Date
June 7, 2025, 10:40 a.m.
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 153.528389] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.605821] ================================================================== [ 17.606976] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 17.608266] Write of size 128 at addr ffff888102309f00 by task kunit_try_catch/175 [ 17.608794] [ 17.609022] CPU: 1 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.609139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.609176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.609254] Call Trace: [ 17.609300] <TASK> [ 17.609349] dump_stack_lvl+0x73/0xb0 [ 17.609432] print_report+0xd1/0x640 [ 17.609505] ? __virt_addr_valid+0x1db/0x2d0 [ 17.609628] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.609667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.609700] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.609734] kasan_report+0x140/0x180 [ 17.609768] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.609830] kasan_check_range+0x10c/0x1c0 [ 17.609898] __asan_memset+0x27/0x50 [ 17.609929] kmalloc_oob_in_memset+0x160/0x320 [ 17.609965] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 17.610003] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 17.610043] kunit_try_run_case+0x1a6/0x480 [ 17.610077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.610105] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.610134] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.610170] ? __kthread_parkme+0x82/0x160 [ 17.610198] ? preempt_count_sub+0x50/0x80 [ 17.610258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.610288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.610324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.610362] kthread+0x257/0x310 [ 17.610387] ? __pfx_kthread+0x10/0x10 [ 17.610413] ret_from_fork+0x41/0x80 [ 17.610450] ? __pfx_kthread+0x10/0x10 [ 17.610571] ret_from_fork_asm+0x1a/0x30 [ 17.610616] </TASK> [ 17.610631] [ 17.631193] Allocated by task 175: [ 17.631568] kasan_save_stack+0x45/0x70 [ 17.632058] kasan_save_track+0x18/0x40 [ 17.632529] kasan_save_alloc_info+0x3b/0x50 [ 17.633639] __kasan_kmalloc+0xb7/0xc0 [ 17.633992] __kmalloc_cache_noprof+0x168/0x350 [ 17.635334] kmalloc_oob_in_memset+0xad/0x320 [ 17.636784] kunit_try_run_case+0x1a6/0x480 [ 17.637071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.637413] kthread+0x257/0x310 [ 17.637630] ret_from_fork+0x41/0x80 [ 17.639486] ret_from_fork_asm+0x1a/0x30 [ 17.639899] [ 17.640731] The buggy address belongs to the object at ffff888102309f00 [ 17.640731] which belongs to the cache kmalloc-128 of size 128 [ 17.642775] The buggy address is located 0 bytes inside of [ 17.642775] allocated 120-byte region [ffff888102309f00, ffff888102309f78) [ 17.643415] [ 17.643586] The buggy address belongs to the physical page: [ 17.643914] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102309 [ 17.644755] flags: 0x200000000000000(node=0|zone=2) [ 17.646067] page_type: f5(slab) [ 17.646721] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.649539] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.650292] page dumped because: kasan: bad access detected [ 17.651167] [ 17.651578] Memory state around the buggy address: [ 17.652077] ffff888102309e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 17.653143] ffff888102309e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.654014] >ffff888102309f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.654852] ^ [ 17.655636] ffff888102309f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.656262] ffff88810230a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.656978] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.542166] ================================================================== [ 17.543671] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 17.544101] Read of size 16 at addr ffff8881025abd40 by task kunit_try_catch/173 [ 17.545302] [ 17.546138] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.546269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.546287] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.546318] Call Trace: [ 17.546336] <TASK> [ 17.546359] dump_stack_lvl+0x73/0xb0 [ 17.546403] print_report+0xd1/0x640 [ 17.546441] ? __virt_addr_valid+0x1db/0x2d0 [ 17.546666] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.546737] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.546831] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.546904] kasan_report+0x140/0x180 [ 17.546982] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.547068] __asan_report_load16_noabort+0x18/0x20 [ 17.547142] kmalloc_uaf_16+0x47d/0x4c0 [ 17.547231] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 17.547318] ? __schedule+0xc49/0x27a0 [ 17.547390] ? __pfx_read_tsc+0x10/0x10 [ 17.547460] ? ktime_get_ts64+0x84/0x230 [ 17.547543] kunit_try_run_case+0x1a6/0x480 [ 17.547626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.547698] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.547768] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.547843] ? __kthread_parkme+0x82/0x160 [ 17.547911] ? preempt_count_sub+0x50/0x80 [ 17.548103] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.548138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.548177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.548241] kthread+0x257/0x310 [ 17.548272] ? __pfx_kthread+0x10/0x10 [ 17.548300] ret_from_fork+0x41/0x80 [ 17.548332] ? __pfx_kthread+0x10/0x10 [ 17.548358] ret_from_fork_asm+0x1a/0x30 [ 17.548400] </TASK> [ 17.548414] [ 17.568378] Allocated by task 173: [ 17.568894] kasan_save_stack+0x45/0x70 [ 17.569472] kasan_save_track+0x18/0x40 [ 17.571383] kasan_save_alloc_info+0x3b/0x50 [ 17.572041] __kasan_kmalloc+0xb7/0xc0 [ 17.572718] __kmalloc_cache_noprof+0x168/0x350 [ 17.573468] kmalloc_uaf_16+0x15c/0x4c0 [ 17.574201] kunit_try_run_case+0x1a6/0x480 [ 17.574681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.575824] kthread+0x257/0x310 [ 17.576184] ret_from_fork+0x41/0x80 [ 17.576845] ret_from_fork_asm+0x1a/0x30 [ 17.577264] [ 17.577477] Freed by task 173: [ 17.577775] kasan_save_stack+0x45/0x70 [ 17.578835] kasan_save_track+0x18/0x40 [ 17.579681] kasan_save_free_info+0x3f/0x60 [ 17.580451] __kasan_slab_free+0x56/0x70 [ 17.580936] kfree+0x123/0x3d0 [ 17.581269] kmalloc_uaf_16+0x1d7/0x4c0 [ 17.581800] kunit_try_run_case+0x1a6/0x480 [ 17.583095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.583609] kthread+0x257/0x310 [ 17.584186] ret_from_fork+0x41/0x80 [ 17.584714] ret_from_fork_asm+0x1a/0x30 [ 17.585605] [ 17.585805] The buggy address belongs to the object at ffff8881025abd40 [ 17.585805] which belongs to the cache kmalloc-16 of size 16 [ 17.586724] The buggy address is located 0 bytes inside of [ 17.586724] freed 16-byte region [ffff8881025abd40, ffff8881025abd50) [ 17.588315] [ 17.588550] The buggy address belongs to the physical page: [ 17.589489] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ab [ 17.590620] flags: 0x200000000000000(node=0|zone=2) [ 17.591280] page_type: f5(slab) [ 17.591663] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.592281] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 17.592828] page dumped because: kasan: bad access detected [ 17.593698] [ 17.593932] Memory state around the buggy address: [ 17.594434] ffff8881025abc00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.594966] ffff8881025abc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.596001] >ffff8881025abd00: fa fb fc fc 00 00 fc fc fa fb fc fc fc fc fc fc [ 17.596462] ^ [ 17.597444] ffff8881025abd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598582] ffff8881025abe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.599081] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.488638] ================================================================== [ 17.489555] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 17.491159] Write of size 16 at addr ffff888101f801a0 by task kunit_try_catch/171 [ 17.491696] [ 17.493246] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.493344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.493379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.493440] Call Trace: [ 17.493480] <TASK> [ 17.493582] dump_stack_lvl+0x73/0xb0 [ 17.493735] print_report+0xd1/0x640 [ 17.493821] ? __virt_addr_valid+0x1db/0x2d0 [ 17.494021] ? kmalloc_oob_16+0x454/0x4a0 [ 17.494055] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.494088] ? kmalloc_oob_16+0x454/0x4a0 [ 17.494118] kasan_report+0x140/0x180 [ 17.494152] ? kmalloc_oob_16+0x454/0x4a0 [ 17.494190] __asan_report_store16_noabort+0x1b/0x30 [ 17.494252] kmalloc_oob_16+0x454/0x4a0 [ 17.494287] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 17.494320] ? __schedule+0xc49/0x27a0 [ 17.494349] ? __pfx_read_tsc+0x10/0x10 [ 17.494376] ? ktime_get_ts64+0x84/0x230 [ 17.494412] kunit_try_run_case+0x1a6/0x480 [ 17.494452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.494555] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.494600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.494635] ? __kthread_parkme+0x82/0x160 [ 17.494663] ? preempt_count_sub+0x50/0x80 [ 17.494693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.494720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.494755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.494791] kthread+0x257/0x310 [ 17.494846] ? __pfx_kthread+0x10/0x10 [ 17.494883] ret_from_fork+0x41/0x80 [ 17.494912] ? __pfx_kthread+0x10/0x10 [ 17.494936] ret_from_fork_asm+0x1a/0x30 [ 17.494978] </TASK> [ 17.494992] [ 17.513075] Allocated by task 171: [ 17.513878] kasan_save_stack+0x45/0x70 [ 17.514369] kasan_save_track+0x18/0x40 [ 17.515055] kasan_save_alloc_info+0x3b/0x50 [ 17.516369] __kasan_kmalloc+0xb7/0xc0 [ 17.516751] __kmalloc_cache_noprof+0x168/0x350 [ 17.517227] kmalloc_oob_16+0xa9/0x4a0 [ 17.517909] kunit_try_run_case+0x1a6/0x480 [ 17.518385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.519184] kthread+0x257/0x310 [ 17.519601] ret_from_fork+0x41/0x80 [ 17.520717] ret_from_fork_asm+0x1a/0x30 [ 17.521305] [ 17.521527] The buggy address belongs to the object at ffff888101f801a0 [ 17.521527] which belongs to the cache kmalloc-16 of size 16 [ 17.523187] The buggy address is located 0 bytes inside of [ 17.523187] allocated 13-byte region [ffff888101f801a0, ffff888101f801ad) [ 17.524784] [ 17.525045] The buggy address belongs to the physical page: [ 17.525543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 17.526358] flags: 0x200000000000000(node=0|zone=2) [ 17.528181] page_type: f5(slab) [ 17.528947] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.529717] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 17.530348] page dumped because: kasan: bad access detected [ 17.531269] [ 17.531863] Memory state around the buggy address: [ 17.532605] ffff888101f80080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.533305] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.534052] >ffff888101f80180: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 17.534809] ^ [ 17.535232] ffff888101f80200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.535906] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.536392] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.349906] ================================================================== [ 17.351322] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 17.351874] Read of size 1 at addr ffff888100396c00 by task kunit_try_catch/169 [ 17.352693] [ 17.352955] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.353090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.353127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.353184] Call Trace: [ 17.353256] <TASK> [ 17.353312] dump_stack_lvl+0x73/0xb0 [ 17.353404] print_report+0xd1/0x640 [ 17.354209] ? __virt_addr_valid+0x1db/0x2d0 [ 17.354310] ? krealloc_uaf+0x1b9/0x5e0 [ 17.354379] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.354489] ? krealloc_uaf+0x1b9/0x5e0 [ 17.354532] kasan_report+0x140/0x180 [ 17.354570] ? krealloc_uaf+0x1b9/0x5e0 [ 17.354602] ? krealloc_uaf+0x1b9/0x5e0 [ 17.354628] __kasan_check_byte+0x3d/0x50 [ 17.354663] krealloc_noprof+0x35/0x140 [ 17.354694] krealloc_uaf+0x1b9/0x5e0 [ 17.354721] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.354746] ? finish_task_switch.isra.0+0x153/0x700 [ 17.354775] ? __switch_to+0x5d9/0xf60 [ 17.354831] ? __schedule+0xc49/0x27a0 [ 17.354954] ? __pfx_read_tsc+0x10/0x10 [ 17.355018] ? ktime_get_ts64+0x84/0x230 [ 17.355059] kunit_try_run_case+0x1a6/0x480 [ 17.355094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.355122] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.355152] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.355188] ? __kthread_parkme+0x82/0x160 [ 17.355243] ? preempt_count_sub+0x50/0x80 [ 17.355286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.355316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.355353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.355389] kthread+0x257/0x310 [ 17.355416] ? __pfx_kthread+0x10/0x10 [ 17.355449] ret_from_fork+0x41/0x80 [ 17.355577] ? __pfx_kthread+0x10/0x10 [ 17.355606] ret_from_fork_asm+0x1a/0x30 [ 17.355650] </TASK> [ 17.355664] [ 17.380302] Allocated by task 169: [ 17.381914] kasan_save_stack+0x45/0x70 [ 17.383100] kasan_save_track+0x18/0x40 [ 17.383517] kasan_save_alloc_info+0x3b/0x50 [ 17.384424] __kasan_kmalloc+0xb7/0xc0 [ 17.385029] __kmalloc_cache_noprof+0x168/0x350 [ 17.385683] krealloc_uaf+0xbc/0x5e0 [ 17.386496] kunit_try_run_case+0x1a6/0x480 [ 17.386821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.387663] kthread+0x257/0x310 [ 17.388071] ret_from_fork+0x41/0x80 [ 17.388707] ret_from_fork_asm+0x1a/0x30 [ 17.389570] [ 17.389810] Freed by task 169: [ 17.390408] kasan_save_stack+0x45/0x70 [ 17.391341] kasan_save_track+0x18/0x40 [ 17.391781] kasan_save_free_info+0x3f/0x60 [ 17.392202] __kasan_slab_free+0x56/0x70 [ 17.392625] kfree+0x123/0x3d0 [ 17.393826] krealloc_uaf+0x13e/0x5e0 [ 17.394165] kunit_try_run_case+0x1a6/0x480 [ 17.394656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.395382] kthread+0x257/0x310 [ 17.396010] ret_from_fork+0x41/0x80 [ 17.396353] ret_from_fork_asm+0x1a/0x30 [ 17.397611] [ 17.397783] The buggy address belongs to the object at ffff888100396c00 [ 17.397783] which belongs to the cache kmalloc-256 of size 256 [ 17.399023] The buggy address is located 0 bytes inside of [ 17.399023] freed 256-byte region [ffff888100396c00, ffff888100396d00) [ 17.400660] [ 17.400854] The buggy address belongs to the physical page: [ 17.401179] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 17.402339] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.403062] flags: 0x200000000000040(head|node=0|zone=2) [ 17.403704] page_type: f5(slab) [ 17.404979] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.405513] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.406591] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.407630] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.408249] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 17.409184] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.410170] page dumped because: kasan: bad access detected [ 17.410609] [ 17.411310] Memory state around the buggy address: [ 17.411791] ffff888100396b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.413032] ffff888100396b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.413805] >ffff888100396c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.414415] ^ [ 17.415140] ffff888100396c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.415996] ffff888100396d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.416700] ================================================================== [ 17.418411] ================================================================== [ 17.419860] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 17.420916] Read of size 1 at addr ffff888100396c00 by task kunit_try_catch/169 [ 17.422154] [ 17.422354] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.422436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.422472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.422530] Call Trace: [ 17.422583] <TASK> [ 17.422634] dump_stack_lvl+0x73/0xb0 [ 17.422702] print_report+0xd1/0x640 [ 17.422749] ? __virt_addr_valid+0x1db/0x2d0 [ 17.422825] ? krealloc_uaf+0x53e/0x5e0 [ 17.423081] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.423118] ? krealloc_uaf+0x53e/0x5e0 [ 17.423146] kasan_report+0x140/0x180 [ 17.423182] ? krealloc_uaf+0x53e/0x5e0 [ 17.423261] __asan_report_load1_noabort+0x18/0x20 [ 17.423311] krealloc_uaf+0x53e/0x5e0 [ 17.423340] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.423367] ? finish_task_switch.isra.0+0x153/0x700 [ 17.423400] ? __switch_to+0x5d9/0xf60 [ 17.423435] ? __schedule+0xc49/0x27a0 [ 17.423558] ? __pfx_read_tsc+0x10/0x10 [ 17.423617] ? ktime_get_ts64+0x84/0x230 [ 17.423653] kunit_try_run_case+0x1a6/0x480 [ 17.423687] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.423715] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.423742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.423776] ? __kthread_parkme+0x82/0x160 [ 17.423821] ? preempt_count_sub+0x50/0x80 [ 17.423882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.423910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.423946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.423982] kthread+0x257/0x310 [ 17.424007] ? __pfx_kthread+0x10/0x10 [ 17.424033] ret_from_fork+0x41/0x80 [ 17.424061] ? __pfx_kthread+0x10/0x10 [ 17.424085] ret_from_fork_asm+0x1a/0x30 [ 17.424126] </TASK> [ 17.424139] [ 17.443784] Allocated by task 169: [ 17.444596] kasan_save_stack+0x45/0x70 [ 17.445237] kasan_save_track+0x18/0x40 [ 17.445882] kasan_save_alloc_info+0x3b/0x50 [ 17.446268] __kasan_kmalloc+0xb7/0xc0 [ 17.447243] __kmalloc_cache_noprof+0x168/0x350 [ 17.447628] krealloc_uaf+0xbc/0x5e0 [ 17.448309] kunit_try_run_case+0x1a6/0x480 [ 17.448724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.449852] kthread+0x257/0x310 [ 17.450398] ret_from_fork+0x41/0x80 [ 17.451185] ret_from_fork_asm+0x1a/0x30 [ 17.451571] [ 17.451793] Freed by task 169: [ 17.452616] kasan_save_stack+0x45/0x70 [ 17.453197] kasan_save_track+0x18/0x40 [ 17.453759] kasan_save_free_info+0x3f/0x60 [ 17.454430] __kasan_slab_free+0x56/0x70 [ 17.455120] kfree+0x123/0x3d0 [ 17.455481] krealloc_uaf+0x13e/0x5e0 [ 17.456229] kunit_try_run_case+0x1a6/0x480 [ 17.456635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.457755] kthread+0x257/0x310 [ 17.458119] ret_from_fork+0x41/0x80 [ 17.458470] ret_from_fork_asm+0x1a/0x30 [ 17.459518] [ 17.460017] The buggy address belongs to the object at ffff888100396c00 [ 17.460017] which belongs to the cache kmalloc-256 of size 256 [ 17.461400] The buggy address is located 0 bytes inside of [ 17.461400] freed 256-byte region [ffff888100396c00, ffff888100396d00) [ 17.463110] [ 17.463776] The buggy address belongs to the physical page: [ 17.464792] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100396 [ 17.466009] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.466507] flags: 0x200000000000040(head|node=0|zone=2) [ 17.467469] page_type: f5(slab) [ 17.468062] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.468999] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.470275] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.470992] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.471915] head: 0200000000000001 ffffea000400e581 ffffffffffffffff 0000000000000000 [ 17.473174] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.474263] page dumped because: kasan: bad access detected [ 17.474791] [ 17.475409] Memory state around the buggy address: [ 17.476254] ffff888100396b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.476857] ffff888100396b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.477801] >ffff888100396c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.478782] ^ [ 17.479314] ffff888100396c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.480325] ffff888100396d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.481609] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.136909] ================================================================== [ 17.138685] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 17.140036] Write of size 1 at addr ffff888102be20c9 by task kunit_try_catch/167 [ 17.140479] [ 17.141420] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.141705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.141740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.141798] Call Trace: [ 17.141877] <TASK> [ 17.141930] dump_stack_lvl+0x73/0xb0 [ 17.142016] print_report+0xd1/0x640 [ 17.142090] ? __virt_addr_valid+0x1db/0x2d0 [ 17.142168] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.142249] ? kasan_addr_to_slab+0x11/0xa0 [ 17.142285] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.142314] kasan_report+0x140/0x180 [ 17.142351] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.142388] __asan_report_store1_noabort+0x1b/0x30 [ 17.142422] krealloc_less_oob_helper+0xd72/0x11d0 [ 17.142553] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.142594] ? finish_task_switch.isra.0+0x153/0x700 [ 17.142627] ? __switch_to+0x5d9/0xf60 [ 17.142661] ? __schedule+0xc49/0x27a0 [ 17.142690] ? __pfx_read_tsc+0x10/0x10 [ 17.142723] krealloc_large_less_oob+0x1c/0x30 [ 17.142751] kunit_try_run_case+0x1a6/0x480 [ 17.142785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.142827] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.142885] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.142921] ? __kthread_parkme+0x82/0x160 [ 17.142951] ? preempt_count_sub+0x50/0x80 [ 17.142980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.143008] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.143045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.143082] kthread+0x257/0x310 [ 17.143109] ? __pfx_kthread+0x10/0x10 [ 17.143135] ret_from_fork+0x41/0x80 [ 17.143165] ? __pfx_kthread+0x10/0x10 [ 17.143190] ret_from_fork_asm+0x1a/0x30 [ 17.143266] </TASK> [ 17.143284] [ 17.156301] The buggy address belongs to the physical page: [ 17.157010] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 17.158749] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.159374] flags: 0x200000000000040(head|node=0|zone=2) [ 17.161091] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.162753] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.163385] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.164448] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.165250] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 17.166329] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.167157] page dumped because: kasan: bad access detected [ 17.168151] [ 17.168327] Memory state around the buggy address: [ 17.169313] ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.170104] ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.171130] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.172033] ^ [ 17.172428] ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.173370] ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.174190] ================================================================== [ 16.844481] ================================================================== [ 16.845844] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 16.847945] Write of size 1 at addr ffff88810099d4d0 by task kunit_try_catch/163 [ 16.849030] [ 16.849415] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.849644] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.849720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.849781] Call Trace: [ 16.849858] <TASK> [ 16.849910] dump_stack_lvl+0x73/0xb0 [ 16.850001] print_report+0xd1/0x640 [ 16.850077] ? __virt_addr_valid+0x1db/0x2d0 [ 16.850198] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.850329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.850411] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.850896] kasan_report+0x140/0x180 [ 16.850978] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.851060] __asan_report_store1_noabort+0x1b/0x30 [ 16.851128] krealloc_less_oob_helper+0xe25/0x11d0 [ 16.851204] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.851308] ? finish_task_switch.isra.0+0x153/0x700 [ 16.851378] ? __switch_to+0x5d9/0xf60 [ 16.851497] ? __schedule+0xc49/0x27a0 [ 16.851572] ? __pfx_read_tsc+0x10/0x10 [ 16.851645] krealloc_less_oob+0x1c/0x30 [ 16.851739] kunit_try_run_case+0x1a6/0x480 [ 16.851785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.851846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.851883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.851919] ? __kthread_parkme+0x82/0x160 [ 16.851946] ? preempt_count_sub+0x50/0x80 [ 16.851975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.852002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.852038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.852073] kthread+0x257/0x310 [ 16.852097] ? __pfx_kthread+0x10/0x10 [ 16.852121] ret_from_fork+0x41/0x80 [ 16.852149] ? __pfx_kthread+0x10/0x10 [ 16.852172] ret_from_fork_asm+0x1a/0x30 [ 16.852238] </TASK> [ 16.852261] [ 16.868953] Allocated by task 163: [ 16.869361] kasan_save_stack+0x45/0x70 [ 16.869708] kasan_save_track+0x18/0x40 [ 16.870113] kasan_save_alloc_info+0x3b/0x50 [ 16.870707] __kasan_krealloc+0x190/0x1f0 [ 16.871158] krealloc_noprof+0xc1/0x140 [ 16.871730] krealloc_less_oob_helper+0x1ab/0x11d0 [ 16.872183] krealloc_less_oob+0x1c/0x30 [ 16.872951] kunit_try_run_case+0x1a6/0x480 [ 16.873341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874001] kthread+0x257/0x310 [ 16.874385] ret_from_fork+0x41/0x80 [ 16.874944] ret_from_fork_asm+0x1a/0x30 [ 16.875375] [ 16.875747] The buggy address belongs to the object at ffff88810099d400 [ 16.875747] which belongs to the cache kmalloc-256 of size 256 [ 16.876589] The buggy address is located 7 bytes to the right of [ 16.876589] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.877455] [ 16.877666] The buggy address belongs to the physical page: [ 16.878141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.879415] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.880118] flags: 0x200000000000040(head|node=0|zone=2) [ 16.880721] page_type: f5(slab) [ 16.881119] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.881937] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.882621] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.884010] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.885001] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.886076] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.886848] page dumped because: kasan: bad access detected [ 16.887372] [ 16.887692] Memory state around the buggy address: [ 16.888246] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.888869] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.889993] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.890625] ^ [ 16.891176] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891766] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892425] ================================================================== [ 16.793286] ================================================================== [ 16.794228] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 16.795538] Write of size 1 at addr ffff88810099d4c9 by task kunit_try_catch/163 [ 16.796712] [ 16.797085] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.797408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.797444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.797520] Call Trace: [ 16.797562] <TASK> [ 16.797643] dump_stack_lvl+0x73/0xb0 [ 16.797688] print_report+0xd1/0x640 [ 16.797724] ? __virt_addr_valid+0x1db/0x2d0 [ 16.797760] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.797788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.797840] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.797884] kasan_report+0x140/0x180 [ 16.797920] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.797956] __asan_report_store1_noabort+0x1b/0x30 [ 16.797987] krealloc_less_oob_helper+0xd72/0x11d0 [ 16.798020] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.798050] ? finish_task_switch.isra.0+0x153/0x700 [ 16.798079] ? __switch_to+0x5d9/0xf60 [ 16.798112] ? __schedule+0xc49/0x27a0 [ 16.798141] ? __pfx_read_tsc+0x10/0x10 [ 16.798173] krealloc_less_oob+0x1c/0x30 [ 16.798203] kunit_try_run_case+0x1a6/0x480 [ 16.798296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.798391] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.798425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.798481] ? __kthread_parkme+0x82/0x160 [ 16.798559] ? preempt_count_sub+0x50/0x80 [ 16.798621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.798675] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.798723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.798761] kthread+0x257/0x310 [ 16.798787] ? __pfx_kthread+0x10/0x10 [ 16.798830] ret_from_fork+0x41/0x80 [ 16.798872] ? __pfx_kthread+0x10/0x10 [ 16.798898] ret_from_fork_asm+0x1a/0x30 [ 16.798940] </TASK> [ 16.798954] [ 16.815050] Allocated by task 163: [ 16.815761] kasan_save_stack+0x45/0x70 [ 16.816282] kasan_save_track+0x18/0x40 [ 16.816860] kasan_save_alloc_info+0x3b/0x50 [ 16.817307] __kasan_krealloc+0x190/0x1f0 [ 16.817723] krealloc_noprof+0xc1/0x140 [ 16.818137] krealloc_less_oob_helper+0x1ab/0x11d0 [ 16.818954] krealloc_less_oob+0x1c/0x30 [ 16.819375] kunit_try_run_case+0x1a6/0x480 [ 16.819995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.820692] kthread+0x257/0x310 [ 16.821111] ret_from_fork+0x41/0x80 [ 16.821701] ret_from_fork_asm+0x1a/0x30 [ 16.822182] [ 16.822560] The buggy address belongs to the object at ffff88810099d400 [ 16.822560] which belongs to the cache kmalloc-256 of size 256 [ 16.823725] The buggy address is located 0 bytes to the right of [ 16.823725] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.824939] [ 16.825176] The buggy address belongs to the physical page: [ 16.825837] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.826758] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.827610] flags: 0x200000000000040(head|node=0|zone=2) [ 16.828121] page_type: f5(slab) [ 16.828656] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.829357] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.830208] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.831632] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.832882] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.833736] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.834629] page dumped because: kasan: bad access detected [ 16.835265] [ 16.835420] Memory state around the buggy address: [ 16.836348] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837245] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.838021] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.839406] ^ [ 16.840394] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.841848] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842735] ================================================================== [ 16.997537] ================================================================== [ 16.997794] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 16.998057] Write of size 1 at addr ffff88810099d4eb by task kunit_try_catch/163 [ 16.998676] [ 16.999094] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.999232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.999279] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.999336] Call Trace: [ 16.999386] <TASK> [ 16.999435] dump_stack_lvl+0x73/0xb0 [ 16.999515] print_report+0xd1/0x640 [ 16.999588] ? __virt_addr_valid+0x1db/0x2d0 [ 16.999661] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 16.999727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.999799] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 16.999888] kasan_report+0x140/0x180 [ 16.999962] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.000043] __asan_report_store1_noabort+0x1b/0x30 [ 17.000103] krealloc_less_oob_helper+0xd49/0x11d0 [ 17.000157] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.000270] ? finish_task_switch.isra.0+0x153/0x700 [ 17.000344] ? __switch_to+0x5d9/0xf60 [ 17.000426] ? __schedule+0xc49/0x27a0 [ 17.000500] ? __pfx_read_tsc+0x10/0x10 [ 17.000575] krealloc_less_oob+0x1c/0x30 [ 17.000640] kunit_try_run_case+0x1a6/0x480 [ 17.000713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.000772] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.000889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.000967] ? __kthread_parkme+0x82/0x160 [ 17.001139] ? preempt_count_sub+0x50/0x80 [ 17.001233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.001304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.001386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.001509] kthread+0x257/0x310 [ 17.001586] ? __pfx_kthread+0x10/0x10 [ 17.001653] ret_from_fork+0x41/0x80 [ 17.001719] ? __pfx_kthread+0x10/0x10 [ 17.001781] ret_from_fork_asm+0x1a/0x30 [ 17.001914] </TASK> [ 17.001943] [ 17.019468] Allocated by task 163: [ 17.019794] kasan_save_stack+0x45/0x70 [ 17.020331] kasan_save_track+0x18/0x40 [ 17.020759] kasan_save_alloc_info+0x3b/0x50 [ 17.021318] __kasan_krealloc+0x190/0x1f0 [ 17.021674] krealloc_noprof+0xc1/0x140 [ 17.021997] krealloc_less_oob_helper+0x1ab/0x11d0 [ 17.022637] krealloc_less_oob+0x1c/0x30 [ 17.023164] kunit_try_run_case+0x1a6/0x480 [ 17.023520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.024026] kthread+0x257/0x310 [ 17.024402] ret_from_fork+0x41/0x80 [ 17.024824] ret_from_fork_asm+0x1a/0x30 [ 17.025354] [ 17.025972] The buggy address belongs to the object at ffff88810099d400 [ 17.025972] which belongs to the cache kmalloc-256 of size 256 [ 17.026971] The buggy address is located 34 bytes to the right of [ 17.026971] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 17.028256] [ 17.028442] The buggy address belongs to the physical page: [ 17.028966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 17.029831] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.030447] flags: 0x200000000000040(head|node=0|zone=2) [ 17.030866] page_type: f5(slab) [ 17.031236] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.032562] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.033060] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.033945] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.034623] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 17.035375] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.036126] page dumped because: kasan: bad access detected [ 17.036696] [ 17.037048] Memory state around the buggy address: [ 17.037404] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.038044] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.038736] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.040087] ^ [ 17.040823] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.041439] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.042039] ================================================================== [ 17.264065] ================================================================== [ 17.265191] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 17.266186] Write of size 1 at addr ffff888102be20ea by task kunit_try_catch/167 [ 17.266676] [ 17.267178] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.267326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.267363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.267418] Call Trace: [ 17.267469] <TASK> [ 17.267686] dump_stack_lvl+0x73/0xb0 [ 17.267768] print_report+0xd1/0x640 [ 17.267847] ? __virt_addr_valid+0x1db/0x2d0 [ 17.267915] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.267980] ? kasan_addr_to_slab+0x11/0xa0 [ 17.268049] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.268116] kasan_report+0x140/0x180 [ 17.268193] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.268297] __asan_report_store1_noabort+0x1b/0x30 [ 17.268371] krealloc_less_oob_helper+0xe92/0x11d0 [ 17.268447] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.268516] ? finish_task_switch.isra.0+0x153/0x700 [ 17.268583] ? __switch_to+0x5d9/0xf60 [ 17.268888] ? __schedule+0xc49/0x27a0 [ 17.268920] ? __pfx_read_tsc+0x10/0x10 [ 17.268952] krealloc_large_less_oob+0x1c/0x30 [ 17.268981] kunit_try_run_case+0x1a6/0x480 [ 17.269013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.269041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.269070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.269106] ? __kthread_parkme+0x82/0x160 [ 17.269133] ? preempt_count_sub+0x50/0x80 [ 17.269165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.269193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.269257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.269297] kthread+0x257/0x310 [ 17.269324] ? __pfx_kthread+0x10/0x10 [ 17.269350] ret_from_fork+0x41/0x80 [ 17.269379] ? __pfx_kthread+0x10/0x10 [ 17.269406] ret_from_fork_asm+0x1a/0x30 [ 17.269462] </TASK> [ 17.269508] [ 17.284883] The buggy address belongs to the physical page: [ 17.285766] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 17.286468] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.287135] flags: 0x200000000000040(head|node=0|zone=2) [ 17.287576] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.289165] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.290099] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.290719] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.292617] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 17.293454] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.294322] page dumped because: kasan: bad access detected [ 17.295288] [ 17.295455] Memory state around the buggy address: [ 17.296347] ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.297199] ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.298284] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.299032] ^ [ 17.299618] ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.300912] ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.301387] ================================================================== [ 17.302750] ================================================================== [ 17.304181] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 17.305410] Write of size 1 at addr ffff888102be20eb by task kunit_try_catch/167 [ 17.306822] [ 17.307035] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.307123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.307160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.307232] Call Trace: [ 17.307300] <TASK> [ 17.307334] dump_stack_lvl+0x73/0xb0 [ 17.307379] print_report+0xd1/0x640 [ 17.307415] ? __virt_addr_valid+0x1db/0x2d0 [ 17.307466] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.307635] ? kasan_addr_to_slab+0x11/0xa0 [ 17.307685] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.307718] kasan_report+0x140/0x180 [ 17.307753] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.307791] __asan_report_store1_noabort+0x1b/0x30 [ 17.307842] krealloc_less_oob_helper+0xd49/0x11d0 [ 17.307882] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.307912] ? finish_task_switch.isra.0+0x153/0x700 [ 17.307941] ? __switch_to+0x5d9/0xf60 [ 17.307973] ? __schedule+0xc49/0x27a0 [ 17.308002] ? __pfx_read_tsc+0x10/0x10 [ 17.308033] krealloc_large_less_oob+0x1c/0x30 [ 17.308060] kunit_try_run_case+0x1a6/0x480 [ 17.308092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.308120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.308149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.308185] ? __kthread_parkme+0x82/0x160 [ 17.308232] ? preempt_count_sub+0x50/0x80 [ 17.308306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.308373] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.308432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.308732] kthread+0x257/0x310 [ 17.308766] ? __pfx_kthread+0x10/0x10 [ 17.308795] ret_from_fork+0x41/0x80 [ 17.308847] ? __pfx_kthread+0x10/0x10 [ 17.308883] ret_from_fork_asm+0x1a/0x30 [ 17.308925] </TASK> [ 17.308939] [ 17.327391] The buggy address belongs to the physical page: [ 17.327965] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 17.328743] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.330012] flags: 0x200000000000040(head|node=0|zone=2) [ 17.330520] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.331208] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.332271] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.333100] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.333735] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 17.334395] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.335427] page dumped because: kasan: bad access detected [ 17.336085] [ 17.336306] Memory state around the buggy address: [ 17.336776] ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.337755] ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.338311] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.339578] ^ [ 17.340517] ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.341199] ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.342364] ================================================================== [ 16.944994] ================================================================== [ 16.946473] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 16.947346] Write of size 1 at addr ffff88810099d4ea by task kunit_try_catch/163 [ 16.947958] [ 16.948794] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.948929] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.948964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.949197] Call Trace: [ 16.949246] <TASK> [ 16.949272] dump_stack_lvl+0x73/0xb0 [ 16.949316] print_report+0xd1/0x640 [ 16.949351] ? __virt_addr_valid+0x1db/0x2d0 [ 16.949386] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 16.949413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.949452] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 16.949566] kasan_report+0x140/0x180 [ 16.949610] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 16.949645] __asan_report_store1_noabort+0x1b/0x30 [ 16.949675] krealloc_less_oob_helper+0xe92/0x11d0 [ 16.949705] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.949734] ? finish_task_switch.isra.0+0x153/0x700 [ 16.949763] ? __switch_to+0x5d9/0xf60 [ 16.949794] ? __schedule+0xc49/0x27a0 [ 16.949864] ? __pfx_read_tsc+0x10/0x10 [ 16.949897] krealloc_less_oob+0x1c/0x30 [ 16.949922] kunit_try_run_case+0x1a6/0x480 [ 16.949953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.949980] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.950007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.950040] ? __kthread_parkme+0x82/0x160 [ 16.950066] ? preempt_count_sub+0x50/0x80 [ 16.950094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.950120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.950156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.950192] kthread+0x257/0x310 [ 16.950240] ? __pfx_kthread+0x10/0x10 [ 16.950268] ret_from_fork+0x41/0x80 [ 16.950296] ? __pfx_kthread+0x10/0x10 [ 16.950321] ret_from_fork_asm+0x1a/0x30 [ 16.950363] </TASK> [ 16.950377] [ 16.970408] Allocated by task 163: [ 16.971586] kasan_save_stack+0x45/0x70 [ 16.972012] kasan_save_track+0x18/0x40 [ 16.972179] kasan_save_alloc_info+0x3b/0x50 [ 16.972504] __kasan_krealloc+0x190/0x1f0 [ 16.973162] krealloc_noprof+0xc1/0x140 [ 16.973919] krealloc_less_oob_helper+0x1ab/0x11d0 [ 16.974710] krealloc_less_oob+0x1c/0x30 [ 16.975310] kunit_try_run_case+0x1a6/0x480 [ 16.976062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.976686] kthread+0x257/0x310 [ 16.977106] ret_from_fork+0x41/0x80 [ 16.977812] ret_from_fork_asm+0x1a/0x30 [ 16.978350] [ 16.979079] The buggy address belongs to the object at ffff88810099d400 [ 16.979079] which belongs to the cache kmalloc-256 of size 256 [ 16.980381] The buggy address is located 33 bytes to the right of [ 16.980381] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.982176] [ 16.982758] The buggy address belongs to the physical page: [ 16.983376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.984409] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.985366] flags: 0x200000000000040(head|node=0|zone=2) [ 16.986093] page_type: f5(slab) [ 16.986478] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.987312] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.988415] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.989288] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.989914] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.990500] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.991016] page dumped because: kasan: bad access detected [ 16.991852] [ 16.992132] Memory state around the buggy address: [ 16.992654] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.993795] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.994055] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.994379] ^ [ 16.995440] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996624] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.996972] ================================================================== [ 16.894558] ================================================================== [ 16.895649] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 16.896410] Write of size 1 at addr ffff88810099d4da by task kunit_try_catch/163 [ 16.897037] [ 16.897284] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.897401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.897437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.897493] Call Trace: [ 16.897543] <TASK> [ 16.897592] dump_stack_lvl+0x73/0xb0 [ 16.897670] print_report+0xd1/0x640 [ 16.897743] ? __virt_addr_valid+0x1db/0x2d0 [ 16.897818] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 16.897982] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.898057] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 16.898126] kasan_report+0x140/0x180 [ 16.898200] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 16.898305] __asan_report_store1_noabort+0x1b/0x30 [ 16.898377] krealloc_less_oob_helper+0xec8/0x11d0 [ 16.898455] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.898619] ? finish_task_switch.isra.0+0x153/0x700 [ 16.898686] ? __switch_to+0x5d9/0xf60 [ 16.898747] ? __schedule+0xc49/0x27a0 [ 16.898778] ? __pfx_read_tsc+0x10/0x10 [ 16.898815] krealloc_less_oob+0x1c/0x30 [ 16.898876] kunit_try_run_case+0x1a6/0x480 [ 16.898910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.898938] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.898966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.899001] ? __kthread_parkme+0x82/0x160 [ 16.899028] ? preempt_count_sub+0x50/0x80 [ 16.899056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.899083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.899118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.899154] kthread+0x257/0x310 [ 16.899179] ? __pfx_kthread+0x10/0x10 [ 16.899205] ret_from_fork+0x41/0x80 [ 16.899269] ? __pfx_kthread+0x10/0x10 [ 16.899297] ret_from_fork_asm+0x1a/0x30 [ 16.899337] </TASK> [ 16.899351] [ 16.916454] Allocated by task 163: [ 16.916868] kasan_save_stack+0x45/0x70 [ 16.917755] kasan_save_track+0x18/0x40 [ 16.918342] kasan_save_alloc_info+0x3b/0x50 [ 16.918973] __kasan_krealloc+0x190/0x1f0 [ 16.919461] krealloc_noprof+0xc1/0x140 [ 16.919809] krealloc_less_oob_helper+0x1ab/0x11d0 [ 16.920413] krealloc_less_oob+0x1c/0x30 [ 16.920847] kunit_try_run_case+0x1a6/0x480 [ 16.921371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.922199] kthread+0x257/0x310 [ 16.923010] ret_from_fork+0x41/0x80 [ 16.923401] ret_from_fork_asm+0x1a/0x30 [ 16.923769] [ 16.924067] The buggy address belongs to the object at ffff88810099d400 [ 16.924067] which belongs to the cache kmalloc-256 of size 256 [ 16.924935] The buggy address is located 17 bytes to the right of [ 16.924935] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.926131] [ 16.926336] The buggy address belongs to the physical page: [ 16.927110] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.928010] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.929648] flags: 0x200000000000040(head|node=0|zone=2) [ 16.930127] page_type: f5(slab) [ 16.930678] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.931744] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.932465] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.933272] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.934256] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.935296] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.936161] page dumped because: kasan: bad access detected [ 16.937043] [ 16.937235] Memory state around the buggy address: [ 16.938426] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.939365] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.940330] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.941091] ^ [ 16.941470] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.942693] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.944169] ================================================================== [ 17.175701] ================================================================== [ 17.176782] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 17.177892] Write of size 1 at addr ffff888102be20d0 by task kunit_try_catch/167 [ 17.179119] [ 17.179804] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.179907] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.179924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.179954] Call Trace: [ 17.179978] <TASK> [ 17.180001] dump_stack_lvl+0x73/0xb0 [ 17.180044] print_report+0xd1/0x640 [ 17.180080] ? __virt_addr_valid+0x1db/0x2d0 [ 17.180115] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.180144] ? kasan_addr_to_slab+0x11/0xa0 [ 17.180177] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.180207] kasan_report+0x140/0x180 [ 17.180271] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.180309] __asan_report_store1_noabort+0x1b/0x30 [ 17.180340] krealloc_less_oob_helper+0xe25/0x11d0 [ 17.180373] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.180403] ? finish_task_switch.isra.0+0x153/0x700 [ 17.180433] ? __switch_to+0x5d9/0xf60 [ 17.180547] ? __schedule+0xc49/0x27a0 [ 17.180598] ? __pfx_read_tsc+0x10/0x10 [ 17.180631] krealloc_large_less_oob+0x1c/0x30 [ 17.180659] kunit_try_run_case+0x1a6/0x480 [ 17.180693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.180722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.180749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.180783] ? __kthread_parkme+0x82/0x160 [ 17.180837] ? preempt_count_sub+0x50/0x80 [ 17.180894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.180923] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.180959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.180995] kthread+0x257/0x310 [ 17.181019] ? __pfx_kthread+0x10/0x10 [ 17.181044] ret_from_fork+0x41/0x80 [ 17.181072] ? __pfx_kthread+0x10/0x10 [ 17.181097] ret_from_fork_asm+0x1a/0x30 [ 17.181137] </TASK> [ 17.181150] [ 17.202325] The buggy address belongs to the physical page: [ 17.202841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 17.203758] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.205252] flags: 0x200000000000040(head|node=0|zone=2) [ 17.205769] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.206588] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.208199] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.209170] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.209780] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 17.210693] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.211691] page dumped because: kasan: bad access detected [ 17.212928] [ 17.213607] Memory state around the buggy address: [ 17.214025] ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.214778] ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.215599] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.216281] ^ [ 17.217002] ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.218005] ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.219380] ================================================================== [ 17.220901] ================================================================== [ 17.222022] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 17.223123] Write of size 1 at addr ffff888102be20da by task kunit_try_catch/167 [ 17.224316] [ 17.224607] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.224745] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.224771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.224845] Call Trace: [ 17.224961] <TASK> [ 17.225043] dump_stack_lvl+0x73/0xb0 [ 17.225142] print_report+0xd1/0x640 [ 17.225209] ? __virt_addr_valid+0x1db/0x2d0 [ 17.225301] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.225365] ? kasan_addr_to_slab+0x11/0xa0 [ 17.225426] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.225489] kasan_report+0x140/0x180 [ 17.225555] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.225629] __asan_report_store1_noabort+0x1b/0x30 [ 17.225703] krealloc_less_oob_helper+0xec8/0x11d0 [ 17.225785] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.225865] ? finish_task_switch.isra.0+0x153/0x700 [ 17.225941] ? __switch_to+0x5d9/0xf60 [ 17.226031] ? __schedule+0xc49/0x27a0 [ 17.226066] ? __pfx_read_tsc+0x10/0x10 [ 17.226100] krealloc_large_less_oob+0x1c/0x30 [ 17.226134] kunit_try_run_case+0x1a6/0x480 [ 17.226172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.226204] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.226312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.226402] ? __kthread_parkme+0x82/0x160 [ 17.226439] ? preempt_count_sub+0x50/0x80 [ 17.226550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.226602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.226646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.226688] kthread+0x257/0x310 [ 17.226716] ? __pfx_kthread+0x10/0x10 [ 17.226746] ret_from_fork+0x41/0x80 [ 17.226776] ? __pfx_kthread+0x10/0x10 [ 17.226804] ret_from_fork_asm+0x1a/0x30 [ 17.226889] </TASK> [ 17.226906] [ 17.248075] The buggy address belongs to the physical page: [ 17.248788] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be0 [ 17.249775] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.250402] flags: 0x200000000000040(head|node=0|zone=2) [ 17.251427] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.252340] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.253173] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.253824] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.254936] head: 0200000000000002 ffffea00040af801 ffffffffffffffff 0000000000000000 [ 17.255534] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.256338] page dumped because: kasan: bad access detected [ 17.257083] [ 17.257337] Memory state around the buggy address: [ 17.257816] ffff888102be1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.258631] ffff888102be2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.259882] >ffff888102be2080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.260960] ^ [ 17.261426] ffff888102be2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.262425] ffff888102be2180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.263131] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.087359] ================================================================== [ 17.090327] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 17.090922] Write of size 1 at addr ffff8881022c60f0 by task kunit_try_catch/165 [ 17.092172] [ 17.092453] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.092583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.092619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.092679] Call Trace: [ 17.092731] <TASK> [ 17.092783] dump_stack_lvl+0x73/0xb0 [ 17.092883] print_report+0xd1/0x640 [ 17.092968] ? __virt_addr_valid+0x1db/0x2d0 [ 17.093007] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.093036] ? kasan_addr_to_slab+0x11/0xa0 [ 17.093069] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.093099] kasan_report+0x140/0x180 [ 17.093132] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.093166] __asan_report_store1_noabort+0x1b/0x30 [ 17.093197] krealloc_more_oob_helper+0x7ed/0x930 [ 17.093256] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.093293] ? __schedule+0x1bb4/0x27a0 [ 17.093320] ? schedule+0x7c/0x310 [ 17.093344] ? trace_hardirqs_on+0x37/0xe0 [ 17.093377] ? __schedule+0x1bb4/0x27a0 [ 17.093402] ? __pfx_read_tsc+0x10/0x10 [ 17.093432] krealloc_large_more_oob+0x1c/0x30 [ 17.093459] kunit_try_run_case+0x1a6/0x480 [ 17.093491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.093519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.093546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.093581] ? __kthread_parkme+0x82/0x160 [ 17.093608] ? preempt_count_sub+0x50/0x80 [ 17.093638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.093664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.093699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.093735] kthread+0x257/0x310 [ 17.093759] ? __pfx_kthread+0x10/0x10 [ 17.093785] ret_from_fork+0x41/0x80 [ 17.093824] ? __pfx_kthread+0x10/0x10 [ 17.093878] ret_from_fork_asm+0x1a/0x30 [ 17.093921] </TASK> [ 17.093935] [ 17.114226] The buggy address belongs to the physical page: [ 17.115457] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c4 [ 17.116601] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.117410] flags: 0x200000000000040(head|node=0|zone=2) [ 17.118164] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.118755] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.119437] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.120352] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.121416] head: 0200000000000002 ffffea000408b101 ffffffffffffffff 0000000000000000 [ 17.121949] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.122524] page dumped because: kasan: bad access detected [ 17.122981] [ 17.123187] Memory state around the buggy address: [ 17.124073] ffff8881022c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.124771] ffff8881022c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.125614] >ffff8881022c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.126506] ^ [ 17.127234] ffff8881022c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.127739] ffff8881022c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.128523] ================================================================== [ 17.048281] ================================================================== [ 17.049126] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 17.049769] Write of size 1 at addr ffff8881022c60eb by task kunit_try_catch/165 [ 17.051188] [ 17.051415] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.051490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.051526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.051582] Call Trace: [ 17.051623] <TASK> [ 17.051672] dump_stack_lvl+0x73/0xb0 [ 17.051730] print_report+0xd1/0x640 [ 17.051785] ? __virt_addr_valid+0x1db/0x2d0 [ 17.051880] ? krealloc_more_oob_helper+0x823/0x930 [ 17.051930] ? kasan_addr_to_slab+0x11/0xa0 [ 17.051963] ? krealloc_more_oob_helper+0x823/0x930 [ 17.051992] kasan_report+0x140/0x180 [ 17.052026] ? krealloc_more_oob_helper+0x823/0x930 [ 17.052061] __asan_report_store1_noabort+0x1b/0x30 [ 17.052092] krealloc_more_oob_helper+0x823/0x930 [ 17.052123] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.052153] ? __schedule+0x1bb4/0x27a0 [ 17.052179] ? schedule+0x7c/0x310 [ 17.052201] ? trace_hardirqs_on+0x37/0xe0 [ 17.052298] ? __schedule+0x1bb4/0x27a0 [ 17.052368] ? __pfx_read_tsc+0x10/0x10 [ 17.052423] krealloc_large_more_oob+0x1c/0x30 [ 17.052453] kunit_try_run_case+0x1a6/0x480 [ 17.052486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.052516] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.052544] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.052579] ? __kthread_parkme+0x82/0x160 [ 17.052606] ? preempt_count_sub+0x50/0x80 [ 17.052636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.052663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.052698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.052734] kthread+0x257/0x310 [ 17.052761] ? __pfx_kthread+0x10/0x10 [ 17.052788] ret_from_fork+0x41/0x80 [ 17.052834] ? __pfx_kthread+0x10/0x10 [ 17.052887] ret_from_fork_asm+0x1a/0x30 [ 17.052930] </TASK> [ 17.052944] [ 17.071628] The buggy address belongs to the physical page: [ 17.072871] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c4 [ 17.073723] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.074404] flags: 0x200000000000040(head|node=0|zone=2) [ 17.074869] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.075774] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.076565] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.076833] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.078400] head: 0200000000000002 ffffea000408b101 ffffffffffffffff 0000000000000000 [ 17.079055] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.079638] page dumped because: kasan: bad access detected [ 17.080530] [ 17.080700] Memory state around the buggy address: [ 17.081016] ffff8881022c5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.082125] ffff8881022c6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.082802] >ffff8881022c6080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.083587] ^ [ 17.084310] ffff8881022c6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.085152] ffff8881022c6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.086166] ================================================================== [ 16.689190] ================================================================== [ 16.690459] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 16.691428] Write of size 1 at addr ffff88810099d2eb by task kunit_try_catch/161 [ 16.692320] [ 16.692502] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.692565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.692581] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.692611] Call Trace: [ 16.692630] <TASK> [ 16.692654] dump_stack_lvl+0x73/0xb0 [ 16.692695] print_report+0xd1/0x640 [ 16.692729] ? __virt_addr_valid+0x1db/0x2d0 [ 16.692764] ? krealloc_more_oob_helper+0x823/0x930 [ 16.692791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.692851] ? krealloc_more_oob_helper+0x823/0x930 [ 16.692885] kasan_report+0x140/0x180 [ 16.692921] ? krealloc_more_oob_helper+0x823/0x930 [ 16.692956] __asan_report_store1_noabort+0x1b/0x30 [ 16.692987] krealloc_more_oob_helper+0x823/0x930 [ 16.693014] ? __schedule+0xc49/0x27a0 [ 16.693044] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.693073] ? finish_task_switch.isra.0+0x153/0x700 [ 16.693107] ? __switch_to+0x5d9/0xf60 [ 16.693156] ? __schedule+0xc49/0x27a0 [ 16.693182] ? __pfx_read_tsc+0x10/0x10 [ 16.693234] krealloc_more_oob+0x1c/0x30 [ 16.693301] kunit_try_run_case+0x1a6/0x480 [ 16.693376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.693443] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.693510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.693588] ? __kthread_parkme+0x82/0x160 [ 16.693759] ? preempt_count_sub+0x50/0x80 [ 16.693861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.693928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.694003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.694084] kthread+0x257/0x310 [ 16.694197] ? __pfx_kthread+0x10/0x10 [ 16.694252] ret_from_fork+0x41/0x80 [ 16.694283] ? __pfx_kthread+0x10/0x10 [ 16.694309] ret_from_fork_asm+0x1a/0x30 [ 16.694351] </TASK> [ 16.694364] [ 16.711995] Allocated by task 161: [ 16.712879] kasan_save_stack+0x45/0x70 [ 16.713300] kasan_save_track+0x18/0x40 [ 16.713728] kasan_save_alloc_info+0x3b/0x50 [ 16.714155] __kasan_krealloc+0x190/0x1f0 [ 16.714817] krealloc_noprof+0xc1/0x140 [ 16.715276] krealloc_more_oob_helper+0x1aa/0x930 [ 16.715930] krealloc_more_oob+0x1c/0x30 [ 16.716337] kunit_try_run_case+0x1a6/0x480 [ 16.716921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.717378] kthread+0x257/0x310 [ 16.717998] ret_from_fork+0x41/0x80 [ 16.718432] ret_from_fork_asm+0x1a/0x30 [ 16.719046] [ 16.719306] The buggy address belongs to the object at ffff88810099d200 [ 16.719306] which belongs to the cache kmalloc-256 of size 256 [ 16.720403] The buggy address is located 0 bytes to the right of [ 16.720403] allocated 235-byte region [ffff88810099d200, ffff88810099d2eb) [ 16.721705] [ 16.721988] The buggy address belongs to the physical page: [ 16.722537] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.723471] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.724058] flags: 0x200000000000040(head|node=0|zone=2) [ 16.724501] page_type: f5(slab) [ 16.724856] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.725685] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.726239] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.727058] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.727862] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.728433] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.729287] page dumped because: kasan: bad access detected [ 16.729958] [ 16.730174] Memory state around the buggy address: [ 16.730731] ffff88810099d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.731567] ffff88810099d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.732163] >ffff88810099d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.732859] ^ [ 16.733690] ffff88810099d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.734287] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.735031] ================================================================== [ 16.738164] ================================================================== [ 16.738910] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 16.739532] Write of size 1 at addr ffff88810099d2f0 by task kunit_try_catch/161 [ 16.740478] [ 16.740724] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.740786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.740803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.740855] Call Trace: [ 16.740898] <TASK> [ 16.741009] dump_stack_lvl+0x73/0xb0 [ 16.741264] print_report+0xd1/0x640 [ 16.741346] ? __virt_addr_valid+0x1db/0x2d0 [ 16.741423] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.741508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.741718] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.741789] kasan_report+0x140/0x180 [ 16.741871] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.741980] __asan_report_store1_noabort+0x1b/0x30 [ 16.742014] krealloc_more_oob_helper+0x7ed/0x930 [ 16.742042] ? __schedule+0xc49/0x27a0 [ 16.742072] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.742101] ? finish_task_switch.isra.0+0x153/0x700 [ 16.742129] ? __switch_to+0x5d9/0xf60 [ 16.742161] ? __schedule+0xc49/0x27a0 [ 16.742186] ? __pfx_read_tsc+0x10/0x10 [ 16.742243] krealloc_more_oob+0x1c/0x30 [ 16.742273] kunit_try_run_case+0x1a6/0x480 [ 16.742307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.742335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.742363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.742397] ? __kthread_parkme+0x82/0x160 [ 16.742423] ? preempt_count_sub+0x50/0x80 [ 16.742490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.742561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.742629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.742670] kthread+0x257/0x310 [ 16.742695] ? __pfx_kthread+0x10/0x10 [ 16.742720] ret_from_fork+0x41/0x80 [ 16.742748] ? __pfx_kthread+0x10/0x10 [ 16.742798] ret_from_fork_asm+0x1a/0x30 [ 16.742899] </TASK> [ 16.742916] [ 16.759832] Allocated by task 161: [ 16.760269] kasan_save_stack+0x45/0x70 [ 16.760872] kasan_save_track+0x18/0x40 [ 16.761880] kasan_save_alloc_info+0x3b/0x50 [ 16.762268] __kasan_krealloc+0x190/0x1f0 [ 16.762633] krealloc_noprof+0xc1/0x140 [ 16.763043] krealloc_more_oob_helper+0x1aa/0x930 [ 16.763724] krealloc_more_oob+0x1c/0x30 [ 16.764039] kunit_try_run_case+0x1a6/0x480 [ 16.764423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.764923] kthread+0x257/0x310 [ 16.765547] ret_from_fork+0x41/0x80 [ 16.766028] ret_from_fork_asm+0x1a/0x30 [ 16.766464] [ 16.766814] The buggy address belongs to the object at ffff88810099d200 [ 16.766814] which belongs to the cache kmalloc-256 of size 256 [ 16.767638] The buggy address is located 5 bytes to the right of [ 16.767638] allocated 235-byte region [ffff88810099d200, ffff88810099d2eb) [ 16.768999] [ 16.769267] The buggy address belongs to the physical page: [ 16.769778] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.770512] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.772162] flags: 0x200000000000040(head|node=0|zone=2) [ 16.773181] page_type: f5(slab) [ 16.773597] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.774714] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.775490] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.776703] head: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.777411] head: 0200000000000001 ffffea0004026701 ffffffffffffffff 0000000000000000 [ 16.778599] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.779408] page dumped because: kasan: bad access detected [ 16.780175] [ 16.780593] Memory state around the buggy address: [ 16.781248] ffff88810099d180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.781754] ffff88810099d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.783096] >ffff88810099d280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.783714] ^ [ 16.784666] ffff88810099d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.785415] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.786400] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 56.360163] ================================================================== [ 56.360828] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 56.360828] [ 56.361477] Use-after-free read at 0x(____ptrval____) (in kfence-#166): [ 56.361926] test_krealloc+0x6fd/0xbe0 [ 56.362486] kunit_try_run_case+0x1a6/0x480 [ 56.363290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.364085] kthread+0x257/0x310 [ 56.364503] ret_from_fork+0x41/0x80 [ 56.364894] ret_from_fork_asm+0x1a/0x30 [ 56.365661] [ 56.365930] kfence-#166: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 56.365930] [ 56.366551] allocated by task 334 on cpu 0 at 56.359194s (0.007351s ago): [ 56.367270] test_alloc+0x365/0x10f0 [ 56.367920] test_krealloc+0xae/0xbe0 [ 56.368626] kunit_try_run_case+0x1a6/0x480 [ 56.369538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.370174] kthread+0x257/0x310 [ 56.370537] ret_from_fork+0x41/0x80 [ 56.370889] ret_from_fork_asm+0x1a/0x30 [ 56.371433] [ 56.371640] freed by task 334 on cpu 0 at 56.359657s (0.011979s ago): [ 56.372574] krealloc_noprof+0x83/0x140 [ 56.373218] test_krealloc+0x227/0xbe0 [ 56.373605] kunit_try_run_case+0x1a6/0x480 [ 56.374311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.375485] kthread+0x257/0x310 [ 56.375880] ret_from_fork+0x41/0x80 [ 56.376301] ret_from_fork_asm+0x1a/0x30 [ 56.376663] [ 56.377485] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 56.378208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 56.378810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.379656] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 56.275071] ================================================================== [ 56.275693] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 56.275693] [ 56.276702] Use-after-free read at 0x(____ptrval____) (in kfence-#165): [ 56.277230] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 56.277766] kunit_try_run_case+0x1a6/0x480 [ 56.278908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.279894] kthread+0x257/0x310 [ 56.280483] ret_from_fork+0x41/0x80 [ 56.281141] ret_from_fork_asm+0x1a/0x30 [ 56.281487] [ 56.281873] kfence-#165: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 56.281873] [ 56.282557] allocated by task 332 on cpu 0 at 56.258760s (0.023790s ago): [ 56.283175] test_alloc+0x2a7/0x10f0 [ 56.283672] test_memcache_typesafe_by_rcu+0x170/0x670 [ 56.284084] kunit_try_run_case+0x1a6/0x480 [ 56.284878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.285596] kthread+0x257/0x310 [ 56.286013] ret_from_fork+0x41/0x80 [ 56.286607] ret_from_fork_asm+0x1a/0x30 [ 56.287090] [ 56.287417] freed by task 332 on cpu 0 at 56.258952s (0.028458s ago): [ 56.288039] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 56.288600] kunit_try_run_case+0x1a6/0x480 [ 56.289149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 56.289831] kthread+0x257/0x310 [ 56.290362] ret_from_fork+0x41/0x80 [ 56.290951] ret_from_fork_asm+0x1a/0x30 [ 56.291328] [ 56.291611] CPU: 0 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 56.292455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 56.292825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 56.293567] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 32.561357] ================================================================== [ 32.562897] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 32.562897] [ 32.563667] Invalid read at 0x(____ptrval____): [ 32.564157] test_invalid_access+0xf1/0x210 [ 32.565277] kunit_try_run_case+0x1a6/0x480 [ 32.566039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.566503] kthread+0x257/0x310 [ 32.567328] ret_from_fork+0x41/0x80 [ 32.567913] ret_from_fork_asm+0x1a/0x30 [ 32.568285] [ 32.568558] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 32.569760] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.570552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.571754] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 32.335400] ================================================================== [ 32.336026] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 32.336026] [ 32.336720] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#160): [ 32.338128] test_kmalloc_aligned_oob_write+0x251/0x340 [ 32.338593] kunit_try_run_case+0x1a6/0x480 [ 32.339063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.339572] kthread+0x257/0x310 [ 32.339960] ret_from_fork+0x41/0x80 [ 32.340311] ret_from_fork_asm+0x1a/0x30 [ 32.340744] [ 32.341023] kfence-#160: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 32.341023] [ 32.341614] allocated by task 322 on cpu 1 at 32.335022s (0.006585s ago): [ 32.342273] test_alloc+0x365/0x10f0 [ 32.342675] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 32.343379] kunit_try_run_case+0x1a6/0x480 [ 32.343815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.344428] kthread+0x257/0x310 [ 32.344729] ret_from_fork+0x41/0x80 [ 32.345287] ret_from_fork_asm+0x1a/0x30 [ 32.345605] [ 32.345790] freed by task 322 on cpu 1 at 32.335264s (0.010520s ago): [ 32.346393] test_kmalloc_aligned_oob_write+0x251/0x340 [ 32.346911] kunit_try_run_case+0x1a6/0x480 [ 32.347390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.347849] kthread+0x257/0x310 [ 32.348144] ret_from_fork+0x41/0x80 [ 32.348582] ret_from_fork_asm+0x1a/0x30 [ 32.349181] [ 32.349469] CPU: 1 UID: 0 PID: 322 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 32.350192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.350519] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.351709] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-__drm_connector_init
