork_asm+0x1a/0x30 [ 14.851510] </TASK> [ 14.851523] [ 14.859568] Allocated by task 270: [ 14.859800] kasan_save_stack+0x45/0x70 [ 14.860146] kasan_save_track+0x18/0x40 [ 14.860398] kasan_save_alloc_info+0x3b/0x50 [ 14.860720] __kasan_kmalloc+0xb7/0xc0 [ 14.860894] __kmalloc_cache_noprof+0x168/0x350 [ 14.861108] kasan_atomics+0x96/0x310 [ 14.861318] kunit_try_run_case+0x1a6/0x480 [ 14.861654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.862096] kthread+0x257/0x310 [ 14.862377] ret_from_fork+0x41/0x80 [ 14.862647] ret_from_fork_asm+0x1a/0x30 [ 14.862821] [ 14.863004] The buggy address belongs to the object at ffff888102635000 [ 14.863004] which belongs to the cache kmalloc-64 of size 64 [ 14.863615] The buggy address is located 0 bytes to the right of [ 14.863615] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.864246] [ 14.864437] The buggy address belongs to the physical page: [ 14.864691] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.865151] flags: 0x200000000000000(node=0|zone=2) [ 14.865473] page_type: f5(slab) [ 14.865705] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.866245] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.866500] page dumped because: kasan: bad access detected [ 14.866718] [ 14.866875] Memory state around the buggy address: [ 14.867260] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.867746] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.868220] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.868502] ^ [ 14.868827] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869165] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.869396] ================================================================== [ 15.535172] ================================================================== [ 15.535445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 15.536252] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.536861] [ 15.537097] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.537212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.537244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.537286] Call Trace: [ 15.537322] <TASK> [ 15.537352] dump_stack_lvl+0x73/0xb0 [ 15.537413] print_report+0xd1/0x640 [ 15.537461] ? __virt_addr_valid+0x1db/0x2d0 [ 15.537512] ? kasan_atomics_helper+0x194b/0x5450 [ 15.537560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.537608] ? kasan_atomics_helper+0x194b/0x5450 [ 15.537659] kasan_report+0x140/0x180 [ 15.537721] ? kasan_atomics_helper+0x194b/0x5450 [ 15.537781] kasan_check_range+0x10c/0x1c0 [ 15.537827] __kasan_check_write+0x18/0x20 [ 15.537872] kasan_atomics_helper+0x194b/0x5450 [ 15.537931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.537975] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.538029] kasan_atomics+0x1dd/0x310 [ 15.538071] ? __pfx_kasan_atomics+0x10/0x10 [ 15.538166] ? __pfx_read_tsc+0x10/0x10 [ 15.538207] ? ktime_get_ts64+0x84/0x230 [ 15.538276] kunit_try_run_case+0x1a6/0x480 [ 15.538324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.538431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.538480] ? __kthread_parkme+0x82/0x160 [ 15.538539] ? preempt_count_sub+0x50/0x80 [ 15.538581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.538622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.538684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.538740] kthread+0x257/0x310 [ 15.538782] ? __pfx_kthread+0x10/0x10 [ 15.538825] ret_from_fork+0x41/0x80 [ 15.538864] ? __pfx_kthread+0x10/0x10 [ 15.538887] ret_from_fork_asm+0x1a/0x30 [ 15.538918] </TASK> [ 15.538932] [ 15.546770] Allocated by task 270: [ 15.547070] kasan_save_stack+0x45/0x70 [ 15.547396] kasan_save_track+0x18/0x40 [ 15.547709] kasan_save_alloc_info+0x3b/0x50 [ 15.548104] __kasan_kmalloc+0xb7/0xc0 [ 15.548455] __kmalloc_cache_noprof+0x168/0x350 [ 15.548806] kasan_atomics+0x96/0x310 [ 15.549846] kunit_try_run_case+0x1a6/0x480 [ 15.550743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.551045] kthread+0x257/0x310 [ 15.551440] ret_from_fork+0x41/0x80 [ 15.551745] ret_from_fork_asm+0x1a/0x30 [ 15.552029] [ 15.552191] The buggy address belongs to the object at ffff888102635000 [ 15.552191] which belongs to the cache kmalloc-64 of size 64 [ 15.552578] The buggy address is located 0 bytes to the right of [ 15.552578] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.553164] [ 15.553324] The buggy address belongs to the physical page: [ 15.553725] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.554239] flags: 0x200000000000000(node=0|zone=2) [ 15.554451] page_type: f5(slab) [ 15.554613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.555233] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.555888] page dumped because: kasan: bad access detected [ 15.556241] [ 15.556365] Memory state around the buggy address: [ 15.556554] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.557056] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.557395] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.557636] ^ [ 15.557926] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.558560] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.559052] ================================================================== [ 15.585410] ================================================================== [ 15.585694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 15.586135] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.586372] [ 15.586486] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.586560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.586583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.586618] Call Trace: [ 15.586650] <TASK> [ 15.586957] dump_stack_lvl+0x73/0xb0 [ 15.587025] print_report+0xd1/0x640 [ 15.587062] ? __virt_addr_valid+0x1db/0x2d0 [ 15.587096] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.587132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.587168] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.587207] kasan_report+0x140/0x180 [ 15.587248] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.587297] kasan_check_range+0x10c/0x1c0 [ 15.587330] __kasan_check_write+0x18/0x20 [ 15.587360] kasan_atomics_helper+0x1a80/0x5450 [ 15.587396] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.587431] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.587471] kasan_atomics+0x1dd/0x310 [ 15.587501] ? __pfx_kasan_atomics+0x10/0x10 [ 15.587554] ? __pfx_read_tsc+0x10/0x10 [ 15.587960] ? ktime_get_ts64+0x84/0x230 [ 15.588063] kunit_try_run_case+0x1a6/0x480 [ 15.588108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.588141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.588175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.588219] ? __kthread_parkme+0x82/0x160 [ 15.588257] ? preempt_count_sub+0x50/0x80 [ 15.588299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.588336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.588381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.588426] kthread+0x257/0x310 [ 15.588460] ? __pfx_kthread+0x10/0x10 [ 15.588496] ret_from_fork+0x41/0x80 [ 15.588531] ? __pfx_kthread+0x10/0x10 [ 15.588564] ret_from_fork_asm+0x1a/0x30 [ 15.588622] </TASK> [ 15.588645] [ 15.599677] Allocated by task 270: [ 15.599974] kasan_save_stack+0x45/0x70 [ 15.600343] kasan_save_track+0x18/0x40 [ 15.600647] kasan_save_alloc_info+0x3b/0x50 [ 15.600984] __kasan_kmalloc+0xb7/0xc0 [ 15.601314] __kmalloc_cache_noprof+0x168/0x350 [ 15.601660] kasan_atomics+0x96/0x310 [ 15.602006] kunit_try_run_case+0x1a6/0x480 [ 15.602379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602800] kthread+0x257/0x310 [ 15.603111] ret_from_fork+0x41/0x80 [ 15.603419] ret_from_fork_asm+0x1a/0x30 [ 15.603747] [ 15.603908] The buggy address belongs to the object at ffff888102635000 [ 15.603908] which belongs to the cache kmalloc-64 of size 64 [ 15.604871] The buggy address is located 0 bytes to the right of [ 15.604871] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.605390] [ 15.605605] The buggy address belongs to the physical page: [ 15.605974] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.606493] flags: 0x200000000000000(node=0|zone=2) [ 15.606836] page_type: f5(slab) [ 15.607156] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.607545] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.607966] page dumped because: kasan: bad access detected [ 15.608386] [ 15.608533] Memory state around the buggy address: [ 15.608917] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609383] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609746] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.610233] ^ [ 15.610493] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610939] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.611419] ================================================================== [ 15.728501] ================================================================== [ 15.729044] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 15.729529] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.730756] [ 15.730914] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.731005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.731033] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.731085] Call Trace: [ 15.731127] <TASK> [ 15.731162] dump_stack_lvl+0x73/0xb0 [ 15.731220] print_report+0xd1/0x640 [ 15.731246] ? __virt_addr_valid+0x1db/0x2d0 [ 15.731271] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.731294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.731317] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.731341] kasan_report+0x140/0x180 [ 15.731364] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.731392] kasan_check_range+0x10c/0x1c0 [ 15.731413] __kasan_check_write+0x18/0x20 [ 15.731434] kasan_atomics_helper+0x1e13/0x5450 [ 15.731458] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.731482] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.731510] kasan_atomics+0x1dd/0x310 [ 15.731530] ? __pfx_kasan_atomics+0x10/0x10 [ 15.731551] ? __pfx_read_tsc+0x10/0x10 [ 15.731570] ? ktime_get_ts64+0x84/0x230 [ 15.731596] kunit_try_run_case+0x1a6/0x480 [ 15.731618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.731638] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.731660] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.731713] ? __kthread_parkme+0x82/0x160 [ 15.731748] ? preempt_count_sub+0x50/0x80 [ 15.731785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.731816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.731857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.731903] kthread+0x257/0x310 [ 15.731936] ? __pfx_kthread+0x10/0x10 [ 15.731966] ret_from_fork+0x41/0x80 [ 15.731998] ? __pfx_kthread+0x10/0x10 [ 15.732028] ret_from_fork_asm+0x1a/0x30 [ 15.732082] </TASK> [ 15.732105] [ 15.741288] Allocated by task 270: [ 15.741539] kasan_save_stack+0x45/0x70 [ 15.741860] kasan_save_track+0x18/0x40 [ 15.742085] kasan_save_alloc_info+0x3b/0x50 [ 15.742406] __kasan_kmalloc+0xb7/0xc0 [ 15.742597] __kmalloc_cache_noprof+0x168/0x350 [ 15.742873] kasan_atomics+0x96/0x310 [ 15.743140] kunit_try_run_case+0x1a6/0x480 [ 15.743452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.743732] kthread+0x257/0x310 [ 15.743937] ret_from_fork+0x41/0x80 [ 15.744216] ret_from_fork_asm+0x1a/0x30 [ 15.744386] [ 15.744523] The buggy address belongs to the object at ffff888102635000 [ 15.744523] which belongs to the cache kmalloc-64 of size 64 [ 15.744997] The buggy address is located 0 bytes to the right of [ 15.744997] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.745604] [ 15.745772] The buggy address belongs to the physical page: [ 15.746193] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.746481] flags: 0x200000000000000(node=0|zone=2) [ 15.746833] page_type: f5(slab) [ 15.747035] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.747446] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.747759] page dumped because: kasan: bad access detected [ 15.748030] [ 15.748199] Memory state around the buggy address: [ 15.748415] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.748809] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.749103] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.749476] ^ [ 15.749832] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750189] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.750632] ================================================================== [ 14.774452] ================================================================== [ 14.775179] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 14.775688] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.776215] [ 14.776383] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.776468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.776495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.776537] Call Trace: [ 14.776569] <TASK> [ 14.776599] dump_stack_lvl+0x73/0xb0 [ 14.776656] print_report+0xd1/0x640 [ 14.776714] ? __virt_addr_valid+0x1db/0x2d0 [ 14.776766] ? kasan_atomics_helper+0x993/0x5450 [ 14.776807] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.776854] ? kasan_atomics_helper+0x993/0x5450 [ 14.776902] kasan_report+0x140/0x180 [ 14.776941] ? kasan_atomics_helper+0x993/0x5450 [ 14.776981] kasan_check_range+0x10c/0x1c0 [ 14.777014] __kasan_check_write+0x18/0x20 [ 14.777044] kasan_atomics_helper+0x993/0x5450 [ 14.777112] ? kasan_save_alloc_info+0x3b/0x50 [ 14.777144] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.777182] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.777228] kasan_atomics+0x1dd/0x310 [ 14.777262] ? __pfx_kasan_atomics+0x10/0x10 [ 14.777295] ? __pfx_read_tsc+0x10/0x10 [ 14.777323] ? ktime_get_ts64+0x84/0x230 [ 14.777361] kunit_try_run_case+0x1a6/0x480 [ 14.777394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777425] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.777459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.777498] ? __kthread_parkme+0x82/0x160 [ 14.777529] ? preempt_count_sub+0x50/0x80 [ 14.777563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.777593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.777635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777691] kthread+0x257/0x310 [ 14.777722] ? __pfx_kthread+0x10/0x10 [ 14.777754] ret_from_fork+0x41/0x80 [ 14.777788] ? __pfx_kthread+0x10/0x10 [ 14.777823] ret_from_fork_asm+0x1a/0x30 [ 14.777875] </TASK> [ 14.777918] [ 14.786299] Allocated by task 270: [ 14.786604] kasan_save_stack+0x45/0x70 [ 14.786933] kasan_save_track+0x18/0x40 [ 14.787312] kasan_save_alloc_info+0x3b/0x50 [ 14.787596] __kasan_kmalloc+0xb7/0xc0 [ 14.787768] __kmalloc_cache_noprof+0x168/0x350 [ 14.787952] kasan_atomics+0x96/0x310 [ 14.788149] kunit_try_run_case+0x1a6/0x480 [ 14.788333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.788539] kthread+0x257/0x310 [ 14.788696] ret_from_fork+0x41/0x80 [ 14.788963] ret_from_fork_asm+0x1a/0x30 [ 14.789302] [ 14.789466] The buggy address belongs to the object at ffff888102635000 [ 14.789466] which belongs to the cache kmalloc-64 of size 64 [ 14.790008] The buggy address is located 0 bytes to the right of [ 14.790008] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.791195] [ 14.791375] The buggy address belongs to the physical page: [ 14.793240] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.793815] flags: 0x200000000000000(node=0|zone=2) [ 14.794218] page_type: f5(slab) [ 14.794497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.794839] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.795097] page dumped because: kasan: bad access detected [ 14.795272] [ 14.795361] Memory state around the buggy address: [ 14.795553] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.795850] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796377] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.796976] ^ [ 14.797222] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797456] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797652] ================================================================== [ 15.185264] ================================================================== [ 15.185693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 15.186259] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.186688] [ 15.186984] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.187432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.187485] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.187540] Call Trace: [ 15.187576] <TASK> [ 15.187608] dump_stack_lvl+0x73/0xb0 [ 15.187693] print_report+0xd1/0x640 [ 15.187755] ? __virt_addr_valid+0x1db/0x2d0 [ 15.187803] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.187858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.187901] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.187939] kasan_report+0x140/0x180 [ 15.187983] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.188034] __asan_report_load4_noabort+0x18/0x20 [ 15.188117] kasan_atomics_helper+0x49ea/0x5450 [ 15.188175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.188229] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.188290] kasan_atomics+0x1dd/0x310 [ 15.188338] ? __pfx_kasan_atomics+0x10/0x10 [ 15.188385] ? __pfx_read_tsc+0x10/0x10 [ 15.188427] ? ktime_get_ts64+0x84/0x230 [ 15.188487] kunit_try_run_case+0x1a6/0x480 [ 15.188536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188576] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.188610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.188637] ? __kthread_parkme+0x82/0x160 [ 15.188658] ? preempt_count_sub+0x50/0x80 [ 15.188708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.188758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.188786] kthread+0x257/0x310 [ 15.188806] ? __pfx_kthread+0x10/0x10 [ 15.188826] ret_from_fork+0x41/0x80 [ 15.188847] ? __pfx_kthread+0x10/0x10 [ 15.188868] ret_from_fork_asm+0x1a/0x30 [ 15.188899] </TASK> [ 15.188912] [ 15.198474] Allocated by task 270: [ 15.198698] kasan_save_stack+0x45/0x70 [ 15.199107] kasan_save_track+0x18/0x40 [ 15.199480] kasan_save_alloc_info+0x3b/0x50 [ 15.199853] __kasan_kmalloc+0xb7/0xc0 [ 15.200230] __kmalloc_cache_noprof+0x168/0x350 [ 15.200425] kasan_atomics+0x96/0x310 [ 15.200907] kunit_try_run_case+0x1a6/0x480 [ 15.201226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.201416] kthread+0x257/0x310 [ 15.201655] ret_from_fork+0x41/0x80 [ 15.201983] ret_from_fork_asm+0x1a/0x30 [ 15.202223] [ 15.202336] The buggy address belongs to the object at ffff888102635000 [ 15.202336] which belongs to the cache kmalloc-64 of size 64 [ 15.202996] The buggy address is located 0 bytes to the right of [ 15.202996] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.203591] [ 15.203764] The buggy address belongs to the physical page: [ 15.204084] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.204457] flags: 0x200000000000000(node=0|zone=2) [ 15.204796] page_type: f5(slab) [ 15.205103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.205460] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.205909] page dumped because: kasan: bad access detected [ 15.206182] [ 15.206293] Memory state around the buggy address: [ 15.206478] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.206980] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207508] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.207756] ^ [ 15.207941] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.208472] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.208963] ================================================================== [ 14.653426] ================================================================== [ 14.653952] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 14.654226] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.654631] [ 14.654845] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.654927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.654952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.654994] Call Trace: [ 14.655029] <TASK> [ 14.655061] dump_stack_lvl+0x73/0xb0 [ 14.655129] print_report+0xd1/0x640 [ 14.655174] ? __virt_addr_valid+0x1db/0x2d0 [ 14.655217] ? kasan_atomics_helper+0x698/0x5450 [ 14.655253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.655294] ? kasan_atomics_helper+0x698/0x5450 [ 14.655337] kasan_report+0x140/0x180 [ 14.655380] ? kasan_atomics_helper+0x698/0x5450 [ 14.655433] kasan_check_range+0x10c/0x1c0 [ 14.655472] __kasan_check_write+0x18/0x20 [ 14.655511] kasan_atomics_helper+0x698/0x5450 [ 14.655550] ? kasan_save_alloc_info+0x3b/0x50 [ 14.655593] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.655638] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.655707] kasan_atomics+0x1dd/0x310 [ 14.655752] ? __pfx_kasan_atomics+0x10/0x10 [ 14.655796] ? __pfx_read_tsc+0x10/0x10 [ 14.655836] ? ktime_get_ts64+0x84/0x230 [ 14.655894] kunit_try_run_case+0x1a6/0x480 [ 14.655942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655986] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.656029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.656078] ? __kthread_parkme+0x82/0x160 [ 14.656121] ? preempt_count_sub+0x50/0x80 [ 14.656169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.656212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.656263] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.656307] kthread+0x257/0x310 [ 14.656344] ? __pfx_kthread+0x10/0x10 [ 14.656380] ret_from_fork+0x41/0x80 [ 14.656414] ? __pfx_kthread+0x10/0x10 [ 14.656445] ret_from_fork_asm+0x1a/0x30 [ 14.656524] </TASK> [ 14.656550] [ 14.664465] Allocated by task 270: [ 14.664660] kasan_save_stack+0x45/0x70 [ 14.664962] kasan_save_track+0x18/0x40 [ 14.665330] kasan_save_alloc_info+0x3b/0x50 [ 14.665565] __kasan_kmalloc+0xb7/0xc0 [ 14.665807] __kmalloc_cache_noprof+0x168/0x350 [ 14.666058] kasan_atomics+0x96/0x310 [ 14.666306] kunit_try_run_case+0x1a6/0x480 [ 14.666539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.666788] kthread+0x257/0x310 [ 14.666951] ret_from_fork+0x41/0x80 [ 14.667112] ret_from_fork_asm+0x1a/0x30 [ 14.667290] [ 14.667393] The buggy address belongs to the object at ffff888102635000 [ 14.667393] which belongs to the cache kmalloc-64 of size 64 [ 14.667929] The buggy address is located 0 bytes to the right of [ 14.667929] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.669054] [ 14.669230] The buggy address belongs to the physical page: [ 14.669601] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.670171] flags: 0x200000000000000(node=0|zone=2) [ 14.670380] page_type: f5(slab) [ 14.670591] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.670993] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.671608] page dumped because: kasan: bad access detected [ 14.671829] [ 14.671981] Memory state around the buggy address: [ 14.672239] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672484] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.672755] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.674154] ^ [ 14.674507] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.674996] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.676177] ================================================================== [ 15.926653] ================================================================== [ 15.927232] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 15.927881] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.928735] [ 15.928946] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.929037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.929076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.929117] Call Trace: [ 15.929156] <TASK> [ 15.929191] dump_stack_lvl+0x73/0xb0 [ 15.929251] print_report+0xd1/0x640 [ 15.929296] ? __virt_addr_valid+0x1db/0x2d0 [ 15.929344] ? kasan_atomics_helper+0x218b/0x5450 [ 15.929386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.929432] ? kasan_atomics_helper+0x218b/0x5450 [ 15.929477] kasan_report+0x140/0x180 [ 15.929519] ? kasan_atomics_helper+0x218b/0x5450 [ 15.929574] kasan_check_range+0x10c/0x1c0 [ 15.929620] __kasan_check_write+0x18/0x20 [ 15.929675] kasan_atomics_helper+0x218b/0x5450 [ 15.929726] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.929768] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.929815] kasan_atomics+0x1dd/0x310 [ 15.929837] ? __pfx_kasan_atomics+0x10/0x10 [ 15.929859] ? __pfx_read_tsc+0x10/0x10 [ 15.929880] ? ktime_get_ts64+0x84/0x230 [ 15.929918] kunit_try_run_case+0x1a6/0x480 [ 15.929948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929972] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.929998] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.930027] ? __kthread_parkme+0x82/0x160 [ 15.930050] ? preempt_count_sub+0x50/0x80 [ 15.930087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.930114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.930141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.930168] kthread+0x257/0x310 [ 15.930188] ? __pfx_kthread+0x10/0x10 [ 15.930207] ret_from_fork+0x41/0x80 [ 15.930227] ? __pfx_kthread+0x10/0x10 [ 15.930246] ret_from_fork_asm+0x1a/0x30 [ 15.930277] </TASK> [ 15.930292] [ 15.937619] Allocated by task 270: [ 15.937941] kasan_save_stack+0x45/0x70 [ 15.938308] kasan_save_track+0x18/0x40 [ 15.938551] kasan_save_alloc_info+0x3b/0x50 [ 15.938788] __kasan_kmalloc+0xb7/0xc0 [ 15.939192] __kmalloc_cache_noprof+0x168/0x350 [ 15.939393] kasan_atomics+0x96/0x310 [ 15.939568] kunit_try_run_case+0x1a6/0x480 [ 15.939769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939987] kthread+0x257/0x310 [ 15.940227] ret_from_fork+0x41/0x80 [ 15.940528] ret_from_fork_asm+0x1a/0x30 [ 15.940854] [ 15.941021] The buggy address belongs to the object at ffff888102635000 [ 15.941021] which belongs to the cache kmalloc-64 of size 64 [ 15.942122] The buggy address is located 0 bytes to the right of [ 15.942122] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.942591] [ 15.942728] The buggy address belongs to the physical page: [ 15.943121] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.943547] flags: 0x200000000000000(node=0|zone=2) [ 15.943847] page_type: f5(slab) [ 15.944015] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.944420] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.944880] page dumped because: kasan: bad access detected [ 15.945301] [ 15.945397] Memory state around the buggy address: [ 15.945622] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945893] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.946376] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.946850] ^ [ 15.947227] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.947471] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.947708] ================================================================== [ 15.210290] ================================================================== [ 15.210571] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 15.211161] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.211543] [ 15.211759] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.211844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.211868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.211906] Call Trace: [ 15.211938] <TASK> [ 15.211968] dump_stack_lvl+0x73/0xb0 [ 15.212028] print_report+0xd1/0x640 [ 15.212114] ? __virt_addr_valid+0x1db/0x2d0 [ 15.212163] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.212214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.212270] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.212318] kasan_report+0x140/0x180 [ 15.212370] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.212427] kasan_check_range+0x10c/0x1c0 [ 15.212473] __kasan_check_write+0x18/0x20 [ 15.212518] kasan_atomics_helper+0x12e7/0x5450 [ 15.212571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.212626] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.212691] kasan_atomics+0x1dd/0x310 [ 15.212730] ? __pfx_kasan_atomics+0x10/0x10 [ 15.212771] ? __pfx_read_tsc+0x10/0x10 [ 15.212809] ? ktime_get_ts64+0x84/0x230 [ 15.212866] kunit_try_run_case+0x1a6/0x480 [ 15.212926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.212967] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.213010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.213088] ? __kthread_parkme+0x82/0x160 [ 15.213133] ? preempt_count_sub+0x50/0x80 [ 15.213193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.213229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.213261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213288] kthread+0x257/0x310 [ 15.213306] ? __pfx_kthread+0x10/0x10 [ 15.213325] ret_from_fork+0x41/0x80 [ 15.213345] ? __pfx_kthread+0x10/0x10 [ 15.213364] ret_from_fork_asm+0x1a/0x30 [ 15.213395] </TASK> [ 15.213409] [ 15.221470] Allocated by task 270: [ 15.221661] kasan_save_stack+0x45/0x70 [ 15.222098] kasan_save_track+0x18/0x40 [ 15.222438] kasan_save_alloc_info+0x3b/0x50 [ 15.222830] __kasan_kmalloc+0xb7/0xc0 [ 15.223225] __kmalloc_cache_noprof+0x168/0x350 [ 15.223610] kasan_atomics+0x96/0x310 [ 15.223932] kunit_try_run_case+0x1a6/0x480 [ 15.224232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224501] kthread+0x257/0x310 [ 15.224681] ret_from_fork+0x41/0x80 [ 15.224872] ret_from_fork_asm+0x1a/0x30 [ 15.225082] [ 15.225193] The buggy address belongs to the object at ffff888102635000 [ 15.225193] which belongs to the cache kmalloc-64 of size 64 [ 15.226051] The buggy address is located 0 bytes to the right of [ 15.226051] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.226993] [ 15.227202] The buggy address belongs to the physical page: [ 15.227600] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.227881] flags: 0x200000000000000(node=0|zone=2) [ 15.228188] page_type: f5(slab) [ 15.228505] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.229075] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.229627] page dumped because: kasan: bad access detected [ 15.229871] [ 15.230094] Memory state around the buggy address: [ 15.230365] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.230860] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231285] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.231720] ^ [ 15.231965] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.232438] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.232813] ================================================================== [ 15.408486] ================================================================== [ 15.409045] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 15.409611] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.410194] [ 15.410373] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.410460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.410488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.410527] Call Trace: [ 15.410563] <TASK> [ 15.410592] dump_stack_lvl+0x73/0xb0 [ 15.410630] print_report+0xd1/0x640 [ 15.410653] ? __virt_addr_valid+0x1db/0x2d0 [ 15.410704] ? kasan_atomics_helper+0x1650/0x5450 [ 15.410737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.410780] ? kasan_atomics_helper+0x1650/0x5450 [ 15.410816] kasan_report+0x140/0x180 [ 15.410854] ? kasan_atomics_helper+0x1650/0x5450 [ 15.410903] kasan_check_range+0x10c/0x1c0 [ 15.410944] __kasan_check_write+0x18/0x20 [ 15.411010] kasan_atomics_helper+0x1650/0x5450 [ 15.411103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.411155] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.411204] kasan_atomics+0x1dd/0x310 [ 15.411244] ? __pfx_kasan_atomics+0x10/0x10 [ 15.411284] ? __pfx_read_tsc+0x10/0x10 [ 15.411325] ? ktime_get_ts64+0x84/0x230 [ 15.411380] kunit_try_run_case+0x1a6/0x480 [ 15.411442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411484] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.411525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.411571] ? __kthread_parkme+0x82/0x160 [ 15.411614] ? preempt_count_sub+0x50/0x80 [ 15.411678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.411718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.411766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.411816] kthread+0x257/0x310 [ 15.411853] ? __pfx_kthread+0x10/0x10 [ 15.411907] ret_from_fork+0x41/0x80 [ 15.411947] ? __pfx_kthread+0x10/0x10 [ 15.411983] ret_from_fork_asm+0x1a/0x30 [ 15.412040] </TASK> [ 15.412075] [ 15.422155] Allocated by task 270: [ 15.422468] kasan_save_stack+0x45/0x70 [ 15.422701] kasan_save_track+0x18/0x40 [ 15.422993] kasan_save_alloc_info+0x3b/0x50 [ 15.423566] __kasan_kmalloc+0xb7/0xc0 [ 15.423813] __kmalloc_cache_noprof+0x168/0x350 [ 15.424115] kasan_atomics+0x96/0x310 [ 15.424785] kunit_try_run_case+0x1a6/0x480 [ 15.425043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.425443] kthread+0x257/0x310 [ 15.425609] ret_from_fork+0x41/0x80 [ 15.425889] ret_from_fork_asm+0x1a/0x30 [ 15.426134] [ 15.426323] The buggy address belongs to the object at ffff888102635000 [ 15.426323] which belongs to the cache kmalloc-64 of size 64 [ 15.426863] The buggy address is located 0 bytes to the right of [ 15.426863] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.427477] [ 15.428091] The buggy address belongs to the physical page: [ 15.428352] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.428657] flags: 0x200000000000000(node=0|zone=2) [ 15.429075] page_type: f5(slab) [ 15.429431] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.429992] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.430253] page dumped because: kasan: bad access detected [ 15.430703] [ 15.430873] Memory state around the buggy address: [ 15.431334] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.431888] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.432237] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.432710] ^ [ 15.433013] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433551] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.433898] ================================================================== [ 14.440528] ================================================================== [ 14.440876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 14.441391] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.441606] [ 14.441684] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.441732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.441764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.441787] Call Trace: [ 14.441812] <TASK> [ 14.441839] dump_stack_lvl+0x73/0xb0 [ 14.441878] print_report+0xd1/0x640 [ 14.441914] ? __virt_addr_valid+0x1db/0x2d0 [ 14.441943] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.441979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.442014] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.442051] kasan_report+0x140/0x180 [ 14.442076] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.442116] __asan_report_load4_noabort+0x18/0x20 [ 14.442139] kasan_atomics_helper+0x4b8a/0x5450 [ 14.442161] ? kasan_save_alloc_info+0x3b/0x50 [ 14.442182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.442206] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.442233] kasan_atomics+0x1dd/0x310 [ 14.442253] ? __pfx_kasan_atomics+0x10/0x10 [ 14.442274] ? __pfx_read_tsc+0x10/0x10 [ 14.442292] ? ktime_get_ts64+0x84/0x230 [ 14.442485] kunit_try_run_case+0x1a6/0x480 [ 14.442519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442542] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.442562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.442586] ? __kthread_parkme+0x82/0x160 [ 14.442621] ? preempt_count_sub+0x50/0x80 [ 14.442645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.442674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.442702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.442727] kthread+0x257/0x310 [ 14.442745] ? __pfx_kthread+0x10/0x10 [ 14.442783] ret_from_fork+0x41/0x80 [ 14.442803] ? __pfx_kthread+0x10/0x10 [ 14.442832] ret_from_fork_asm+0x1a/0x30 [ 14.442862] </TASK> [ 14.442874] [ 14.449344] Allocated by task 270: [ 14.449451] kasan_save_stack+0x45/0x70 [ 14.449554] kasan_save_track+0x18/0x40 [ 14.449764] kasan_save_alloc_info+0x3b/0x50 [ 14.450041] __kasan_kmalloc+0xb7/0xc0 [ 14.450327] __kmalloc_cache_noprof+0x168/0x350 [ 14.450804] kasan_atomics+0x96/0x310 [ 14.451301] kunit_try_run_case+0x1a6/0x480 [ 14.451609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451879] kthread+0x257/0x310 [ 14.452528] ret_from_fork+0x41/0x80 [ 14.452819] ret_from_fork_asm+0x1a/0x30 [ 14.453445] [ 14.453615] The buggy address belongs to the object at ffff888102635000 [ 14.453615] which belongs to the cache kmalloc-64 of size 64 [ 14.453868] The buggy address is located 0 bytes to the right of [ 14.453868] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.454508] [ 14.454581] The buggy address belongs to the physical page: [ 14.454707] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.454978] flags: 0x200000000000000(node=0|zone=2) [ 14.455285] page_type: f5(slab) [ 14.455557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.455933] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.456436] page dumped because: kasan: bad access detected [ 14.456764] [ 14.456867] Memory state around the buggy address: [ 14.457268] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457545] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.457774] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.458079] ^ [ 14.458316] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.458848] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.459008] ================================================================== [ 14.989747] ================================================================== [ 14.990340] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 14.990808] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.991309] [ 14.991493] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.991582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.991608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.991648] Call Trace: [ 14.991691] <TASK> [ 14.991725] dump_stack_lvl+0x73/0xb0 [ 14.991783] print_report+0xd1/0x640 [ 14.991829] ? __virt_addr_valid+0x1db/0x2d0 [ 14.991876] ? kasan_atomics_helper+0xf11/0x5450 [ 14.991923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.991967] ? kasan_atomics_helper+0xf11/0x5450 [ 14.992016] kasan_report+0x140/0x180 [ 14.992127] ? kasan_atomics_helper+0xf11/0x5450 [ 14.992199] kasan_check_range+0x10c/0x1c0 [ 14.992245] __kasan_check_write+0x18/0x20 [ 14.992288] kasan_atomics_helper+0xf11/0x5450 [ 14.992341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.992392] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.992454] kasan_atomics+0x1dd/0x310 [ 14.992500] ? __pfx_kasan_atomics+0x10/0x10 [ 14.992547] ? __pfx_read_tsc+0x10/0x10 [ 14.992589] ? ktime_get_ts64+0x84/0x230 [ 14.992646] kunit_try_run_case+0x1a6/0x480 [ 14.992705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.992750] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.992789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.992825] ? __kthread_parkme+0x82/0x160 [ 14.992846] ? preempt_count_sub+0x50/0x80 [ 14.992870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.992892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.992919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.992946] kthread+0x257/0x310 [ 14.992966] ? __pfx_kthread+0x10/0x10 [ 14.992986] ret_from_fork+0x41/0x80 [ 14.993006] ? __pfx_kthread+0x10/0x10 [ 14.993026] ret_from_fork_asm+0x1a/0x30 [ 14.993072] </TASK> [ 14.993110] [ 15.001482] Allocated by task 270: [ 15.001780] kasan_save_stack+0x45/0x70 [ 15.002192] kasan_save_track+0x18/0x40 [ 15.002516] kasan_save_alloc_info+0x3b/0x50 [ 15.002859] __kasan_kmalloc+0xb7/0xc0 [ 15.003172] __kmalloc_cache_noprof+0x168/0x350 [ 15.003516] kasan_atomics+0x96/0x310 [ 15.003773] kunit_try_run_case+0x1a6/0x480 [ 15.003956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.004198] kthread+0x257/0x310 [ 15.004353] ret_from_fork+0x41/0x80 [ 15.004521] ret_from_fork_asm+0x1a/0x30 [ 15.004697] [ 15.004841] The buggy address belongs to the object at ffff888102635000 [ 15.004841] which belongs to the cache kmalloc-64 of size 64 [ 15.005617] The buggy address is located 0 bytes to the right of [ 15.005617] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.006551] [ 15.006757] The buggy address belongs to the physical page: [ 15.007169] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.007712] flags: 0x200000000000000(node=0|zone=2) [ 15.008012] page_type: f5(slab) [ 15.008337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.008639] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.008896] page dumped because: kasan: bad access detected [ 15.009118] [ 15.009223] Memory state around the buggy address: [ 15.009406] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.009669] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.010226] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.010710] ^ [ 15.011080] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.011562] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.012050] ================================================================== [ 14.915309] ================================================================== [ 14.916019] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 14.916552] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.917165] [ 14.917365] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.917457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.917482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.917540] Call Trace: [ 14.917573] <TASK> [ 14.917604] dump_stack_lvl+0x73/0xb0 [ 14.917674] print_report+0xd1/0x640 [ 14.917717] ? __virt_addr_valid+0x1db/0x2d0 [ 14.917763] ? kasan_atomics_helper+0xd48/0x5450 [ 14.917803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.917858] ? kasan_atomics_helper+0xd48/0x5450 [ 14.917925] kasan_report+0x140/0x180 [ 14.917978] ? kasan_atomics_helper+0xd48/0x5450 [ 14.918034] kasan_check_range+0x10c/0x1c0 [ 14.918102] __kasan_check_write+0x18/0x20 [ 14.918144] kasan_atomics_helper+0xd48/0x5450 [ 14.918190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.918240] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.918297] kasan_atomics+0x1dd/0x310 [ 14.918342] ? __pfx_kasan_atomics+0x10/0x10 [ 14.918388] ? __pfx_read_tsc+0x10/0x10 [ 14.918432] ? ktime_get_ts64+0x84/0x230 [ 14.918487] kunit_try_run_case+0x1a6/0x480 [ 14.918536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.918580] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.918624] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.918686] ? __kthread_parkme+0x82/0x160 [ 14.918732] ? preempt_count_sub+0x50/0x80 [ 14.918783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.918826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.918882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.918936] kthread+0x257/0x310 [ 14.918977] ? __pfx_kthread+0x10/0x10 [ 14.919021] ret_from_fork+0x41/0x80 [ 14.919087] ? __pfx_kthread+0x10/0x10 [ 14.919133] ret_from_fork_asm+0x1a/0x30 [ 14.919199] </TASK> [ 14.919225] [ 14.927605] Allocated by task 270: [ 14.927924] kasan_save_stack+0x45/0x70 [ 14.928287] kasan_save_track+0x18/0x40 [ 14.928644] kasan_save_alloc_info+0x3b/0x50 [ 14.929022] __kasan_kmalloc+0xb7/0xc0 [ 14.929405] __kmalloc_cache_noprof+0x168/0x350 [ 14.929828] kasan_atomics+0x96/0x310 [ 14.930223] kunit_try_run_case+0x1a6/0x480 [ 14.930587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931029] kthread+0x257/0x310 [ 14.931423] ret_from_fork+0x41/0x80 [ 14.931771] ret_from_fork_asm+0x1a/0x30 [ 14.932110] [ 14.932319] The buggy address belongs to the object at ffff888102635000 [ 14.932319] which belongs to the cache kmalloc-64 of size 64 [ 14.933008] The buggy address is located 0 bytes to the right of [ 14.933008] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.933749] [ 14.933874] The buggy address belongs to the physical page: [ 14.934361] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.934976] flags: 0x200000000000000(node=0|zone=2) [ 14.935424] page_type: f5(slab) [ 14.935726] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.936200] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.936568] page dumped because: kasan: bad access detected [ 14.936931] [ 14.937097] Memory state around the buggy address: [ 14.937275] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.937734] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.938311] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.938661] ^ [ 14.939009] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939582] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.939814] ================================================================== [ 15.037134] ================================================================== [ 15.037826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 15.038404] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.038793] [ 15.038927] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.039010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.039038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.039106] Call Trace: [ 15.039140] <TASK> [ 15.039173] dump_stack_lvl+0x73/0xb0 [ 15.039222] print_report+0xd1/0x640 [ 15.039263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.039326] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.039374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.039428] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.039475] kasan_report+0x140/0x180 [ 15.039533] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.039597] __asan_report_load4_noabort+0x18/0x20 [ 15.039636] kasan_atomics_helper+0x4a38/0x5450 [ 15.039694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.039742] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.039799] kasan_atomics+0x1dd/0x310 [ 15.039843] ? __pfx_kasan_atomics+0x10/0x10 [ 15.039892] ? __pfx_read_tsc+0x10/0x10 [ 15.039933] ? ktime_get_ts64+0x84/0x230 [ 15.039987] kunit_try_run_case+0x1a6/0x480 [ 15.040033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.040105] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.040144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.040187] ? __kthread_parkme+0x82/0x160 [ 15.040226] ? preempt_count_sub+0x50/0x80 [ 15.040294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.040334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.040381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.040431] kthread+0x257/0x310 [ 15.040468] ? __pfx_kthread+0x10/0x10 [ 15.040525] ret_from_fork+0x41/0x80 [ 15.040564] ? __pfx_kthread+0x10/0x10 [ 15.040601] ret_from_fork_asm+0x1a/0x30 [ 15.040656] </TASK> [ 15.040690] [ 15.049294] Allocated by task 270: [ 15.049500] kasan_save_stack+0x45/0x70 [ 15.049772] kasan_save_track+0x18/0x40 [ 15.050030] kasan_save_alloc_info+0x3b/0x50 [ 15.050347] __kasan_kmalloc+0xb7/0xc0 [ 15.050576] __kmalloc_cache_noprof+0x168/0x350 [ 15.050830] kasan_atomics+0x96/0x310 [ 15.051147] kunit_try_run_case+0x1a6/0x480 [ 15.051467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.051842] kthread+0x257/0x310 [ 15.052037] ret_from_fork+0x41/0x80 [ 15.052318] ret_from_fork_asm+0x1a/0x30 [ 15.052610] [ 15.052785] The buggy address belongs to the object at ffff888102635000 [ 15.052785] which belongs to the cache kmalloc-64 of size 64 [ 15.053345] The buggy address is located 0 bytes to the right of [ 15.053345] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.053955] [ 15.054183] The buggy address belongs to the physical page: [ 15.054513] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.054990] flags: 0x200000000000000(node=0|zone=2) [ 15.055313] page_type: f5(slab) [ 15.055575] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.055894] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.056215] page dumped because: kasan: bad access detected [ 15.056447] [ 15.056561] Memory state around the buggy address: [ 15.056867] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057377] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.057815] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.058304] ^ [ 15.058537] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059375] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059633] ================================================================== [ 15.948736] ================================================================== [ 15.949291] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 15.949542] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.949895] [ 15.950113] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.950202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.950228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.950272] Call Trace: [ 15.950311] <TASK> [ 15.950345] dump_stack_lvl+0x73/0xb0 [ 15.950401] print_report+0xd1/0x640 [ 15.950443] ? __virt_addr_valid+0x1db/0x2d0 [ 15.950488] ? kasan_atomics_helper+0x4fa7/0x5450 [ 15.950535] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.950582] ? kasan_atomics_helper+0x4fa7/0x5450 [ 15.950630] kasan_report+0x140/0x180 [ 15.950693] ? kasan_atomics_helper+0x4fa7/0x5450 [ 15.950753] __asan_report_load8_noabort+0x18/0x20 [ 15.950801] kasan_atomics_helper+0x4fa7/0x5450 [ 15.950853] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.950905] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.950964] kasan_atomics+0x1dd/0x310 [ 15.951009] ? __pfx_kasan_atomics+0x10/0x10 [ 15.951055] ? __pfx_read_tsc+0x10/0x10 [ 15.951095] ? ktime_get_ts64+0x84/0x230 [ 15.951149] kunit_try_run_case+0x1a6/0x480 [ 15.951198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.951242] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.951283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.951328] ? __kthread_parkme+0x82/0x160 [ 15.951367] ? preempt_count_sub+0x50/0x80 [ 15.951412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.951451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.951502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.951553] kthread+0x257/0x310 [ 15.951606] ? __pfx_kthread+0x10/0x10 [ 15.951646] ret_from_fork+0x41/0x80 [ 15.951709] ? __pfx_kthread+0x10/0x10 [ 15.951749] ret_from_fork_asm+0x1a/0x30 [ 15.951807] </TASK> [ 15.951834] [ 15.960618] Allocated by task 270: [ 15.960842] kasan_save_stack+0x45/0x70 [ 15.961109] kasan_save_track+0x18/0x40 [ 15.961420] kasan_save_alloc_info+0x3b/0x50 [ 15.961749] __kasan_kmalloc+0xb7/0xc0 [ 15.961945] __kmalloc_cache_noprof+0x168/0x350 [ 15.962411] kasan_atomics+0x96/0x310 [ 15.962637] kunit_try_run_case+0x1a6/0x480 [ 15.962986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963510] kthread+0x257/0x310 [ 15.963755] ret_from_fork+0x41/0x80 [ 15.964052] ret_from_fork_asm+0x1a/0x30 [ 15.964318] [ 15.964435] The buggy address belongs to the object at ffff888102635000 [ 15.964435] which belongs to the cache kmalloc-64 of size 64 [ 15.965020] The buggy address is located 0 bytes to the right of [ 15.965020] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.965419] [ 15.965538] The buggy address belongs to the physical page: [ 15.965800] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.966361] flags: 0x200000000000000(node=0|zone=2) [ 15.966834] page_type: f5(slab) [ 15.967118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.967583] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.967803] page dumped because: kasan: bad access detected [ 15.968110] [ 15.968295] Memory state around the buggy address: [ 15.968551] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.968907] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.969330] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.969754] ^ [ 15.970070] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970323] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970571] ================================================================== [ 15.560093] ================================================================== [ 15.560420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 15.560927] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.561401] [ 15.561632] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.561735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.561763] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.561802] Call Trace: [ 15.561835] <TASK> [ 15.561868] dump_stack_lvl+0x73/0xb0 [ 15.561945] print_report+0xd1/0x640 [ 15.562012] ? __virt_addr_valid+0x1db/0x2d0 [ 15.562060] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.562103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.562148] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.562193] kasan_report+0x140/0x180 [ 15.562240] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.562298] kasan_check_range+0x10c/0x1c0 [ 15.562344] __kasan_check_write+0x18/0x20 [ 15.562388] kasan_atomics_helper+0x19e4/0x5450 [ 15.562441] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.562489] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.562552] kasan_atomics+0x1dd/0x310 [ 15.562612] ? __pfx_kasan_atomics+0x10/0x10 [ 15.562659] ? __pfx_read_tsc+0x10/0x10 [ 15.562709] ? ktime_get_ts64+0x84/0x230 [ 15.562768] kunit_try_run_case+0x1a6/0x480 [ 15.562818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.562910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.562958] ? __kthread_parkme+0x82/0x160 [ 15.562999] ? preempt_count_sub+0x50/0x80 [ 15.563058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.563106] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.563154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.563210] kthread+0x257/0x310 [ 15.563250] ? __pfx_kthread+0x10/0x10 [ 15.563305] ret_from_fork+0x41/0x80 [ 15.563352] ? __pfx_kthread+0x10/0x10 [ 15.563404] ret_from_fork_asm+0x1a/0x30 [ 15.563471] </TASK> [ 15.563500] [ 15.571602] Allocated by task 270: [ 15.571970] kasan_save_stack+0x45/0x70 [ 15.572418] kasan_save_track+0x18/0x40 [ 15.572757] kasan_save_alloc_info+0x3b/0x50 [ 15.573110] __kasan_kmalloc+0xb7/0xc0 [ 15.573443] __kmalloc_cache_noprof+0x168/0x350 [ 15.573808] kasan_atomics+0x96/0x310 [ 15.574179] kunit_try_run_case+0x1a6/0x480 [ 15.574531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.574917] kthread+0x257/0x310 [ 15.575096] ret_from_fork+0x41/0x80 [ 15.575388] ret_from_fork_asm+0x1a/0x30 [ 15.575712] [ 15.575833] The buggy address belongs to the object at ffff888102635000 [ 15.575833] which belongs to the cache kmalloc-64 of size 64 [ 15.576374] The buggy address is located 0 bytes to the right of [ 15.576374] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.577096] [ 15.577253] The buggy address belongs to the physical page: [ 15.577451] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.577727] flags: 0x200000000000000(node=0|zone=2) [ 15.577939] page_type: f5(slab) [ 15.578204] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.578757] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.579368] page dumped because: kasan: bad access detected [ 15.579882] [ 15.580402] Memory state around the buggy address: [ 15.580940] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.582730] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.583372] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.583762] ^ [ 15.583936] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.584143] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.584561] ================================================================== [ 14.488851] ================================================================== [ 14.489437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 14.489988] Read of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.490572] [ 14.490782] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.490886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.490912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.490944] Call Trace: [ 14.490976] <TASK> [ 14.491005] dump_stack_lvl+0x73/0xb0 [ 14.491069] print_report+0xd1/0x640 [ 14.491126] ? __virt_addr_valid+0x1db/0x2d0 [ 14.491558] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.491635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.491686] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.491727] kasan_report+0x140/0x180 [ 14.491773] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.491820] kasan_check_range+0x10c/0x1c0 [ 14.491866] __kasan_check_read+0x15/0x20 [ 14.491905] kasan_atomics_helper+0x3e0/0x5450 [ 14.491961] ? kasan_save_alloc_info+0x3b/0x50 [ 14.491990] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.492015] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.492041] kasan_atomics+0x1dd/0x310 [ 14.492079] ? __pfx_kasan_atomics+0x10/0x10 [ 14.492157] ? __pfx_read_tsc+0x10/0x10 [ 14.492188] ? ktime_get_ts64+0x84/0x230 [ 14.492227] kunit_try_run_case+0x1a6/0x480 [ 14.492250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492269] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.492291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.492314] ? __kthread_parkme+0x82/0x160 [ 14.492333] ? preempt_count_sub+0x50/0x80 [ 14.492355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.492374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.492397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.492422] kthread+0x257/0x310 [ 14.492439] ? __pfx_kthread+0x10/0x10 [ 14.492457] ret_from_fork+0x41/0x80 [ 14.492477] ? __pfx_kthread+0x10/0x10 [ 14.492494] ret_from_fork_asm+0x1a/0x30 [ 14.492523] </TASK> [ 14.492536] [ 14.503597] Allocated by task 270: [ 14.503914] kasan_save_stack+0x45/0x70 [ 14.504342] kasan_save_track+0x18/0x40 [ 14.504698] kasan_save_alloc_info+0x3b/0x50 [ 14.505089] __kasan_kmalloc+0xb7/0xc0 [ 14.505508] __kmalloc_cache_noprof+0x168/0x350 [ 14.505829] kasan_atomics+0x96/0x310 [ 14.506212] kunit_try_run_case+0x1a6/0x480 [ 14.506458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.506869] kthread+0x257/0x310 [ 14.507232] ret_from_fork+0x41/0x80 [ 14.507413] ret_from_fork_asm+0x1a/0x30 [ 14.507741] [ 14.507928] The buggy address belongs to the object at ffff888102635000 [ 14.507928] which belongs to the cache kmalloc-64 of size 64 [ 14.508885] The buggy address is located 0 bytes to the right of [ 14.508885] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.509390] [ 14.509569] The buggy address belongs to the physical page: [ 14.510024] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.510582] flags: 0x200000000000000(node=0|zone=2) [ 14.510911] page_type: f5(slab) [ 14.511225] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.511638] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.512042] page dumped because: kasan: bad access detected [ 14.512403] [ 14.512532] Memory state around the buggy address: [ 14.512742] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.513274] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.513576] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.513802] ^ [ 14.514294] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.514857] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.515469] ================================================================== [ 15.683442] ================================================================== [ 15.683945] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 15.684805] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.685109] [ 15.685245] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.685324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.685348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.685387] Call Trace: [ 15.685420] <TASK> [ 15.685454] dump_stack_lvl+0x73/0xb0 [ 15.685509] print_report+0xd1/0x640 [ 15.685553] ? __virt_addr_valid+0x1db/0x2d0 [ 15.685599] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.685645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.685699] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.685746] kasan_report+0x140/0x180 [ 15.685793] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.685853] kasan_check_range+0x10c/0x1c0 [ 15.685898] __kasan_check_write+0x18/0x20 [ 15.685948] kasan_atomics_helper+0x1ce2/0x5450 [ 15.685991] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.686040] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.686135] kasan_atomics+0x1dd/0x310 [ 15.686181] ? __pfx_kasan_atomics+0x10/0x10 [ 15.686231] ? __pfx_read_tsc+0x10/0x10 [ 15.686275] ? ktime_get_ts64+0x84/0x230 [ 15.686333] kunit_try_run_case+0x1a6/0x480 [ 15.686383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.686427] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.686476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.686525] ? __kthread_parkme+0x82/0x160 [ 15.686563] ? preempt_count_sub+0x50/0x80 [ 15.686609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.686648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.686706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.686758] kthread+0x257/0x310 [ 15.686798] ? __pfx_kthread+0x10/0x10 [ 15.686836] ret_from_fork+0x41/0x80 [ 15.686873] ? __pfx_kthread+0x10/0x10 [ 15.686906] ret_from_fork_asm+0x1a/0x30 [ 15.686962] </TASK> [ 15.686988] [ 15.694684] Allocated by task 270: [ 15.694995] kasan_save_stack+0x45/0x70 [ 15.695325] kasan_save_track+0x18/0x40 [ 15.695589] kasan_save_alloc_info+0x3b/0x50 [ 15.695884] __kasan_kmalloc+0xb7/0xc0 [ 15.696082] __kmalloc_cache_noprof+0x168/0x350 [ 15.696318] kasan_atomics+0x96/0x310 [ 15.696570] kunit_try_run_case+0x1a6/0x480 [ 15.696900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.697291] kthread+0x257/0x310 [ 15.697541] ret_from_fork+0x41/0x80 [ 15.697828] ret_from_fork_asm+0x1a/0x30 [ 15.698099] [ 15.698211] The buggy address belongs to the object at ffff888102635000 [ 15.698211] which belongs to the cache kmalloc-64 of size 64 [ 15.698751] The buggy address is located 0 bytes to the right of [ 15.698751] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.699340] [ 15.699454] The buggy address belongs to the physical page: [ 15.699651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.700177] flags: 0x200000000000000(node=0|zone=2) [ 15.700526] page_type: f5(slab) [ 15.700793] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.701162] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.701502] page dumped because: kasan: bad access detected [ 15.701777] [ 15.701938] Memory state around the buggy address: [ 15.702160] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702402] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702642] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.703129] ^ [ 15.703488] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.703968] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.704452] ================================================================== [ 15.799462] ================================================================== [ 15.800001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 15.800541] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.801016] [ 15.801208] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.801294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.801318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.801353] Call Trace: [ 15.801390] <TASK> [ 15.801423] dump_stack_lvl+0x73/0xb0 [ 15.801483] print_report+0xd1/0x640 [ 15.801531] ? __virt_addr_valid+0x1db/0x2d0 [ 15.801584] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.801636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.801695] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.801739] kasan_report+0x140/0x180 [ 15.801786] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.801861] __asan_report_load8_noabort+0x18/0x20 [ 15.801916] kasan_atomics_helper+0x4f73/0x5450 [ 15.801989] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.802042] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.802135] kasan_atomics+0x1dd/0x310 [ 15.802177] ? __pfx_kasan_atomics+0x10/0x10 [ 15.802218] ? __pfx_read_tsc+0x10/0x10 [ 15.802250] ? ktime_get_ts64+0x84/0x230 [ 15.802301] kunit_try_run_case+0x1a6/0x480 [ 15.802346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.802407] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.802454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.802507] ? __kthread_parkme+0x82/0x160 [ 15.802551] ? preempt_count_sub+0x50/0x80 [ 15.802598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.802639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.802704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.802761] kthread+0x257/0x310 [ 15.802802] ? __pfx_kthread+0x10/0x10 [ 15.802839] ret_from_fork+0x41/0x80 [ 15.802876] ? __pfx_kthread+0x10/0x10 [ 15.802915] ret_from_fork_asm+0x1a/0x30 [ 15.802973] </TASK> [ 15.802997] [ 15.811259] Allocated by task 270: [ 15.811483] kasan_save_stack+0x45/0x70 [ 15.811839] kasan_save_track+0x18/0x40 [ 15.812156] kasan_save_alloc_info+0x3b/0x50 [ 15.812424] __kasan_kmalloc+0xb7/0xc0 [ 15.812607] __kmalloc_cache_noprof+0x168/0x350 [ 15.812978] kasan_atomics+0x96/0x310 [ 15.813302] kunit_try_run_case+0x1a6/0x480 [ 15.813615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.814038] kthread+0x257/0x310 [ 15.814266] ret_from_fork+0x41/0x80 [ 15.814470] ret_from_fork_asm+0x1a/0x30 [ 15.814681] [ 15.814805] The buggy address belongs to the object at ffff888102635000 [ 15.814805] which belongs to the cache kmalloc-64 of size 64 [ 15.815598] The buggy address is located 0 bytes to the right of [ 15.815598] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.816446] [ 15.816600] The buggy address belongs to the physical page: [ 15.816835] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.817389] flags: 0x200000000000000(node=0|zone=2) [ 15.817625] page_type: f5(slab) [ 15.817831] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818180] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.818459] page dumped because: kasan: bad access detected [ 15.818712] [ 15.818871] Memory state around the buggy address: [ 15.819239] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819733] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820227] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820717] ^ [ 15.821089] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.821449] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.821858] ================================================================== [ 15.822758] ================================================================== [ 15.823320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 15.823693] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.824113] [ 15.824279] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.824365] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.824392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.824450] Call Trace: [ 15.824488] <TASK> [ 15.824524] dump_stack_lvl+0x73/0xb0 [ 15.824584] print_report+0xd1/0x640 [ 15.824630] ? __virt_addr_valid+0x1db/0x2d0 [ 15.824687] ? kasan_atomics_helper+0x2007/0x5450 [ 15.824751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.824799] ? kasan_atomics_helper+0x2007/0x5450 [ 15.824843] kasan_report+0x140/0x180 [ 15.824907] ? kasan_atomics_helper+0x2007/0x5450 [ 15.824964] kasan_check_range+0x10c/0x1c0 [ 15.825011] __kasan_check_write+0x18/0x20 [ 15.825083] kasan_atomics_helper+0x2007/0x5450 [ 15.825132] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.825182] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.825252] kasan_atomics+0x1dd/0x310 [ 15.825296] ? __pfx_kasan_atomics+0x10/0x10 [ 15.825341] ? __pfx_read_tsc+0x10/0x10 [ 15.825395] ? ktime_get_ts64+0x84/0x230 [ 15.825450] kunit_try_run_case+0x1a6/0x480 [ 15.825496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825537] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.825583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.825631] ? __kthread_parkme+0x82/0x160 [ 15.825677] ? preempt_count_sub+0x50/0x80 [ 15.825723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.825832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.825883] kthread+0x257/0x310 [ 15.825938] ? __pfx_kthread+0x10/0x10 [ 15.825983] ret_from_fork+0x41/0x80 [ 15.826030] ? __pfx_kthread+0x10/0x10 [ 15.826116] ret_from_fork_asm+0x1a/0x30 [ 15.826176] </TASK> [ 15.826202] [ 15.834285] Allocated by task 270: [ 15.834535] kasan_save_stack+0x45/0x70 [ 15.834886] kasan_save_track+0x18/0x40 [ 15.835183] kasan_save_alloc_info+0x3b/0x50 [ 15.835520] __kasan_kmalloc+0xb7/0xc0 [ 15.835812] __kmalloc_cache_noprof+0x168/0x350 [ 15.836172] kasan_atomics+0x96/0x310 [ 15.836486] kunit_try_run_case+0x1a6/0x480 [ 15.836729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.836963] kthread+0x257/0x310 [ 15.837287] ret_from_fork+0x41/0x80 [ 15.837587] ret_from_fork_asm+0x1a/0x30 [ 15.837885] [ 15.838101] The buggy address belongs to the object at ffff888102635000 [ 15.838101] which belongs to the cache kmalloc-64 of size 64 [ 15.838742] The buggy address is located 0 bytes to the right of [ 15.838742] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.839291] [ 15.839445] The buggy address belongs to the physical page: [ 15.839728] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.840269] flags: 0x200000000000000(node=0|zone=2) [ 15.840620] page_type: f5(slab) [ 15.840904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.841446] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.841997] page dumped because: kasan: bad access detected [ 15.842465] [ 15.842674] Memory state around the buggy address: [ 15.843009] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.843380] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.843906] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.844316] ^ [ 15.844673] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.845102] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.845474] ================================================================== [ 14.698995] ================================================================== [ 14.699514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 14.699809] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.700060] [ 14.700184] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.700265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.700292] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.700332] Call Trace: [ 14.700364] <TASK> [ 14.700395] dump_stack_lvl+0x73/0xb0 [ 14.700447] print_report+0xd1/0x640 [ 14.700495] ? __virt_addr_valid+0x1db/0x2d0 [ 14.700542] ? kasan_atomics_helper+0x7c8/0x5450 [ 14.700589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.700636] ? kasan_atomics_helper+0x7c8/0x5450 [ 14.700689] kasan_report+0x140/0x180 [ 14.700730] ? kasan_atomics_helper+0x7c8/0x5450 [ 14.700784] kasan_check_range+0x10c/0x1c0 [ 14.700828] __kasan_check_write+0x18/0x20 [ 14.700870] kasan_atomics_helper+0x7c8/0x5450 [ 14.700916] ? kasan_save_alloc_info+0x3b/0x50 [ 14.700959] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.701009] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.701066] kasan_atomics+0x1dd/0x310 [ 14.701109] ? __pfx_kasan_atomics+0x10/0x10 [ 14.701155] ? __pfx_read_tsc+0x10/0x10 [ 14.701195] ? ktime_get_ts64+0x84/0x230 [ 14.701250] kunit_try_run_case+0x1a6/0x480 [ 14.701289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701331] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.701374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.701424] ? __kthread_parkme+0x82/0x160 [ 14.701458] ? preempt_count_sub+0x50/0x80 [ 14.701520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.701560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.701606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.701658] kthread+0x257/0x310 [ 14.701711] ? __pfx_kthread+0x10/0x10 [ 14.701754] ret_from_fork+0x41/0x80 [ 14.701797] ? __pfx_kthread+0x10/0x10 [ 14.701839] ret_from_fork_asm+0x1a/0x30 [ 14.701911] </TASK> [ 14.701938] [ 14.714773] Allocated by task 270: [ 14.714988] kasan_save_stack+0x45/0x70 [ 14.715197] kasan_save_track+0x18/0x40 [ 14.715362] kasan_save_alloc_info+0x3b/0x50 [ 14.715519] __kasan_kmalloc+0xb7/0xc0 [ 14.715691] __kmalloc_cache_noprof+0x168/0x350 [ 14.716028] kasan_atomics+0x96/0x310 [ 14.716634] kunit_try_run_case+0x1a6/0x480 [ 14.717002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.717344] kthread+0x257/0x310 [ 14.717555] ret_from_fork+0x41/0x80 [ 14.717786] ret_from_fork_asm+0x1a/0x30 [ 14.718129] [ 14.718313] The buggy address belongs to the object at ffff888102635000 [ 14.718313] which belongs to the cache kmalloc-64 of size 64 [ 14.718830] The buggy address is located 0 bytes to the right of [ 14.718830] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.719476] [ 14.719645] The buggy address belongs to the physical page: [ 14.719962] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.720368] flags: 