------------[ cut here ]------------ [ 190.757833] WARNING: CPU: 1 PID: 1190 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 190.758605] Modules linked in: [ 190.758948] CPU: 1 UID: 0 PID: 1190 Comm: kunit_try_catch Tainted: G B D N 6.12.33-rc1 #1 [ 190.760044] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 190.760647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 190.761444] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 190.762319] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 190.763796] RSP: 0000:ffff88810639fc38 EFLAGS: 00010246 [ 190.764392] RAX: dffffc0000000000 RBX: ffffffff873bdca0 RCX: 0000000000000000 [ 190.765024] RDX: 1ffffffff0e72876 RSI: ffff888102c6c010 RDI: ffffffff873943b0 [ 190.765707] RBP: ffff88810639fcb0 R08: 0000000000000000 R09: ffffffff873a8f40 [ 190.766560] R10: 0000000000000003 R11: ffffffff830043da R12: ffff888102c6c010 [ 190.767169] R13: ffff888100d78000 R14: 0000000000000000 R15: ffffffff87394360 [ 190.767937] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 190.768995] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.769733] CR2: ffffffffffffffff CR3: 00000001334b4000 CR4: 00000000000006f0 [ 190.770387] DR0: ffffffff893bf364 DR1: ffffffff893bf369 DR2: ffffffff893bf36a [ 190.771080] DR3: ffffffff893bf36b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 190.771793] Call Trace: [ 190.772131] <TASK> [ 190.772430] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.773217] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.773984] drmm_connector_init+0xdc/0x170 [ 190.774555] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 190.775172] drm_client_modeset_test_init+0x336/0x730 [ 190.775806] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.776375] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.777045] kunit_try_run_case+0x169/0x480 [ 190.777722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.778160] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 190.778829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 190.779303] ? __kthread_parkme+0x82/0x160 [ 190.779728] ? preempt_count_sub+0x50/0x80 [ 190.780563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.781066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 190.781861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 190.782518] kthread+0x257/0x310 [ 190.782984] ? __pfx_kthread+0x10/0x10 [ 190.783419] ret_from_fork+0x41/0x80 [ 190.783979] ? __pfx_kthread+0x10/0x10 [ 190.784449] ret_from_fork_asm+0x1a/0x30 [ 190.785056] </TASK> [ 190.785422] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 190.818501] WARNING: CPU: 1 PID: 1192 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 190.819599] Modules linked in: [ 190.820240] CPU: 1 UID: 0 PID: 1192 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 190.821424] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 190.822016] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 190.824007] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 190.825186] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 190.826992] RSP: 0000:ffff88810639fc38 EFLAGS: 00010246 [ 190.827666] RAX: dffffc0000000000 RBX: ffffffff873bdca0 RCX: 0000000000000000 [ 190.828344] RDX: 1ffffffff0e72876 RSI: ffff8881060fe010 RDI: ffffffff873943b0 [ 190.828883] RBP: ffff88810639fcb0 R08: 0000000000000000 R09: ffffffff873a8f40 [ 190.829552] R10: 0000000000000003 R11: 000000008f85cdca R12: ffff8881060fe010 [ 190.830260] R13: ffff888100d8b000 R14: 0000000000000000 R15: ffffffff87394360 [ 190.830974] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 190.831771] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.832218] CR2: ffffffffffffffff CR3: 00000001334b4000 CR4: 00000000000006f0 [ 190.833142] DR0: ffffffff893bf364 DR1: ffffffff893bf369 DR2: ffffffff893bf36a [ 190.833820] DR3: ffffffff893bf36b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 190.834417] Call Trace: [ 190.834680] <TASK> [ 190.834960] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.835488] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.836322] drmm_connector_init+0xdc/0x170 [ 190.836890] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 190.837749] drm_client_modeset_test_init+0x336/0x730 [ 190.838148] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.838779] ? __schedule+0xc49/0x27a0 [ 190.839614] kunit_try_run_case+0x169/0x480 [ 190.840125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.840534] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 190.841075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 190.841781] ? __kthread_parkme+0x82/0x160 [ 190.843595] ? preempt_count_sub+0x50/0x80 [ 190.844188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.844590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 190.845158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 190.846331] kthread+0x257/0x310 [ 190.846531] ? __pfx_kthread+0x10/0x10 [ 190.846691] ret_from_fork+0x41/0x80 [ 190.846849] ? __pfx_kthread+0x10/0x10 [ 190.847016] ret_from_fork_asm+0x1a/0x30 [ 190.847195] </TASK> [ 190.847371] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 190.965516] WARNING: CPU: 0 PID: 1198 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 190.967440] Modules linked in: [ 190.967928] CPU: 0 UID: 0 PID: 1198 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 190.969098] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 190.969857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 190.970838] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 190.971339] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 190.973021] RSP: 0000:ffff8881060f7c38 EFLAGS: 00010246 [ 190.973512] RAX: dffffc0000000000 RBX: ffffffff873bdca0 RCX: 0000000000000000 [ 190.974032] RDX: 1ffffffff0e72876 RSI: ffff88810593e010 RDI: ffffffff873943b0 [ 190.976343] RBP: ffff8881060f7cb0 R08: 0000000000000000 R09: ffffffff873a8f40 [ 190.977751] R10: 0000000000000003 R11: 000000008f85cdca R12: ffff88810593e010 [ 190.979688] R13: ffff888100d86000 R14: 0000000000000000 R15: ffffffff87394360 [ 190.981085] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 190.982001] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.982834] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 190.983787] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 190.984451] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 190.985641] Call Trace: [ 190.985932] <TASK> [ 190.986208] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.987258] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.988034] drmm_connector_init+0xdc/0x170 [ 190.988927] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 190.989445] drm_client_modeset_test_init+0x336/0x730 [ 190.990575] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.991307] ? __schedule+0xc49/0x27a0 [ 190.991939] kunit_try_run_case+0x169/0x480 [ 190.992353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.993121] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 190.993916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 190.994657] ? __kthread_parkme+0x82/0x160 [ 190.995350] ? preempt_count_sub+0x50/0x80 [ 190.995994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.996449] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 190.997015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 190.998364] kthread+0x257/0x310 [ 190.999722] ? __pfx_kthread+0x10/0x10 [ 191.000445] ret_from_fork+0x41/0x80 [ 191.000745] ? __pfx_kthread+0x10/0x10 [ 191.001016] ret_from_fork_asm+0x1a/0x30 [ 191.001338] </TASK> [ 191.001527] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 190.918520] WARNING: CPU: 0 PID: 1196 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 190.919760] Modules linked in: [ 190.920321] CPU: 0 UID: 0 PID: 1196 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 190.921196] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 190.922353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 190.923408] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 190.924364] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 190.925848] RSP: 0000:ffff888102fafc38 EFLAGS: 00010246 [ 190.926664] RAX: dffffc0000000000 RBX: ffffffff873bdca0 RCX: 0000000000000000 [ 190.927592] RDX: 1ffffffff0e72876 RSI: ffff8881061d2010 RDI: ffffffff873943b0 [ 190.928233] RBP: ffff888102fafcb0 R08: 0000000000000000 R09: ffffffff873a8f40 [ 190.929052] R10: 0000000000000003 R11: 000000008f85cdca R12: ffff8881061d2010 [ 190.929680] R13: ffff888100d28000 R14: 0000000000000000 R15: ffffffff87394360 [ 190.930622] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 190.931121] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.931415] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 190.932249] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 190.933397] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 190.934391] Call Trace: [ 190.934679] <TASK> [ 190.935112] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.936002] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.936857] drmm_connector_init+0xdc/0x170 [ 190.937289] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 190.938238] drm_client_modeset_test_init+0x336/0x730 [ 190.939154] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.940055] ? __schedule+0xc49/0x27a0 [ 190.940446] kunit_try_run_case+0x169/0x480 [ 190.940913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.941109] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 190.941318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 190.941903] ? __kthread_parkme+0x82/0x160 [ 190.942784] ? preempt_count_sub+0x50/0x80 [ 190.943188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.943893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 190.944437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 190.945591] kthread+0x257/0x310 [ 190.945927] ? __pfx_kthread+0x10/0x10 [ 190.946339] ret_from_fork+0x41/0x80 [ 190.946678] ? __pfx_kthread+0x10/0x10 [ 190.947062] ret_from_fork_asm+0x1a/0x30 [ 190.947702] </TASK> [ 190.947978] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 190.869311] WARNING: CPU: 0 PID: 1194 at drivers/gpu/drm/drm_connector.c:232 __drm_connector_init+0xcfa/0x11e0 [ 190.871044] Modules linked in: [ 190.871632] CPU: 0 UID: 0 PID: 1194 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 190.872516] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 190.873129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 190.873859] RIP: 0010:__drm_connector_init+0xcfa/0x11e0 [ 190.874375] Code: 00 00 00 00 fc ff df 48 89 fa 48 c1 ea 03 80 3c 02 00 0f 85 ce 03 00 00 49 c7 84 24 98 07 00 00 00 00 00 00 e9 83 f4 ff ff 90 <0f> 0b 90 e9 52 f4 ff ff 49 8d bd 40 04 00 00 48 b8 00 00 00 00 00 [ 190.876120] RSP: 0000:ffff888105ed7c38 EFLAGS: 00010246 [ 190.876616] RAX: dffffc0000000000 RBX: ffffffff873bdca0 RCX: 0000000000000000 [ 190.877432] RDX: 1ffffffff0e72876 RSI: ffff888106002010 RDI: ffffffff873943b0 [ 190.878133] RBP: ffff888105ed7cb0 R08: 0000000000000000 R09: ffffffff873a8f40 [ 190.878710] R10: 0000000000000003 R11: 000000008f85cdca R12: ffff888106002010 [ 190.879669] R13: ffff888100d2a000 R14: 0000000000000000 R15: ffffffff87394360 [ 190.880651] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 190.881444] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 190.882069] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 190.882830] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 190.883366] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 190.884170] Call Trace: [ 190.884634] <TASK> [ 190.884903] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.885692] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 190.886374] drmm_connector_init+0xdc/0x170 [ 190.887323] ? __drm_kunit_helper_alloc_drm_device_with_driver+0x5d/0x80 [ 190.887972] drm_client_modeset_test_init+0x336/0x730 [ 190.888510] ? __pfx_drm_client_modeset_test_init+0x10/0x10 [ 190.889149] ? __schedule+0xc49/0x27a0 [ 190.889835] kunit_try_run_case+0x169/0x480 [ 190.890303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.890908] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 190.891632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 190.892204] ? __kthread_parkme+0x82/0x160 [ 190.892675] ? preempt_count_sub+0x50/0x80 [ 190.893329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 190.893739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 190.894619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 190.895193] kthread+0x257/0x310 [ 190.895860] ? __pfx_kthread+0x10/0x10 [ 190.896248] ret_from_fork+0x41/0x80 [ 190.896813] ? __pfx_kthread+0x10/0x10 [ 190.897251] ret_from_fork_asm+0x1a/0x30 [ 190.897681] </TASK> [ 190.898380] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 32.127371] ================================================================== [ 32.127875] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 32.127875] [ 32.128536] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#158): [ 32.129810] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 32.130868] kunit_try_run_case+0x1a6/0x480 [ 32.131404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.131989] kthread+0x257/0x310 [ 32.132391] ret_from_fork+0x41/0x80 [ 32.132721] ret_from_fork_asm+0x1a/0x30 [ 32.133144] [ 32.133394] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 32.133394] [ 32.134196] allocated by task 320 on cpu 1 at 32.126982s (0.007207s ago): [ 32.134692] test_alloc+0x365/0x10f0 [ 32.135483] test_kmalloc_aligned_oob_read+0x106/0x570 [ 32.136161] kunit_try_run_case+0x1a6/0x480 [ 32.136616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 32.137165] kthread+0x257/0x310 [ 32.137602] ret_from_fork+0x41/0x80 [ 32.137987] ret_from_fork_asm+0x1a/0x30 [ 32.138478] [ 32.138737] CPU: 1 UID: 0 PID: 320 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 32.139590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 32.140046] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 32.140778] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 27.239440] ================================================================== [ 27.240124] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 27.240124] [ 27.241203] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#111): [ 27.242205] test_corruption+0x2e1/0x3e0 [ 27.242751] kunit_try_run_case+0x1a6/0x480 [ 27.243293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.243753] kthread+0x257/0x310 [ 27.244153] ret_from_fork+0x41/0x80 [ 27.244574] ret_from_fork_asm+0x1a/0x30 [ 27.245010] [ 27.245266] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.245266] [ 27.246009] allocated by task 308 on cpu 1 at 27.239066s (0.006936s ago): [ 27.246544] test_alloc+0x365/0x10f0 [ 27.246997] test_corruption+0x1cc/0x3e0 [ 27.247440] kunit_try_run_case+0x1a6/0x480 [ 27.247839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.248387] kthread+0x257/0x310 [ 27.248710] ret_from_fork+0x41/0x80 [ 27.249104] ret_from_fork_asm+0x1a/0x30 [ 27.249581] [ 27.249857] freed by task 308 on cpu 1 at 27.239214s (0.010599s ago): [ 27.250442] test_corruption+0x2e1/0x3e0 [ 27.250857] kunit_try_run_case+0x1a6/0x480 [ 27.251357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.251793] kthread+0x257/0x310 [ 27.252182] ret_from_fork+0x41/0x80 [ 27.252618] ret_from_fork_asm+0x1a/0x30 [ 27.253109] [ 27.253409] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 27.254149] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.254546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.255305] ================================================================== [ 27.551335] ================================================================== [ 27.551936] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 27.551936] [ 27.552912] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#114): [ 27.554316] test_corruption+0x217/0x3e0 [ 27.554664] kunit_try_run_case+0x1a6/0x480 [ 27.555223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.555742] kthread+0x257/0x310 [ 27.556350] ret_from_fork+0x41/0x80 [ 27.556883] ret_from_fork_asm+0x1a/0x30 [ 27.557610] [ 27.557809] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.557809] [ 27.558541] allocated by task 310 on cpu 0 at 27.551087s (0.007448s ago): [ 27.559137] test_alloc+0x2a7/0x10f0 [ 27.559541] test_corruption+0x1cc/0x3e0 [ 27.560510] kunit_try_run_case+0x1a6/0x480 [ 27.560905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.561113] kthread+0x257/0x310 [ 27.561305] ret_from_fork+0x41/0x80 [ 27.561623] ret_from_fork_asm+0x1a/0x30 [ 27.562046] [ 27.562330] freed by task 310 on cpu 0 at 27.551171s (0.011152s ago): [ 27.562879] test_corruption+0x217/0x3e0 [ 27.563196] kunit_try_run_case+0x1a6/0x480 [ 27.563648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.564254] kthread+0x257/0x310 [ 27.564640] ret_from_fork+0x41/0x80 [ 27.564914] ret_from_fork_asm+0x1a/0x30 [ 27.565197] [ 27.565418] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 27.565924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.566205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.566858] ================================================================== [ 26.615431] ================================================================== [ 26.616067] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 26.616067] [ 26.617324] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#105): [ 26.618998] test_corruption+0x2d4/0x3e0 [ 26.619434] kunit_try_run_case+0x1a6/0x480 [ 26.619888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.620797] kthread+0x257/0x310 [ 26.621263] ret_from_fork+0x41/0x80 [ 26.622044] ret_from_fork_asm+0x1a/0x30 [ 26.622591] [ 26.622809] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.622809] [ 26.623608] allocated by task 308 on cpu 1 at 26.615066s (0.008537s ago): [ 26.624731] test_alloc+0x365/0x10f0 [ 26.625365] test_corruption+0xe7/0x3e0 [ 26.625688] kunit_try_run_case+0x1a6/0x480 [ 26.626453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.627076] kthread+0x257/0x310 [ 26.627556] ret_from_fork+0x41/0x80 [ 26.627915] ret_from_fork_asm+0x1a/0x30 [ 26.628387] [ 26.628602] freed by task 308 on cpu 1 at 26.615182s (0.013413s ago): [ 26.629556] test_corruption+0x2d4/0x3e0 [ 26.630149] kunit_try_run_case+0x1a6/0x480 [ 26.630707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.631396] kthread+0x257/0x310 [ 26.631901] ret_from_fork+0x41/0x80 [ 26.632421] ret_from_fork_asm+0x1a/0x30 [ 26.632788] [ 26.633449] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.634173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.634591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.635493] ================================================================== [ 27.447467] ================================================================== [ 27.448048] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 27.448048] [ 27.448928] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#113): [ 27.451386] test_corruption+0x132/0x3e0 [ 27.452596] kunit_try_run_case+0x1a6/0x480 [ 27.453436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.454662] kthread+0x257/0x310 [ 27.455135] ret_from_fork+0x41/0x80 [ 27.456139] ret_from_fork_asm+0x1a/0x30 [ 27.457124] [ 27.457579] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.457579] [ 27.459070] allocated by task 310 on cpu 0 at 27.447164s (0.011901s ago): [ 27.460401] test_alloc+0x2a7/0x10f0 [ 27.460686] test_corruption+0xe7/0x3e0 [ 27.460965] kunit_try_run_case+0x1a6/0x480 [ 27.461876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.462961] kthread+0x257/0x310 [ 27.463792] ret_from_fork+0x41/0x80 [ 27.464605] ret_from_fork_asm+0x1a/0x30 [ 27.465209] [ 27.465449] freed by task 310 on cpu 0 at 27.447334s (0.018111s ago): [ 27.465912] test_corruption+0x132/0x3e0 [ 27.466746] kunit_try_run_case+0x1a6/0x480 [ 27.467128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.467770] kthread+0x257/0x310 [ 27.468285] ret_from_fork+0x41/0x80 [ 27.468784] ret_from_fork_asm+0x1a/0x30 [ 27.469341] [ 27.469548] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 27.470653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.471169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.471883] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 26.303296] ================================================================== [ 26.303869] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 26.303869] [ 26.304620] Invalid free of 0x(____ptrval____) (in kfence-#102): [ 26.305404] test_invalid_addr_free+0x1e3/0x260 [ 26.305806] kunit_try_run_case+0x1a6/0x480 [ 26.306176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.306748] kthread+0x257/0x310 [ 26.307144] ret_from_fork+0x41/0x80 [ 26.307623] ret_from_fork_asm+0x1a/0x30 [ 26.308069] [ 26.308302] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.308302] [ 26.309217] allocated by task 304 on cpu 1 at 26.303046s (0.006165s ago): [ 26.310004] test_alloc+0x365/0x10f0 [ 26.310486] test_invalid_addr_free+0xdc/0x260 [ 26.310908] kunit_try_run_case+0x1a6/0x480 [ 26.311425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.312098] kthread+0x257/0x310 [ 26.312491] ret_from_fork+0x41/0x80 [ 26.312912] ret_from_fork_asm+0x1a/0x30 [ 26.313363] [ 26.313580] CPU: 1 UID: 0 PID: 304 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.314570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.315008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.315708] ================================================================== [ 26.407316] ================================================================== [ 26.407840] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 26.407840] [ 26.408155] Invalid free of 0x(____ptrval____) (in kfence-#103): [ 26.408541] test_invalid_addr_free+0xfc/0x260 [ 26.409152] kunit_try_run_case+0x1a6/0x480 [ 26.410170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.410908] kthread+0x257/0x310 [ 26.411513] ret_from_fork+0x41/0x80 [ 26.412073] ret_from_fork_asm+0x1a/0x30 [ 26.412508] [ 26.412723] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.412723] [ 26.413609] allocated by task 306 on cpu 0 at 26.407099s (0.006504s ago): [ 26.414401] test_alloc+0x2a7/0x10f0 [ 26.414792] test_invalid_addr_free+0xdc/0x260 [ 26.415288] kunit_try_run_case+0x1a6/0x480 [ 26.415722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.416222] kthread+0x257/0x310 [ 26.416647] ret_from_fork+0x41/0x80 [ 26.417154] ret_from_fork_asm+0x1a/0x30 [ 26.417673] [ 26.417943] CPU: 0 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.418714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.419317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.419961] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 26.199546] ================================================================== [ 26.200217] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 26.200217] [ 26.200864] Invalid free of 0x(____ptrval____) (in kfence-#101): [ 26.201672] test_double_free+0x113/0x260 [ 26.202456] kunit_try_run_case+0x1a6/0x480 [ 26.202642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.202843] kthread+0x257/0x310 [ 26.202988] ret_from_fork+0x41/0x80 [ 26.203144] ret_from_fork_asm+0x1a/0x30 [ 26.203624] [ 26.204043] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.204043] [ 26.205809] allocated by task 302 on cpu 1 at 26.199248s (0.006554s ago): [ 26.207242] test_alloc+0x2a7/0x10f0 [ 26.207782] test_double_free+0xdc/0x260 [ 26.208330] kunit_try_run_case+0x1a6/0x480 [ 26.208846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.209447] kthread+0x257/0x310 [ 26.209783] ret_from_fork+0x41/0x80 [ 26.210158] ret_from_fork_asm+0x1a/0x30 [ 26.210563] [ 26.210795] freed by task 302 on cpu 1 at 26.199347s (0.011442s ago): [ 26.211403] test_double_free+0xfb/0x260 [ 26.211857] kunit_try_run_case+0x1a6/0x480 [ 26.212344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.212842] kthread+0x257/0x310 [ 26.213674] ret_from_fork+0x41/0x80 [ 26.214201] ret_from_fork_asm+0x1a/0x30 [ 26.214643] [ 26.214992] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.215931] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.216473] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.217205] ================================================================== [ 26.095583] ================================================================== [ 26.096361] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 26.096361] [ 26.097055] Invalid free of 0x(____ptrval____) (in kfence-#100): [ 26.097676] test_double_free+0x1d5/0x260 [ 26.098055] kunit_try_run_case+0x1a6/0x480 [ 26.098798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.099773] kthread+0x257/0x310 [ 26.100623] ret_from_fork+0x41/0x80 [ 26.101456] ret_from_fork_asm+0x1a/0x30 [ 26.102062] [ 26.102371] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.102371] [ 26.103285] allocated by task 300 on cpu 1 at 26.095087s (0.008192s ago): [ 26.104044] test_alloc+0x365/0x10f0 [ 26.104550] test_double_free+0xdc/0x260 [ 26.105082] kunit_try_run_case+0x1a6/0x480 [ 26.105623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.106256] kthread+0x257/0x310 [ 26.106643] ret_from_fork+0x41/0x80 [ 26.107154] ret_from_fork_asm+0x1a/0x30 [ 26.107634] [ 26.107899] freed by task 300 on cpu 1 at 26.095176s (0.012717s ago): [ 26.108682] test_double_free+0x1e2/0x260 [ 26.109138] kunit_try_run_case+0x1a6/0x480 [ 26.109717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.110297] kthread+0x257/0x310 [ 26.110661] ret_from_fork+0x41/0x80 [ 26.111209] ret_from_fork_asm+0x1a/0x30 [ 26.111597] [ 26.111984] CPU: 1 UID: 0 PID: 300 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.112781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.113286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.114064] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 25.991371] ================================================================== [ 25.992003] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 25.992003] [ 25.992745] Use-after-free read at 0x(____ptrval____) (in kfence-#99): [ 25.993301] test_use_after_free_read+0x12a/0x270 [ 25.993646] kunit_try_run_case+0x1a6/0x480 [ 25.994206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.994748] kthread+0x257/0x310 [ 25.995133] ret_from_fork+0x41/0x80 [ 25.995540] ret_from_fork_asm+0x1a/0x30 [ 25.995867] [ 25.996053] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.996053] [ 25.996862] allocated by task 298 on cpu 0 at 25.991103s (0.005753s ago): [ 25.997660] test_alloc+0x2a7/0x10f0 [ 25.998087] test_use_after_free_read+0xdd/0x270 [ 25.998466] kunit_try_run_case+0x1a6/0x480 [ 25.998913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.999466] kthread+0x257/0x310 [ 25.999852] ret_from_fork+0x41/0x80 [ 26.000273] ret_from_fork_asm+0x1a/0x30 [ 26.000679] [ 26.000865] freed by task 298 on cpu 0 at 25.991193s (0.009666s ago): [ 26.001677] test_use_after_free_read+0xfc/0x270 [ 26.002145] kunit_try_run_case+0x1a6/0x480 [ 26.002496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.003031] kthread+0x257/0x310 [ 26.003456] ret_from_fork+0x41/0x80 [ 26.003894] ret_from_fork_asm+0x1a/0x30 [ 26.004269] [ 26.004502] CPU: 0 UID: 0 PID: 298 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 26.005614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.006019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.006844] ================================================================== [ 25.887475] ================================================================== [ 25.888219] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 25.888219] [ 25.888980] Use-after-free read at 0x(____ptrval____) (in kfence-#98): [ 25.890805] test_use_after_free_read+0x12a/0x270 [ 25.891351] kunit_try_run_case+0x1a6/0x480 [ 25.891794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.892195] kthread+0x257/0x310 [ 25.892641] ret_from_fork+0x41/0x80 [ 25.893287] ret_from_fork_asm+0x1a/0x30 [ 25.893659] [ 25.894316] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.894316] [ 25.895499] allocated by task 296 on cpu 1 at 25.887088s (0.008405s ago): [ 25.896352] test_alloc+0x365/0x10f0 [ 25.896880] test_use_after_free_read+0xdd/0x270 [ 25.897348] kunit_try_run_case+0x1a6/0x480 [ 25.897785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.898596] kthread+0x257/0x310 [ 25.899216] ret_from_fork+0x41/0x80 [ 25.899760] ret_from_fork_asm+0x1a/0x30 [ 25.900222] [ 25.900673] freed by task 296 on cpu 1 at 25.887174s (0.013391s ago): [ 25.901475] test_use_after_free_read+0x1e9/0x270 [ 25.901903] kunit_try_run_case+0x1a6/0x480 [ 25.902352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.903285] kthread+0x257/0x310 [ 25.903670] ret_from_fork+0x41/0x80 [ 25.904076] ret_from_fork_asm+0x1a/0x30 [ 25.904995] [ 25.905266] CPU: 1 UID: 0 PID: 296 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.906221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.906727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.907413] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 25.679178] ================================================================== [ 25.679910] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 25.679910] [ 25.680736] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#96): [ 25.681365] test_out_of_bounds_write+0x10e/0x260 [ 25.682000] kunit_try_run_case+0x1a6/0x480 [ 25.682432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.683008] kthread+0x257/0x310 [ 25.683413] ret_from_fork+0x41/0x80 [ 25.683882] ret_from_fork_asm+0x1a/0x30 [ 25.684304] [ 25.684503] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.684503] [ 25.685382] allocated by task 292 on cpu 0 at 25.679023s (0.006318s ago): [ 25.686004] test_alloc+0x365/0x10f0 [ 25.686451] test_out_of_bounds_write+0xd5/0x260 [ 25.686961] kunit_try_run_case+0x1a6/0x480 [ 25.687377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.687789] kthread+0x257/0x310 [ 25.688393] ret_from_fork+0x41/0x80 [ 25.688824] ret_from_fork_asm+0x1a/0x30 [ 25.689302] [ 25.689638] CPU: 0 UID: 0 PID: 292 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.690533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.690933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.691719] ================================================================== [ 25.783213] ================================================================== [ 25.783894] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 25.783894] [ 25.784747] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#97): [ 25.785330] test_out_of_bounds_write+0x10e/0x260 [ 25.785823] kunit_try_run_case+0x1a6/0x480 [ 25.786371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.786835] kthread+0x257/0x310 [ 25.787209] ret_from_fork+0x41/0x80 [ 25.787674] ret_from_fork_asm+0x1a/0x30 [ 25.788317] [ 25.788574] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.788574] [ 25.789332] allocated by task 294 on cpu 0 at 25.783113s (0.006214s ago): [ 25.790081] test_alloc+0x2a7/0x10f0 [ 25.790780] test_out_of_bounds_write+0xd5/0x260 [ 25.791207] kunit_try_run_case+0x1a6/0x480 [ 25.791782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.792287] kthread+0x257/0x310 [ 25.792637] ret_from_fork+0x41/0x80 [ 25.793311] ret_from_fork_asm+0x1a/0x30 [ 25.793760] [ 25.794133] CPU: 0 UID: 0 PID: 294 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.794795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.795275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.796023] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 25.055263] ================================================================== [ 25.055915] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 25.055915] [ 25.056673] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#90): [ 25.057378] test_out_of_bounds_read+0x217/0x4e0 [ 25.057743] kunit_try_run_case+0x1a6/0x480 [ 25.058147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.058843] kthread+0x257/0x310 [ 25.059186] ret_from_fork+0x41/0x80 [ 25.059641] ret_from_fork_asm+0x1a/0x30 [ 25.060164] [ 25.060392] kfence-#90: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.060392] [ 25.061155] allocated by task 288 on cpu 1 at 25.054975s (0.006174s ago): [ 25.061681] test_alloc+0x365/0x10f0 [ 25.062088] test_out_of_bounds_read+0x1e3/0x4e0 [ 25.062706] kunit_try_run_case+0x1a6/0x480 [ 25.063251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.063712] kthread+0x257/0x310 [ 25.064070] ret_from_fork+0x41/0x80 [ 25.064551] ret_from_fork_asm+0x1a/0x30 [ 25.065031] [ 25.065282] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.065888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.066331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.067217] ================================================================== [ 25.263169] ================================================================== [ 25.263837] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 25.263837] [ 25.264599] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#92): [ 25.265245] test_out_of_bounds_read+0x127/0x4e0 [ 25.265648] kunit_try_run_case+0x1a6/0x480 [ 25.266150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.266595] kthread+0x257/0x310 [ 25.267080] ret_from_fork+0x41/0x80 [ 25.267532] ret_from_fork_asm+0x1a/0x30 [ 25.267910] [ 25.268104] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.268104] [ 25.268888] allocated by task 290 on cpu 0 at 25.263062s (0.005820s ago): [ 25.269577] test_alloc+0x2a7/0x10f0 [ 25.270051] test_out_of_bounds_read+0xee/0x4e0 [ 25.270520] kunit_try_run_case+0x1a6/0x480 [ 25.271063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.271516] kthread+0x257/0x310 [ 25.271909] ret_from_fork+0x41/0x80 [ 25.272347] ret_from_fork_asm+0x1a/0x30 [ 25.272696] [ 25.273015] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.273688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.274247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.274808] ================================================================== [ 24.952550] ================================================================== [ 24.953247] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 24.953247] [ 24.954078] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#89): [ 24.956115] test_out_of_bounds_read+0x127/0x4e0 [ 24.956673] kunit_try_run_case+0x1a6/0x480 [ 24.956934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.957913] kthread+0x257/0x310 [ 24.958388] ret_from_fork+0x41/0x80 [ 24.958769] ret_from_fork_asm+0x1a/0x30 [ 24.959179] [ 24.959860] kfence-#89: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.959860] [ 24.961555] allocated by task 288 on cpu 1 at 24.951051s (0.010420s ago): [ 24.962733] test_alloc+0x365/0x10f0 [ 24.963180] test_out_of_bounds_read+0xee/0x4e0 [ 24.963656] kunit_try_run_case+0x1a6/0x480 [ 24.964112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.964714] kthread+0x257/0x310 [ 24.965065] ret_from_fork+0x41/0x80 [ 24.965510] ret_from_fork_asm+0x1a/0x30 [ 24.966060] [ 24.966731] CPU: 1 UID: 0 PID: 288 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.967478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.967838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.968718] ================================================================== [ 25.367168] ================================================================== [ 25.367859] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 25.367859] [ 25.368593] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#93): [ 25.369213] test_out_of_bounds_read+0x217/0x4e0 [ 25.369721] kunit_try_run_case+0x1a6/0x480 [ 25.370197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.370621] kthread+0x257/0x310 [ 25.371081] ret_from_fork+0x41/0x80 [ 25.371549] ret_from_fork_asm+0x1a/0x30 [ 25.371891] [ 25.372086] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.372086] [ 25.373053] allocated by task 290 on cpu 0 at 25.367076s (0.005972s ago): [ 25.373609] test_alloc+0x2a7/0x10f0 [ 25.374072] test_out_of_bounds_read+0x1e3/0x4e0 [ 25.374546] kunit_try_run_case+0x1a6/0x480 [ 25.375052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.375500] kthread+0x257/0x310 [ 25.375894] ret_from_fork+0x41/0x80 [ 25.376346] ret_from_fork_asm+0x1a/0x30 [ 25.376732] [ 25.377034] CPU: 0 UID: 0 PID: 290 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 25.377747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.378132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.378815] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.107158] ================================================================== [ 22.107900] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 22.108711] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.109336] [ 22.109618] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.109736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.109776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.109908] Call Trace: [ 22.109964] <TASK> [ 22.110026] dump_stack_lvl+0x73/0xb0 [ 22.110107] print_report+0xd1/0x640 [ 22.110188] ? __virt_addr_valid+0x1db/0x2d0 [ 22.110285] ? kasan_atomics_helper+0x4b56/0x5450 [ 22.110361] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.110462] ? kasan_atomics_helper+0x4b56/0x5450 [ 22.110608] kasan_report+0x140/0x180 [ 22.110693] ? kasan_atomics_helper+0x4b56/0x5450 [ 22.110788] __asan_report_load4_noabort+0x18/0x20 [ 22.111009] kasan_atomics_helper+0x4b56/0x5450 [ 22.111050] ? kasan_save_alloc_info+0x3b/0x50 [ 22.111083] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.111118] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.111149] ? trace_hardirqs_on+0x37/0xe0 [ 22.111187] kasan_atomics+0x1dd/0x310 [ 22.111214] ? __pfx_kasan_atomics+0x10/0x10 [ 22.111292] ? __pfx_read_tsc+0x10/0x10 [ 22.111321] ? ktime_get_ts64+0x84/0x230 [ 22.111358] kunit_try_run_case+0x1a6/0x480 [ 22.111390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.111418] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.111447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.111482] ? __kthread_parkme+0x82/0x160 [ 22.111509] ? preempt_count_sub+0x50/0x80 [ 22.111540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.111567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.111604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.111640] kthread+0x257/0x310 [ 22.111664] ? __pfx_kthread+0x10/0x10 [ 22.111690] ret_from_fork+0x41/0x80 [ 22.111717] ? __pfx_kthread+0x10/0x10 [ 22.111742] ret_from_fork_asm+0x1a/0x30 [ 22.111782] </TASK> [ 22.111795] [ 22.129119] Allocated by task 270: [ 22.129566] kasan_save_stack+0x45/0x70 [ 22.129940] kasan_save_track+0x18/0x40 [ 22.130447] kasan_save_alloc_info+0x3b/0x50 [ 22.130955] __kasan_kmalloc+0xb7/0xc0 [ 22.131298] __kmalloc_cache_noprof+0x168/0x350 [ 22.131747] kasan_atomics+0x96/0x310 [ 22.132254] kunit_try_run_case+0x1a6/0x480 [ 22.132670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.133097] kthread+0x257/0x310 [ 22.133581] ret_from_fork+0x41/0x80 [ 22.134094] ret_from_fork_asm+0x1a/0x30 [ 22.134436] [ 22.134649] The buggy address belongs to the object at ffff888102314e80 [ 22.134649] which belongs to the cache kmalloc-64 of size 64 [ 22.135691] The buggy address is located 0 bytes to the right of [ 22.135691] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.136679] [ 22.136870] The buggy address belongs to the physical page: [ 22.137243] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.137934] flags: 0x200000000000000(node=0|zone=2) [ 22.138494] page_type: f5(slab) [ 22.138866] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.139318] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.142407] page dumped because: kasan: bad access detected [ 22.142755] [ 22.143732] Memory state around the buggy address: [ 22.144558] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.145101] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.145478] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.145822] ^ [ 22.146130] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.148847] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.149493] ================================================================== [ 22.404680] ================================================================== [ 22.406051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 22.408267] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.408760] [ 22.408980] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.409095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.409129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.409182] Call Trace: [ 22.409246] <TASK> [ 22.409298] dump_stack_lvl+0x73/0xb0 [ 22.409390] print_report+0xd1/0x640 [ 22.409473] ? __virt_addr_valid+0x1db/0x2d0 [ 22.409549] ? kasan_atomics_helper+0x7c8/0x5450 [ 22.409620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.409693] ? kasan_atomics_helper+0x7c8/0x5450 [ 22.409774] kasan_report+0x140/0x180 [ 22.409862] ? kasan_atomics_helper+0x7c8/0x5450 [ 22.409953] kasan_check_range+0x10c/0x1c0 [ 22.410039] __kasan_check_write+0x18/0x20 [ 22.410117] kasan_atomics_helper+0x7c8/0x5450 [ 22.410198] ? kasan_save_alloc_info+0x3b/0x50 [ 22.410439] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.410533] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.410587] ? trace_hardirqs_on+0x37/0xe0 [ 22.410655] kasan_atomics+0x1dd/0x310 [ 22.410706] ? __pfx_kasan_atomics+0x10/0x10 [ 22.410761] ? __pfx_read_tsc+0x10/0x10 [ 22.410808] ? ktime_get_ts64+0x84/0x230 [ 22.410886] kunit_try_run_case+0x1a6/0x480 [ 22.410944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.410993] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.411047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.411107] ? __kthread_parkme+0x82/0x160 [ 22.411156] ? preempt_count_sub+0x50/0x80 [ 22.411214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.411296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.411360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.411422] kthread+0x257/0x310 [ 22.411468] ? __pfx_kthread+0x10/0x10 [ 22.411518] ret_from_fork+0x41/0x80 [ 22.411583] ? __pfx_kthread+0x10/0x10 [ 22.411647] ret_from_fork_asm+0x1a/0x30 [ 22.411739] </TASK> [ 22.411772] [ 22.434008] Allocated by task 270: [ 22.434253] kasan_save_stack+0x45/0x70 [ 22.434446] kasan_save_track+0x18/0x40 [ 22.434607] kasan_save_alloc_info+0x3b/0x50 [ 22.434775] __kasan_kmalloc+0xb7/0xc0 [ 22.435172] __kmalloc_cache_noprof+0x168/0x350 [ 22.436065] kasan_atomics+0x96/0x310 [ 22.436406] kunit_try_run_case+0x1a6/0x480 [ 22.436779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.437435] kthread+0x257/0x310 [ 22.437809] ret_from_fork+0x41/0x80 [ 22.438151] ret_from_fork_asm+0x1a/0x30 [ 22.438536] [ 22.438890] The buggy address belongs to the object at ffff888102314e80 [ 22.438890] which belongs to the cache kmalloc-64 of size 64 [ 22.439907] The buggy address is located 0 bytes to the right of [ 22.439907] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.441106] [ 22.441356] The buggy address belongs to the physical page: [ 22.441862] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.442778] flags: 0x200000000000000(node=0|zone=2) [ 22.443496] page_type: f5(slab) [ 22.443844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.444432] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.445071] page dumped because: kasan: bad access detected [ 22.445659] [ 22.445998] Memory state around the buggy address: [ 22.446437] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.447113] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.447902] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.448520] ^ [ 22.449023] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.449679] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.450496] ================================================================== [ 22.579273] ================================================================== [ 22.580085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 22.580594] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.581173] [ 22.581472] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.581593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.581635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.581699] Call Trace: [ 22.581754] <TASK> [ 22.581810] dump_stack_lvl+0x73/0xb0 [ 22.581937] print_report+0xd1/0x640 [ 22.582019] ? __virt_addr_valid+0x1db/0x2d0 [ 22.582099] ? kasan_atomics_helper+0xa2c/0x5450 [ 22.582177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.582273] ? kasan_atomics_helper+0xa2c/0x5450 [ 22.582352] kasan_report+0x140/0x180 [ 22.582414] ? kasan_atomics_helper+0xa2c/0x5450 [ 22.582501] kasan_check_range+0x10c/0x1c0 [ 22.582577] __kasan_check_write+0x18/0x20 [ 22.582704] kasan_atomics_helper+0xa2c/0x5450 [ 22.582786] ? kasan_save_alloc_info+0x3b/0x50 [ 22.582906] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.582992] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.583073] ? trace_hardirqs_on+0x37/0xe0 [ 22.583168] kasan_atomics+0x1dd/0x310 [ 22.583279] ? __pfx_kasan_atomics+0x10/0x10 [ 22.583362] ? __pfx_read_tsc+0x10/0x10 [ 22.583430] ? ktime_get_ts64+0x84/0x230 [ 22.583517] kunit_try_run_case+0x1a6/0x480 [ 22.583606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.583689] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.583769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.583873] ? __kthread_parkme+0x82/0x160 [ 22.583953] ? preempt_count_sub+0x50/0x80 [ 22.584041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.584115] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.584201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.584346] kthread+0x257/0x310 [ 22.584420] ? __pfx_kthread+0x10/0x10 [ 22.584492] ret_from_fork+0x41/0x80 [ 22.584563] ? __pfx_kthread+0x10/0x10 [ 22.584633] ret_from_fork_asm+0x1a/0x30 [ 22.584699] </TASK> [ 22.584717] [ 22.598097] Allocated by task 270: [ 22.598449] kasan_save_stack+0x45/0x70 [ 22.598785] kasan_save_track+0x18/0x40 [ 22.599245] kasan_save_alloc_info+0x3b/0x50 [ 22.599732] __kasan_kmalloc+0xb7/0xc0 [ 22.600151] __kmalloc_cache_noprof+0x168/0x350 [ 22.600632] kasan_atomics+0x96/0x310 [ 22.601190] kunit_try_run_case+0x1a6/0x480 [ 22.601640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.602189] kthread+0x257/0x310 [ 22.602546] ret_from_fork+0x41/0x80 [ 22.602979] ret_from_fork_asm+0x1a/0x30 [ 22.603405] [ 22.603613] The buggy address belongs to the object at ffff888102314e80 [ 22.603613] which belongs to the cache kmalloc-64 of size 64 [ 22.604400] The buggy address is located 0 bytes to the right of [ 22.604400] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.605102] [ 22.605318] The buggy address belongs to the physical page: [ 22.605846] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.606833] flags: 0x200000000000000(node=0|zone=2) [ 22.607388] page_type: f5(slab) [ 22.607787] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.608392] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.609065] page dumped because: kasan: bad access detected [ 22.609533] [ 22.609723] Memory state around the buggy address: [ 22.610063] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.610523] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.611625] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.612208] ^ [ 22.612696] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.613367] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.613917] ================================================================== [ 21.938646] ================================================================== [ 21.939366] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 21.940499] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 21.941499] [ 21.941682] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.941744] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.941761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.941791] Call Trace: [ 21.941809] <TASK> [ 21.941853] dump_stack_lvl+0x73/0xb0 [ 21.941913] print_report+0xd1/0x640 [ 21.941950] ? __virt_addr_valid+0x1db/0x2d0 [ 21.941986] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.942019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.942052] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.942085] kasan_report+0x140/0x180 [ 21.942121] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.942163] __asan_report_store4_noabort+0x1b/0x30 [ 21.942195] kasan_atomics_helper+0x4ba4/0x5450 [ 21.942265] ? kasan_save_alloc_info+0x3b/0x50 [ 21.942358] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.942450] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.942535] ? trace_hardirqs_on+0x37/0xe0 [ 21.942589] kasan_atomics+0x1dd/0x310 [ 21.942620] ? __pfx_kasan_atomics+0x10/0x10 [ 21.942653] ? __pfx_read_tsc+0x10/0x10 [ 21.942681] ? ktime_get_ts64+0x84/0x230 [ 21.942758] kunit_try_run_case+0x1a6/0x480 [ 21.942797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.942846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.942889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.942926] ? __kthread_parkme+0x82/0x160 [ 21.942954] ? preempt_count_sub+0x50/0x80 [ 21.942984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.943012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.943049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.943086] kthread+0x257/0x310 [ 21.943111] ? __pfx_kthread+0x10/0x10 [ 21.943139] ret_from_fork+0x41/0x80 [ 21.943167] ? __pfx_kthread+0x10/0x10 [ 21.943192] ret_from_fork_asm+0x1a/0x30 [ 21.943261] </TASK> [ 21.943283] [ 21.959493] Allocated by task 270: [ 21.959895] kasan_save_stack+0x45/0x70 [ 21.960354] kasan_save_track+0x18/0x40 [ 21.961029] kasan_save_alloc_info+0x3b/0x50 [ 21.961481] __kasan_kmalloc+0xb7/0xc0 [ 21.961922] __kmalloc_cache_noprof+0x168/0x350 [ 21.962334] kasan_atomics+0x96/0x310 [ 21.962626] kunit_try_run_case+0x1a6/0x480 [ 21.963069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.963779] kthread+0x257/0x310 [ 21.964400] ret_from_fork+0x41/0x80 [ 21.965077] ret_from_fork_asm+0x1a/0x30 [ 21.965522] [ 21.965904] The buggy address belongs to the object at ffff888102314e80 [ 21.965904] which belongs to the cache kmalloc-64 of size 64 [ 21.967081] The buggy address is located 0 bytes to the right of [ 21.967081] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 21.968200] [ 21.968539] The buggy address belongs to the physical page: [ 21.969192] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 21.969952] flags: 0x200000000000000(node=0|zone=2) [ 21.970334] page_type: f5(slab) [ 21.970620] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.971374] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.972104] page dumped because: kasan: bad access detected [ 21.972644] [ 21.972915] Memory state around the buggy address: [ 21.973423] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.974192] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.974937] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.975498] ^ [ 21.976241] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.976932] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.977537] ================================================================== [ 21.981106] ================================================================== [ 21.981784] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 21.982592] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 21.983269] [ 21.983596] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.983766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.983804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.983947] Call Trace: [ 21.984028] <TASK> [ 21.984084] dump_stack_lvl+0x73/0xb0 [ 21.984165] print_report+0xd1/0x640 [ 21.984284] ? __virt_addr_valid+0x1db/0x2d0 [ 21.984364] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.984437] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.984509] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.984559] kasan_report+0x140/0x180 [ 21.984595] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.984636] __asan_report_load4_noabort+0x18/0x20 [ 21.984666] kasan_atomics_helper+0x4b8a/0x5450 [ 21.984699] ? kasan_save_alloc_info+0x3b/0x50 [ 21.984727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.984762] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.984793] ? trace_hardirqs_on+0x37/0xe0 [ 21.984873] kasan_atomics+0x1dd/0x310 [ 21.984904] ? __pfx_kasan_atomics+0x10/0x10 [ 21.984934] ? __pfx_read_tsc+0x10/0x10 [ 21.984960] ? ktime_get_ts64+0x84/0x230 [ 21.984995] kunit_try_run_case+0x1a6/0x480 [ 21.985026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.985054] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.985082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.985118] ? __kthread_parkme+0x82/0x160 [ 21.985144] ? preempt_count_sub+0x50/0x80 [ 21.985174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.985201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.985264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.985303] kthread+0x257/0x310 [ 21.985329] ? __pfx_kthread+0x10/0x10 [ 21.985355] ret_from_fork+0x41/0x80 [ 21.985384] ? __pfx_kthread+0x10/0x10 [ 21.985408] ret_from_fork_asm+0x1a/0x30 [ 21.985451] </TASK> [ 21.985465] [ 22.000982] Allocated by task 270: [ 22.001434] kasan_save_stack+0x45/0x70 [ 22.002003] kasan_save_track+0x18/0x40 [ 22.002475] kasan_save_alloc_info+0x3b/0x50 [ 22.002985] __kasan_kmalloc+0xb7/0xc0 [ 22.003465] __kmalloc_cache_noprof+0x168/0x350 [ 22.003929] kasan_atomics+0x96/0x310 [ 22.004428] kunit_try_run_case+0x1a6/0x480 [ 22.004815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.005457] kthread+0x257/0x310 [ 22.005857] ret_from_fork+0x41/0x80 [ 22.006316] ret_from_fork_asm+0x1a/0x30 [ 22.006745] [ 22.007059] The buggy address belongs to the object at ffff888102314e80 [ 22.007059] which belongs to the cache kmalloc-64 of size 64 [ 22.008185] The buggy address is located 0 bytes to the right of [ 22.008185] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.009260] [ 22.009599] The buggy address belongs to the physical page: [ 22.010215] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.010978] flags: 0x200000000000000(node=0|zone=2) [ 22.011630] page_type: f5(slab) [ 22.012086] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.012733] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.013456] page dumped because: kasan: bad access detected [ 22.013990] [ 22.014340] Memory state around the buggy address: [ 22.014808] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.015595] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.016435] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.016909] ^ [ 22.018300] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.018783] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.019295] ================================================================== [ 22.151772] ================================================================== [ 22.152816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 22.155552] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.157452] [ 22.157894] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.158154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.158193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.158280] Call Trace: [ 22.158335] <TASK> [ 22.158389] dump_stack_lvl+0x73/0xb0 [ 22.158465] print_report+0xd1/0x640 [ 22.158503] ? __virt_addr_valid+0x1db/0x2d0 [ 22.158540] ? kasan_atomics_helper+0x4a1/0x5450 [ 22.158575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.158608] ? kasan_atomics_helper+0x4a1/0x5450 [ 22.158641] kasan_report+0x140/0x180 [ 22.158675] ? kasan_atomics_helper+0x4a1/0x5450 [ 22.158715] kasan_check_range+0x10c/0x1c0 [ 22.158745] __kasan_check_write+0x18/0x20 [ 22.158774] kasan_atomics_helper+0x4a1/0x5450 [ 22.158807] ? kasan_save_alloc_info+0x3b/0x50 [ 22.158886] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.158925] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.158958] ? trace_hardirqs_on+0x37/0xe0 [ 22.158998] kasan_atomics+0x1dd/0x310 [ 22.159027] ? __pfx_kasan_atomics+0x10/0x10 [ 22.159057] ? __pfx_read_tsc+0x10/0x10 [ 22.159085] ? ktime_get_ts64+0x84/0x230 [ 22.159120] kunit_try_run_case+0x1a6/0x480 [ 22.159153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.159181] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.159210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.159294] ? __kthread_parkme+0x82/0x160 [ 22.159325] ? preempt_count_sub+0x50/0x80 [ 22.159357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.159384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.159421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.159459] kthread+0x257/0x310 [ 22.159485] ? __pfx_kthread+0x10/0x10 [ 22.159510] ret_from_fork+0x41/0x80 [ 22.159541] ? __pfx_kthread+0x10/0x10 [ 22.159568] ret_from_fork_asm+0x1a/0x30 [ 22.159612] </TASK> [ 22.159625] [ 22.176976] Allocated by task 270: [ 22.177561] kasan_save_stack+0x45/0x70 [ 22.178199] kasan_save_track+0x18/0x40 [ 22.178678] kasan_save_alloc_info+0x3b/0x50 [ 22.179168] __kasan_kmalloc+0xb7/0xc0 [ 22.179857] __kmalloc_cache_noprof+0x168/0x350 [ 22.180355] kasan_atomics+0x96/0x310 [ 22.180789] kunit_try_run_case+0x1a6/0x480 [ 22.181358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.181924] kthread+0x257/0x310 [ 22.182332] ret_from_fork+0x41/0x80 [ 22.182769] ret_from_fork_asm+0x1a/0x30 [ 22.183329] [ 22.183644] The buggy address belongs to the object at ffff888102314e80 [ 22.183644] which belongs to the cache kmalloc-64 of size 64 [ 22.184592] The buggy address is located 0 bytes to the right of [ 22.184592] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.185587] [ 22.185913] The buggy address belongs to the physical page: [ 22.186465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.187292] flags: 0x200000000000000(node=0|zone=2) [ 22.187826] page_type: f5(slab) [ 22.188293] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.189115] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.189613] page dumped because: kasan: bad access detected [ 22.190266] [ 22.190578] Memory state around the buggy address: [ 22.191107] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.191830] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.192547] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.193090] ^ [ 22.193646] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.194407] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.195140] ================================================================== [ 23.005079] ================================================================== [ 23.006650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 23.007343] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.008011] [ 23.008325] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.008447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.008488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.008551] Call Trace: [ 23.008641] <TASK> [ 23.008701] dump_stack_lvl+0x73/0xb0 [ 23.008788] print_report+0xd1/0x640 [ 23.008905] ? __virt_addr_valid+0x1db/0x2d0 [ 23.008951] ? kasan_atomics_helper+0x4a38/0x5450 [ 23.009021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.009102] ? kasan_atomics_helper+0x4a38/0x5450 [ 23.009246] kasan_report+0x140/0x180 [ 23.009336] ? kasan_atomics_helper+0x4a38/0x5450 [ 23.009435] __asan_report_load4_noabort+0x18/0x20 [ 23.009555] kasan_atomics_helper+0x4a38/0x5450 [ 23.009644] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.009724] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.009769] ? trace_hardirqs_on+0x37/0xe0 [ 23.009814] kasan_atomics+0x1dd/0x310 [ 23.009889] ? __pfx_kasan_atomics+0x10/0x10 [ 23.009924] ? __pfx_read_tsc+0x10/0x10 [ 23.009953] ? ktime_get_ts64+0x84/0x230 [ 23.009990] kunit_try_run_case+0x1a6/0x480 [ 23.010023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.010053] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.010084] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.010121] ? __kthread_parkme+0x82/0x160 [ 23.010150] ? preempt_count_sub+0x50/0x80 [ 23.010181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.010211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.010278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.010319] kthread+0x257/0x310 [ 23.010346] ? __pfx_kthread+0x10/0x10 [ 23.010374] ret_from_fork+0x41/0x80 [ 23.010406] ? __pfx_kthread+0x10/0x10 [ 23.010433] ret_from_fork_asm+0x1a/0x30 [ 23.010478] </TASK> [ 23.010493] [ 23.024870] Allocated by task 270: [ 23.025390] kasan_save_stack+0x45/0x70 [ 23.025797] kasan_save_track+0x18/0x40 [ 23.026410] kasan_save_alloc_info+0x3b/0x50 [ 23.026843] __kasan_kmalloc+0xb7/0xc0 [ 23.027246] __kmalloc_cache_noprof+0x168/0x350 [ 23.027715] kasan_atomics+0x96/0x310 [ 23.028156] kunit_try_run_case+0x1a6/0x480 [ 23.028515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.028909] kthread+0x257/0x310 [ 23.029309] ret_from_fork+0x41/0x80 [ 23.029937] ret_from_fork_asm+0x1a/0x30 [ 23.030404] [ 23.030650] The buggy address belongs to the object at ffff888102314e80 [ 23.030650] which belongs to the cache kmalloc-64 of size 64 [ 23.031561] The buggy address is located 0 bytes to the right of [ 23.031561] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.032510] [ 23.032778] The buggy address belongs to the physical page: [ 23.033458] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.033941] flags: 0x200000000000000(node=0|zone=2) [ 23.034520] page_type: f5(slab) [ 23.034965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.035652] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.036561] page dumped because: kasan: bad access detected [ 23.037135] [ 23.037341] Memory state around the buggy address: [ 23.037675] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.038251] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.038883] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.039809] ^ [ 23.040375] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.041029] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.041570] ================================================================== [ 23.583743] ================================================================== [ 23.584309] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 23.584790] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.585570] [ 23.585898] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.585958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.585975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.586006] Call Trace: [ 23.586030] <TASK> [ 23.586052] dump_stack_lvl+0x73/0xb0 [ 23.586090] print_report+0xd1/0x640 [ 23.586125] ? __virt_addr_valid+0x1db/0x2d0 [ 23.586159] ? kasan_atomics_helper+0x15b7/0x5450 [ 23.586193] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.586253] ? kasan_atomics_helper+0x15b7/0x5450 [ 23.587434] kasan_report+0x140/0x180 [ 23.587531] ? kasan_atomics_helper+0x15b7/0x5450 [ 23.587626] kasan_check_range+0x10c/0x1c0 [ 23.587703] __kasan_check_write+0x18/0x20 [ 23.587775] kasan_atomics_helper+0x15b7/0x5450 [ 23.587861] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.587944] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.587999] ? trace_hardirqs_on+0x37/0xe0 [ 23.588044] kasan_atomics+0x1dd/0x310 [ 23.588076] ? __pfx_kasan_atomics+0x10/0x10 [ 23.588107] ? __pfx_read_tsc+0x10/0x10 [ 23.588137] ? ktime_get_ts64+0x84/0x230 [ 23.588173] kunit_try_run_case+0x1a6/0x480 [ 23.588206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.588271] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.588347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.588447] ? __kthread_parkme+0x82/0x160 [ 23.588550] ? preempt_count_sub+0x50/0x80 [ 23.588637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.588705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.588839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.588948] kthread+0x257/0x310 [ 23.589014] ? __pfx_kthread+0x10/0x10 [ 23.589046] ret_from_fork+0x41/0x80 [ 23.589077] ? __pfx_kthread+0x10/0x10 [ 23.589104] ret_from_fork_asm+0x1a/0x30 [ 23.589146] </TASK> [ 23.589161] [ 23.602903] Allocated by task 270: [ 23.603367] kasan_save_stack+0x45/0x70 [ 23.603792] kasan_save_track+0x18/0x40 [ 23.604281] kasan_save_alloc_info+0x3b/0x50 [ 23.604771] __kasan_kmalloc+0xb7/0xc0 [ 23.605219] __kmalloc_cache_noprof+0x168/0x350 [ 23.605589] kasan_atomics+0x96/0x310 [ 23.606026] kunit_try_run_case+0x1a6/0x480 [ 23.606496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.607120] kthread+0x257/0x310 [ 23.607436] ret_from_fork+0x41/0x80 [ 23.607734] ret_from_fork_asm+0x1a/0x30 [ 23.608168] [ 23.608451] The buggy address belongs to the object at ffff888102314e80 [ 23.608451] which belongs to the cache kmalloc-64 of size 64 [ 23.609686] The buggy address is located 0 bytes to the right of [ 23.609686] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.610564] [ 23.610761] The buggy address belongs to the physical page: [ 23.611508] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.612198] flags: 0x200000000000000(node=0|zone=2) [ 23.612746] page_type: f5(slab) [ 23.613352] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.613899] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.614829] page dumped because: kasan: bad access detected [ 23.615366] [ 23.615597] Memory state around the buggy address: [ 23.616169] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.618788] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.619320] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.620182] ^ [ 23.620612] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.621485] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.622353] ================================================================== [ 22.067020] ================================================================== [ 22.067451] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 22.068218] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.069579] [ 22.070098] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.070218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.070277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.070334] Call Trace: [ 22.070386] <TASK> [ 22.070434] dump_stack_lvl+0x73/0xb0 [ 22.070516] print_report+0xd1/0x640 [ 22.070599] ? __virt_addr_valid+0x1db/0x2d0 [ 22.070680] ? kasan_atomics_helper+0x3e0/0x5450 [ 22.070772] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.070929] ? kasan_atomics_helper+0x3e0/0x5450 [ 22.071026] kasan_report+0x140/0x180 [ 22.071105] ? kasan_atomics_helper+0x3e0/0x5450 [ 22.071182] kasan_check_range+0x10c/0x1c0 [ 22.071217] __kasan_check_read+0x15/0x20 [ 22.071291] kasan_atomics_helper+0x3e0/0x5450 [ 22.071328] ? kasan_save_alloc_info+0x3b/0x50 [ 22.071359] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.071395] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.071425] ? trace_hardirqs_on+0x37/0xe0 [ 22.071465] kasan_atomics+0x1dd/0x310 [ 22.071493] ? __pfx_kasan_atomics+0x10/0x10 [ 22.071523] ? __pfx_read_tsc+0x10/0x10 [ 22.071550] ? ktime_get_ts64+0x84/0x230 [ 22.071586] kunit_try_run_case+0x1a6/0x480 [ 22.071619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.071650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.071680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.071717] ? __kthread_parkme+0x82/0x160 [ 22.071743] ? preempt_count_sub+0x50/0x80 [ 22.071774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.071802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.071880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.071924] kthread+0x257/0x310 [ 22.071951] ? __pfx_kthread+0x10/0x10 [ 22.071978] ret_from_fork+0x41/0x80 [ 22.072008] ? __pfx_kthread+0x10/0x10 [ 22.072033] ret_from_fork_asm+0x1a/0x30 [ 22.072074] </TASK> [ 22.072087] [ 22.088370] Allocated by task 270: [ 22.088784] kasan_save_stack+0x45/0x70 [ 22.089384] kasan_save_track+0x18/0x40 [ 22.089934] kasan_save_alloc_info+0x3b/0x50 [ 22.090474] __kasan_kmalloc+0xb7/0xc0 [ 22.091022] __kmalloc_cache_noprof+0x168/0x350 [ 22.091601] kasan_atomics+0x96/0x310 [ 22.092215] kunit_try_run_case+0x1a6/0x480 [ 22.092567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.092995] kthread+0x257/0x310 [ 22.093370] ret_from_fork+0x41/0x80 [ 22.093770] ret_from_fork_asm+0x1a/0x30 [ 22.094328] [ 22.094566] The buggy address belongs to the object at ffff888102314e80 [ 22.094566] which belongs to the cache kmalloc-64 of size 64 [ 22.095658] The buggy address is located 0 bytes to the right of [ 22.095658] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.096725] [ 22.096963] The buggy address belongs to the physical page: [ 22.097369] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.098159] flags: 0x200000000000000(node=0|zone=2) [ 22.098752] page_type: f5(slab) [ 22.099213] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.099987] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.100746] page dumped because: kasan: bad access detected [ 22.101305] [ 22.101522] Memory state around the buggy address: [ 22.102015] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.102680] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.103430] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.104073] ^ [ 22.104475] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105166] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105782] ================================================================== [ 24.345182] ================================================================== [ 24.345914] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 24.346555] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.347146] [ 24.347428] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.347552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.347594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.347656] Call Trace: [ 24.347710] <TASK> [ 24.347764] dump_stack_lvl+0x73/0xb0 [ 24.347892] print_report+0xd1/0x640 [ 24.347981] ? __virt_addr_valid+0x1db/0x2d0 [ 24.348062] ? kasan_atomics_helper+0x2007/0x5450 [ 24.348143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.348219] ? kasan_atomics_helper+0x2007/0x5450 [ 24.348316] kasan_report+0x140/0x180 [ 24.348397] ? kasan_atomics_helper+0x2007/0x5450 [ 24.348494] kasan_check_range+0x10c/0x1c0 [ 24.348571] __kasan_check_write+0x18/0x20 [ 24.348646] kasan_atomics_helper+0x2007/0x5450 [ 24.348732] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.348854] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.348939] ? trace_hardirqs_on+0x37/0xe0 [ 24.349035] kasan_atomics+0x1dd/0x310 [ 24.349115] ? __pfx_kasan_atomics+0x10/0x10 [ 24.349197] ? __pfx_read_tsc+0x10/0x10 [ 24.349285] ? ktime_get_ts64+0x84/0x230 [ 24.349366] kunit_try_run_case+0x1a6/0x480 [ 24.349438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.349470] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.349504] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.349542] ? __kthread_parkme+0x82/0x160 [ 24.349570] ? preempt_count_sub+0x50/0x80 [ 24.349602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.349631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.349669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.349707] kthread+0x257/0x310 [ 24.349733] ? __pfx_kthread+0x10/0x10 [ 24.349760] ret_from_fork+0x41/0x80 [ 24.349789] ? __pfx_kthread+0x10/0x10 [ 24.349835] ret_from_fork_asm+0x1a/0x30 [ 24.349915] </TASK> [ 24.349931] [ 24.368710] Allocated by task 270: [ 24.369668] kasan_save_stack+0x45/0x70 [ 24.370069] kasan_save_track+0x18/0x40 [ 24.370697] kasan_save_alloc_info+0x3b/0x50 [ 24.371500] __kasan_kmalloc+0xb7/0xc0 [ 24.372039] __kmalloc_cache_noprof+0x168/0x350 [ 24.372502] kasan_atomics+0x96/0x310 [ 24.372831] kunit_try_run_case+0x1a6/0x480 [ 24.373283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.373759] kthread+0x257/0x310 [ 24.374087] ret_from_fork+0x41/0x80 [ 24.374448] ret_from_fork_asm+0x1a/0x30 [ 24.374895] [ 24.375114] The buggy address belongs to the object at ffff888102314e80 [ 24.375114] which belongs to the cache kmalloc-64 of size 64 [ 24.376480] The buggy address is located 0 bytes to the right of [ 24.376480] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.378359] [ 24.378925] The buggy address belongs to the physical page: [ 24.379489] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.380084] flags: 0x200000000000000(node=0|zone=2) [ 24.380746] page_type: f5(slab) [ 24.381415] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.382258] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.383878] page dumped because: kasan: bad access detected [ 24.384449] [ 24.384940] Memory state around the buggy address: [ 24.385477] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.385721] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.386552] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.387427] ^ [ 24.387908] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.388471] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.389134] ================================================================== [ 24.561025] ================================================================== [ 24.561774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 24.562487] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.563121] [ 24.563476] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.563598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.563640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.563724] Call Trace: [ 24.563807] <TASK> [ 24.563890] dump_stack_lvl+0x73/0xb0 [ 24.563963] print_report+0xd1/0x640 [ 24.564042] ? __virt_addr_valid+0x1db/0x2d0 [ 24.564122] ? kasan_atomics_helper+0x4fa7/0x5450 [ 24.564199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.564298] ? kasan_atomics_helper+0x4fa7/0x5450 [ 24.564378] kasan_report+0x140/0x180 [ 24.564458] ? kasan_atomics_helper+0x4fa7/0x5450 [ 24.564551] __asan_report_load8_noabort+0x18/0x20 [ 24.564627] kasan_atomics_helper+0x4fa7/0x5450 [ 24.564727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.564875] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.564955] ? trace_hardirqs_on+0x37/0xe0 [ 24.565045] kasan_atomics+0x1dd/0x310 [ 24.565117] ? __pfx_kasan_atomics+0x10/0x10 [ 24.565194] ? __pfx_read_tsc+0x10/0x10 [ 24.565283] ? ktime_get_ts64+0x84/0x230 [ 24.565367] kunit_try_run_case+0x1a6/0x480 [ 24.565422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.565453] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.565484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.565521] ? __kthread_parkme+0x82/0x160 [ 24.565550] ? preempt_count_sub+0x50/0x80 [ 24.565582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.565611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.565649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.565687] kthread+0x257/0x310 [ 24.565713] ? __pfx_kthread+0x10/0x10 [ 24.565739] ret_from_fork+0x41/0x80 [ 24.565769] ? __pfx_kthread+0x10/0x10 [ 24.565794] ret_from_fork_asm+0x1a/0x30 [ 24.565872] </TASK> [ 24.565891] [ 24.579436] Allocated by task 270: [ 24.579824] kasan_save_stack+0x45/0x70 [ 24.580302] kasan_save_track+0x18/0x40 [ 24.580753] kasan_save_alloc_info+0x3b/0x50 [ 24.581306] __kasan_kmalloc+0xb7/0xc0 [ 24.581820] __kmalloc_cache_noprof+0x168/0x350 [ 24.582457] kasan_atomics+0x96/0x310 [ 24.582763] kunit_try_run_case+0x1a6/0x480 [ 24.583089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.583508] kthread+0x257/0x310 [ 24.583987] ret_from_fork+0x41/0x80 [ 24.584445] ret_from_fork_asm+0x1a/0x30 [ 24.584847] [ 24.585081] The buggy address belongs to the object at ffff888102314e80 [ 24.585081] which belongs to the cache kmalloc-64 of size 64 [ 24.586304] The buggy address is located 0 bytes to the right of [ 24.586304] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.587307] [ 24.587494] The buggy address belongs to the physical page: [ 24.587853] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.588591] flags: 0x200000000000000(node=0|zone=2) [ 24.589458] page_type: f5(slab) [ 24.589891] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.590593] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.591316] page dumped because: kasan: bad access detected [ 24.591796] [ 24.592027] Memory state around the buggy address: [ 24.592790] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.593366] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.594997] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.595755] ^ [ 24.596811] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.597571] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.598624] ================================================================== [ 24.600343] ================================================================== [ 24.601482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 24.602316] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.603362] [ 24.603618] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.603683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.603701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.603732] Call Trace: [ 24.603756] <TASK> [ 24.603778] dump_stack_lvl+0x73/0xb0 [ 24.603829] print_report+0xd1/0x640 [ 24.604190] ? __virt_addr_valid+0x1db/0x2d0 [ 24.604348] ? kasan_atomics_helper+0x224d/0x5450 [ 24.604428] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.604470] ? kasan_atomics_helper+0x224d/0x5450 [ 24.604507] kasan_report+0x140/0x180 [ 24.604544] ? kasan_atomics_helper+0x224d/0x5450 [ 24.604586] kasan_check_range+0x10c/0x1c0 [ 24.604617] __kasan_check_write+0x18/0x20 [ 24.604648] kasan_atomics_helper+0x224d/0x5450 [ 24.604685] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.604722] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.604753] ? trace_hardirqs_on+0x37/0xe0 [ 24.604793] kasan_atomics+0x1dd/0x310 [ 24.604833] ? __pfx_kasan_atomics+0x10/0x10 [ 24.604903] ? __pfx_read_tsc+0x10/0x10 [ 24.604933] ? ktime_get_ts64+0x84/0x230 [ 24.604971] kunit_try_run_case+0x1a6/0x480 [ 24.605005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.605035] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.605066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.605104] ? __kthread_parkme+0x82/0x160 [ 24.605132] ? preempt_count_sub+0x50/0x80 [ 24.605165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.605194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.605256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.605300] kthread+0x257/0x310 [ 24.605328] ? __pfx_kthread+0x10/0x10 [ 24.605355] ret_from_fork+0x41/0x80 [ 24.605386] ? __pfx_kthread+0x10/0x10 [ 24.605413] ret_from_fork_asm+0x1a/0x30 [ 24.605455] </TASK> [ 24.605471] [ 24.619180] Allocated by task 270: [ 24.619523] kasan_save_stack+0x45/0x70 [ 24.619876] kasan_save_track+0x18/0x40 [ 24.620341] kasan_save_alloc_info+0x3b/0x50 [ 24.621000] __kasan_kmalloc+0xb7/0xc0 [ 24.621490] __kmalloc_cache_noprof+0x168/0x350 [ 24.622080] kasan_atomics+0x96/0x310 [ 24.622497] kunit_try_run_case+0x1a6/0x480 [ 24.623024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.623540] kthread+0x257/0x310 [ 24.623825] ret_from_fork+0x41/0x80 [ 24.624133] ret_from_fork_asm+0x1a/0x30 [ 24.624536] [ 24.624804] The buggy address belongs to the object at ffff888102314e80 [ 24.624804] which belongs to the cache kmalloc-64 of size 64 [ 24.625844] The buggy address is located 0 bytes to the right of [ 24.625844] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.626762] [ 24.627097] The buggy address belongs to the physical page: [ 24.627649] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.628410] flags: 0x200000000000000(node=0|zone=2) [ 24.628985] page_type: f5(slab) [ 24.629354] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.630062] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.630625] page dumped because: kasan: bad access detected [ 24.630983] [ 24.631160] Memory state around the buggy address: [ 24.631701] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.633407] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.635492] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.636374] ^ [ 24.636908] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.637671] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.638481] ================================================================== [ 22.236754] ================================================================== [ 22.238591] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 22.239358] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.239967] [ 22.240337] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.240459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.240520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.240612] Call Trace: [ 22.240670] <TASK> [ 22.240724] dump_stack_lvl+0x73/0xb0 [ 22.240810] print_report+0xd1/0x640 [ 22.240911] ? __virt_addr_valid+0x1db/0x2d0 [ 22.240996] ? kasan_atomics_helper+0x566/0x5450 [ 22.241121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.241205] ? kasan_atomics_helper+0x566/0x5450 [ 22.241308] kasan_report+0x140/0x180 [ 22.241374] ? kasan_atomics_helper+0x566/0x5450 [ 22.241418] kasan_check_range+0x10c/0x1c0 [ 22.241449] __kasan_check_write+0x18/0x20 [ 22.241480] kasan_atomics_helper+0x566/0x5450 [ 22.241516] ? kasan_save_alloc_info+0x3b/0x50 [ 22.241546] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.241582] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.241613] ? trace_hardirqs_on+0x37/0xe0 [ 22.241652] kasan_atomics+0x1dd/0x310 [ 22.241681] ? __pfx_kasan_atomics+0x10/0x10 [ 22.241712] ? __pfx_read_tsc+0x10/0x10 [ 22.241738] ? ktime_get_ts64+0x84/0x230 [ 22.241774] kunit_try_run_case+0x1a6/0x480 [ 22.241807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.241875] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.241911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.241949] ? __kthread_parkme+0x82/0x160 [ 22.241977] ? preempt_count_sub+0x50/0x80 [ 22.242010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.242038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.242076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.242115] kthread+0x257/0x310 [ 22.242141] ? __pfx_kthread+0x10/0x10 [ 22.242169] ret_from_fork+0x41/0x80 [ 22.242199] ? __pfx_kthread+0x10/0x10 [ 22.242249] ret_from_fork_asm+0x1a/0x30 [ 22.242295] </TASK> [ 22.242311] [ 22.256084] Allocated by task 270: [ 22.256540] kasan_save_stack+0x45/0x70 [ 22.257172] kasan_save_track+0x18/0x40 [ 22.257649] kasan_save_alloc_info+0x3b/0x50 [ 22.258213] __kasan_kmalloc+0xb7/0xc0 [ 22.258644] __kmalloc_cache_noprof+0x168/0x350 [ 22.259001] kasan_atomics+0x96/0x310 [ 22.259498] kunit_try_run_case+0x1a6/0x480 [ 22.259970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.260551] kthread+0x257/0x310 [ 22.261025] ret_from_fork+0x41/0x80 [ 22.261453] ret_from_fork_asm+0x1a/0x30 [ 22.261901] [ 22.262146] The buggy address belongs to the object at ffff888102314e80 [ 22.262146] which belongs to the cache kmalloc-64 of size 64 [ 22.263152] The buggy address is located 0 bytes to the right of [ 22.263152] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.264280] [ 22.264451] The buggy address belongs to the physical page: [ 22.265041] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.265643] flags: 0x200000000000000(node=0|zone=2) [ 22.266004] page_type: f5(slab) [ 22.267519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.269070] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.269673] page dumped because: kasan: bad access detected [ 22.270529] [ 22.271010] Memory state around the buggy address: [ 22.271484] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.272091] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.272622] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.273119] ^ [ 22.273560] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274150] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274768] ================================================================== [ 22.196993] ================================================================== [ 22.197675] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 22.198512] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.199336] [ 22.199582] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.199754] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.199850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.199934] Call Trace: [ 22.200016] <TASK> [ 22.200065] dump_stack_lvl+0x73/0xb0 [ 22.200145] print_report+0xd1/0x640 [ 22.200218] ? __virt_addr_valid+0x1db/0x2d0 [ 22.200397] ? kasan_atomics_helper+0x4b3c/0x5450 [ 22.200549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.200630] ? kasan_atomics_helper+0x4b3c/0x5450 [ 22.200704] kasan_report+0x140/0x180 [ 22.200785] ? kasan_atomics_helper+0x4b3c/0x5450 [ 22.200875] __asan_report_store4_noabort+0x1b/0x30 [ 22.201011] kasan_atomics_helper+0x4b3c/0x5450 [ 22.201115] ? kasan_save_alloc_info+0x3b/0x50 [ 22.201188] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.201357] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.201434] ? trace_hardirqs_on+0x37/0xe0 [ 22.201499] kasan_atomics+0x1dd/0x310 [ 22.201530] ? __pfx_kasan_atomics+0x10/0x10 [ 22.201562] ? __pfx_read_tsc+0x10/0x10 [ 22.201590] ? ktime_get_ts64+0x84/0x230 [ 22.201626] kunit_try_run_case+0x1a6/0x480 [ 22.201660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.201688] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.201716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.201755] ? __kthread_parkme+0x82/0x160 [ 22.201783] ? preempt_count_sub+0x50/0x80 [ 22.201818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.201888] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.201927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.201965] kthread+0x257/0x310 [ 22.201991] ? __pfx_kthread+0x10/0x10 [ 22.202016] ret_from_fork+0x41/0x80 [ 22.202045] ? __pfx_kthread+0x10/0x10 [ 22.202070] ret_from_fork_asm+0x1a/0x30 [ 22.202111] </TASK> [ 22.202124] [ 22.217889] Allocated by task 270: [ 22.218257] kasan_save_stack+0x45/0x70 [ 22.218747] kasan_save_track+0x18/0x40 [ 22.219195] kasan_save_alloc_info+0x3b/0x50 [ 22.219661] __kasan_kmalloc+0xb7/0xc0 [ 22.220320] __kmalloc_cache_noprof+0x168/0x350 [ 22.220666] kasan_atomics+0x96/0x310 [ 22.221044] kunit_try_run_case+0x1a6/0x480 [ 22.221773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.222383] kthread+0x257/0x310 [ 22.222737] ret_from_fork+0x41/0x80 [ 22.223173] ret_from_fork_asm+0x1a/0x30 [ 22.223669] [ 22.223912] The buggy address belongs to the object at ffff888102314e80 [ 22.223912] which belongs to the cache kmalloc-64 of size 64 [ 22.224650] The buggy address is located 0 bytes to the right of [ 22.224650] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.225476] [ 22.225747] The buggy address belongs to the physical page: [ 22.226343] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.227191] flags: 0x200000000000000(node=0|zone=2) [ 22.227687] page_type: f5(slab) [ 22.228102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.228809] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.229605] page dumped because: kasan: bad access detected [ 22.230184] [ 22.230496] Memory state around the buggy address: [ 22.231012] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.231648] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.232421] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.233140] ^ [ 22.233626] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.234199] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.235007] ================================================================== [ 23.843114] ================================================================== [ 23.844551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 23.845487] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.846774] [ 23.847008] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.847268] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.847310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.847360] Call Trace: [ 23.847388] <TASK> [ 23.847415] dump_stack_lvl+0x73/0xb0 [ 23.847457] print_report+0xd1/0x640 [ 23.847494] ? __virt_addr_valid+0x1db/0x2d0 [ 23.847530] ? kasan_atomics_helper+0x194b/0x5450 [ 23.847564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.847599] ? kasan_atomics_helper+0x194b/0x5450 [ 23.847637] kasan_report+0x140/0x180 [ 23.847675] ? kasan_atomics_helper+0x194b/0x5450 [ 23.847717] kasan_check_range+0x10c/0x1c0 [ 23.847748] __kasan_check_write+0x18/0x20 [ 23.847779] kasan_atomics_helper+0x194b/0x5450 [ 23.847823] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.847947] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.848068] ? trace_hardirqs_on+0x37/0xe0 [ 23.848182] kasan_atomics+0x1dd/0x310 [ 23.848278] ? __pfx_kasan_atomics+0x10/0x10 [ 23.848318] ? __pfx_read_tsc+0x10/0x10 [ 23.848349] ? ktime_get_ts64+0x84/0x230 [ 23.848385] kunit_try_run_case+0x1a6/0x480 [ 23.848421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.848452] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.848483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.848521] ? __kthread_parkme+0x82/0x160 [ 23.848551] ? preempt_count_sub+0x50/0x80 [ 23.848585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.848614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.848651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.848690] kthread+0x257/0x310 [ 23.848718] ? __pfx_kthread+0x10/0x10 [ 23.848746] ret_from_fork+0x41/0x80 [ 23.848777] ? __pfx_kthread+0x10/0x10 [ 23.848803] ret_from_fork_asm+0x1a/0x30 [ 23.848874] </TASK> [ 23.848893] [ 23.864461] Allocated by task 270: [ 23.865005] kasan_save_stack+0x45/0x70 [ 23.865530] kasan_save_track+0x18/0x40 [ 23.866046] kasan_save_alloc_info+0x3b/0x50 [ 23.866585] __kasan_kmalloc+0xb7/0xc0 [ 23.867076] __kmalloc_cache_noprof+0x168/0x350 [ 23.867564] kasan_atomics+0x96/0x310 [ 23.868156] kunit_try_run_case+0x1a6/0x480 [ 23.868696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.869319] kthread+0x257/0x310 [ 23.869745] ret_from_fork+0x41/0x80 [ 23.870100] ret_from_fork_asm+0x1a/0x30 [ 23.870586] [ 23.871026] The buggy address belongs to the object at ffff888102314e80 [ 23.871026] which belongs to the cache kmalloc-64 of size 64 [ 23.872149] The buggy address is located 0 bytes to the right of [ 23.872149] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.873137] [ 23.873423] The buggy address belongs to the physical page: [ 23.874119] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.874892] flags: 0x200000000000000(node=0|zone=2) [ 23.875483] page_type: f5(slab) [ 23.875939] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.876682] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.877405] page dumped because: kasan: bad access detected [ 23.877906] [ 23.878086] Memory state around the buggy address: [ 23.878536] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.879345] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.880138] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.880656] ^ [ 23.881188] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.881741] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.882509] ================================================================== [ 22.795608] ================================================================== [ 22.796163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 22.796932] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.797528] [ 22.797820] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.797959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.797996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.798058] Call Trace: [ 22.798116] <TASK> [ 22.798175] dump_stack_lvl+0x73/0xb0 [ 22.798331] print_report+0xd1/0x640 [ 22.798449] ? __virt_addr_valid+0x1db/0x2d0 [ 22.798561] ? kasan_atomics_helper+0xd48/0x5450 [ 22.798673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.798757] ? kasan_atomics_helper+0xd48/0x5450 [ 22.798840] kasan_report+0x140/0x180 [ 22.798921] ? kasan_atomics_helper+0xd48/0x5450 [ 22.799019] kasan_check_range+0x10c/0x1c0 [ 22.799096] __kasan_check_write+0x18/0x20 [ 22.799167] kasan_atomics_helper+0xd48/0x5450 [ 22.799297] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.799385] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.799504] ? trace_hardirqs_on+0x37/0xe0 [ 22.799630] kasan_atomics+0x1dd/0x310 [ 22.799711] ? __pfx_kasan_atomics+0x10/0x10 [ 22.799791] ? __pfx_read_tsc+0x10/0x10 [ 22.799858] ? ktime_get_ts64+0x84/0x230 [ 22.799964] kunit_try_run_case+0x1a6/0x480 [ 22.800039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.800087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.800120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.800157] ? __kthread_parkme+0x82/0x160 [ 22.800184] ? preempt_count_sub+0x50/0x80 [ 22.800217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.800278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.800317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.800357] kthread+0x257/0x310 [ 22.800383] ? __pfx_kthread+0x10/0x10 [ 22.800411] ret_from_fork+0x41/0x80 [ 22.800440] ? __pfx_kthread+0x10/0x10 [ 22.800465] ret_from_fork_asm+0x1a/0x30 [ 22.800506] </TASK> [ 22.800521] [ 22.814566] Allocated by task 270: [ 22.815055] kasan_save_stack+0x45/0x70 [ 22.815556] kasan_save_track+0x18/0x40 [ 22.815997] kasan_save_alloc_info+0x3b/0x50 [ 22.816510] __kasan_kmalloc+0xb7/0xc0 [ 22.816990] __kmalloc_cache_noprof+0x168/0x350 [ 22.817488] kasan_atomics+0x96/0x310 [ 22.817935] kunit_try_run_case+0x1a6/0x480 [ 22.818410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.818942] kthread+0x257/0x310 [ 22.819353] ret_from_fork+0x41/0x80 [ 22.819664] ret_from_fork_asm+0x1a/0x30 [ 22.820285] [ 22.820561] The buggy address belongs to the object at ffff888102314e80 [ 22.820561] which belongs to the cache kmalloc-64 of size 64 [ 22.821925] The buggy address is located 0 bytes to the right of [ 22.821925] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.822887] [ 22.823126] The buggy address belongs to the physical page: [ 22.823673] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.825440] flags: 0x200000000000000(node=0|zone=2) [ 22.827188] page_type: f5(slab) [ 22.827555] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.828020] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.828753] page dumped because: kasan: bad access detected [ 22.829597] [ 22.829758] Memory state around the buggy address: [ 22.830589] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.831318] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.832106] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.833050] ^ [ 22.833538] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.834475] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.835012] ================================================================== [ 22.753254] ================================================================== [ 22.753897] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 22.754483] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.755089] [ 22.756251] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.756468] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.756585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.756694] Call Trace: [ 22.756756] <TASK> [ 22.756901] dump_stack_lvl+0x73/0xb0 [ 22.756992] print_report+0xd1/0x640 [ 22.757077] ? __virt_addr_valid+0x1db/0x2d0 [ 22.757146] ? kasan_atomics_helper+0x4a86/0x5450 [ 22.757186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.757242] ? kasan_atomics_helper+0x4a86/0x5450 [ 22.757289] kasan_report+0x140/0x180 [ 22.757327] ? kasan_atomics_helper+0x4a86/0x5450 [ 22.757370] __asan_report_load4_noabort+0x18/0x20 [ 22.757403] kasan_atomics_helper+0x4a86/0x5450 [ 22.757440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.757478] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.757509] ? trace_hardirqs_on+0x37/0xe0 [ 22.757550] kasan_atomics+0x1dd/0x310 [ 22.757579] ? __pfx_kasan_atomics+0x10/0x10 [ 22.757610] ? __pfx_read_tsc+0x10/0x10 [ 22.757638] ? ktime_get_ts64+0x84/0x230 [ 22.757674] kunit_try_run_case+0x1a6/0x480 [ 22.757708] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.757737] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.757767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.757803] ? __kthread_parkme+0x82/0x160 [ 22.757884] ? preempt_count_sub+0x50/0x80 [ 22.757919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.757949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.757986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.758025] kthread+0x257/0x310 [ 22.758052] ? __pfx_kthread+0x10/0x10 [ 22.758078] ret_from_fork+0x41/0x80 [ 22.758109] ? __pfx_kthread+0x10/0x10 [ 22.758135] ret_from_fork_asm+0x1a/0x30 [ 22.758178] </TASK> [ 22.758192] [ 22.774777] Allocated by task 270: [ 22.775250] kasan_save_stack+0x45/0x70 [ 22.775756] kasan_save_track+0x18/0x40 [ 22.776421] kasan_save_alloc_info+0x3b/0x50 [ 22.776914] __kasan_kmalloc+0xb7/0xc0 [ 22.777373] __kmalloc_cache_noprof+0x168/0x350 [ 22.778028] kasan_atomics+0x96/0x310 [ 22.778521] kunit_try_run_case+0x1a6/0x480 [ 22.778998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.779778] kthread+0x257/0x310 [ 22.780341] ret_from_fork+0x41/0x80 [ 22.780716] ret_from_fork_asm+0x1a/0x30 [ 22.781106] [ 22.781357] The buggy address belongs to the object at ffff888102314e80 [ 22.781357] which belongs to the cache kmalloc-64 of size 64 [ 22.782286] The buggy address is located 0 bytes to the right of [ 22.782286] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.783927] [ 22.784220] The buggy address belongs to the physical page: [ 22.785069] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.785738] flags: 0x200000000000000(node=0|zone=2) [ 22.786465] page_type: f5(slab) [ 22.787011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.787649] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.788627] page dumped because: kasan: bad access detected [ 22.788999] [ 22.789624] Memory state around the buggy address: [ 22.790320] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.791180] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.791895] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.792707] ^ [ 22.793361] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.793861] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.794408] ================================================================== [ 23.042777] ================================================================== [ 23.043585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 23.044276] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.044727] [ 23.044941] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.045059] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.045105] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.045250] Call Trace: [ 23.045314] <TASK> [ 23.045370] dump_stack_lvl+0x73/0xb0 [ 23.045459] print_report+0xd1/0x640 [ 23.045540] ? __virt_addr_valid+0x1db/0x2d0 [ 23.045624] ? kasan_atomics_helper+0x107a/0x5450 [ 23.045740] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.045816] ? kasan_atomics_helper+0x107a/0x5450 [ 23.045880] kasan_report+0x140/0x180 [ 23.045960] ? kasan_atomics_helper+0x107a/0x5450 [ 23.046087] kasan_check_range+0x10c/0x1c0 [ 23.046172] __kasan_check_write+0x18/0x20 [ 23.046300] kasan_atomics_helper+0x107a/0x5450 [ 23.046402] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.046522] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.046605] ? trace_hardirqs_on+0x37/0xe0 [ 23.046733] kasan_atomics+0x1dd/0x310 [ 23.046812] ? __pfx_kasan_atomics+0x10/0x10 [ 23.046907] ? __pfx_read_tsc+0x10/0x10 [ 23.046976] ? ktime_get_ts64+0x84/0x230 [ 23.047062] kunit_try_run_case+0x1a6/0x480 [ 23.047145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.047216] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.047328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.047407] ? __kthread_parkme+0x82/0x160 [ 23.047479] ? preempt_count_sub+0x50/0x80 [ 23.047556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.047625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.047706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.047793] kthread+0x257/0x310 [ 23.047865] ? __pfx_kthread+0x10/0x10 [ 23.047935] ret_from_fork+0x41/0x80 [ 23.048004] ? __pfx_kthread+0x10/0x10 [ 23.048077] ret_from_fork_asm+0x1a/0x30 [ 23.048175] </TASK> [ 23.048216] [ 23.061691] Allocated by task 270: [ 23.062265] kasan_save_stack+0x45/0x70 [ 23.062662] kasan_save_track+0x18/0x40 [ 23.063085] kasan_save_alloc_info+0x3b/0x50 [ 23.063811] __kasan_kmalloc+0xb7/0xc0 [ 23.064173] __kmalloc_cache_noprof+0x168/0x350 [ 23.064539] kasan_atomics+0x96/0x310 [ 23.064843] kunit_try_run_case+0x1a6/0x480 [ 23.065238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.065755] kthread+0x257/0x310 [ 23.066287] ret_from_fork+0x41/0x80 [ 23.066722] ret_from_fork_asm+0x1a/0x30 [ 23.067409] [ 23.067682] The buggy address belongs to the object at ffff888102314e80 [ 23.067682] which belongs to the cache kmalloc-64 of size 64 [ 23.068480] The buggy address is located 0 bytes to the right of [ 23.068480] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.069423] [ 23.069689] The buggy address belongs to the physical page: [ 23.070429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.071338] flags: 0x200000000000000(node=0|zone=2) [ 23.071696] page_type: f5(slab) [ 23.072153] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.072825] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.073423] page dumped because: kasan: bad access detected [ 23.073785] [ 23.074008] Memory state around the buggy address: [ 23.074473] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.075480] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.075920] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.076633] ^ [ 23.077819] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.078703] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.079642] ================================================================== [ 23.199264] ================================================================== [ 23.200155] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 23.201626] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.203150] [ 23.203568] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.203685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.203727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.203787] Call Trace: [ 23.203843] <TASK> [ 23.203895] dump_stack_lvl+0x73/0xb0 [ 23.203980] print_report+0xd1/0x640 [ 23.204066] ? __virt_addr_valid+0x1db/0x2d0 [ 23.204145] ? kasan_atomics_helper+0x1218/0x5450 [ 23.204183] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.204218] ? kasan_atomics_helper+0x1218/0x5450 [ 23.204289] kasan_report+0x140/0x180 [ 23.204327] ? kasan_atomics_helper+0x1218/0x5450 [ 23.204369] kasan_check_range+0x10c/0x1c0 [ 23.204399] __kasan_check_write+0x18/0x20 [ 23.204430] kasan_atomics_helper+0x1218/0x5450 [ 23.204465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.204502] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.204532] ? trace_hardirqs_on+0x37/0xe0 [ 23.204570] kasan_atomics+0x1dd/0x310 [ 23.204599] ? __pfx_kasan_atomics+0x10/0x10 [ 23.204630] ? __pfx_read_tsc+0x10/0x10 [ 23.204656] ? ktime_get_ts64+0x84/0x230 [ 23.204692] kunit_try_run_case+0x1a6/0x480 [ 23.204724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.204753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.204784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.204835] ? __kthread_parkme+0x82/0x160 [ 23.204895] ? preempt_count_sub+0x50/0x80 [ 23.204929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.204959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.204998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.205036] kthread+0x257/0x310 [ 23.205062] ? __pfx_kthread+0x10/0x10 [ 23.205089] ret_from_fork+0x41/0x80 [ 23.205118] ? __pfx_kthread+0x10/0x10 [ 23.205145] ret_from_fork_asm+0x1a/0x30 [ 23.205185] </TASK> [ 23.205200] [ 23.227320] Allocated by task 270: [ 23.228168] kasan_save_stack+0x45/0x70 [ 23.229017] kasan_save_track+0x18/0x40 [ 23.229466] kasan_save_alloc_info+0x3b/0x50 [ 23.229854] __kasan_kmalloc+0xb7/0xc0 [ 23.230311] __kmalloc_cache_noprof+0x168/0x350 [ 23.230767] kasan_atomics+0x96/0x310 [ 23.231492] kunit_try_run_case+0x1a6/0x480 [ 23.231843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.232730] kthread+0x257/0x310 [ 23.233303] ret_from_fork+0x41/0x80 [ 23.233753] ret_from_fork_asm+0x1a/0x30 [ 23.234221] [ 23.234486] The buggy address belongs to the object at ffff888102314e80 [ 23.234486] which belongs to the cache kmalloc-64 of size 64 [ 23.235486] The buggy address is located 0 bytes to the right of [ 23.235486] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.236523] [ 23.236773] The buggy address belongs to the physical page: [ 23.237245] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.238023] flags: 0x200000000000000(node=0|zone=2) [ 23.238517] page_type: f5(slab) [ 23.238932] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.239652] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.240332] page dumped because: kasan: bad access detected [ 23.240879] [ 23.241116] Memory state around the buggy address: [ 23.241589] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.242253] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.242892] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.243546] ^ [ 23.244083] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.244708] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.245384] ================================================================== [ 23.375304] ================================================================== [ 23.375831] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 23.376557] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.377000] [ 23.377213] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.377330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.377368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.377421] Call Trace: [ 23.377470] <TASK> [ 23.377513] dump_stack_lvl+0x73/0xb0 [ 23.377630] print_report+0xd1/0x640 [ 23.377729] ? __virt_addr_valid+0x1db/0x2d0 [ 23.377810] ? kasan_atomics_helper+0x13b6/0x5450 [ 23.377909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.377998] ? kasan_atomics_helper+0x13b6/0x5450 [ 23.378096] kasan_report+0x140/0x180 [ 23.378184] ? kasan_atomics_helper+0x13b6/0x5450 [ 23.378302] kasan_check_range+0x10c/0x1c0 [ 23.378385] __kasan_check_read+0x15/0x20 [ 23.378462] kasan_atomics_helper+0x13b6/0x5450 [ 23.378544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.378628] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.378703] ? trace_hardirqs_on+0x37/0xe0 [ 23.378794] kasan_atomics+0x1dd/0x310 [ 23.378890] ? __pfx_kasan_atomics+0x10/0x10 [ 23.378972] ? __pfx_read_tsc+0x10/0x10 [ 23.379040] ? ktime_get_ts64+0x84/0x230 [ 23.379129] kunit_try_run_case+0x1a6/0x480 [ 23.379213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.379323] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.379401] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.379481] ? __kthread_parkme+0x82/0x160 [ 23.379560] ? preempt_count_sub+0x50/0x80 [ 23.379641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.379712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.379794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.379904] kthread+0x257/0x310 [ 23.379974] ? __pfx_kthread+0x10/0x10 [ 23.380044] ret_from_fork+0x41/0x80 [ 23.380113] ? __pfx_kthread+0x10/0x10 [ 23.380179] ret_from_fork_asm+0x1a/0x30 [ 23.380298] </TASK> [ 23.380328] [ 23.394573] Allocated by task 270: [ 23.394972] kasan_save_stack+0x45/0x70 [ 23.395528] kasan_save_track+0x18/0x40 [ 23.395859] kasan_save_alloc_info+0x3b/0x50 [ 23.396204] __kasan_kmalloc+0xb7/0xc0 [ 23.396594] __kmalloc_cache_noprof+0x168/0x350 [ 23.397081] kasan_atomics+0x96/0x310 [ 23.397506] kunit_try_run_case+0x1a6/0x480 [ 23.398266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.398755] kthread+0x257/0x310 [ 23.399108] ret_from_fork+0x41/0x80 [ 23.400217] ret_from_fork_asm+0x1a/0x30 [ 23.400643] [ 23.400838] The buggy address belongs to the object at ffff888102314e80 [ 23.400838] which belongs to the cache kmalloc-64 of size 64 [ 23.403249] The buggy address is located 0 bytes to the right of [ 23.403249] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.404677] [ 23.404868] The buggy address belongs to the physical page: [ 23.405752] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.406728] flags: 0x200000000000000(node=0|zone=2) [ 23.407211] page_type: f5(slab) [ 23.407611] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.408184] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.408821] page dumped because: kasan: bad access detected [ 23.409303] [ 23.409519] Memory state around the buggy address: [ 23.410033] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.410579] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.411361] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.411839] ^ [ 23.412439] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.412915] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.413630] ================================================================== [ 23.333007] ================================================================== [ 23.333614] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 23.334357] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.335422] [ 23.335687] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.335805] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.335938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.336002] Call Trace: [ 23.336054] <TASK> [ 23.336105] dump_stack_lvl+0x73/0xb0 [ 23.336184] print_report+0xd1/0x640 [ 23.336282] ? __virt_addr_valid+0x1db/0x2d0 [ 23.336364] ? kasan_atomics_helper+0x49d0/0x5450 [ 23.336441] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.336519] ? kasan_atomics_helper+0x49d0/0x5450 [ 23.336599] kasan_report+0x140/0x180 [ 23.336682] ? kasan_atomics_helper+0x49d0/0x5450 [ 23.336930] __asan_report_load4_noabort+0x18/0x20 [ 23.337018] kasan_atomics_helper+0x49d0/0x5450 [ 23.337104] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.337186] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.337266] ? trace_hardirqs_on+0x37/0xe0 [ 23.337313] kasan_atomics+0x1dd/0x310 [ 23.337344] ? __pfx_kasan_atomics+0x10/0x10 [ 23.337375] ? __pfx_read_tsc+0x10/0x10 [ 23.337404] ? ktime_get_ts64+0x84/0x230 [ 23.337441] kunit_try_run_case+0x1a6/0x480 [ 23.337474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.337503] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.337532] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.337569] ? __kthread_parkme+0x82/0x160 [ 23.337597] ? preempt_count_sub+0x50/0x80 [ 23.337628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.337657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.337697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.337734] kthread+0x257/0x310 [ 23.337760] ? __pfx_kthread+0x10/0x10 [ 23.337787] ret_from_fork+0x41/0x80 [ 23.337838] ? __pfx_kthread+0x10/0x10 [ 23.337899] ret_from_fork_asm+0x1a/0x30 [ 23.337943] </TASK> [ 23.337959] [ 23.356760] Allocated by task 270: [ 23.357646] kasan_save_stack+0x45/0x70 [ 23.358053] kasan_save_track+0x18/0x40 [ 23.358461] kasan_save_alloc_info+0x3b/0x50 [ 23.358830] __kasan_kmalloc+0xb7/0xc0 [ 23.359285] __kmalloc_cache_noprof+0x168/0x350 [ 23.359705] kasan_atomics+0x96/0x310 [ 23.360253] kunit_try_run_case+0x1a6/0x480 [ 23.360641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.361213] kthread+0x257/0x310 [ 23.361601] ret_from_fork+0x41/0x80 [ 23.362008] ret_from_fork_asm+0x1a/0x30 [ 23.362361] [ 23.362588] The buggy address belongs to the object at ffff888102314e80 [ 23.362588] which belongs to the cache kmalloc-64 of size 64 [ 23.363612] The buggy address is located 0 bytes to the right of [ 23.363612] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.364441] [ 23.364676] The buggy address belongs to the physical page: [ 23.365184] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.365801] flags: 0x200000000000000(node=0|zone=2) [ 23.366427] page_type: f5(slab) [ 23.366914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.367553] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.368203] page dumped because: kasan: bad access detected [ 23.369566] [ 23.369780] Memory state around the buggy address: [ 23.370258] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.370881] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.371466] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.372255] ^ [ 23.372616] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.373297] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.373941] ================================================================== [ 24.515951] ================================================================== [ 24.516572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 24.517182] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.517775] [ 24.518077] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.518182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.518222] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.518305] Call Trace: [ 24.518357] <TASK> [ 24.518408] dump_stack_lvl+0x73/0xb0 [ 24.518531] print_report+0xd1/0x640 [ 24.518609] ? __virt_addr_valid+0x1db/0x2d0 [ 24.518690] ? kasan_atomics_helper+0x218b/0x5450 [ 24.518766] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.518893] ? kasan_atomics_helper+0x218b/0x5450 [ 24.518997] kasan_report+0x140/0x180 [ 24.519110] ? kasan_atomics_helper+0x218b/0x5450 [ 24.519215] kasan_check_range+0x10c/0x1c0 [ 24.519333] __kasan_check_write+0x18/0x20 [ 24.519408] kasan_atomics_helper+0x218b/0x5450 [ 24.519485] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.519568] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.519642] ? trace_hardirqs_on+0x37/0xe0 [ 24.519735] kasan_atomics+0x1dd/0x310 [ 24.519808] ? __pfx_kasan_atomics+0x10/0x10 [ 24.519967] ? __pfx_read_tsc+0x10/0x10 [ 24.520040] ? ktime_get_ts64+0x84/0x230 [ 24.520169] kunit_try_run_case+0x1a6/0x480 [ 24.520271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.520342] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.520390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.520430] ? __kthread_parkme+0x82/0x160 [ 24.520460] ? preempt_count_sub+0x50/0x80 [ 24.520492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.520522] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.520560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.520598] kthread+0x257/0x310 [ 24.520624] ? __pfx_kthread+0x10/0x10 [ 24.520651] ret_from_fork+0x41/0x80 [ 24.520680] ? __pfx_kthread+0x10/0x10 [ 24.520707] ret_from_fork_asm+0x1a/0x30 [ 24.520748] </TASK> [ 24.520763] [ 24.534488] Allocated by task 270: [ 24.535036] kasan_save_stack+0x45/0x70 [ 24.535492] kasan_save_track+0x18/0x40 [ 24.536104] kasan_save_alloc_info+0x3b/0x50 [ 24.536640] __kasan_kmalloc+0xb7/0xc0 [ 24.539582] __kmalloc_cache_noprof+0x168/0x350 [ 24.540002] kasan_atomics+0x96/0x310 [ 24.541668] kunit_try_run_case+0x1a6/0x480 [ 24.542202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.543024] kthread+0x257/0x310 [ 24.543352] ret_from_fork+0x41/0x80 [ 24.543604] ret_from_fork_asm+0x1a/0x30 [ 24.544977] [ 24.545640] The buggy address belongs to the object at ffff888102314e80 [ 24.545640] which belongs to the cache kmalloc-64 of size 64 [ 24.546645] The buggy address is located 0 bytes to the right of [ 24.546645] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.547297] [ 24.548469] The buggy address belongs to the physical page: [ 24.549529] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.550405] flags: 0x200000000000000(node=0|zone=2) [ 24.550701] page_type: f5(slab) [ 24.550927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.552197] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.553086] page dumped because: kasan: bad access detected [ 24.555142] [ 24.555393] Memory state around the buggy address: [ 24.556075] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.556689] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.557342] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.557993] ^ [ 24.558540] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.559283] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.559955] ================================================================== [ 23.797190] ================================================================== [ 23.797975] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 23.798643] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.799133] [ 23.799392] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.799511] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.799550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.799616] Call Trace: [ 23.799673] <TASK> [ 23.799761] dump_stack_lvl+0x73/0xb0 [ 23.799871] print_report+0xd1/0x640 [ 23.799946] ? __virt_addr_valid+0x1db/0x2d0 [ 23.800028] ? kasan_atomics_helper+0x18b2/0x5450 [ 23.800106] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.800185] ? kasan_atomics_helper+0x18b2/0x5450 [ 23.800288] kasan_report+0x140/0x180 [ 23.800370] ? kasan_atomics_helper+0x18b2/0x5450 [ 23.800469] kasan_check_range+0x10c/0x1c0 [ 23.800545] __kasan_check_write+0x18/0x20 [ 23.800618] kasan_atomics_helper+0x18b2/0x5450 [ 23.800739] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.800863] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.800947] ? trace_hardirqs_on+0x37/0xe0 [ 23.801034] kasan_atomics+0x1dd/0x310 [ 23.801109] ? __pfx_kasan_atomics+0x10/0x10 [ 23.801182] ? __pfx_read_tsc+0x10/0x10 [ 23.801272] ? ktime_get_ts64+0x84/0x230 [ 23.801356] kunit_try_run_case+0x1a6/0x480 [ 23.801436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.801504] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.801576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.801655] ? __kthread_parkme+0x82/0x160 [ 23.801723] ? preempt_count_sub+0x50/0x80 [ 23.801804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.801896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.801939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.801980] kthread+0x257/0x310 [ 23.802007] ? __pfx_kthread+0x10/0x10 [ 23.802034] ret_from_fork+0x41/0x80 [ 23.802066] ? __pfx_kthread+0x10/0x10 [ 23.802093] ret_from_fork_asm+0x1a/0x30 [ 23.802135] </TASK> [ 23.802149] [ 23.820288] Allocated by task 270: [ 23.821550] kasan_save_stack+0x45/0x70 [ 23.822430] kasan_save_track+0x18/0x40 [ 23.822957] kasan_save_alloc_info+0x3b/0x50 [ 23.823425] __kasan_kmalloc+0xb7/0xc0 [ 23.823738] __kmalloc_cache_noprof+0x168/0x350 [ 23.824769] kasan_atomics+0x96/0x310 [ 23.825504] kunit_try_run_case+0x1a6/0x480 [ 23.825992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.826751] kthread+0x257/0x310 [ 23.827216] ret_from_fork+0x41/0x80 [ 23.827580] ret_from_fork_asm+0x1a/0x30 [ 23.828328] [ 23.828970] The buggy address belongs to the object at ffff888102314e80 [ 23.828970] which belongs to the cache kmalloc-64 of size 64 [ 23.830263] The buggy address is located 0 bytes to the right of [ 23.830263] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.831666] [ 23.831852] The buggy address belongs to the physical page: [ 23.832472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.833441] flags: 0x200000000000000(node=0|zone=2) [ 23.834456] page_type: f5(slab) [ 23.834780] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.835701] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.836422] page dumped because: kasan: bad access detected [ 23.836845] [ 23.837013] Memory state around the buggy address: [ 23.837381] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.838346] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.838805] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.839457] ^ [ 23.839918] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.841024] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.841863] ================================================================== [ 24.640055] ================================================================== [ 24.641484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 24.642300] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.642787] [ 24.642967] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.643030] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.643048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.643080] Call Trace: [ 24.643106] <TASK> [ 24.643129] dump_stack_lvl+0x73/0xb0 [ 24.643170] print_report+0xd1/0x640 [ 24.643206] ? __virt_addr_valid+0x1db/0x2d0 [ 24.643291] ? kasan_atomics_helper+0x5117/0x5450 [ 24.643370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.643452] ? kasan_atomics_helper+0x5117/0x5450 [ 24.643534] kasan_report+0x140/0x180 [ 24.643620] ? kasan_atomics_helper+0x5117/0x5450 [ 24.643715] __asan_report_load8_noabort+0x18/0x20 [ 24.643797] kasan_atomics_helper+0x5117/0x5450 [ 24.644324] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.644380] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.644416] ? trace_hardirqs_on+0x37/0xe0 [ 24.644460] kasan_atomics+0x1dd/0x310 [ 24.644490] ? __pfx_kasan_atomics+0x10/0x10 [ 24.644521] ? __pfx_read_tsc+0x10/0x10 [ 24.644549] ? ktime_get_ts64+0x84/0x230 [ 24.644585] kunit_try_run_case+0x1a6/0x480 [ 24.644619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.644650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.644680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.644717] ? __kthread_parkme+0x82/0x160 [ 24.644746] ? preempt_count_sub+0x50/0x80 [ 24.644778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.644807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.644900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.644942] kthread+0x257/0x310 [ 24.644970] ? __pfx_kthread+0x10/0x10 [ 24.644997] ret_from_fork+0x41/0x80 [ 24.645027] ? __pfx_kthread+0x10/0x10 [ 24.645054] ret_from_fork_asm+0x1a/0x30 [ 24.645097] </TASK> [ 24.645112] [ 24.658667] Allocated by task 270: [ 24.659060] kasan_save_stack+0x45/0x70 [ 24.659703] kasan_save_track+0x18/0x40 [ 24.660024] kasan_save_alloc_info+0x3b/0x50 [ 24.660384] __kasan_kmalloc+0xb7/0xc0 [ 24.660800] __kmalloc_cache_noprof+0x168/0x350 [ 24.661342] kasan_atomics+0x96/0x310 [ 24.661755] kunit_try_run_case+0x1a6/0x480 [ 24.662421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.663020] kthread+0x257/0x310 [ 24.663411] ret_from_fork+0x41/0x80 [ 24.663784] ret_from_fork_asm+0x1a/0x30 [ 24.664242] [ 24.664472] The buggy address belongs to the object at ffff888102314e80 [ 24.664472] which belongs to the cache kmalloc-64 of size 64 [ 24.665455] The buggy address is located 0 bytes to the right of [ 24.665455] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.666524] [ 24.666789] The buggy address belongs to the physical page: [ 24.668253] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.669765] flags: 0x200000000000000(node=0|zone=2) [ 24.670285] page_type: f5(slab) [ 24.670698] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.671308] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.671907] page dumped because: kasan: bad access detected [ 24.672488] [ 24.672727] Memory state around the buggy address: [ 24.673176] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.673889] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.674516] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.675171] ^ [ 24.675579] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.676321] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.676971] ================================================================== [ 23.081511] ================================================================== [ 23.082797] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 23.084048] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.084561] [ 23.084675] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.084740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.084757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.084789] Call Trace: [ 23.084830] <TASK> [ 23.085085] dump_stack_lvl+0x73/0xb0 [ 23.085267] print_report+0xd1/0x640 [ 23.085371] ? __virt_addr_valid+0x1db/0x2d0 [ 23.085458] ? kasan_atomics_helper+0x4a1e/0x5450 [ 23.085536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.085612] ? kasan_atomics_helper+0x4a1e/0x5450 [ 23.085671] kasan_report+0x140/0x180 [ 23.085712] ? kasan_atomics_helper+0x4a1e/0x5450 [ 23.085754] __asan_report_load4_noabort+0x18/0x20 [ 23.085789] kasan_atomics_helper+0x4a1e/0x5450 [ 23.085865] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.085910] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.085943] ? trace_hardirqs_on+0x37/0xe0 [ 23.085984] kasan_atomics+0x1dd/0x310 [ 23.086014] ? __pfx_kasan_atomics+0x10/0x10 [ 23.086046] ? __pfx_read_tsc+0x10/0x10 [ 23.086075] ? ktime_get_ts64+0x84/0x230 [ 23.086112] kunit_try_run_case+0x1a6/0x480 [ 23.086146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.086177] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.086208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.086293] ? __kthread_parkme+0x82/0x160 [ 23.086338] ? preempt_count_sub+0x50/0x80 [ 23.086372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.086402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.086441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.086481] kthread+0x257/0x310 [ 23.086508] ? __pfx_kthread+0x10/0x10 [ 23.086535] ret_from_fork+0x41/0x80 [ 23.086566] ? __pfx_kthread+0x10/0x10 [ 23.086592] ret_from_fork_asm+0x1a/0x30 [ 23.086635] </TASK> [ 23.086650] [ 23.100305] Allocated by task 270: [ 23.100722] kasan_save_stack+0x45/0x70 [ 23.101220] kasan_save_track+0x18/0x40 [ 23.101587] kasan_save_alloc_info+0x3b/0x50 [ 23.101966] __kasan_kmalloc+0xb7/0xc0 [ 23.102435] __kmalloc_cache_noprof+0x168/0x350 [ 23.102967] kasan_atomics+0x96/0x310 [ 23.103395] kunit_try_run_case+0x1a6/0x480 [ 23.103941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.104514] kthread+0x257/0x310 [ 23.104942] ret_from_fork+0x41/0x80 [ 23.105270] ret_from_fork_asm+0x1a/0x30 [ 23.105695] [ 23.106029] The buggy address belongs to the object at ffff888102314e80 [ 23.106029] which belongs to the cache kmalloc-64 of size 64 [ 23.106994] The buggy address is located 0 bytes to the right of [ 23.106994] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.108927] [ 23.109517] The buggy address belongs to the physical page: [ 23.110349] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.111054] flags: 0x200000000000000(node=0|zone=2) [ 23.111434] page_type: f5(slab) [ 23.111771] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.112605] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.113127] page dumped because: kasan: bad access detected [ 23.113748] [ 23.114217] Memory state around the buggy address: [ 23.114686] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.115557] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.116323] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.117265] ^ [ 23.117983] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.118618] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.119195] ================================================================== [ 22.322153] ================================================================== [ 22.323481] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 22.324209] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.324966] [ 22.325264] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.325428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.325474] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.325540] Call Trace: [ 22.325597] <TASK> [ 22.325654] dump_stack_lvl+0x73/0xb0 [ 22.325793] print_report+0xd1/0x640 [ 22.325917] ? __virt_addr_valid+0x1db/0x2d0 [ 22.326003] ? kasan_atomics_helper+0x698/0x5450 [ 22.326118] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.326203] ? kasan_atomics_helper+0x698/0x5450 [ 22.326296] kasan_report+0x140/0x180 [ 22.326338] ? kasan_atomics_helper+0x698/0x5450 [ 22.326379] kasan_check_range+0x10c/0x1c0 [ 22.326409] __kasan_check_write+0x18/0x20 [ 22.326458] kasan_atomics_helper+0x698/0x5450 [ 22.326521] ? kasan_save_alloc_info+0x3b/0x50 [ 22.326553] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.326589] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.326620] ? trace_hardirqs_on+0x37/0xe0 [ 22.326660] kasan_atomics+0x1dd/0x310 [ 22.326690] ? __pfx_kasan_atomics+0x10/0x10 [ 22.326721] ? __pfx_read_tsc+0x10/0x10 [ 22.326749] ? ktime_get_ts64+0x84/0x230 [ 22.326785] kunit_try_run_case+0x1a6/0x480 [ 22.326846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.326898] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.326932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.326970] ? __kthread_parkme+0x82/0x160 [ 22.327000] ? preempt_count_sub+0x50/0x80 [ 22.327033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.327061] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.327099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.327136] kthread+0x257/0x310 [ 22.327161] ? __pfx_kthread+0x10/0x10 [ 22.327188] ret_from_fork+0x41/0x80 [ 22.327216] ? __pfx_kthread+0x10/0x10 [ 22.327286] ret_from_fork_asm+0x1a/0x30 [ 22.327328] </TASK> [ 22.327345] [ 22.341352] Allocated by task 270: [ 22.341803] kasan_save_stack+0x45/0x70 [ 22.342311] kasan_save_track+0x18/0x40 [ 22.342763] kasan_save_alloc_info+0x3b/0x50 [ 22.343298] __kasan_kmalloc+0xb7/0xc0 [ 22.343732] __kmalloc_cache_noprof+0x168/0x350 [ 22.344240] kasan_atomics+0x96/0x310 [ 22.344650] kunit_try_run_case+0x1a6/0x480 [ 22.345121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.345543] kthread+0x257/0x310 [ 22.345841] ret_from_fork+0x41/0x80 [ 22.346150] ret_from_fork_asm+0x1a/0x30 [ 22.346603] [ 22.346870] The buggy address belongs to the object at ffff888102314e80 [ 22.346870] which belongs to the cache kmalloc-64 of size 64 [ 22.348194] The buggy address is located 0 bytes to the right of [ 22.348194] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.348943] [ 22.349300] The buggy address belongs to the physical page: [ 22.349840] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.351976] flags: 0x200000000000000(node=0|zone=2) [ 22.352508] page_type: f5(slab) [ 22.352897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.353771] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.354717] page dumped because: kasan: bad access detected [ 22.355324] [ 22.355545] Memory state around the buggy address: [ 22.356057] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.356743] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.357190] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.357865] ^ [ 22.358383] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.358950] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.359645] ================================================================== [ 23.160126] ================================================================== [ 23.161403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 23.162285] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.163115] [ 23.163480] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.163650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.163716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.163781] Call Trace: [ 23.163833] <TASK> [ 23.163887] dump_stack_lvl+0x73/0xb0 [ 23.163967] print_report+0xd1/0x640 [ 23.164068] ? __virt_addr_valid+0x1db/0x2d0 [ 23.164195] ? kasan_atomics_helper+0x4a04/0x5450 [ 23.164315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.164399] ? kasan_atomics_helper+0x4a04/0x5450 [ 23.164568] kasan_report+0x140/0x180 [ 23.164654] ? kasan_atomics_helper+0x4a04/0x5450 [ 23.164747] __asan_report_load4_noabort+0x18/0x20 [ 23.164827] kasan_atomics_helper+0x4a04/0x5450 [ 23.164912] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.164996] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.165129] ? trace_hardirqs_on+0x37/0xe0 [ 23.165309] kasan_atomics+0x1dd/0x310 [ 23.165417] ? __pfx_kasan_atomics+0x10/0x10 [ 23.165492] ? __pfx_read_tsc+0x10/0x10 [ 23.165561] ? ktime_get_ts64+0x84/0x230 [ 23.165610] kunit_try_run_case+0x1a6/0x480 [ 23.165647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.165678] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.165711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.165751] ? __kthread_parkme+0x82/0x160 [ 23.165780] ? preempt_count_sub+0x50/0x80 [ 23.165814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.165887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.165931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.165970] kthread+0x257/0x310 [ 23.165998] ? __pfx_kthread+0x10/0x10 [ 23.166025] ret_from_fork+0x41/0x80 [ 23.166055] ? __pfx_kthread+0x10/0x10 [ 23.166082] ret_from_fork_asm+0x1a/0x30 [ 23.166123] </TASK> [ 23.166138] [ 23.180472] Allocated by task 270: [ 23.180933] kasan_save_stack+0x45/0x70 [ 23.181514] kasan_save_track+0x18/0x40 [ 23.182332] kasan_save_alloc_info+0x3b/0x50 [ 23.182866] __kasan_kmalloc+0xb7/0xc0 [ 23.183351] __kmalloc_cache_noprof+0x168/0x350 [ 23.183833] kasan_atomics+0x96/0x310 [ 23.184248] kunit_try_run_case+0x1a6/0x480 [ 23.184582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.185019] kthread+0x257/0x310 [ 23.185423] ret_from_fork+0x41/0x80 [ 23.185993] ret_from_fork_asm+0x1a/0x30 [ 23.186510] [ 23.186829] The buggy address belongs to the object at ffff888102314e80 [ 23.186829] which belongs to the cache kmalloc-64 of size 64 [ 23.187683] The buggy address is located 0 bytes to the right of [ 23.187683] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.188840] [ 23.189217] The buggy address belongs to the physical page: [ 23.189908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.190492] flags: 0x200000000000000(node=0|zone=2) [ 23.190847] page_type: f5(slab) [ 23.191311] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.192009] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.192902] page dumped because: kasan: bad access detected [ 23.193497] [ 23.193757] Memory state around the buggy address: [ 23.194311] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.194757] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.195332] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.196003] ^ [ 23.196551] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.197325] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.198021] ================================================================== [ 23.414840] ================================================================== [ 23.415800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 23.416411] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.417399] [ 23.417676] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.417838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.417914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.417982] Call Trace: [ 23.418039] <TASK> [ 23.418091] dump_stack_lvl+0x73/0xb0 [ 23.418179] print_report+0xd1/0x640 [ 23.418281] ? __virt_addr_valid+0x1db/0x2d0 [ 23.418366] ? kasan_atomics_helper+0x4eb0/0x5450 [ 23.418462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.418574] ? kasan_atomics_helper+0x4eb0/0x5450 [ 23.418653] kasan_report+0x140/0x180 [ 23.418736] ? kasan_atomics_helper+0x4eb0/0x5450 [ 23.418829] __asan_report_load8_noabort+0x18/0x20 [ 23.418938] kasan_atomics_helper+0x4eb0/0x5450 [ 23.419069] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.419186] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.419293] ? trace_hardirqs_on+0x37/0xe0 [ 23.419386] kasan_atomics+0x1dd/0x310 [ 23.419447] ? __pfx_kasan_atomics+0x10/0x10 [ 23.419482] ? __pfx_read_tsc+0x10/0x10 [ 23.419510] ? ktime_get_ts64+0x84/0x230 [ 23.419548] kunit_try_run_case+0x1a6/0x480 [ 23.419583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.419613] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.419644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.419681] ? __kthread_parkme+0x82/0x160 [ 23.419710] ? preempt_count_sub+0x50/0x80 [ 23.419742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.419772] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.419810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.419892] kthread+0x257/0x310 [ 23.419925] ? __pfx_kthread+0x10/0x10 [ 23.419956] ret_from_fork+0x41/0x80 [ 23.419989] ? __pfx_kthread+0x10/0x10 [ 23.420019] ret_from_fork_asm+0x1a/0x30 [ 23.420062] </TASK> [ 23.420077] [ 23.435187] Allocated by task 270: [ 23.435643] kasan_save_stack+0x45/0x70 [ 23.436267] kasan_save_track+0x18/0x40 [ 23.436733] kasan_save_alloc_info+0x3b/0x50 [ 23.437326] __kasan_kmalloc+0xb7/0xc0 [ 23.437771] __kmalloc_cache_noprof+0x168/0x350 [ 23.438287] kasan_atomics+0x96/0x310 [ 23.438598] kunit_try_run_case+0x1a6/0x480 [ 23.439251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.440078] kthread+0x257/0x310 [ 23.440536] ret_from_fork+0x41/0x80 [ 23.440994] ret_from_fork_asm+0x1a/0x30 [ 23.441418] [ 23.441671] The buggy address belongs to the object at ffff888102314e80 [ 23.441671] which belongs to the cache kmalloc-64 of size 64 [ 23.442855] The buggy address is located 0 bytes to the right of [ 23.442855] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.443947] [ 23.444133] The buggy address belongs to the physical page: [ 23.444671] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.445532] flags: 0x200000000000000(node=0|zone=2) [ 23.446139] page_type: f5(slab) [ 23.446557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.447386] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.448174] page dumped because: kasan: bad access detected [ 23.448738] [ 23.449067] Memory state around the buggy address: [ 23.449579] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.450321] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.451105] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.451792] ^ [ 23.452387] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.453068] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.453751] ================================================================== [ 22.492920] ================================================================== [ 22.493535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 22.494444] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.495271] [ 22.495490] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.495608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.495645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.495703] Call Trace: [ 22.495755] <TASK> [ 22.495894] dump_stack_lvl+0x73/0xb0 [ 22.496044] print_report+0xd1/0x640 [ 22.496181] ? __virt_addr_valid+0x1db/0x2d0 [ 22.496348] ? kasan_atomics_helper+0x8fa/0x5450 [ 22.496469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.496559] ? kasan_atomics_helper+0x8fa/0x5450 [ 22.496643] kasan_report+0x140/0x180 [ 22.496725] ? kasan_atomics_helper+0x8fa/0x5450 [ 22.496897] kasan_check_range+0x10c/0x1c0 [ 22.496985] __kasan_check_write+0x18/0x20 [ 22.497060] kasan_atomics_helper+0x8fa/0x5450 [ 22.497121] ? kasan_save_alloc_info+0x3b/0x50 [ 22.497157] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.497196] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.497256] ? trace_hardirqs_on+0x37/0xe0 [ 22.497302] kasan_atomics+0x1dd/0x310 [ 22.497334] ? __pfx_kasan_atomics+0x10/0x10 [ 22.497367] ? __pfx_read_tsc+0x10/0x10 [ 22.497396] ? ktime_get_ts64+0x84/0x230 [ 22.497432] kunit_try_run_case+0x1a6/0x480 [ 22.497465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.497494] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.497525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.497562] ? __kthread_parkme+0x82/0x160 [ 22.497590] ? preempt_count_sub+0x50/0x80 [ 22.497621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.497649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.497686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.497725] kthread+0x257/0x310 [ 22.497751] ? __pfx_kthread+0x10/0x10 [ 22.497778] ret_from_fork+0x41/0x80 [ 22.497807] ? __pfx_kthread+0x10/0x10 [ 22.497883] ret_from_fork_asm+0x1a/0x30 [ 22.497928] </TASK> [ 22.497943] [ 22.517830] Allocated by task 270: [ 22.518255] kasan_save_stack+0x45/0x70 [ 22.518600] kasan_save_track+0x18/0x40 [ 22.519660] kasan_save_alloc_info+0x3b/0x50 [ 22.520194] __kasan_kmalloc+0xb7/0xc0 [ 22.520558] __kmalloc_cache_noprof+0x168/0x350 [ 22.521582] kasan_atomics+0x96/0x310 [ 22.521889] kunit_try_run_case+0x1a6/0x480 [ 22.522612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.523301] kthread+0x257/0x310 [ 22.523607] ret_from_fork+0x41/0x80 [ 22.524007] ret_from_fork_asm+0x1a/0x30 [ 22.524847] [ 22.525058] The buggy address belongs to the object at ffff888102314e80 [ 22.525058] which belongs to the cache kmalloc-64 of size 64 [ 22.526184] The buggy address is located 0 bytes to the right of [ 22.526184] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.527296] [ 22.527588] The buggy address belongs to the physical page: [ 22.528152] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.529176] flags: 0x200000000000000(node=0|zone=2) [ 22.529573] page_type: f5(slab) [ 22.529910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.531039] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.531606] page dumped because: kasan: bad access detected [ 22.532857] [ 22.533028] Memory state around the buggy address: [ 22.533352] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.534318] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.534843] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.535369] ^ [ 22.535735] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.537388] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.537886] ================================================================== [ 23.709289] ================================================================== [ 23.710134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 23.710850] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.711493] [ 23.711743] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.711879] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.711918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.711982] Call Trace: [ 23.712032] <TASK> [ 23.712082] dump_stack_lvl+0x73/0xb0 [ 23.712164] print_report+0xd1/0x640 [ 23.712262] ? __virt_addr_valid+0x1db/0x2d0 [ 23.712347] ? kasan_atomics_helper+0x1780/0x5450 [ 23.712427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.712552] ? kasan_atomics_helper+0x1780/0x5450 [ 23.712674] kasan_report+0x140/0x180 [ 23.712765] ? kasan_atomics_helper+0x1780/0x5450 [ 23.712929] kasan_check_range+0x10c/0x1c0 [ 23.713026] __kasan_check_write+0x18/0x20 [ 23.713098] kasan_atomics_helper+0x1780/0x5450 [ 23.713182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.713287] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.713364] ? trace_hardirqs_on+0x37/0xe0 [ 23.713491] kasan_atomics+0x1dd/0x310 [ 23.713571] ? __pfx_kasan_atomics+0x10/0x10 [ 23.713646] ? __pfx_read_tsc+0x10/0x10 [ 23.713755] ? ktime_get_ts64+0x84/0x230 [ 23.713842] kunit_try_run_case+0x1a6/0x480 [ 23.713958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.714030] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.714104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.714243] ? __kthread_parkme+0x82/0x160 [ 23.714321] ? preempt_count_sub+0x50/0x80 [ 23.714402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.714451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.714492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.714532] kthread+0x257/0x310 [ 23.714559] ? __pfx_kthread+0x10/0x10 [ 23.714587] ret_from_fork+0x41/0x80 [ 23.714617] ? __pfx_kthread+0x10/0x10 [ 23.714644] ret_from_fork_asm+0x1a/0x30 [ 23.714686] </TASK> [ 23.714701] [ 23.733717] Allocated by task 270: [ 23.734435] kasan_save_stack+0x45/0x70 [ 23.735167] kasan_save_track+0x18/0x40 [ 23.735550] kasan_save_alloc_info+0x3b/0x50 [ 23.736168] __kasan_kmalloc+0xb7/0xc0 [ 23.736595] __kmalloc_cache_noprof+0x168/0x350 [ 23.737451] kasan_atomics+0x96/0x310 [ 23.737772] kunit_try_run_case+0x1a6/0x480 [ 23.738490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.739075] kthread+0x257/0x310 [ 23.739379] ret_from_fork+0x41/0x80 [ 23.739731] ret_from_fork_asm+0x1a/0x30 [ 23.740673] [ 23.740863] The buggy address belongs to the object at ffff888102314e80 [ 23.740863] which belongs to the cache kmalloc-64 of size 64 [ 23.742267] The buggy address is located 0 bytes to the right of [ 23.742267] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.743408] [ 23.743639] The buggy address belongs to the physical page: [ 23.745882] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.746383] flags: 0x200000000000000(node=0|zone=2) [ 23.746706] page_type: f5(slab) [ 23.746966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.747387] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.747761] page dumped because: kasan: bad access detected [ 23.748048] [ 23.748212] Memory state around the buggy address: [ 23.751144] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.752951] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.754657] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.756142] ^ [ 23.756560] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.757167] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.757791] ================================================================== [ 24.222899] ================================================================== [ 24.223623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 24.224213] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.224815] [ 24.225083] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.225207] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.225264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.225331] Call Trace: [ 24.225390] <TASK> [ 24.225448] dump_stack_lvl+0x73/0xb0 [ 24.225543] print_report+0xd1/0x640 [ 24.225631] ? __virt_addr_valid+0x1db/0x2d0 [ 24.225711] ? kasan_atomics_helper+0x1eab/0x5450 [ 24.225785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.225869] ? kasan_atomics_helper+0x1eab/0x5450 [ 24.225955] kasan_report+0x140/0x180 [ 24.226041] ? kasan_atomics_helper+0x1eab/0x5450 [ 24.226137] kasan_check_range+0x10c/0x1c0 [ 24.226218] __kasan_check_write+0x18/0x20 [ 24.226301] kasan_atomics_helper+0x1eab/0x5450 [ 24.226368] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.226453] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.226531] ? trace_hardirqs_on+0x37/0xe0 [ 24.226621] kasan_atomics+0x1dd/0x310 [ 24.226698] ? __pfx_kasan_atomics+0x10/0x10 [ 24.226778] ? __pfx_read_tsc+0x10/0x10 [ 24.226849] ? ktime_get_ts64+0x84/0x230 [ 24.226936] kunit_try_run_case+0x1a6/0x480 [ 24.227015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.227105] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.227180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.227293] ? __kthread_parkme+0x82/0x160 [ 24.227371] ? preempt_count_sub+0x50/0x80 [ 24.227450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.227518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.227600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.227687] kthread+0x257/0x310 [ 24.227760] ? __pfx_kthread+0x10/0x10 [ 24.227834] ret_from_fork+0x41/0x80 [ 24.227930] ? __pfx_kthread+0x10/0x10 [ 24.228002] ret_from_fork_asm+0x1a/0x30 [ 24.228102] </TASK> [ 24.228140] [ 24.240971] Allocated by task 270: [ 24.241368] kasan_save_stack+0x45/0x70 [ 24.241746] kasan_save_track+0x18/0x40 [ 24.242178] kasan_save_alloc_info+0x3b/0x50 [ 24.242633] __kasan_kmalloc+0xb7/0xc0 [ 24.243045] __kmalloc_cache_noprof+0x168/0x350 [ 24.243427] kasan_atomics+0x96/0x310 [ 24.243748] kunit_try_run_case+0x1a6/0x480 [ 24.244180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.244702] kthread+0x257/0x310 [ 24.245089] ret_from_fork+0x41/0x80 [ 24.245515] ret_from_fork_asm+0x1a/0x30 [ 24.245998] [ 24.246247] The buggy address belongs to the object at ffff888102314e80 [ 24.246247] which belongs to the cache kmalloc-64 of size 64 [ 24.246982] The buggy address is located 0 bytes to the right of [ 24.246982] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.247906] [ 24.248097] The buggy address belongs to the physical page: [ 24.248759] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.249494] flags: 0x200000000000000(node=0|zone=2) [ 24.250063] page_type: f5(slab) [ 24.250377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.251080] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.251684] page dumped because: kasan: bad access detected [ 24.252178] [ 24.252434] Memory state around the buggy address: [ 24.252865] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.253447] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.254050] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.254619] ^ [ 24.255134] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.255605] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.256039] ================================================================== [ 23.885385] ================================================================== [ 23.886100] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 23.886871] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.887941] [ 23.888248] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.888363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.888384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.888418] Call Trace: [ 23.888444] <TASK> [ 23.888467] dump_stack_lvl+0x73/0xb0 [ 23.888531] print_report+0xd1/0x640 [ 23.888907] ? __virt_addr_valid+0x1db/0x2d0 [ 23.888952] ? kasan_atomics_helper+0x19e4/0x5450 [ 23.888988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.889025] ? kasan_atomics_helper+0x19e4/0x5450 [ 23.889061] kasan_report+0x140/0x180 [ 23.889097] ? kasan_atomics_helper+0x19e4/0x5450 [ 23.889140] kasan_check_range+0x10c/0x1c0 [ 23.889172] __kasan_check_write+0x18/0x20 [ 23.889203] kasan_atomics_helper+0x19e4/0x5450 [ 23.889267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.889309] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.889340] ? trace_hardirqs_on+0x37/0xe0 [ 23.889378] kasan_atomics+0x1dd/0x310 [ 23.889408] ? __pfx_kasan_atomics+0x10/0x10 [ 23.889439] ? __pfx_read_tsc+0x10/0x10 [ 23.889470] ? ktime_get_ts64+0x84/0x230 [ 23.889508] kunit_try_run_case+0x1a6/0x480 [ 23.889541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.889569] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.889599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.889635] ? __kthread_parkme+0x82/0x160 [ 23.889664] ? preempt_count_sub+0x50/0x80 [ 23.889695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.889724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.889761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.889799] kthread+0x257/0x310 [ 23.889840] ? __pfx_kthread+0x10/0x10 [ 23.889895] ret_from_fork+0x41/0x80 [ 23.889928] ? __pfx_kthread+0x10/0x10 [ 23.889954] ret_from_fork_asm+0x1a/0x30 [ 23.889996] </TASK> [ 23.890010] [ 23.904087] Allocated by task 270: [ 23.904563] kasan_save_stack+0x45/0x70 [ 23.905097] kasan_save_track+0x18/0x40 [ 23.905519] kasan_save_alloc_info+0x3b/0x50 [ 23.905855] __kasan_kmalloc+0xb7/0xc0 [ 23.906211] __kmalloc_cache_noprof+0x168/0x350 [ 23.906674] kasan_atomics+0x96/0x310 [ 23.907187] kunit_try_run_case+0x1a6/0x480 [ 23.907608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.908245] kthread+0x257/0x310 [ 23.908615] ret_from_fork+0x41/0x80 [ 23.909139] ret_from_fork_asm+0x1a/0x30 [ 23.909630] [ 23.909832] The buggy address belongs to the object at ffff888102314e80 [ 23.909832] which belongs to the cache kmalloc-64 of size 64 [ 23.910631] The buggy address is located 0 bytes to the right of [ 23.910631] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.911760] [ 23.911947] The buggy address belongs to the physical page: [ 23.912326] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.913127] flags: 0x200000000000000(node=0|zone=2) [ 23.913638] page_type: f5(slab) [ 23.914006] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.914867] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.915483] page dumped because: kasan: bad access detected [ 23.915844] [ 23.916080] Memory state around the buggy address: [ 23.916627] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.917504] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.917956] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.918486] ^ [ 23.918958] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.919781] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.920472] ================================================================== [ 24.389934] ================================================================== [ 24.390525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 24.391167] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.391748] [ 24.392048] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.392168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.392207] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.392287] Call Trace: [ 24.392340] <TASK> [ 24.392392] dump_stack_lvl+0x73/0xb0 [ 24.392476] print_report+0xd1/0x640 [ 24.392554] ? __virt_addr_valid+0x1db/0x2d0 [ 24.392638] ? kasan_atomics_helper+0x4f9a/0x5450 [ 24.392717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.392795] ? kasan_atomics_helper+0x4f9a/0x5450 [ 24.392927] kasan_report+0x140/0x180 [ 24.393011] ? kasan_atomics_helper+0x4f9a/0x5450 [ 24.393106] __asan_report_load8_noabort+0x18/0x20 [ 24.393189] kasan_atomics_helper+0x4f9a/0x5450 [ 24.393294] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.393378] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.393456] ? trace_hardirqs_on+0x37/0xe0 [ 24.393549] kasan_atomics+0x1dd/0x310 [ 24.393629] ? __pfx_kasan_atomics+0x10/0x10 [ 24.393699] ? __pfx_read_tsc+0x10/0x10 [ 24.393768] ? ktime_get_ts64+0x84/0x230 [ 24.393895] kunit_try_run_case+0x1a6/0x480 [ 24.393984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.394059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.394136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.394220] ? __kthread_parkme+0x82/0x160 [ 24.394315] ? preempt_count_sub+0x50/0x80 [ 24.394392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.394462] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.394545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.394637] kthread+0x257/0x310 [ 24.394705] ? __pfx_kthread+0x10/0x10 [ 24.394770] ret_from_fork+0x41/0x80 [ 24.394802] ? __pfx_kthread+0x10/0x10 [ 24.394870] ret_from_fork_asm+0x1a/0x30 [ 24.394918] </TASK> [ 24.394934] [ 24.410676] Allocated by task 270: [ 24.411147] kasan_save_stack+0x45/0x70 [ 24.412391] kasan_save_track+0x18/0x40 [ 24.412717] kasan_save_alloc_info+0x3b/0x50 [ 24.413214] __kasan_kmalloc+0xb7/0xc0 [ 24.413913] __kmalloc_cache_noprof+0x168/0x350 [ 24.414529] kasan_atomics+0x96/0x310 [ 24.415173] kunit_try_run_case+0x1a6/0x480 [ 24.415603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.415830] kthread+0x257/0x310 [ 24.416243] ret_from_fork+0x41/0x80 [ 24.416645] ret_from_fork_asm+0x1a/0x30 [ 24.417080] [ 24.417304] The buggy address belongs to the object at ffff888102314e80 [ 24.417304] which belongs to the cache kmalloc-64 of size 64 [ 24.418142] The buggy address is located 0 bytes to the right of [ 24.418142] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.419847] [ 24.420269] The buggy address belongs to the physical page: [ 24.420983] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.421569] flags: 0x200000000000000(node=0|zone=2) [ 24.421964] page_type: f5(slab) [ 24.422311] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.422949] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.424156] page dumped because: kasan: bad access detected [ 24.424700] [ 24.425193] Memory state around the buggy address: [ 24.425519] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.426209] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.427081] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.427742] ^ [ 24.428364] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.429078] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.429653] ================================================================== [ 24.188084] ================================================================== [ 24.188640] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 24.189188] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.189904] [ 24.190170] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.190312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.190353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.190416] Call Trace: [ 24.190472] <TASK> [ 24.190545] dump_stack_lvl+0x73/0xb0 [ 24.190657] print_report+0xd1/0x640 [ 24.190735] ? __virt_addr_valid+0x1db/0x2d0 [ 24.190816] ? kasan_atomics_helper+0x1e13/0x5450 [ 24.190937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.191022] ? kasan_atomics_helper+0x1e13/0x5450 [ 24.191103] kasan_report+0x140/0x180 [ 24.191186] ? kasan_atomics_helper+0x1e13/0x5450 [ 24.191313] kasan_check_range+0x10c/0x1c0 [ 24.191376] __kasan_check_write+0x18/0x20 [ 24.191437] kasan_atomics_helper+0x1e13/0x5450 [ 24.191521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.191630] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.191732] ? trace_hardirqs_on+0x37/0xe0 [ 24.191826] kasan_atomics+0x1dd/0x310 [ 24.191945] ? __pfx_kasan_atomics+0x10/0x10 [ 24.192055] ? __pfx_read_tsc+0x10/0x10 [ 24.192126] ? ktime_get_ts64+0x84/0x230 [ 24.192214] kunit_try_run_case+0x1a6/0x480 [ 24.192320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.192386] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.192463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.192549] ? __kthread_parkme+0x82/0x160 [ 24.192623] ? preempt_count_sub+0x50/0x80 [ 24.192704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.192778] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.192863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.192954] kthread+0x257/0x310 [ 24.193022] ? __pfx_kthread+0x10/0x10 [ 24.193090] ret_from_fork+0x41/0x80 [ 24.193160] ? __pfx_kthread+0x10/0x10 [ 24.193217] ret_from_fork_asm+0x1a/0x30 [ 24.193298] </TASK> [ 24.193314] [ 24.206168] Allocated by task 270: [ 24.206547] kasan_save_stack+0x45/0x70 [ 24.207159] kasan_save_track+0x18/0x40 [ 24.207536] kasan_save_alloc_info+0x3b/0x50 [ 24.207876] __kasan_kmalloc+0xb7/0xc0 [ 24.208305] __kmalloc_cache_noprof+0x168/0x350 [ 24.208865] kasan_atomics+0x96/0x310 [ 24.209259] kunit_try_run_case+0x1a6/0x480 [ 24.209640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.210186] kthread+0x257/0x310 [ 24.210571] ret_from_fork+0x41/0x80 [ 24.210981] ret_from_fork_asm+0x1a/0x30 [ 24.211378] [ 24.211623] The buggy address belongs to the object at ffff888102314e80 [ 24.211623] which belongs to the cache kmalloc-64 of size 64 [ 24.212308] The buggy address is located 0 bytes to the right of [ 24.212308] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.213499] [ 24.213778] The buggy address belongs to the physical page: [ 24.214262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.214866] flags: 0x200000000000000(node=0|zone=2) [ 24.215287] page_type: f5(slab) [ 24.215580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.216210] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.217086] page dumped because: kasan: bad access detected [ 24.217546] [ 24.217744] Memory state around the buggy address: [ 24.218381] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.218881] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.219361] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.219790] ^ [ 24.220128] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.220774] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.221433] ================================================================== [ 22.836216] ================================================================== [ 22.837842] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 22.838392] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.839712] [ 22.840149] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.840293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.840334] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.840385] Call Trace: [ 22.840426] <TASK> [ 22.840464] dump_stack_lvl+0x73/0xb0 [ 22.840525] print_report+0xd1/0x640 [ 22.840577] ? __virt_addr_valid+0x1db/0x2d0 [ 22.840631] ? kasan_atomics_helper+0xde1/0x5450 [ 22.840682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.840740] ? kasan_atomics_helper+0xde1/0x5450 [ 22.840800] kasan_report+0x140/0x180 [ 22.840862] ? kasan_atomics_helper+0xde1/0x5450 [ 22.840927] kasan_check_range+0x10c/0x1c0 [ 22.840975] __kasan_check_write+0x18/0x20 [ 22.841025] kasan_atomics_helper+0xde1/0x5450 [ 22.841081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.841142] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.841194] ? trace_hardirqs_on+0x37/0xe0 [ 22.841276] kasan_atomics+0x1dd/0x310 [ 22.841330] ? __pfx_kasan_atomics+0x10/0x10 [ 22.841390] ? __pfx_read_tsc+0x10/0x10 [ 22.841622] ? ktime_get_ts64+0x84/0x230 [ 22.841774] kunit_try_run_case+0x1a6/0x480 [ 22.841845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.841905] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.841942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.841982] ? __kthread_parkme+0x82/0x160 [ 22.842012] ? preempt_count_sub+0x50/0x80 [ 22.842045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.842073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.842111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.842150] kthread+0x257/0x310 [ 22.842178] ? __pfx_kthread+0x10/0x10 [ 22.842206] ret_from_fork+0x41/0x80 [ 22.842277] ? __pfx_kthread+0x10/0x10 [ 22.842319] ret_from_fork_asm+0x1a/0x30 [ 22.842362] </TASK> [ 22.842378] [ 22.857254] Allocated by task 270: [ 22.857621] kasan_save_stack+0x45/0x70 [ 22.857919] kasan_save_track+0x18/0x40 [ 22.858461] kasan_save_alloc_info+0x3b/0x50 [ 22.858856] __kasan_kmalloc+0xb7/0xc0 [ 22.859360] __kmalloc_cache_noprof+0x168/0x350 [ 22.859779] kasan_atomics+0x96/0x310 [ 22.860218] kunit_try_run_case+0x1a6/0x480 [ 22.860676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.861400] kthread+0x257/0x310 [ 22.861838] ret_from_fork+0x41/0x80 [ 22.862074] ret_from_fork_asm+0x1a/0x30 [ 22.864596] [ 22.866410] The buggy address belongs to the object at ffff888102314e80 [ 22.866410] which belongs to the cache kmalloc-64 of size 64 [ 22.867349] The buggy address is located 0 bytes to the right of [ 22.867349] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.868380] [ 22.868593] The buggy address belongs to the physical page: [ 22.869116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.869789] flags: 0x200000000000000(node=0|zone=2) [ 22.870198] page_type: f5(slab) [ 22.870561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.871425] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.872063] page dumped because: kasan: bad access detected [ 22.872539] [ 22.872773] Memory state around the buggy address: [ 22.873214] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.873877] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.874503] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.875110] ^ [ 22.875568] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.876241] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.876793] ================================================================== [ 24.106310] ================================================================== [ 24.107350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 24.108040] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.108487] [ 24.109186] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.109296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.109337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.109400] Call Trace: [ 24.109590] <TASK> [ 24.109644] dump_stack_lvl+0x73/0xb0 [ 24.109691] print_report+0xd1/0x640 [ 24.109728] ? __virt_addr_valid+0x1db/0x2d0 [ 24.109765] ? kasan_atomics_helper+0x1ce2/0x5450 [ 24.109799] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.109855] ? kasan_atomics_helper+0x1ce2/0x5450 [ 24.109902] kasan_report+0x140/0x180 [ 24.109939] ? kasan_atomics_helper+0x1ce2/0x5450 [ 24.109982] kasan_check_range+0x10c/0x1c0 [ 24.110013] __kasan_check_write+0x18/0x20 [ 24.110044] kasan_atomics_helper+0x1ce2/0x5450 [ 24.110082] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.110118] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.110150] ? trace_hardirqs_on+0x37/0xe0 [ 24.110190] kasan_atomics+0x1dd/0x310 [ 24.110220] ? __pfx_kasan_atomics+0x10/0x10 [ 24.110276] ? __pfx_read_tsc+0x10/0x10 [ 24.110306] ? ktime_get_ts64+0x84/0x230 [ 24.110342] kunit_try_run_case+0x1a6/0x480 [ 24.110377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.110407] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.110439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.110476] ? __kthread_parkme+0x82/0x160 [ 24.110503] ? preempt_count_sub+0x50/0x80 [ 24.110537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.110567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.110605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.110645] kthread+0x257/0x310 [ 24.110673] ? __pfx_kthread+0x10/0x10 [ 24.110700] ret_from_fork+0x41/0x80 [ 24.110730] ? __pfx_kthread+0x10/0x10 [ 24.110757] ret_from_fork_asm+0x1a/0x30 [ 24.110799] </TASK> [ 24.110815] [ 24.129602] Allocated by task 270: [ 24.129982] kasan_save_stack+0x45/0x70 [ 24.130421] kasan_save_track+0x18/0x40 [ 24.130775] kasan_save_alloc_info+0x3b/0x50 [ 24.131712] __kasan_kmalloc+0xb7/0xc0 [ 24.132017] __kmalloc_cache_noprof+0x168/0x350 [ 24.132708] kasan_atomics+0x96/0x310 [ 24.133364] kunit_try_run_case+0x1a6/0x480 [ 24.134026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.134485] kthread+0x257/0x310 [ 24.135309] ret_from_fork+0x41/0x80 [ 24.135579] ret_from_fork_asm+0x1a/0x30 [ 24.136329] [ 24.136690] The buggy address belongs to the object at ffff888102314e80 [ 24.136690] which belongs to the cache kmalloc-64 of size 64 [ 24.137524] The buggy address is located 0 bytes to the right of [ 24.137524] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.138458] [ 24.138736] The buggy address belongs to the physical page: [ 24.139302] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.140055] flags: 0x200000000000000(node=0|zone=2) [ 24.140567] page_type: f5(slab) [ 24.141001] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.141623] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.142402] page dumped because: kasan: bad access detected [ 24.142935] [ 24.143223] Memory state around the buggy address: [ 24.143702] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.144343] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.145005] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.145609] ^ [ 24.146125] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.146681] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.147403] ================================================================== [ 24.150054] ================================================================== [ 24.150484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 24.151395] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.152009] [ 24.152335] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.152482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.152523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.152582] Call Trace: [ 24.152637] <TASK> [ 24.152690] dump_stack_lvl+0x73/0xb0 [ 24.152771] print_report+0xd1/0x640 [ 24.152896] ? __virt_addr_valid+0x1db/0x2d0 [ 24.152984] ? kasan_atomics_helper+0x1d7b/0x5450 [ 24.153065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.153144] ? kasan_atomics_helper+0x1d7b/0x5450 [ 24.153269] kasan_report+0x140/0x180 [ 24.153358] ? kasan_atomics_helper+0x1d7b/0x5450 [ 24.153455] kasan_check_range+0x10c/0x1c0 [ 24.153560] __kasan_check_write+0x18/0x20 [ 24.153665] kasan_atomics_helper+0x1d7b/0x5450 [ 24.153748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.153792] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.153838] ? trace_hardirqs_on+0x37/0xe0 [ 24.153903] kasan_atomics+0x1dd/0x310 [ 24.153933] ? __pfx_kasan_atomics+0x10/0x10 [ 24.153964] ? __pfx_read_tsc+0x10/0x10 [ 24.153991] ? ktime_get_ts64+0x84/0x230 [ 24.154027] kunit_try_run_case+0x1a6/0x480 [ 24.154061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.154089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.154119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.154154] ? __kthread_parkme+0x82/0x160 [ 24.154183] ? preempt_count_sub+0x50/0x80 [ 24.154216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.154275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.154315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.154353] kthread+0x257/0x310 [ 24.154379] ? __pfx_kthread+0x10/0x10 [ 24.154407] ret_from_fork+0x41/0x80 [ 24.154438] ? __pfx_kthread+0x10/0x10 [ 24.154464] ret_from_fork_asm+0x1a/0x30 [ 24.154506] </TASK> [ 24.154521] [ 24.168459] Allocated by task 270: [ 24.168768] kasan_save_stack+0x45/0x70 [ 24.170453] kasan_save_track+0x18/0x40 [ 24.170775] kasan_save_alloc_info+0x3b/0x50 [ 24.171574] __kasan_kmalloc+0xb7/0xc0 [ 24.172190] __kmalloc_cache_noprof+0x168/0x350 [ 24.172683] kasan_atomics+0x96/0x310 [ 24.173360] kunit_try_run_case+0x1a6/0x480 [ 24.173843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.174352] kthread+0x257/0x310 [ 24.174736] ret_from_fork+0x41/0x80 [ 24.175091] ret_from_fork_asm+0x1a/0x30 [ 24.175445] [ 24.175634] The buggy address belongs to the object at ffff888102314e80 [ 24.175634] which belongs to the cache kmalloc-64 of size 64 [ 24.176719] The buggy address is located 0 bytes to the right of [ 24.176719] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.177547] [ 24.177804] The buggy address belongs to the physical page: [ 24.178372] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.179246] flags: 0x200000000000000(node=0|zone=2) [ 24.179687] page_type: f5(slab) [ 24.180320] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.180937] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.181683] page dumped because: kasan: bad access detected [ 24.182251] [ 24.182530] Memory state around the buggy address: [ 24.183029] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.183570] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.184129] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.184965] ^ [ 24.185424] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.185901] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.186627] ================================================================== [ 22.539461] ================================================================== [ 22.539899] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 22.541045] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.541653] [ 22.542347] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.542478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.542522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.542579] Call Trace: [ 22.542615] <TASK> [ 22.542654] dump_stack_lvl+0x73/0xb0 [ 22.542699] print_report+0xd1/0x640 [ 22.542735] ? __virt_addr_valid+0x1db/0x2d0 [ 22.542778] ? kasan_atomics_helper+0x993/0x5450 [ 22.542816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.543053] ? kasan_atomics_helper+0x993/0x5450 [ 22.543095] kasan_report+0x140/0x180 [ 22.543133] ? kasan_atomics_helper+0x993/0x5450 [ 22.543175] kasan_check_range+0x10c/0x1c0 [ 22.543207] __kasan_check_write+0x18/0x20 [ 22.543278] kasan_atomics_helper+0x993/0x5450 [ 22.543316] ? kasan_save_alloc_info+0x3b/0x50 [ 22.543347] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.543385] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.543416] ? trace_hardirqs_on+0x37/0xe0 [ 22.543459] kasan_atomics+0x1dd/0x310 [ 22.543487] ? __pfx_kasan_atomics+0x10/0x10 [ 22.543518] ? __pfx_read_tsc+0x10/0x10 [ 22.543545] ? ktime_get_ts64+0x84/0x230 [ 22.543581] kunit_try_run_case+0x1a6/0x480 [ 22.543614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.543643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.543674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.543711] ? __kthread_parkme+0x82/0x160 [ 22.543741] ? preempt_count_sub+0x50/0x80 [ 22.543774] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.543804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.543870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.543913] kthread+0x257/0x310 [ 22.543941] ? __pfx_kthread+0x10/0x10 [ 22.543969] ret_from_fork+0x41/0x80 [ 22.544000] ? __pfx_kthread+0x10/0x10 [ 22.544025] ret_from_fork_asm+0x1a/0x30 [ 22.544067] </TASK> [ 22.544082] [ 22.561028] Allocated by task 270: [ 22.561455] kasan_save_stack+0x45/0x70 [ 22.561940] kasan_save_track+0x18/0x40 [ 22.562381] kasan_save_alloc_info+0x3b/0x50 [ 22.562885] __kasan_kmalloc+0xb7/0xc0 [ 22.563358] __kmalloc_cache_noprof+0x168/0x350 [ 22.564798] kasan_atomics+0x96/0x310 [ 22.565348] kunit_try_run_case+0x1a6/0x480 [ 22.565710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.566203] kthread+0x257/0x310 [ 22.566563] ret_from_fork+0x41/0x80 [ 22.566967] ret_from_fork_asm+0x1a/0x30 [ 22.567421] [ 22.567634] The buggy address belongs to the object at ffff888102314e80 [ 22.567634] which belongs to the cache kmalloc-64 of size 64 [ 22.568603] The buggy address is located 0 bytes to the right of [ 22.568603] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.569526] [ 22.569762] The buggy address belongs to the physical page: [ 22.570214] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.570936] flags: 0x200000000000000(node=0|zone=2) [ 22.571422] page_type: f5(slab) [ 22.571725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.572437] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.573051] page dumped because: kasan: bad access detected [ 22.573552] [ 22.573801] Memory state around the buggy address: [ 22.574314] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.574900] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.575579] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.576137] ^ [ 22.576628] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.577210] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.577794] ================================================================== [ 23.292307] ================================================================== [ 23.293699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 23.294532] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.296139] [ 23.296397] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.296519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.296558] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.296635] Call Trace: [ 23.296663] <TASK> [ 23.296715] dump_stack_lvl+0x73/0xb0 [ 23.296769] print_report+0xd1/0x640 [ 23.296806] ? __virt_addr_valid+0x1db/0x2d0 [ 23.296981] ? kasan_atomics_helper+0x12e7/0x5450 [ 23.297024] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.297060] ? kasan_atomics_helper+0x12e7/0x5450 [ 23.297095] kasan_report+0x140/0x180 [ 23.297131] ? kasan_atomics_helper+0x12e7/0x5450 [ 23.297172] kasan_check_range+0x10c/0x1c0 [ 23.297203] __kasan_check_write+0x18/0x20 [ 23.297260] kasan_atomics_helper+0x12e7/0x5450 [ 23.297302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.297340] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.297371] ? trace_hardirqs_on+0x37/0xe0 [ 23.297409] kasan_atomics+0x1dd/0x310 [ 23.297438] ? __pfx_kasan_atomics+0x10/0x10 [ 23.297471] ? __pfx_read_tsc+0x10/0x10 [ 23.297499] ? ktime_get_ts64+0x84/0x230 [ 23.297535] kunit_try_run_case+0x1a6/0x480 [ 23.297570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.297599] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.297628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.297665] ? __kthread_parkme+0x82/0x160 [ 23.297694] ? preempt_count_sub+0x50/0x80 [ 23.297726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.297756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.297795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.297848] kthread+0x257/0x310 [ 23.297904] ? __pfx_kthread+0x10/0x10 [ 23.297932] ret_from_fork+0x41/0x80 [ 23.297963] ? __pfx_kthread+0x10/0x10 [ 23.297990] ret_from_fork_asm+0x1a/0x30 [ 23.298033] </TASK> [ 23.298048] [ 23.315216] Allocated by task 270: [ 23.315520] kasan_save_stack+0x45/0x70 [ 23.315851] kasan_save_track+0x18/0x40 [ 23.316337] kasan_save_alloc_info+0x3b/0x50 [ 23.316810] __kasan_kmalloc+0xb7/0xc0 [ 23.317315] __kmalloc_cache_noprof+0x168/0x350 [ 23.317753] kasan_atomics+0x96/0x310 [ 23.318236] kunit_try_run_case+0x1a6/0x480 [ 23.318668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.319117] kthread+0x257/0x310 [ 23.319522] ret_from_fork+0x41/0x80 [ 23.320029] ret_from_fork_asm+0x1a/0x30 [ 23.320522] [ 23.320793] The buggy address belongs to the object at ffff888102314e80 [ 23.320793] which belongs to the cache kmalloc-64 of size 64 [ 23.321869] The buggy address is located 0 bytes to the right of [ 23.321869] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.322885] [ 23.323123] The buggy address belongs to the physical page: [ 23.323659] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.324391] flags: 0x200000000000000(node=0|zone=2) [ 23.324960] page_type: f5(slab) [ 23.325316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.326108] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.326725] page dumped because: kasan: bad access detected [ 23.327287] [ 23.327522] Memory state around the buggy address: [ 23.327977] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.328551] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.329216] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.329781] ^ [ 23.330165] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.330867] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.331565] ================================================================== [ 24.257487] ================================================================== [ 24.260287] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 24.260776] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.261247] [ 24.261623] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.261743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.261783] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.261846] Call Trace: [ 24.262803] <TASK> [ 24.262859] dump_stack_lvl+0x73/0xb0 [ 24.262959] print_report+0xd1/0x640 [ 24.263042] ? __virt_addr_valid+0x1db/0x2d0 [ 24.263125] ? kasan_atomics_helper+0x1f44/0x5450 [ 24.263201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.263312] ? kasan_atomics_helper+0x1f44/0x5450 [ 24.263392] kasan_report+0x140/0x180 [ 24.263475] ? kasan_atomics_helper+0x1f44/0x5450 [ 24.263568] kasan_check_range+0x10c/0x1c0 [ 24.263644] __kasan_check_write+0x18/0x20 [ 24.263719] kasan_atomics_helper+0x1f44/0x5450 [ 24.263770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.263808] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.264728] ? trace_hardirqs_on+0x37/0xe0 [ 24.264823] kasan_atomics+0x1dd/0x310 [ 24.264899] ? __pfx_kasan_atomics+0x10/0x10 [ 24.264976] ? __pfx_read_tsc+0x10/0x10 [ 24.265048] ? ktime_get_ts64+0x84/0x230 [ 24.265195] kunit_try_run_case+0x1a6/0x480 [ 24.265273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.265305] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.265339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.265378] ? __kthread_parkme+0x82/0x160 [ 24.265407] ? preempt_count_sub+0x50/0x80 [ 24.265442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.265472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.265510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.265549] kthread+0x257/0x310 [ 24.265576] ? __pfx_kthread+0x10/0x10 [ 24.265603] ret_from_fork+0x41/0x80 [ 24.265634] ? __pfx_kthread+0x10/0x10 [ 24.265660] ret_from_fork_asm+0x1a/0x30 [ 24.265702] </TASK> [ 24.265718] [ 24.289426] Allocated by task 270: [ 24.290093] kasan_save_stack+0x45/0x70 [ 24.290716] kasan_save_track+0x18/0x40 [ 24.291171] kasan_save_alloc_info+0x3b/0x50 [ 24.291648] __kasan_kmalloc+0xb7/0xc0 [ 24.292074] __kmalloc_cache_noprof+0x168/0x350 [ 24.292583] kasan_atomics+0x96/0x310 [ 24.293099] kunit_try_run_case+0x1a6/0x480 [ 24.293507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.294126] kthread+0x257/0x310 [ 24.294508] ret_from_fork+0x41/0x80 [ 24.295005] ret_from_fork_asm+0x1a/0x30 [ 24.295444] [ 24.295679] The buggy address belongs to the object at ffff888102314e80 [ 24.295679] which belongs to the cache kmalloc-64 of size 64 [ 24.296724] The buggy address is located 0 bytes to the right of [ 24.296724] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.297791] [ 24.298077] The buggy address belongs to the physical page: [ 24.298634] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.299383] flags: 0x200000000000000(node=0|zone=2) [ 24.299799] page_type: f5(slab) [ 24.300276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.300999] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.301626] page dumped because: kasan: bad access detected [ 24.302167] [ 24.302426] Memory state around the buggy address: [ 24.302906] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.303528] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.304150] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.304662] ^ [ 24.305105] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.305792] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.306442] ================================================================== [ 21.892335] ================================================================== [ 21.893542] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 21.894235] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 21.895472] [ 21.895695] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.895813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.895850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.895912] Call Trace: [ 21.895949] <TASK> [ 21.896000] dump_stack_lvl+0x73/0xb0 [ 21.896084] print_report+0xd1/0x640 [ 21.896160] ? __virt_addr_valid+0x1db/0x2d0 [ 21.896261] ? kasan_atomics_helper+0x4bbe/0x5450 [ 21.896340] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.896422] ? kasan_atomics_helper+0x4bbe/0x5450 [ 21.896512] kasan_report+0x140/0x180 [ 21.896597] ? kasan_atomics_helper+0x4bbe/0x5450 [ 21.896686] __asan_report_load4_noabort+0x18/0x20 [ 21.896764] kasan_atomics_helper+0x4bbe/0x5450 [ 21.896825] ? kasan_save_alloc_info+0x3b/0x50 [ 21.896936] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.896975] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.897006] ? trace_hardirqs_on+0x37/0xe0 [ 21.897047] kasan_atomics+0x1dd/0x310 [ 21.897076] ? __pfx_kasan_atomics+0x10/0x10 [ 21.897106] ? __pfx_read_tsc+0x10/0x10 [ 21.897133] ? ktime_get_ts64+0x84/0x230 [ 21.897169] kunit_try_run_case+0x1a6/0x480 [ 21.897202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.897259] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.897293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.897330] ? __kthread_parkme+0x82/0x160 [ 21.897357] ? preempt_count_sub+0x50/0x80 [ 21.897388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.897416] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.897466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.897566] kthread+0x257/0x310 [ 21.897602] ? __pfx_kthread+0x10/0x10 [ 21.897630] ret_from_fork+0x41/0x80 [ 21.897660] ? __pfx_kthread+0x10/0x10 [ 21.897684] ret_from_fork_asm+0x1a/0x30 [ 21.897727] </TASK> [ 21.897741] [ 21.915240] Allocated by task 270: [ 21.915882] kasan_save_stack+0x45/0x70 [ 21.916350] kasan_save_track+0x18/0x40 [ 21.917021] kasan_save_alloc_info+0x3b/0x50 [ 21.917656] __kasan_kmalloc+0xb7/0xc0 [ 21.918155] __kmalloc_cache_noprof+0x168/0x350 [ 21.918856] kasan_atomics+0x96/0x310 [ 21.919290] kunit_try_run_case+0x1a6/0x480 [ 21.919902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.920415] kthread+0x257/0x310 [ 21.921055] ret_from_fork+0x41/0x80 [ 21.921646] ret_from_fork_asm+0x1a/0x30 [ 21.922094] [ 21.922373] The buggy address belongs to the object at ffff888102314e80 [ 21.922373] which belongs to the cache kmalloc-64 of size 64 [ 21.923578] The buggy address is located 0 bytes to the right of [ 21.923578] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 21.924971] [ 21.925203] The buggy address belongs to the physical page: [ 21.925994] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 21.926632] flags: 0x200000000000000(node=0|zone=2) [ 21.927362] page_type: f5(slab) [ 21.927869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.928699] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 21.929389] page dumped because: kasan: bad access detected [ 21.929935] [ 21.930142] Memory state around the buggy address: [ 21.930609] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.931136] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.932284] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.933290] ^ [ 21.933910] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.934642] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.935533] ================================================================== [ 23.968982] ================================================================== [ 23.969483] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 23.971452] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.972029] [ 23.972629] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.972702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.972743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.972804] Call Trace: [ 23.972858] <TASK> [ 23.973089] dump_stack_lvl+0x73/0xb0 [ 23.973136] print_report+0xd1/0x640 [ 23.973173] ? __virt_addr_valid+0x1db/0x2d0 [ 23.973209] ? kasan_atomics_helper+0x1b23/0x5450 [ 23.973273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.973310] ? kasan_atomics_helper+0x1b23/0x5450 [ 23.973346] kasan_report+0x140/0x180 [ 23.973383] ? kasan_atomics_helper+0x1b23/0x5450 [ 23.973425] kasan_check_range+0x10c/0x1c0 [ 23.973457] __kasan_check_write+0x18/0x20 [ 23.973488] kasan_atomics_helper+0x1b23/0x5450 [ 23.973525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.973562] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.973593] ? trace_hardirqs_on+0x37/0xe0 [ 23.973633] kasan_atomics+0x1dd/0x310 [ 23.973663] ? __pfx_kasan_atomics+0x10/0x10 [ 23.973694] ? __pfx_read_tsc+0x10/0x10 [ 23.973722] ? ktime_get_ts64+0x84/0x230 [ 23.973759] kunit_try_run_case+0x1a6/0x480 [ 23.973792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.973829] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.973883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.973922] ? __kthread_parkme+0x82/0x160 [ 23.973950] ? preempt_count_sub+0x50/0x80 [ 23.973985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.974016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.974053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.974092] kthread+0x257/0x310 [ 23.974120] ? __pfx_kthread+0x10/0x10 [ 23.974148] ret_from_fork+0x41/0x80 [ 23.974178] ? __pfx_kthread+0x10/0x10 [ 23.974205] ret_from_fork_asm+0x1a/0x30 [ 23.974269] </TASK> [ 23.974286] [ 23.991783] Allocated by task 270: [ 23.992074] kasan_save_stack+0x45/0x70 [ 23.993779] kasan_save_track+0x18/0x40 [ 23.994598] kasan_save_alloc_info+0x3b/0x50 [ 23.996266] __kasan_kmalloc+0xb7/0xc0 [ 23.996953] __kmalloc_cache_noprof+0x168/0x350 [ 23.997469] kasan_atomics+0x96/0x310 [ 23.997846] kunit_try_run_case+0x1a6/0x480 [ 23.998305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.998793] kthread+0x257/0x310 [ 23.999515] ret_from_fork+0x41/0x80 [ 23.999841] ret_from_fork_asm+0x1a/0x30 [ 24.000567] [ 24.001016] The buggy address belongs to the object at ffff888102314e80 [ 24.001016] which belongs to the cache kmalloc-64 of size 64 [ 24.001622] The buggy address is located 0 bytes to the right of [ 24.001622] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.003052] [ 24.003410] The buggy address belongs to the physical page: [ 24.004239] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.005072] flags: 