0x200000000000000(node=0|zone=2) [ 14.720676] page_type: f5(slab) [ 14.720883] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.721379] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.721843] page dumped because: kasan: bad access detected [ 14.722128] [ 14.722308] Memory state around the buggy address: [ 14.722534] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.722893] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.723395] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.723707] ^ [ 14.724050] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.724503] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.724934] ================================================================== [ 14.725852] ================================================================== [ 14.726372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 14.726778] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.727148] [ 14.727333] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.727426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.727451] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.727506] Call Trace: [ 14.727544] <TASK> [ 14.727574] dump_stack_lvl+0x73/0xb0 [ 14.727632] print_report+0xd1/0x640 [ 14.727689] ? __virt_addr_valid+0x1db/0x2d0 [ 14.727750] ? kasan_atomics_helper+0x861/0x5450 [ 14.727792] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.727835] ? kasan_atomics_helper+0x861/0x5450 [ 14.727877] kasan_report+0x140/0x180 [ 14.727933] ? kasan_atomics_helper+0x861/0x5450 [ 14.728001] kasan_check_range+0x10c/0x1c0 [ 14.728042] __kasan_check_write+0x18/0x20 [ 14.728121] kasan_atomics_helper+0x861/0x5450 [ 14.728181] ? kasan_save_alloc_info+0x3b/0x50 [ 14.728223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.728270] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.728322] kasan_atomics+0x1dd/0x310 [ 14.728372] ? __pfx_kasan_atomics+0x10/0x10 [ 14.728430] ? __pfx_read_tsc+0x10/0x10 [ 14.728470] ? ktime_get_ts64+0x84/0x230 [ 14.728521] kunit_try_run_case+0x1a6/0x480 [ 14.728574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.728614] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.728679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.728732] ? __kthread_parkme+0x82/0x160 [ 14.728775] ? preempt_count_sub+0x50/0x80 [ 14.728819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.728860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.728919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.728973] kthread+0x257/0x310 [ 14.729029] ? __pfx_kthread+0x10/0x10 [ 14.729098] ret_from_fork+0x41/0x80 [ 14.729136] ? __pfx_kthread+0x10/0x10 [ 14.729167] ret_from_fork_asm+0x1a/0x30 [ 14.729199] </TASK> [ 14.729213] [ 14.740197] Allocated by task 270: [ 14.740495] kasan_save_stack+0x45/0x70 [ 14.740823] kasan_save_track+0x18/0x40 [ 14.741079] kasan_save_alloc_info+0x3b/0x50 [ 14.741271] __kasan_kmalloc+0xb7/0xc0 [ 14.741436] __kmalloc_cache_noprof+0x168/0x350 [ 14.741913] kasan_atomics+0x96/0x310 [ 14.742311] kunit_try_run_case+0x1a6/0x480 [ 14.742824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.743260] kthread+0x257/0x310 [ 14.743527] ret_from_fork+0x41/0x80 [ 14.743724] ret_from_fork_asm+0x1a/0x30 [ 14.744128] [ 14.744304] The buggy address belongs to the object at ffff888102635000 [ 14.744304] which belongs to the cache kmalloc-64 of size 64 [ 14.745109] The buggy address is located 0 bytes to the right of [ 14.745109] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.745693] [ 14.745849] The buggy address belongs to the physical page: [ 14.746154] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.746602] flags: 0x200000000000000(node=0|zone=2) [ 14.747038] page_type: f5(slab) [ 14.747361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.747603] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.748089] page dumped because: kasan: bad access detected [ 14.748447] [ 14.748600] Memory state around the buggy address: [ 14.748870] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749302] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.749679] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.750011] ^ [ 14.750422] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.750791] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.751228] ================================================================== [ 15.511600] ================================================================== [ 15.512071] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 15.512755] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.513111] [ 15.513343] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.513496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.513524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.513579] Call Trace: [ 15.513619] <TASK> [ 15.513651] dump_stack_lvl+0x73/0xb0 [ 15.513723] print_report+0xd1/0x640 [ 15.513767] ? __virt_addr_valid+0x1db/0x2d0 [ 15.513849] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.513919] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.513972] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.514027] kasan_report+0x140/0x180 [ 15.514075] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.514152] kasan_check_range+0x10c/0x1c0 [ 15.514196] __kasan_check_write+0x18/0x20 [ 15.514264] kasan_atomics_helper+0x18b2/0x5450 [ 15.514325] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.514377] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.514418] kasan_atomics+0x1dd/0x310 [ 15.514441] ? __pfx_kasan_atomics+0x10/0x10 [ 15.514463] ? __pfx_read_tsc+0x10/0x10 [ 15.514483] ? ktime_get_ts64+0x84/0x230 [ 15.514512] kunit_try_run_case+0x1a6/0x480 [ 15.514535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514555] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.514577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.514603] ? __kthread_parkme+0x82/0x160 [ 15.514624] ? preempt_count_sub+0x50/0x80 [ 15.514647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.514717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.514744] kthread+0x257/0x310 [ 15.514763] ? __pfx_kthread+0x10/0x10 [ 15.514782] ret_from_fork+0x41/0x80 [ 15.514803] ? __pfx_kthread+0x10/0x10 [ 15.514821] ret_from_fork_asm+0x1a/0x30 [ 15.514852] </TASK> [ 15.514865] [ 15.523550] Allocated by task 270: [ 15.523807] kasan_save_stack+0x45/0x70 [ 15.524151] kasan_save_track+0x18/0x40 [ 15.524393] kasan_save_alloc_info+0x3b/0x50 [ 15.524705] __kasan_kmalloc+0xb7/0xc0 [ 15.524970] __kmalloc_cache_noprof+0x168/0x350 [ 15.525408] kasan_atomics+0x96/0x310 [ 15.525608] kunit_try_run_case+0x1a6/0x480 [ 15.525854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.526304] kthread+0x257/0x310 [ 15.526627] ret_from_fork+0x41/0x80 [ 15.526844] ret_from_fork_asm+0x1a/0x30 [ 15.527255] [ 15.527371] The buggy address belongs to the object at ffff888102635000 [ 15.527371] which belongs to the cache kmalloc-64 of size 64 [ 15.528077] The buggy address is located 0 bytes to the right of [ 15.528077] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.528615] [ 15.528741] The buggy address belongs to the physical page: [ 15.528994] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.529662] flags: 0x200000000000000(node=0|zone=2) [ 15.530060] page_type: f5(slab) [ 15.530430] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.530883] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.531142] page dumped because: kasan: bad access detected [ 15.531347] [ 15.531540] Memory state around the buggy address: [ 15.531887] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532425] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532930] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.533273] ^ [ 15.533544] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.534122] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.534538] ================================================================== [ 16.000156] ================================================================== [ 16.000550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 16.001103] Read of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 16.001630] [ 16.001860] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 16.001964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.001992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.002082] Call Trace: [ 16.002127] <TASK> [ 16.002164] dump_stack_lvl+0x73/0xb0 [ 16.002224] print_report+0xd1/0x640 [ 16.002289] ? __virt_addr_valid+0x1db/0x2d0 [ 16.002345] ? kasan_atomics_helper+0x5117/0x5450 [ 16.002387] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.002431] ? kasan_atomics_helper+0x5117/0x5450 [ 16.002478] kasan_report+0x140/0x180 [ 16.002528] ? kasan_atomics_helper+0x5117/0x5450 [ 16.002587] __asan_report_load8_noabort+0x18/0x20 [ 16.002633] kasan_atomics_helper+0x5117/0x5450 [ 16.002686] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.002717] ? __kmalloc_cache_noprof+0x168/0x350 [ 16.002746] kasan_atomics+0x1dd/0x310 [ 16.002767] ? __pfx_kasan_atomics+0x10/0x10 [ 16.002789] ? __pfx_read_tsc+0x10/0x10 [ 16.002809] ? ktime_get_ts64+0x84/0x230 [ 16.002837] kunit_try_run_case+0x1a6/0x480 [ 16.002861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.002880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.002902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.002927] ? __kthread_parkme+0x82/0x160 [ 16.002947] ? preempt_count_sub+0x50/0x80 [ 16.002971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.002991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.003016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.003042] kthread+0x257/0x310 [ 16.003082] ? __pfx_kthread+0x10/0x10 [ 16.003135] ret_from_fork+0x41/0x80 [ 16.003157] ? __pfx_kthread+0x10/0x10 [ 16.003176] ret_from_fork_asm+0x1a/0x30 [ 16.003207] </TASK> [ 16.003221] [ 16.012777] Allocated by task 270: [ 16.013012] kasan_save_stack+0x45/0x70 [ 16.013477] kasan_save_track+0x18/0x40 [ 16.013869] kasan_save_alloc_info+0x3b/0x50 [ 16.014222] __kasan_kmalloc+0xb7/0xc0 [ 16.014524] __kmalloc_cache_noprof+0x168/0x350 [ 16.014988] kasan_atomics+0x96/0x310 [ 16.015338] kunit_try_run_case+0x1a6/0x480 [ 16.015716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.016052] kthread+0x257/0x310 [ 16.016323] ret_from_fork+0x41/0x80 [ 16.016589] ret_from_fork_asm+0x1a/0x30 [ 16.016891] [ 16.017132] The buggy address belongs to the object at ffff888102635000 [ 16.017132] which belongs to the cache kmalloc-64 of size 64 [ 16.017902] The buggy address is located 0 bytes to the right of [ 16.017902] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 16.018582] [ 16.018768] The buggy address belongs to the physical page: [ 16.019090] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 16.019556] flags: 0x200000000000000(node=0|zone=2) [ 16.019900] page_type: f5(slab) [ 16.020213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.020578] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 16.020883] page dumped because: kasan: bad access detected [ 16.021257] [ 16.021428] Memory state around the buggy address: [ 16.021798] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.022284] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.022740] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.023094] ^ [ 16.023455] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.023805] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.024235] ================================================================== [ 15.359792] ================================================================== [ 15.360380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 15.360708] Write of size 8 at addr ffff888102635030 by task kunit_try_catch/270 [ 15.360961] [ 15.361115] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 15.361202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.361230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.361275] Call Trace: [ 15.361315] <TASK> [ 15.361352] dump_stack_lvl+0x73/0xb0 [ 15.361402] print_report+0xd1/0x640 [ 15.361445] ? __virt_addr_valid+0x1db/0x2d0 [ 15.361482] ? kasan_atomics_helper+0x151e/0x5450 [ 15.361518] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.361559] ? kasan_atomics_helper+0x151e/0x5450 [ 15.361603] kasan_report+0x140/0x180 [ 15.361688] ? kasan_atomics_helper+0x151e/0x5450 [ 15.361744] kasan_check_range+0x10c/0x1c0 [ 15.361788] __kasan_check_write+0x18/0x20 [ 15.361828] kasan_atomics_helper+0x151e/0x5450 [ 15.361879] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.361944] ? __kmalloc_cache_noprof+0x168/0x350 [ 15.362009] kasan_atomics+0x1dd/0x310 [ 15.362107] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362165] ? __pfx_read_tsc+0x10/0x10 [ 15.362204] ? ktime_get_ts64+0x84/0x230 [ 15.362254] kunit_try_run_case+0x1a6/0x480 [ 15.362301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362338] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.362384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.362437] ? __kthread_parkme+0x82/0x160 [ 15.362481] ? preempt_count_sub+0x50/0x80 [ 15.362534] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.362631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.362696] kthread+0x257/0x310 [ 15.362735] ? __pfx_kthread+0x10/0x10 [ 15.362775] ret_from_fork+0x41/0x80 [ 15.362807] ? __pfx_kthread+0x10/0x10 [ 15.362838] ret_from_fork_asm+0x1a/0x30 [ 15.362897] </TASK> [ 15.362922] [ 15.371760] Allocated by task 270: [ 15.372098] kasan_save_stack+0x45/0x70 [ 15.372356] kasan_save_track+0x18/0x40 [ 15.372621] kasan_save_alloc_info+0x3b/0x50 [ 15.372932] __kasan_kmalloc+0xb7/0xc0 [ 15.373213] __kmalloc_cache_noprof+0x168/0x350 [ 15.373499] kasan_atomics+0x96/0x310 [ 15.373809] kunit_try_run_case+0x1a6/0x480 [ 15.374087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.374423] kthread+0x257/0x310 [ 15.374691] ret_from_fork+0x41/0x80 [ 15.374907] ret_from_fork_asm+0x1a/0x30 [ 15.375212] [ 15.375378] The buggy address belongs to the object at ffff888102635000 [ 15.375378] which belongs to the cache kmalloc-64 of size 64 [ 15.375840] The buggy address is located 0 bytes to the right of [ 15.375840] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 15.376546] [ 15.376728] The buggy address belongs to the physical page: [ 15.377028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 15.377463] flags: 0x200000000000000(node=0|zone=2) [ 15.377729] page_type: f5(slab) [ 15.377894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.378345] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 15.378864] page dumped because: kasan: bad access detected [ 15.379245] [ 15.379352] Memory state around the buggy address: [ 15.379537] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.379941] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380464] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.380890] ^ [ 15.381112] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381351] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381581] ================================================================== [ 14.752298] ================================================================== [ 14.752747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 14.753147] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.753475] [ 14.753803] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.753897] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.753928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.753963] Call Trace: [ 14.753992] <TASK> [ 14.754017] dump_stack_lvl+0x73/0xb0 [ 14.754076] print_report+0xd1/0x640 [ 14.754110] ? __virt_addr_valid+0x1db/0x2d0 [ 14.754143] ? kasan_atomics_helper+0x8fa/0x5450 [ 14.754175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.754208] ? kasan_atomics_helper+0x8fa/0x5450 [ 14.754245] kasan_report+0x140/0x180 [ 14.754275] ? kasan_atomics_helper+0x8fa/0x5450 [ 14.754304] kasan_check_range+0x10c/0x1c0 [ 14.754327] __kasan_check_write+0x18/0x20 [ 14.754349] kasan_atomics_helper+0x8fa/0x5450 [ 14.754373] ? kasan_save_alloc_info+0x3b/0x50 [ 14.754395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.754424] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.754453] kasan_atomics+0x1dd/0x310 [ 14.754474] ? __pfx_kasan_atomics+0x10/0x10 [ 14.754497] ? __pfx_read_tsc+0x10/0x10 [ 14.754517] ? ktime_get_ts64+0x84/0x230 [ 14.754545] kunit_try_run_case+0x1a6/0x480 [ 14.754569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.754590] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.754613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.754639] ? __kthread_parkme+0x82/0x160 [ 14.754660] ? preempt_count_sub+0x50/0x80 [ 14.754715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.754751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.754798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.754845] kthread+0x257/0x310 [ 14.754885] ? __pfx_kthread+0x10/0x10 [ 14.754926] ret_from_fork+0x41/0x80 [ 14.754966] ? __pfx_kthread+0x10/0x10 [ 14.755002] ret_from_fork_asm+0x1a/0x30 [ 14.755063] </TASK> [ 14.755088] [ 14.763383] Allocated by task 270: [ 14.763652] kasan_save_stack+0x45/0x70 [ 14.764003] kasan_save_track+0x18/0x40 [ 14.764247] kasan_save_alloc_info+0x3b/0x50 [ 14.764490] __kasan_kmalloc+0xb7/0xc0 [ 14.764775] __kmalloc_cache_noprof+0x168/0x350 [ 14.765086] kasan_atomics+0x96/0x310 [ 14.765392] kunit_try_run_case+0x1a6/0x480 [ 14.765730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.765970] kthread+0x257/0x310 [ 14.766297] ret_from_fork+0x41/0x80 [ 14.766526] ret_from_fork_asm+0x1a/0x30 [ 14.766831] [ 14.766980] The buggy address belongs to the object at ffff888102635000 [ 14.766980] which belongs to the cache kmalloc-64 of size 64 [ 14.767647] The buggy address is located 0 bytes to the right of [ 14.767647] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.768351] [ 14.768501] The buggy address belongs to the physical page: [ 14.768790] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.769294] flags: 0x200000000000000(node=0|zone=2) [ 14.769595] page_type: f5(slab) [ 14.769855] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.770276] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.770698] page dumped because: kasan: bad access detected [ 14.771024] [ 14.771228] Memory state around the buggy address: [ 14.771483] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.771873] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.772331] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.772694] ^ [ 14.772942] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773209] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773441] ================================================================== [ 14.965383] ================================================================== [ 14.965744] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 14.966035] Write of size 4 at addr ffff888102635030 by task kunit_try_catch/270 [ 14.966579] [ 14.966765] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.966853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.966877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.966916] Call Trace: [ 14.966949] <TASK> [ 14.967002] dump_stack_lvl+0x73/0xb0 [ 14.967099] print_report+0xd1/0x640 [ 14.967143] ? __virt_addr_valid+0x1db/0x2d0 [ 14.967187] ? kasan_atomics_helper+0xe79/0x5450 [ 14.967227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.967271] ? kasan_atomics_helper+0xe79/0x5450 [ 14.967332] kasan_report+0x140/0x180 [ 14.967388] ? kasan_atomics_helper+0xe79/0x5450 [ 14.967443] kasan_check_range+0x10c/0x1c0 [ 14.967489] __kasan_check_write+0x18/0x20 [ 14.967532] kasan_atomics_helper+0xe79/0x5450 [ 14.967577] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.967627] ? __kmalloc_cache_noprof+0x168/0x350 [ 14.967693] kasan_atomics+0x1dd/0x310 [ 14.967739] ? __pfx_kasan_atomics+0x10/0x10 [ 14.967784] ? __pfx_read_tsc+0x10/0x10 [ 14.967818] ? ktime_get_ts64+0x84/0x230 [ 14.967850] kunit_try_run_case+0x1a6/0x480 [ 14.967874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.967894] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.967916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.967941] ? __kthread_parkme+0x82/0x160 [ 14.967961] ? preempt_count_sub+0x50/0x80 [ 14.967983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.968003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.968028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.968068] kthread+0x257/0x310 [ 14.968125] ? __pfx_kthread+0x10/0x10 [ 14.968145] ret_from_fork+0x41/0x80 [ 14.968166] ? __pfx_kthread+0x10/0x10 [ 14.968186] ret_from_fork_asm+0x1a/0x30 [ 14.968216] </TASK> [ 14.968230] [ 14.977918] Allocated by task 270: [ 14.978239] kasan_save_stack+0x45/0x70 [ 14.978491] kasan_save_track+0x18/0x40 [ 14.978711] kasan_save_alloc_info+0x3b/0x50 [ 14.978947] __kasan_kmalloc+0xb7/0xc0 [ 14.979206] __kmalloc_cache_noprof+0x168/0x350 [ 14.979442] kasan_atomics+0x96/0x310 [ 14.979762] kunit_try_run_case+0x1a6/0x480 [ 14.979984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.980224] kthread+0x257/0x310 [ 14.980382] ret_from_fork+0x41/0x80 [ 14.980550] ret_from_fork_asm+0x1a/0x30 [ 14.980835] [ 14.981029] The buggy address belongs to the object at ffff888102635000 [ 14.981029] which belongs to the cache kmalloc-64 of size 64 [ 14.981949] The buggy address is located 0 bytes to the right of [ 14.981949] allocated 48-byte region [ffff888102635000, ffff888102635030) [ 14.982818] [ 14.982995] The buggy address belongs to the physical page: [ 14.983412] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102635 [ 14.983899] flags: 0x200000000000000(node=0|zone=2) [ 14.984324] page_type: f5(slab) [ 14.984494] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.984814] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 14.985443] page dumped because: kasan: bad access detected [ 14.985756] [ 14.985863] Memory state around the buggy address: [ 14.986118] ffff888102634f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.986619] ffff888102634f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.987192] >ffff888102635000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.987601] ^ [ 14.987816] ffff888102635080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988163] ffff888102635100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.383441] ================================================================== [ 14.383831] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.384188] Read of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.384451] [ 14.384574] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.384615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.384627] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.384667] Call Trace: [ 14.384685] <TASK> [ 14.384699] dump_stack_lvl+0x73/0xb0 [ 14.384723] print_report+0xd1/0x640 [ 14.384745] ? __virt_addr_valid+0x1db/0x2d0 [ 14.384767] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.384805] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.384830] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.384862] kasan_report+0x140/0x180 [ 14.384893] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.384928] __asan_report_load8_noabort+0x18/0x20 [ 14.384948] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.384980] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.385013] ? ret_from_fork_asm+0x1a/0x30 [ 14.385032] ? ret_from_fork+0x41/0x80 [ 14.385067] ? kthread+0x257/0x310 [ 14.385092] kasan_bitops_generic+0x122/0x1c0 [ 14.385113] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.385134] ? __pfx_read_tsc+0x10/0x10 [ 14.385151] ? ktime_get_ts64+0x84/0x230 [ 14.385176] kunit_try_run_case+0x1a6/0x480 [ 14.385197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.385216] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.385235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.385259] ? __kthread_parkme+0x82/0x160 [ 14.385277] ? preempt_count_sub+0x50/0x80 [ 14.385298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.385318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.385342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.385368] kthread+0x257/0x310 [ 14.385385] ? __pfx_kthread+0x10/0x10 [ 14.385404] ret_from_fork+0x41/0x80 [ 14.385440] ? __pfx_kthread+0x10/0x10 [ 14.385461] ret_from_fork_asm+0x1a/0x30 [ 14.385489] </TASK> [ 14.385500] [ 14.391214] Allocated by task 266: [ 14.391357] kasan_save_stack+0x45/0x70 [ 14.391495] kasan_save_track+0x18/0x40 [ 14.391712] kasan_save_alloc_info+0x3b/0x50 [ 14.391860] __kasan_kmalloc+0xb7/0xc0 [ 14.391992] __kmalloc_cache_noprof+0x168/0x350 [ 14.392177] kasan_bitops_generic+0x93/0x1c0 [ 14.392270] kunit_try_run_case+0x1a6/0x480 [ 14.392490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.392761] kthread+0x257/0x310 [ 14.392874] ret_from_fork+0x41/0x80 [ 14.393029] ret_from_fork_asm+0x1a/0x30 [ 14.393229] [ 14.393298] The buggy address belongs to the object at ffff8881024e41c0 [ 14.393298] which belongs to the cache kmalloc-16 of size 16 [ 14.393679] The buggy address is located 8 bytes inside of [ 14.393679] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.393902] [ 14.393971] The buggy address belongs to the physical page: [ 14.394125] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.394309] flags: 0x200000000000000(node=0|zone=2) [ 14.394433] page_type: f5(slab) [ 14.394528] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.394704] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.394877] page dumped because: kasan: bad access detected [ 14.395001] [ 14.395086] Memory state around the buggy address: [ 14.395309] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.395680] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.396026] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.396409] ^ [ 14.396709] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.397097] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.397461] ================================================================== [ 14.338071] ================================================================== [ 14.338495] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.338881] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.339275] [ 14.339393] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.339451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.339464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.339484] Call Trace: [ 14.339499] <TASK> [ 14.339515] dump_stack_lvl+0x73/0xb0 [ 14.339553] print_report+0xd1/0x640 [ 14.339580] ? __virt_addr_valid+0x1db/0x2d0 [ 14.339604] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.339627] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.339649] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.339682] kasan_report+0x140/0x180 [ 14.339707] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.339750] kasan_check_range+0x10c/0x1c0 [ 14.339774] __kasan_check_write+0x18/0x20 [ 14.339795] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.339819] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.339845] ? ret_from_fork_asm+0x1a/0x30 [ 14.339864] ? ret_from_fork+0x41/0x80 [ 14.339884] ? kthread+0x257/0x310 [ 14.339905] kasan_bitops_generic+0x122/0x1c0 [ 14.339925] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.339946] ? __pfx_read_tsc+0x10/0x10 [ 14.339965] ? ktime_get_ts64+0x84/0x230 [ 14.339989] kunit_try_run_case+0x1a6/0x480 [ 14.340010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.340030] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.340070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.340099] ? __kthread_parkme+0x82/0x160 [ 14.340119] ? preempt_count_sub+0x50/0x80 [ 14.340141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.340162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.340187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.340213] kthread+0x257/0x310 [ 14.340232] ? __pfx_kthread+0x10/0x10 [ 14.340251] ret_from_fork+0x41/0x80 [ 14.340272] ? __pfx_kthread+0x10/0x10 [ 14.340290] ret_from_fork_asm+0x1a/0x30 [ 14.340320] </TASK> [ 14.340332] [ 14.345590] Allocated by task 266: [ 14.345681] kasan_save_stack+0x45/0x70 [ 14.345775] kasan_save_track+0x18/0x40 [ 14.345862] kasan_save_alloc_info+0x3b/0x50 [ 14.345957] __kasan_kmalloc+0xb7/0xc0 [ 14.346168] __kmalloc_cache_noprof+0x168/0x350 [ 14.346377] kasan_bitops_generic+0x93/0x1c0 [ 14.346619] kunit_try_run_case+0x1a6/0x480 [ 14.346855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.347148] kthread+0x257/0x310 [ 14.347339] ret_from_fork+0x41/0x80 [ 14.347541] ret_from_fork_asm+0x1a/0x30 [ 14.347668] [ 14.347755] The buggy address belongs to the object at ffff8881024e41c0 [ 14.347755] which belongs to the cache kmalloc-16 of size 16 [ 14.348072] The buggy address is located 8 bytes inside of [ 14.348072] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.348375] [ 14.348492] The buggy address belongs to the physical page: [ 14.348592] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.348734] flags: 0x200000000000000(node=0|zone=2) [ 14.348833] page_type: f5(slab) [ 14.348911] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.349039] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.349408] page dumped because: kasan: bad access detected [ 14.349693] [ 14.349794] Memory state around the buggy address: [ 14.350024] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.350318] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.350641] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.350876] ^ [ 14.351032] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.351240] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.351360] ================================================================== [ 14.272403] ================================================================== [ 14.272630] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.272846] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.272985] [ 14.273119] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.273165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.273178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.273199] Call Trace: [ 14.273216] <TASK> [ 14.273232] dump_stack_lvl+0x73/0xb0 [ 14.273257] print_report+0xd1/0x640 [ 14.273279] ? __virt_addr_valid+0x1db/0x2d0 [ 14.273302] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.273325] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.273347] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.273371] kasan_report+0x140/0x180 [ 14.273394] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.273423] kasan_check_range+0x10c/0x1c0 [ 14.273445] __kasan_check_write+0x18/0x20 [ 14.274231] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.274263] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.274291] ? ret_from_fork_asm+0x1a/0x30 [ 14.274311] ? ret_from_fork+0x41/0x80 [ 14.274333] ? kthread+0x257/0x310 [ 14.274358] kasan_bitops_generic+0x122/0x1c0 [ 14.274379] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.274401] ? __pfx_read_tsc+0x10/0x10 [ 14.274420] ? ktime_get_ts64+0x84/0x230 [ 14.274445] kunit_try_run_case+0x1a6/0x480 [ 14.274578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.274742] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.274788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275144] ? __kthread_parkme+0x82/0x160 [ 14.275166] ? preempt_count_sub+0x50/0x80 [ 14.275192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275266] kthread+0x257/0x310 [ 14.275284] ? __pfx_kthread+0x10/0x10 [ 14.275303] ret_from_fork+0x41/0x80 [ 14.275322] ? __pfx_kthread+0x10/0x10 [ 14.275341] ret_from_fork_asm+0x1a/0x30 [ 14.275370] </TASK> [ 14.275382] [ 14.282821] Allocated by task 266: [ 14.283013] kasan_save_stack+0x45/0x70 [ 14.283321] kasan_save_track+0x18/0x40 [ 14.283595] kasan_save_alloc_info+0x3b/0x50 [ 14.283779] __kasan_kmalloc+0xb7/0xc0 [ 14.283918] __kmalloc_cache_noprof+0x168/0x350 [ 14.284169] kasan_bitops_generic+0x93/0x1c0 [ 14.284338] kunit_try_run_case+0x1a6/0x480 [ 14.284434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.284761] kthread+0x257/0x310 [ 14.284983] ret_from_fork+0x41/0x80 [ 14.285206] ret_from_fork_asm+0x1a/0x30 [ 14.285308] [ 14.285360] The buggy address belongs to the object at ffff8881024e41c0 [ 14.285360] which belongs to the cache kmalloc-16 of size 16 [ 14.285557] The buggy address is located 8 bytes inside of [ 14.285557] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.286267] [ 14.286390] The buggy address belongs to the physical page: [ 14.286547] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.286862] flags: 0x200000000000000(node=0|zone=2) [ 14.286983] page_type: f5(slab) [ 14.287084] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.287215] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.287614] page dumped because: kasan: bad access detected [ 14.287942] [ 14.288070] Memory state around the buggy address: [ 14.288269] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.288486] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.288612] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.288911] ^ [ 14.289262] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.289580] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.289733] ================================================================== [ 14.322409] ================================================================== [ 14.322889] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.323300] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.323438] [ 14.323506] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.323569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.323583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.323604] Call Trace: [ 14.323620] <TASK> [ 14.323638] dump_stack_lvl+0x73/0xb0 [ 14.323672] print_report+0xd1/0x640 [ 14.323717] ? __virt_addr_valid+0x1db/0x2d0 [ 14.323742] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.323766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.323790] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.323815] kasan_report+0x140/0x180 [ 14.323860] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.323890] kasan_check_range+0x10c/0x1c0 [ 14.323913] __kasan_check_write+0x18/0x20 [ 14.323934] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.323960] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.324006] ? ret_from_fork_asm+0x1a/0x30 [ 14.324028] ? ret_from_fork+0x41/0x80 [ 14.324049] ? kthread+0x257/0x310 [ 14.324093] kasan_bitops_generic+0x122/0x1c0 [ 14.324115] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.324153] ? __pfx_read_tsc+0x10/0x10 [ 14.324177] ? ktime_get_ts64+0x84/0x230 [ 14.324205] kunit_try_run_case+0x1a6/0x480 [ 14.324228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.324249] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.324272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.324316] ? __kthread_parkme+0x82/0x160 [ 14.324339] ? preempt_count_sub+0x50/0x80 [ 14.324362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.324382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.324407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.324449] kthread+0x257/0x310 [ 14.324470] ? __pfx_kthread+0x10/0x10 [ 14.324491] ret_from_fork+0x41/0x80 [ 14.324512] ? __pfx_kthread+0x10/0x10 [ 14.324530] ret_from_fork_asm+0x1a/0x30 [ 14.324559] </TASK> [ 14.324571] [ 14.330473] Allocated by task 266: [ 14.330641] kasan_save_stack+0x45/0x70 [ 14.330871] kasan_save_track+0x18/0x40 [ 14.331022] kasan_save_alloc_info+0x3b/0x50 [ 14.331175] __kasan_kmalloc+0xb7/0xc0 [ 14.331365] __kmalloc_cache_noprof+0x168/0x350 [ 14.331569] kasan_bitops_generic+0x93/0x1c0 [ 14.331756] kunit_try_run_case+0x1a6/0x480 [ 14.331938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332182] kthread+0x257/0x310 [ 14.332387] ret_from_fork+0x41/0x80 [ 14.332516] ret_from_fork_asm+0x1a/0x30 [ 14.332714] [ 14.332831] The buggy address belongs to the object at ffff8881024e41c0 [ 14.332831] which belongs to the cache kmalloc-16 of size 16 [ 14.333176] The buggy address is located 8 bytes inside of [ 14.333176] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.333413] [ 14.333475] The buggy address belongs to the physical page: [ 14.333585] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.333764] flags: 0x200000000000000(node=0|zone=2) [ 14.333890] page_type: f5(slab) [ 