0x200000000000000(node=0|zone=2) [ 24.005456] page_type: f5(slab) [ 24.005722] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.007303] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.007760] page dumped because: kasan: bad access detected [ 24.008095] [ 24.009542] Memory state around the buggy address: [ 24.011398] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.011872] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.012489] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.014215] ^ [ 24.014569] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.014996] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.015402] ================================================================== [ 23.455139] ================================================================== [ 23.455719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 23.456724] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.457581] [ 23.457966] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.458118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.458160] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.458239] Call Trace: [ 23.458296] <TASK> [ 23.458348] dump_stack_lvl+0x73/0xb0 [ 23.458440] print_report+0xd1/0x640 [ 23.458604] ? __virt_addr_valid+0x1db/0x2d0 [ 23.458694] ? kasan_atomics_helper+0x1468/0x5450 [ 23.458747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.458785] ? kasan_atomics_helper+0x1468/0x5450 [ 23.458849] kasan_report+0x140/0x180 [ 23.458905] ? kasan_atomics_helper+0x1468/0x5450 [ 23.458949] kasan_check_range+0x10c/0x1c0 [ 23.458981] __kasan_check_write+0x18/0x20 [ 23.459012] kasan_atomics_helper+0x1468/0x5450 [ 23.459051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.459087] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.459119] ? trace_hardirqs_on+0x37/0xe0 [ 23.459157] kasan_atomics+0x1dd/0x310 [ 23.459186] ? __pfx_kasan_atomics+0x10/0x10 [ 23.459216] ? __pfx_read_tsc+0x10/0x10 [ 23.459284] ? ktime_get_ts64+0x84/0x230 [ 23.459324] kunit_try_run_case+0x1a6/0x480 [ 23.459359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.459389] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.459419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.459456] ? __kthread_parkme+0x82/0x160 [ 23.459484] ? preempt_count_sub+0x50/0x80 [ 23.459516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.459546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.459583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.459623] kthread+0x257/0x310 [ 23.459653] ? __pfx_kthread+0x10/0x10 [ 23.459683] ret_from_fork+0x41/0x80 [ 23.459715] ? __pfx_kthread+0x10/0x10 [ 23.459742] ret_from_fork_asm+0x1a/0x30 [ 23.459784] </TASK> [ 23.459800] [ 23.475527] Allocated by task 270: [ 23.476022] kasan_save_stack+0x45/0x70 [ 23.476711] kasan_save_track+0x18/0x40 [ 23.477289] kasan_save_alloc_info+0x3b/0x50 [ 23.477909] __kasan_kmalloc+0xb7/0xc0 [ 23.478341] __kmalloc_cache_noprof+0x168/0x350 [ 23.478890] kasan_atomics+0x96/0x310 [ 23.481953] kunit_try_run_case+0x1a6/0x480 [ 23.483087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.484242] kthread+0x257/0x310 [ 23.485172] ret_from_fork+0x41/0x80 [ 23.486390] ret_from_fork_asm+0x1a/0x30 [ 23.487266] [ 23.487450] The buggy address belongs to the object at ffff888102314e80 [ 23.487450] which belongs to the cache kmalloc-64 of size 64 [ 23.488067] The buggy address is located 0 bytes to the right of [ 23.488067] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.492162] [ 23.492478] The buggy address belongs to the physical page: [ 23.493574] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.494174] flags: 0x200000000000000(node=0|zone=2) [ 23.494662] page_type: f5(slab) [ 23.495095] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.495848] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.496873] page dumped because: kasan: bad access detected [ 23.497387] [ 23.497548] Memory state around the buggy address: [ 23.498645] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.499370] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.499930] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.500725] ^ [ 23.501801] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.502707] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.503452] ================================================================== [ 24.307710] ================================================================== [ 24.308347] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 24.309053] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.309636] [ 24.309993] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.310113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.310174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.310275] Call Trace: [ 24.310333] <TASK> [ 24.310383] dump_stack_lvl+0x73/0xb0 [ 24.310467] print_report+0xd1/0x640 [ 24.310547] ? __virt_addr_valid+0x1db/0x2d0 [ 24.310630] ? kasan_atomics_helper+0x4f73/0x5450 [ 24.310710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.310792] ? kasan_atomics_helper+0x4f73/0x5450 [ 24.310954] kasan_report+0x140/0x180 [ 24.311038] ? kasan_atomics_helper+0x4f73/0x5450 [ 24.311134] __asan_report_load8_noabort+0x18/0x20 [ 24.311211] kasan_atomics_helper+0x4f73/0x5450 [ 24.311324] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.311411] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.311506] ? trace_hardirqs_on+0x37/0xe0 [ 24.311624] kasan_atomics+0x1dd/0x310 [ 24.311746] ? __pfx_kasan_atomics+0x10/0x10 [ 24.311864] ? __pfx_read_tsc+0x10/0x10 [ 24.311937] ? ktime_get_ts64+0x84/0x230 [ 24.312011] kunit_try_run_case+0x1a6/0x480 [ 24.312048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.312080] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.312112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.312148] ? __kthread_parkme+0x82/0x160 [ 24.312176] ? preempt_count_sub+0x50/0x80 [ 24.312208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.312266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.312307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.312344] kthread+0x257/0x310 [ 24.312371] ? __pfx_kthread+0x10/0x10 [ 24.312398] ret_from_fork+0x41/0x80 [ 24.312428] ? __pfx_kthread+0x10/0x10 [ 24.312454] ret_from_fork_asm+0x1a/0x30 [ 24.312495] </TASK> [ 24.312510] [ 24.325723] Allocated by task 270: [ 24.326164] kasan_save_stack+0x45/0x70 [ 24.326729] kasan_save_track+0x18/0x40 [ 24.327183] kasan_save_alloc_info+0x3b/0x50 [ 24.327710] __kasan_kmalloc+0xb7/0xc0 [ 24.328113] __kmalloc_cache_noprof+0x168/0x350 [ 24.328645] kasan_atomics+0x96/0x310 [ 24.329092] kunit_try_run_case+0x1a6/0x480 [ 24.329569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.330004] kthread+0x257/0x310 [ 24.330323] ret_from_fork+0x41/0x80 [ 24.330722] ret_from_fork_asm+0x1a/0x30 [ 24.331219] [ 24.331583] The buggy address belongs to the object at ffff888102314e80 [ 24.331583] which belongs to the cache kmalloc-64 of size 64 [ 24.332674] The buggy address is located 0 bytes to the right of [ 24.332674] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.333704] [ 24.333935] The buggy address belongs to the physical page: [ 24.334322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.335093] flags: 0x200000000000000(node=0|zone=2) [ 24.335636] page_type: f5(slab) [ 24.336114] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.336865] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.337560] page dumped because: kasan: bad access detected [ 24.338075] [ 24.338410] Memory state around the buggy address: [ 24.339631] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.340156] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.340679] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.341198] ^ [ 24.342529] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.343214] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.343913] ================================================================== [ 23.668114] ================================================================== [ 23.668641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 23.669543] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.670219] [ 23.670666] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.670784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.670821] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.671038] Call Trace: [ 23.671442] <TASK> [ 23.671506] dump_stack_lvl+0x73/0xb0 [ 23.671621] print_report+0xd1/0x640 [ 23.671663] ? __virt_addr_valid+0x1db/0x2d0 [ 23.671719] ? kasan_atomics_helper+0x16e8/0x5450 [ 23.671759] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.671795] ? kasan_atomics_helper+0x16e8/0x5450 [ 23.671850] kasan_report+0x140/0x180 [ 23.671896] ? kasan_atomics_helper+0x16e8/0x5450 [ 23.671940] kasan_check_range+0x10c/0x1c0 [ 23.671971] __kasan_check_write+0x18/0x20 [ 23.672002] kasan_atomics_helper+0x16e8/0x5450 [ 23.672039] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.672076] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.672107] ? trace_hardirqs_on+0x37/0xe0 [ 23.672146] kasan_atomics+0x1dd/0x310 [ 23.672175] ? __pfx_kasan_atomics+0x10/0x10 [ 23.672206] ? __pfx_read_tsc+0x10/0x10 [ 23.672257] ? ktime_get_ts64+0x84/0x230 [ 23.672299] kunit_try_run_case+0x1a6/0x480 [ 23.672335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.672366] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.672397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.672435] ? __kthread_parkme+0x82/0x160 [ 23.672463] ? preempt_count_sub+0x50/0x80 [ 23.672495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.672523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.672562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.672599] kthread+0x257/0x310 [ 23.672625] ? __pfx_kthread+0x10/0x10 [ 23.672653] ret_from_fork+0x41/0x80 [ 23.672683] ? __pfx_kthread+0x10/0x10 [ 23.672710] ret_from_fork_asm+0x1a/0x30 [ 23.672753] </TASK> [ 23.672768] [ 23.689775] Allocated by task 270: [ 23.690160] kasan_save_stack+0x45/0x70 [ 23.690552] kasan_save_track+0x18/0x40 [ 23.690923] kasan_save_alloc_info+0x3b/0x50 [ 23.692214] __kasan_kmalloc+0xb7/0xc0 [ 23.692777] __kmalloc_cache_noprof+0x168/0x350 [ 23.693413] kasan_atomics+0x96/0x310 [ 23.694045] kunit_try_run_case+0x1a6/0x480 [ 23.694512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.695246] kthread+0x257/0x310 [ 23.695665] ret_from_fork+0x41/0x80 [ 23.695988] ret_from_fork_asm+0x1a/0x30 [ 23.696466] [ 23.696693] The buggy address belongs to the object at ffff888102314e80 [ 23.696693] which belongs to the cache kmalloc-64 of size 64 [ 23.697702] The buggy address is located 0 bytes to the right of [ 23.697702] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.698803] [ 23.699072] The buggy address belongs to the physical page: [ 23.699633] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.700371] flags: 0x200000000000000(node=0|zone=2) [ 23.700800] page_type: f5(slab) [ 23.701177] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.701884] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.702493] page dumped because: kasan: bad access detected [ 23.703106] [ 23.703385] Memory state around the buggy address: [ 23.703834] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.704478] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.705273] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.705843] ^ [ 23.706381] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.707012] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.708029] ================================================================== [ 22.664127] ================================================================== [ 22.665286] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 22.665867] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.667089] [ 22.667206] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.667343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.667386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.667453] Call Trace: [ 22.667506] <TASK> [ 22.667562] dump_stack_lvl+0x73/0xb0 [ 22.667654] print_report+0xd1/0x640 [ 22.667741] ? __virt_addr_valid+0x1db/0x2d0 [ 22.667838] ? kasan_atomics_helper+0xb6b/0x5450 [ 22.667924] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.668012] ? kasan_atomics_helper+0xb6b/0x5450 [ 22.668064] kasan_report+0x140/0x180 [ 22.668104] ? kasan_atomics_helper+0xb6b/0x5450 [ 22.668147] kasan_check_range+0x10c/0x1c0 [ 22.668178] __kasan_check_write+0x18/0x20 [ 22.668210] kasan_atomics_helper+0xb6b/0x5450 [ 22.668272] ? kasan_save_alloc_info+0x3b/0x50 [ 22.668304] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.668342] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.668373] ? trace_hardirqs_on+0x37/0xe0 [ 22.668413] kasan_atomics+0x1dd/0x310 [ 22.668444] ? __pfx_kasan_atomics+0x10/0x10 [ 22.668474] ? __pfx_read_tsc+0x10/0x10 [ 22.668502] ? ktime_get_ts64+0x84/0x230 [ 22.668538] kunit_try_run_case+0x1a6/0x480 [ 22.668573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.668602] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.668632] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.668670] ? __kthread_parkme+0x82/0x160 [ 22.668698] ? preempt_count_sub+0x50/0x80 [ 22.668729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.668758] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.668795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.668857] kthread+0x257/0x310 [ 22.668890] ? __pfx_kthread+0x10/0x10 [ 22.668918] ret_from_fork+0x41/0x80 [ 22.668948] ? __pfx_kthread+0x10/0x10 [ 22.668975] ret_from_fork_asm+0x1a/0x30 [ 22.669016] </TASK> [ 22.669031] [ 22.691639] Allocated by task 270: [ 22.692484] kasan_save_stack+0x45/0x70 [ 22.693094] kasan_save_track+0x18/0x40 [ 22.693549] kasan_save_alloc_info+0x3b/0x50 [ 22.693927] __kasan_kmalloc+0xb7/0xc0 [ 22.694346] __kmalloc_cache_noprof+0x168/0x350 [ 22.694730] kasan_atomics+0x96/0x310 [ 22.695217] kunit_try_run_case+0x1a6/0x480 [ 22.696270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.696924] kthread+0x257/0x310 [ 22.697438] ret_from_fork+0x41/0x80 [ 22.697973] ret_from_fork_asm+0x1a/0x30 [ 22.698536] [ 22.698931] The buggy address belongs to the object at ffff888102314e80 [ 22.698931] which belongs to the cache kmalloc-64 of size 64 [ 22.700212] The buggy address is located 0 bytes to the right of [ 22.700212] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.701158] [ 22.701442] The buggy address belongs to the physical page: [ 22.701970] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.702645] flags: 0x200000000000000(node=0|zone=2) [ 22.703165] page_type: f5(slab) [ 22.703502] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.704201] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.704882] page dumped because: kasan: bad access detected [ 22.705439] [ 22.705801] Memory state around the buggy address: [ 22.706315] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.707001] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.708154] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.708784] ^ [ 22.709742] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.710350] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.710965] ================================================================== [ 23.759312] ================================================================== [ 23.760093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 23.761689] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.762443] [ 23.762729] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.762889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.762935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.762997] Call Trace: [ 23.763093] <TASK> [ 23.763147] dump_stack_lvl+0x73/0xb0 [ 23.763266] print_report+0xd1/0x640 [ 23.763347] ? __virt_addr_valid+0x1db/0x2d0 [ 23.763388] ? kasan_atomics_helper+0x1819/0x5450 [ 23.763423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.763457] ? kasan_atomics_helper+0x1819/0x5450 [ 23.763528] kasan_report+0x140/0x180 [ 23.763582] ? kasan_atomics_helper+0x1819/0x5450 [ 23.763630] kasan_check_range+0x10c/0x1c0 [ 23.763663] __kasan_check_write+0x18/0x20 [ 23.763695] kasan_atomics_helper+0x1819/0x5450 [ 23.763732] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.763769] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.763802] ? trace_hardirqs_on+0x37/0xe0 [ 23.763887] kasan_atomics+0x1dd/0x310 [ 23.763920] ? __pfx_kasan_atomics+0x10/0x10 [ 23.763951] ? __pfx_read_tsc+0x10/0x10 [ 23.763980] ? ktime_get_ts64+0x84/0x230 [ 23.764017] kunit_try_run_case+0x1a6/0x480 [ 23.764052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.764082] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.764112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.764149] ? __kthread_parkme+0x82/0x160 [ 23.764177] ? preempt_count_sub+0x50/0x80 [ 23.764208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.764268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.764310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.764349] kthread+0x257/0x310 [ 23.764376] ? __pfx_kthread+0x10/0x10 [ 23.764403] ret_from_fork+0x41/0x80 [ 23.764433] ? __pfx_kthread+0x10/0x10 [ 23.764460] ret_from_fork_asm+0x1a/0x30 [ 23.764503] </TASK> [ 23.764518] [ 23.779792] Allocated by task 270: [ 23.780297] kasan_save_stack+0x45/0x70 [ 23.780766] kasan_save_track+0x18/0x40 [ 23.781188] kasan_save_alloc_info+0x3b/0x50 [ 23.781711] __kasan_kmalloc+0xb7/0xc0 [ 23.782214] __kmalloc_cache_noprof+0x168/0x350 [ 23.782744] kasan_atomics+0x96/0x310 [ 23.783190] kunit_try_run_case+0x1a6/0x480 [ 23.783668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.784257] kthread+0x257/0x310 [ 23.784569] ret_from_fork+0x41/0x80 [ 23.784937] ret_from_fork_asm+0x1a/0x30 [ 23.785280] [ 23.785522] The buggy address belongs to the object at ffff888102314e80 [ 23.785522] which belongs to the cache kmalloc-64 of size 64 [ 23.786681] The buggy address is located 0 bytes to the right of [ 23.786681] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.787723] [ 23.787966] The buggy address belongs to the physical page: [ 23.788376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.789113] flags: 0x200000000000000(node=0|zone=2) [ 23.789664] page_type: f5(slab) [ 23.790123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.790876] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.791398] page dumped because: kasan: bad access detected [ 23.791982] [ 23.792283] Memory state around the buggy address: [ 23.792719] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.793219] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.793935] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.794590] ^ [ 23.795121] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.795655] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.796108] ================================================================== [ 22.963962] ================================================================== [ 22.965327] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 22.966692] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.967758] [ 22.968000] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.968110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.968153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.968217] Call Trace: [ 22.968443] <TASK> [ 22.968472] dump_stack_lvl+0x73/0xb0 [ 22.968518] print_report+0xd1/0x640 [ 22.968555] ? __virt_addr_valid+0x1db/0x2d0 [ 22.968592] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.968626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.968660] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.968694] kasan_report+0x140/0x180 [ 22.968730] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.968771] kasan_check_range+0x10c/0x1c0 [ 22.968802] __kasan_check_write+0x18/0x20 [ 22.968855] kasan_atomics_helper+0xfaa/0x5450 [ 22.968903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.968941] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.968973] ? trace_hardirqs_on+0x37/0xe0 [ 22.969014] kasan_atomics+0x1dd/0x310 [ 22.969044] ? __pfx_kasan_atomics+0x10/0x10 [ 22.969076] ? __pfx_read_tsc+0x10/0x10 [ 22.969106] ? ktime_get_ts64+0x84/0x230 [ 22.969143] kunit_try_run_case+0x1a6/0x480 [ 22.969178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.969207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.969272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.969312] ? __kthread_parkme+0x82/0x160 [ 22.969341] ? preempt_count_sub+0x50/0x80 [ 22.969373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.969403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.969442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.969481] kthread+0x257/0x310 [ 22.969508] ? __pfx_kthread+0x10/0x10 [ 22.969535] ret_from_fork+0x41/0x80 [ 22.969567] ? __pfx_kthread+0x10/0x10 [ 22.969594] ret_from_fork_asm+0x1a/0x30 [ 22.969636] </TASK> [ 22.969651] [ 22.987199] Allocated by task 270: [ 22.987632] kasan_save_stack+0x45/0x70 [ 22.988070] kasan_save_track+0x18/0x40 [ 22.988524] kasan_save_alloc_info+0x3b/0x50 [ 22.988903] __kasan_kmalloc+0xb7/0xc0 [ 22.989322] __kmalloc_cache_noprof+0x168/0x350 [ 22.989888] kasan_atomics+0x96/0x310 [ 22.990345] kunit_try_run_case+0x1a6/0x480 [ 22.990738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.991201] kthread+0x257/0x310 [ 22.991628] ret_from_fork+0x41/0x80 [ 22.992112] ret_from_fork_asm+0x1a/0x30 [ 22.992607] [ 22.992887] The buggy address belongs to the object at ffff888102314e80 [ 22.992887] which belongs to the cache kmalloc-64 of size 64 [ 22.993886] The buggy address is located 0 bytes to the right of [ 22.993886] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.994906] [ 22.995137] The buggy address belongs to the physical page: [ 22.995685] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.996415] flags: 0x200000000000000(node=0|zone=2) [ 22.996901] page_type: f5(slab) [ 22.997267] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.997992] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.998672] page dumped because: kasan: bad access detected [ 22.999271] [ 22.999538] Memory state around the buggy address: [ 22.999990] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.000593] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.001208] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.001804] ^ [ 23.002352] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.002915] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.003583] ================================================================== [ 22.712947] ================================================================== [ 22.713636] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 22.714376] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.715093] [ 22.715413] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.715570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.715616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.715680] Call Trace: [ 22.715769] <TASK> [ 22.715825] dump_stack_lvl+0x73/0xb0 [ 22.715912] print_report+0xd1/0x640 [ 22.715993] ? __virt_addr_valid+0x1db/0x2d0 [ 22.716076] ? kasan_atomics_helper+0xc71/0x5450 [ 22.716151] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.716252] ? kasan_atomics_helper+0xc71/0x5450 [ 22.716377] kasan_report+0x140/0x180 [ 22.716491] ? kasan_atomics_helper+0xc71/0x5450 [ 22.716594] kasan_check_range+0x10c/0x1c0 [ 22.716675] __kasan_check_write+0x18/0x20 [ 22.716750] kasan_atomics_helper+0xc71/0x5450 [ 22.716833] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.716925] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.716964] ? trace_hardirqs_on+0x37/0xe0 [ 22.717005] kasan_atomics+0x1dd/0x310 [ 22.717034] ? __pfx_kasan_atomics+0x10/0x10 [ 22.717067] ? __pfx_read_tsc+0x10/0x10 [ 22.717096] ? ktime_get_ts64+0x84/0x230 [ 22.717132] kunit_try_run_case+0x1a6/0x480 [ 22.717166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.717196] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.717255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.717299] ? __kthread_parkme+0x82/0x160 [ 22.717328] ? preempt_count_sub+0x50/0x80 [ 22.717361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.717391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.717429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.717469] kthread+0x257/0x310 [ 22.717495] ? __pfx_kthread+0x10/0x10 [ 22.717523] ret_from_fork+0x41/0x80 [ 22.717553] ? __pfx_kthread+0x10/0x10 [ 22.717582] ret_from_fork_asm+0x1a/0x30 [ 22.717624] </TASK> [ 22.717639] [ 22.732427] Allocated by task 270: [ 22.732881] kasan_save_stack+0x45/0x70 [ 22.733390] kasan_save_track+0x18/0x40 [ 22.733963] kasan_save_alloc_info+0x3b/0x50 [ 22.734508] __kasan_kmalloc+0xb7/0xc0 [ 22.735014] __kmalloc_cache_noprof+0x168/0x350 [ 22.735631] kasan_atomics+0x96/0x310 [ 22.736098] kunit_try_run_case+0x1a6/0x480 [ 22.736570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.737380] kthread+0x257/0x310 [ 22.737749] ret_from_fork+0x41/0x80 [ 22.738478] ret_from_fork_asm+0x1a/0x30 [ 22.739679] [ 22.740931] The buggy address belongs to the object at ffff888102314e80 [ 22.740931] which belongs to the cache kmalloc-64 of size 64 [ 22.741655] The buggy address is located 0 bytes to the right of [ 22.741655] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.743135] [ 22.743473] The buggy address belongs to the physical page: [ 22.744003] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.744779] flags: 0x200000000000000(node=0|zone=2) [ 22.745295] page_type: f5(slab) [ 22.745687] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.746336] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.746964] page dumped because: kasan: bad access detected [ 22.747418] [ 22.747648] Memory state around the buggy address: [ 22.748120] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.748621] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.749177] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.749760] ^ [ 22.750274] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.750911] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.751474] ================================================================== [ 23.120605] ================================================================== [ 23.121459] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 23.122002] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.122737] [ 23.122929] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.123028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.123060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.123109] Call Trace: [ 23.123157] <TASK> [ 23.123201] dump_stack_lvl+0x73/0xb0 [ 23.123341] print_report+0xd1/0x640 [ 23.123425] ? __virt_addr_valid+0x1db/0x2d0 [ 23.123548] ? kasan_atomics_helper+0x1149/0x5450 [ 23.123636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.123716] ? kasan_atomics_helper+0x1149/0x5450 [ 23.123797] kasan_report+0x140/0x180 [ 23.123901] ? kasan_atomics_helper+0x1149/0x5450 [ 23.124035] kasan_check_range+0x10c/0x1c0 [ 23.124116] __kasan_check_write+0x18/0x20 [ 23.124246] kasan_atomics_helper+0x1149/0x5450 [ 23.124338] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.124425] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.124502] ? trace_hardirqs_on+0x37/0xe0 [ 23.124636] kasan_atomics+0x1dd/0x310 [ 23.124715] ? __pfx_kasan_atomics+0x10/0x10 [ 23.124784] ? __pfx_read_tsc+0x10/0x10 [ 23.124821] ? ktime_get_ts64+0x84/0x230 [ 23.124905] kunit_try_run_case+0x1a6/0x480 [ 23.124984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.125103] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.125204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.125310] ? __kthread_parkme+0x82/0x160 [ 23.125419] ? preempt_count_sub+0x50/0x80 [ 23.125507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.125580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.125663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.125716] kthread+0x257/0x310 [ 23.125744] ? __pfx_kthread+0x10/0x10 [ 23.125774] ret_from_fork+0x41/0x80 [ 23.125805] ? __pfx_kthread+0x10/0x10 [ 23.125864] ret_from_fork_asm+0x1a/0x30 [ 23.125915] </TASK> [ 23.125932] [ 23.140625] Allocated by task 270: [ 23.141001] kasan_save_stack+0x45/0x70 [ 23.141481] kasan_save_track+0x18/0x40 [ 23.142280] kasan_save_alloc_info+0x3b/0x50 [ 23.142927] __kasan_kmalloc+0xb7/0xc0 [ 23.143454] __kmalloc_cache_noprof+0x168/0x350 [ 23.143864] kasan_atomics+0x96/0x310 [ 23.144297] kunit_try_run_case+0x1a6/0x480 [ 23.144637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.145416] kthread+0x257/0x310 [ 23.145818] ret_from_fork+0x41/0x80 [ 23.146338] ret_from_fork_asm+0x1a/0x30 [ 23.146891] [ 23.147167] The buggy address belongs to the object at ffff888102314e80 [ 23.147167] which belongs to the cache kmalloc-64 of size 64 [ 23.148310] The buggy address is located 0 bytes to the right of [ 23.148310] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.149369] [ 23.149561] The buggy address belongs to the physical page: [ 23.150006] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.150801] flags: 0x200000000000000(node=0|zone=2) [ 23.151394] page_type: f5(slab) [ 23.151915] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.152683] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.153522] page dumped because: kasan: bad access detected [ 23.154091] [ 23.154308] Memory state around the buggy address: [ 23.154647] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.155155] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.155875] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.156755] ^ [ 23.157684] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.158458] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.158896] ================================================================== [ 23.247152] ================================================================== [ 23.248723] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 23.249514] Read of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.250136] [ 23.250453] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.250580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.250625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.250707] Call Trace: [ 23.250788] <TASK> [ 23.250875] dump_stack_lvl+0x73/0xb0 [ 23.250926] print_report+0xd1/0x640 [ 23.250963] ? __virt_addr_valid+0x1db/0x2d0 [ 23.251045] ? kasan_atomics_helper+0x49ea/0x5450 [ 23.251123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.251206] ? kasan_atomics_helper+0x49ea/0x5450 [ 23.251323] kasan_report+0x140/0x180 [ 23.251449] ? kasan_atomics_helper+0x49ea/0x5450 [ 23.251583] __asan_report_load4_noabort+0x18/0x20 [ 23.251659] kasan_atomics_helper+0x49ea/0x5450 [ 23.251717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.251757] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.251791] ? trace_hardirqs_on+0x37/0xe0 [ 23.251870] kasan_atomics+0x1dd/0x310 [ 23.251909] ? __pfx_kasan_atomics+0x10/0x10 [ 23.251941] ? __pfx_read_tsc+0x10/0x10 [ 23.251970] ? ktime_get_ts64+0x84/0x230 [ 23.252006] kunit_try_run_case+0x1a6/0x480 [ 23.252041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.252071] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.252101] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.252139] ? __kthread_parkme+0x82/0x160 [ 23.252168] ? preempt_count_sub+0x50/0x80 [ 23.252202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.252260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.252303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.252343] kthread+0x257/0x310 [ 23.252370] ? __pfx_kthread+0x10/0x10 [ 23.252397] ret_from_fork+0x41/0x80 [ 23.252427] ? __pfx_kthread+0x10/0x10 [ 23.252454] ret_from_fork_asm+0x1a/0x30 [ 23.252499] </TASK> [ 23.252514] [ 23.270636] Allocated by task 270: [ 23.271296] kasan_save_stack+0x45/0x70 [ 23.271687] kasan_save_track+0x18/0x40 [ 23.272485] kasan_save_alloc_info+0x3b/0x50 [ 23.273140] __kasan_kmalloc+0xb7/0xc0 [ 23.273687] __kmalloc_cache_noprof+0x168/0x350 [ 23.274246] kasan_atomics+0x96/0x310 [ 23.274709] kunit_try_run_case+0x1a6/0x480 [ 23.275321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.275858] kthread+0x257/0x310 [ 23.276338] ret_from_fork+0x41/0x80 [ 23.276682] ret_from_fork_asm+0x1a/0x30 [ 23.277110] [ 23.277593] The buggy address belongs to the object at ffff888102314e80 [ 23.277593] which belongs to the cache kmalloc-64 of size 64 [ 23.279119] The buggy address is located 0 bytes to the right of [ 23.279119] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.280654] [ 23.280843] The buggy address belongs to the physical page: [ 23.281451] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.282615] flags: 0x200000000000000(node=0|zone=2) [ 23.282922] page_type: f5(slab) [ 23.283470] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.284559] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.285119] page dumped because: kasan: bad access detected [ 23.285753] [ 23.286201] Memory state around the buggy address: [ 23.286729] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.288018] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.288521] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.289438] ^ [ 23.289756] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.290733] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.291302] ================================================================== [ 23.544666] ================================================================== [ 23.545278] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 23.545962] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.546689] [ 23.546952] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.547098] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.547172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.547272] Call Trace: [ 23.547335] <TASK> [ 23.547387] dump_stack_lvl+0x73/0xb0 [ 23.547518] print_report+0xd1/0x640 [ 23.547602] ? __virt_addr_valid+0x1db/0x2d0 [ 23.547642] ? kasan_atomics_helper+0x151e/0x5450 [ 23.547679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.547713] ? kasan_atomics_helper+0x151e/0x5450 [ 23.547773] kasan_report+0x140/0x180 [ 23.547839] ? kasan_atomics_helper+0x151e/0x5450 [ 23.547941] kasan_check_range+0x10c/0x1c0 [ 23.548016] __kasan_check_write+0x18/0x20 [ 23.548111] kasan_atomics_helper+0x151e/0x5450 [ 23.548246] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.548336] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.548414] ? trace_hardirqs_on+0x37/0xe0 [ 23.548504] kasan_atomics+0x1dd/0x310 [ 23.548576] ? __pfx_kasan_atomics+0x10/0x10 [ 23.548646] ? __pfx_read_tsc+0x10/0x10 [ 23.548717] ? ktime_get_ts64+0x84/0x230 [ 23.548798] kunit_try_run_case+0x1a6/0x480 [ 23.548884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.548957] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.549052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.549163] ? __kthread_parkme+0x82/0x160 [ 23.549254] ? preempt_count_sub+0x50/0x80 [ 23.549337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.549407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.549490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.549574] kthread+0x257/0x310 [ 23.549643] ? __pfx_kthread+0x10/0x10 [ 23.549711] ret_from_fork+0x41/0x80 [ 23.549778] ? __pfx_kthread+0x10/0x10 [ 23.549808] ret_from_fork_asm+0x1a/0x30 [ 23.549888] </TASK> [ 23.549904] [ 23.565095] Allocated by task 270: [ 23.565723] kasan_save_stack+0x45/0x70 [ 23.566262] kasan_save_track+0x18/0x40 [ 23.566726] kasan_save_alloc_info+0x3b/0x50 [ 23.567350] __kasan_kmalloc+0xb7/0xc0 [ 23.567668] __kmalloc_cache_noprof+0x168/0x350 [ 23.568135] kasan_atomics+0x96/0x310 [ 23.568595] kunit_try_run_case+0x1a6/0x480 [ 23.569109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.569659] kthread+0x257/0x310 [ 23.570220] ret_from_fork+0x41/0x80 [ 23.570644] ret_from_fork_asm+0x1a/0x30 [ 23.571142] [ 23.571440] The buggy address belongs to the object at ffff888102314e80 [ 23.571440] which belongs to the cache kmalloc-64 of size 64 [ 23.572417] The buggy address is located 0 bytes to the right of [ 23.572417] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.573565] [ 23.573845] The buggy address belongs to the physical page: [ 23.574380] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.575050] flags: 0x200000000000000(node=0|zone=2) [ 23.575561] page_type: f5(slab) [ 23.575966] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.576542] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.577176] page dumped because: kasan: bad access detected [ 23.577706] [ 23.577985] Memory state around the buggy address: [ 23.578494] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.579163] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.579839] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.580405] ^ [ 23.580886] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.581638] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.582413] ================================================================== [ 23.921834] ================================================================== [ 23.922536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 23.923246] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.924598] [ 23.924856] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.925033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.925069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.925118] Call Trace: [ 23.925168] <TASK> [ 23.925219] dump_stack_lvl+0x73/0xb0 [ 23.925382] print_report+0xd1/0x640 [ 23.925521] ? __virt_addr_valid+0x1db/0x2d0 [ 23.925663] ? kasan_atomics_helper+0x1a80/0x5450 [ 23.925751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.925884] ? kasan_atomics_helper+0x1a80/0x5450 [ 23.925974] kasan_report+0x140/0x180 [ 23.926062] ? kasan_atomics_helper+0x1a80/0x5450 [ 23.926157] kasan_check_range+0x10c/0x1c0 [ 23.926248] __kasan_check_write+0x18/0x20 [ 23.926327] kasan_atomics_helper+0x1a80/0x5450 [ 23.926413] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.926496] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.926571] ? trace_hardirqs_on+0x37/0xe0 [ 23.926659] kasan_atomics+0x1dd/0x310 [ 23.926735] ? __pfx_kasan_atomics+0x10/0x10 [ 23.926876] ? __pfx_read_tsc+0x10/0x10 [ 23.926955] ? ktime_get_ts64+0x84/0x230 [ 23.927101] kunit_try_run_case+0x1a6/0x480 [ 23.927193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.927294] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.927370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.927507] ? __kthread_parkme+0x82/0x160 [ 23.927589] ? preempt_count_sub+0x50/0x80 [ 23.927673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.927747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.927831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.927978] kthread+0x257/0x310 [ 23.928052] ? __pfx_kthread+0x10/0x10 [ 23.928179] ret_from_fork+0x41/0x80 [ 23.928273] ? __pfx_kthread+0x10/0x10 [ 23.928345] ret_from_fork_asm+0x1a/0x30 [ 23.928396] </TASK> [ 23.928413] [ 23.947894] Allocated by task 270: [ 23.948390] kasan_save_stack+0x45/0x70 [ 23.949070] kasan_save_track+0x18/0x40 [ 23.949425] kasan_save_alloc_info+0x3b/0x50 [ 23.949764] __kasan_kmalloc+0xb7/0xc0 [ 23.950745] __kmalloc_cache_noprof+0x168/0x350 [ 23.951321] kasan_atomics+0x96/0x310 [ 23.951700] kunit_try_run_case+0x1a6/0x480 [ 23.952468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.952835] kthread+0x257/0x310 [ 23.953461] ret_from_fork+0x41/0x80 [ 23.953852] ret_from_fork_asm+0x1a/0x30 [ 23.954341] [ 23.954531] The buggy address belongs to the object at ffff888102314e80 [ 23.954531] which belongs to the cache kmalloc-64 of size 64 [ 23.956519] The buggy address is located 0 bytes to the right of [ 23.956519] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.957779] [ 23.958005] The buggy address belongs to the physical page: [ 23.958465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.959625] flags: 0x200000000000000(node=0|zone=2) [ 23.960088] page_type: f5(slab) [ 23.960483] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.961419] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.962172] page dumped because: kasan: bad access detected [ 23.962790] [ 23.963220] Memory state around the buggy address: [ 23.963960] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.964478] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.965183] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.965777] ^ [ 23.966465] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.967205] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.967984] ================================================================== [ 23.505695] ================================================================== [ 23.506867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 23.507836] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.509142] [ 23.509466] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.509591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.509631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.509694] Call Trace: [ 23.509774] <TASK> [ 23.509851] dump_stack_lvl+0x73/0xb0 [ 23.509958] print_report+0xd1/0x640 [ 23.510001] ? __virt_addr_valid+0x1db/0x2d0 [ 23.510039] ? kasan_atomics_helper+0x50d6/0x5450 [ 23.510073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.510107] ? kasan_atomics_helper+0x50d6/0x5450 [ 23.510142] kasan_report+0x140/0x180 [ 23.510177] ? kasan_atomics_helper+0x50d6/0x5450 [ 23.510219] __asan_report_store8_noabort+0x1b/0x30 [ 23.510282] kasan_atomics_helper+0x50d6/0x5450 [ 23.510322] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.510360] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.510392] ? trace_hardirqs_on+0x37/0xe0 [ 23.510433] kasan_atomics+0x1dd/0x310 [ 23.510464] ? __pfx_kasan_atomics+0x10/0x10 [ 23.510496] ? __pfx_read_tsc+0x10/0x10 [ 23.510525] ? ktime_get_ts64+0x84/0x230 [ 23.510560] kunit_try_run_case+0x1a6/0x480 [ 23.510594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.510624] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.510654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.510691] ? __kthread_parkme+0x82/0x160 [ 23.510720] ? preempt_count_sub+0x50/0x80 [ 23.510752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.510781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.510827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.510898] kthread+0x257/0x310 [ 23.510927] ? __pfx_kthread+0x10/0x10 [ 23.510955] ret_from_fork+0x41/0x80 [ 23.510985] ? __pfx_kthread+0x10/0x10 [ 23.511012] ret_from_fork_asm+0x1a/0x30 [ 23.511056] </TASK> [ 23.511071] [ 23.525645] Allocated by task 270: [ 23.526211] kasan_save_stack+0x45/0x70 [ 23.526681] kasan_save_track+0x18/0x40 [ 23.527814] kasan_save_alloc_info+0x3b/0x50 [ 23.528249] __kasan_kmalloc+0xb7/0xc0 [ 23.528649] __kmalloc_cache_noprof+0x168/0x350 [ 23.529097] kasan_atomics+0x96/0x310 [ 23.529681] kunit_try_run_case+0x1a6/0x480 [ 23.530284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.530782] kthread+0x257/0x310 [ 23.531144] ret_from_fork+0x41/0x80 [ 23.531583] ret_from_fork_asm+0x1a/0x30 [ 23.532098] [ 23.532351] The buggy address belongs to the object at ffff888102314e80 [ 23.532351] which belongs to the cache kmalloc-64 of size 64 [ 23.533258] The buggy address is located 0 bytes to the right of [ 23.533258] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.534464] [ 23.534693] The buggy address belongs to the physical page: [ 23.535202] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.535947] flags: 0x200000000000000(node=0|zone=2) [ 23.536434] page_type: f5(slab) [ 23.536873] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.537501] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.538177] page dumped because: kasan: bad access detected [ 23.538704] [ 23.538958] Memory state around the buggy address: [ 23.539497] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.540247] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.540850] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.541415] ^ [ 23.541908] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.542612] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.543307] ================================================================== [ 23.623887] ================================================================== [ 23.624477] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 23.625529] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 23.626167] [ 23.626398] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 23.626507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.626545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.626600] Call Trace: [ 23.626644] <TASK> [ 23.626685] dump_stack_lvl+0x73/0xb0 [ 23.626757] print_report+0xd1/0x640 [ 23.626833] ? __virt_addr_valid+0x1db/0x2d0 [ 23.626907] ? kasan_atomics_helper+0x1650/0x5450 [ 23.626976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.627053] ? kasan_atomics_helper+0x1650/0x5450 [ 23.627134] kasan_report+0x140/0x180 [ 23.627203] ? kasan_atomics_helper+0x1650/0x5450 [ 23.627326] kasan_check_range+0x10c/0x1c0 [ 23.627456] __kasan_check_write+0x18/0x20 [ 23.627610] kasan_atomics_helper+0x1650/0x5450 [ 23.627729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.627813] ? __kmalloc_cache_noprof+0x168/0x350 [ 23.627964] ? trace_hardirqs_on+0x37/0xe0 [ 23.628060] kasan_atomics+0x1dd/0x310 [ 23.628132] ? __pfx_kasan_atomics+0x10/0x10 [ 23.628208] ? __pfx_read_tsc+0x10/0x10 [ 23.628296] ? ktime_get_ts64+0x84/0x230 [ 23.628380] kunit_try_run_case+0x1a6/0x480 [ 23.628425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.628457] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.628488] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.628532] ? __kthread_parkme+0x82/0x160 [ 23.628601] ? preempt_count_sub+0x50/0x80 [ 23.628738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.628848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.628942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.629082] kthread+0x257/0x310 [ 23.629189] ? __pfx_kthread+0x10/0x10 [ 23.629282] ret_from_fork+0x41/0x80 [ 23.629326] ? __pfx_kthread+0x10/0x10 [ 23.629356] ret_from_fork_asm+0x1a/0x30 [ 23.629403] </TASK> [ 23.629418] [ 23.647658] Allocated by task 270: [ 23.648618] kasan_save_stack+0x45/0x70 [ 23.649402] kasan_save_track+0x18/0x40 [ 23.650160] kasan_save_alloc_info+0x3b/0x50 [ 23.650600] __kasan_kmalloc+0xb7/0xc0 [ 23.650926] __kmalloc_cache_noprof+0x168/0x350 [ 23.651442] kasan_atomics+0x96/0x310 [ 23.651825] kunit_try_run_case+0x1a6/0x480 [ 23.652270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.652715] kthread+0x257/0x310 [ 23.653123] ret_from_fork+0x41/0x80 [ 23.653550] ret_from_fork_asm+0x1a/0x30 [ 23.653983] [ 23.654214] The buggy address belongs to the object at ffff888102314e80 [ 23.654214] which belongs to the cache kmalloc-64 of size 64 [ 23.655022] The buggy address is located 0 bytes to the right of [ 23.655022] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 23.656043] [ 23.656354] The buggy address belongs to the physical page: [ 23.656831] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 23.657738] flags: 0x200000000000000(node=0|zone=2) [ 23.658472] page_type: f5(slab) [ 23.658735] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.659971] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 23.660778] page dumped because: kasan: bad access detected [ 23.661520] [ 23.661750] Memory state around the buggy address: [ 23.662176] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.662977] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.663515] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.664441] ^ [ 23.665266] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.666256] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.666907] ================================================================== [ 24.475821] ================================================================== [ 24.476806] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 24.477575] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.478824] [ 24.479281] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.479415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.479436] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.479486] Call Trace: [ 24.479518] <TASK> [ 24.479568] dump_stack_lvl+0x73/0xb0 [ 24.479614] print_report+0xd1/0x640 [ 24.479650] ? __virt_addr_valid+0x1db/0x2d0 [ 24.479686] ? kasan_atomics_helper+0x4fb4/0x5450 [ 24.479719] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.479753] ? kasan_atomics_helper+0x4fb4/0x5450 [ 24.479788] kasan_report+0x140/0x180 [ 24.479831] ? kasan_atomics_helper+0x4fb4/0x5450 [ 24.479962] __asan_report_load8_noabort+0x18/0x20 [ 24.480033] kasan_atomics_helper+0x4fb4/0x5450 [ 24.480073] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.480111] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.480143] ? trace_hardirqs_on+0x37/0xe0 [ 24.480182] kasan_atomics+0x1dd/0x310 [ 24.480210] ? __pfx_kasan_atomics+0x10/0x10 [ 24.480267] ? __pfx_read_tsc+0x10/0x10 [ 24.480299] ? ktime_get_ts64+0x84/0x230 [ 24.480337] kunit_try_run_case+0x1a6/0x480 [ 24.480370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.480400] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.480431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.480468] ? __kthread_parkme+0x82/0x160 [ 24.480498] ? preempt_count_sub+0x50/0x80 [ 24.480532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.480564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.480602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.480640] kthread+0x257/0x310 [ 24.480666] ? __pfx_kthread+0x10/0x10 [ 24.480692] ret_from_fork+0x41/0x80 [ 24.480723] ? __pfx_kthread+0x10/0x10 [ 24.480748] ret_from_fork_asm+0x1a/0x30 [ 24.480791] </TASK> [ 24.480806] [ 24.496738] Allocated by task 270: [ 24.497270] kasan_save_stack+0x45/0x70 [ 24.498150] kasan_save_track+0x18/0x40 [ 24.498852] kasan_save_alloc_info+0x3b/0x50 [ 24.499454] __kasan_kmalloc+0xb7/0xc0 [ 24.499755] __kmalloc_cache_noprof+0x168/0x350 [ 24.500636] kasan_atomics+0x96/0x310 [ 24.501043] kunit_try_run_case+0x1a6/0x480 [ 24.501550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.502101] kthread+0x257/0x310 [ 24.502530] ret_from_fork+0x41/0x80 [ 24.502959] ret_from_fork_asm+0x1a/0x30 [ 24.503379] [ 24.503613] The buggy address belongs to the object at ffff888102314e80 [ 24.503613] which belongs to the cache kmalloc-64 of size 64 [ 24.504633] The buggy address is located 0 bytes to the right of [ 24.504633] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.505641] [ 24.505980] The buggy address belongs to the physical page: [ 24.506401] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.507171] flags: 0x200000000000000(node=0|zone=2) [ 24.507716] page_type: f5(slab) [ 24.508109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.508769] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.509378] page dumped because: kasan: bad access detected [ 24.509995] [ 24.510250] Memory state around the buggy address: [ 24.510654] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.511374] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.511964] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.512622] ^ [ 24.513088] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.513678] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.514310] ================================================================== [ 24.430886] ================================================================== [ 24.431427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 24.433327] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.433934] [ 24.434529] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.434651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.434995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.435041] Call Trace: [ 24.435069] <TASK> [ 24.435092] dump_stack_lvl+0x73/0xb0 [ 24.435133] print_report+0xd1/0x640 [ 24.435167] ? __virt_addr_valid+0x1db/0x2d0 [ 24.435203] ? kasan_atomics_helper+0x20c9/0x5450 [ 24.435273] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.435311] ? kasan_atomics_helper+0x20c9/0x5450 [ 24.435346] kasan_report+0x140/0x180 [ 24.435381] ? kasan_atomics_helper+0x20c9/0x5450 [ 24.435423] kasan_check_range+0x10c/0x1c0 [ 24.435454] __kasan_check_write+0x18/0x20 [ 24.435486] kasan_atomics_helper+0x20c9/0x5450 [ 24.435524] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.435563] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.435594] ? trace_hardirqs_on+0x37/0xe0 [ 24.435633] kasan_atomics+0x1dd/0x310 [ 24.435663] ? __pfx_kasan_atomics+0x10/0x10 [ 24.435694] ? __pfx_read_tsc+0x10/0x10 [ 24.435722] ? ktime_get_ts64+0x84/0x230 [ 24.435758] kunit_try_run_case+0x1a6/0x480 [ 24.435791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.435827] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.435897] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.435937] ? __kthread_parkme+0x82/0x160 [ 24.435968] ? preempt_count_sub+0x50/0x80 [ 24.436000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.436029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.436067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.436105] kthread+0x257/0x310 [ 24.436133] ? __pfx_kthread+0x10/0x10 [ 24.436160] ret_from_fork+0x41/0x80 [ 24.436190] ? __pfx_kthread+0x10/0x10 [ 24.436215] ret_from_fork_asm+0x1a/0x30 [ 24.436284] </TASK> [ 24.436299] [ 24.453996] Allocated by task 270: [ 24.454303] kasan_save_stack+0x45/0x70 [ 24.454631] kasan_save_track+0x18/0x40 [ 24.456277] kasan_save_alloc_info+0x3b/0x50 [ 24.456582] __kasan_kmalloc+0xb7/0xc0 [ 24.457354] __kmalloc_cache_noprof+0x168/0x350 [ 24.458033] kasan_atomics+0x96/0x310 [ 24.458463] kunit_try_run_case+0x1a6/0x480 [ 24.458821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.459357] kthread+0x257/0x310 [ 24.459673] ret_from_fork+0x41/0x80 [ 24.460683] ret_from_fork_asm+0x1a/0x30 [ 24.461127] [ 24.461593] The buggy address belongs to the object at ffff888102314e80 [ 24.461593] which belongs to the cache kmalloc-64 of size 64 [ 24.462925] The buggy address is located 0 bytes to the right of [ 24.462925] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.464394] [ 24.464556] The buggy address belongs to the physical page: [ 24.465299] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.466187] flags: 0x200000000000000(node=0|zone=2) [ 24.466597] page_type: f5(slab) [ 24.466994] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.467839] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.468652] page dumped because: kasan: bad access detected [ 24.469397] [ 24.469766] Memory state around the buggy address: [ 24.470191] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.471006] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.471746] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.472444] ^ [ 24.473094] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.473599] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.474481] ================================================================== [ 22.452494] ================================================================== [ 22.453143] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 22.453898] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.454337] [ 22.454595] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.454715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.454755] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.454864] Call Trace: [ 22.454996] <TASK> [ 22.455054] dump_stack_lvl+0x73/0xb0 [ 22.455136] print_report+0xd1/0x640 [ 22.455217] ? __virt_addr_valid+0x1db/0x2d0 [ 22.455336] ? kasan_atomics_helper+0x861/0x5450 [ 22.455416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.455482] ? kasan_atomics_helper+0x861/0x5450 [ 22.455520] kasan_report+0x140/0x180 [ 22.455557] ? kasan_atomics_helper+0x861/0x5450 [ 22.455598] kasan_check_range+0x10c/0x1c0 [ 22.455629] __kasan_check_write+0x18/0x20 [ 22.455660] kasan_atomics_helper+0x861/0x5450 [ 22.455693] ? kasan_save_alloc_info+0x3b/0x50 [ 22.455727] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.455765] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.455797] ? trace_hardirqs_on+0x37/0xe0 [ 22.455865] kasan_atomics+0x1dd/0x310 [ 22.455900] ? __pfx_kasan_atomics+0x10/0x10 [ 22.455932] ? __pfx_read_tsc+0x10/0x10 [ 22.455959] ? ktime_get_ts64+0x84/0x230 [ 22.455996] kunit_try_run_case+0x1a6/0x480 [ 22.456031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.456059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.456089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.456127] ? __kthread_parkme+0x82/0x160 [ 22.456154] ? preempt_count_sub+0x50/0x80 [ 22.456187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.456216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.456285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.456325] kthread+0x257/0x310 [ 22.456353] ? __pfx_kthread+0x10/0x10 [ 22.456382] ret_from_fork+0x41/0x80 [ 22.456412] ? __pfx_kthread+0x10/0x10 [ 22.456440] ret_from_fork_asm+0x1a/0x30 [ 22.456483] </TASK> [ 22.456500] [ 22.473289] Allocated by task 270: [ 22.473773] kasan_save_stack+0x45/0x70 [ 22.474395] kasan_save_track+0x18/0x40 [ 22.474886] kasan_save_alloc_info+0x3b/0x50 [ 22.475415] __kasan_kmalloc+0xb7/0xc0 [ 22.476030] __kmalloc_cache_noprof+0x168/0x350 [ 22.476502] kasan_atomics+0x96/0x310 [ 22.477025] kunit_try_run_case+0x1a6/0x480 [ 22.477503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.478130] kthread+0x257/0x310 [ 22.478563] ret_from_fork+0x41/0x80 [ 22.479053] ret_from_fork_asm+0x1a/0x30 [ 22.479438] [ 22.479625] The buggy address belongs to the object at ffff888102314e80 [ 22.479625] which belongs to the cache kmalloc-64 of size 64 [ 22.480720] The buggy address is located 0 bytes to the right of [ 22.480720] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.481622] [ 22.481952] The buggy address belongs to the physical page: [ 22.482580] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.483387] flags: 0x200000000000000(node=0|zone=2) [ 22.483806] page_type: f5(slab) [ 22.484334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.485068] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.485771] page dumped because: kasan: bad access detected [ 22.486415] [ 22.486631] Memory state around the buggy address: [ 22.487215] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.487895] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.488524] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.489284] ^ [ 22.489771] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.490449] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.491216] ================================================================== [ 22.277025] ================================================================== [ 22.278150] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 22.278808] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.279578] [ 22.279779] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.279865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.279886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.279920] Call Trace: [ 22.279947] <TASK> [ 22.279970] dump_stack_lvl+0x73/0xb0 [ 22.280012] print_report+0xd1/0x640 [ 22.280048] ? __virt_addr_valid+0x1db/0x2d0 [ 22.280083] ? kasan_atomics_helper+0x5ff/0x5450 [ 22.280117] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.280150] ? kasan_atomics_helper+0x5ff/0x5450 [ 22.280185] kasan_report+0x140/0x180 [ 22.280239] ? kasan_atomics_helper+0x5ff/0x5450 [ 22.280334] kasan_check_range+0x10c/0x1c0 [ 22.280411] __kasan_check_write+0x18/0x20 [ 22.280491] kasan_atomics_helper+0x5ff/0x5450 [ 22.280570] ? kasan_save_alloc_info+0x3b/0x50 [ 22.280649] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.280734] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.280811] ? trace_hardirqs_on+0x37/0xe0 [ 22.280911] kasan_atomics+0x1dd/0x310 [ 22.280989] ? __pfx_kasan_atomics+0x10/0x10 [ 22.281133] ? __pfx_read_tsc+0x10/0x10 [ 22.281205] ? ktime_get_ts64+0x84/0x230 [ 22.281311] kunit_try_run_case+0x1a6/0x480 [ 22.281396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.281469] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.281524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.281565] ? __kthread_parkme+0x82/0x160 [ 22.281595] ? preempt_count_sub+0x50/0x80 [ 22.281626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.281656] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.281694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.281733] kthread+0x257/0x310 [ 22.281760] ? __pfx_kthread+0x10/0x10 [ 22.281788] ret_from_fork+0x41/0x80 [ 22.281830] ? __pfx_kthread+0x10/0x10 [ 22.281889] ret_from_fork_asm+0x1a/0x30 [ 22.281932] </TASK> [ 22.281948] [ 22.301172] Allocated by task 270: [ 22.301762] kasan_save_stack+0x45/0x70 [ 22.302167] kasan_save_track+0x18/0x40 [ 22.302902] kasan_save_alloc_info+0x3b/0x50 [ 22.303514] __kasan_kmalloc+0xb7/0xc0 [ 22.304057] __kmalloc_cache_noprof+0x168/0x350 [ 22.304493] kasan_atomics+0x96/0x310 [ 22.304841] kunit_try_run_case+0x1a6/0x480 [ 22.305638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.306364] kthread+0x257/0x310 [ 22.306886] ret_from_fork+0x41/0x80 [ 22.307275] ret_from_fork_asm+0x1a/0x30 [ 22.307927] [ 22.308164] The buggy address belongs to the object at ffff888102314e80 [ 22.308164] which belongs to the cache kmalloc-64 of size 64 [ 22.309371] The buggy address is located 0 bytes to the right of [ 22.309371] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.310709] [ 22.310978] The buggy address belongs to the physical page: [ 22.311464] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.312349] flags: 0x200000000000000(node=0|zone=2) [ 22.312941] page_type: f5(slab) [ 22.313560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.314269] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.315140] page dumped because: kasan: bad access detected [ 22.315807] [ 22.316130] Memory state around the buggy address: [ 22.316806] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.317398] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.318268] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.319038] ^ [ 22.319670] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.320394] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.320973] ================================================================== [ 24.062342] ================================================================== [ 24.062786] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 24.064696] Read of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.065527] [ 24.065789] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.065971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.066029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.066092] Call Trace: [ 24.066147] <TASK> [ 24.066197] dump_stack_lvl+0x73/0xb0 [ 24.066288] print_report+0xd1/0x640 [ 24.066324] ? __virt_addr_valid+0x1db/0x2d0 [ 24.066362] ? kasan_atomics_helper+0x4f32/0x5450 [ 24.066397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.066430] ? kasan_atomics_helper+0x4f32/0x5450 [ 24.066465] kasan_report+0x140/0x180 [ 24.066501] ? kasan_atomics_helper+0x4f32/0x5450 [ 24.066544] __asan_report_load8_noabort+0x18/0x20 [ 24.066576] kasan_atomics_helper+0x4f32/0x5450 [ 24.066612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.066649] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.066680] ? trace_hardirqs_on+0x37/0xe0 [ 24.066719] kasan_atomics+0x1dd/0x310 [ 24.066748] ? __pfx_kasan_atomics+0x10/0x10 [ 24.066778] ? __pfx_read_tsc+0x10/0x10 [ 24.066806] ? ktime_get_ts64+0x84/0x230 [ 24.066889] kunit_try_run_case+0x1a6/0x480 [ 24.066926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.066956] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.066986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.067022] ? __kthread_parkme+0x82/0x160 [ 24.067048] ? preempt_count_sub+0x50/0x80 [ 24.067082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.067111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.067149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.067186] kthread+0x257/0x310 [ 24.067212] ? __pfx_kthread+0x10/0x10 [ 24.067277] ret_from_fork+0x41/0x80 [ 24.067311] ? __pfx_kthread+0x10/0x10 [ 24.067337] ret_from_fork_asm+0x1a/0x30 [ 24.067379] </TASK> [ 24.067394] [ 24.084494] Allocated by task 270: [ 24.084875] kasan_save_stack+0x45/0x70 [ 24.085307] kasan_save_track+0x18/0x40 [ 24.085697] kasan_save_alloc_info+0x3b/0x50 [ 24.086132] __kasan_kmalloc+0xb7/0xc0 [ 24.086668] __kmalloc_cache_noprof+0x168/0x350 [ 24.087018] kasan_atomics+0x96/0x310 [ 24.087784] kunit_try_run_case+0x1a6/0x480 [ 24.088376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.088940] kthread+0x257/0x310 [ 24.089521] ret_from_fork+0x41/0x80 [ 24.089917] ret_from_fork_asm+0x1a/0x30 [ 24.090377] [ 24.090605] The buggy address belongs to the object at ffff888102314e80 [ 24.090605] which belongs to the cache kmalloc-64 of size 64 [ 24.091719] The buggy address is located 0 bytes to the right of [ 24.091719] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.092832] [ 24.093462] The buggy address belongs to the physical page: [ 24.094277] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.095304] flags: 0x200000000000000(node=0|zone=2) [ 24.095731] page_type: f5(slab) [ 24.096541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.097242] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.097847] page dumped because: kasan: bad access detected [ 24.098577] [ 24.098753] Memory state around the buggy address: [ 24.099697] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.100352] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.100979] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.101827] ^ [ 24.102659] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.103567] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.104477] ================================================================== [ 22.022119] ================================================================== [ 22.022770] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 22.023575] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.024079] [ 22.024852] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.024951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.024987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.025047] Call Trace: [ 22.025268] <TASK> [ 22.025310] dump_stack_lvl+0x73/0xb0 [ 22.025354] print_report+0xd1/0x640 [ 22.025390] ? __virt_addr_valid+0x1db/0x2d0 [ 22.025425] ? kasan_atomics_helper+0x4b70/0x5450 [ 22.025461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.025495] ? kasan_atomics_helper+0x4b70/0x5450 [ 22.025529] kasan_report+0x140/0x180 [ 22.025563] ? kasan_atomics_helper+0x4b70/0x5450 [ 22.025602] __asan_report_store4_noabort+0x1b/0x30 [ 22.025634] kasan_atomics_helper+0x4b70/0x5450 [ 22.025667] ? kasan_save_alloc_info+0x3b/0x50 [ 22.025696] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.025731] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.025761] ? trace_hardirqs_on+0x37/0xe0 [ 22.025800] kasan_atomics+0x1dd/0x310 [ 22.025852] ? __pfx_kasan_atomics+0x10/0x10 [ 22.025892] ? __pfx_read_tsc+0x10/0x10 [ 22.025919] ? ktime_get_ts64+0x84/0x230 [ 22.025955] kunit_try_run_case+0x1a6/0x480 [ 22.025989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.026018] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.026048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.026085] ? __kthread_parkme+0x82/0x160 [ 22.026112] ? preempt_count_sub+0x50/0x80 [ 22.026144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.026172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.026208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.026271] kthread+0x257/0x310 [ 22.026298] ? __pfx_kthread+0x10/0x10 [ 22.026324] ret_from_fork+0x41/0x80 [ 22.026354] ? __pfx_kthread+0x10/0x10 [ 22.026380] ret_from_fork_asm+0x1a/0x30 [ 22.026422] </TASK> [ 22.026436] [ 22.045420] Allocated by task 270: [ 22.045783] kasan_save_stack+0x45/0x70 [ 22.046825] kasan_save_track+0x18/0x40 [ 22.047462] kasan_save_alloc_info+0x3b/0x50 [ 22.047765] __kasan_kmalloc+0xb7/0xc0 [ 22.048384] __kmalloc_cache_noprof+0x168/0x350 [ 22.048845] kasan_atomics+0x96/0x310 [ 22.049188] kunit_try_run_case+0x1a6/0x480 [ 22.049876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.050636] kthread+0x257/0x310 [ 22.051553] ret_from_fork+0x41/0x80 [ 22.051834] ret_from_fork_asm+0x1a/0x30 [ 22.052459] [ 22.052619] The buggy address belongs to the object at ffff888102314e80 [ 22.052619] which belongs to the cache kmalloc-64 of size 64 [ 22.054150] The buggy address is located 0 bytes to the right of [ 22.054150] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.055627] [ 22.056138] The buggy address belongs to the physical page: [ 22.056783] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.057469] flags: 0x200000000000000(node=0|zone=2) [ 22.057853] page_type: f5(slab) [ 22.058661] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.059247] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.060207] page dumped because: kasan: bad access detected [ 22.060798] [ 22.061058] Memory state around the buggy address: [ 22.061691] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.062440] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.063182] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.063918] ^ [ 22.064395] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.065135] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.065729] ================================================================== [ 24.017150] ================================================================== [ 24.018437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 24.019872] Write of size 8 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 24.021488] [ 24.021669] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 24.021770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.021800] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.021849] Call Trace: [ 24.021889] <TASK> [ 24.021930] dump_stack_lvl+0x73/0xb0 [ 24.021993] print_report+0xd1/0x640 [ 24.022054] ? __virt_addr_valid+0x1db/0x2d0 [ 24.022115] ? kasan_atomics_helper+0x1c19/0x5450 [ 24.022175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.022272] ? kasan_atomics_helper+0x1c19/0x5450 [ 24.022333] kasan_report+0x140/0x180 [ 24.022392] ? kasan_atomics_helper+0x1c19/0x5450 [ 24.022459] kasan_check_range+0x10c/0x1c0 [ 24.022511] __kasan_check_write+0x18/0x20 [ 24.022565] kasan_atomics_helper+0x1c19/0x5450 [ 24.022641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.022705] ? __kmalloc_cache_noprof+0x168/0x350 [ 24.022760] ? trace_hardirqs_on+0x37/0xe0 [ 24.022828] kasan_atomics+0x1dd/0x310 [ 24.022877] ? __pfx_kasan_atomics+0x10/0x10 [ 24.022932] ? __pfx_read_tsc+0x10/0x10 [ 24.022980] ? ktime_get_ts64+0x84/0x230 [ 24.023041] kunit_try_run_case+0x1a6/0x480 [ 24.023359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.023431] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 24.023547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.023628] ? __kthread_parkme+0x82/0x160 [ 24.023699] ? preempt_count_sub+0x50/0x80 [ 24.023782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.023856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.023933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.023975] kthread+0x257/0x310 [ 24.024004] ? __pfx_kthread+0x10/0x10 [ 24.024031] ret_from_fork+0x41/0x80 [ 24.024061] ? __pfx_kthread+0x10/0x10 [ 24.024087] ret_from_fork_asm+0x1a/0x30 [ 24.024130] </TASK> [ 24.024146] [ 24.044914] Allocated by task 270: [ 24.045354] kasan_save_stack+0x45/0x70 [ 24.045803] kasan_save_track+0x18/0x40 [ 24.046165] kasan_save_alloc_info+0x3b/0x50 [ 24.046639] __kasan_kmalloc+0xb7/0xc0 [ 24.047117] __kmalloc_cache_noprof+0x168/0x350 [ 24.047506] kasan_atomics+0x96/0x310 [ 24.047967] kunit_try_run_case+0x1a6/0x480 [ 24.048434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.048997] kthread+0x257/0x310 [ 24.049404] ret_from_fork+0x41/0x80 [ 24.049758] ret_from_fork_asm+0x1a/0x30 [ 24.050120] [ 24.050365] The buggy address belongs to the object at ffff888102314e80 [ 24.050365] which belongs to the cache kmalloc-64 of size 64 [ 24.051384] The buggy address is located 0 bytes to the right of [ 24.051384] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 24.052241] [ 24.052481] The buggy address belongs to the physical page: [ 24.053029] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 24.053710] flags: 0x200000000000000(node=0|zone=2) [ 24.054130] page_type: f5(slab) [ 24.054444] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.055155] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 24.055882] page dumped because: kasan: bad access detected [ 24.056336] [ 24.056565] Memory state around the buggy address: [ 24.057031] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.057588] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.058213] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.058762] ^ [ 24.059163] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.059802] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.060729] ================================================================== [ 22.361203] ================================================================== [ 22.362082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 22.362773] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.363384] [ 22.363683] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.363797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.363841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.363930] Call Trace: [ 22.363987] <TASK> [ 22.364038] dump_stack_lvl+0x73/0xb0 [ 22.364126] print_report+0xd1/0x640 [ 22.364204] ? __virt_addr_valid+0x1db/0x2d0 [ 22.364303] ? kasan_atomics_helper+0x730/0x5450 [ 22.364383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.364462] ? kasan_atomics_helper+0x730/0x5450 [ 22.364542] kasan_report+0x140/0x180 [ 22.364628] ? kasan_atomics_helper+0x730/0x5450 [ 22.364720] kasan_check_range+0x10c/0x1c0 [ 22.364798] __kasan_check_write+0x18/0x20 [ 22.364871] kasan_atomics_helper+0x730/0x5450 [ 22.364949] ? kasan_save_alloc_info+0x3b/0x50 [ 22.365067] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.365157] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.365253] ? trace_hardirqs_on+0x37/0xe0 [ 22.365348] kasan_atomics+0x1dd/0x310 [ 22.365421] ? __pfx_kasan_atomics+0x10/0x10 [ 22.365495] ? __pfx_read_tsc+0x10/0x10 [ 22.365558] ? ktime_get_ts64+0x84/0x230 [ 22.365638] kunit_try_run_case+0x1a6/0x480 [ 22.365717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.365786] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.365861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.365945] ? __kthread_parkme+0x82/0x160 [ 22.365989] ? preempt_count_sub+0x50/0x80 [ 22.366024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.366053] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.366091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.366129] kthread+0x257/0x310 [ 22.366157] ? __pfx_kthread+0x10/0x10 [ 22.366185] ret_from_fork+0x41/0x80 [ 22.366215] ? __pfx_kthread+0x10/0x10 [ 22.366272] ret_from_fork_asm+0x1a/0x30 [ 22.366314] </TASK> [ 22.366330] [ 22.380538] Allocated by task 270: [ 22.380934] kasan_save_stack+0x45/0x70 [ 22.381458] kasan_save_track+0x18/0x40 [ 22.381777] kasan_save_alloc_info+0x3b/0x50 [ 22.382551] __kasan_kmalloc+0xb7/0xc0 [ 22.383302] __kmalloc_cache_noprof+0x168/0x350 [ 22.384790] kasan_atomics+0x96/0x310 [ 22.386064] kunit_try_run_case+0x1a6/0x480 [ 22.387612] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.388363] kthread+0x257/0x310 [ 22.388516] ret_from_fork+0x41/0x80 [ 22.388674] ret_from_fork_asm+0x1a/0x30 [ 22.388905] [ 22.389297] The buggy address belongs to the object at ffff888102314e80 [ 22.389297] which belongs to the cache kmalloc-64 of size 64 [ 22.391438] The buggy address is located 0 bytes to the right of [ 22.391438] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.392660] [ 22.393543] The buggy address belongs to the physical page: [ 22.393944] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.394692] flags: 0x200000000000000(node=0|zone=2) [ 22.395611] page_type: f5(slab) [ 22.396124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.396830] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.397496] page dumped because: kasan: bad access detected [ 22.398313] [ 22.398503] Memory state around the buggy address: [ 22.398822] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.399610] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.400694] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.401514] ^ [ 22.401984] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.402803] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.403400] ================================================================== [ 22.878379] ================================================================== [ 22.878920] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 22.881644] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.882272] [ 22.882509] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.882631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.882672] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.882737] Call Trace: [ 22.882796] <TASK> [ 22.882857] dump_stack_lvl+0x73/0xb0 [ 22.882947] print_report+0xd1/0x640 [ 22.883032] ? __virt_addr_valid+0x1db/0x2d0 [ 22.883119] ? kasan_atomics_helper+0xe79/0x5450 [ 22.883200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.883319] ? kasan_atomics_helper+0xe79/0x5450 [ 22.883400] kasan_report+0x140/0x180 [ 22.883483] ? kasan_atomics_helper+0xe79/0x5450 [ 22.883581] kasan_check_range+0x10c/0x1c0 [ 22.883660] __kasan_check_write+0x18/0x20 [ 22.883750] kasan_atomics_helper+0xe79/0x5450 [ 22.883856] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.883944] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.884031] ? trace_hardirqs_on+0x37/0xe0 [ 22.884121] kasan_atomics+0x1dd/0x310 [ 22.884203] ? __pfx_kasan_atomics+0x10/0x10 [ 22.884275] ? __pfx_read_tsc+0x10/0x10 [ 22.884329] ? ktime_get_ts64+0x84/0x230 [ 22.884386] kunit_try_run_case+0x1a6/0x480 [ 22.884436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.884482] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.884529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.884592] ? __kthread_parkme+0x82/0x160 [ 22.884636] ? preempt_count_sub+0x50/0x80 [ 22.884688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.884732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.884796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.884858] kthread+0x257/0x310 [ 22.884902] ? __pfx_kthread+0x10/0x10 [ 22.884945] ret_from_fork+0x41/0x80 [ 22.884991] ? __pfx_kthread+0x10/0x10 [ 22.885032] ret_from_fork_asm+0x1a/0x30 [ 22.885098] </TASK> [ 22.885130] [ 22.898734] Allocated by task 270: [ 22.899070] kasan_save_stack+0x45/0x70 [ 22.899376] kasan_save_track+0x18/0x40 [ 22.899607] kasan_save_alloc_info+0x3b/0x50 [ 22.899855] __kasan_kmalloc+0xb7/0xc0 [ 22.900071] __kmalloc_cache_noprof+0x168/0x350 [ 22.901620] kasan_atomics+0x96/0x310 [ 22.901971] kunit_try_run_case+0x1a6/0x480 [ 22.902433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.902859] kthread+0x257/0x310 [ 22.903147] ret_from_fork+0x41/0x80 [ 22.903494] ret_from_fork_asm+0x1a/0x30 [ 22.903779] [ 22.904040] The buggy address belongs to the object at ffff888102314e80 [ 22.904040] which belongs to the cache kmalloc-64 of size 64 [ 22.905207] The buggy address is located 0 bytes to the right of [ 22.905207] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.906278] [ 22.906521] The buggy address belongs to the physical page: [ 22.907191] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.907867] flags: 0x200000000000000(node=0|zone=2) [ 22.909582] page_type: f5(slab) [ 22.910037] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.910677] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.911295] page dumped because: kasan: bad access detected [ 22.911657] [ 22.911863] Memory state around the buggy address: [ 22.912238] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.912593] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.912967] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.913669] ^ [ 22.914153] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.915015] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.915486] ================================================================== [ 22.918455] ================================================================== [ 22.919343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 22.920129] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.920898] [ 22.921078] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.921170] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.921197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.921259] Call Trace: [ 22.921302] <TASK> [ 22.921339] dump_stack_lvl+0x73/0xb0 [ 22.921399] print_report+0xd1/0x640 [ 22.921452] ? __virt_addr_valid+0x1db/0x2d0 [ 22.921505] ? kasan_atomics_helper+0xf11/0x5450 [ 22.921556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.921636] ? kasan_atomics_helper+0xf11/0x5450 [ 22.921714] kasan_report+0x140/0x180 [ 22.921792] ? kasan_atomics_helper+0xf11/0x5450 [ 22.921931] kasan_check_range+0x10c/0x1c0 [ 22.921996] __kasan_check_write+0x18/0x20 [ 22.922066] kasan_atomics_helper+0xf11/0x5450 [ 22.922154] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.922256] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.922339] ? trace_hardirqs_on+0x37/0xe0 [ 22.922436] kasan_atomics+0x1dd/0x310 [ 22.922511] ? __pfx_kasan_atomics+0x10/0x10 [ 22.922587] ? __pfx_read_tsc+0x10/0x10 [ 22.922657] ? ktime_get_ts64+0x84/0x230 [ 22.922738] kunit_try_run_case+0x1a6/0x480 [ 22.922801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.922866] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.922945] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.923030] ? __kthread_parkme+0x82/0x160 [ 22.923118] ? preempt_count_sub+0x50/0x80 [ 22.923207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.923314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.923407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.923496] kthread+0x257/0x310 [ 22.923574] ? __pfx_kthread+0x10/0x10 [ 22.923645] ret_from_fork+0x41/0x80 [ 22.923719] ? __pfx_kthread+0x10/0x10 [ 22.923788] ret_from_fork_asm+0x1a/0x30 [ 22.923889] </TASK> [ 22.923930] [ 22.938107] Allocated by task 270: [ 22.938537] kasan_save_stack+0x45/0x70 [ 22.939164] kasan_save_track+0x18/0x40 [ 22.939674] kasan_save_alloc_info+0x3b/0x50 [ 22.940300] __kasan_kmalloc+0xb7/0xc0 [ 22.940573] __kmalloc_cache_noprof+0x168/0x350 [ 22.940884] kasan_atomics+0x96/0x310 [ 22.942605] kunit_try_run_case+0x1a6/0x480 [ 22.943678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.944274] kthread+0x257/0x310 [ 22.945502] ret_from_fork+0x41/0x80 [ 22.946333] ret_from_fork_asm+0x1a/0x30 [ 22.946675] [ 22.946861] The buggy address belongs to the object at ffff888102314e80 [ 22.946861] which belongs to the cache kmalloc-64 of size 64 [ 22.947422] The buggy address is located 0 bytes to the right of [ 22.947422] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.947984] [ 22.949138] The buggy address belongs to the physical page: [ 22.949474] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.950091] flags: 0x200000000000000(node=0|zone=2) [ 22.950609] page_type: f5(slab) [ 22.951130] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.952130] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.953513] page dumped because: kasan: bad access detected [ 22.954838] [ 22.955136] Memory state around the buggy address: [ 22.955894] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.956625] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.957058] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.959815] ^ [ 22.960621] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.961164] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.962955] ================================================================== [ 22.617871] ================================================================== [ 22.619463] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 22.620266] Write of size 4 at addr ffff888102314eb0 by task kunit_try_catch/270 [ 22.620864] [ 22.621250] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 22.621326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.621344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.621378] Call Trace: [ 22.621403] <TASK> [ 22.621428] dump_stack_lvl+0x73/0xb0 [ 22.621470] print_report+0xd1/0x640 [ 22.621506] ? __virt_addr_valid+0x1db/0x2d0 [ 22.621544] ? kasan_atomics_helper+0xac8/0x5450 [ 22.621580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.621613] ? kasan_atomics_helper+0xac8/0x5450 [ 22.621648] kasan_report+0x140/0x180 [ 22.621682] ? kasan_atomics_helper+0xac8/0x5450 [ 22.621722] kasan_check_range+0x10c/0x1c0 [ 22.621752] __kasan_check_write+0x18/0x20 [ 22.621782] kasan_atomics_helper+0xac8/0x5450 [ 22.621823] ? kasan_save_alloc_info+0x3b/0x50 [ 22.621940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.622179] ? __kmalloc_cache_noprof+0x168/0x350 [ 22.622286] ? trace_hardirqs_on+0x37/0xe0 [ 22.622380] kasan_atomics+0x1dd/0x310 [ 22.622456] ? __pfx_kasan_atomics+0x10/0x10 [ 22.622533] ? __pfx_read_tsc+0x10/0x10 [ 22.622605] ? ktime_get_ts64+0x84/0x230 [ 22.622687] kunit_try_run_case+0x1a6/0x480 [ 22.622767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.622850] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.622896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.622936] ? __kthread_parkme+0x82/0x160 [ 22.622966] ? preempt_count_sub+0x50/0x80 [ 22.622999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.623028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.623066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.623105] kthread+0x257/0x310 [ 22.623131] ? __pfx_kthread+0x10/0x10 [ 22.623160] ret_from_fork+0x41/0x80 [ 22.623190] ? __pfx_kthread+0x10/0x10 [ 22.623217] ret_from_fork_asm+0x1a/0x30 [ 22.623301] </TASK> [ 22.623317] [ 22.642676] Allocated by task 270: [ 22.643631] kasan_save_stack+0x45/0x70 [ 22.644574] kasan_save_track+0x18/0x40 [ 22.644947] kasan_save_alloc_info+0x3b/0x50 [ 22.645518] __kasan_kmalloc+0xb7/0xc0 [ 22.646163] __kmalloc_cache_noprof+0x168/0x350 [ 22.646623] kasan_atomics+0x96/0x310 [ 22.647312] kunit_try_run_case+0x1a6/0x480 [ 22.647989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.648473] kthread+0x257/0x310 [ 22.648817] ret_from_fork+0x41/0x80 [ 22.649190] ret_from_fork_asm+0x1a/0x30 [ 22.649939] [ 22.650175] The buggy address belongs to the object at ffff888102314e80 [ 22.650175] which belongs to the cache kmalloc-64 of size 64 [ 22.651580] The buggy address is located 0 bytes to the right of [ 22.651580] allocated 48-byte region [ffff888102314e80, ffff888102314eb0) [ 22.653204] [ 22.653423] The buggy address belongs to the physical page: [ 22.653756] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102314 [ 22.654664] flags: 0x200000000000000(node=0|zone=2) [ 22.655408] page_type: f5(slab) [ 22.655801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.656770] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 22.657588] page dumped because: kasan: bad access detected [ 22.658065] [ 22.658284] Memory state around the buggy address: [ 22.658737] ffff888102314d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.659621] ffff888102314e00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.660327] >ffff888102314e80: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.660933] ^ [ 22.661320] ffff888102314f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.662216] ffff888102314f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.662904] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 21.416502] ================================================================== [ 21.417106] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 21.418263] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.419065] [ 21.419349] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.419472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.419509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.419567] Call Trace: [ 21.419619] <TASK> [ 21.419671] dump_stack_lvl+0x73/0xb0 [ 21.419753] print_report+0xd1/0x640 [ 21.419831] ? __virt_addr_valid+0x1db/0x2d0 [ 21.419974] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 21.420054] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.420129] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 21.420204] kasan_report+0x140/0x180 [ 21.420302] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 21.420391] kasan_check_range+0x10c/0x1c0 [ 21.420449] __kasan_check_write+0x18/0x20 [ 21.420481] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 21.420537] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.420580] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.420638] kasan_bitops_generic+0x122/0x1c0 [ 21.420670] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.420721] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.420759] kunit_try_run_case+0x1a6/0x480 [ 21.420814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.421194] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.421259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.421300] ? __kthread_parkme+0x82/0x160 [ 21.421329] ? preempt_count_sub+0x50/0x80 [ 21.421360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.421389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.421426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.421539] kthread+0x257/0x310 [ 21.421592] ? __pfx_kthread+0x10/0x10 [ 21.421618] ret_from_fork+0x41/0x80 [ 21.421647] ? __pfx_kthread+0x10/0x10 [ 21.421672] ret_from_fork_asm+0x1a/0x30 [ 21.421712] </TASK> [ 21.421726] [ 21.440723] Allocated by task 266: [ 21.441584] kasan_save_stack+0x45/0x70 [ 21.442428] kasan_save_track+0x18/0x40 [ 21.443327] kasan_save_alloc_info+0x3b/0x50 [ 21.443907] __kasan_kmalloc+0xb7/0xc0 [ 21.444313] __kmalloc_cache_noprof+0x168/0x350 [ 21.445261] kasan_bitops_generic+0x93/0x1c0 [ 21.445841] kunit_try_run_case+0x1a6/0x480 [ 21.446313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.447036] kthread+0x257/0x310 [ 21.447861] ret_from_fork+0x41/0x80 [ 21.448207] ret_from_fork_asm+0x1a/0x30 [ 21.449245] [ 21.449482] The buggy address belongs to the object at ffff888101f80200 [ 21.449482] which belongs to the cache kmalloc-16 of size 16 [ 21.450695] The buggy address is located 8 bytes inside of [ 21.450695] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.451656] [ 21.452047] The buggy address belongs to the physical page: [ 21.452957] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.453612] flags: 0x200000000000000(node=0|zone=2) [ 21.454152] page_type: f5(slab) [ 21.454818] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.455466] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.456310] page dumped because: kasan: bad access detected [ 21.457307] [ 21.457694] Memory state around the buggy address: [ 21.458064] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.459049] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.459606] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.460334] ^ [ 21.461276] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.461884] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.462750] ================================================================== [ 21.820754] ================================================================== [ 21.822361] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 21.823351] Read of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.824137] [ 21.824420] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.824548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.824584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.824644] Call Trace: [ 21.824698] <TASK> [ 21.824747] dump_stack_lvl+0x73/0xb0 [ 21.825304] print_report+0xd1/0x640 [ 21.825381] ? __virt_addr_valid+0x1db/0x2d0 [ 21.825422] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 21.825482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.825527] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 21.825563] kasan_report+0x140/0x180 [ 21.825597] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 21.825639] __asan_report_load8_noabort+0x18/0x20 [ 21.825669] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 21.825706] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.825743] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.825782] kasan_bitops_generic+0x122/0x1c0 [ 21.825817] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.825932] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.825978] kunit_try_run_case+0x1a6/0x480 [ 21.826013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.826041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.826071] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.826106] ? __kthread_parkme+0x82/0x160 [ 21.826133] ? preempt_count_sub+0x50/0x80 [ 21.826164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.826192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.826257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.826329] kthread+0x257/0x310 [ 21.826356] ? __pfx_kthread+0x10/0x10 [ 21.826382] ret_from_fork+0x41/0x80 [ 21.826411] ? __pfx_kthread+0x10/0x10 [ 21.826436] ret_from_fork_asm+0x1a/0x30 [ 21.826611] </TASK> [ 21.826628] [ 21.847409] Allocated by task 266: [ 21.848047] kasan_save_stack+0x45/0x70 [ 21.849038] kasan_save_track+0x18/0x40 [ 21.849556] kasan_save_alloc_info+0x3b/0x50 [ 21.850073] __kasan_kmalloc+0xb7/0xc0 [ 21.850654] __kmalloc_cache_noprof+0x168/0x350 [ 21.851194] kasan_bitops_generic+0x93/0x1c0 [ 21.851888] kunit_try_run_case+0x1a6/0x480 [ 21.852338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.853980] kthread+0x257/0x310 [ 21.854294] ret_from_fork+0x41/0x80 [ 21.854821] ret_from_fork_asm+0x1a/0x30 [ 21.855250] [ 21.855480] The buggy address belongs to the object at ffff888101f80200 [ 21.855480] which belongs to the cache kmalloc-16 of size 16 [ 21.857292] The buggy address is located 8 bytes inside of [ 21.857292] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.859319] [ 21.859908] The buggy address belongs to the physical page: [ 21.860907] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.861716] flags: 0x200000000000000(node=0|zone=2) [ 21.862210] page_type: f5(slab) [ 21.863014] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.863543] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.864330] page dumped because: kasan: bad access detected [ 21.864822] [ 21.865849] Memory state around the buggy address: [ 21.866306] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.866990] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.867578] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.868354] ^ [ 21.868790] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.870829] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.871664] ================================================================== [ 21.562398] ================================================================== [ 21.563417] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 21.564481] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.565791] [ 21.566120] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.566291] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.566317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.566361] Call Trace: [ 21.566402] <TASK> [ 21.566434] dump_stack_lvl+0x73/0xb0 [ 21.566745] print_report+0xd1/0x640 [ 21.566786] ? __virt_addr_valid+0x1db/0x2d0 [ 21.566829] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 21.566901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.566940] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 21.566975] kasan_report+0x140/0x180 [ 21.567011] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 21.567052] kasan_check_range+0x10c/0x1c0 [ 21.567081] __kasan_check_write+0x18/0x20 [ 21.567110] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 21.567146] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.567182] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.567242] kasan_bitops_generic+0x122/0x1c0 [ 21.567293] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.567326] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.567361] kunit_try_run_case+0x1a6/0x480 [ 21.567394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.567422] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.567469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.567565] ? __kthread_parkme+0x82/0x160 [ 21.567641] ? preempt_count_sub+0x50/0x80 [ 21.567677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.567706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.567743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.567780] kthread+0x257/0x310 [ 21.567806] ? __pfx_kthread+0x10/0x10 [ 21.567858] ret_from_fork+0x41/0x80 [ 21.567895] ? __pfx_kthread+0x10/0x10 [ 21.567922] ret_from_fork_asm+0x1a/0x30 [ 21.567963] </TASK> [ 21.567977] [ 21.589963] Allocated by task 266: [ 21.590454] kasan_save_stack+0x45/0x70 [ 21.591295] kasan_save_track+0x18/0x40 [ 21.591980] kasan_save_alloc_info+0x3b/0x50 [ 21.592440] __kasan_kmalloc+0xb7/0xc0 [ 21.593108] __kmalloc_cache_noprof+0x168/0x350 [ 21.594212] kasan_bitops_generic+0x93/0x1c0 [ 21.594561] kunit_try_run_case+0x1a6/0x480 [ 21.595133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.596081] kthread+0x257/0x310 [ 21.596723] ret_from_fork+0x41/0x80 [ 21.597257] ret_from_fork_asm+0x1a/0x30 [ 21.597931] [ 21.598941] The buggy address belongs to the object at ffff888101f80200 [ 21.598941] which belongs to the cache kmalloc-16 of size 16 [ 21.600455] The buggy address is located 8 bytes inside of [ 21.600455] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.602154] [ 21.602336] The buggy address belongs to the physical page: [ 21.603498] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.604299] flags: 0x200000000000000(node=0|zone=2) [ 21.605345] page_type: f5(slab) [ 21.606368] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.607656] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.608093] page dumped because: kasan: bad access detected [ 21.608420] [ 21.608565] Memory state around the buggy address: [ 21.608858] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.609992] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.611483] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.612789] ^ [ 21.615074] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.615953] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.616576] ================================================================== [ 21.765815] ================================================================== [ 21.766403] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 21.768257] Read of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.768885] [ 21.769336] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.769461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.769502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.769562] Call Trace: [ 21.769613] <TASK> [ 21.769661] dump_stack_lvl+0x73/0xb0 [ 21.769743] print_report+0xd1/0x640 [ 21.769818] ? __virt_addr_valid+0x1db/0x2d0 [ 21.769897] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 21.769973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.770048] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 21.770128] kasan_report+0x140/0x180 [ 21.770215] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 21.770429] kasan_check_range+0x10c/0x1c0 [ 21.770803] __kasan_check_read+0x15/0x20 [ 21.770875] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 21.770917] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.770954] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.770991] kasan_bitops_generic+0x122/0x1c0 [ 21.771020] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.771049] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.771085] kunit_try_run_case+0x1a6/0x480 [ 21.771119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.771148] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.771178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.771213] ? __kthread_parkme+0x82/0x160 [ 21.771282] ? preempt_count_sub+0x50/0x80 [ 21.771315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.771342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.771379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.771416] kthread+0x257/0x310 [ 21.771449] ? __pfx_kthread+0x10/0x10 [ 21.771564] ret_from_fork+0x41/0x80 [ 21.771606] ? __pfx_kthread+0x10/0x10 [ 21.771632] ret_from_fork_asm+0x1a/0x30 [ 21.771673] </TASK> [ 21.771686] [ 21.795239] Allocated by task 266: [ 21.796092] kasan_save_stack+0x45/0x70 [ 21.796466] kasan_save_track+0x18/0x40 [ 21.797174] kasan_save_alloc_info+0x3b/0x50 [ 21.798116] __kasan_kmalloc+0xb7/0xc0 [ 21.798664] __kmalloc_cache_noprof+0x168/0x350 [ 21.799448] kasan_bitops_generic+0x93/0x1c0 [ 21.799835] kunit_try_run_case+0x1a6/0x480 [ 21.800996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.801681] kthread+0x257/0x310 [ 21.802028] ret_from_fork+0x41/0x80 [ 21.802648] ret_from_fork_asm+0x1a/0x30 [ 21.803415] [ 21.803743] The buggy address belongs to the object at ffff888101f80200 [ 21.803743] which belongs to the cache kmalloc-16 of size 16 [ 21.805371] The buggy address is located 8 bytes inside of [ 21.805371] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.807023] [ 21.807193] The buggy address belongs to the physical page: [ 21.808038] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.809263] flags: 0x200000000000000(node=0|zone=2) [ 21.809644] page_type: f5(slab) [ 21.810132] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.811315] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.812243] page dumped because: kasan: bad access detected [ 21.813253] [ 21.813604] Memory state around the buggy address: [ 21.814370] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.815282] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.816075] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.816580] ^ [ 21.817642] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.818366] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.819266] ================================================================== [ 21.510776] ================================================================== [ 21.511606] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 21.512326] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.512901] [ 21.513162] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.513849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.513960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.514037] Call Trace: [ 21.514088] <TASK> [ 21.514135] dump_stack_lvl+0x73/0xb0 [ 21.514275] print_report+0xd1/0x640 [ 21.514366] ? __virt_addr_valid+0x1db/0x2d0 [ 21.514452] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 21.514555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.514640] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 21.514684] kasan_report+0x140/0x180 [ 21.514719] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 21.514760] kasan_check_range+0x10c/0x1c0 [ 21.514789] __kasan_check_write+0x18/0x20 [ 21.514830] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 21.514898] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.514936] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.514974] kasan_bitops_generic+0x122/0x1c0 [ 21.515002] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.515031] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.515066] kunit_try_run_case+0x1a6/0x480 [ 21.515099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.515127] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.515157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.515192] ? __kthread_parkme+0x82/0x160 [ 21.515239] ? preempt_count_sub+0x50/0x80 [ 21.515300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.515329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.515367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.515404] kthread+0x257/0x310 [ 21.515430] ? __pfx_kthread+0x10/0x10 [ 21.515486] ret_from_fork+0x41/0x80 [ 21.515562] ? __pfx_kthread+0x10/0x10 [ 21.515599] ret_from_fork_asm+0x1a/0x30 [ 21.515642] </TASK> [ 21.515656] [ 21.537322] Allocated by task 266: [ 21.538675] kasan_save_stack+0x45/0x70 [ 21.539083] kasan_save_track+0x18/0x40 [ 21.540000] kasan_save_alloc_info+0x3b/0x50 [ 21.540350] __kasan_kmalloc+0xb7/0xc0 [ 21.541214] __kmalloc_cache_noprof+0x168/0x350 [ 21.541647] kasan_bitops_generic+0x93/0x1c0 [ 21.542331] kunit_try_run_case+0x1a6/0x480 [ 21.543303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.543815] kthread+0x257/0x310 [ 21.544301] ret_from_fork+0x41/0x80 [ 21.545300] ret_from_fork_asm+0x1a/0x30 [ 21.545677] [ 21.546243] The buggy address belongs to the object at ffff888101f80200 [ 21.546243] which belongs to the cache kmalloc-16 of size 16 [ 21.547838] The buggy address is located 8 bytes inside of [ 21.547838] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.549123] [ 21.549309] The buggy address belongs to the physical page: [ 21.550182] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.550853] flags: 0x200000000000000(node=0|zone=2) [ 21.551347] page_type: f5(slab) [ 21.551706] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.552689] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.554289] page dumped because: kasan: bad access detected [ 21.554679] [ 21.554907] Memory state around the buggy address: [ 21.555338] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.555848] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.557195] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.557976] ^ [ 21.558960] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.559465] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.560278] ================================================================== [ 21.463904] ================================================================== [ 21.464441] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 21.465308] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.466016] [ 21.466317] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.466722] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.466793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.466884] Call Trace: [ 21.466934] <TASK> [ 21.466980] dump_stack_lvl+0x73/0xb0 [ 21.467065] print_report+0xd1/0x640 [ 21.467145] ? __virt_addr_valid+0x1db/0x2d0 [ 21.467237] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 21.467330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.467404] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 21.467483] kasan_report+0x140/0x180 [ 21.467559] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 21.467653] kasan_check_range+0x10c/0x1c0 [ 21.467726] __kasan_check_write+0x18/0x20 [ 21.467801] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 21.467900] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.468031] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.468134] kasan_bitops_generic+0x122/0x1c0 [ 21.468258] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.468340] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.468425] kunit_try_run_case+0x1a6/0x480 [ 21.468532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.468601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.468678] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.468759] ? __kthread_parkme+0x82/0x160 [ 21.468790] ? preempt_count_sub+0x50/0x80 [ 21.468831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.468894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.468934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.468976] kthread+0x257/0x310 [ 21.469002] ? __pfx_kthread+0x10/0x10 [ 21.469029] ret_from_fork+0x41/0x80 [ 21.469057] ? __pfx_kthread+0x10/0x10 [ 21.469082] ret_from_fork_asm+0x1a/0x30 [ 21.469122] </TASK> [ 21.469136] [ 21.488180] Allocated by task 266: [ 21.488749] kasan_save_stack+0x45/0x70 [ 21.489398] kasan_save_track+0x18/0x40 [ 21.489815] kasan_save_alloc_info+0x3b/0x50 [ 21.490830] __kasan_kmalloc+0xb7/0xc0 [ 21.491150] __kmalloc_cache_noprof+0x168/0x350 [ 21.491758] kasan_bitops_generic+0x93/0x1c0 [ 21.492420] kunit_try_run_case+0x1a6/0x480 [ 21.492942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.493642] kthread+0x257/0x310 [ 21.494020] ret_from_fork+0x41/0x80 [ 21.494332] ret_from_fork_asm+0x1a/0x30 [ 21.494724] [ 21.495740] The buggy address belongs to the object at ffff888101f80200 [ 21.495740] which belongs to the cache kmalloc-16 of size 16 [ 21.497012] The buggy address is located 8 bytes inside of [ 21.497012] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.498272] [ 21.498528] The buggy address belongs to the physical page: [ 21.499035] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.500126] flags: 0x200000000000000(node=0|zone=2) [ 21.500664] page_type: f5(slab) [ 21.501215] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.502087] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.503169] page dumped because: kasan: bad access detected [ 21.503751] [ 21.504093] Memory state around the buggy address: [ 21.504635] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.505440] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.506094] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.506986] ^ [ 21.507657] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.508205] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.508716] ================================================================== [ 21.718006] ================================================================== [ 21.718839] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 21.720085] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.721019] [ 21.721304] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.721461] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.721499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.721961] Call Trace: [ 21.722016] <TASK> [ 21.722099] dump_stack_lvl+0x73/0xb0 [ 21.722178] print_report+0xd1/0x640 [ 21.722275] ? __virt_addr_valid+0x1db/0x2d0 [ 21.722351] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 21.722427] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.722510] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 21.722591] kasan_report+0x140/0x180 [ 21.722713] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 21.722832] kasan_check_range+0x10c/0x1c0 [ 21.722909] __kasan_check_write+0x18/0x20 [ 21.722981] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 21.723062] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.723145] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.723198] kasan_bitops_generic+0x122/0x1c0 [ 21.723269] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.723344] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.723420] kunit_try_run_case+0x1a6/0x480 [ 21.723477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.723549] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.723621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.723663] ? __kthread_parkme+0x82/0x160 [ 21.723692] ? preempt_count_sub+0x50/0x80 [ 21.723723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.723752] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.723789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.723844] kthread+0x257/0x310 [ 21.723882] ? __pfx_kthread+0x10/0x10 [ 21.723910] ret_from_fork+0x41/0x80 [ 21.723940] ? __pfx_kthread+0x10/0x10 [ 21.723965] ret_from_fork_asm+0x1a/0x30 [ 21.724006] </TASK> [ 21.724019] [ 21.742663] Allocated by task 266: [ 21.743945] kasan_save_stack+0x45/0x70 [ 21.744261] kasan_save_track+0x18/0x40 [ 21.744728] kasan_save_alloc_info+0x3b/0x50 [ 21.745539] __kasan_kmalloc+0xb7/0xc0 [ 21.745860] __kmalloc_cache_noprof+0x168/0x350 [ 21.746124] kasan_bitops_generic+0x93/0x1c0 [ 21.746388] kunit_try_run_case+0x1a6/0x480 [ 21.746744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.747367] kthread+0x257/0x310 [ 21.748093] ret_from_fork+0x41/0x80 [ 21.748988] ret_from_fork_asm+0x1a/0x30 [ 21.749924] [ 21.750354] The buggy address belongs to the object at ffff888101f80200 [ 21.750354] which belongs to the cache kmalloc-16 of size 16 [ 21.751747] The buggy address is located 8 bytes inside of [ 21.751747] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.752573] [ 21.752732] The buggy address belongs to the physical page: [ 21.753131] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.755088] flags: 0x200000000000000(node=0|zone=2) [ 21.755808] page_type: f5(slab) [ 21.756539] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.757159] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.758255] page dumped because: kasan: bad access detected [ 21.759092] [ 21.759295] Memory state around the buggy address: [ 21.760108] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.761211] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.761930] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.762517] ^ [ 21.763382] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.764042] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.764679] ================================================================== [ 21.618741] ================================================================== [ 21.619131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 21.619617] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.619999] [ 21.620183] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.620378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.620408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.620460] Call Trace: [ 21.620505] <TASK> [ 21.620543] dump_stack_lvl+0x73/0xb0 [ 21.620601] print_report+0xd1/0x640 [ 21.620655] ? __virt_addr_valid+0x1db/0x2d0 [ 21.620708] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 21.620780] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.620887] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 21.620952] kasan_report+0x140/0x180 [ 21.621011] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 21.621080] kasan_check_range+0x10c/0x1c0 [ 21.621130] __kasan_check_write+0x18/0x20 [ 21.621178] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 21.621259] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.621325] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.621393] kasan_bitops_generic+0x122/0x1c0 [ 21.621473] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.621544] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.621622] kunit_try_run_case+0x1a6/0x480 [ 21.621697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.621756] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.621861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.622012] ? __kthread_parkme+0x82/0x160 [ 21.622073] ? preempt_count_sub+0x50/0x80 [ 21.622126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.622170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.622258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.622324] kthread+0x257/0x310 [ 21.622371] ? __pfx_kthread+0x10/0x10 [ 21.622420] ret_from_fork+0x41/0x80 [ 21.622520] ? __pfx_kthread+0x10/0x10 [ 21.622569] ret_from_fork_asm+0x1a/0x30 [ 21.622640] </TASK> [ 21.622664] [ 21.643130] Allocated by task 266: [ 21.643751] kasan_save_stack+0x45/0x70 [ 21.644841] kasan_save_track+0x18/0x40 [ 21.645284] kasan_save_alloc_info+0x3b/0x50 [ 21.646076] __kasan_kmalloc+0xb7/0xc0 [ 21.646576] __kmalloc_cache_noprof+0x168/0x350 [ 21.647209] kasan_bitops_generic+0x93/0x1c0 [ 21.648089] kunit_try_run_case+0x1a6/0x480 [ 21.650122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.650704] kthread+0x257/0x310 [ 21.651034] ret_from_fork+0x41/0x80 [ 21.651760] ret_from_fork_asm+0x1a/0x30 [ 21.652145] [ 21.652448] The buggy address belongs to the object at ffff888101f80200 [ 21.652448] which belongs to the cache kmalloc-16 of size 16 [ 21.653781] The buggy address is located 8 bytes inside of [ 21.653781] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.655368] [ 21.655531] The buggy address belongs to the physical page: [ 21.655942] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.656741] flags: 0x200000000000000(node=0|zone=2) [ 21.658216] page_type: f5(slab) [ 21.658543] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.659128] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.659714] page dumped because: kasan: bad access detected [ 21.660170] [ 21.660452] Memory state around the buggy address: [ 21.661218] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.662194] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.663765] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.664932] ^ [ 21.665286] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666385] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.667180] ================================================================== [ 21.668322] ================================================================== [ 21.669156] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 21.670510] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.671414] [ 21.671908] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.672054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.672090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.672194] Call Trace: [ 21.672280] <TASK> [ 21.672332] dump_stack_lvl+0x73/0xb0 [ 21.672411] print_report+0xd1/0x640 [ 21.672483] ? __virt_addr_valid+0x1db/0x2d0 [ 21.672564] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 21.672641] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.672721] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 21.672799] kasan_report+0x140/0x180 [ 21.672881] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 21.672936] kasan_check_range+0x10c/0x1c0 [ 21.672967] __kasan_check_write+0x18/0x20 [ 21.672997] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 21.673033] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.673071] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.673109] kasan_bitops_generic+0x122/0x1c0 [ 21.673140] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.673169] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.673204] kunit_try_run_case+0x1a6/0x480 [ 21.673263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.673294] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.673324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.673363] ? __kthread_parkme+0x82/0x160 [ 21.673391] ? preempt_count_sub+0x50/0x80 [ 21.673421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.673467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.673553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.673604] kthread+0x257/0x310 [ 21.673630] ? __pfx_kthread+0x10/0x10 [ 21.673655] ret_from_fork+0x41/0x80 [ 21.673684] ? __pfx_kthread+0x10/0x10 [ 21.673709] ret_from_fork_asm+0x1a/0x30 [ 21.673750] </TASK> [ 21.673764] [ 21.695317] Allocated by task 266: [ 21.695794] kasan_save_stack+0x45/0x70 [ 21.696191] kasan_save_track+0x18/0x40 [ 21.696589] kasan_save_alloc_info+0x3b/0x50 [ 21.697235] __kasan_kmalloc+0xb7/0xc0 [ 21.697716] __kmalloc_cache_noprof+0x168/0x350 [ 21.698451] kasan_bitops_generic+0x93/0x1c0 [ 21.698813] kunit_try_run_case+0x1a6/0x480 [ 21.699660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.700139] kthread+0x257/0x310 [ 21.700602] ret_from_fork+0x41/0x80 [ 21.701008] ret_from_fork_asm+0x1a/0x30 [ 21.701507] [ 21.701713] The buggy address belongs to the object at ffff888101f80200 [ 21.701713] which belongs to the cache kmalloc-16 of size 16 [ 21.703394] The buggy address is located 8 bytes inside of [ 21.703394] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.705433] [ 21.706045] The buggy address belongs to the physical page: [ 21.706665] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.707794] flags: 0x200000000000000(node=0|zone=2) [ 21.708158] page_type: f5(slab) [ 21.708746] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.709621] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.710718] page dumped because: kasan: bad access detected [ 21.711295] [ 21.711506] Memory state around the buggy address: [ 21.712156] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.712860] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.713661] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.714778] ^ [ 21.715247] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.716059] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.716565] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 21.219423] ================================================================== [ 21.220960] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 21.221806] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.222481] [ 21.222855] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.222974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.223013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.223075] Call Trace: [ 21.223127] <TASK> [ 21.223177] dump_stack_lvl+0x73/0xb0 [ 21.223286] print_report+0xd1/0x640 [ 21.223329] ? __virt_addr_valid+0x1db/0x2d0 [ 21.223367] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 21.223399] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.223469] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 21.223510] kasan_report+0x140/0x180 [ 21.223546] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 21.223584] kasan_check_range+0x10c/0x1c0 [ 21.223613] __kasan_check_write+0x18/0x20 [ 21.223643] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 21.223675] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.223708] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.223745] kasan_bitops_generic+0x117/0x1c0 [ 21.223774] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.223803] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.224298] kunit_try_run_case+0x1a6/0x480 [ 21.224427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.224558] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.224596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.224632] ? __kthread_parkme+0x82/0x160 [ 21.224662] ? preempt_count_sub+0x50/0x80 [ 21.224692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.224720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.224756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.224793] kthread+0x257/0x310 [ 21.224824] ? __pfx_kthread+0x10/0x10 [ 21.224882] ret_from_fork+0x41/0x80 [ 21.224914] ? __pfx_kthread+0x10/0x10 [ 21.224941] ret_from_fork_asm+0x1a/0x30 [ 21.224981] </TASK> [ 21.224995] [ 21.244333] Allocated by task 266: [ 21.245245] kasan_save_stack+0x45/0x70 [ 21.245927] kasan_save_track+0x18/0x40 [ 21.246343] kasan_save_alloc_info+0x3b/0x50 [ 21.246672] __kasan_kmalloc+0xb7/0xc0 [ 21.247154] __kmalloc_cache_noprof+0x168/0x350 [ 21.247969] kasan_bitops_generic+0x93/0x1c0 [ 21.248403] kunit_try_run_case+0x1a6/0x480 [ 21.248769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.249285] kthread+0x257/0x310 [ 21.249629] ret_from_fork+0x41/0x80 [ 21.250693] ret_from_fork_asm+0x1a/0x30 [ 21.251334] [ 21.251714] The buggy address belongs to the object at ffff888101f80200 [ 21.251714] which belongs to the cache kmalloc-16 of size 16 [ 21.252647] The buggy address is located 8 bytes inside of [ 21.252647] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.254204] [ 21.254457] The buggy address belongs to the physical page: [ 21.255152] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.256163] flags: 0x200000000000000(node=0|zone=2) [ 21.256631] page_type: f5(slab) [ 21.257240] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.258422] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.259239] page dumped because: kasan: bad access detected [ 21.259856] [ 21.260237] Memory state around the buggy address: [ 21.261020] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.262115] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.262608] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.263758] ^ [ 21.264148] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.264985] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.266087] ================================================================== [ 21.313205] ================================================================== [ 21.314193] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 21.315315] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.316329] [ 21.316581] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.316696] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.316822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.316889] Call Trace: [ 21.317000] <TASK> [ 21.317104] dump_stack_lvl+0x73/0xb0 [ 21.317182] print_report+0xd1/0x640 [ 21.317311] ? __virt_addr_valid+0x1db/0x2d0 [ 21.317469] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 21.317544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.317619] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 21.317691] kasan_report+0x140/0x180 [ 21.317770] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 21.317856] kasan_check_range+0x10c/0x1c0 [ 21.318151] __kasan_check_write+0x18/0x20 [ 21.318185] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 21.318238] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.318284] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.318325] kasan_bitops_generic+0x117/0x1c0 [ 21.318356] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.318384] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.318419] kunit_try_run_case+0x1a6/0x480 [ 21.318470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.318541] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.318601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.318638] ? __kthread_parkme+0x82/0x160 [ 21.318665] ? preempt_count_sub+0x50/0x80 [ 21.318696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.318723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.318759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.318797] kthread+0x257/0x310 [ 21.318840] ? __pfx_kthread+0x10/0x10 [ 21.318878] ret_from_fork+0x41/0x80 [ 21.318909] ? __pfx_kthread+0x10/0x10 [ 21.318935] ret_from_fork_asm+0x1a/0x30 [ 21.318977] </TASK> [ 21.318990] [ 21.337745] Allocated by task 266: [ 21.338198] kasan_save_stack+0x45/0x70 [ 21.338615] kasan_save_track+0x18/0x40 [ 21.339770] kasan_save_alloc_info+0x3b/0x50 [ 21.340216] __kasan_kmalloc+0xb7/0xc0 [ 21.340548] __kmalloc_cache_noprof+0x168/0x350 [ 21.341533] kasan_bitops_generic+0x93/0x1c0 [ 21.342168] kunit_try_run_case+0x1a6/0x480 [ 21.342627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.345196] kthread+0x257/0x310 [ 21.345477] ret_from_fork+0x41/0x80 [ 21.345722] ret_from_fork_asm+0x1a/0x30 [ 21.345972] [ 21.346115] The buggy address belongs to the object at ffff888101f80200 [ 21.346115] which belongs to the cache kmalloc-16 of size 16 [ 21.352282] The buggy address is located 8 bytes inside of [ 21.352282] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.355750] [ 21.356005] The buggy address belongs to the physical page: [ 21.356402] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.357346] flags: 0x200000000000000(node=0|zone=2) [ 21.357950] page_type: f5(slab) [ 21.358317] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.359147] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.359794] page dumped because: kasan: bad access detected [ 21.360685] [ 21.361143] Memory state around the buggy address: [ 21.361718] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.362354] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.363112] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.363660] ^ [ 21.364020] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.365203] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.365978] ================================================================== [ 21.004044] ================================================================== [ 21.004950] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 21.006823] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.007415] [ 21.008148] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.008381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.008424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.008488] Call Trace: [ 21.008540] <TASK> [ 21.008592] dump_stack_lvl+0x73/0xb0 [ 21.008688] print_report+0xd1/0x640 [ 21.008758] ? __virt_addr_valid+0x1db/0x2d0 [ 21.008797] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 21.008855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.008894] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 21.008926] kasan_report+0x140/0x180 [ 21.008960] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 21.008997] kasan_check_range+0x10c/0x1c0 [ 21.009027] __kasan_check_write+0x18/0x20 [ 21.009054] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 21.009087] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.009122] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.009161] kasan_bitops_generic+0x117/0x1c0 [ 21.009189] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.009245] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.009287] kunit_try_run_case+0x1a6/0x480 [ 21.009325] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.009353] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.009384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.009420] ? __kthread_parkme+0x82/0x160 [ 21.009463] ? preempt_count_sub+0x50/0x80 [ 21.009595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.009626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.009663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.009701] kthread+0x257/0x310 [ 21.009728] ? __pfx_kthread+0x10/0x10 [ 21.009754] ret_from_fork+0x41/0x80 [ 21.009785] ? __pfx_kthread+0x10/0x10 [ 21.009811] ret_from_fork_asm+0x1a/0x30 [ 21.009891] </TASK> [ 21.009907] [ 21.033452] Allocated by task 266: [ 21.034345] kasan_save_stack+0x45/0x70 [ 21.034780] kasan_save_track+0x18/0x40 [ 21.035322] kasan_save_alloc_info+0x3b/0x50 [ 21.036448] __kasan_kmalloc+0xb7/0xc0 [ 21.037103] __kmalloc_cache_noprof+0x168/0x350 [ 21.037660] kasan_bitops_generic+0x93/0x1c0 [ 21.038277] kunit_try_run_case+0x1a6/0x480 [ 21.038774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.039745] kthread+0x257/0x310 [ 21.040157] ret_from_fork+0x41/0x80 [ 21.040541] ret_from_fork_asm+0x1a/0x30 [ 21.041370] [ 21.041685] The buggy address belongs to the object at ffff888101f80200 [ 21.041685] which belongs to the cache kmalloc-16 of size 16 [ 21.043195] The buggy address is located 8 bytes inside of [ 21.043195] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.044792] [ 21.045397] The buggy address belongs to the physical page: [ 21.045969] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.046584] flags: 0x200000000000000(node=0|zone=2) [ 21.047778] page_type: f5(slab) [ 21.048373] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.049171] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.050074] page dumped because: kasan: bad access detected [ 21.050567] [ 21.050880] Memory state around the buggy address: [ 21.051311] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.052120] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.053059] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.054278] ^ [ 21.055018] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056023] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.056802] ================================================================== [ 21.118108] ================================================================== [ 21.119296] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 