14.334018] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.334218] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.334396] page dumped because: kasan: bad access detected [ 14.334523] [ 14.334581] Memory state around the buggy address: [ 14.334723] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.335038] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.335413] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.335768] ^ [ 14.336069] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.336459] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.336854] ================================================================== [ 14.253632] ================================================================== [ 14.254081] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.254488] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.254894] [ 14.255019] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.255081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.255095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.255117] Call Trace: [ 14.255133] <TASK> [ 14.255150] dump_stack_lvl+0x73/0xb0 [ 14.255176] print_report+0xd1/0x640 [ 14.255198] ? __virt_addr_valid+0x1db/0x2d0 [ 14.255222] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.255246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.255268] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.255293] kasan_report+0x140/0x180 [ 14.255316] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.255345] kasan_check_range+0x10c/0x1c0 [ 14.255366] __kasan_check_write+0x18/0x20 [ 14.255387] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.255413] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.255439] ? ret_from_fork_asm+0x1a/0x30 [ 14.255459] ? ret_from_fork+0x41/0x80 [ 14.255479] ? kthread+0x257/0x310 [ 14.255501] kasan_bitops_generic+0x122/0x1c0 [ 14.255522] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.255544] ? __pfx_read_tsc+0x10/0x10 [ 14.255562] ? ktime_get_ts64+0x84/0x230 [ 14.255588] kunit_try_run_case+0x1a6/0x480 [ 14.255609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.255630] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.255651] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.255685] ? __kthread_parkme+0x82/0x160 [ 14.255706] ? preempt_count_sub+0x50/0x80 [ 14.255729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.255749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.255776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.255801] kthread+0x257/0x310 [ 14.255820] ? __pfx_kthread+0x10/0x10 [ 14.255839] ret_from_fork+0x41/0x80 [ 14.255858] ? __pfx_kthread+0x10/0x10 [ 14.255877] ret_from_fork_asm+0x1a/0x30 [ 14.255907] </TASK> [ 14.255919] [ 14.261875] Allocated by task 266: [ 14.262064] kasan_save_stack+0x45/0x70 [ 14.262172] kasan_save_track+0x18/0x40 [ 14.262265] kasan_save_alloc_info+0x3b/0x50 [ 14.262358] __kasan_kmalloc+0xb7/0xc0 [ 14.262443] __kmalloc_cache_noprof+0x168/0x350 [ 14.262538] kasan_bitops_generic+0x93/0x1c0 [ 14.262630] kunit_try_run_case+0x1a6/0x480 [ 14.262728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.262840] kthread+0x257/0x310 [ 14.263000] ret_from_fork+0x41/0x80 [ 14.263238] ret_from_fork_asm+0x1a/0x30 [ 14.263489] [ 14.263613] The buggy address belongs to the object at ffff8881024e41c0 [ 14.263613] which belongs to the cache kmalloc-16 of size 16 [ 14.264301] The buggy address is located 8 bytes inside of [ 14.264301] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.264784] [ 14.264839] The buggy address belongs to the physical page: [ 14.264938] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.265091] flags: 0x200000000000000(node=0|zone=2) [ 14.265346] page_type: f5(slab) [ 14.265534] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.265851] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.266114] page dumped because: kasan: bad access detected [ 14.266214] [ 14.266262] Memory state around the buggy address: [ 14.266355] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.266606] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.266823] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.267040] ^ [ 14.269444] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269772] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.269971] ================================================================== [ 14.290230] ================================================================== [ 14.290626] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.291092] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.291332] [ 14.291402] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.291447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.291459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.291482] Call Trace: [ 14.291500] <TASK> [ 14.291520] dump_stack_lvl+0x73/0xb0 [ 14.291548] print_report+0xd1/0x640 [ 14.291571] ? __virt_addr_valid+0x1db/0x2d0 [ 14.291594] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.291618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.291641] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.291674] kasan_report+0x140/0x180 [ 14.291966] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.292025] kasan_check_range+0x10c/0x1c0 [ 14.292048] __kasan_check_write+0x18/0x20 [ 14.292068] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.292105] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.292132] ? ret_from_fork_asm+0x1a/0x30 [ 14.292151] ? ret_from_fork+0x41/0x80 [ 14.292171] ? kthread+0x257/0x310 [ 14.292192] kasan_bitops_generic+0x122/0x1c0 [ 14.292212] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.292233] ? __pfx_read_tsc+0x10/0x10 [ 14.292251] ? ktime_get_ts64+0x84/0x230 [ 14.292275] kunit_try_run_case+0x1a6/0x480 [ 14.292297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.292317] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.292339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.292364] ? __kthread_parkme+0x82/0x160 [ 14.292382] ? preempt_count_sub+0x50/0x80 [ 14.292404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.292424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.292449] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.292474] kthread+0x257/0x310 [ 14.292491] ? __pfx_kthread+0x10/0x10 [ 14.292510] ret_from_fork+0x41/0x80 [ 14.292529] ? __pfx_kthread+0x10/0x10 [ 14.292547] ret_from_fork_asm+0x1a/0x30 [ 14.292576] </TASK> [ 14.292587] [ 14.298209] Allocated by task 266: [ 14.298350] kasan_save_stack+0x45/0x70 [ 14.298567] kasan_save_track+0x18/0x40 [ 14.298817] kasan_save_alloc_info+0x3b/0x50 [ 14.298913] __kasan_kmalloc+0xb7/0xc0 [ 14.298999] __kmalloc_cache_noprof+0x168/0x350 [ 14.299113] kasan_bitops_generic+0x93/0x1c0 [ 14.299204] kunit_try_run_case+0x1a6/0x480 [ 14.299291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.299393] kthread+0x257/0x310 [ 14.299465] ret_from_fork+0x41/0x80 [ 14.299544] ret_from_fork_asm+0x1a/0x30 [ 14.299626] [ 14.299683] The buggy address belongs to the object at ffff8881024e41c0 [ 14.299683] which belongs to the cache kmalloc-16 of size 16 [ 14.299880] The buggy address is located 8 bytes inside of [ 14.299880] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.300453] [ 14.300573] The buggy address belongs to the physical page: [ 14.300842] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.301236] flags: 0x200000000000000(node=0|zone=2) [ 14.301470] page_type: f5(slab) [ 14.301670] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.302031] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.302376] page dumped because: kasan: bad access detected [ 14.302546] [ 14.302657] Memory state around the buggy address: [ 14.302801] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.302963] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.303138] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.303518] ^ [ 14.303823] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.304219] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.304338] ================================================================== [ 14.367856] ================================================================== [ 14.368407] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.368794] Read of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.368959] [ 14.369113] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.369167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.369180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.369199] Call Trace: [ 14.369217] <TASK> [ 14.369232] dump_stack_lvl+0x73/0xb0 [ 14.369256] print_report+0xd1/0x640 [ 14.369279] ? __virt_addr_valid+0x1db/0x2d0 [ 14.369301] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.369323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.369346] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.369370] kasan_report+0x140/0x180 [ 14.369411] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.369441] kasan_check_range+0x10c/0x1c0 [ 14.369477] __kasan_check_read+0x15/0x20 [ 14.369499] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.369524] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.369548] ? ret_from_fork_asm+0x1a/0x30 [ 14.369568] ? ret_from_fork+0x41/0x80 [ 14.369588] ? kthread+0x257/0x310 [ 14.369609] kasan_bitops_generic+0x122/0x1c0 [ 14.369629] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.369650] ? __pfx_read_tsc+0x10/0x10 [ 14.369678] ? ktime_get_ts64+0x84/0x230 [ 14.369705] kunit_try_run_case+0x1a6/0x480 [ 14.369727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.369747] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.369767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.369792] ? __kthread_parkme+0x82/0x160 [ 14.369811] ? preempt_count_sub+0x50/0x80 [ 14.369832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.369852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.369876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.369910] kthread+0x257/0x310 [ 14.369932] ? __pfx_kthread+0x10/0x10 [ 14.369953] ret_from_fork+0x41/0x80 [ 14.369974] ? __pfx_kthread+0x10/0x10 [ 14.369993] ret_from_fork_asm+0x1a/0x30 [ 14.370024] </TASK> [ 14.370035] [ 14.375831] Allocated by task 266: [ 14.375937] kasan_save_stack+0x45/0x70 [ 14.376079] kasan_save_track+0x18/0x40 [ 14.376200] kasan_save_alloc_info+0x3b/0x50 [ 14.376320] __kasan_kmalloc+0xb7/0xc0 [ 14.376509] __kmalloc_cache_noprof+0x168/0x350 [ 14.376780] kasan_bitops_generic+0x93/0x1c0 [ 14.377022] kunit_try_run_case+0x1a6/0x480 [ 14.377283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377590] kthread+0x257/0x310 [ 14.377800] ret_from_fork+0x41/0x80 [ 14.378048] ret_from_fork_asm+0x1a/0x30 [ 14.378324] [ 14.378383] The buggy address belongs to the object at ffff8881024e41c0 [ 14.378383] which belongs to the cache kmalloc-16 of size 16 [ 14.378597] The buggy address is located 8 bytes inside of [ 14.378597] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.379272] [ 14.379380] The buggy address belongs to the physical page: [ 14.379548] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.379796] flags: 0x200000000000000(node=0|zone=2) [ 14.379960] page_type: f5(slab) [ 14.380086] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.380260] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.380423] page dumped because: kasan: bad access detected [ 14.380549] [ 14.380615] Memory state around the buggy address: [ 14.380731] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.380908] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.381275] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.381651] ^ [ 14.382020] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.382414] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.382787] ================================================================== [ 14.305237] ================================================================== [ 14.305684] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.306407] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.306697] [ 14.306835] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.306892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.306905] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.306926] Call Trace: [ 14.306943] <TASK> [ 14.306960] dump_stack_lvl+0x73/0xb0 [ 14.306991] print_report+0xd1/0x640 [ 14.307014] ? __virt_addr_valid+0x1db/0x2d0 [ 14.307037] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.307083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.307109] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.307133] kasan_report+0x140/0x180 [ 14.307156] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.307185] kasan_check_range+0x10c/0x1c0 [ 14.307206] __kasan_check_write+0x18/0x20 [ 14.307226] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.307251] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.307276] ? ret_from_fork_asm+0x1a/0x30 [ 14.307296] ? ret_from_fork+0x41/0x80 [ 14.307316] ? kthread+0x257/0x310 [ 14.307339] kasan_bitops_generic+0x122/0x1c0 [ 14.307359] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.307380] ? __pfx_read_tsc+0x10/0x10 [ 14.307399] ? ktime_get_ts64+0x84/0x230 [ 14.307423] kunit_try_run_case+0x1a6/0x480 [ 14.307445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307465] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.307486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.307510] ? __kthread_parkme+0x82/0x160 [ 14.307529] ? preempt_count_sub+0x50/0x80 [ 14.307551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.307571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.307596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.307633] kthread+0x257/0x310 [ 14.307659] ? __pfx_kthread+0x10/0x10 [ 14.307689] ret_from_fork+0x41/0x80 [ 14.307719] ? __pfx_kthread+0x10/0x10 [ 14.307738] ret_from_fork_asm+0x1a/0x30 [ 14.307767] </TASK> [ 14.307779] [ 14.313885] Allocated by task 266: [ 14.314133] kasan_save_stack+0x45/0x70 [ 14.314333] kasan_save_track+0x18/0x40 [ 14.314504] kasan_save_alloc_info+0x3b/0x50 [ 14.314761] __kasan_kmalloc+0xb7/0xc0 [ 14.314914] __kmalloc_cache_noprof+0x168/0x350 [ 14.315137] kasan_bitops_generic+0x93/0x1c0 [ 14.315385] kunit_try_run_case+0x1a6/0x480 [ 14.315605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315871] kthread+0x257/0x310 [ 14.316030] ret_from_fork+0x41/0x80 [ 14.316245] ret_from_fork_asm+0x1a/0x30 [ 14.316448] [ 14.316564] The buggy address belongs to the object at ffff8881024e41c0 [ 14.316564] which belongs to the cache kmalloc-16 of size 16 [ 14.316924] The buggy address is located 8 bytes inside of [ 14.316924] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.317374] [ 14.317472] The buggy address belongs to the physical page: [ 14.317701] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.317987] flags: 0x200000000000000(node=0|zone=2) [ 14.318174] page_type: f5(slab) [ 14.318369] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.318612] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.319040] page dumped because: kasan: bad access detected [ 14.319218] [ 14.319285] Memory state around the buggy address: [ 14.319398] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.319534] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.319673] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.320106] ^ [ 14.320397] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.320802] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.321213] ================================================================== [ 14.351794] ================================================================== [ 14.352214] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.352630] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.353000] [ 14.353128] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.353168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.353180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.353201] Call Trace: [ 14.353216] <TASK> [ 14.353231] dump_stack_lvl+0x73/0xb0 [ 14.353254] print_report+0xd1/0x640 [ 14.353276] ? __virt_addr_valid+0x1db/0x2d0 [ 14.353298] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.353321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.353343] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.353366] kasan_report+0x140/0x180 [ 14.353388] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.353415] kasan_check_range+0x10c/0x1c0 [ 14.353435] __kasan_check_write+0x18/0x20 [ 14.353454] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.353477] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.353502] ? ret_from_fork_asm+0x1a/0x30 [ 14.353520] ? ret_from_fork+0x41/0x80 [ 14.353540] ? kthread+0x257/0x310 [ 14.353561] kasan_bitops_generic+0x122/0x1c0 [ 14.353580] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.353601] ? __pfx_read_tsc+0x10/0x10 [ 14.353619] ? ktime_get_ts64+0x84/0x230 [ 14.353643] kunit_try_run_case+0x1a6/0x480 [ 14.353672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.353695] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.353716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.353740] ? __kthread_parkme+0x82/0x160 [ 14.353758] ? preempt_count_sub+0x50/0x80 [ 14.353779] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.353799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.353823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.353848] kthread+0x257/0x310 [ 14.353865] ? __pfx_kthread+0x10/0x10 [ 14.353883] ret_from_fork+0x41/0x80 [ 14.353912] ? __pfx_kthread+0x10/0x10 [ 14.353934] ret_from_fork_asm+0x1a/0x30 [ 14.353964] </TASK> [ 14.353976] [ 14.358617] Allocated by task 266: [ 14.358708] kasan_save_stack+0x45/0x70 [ 14.358801] kasan_save_track+0x18/0x40 [ 14.358886] kasan_save_alloc_info+0x3b/0x50 [ 14.358976] __kasan_kmalloc+0xb7/0xc0 [ 14.359190] __kmalloc_cache_noprof+0x168/0x350 [ 14.359384] kasan_bitops_generic+0x93/0x1c0 [ 14.359618] kunit_try_run_case+0x1a6/0x480 [ 14.359866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.360268] kthread+0x257/0x310 [ 14.360453] ret_from_fork+0x41/0x80 [ 14.360921] ret_from_fork_asm+0x1a/0x30 [ 14.361644] [ 14.361780] The buggy address belongs to the object at ffff8881024e41c0 [ 14.361780] which belongs to the cache kmalloc-16 of size 16 [ 14.362694] The buggy address is located 8 bytes inside of [ 14.362694] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.364276] [ 14.364404] The buggy address belongs to the physical page: [ 14.364716] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.364852] flags: 0x200000000000000(node=0|zone=2) [ 14.364951] page_type: f5(slab) [ 14.365028] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.365153] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.365272] page dumped because: kasan: bad access detected [ 14.365568] [ 14.365704] Memory state around the buggy address: [ 14.365965] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.366323] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.366552] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.366744] ^ [ 14.366850] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.366971] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.367174] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.174919] ================================================================== [ 14.175116] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.175302] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.175699] [ 14.175831] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.175876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.175888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.175908] Call Trace: [ 14.175922] <TASK> [ 14.175937] dump_stack_lvl+0x73/0xb0 [ 14.175961] print_report+0xd1/0x640 [ 14.175984] ? __virt_addr_valid+0x1db/0x2d0 [ 14.176007] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.176028] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.176050] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.176093] kasan_report+0x140/0x180 [ 14.176117] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.176144] kasan_check_range+0x10c/0x1c0 [ 14.176164] __kasan_check_write+0x18/0x20 [ 14.176183] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.176205] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.176229] ? ret_from_fork_asm+0x1a/0x30 [ 14.176248] ? ret_from_fork+0x41/0x80 [ 14.176267] ? kthread+0x257/0x310 [ 14.176289] kasan_bitops_generic+0x117/0x1c0 [ 14.176309] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.176331] ? __pfx_read_tsc+0x10/0x10 [ 14.176349] ? ktime_get_ts64+0x84/0x230 [ 14.176374] kunit_try_run_case+0x1a6/0x480 [ 14.176395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.176414] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.176434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.176457] ? __kthread_parkme+0x82/0x160 [ 14.176475] ? preempt_count_sub+0x50/0x80 [ 14.176496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.176515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.176539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.176563] kthread+0x257/0x310 [ 14.176580] ? __pfx_kthread+0x10/0x10 [ 14.176597] ret_from_fork+0x41/0x80 [ 14.176616] ? __pfx_kthread+0x10/0x10 [ 14.176634] ret_from_fork_asm+0x1a/0x30 [ 14.176669] </TASK> [ 14.176683] [ 14.183828] Allocated by task 266: [ 14.184018] kasan_save_stack+0x45/0x70 [ 14.184145] kasan_save_track+0x18/0x40 [ 14.184339] kasan_save_alloc_info+0x3b/0x50 [ 14.184433] __kasan_kmalloc+0xb7/0xc0 [ 14.184516] __kmalloc_cache_noprof+0x168/0x350 [ 14.184609] kasan_bitops_generic+0x93/0x1c0 [ 14.184708] kunit_try_run_case+0x1a6/0x480 [ 14.184800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.184905] kthread+0x257/0x310 [ 14.184980] ret_from_fork+0x41/0x80 [ 14.185078] ret_from_fork_asm+0x1a/0x30 [ 14.185168] [ 14.185286] The buggy address belongs to the object at ffff8881024e41c0 [ 14.185286] which belongs to the cache kmalloc-16 of size 16 [ 14.185948] The buggy address is located 8 bytes inside of [ 14.185948] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.186631] [ 14.186757] The buggy address belongs to the physical page: [ 14.187089] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.187519] flags: 0x200000000000000(node=0|zone=2) [ 14.187614] page_type: f5(slab) [ 14.187700] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.187828] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.188031] page dumped because: kasan: bad access detected [ 14.188335] [ 14.188428] Memory state around the buggy address: [ 14.188717] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.188964] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.189182] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.189464] ^ [ 14.189682] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.189890] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.190137] ================================================================== [ 14.146797] ================================================================== [ 14.147041] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.147223] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.147533] [ 14.147659] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.147710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.147722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.147744] Call Trace: [ 14.147757] <TASK> [ 14.147772] dump_stack_lvl+0x73/0xb0 [ 14.147797] print_report+0xd1/0x640 [ 14.147819] ? __virt_addr_valid+0x1db/0x2d0 [ 14.147842] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.147863] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.147886] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.147907] kasan_report+0x140/0x180 [ 14.147930] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.147956] kasan_check_range+0x10c/0x1c0 [ 14.147976] __kasan_check_write+0x18/0x20 [ 14.147996] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.148017] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.148040] ? ret_from_fork_asm+0x1a/0x30 [ 14.148077] ? ret_from_fork+0x41/0x80 [ 14.148097] ? kthread+0x257/0x310 [ 14.148120] kasan_bitops_generic+0x117/0x1c0 [ 14.148140] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.148160] ? __pfx_read_tsc+0x10/0x10 [ 14.148178] ? ktime_get_ts64+0x84/0x230 [ 14.148202] kunit_try_run_case+0x1a6/0x480 [ 14.148224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.148243] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.148263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.148286] ? __kthread_parkme+0x82/0x160 [ 14.148303] ? preempt_count_sub+0x50/0x80 [ 14.148324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.148343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.148367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.148391] kthread+0x257/0x310 [ 14.148407] ? __pfx_kthread+0x10/0x10 [ 14.148425] ret_from_fork+0x41/0x80 [ 14.148444] ? __pfx_kthread+0x10/0x10 [ 14.148461] ret_from_fork_asm+0x1a/0x30 [ 14.148489] </TASK> [ 14.148500] [ 14.153623] Allocated by task 266: [ 14.153807] kasan_save_stack+0x45/0x70 [ 14.154090] kasan_save_track+0x18/0x40 [ 14.154209] kasan_save_alloc_info+0x3b/0x50 [ 14.154304] __kasan_kmalloc+0xb7/0xc0 [ 14.154388] __kmalloc_cache_noprof+0x168/0x350 [ 14.154606] kasan_bitops_generic+0x93/0x1c0 [ 14.154845] kunit_try_run_case+0x1a6/0x480 [ 14.155103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.155366] kthread+0x257/0x310 [ 14.155466] ret_from_fork+0x41/0x80 [ 14.155644] ret_from_fork_asm+0x1a/0x30 [ 14.155753] [ 14.155858] The buggy address belongs to the object at ffff8881024e41c0 [ 14.155858] which belongs to the cache kmalloc-16 of size 16 [ 14.156160] The buggy address is located 8 bytes inside of [ 14.156160] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.156500] [ 14.156600] The buggy address belongs to the physical page: [ 14.156731] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.156901] flags: 0x200000000000000(node=0|zone=2) [ 14.157179] page_type: f5(slab) [ 14.157347] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.157476] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.157601] page dumped because: kasan: bad access detected [ 14.157707] [ 14.157757] Memory state around the buggy address: [ 14.157848] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.157983] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.158130] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.158253] ^ [ 14.158570] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.158989] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.159425] ================================================================== [ 14.225402] ================================================================== [ 14.225971] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.226316] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.226561] [ 14.226626] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.226679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.226694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.226715] Call Trace: [ 14.226739] <TASK> [ 14.226758] dump_stack_lvl+0x73/0xb0 [ 14.226783] print_report+0xd1/0x640 [ 14.226818] ? __virt_addr_valid+0x1db/0x2d0 [ 14.226843] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.226865] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.226888] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.226911] kasan_report+0x140/0x180 [ 14.226935] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.226962] kasan_check_range+0x10c/0x1c0 [ 14.226996] __kasan_check_write+0x18/0x20 [ 14.227018] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.227052] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.227079] ? ret_from_fork_asm+0x1a/0x30 [ 14.227101] ? ret_from_fork+0x41/0x80 [ 14.227157] ? kthread+0x257/0x310 [ 14.227181] kasan_bitops_generic+0x117/0x1c0 [ 14.227215] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.227237] ? __pfx_read_tsc+0x10/0x10 [ 14.227256] ? ktime_get_ts64+0x84/0x230 [ 14.227281] kunit_try_run_case+0x1a6/0x480 [ 14.227318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.227340] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.227360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.227384] ? __kthread_parkme+0x82/0x160 [ 14.227403] ? preempt_count_sub+0x50/0x80 [ 14.227424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.227444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.227469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.227494] kthread+0x257/0x310 [ 14.227513] ? __pfx_kthread+0x10/0x10 [ 14.227532] ret_from_fork+0x41/0x80 [ 14.227551] ? __pfx_kthread+0x10/0x10 [ 14.227569] ret_from_fork_asm+0x1a/0x30 [ 14.227599] </TASK> [ 14.227610] [ 14.233013] Allocated by task 266: [ 14.233221] kasan_save_stack+0x45/0x70 [ 14.233451] kasan_save_track+0x18/0x40 [ 14.233571] kasan_save_alloc_info+0x3b/0x50 [ 14.233804] __kasan_kmalloc+0xb7/0xc0 [ 14.233892] __kmalloc_cache_noprof+0x168/0x350 [ 14.234003] kasan_bitops_generic+0x93/0x1c0 [ 14.234183] kunit_try_run_case+0x1a6/0x480 [ 14.234395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.234712] kthread+0x257/0x310 [ 14.234914] ret_from_fork+0x41/0x80 [ 14.235094] ret_from_fork_asm+0x1a/0x30 [ 14.235219] [ 14.235308] The buggy address belongs to the object at ffff8881024e41c0 [ 14.235308] which belongs to the cache kmalloc-16 of size 16 [ 14.235656] The buggy address is located 8 bytes inside of [ 14.235656] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.236013] [ 14.236113] The buggy address belongs to the physical page: [ 14.236215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.236443] flags: 0x200000000000000(node=0|zone=2) [ 14.236702] page_type: f5(slab) [ 14.236848] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.237138] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.237415] page dumped because: kasan: bad access detected [ 14.237651] [ 14.237762] Memory state around the buggy address: [ 14.237873] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.238014] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.238165] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.238285] ^ [ 14.238386] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.238505] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.238622] ================================================================== [ 14.190642] ================================================================== [ 14.191167] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.191325] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.191560] [ 14.191823] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.191926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.191950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.192010] Call Trace: [ 14.192027] <TASK> [ 14.192106] dump_stack_lvl+0x73/0xb0 [ 14.192188] print_report+0xd1/0x640 [ 14.192234] ? __virt_addr_valid+0x1db/0x2d0 [ 14.192258] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.192281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.192303] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.192325] kasan_report+0x140/0x180 [ 14.192348] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.192375] kasan_check_range+0x10c/0x1c0 [ 14.192395] __kasan_check_write+0x18/0x20 [ 14.192415] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.192437] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.192460] ? ret_from_fork_asm+0x1a/0x30 [ 14.192480] ? ret_from_fork+0x41/0x80 [ 14.192500] ? kthread+0x257/0x310 [ 14.192523] kasan_bitops_generic+0x117/0x1c0 [ 14.192545] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.192568] ? __pfx_read_tsc+0x10/0x10 [ 14.192586] ? ktime_get_ts64+0x84/0x230 [ 14.192611] kunit_try_run_case+0x1a6/0x480 [ 14.192632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192652] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.192683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.192709] ? __kthread_parkme+0x82/0x160 [ 14.192728] ? preempt_count_sub+0x50/0x80 [ 14.192750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.192770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.192795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192821] kthread+0x257/0x310 [ 14.192839] ? __pfx_kthread+0x10/0x10 [ 14.192857] ret_from_fork+0x41/0x80 [ 14.192877] ? __pfx_kthread+0x10/0x10 [ 14.192894] ret_from_fork_asm+0x1a/0x30 [ 14.192922] </TASK> [ 14.192932] [ 14.198867] Allocated by task 266: [ 14.199048] kasan_save_stack+0x45/0x70 [ 14.199161] kasan_save_track+0x18/0x40 [ 14.199250] kasan_save_alloc_info+0x3b/0x50 [ 14.199339] __kasan_kmalloc+0xb7/0xc0 [ 14.199423] __kmalloc_cache_noprof+0x168/0x350 [ 14.199515] kasan_bitops_generic+0x93/0x1c0 [ 14.199600] kunit_try_run_case+0x1a6/0x480 [ 14.199718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.200034] kthread+0x257/0x310 [ 14.200256] ret_from_fork+0x41/0x80 [ 14.200484] ret_from_fork_asm+0x1a/0x30 [ 14.200724] [ 14.200846] The buggy address belongs to the object at ffff8881024e41c0 [ 14.200846] which belongs to the cache kmalloc-16 of size 16 [ 14.201433] The buggy address is located 8 bytes inside of [ 14.201433] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.201926] [ 14.202037] The buggy address belongs to the physical page: [ 14.202306] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.202490] flags: 0x200000000000000(node=0|zone=2) [ 14.202590] page_type: f5(slab) [ 14.202677] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.202812] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.202937] page dumped because: kasan: bad access detected [ 14.203035] [ 14.203099] Memory state around the buggy address: [ 14.203192] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.203590] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.203974] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.204363] ^ [ 14.204688] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205103] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.205502] ================================================================== [ 14.160213] ================================================================== [ 14.161202] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.161707] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.161928] [ 14.162039] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.162102] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.162115] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.162135] Call Trace: [ 14.162151] <TASK> [ 14.162167] dump_stack_lvl+0x73/0xb0 [ 14.162192] print_report+0xd1/0x640 [ 14.162215] ? __virt_addr_valid+0x1db/0x2d0 [ 14.162237] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.162259] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.162282] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.162304] kasan_report+0x140/0x180 [ 14.162327] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.162353] kasan_check_range+0x10c/0x1c0 [ 14.162374] __kasan_check_write+0x18/0x20 [ 14.162394] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.162416] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.162440] ? ret_from_fork_asm+0x1a/0x30 [ 14.162460] ? ret_from_fork+0x41/0x80 [ 14.162479] ? kthread+0x257/0x310 [ 14.162502] kasan_bitops_generic+0x117/0x1c0 [ 14.162522] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.162544] ? __pfx_read_tsc+0x10/0x10 [ 14.162562] ? ktime_get_ts64+0x84/0x230 [ 14.162588] kunit_try_run_case+0x1a6/0x480 [ 14.162609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162628] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.162648] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.162682] ? __kthread_parkme+0x82/0x160 [ 14.162702] ? preempt_count_sub+0x50/0x80 [ 14.162725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.162744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.162769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162794] kthread+0x257/0x310 [ 14.162812] ? __pfx_kthread+0x10/0x10 [ 14.162831] ret_from_fork+0x41/0x80 [ 14.162850] ? __pfx_kthread+0x10/0x10 [ 14.162869] ret_from_fork_asm+0x1a/0x30 [ 14.162898] </TASK> [ 14.162910] [ 14.168269] Allocated by task 266: [ 14.168351] kasan_save_stack+0x45/0x70 [ 14.168444] kasan_save_track+0x18/0x40 [ 14.168529] kasan_save_alloc_info+0x3b/0x50 [ 14.168615] __kasan_kmalloc+0xb7/0xc0 [ 14.168705] __kmalloc_cache_noprof+0x168/0x350 [ 14.168800] kasan_bitops_generic+0x93/0x1c0 [ 14.168906] kunit_try_run_case+0x1a6/0x480 [ 14.169163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.169456] kthread+0x257/0x310 [ 14.169627] ret_from_fork+0x41/0x80 [ 14.169856] ret_from_fork_asm+0x1a/0x30 [ 14.170075] [ 14.170200] The buggy address belongs to the object at ffff8881024e41c0 [ 14.170200] which belongs to the cache kmalloc-16 of size 16 [ 14.170657] The buggy address is located 8 bytes inside of [ 14.170657] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.171076] [ 14.171185] The buggy address belongs to the physical page: [ 14.171315] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.171563] flags: 0x200000000000000(node=0|zone=2) [ 14.171756] page_type: f5(slab) [ 14.171846] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.171974] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.172380] page dumped because: kasan: bad access detected [ 14.172516] [ 14.172567] Memory state around the buggy address: [ 14.172797] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.173089] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.173235] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.173473] ^ [ 14.173689] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.173886] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.174245] ================================================================== [ 14.131309] ================================================================== [ 14.131849] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.132177] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.132390] [ 14.132518] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.132561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.132573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.132594] Call Trace: [ 14.132608] <TASK> [ 14.132625] dump_stack_lvl+0x73/0xb0 [ 14.132649] print_report+0xd1/0x640 [ 14.132680] ? __virt_addr_valid+0x1db/0x2d0 [ 14.132704] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.132724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.132745] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.132766] kasan_report+0x140/0x180 [ 14.132787] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.132812] kasan_check_range+0x10c/0x1c0 [ 14.132832] __kasan_check_write+0x18/0x20 [ 14.132851] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.132871] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.132893] ? ret_from_fork_asm+0x1a/0x30 [ 14.132911] ? ret_from_fork+0x41/0x80 [ 14.132929] ? kthread+0x257/0x310 [ 14.132949] kasan_bitops_generic+0x117/0x1c0 [ 14.132968] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.132988] ? __pfx_read_tsc+0x10/0x10 [ 14.133004] ? ktime_get_ts64+0x84/0x230 [ 14.133028] kunit_try_run_case+0x1a6/0x480 [ 14.133049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133068] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.133086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.133109] ? __kthread_parkme+0x82/0x160 [ 14.133125] ? preempt_count_sub+0x50/0x80 [ 14.133146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.133164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.133188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.133212] kthread+0x257/0x310 [ 14.133228] ? __pfx_kthread+0x10/0x10 [ 14.133277] ret_from_fork+0x41/0x80 [ 14.133300] ? __pfx_kthread+0x10/0x10 [ 14.133333] ret_from_fork_asm+0x1a/0x30 [ 14.133365] </TASK> [ 14.133376] [ 14.140025] Allocated by task 266: [ 14.140311] kasan_save_stack+0x45/0x70 [ 14.140500] kasan_save_track+0x18/0x40 [ 14.140780] kasan_save_alloc_info+0x3b/0x50 [ 14.140942] __kasan_kmalloc+0xb7/0xc0 [ 14.141107] __kmalloc_cache_noprof+0x168/0x350 [ 14.141387] kasan_bitops_generic+0x93/0x1c0 [ 14.141590] kunit_try_run_case+0x1a6/0x480 [ 14.141757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.141908] kthread+0x257/0x310 [ 14.141988] ret_from_fork+0x41/0x80 [ 14.142141] ret_from_fork_asm+0x1a/0x30 [ 14.142262] [ 14.142325] The buggy address belongs to the object at ffff8881024e41c0 [ 14.142325] which belongs to the cache kmalloc-16 of size 16 [ 14.142620] The buggy address is located 8 bytes inside of [ 14.142620] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.142926] [ 14.142989] The buggy address belongs to the physical page: [ 14.143100] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.143396] flags: 0x200000000000000(node=0|zone=2) [ 14.143623] page_type: f5(slab) [ 14.143794] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.144039] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.144191] page dumped because: kasan: bad access detected [ 14.144288] [ 14.144336] Memory state around the buggy address: [ 14.144590] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.144962] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.145185] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.145308] ^ [ 14.145512] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.145826] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146030] ================================================================== [ 14.239421] ================================================================== [ 14.239798] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.240659] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.241086] [ 14.241200] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.241245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.241257] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.241277] Call Trace: [ 14.241293] <TASK> [ 14.241311] dump_stack_lvl+0x73/0xb0 [ 14.241340] print_report+0xd1/0x640 [ 14.241364] ? __virt_addr_valid+0x1db/0x2d0 [ 14.241387] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.241409] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.241515] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.241541] kasan_report+0x140/0x180 [ 14.241565] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.241592] kasan_check_range+0x10c/0x1c0 [ 14.241613] __kasan_check_write+0x18/0x20 [ 14.241633] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.241654] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.241692] ? ret_from_fork_asm+0x1a/0x30 [ 14.241713] ? ret_from_fork+0x41/0x80 [ 14.241732] ? kthread+0x257/0x310 [ 14.241754] kasan_bitops_generic+0x117/0x1c0 [ 14.241775] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.241796] ? __pfx_read_tsc+0x10/0x10 [ 14.241814] ? ktime_get_ts64+0x84/0x230 [ 14.241839] kunit_try_run_case+0x1a6/0x480 [ 14.241860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.241880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.241908] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.241934] ? __kthread_parkme+0x82/0x160 [ 14.241954] ? preempt_count_sub+0x50/0x80 [ 14.241978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.241999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.242027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.242070] kthread+0x257/0x310 [ 14.242093] ? __pfx_kthread+0x10/0x10 [ 14.242112] ret_from_fork+0x41/0x80 [ 14.242132] ? __pfx_kthread+0x10/0x10 [ 14.242150] ret_from_fork_asm+0x1a/0x30 [ 14.242179] </TASK> [ 14.242191] [ 14.247162] Allocated by task 266: [ 14.247246] kasan_save_stack+0x45/0x70 [ 14.247338] kasan_save_track+0x18/0x40 [ 14.247424] kasan_save_alloc_info+0x3b/0x50 [ 14.247511] __kasan_kmalloc+0xb7/0xc0 [ 14.247594] __kmalloc_cache_noprof+0x168/0x350 [ 14.247797] kasan_bitops_generic+0x93/0x1c0 [ 14.248011] kunit_try_run_case+0x1a6/0x480 [ 14.248278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.248512] kthread+0x257/0x310 [ 14.248680] ret_from_fork+0x41/0x80 [ 14.248885] ret_from_fork_asm+0x1a/0x30 [ 14.249146] [ 14.249253] The buggy address belongs to the object at ffff8881024e41c0 [ 14.249253] which belongs to the cache kmalloc-16 of size 16 [ 14.249582] The buggy address is located 8 bytes inside of [ 14.249582] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.249789] [ 14.249844] The buggy address belongs to the physical page: [ 14.250031] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.250256] flags: 0x200000000000000(node=0|zone=2) [ 14.250523] page_type: f5(slab) [ 14.250658] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.250877] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.251065] page dumped because: kasan: bad access detected [ 14.251255] [ 14.251366] Memory state around the buggy address: [ 14.251526] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.251784] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.252034] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.252248] ^ [ 14.252459] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.252674] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.252803] ================================================================== [ 14.206453] ================================================================== [ 14.206939] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.207494] Write of size 8 at addr ffff8881024e41c8 by task kunit_try_catch/266 [ 14.208110] [ 14.208243] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.208288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.208300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.208320] Call Trace: [ 14.208336] <TASK> [ 14.208351] dump_stack_lvl+0x73/0xb0 [ 14.208380] print_report+0xd1/0x640 [ 14.208402] ? __virt_addr_valid+0x1db/0x2d0 [ 14.208522] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.208574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.208601] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.208709] kasan_report+0x140/0x180 [ 14.208825] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.208859] kasan_check_range+0x10c/0x1c0 [ 14.208890] __kasan_check_write+0x18/0x20 [ 14.208913] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.208936] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.208960] ? ret_from_fork_asm+0x1a/0x30 [ 14.208981] ? ret_from_fork+0x41/0x80 [ 14.209000] ? kthread+0x257/0x310 [ 14.209024] kasan_bitops_generic+0x117/0x1c0 [ 14.209045] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.209067] ? __pfx_read_tsc+0x10/0x10 [ 14.209252] ? ktime_get_ts64+0x84/0x230 [ 14.209280] kunit_try_run_case+0x1a6/0x480 [ 14.209303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.209323] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.209344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.209368] ? __kthread_parkme+0x82/0x160 [ 14.209386] ? preempt_count_sub+0x50/0x80 [ 14.209409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.209428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.209453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.209477] kthread+0x257/0x310 [ 14.209495] ? __pfx_kthread+0x10/0x10 [ 14.209513] ret_from_fork+0x41/0x80 [ 14.209533] ? __pfx_kthread+0x10/0x10 [ 14.209551] ret_from_fork_asm+0x1a/0x30 [ 14.209580] </TASK> [ 14.209592] [ 14.216462] Allocated by task 266: [ 14.216731] kasan_save_stack+0x45/0x70 [ 14.216975] kasan_save_track+0x18/0x40 [ 14.217338] kasan_save_alloc_info+0x3b/0x50 [ 14.217585] __kasan_kmalloc+0xb7/0xc0 [ 14.217695] __kmalloc_cache_noprof+0x168/0x350 [ 14.218128] kasan_bitops_generic+0x93/0x1c0 [ 14.218649] kunit_try_run_case+0x1a6/0x480 [ 14.218892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.219052] kthread+0x257/0x310 [ 14.219232] ret_from_fork+0x41/0x80 [ 14.219514] ret_from_fork_asm+0x1a/0x30 [ 14.219680] [ 14.219736] The buggy address belongs to the object at ffff8881024e41c0 [ 14.219736] which belongs to the cache kmalloc-16 of size 16 [ 14.220382] The buggy address is located 8 bytes inside of [ 14.220382] allocated 9-byte region [ffff8881024e41c0, ffff8881024e41c9) [ 14.220753] [ 14.220806] The buggy address belongs to the physical page: [ 14.221107] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 14.221243] flags: 0x200000000000000(node=0|zone=2) [ 14.221552] page_type: f5(slab) [ 14.221751] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.221980] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 14.222217] page dumped because: kasan: bad access detected [ 14.222418] [ 14.222563] Memory state around the buggy address: [ 14.222762] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 14.223051] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.223415] >ffff8881024e4180: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.223650] ^ [ 14.223877] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.224075] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.224226] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.109225] ================================================================== [ 14.109670] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.109954] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.110487] [ 14.110609] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.110654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.110674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.110696] Call Trace: [ 14.110712] <TASK> [ 14.110728] dump_stack_lvl+0x73/0xb0 [ 14.110754] print_report+0xd1/0x640 [ 14.110777] ? __virt_addr_valid+0x1db/0x2d0 [ 14.110798] ? strnlen+0x73/0x80 [ 14.110817] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.110839] ? strnlen+0x73/0x80 [ 14.110857] kasan_report+0x140/0x180 [ 14.110881] ? strnlen+0x73/0x80 [ 14.110903] __asan_report_load1_noabort+0x18/0x20 [ 14.110924] strnlen+0x73/0x80 [ 14.110943] kasan_strings+0x4cc/0xb60 [ 14.110964] ? __pfx_kasan_strings+0x10/0x10 [ 14.110985] ? __schedule+0xc49/0x27a0 [ 14.111004] ? __pfx_read_tsc+0x10/0x10 [ 14.111022] ? ktime_get_ts64+0x84/0x230 [ 14.111047] kunit_try_run_case+0x1a6/0x480 [ 14.111091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111111] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.111129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.111153] ? __kthread_parkme+0x82/0x160 [ 14.111172] ? preempt_count_sub+0x50/0x80 [ 14.111192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.111212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.111236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.111260] kthread+0x257/0x310 [ 14.111277] ? __pfx_kthread+0x10/0x10 [ 14.111295] ret_from_fork+0x41/0x80 [ 14.111315] ? __pfx_kthread+0x10/0x10 [ 14.111334] ret_from_fork_asm+0x1a/0x30 [ 14.111363] </TASK> [ 14.111373] [ 14.116384] Allocated by task 264: [ 14.116576] kasan_save_stack+0x45/0x70 [ 14.116821] kasan_save_track+0x18/0x40 [ 14.117068] kasan_save_alloc_info+0x3b/0x50 [ 14.117326] __kasan_kmalloc+0xb7/0xc0 [ 14.117559] __kmalloc_cache_noprof+0x168/0x350 [ 14.117838] kasan_strings+0xb3/0xb60 [ 14.119119] kunit_try_run_case+0x1a6/0x480 [ 14.119245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.119354] kthread+0x257/0x310 [ 14.119429] ret_from_fork+0x41/0x80 [ 14.119508] ret_from_fork_asm+0x1a/0x30 [ 14.119608] [ 14.119660] Freed by task 264: [ 14.119740] kasan_save_stack+0x45/0x70 [ 14.119956] kasan_save_track+0x18/0x40 [ 14.120167] kasan_save_free_info+0x3f/0x60 [ 14.120311] __kasan_slab_free+0x56/0x70 [ 14.120457] kfree+0x123/0x3d0 [ 14.120564] kasan_strings+0x13a/0xb60 [ 14.120704] kunit_try_run_case+0x1a6/0x480 [ 14.120879] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.121074] kthread+0x257/0x310 [ 14.121240] ret_from_fork+0x41/0x80 [ 14.121372] ret_from_fork_asm+0x1a/0x30 [ 14.121457] [ 14.121505] The buggy address belongs to the object at ffff888102632880 [ 14.121505] which belongs to the cache kmalloc-32 of size 32 [ 14.121701] The buggy address is located 16 bytes inside of [ 14.121701] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.122088] [ 14.122185] The buggy address belongs to the physical page: [ 14.122493] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.122921] flags: 0x200000000000000(node=0|zone=2) [ 14.123177] page_type: f5(slab) [ 14.123327] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.123458] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.123580] page dumped because: kasan: bad access detected [ 14.123692] [ 14.123807] Memory state around the buggy address: [ 14.124080] ffff888102632780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.124464] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.124717] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.124919] ^ [ 14.125114] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125343] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.125537] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.092780] ================================================================== [ 14.092999] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.093125] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.093248] [ 14.093307] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.093346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.093358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.093377] Call Trace: [ 14.093392] <TASK> [ 14.093408] dump_stack_lvl+0x73/0xb0 [ 14.093429] print_report+0xd1/0x640 [ 14.093451] ? __virt_addr_valid+0x1db/0x2d0 [ 14.093472] ? strlen+0x8f/0xb0 [ 14.093489] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.093510] ? strlen+0x8f/0xb0 [ 14.093529] kasan_report+0x140/0x180 [ 14.093550] ? strlen+0x8f/0xb0 [ 14.093572] __asan_report_load1_noabort+0x18/0x20 [ 14.093591] strlen+0x8f/0xb0 [ 14.093610] kasan_strings+0x432/0xb60 [ 14.093630] ? __pfx_kasan_strings+0x10/0x10 [ 14.093650] ? __schedule+0xc49/0x27a0 [ 14.093698] ? __pfx_read_tsc+0x10/0x10 [ 14.093718] ? ktime_get_ts64+0x84/0x230 [ 14.093744] kunit_try_run_case+0x1a6/0x480 [ 14.093764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093783] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.093802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.093825] ? __kthread_parkme+0x82/0x160 [ 14.093844] ? preempt_count_sub+0x50/0x80 [ 14.093865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.093885] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.093919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.093945] kthread+0x257/0x310 [ 14.093963] ? __pfx_kthread+0x10/0x10 [ 14.093983] ret_from_fork+0x41/0x80 [ 14.094002] ? __pfx_kthread+0x10/0x10 [ 14.094022] ret_from_fork_asm+0x1a/0x30 [ 14.094064] </TASK> [ 14.094078] [ 14.099513] Allocated by task 264: [ 14.099689] kasan_save_stack+0x45/0x70 [ 14.099846] kasan_save_track+0x18/0x40 [ 14.100013] kasan_save_alloc_info+0x3b/0x50 [ 14.100201] __kasan_kmalloc+0xb7/0xc0 [ 14.100384] __kmalloc_cache_noprof+0x168/0x350 [ 14.100572] kasan_strings+0xb3/0xb60 [ 14.100717] kunit_try_run_case+0x1a6/0x480 [ 14.100808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.100911] kthread+0x257/0x310 [ 14.100986] ret_from_fork+0x41/0x80 [ 14.101085] ret_from_fork_asm+0x1a/0x30 [ 14.101172] [ 14.101220] Freed by task 264: [ 14.101289] kasan_save_stack+0x45/0x70 [ 14.101373] kasan_save_track+0x18/0x40 [ 14.101454] kasan_save_free_info+0x3f/0x60 [ 14.101549] __kasan_slab_free+0x56/0x70 [ 14.101724] kfree+0x123/0x3d0 [ 14.101894] kasan_strings+0x13a/0xb60 [ 14.102145] kunit_try_run_case+0x1a6/0x480 [ 14.102387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102685] kthread+0x257/0x310 [ 14.102872] ret_from_fork+0x41/0x80 [ 14.103098] ret_from_fork_asm+0x1a/0x30 [ 14.103324] [ 14.103436] The buggy address belongs to the object at ffff888102632880 [ 14.103436] which belongs to the cache kmalloc-32 of size 32 [ 14.104038] The buggy address is located 16 bytes inside of [ 14.104038] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.104328] [ 14.104381] The buggy address belongs to the physical page: [ 14.104503] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.104913] flags: 0x200000000000000(node=0|zone=2) [ 14.105165] page_type: f5(slab) [ 14.105314] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.105539] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.105794] page dumped because: kasan: bad access detected [ 14.105986] [ 14.106038] Memory state around the buggy address: [ 14.106148] ffff888102632780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.106271] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.106387] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106501] ^ [ 14.106577] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106703] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.106820] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.075675] ================================================================== [ 14.076079] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 14.076417] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.076680] [ 14.076786] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.076827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.076839] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.076859] Call Trace: [ 14.076873] <TASK> [ 14.076888] dump_stack_lvl+0x73/0xb0 [ 14.076912] print_report+0xd1/0x640 [ 14.076933] ? __virt_addr_valid+0x1db/0x2d0 [ 14.076956] ? kasan_strings+0xa0f/0xb60 [ 14.076977] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.076999] ? kasan_strings+0xa0f/0xb60 [ 14.077020] kasan_report+0x140/0x180 [ 14.077042] ? kasan_strings+0xa0f/0xb60 [ 14.077087] __asan_report_load1_noabort+0x18/0x20 [ 14.077109] kasan_strings+0xa0f/0xb60 [ 14.077130] ? __pfx_kasan_strings+0x10/0x10 [ 14.077151] ? __schedule+0xc49/0x27a0 [ 14.077170] ? __pfx_read_tsc+0x10/0x10 [ 14.077188] ? ktime_get_ts64+0x84/0x230 [ 14.077212] kunit_try_run_case+0x1a6/0x480 [ 14.077233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077251] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.077270] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.077294] ? __kthread_parkme+0x82/0x160 [ 14.077312] ? preempt_count_sub+0x50/0x80 [ 14.077334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.077353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.077376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.077400] kthread+0x257/0x310 [ 14.077417] ? __pfx_kthread+0x10/0x10 [ 14.077435] ret_from_fork+0x41/0x80 [ 14.077454] ? __pfx_kthread+0x10/0x10 [ 14.077471] ret_from_fork_asm+0x1a/0x30 [ 14.077499] </TASK> [ 14.077508] [ 14.081911] Allocated by task 264: [ 14.082139] kasan_save_stack+0x45/0x70 [ 14.082358] kasan_save_track+0x18/0x40 [ 14.082579] kasan_save_alloc_info+0x3b/0x50 [ 14.082806] __kasan_kmalloc+0xb7/0xc0 [ 14.082932] __kmalloc_cache_noprof+0x168/0x350 [ 14.083118] kasan_strings+0xb3/0xb60 [ 14.083204] kunit_try_run_case+0x1a6/0x480 [ 14.083291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.083394] kthread+0x257/0x310 [ 14.083465] ret_from_fork+0x41/0x80 [ 14.083544] ret_from_fork_asm+0x1a/0x30 [ 14.083626] [ 14.083682] Freed by task 264: [ 14.083759] kasan_save_stack+0x45/0x70 [ 14.083981] kasan_save_track+0x18/0x40 [ 14.084218] kasan_save_free_info+0x3f/0x60 [ 14.084477] __kasan_slab_free+0x56/0x70 [ 14.084695] kfree+0x123/0x3d0 [ 14.084878] kasan_strings+0x13a/0xb60 [ 14.085112] kunit_try_run_case+0x1a6/0x480 [ 14.085311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.085566] kthread+0x257/0x310 [ 14.085646] ret_from_fork+0x41/0x80 [ 14.085736] ret_from_fork_asm+0x1a/0x30 [ 14.085823] [ 14.085871] The buggy address belongs to the object at ffff888102632880 [ 14.085871] which belongs to the cache kmalloc-32 of size 32 [ 14.086443] The buggy address is located 16 bytes inside of [ 14.086443] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.086931] [ 14.087046] The buggy address belongs to the physical page: [ 14.087228] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.087452] flags: 0x200000000000000(node=0|zone=2) [ 14.087631] page_type: f5(slab) [ 14.087749] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.087980] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.088266] page dumped because: kasan: bad access detected [ 14.088421] [ 14.088520] Memory state around the buggy address: [ 14.088697] ffff888102632780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.088927] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.089165] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089405] ^ [ 14.089533] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.089730] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.090001] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.060415] ================================================================== [ 14.060676] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.060924] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.061173] [ 14.061233] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.061273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.061284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.061304] Call Trace: [ 14.061317] <TASK> [ 14.061332] dump_stack_lvl+0x73/0xb0 [ 14.061353] print_report+0xd1/0x640 [ 14.061375] ? __virt_addr_valid+0x1db/0x2d0 [ 14.061396] ? strcmp+0xb0/0xc0 [ 14.061413] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.061434] ? strcmp+0xb0/0xc0 [ 14.061452] kasan_report+0x140/0x180 [ 14.061474] ? strcmp+0xb0/0xc0 [ 14.061496] __asan_report_load1_noabort+0x18/0x20 [ 14.061516] strcmp+0xb0/0xc0 [ 14.061535] kasan_strings+0x2e9/0xb60 [ 14.061555] ? __pfx_kasan_strings+0x10/0x10 [ 14.061576] ? __schedule+0xc49/0x27a0 [ 14.061595] ? __pfx_read_tsc+0x10/0x10 [ 14.061612] ? ktime_get_ts64+0x84/0x230 [ 14.061637] kunit_try_run_case+0x1a6/0x480 [ 14.061657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.061988] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.062015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.062042] ? __kthread_parkme+0x82/0x160 [ 14.062085] ? preempt_count_sub+0x50/0x80 [ 14.062110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.062130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.062156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.062182] kthread+0x257/0x310 [ 14.062200] ? __pfx_kthread+0x10/0x10 [ 14.062219] ret_from_fork+0x41/0x80 [ 14.062238] ? __pfx_kthread+0x10/0x10 [ 14.062255] ret_from_fork_asm+0x1a/0x30 [ 14.062284] </TASK> [ 14.062296] [ 14.066939] Allocated by task 264: [ 14.067021] kasan_save_stack+0x45/0x70 [ 14.067130] kasan_save_track+0x18/0x40 [ 14.067360] kasan_save_alloc_info+0x3b/0x50 [ 14.067597] __kasan_kmalloc+0xb7/0xc0 [ 14.067823] __kmalloc_cache_noprof+0x168/0x350 [ 14.068042] kasan_strings+0xb3/0xb60 [ 14.068143] kunit_try_run_case+0x1a6/0x480 [ 14.068354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.068593] kthread+0x257/0x310 [ 14.068704] ret_from_fork+0x41/0x80 [ 14.068901] ret_from_fork_asm+0x1a/0x30 [ 14.068992] [ 14.069040] Freed by task 264: [ 14.069165] kasan_save_stack+0x45/0x70 [ 14.069386] kasan_save_track+0x18/0x40 [ 14.069631] kasan_save_free_info+0x3f/0x60 [ 14.069770] __kasan_slab_free+0x56/0x70 [ 14.069861] kfree+0x123/0x3d0 [ 14.069947] kasan_strings+0x13a/0xb60 [ 14.070038] kunit_try_run_case+0x1a6/0x480 [ 14.070146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.070253] kthread+0x257/0x310 [ 14.070326] ret_from_fork+0x41/0x80 [ 14.070406] ret_from_fork_asm+0x1a/0x30 [ 14.070488] [ 14.070534] The buggy address belongs to the object at ffff888102632880 [ 14.070534] which belongs to the cache kmalloc-32 of size 32 [ 14.070841] The buggy address is located 16 bytes inside of [ 14.070841] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.071426] [ 14.071537] The buggy address belongs to the physical page: [ 14.071839] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.072218] flags: 0x200000000000000(node=0|zone=2) [ 14.072500] page_type: f5(slab) [ 14.072703] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.073118] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.073449] page dumped because: kasan: bad access detected [ 14.073602] [ 14.073653] Memory state around the buggy address: [ 14.073754] ffff888102632780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.073878] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.074005] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074146] ^ [ 14.074228] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074399] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.074721] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 14.046344] ================================================================== [ 14.046532] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 14.046678] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.046909] [ 14.047024] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.047074] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.047087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.047108] Call Trace: [ 14.047120] <TASK> [ 14.047134] dump_stack_lvl+0x73/0xb0 [ 14.047157] print_report+0xd1/0x640 [ 14.047179] ? __virt_addr_valid+0x1db/0x2d0 [ 14.047200] ? strrchr+0x64/0x70 [ 14.047219] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.047240] ? strrchr+0x64/0x70 [ 14.047258] kasan_report+0x140/0x180 [ 14.047279] ? strrchr+0x64/0x70 [ 14.047302] __asan_report_load1_noabort+0x18/0x20 [ 14.047321] strrchr+0x64/0x70 [ 14.047340] kasan_strings+0x24c/0xb60 [ 14.047360] ? __pfx_kasan_strings+0x10/0x10 [ 14.047380] ? __schedule+0xc49/0x27a0 [ 14.047398] ? __pfx_read_tsc+0x10/0x10 [ 14.047415] ? ktime_get_ts64+0x84/0x230 [ 14.047440] kunit_try_run_case+0x1a6/0x480 [ 14.047459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047477] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.047496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.047518] ? __kthread_parkme+0x82/0x160 [ 14.047535] ? preempt_count_sub+0x50/0x80 [ 14.047556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.047597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.047620] kthread+0x257/0x310 [ 14.047637] ? __pfx_kthread+0x10/0x10 [ 14.047655] ret_from_fork+0x41/0x80 [ 14.047700] ? __pfx_kthread+0x10/0x10 [ 14.047719] ret_from_fork_asm+0x1a/0x30 [ 14.047747] </TASK> [ 14.047758] [ 14.052105] Allocated by task 264: [ 14.052249] kasan_save_stack+0x45/0x70 [ 14.052382] kasan_save_track+0x18/0x40 [ 14.052513] kasan_save_alloc_info+0x3b/0x50 [ 14.052708] __kasan_kmalloc+0xb7/0xc0 [ 14.052794] __kmalloc_cache_noprof+0x168/0x350 [ 14.052887] kasan_strings+0xb3/0xb60 [ 14.052968] kunit_try_run_case+0x1a6/0x480 [ 14.053067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.053177] kthread+0x257/0x310 [ 14.053251] ret_from_fork+0x41/0x80 [ 14.053331] ret_from_fork_asm+0x1a/0x30 [ 14.053452] [ 14.053542] Freed by task 264: [ 14.053728] kasan_save_stack+0x45/0x70 [ 14.053958] kasan_save_track+0x18/0x40 [ 14.054202] kasan_save_free_info+0x3f/0x60 [ 14.054438] __kasan_slab_free+0x56/0x70 [ 14.054653] kfree+0x123/0x3d0 [ 14.054855] kasan_strings+0x13a/0xb60 [ 14.055067] kunit_try_run_case+0x1a6/0x480 [ 14.055306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.055472] kthread+0x257/0x310 [ 14.055574] ret_from_fork+0x41/0x80 [ 14.055658] ret_from_fork_asm+0x1a/0x30 [ 14.055754] [ 14.055802] The buggy address belongs to the object at ffff888102632880 [ 14.055802] which belongs to the cache kmalloc-32 of size 32 [ 14.055985] The buggy address is located 16 bytes inside of [ 14.055985] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.056483] [ 14.056584] The buggy address belongs to the physical page: [ 14.056857] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.057185] flags: 0x200000000000000(node=0|zone=2) [ 14.057401] page_type: f5(slab) [ 14.057537] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.057734] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.057861] page dumped because: kasan: bad access detected [ 14.057977] [ 14.058033] Memory state around the buggy address: [ 14.058313] ffff888102632780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.058692] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.058936] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.059193] ^ [ 14.059327] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.059451] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.059679] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 14.026853] ================================================================== [ 14.027296] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 14.027626] Read of size 1 at addr ffff888102632890 by task kunit_try_catch/264 [ 14.027869] [ 14.027957] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.028000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.028012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.028032] Call Trace: [ 14.028044] <TASK> [ 14.028060] dump_stack_lvl+0x73/0xb0 [ 14.028437] print_report+0xd1/0x640 [ 14.028463] ? __virt_addr_valid+0x1db/0x2d0 [ 14.028488] ? strchr+0x9c/0xc0 [ 14.028506] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.028528] ? strchr+0x9c/0xc0 [ 14.028546] kasan_report+0x140/0x180 [ 14.028568] ? strchr+0x9c/0xc0 [ 14.028591] __asan_report_load1_noabort+0x18/0x20 [ 14.028611] strchr+0x9c/0xc0 [ 14.028630] kasan_strings+0x1b1/0xb60 [ 14.028651] ? __pfx_kasan_strings+0x10/0x10 [ 14.028695] ? __schedule+0xc49/0x27a0 [ 14.028715] ? __pfx_read_tsc+0x10/0x10 [ 14.028734] ? ktime_get_ts64+0x84/0x230 [ 14.028761] kunit_try_run_case+0x1a6/0x480 [ 14.028783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.028802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.028821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.028844] ? __kthread_parkme+0x82/0x160 [ 14.028863] ? preempt_count_sub+0x50/0x80 [ 14.028884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.028903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.028927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.028951] kthread+0x257/0x310 [ 14.028968] ? __pfx_kthread+0x10/0x10 [ 14.028986] ret_from_fork+0x41/0x80 [ 14.029005] ? __pfx_kthread+0x10/0x10 [ 14.029022] ret_from_fork_asm+0x1a/0x30 [ 14.029051] </TASK> [ 14.029061] [ 14.034286] Allocated by task 264: [ 14.034521] kasan_save_stack+0x45/0x70 [ 14.034625] kasan_save_track+0x18/0x40 [ 14.034722] kasan_save_alloc_info+0x3b/0x50 [ 14.034816] __kasan_kmalloc+0xb7/0xc0 [ 14.034924] __kmalloc_cache_noprof+0x168/0x350 [ 14.035608] kasan_strings+0xb3/0xb60 [ 14.035874] kunit_try_run_case+0x1a6/0x480 [ 14.036282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.036546] kthread+0x257/0x310 [ 14.036701] ret_from_fork+0x41/0x80 [ 14.036941] ret_from_fork_asm+0x1a/0x30 [ 14.037387] [ 14.037566] Freed by task 264: [ 14.037691] kasan_save_stack+0x45/0x70 [ 14.037912] kasan_save_track+0x18/0x40 [ 14.038326] kasan_save_free_info+0x3f/0x60 [ 14.038566] __kasan_slab_free+0x56/0x70 [ 14.038688] kfree+0x123/0x3d0 [ 14.038773] kasan_strings+0x13a/0xb60 [ 14.038861] kunit_try_run_case+0x1a6/0x480 [ 14.038949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.039333] kthread+0x257/0x310 [ 14.039538] ret_from_fork+0x41/0x80 [ 14.039640] ret_from_fork_asm+0x1a/0x30 [ 14.039875] [ 14.039980] The buggy address belongs to the object at ffff888102632880 [ 14.039980] which belongs to the cache kmalloc-32 of size 32 [ 14.040318] The buggy address is located 16 bytes inside of [ 14.040318] freed 32-byte region [ffff888102632880, ffff8881026328a0) [ 14.040725] [ 14.040799] The buggy address belongs to the physical page: [ 14.040963] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.041173] flags: 0x200000000000000(node=0|zone=2) [ 14.041376] page_type: f5(slab) [ 14.041509] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.041863] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.042112] page dumped because: kasan: bad access detected [ 14.042225] [ 14.042279] Memory state around the buggy address: [ 14.042376] ffff888102632780: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.042505] ffff888102632800: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.042774] >ffff888102632880: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.043039] ^ [ 14.043432] ffff888102632900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.043750] ffff888102632980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.044124] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.005336] ================================================================== [ 14.005714] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.005966] Read of size 1 at addr ffff888102632798 by task kunit_try_catch/262 [ 14.006150] [ 14.006214] CPU: 0 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 14.006256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.006268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.006289] Call Trace: [ 14.006301] <TASK> [ 14.006317] dump_stack_lvl+0x73/0xb0 [ 14.006558] print_report+0xd1/0x640 [ 14.006586] ? __virt_addr_valid+0x1db/0x2d0 [ 14.006611] ? memcmp+0x1b4/0x1d0 [ 14.006631] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.006653] ? memcmp+0x1b4/0x1d0 [ 14.006688] kasan_report+0x140/0x180 [ 14.006712] ? memcmp+0x1b4/0x1d0 [ 14.006737] __asan_report_load1_noabort+0x18/0x20 [ 14.006758] memcmp+0x1b4/0x1d0 [ 14.006780] kasan_memcmp+0x190/0x390 [ 14.006802] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.006822] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.006851] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.006877] kunit_try_run_case+0x1a6/0x480 [ 14.006900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.006919] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.006939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.006963] ? __kthread_parkme+0x82/0x160 [ 14.006983] ? preempt_count_sub+0x50/0x80 [ 14.007006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.007025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.007050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.007074] kthread+0x257/0x310 [ 14.007092] ? __pfx_kthread+0x10/0x10 [ 14.007111] ret_from_fork+0x41/0x80 [ 14.007131] ? __pfx_kthread+0x10/0x10 [ 14.007149] ret_from_fork_asm+0x1a/0x30 [ 14.007179] </TASK> [ 14.007191] [ 14.014508] Allocated by task 262: [ 14.015178] kasan_save_stack+0x45/0x70 [ 14.015434] kasan_save_track+0x18/0x40 [ 14.016329] kasan_save_alloc_info+0x3b/0x50 [ 14.016611] __kasan_kmalloc+0xb7/0xc0 [ 14.016789] __kmalloc_cache_noprof+0x168/0x350 [ 14.017015] kasan_memcmp+0xb8/0x390 [ 14.017185] kunit_try_run_case+0x1a6/0x480 [ 14.017312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.017434] kthread+0x257/0x310 [ 14.017605] ret_from_fork+0x41/0x80 [ 14.017784] ret_from_fork_asm+0x1a/0x30 [ 14.018008] [ 14.018131] The buggy address belongs to the object at ffff888102632780 [ 14.018131] which belongs to the cache kmalloc-32 of size 32 [ 14.018502] The buggy address is located 0 bytes to the right of [ 14.018502] allocated 24-byte region [ffff888102632780, ffff888102632798) [ 14.018798] [ 14.018853] The buggy address belongs to the physical page: [ 14.018993] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102632 [ 14.019385] flags: 0x200000000000000(node=0|zone=2) [ 14.019603] page_type: f5(slab) [ 14.019757] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.020106] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 14.020602] page dumped because: kasan: bad access detected [ 14.020795] [ 14.020913] Memory state around the buggy address: [ 14.021072] ffff888102632680: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.021358] ffff888102632700: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.021580] >ffff888102632780: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.021803] ^ [ 14.022026] ffff888102632800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.022363] ffff888102632880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.022589] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 13.986740] ================================================================== [ 13.987147] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 13.987335] Read of size 1 at addr ffff888102986bd8 by task kunit_try_catch/260 [ 13.987597] [ 13.987657] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.987707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.987719] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.987737] Call Trace: [ 13.987750] <TASK> [ 13.987765] dump_stack_lvl+0x73/0xb0 [ 13.987787] print_report+0xd1/0x640 [ 13.987807] ? __virt_addr_valid+0x1db/0x2d0 [ 13.987828] ? memchr+0x79/0x90 [ 13.987845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.987865] ? memchr+0x79/0x90 [ 13.987882] kasan_report+0x140/0x180 [ 13.987901] ? memchr+0x79/0x90 [ 13.987923] __asan_report_load1_noabort+0x18/0x20 [ 13.987942] memchr+0x79/0x90 [ 13.987961] kasan_memchr+0x163/0x320 [ 13.987979] ? __pfx_kasan_memchr+0x10/0x10 [ 13.987999] ? __schedule+0xc49/0x27a0 [ 13.988016] ? __pfx_read_tsc+0x10/0x10 [ 13.988032] ? ktime_get_ts64+0x84/0x230 [ 13.988054] kunit_try_run_case+0x1a6/0x480 [ 13.988074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.988091] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.988109] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.988130] ? __kthread_parkme+0x82/0x160 [ 13.988147] ? preempt_count_sub+0x50/0x80 [ 13.988166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.988183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.988205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.988226] kthread+0x257/0x310 [ 13.988242] ? __pfx_kthread+0x10/0x10 [ 13.988258] ret_from_fork+0x41/0x80 [ 13.988275] ? __pfx_kthread+0x10/0x10 [ 13.988291] ret_from_fork_asm+0x1a/0x30 [ 13.988322] </TASK> [ 13.988608] [ 13.993877] Allocated by task 260: [ 13.994298] kasan_save_stack+0x45/0x70 [ 13.994558] kasan_save_track+0x18/0x40 [ 13.994782] kasan_save_alloc_info+0x3b/0x50 [ 13.994880] __kasan_kmalloc+0xb7/0xc0 [ 13.994966] __kmalloc_cache_noprof+0x168/0x350 [ 13.995057] kasan_memchr+0xad/0x320 [ 13.995135] kunit_try_run_case+0x1a6/0x480 [ 13.995218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.995316] kthread+0x257/0x310 [ 13.995434] ret_from_fork+0x41/0x80 [ 13.995726] ret_from_fork_asm+0x1a/0x30 [ 13.996038] [ 13.996348] The buggy address belongs to the object at ffff888102986bc0 [ 13.996348] which belongs to the cache kmalloc-32 of size 32 [ 13.997158] The buggy address is located 0 bytes to the right of [ 13.997158] allocated 24-byte region [ffff888102986bc0, ffff888102986bd8) [ 13.997695] [ 13.997792] The buggy address belongs to the physical page: [ 13.998040] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102986 [ 13.998301] flags: 0x200000000000000(node=0|zone=2) [ 13.998501] page_type: f5(slab) [ 13.998616] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.998843] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 13.999110] page dumped because: kasan: bad access detected [ 13.999268] [ 13.999366] Memory state around the buggy address: [ 13.999526] ffff888102986a80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.999763] ffff888102986b00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.999947] >ffff888102986b80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.000188] ^ [ 14.000406] ffff888102986c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.000586] ffff888102986c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.000841] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.196452] ================================================================== [ 12.197204] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 12.198053] Write of size 8 at addr ffff88810297aa71 by task kunit_try_catch/181 [ 12.198473] [ 12.198925] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.198987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.199006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.199038] Call Trace: [ 12.199059] <TASK> [ 12.199146] dump_stack_lvl+0x73/0xb0 [ 12.199213] print_report+0xd1/0x640 [ 12.199245] ? __virt_addr_valid+0x1db/0x2d0 [ 12.199286] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.199321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.199362] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.199405] kasan_report+0x140/0x180 [ 12.199448] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.199480] kasan_check_range+0x10c/0x1c0 [ 12.199500] __asan_memset+0x27/0x50 [ 12.199519] kmalloc_oob_memset_8+0x167/0x330 [ 12.199540] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.199562] ? __schedule+0xc49/0x27a0 [ 12.199583] ? __pfx_read_tsc+0x10/0x10 [ 12.199600] ? ktime_get_ts64+0x84/0x230 [ 12.199625] kunit_try_run_case+0x1a6/0x480 [ 12.199646] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199685] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.199706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.199727] ? __kthread_parkme+0x82/0x160 [ 12.199745] ? preempt_count_sub+0x50/0x80 [ 12.199767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.199807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.199830] kthread+0x257/0x310 [ 12.199847] ? __pfx_kthread+0x10/0x10 [ 12.199865] ret_from_fork+0x41/0x80 [ 12.199883] ? __pfx_kthread+0x10/0x10 [ 12.199900] ret_from_fork_asm+0x1a/0x30 [ 12.199929] </TASK> [ 12.199941] [ 12.211021] Allocated by task 181: [ 12.211398] kasan_save_stack+0x45/0x70 [ 12.211629] kasan_save_track+0x18/0x40 [ 12.211799] kasan_save_alloc_info+0x3b/0x50 [ 12.212513] __kasan_kmalloc+0xb7/0xc0 [ 12.213000] __kmalloc_cache_noprof+0x168/0x350 [ 12.213537] kmalloc_oob_memset_8+0xad/0x330 [ 12.213735] kunit_try_run_case+0x1a6/0x480 [ 12.213916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.214414] kthread+0x257/0x310 [ 12.214882] ret_from_fork+0x41/0x80 [ 12.215123] ret_from_fork_asm+0x1a/0x30 [ 12.215498] [ 12.215641] The buggy address belongs to the object at ffff88810297aa00 [ 12.215641] which belongs to the cache kmalloc-128 of size 128 [ 12.216649] The buggy address is located 113 bytes inside of [ 12.216649] allocated 120-byte region [ffff88810297aa00, ffff88810297aa78) [ 12.217563] [ 12.217724] The buggy address belongs to the physical page: [ 12.217950] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297a [ 12.218706] flags: 0x200000000000000(node=0|zone=2) [ 12.218967] page_type: f5(slab) [ 12.219233] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.219744] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.220018] page dumped because: kasan: bad access detected [ 12.220303] [ 12.220638] Memory state around the buggy address: [ 12.221233] ffff88810297a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 12.221756] ffff88810297a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.222405] >ffff88810297aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.222777] ^ [ 12.223244] ffff88810297aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.223720] ffff88810297ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.224037] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.166627] ================================================================== [ 12.167109] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 12.167742] Write of size 4 at addr ffff88810261c275 by task kunit_try_catch/179 [ 12.168321] [ 12.168469] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.168548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.168570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.168607] Call Trace: [ 12.168632] <TASK> [ 12.168672] dump_stack_lvl+0x73/0xb0 [ 12.168729] print_report+0xd1/0x640 [ 12.168769] ? __virt_addr_valid+0x1db/0x2d0 [ 12.168806] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.168840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.168879] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.168921] kasan_report+0x140/0x180 [ 12.168964] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.169019] kasan_check_range+0x10c/0x1c0 [ 12.169094] __asan_memset+0x27/0x50 [ 12.169135] kmalloc_oob_memset_4+0x167/0x330 [ 12.169173] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.169199] ? __schedule+0xc49/0x27a0 [ 12.169220] ? __pfx_read_tsc+0x10/0x10 [ 12.169238] ? ktime_get_ts64+0x84/0x230 [ 12.169264] kunit_try_run_case+0x1a6/0x480 [ 12.169284] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.169303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.169322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.169345] ? __kthread_parkme+0x82/0x160 [ 12.169363] ? preempt_count_sub+0x50/0x80 [ 12.169385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.169403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.169427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.169450] kthread+0x257/0x310 [ 12.169466] ? __pfx_kthread+0x10/0x10 [ 12.169484] ret_from_fork+0x41/0x80 [ 12.169502] ? __pfx_kthread+0x10/0x10 [ 12.169519] ret_from_fork_asm+0x1a/0x30 [ 12.169547] </TASK> [ 12.169558] [ 12.177640] Allocated by task 179: [ 12.177848] kasan_save_stack+0x45/0x70 [ 12.178111] kasan_save_track+0x18/0x40 [ 12.178374] kasan_save_alloc_info+0x3b/0x50 [ 12.178727] __kasan_kmalloc+0xb7/0xc0 [ 12.180730] __kmalloc_cache_noprof+0x168/0x350 [ 12.182182] kmalloc_oob_memset_4+0xad/0x330 [ 12.182391] kunit_try_run_case+0x1a6/0x480 [ 12.182556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.182778] kthread+0x257/0x310 [ 12.182916] ret_from_fork+0x41/0x80 [ 12.183094] ret_from_fork_asm+0x1a/0x30 [ 12.183313] [ 12.183407] The buggy address belongs to the object at ffff88810261c200 [ 12.183407] which belongs to the cache kmalloc-128 of size 128 [ 12.183831] The buggy address is located 117 bytes inside of [ 12.183831] allocated 120-byte region [ffff88810261c200, ffff88810261c278) [ 12.184208] [ 12.184308] The buggy address belongs to the physical page: [ 12.184485] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.184793] flags: 0x200000000000000(node=0|zone=2) [ 12.184982] page_type: f5(slab) [ 12.185172] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.185622] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.186130] page dumped because: kasan: bad access detected [ 12.187808] [ 12.187983] Memory state around the buggy address: [ 12.188342] ffff88810261c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.188807] ffff88810261c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.189092] >ffff88810261c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.189329] ^ [ 12.189753] ffff88810261c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.190228] ffff88810261c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.190552] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.139731] ================================================================== [ 12.140155] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 12.140871] Write of size 2 at addr ffff88810261c177 by task kunit_try_catch/177 [ 12.141773] [ 12.141966] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.142116] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.142141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.142177] Call Trace: [ 12.142204] <TASK> [ 12.142233] dump_stack_lvl+0x73/0xb0 [ 12.142290] print_report+0xd1/0x640 [ 12.142333] ? __virt_addr_valid+0x1db/0x2d0 [ 12.142373] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.142432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.142465] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.142497] kasan_report+0x140/0x180 [ 12.142533] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.142579] kasan_check_range+0x10c/0x1c0 [ 12.142609] __asan_memset+0x27/0x50 [ 12.142638] kmalloc_oob_memset_2+0x167/0x330 [ 12.142685] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.142792] ? __schedule+0xc49/0x27a0 [ 12.142832] ? __pfx_read_tsc+0x10/0x10 [ 12.142869] ? ktime_get_ts64+0x84/0x230 [ 12.142921] kunit_try_run_case+0x1a6/0x480 [ 12.142965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.142990] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.143010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.143033] ? __kthread_parkme+0x82/0x160 [ 12.143057] ? preempt_count_sub+0x50/0x80 [ 12.143114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.143134] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.143158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.143182] kthread+0x257/0x310 [ 12.143199] ? __pfx_kthread+0x10/0x10 [ 12.143217] ret_from_fork+0x41/0x80 [ 12.143235] ? __pfx_kthread+0x10/0x10 [ 12.143252] ret_from_fork_asm+0x1a/0x30 [ 12.143281] </TASK> [ 12.143293] [ 12.151075] Allocated by task 177: [ 12.151373] kasan_save_stack+0x45/0x70 [ 12.151592] kasan_save_track+0x18/0x40 [ 12.151909] kasan_save_alloc_info+0x3b/0x50 [ 12.152152] __kasan_kmalloc+0xb7/0xc0 [ 12.152337] __kmalloc_cache_noprof+0x168/0x350 [ 12.152583] kmalloc_oob_memset_2+0xad/0x330 [ 12.152901] kunit_try_run_case+0x1a6/0x480 [ 12.153249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.153614] kthread+0x257/0x310 [ 12.153877] ret_from_fork+0x41/0x80 [ 12.154208] ret_from_fork_asm+0x1a/0x30 [ 12.154404] [ 12.154510] The buggy address belongs to the object at ffff88810261c100 [ 12.154510] which belongs to the cache kmalloc-128 of size 128 [ 12.155022] The buggy address is located 119 bytes inside of [ 12.155022] allocated 120-byte region [ffff88810261c100, ffff88810261c178) [ 12.155823] [ 12.156000] The buggy address belongs to the physical page: [ 12.156279] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.156539] flags: 0x200000000000000(node=0|zone=2) [ 12.156795] page_type: f5(slab) [ 12.157054] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.157543] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.158105] page dumped because: kasan: bad access detected [ 12.158360] [ 12.158467] Memory state around the buggy address: [ 12.158665] ffff88810261c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.158905] ffff88810261c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.159389] >ffff88810261c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.159876] ^ [ 12.160358] ffff88810261c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.160817] ffff88810261c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.161153] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.109921] ================================================================== [ 12.110533] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 12.111062] Write of size 128 at addr ffff88810261c000 by task kunit_try_catch/175 [ 12.111349] [ 12.111469] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.111546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.111570] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.111605] Call Trace: [ 12.111621] <TASK> [ 12.111637] dump_stack_lvl+0x73/0xb0 [ 12.111689] print_report+0xd1/0x640 [ 12.111722] ? __virt_addr_valid+0x1db/0x2d0 [ 12.111756] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.111789] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.111821] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.111860] kasan_report+0x140/0x180 [ 12.111900] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.111952] kasan_check_range+0x10c/0x1c0 [ 12.111993] __asan_memset+0x27/0x50 [ 12.112033] kmalloc_oob_in_memset+0x160/0x320 [ 12.112078] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.112124] ? __schedule+0xc49/0x27a0 [ 12.112164] ? __pfx_read_tsc+0x10/0x10 [ 12.112200] ? ktime_get_ts64+0x84/0x230 [ 12.112251] kunit_try_run_case+0x1a6/0x480 [ 12.112294] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.112333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.112371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.112415] ? __kthread_parkme+0x82/0x160 [ 12.112606] ? preempt_count_sub+0x50/0x80 [ 12.112629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.112649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.112695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.112720] kthread+0x257/0x310 [ 12.112737] ? __pfx_kthread+0x10/0x10 [ 12.112755] ret_from_fork+0x41/0x80 [ 12.112773] ? __pfx_kthread+0x10/0x10 [ 12.112791] ret_from_fork_asm+0x1a/0x30 [ 12.112819] </TASK> [ 12.112830] [ 12.123176] Allocated by task 175: [ 12.123724] kasan_save_stack+0x45/0x70 [ 12.124065] kasan_save_track+0x18/0x40 [ 12.124322] kasan_save_alloc_info+0x3b/0x50 [ 12.124618] __kasan_kmalloc+0xb7/0xc0 [ 12.124776] __kmalloc_cache_noprof+0x168/0x350 [ 12.125150] kmalloc_oob_in_memset+0xad/0x320 [ 12.125467] kunit_try_run_case+0x1a6/0x480 [ 12.125695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.126171] kthread+0x257/0x310 [ 12.126481] ret_from_fork+0x41/0x80 [ 12.126723] ret_from_fork_asm+0x1a/0x30 [ 12.126872] [ 12.126963] The buggy address belongs to the object at ffff88810261c000 [ 12.126963] which belongs to the cache kmalloc-128 of size 128 [ 12.128002] The buggy address is located 0 bytes inside of [ 12.128002] allocated 120-byte region [ffff88810261c000, ffff88810261c078) [ 12.129109] [ 12.129301] The buggy address belongs to the physical page: [ 12.129958] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10261c [ 12.130334] flags: 0x200000000000000(node=0|zone=2) [ 12.130522] page_type: f5(slab) [ 12.130791] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.131089] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 12.131366] page dumped because: kasan: bad access detected [ 12.131731] [ 12.131881] Memory state around the buggy address: [ 12.132076] ffff88810261bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.132534] ffff88810261bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.132851] >ffff88810261c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.133302] ^ [ 12.133710] ffff88810261c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.133952] ffff88810261c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.134325] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.074933] ================================================================== [ 12.075381] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 12.076092] Read of size 16 at addr ffff8881024e4180 by task kunit_try_catch/173 [ 12.076937] [ 12.077097] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 12.077176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.077200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.077235] Call Trace: [ 12.077260] <TASK> [ 12.077284] dump_stack_lvl+0x73/0xb0 [ 12.077505] print_report+0xd1/0x640 [ 12.077552] ? __virt_addr_valid+0x1db/0x2d0 [ 12.077592] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.077625] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.077652] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.077696] kasan_report+0x140/0x180 [ 12.077719] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.077744] __asan_report_load16_noabort+0x18/0x20 [ 12.077764] kmalloc_uaf_16+0x47d/0x4c0 [ 12.077785] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.077806] ? __schedule+0xc49/0x27a0 [ 12.077826] ? __pfx_read_tsc+0x10/0x10 [ 12.077844] ? ktime_get_ts64+0x84/0x230 [ 12.077870] kunit_try_run_case+0x1a6/0x480 [ 12.077903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.077927] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.077948] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.077972] ? __kthread_parkme+0x82/0x160 [ 12.077991] ? preempt_count_sub+0x50/0x80 [ 12.078014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.078033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.078070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.078138] kthread+0x257/0x310 [ 12.078171] ? __pfx_kthread+0x10/0x10 [ 12.078197] ret_from_fork+0x41/0x80 [ 12.078217] ? __pfx_kthread+0x10/0x10 [ 12.078235] ret_from_fork_asm+0x1a/0x30 [ 12.078264] </TASK> [ 12.078276] [ 12.088456] Allocated by task 173: [ 12.088771] kasan_save_stack+0x45/0x70 [ 12.088979] kasan_save_track+0x18/0x40 [ 12.089149] kasan_save_alloc_info+0x3b/0x50 [ 12.089654] __kasan_kmalloc+0xb7/0xc0 [ 12.090212] __kmalloc_cache_noprof+0x168/0x350 [ 12.090591] kmalloc_uaf_16+0x15c/0x4c0 [ 12.091120] kunit_try_run_case+0x1a6/0x480 [ 12.091517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.091915] kthread+0x257/0x310 [ 12.092085] ret_from_fork+0x41/0x80 [ 12.092237] ret_from_fork_asm+0x1a/0x30 [ 12.092496] [ 12.093045] Freed by task 173: [ 12.093387] kasan_save_stack+0x45/0x70 [ 12.093932] kasan_save_track+0x18/0x40 [ 12.094220] kasan_save_free_info+0x3f/0x60 [ 12.094538] __kasan_slab_free+0x56/0x70 [ 12.094687] kfree+0x123/0x3d0 [ 12.094913] kmalloc_uaf_16+0x1d7/0x4c0 [ 12.095300] kunit_try_run_case+0x1a6/0x480 [ 12.095781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.096500] kthread+0x257/0x310 [ 12.096761] ret_from_fork+0x41/0x80 [ 12.097144] ret_from_fork_asm+0x1a/0x30 [ 12.097593] [ 12.097713] The buggy address belongs to the object at ffff8881024e4180 [ 12.097713] which belongs to the cache kmalloc-16 of size 16 [ 12.098609] The buggy address is located 0 bytes inside of [ 12.098609] freed 16-byte region [ffff8881024e4180, ffff8881024e4190) [ 12.099508] [ 12.099738] The buggy address belongs to the physical page: [ 12.099987] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 12.100796] flags: 0x200000000000000(node=0|zone=2) [ 12.101405] page_type: f5(slab) [ 12.101580] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.101800] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 12.102258] page dumped because: kasan: bad access detected [ 12.102727] [ 12.102916] Memory state around the buggy address: [ 12.103447] ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 12.103731] ffff8881024e4100: fa fb fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 12.104152] >ffff8881024e4180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.104602] ^ [ 12.104872] ffff8881024e4200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.105348] ffff8881024e4280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.105723] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.969958] ================================================================== [ 13.970304] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x32b/0x390 [ 13.970463] Read of size 1 at addr ffff888102b5fcaa by task kunit_try_catch/258 [ 13.971126] [ 13.971626] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.971699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.971714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.971733] Call Trace: [ 13.971748] <TASK> [ 13.971772] dump_stack_lvl+0x73/0xb0 [ 13.971806] print_report+0xd1/0x640 [ 13.971829] ? __virt_addr_valid+0x1db/0x2d0 [ 13.971851] ? kasan_alloca_oob_right+0x32b/0x390 [ 13.971872] ? kasan_addr_to_slab+0x11/0xa0 [ 13.971977] ? kasan_alloca_oob_right+0x32b/0x390 [ 13.972008] kasan_report+0x140/0x180 [ 13.972033] ? kasan_alloca_oob_right+0x32b/0x390 [ 13.972059] __asan_report_load1_noabort+0x18/0x20 [ 13.972079] kasan_alloca_oob_right+0x32b/0x390 [ 13.972219] ? dup_user_cpus_ptr+0x11e/0x260 [ 13.972242] ? __schedule+0xc49/0x27a0 [ 13.972262] ? trace_hardirqs_on+0x37/0xe0 [ 13.972288] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.972312] ? __schedule+0xc49/0x27a0 [ 13.972330] ? __pfx_read_tsc+0x10/0x10 [ 13.972350] ? ktime_get_ts64+0x84/0x230 [ 13.972374] kunit_try_run_case+0x1a6/0x480 [ 13.972394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972413] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.972432] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.972455] ? __kthread_parkme+0x82/0x160 [ 13.972474] ? preempt_count_sub+0x50/0x80 [ 13.972495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.972513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.972535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.972558] kthread+0x257/0x310 [ 13.972574] ? __pfx_kthread+0x10/0x10 [ 13.972592] ret_from_fork+0x41/0x80 [ 13.972610] ? __pfx_kthread+0x10/0x10 [ 13.972627] ret_from_fork_asm+0x1a/0x30 [ 13.972656] </TASK> [ 13.972689] [ 13.978554] The buggy address belongs to stack of task kunit_try_catch/258 [ 13.978714] [ 13.978768] The buggy address belongs to the physical page: [ 13.978867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b5f [ 13.979359] flags: 0x200000000000000(node=0|zone=2) [ 13.979655] raw: 0200000000000000 ffffea00040ad7c8 ffffea00040ad7c8 0000000000000000 [ 13.980060] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.980185] page dumped because: kasan: bad access detected [ 13.980280] [ 13.980326] Memory state around the buggy address: [ 13.980593] ffff888102b5fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.980995] ffff888102b5fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.981331] >ffff888102b5fc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 13.981523] ^ [ 13.981728] ffff888102b5fd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 13.981926] ffff888102b5fd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 13.982382] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.953838] ================================================================== [ 13.954252] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380 [ 13.954632] Read of size 1 at addr ffff888102affc9f by task kunit_try_catch/256 [ 13.955420] [ 13.955583] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.955636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.955648] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.955681] Call Trace: [ 13.955760] <TASK> [ 13.955809] dump_stack_lvl+0x73/0xb0 [ 13.955850] print_report+0xd1/0x640 [ 13.955874] ? __virt_addr_valid+0x1db/0x2d0 [ 13.955908] ? kasan_alloca_oob_left+0x322/0x380 [ 13.955933] ? kasan_addr_to_slab+0x11/0xa0 [ 13.955953] ? kasan_alloca_oob_left+0x322/0x380 [ 13.955976] kasan_report+0x140/0x180 [ 13.955999] ? kasan_alloca_oob_left+0x322/0x380 [ 13.956026] __asan_report_load1_noabort+0x18/0x20 [ 13.956047] kasan_alloca_oob_left+0x322/0x380 [ 13.956071] ? dup_user_cpus_ptr+0x11e/0x260 [ 13.956156] ? __schedule+0xc49/0x27a0 [ 13.956180] ? trace_hardirqs_on+0x37/0xe0 [ 13.956207] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.956236] ? __schedule+0xc49/0x27a0 [ 13.956254] ? __pfx_read_tsc+0x10/0x10 [ 13.956273] ? ktime_get_ts64+0x84/0x230 [ 13.956300] kunit_try_run_case+0x1a6/0x480 [ 13.956324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956344] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.956363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.956387] ? __kthread_parkme+0x82/0x160 [ 13.956405] ? preempt_count_sub+0x50/0x80 [ 13.956425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.956444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.956467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.956492] kthread+0x257/0x310 [ 13.956509] ? __pfx_kthread+0x10/0x10 [ 13.956526] ret_from_fork+0x41/0x80 [ 13.956545] ? __pfx_kthread+0x10/0x10 [ 13.956562] ret_from_fork_asm+0x1a/0x30 [ 13.956591] </TASK> [ 13.956602] [ 13.962184] The buggy address belongs to stack of task kunit_try_catch/256 [ 13.962502] [ 13.962612] The buggy address belongs to the physical page: [ 13.962744] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aff [ 13.962992] flags: 0x200000000000000(node=0|zone=2) [ 13.963245] raw: 0200000000000000 ffffea00040abfc8 ffffea00040abfc8 0000000000000000 [ 13.963446] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.963667] page dumped because: kasan: bad access detected [ 13.963909] [ 13.963961] Memory state around the buggy address: [ 13.964134] ffff888102affb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.964258] ffff888102affc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.964376] >ffff888102affc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 13.964558] ^ [ 13.964744] ffff888102affd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 13.965381] ffff888102affd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 13.965765] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.934755] ================================================================== [ 13.935380] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b7/0x300 [ 13.935712] Read of size 1 at addr ffff888102a77d72 by task kunit_try_catch/254 [ 13.935900] [ 13.936033] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.936079] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.936092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.936111] Call Trace: [ 13.936125] <TASK> [ 13.936144] dump_stack_lvl+0x73/0xb0 [ 13.936171] print_report+0xd1/0x640 [ 13.936193] ? __virt_addr_valid+0x1db/0x2d0 [ 13.936216] ? kasan_stack_oob+0x2b7/0x300 [ 13.936236] ? kasan_addr_to_slab+0x11/0xa0 [ 13.936256] ? kasan_stack_oob+0x2b7/0x300 [ 13.936276] kasan_report+0x140/0x180 [ 13.936297] ? kasan_stack_oob+0x2b7/0x300 [ 13.936322] __asan_report_load1_noabort+0x18/0x20 [ 13.936341] kasan_stack_oob+0x2b7/0x300 [ 13.936362] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.936380] ? finish_task_switch.isra.0+0x153/0x700 [ 13.936400] ? __switch_to+0x5d9/0xf60 [ 13.936424] ? __schedule+0xc49/0x27a0 [ 13.936444] ? __pfx_read_tsc+0x10/0x10 [ 13.936462] ? ktime_get_ts64+0x84/0x230 [ 13.936486] kunit_try_run_case+0x1a6/0x480 [ 13.936507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.936527] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.936565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.936587] ? __kthread_parkme+0x82/0x160 [ 13.936605] ? preempt_count_sub+0x50/0x80 [ 13.936643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.936670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.936695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.936719] kthread+0x257/0x310 [ 13.936737] ? __pfx_kthread+0x10/0x10 [ 13.936754] ret_from_fork+0x41/0x80 [ 13.936772] ? __pfx_kthread+0x10/0x10 [ 13.936789] ret_from_fork_asm+0x1a/0x30 [ 13.936820] </TASK> [ 13.936830] [ 13.942883] The buggy address belongs to stack of task kunit_try_catch/254 [ 13.943612] and is located at offset 138 in frame: [ 13.943927] kasan_stack_oob+0x0/0x300 [ 13.944251] [ 13.944319] This frame has 4 objects: [ 13.944564] [48, 49) '__assertion' [ 13.944594] [64, 72) 'array' [ 13.944843] [96, 112) '__assertion' [ 13.945102] [128, 138) 'stack_array' [ 13.945330] [ 13.945533] The buggy address belongs to the physical page: [ 13.945845] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a77 [ 13.946389] flags: 0x200000000000000(node=0|zone=2) [ 13.946510] raw: 0200000000000000 ffffea00040a9dc8 ffffea00040a9dc8 0000000000000000 [ 13.947095] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.947549] page dumped because: kasan: bad access detected [ 13.947743] [ 13.947870] Memory state around the buggy address: [ 13.948083] ffff888102a77c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.948301] ffff888102a77c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 13.948555] >ffff888102a77d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 13.948871] ^ [ 13.949024] ffff888102a77d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 13.949461] ffff888102a77e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 13.949742] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.915270] ================================================================== [ 13.915729] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 13.916109] Read of size 1 at addr ffffffff87bd0d6d by task kunit_try_catch/250 [ 13.916369] [ 13.916849] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.916905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.916918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.916941] Call Trace: [ 13.916957] <TASK> [ 13.916978] dump_stack_lvl+0x73/0xb0 [ 13.917012] print_report+0xd1/0x640 [ 13.917036] ? __virt_addr_valid+0x1db/0x2d0 [ 13.917063] ? kasan_global_oob_right+0x288/0x2d0 [ 13.917085] ? kasan_addr_to_slab+0x11/0xa0 [ 13.917106] ? kasan_global_oob_right+0x288/0x2d0 [ 13.917128] kasan_report+0x140/0x180 [ 13.917151] ? kasan_global_oob_right+0x288/0x2d0 [ 13.917178] __asan_report_load1_noabort+0x18/0x20 [ 13.917214] kasan_global_oob_right+0x288/0x2d0 [ 13.917236] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.917272] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.917300] kunit_try_run_case+0x1a6/0x480 [ 13.917323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.917343] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.917365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.917390] ? __kthread_parkme+0x82/0x160 [ 13.917410] ? preempt_count_sub+0x50/0x80 [ 13.917435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.917462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.917487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.917518] kthread+0x257/0x310 [ 13.917537] ? __pfx_kthread+0x10/0x10 [ 13.917555] ret_from_fork+0x41/0x80 [ 13.917576] ? __pfx_kthread+0x10/0x10 [ 13.917594] ret_from_fork_asm+0x1a/0x30 [ 13.917624] </TASK> [ 13.917635] [ 13.923443] The buggy address belongs to the variable: [ 13.923634] global_array+0xd/0x40 [ 13.923913] [ 13.924123] The buggy address belongs to the physical page: [ 13.924326] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x517d0 [ 13.924682] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.924969] raw: 0100000000002000 ffffea000145f408 ffffea000145f408 0000000000000000 [ 13.925290] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.925431] page dumped because: kasan: bad access detected [ 13.925529] [ 13.925659] Memory state around the buggy address: [ 13.926000] ffffffff87bd0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.926530] ffffffff87bd0c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.926735] >ffffffff87bd0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 13.927002] ^ [ 13.927505] ffffffff87bd0d80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 13.927765] ffffffff87bd0e00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 13.928020] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.887013] ================================================================== [ 13.887585] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.888066] Free of addr ffff888102b90001 by task kunit_try_catch/248 [ 13.888470] [ 13.889006] CPU: 1 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.889119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.889146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.889187] Call Trace: [ 13.889214] <TASK> [ 13.889245] dump_stack_lvl+0x73/0xb0 [ 13.889607] print_report+0xd1/0x640 [ 13.889675] ? __virt_addr_valid+0x1db/0x2d0 [ 13.889725] ? kasan_addr_to_slab+0x11/0xa0 [ 13.889766] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.889813] kasan_report_invalid_free+0xfc/0x120 [ 13.889855] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.889880] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.889913] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.889941] mempool_free+0x2ec/0x380 [ 13.889965] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.889986] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.890012] ? finish_task_switch.isra.0+0x153/0x700 [ 13.890037] mempool_kmalloc_large_invalid_free+0xee/0x140 [ 13.890063] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.890132] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.890167] ? __pfx_mempool_kfree+0x10/0x10 [ 13.890201] ? __pfx_read_tsc+0x10/0x10 [ 13.890230] ? ktime_get_ts64+0x84/0x230 [ 13.890258] kunit_try_run_case+0x1a6/0x480 [ 13.890281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890300] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.890321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890344] ? __kthread_parkme+0x82/0x160 [ 13.890363] ? preempt_count_sub+0x50/0x80 [ 13.890384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.890427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890451] kthread+0x257/0x310 [ 13.890470] ? __pfx_kthread+0x10/0x10 [ 13.890489] ret_from_fork+0x41/0x80 [ 13.890507] ? __pfx_kthread+0x10/0x10 [ 13.890525] ret_from_fork_asm+0x1a/0x30 [ 13.890554] </TASK> [ 13.890567] [ 13.901302] The buggy address belongs to the physical page: [ 13.901524] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 13.902847] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.903321] flags: 0x200000000000040(head|node=0|zone=2) [ 13.903798] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.904301] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.904634] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.905121] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.905362] head: 0200000000000002 ffffea00040ae401 ffffffffffffffff 0000000000000000 [ 13.905837] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.906326] page dumped because: kasan: bad access detected [ 13.906880] [ 13.907048] Memory state around the buggy address: [ 13.907434] ffff888102b8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.907764] ffff888102b8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.908228] >ffff888102b90000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.908806] ^ [ 13.909014] ffff888102b90080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.909405] ffff888102b90100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.909962] ================================================================== [ 13.856777] ================================================================== [ 13.857255] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.857816] Free of addr ffff888102631501 by task kunit_try_catch/246 [ 13.858040] [ 13.858267] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.858640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.858702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.858747] Call Trace: [ 13.858778] <TASK> [ 13.858809] dump_stack_lvl+0x73/0xb0 [ 13.858862] print_report+0xd1/0x640 [ 13.858896] ? __virt_addr_valid+0x1db/0x2d0 [ 13.858938] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.858979] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.859020] kasan_report_invalid_free+0xfc/0x120 [ 13.859068] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.859116] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.859154] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.859204] check_slab_allocation+0x11f/0x130 [ 13.859237] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.859278] mempool_free+0x2ec/0x380 [ 13.859316] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 13.859360] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.859415] ? finish_task_switch.isra.0+0x153/0x700 [ 13.859459] mempool_kmalloc_invalid_free+0xee/0x140 [ 13.859511] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.859547] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.859576] ? __pfx_mempool_kfree+0x10/0x10 [ 13.859612] ? __pfx_read_tsc+0x10/0x10 [ 13.859640] ? ktime_get_ts64+0x84/0x230 [ 13.859688] kunit_try_run_case+0x1a6/0x480 [ 13.859722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.859748] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.859769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.859792] ? __kthread_parkme+0x82/0x160 [ 13.859811] ? preempt_count_sub+0x50/0x80 [ 13.859831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.859850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.859874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.859898] kthread+0x257/0x310 [ 13.859914] ? __pfx_kthread+0x10/0x10 [ 13.859932] ret_from_fork+0x41/0x80 [ 13.859950] ? __pfx_kthread+0x10/0x10 [ 13.859968] ret_from_fork_asm+0x1a/0x30 [ 13.859996] </TASK> [ 13.860007] [ 13.870677] Allocated by task 246: [ 13.870905] kasan_save_stack+0x45/0x70 [ 13.871289] kasan_save_track+0x18/0x40 [ 13.871497] kasan_save_alloc_info+0x3b/0x50 [ 13.871847] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.872193] remove_element+0x11e/0x190 [ 13.872510] mempool_alloc_preallocated+0x4d/0x90 [ 13.872772] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 13.873188] mempool_kmalloc_invalid_free+0xee/0x140 [ 13.873389] kunit_try_run_case+0x1a6/0x480 [ 13.873569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.873951] kthread+0x257/0x310 [ 13.874251] ret_from_fork+0x41/0x80 [ 13.874544] ret_from_fork_asm+0x1a/0x30 [ 13.874819] [ 13.874943] The buggy address belongs to the object at ffff888102631500 [ 13.874943] which belongs to the cache kmalloc-128 of size 128 [ 13.875518] The buggy address is located 1 bytes inside of [ 13.875518] 128-byte region [ffff888102631500, ffff888102631580) [ 13.876181] [ 13.876357] The buggy address belongs to the physical page: [ 13.876638] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102631 [ 13.877076] flags: 0x200000000000000(node=0|zone=2) [ 13.877360] page_type: f5(slab) [ 13.877605] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.877963] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 13.878333] page dumped because: kasan: bad access detected [ 13.878603] [ 13.878780] Memory state around the buggy address: [ 13.879104] ffff888102631400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.879455] ffff888102631480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.879872] >ffff888102631500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.880295] ^ [ 13.880474] ffff888102631580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.880726] ffff888102631600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.881181] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.805713] ================================================================== [ 13.806210] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 13.806567] Free of addr ffff888102b90000 by task kunit_try_catch/242 [ 13.807250] [ 13.807934] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.808143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.808175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.808217] Call Trace: [ 13.808236] <TASK> [ 13.808264] dump_stack_lvl+0x73/0xb0 [ 13.808310] print_report+0xd1/0x640 [ 13.808332] ? __virt_addr_valid+0x1db/0x2d0 [ 13.808356] ? kasan_addr_to_slab+0x11/0xa0 [ 13.808375] ? mempool_double_free_helper+0x185/0x370 [ 13.808395] kasan_report_invalid_free+0xfc/0x120 [ 13.808418] ? mempool_double_free_helper+0x185/0x370 [ 13.808439] ? mempool_double_free_helper+0x185/0x370 [ 13.808457] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.808479] mempool_free+0x2ec/0x380 [ 13.808500] mempool_double_free_helper+0x185/0x370 [ 13.808519] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.808542] ? finish_task_switch.isra.0+0x153/0x700 [ 13.808563] mempool_kmalloc_large_double_free+0xee/0x140 [ 13.808583] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.808606] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.808622] ? __pfx_mempool_kfree+0x10/0x10 [ 13.808641] ? __pfx_read_tsc+0x10/0x10 [ 13.808658] ? ktime_get_ts64+0x84/0x230 [ 13.808704] kunit_try_run_case+0x1a6/0x480 [ 13.808726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808743] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.808763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.808785] ? __kthread_parkme+0x82/0x160 [ 13.808802] ? preempt_count_sub+0x50/0x80 [ 13.808822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.808840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.808862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808884] kthread+0x257/0x310 [ 13.808901] ? __pfx_kthread+0x10/0x10 [ 13.808919] ret_from_fork+0x41/0x80 [ 13.808937] ? __pfx_kthread+0x10/0x10 [ 13.808954] ret_from_fork_asm+0x1a/0x30 [ 13.808982] </TASK> [ 13.808994] [ 13.819268] The buggy address belongs to the physical page: [ 13.819482] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 13.819970] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.820573] flags: 0x200000000000040(head|node=0|zone=2) [ 13.820973] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.821572] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.821937] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.822773] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.823112] head: 0200000000000002 ffffea00040ae401 ffffffffffffffff 0000000000000000 [ 13.823371] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.824007] page dumped because: kasan: bad access detected [ 13.824490] [ 13.824655] Memory state around the buggy address: [ 13.824973] ffff888102b8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.825577] ffff888102b8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.825986] >ffff888102b90000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.826750] ^ [ 13.827025] ffff888102b90080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.827494] ffff888102b90100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.827848] ================================================================== [ 13.832466] ================================================================== [ 13.832940] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 13.833373] Free of addr ffff888102590000 by task kunit_try_catch/244 [ 13.833677] [ 13.834053] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.834262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.834289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.834331] Call Trace: [ 13.834359] <TASK> [ 13.834389] dump_stack_lvl+0x73/0xb0 [ 13.834448] print_report+0xd1/0x640 [ 13.834490] ? __virt_addr_valid+0x1db/0x2d0 [ 13.834537] ? kasan_addr_to_slab+0x11/0xa0 [ 13.834579] ? mempool_double_free_helper+0x185/0x370 [ 13.834617] kasan_report_invalid_free+0xfc/0x120 [ 13.834689] ? mempool_double_free_helper+0x185/0x370 [ 13.834739] ? mempool_double_free_helper+0x185/0x370 [ 13.834775] __kasan_mempool_poison_pages+0x115/0x130 [ 13.834825] mempool_free+0x290/0x380 [ 13.834874] mempool_double_free_helper+0x185/0x370 [ 13.834919] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.834966] ? finish_task_switch.isra.0+0x153/0x700 [ 13.834993] mempool_page_alloc_double_free+0xe9/0x140 [ 13.835016] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.835040] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.835064] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.835196] ? __pfx_read_tsc+0x10/0x10 [ 13.835218] ? ktime_get_ts64+0x84/0x230 [ 13.835244] kunit_try_run_case+0x1a6/0x480 [ 13.835268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.835288] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.835309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.835334] ? __kthread_parkme+0x82/0x160 [ 13.835353] ? preempt_count_sub+0x50/0x80 [ 13.835374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.835393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.835417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.835443] kthread+0x257/0x310 [ 13.835461] ? __pfx_kthread+0x10/0x10 [ 13.835479] ret_from_fork+0x41/0x80 [ 13.835498] ? __pfx_kthread+0x10/0x10 [ 13.835516] ret_from_fork_asm+0x1a/0x30 [ 13.835547] </TASK> [ 13.835559] [ 13.845443] The buggy address belongs to the physical page: [ 13.845751] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102590 [ 13.846314] flags: 0x200000000000000(node=0|zone=2) [ 13.846690] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.846972] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.847540] page dumped because: kasan: bad access detected [ 13.847910] [ 13.848066] Memory state around the buggy address: [ 13.848532] ffff88810258ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.848895] ffff88810258ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.849336] >ffff888102590000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.849788] ^ [ 13.850030] ffff888102590080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.850650] ffff888102590100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.851003] ================================================================== [ 13.766886] ================================================================== [ 13.767327] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 13.767587] Free of addr ffff88810262bf00 by task kunit_try_catch/240 [ 13.768600] [ 13.768874] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.768967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.768989] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.769028] Call Trace: [ 13.769055] <TASK> [ 13.769088] dump_stack_lvl+0x73/0xb0 [ 13.769207] print_report+0xd1/0x640 [ 13.769247] ? __virt_addr_valid+0x1db/0x2d0 [ 13.769302] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.769345] ? mempool_double_free_helper+0x185/0x370 [ 13.769387] kasan_report_invalid_free+0xfc/0x120 [ 13.769429] ? mempool_double_free_helper+0x185/0x370 [ 13.769461] ? mempool_double_free_helper+0x185/0x370 [ 13.769481] ? mempool_double_free_helper+0x185/0x370 [ 13.769499] check_slab_allocation+0x101/0x130 [ 13.769522] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.769546] mempool_free+0x2ec/0x380 [ 13.769569] mempool_double_free_helper+0x185/0x370 [ 13.769590] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.769613] ? finish_task_switch.isra.0+0x153/0x700 [ 13.769638] mempool_kmalloc_double_free+0xee/0x140 [ 13.769658] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.769705] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.769722] ? __pfx_mempool_kfree+0x10/0x10 [ 13.769742] ? __pfx_read_tsc+0x10/0x10 [ 13.769762] ? ktime_get_ts64+0x84/0x230 [ 13.769788] kunit_try_run_case+0x1a6/0x480 [ 13.769812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.769831] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.769852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.769876] ? __kthread_parkme+0x82/0x160 [ 13.769902] ? preempt_count_sub+0x50/0x80 [ 13.769927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.769947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.769972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.769997] kthread+0x257/0x310 [ 13.770014] ? __pfx_kthread+0x10/0x10 [ 13.770032] ret_from_fork+0x41/0x80 [ 13.770063] ? __pfx_kthread+0x10/0x10 [ 13.770121] ret_from_fork_asm+0x1a/0x30 [ 13.770175] </TASK> [ 13.770191] [ 13.781667] Allocated by task 240: [ 13.781970] kasan_save_stack+0x45/0x70 [ 13.782433] kasan_save_track+0x18/0x40 [ 13.782765] kasan_save_alloc_info+0x3b/0x50 [ 13.782951] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.783463] remove_element+0x11e/0x190 [ 13.783796] mempool_alloc_preallocated+0x4d/0x90 [ 13.784130] mempool_double_free_helper+0x8b/0x370 [ 13.784437] mempool_kmalloc_double_free+0xee/0x140 [ 13.784720] kunit_try_run_case+0x1a6/0x480 [ 13.785032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.785332] kthread+0x257/0x310 [ 13.785570] ret_from_fork+0x41/0x80 [ 13.786314] ret_from_fork_asm+0x1a/0x30 [ 13.786616] [ 13.786794] Freed by task 240: [ 13.787026] kasan_save_stack+0x45/0x70 [ 13.787474] kasan_save_track+0x18/0x40 [ 13.787734] kasan_save_free_info+0x3f/0x60 [ 13.788211] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.788472] mempool_free+0x2ec/0x380 [ 13.788646] mempool_double_free_helper+0x10a/0x370 [ 13.789006] mempool_kmalloc_double_free+0xee/0x140 [ 13.789778] kunit_try_run_case+0x1a6/0x480 [ 13.790086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.790649] kthread+0x257/0x310 [ 13.790945] ret_from_fork+0x41/0x80 [ 13.791301] ret_from_fork_asm+0x1a/0x30 [ 13.791485] [ 13.791646] The buggy address belongs to the object at ffff88810262bf00 [ 13.791646] which belongs to the cache kmalloc-128 of size 128 [ 13.792455] The buggy address is located 0 bytes inside of [ 13.792455] 128-byte region [ffff88810262bf00, ffff88810262bf80) [ 13.793226] [ 13.793410] The buggy address belongs to the physical page: [ 13.793672] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262b [ 13.794595] flags: 0x200000000000000(node=0|zone=2) [ 13.794902] page_type: f5(slab) [ 13.795341] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.795777] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 13.796293] page dumped because: kasan: bad access detected [ 13.796555] [ 13.796841] Memory state around the buggy address: [ 13.797288] ffff88810262be00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.797691] ffff88810262be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.798041] >ffff88810262bf00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.798629] ^ [ 13.798807] ffff88810262bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.799444] ffff88810262c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.800328] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.738949] ================================================================== [ 13.739379] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.739994] Read of size 1 at addr ffff888102b90000 by task kunit_try_catch/238 [ 13.740753] [ 13.741407] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.741491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.741505] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.741529] Call Trace: [ 13.741545] <TASK> [ 13.741566] dump_stack_lvl+0x73/0xb0 [ 13.741611] print_report+0xd1/0x640 [ 13.741648] ? __virt_addr_valid+0x1db/0x2d0 [ 13.741696] ? mempool_uaf_helper+0x394/0x400 [ 13.741715] ? kasan_addr_to_slab+0x11/0xa0 [ 13.741735] ? mempool_uaf_helper+0x394/0x400 [ 13.741753] kasan_report+0x140/0x180 [ 13.741775] ? mempool_uaf_helper+0x394/0x400 [ 13.741797] __asan_report_load1_noabort+0x18/0x20 [ 13.741817] mempool_uaf_helper+0x394/0x400 [ 13.741835] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.741858] ? finish_task_switch.isra.0+0x153/0x700 [ 13.741883] mempool_page_alloc_uaf+0xee/0x140 [ 13.741912] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.741937] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.741959] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.741981] ? __pfx_read_tsc+0x10/0x10 [ 13.742001] ? ktime_get_ts64+0x84/0x230 [ 13.742027] kunit_try_run_case+0x1a6/0x480 [ 13.742050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.742185] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.742212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.742236] ? __kthread_parkme+0x82/0x160 [ 13.742255] ? preempt_count_sub+0x50/0x80 [ 13.742275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.742294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.742316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.742340] kthread+0x257/0x310 [ 13.742358] ? __pfx_kthread+0x10/0x10 [ 13.742375] ret_from_fork+0x41/0x80 [ 13.742393] ? __pfx_kthread+0x10/0x10 [ 13.742411] ret_from_fork_asm+0x1a/0x30 [ 13.742440] </TASK> [ 13.742452] [ 13.755001] The buggy address belongs to the physical page: [ 13.755300] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b90 [ 13.755566] flags: 0x200000000000000(node=0|zone=2) [ 13.755791] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.756036] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.756624] page dumped because: kasan: bad access detected [ 13.756811] [ 13.756939] Memory state around the buggy address: [ 13.757401] ffff888102b8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.757956] ffff888102b8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.758619] >ffff888102b90000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.759408] ^ [ 13.759705] ffff888102b90080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.760249] ffff888102b90100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.760655] ================================================================== [ 13.667601] ================================================================== [ 13.668080] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.668796] Read of size 1 at addr ffff88810258c000 by task kunit_try_catch/234 [ 13.669516] [ 13.669799] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.669891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.669929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.670019] Call Trace: [ 13.670049] <TASK> [ 13.670082] dump_stack_lvl+0x73/0xb0 [ 13.670251] print_report+0xd1/0x640 [ 13.670279] ? __virt_addr_valid+0x1db/0x2d0 [ 13.670304] ? mempool_uaf_helper+0x394/0x400 [ 13.670323] ? kasan_addr_to_slab+0x11/0xa0 [ 13.670344] ? mempool_uaf_helper+0x394/0x400 [ 13.670363] kasan_report+0x140/0x180 [ 13.670386] ? mempool_uaf_helper+0x394/0x400 [ 13.670410] __asan_report_load1_noabort+0x18/0x20 [ 13.670431] mempool_uaf_helper+0x394/0x400 [ 13.670449] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.670472] ? finish_task_switch.isra.0+0x153/0x700 [ 13.670495] mempool_kmalloc_large_uaf+0xf0/0x140 [ 13.670515] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.670537] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.670555] ? __pfx_mempool_kfree+0x10/0x10 [ 13.670575] ? __pfx_read_tsc+0x10/0x10 [ 13.670594] ? ktime_get_ts64+0x84/0x230 [ 13.670619] kunit_try_run_case+0x1a6/0x480 [ 13.670641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.670680] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.670707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.670731] ? __kthread_parkme+0x82/0x160 [ 13.670751] ? preempt_count_sub+0x50/0x80 [ 13.670771] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.670791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.670815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.670868] kthread+0x257/0x310 [ 13.670886] ? __pfx_kthread+0x10/0x10 [ 13.670904] ret_from_fork+0x41/0x80 [ 13.670924] ? __pfx_kthread+0x10/0x10 [ 13.670941] ret_from_fork_asm+0x1a/0x30 [ 13.670973] </TASK> [ 13.670984] [ 13.682888] The buggy address belongs to the physical page: [ 13.683773] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10258c [ 13.684324] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.684814] flags: 0x200000000000040(head|node=0|zone=2) [ 13.685339] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.685734] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.686361] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.686863] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.687441] head: 0200000000000002 ffffea0004096301 ffffffffffffffff 0000000000000000 [ 13.687847] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.688633] page dumped because: kasan: bad access detected [ 13.688853] [ 13.689026] Memory state around the buggy address: [ 13.689529] ffff88810258bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.689829] ffff88810258bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.690384] >ffff88810258c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.690859] ^ [ 13.691043] ffff88810258c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.691703] ffff88810258c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.692334] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.633048] ================================================================== [ 13.633568] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.634236] Read of size 1 at addr ffff88810262b700 by task kunit_try_catch/232 [ 13.634584] [ 13.634802] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.634936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.634976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.635017] Call Trace: [ 13.635067] <TASK> [ 13.635102] dump_stack_lvl+0x73/0xb0 [ 13.635212] print_report+0xd1/0x640 [ 13.635261] ? __virt_addr_valid+0x1db/0x2d0 [ 13.635310] ? mempool_uaf_helper+0x394/0x400 [ 13.635346] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.635386] ? mempool_uaf_helper+0x394/0x400 [ 13.635416] kasan_report+0x140/0x180 [ 13.635440] ? mempool_uaf_helper+0x394/0x400 [ 13.635462] __asan_report_load1_noabort+0x18/0x20 [ 13.635482] mempool_uaf_helper+0x394/0x400 [ 13.635500] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.635522] ? finish_task_switch.isra.0+0x153/0x700 [ 13.635552] mempool_kmalloc_uaf+0xf0/0x140 [ 13.635581] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.635612] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.635631] ? __pfx_mempool_kfree+0x10/0x10 [ 13.635651] ? __pfx_read_tsc+0x10/0x10 [ 13.635691] ? ktime_get_ts64+0x84/0x230 [ 13.635718] kunit_try_run_case+0x1a6/0x480 [ 13.635741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.635759] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.635780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.635803] ? __kthread_parkme+0x82/0x160 [ 13.635822] ? preempt_count_sub+0x50/0x80 [ 13.635842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.635860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.635883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.635906] kthread+0x257/0x310 [ 13.635923] ? __pfx_kthread+0x10/0x10 [ 13.635941] ret_from_fork+0x41/0x80 [ 13.635959] ? __pfx_kthread+0x10/0x10 [ 13.635976] ret_from_fork_asm+0x1a/0x30 [ 13.636005] </TASK> [ 13.636017] [ 13.645307] Allocated by task 232: [ 13.645609] kasan_save_stack+0x45/0x70 [ 13.645847] kasan_save_track+0x18/0x40 [ 13.646188] kasan_save_alloc_info+0x3b/0x50 [ 13.646374] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.646629] remove_element+0x11e/0x190 [ 13.646964] mempool_alloc_preallocated+0x4d/0x90 [ 13.647342] mempool_uaf_helper+0x97/0x400 [ 13.647570] mempool_kmalloc_uaf+0xf0/0x140 [ 13.647897] kunit_try_run_case+0x1a6/0x480 [ 13.648240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.648465] kthread+0x257/0x310 [ 13.648748] ret_from_fork+0x41/0x80 [ 13.648942] ret_from_fork_asm+0x1a/0x30 [ 13.649193] [ 13.649363] Freed by task 232: [ 13.649610] kasan_save_stack+0x45/0x70 [ 13.649902] kasan_save_track+0x18/0x40 [ 13.650115] kasan_save_free_info+0x3f/0x60 [ 13.650376] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.650780] mempool_free+0x2ec/0x380 [ 13.651111] mempool_uaf_helper+0x11b/0x400 [ 13.651416] mempool_kmalloc_uaf+0xf0/0x140 [ 13.651589] kunit_try_run_case+0x1a6/0x480 [ 13.651771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.652153] kthread+0x257/0x310 [ 13.652449] ret_from_fork+0x41/0x80 [ 13.652731] ret_from_fork_asm+0x1a/0x30 [ 13.653044] [ 13.653211] The buggy address belongs to the object at ffff88810262b700 [ 13.653211] which belongs to the cache kmalloc-128 of size 128 [ 13.653786] The buggy address is located 0 bytes inside of [ 13.653786] freed 128-byte region [ffff88810262b700, ffff88810262b780) [ 13.654254] [ 13.654409] The buggy address belongs to the physical page: [ 13.654808] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10262b [ 13.655375] flags: 0x200000000000000(node=0|zone=2) [ 13.655756] page_type: f5(slab) [ 13.655933] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.656386] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 13.656806] page dumped because: kasan: bad access detected [ 13.657192] [ 13.657358] Memory state around the buggy address: [ 13.657562] ffff88810262b600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.658526] ffff88810262b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.658797] >ffff88810262b700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.659233] ^ [ 13.659504] ffff88810262b780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.659967] ffff88810262b800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.660401] ================================================================== [ 13.699318] ================================================================== [ 13.699842] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.700514] Read of size 1 at addr ffff888102631240 by task kunit_try_catch/236 [ 13.700839] [ 13.700963] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 13.701015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.701027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.701049] Call Trace: [ 13.701068] <TASK> [ 13.701392] dump_stack_lvl+0x73/0xb0 [ 13.701480] print_report+0xd1/0x640 [ 13.701523] ? __virt_addr_valid+0x1db/0x2d0 [ 13.701568] ? mempool_uaf_helper+0x394/0x400 [ 13.701604] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.701645] ? mempool_uaf_helper+0x394/0x400 [ 13.701697] kasan_report+0x140/0x180 [ 13.701739] ? mempool_uaf_helper+0x394/0x400 [ 13.701780] __asan_report_load1_noabort+0x18/0x20 [ 13.701819] mempool_uaf_helper+0x394/0x400 [ 13.701857] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.701922] ? finish_task_switch.isra.0+0x153/0x700 [ 13.701986] mempool_slab_uaf+0xeb/0x140 [ 13.702027] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.702067] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.702107] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.702183] ? __pfx_read_tsc+0x10/0x10 [ 13.702227] ? ktime_get_ts64+0x84/0x230 [ 13.702279] kunit_try_run_case+0x1a6/0x480 [ 13.702307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702328] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.702350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.702375] ? __kthread_parkme+0x82/0x160 [ 13.702396] ? preempt_count_sub+0x50/0x80 [ 13.702418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.702437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.702462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.702487] kthread+0x257/0x310 [ 13.702505] ? __pfx_kthread+0x10/0x10 [ 13.702524] ret_from_fork+0x41/0x80 [ 13.702544] ? __pfx_kthread+0x10/0x10 [ 13.702562] ret_from_fork_asm+0x1a/0x30 [ 13.702593] </TASK> [ 13.702605] [ 13.712427] Allocated by task 236: [ 13.712785] kasan_save_stack+0x45/0x70 [ 13.713132] kasan_save_track+0x18/0x40 [ 13.713426] kasan_save_alloc_info+0x3b/0x50 [ 13.713605] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.713814] remove_element+0x11e/0x190 [ 13.713988] mempool_alloc_preallocated+0x4d/0x90 [ 13.714600] mempool_uaf_helper+0x97/0x400 [ 13.714981] mempool_slab_uaf+0xeb/0x140 [ 13.715367] kunit_try_run_case+0x1a6/0x480 [ 13.715699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.716195] kthread+0x257/0x310 [ 13.716472] ret_from_fork+0x41/0x80 [ 13.716711] ret_from_fork_asm+0x1a/0x30 [ 13.717107] [ 13.717270] Freed by task 236: [ 13.717569] kasan_save_stack+0x45/0x70 [ 13.717887] kasan_save_track+0x18/0x40 [ 13.718115] kasan_save_free_info+0x3f/0x60 [ 13.718300] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.718820] mempool_free+0x2ec/0x380 [ 13.719165] mempool_uaf_helper+0x11b/0x400 [ 13.719536] mempool_slab_uaf+0xeb/0x140 [ 13.719848] kunit_try_run_case+0x1a6/0x480 [ 13.720237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.720669] kthread+0x257/0x310 [ 13.720828] ret_from_fork+0x41/0x80 [ 13.721182] ret_from_fork_asm+0x1a/0x30 [ 13.721510] [ 13.721674] The buggy address belongs to the object at ffff888102631240 [ 13.721674] which belongs to the cache test_cache of size 123 [ 13.722406] The buggy address is located 0 bytes inside of [ 13.722406] freed 123-byte region [ffff888102631240, ffff8881026312bb) [ 13.723278] [ 13.723444] The buggy address belongs to the physical page: [ 13.723688] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102631 [ 13.724388] flags: 0x200000000000000(node=0|zone=2) [ 13.724616] page_type: f5(slab) [ 13.724848] raw: 0200000000000000 ffff888102621640 dead000000000122 0000000000000000 [ 13.725439] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 13.725872] page dumped because: kasan: bad access detected [ 13.726328] [ 13.726486] Memory state around the buggy address: [ 13.726841] ffff888102631100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.727388] ffff888102631180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.727876] >ffff888102631200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.728381] ^ [ 13.728635] ffff888102631280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.729184] ffff888102631300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.729597] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.552856] ================================================================== [ 11.553700] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 11.554013] Read of size 1 at addr ffff888102ae0000 by task kunit_try_catch/159 [ 11.555055] [ 11.555735] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.555798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.555810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.555830] Call Trace: [ 11.555844] <TASK> [ 11.555863] dump_stack_lvl+0x73/0xb0 [ 11.555895] print_report+0xd1/0x640 [ 11.555917] ? __virt_addr_valid+0x1db/0x2d0 [ 11.555938] ? page_alloc_uaf+0x358/0x3d0 [ 11.555955] ? kasan_addr_to_slab+0x11/0xa0 [ 11.555974] ? page_alloc_uaf+0x358/0x3d0 [ 11.555991] kasan_report+0x140/0x180 [ 11.556012] ? page_alloc_uaf+0x358/0x3d0 [ 11.556033] __asan_report_load1_noabort+0x18/0x20 [ 11.556056] page_alloc_uaf+0x358/0x3d0 [ 11.556083] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.556119] ? __schedule+0xc49/0x27a0 [ 11.556139] ? __pfx_read_tsc+0x10/0x10 [ 11.556157] ? ktime_get_ts64+0x84/0x230 [ 11.556181] kunit_try_run_case+0x1a6/0x480 [ 11.556202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.556220] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.556238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.556260] ? __kthread_parkme+0x82/0x160 [ 11.556278] ? preempt_count_sub+0x50/0x80 [ 11.556299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.556316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.556338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.556360] kthread+0x257/0x310 [ 11.556376] ? __pfx_kthread+0x10/0x10 [ 11.556394] ret_from_fork+0x41/0x80 [ 11.556412] ? __pfx_kthread+0x10/0x10 [ 11.556429] ret_from_fork_asm+0x1a/0x30 [ 11.556456] </TASK> [ 11.556468] [ 11.564571] The buggy address belongs to the physical page: [ 11.565011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae0 [ 11.565727] flags: 0x200000000000000(node=0|zone=2) [ 11.566141] page_type: f0(buddy) [ 11.566608] raw: 0200000000000000 ffff88817fffb4e8 ffff88817fffb4e8 0000000000000000 [ 11.567305] raw: 0000000000000000 0000000000000005 00000000f0000000 0000000000000000 [ 11.567761] page dumped because: kasan: bad access detected [ 11.567955] [ 11.568092] Memory state around the buggy address: [ 11.568426] ffff888102adff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.568890] ffff888102adff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.569523] >ffff888102ae0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.570053] ^ [ 11.570818] ffff888102ae0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.571153] ffff888102ae0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.571831] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 11.522628] ================================================================== [ 11.523186] BUG: KASAN: invalid-free in kfree+0x271/0x3d0 [ 11.523677] Free of addr ffff888102578001 by task kunit_try_catch/155 [ 11.523917] [ 11.524065] CPU: 0 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.524143] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.524401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.524447] Call Trace: [ 11.524467] <TASK> [ 11.524496] dump_stack_lvl+0x73/0xb0 [ 11.524554] print_report+0xd1/0x640 [ 11.524590] ? __virt_addr_valid+0x1db/0x2d0 [ 11.524627] ? kasan_addr_to_slab+0x11/0xa0 [ 11.524681] ? kfree+0x271/0x3d0 [ 11.524713] kasan_report_invalid_free+0xfc/0x120 [ 11.524753] ? kfree+0x271/0x3d0 [ 11.524789] ? kfree+0x271/0x3d0 [ 11.524820] __kasan_kfree_large+0x86/0xd0 [ 11.525244] free_large_kmalloc+0x3b/0xd0 [ 11.525313] kfree+0x271/0x3d0 [ 11.525352] kmalloc_large_invalid_free+0x121/0x2b0 [ 11.525393] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.525436] ? __schedule+0xc49/0x27a0 [ 11.525467] ? __pfx_read_tsc+0x10/0x10 [ 11.525489] ? ktime_get_ts64+0x84/0x230 [ 11.525515] kunit_try_run_case+0x1a6/0x480 [ 11.525536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.525554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.525573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.525596] ? __kthread_parkme+0x82/0x160 [ 11.525614] ? preempt_count_sub+0x50/0x80 [ 11.525635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.525666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.525697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.525721] kthread+0x257/0x310 [ 11.525738] ? __pfx_kthread+0x10/0x10 [ 11.525755] ret_from_fork+0x41/0x80 [ 11.525774] ? __pfx_kthread+0x10/0x10 [ 11.525791] ret_from_fork_asm+0x1a/0x30 [ 11.525820] </TASK> [ 11.525831] [ 11.534587] The buggy address belongs to the physical page: [ 11.534836] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102578 [ 11.535500] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.535796] flags: 0x200000000000040(head|node=0|zone=2) [ 11.536320] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.536682] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.537041] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.537479] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.537750] head: 0200000000000002 ffffea0004095e01 ffffffffffffffff 0000000000000000 [ 11.538345] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.538851] page dumped because: kasan: bad access detected [ 11.539350] [ 11.539524] Memory state around the buggy address: [ 11.539850] ffff888102577f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.540099] ffff888102577f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.540710] >ffff888102578000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.541128] ^ [ 11.541356] ffff888102578080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.541924] ffff888102578100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.542399] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.499360] ================================================================== [ 11.499796] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 11.500545] Read of size 1 at addr ffff888102514000 by task kunit_try_catch/153 [ 11.500794] [ 11.501131] CPU: 1 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.501220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.501243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.501282] Call Trace: [ 11.501308] <TASK> [ 11.501339] dump_stack_lvl+0x73/0xb0 [ 11.501390] print_report+0xd1/0x640 [ 11.501765] ? __virt_addr_valid+0x1db/0x2d0 [ 11.501811] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.501848] ? kasan_addr_to_slab+0x11/0xa0 [ 11.501873] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.501907] kasan_report+0x140/0x180 [ 11.501931] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.501957] __asan_report_load1_noabort+0x18/0x20 [ 11.501977] kmalloc_large_uaf+0x2f3/0x340 [ 11.501998] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.502019] ? __schedule+0xc49/0x27a0 [ 11.502041] ? __pfx_read_tsc+0x10/0x10 [ 11.502085] ? ktime_get_ts64+0x84/0x230 [ 11.502155] kunit_try_run_case+0x1a6/0x480 [ 11.502190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.502222] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.502247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.502270] ? __kthread_parkme+0x82/0x160 [ 11.502290] ? preempt_count_sub+0x50/0x80 [ 11.502312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.502331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.502356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.502380] kthread+0x257/0x310 [ 11.502397] ? __pfx_kthread+0x10/0x10 [ 11.502416] ret_from_fork+0x41/0x80 [ 11.502434] ? __pfx_kthread+0x10/0x10 [ 11.502452] ret_from_fork_asm+0x1a/0x30 [ 11.502481] </TASK> [ 11.502494] [ 11.511193] The buggy address belongs to the physical page: [ 11.511452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102514 [ 11.511993] flags: 0x200000000000000(node=0|zone=2) [ 11.512752] raw: 0200000000000000 ffffea0004094608 ffff88815b13f000 0000000000000000 [ 11.513418] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.513727] page dumped because: kasan: bad access detected [ 11.514320] [ 11.514515] Memory state around the buggy address: [ 11.514768] ffff888102513f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.515034] ffff888102513f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.515689] >ffff888102514000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.516527] ^ [ 11.516820] ffff888102514080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.517423] ffff888102514100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.517867] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.474591] ================================================================== [ 11.475118] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 11.475600] Write of size 1 at addr ffff88810257a00a by task kunit_try_catch/151 [ 11.476267] [ 11.476779] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.476866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.476885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.476918] Call Trace: [ 11.476942] <TASK> [ 11.476971] dump_stack_lvl+0x73/0xb0 [ 11.477246] print_report+0xd1/0x640 [ 11.477289] ? __virt_addr_valid+0x1db/0x2d0 [ 11.477315] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.477337] ? kasan_addr_to_slab+0x11/0xa0 [ 11.477359] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.477381] kasan_report+0x140/0x180 [ 11.477403] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.477430] __asan_report_store1_noabort+0x1b/0x30 [ 11.477452] kmalloc_large_oob_right+0x2eb/0x340 [ 11.477475] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.477498] ? __schedule+0xc49/0x27a0 [ 11.477518] ? __pfx_read_tsc+0x10/0x10 [ 11.477536] ? ktime_get_ts64+0x84/0x230 [ 11.477562] kunit_try_run_case+0x1a6/0x480 [ 11.477584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.477603] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.477623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.477647] ? __kthread_parkme+0x82/0x160 [ 11.477691] ? preempt_count_sub+0x50/0x80 [ 11.477714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.477733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.477758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.477783] kthread+0x257/0x310 [ 11.477800] ? __pfx_kthread+0x10/0x10 [ 11.477819] ret_from_fork+0x41/0x80 [ 11.477838] ? __pfx_kthread+0x10/0x10 [ 11.477856] ret_from_fork_asm+0x1a/0x30 [ 11.477896] </TASK> [ 11.477911] [ 11.485642] The buggy address belongs to the physical page: [ 11.485872] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102578 [ 11.486459] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.486942] flags: 0x200000000000040(head|node=0|zone=2) [ 11.487529] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.488006] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.488586] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.488957] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.489764] head: 0200000000000002 ffffea0004095e01 ffffffffffffffff 0000000000000000 [ 11.490115] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.490442] page dumped because: kasan: bad access detected [ 11.490729] [ 11.490877] Memory state around the buggy address: [ 11.491114] ffff888102579f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.491397] ffff888102579f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.491830] >ffff88810257a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.492174] ^ [ 11.492376] ffff88810257a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.492648] ffff88810257a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.492979] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.440227] ================================================================== [ 11.440696] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 11.441203] Write of size 1 at addr ffff888101f2df00 by task kunit_try_catch/149 [ 11.442018] [ 11.442582] CPU: 0 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.442700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.442726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.442766] Call Trace: [ 11.442792] <TASK> [ 11.442825] dump_stack_lvl+0x73/0xb0 [ 11.442886] print_report+0xd1/0x640 [ 11.442919] ? __virt_addr_valid+0x1db/0x2d0 [ 11.442944] ? kmalloc_big_oob_right+0x318/0x370 [ 11.442966] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.442989] ? kmalloc_big_oob_right+0x318/0x370 [ 11.443011] kasan_report+0x140/0x180 [ 11.443033] ? kmalloc_big_oob_right+0x318/0x370 [ 11.443070] __asan_report_store1_noabort+0x1b/0x30 [ 11.443250] kmalloc_big_oob_right+0x318/0x370 [ 11.443296] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.443340] ? __schedule+0xc49/0x27a0 [ 11.443378] ? __pfx_read_tsc+0x10/0x10 [ 11.443444] ? ktime_get_ts64+0x84/0x230 [ 11.443511] kunit_try_run_case+0x1a6/0x480 [ 11.443559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.443598] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.443637] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.443688] ? __kthread_parkme+0x82/0x160 [ 11.443709] ? preempt_count_sub+0x50/0x80 [ 11.443732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.443750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.443775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.443800] kthread+0x257/0x310 [ 11.443817] ? __pfx_kthread+0x10/0x10 [ 11.443835] ret_from_fork+0x41/0x80 [ 11.443854] ? __pfx_kthread+0x10/0x10 [ 11.443871] ret_from_fork_asm+0x1a/0x30 [ 11.443901] </TASK> [ 11.443913] [ 11.452914] Allocated by task 149: [ 11.453393] kasan_save_stack+0x45/0x70 [ 11.454035] kasan_save_track+0x18/0x40 [ 11.454623] kasan_save_alloc_info+0x3b/0x50 [ 11.454961] __kasan_kmalloc+0xb7/0xc0 [ 11.455598] __kmalloc_cache_noprof+0x168/0x350 [ 11.455876] kmalloc_big_oob_right+0xaa/0x370 [ 11.456150] kunit_try_run_case+0x1a6/0x480 [ 11.456458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.456983] kthread+0x257/0x310 [ 11.457181] ret_from_fork+0x41/0x80 [ 11.457488] ret_from_fork_asm+0x1a/0x30 [ 11.457700] [ 11.457861] The buggy address belongs to the object at ffff888101f2c000 [ 11.457861] which belongs to the cache kmalloc-8k of size 8192 [ 11.458906] The buggy address is located 0 bytes to the right of [ 11.458906] allocated 7936-byte region [ffff888101f2c000, ffff888101f2df00) [ 11.460260] [ 11.460375] The buggy address belongs to the physical page: [ 11.460626] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f28 [ 11.460995] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.461745] flags: 0x200000000000040(head|node=0|zone=2) [ 11.462396] page_type: f5(slab) [ 11.462578] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.463182] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 11.463401] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.463917] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 11.464717] head: 0200000000000003 ffffea000407ca01 ffffffffffffffff 0000000000000000 [ 11.465039] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 11.465766] page dumped because: kasan: bad access detected [ 11.466121] [ 11.466700] Memory state around the buggy address: [ 11.466968] ffff888101f2de00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.467766] ffff888101f2de80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.468086] >ffff888101f2df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.468507] ^ [ 11.468783] ffff888101f2df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.469390] ffff888101f2e000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.469881] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.406849] ================================================================== [ 11.407670] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 11.408612] Read of size 1 at addr ffff888102a59000 by task kunit_try_catch/147 [ 11.408948] [ 11.409114] CPU: 1 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.409196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.409219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.409403] Call Trace: [ 11.409441] <TASK> [ 11.409473] dump_stack_lvl+0x73/0xb0 [ 11.409530] print_report+0xd1/0x640 [ 11.409576] ? __virt_addr_valid+0x1db/0x2d0 [ 11.409621] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.409668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.409705] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.409730] kasan_report+0x140/0x180 [ 11.409752] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.409775] __asan_report_load1_noabort+0x18/0x20 [ 11.409794] kmalloc_node_oob_right+0x36b/0x3d0 [ 11.409814] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.409834] ? __schedule+0xc49/0x27a0 [ 11.409854] ? __pfx_read_tsc+0x10/0x10 [ 11.409872] ? ktime_get_ts64+0x84/0x230 [ 11.409910] kunit_try_run_case+0x1a6/0x480 [ 11.409932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.409951] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.409970] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.409994] ? __kthread_parkme+0x82/0x160 [ 11.410013] ? preempt_count_sub+0x50/0x80 [ 11.410035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.410075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.410144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.410185] kthread+0x257/0x310 [ 11.410207] ? __pfx_kthread+0x10/0x10 [ 11.410226] ret_from_fork+0x41/0x80 [ 11.410244] ? __pfx_kthread+0x10/0x10 [ 11.410261] ret_from_fork_asm+0x1a/0x30 [ 11.410289] </TASK> [ 11.410301] [ 11.419059] Allocated by task 147: [ 11.419353] kasan_save_stack+0x45/0x70 [ 11.419776] kasan_save_track+0x18/0x40 [ 11.420350] kasan_save_alloc_info+0x3b/0x50 [ 11.420588] __kasan_kmalloc+0xb7/0xc0 [ 11.420770] __kmalloc_cache_node_noprof+0x187/0x370 [ 11.420965] kmalloc_node_oob_right+0xac/0x3d0 [ 11.421155] kunit_try_run_case+0x1a6/0x480 [ 11.421327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.421693] kthread+0x257/0x310 [ 11.421957] ret_from_fork+0x41/0x80 [ 11.422244] ret_from_fork_asm+0x1a/0x30 [ 11.422547] [ 11.422728] The buggy address belongs to the object at ffff888102a58000 [ 11.422728] which belongs to the cache kmalloc-4k of size 4096 [ 11.423954] The buggy address is located 0 bytes to the right of [ 11.423954] allocated 4096-byte region [ffff888102a58000, ffff888102a59000) [ 11.425427] [ 11.425591] The buggy address belongs to the physical page: [ 11.425914] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a58 [ 11.426488] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.426927] flags: 0x200000000000040(head|node=0|zone=2) [ 11.427745] page_type: f5(slab) [ 11.428333] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.428770] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 11.429382] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.429750] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 11.430374] head: 0200000000000003 ffffea00040a9601 ffffffffffffffff 0000000000000000 [ 11.430771] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 11.431542] page dumped because: kasan: bad access detected [ 11.431856] [ 11.432016] Memory state around the buggy address: [ 11.432309] ffff888102a58f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.432744] ffff888102a58f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.433217] >ffff888102a59000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.433486] ^ [ 11.433760] ffff888102a59080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.434136] ffff888102a59100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.434603] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.370701] ================================================================== [ 11.371145] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 11.371668] Read of size 1 at addr ffff8881024e40ff by task kunit_try_catch/145 [ 11.371963] [ 11.372245] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.372333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.372358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.372398] Call Trace: [ 11.372426] <TASK> [ 11.372461] dump_stack_lvl+0x73/0xb0 [ 11.372522] print_report+0xd1/0x640 [ 11.372568] ? __virt_addr_valid+0x1db/0x2d0 [ 11.372614] ? kmalloc_oob_left+0x363/0x3c0 [ 11.372649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.372698] ? kmalloc_oob_left+0x363/0x3c0 [ 11.372735] kasan_report+0x140/0x180 [ 11.372776] ? kmalloc_oob_left+0x363/0x3c0 [ 11.373290] __asan_report_load1_noabort+0x18/0x20 [ 11.373345] kmalloc_oob_left+0x363/0x3c0 [ 11.373369] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.373391] ? __schedule+0xc49/0x27a0 [ 11.373413] ? __pfx_read_tsc+0x10/0x10 [ 11.373432] ? ktime_get_ts64+0x84/0x230 [ 11.373458] kunit_try_run_case+0x1a6/0x480 [ 11.373480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373498] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.373518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.373542] ? __kthread_parkme+0x82/0x160 [ 11.373561] ? preempt_count_sub+0x50/0x80 [ 11.373583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.373602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.373627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.373651] kthread+0x257/0x310 [ 11.373691] ? __pfx_kthread+0x10/0x10 [ 11.373709] ret_from_fork+0x41/0x80 [ 11.373728] ? __pfx_kthread+0x10/0x10 [ 11.373746] ret_from_fork_asm+0x1a/0x30 [ 11.373775] </TASK> [ 11.373788] [ 11.382772] Allocated by task 1: [ 11.383015] kasan_save_stack+0x45/0x70 [ 11.383480] kasan_save_track+0x18/0x40 [ 11.383649] kasan_save_alloc_info+0x3b/0x50 [ 11.383820] __kasan_kmalloc+0xb7/0xc0 [ 11.383970] __kmalloc_node_track_caller_noprof+0x1ee/0x460 [ 11.384731] kvasprintf+0xc6/0x150 [ 11.385144] __kthread_create_on_node+0x18c/0x3a0 [ 11.385725] kthread_create_on_node+0xac/0xe0 [ 11.386822] create_worker+0x3e7/0x7b0 [ 11.388067] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.388261] apply_wqattrs_prepare+0x332/0xd20 [ 11.388411] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.388575] alloc_workqueue+0xcc8/0x1ad0 [ 11.389382] latency_fsnotify_init+0x1b/0x50 [ 11.390322] do_one_initcall+0xd9/0x370 [ 11.390704] kernel_init_freeable+0x425/0x6f0 [ 11.391410] kernel_init+0x23/0x1e0 [ 11.391703] ret_from_fork+0x41/0x80 [ 11.391974] ret_from_fork_asm+0x1a/0x30 [ 11.392261] [ 11.392400] The buggy address belongs to the object at ffff8881024e40e0 [ 11.392400] which belongs to the cache kmalloc-16 of size 16 [ 11.393473] The buggy address is located 18 bytes to the right of [ 11.393473] allocated 13-byte region [ffff8881024e40e0, ffff8881024e40ed) [ 11.394548] [ 11.394760] The buggy address belongs to the physical page: [ 11.394975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024e4 [ 11.395797] flags: 0x200000000000000(node=0|zone=2) [ 11.396308] page_type: f5(slab) [ 11.396492] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.396927] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 11.397557] page dumped because: kasan: bad access detected [ 11.397871] [ 11.398043] Memory state around the buggy address: [ 11.398528] ffff8881024e3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.399375] ffff8881024e4000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.399764] >ffff8881024e4080: fa fb fc fc 00 03 fc fc 00 03 fc fc 00 05 fc fc [ 11.400315] ^ [ 11.400688] ffff8881024e4100: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.401313] ffff8881024e4180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.401700] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.292542] ================================================================== [ 11.293368] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 11.294413] Write of size 1 at addr ffff888102975073 by task kunit_try_catch/143 [ 11.294866] [ 11.296357] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.12.32-rc1 #1 [ 11.296867] Tainted: [N]=TEST [ 11.296904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.297174] Call Trace: [ 11.297252] <TASK> [ 11.297414] dump_stack_lvl+0x73/0xb0 [ 11.297513] print_report+0xd1/0x640 [ 11.297546] ? __virt_addr_valid+0x1db/0x2d0 [ 11.297571] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.297591] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.297613] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.297633] kasan_report+0x140/0x180 [ 11.297670] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.297700] __asan_report_store1_noabort+0x1b/0x30 [ 11.297720] kmalloc_oob_right+0x6f2/0x7f0 [ 11.297740] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.297762] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.297786] kunit_try_run_case+0x1a6/0x480 [ 11.297809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.297827] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.297848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.297870] ? __kthread_parkme+0x82/0x160 [ 11.297899] ? preempt_count_sub+0x50/0x80 [ 11.297928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.297948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.297974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.298000] kthread+0x257/0x310 [ 11.298019] ? __pfx_kthread+0x10/0x10 [ 11.298039] ret_from_fork+0x41/0x80 [ 11.298085] ? __pfx_kthread+0x10/0x10 [ 11.298106] ret_from_fork_asm+0x1a/0x30 [ 11.298171] </TASK> [ 11.298259] [ 11.305715] Allocated by task 143: [ 11.306200] kasan_save_stack+0x45/0x70 [ 11.306895] kasan_save_track+0x18/0x40 [ 11.307083] kasan_save_alloc_info+0x3b/0x50 [ 11.307369] __kasan_kmalloc+0xb7/0xc0 [ 11.307630] __kmalloc_cache_noprof+0x168/0x350 [ 11.307944] kmalloc_oob_right+0xaa/0x7f0 [ 11.308255] kunit_try_run_case+0x1a6/0x480 [ 11.308728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.308946] kthread+0x257/0x310 [ 11.309122] ret_from_fork+0x41/0x80 [ 11.309462] ret_from_fork_asm+0x1a/0x30 [ 11.309876] [ 11.310200] The buggy address belongs to the object at ffff888102975000 [ 11.310200] which belongs to the cache kmalloc-128 of size 128 [ 11.310981] The buggy address is located 0 bytes to the right of [ 11.310981] allocated 115-byte region [ffff888102975000, ffff888102975073) [ 11.311807] [ 11.312083] The buggy address belongs to the physical page: [ 11.312651] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102975 [ 11.313634] flags: 0x200000000000000(node=0|zone=2) [ 11.314453] page_type: f5(slab) [ 11.315284] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.315652] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.316275] page dumped because: kasan: bad access detected [ 11.316488] [ 11.316650] Memory state around the buggy address: [ 11.317578] ffff888102974f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.318048] ffff888102974f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.318686] >ffff888102975000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.319048] ^ [ 11.319507] ffff888102975080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.320127] ffff888102975100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.320567] ================================================================== [ 11.342521] ================================================================== [ 11.343088] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 11.343573] Read of size 1 at addr ffff888102975080 by task kunit_try_catch/143 [ 11.344040] [ 11.344347] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.344432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.344456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.344494] Call Trace: [ 11.344521] <TASK> [ 11.344550] dump_stack_lvl+0x73/0xb0 [ 11.344605] print_report+0xd1/0x640 [ 11.344649] ? __virt_addr_valid+0x1db/0x2d0 [ 11.344704] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.344741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.344776] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.344811] kasan_report+0x140/0x180 [ 11.344850] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.344917] __asan_report_load1_noabort+0x18/0x20 [ 11.344958] kmalloc_oob_right+0x68c/0x7f0 [ 11.345012] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.345097] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.345149] kunit_try_run_case+0x1a6/0x480 [ 11.345189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.345223] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.345262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.345306] ? __kthread_parkme+0x82/0x160 [ 11.345345] ? preempt_count_sub+0x50/0x80 [ 11.345385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.345422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.345468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.345516] kthread+0x257/0x310 [ 11.345553] ? __pfx_kthread+0x10/0x10 [ 11.345592] ret_from_fork+0x41/0x80 [ 11.345631] ? __pfx_kthread+0x10/0x10 [ 11.345674] ret_from_fork_asm+0x1a/0x30 [ 11.345747] </TASK> [ 11.345768] [ 11.353126] Allocated by task 143: [ 11.353388] kasan_save_stack+0x45/0x70 [ 11.353663] kasan_save_track+0x18/0x40 [ 11.353967] kasan_save_alloc_info+0x3b/0x50 [ 11.354212] __kasan_kmalloc+0xb7/0xc0 [ 11.354526] __kmalloc_cache_noprof+0x168/0x350 [ 11.354768] kmalloc_oob_right+0xaa/0x7f0 [ 11.354976] kunit_try_run_case+0x1a6/0x480 [ 11.355215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.355454] kthread+0x257/0x310 [ 11.355627] ret_from_fork+0x41/0x80 [ 11.355908] ret_from_fork_asm+0x1a/0x30 [ 11.356237] [ 11.356394] The buggy address belongs to the object at ffff888102975000 [ 11.356394] which belongs to the cache kmalloc-128 of size 128 [ 11.357167] The buggy address is located 13 bytes to the right of [ 11.357167] allocated 115-byte region [ffff888102975000, ffff888102975073) [ 11.357977] [ 11.358139] The buggy address belongs to the physical page: [ 11.358541] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102975 [ 11.358834] flags: 0x200000000000000(node=0|zone=2) [ 11.359219] page_type: f5(slab) [ 11.359467] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.359870] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.360277] page dumped because: kasan: bad access detected [ 11.360544] [ 11.360663] Memory state around the buggy address: [ 11.360991] ffff888102974f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.361304] ffff888102975000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.361786] >ffff888102975080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362166] ^ [ 11.362414] ffff888102975100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362861] ffff888102975180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.363229] ================================================================== [ 11.323358] ================================================================== [ 11.323675] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 11.324033] Write of size 1 at addr ffff888102975078 by task kunit_try_catch/143 [ 11.324551] [ 11.324724] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.32-rc1 #1 [ 11.324800] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.324821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.324857] Call Trace: [ 11.324903] <TASK> [ 11.324935] dump_stack_lvl+0x73/0xb0 [ 11.324998] print_report+0xd1/0x640 [ 11.325038] ? __virt_addr_valid+0x1db/0x2d0 [ 11.325109] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.325149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.325190] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.325233] kasan_report+0x140/0x180 [ 11.325273] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.325317] __asan_report_store1_noabort+0x1b/0x30 [ 11.325355] kmalloc_oob_right+0x6bf/0x7f0 [ 11.325417] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.325462] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.325508] kunit_try_run_case+0x1a6/0x480 [ 11.325546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.325577] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.325616] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.325671] ? __kthread_parkme+0x82/0x160 [ 11.325704] ? preempt_count_sub+0x50/0x80 [ 11.325727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.325746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.325769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.325792] kthread+0x257/0x310 [ 11.325809] ? __pfx_kthread+0x10/0x10 [ 11.325826] ret_from_fork+0x41/0x80 [ 11.325845] ? __pfx_kthread+0x10/0x10 [ 11.325863] ret_from_fork_asm+0x1a/0x30 [ 11.325905] </TASK> [ 11.325922] [ 11.332503] Allocated by task 143: [ 11.332712] kasan_save_stack+0x45/0x70 [ 11.332993] kasan_save_track+0x18/0x40 [ 11.333310] kasan_save_alloc_info+0x3b/0x50 [ 11.333564] __kasan_kmalloc+0xb7/0xc0 [ 11.333861] __kmalloc_cache_noprof+0x168/0x350 [ 11.334179] kmalloc_oob_right+0xaa/0x7f0 [ 11.334398] kunit_try_run_case+0x1a6/0x480 [ 11.334712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.334944] kthread+0x257/0x310 [ 11.335230] ret_from_fork+0x41/0x80 [ 11.335462] ret_from_fork_asm+0x1a/0x30 [ 11.335628] [ 11.335782] The buggy address belongs to the object at ffff888102975000 [ 11.335782] which belongs to the cache kmalloc-128 of size 128 [ 11.336431] The buggy address is located 5 bytes to the right of [ 11.336431] allocated 115-byte region [ffff888102975000, ffff888102975073) [ 11.336941] [ 11.337078] The buggy address belongs to the physical page: [ 11.337273] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102975 [ 11.337740] flags: 0x200000000000000(node=0|zone=2) [ 11.338129] page_type: f5(slab) [ 11.338400] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.338890] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 11.339362] page dumped because: kasan: bad access detected [ 11.339575] [ 11.339724] Memory state around the buggy address: [ 11.339972] ffff888102974f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.340297] ffff888102974f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.340532] >ffff888102975000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.340760] ^ [ 11.340988] ffff888102975080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.341241] ffff888102975100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.341585] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 139.561155] WARNING: CPU: 1 PID: 2192 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.561747] Modules linked in: [ 139.561981] CPU: 1 UID: 0 PID: 2192 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 139.563018] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.563164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.563925] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.564449] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 10 8b 09 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.564859] RSP: 0000:ffff888107e4fce8 EFLAGS: 00010286 [ 139.565340] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 139.565614] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff85bfb35c [ 139.565839] RBP: ffff888107e4fd10 R08: 0000000000000000 R09: ffffed1020f6d380 [ 139.566271] R10: ffff888107b69c07 R11: 0000000000000000 R12: ffffffff85bfb348 [ 139.566452] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107e4fda8 [ 139.566721] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 139.566894] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.567205] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 139.567575] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf363 [ 139.567864] DR3: ffffffff87bbf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.568069] Call Trace: [ 139.568347] <TASK> [ 139.568452] drm_test_rect_calc_vscale+0x109/0x270 [ 139.568595] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.568951] ? __schedule+0xc49/0x27a0 [ 139.569454] ? __pfx_read_tsc+0x10/0x10 [ 139.569727] ? ktime_get_ts64+0x84/0x230 [ 139.570057] kunit_try_run_case+0x1a6/0x480 [ 139.570447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.570605] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.570713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.571007] ? __kthread_parkme+0x82/0x160 [ 139.571270] ? preempt_count_sub+0x50/0x80 [ 139.571480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.571582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.571875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.572030] kthread+0x257/0x310 [ 139.572460] ? __pfx_kthread+0x10/0x10 [ 139.572798] ret_from_fork+0x41/0x80 [ 139.573042] ? __pfx_kthread+0x10/0x10 [ 139.573484] ret_from_fork_asm+0x1a/0x30 [ 139.573818] </TASK> [ 139.573949] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 139.577766] WARNING: CPU: 1 PID: 2194 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 139.578235] Modules linked in: [ 139.578386] CPU: 1 UID: 0 PID: 2194 Comm: kunit_try_catch Tainted: G B D W N 6.12.32-rc1 #1 [ 139.579297] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.579454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.579604] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 139.579730] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 10 8b 09 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 139.580320] RSP: 0000:ffff888102497ce8 EFLAGS: 00010286 [ 139.580749] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 139.580970] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff85bfb394 [ 139.581589] RBP: ffff888102497d10 R08: 0000000000000000 R09: ffffed1020409f80 [ 139.581757] R10: ffff88810204fc07 R11: 0000000000000000 R12: ffffffff85bfb380 [ 139.582002] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102497da8 [ 139.582299] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 139.582610] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.582836] CR2: 00007ffff7ffe000 CR3: 00000000504b4000 CR4: 00000000000006f0 [ 139.583084] DR0: ffffffff87bbf360 DR1: ffffffff87bbf361 DR2: ffffffff87bbf363 [ 139.583524] DR3: ffffffff87bbf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.583738] Call Trace: [ 139.583813] <TASK> [ 139.583887] drm_test_rect_calc_vscale+0x109/0x270 [ 139.584160] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 139.584667] ? __schedule+0xc49/0x27a0 [ 139.584918] ? __pfx_read_tsc+0x10/0x10 [ 139.585056] ? ktime_get_ts64+0x84/0x230 [ 139.585370] kunit_try_run_case+0x1a6/0x480 [ 139.585471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.585767] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.585940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.586185] ? __kthread_parkme+0x82/0x160 [ 139.586439] ? preempt_count_sub+0x50/0x80 [ 139.586632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.586916] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.587259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.587773] kthread+0x257/0x310 [ 139.587910] ? __pfx_kthread+0x10/0x10 [ 139.588033] ret_from_fork+0x41/0x80 [ 139.588488] ? __pfx_kthread+0x10/0x10 [ 139.588667] ret_from_fork_asm+0x1a/0x30 [ 139.588987] </TASK> [ 139.589374] ---[ end trace 0000000000000000 ]---