21.120888] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.121817] [ 21.122279] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.122363] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.122398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.122436] Call Trace: [ 21.122454] <TASK> [ 21.122474] dump_stack_lvl+0x73/0xb0 [ 21.122541] print_report+0xd1/0x640 [ 21.122623] ? __virt_addr_valid+0x1db/0x2d0 [ 21.122691] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 21.122725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.122757] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 21.122789] kasan_report+0x140/0x180 [ 21.122837] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 21.123081] kasan_check_range+0x10c/0x1c0 [ 21.123115] __kasan_check_write+0x18/0x20 [ 21.123146] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 21.123181] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.123216] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.123292] kasan_bitops_generic+0x117/0x1c0 [ 21.123325] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.123355] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.123390] kunit_try_run_case+0x1a6/0x480 [ 21.123424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.123467] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.123580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.123623] ? __kthread_parkme+0x82/0x160 [ 21.123653] ? preempt_count_sub+0x50/0x80 [ 21.123683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.123713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.123753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.123792] kthread+0x257/0x310 [ 21.123826] ? __pfx_kthread+0x10/0x10 [ 21.123887] ret_from_fork+0x41/0x80 [ 21.123920] ? __pfx_kthread+0x10/0x10 [ 21.123946] ret_from_fork_asm+0x1a/0x30 [ 21.123986] </TASK> [ 21.124000] [ 21.144650] Allocated by task 266: [ 21.145296] kasan_save_stack+0x45/0x70 [ 21.146167] kasan_save_track+0x18/0x40 [ 21.146819] kasan_save_alloc_info+0x3b/0x50 [ 21.147173] __kasan_kmalloc+0xb7/0xc0 [ 21.147651] __kmalloc_cache_noprof+0x168/0x350 [ 21.149010] kasan_bitops_generic+0x93/0x1c0 [ 21.149428] kunit_try_run_case+0x1a6/0x480 [ 21.149796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.150252] kthread+0x257/0x310 [ 21.150573] ret_from_fork+0x41/0x80 [ 21.150982] ret_from_fork_asm+0x1a/0x30 [ 21.152444] [ 21.152622] The buggy address belongs to the object at ffff888101f80200 [ 21.152622] which belongs to the cache kmalloc-16 of size 16 [ 21.154135] The buggy address is located 8 bytes inside of [ 21.154135] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.156074] [ 21.156292] The buggy address belongs to the physical page: [ 21.157429] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.158417] flags: 0x200000000000000(node=0|zone=2) [ 21.159387] page_type: f5(slab) [ 21.160148] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.160768] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.161976] page dumped because: kasan: bad access detected [ 21.162382] [ 21.162639] Memory state around the buggy address: [ 21.163116] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.163702] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.164856] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.165923] ^ [ 21.166271] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.167267] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.168685] ================================================================== [ 21.170331] ================================================================== [ 21.171394] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 21.172455] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.173517] [ 21.174425] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.174753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.174774] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.174819] Call Trace: [ 21.174974] <TASK> [ 21.174999] dump_stack_lvl+0x73/0xb0 [ 21.175042] print_report+0xd1/0x640 [ 21.175076] ? __virt_addr_valid+0x1db/0x2d0 [ 21.175111] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 21.175141] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.175174] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 21.175204] kasan_report+0x140/0x180 [ 21.175275] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 21.175318] kasan_check_range+0x10c/0x1c0 [ 21.175348] __kasan_check_write+0x18/0x20 [ 21.175377] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 21.175410] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.175451] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.175595] kasan_bitops_generic+0x117/0x1c0 [ 21.175657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.175689] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.175725] kunit_try_run_case+0x1a6/0x480 [ 21.175759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.175786] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.175821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.175893] ? __kthread_parkme+0x82/0x160 [ 21.175923] ? preempt_count_sub+0x50/0x80 [ 21.175954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.175981] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.176017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.176055] kthread+0x257/0x310 [ 21.176081] ? __pfx_kthread+0x10/0x10 [ 21.176107] ret_from_fork+0x41/0x80 [ 21.176137] ? __pfx_kthread+0x10/0x10 [ 21.176162] ret_from_fork_asm+0x1a/0x30 [ 21.176202] </TASK> [ 21.176216] [ 21.196334] Allocated by task 266: [ 21.196988] kasan_save_stack+0x45/0x70 [ 21.197656] kasan_save_track+0x18/0x40 [ 21.198118] kasan_save_alloc_info+0x3b/0x50 [ 21.198965] __kasan_kmalloc+0xb7/0xc0 [ 21.199787] __kmalloc_cache_noprof+0x168/0x350 [ 21.200237] kasan_bitops_generic+0x93/0x1c0 [ 21.200671] kunit_try_run_case+0x1a6/0x480 [ 21.201290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.202272] kthread+0x257/0x310 [ 21.202889] ret_from_fork+0x41/0x80 [ 21.203392] ret_from_fork_asm+0x1a/0x30 [ 21.203701] [ 21.204327] The buggy address belongs to the object at ffff888101f80200 [ 21.204327] which belongs to the cache kmalloc-16 of size 16 [ 21.205425] The buggy address is located 8 bytes inside of [ 21.205425] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.206781] [ 21.207133] The buggy address belongs to the physical page: [ 21.207557] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.208659] flags: 0x200000000000000(node=0|zone=2) [ 21.209203] page_type: f5(slab) [ 21.209728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.211270] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.212114] page dumped because: kasan: bad access detected [ 21.212545] [ 21.212862] Memory state around the buggy address: [ 21.213306] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.214234] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.215343] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.216239] ^ [ 21.216564] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.217351] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.218082] ================================================================== [ 21.267055] ================================================================== [ 21.267564] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 21.268656] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.269382] [ 21.270175] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.270394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.270429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.270487] Call Trace: [ 21.270535] <TASK> [ 21.270581] dump_stack_lvl+0x73/0xb0 [ 21.270663] print_report+0xd1/0x640 [ 21.270737] ? __virt_addr_valid+0x1db/0x2d0 [ 21.270813] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 21.270884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.270955] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 21.271031] kasan_report+0x140/0x180 [ 21.271105] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 21.271193] kasan_check_range+0x10c/0x1c0 [ 21.271297] __kasan_check_write+0x18/0x20 [ 21.271386] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 21.271466] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.271547] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.271594] kasan_bitops_generic+0x117/0x1c0 [ 21.271623] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.271652] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.271687] kunit_try_run_case+0x1a6/0x480 [ 21.271719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.271747] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.271775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.271808] ? __kthread_parkme+0x82/0x160 [ 21.271865] ? preempt_count_sub+0x50/0x80 [ 21.271900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.271928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.271964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.271999] kthread+0x257/0x310 [ 21.272024] ? __pfx_kthread+0x10/0x10 [ 21.272049] ret_from_fork+0x41/0x80 [ 21.272079] ? __pfx_kthread+0x10/0x10 [ 21.272103] ret_from_fork_asm+0x1a/0x30 [ 21.272144] </TASK> [ 21.272159] [ 21.290738] Allocated by task 266: [ 21.291286] kasan_save_stack+0x45/0x70 [ 21.291922] kasan_save_track+0x18/0x40 [ 21.292428] kasan_save_alloc_info+0x3b/0x50 [ 21.293252] __kasan_kmalloc+0xb7/0xc0 [ 21.293799] __kmalloc_cache_noprof+0x168/0x350 [ 21.294312] kasan_bitops_generic+0x93/0x1c0 [ 21.295132] kunit_try_run_case+0x1a6/0x480 [ 21.295758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.296408] kthread+0x257/0x310 [ 21.296736] ret_from_fork+0x41/0x80 [ 21.297041] ret_from_fork_asm+0x1a/0x30 [ 21.297880] [ 21.298209] The buggy address belongs to the object at ffff888101f80200 [ 21.298209] which belongs to the cache kmalloc-16 of size 16 [ 21.299147] The buggy address is located 8 bytes inside of [ 21.299147] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.300582] [ 21.302015] The buggy address belongs to the physical page: [ 21.302522] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.303189] flags: 0x200000000000000(node=0|zone=2) [ 21.303610] page_type: f5(slab) [ 21.303978] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.305102] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.305848] page dumped because: kasan: bad access detected [ 21.306714] [ 21.306983] Memory state around the buggy address: [ 21.307650] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.308300] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.309386] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.309994] ^ [ 21.310387] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.311205] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.312121] ================================================================== [ 21.367014] ================================================================== [ 21.367706] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 21.368823] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.369634] [ 21.369895] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.370049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.370086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.370145] Call Trace: [ 21.370197] <TASK> [ 21.370267] dump_stack_lvl+0x73/0xb0 [ 21.370354] print_report+0xd1/0x640 [ 21.370434] ? __virt_addr_valid+0x1db/0x2d0 [ 21.370670] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 21.370747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.370830] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 21.370941] kasan_report+0x140/0x180 [ 21.371030] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 21.371124] kasan_check_range+0x10c/0x1c0 [ 21.371209] __kasan_check_write+0x18/0x20 [ 21.371313] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 21.371396] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.371671] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.371729] kasan_bitops_generic+0x117/0x1c0 [ 21.371761] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.371790] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.371826] kunit_try_run_case+0x1a6/0x480 [ 21.371861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.371891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.371920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.371955] ? __kthread_parkme+0x82/0x160 [ 21.371982] ? preempt_count_sub+0x50/0x80 [ 21.372012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.372040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.372076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.372112] kthread+0x257/0x310 [ 21.372136] ? __pfx_kthread+0x10/0x10 [ 21.372162] ret_from_fork+0x41/0x80 [ 21.372193] ? __pfx_kthread+0x10/0x10 [ 21.372239] ret_from_fork_asm+0x1a/0x30 [ 21.372314] </TASK> [ 21.372328] [ 21.392317] Allocated by task 266: [ 21.392975] kasan_save_stack+0x45/0x70 [ 21.393632] kasan_save_track+0x18/0x40 [ 21.394152] kasan_save_alloc_info+0x3b/0x50 [ 21.394795] __kasan_kmalloc+0xb7/0xc0 [ 21.395500] __kmalloc_cache_noprof+0x168/0x350 [ 21.396155] kasan_bitops_generic+0x93/0x1c0 [ 21.396882] kunit_try_run_case+0x1a6/0x480 [ 21.397300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.398045] kthread+0x257/0x310 [ 21.398419] ret_from_fork+0x41/0x80 [ 21.399132] ret_from_fork_asm+0x1a/0x30 [ 21.399606] [ 21.399828] The buggy address belongs to the object at ffff888101f80200 [ 21.399828] which belongs to the cache kmalloc-16 of size 16 [ 21.401203] The buggy address is located 8 bytes inside of [ 21.401203] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.402954] [ 21.403175] The buggy address belongs to the physical page: [ 21.403928] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.404701] flags: 0x200000000000000(node=0|zone=2) [ 21.405327] page_type: f5(slab) [ 21.405948] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.406589] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.407599] page dumped because: kasan: bad access detected [ 21.408069] [ 21.408316] Memory state around the buggy address: [ 21.409093] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.410375] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.411076] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.412523] ^ [ 21.412814] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.413345] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.414584] ================================================================== [ 21.058324] ================================================================== [ 21.059473] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 21.060779] Write of size 8 at addr ffff888101f80208 by task kunit_try_catch/266 [ 21.061903] [ 21.062276] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 21.062674] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.062705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.062738] Call Trace: [ 21.062762] <TASK> [ 21.062784] dump_stack_lvl+0x73/0xb0 [ 21.062842] print_report+0xd1/0x640 [ 21.062885] ? __virt_addr_valid+0x1db/0x2d0 [ 21.062921] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 21.062951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.062982] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 21.063013] kasan_report+0x140/0x180 [ 21.063046] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 21.063084] kasan_check_range+0x10c/0x1c0 [ 21.063114] __kasan_check_write+0x18/0x20 [ 21.063144] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 21.063174] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 21.063209] ? __kmalloc_cache_noprof+0x168/0x350 [ 21.063288] kasan_bitops_generic+0x117/0x1c0 [ 21.063320] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.063349] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.063384] kunit_try_run_case+0x1a6/0x480 [ 21.063416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.063452] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.063529] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.063615] ? __kthread_parkme+0x82/0x160 [ 21.063686] ? preempt_count_sub+0x50/0x80 [ 21.063756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.063786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.063841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.063892] kthread+0x257/0x310 [ 21.063918] ? __pfx_kthread+0x10/0x10 [ 21.063944] ret_from_fork+0x41/0x80 [ 21.063973] ? __pfx_kthread+0x10/0x10 [ 21.063998] ret_from_fork_asm+0x1a/0x30 [ 21.064038] </TASK> [ 21.064051] [ 21.092402] Allocated by task 266: [ 21.093210] kasan_save_stack+0x45/0x70 [ 21.093841] kasan_save_track+0x18/0x40 [ 21.094123] kasan_save_alloc_info+0x3b/0x50 [ 21.094908] __kasan_kmalloc+0xb7/0xc0 [ 21.095406] __kmalloc_cache_noprof+0x168/0x350 [ 21.095854] kasan_bitops_generic+0x93/0x1c0 [ 21.096779] kunit_try_run_case+0x1a6/0x480 [ 21.097335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.098137] kthread+0x257/0x310 [ 21.099107] ret_from_fork+0x41/0x80 [ 21.099458] ret_from_fork_asm+0x1a/0x30 [ 21.099796] [ 21.100642] The buggy address belongs to the object at ffff888101f80200 [ 21.100642] which belongs to the cache kmalloc-16 of size 16 [ 21.101684] The buggy address is located 8 bytes inside of [ 21.101684] allocated 9-byte region [ffff888101f80200, ffff888101f80209) [ 21.103673] [ 21.104191] The buggy address belongs to the physical page: [ 21.105164] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 21.105934] flags: 0x200000000000000(node=0|zone=2) [ 21.106385] page_type: f5(slab) [ 21.107612] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.108268] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 21.109112] page dumped because: kasan: bad access detected [ 21.109832] [ 21.110245] Memory state around the buggy address: [ 21.111110] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.111997] ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 21.112734] >ffff888101f80200: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.113529] ^ [ 21.114115] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.115147] ffff888101f80300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.116008] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.941586] ================================================================== [ 20.942247] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 20.942674] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.945100] [ 20.945303] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.945396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.945437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.945596] Call Trace: [ 20.945657] <TASK> [ 20.945712] dump_stack_lvl+0x73/0xb0 [ 20.945799] print_report+0xd1/0x640 [ 20.945883] ? __virt_addr_valid+0x1db/0x2d0 [ 20.945959] ? strnlen+0x73/0x80 [ 20.945990] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.946023] ? strnlen+0x73/0x80 [ 20.946050] kasan_report+0x140/0x180 [ 20.946085] ? strnlen+0x73/0x80 [ 20.946118] __asan_report_load1_noabort+0x18/0x20 [ 20.946149] strnlen+0x73/0x80 [ 20.946179] kasan_strings+0x4cc/0xb60 [ 20.946212] ? __pfx_kasan_strings+0x10/0x10 [ 20.946273] ? __schedule+0xc49/0x27a0 [ 20.946303] ? __pfx_read_tsc+0x10/0x10 [ 20.946329] ? ktime_get_ts64+0x84/0x230 [ 20.946364] kunit_try_run_case+0x1a6/0x480 [ 20.946396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.946424] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.946464] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.946750] ? __kthread_parkme+0x82/0x160 [ 20.946781] ? preempt_count_sub+0x50/0x80 [ 20.946818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.946887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.946926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.946965] kthread+0x257/0x310 [ 20.946992] ? __pfx_kthread+0x10/0x10 [ 20.947018] ret_from_fork+0x41/0x80 [ 20.947048] ? __pfx_kthread+0x10/0x10 [ 20.947074] ret_from_fork_asm+0x1a/0x30 [ 20.947114] </TASK> [ 20.947128] [ 20.964351] Allocated by task 264: [ 20.965012] kasan_save_stack+0x45/0x70 [ 20.966015] kasan_save_track+0x18/0x40 [ 20.966349] kasan_save_alloc_info+0x3b/0x50 [ 20.967089] __kasan_kmalloc+0xb7/0xc0 [ 20.968046] __kmalloc_cache_noprof+0x168/0x350 [ 20.968725] kasan_strings+0xb3/0xb60 [ 20.969263] kunit_try_run_case+0x1a6/0x480 [ 20.969782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.970596] kthread+0x257/0x310 [ 20.971049] ret_from_fork+0x41/0x80 [ 20.972034] ret_from_fork_asm+0x1a/0x30 [ 20.972453] [ 20.972970] Freed by task 264: [ 20.973671] kasan_save_stack+0x45/0x70 [ 20.974424] kasan_save_track+0x18/0x40 [ 20.975162] kasan_save_free_info+0x3f/0x60 [ 20.976118] __kasan_slab_free+0x56/0x70 [ 20.976541] kfree+0x123/0x3d0 [ 20.977325] kasan_strings+0x13a/0xb60 [ 20.978103] kunit_try_run_case+0x1a6/0x480 [ 20.979061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.979483] kthread+0x257/0x310 [ 20.979833] ret_from_fork+0x41/0x80 [ 20.980453] ret_from_fork_asm+0x1a/0x30 [ 20.980947] [ 20.981190] The buggy address belongs to the object at ffff888102af74c0 [ 20.981190] which belongs to the cache kmalloc-32 of size 32 [ 20.982924] The buggy address is located 16 bytes inside of [ 20.982924] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.984450] [ 20.984650] The buggy address belongs to the physical page: [ 20.985983] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.986861] flags: 0x200000000000000(node=0|zone=2) [ 20.987292] page_type: f5(slab) [ 20.987690] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.988987] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.989879] page dumped because: kasan: bad access detected [ 20.990392] [ 20.990662] Memory state around the buggy address: [ 20.991398] ffff888102af7380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.992343] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.992819] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.993336] ^ [ 20.993751] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.994573] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.995135] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.890202] ================================================================== [ 20.890987] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 20.891851] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.892421] [ 20.892691] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.892849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.892982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.893043] Call Trace: [ 20.893099] <TASK> [ 20.893150] dump_stack_lvl+0x73/0xb0 [ 20.893247] print_report+0xd1/0x640 [ 20.893332] ? __virt_addr_valid+0x1db/0x2d0 [ 20.893408] ? strlen+0x8f/0xb0 [ 20.893916] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.893993] ? strlen+0x8f/0xb0 [ 20.894063] kasan_report+0x140/0x180 [ 20.894111] ? strlen+0x8f/0xb0 [ 20.894147] __asan_report_load1_noabort+0x18/0x20 [ 20.894179] strlen+0x8f/0xb0 [ 20.894208] kasan_strings+0x432/0xb60 [ 20.894273] ? __pfx_kasan_strings+0x10/0x10 [ 20.894308] ? __schedule+0xc49/0x27a0 [ 20.894336] ? __pfx_read_tsc+0x10/0x10 [ 20.894362] ? ktime_get_ts64+0x84/0x230 [ 20.894398] kunit_try_run_case+0x1a6/0x480 [ 20.894431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.894528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.894597] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.894633] ? __kthread_parkme+0x82/0x160 [ 20.894663] ? preempt_count_sub+0x50/0x80 [ 20.894695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.894724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.894761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.894798] kthread+0x257/0x310 [ 20.894862] ? __pfx_kthread+0x10/0x10 [ 20.894893] ret_from_fork+0x41/0x80 [ 20.894922] ? __pfx_kthread+0x10/0x10 [ 20.894947] ret_from_fork_asm+0x1a/0x30 [ 20.894987] </TASK> [ 20.895002] [ 20.910850] Allocated by task 264: [ 20.911627] kasan_save_stack+0x45/0x70 [ 20.912055] kasan_save_track+0x18/0x40 [ 20.912704] kasan_save_alloc_info+0x3b/0x50 [ 20.913216] __kasan_kmalloc+0xb7/0xc0 [ 20.913737] __kmalloc_cache_noprof+0x168/0x350 [ 20.914700] kasan_strings+0xb3/0xb60 [ 20.915304] kunit_try_run_case+0x1a6/0x480 [ 20.916026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.916678] kthread+0x257/0x310 [ 20.917128] ret_from_fork+0x41/0x80 [ 20.917968] ret_from_fork_asm+0x1a/0x30 [ 20.918393] [ 20.918622] Freed by task 264: [ 20.918988] kasan_save_stack+0x45/0x70 [ 20.919756] kasan_save_track+0x18/0x40 [ 20.920177] kasan_save_free_info+0x3f/0x60 [ 20.920806] __kasan_slab_free+0x56/0x70 [ 20.921238] kfree+0x123/0x3d0 [ 20.922068] kasan_strings+0x13a/0xb60 [ 20.922456] kunit_try_run_case+0x1a6/0x480 [ 20.922826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.923377] kthread+0x257/0x310 [ 20.923720] ret_from_fork+0x41/0x80 [ 20.924150] ret_from_fork_asm+0x1a/0x30 [ 20.924790] [ 20.925016] The buggy address belongs to the object at ffff888102af74c0 [ 20.925016] which belongs to the cache kmalloc-32 of size 32 [ 20.926296] The buggy address is located 16 bytes inside of [ 20.926296] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.927700] [ 20.927986] The buggy address belongs to the physical page: [ 20.928612] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.929332] flags: 0x200000000000000(node=0|zone=2) [ 20.930291] page_type: f5(slab) [ 20.931107] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.931848] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.932800] page dumped because: kasan: bad access detected [ 20.933361] [ 20.934151] Memory state around the buggy address: [ 20.934493] ffff888102af7380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.935458] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.936350] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.937357] ^ [ 20.938659] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.939947] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.940453] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.831137] ================================================================== [ 20.832096] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0f/0xb60 [ 20.832553] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.833321] [ 20.833942] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.834166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.834186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.834238] Call Trace: [ 20.834291] <TASK> [ 20.834344] dump_stack_lvl+0x73/0xb0 [ 20.834427] print_report+0xd1/0x640 [ 20.834614] ? __virt_addr_valid+0x1db/0x2d0 [ 20.834674] ? kasan_strings+0xa0f/0xb60 [ 20.834743] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.834816] ? kasan_strings+0xa0f/0xb60 [ 20.834893] kasan_report+0x140/0x180 [ 20.834968] ? kasan_strings+0xa0f/0xb60 [ 20.835057] __asan_report_load1_noabort+0x18/0x20 [ 20.835131] kasan_strings+0xa0f/0xb60 [ 20.835208] ? __pfx_kasan_strings+0x10/0x10 [ 20.835355] ? __schedule+0xc49/0x27a0 [ 20.835425] ? __pfx_read_tsc+0x10/0x10 [ 20.835515] ? ktime_get_ts64+0x84/0x230 [ 20.835572] kunit_try_run_case+0x1a6/0x480 [ 20.835608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.835638] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.835667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.835704] ? __kthread_parkme+0x82/0x160 [ 20.835734] ? preempt_count_sub+0x50/0x80 [ 20.835766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.835795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.835852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.835936] kthread+0x257/0x310 [ 20.835992] ? __pfx_kthread+0x10/0x10 [ 20.836046] ret_from_fork+0x41/0x80 [ 20.836105] ? __pfx_kthread+0x10/0x10 [ 20.836162] ret_from_fork_asm+0x1a/0x30 [ 20.836256] </TASK> [ 20.836292] [ 20.856291] Allocated by task 264: [ 20.856875] kasan_save_stack+0x45/0x70 [ 20.857279] kasan_save_track+0x18/0x40 [ 20.858130] kasan_save_alloc_info+0x3b/0x50 [ 20.858785] __kasan_kmalloc+0xb7/0xc0 [ 20.859828] __kmalloc_cache_noprof+0x168/0x350 [ 20.860258] kasan_strings+0xb3/0xb60 [ 20.861095] kunit_try_run_case+0x1a6/0x480 [ 20.861416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862325] kthread+0x257/0x310 [ 20.863033] ret_from_fork+0x41/0x80 [ 20.863574] ret_from_fork_asm+0x1a/0x30 [ 20.863975] [ 20.864932] Freed by task 264: [ 20.865488] kasan_save_stack+0x45/0x70 [ 20.866191] kasan_save_track+0x18/0x40 [ 20.867097] kasan_save_free_info+0x3f/0x60 [ 20.867464] __kasan_slab_free+0x56/0x70 [ 20.868026] kfree+0x123/0x3d0 [ 20.868719] kasan_strings+0x13a/0xb60 [ 20.869708] kunit_try_run_case+0x1a6/0x480 [ 20.870525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.871463] kthread+0x257/0x310 [ 20.872252] ret_from_fork+0x41/0x80 [ 20.872967] ret_from_fork_asm+0x1a/0x30 [ 20.873581] [ 20.873920] The buggy address belongs to the object at ffff888102af74c0 [ 20.873920] which belongs to the cache kmalloc-32 of size 32 [ 20.875712] The buggy address is located 16 bytes inside of [ 20.875712] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.876581] [ 20.876778] The buggy address belongs to the physical page: [ 20.878014] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.878532] flags: 0x200000000000000(node=0|zone=2) [ 20.879293] page_type: f5(slab) [ 20.879936] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.881370] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.882291] page dumped because: kasan: bad access detected [ 20.882701] [ 20.883193] Memory state around the buggy address: [ 20.883602] ffff888102af7380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.884449] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.885551] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.886249] ^ [ 20.887045] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.887812] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.888307] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.769160] ================================================================== [ 20.770664] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 20.771475] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.772411] [ 20.773864] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.774307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.774325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.774358] Call Trace: [ 20.774377] <TASK> [ 20.774397] dump_stack_lvl+0x73/0xb0 [ 20.774438] print_report+0xd1/0x640 [ 20.774563] ? __virt_addr_valid+0x1db/0x2d0 [ 20.774632] ? strcmp+0xb0/0xc0 [ 20.774668] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.774700] ? strcmp+0xb0/0xc0 [ 20.774727] kasan_report+0x140/0x180 [ 20.774762] ? strcmp+0xb0/0xc0 [ 20.774794] __asan_report_load1_noabort+0x18/0x20 [ 20.774858] strcmp+0xb0/0xc0 [ 20.774892] kasan_strings+0x2e9/0xb60 [ 20.774924] ? __pfx_kasan_strings+0x10/0x10 [ 20.774957] ? __schedule+0xc49/0x27a0 [ 20.774988] ? __pfx_read_tsc+0x10/0x10 [ 20.775016] ? ktime_get_ts64+0x84/0x230 [ 20.775053] kunit_try_run_case+0x1a6/0x480 [ 20.775085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.775114] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.775142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.775178] ? __kthread_parkme+0x82/0x160 [ 20.775205] ? preempt_count_sub+0x50/0x80 [ 20.775280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.775313] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.775351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.775388] kthread+0x257/0x310 [ 20.775414] ? __pfx_kthread+0x10/0x10 [ 20.775447] ret_from_fork+0x41/0x80 [ 20.775601] ? __pfx_kthread+0x10/0x10 [ 20.775630] ret_from_fork_asm+0x1a/0x30 [ 20.775671] </TASK> [ 20.775685] [ 20.797381] Allocated by task 264: [ 20.798326] kasan_save_stack+0x45/0x70 [ 20.798913] kasan_save_track+0x18/0x40 [ 20.799246] kasan_save_alloc_info+0x3b/0x50 [ 20.800058] __kasan_kmalloc+0xb7/0xc0 [ 20.800462] __kmalloc_cache_noprof+0x168/0x350 [ 20.801808] kasan_strings+0xb3/0xb60 [ 20.802339] kunit_try_run_case+0x1a6/0x480 [ 20.802821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.803594] kthread+0x257/0x310 [ 20.803932] ret_from_fork+0x41/0x80 [ 20.804344] ret_from_fork_asm+0x1a/0x30 [ 20.804701] [ 20.806085] Freed by task 264: [ 20.806507] kasan_save_stack+0x45/0x70 [ 20.806812] kasan_save_track+0x18/0x40 [ 20.807106] kasan_save_free_info+0x3f/0x60 [ 20.807436] __kasan_slab_free+0x56/0x70 [ 20.807700] kfree+0x123/0x3d0 [ 20.807925] kasan_strings+0x13a/0xb60 [ 20.808183] kunit_try_run_case+0x1a6/0x480 [ 20.809201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.810749] kthread+0x257/0x310 [ 20.811145] ret_from_fork+0x41/0x80 [ 20.811427] ret_from_fork_asm+0x1a/0x30 [ 20.812216] [ 20.812761] The buggy address belongs to the object at ffff888102af74c0 [ 20.812761] which belongs to the cache kmalloc-32 of size 32 [ 20.813881] The buggy address is located 16 bytes inside of [ 20.813881] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.817926] [ 20.818095] The buggy address belongs to the physical page: [ 20.818604] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.819196] flags: 0x200000000000000(node=0|zone=2) [ 20.819918] page_type: f5(slab) [ 20.820285] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.821430] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.822042] page dumped because: kasan: bad access detected [ 20.823184] [ 20.823430] Memory state around the buggy address: [ 20.824159] ffff888102af7380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.824955] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.825338] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.827628] ^ [ 20.828533] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.828920] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.829593] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strrchr
[ 20.720713] ================================================================== [ 20.721349] BUG: KASAN: slab-use-after-free in strrchr+0x64/0x70 [ 20.722271] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.723036] [ 20.723290] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.723411] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.723447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.723506] Call Trace: [ 20.723542] <TASK> [ 20.723588] dump_stack_lvl+0x73/0xb0 [ 20.723773] print_report+0xd1/0x640 [ 20.723854] ? __virt_addr_valid+0x1db/0x2d0 [ 20.723935] ? strrchr+0x64/0x70 [ 20.724005] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.724085] ? strrchr+0x64/0x70 [ 20.724152] kasan_report+0x140/0x180 [ 20.724252] ? strrchr+0x64/0x70 [ 20.724334] __asan_report_load1_noabort+0x18/0x20 [ 20.724409] strrchr+0x64/0x70 [ 20.724478] kasan_strings+0x24c/0xb60 [ 20.724555] ? __pfx_kasan_strings+0x10/0x10 [ 20.724633] ? __schedule+0xc49/0x27a0 [ 20.724704] ? __pfx_read_tsc+0x10/0x10 [ 20.724769] ? ktime_get_ts64+0x84/0x230 [ 20.724850] kunit_try_run_case+0x1a6/0x480 [ 20.724930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.724996] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.725068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.725171] ? __kthread_parkme+0x82/0x160 [ 20.725202] ? preempt_count_sub+0x50/0x80 [ 20.725260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.725291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.725329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.725365] kthread+0x257/0x310 [ 20.725390] ? __pfx_kthread+0x10/0x10 [ 20.725415] ret_from_fork+0x41/0x80 [ 20.725458] ? __pfx_kthread+0x10/0x10 [ 20.725555] ret_from_fork_asm+0x1a/0x30 [ 20.725652] </TASK> [ 20.725688] [ 20.739888] Allocated by task 264: [ 20.740258] kasan_save_stack+0x45/0x70 [ 20.740720] kasan_save_track+0x18/0x40 [ 20.741251] kasan_save_alloc_info+0x3b/0x50 [ 20.741637] __kasan_kmalloc+0xb7/0xc0 [ 20.742131] __kmalloc_cache_noprof+0x168/0x350 [ 20.742900] kasan_strings+0xb3/0xb60 [ 20.743244] kunit_try_run_case+0x1a6/0x480 [ 20.743584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.744275] kthread+0x257/0x310 [ 20.744748] ret_from_fork+0x41/0x80 [ 20.745136] ret_from_fork_asm+0x1a/0x30 [ 20.745671] [ 20.745899] Freed by task 264: [ 20.746289] kasan_save_stack+0x45/0x70 [ 20.746614] kasan_save_track+0x18/0x40 [ 20.746932] kasan_save_free_info+0x3f/0x60 [ 20.747292] __kasan_slab_free+0x56/0x70 [ 20.747620] kfree+0x123/0x3d0 [ 20.747996] kasan_strings+0x13a/0xb60 [ 20.749090] kunit_try_run_case+0x1a6/0x480 [ 20.749636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.750410] kthread+0x257/0x310 [ 20.750776] ret_from_fork+0x41/0x80 [ 20.751196] ret_from_fork_asm+0x1a/0x30 [ 20.751670] [ 20.752057] The buggy address belongs to the object at ffff888102af74c0 [ 20.752057] which belongs to the cache kmalloc-32 of size 32 [ 20.753328] The buggy address is located 16 bytes inside of [ 20.753328] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.754583] [ 20.754822] The buggy address belongs to the physical page: [ 20.755326] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.755826] flags: 0x200000000000000(node=0|zone=2) [ 20.756180] page_type: f5(slab) [ 20.756804] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.757715] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.759712] page dumped because: kasan: bad access detected [ 20.760151] [ 20.760351] Memory state around the buggy address: [ 20.761856] ffff888102af7380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.762651] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.763252] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.764101] ^ [ 20.765335] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.766061] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.766753] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strchr
[ 20.668154] ================================================================== [ 20.669918] BUG: KASAN: slab-use-after-free in strchr+0x9c/0xc0 [ 20.670462] Read of size 1 at addr ffff888102af74d0 by task kunit_try_catch/264 [ 20.671926] [ 20.672140] CPU: 1 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.672263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.672303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.672611] Call Trace: [ 20.672641] <TASK> [ 20.672667] dump_stack_lvl+0x73/0xb0 [ 20.672709] print_report+0xd1/0x640 [ 20.672748] ? __virt_addr_valid+0x1db/0x2d0 [ 20.672785] ? strchr+0x9c/0xc0 [ 20.672818] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.672885] ? strchr+0x9c/0xc0 [ 20.672915] kasan_report+0x140/0x180 [ 20.672951] ? strchr+0x9c/0xc0 [ 20.672984] __asan_report_load1_noabort+0x18/0x20 [ 20.673017] strchr+0x9c/0xc0 [ 20.673046] kasan_strings+0x1b1/0xb60 [ 20.673080] ? __pfx_kasan_strings+0x10/0x10 [ 20.673113] ? __schedule+0xc49/0x27a0 [ 20.673141] ? __pfx_read_tsc+0x10/0x10 [ 20.673169] ? ktime_get_ts64+0x84/0x230 [ 20.673206] kunit_try_run_case+0x1a6/0x480 [ 20.673270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.673300] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.673329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.673366] ? __kthread_parkme+0x82/0x160 [ 20.673394] ? preempt_count_sub+0x50/0x80 [ 20.673425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.673494] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.673579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.673620] kthread+0x257/0x310 [ 20.673645] ? __pfx_kthread+0x10/0x10 [ 20.673671] ret_from_fork+0x41/0x80 [ 20.673699] ? __pfx_kthread+0x10/0x10 [ 20.673724] ret_from_fork_asm+0x1a/0x30 [ 20.673766] </TASK> [ 20.673780] [ 20.693054] Allocated by task 264: [ 20.693255] kasan_save_stack+0x45/0x70 [ 20.693459] kasan_save_track+0x18/0x40 [ 20.693758] kasan_save_alloc_info+0x3b/0x50 [ 20.694212] __kasan_kmalloc+0xb7/0xc0 [ 20.694909] __kmalloc_cache_noprof+0x168/0x350 [ 20.695098] kasan_strings+0xb3/0xb60 [ 20.695753] kunit_try_run_case+0x1a6/0x480 [ 20.696926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.698279] kthread+0x257/0x310 [ 20.698649] ret_from_fork+0x41/0x80 [ 20.699041] ret_from_fork_asm+0x1a/0x30 [ 20.699850] [ 20.700041] Freed by task 264: [ 20.700408] kasan_save_stack+0x45/0x70 [ 20.700782] kasan_save_track+0x18/0x40 [ 20.701202] kasan_save_free_info+0x3f/0x60 [ 20.701597] __kasan_slab_free+0x56/0x70 [ 20.702109] kfree+0x123/0x3d0 [ 20.702437] kasan_strings+0x13a/0xb60 [ 20.702852] kunit_try_run_case+0x1a6/0x480 [ 20.703280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.704549] kthread+0x257/0x310 [ 20.705233] ret_from_fork+0x41/0x80 [ 20.705622] ret_from_fork_asm+0x1a/0x30 [ 20.706144] [ 20.706427] The buggy address belongs to the object at ffff888102af74c0 [ 20.706427] which belongs to the cache kmalloc-32 of size 32 [ 20.707538] The buggy address is located 16 bytes inside of [ 20.707538] freed 32-byte region [ffff888102af74c0, ffff888102af74e0) [ 20.709064] [ 20.709289] The buggy address belongs to the physical page: [ 20.709853] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.710399] flags: 0x200000000000000(node=0|zone=2) [ 20.710879] page_type: f5(slab) [ 20.711314] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.711872] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.712540] page dumped because: kasan: bad access detected [ 20.712982] [ 20.713162] Memory state around the buggy address: [ 20.714568] ffff888102af7380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.715276] ffff888102af7400: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.716369] >ffff888102af7480: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.717004] ^ [ 20.717498] ffff888102af7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.718391] ffff888102af7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.718950] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.611880] ================================================================== [ 20.612566] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 20.613444] Read of size 1 at addr ffff888102af7398 by task kunit_try_catch/262 [ 20.615421] [ 20.616303] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.616380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.616398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.616429] Call Trace: [ 20.616486] <TASK> [ 20.616537] dump_stack_lvl+0x73/0xb0 [ 20.616600] print_report+0xd1/0x640 [ 20.616636] ? __virt_addr_valid+0x1db/0x2d0 [ 20.616672] ? memcmp+0x1b4/0x1d0 [ 20.616700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.616732] ? memcmp+0x1b4/0x1d0 [ 20.616760] kasan_report+0x140/0x180 [ 20.616793] ? memcmp+0x1b4/0x1d0 [ 20.616850] __asan_report_load1_noabort+0x18/0x20 [ 20.616889] memcmp+0x1b4/0x1d0 [ 20.616921] kasan_memcmp+0x190/0x390 [ 20.616954] ? __pfx_kasan_memcmp+0x10/0x10 [ 20.616984] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.617023] ? __pfx_kasan_memcmp+0x10/0x10 [ 20.617060] kunit_try_run_case+0x1a6/0x480 [ 20.617090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.617118] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.617145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.617180] ? __kthread_parkme+0x82/0x160 [ 20.617207] ? preempt_count_sub+0x50/0x80 [ 20.617265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.617295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.617332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.617369] kthread+0x257/0x310 [ 20.617392] ? __pfx_kthread+0x10/0x10 [ 20.617419] ret_from_fork+0x41/0x80 [ 20.617472] ? __pfx_kthread+0x10/0x10 [ 20.617584] ret_from_fork_asm+0x1a/0x30 [ 20.617647] </TASK> [ 20.617662] [ 20.638836] Allocated by task 262: [ 20.639848] kasan_save_stack+0x45/0x70 [ 20.640837] kasan_save_track+0x18/0x40 [ 20.641566] kasan_save_alloc_info+0x3b/0x50 [ 20.642304] __kasan_kmalloc+0xb7/0xc0 [ 20.643020] __kmalloc_cache_noprof+0x168/0x350 [ 20.643429] kasan_memcmp+0xb8/0x390 [ 20.644196] kunit_try_run_case+0x1a6/0x480 [ 20.644628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.645325] kthread+0x257/0x310 [ 20.645688] ret_from_fork+0x41/0x80 [ 20.646017] ret_from_fork_asm+0x1a/0x30 [ 20.647023] [ 20.647291] The buggy address belongs to the object at ffff888102af7380 [ 20.647291] which belongs to the cache kmalloc-32 of size 32 [ 20.648752] The buggy address is located 0 bytes to the right of [ 20.648752] allocated 24-byte region [ffff888102af7380, ffff888102af7398) [ 20.650033] [ 20.650292] The buggy address belongs to the physical page: [ 20.651031] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102af7 [ 20.652080] flags: 0x200000000000000(node=0|zone=2) [ 20.652669] page_type: f5(slab) [ 20.653061] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.653929] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.654671] page dumped because: kasan: bad access detected [ 20.655166] [ 20.655429] Memory state around the buggy address: [ 20.656279] ffff888102af7280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.656847] ffff888102af7300: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.657388] >ffff888102af7380: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.657903] ^ [ 20.658559] ffff888102af7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.659241] ffff888102af7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.660427] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memchr
[ 20.556002] ================================================================== [ 20.557713] BUG: KASAN: slab-out-of-bounds in memchr+0x79/0x90 [ 20.558789] Read of size 1 at addr ffff888102933f18 by task kunit_try_catch/260 [ 20.559851] [ 20.560073] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.560194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.560636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.560707] Call Trace: [ 20.560752] <TASK> [ 20.560803] dump_stack_lvl+0x73/0xb0 [ 20.560925] print_report+0xd1/0x640 [ 20.561004] ? __virt_addr_valid+0x1db/0x2d0 [ 20.561083] ? memchr+0x79/0x90 [ 20.561149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.561245] ? memchr+0x79/0x90 [ 20.561319] kasan_report+0x140/0x180 [ 20.561386] ? memchr+0x79/0x90 [ 20.561422] __asan_report_load1_noabort+0x18/0x20 [ 20.561517] memchr+0x79/0x90 [ 20.561595] kasan_memchr+0x163/0x320 [ 20.561665] ? __pfx_kasan_memchr+0x10/0x10 [ 20.561729] ? __schedule+0xc49/0x27a0 [ 20.561789] ? __pfx_read_tsc+0x10/0x10 [ 20.561877] ? ktime_get_ts64+0x84/0x230 [ 20.561925] kunit_try_run_case+0x1a6/0x480 [ 20.561961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.561992] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.562023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.562060] ? __kthread_parkme+0x82/0x160 [ 20.562090] ? preempt_count_sub+0x50/0x80 [ 20.562124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.562154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.562192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.562262] kthread+0x257/0x310 [ 20.562293] ? __pfx_kthread+0x10/0x10 [ 20.562322] ret_from_fork+0x41/0x80 [ 20.562350] ? __pfx_kthread+0x10/0x10 [ 20.562376] ret_from_fork_asm+0x1a/0x30 [ 20.562418] </TASK> [ 20.562433] [ 20.584173] Allocated by task 260: [ 20.584480] kasan_save_stack+0x45/0x70 [ 20.585375] kasan_save_track+0x18/0x40 [ 20.586183] kasan_save_alloc_info+0x3b/0x50 [ 20.586837] __kasan_kmalloc+0xb7/0xc0 [ 20.587177] __kmalloc_cache_noprof+0x168/0x350 [ 20.587699] kasan_memchr+0xad/0x320 [ 20.588483] kunit_try_run_case+0x1a6/0x480 [ 20.588866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.589747] kthread+0x257/0x310 [ 20.590119] ret_from_fork+0x41/0x80 [ 20.591394] ret_from_fork_asm+0x1a/0x30 [ 20.592170] [ 20.592498] The buggy address belongs to the object at ffff888102933f00 [ 20.592498] which belongs to the cache kmalloc-32 of size 32 [ 20.593571] The buggy address is located 0 bytes to the right of [ 20.593571] allocated 24-byte region [ffff888102933f00, ffff888102933f18) [ 20.594803] [ 20.595238] The buggy address belongs to the physical page: [ 20.595712] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102933 [ 20.596505] flags: 0x200000000000000(node=0|zone=2) [ 20.597326] page_type: f5(slab) [ 20.597630] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.598811] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 20.599384] page dumped because: kasan: bad access detected [ 20.600338] [ 20.600516] Memory state around the buggy address: [ 20.601353] ffff888102933e00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.602490] ffff888102933e80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.603216] >ffff888102933f00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.603962] ^ [ 20.604429] ffff888102933f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.605376] ffff888102934000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.606076] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.507592] ================================================================== [ 20.508461] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x32b/0x390 [ 20.509143] Read of size 1 at addr ffff888102ce7caa by task kunit_try_catch/258 [ 20.509706] [ 20.510039] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.510159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.510195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.510274] Call Trace: [ 20.510311] <TASK> [ 20.510354] dump_stack_lvl+0x73/0xb0 [ 20.510442] print_report+0xd1/0x640 [ 20.510519] ? __virt_addr_valid+0x1db/0x2d0 [ 20.510642] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.510725] ? kasan_addr_to_slab+0x11/0xa0 [ 20.510827] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.510939] kasan_report+0x140/0x180 [ 20.511027] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.511155] __asan_report_load1_noabort+0x18/0x20 [ 20.511250] kasan_alloca_oob_right+0x32b/0x390 [ 20.511346] ? dup_user_cpus_ptr+0x11e/0x260 [ 20.511420] ? __schedule+0xc49/0x27a0 [ 20.511492] ? trace_hardirqs_on+0x37/0xe0 [ 20.511576] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 20.511667] ? __schedule+0xc49/0x27a0 [ 20.511718] ? __pfx_read_tsc+0x10/0x10 [ 20.511751] ? ktime_get_ts64+0x84/0x230 [ 20.511788] kunit_try_run_case+0x1a6/0x480 [ 20.511844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.511882] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.511912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.511947] ? __kthread_parkme+0x82/0x160 [ 20.511975] ? preempt_count_sub+0x50/0x80 [ 20.512004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.512032] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.512069] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.512105] kthread+0x257/0x310 [ 20.512130] ? __pfx_kthread+0x10/0x10 [ 20.512157] ret_from_fork+0x41/0x80 [ 20.512185] ? __pfx_kthread+0x10/0x10 [ 20.512210] ret_from_fork_asm+0x1a/0x30 [ 20.512280] </TASK> [ 20.512294] [ 20.530965] The buggy address belongs to stack of task kunit_try_catch/258 [ 20.531746] [ 20.532004] The buggy address belongs to the physical page: [ 20.532494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce7 [ 20.533080] flags: 0x200000000000000(node=0|zone=2) [ 20.534091] raw: 0200000000000000 ffffea00040b39c8 ffffea00040b39c8 0000000000000000 [ 20.534919] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.535706] page dumped because: kasan: bad access detected [ 20.536266] [ 20.536644] Memory state around the buggy address: [ 20.537161] ffff888102ce7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.537787] ffff888102ce7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.538836] >ffff888102ce7c80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 20.539614] ^ [ 20.540082] ffff888102ce7d00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 20.541378] ffff888102ce7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 20.541796] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.474021] ================================================================== [ 20.474806] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380 [ 20.475462] Read of size 1 at addr ffff888102cdfc9f by task kunit_try_catch/256 [ 20.476054] [ 20.476349] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.476463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.476502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.476559] Call Trace: [ 20.476598] <TASK> [ 20.476640] dump_stack_lvl+0x73/0xb0 [ 20.476721] print_report+0xd1/0x640 [ 20.476796] ? __virt_addr_valid+0x1db/0x2d0 [ 20.476917] ? kasan_alloca_oob_left+0x322/0x380 [ 20.476991] ? kasan_addr_to_slab+0x11/0xa0 [ 20.477060] ? kasan_alloca_oob_left+0x322/0x380 [ 20.477143] kasan_report+0x140/0x180 [ 20.477244] ? kasan_alloca_oob_left+0x322/0x380 [ 20.477332] __asan_report_load1_noabort+0x18/0x20 [ 20.477407] kasan_alloca_oob_left+0x322/0x380 [ 20.477494] ? dup_user_cpus_ptr+0x11e/0x260 [ 20.477566] ? __schedule+0xc49/0x27a0 [ 20.477630] ? trace_hardirqs_on+0x37/0xe0 [ 20.477699] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 20.477741] ? __schedule+0xc49/0x27a0 [ 20.477767] ? __pfx_read_tsc+0x10/0x10 [ 20.477793] ? ktime_get_ts64+0x84/0x230 [ 20.477880] kunit_try_run_case+0x1a6/0x480 [ 20.477918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.477947] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.477976] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.478013] ? __kthread_parkme+0x82/0x160 [ 20.478041] ? preempt_count_sub+0x50/0x80 [ 20.478070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.478097] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.478132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.478170] kthread+0x257/0x310 [ 20.478198] ? __pfx_kthread+0x10/0x10 [ 20.478250] ret_from_fork+0x41/0x80 [ 20.478286] ? __pfx_kthread+0x10/0x10 [ 20.478312] ret_from_fork_asm+0x1a/0x30 [ 20.478352] </TASK> [ 20.478366] [ 20.492347] The buggy address belongs to stack of task kunit_try_catch/256 [ 20.492960] [ 20.493191] The buggy address belongs to the physical page: [ 20.493772] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cdf [ 20.494507] flags: 0x200000000000000(node=0|zone=2) [ 20.494987] raw: 0200000000000000 ffffea00040b37c8 ffffea00040b37c8 0000000000000000 [ 20.495673] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.496398] page dumped because: kasan: bad access detected [ 20.496931] [ 20.497148] Memory state around the buggy address: [ 20.497502] ffff888102cdfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.498197] ffff888102cdfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.498913] >ffff888102cdfc80: ca ca ca ca 00 02 cb cb cb cb cb cb 00 00 00 00 [ 20.499413] ^ [ 20.499892] ffff888102cdfd00: 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 00 f3 [ 20.500539] ffff888102cdfd80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 20.501142] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.423787] ================================================================== [ 20.425798] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b7/0x300 [ 20.426757] Read of size 1 at addr ffff888102ce7d72 by task kunit_try_catch/254 [ 20.428093] [ 20.428584] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.428705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.428742] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.428801] Call Trace: [ 20.428839] <TASK> [ 20.428939] dump_stack_lvl+0x73/0xb0 [ 20.429050] print_report+0xd1/0x640 [ 20.429129] ? __virt_addr_valid+0x1db/0x2d0 [ 20.429167] ? kasan_stack_oob+0x2b7/0x300 [ 20.429198] ? kasan_addr_to_slab+0x11/0xa0 [ 20.429256] ? kasan_stack_oob+0x2b7/0x300 [ 20.429291] kasan_report+0x140/0x180 [ 20.429327] ? kasan_stack_oob+0x2b7/0x300 [ 20.429365] __asan_report_load1_noabort+0x18/0x20 [ 20.429398] kasan_stack_oob+0x2b7/0x300 [ 20.429429] ? __pfx_kasan_stack_oob+0x10/0x10 [ 20.429509] ? finish_task_switch.isra.0+0x153/0x700 [ 20.429577] ? __switch_to+0x5d9/0xf60 [ 20.429662] ? __schedule+0xc49/0x27a0 [ 20.429733] ? __pfx_read_tsc+0x10/0x10 [ 20.429780] ? ktime_get_ts64+0x84/0x230 [ 20.429824] kunit_try_run_case+0x1a6/0x480 [ 20.429889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.429918] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.429947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.429983] ? __kthread_parkme+0x82/0x160 [ 20.430013] ? preempt_count_sub+0x50/0x80 [ 20.430042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.430070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.430106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.430143] kthread+0x257/0x310 [ 20.430169] ? __pfx_kthread+0x10/0x10 [ 20.430196] ret_from_fork+0x41/0x80 [ 20.430248] ? __pfx_kthread+0x10/0x10 [ 20.430276] ret_from_fork_asm+0x1a/0x30 [ 20.430317] </TASK> [ 20.430332] [ 20.450787] The buggy address belongs to stack of task kunit_try_catch/254 [ 20.452162] and is located at offset 138 in frame: [ 20.452557] kasan_stack_oob+0x0/0x300 [ 20.453320] [ 20.453645] This frame has 4 objects: [ 20.454086] [48, 49) '__assertion' [ 20.454156] [64, 72) 'array' [ 20.454598] [96, 112) '__assertion' [ 20.455030] [128, 138) 'stack_array' [ 20.455688] [ 20.456959] The buggy address belongs to the physical page: [ 20.457455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ce7 [ 20.458529] flags: 0x200000000000000(node=0|zone=2) [ 20.459084] raw: 0200000000000000 ffffea00040b39c8 ffffea00040b39c8 0000000000000000 [ 20.460155] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.461137] page dumped because: kasan: bad access detected [ 20.461590] [ 20.462182] Memory state around the buggy address: [ 20.462502] ffff888102ce7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.463129] ffff888102ce7c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 20.464390] >ffff888102ce7d00: f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 02 f3 [ 20.465150] ^ [ 20.466168] ffff888102ce7d80: f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 [ 20.467106] ffff888102ce7e00: f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 00 00 [ 20.467749] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 20.377278] ================================================================== [ 20.378278] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 20.378888] Read of size 1 at addr ffffffff893d0d6d by task kunit_try_catch/250 [ 20.380393] [ 20.380780] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.380917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.380955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.381011] Call Trace: [ 20.381056] <TASK> [ 20.381107] dump_stack_lvl+0x73/0xb0 [ 20.381191] print_report+0xd1/0x640 [ 20.381284] ? __virt_addr_valid+0x1db/0x2d0 [ 20.381365] ? kasan_global_oob_right+0x288/0x2d0 [ 20.381450] ? kasan_addr_to_slab+0x11/0xa0 [ 20.381567] ? kasan_global_oob_right+0x288/0x2d0 [ 20.381606] kasan_report+0x140/0x180 [ 20.381643] ? kasan_global_oob_right+0x288/0x2d0 [ 20.381683] __asan_report_load1_noabort+0x18/0x20 [ 20.381714] kasan_global_oob_right+0x288/0x2d0 [ 20.381748] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 20.381785] ? __schedule+0xc49/0x27a0 [ 20.381839] ? __pfx_read_tsc+0x10/0x10 [ 20.381892] ? ktime_get_ts64+0x84/0x230 [ 20.381932] kunit_try_run_case+0x1a6/0x480 [ 20.381965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.381994] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.382022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.382057] ? __kthread_parkme+0x82/0x160 [ 20.382086] ? preempt_count_sub+0x50/0x80 [ 20.382119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.382148] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.382185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.382243] kthread+0x257/0x310 [ 20.382274] ? __pfx_kthread+0x10/0x10 [ 20.382301] ret_from_fork+0x41/0x80 [ 20.382329] ? __pfx_kthread+0x10/0x10 [ 20.382354] ret_from_fork_asm+0x1a/0x30 [ 20.382397] </TASK> [ 20.382412] [ 20.398956] The buggy address belongs to the variable: [ 20.400276] global_array+0xd/0x40 [ 20.401092] [ 20.401389] The buggy address belongs to the physical page: [ 20.401845] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1347d0 [ 20.402775] flags: 0x200000000002000(reserved|node=0|zone=2) [ 20.403196] raw: 0200000000002000 ffffea0004d1f408 ffffea0004d1f408 0000000000000000 [ 20.404271] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.405039] page dumped because: kasan: bad access detected [ 20.405789] [ 20.406017] Memory state around the buggy address: [ 20.406368] ffffffff893d0c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.406913] ffffffff893d0c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.408331] >ffffffff893d0d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 02 f9 f9 [ 20.409011] ^ [ 20.409841] ffffffff893d0d80: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 [ 20.410559] ffffffff893d0e00: f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 20.411246] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 20.328841] ================================================================== [ 20.329832] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.330488] Free of addr ffff888102bfc001 by task kunit_try_catch/248 [ 20.330942] [ 20.331185] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.332109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.332130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.332164] Call Trace: [ 20.332182] <TASK> [ 20.332204] dump_stack_lvl+0x73/0xb0 [ 20.332275] print_report+0xd1/0x640 [ 20.332311] ? __virt_addr_valid+0x1db/0x2d0 [ 20.332349] ? kasan_addr_to_slab+0x11/0xa0 [ 20.332379] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.332411] kasan_report_invalid_free+0xfc/0x120 [ 20.332463] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.332580] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.332614] __kasan_mempool_poison_object+0x102/0x1d0 [ 20.332653] mempool_free+0x2ec/0x380 [ 20.332686] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.332719] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.332754] ? irqentry_exit+0x2a/0x60 [ 20.332784] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.332832] mempool_kmalloc_large_invalid_free+0xee/0x140 [ 20.332894] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.332931] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.332957] ? __pfx_mempool_kfree+0x10/0x10 [ 20.332985] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.333020] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 20.333055] kunit_try_run_case+0x1a6/0x480 [ 20.333089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.333120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.333149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.333186] ? __kthread_parkme+0x82/0x160 [ 20.333233] ? preempt_count_sub+0x50/0x80 [ 20.333275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.333306] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.333343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.333383] kthread+0x257/0x310 [ 20.333409] ? __pfx_kthread+0x10/0x10 [ 20.333437] ret_from_fork+0x41/0x80 [ 20.333546] ? __pfx_kthread+0x10/0x10 [ 20.333585] ret_from_fork_asm+0x1a/0x30 [ 20.333631] </TASK> [ 20.333645] [ 20.355277] The buggy address belongs to the physical page: [ 20.355809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bfc [ 20.356465] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.357404] flags: 0x200000000000040(head|node=0|zone=2) [ 20.358205] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.358973] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.360025] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.360640] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.361956] head: 0200000000000002 ffffea00040aff01 ffffffffffffffff 0000000000000000 [ 20.362484] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.363291] page dumped because: kasan: bad access detected [ 20.364285] [ 20.364535] Memory state around the buggy address: [ 20.365369] ffff888102bfbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.366432] ffff888102bfbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.367375] >ffff888102bfc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.367967] ^ [ 20.368393] ffff888102bfc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.369417] ffff888102bfc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.370728] ================================================================== [ 20.260028] ================================================================== [ 20.261512] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.261932] Free of addr ffff88810231c101 by task kunit_try_catch/246 [ 20.262912] [ 20.263333] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.263539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.263582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.263640] Call Trace: [ 20.263675] <TASK> [ 20.263717] dump_stack_lvl+0x73/0xb0 [ 20.263803] print_report+0xd1/0x640 [ 20.263906] ? __virt_addr_valid+0x1db/0x2d0 [ 20.263975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.264043] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.264122] kasan_report_invalid_free+0xfc/0x120 [ 20.264202] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.264293] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.264375] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.264479] check_slab_allocation+0x11f/0x130 [ 20.264558] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.264637] mempool_free+0x2ec/0x380 [ 20.264719] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 20.264788] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 20.264848] ? finish_task_switch.isra.0+0x153/0x700 [ 20.264895] mempool_kmalloc_invalid_free+0xee/0x140 [ 20.264925] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 20.264958] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.264984] ? __pfx_mempool_kfree+0x10/0x10 [ 20.265011] ? __pfx_read_tsc+0x10/0x10 [ 20.265039] ? ktime_get_ts64+0x84/0x230 [ 20.265076] kunit_try_run_case+0x1a6/0x480 [ 20.265109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.265138] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.265169] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.265205] ? __kthread_parkme+0x82/0x160 [ 20.265264] ? preempt_count_sub+0x50/0x80 [ 20.265296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.265325] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.265361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.265398] kthread+0x257/0x310 [ 20.265424] ? __pfx_kthread+0x10/0x10 [ 20.265474] ret_from_fork+0x41/0x80 [ 20.265550] ? __pfx_kthread+0x10/0x10 [ 20.265591] ret_from_fork_asm+0x1a/0x30 [ 20.265635] </TASK> [ 20.265650] [ 20.296800] Allocated by task 246: [ 20.297155] kasan_save_stack+0x45/0x70 [ 20.297876] kasan_save_track+0x18/0x40 [ 20.298459] kasan_save_alloc_info+0x3b/0x50 [ 20.299180] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.299779] remove_element+0x11e/0x190 [ 20.300590] mempool_alloc_preallocated+0x4d/0x90 [ 20.300784] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 20.302039] mempool_kmalloc_invalid_free+0xee/0x140 [ 20.302995] kunit_try_run_case+0x1a6/0x480 [ 20.303386] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.304124] kthread+0x257/0x310 [ 20.304408] ret_from_fork+0x41/0x80 [ 20.305388] ret_from_fork_asm+0x1a/0x30 [ 20.306388] [ 20.306724] The buggy address belongs to the object at ffff88810231c100 [ 20.306724] which belongs to the cache kmalloc-128 of size 128 [ 20.308580] The buggy address is located 1 bytes inside of [ 20.308580] 128-byte region [ffff88810231c100, ffff88810231c180) [ 20.310207] [ 20.310401] The buggy address belongs to the physical page: [ 20.311292] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10231c [ 20.312317] flags: 0x200000000000000(node=0|zone=2) [ 20.313186] page_type: f5(slab) [ 20.313493] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.314449] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 20.315388] page dumped because: kasan: bad access detected [ 20.316164] [ 20.316690] Memory state around the buggy address: [ 20.317237] ffff88810231c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.318240] ffff88810231c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.319090] >ffff88810231c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.319879] ^ [ 20.320403] ffff88810231c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.321573] ffff88810231c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.322715] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 20.103929] ================================================================== [ 20.104862] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 20.105445] Free of addr ffff888102930f00 by task kunit_try_catch/240 [ 20.105901] [ 20.106148] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.107159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.107201] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.107286] Call Trace: [ 20.107317] <TASK> [ 20.107362] dump_stack_lvl+0x73/0xb0 [ 20.107456] print_report+0xd1/0x640 [ 20.107539] ? __virt_addr_valid+0x1db/0x2d0 [ 20.107597] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.107631] ? mempool_double_free_helper+0x185/0x370 [ 20.107660] kasan_report_invalid_free+0xfc/0x120 [ 20.107696] ? mempool_double_free_helper+0x185/0x370 [ 20.107727] ? mempool_double_free_helper+0x185/0x370 [ 20.107754] ? mempool_double_free_helper+0x185/0x370 [ 20.107779] check_slab_allocation+0x101/0x130 [ 20.107818] __kasan_mempool_poison_object+0x91/0x1d0 [ 20.107890] mempool_free+0x2ec/0x380 [ 20.107923] mempool_double_free_helper+0x185/0x370 [ 20.107952] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.107986] ? finish_task_switch.isra.0+0x153/0x700 [ 20.108020] mempool_kmalloc_double_free+0xee/0x140 [ 20.108049] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 20.108081] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.108106] ? __pfx_mempool_kfree+0x10/0x10 [ 20.108134] ? __pfx_read_tsc+0x10/0x10 [ 20.108161] ? ktime_get_ts64+0x84/0x230 [ 20.108197] kunit_try_run_case+0x1a6/0x480 [ 20.108260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.108291] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.108322] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.108357] ? __kthread_parkme+0x82/0x160 [ 20.108384] ? preempt_count_sub+0x50/0x80 [ 20.108412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.108444] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.108553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.108601] kthread+0x257/0x310 [ 20.108626] ? __pfx_kthread+0x10/0x10 [ 20.108651] ret_from_fork+0x41/0x80 [ 20.108680] ? __pfx_kthread+0x10/0x10 [ 20.108705] ret_from_fork_asm+0x1a/0x30 [ 20.108748] </TASK> [ 20.108762] [ 20.132267] Allocated by task 240: [ 20.132836] kasan_save_stack+0x45/0x70 [ 20.133627] kasan_save_track+0x18/0x40 [ 20.134345] kasan_save_alloc_info+0x3b/0x50 [ 20.135199] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 20.135908] remove_element+0x11e/0x190 [ 20.136872] mempool_alloc_preallocated+0x4d/0x90 [ 20.137722] mempool_double_free_helper+0x8b/0x370 [ 20.138287] mempool_kmalloc_double_free+0xee/0x140 [ 20.139036] kunit_try_run_case+0x1a6/0x480 [ 20.139532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.140164] kthread+0x257/0x310 [ 20.140725] ret_from_fork+0x41/0x80 [ 20.141668] ret_from_fork_asm+0x1a/0x30 [ 20.141979] [ 20.142689] Freed by task 240: [ 20.143458] kasan_save_stack+0x45/0x70 [ 20.143866] kasan_save_track+0x18/0x40 [ 20.144259] kasan_save_free_info+0x3f/0x60 [ 20.145108] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.145869] mempool_free+0x2ec/0x380 [ 20.146246] mempool_double_free_helper+0x10a/0x370 [ 20.147122] mempool_kmalloc_double_free+0xee/0x140 [ 20.147860] kunit_try_run_case+0x1a6/0x480 [ 20.148393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.148840] kthread+0x257/0x310 [ 20.149568] ret_from_fork+0x41/0x80 [ 20.150357] ret_from_fork_asm+0x1a/0x30 [ 20.150683] [ 20.151244] The buggy address belongs to the object at ffff888102930f00 [ 20.151244] which belongs to the cache kmalloc-128 of size 128 [ 20.152751] The buggy address is located 0 bytes inside of [ 20.152751] 128-byte region [ffff888102930f00, ffff888102930f80) [ 20.153772] [ 20.154264] The buggy address belongs to the physical page: [ 20.155479] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102930 [ 20.156280] flags: 0x200000000000000(node=0|zone=2) [ 20.157131] page_type: f5(slab) [ 20.157465] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.158412] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 20.159296] page dumped because: kasan: bad access detected [ 20.159889] [ 20.160669] Memory state around the buggy address: [ 20.161018] ffff888102930e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.162113] ffff888102930e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.162986] >ffff888102930f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.163963] ^ [ 20.164208] ffff888102930f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.165202] ffff888102931000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.165739] ================================================================== [ 20.219088] ================================================================== [ 20.219978] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 20.221207] Free of addr ffff888102bfc000 by task kunit_try_catch/244 [ 20.222116] [ 20.222522] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.222661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.222682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.222728] Call Trace: [ 20.222751] <TASK> [ 20.222777] dump_stack_lvl+0x73/0xb0 [ 20.222857] print_report+0xd1/0x640 [ 20.223066] ? __virt_addr_valid+0x1db/0x2d0 [ 20.223108] ? kasan_addr_to_slab+0x11/0xa0 [ 20.223140] ? mempool_double_free_helper+0x185/0x370 [ 20.223170] kasan_report_invalid_free+0xfc/0x120 [ 20.223207] ? mempool_double_free_helper+0x185/0x370 [ 20.223279] ? mempool_double_free_helper+0x185/0x370 [ 20.223314] __kasan_mempool_poison_pages+0x115/0x130 [ 20.223354] mempool_free+0x290/0x380 [ 20.223388] mempool_double_free_helper+0x185/0x370 [ 20.223420] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.223455] ? finish_task_switch.isra.0+0x153/0x700 [ 20.223490] mempool_page_alloc_double_free+0xe9/0x140 [ 20.223522] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 20.223558] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.223585] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.223616] ? __pfx_read_tsc+0x10/0x10 [ 20.223643] ? ktime_get_ts64+0x84/0x230 [ 20.223678] kunit_try_run_case+0x1a6/0x480 [ 20.223710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.223740] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.223770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.223807] ? __kthread_parkme+0x82/0x160 [ 20.223890] ? preempt_count_sub+0x50/0x80 [ 20.223921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.223951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.223989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.224027] kthread+0x257/0x310 [ 20.224053] ? __pfx_kthread+0x10/0x10 [ 20.224081] ret_from_fork+0x41/0x80 [ 20.224109] ? __pfx_kthread+0x10/0x10 [ 20.224135] ret_from_fork_asm+0x1a/0x30 [ 20.224177] </TASK> [ 20.224193] [ 20.242652] The buggy address belongs to the physical page: [ 20.243525] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bfc [ 20.244400] flags: 0x200000000000000(node=0|zone=2) [ 20.245370] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.245885] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.246675] page dumped because: kasan: bad access detected [ 20.247128] [ 20.247387] Memory state around the buggy address: [ 20.247812] ffff888102bfbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.248862] ffff888102bfbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.249616] >ffff888102bfc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.250472] ^ [ 20.250957] ffff888102bfc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.251769] ffff888102bfc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.252586] ================================================================== [ 20.173429] ================================================================== [ 20.174514] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 20.175417] Free of addr ffff888102bf8000 by task kunit_try_catch/242 [ 20.177012] [ 20.177189] CPU: 0 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.177305] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.177343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.177404] Call Trace: [ 20.177528] <TASK> [ 20.177583] dump_stack_lvl+0x73/0xb0 [ 20.177674] print_report+0xd1/0x640 [ 20.177754] ? __virt_addr_valid+0x1db/0x2d0 [ 20.177847] ? kasan_addr_to_slab+0x11/0xa0 [ 20.177884] ? mempool_double_free_helper+0x185/0x370 [ 20.177915] kasan_report_invalid_free+0xfc/0x120 [ 20.177952] ? mempool_double_free_helper+0x185/0x370 [ 20.177984] ? mempool_double_free_helper+0x185/0x370 [ 20.178011] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 20.178047] mempool_free+0x2ec/0x380 [ 20.178079] mempool_double_free_helper+0x185/0x370 [ 20.178109] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 20.178142] ? finish_task_switch.isra.0+0x153/0x700 [ 20.178178] mempool_kmalloc_large_double_free+0xee/0x140 [ 20.178207] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 20.178295] ? __pfx_mempool_kmalloc+0x10/0x10 [ 20.178324] ? __pfx_mempool_kfree+0x10/0x10 [ 20.178352] ? __pfx_read_tsc+0x10/0x10 [ 20.178379] ? ktime_get_ts64+0x84/0x230 [ 20.178415] kunit_try_run_case+0x1a6/0x480 [ 20.178461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.178572] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.178606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.178641] ? __kthread_parkme+0x82/0x160 [ 20.178671] ? preempt_count_sub+0x50/0x80 [ 20.178702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.178729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.178768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.178805] kthread+0x257/0x310 [ 20.178867] ? __pfx_kthread+0x10/0x10 [ 20.178895] ret_from_fork+0x41/0x80 [ 20.178924] ? __pfx_kthread+0x10/0x10 [ 20.178949] ret_from_fork_asm+0x1a/0x30 [ 20.178993] </TASK> [ 20.179007] [ 20.196104] The buggy address belongs to the physical page: [ 20.196670] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf8 [ 20.197448] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 20.198501] flags: 0x200000000000040(head|node=0|zone=2) [ 20.199274] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.200352] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.201384] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 20.202309] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.203161] head: 0200000000000002 ffffea00040afe01 ffffffffffffffff 0000000000000000 [ 20.203659] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 20.204312] page dumped because: kasan: bad access detected [ 20.204861] [ 20.205261] Memory state around the buggy address: [ 20.205618] ffff888102bf7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.206333] ffff888102bf7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.207052] >ffff888102bf8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.207698] ^ [ 20.208171] ffff888102bf8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.209528] ffff888102bf8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.210656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.941158] ================================================================== [ 19.941819] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.942308] Read of size 1 at addr ffff888102bf4000 by task kunit_try_catch/234 [ 19.943036] [ 19.943428] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.943547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.943580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.943641] Call Trace: [ 19.943677] <TASK> [ 19.943726] dump_stack_lvl+0x73/0xb0 [ 19.943810] print_report+0xd1/0x640 [ 19.943889] ? __virt_addr_valid+0x1db/0x2d0 [ 19.943968] ? mempool_uaf_helper+0x394/0x400 [ 19.944036] ? kasan_addr_to_slab+0x11/0xa0 [ 19.944138] ? mempool_uaf_helper+0x394/0x400 [ 19.944208] kasan_report+0x140/0x180 [ 19.944305] ? mempool_uaf_helper+0x394/0x400 [ 19.944383] __asan_report_load1_noabort+0x18/0x20 [ 19.944455] mempool_uaf_helper+0x394/0x400 [ 19.944526] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.944604] ? finish_task_switch.isra.0+0x153/0x700 [ 19.944689] mempool_kmalloc_large_uaf+0xf0/0x140 [ 19.944775] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.944854] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.944924] ? __pfx_mempool_kfree+0x10/0x10 [ 19.944992] ? __pfx_read_tsc+0x10/0x10 [ 19.945053] ? ktime_get_ts64+0x84/0x230 [ 19.945132] kunit_try_run_case+0x1a6/0x480 [ 19.945172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.945202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.945262] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.945300] ? __kthread_parkme+0x82/0x160 [ 19.945330] ? preempt_count_sub+0x50/0x80 [ 19.945362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.945392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.945429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.945570] kthread+0x257/0x310 [ 19.945604] ? __pfx_kthread+0x10/0x10 [ 19.945633] ret_from_fork+0x41/0x80 [ 19.945663] ? __pfx_kthread+0x10/0x10 [ 19.945690] ret_from_fork_asm+0x1a/0x30 [ 19.945733] </TASK> [ 19.945748] [ 19.965125] The buggy address belongs to the physical page: [ 19.965945] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf4 [ 19.966900] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.967722] flags: 0x200000000000040(head|node=0|zone=2) [ 19.968313] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.969452] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.970273] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.971023] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.971909] head: 0200000000000002 ffffea00040afd01 ffffffffffffffff 0000000000000000 [ 19.972546] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.973741] page dumped because: kasan: bad access detected [ 19.974305] [ 19.974535] Memory state around the buggy address: [ 19.975146] ffff888102bf3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.975787] ffff888102bf3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.976516] >ffff888102bf4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.977734] ^ [ 19.978027] ffff888102bf4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.978934] ffff888102bf4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.979534] ================================================================== [ 20.060162] ================================================================== [ 20.061180] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 20.062317] Read of size 1 at addr ffff888102c90000 by task kunit_try_catch/238 [ 20.063526] [ 20.063747] CPU: 1 UID: 0 PID: 238 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 20.063869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.063908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.063970] Call Trace: [ 20.064012] <TASK> [ 20.064059] dump_stack_lvl+0x73/0xb0 [ 20.064187] print_report+0xd1/0x640 [ 20.064313] ? __virt_addr_valid+0x1db/0x2d0 [ 20.064397] ? mempool_uaf_helper+0x394/0x400 [ 20.064466] ? kasan_addr_to_slab+0x11/0xa0 [ 20.064538] ? mempool_uaf_helper+0x394/0x400 [ 20.064602] kasan_report+0x140/0x180 [ 20.064681] ? mempool_uaf_helper+0x394/0x400 [ 20.064775] __asan_report_load1_noabort+0x18/0x20 [ 20.064827] mempool_uaf_helper+0x394/0x400 [ 20.064899] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 20.064940] ? finish_task_switch.isra.0+0x153/0x700 [ 20.064980] mempool_page_alloc_uaf+0xee/0x140 [ 20.065009] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 20.065041] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 20.065070] ? __pfx_mempool_free_pages+0x10/0x10 [ 20.065099] ? __pfx_read_tsc+0x10/0x10 [ 20.065127] ? ktime_get_ts64+0x84/0x230 [ 20.065163] kunit_try_run_case+0x1a6/0x480 [ 20.065196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.065250] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.065286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.065320] ? __kthread_parkme+0x82/0x160 [ 20.065348] ? preempt_count_sub+0x50/0x80 [ 20.065377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.065405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.065444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.065592] kthread+0x257/0x310 [ 20.065620] ? __pfx_kthread+0x10/0x10 [ 20.065646] ret_from_fork+0x41/0x80 [ 20.065675] ? __pfx_kthread+0x10/0x10 [ 20.065699] ret_from_fork_asm+0x1a/0x30 [ 20.065744] </TASK> [ 20.065758] [ 20.086323] The buggy address belongs to the physical page: [ 20.087888] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c90 [ 20.089050] flags: 0x200000000000000(node=0|zone=2) [ 20.089814] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 20.090727] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.091865] page dumped because: kasan: bad access detected [ 20.092204] [ 20.092447] Memory state around the buggy address: [ 20.092925] ffff888102c8ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.093803] ffff888102c8ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.094330] >ffff888102c90000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.095712] ^ [ 20.096042] ffff888102c90080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.096655] ffff888102c90100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 20.097151] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.987834] ================================================================== [ 19.989134] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.990035] Read of size 1 at addr ffff888102935240 by task kunit_try_catch/236 [ 19.990674] [ 19.992004] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.992101] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.992119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.992153] Call Trace: [ 19.992172] <TASK> [ 19.992197] dump_stack_lvl+0x73/0xb0 [ 19.992266] print_report+0xd1/0x640 [ 19.992303] ? __virt_addr_valid+0x1db/0x2d0 [ 19.992339] ? mempool_uaf_helper+0x394/0x400 [ 19.992365] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.992398] ? mempool_uaf_helper+0x394/0x400 [ 19.992424] kasan_report+0x140/0x180 [ 19.992484] ? mempool_uaf_helper+0x394/0x400 [ 19.992571] __asan_report_load1_noabort+0x18/0x20 [ 19.992610] mempool_uaf_helper+0x394/0x400 [ 19.992638] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.992671] ? finish_task_switch.isra.0+0x153/0x700 [ 19.992707] mempool_slab_uaf+0xeb/0x140 [ 19.992734] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 19.992767] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.992794] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.992844] ? __pfx_read_tsc+0x10/0x10 [ 19.992881] ? ktime_get_ts64+0x84/0x230 [ 19.992919] kunit_try_run_case+0x1a6/0x480 [ 19.992953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.992981] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.993012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.993048] ? __kthread_parkme+0x82/0x160 [ 19.993075] ? preempt_count_sub+0x50/0x80 [ 19.993105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.993135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.993174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.993212] kthread+0x257/0x310 [ 19.993263] ? __pfx_kthread+0x10/0x10 [ 19.993290] ret_from_fork+0x41/0x80 [ 19.993319] ? __pfx_kthread+0x10/0x10 [ 19.993344] ret_from_fork_asm+0x1a/0x30 [ 19.993387] </TASK> [ 19.993401] [ 20.014295] Allocated by task 236: [ 20.017343] kasan_save_stack+0x45/0x70 [ 20.018282] kasan_save_track+0x18/0x40 [ 20.019769] kasan_save_alloc_info+0x3b/0x50 [ 20.021661] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 20.023036] remove_element+0x11e/0x190 [ 20.023504] mempool_alloc_preallocated+0x4d/0x90 [ 20.024282] mempool_uaf_helper+0x97/0x400 [ 20.024901] mempool_slab_uaf+0xeb/0x140 [ 20.025531] kunit_try_run_case+0x1a6/0x480 [ 20.026204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.026689] kthread+0x257/0x310 [ 20.026977] ret_from_fork+0x41/0x80 [ 20.027399] ret_from_fork_asm+0x1a/0x30 [ 20.027815] [ 20.028042] Freed by task 236: [ 20.028394] kasan_save_stack+0x45/0x70 [ 20.028785] kasan_save_track+0x18/0x40 [ 20.029097] kasan_save_free_info+0x3f/0x60 [ 20.029606] __kasan_mempool_poison_object+0x131/0x1d0 [ 20.030561] mempool_free+0x2ec/0x380 [ 20.030986] mempool_uaf_helper+0x11b/0x400 [ 20.031646] mempool_slab_uaf+0xeb/0x140 [ 20.032165] kunit_try_run_case+0x1a6/0x480 [ 20.032833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.033338] kthread+0x257/0x310 [ 20.033762] ret_from_fork+0x41/0x80 [ 20.034677] ret_from_fork_asm+0x1a/0x30 [ 20.035266] [ 20.035451] The buggy address belongs to the object at ffff888102935240 [ 20.035451] which belongs to the cache test_cache of size 123 [ 20.036662] The buggy address is located 0 bytes inside of [ 20.036662] freed 123-byte region [ffff888102935240, ffff8881029352bb) [ 20.038091] [ 20.038366] The buggy address belongs to the physical page: [ 20.038799] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102935 [ 20.039908] flags: 0x200000000000000(node=0|zone=2) [ 20.040394] page_type: f5(slab) [ 20.040779] raw: 0200000000000000 ffff88810292e280 dead000000000122 0000000000000000 [ 20.042266] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 20.043350] page dumped because: kasan: bad access detected [ 20.044042] [ 20.044171] Memory state around the buggy address: [ 20.045103] ffff888102935100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.046093] ffff888102935180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.046692] >ffff888102935200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 20.047425] ^ [ 20.048175] ffff888102935280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.048789] ffff888102935300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.049333] ================================================================== [ 19.873891] ================================================================== [ 19.874781] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.876821] Read of size 1 at addr ffff888102930800 by task kunit_try_catch/232 [ 19.877643] [ 19.877895] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.878065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.878091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.878126] Call Trace: [ 19.878147] <TASK> [ 19.878170] dump_stack_lvl+0x73/0xb0 [ 19.878246] print_report+0xd1/0x640 [ 19.878315] ? __virt_addr_valid+0x1db/0x2d0 [ 19.878356] ? mempool_uaf_helper+0x394/0x400 [ 19.878384] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.878417] ? mempool_uaf_helper+0x394/0x400 [ 19.878452] kasan_report+0x140/0x180 [ 19.878879] ? mempool_uaf_helper+0x394/0x400 [ 19.878921] __asan_report_load1_noabort+0x18/0x20 [ 19.878953] mempool_uaf_helper+0x394/0x400 [ 19.878983] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.879019] ? finish_task_switch.isra.0+0x153/0x700 [ 19.879058] mempool_kmalloc_uaf+0xf0/0x140 [ 19.879087] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 19.879119] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.879149] ? __pfx_mempool_kfree+0x10/0x10 [ 19.879179] ? __pfx_read_tsc+0x10/0x10 [ 19.879208] ? ktime_get_ts64+0x84/0x230 [ 19.879281] kunit_try_run_case+0x1a6/0x480 [ 19.879317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.879347] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.879378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.879416] ? __kthread_parkme+0x82/0x160 [ 19.879456] ? preempt_count_sub+0x50/0x80 [ 19.879559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.879602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.879641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.879679] kthread+0x257/0x310 [ 19.879705] ? __pfx_kthread+0x10/0x10 [ 19.879732] ret_from_fork+0x41/0x80 [ 19.879763] ? __pfx_kthread+0x10/0x10 [ 19.879789] ret_from_fork_asm+0x1a/0x30 [ 19.879855] </TASK> [ 19.879873] [ 19.900904] Allocated by task 232: [ 19.901401] kasan_save_stack+0x45/0x70 [ 19.902149] kasan_save_track+0x18/0x40 [ 19.902475] kasan_save_alloc_info+0x3b/0x50 [ 19.903349] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.904283] remove_element+0x11e/0x190 [ 19.904948] mempool_alloc_preallocated+0x4d/0x90 [ 19.905405] mempool_uaf_helper+0x97/0x400 [ 19.905809] mempool_kmalloc_uaf+0xf0/0x140 [ 19.906339] kunit_try_run_case+0x1a6/0x480 [ 19.907111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.908012] kthread+0x257/0x310 [ 19.908506] ret_from_fork+0x41/0x80 [ 19.909349] ret_from_fork_asm+0x1a/0x30 [ 19.909802] [ 19.910339] Freed by task 232: [ 19.911084] kasan_save_stack+0x45/0x70 [ 19.911778] kasan_save_track+0x18/0x40 [ 19.912336] kasan_save_free_info+0x3f/0x60 [ 19.912763] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.913699] mempool_free+0x2ec/0x380 [ 19.914308] mempool_uaf_helper+0x11b/0x400 [ 19.915279] mempool_kmalloc_uaf+0xf0/0x140 [ 19.916355] kunit_try_run_case+0x1a6/0x480 [ 19.916769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.917447] kthread+0x257/0x310 [ 19.917814] ret_from_fork+0x41/0x80 [ 19.918188] ret_from_fork_asm+0x1a/0x30 [ 19.918552] [ 19.918779] The buggy address belongs to the object at ffff888102930800 [ 19.918779] which belongs to the cache kmalloc-128 of size 128 [ 19.920459] The buggy address is located 0 bytes inside of [ 19.920459] freed 128-byte region [ffff888102930800, ffff888102930880) [ 19.921435] [ 19.921779] The buggy address belongs to the physical page: [ 19.922472] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102930 [ 19.923286] flags: 0x200000000000000(node=0|zone=2) [ 19.924371] page_type: f5(slab) [ 19.924911] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.926151] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 19.927380] page dumped because: kasan: bad access detected [ 19.927647] [ 19.927789] Memory state around the buggy address: [ 19.928887] ffff888102930700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.929482] ffff888102930780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.930389] >ffff888102930800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.931311] ^ [ 19.932009] ffff888102930880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.932918] ffff888102930900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.933604] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.764050] ================================================================== [ 19.765299] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.766107] Read of size 1 at addr ffff888102bf6001 by task kunit_try_catch/228 [ 19.766801] [ 19.767209] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.767367] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.767401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.767464] Call Trace: [ 19.767711] <TASK> [ 19.767766] dump_stack_lvl+0x73/0xb0 [ 19.767881] print_report+0xd1/0x640 [ 19.767960] ? __virt_addr_valid+0x1db/0x2d0 [ 19.768039] ? mempool_oob_right_helper+0x31a/0x380 [ 19.768139] ? kasan_addr_to_slab+0x11/0xa0 [ 19.768179] ? mempool_oob_right_helper+0x31a/0x380 [ 19.768209] kasan_report+0x140/0x180 [ 19.768271] ? mempool_oob_right_helper+0x31a/0x380 [ 19.768308] __asan_report_load1_noabort+0x18/0x20 [ 19.768337] mempool_oob_right_helper+0x31a/0x380 [ 19.768366] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.768398] ? finish_task_switch.isra.0+0x153/0x700 [ 19.768434] mempool_kmalloc_large_oob_right+0xf3/0x150 [ 19.768495] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 19.768580] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.768613] ? __pfx_mempool_kfree+0x10/0x10 [ 19.768642] ? __pfx_read_tsc+0x10/0x10 [ 19.768669] ? ktime_get_ts64+0x84/0x230 [ 19.768704] kunit_try_run_case+0x1a6/0x480 [ 19.768737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.768766] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.768797] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.768856] ? __kthread_parkme+0x82/0x160 [ 19.768888] ? preempt_count_sub+0x50/0x80 [ 19.768919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.768948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.768984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.769020] kthread+0x257/0x310 [ 19.769044] ? __pfx_kthread+0x10/0x10 [ 19.769069] ret_from_fork+0x41/0x80 [ 19.769096] ? __pfx_kthread+0x10/0x10 [ 19.769120] ret_from_fork_asm+0x1a/0x30 [ 19.769163] </TASK> [ 19.769179] [ 19.787114] The buggy address belongs to the physical page: [ 19.788812] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bf4 [ 19.790096] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.791021] flags: 0x200000000000040(head|node=0|zone=2) [ 19.792124] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.792849] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.794141] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.795585] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.796459] head: 0200000000000002 ffffea00040afd01 ffffffffffffffff 0000000000000000 [ 19.797402] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.798415] page dumped because: kasan: bad access detected [ 19.799293] [ 19.799739] Memory state around the buggy address: [ 19.800319] ffff888102bf5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.801049] ffff888102bf5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.801629] >ffff888102bf6000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.802434] ^ [ 19.803029] ffff888102bf6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.803751] ffff888102bf6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.804299] ================================================================== [ 19.703366] ================================================================== [ 19.704844] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.705988] Read of size 1 at addr ffff888102310f73 by task kunit_try_catch/226 [ 19.707104] [ 19.707328] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.707393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.707410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.707448] Call Trace: [ 19.708199] <TASK> [ 19.708279] dump_stack_lvl+0x73/0xb0 [ 19.708392] print_report+0xd1/0x640 [ 19.708434] ? __virt_addr_valid+0x1db/0x2d0 [ 19.708504] ? mempool_oob_right_helper+0x31a/0x380 [ 19.708575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.708613] ? mempool_oob_right_helper+0x31a/0x380 [ 19.708642] kasan_report+0x140/0x180 [ 19.708677] ? mempool_oob_right_helper+0x31a/0x380 [ 19.708713] __asan_report_load1_noabort+0x18/0x20 [ 19.708744] mempool_oob_right_helper+0x31a/0x380 [ 19.708775] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.708810] ? finish_task_switch.isra.0+0x153/0x700 [ 19.708884] mempool_kmalloc_oob_right+0xf3/0x150 [ 19.708918] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 19.708951] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.708979] ? __pfx_mempool_kfree+0x10/0x10 [ 19.709006] ? __pfx_read_tsc+0x10/0x10 [ 19.709033] ? ktime_get_ts64+0x84/0x230 [ 19.709068] kunit_try_run_case+0x1a6/0x480 [ 19.709102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.709129] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.709158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.709196] ? __kthread_parkme+0x82/0x160 [ 19.709246] ? preempt_count_sub+0x50/0x80 [ 19.709280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.709309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.709346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.709383] kthread+0x257/0x310 [ 19.709409] ? __pfx_kthread+0x10/0x10 [ 19.709435] ret_from_fork+0x41/0x80 [ 19.709735] ? __pfx_kthread+0x10/0x10 [ 19.709772] ret_from_fork_asm+0x1a/0x30 [ 19.709824] </TASK> [ 19.709871] [ 19.727209] Allocated by task 226: [ 19.727575] kasan_save_stack+0x45/0x70 [ 19.728411] kasan_save_track+0x18/0x40 [ 19.729062] kasan_save_alloc_info+0x3b/0x50 [ 19.730038] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.730742] remove_element+0x11e/0x190 [ 19.731318] mempool_alloc_preallocated+0x4d/0x90 [ 19.732089] mempool_oob_right_helper+0x8b/0x380 [ 19.732839] mempool_kmalloc_oob_right+0xf3/0x150 [ 19.733326] kunit_try_run_case+0x1a6/0x480 [ 19.734238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.735006] kthread+0x257/0x310 [ 19.735377] ret_from_fork+0x41/0x80 [ 19.736178] ret_from_fork_asm+0x1a/0x30 [ 19.736840] [ 19.737107] The buggy address belongs to the object at ffff888102310f00 [ 19.737107] which belongs to the cache kmalloc-128 of size 128 [ 19.738522] The buggy address is located 0 bytes to the right of [ 19.738522] allocated 115-byte region [ffff888102310f00, ffff888102310f73) [ 19.738910] [ 19.739056] The buggy address belongs to the physical page: [ 19.739403] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102310 [ 19.739823] flags: 0x200000000000000(node=0|zone=2) [ 19.740140] page_type: f5(slab) [ 19.741014] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.742733] raw: 0000000000000000 0000000000100010 00000001f5000000 0000000000000000 [ 19.744296] page dumped because: kasan: bad access detected [ 19.746779] [ 19.747144] Memory state around the buggy address: [ 19.748735] ffff888102310e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.750487] ffff888102310e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751969] >ffff888102310f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.753417] ^ [ 19.754709] ffff888102310f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.755672] ffff888102311000: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.756110] ================================================================== [ 19.812916] ================================================================== [ 19.813834] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.814865] Read of size 1 at addr ffff88810231a2bb by task kunit_try_catch/230 [ 19.815612] [ 19.815857] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.815976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.816023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.816082] Call Trace: [ 19.816121] <TASK> [ 19.816164] dump_stack_lvl+0x73/0xb0 [ 19.816264] print_report+0xd1/0x640 [ 19.816345] ? __virt_addr_valid+0x1db/0x2d0 [ 19.816420] ? mempool_oob_right_helper+0x31a/0x380 [ 19.816485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.816558] ? mempool_oob_right_helper+0x31a/0x380 [ 19.816624] kasan_report+0x140/0x180 [ 19.816700] ? mempool_oob_right_helper+0x31a/0x380 [ 19.816780] __asan_report_load1_noabort+0x18/0x20 [ 19.816849] mempool_oob_right_helper+0x31a/0x380 [ 19.817037] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.817119] ? finish_task_switch.isra.0+0x153/0x700 [ 19.817199] mempool_slab_oob_right+0xee/0x140 [ 19.817272] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 19.817308] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.817339] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.817368] ? __pfx_read_tsc+0x10/0x10 [ 19.817394] ? ktime_get_ts64+0x84/0x230 [ 19.817429] kunit_try_run_case+0x1a6/0x480 [ 19.817561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.817625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.817661] ? __kthread_parkme+0x82/0x160 [ 19.817688] ? preempt_count_sub+0x50/0x80 [ 19.817718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.817780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.817827] kthread+0x257/0x310 [ 19.817874] ? __pfx_kthread+0x10/0x10 [ 19.817901] ret_from_fork+0x41/0x80 [ 19.817929] ? __pfx_kthread+0x10/0x10 [ 19.817954] ret_from_fork_asm+0x1a/0x30 [ 19.817995] </TASK> [ 19.818009] [ 19.837656] Allocated by task 230: [ 19.838026] kasan_save_stack+0x45/0x70 [ 19.839021] kasan_save_track+0x18/0x40 [ 19.839356] kasan_save_alloc_info+0x3b/0x50 [ 19.840314] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 19.840962] remove_element+0x11e/0x190 [ 19.841301] mempool_alloc_preallocated+0x4d/0x90 [ 19.842317] mempool_oob_right_helper+0x8b/0x380 [ 19.843582] mempool_slab_oob_right+0xee/0x140 [ 19.843943] kunit_try_run_case+0x1a6/0x480 [ 19.844910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.845615] kthread+0x257/0x310 [ 19.845869] ret_from_fork+0x41/0x80 [ 19.846317] ret_from_fork_asm+0x1a/0x30 [ 19.847281] [ 19.847866] The buggy address belongs to the object at ffff88810231a240 [ 19.847866] which belongs to the cache test_cache of size 123 [ 19.849516] The buggy address is located 0 bytes to the right of [ 19.849516] allocated 123-byte region [ffff88810231a240, ffff88810231a2bb) [ 19.851710] [ 19.851862] The buggy address belongs to the physical page: [ 19.852328] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10231a [ 19.852946] flags: 0x200000000000000(node=0|zone=2) [ 19.853993] page_type: f5(slab) [ 19.854362] raw: 0200000000000000 ffff8881010958c0 dead000000000122 0000000000000000 [ 19.855521] raw: 0000000000000000 0000000080150015 00000001f5000000 0000000000000000 [ 19.856411] page dumped because: kasan: bad access detected [ 19.856929] [ 19.857493] Memory state around the buggy address: [ 19.858265] ffff88810231a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.859017] ffff88810231a200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.860204] >ffff88810231a280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.860698] ^ [ 19.861267] ffff88810231a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.862242] ffff88810231a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.863284] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 19.078708] ================================================================== [ 19.079448] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 19.080793] Read of size 1 at addr ffff888101095640 by task kunit_try_catch/220 [ 19.082021] [ 19.082664] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.082777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.082813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.082867] Call Trace: [ 19.082905] <TASK> [ 19.082989] dump_stack_lvl+0x73/0xb0 [ 19.083068] print_report+0xd1/0x640 [ 19.083104] ? __virt_addr_valid+0x1db/0x2d0 [ 19.083139] ? kmem_cache_double_destroy+0x1bd/0x380 [ 19.083169] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.083201] ? kmem_cache_double_destroy+0x1bd/0x380 [ 19.083266] kasan_report+0x140/0x180 [ 19.083302] ? kmem_cache_double_destroy+0x1bd/0x380 [ 19.083335] ? kmem_cache_double_destroy+0x1bd/0x380 [ 19.083365] __kasan_check_byte+0x3d/0x50 [ 19.083396] kmem_cache_destroy+0x25/0x1d0 [ 19.083431] kmem_cache_double_destroy+0x1bd/0x380 [ 19.083486] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 19.083559] ? finish_task_switch.isra.0+0x153/0x700 [ 19.083599] ? __switch_to+0x5d9/0xf60 [ 19.083632] ? __pfx_empty_cache_ctor+0x10/0x10 [ 19.083663] ? __pfx_read_tsc+0x10/0x10 [ 19.083692] ? ktime_get_ts64+0x84/0x230 [ 19.083728] kunit_try_run_case+0x1a6/0x480 [ 19.083760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.083788] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.083832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.083892] ? __kthread_parkme+0x82/0x160 [ 19.083921] ? preempt_count_sub+0x50/0x80 [ 19.083950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.083977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.084012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.084048] kthread+0x257/0x310 [ 19.084071] ? __pfx_kthread+0x10/0x10 [ 19.084096] ret_from_fork+0x41/0x80 [ 19.084123] ? __pfx_kthread+0x10/0x10 [ 19.084147] ret_from_fork_asm+0x1a/0x30 [ 19.084188] </TASK> [ 19.084201] [ 19.104607] Allocated by task 220: [ 19.105792] kasan_save_stack+0x45/0x70 [ 19.106622] kasan_save_track+0x18/0x40 [ 19.107157] kasan_save_alloc_info+0x3b/0x50 [ 19.107790] __kasan_slab_alloc+0x91/0xa0 [ 19.108299] kmem_cache_alloc_noprof+0x107/0x350 [ 19.109145] __kmem_cache_create_args+0x18a/0x280 [ 19.109583] kmem_cache_double_destroy+0xd3/0x380 [ 19.110812] kunit_try_run_case+0x1a6/0x480 [ 19.111336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.112039] kthread+0x257/0x310 [ 19.112542] ret_from_fork+0x41/0x80 [ 19.113190] ret_from_fork_asm+0x1a/0x30 [ 19.113983] [ 19.114194] Freed by task 220: [ 19.115020] kasan_save_stack+0x45/0x70 [ 19.115345] kasan_save_track+0x18/0x40 [ 19.116213] kasan_save_free_info+0x3f/0x60 [ 19.116639] __kasan_slab_free+0x56/0x70 [ 19.117014] kmem_cache_free+0x120/0x400 [ 19.118010] slab_kmem_cache_release+0x2e/0x40 [ 19.119173] kmem_cache_release+0x16/0x20 [ 19.119528] kobject_put+0x181/0x450 [ 19.120156] sysfs_slab_release+0x16/0x20 [ 19.120775] kmem_cache_destroy+0xf0/0x1d0 [ 19.122066] kmem_cache_double_destroy+0x14c/0x380 [ 19.122476] kunit_try_run_case+0x1a6/0x480 [ 19.123252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.123877] kthread+0x257/0x310 [ 19.124546] ret_from_fork+0x41/0x80 [ 19.125232] ret_from_fork_asm+0x1a/0x30 [ 19.125940] [ 19.126127] The buggy address belongs to the object at ffff888101095640 [ 19.126127] which belongs to the cache kmem_cache of size 208 [ 19.128046] The buggy address is located 0 bytes inside of [ 19.128046] freed 208-byte region [ffff888101095640, ffff888101095710) [ 19.129287] [ 19.129496] The buggy address belongs to the physical page: [ 19.130466] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101095 [ 19.131469] flags: 0x200000000000000(node=0|zone=2) [ 19.132173] page_type: f5(slab) [ 19.132991] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 19.133506] raw: 0000000000000000 00000000800c000c 00000001f5000000 0000000000000000 [ 19.134395] page dumped because: kasan: bad access detected [ 19.135404] [ 19.135613] Memory state around the buggy address: [ 19.136581] ffff888101095500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.137879] ffff888101095580: 00 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc [ 19.138396] >ffff888101095600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.139385] ^ [ 19.139830] ffff888101095680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.140390] ffff888101095700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.140934] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 19.001838] ================================================================== [ 19.002905] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 19.003732] Read of size 1 at addr ffff888102930000 by task kunit_try_catch/218 [ 19.004592] [ 19.004867] CPU: 0 UID: 0 PID: 218 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 19.004980] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.005013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.005068] Call Trace: [ 19.005108] <TASK> [ 19.005159] dump_stack_lvl+0x73/0xb0 [ 19.005270] print_report+0xd1/0x640 [ 19.005351] ? __virt_addr_valid+0x1db/0x2d0 [ 19.005447] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 19.005540] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.005615] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 19.005681] kasan_report+0x140/0x180 [ 19.005757] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 19.005840] __asan_report_load1_noabort+0x18/0x20 [ 19.005914] kmem_cache_rcu_uaf+0x3e5/0x510 [ 19.005982] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 19.006046] ? __kasan_check_write+0x18/0x20 [ 19.006079] ? queued_spin_lock_slowpath+0x117/0xb40 [ 19.006113] ? irqentry_exit+0x2a/0x60 [ 19.006144] ? trace_hardirqs_on+0x37/0xe0 [ 19.006179] ? __pfx_read_tsc+0x10/0x10 [ 19.006207] ? ktime_get_ts64+0x84/0x230 [ 19.006274] kunit_try_run_case+0x1a6/0x480 [ 19.006309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.006340] ? queued_spin_lock_slowpath+0x117/0xb40 [ 19.006369] ? __kthread_parkme+0x82/0x160 [ 19.006397] ? preempt_count_sub+0x50/0x80 [ 19.006428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.006456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.006493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.006529] kthread+0x257/0x310 [ 19.006556] ? __pfx_kthread+0x10/0x10 [ 19.006582] ret_from_fork+0x41/0x80 [ 19.006610] ? __pfx_kthread+0x10/0x10 [ 19.006636] ret_from_fork_asm+0x1a/0x30 [ 19.006678] </TASK> [ 19.006693] [ 19.020748] Allocated by task 218: [ 19.021149] kasan_save_stack+0x45/0x70 [ 19.021614] kasan_save_track+0x18/0x40 [ 19.021996] kasan_save_alloc_info+0x3b/0x50 [ 19.022388] __kasan_slab_alloc+0x91/0xa0 [ 19.022799] kmem_cache_alloc_noprof+0x107/0x350 [ 19.023331] kmem_cache_rcu_uaf+0x156/0x510 [ 19.023753] kunit_try_run_case+0x1a6/0x480 [ 19.024232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.024768] kthread+0x257/0x310 [ 19.025147] ret_from_fork+0x41/0x80 [ 19.025504] ret_from_fork_asm+0x1a/0x30 [ 19.025924] [ 19.026146] Freed by task 0: [ 19.026476] kasan_save_stack+0x45/0x70 [ 19.026786] kasan_save_track+0x18/0x40 [ 19.027140] kasan_save_free_info+0x3f/0x60 [ 19.027600] __kasan_slab_free+0x56/0x70 [ 19.028086] slab_free_after_rcu_debug+0xe4/0x2f0 [ 19.028577] rcu_core+0x683/0x1c80 [ 19.029023] rcu_core_si+0x12/0x20 [ 19.029393] handle_softirqs+0x209/0x730 [ 19.029776] irq_exit_rcu+0x9c/0xd0 [ 19.030161] sysvec_apic_timer_interrupt+0x81/0x90 [ 19.030526] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 19.031059] [ 19.031314] Last potentially related work creation: [ 19.031749] kasan_save_stack+0x45/0x70 [ 19.032192] __kasan_record_aux_stack+0xae/0xc0 [ 19.032664] kasan_record_aux_stack_noalloc+0xf/0x20 [ 19.033147] kmem_cache_free+0x276/0x400 [ 19.033576] kmem_cache_rcu_uaf+0x195/0x510 [ 19.034016] kunit_try_run_case+0x1a6/0x480 [ 19.034447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.034978] kthread+0x257/0x310 [ 19.035315] ret_from_fork+0x41/0x80 [ 19.035706] ret_from_fork_asm+0x1a/0x30 [ 19.036130] [ 19.036360] The buggy address belongs to the object at ffff888102930000 [ 19.036360] which belongs to the cache test_cache of size 200 [ 19.037094] The buggy address is located 0 bytes inside of [ 19.037094] freed 200-byte region [ffff888102930000, ffff8881029300c8) [ 19.040666] [ 19.041310] The buggy address belongs to the physical page: [ 19.041668] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102930 [ 19.042479] flags: 0x200000000000000(node=0|zone=2) [ 19.043003] page_type: f5(slab) [ 19.043432] raw: 0200000000000000 ffff88810292e000 dead000000000122 0000000000000000 [ 19.044160] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 19.044866] page dumped because: kasan: bad access detected [ 19.045391] [ 19.045595] Memory state around the buggy address: [ 19.046156] ffff88810292ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.046837] ffff88810292ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.047416] >ffff888102930000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.047968] ^ [ 19.048559] ffff888102930080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 19.049342] ffff888102930100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.050052] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.885124] ================================================================== [ 18.886618] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 18.887416] Free of addr ffff88810292e001 by task kunit_try_catch/216 [ 18.888128] [ 18.888429] CPU: 0 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.888662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.888696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.888755] Call Trace: [ 18.888792] <TASK> [ 18.888913] dump_stack_lvl+0x73/0xb0 [ 18.889032] print_report+0xd1/0x640 [ 18.889117] ? __virt_addr_valid+0x1db/0x2d0 [ 18.889200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.889293] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.889365] kasan_report_invalid_free+0xfc/0x120 [ 18.889450] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.889575] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.889609] check_slab_allocation+0x11f/0x130 [ 18.889644] __kasan_slab_pre_free+0x28/0x40 [ 18.889676] kmem_cache_free+0xee/0x400 [ 18.889710] ? kmem_cache_alloc_noprof+0x107/0x350 [ 18.889743] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.889777] kmem_cache_invalid_free+0x1d9/0x470 [ 18.889808] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 18.889861] ? finish_task_switch.isra.0+0x153/0x700 [ 18.889894] ? __switch_to+0x5d9/0xf60 [ 18.889931] ? __pfx_read_tsc+0x10/0x10 [ 18.889958] ? ktime_get_ts64+0x84/0x230 [ 18.889995] kunit_try_run_case+0x1a6/0x480 [ 18.890028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.890056] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.890086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.890121] ? __kthread_parkme+0x82/0x160 [ 18.890149] ? preempt_count_sub+0x50/0x80 [ 18.890177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.890205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.890268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.890305] kthread+0x257/0x310 [ 18.890330] ? __pfx_kthread+0x10/0x10 [ 18.890356] ret_from_fork+0x41/0x80 [ 18.890385] ? __pfx_kthread+0x10/0x10 [ 18.890410] ret_from_fork_asm+0x1a/0x30 [ 18.890472] </TASK> [ 18.890517] [ 18.910031] Allocated by task 216: [ 18.910552] kasan_save_stack+0x45/0x70 [ 18.911085] kasan_save_track+0x18/0x40 [ 18.912152] kasan_save_alloc_info+0x3b/0x50 [ 18.912612] __kasan_slab_alloc+0x91/0xa0 [ 18.913269] kmem_cache_alloc_noprof+0x107/0x350 [ 18.913907] kmem_cache_invalid_free+0x158/0x470 [ 18.914363] kunit_try_run_case+0x1a6/0x480 [ 18.914966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.915917] kthread+0x257/0x310 [ 18.916205] ret_from_fork+0x41/0x80 [ 18.917000] ret_from_fork_asm+0x1a/0x30 [ 18.917815] [ 18.918535] The buggy address belongs to the object at ffff88810292e000 [ 18.918535] which belongs to the cache test_cache of size 200 [ 18.919969] The buggy address is located 1 bytes inside of [ 18.919969] 200-byte region [ffff88810292e000, ffff88810292e0c8) [ 18.921258] [ 18.921444] The buggy address belongs to the physical page: [ 18.922325] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10292e [ 18.923355] flags: 0x200000000000000(node=0|zone=2) [ 18.924058] page_type: f5(slab) [ 18.924474] raw: 0200000000000000 ffff888101a84dc0 dead000000000122 0000000000000000 [ 18.925383] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 18.926213] page dumped because: kasan: bad access detected [ 18.926564] [ 18.927209] Memory state around the buggy address: [ 18.927915] ffff88810292df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.928636] ffff88810292df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.930771] >ffff88810292e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.931776] ^ [ 18.932456] ffff88810292e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.933621] ffff88810292e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.934007] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.828595] ================================================================== [ 18.829303] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 18.830049] Free of addr ffff88810292c000 by task kunit_try_catch/214 [ 18.830456] [ 18.830758] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.830873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.830908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.831002] Call Trace: [ 18.831048] <TASK> [ 18.831096] dump_stack_lvl+0x73/0xb0 [ 18.831179] print_report+0xd1/0x640 [ 18.831284] ? __virt_addr_valid+0x1db/0x2d0 [ 18.831370] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.831441] ? kmem_cache_double_free+0x1e6/0x490 [ 18.831516] kasan_report_invalid_free+0xfc/0x120 [ 18.831603] ? kmem_cache_double_free+0x1e6/0x490 [ 18.831684] ? kmem_cache_double_free+0x1e6/0x490 [ 18.831752] check_slab_allocation+0x101/0x130 [ 18.831827] __kasan_slab_pre_free+0x28/0x40 [ 18.831923] kmem_cache_free+0xee/0x400 [ 18.831992] ? ret_from_fork+0x41/0x80 [ 18.832058] ? ret_from_fork+0x41/0x80 [ 18.832120] ? kthread+0x257/0x310 [ 18.832182] ? kmem_cache_double_free+0x1e6/0x490 [ 18.832270] ? __kasan_slab_free+0x61/0x70 [ 18.832346] kmem_cache_double_free+0x1e6/0x490 [ 18.832418] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 18.832483] ? finish_task_switch.isra.0+0x153/0x700 [ 18.832550] ? __switch_to+0x5d9/0xf60 [ 18.832632] ? __pfx_read_tsc+0x10/0x10 [ 18.832663] ? ktime_get_ts64+0x84/0x230 [ 18.832700] kunit_try_run_case+0x1a6/0x480 [ 18.832734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.832762] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.832793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.832856] ? __kthread_parkme+0x82/0x160 [ 18.832886] ? preempt_count_sub+0x50/0x80 [ 18.832914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.832943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.832979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.833015] kthread+0x257/0x310 [ 18.833039] ? __pfx_kthread+0x10/0x10 [ 18.833064] ret_from_fork+0x41/0x80 [ 18.833091] ? __pfx_kthread+0x10/0x10 [ 18.833116] ret_from_fork_asm+0x1a/0x30 [ 18.833158] </TASK> [ 18.833172] [ 18.851132] Allocated by task 214: [ 18.851637] kasan_save_stack+0x45/0x70 [ 18.852109] kasan_save_track+0x18/0x40 [ 18.852443] kasan_save_alloc_info+0x3b/0x50 [ 18.852916] __kasan_slab_alloc+0x91/0xa0 [ 18.853354] kmem_cache_alloc_noprof+0x107/0x350 [ 18.853811] kmem_cache_double_free+0x150/0x490 [ 18.854308] kunit_try_run_case+0x1a6/0x480 [ 18.854649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.855080] kthread+0x257/0x310 [ 18.855390] ret_from_fork+0x41/0x80 [ 18.855845] ret_from_fork_asm+0x1a/0x30 [ 18.856296] [ 18.856551] Freed by task 214: [ 18.856940] kasan_save_stack+0x45/0x70 [ 18.857421] kasan_save_track+0x18/0x40 [ 18.857886] kasan_save_free_info+0x3f/0x60 [ 18.858324] __kasan_slab_free+0x56/0x70 [ 18.858776] kmem_cache_free+0x120/0x400 [ 18.859275] kmem_cache_double_free+0x16b/0x490 [ 18.859779] kunit_try_run_case+0x1a6/0x480 [ 18.860175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.860728] kthread+0x257/0x310 [ 18.861147] ret_from_fork+0x41/0x80 [ 18.861594] ret_from_fork_asm+0x1a/0x30 [ 18.862103] [ 18.862301] The buggy address belongs to the object at ffff88810292c000 [ 18.862301] which belongs to the cache test_cache of size 200 [ 18.863368] The buggy address is located 0 bytes inside of [ 18.863368] 200-byte region [ffff88810292c000, ffff88810292c0c8) [ 18.864340] [ 18.864566] The buggy address belongs to the physical page: [ 18.865116] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10292c [ 18.865712] flags: 0x200000000000000(node=0|zone=2) [ 18.866244] page_type: f5(slab) [ 18.866635] raw: 0200000000000000 ffff888101a84c80 dead000000000122 0000000000000000 [ 18.867351] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 18.868041] page dumped because: kasan: bad access detected [ 18.868518] [ 18.868740] Memory state around the buggy address: [ 18.869266] ffff88810292bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.870549] ffff88810292bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.871189] >ffff88810292c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.871634] ^ [ 18.872016] ffff88810292c080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.872661] ffff88810292c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.873327] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.766428] ================================================================== [ 18.767239] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 18.767872] Read of size 1 at addr ffff88810292b0c8 by task kunit_try_catch/212 [ 18.768584] [ 18.769306] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.769423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.769459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.769825] Call Trace: [ 18.769865] <TASK> [ 18.769912] dump_stack_lvl+0x73/0xb0 [ 18.769994] print_report+0xd1/0x640 [ 18.770069] ? __virt_addr_valid+0x1db/0x2d0 [ 18.770145] ? kmem_cache_oob+0x404/0x530 [ 18.770212] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.770307] ? kmem_cache_oob+0x404/0x530 [ 18.770370] kasan_report+0x140/0x180 [ 18.770448] ? kmem_cache_oob+0x404/0x530 [ 18.770645] __asan_report_load1_noabort+0x18/0x20 [ 18.770720] kmem_cache_oob+0x404/0x530 [ 18.770781] ? trace_hardirqs_on+0x37/0xe0 [ 18.770836] ? __pfx_kmem_cache_oob+0x10/0x10 [ 18.770892] ? finish_task_switch.isra.0+0x153/0x700 [ 18.770921] ? __switch_to+0x5d9/0xf60 [ 18.770958] ? __pfx_read_tsc+0x10/0x10 [ 18.770984] ? ktime_get_ts64+0x84/0x230 [ 18.771019] kunit_try_run_case+0x1a6/0x480 [ 18.771052] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.771080] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.771110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.771145] ? __kthread_parkme+0x82/0x160 [ 18.771172] ? preempt_count_sub+0x50/0x80 [ 18.771200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.771267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.771311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.771347] kthread+0x257/0x310 [ 18.771372] ? __pfx_kthread+0x10/0x10 [ 18.771397] ret_from_fork+0x41/0x80 [ 18.771425] ? __pfx_kthread+0x10/0x10 [ 18.771464] ret_from_fork_asm+0x1a/0x30 [ 18.771541] </TASK> [ 18.771557] [ 18.786183] Allocated by task 212: [ 18.786571] kasan_save_stack+0x45/0x70 [ 18.787174] kasan_save_track+0x18/0x40 [ 18.787573] kasan_save_alloc_info+0x3b/0x50 [ 18.788176] __kasan_slab_alloc+0x91/0xa0 [ 18.788527] kmem_cache_alloc_noprof+0x107/0x350 [ 18.789001] kmem_cache_oob+0x158/0x530 [ 18.789807] kunit_try_run_case+0x1a6/0x480 [ 18.790294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.790835] kthread+0x257/0x310 [ 18.791190] ret_from_fork+0x41/0x80 [ 18.791531] ret_from_fork_asm+0x1a/0x30 [ 18.791844] [ 18.792055] The buggy address belongs to the object at ffff88810292b000 [ 18.792055] which belongs to the cache test_cache of size 200 [ 18.792995] The buggy address is located 0 bytes to the right of [ 18.792995] allocated 200-byte region [ffff88810292b000, ffff88810292b0c8) [ 18.795599] [ 18.795854] The buggy address belongs to the physical page: [ 18.796912] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10292b [ 18.798154] flags: 0x200000000000000(node=0|zone=2) [ 18.799606] page_type: f5(slab) [ 18.800190] raw: 0200000000000000 ffff888101a84b40 dead000000000122 0000000000000000 [ 18.800833] raw: 0000000000000000 00000000800f000f 00000001f5000000 0000000000000000 [ 18.801884] page dumped because: kasan: bad access detected [ 18.802392] [ 18.803006] Memory state around the buggy address: [ 18.803671] ffff88810292af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.804391] ffff88810292b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.805195] >ffff88810292b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.806087] ^ [ 18.806643] ffff88810292b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.807539] ffff88810292b180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.808506] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.684736] ================================================================== [ 18.685678] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 18.686255] Read of size 8 at addr ffff88810230cf00 by task kunit_try_catch/205 [ 18.686756] [ 18.687017] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.687137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.687165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.687196] Call Trace: [ 18.687414] <TASK> [ 18.687506] dump_stack_lvl+0x73/0xb0 [ 18.687583] print_report+0xd1/0x640 [ 18.687649] ? __virt_addr_valid+0x1db/0x2d0 [ 18.687723] ? workqueue_uaf+0x4d8/0x560 [ 18.687783] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.687901] ? workqueue_uaf+0x4d8/0x560 [ 18.687965] kasan_report+0x140/0x180 [ 18.688041] ? workqueue_uaf+0x4d8/0x560 [ 18.688116] __asan_report_load8_noabort+0x18/0x20 [ 18.688186] workqueue_uaf+0x4d8/0x560 [ 18.688273] ? __pfx_workqueue_uaf+0x10/0x10 [ 18.688338] ? __schedule+0xc49/0x27a0 [ 18.688405] ? __pfx_read_tsc+0x10/0x10 [ 18.688474] ? ktime_get_ts64+0x84/0x230 [ 18.688532] kunit_try_run_case+0x1a6/0x480 [ 18.688566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.688593] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.688620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.688654] ? __kthread_parkme+0x82/0x160 [ 18.688680] ? preempt_count_sub+0x50/0x80 [ 18.688711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.688738] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.688774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.688840] kthread+0x257/0x310 [ 18.688869] ? __pfx_kthread+0x10/0x10 [ 18.688894] ret_from_fork+0x41/0x80 [ 18.688922] ? __pfx_kthread+0x10/0x10 [ 18.688946] ret_from_fork_asm+0x1a/0x30 [ 18.688987] </TASK> [ 18.689000] [ 18.713434] Allocated by task 205: [ 18.714494] kasan_save_stack+0x45/0x70 [ 18.715187] kasan_save_track+0x18/0x40 [ 18.715750] kasan_save_alloc_info+0x3b/0x50 [ 18.716551] __kasan_kmalloc+0xb7/0xc0 [ 18.717323] __kmalloc_cache_noprof+0x168/0x350 [ 18.718038] workqueue_uaf+0x153/0x560 [ 18.719268] kunit_try_run_case+0x1a6/0x480 [ 18.720243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.721291] kthread+0x257/0x310 [ 18.722192] ret_from_fork+0x41/0x80 [ 18.722661] ret_from_fork_asm+0x1a/0x30 [ 18.723537] [ 18.723949] Freed by task 43: [ 18.724250] kasan_save_stack+0x45/0x70 [ 18.725010] kasan_save_track+0x18/0x40 [ 18.725601] kasan_save_free_info+0x3f/0x60 [ 18.726358] __kasan_slab_free+0x56/0x70 [ 18.726883] kfree+0x123/0x3d0 [ 18.727569] workqueue_uaf_work+0x12/0x20 [ 18.728211] process_one_work+0x5ee/0xf60 [ 18.728630] worker_thread+0x753/0x1200 [ 18.729172] kthread+0x257/0x310 [ 18.729793] ret_from_fork+0x41/0x80 [ 18.730289] ret_from_fork_asm+0x1a/0x30 [ 18.730860] [ 18.731079] Last potentially related work creation: [ 18.731555] kasan_save_stack+0x45/0x70 [ 18.732012] __kasan_record_aux_stack+0xae/0xc0 [ 18.732578] kasan_record_aux_stack_noalloc+0xf/0x20 [ 18.733057] __queue_work+0x67e/0xf70 [ 18.733415] queue_work_on+0x74/0xa0 [ 18.733960] workqueue_uaf+0x26e/0x560 [ 18.734374] kunit_try_run_case+0x1a6/0x480 [ 18.735287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.735706] kthread+0x257/0x310 [ 18.736048] ret_from_fork+0x41/0x80 [ 18.736716] ret_from_fork_asm+0x1a/0x30 [ 18.737152] [ 18.737395] The buggy address belongs to the object at ffff88810230cf00 [ 18.737395] which belongs to the cache kmalloc-32 of size 32 [ 18.738414] The buggy address is located 0 bytes inside of [ 18.738414] freed 32-byte region [ffff88810230cf00, ffff88810230cf20) [ 18.739451] [ 18.739690] The buggy address belongs to the physical page: [ 18.740176] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230c [ 18.741392] flags: 0x200000000000000(node=0|zone=2) [ 18.741970] page_type: f5(slab) [ 18.742354] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.743151] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 18.743881] page dumped because: kasan: bad access detected [ 18.744334] [ 18.744921] Memory state around the buggy address: [ 18.745427] ffff88810230ce00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.746140] ffff88810230ce80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.746862] >ffff88810230cf00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.747417] ^ [ 18.747937] ffff88810230cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.748432] ffff88810230d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.749199] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.604689] ================================================================== [ 18.605421] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 18.606606] Read of size 4 at addr ffff88810230cdc0 by task swapper/1/0 [ 18.607417] [ 18.608097] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.12.33-rc1 #1 [ 18.608212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.608268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.608329] Call Trace: [ 18.608406] <IRQ> [ 18.608486] dump_stack_lvl+0x73/0xb0 [ 18.608581] print_report+0xd1/0x640 [ 18.608660] ? __virt_addr_valid+0x1db/0x2d0 [ 18.608745] ? rcu_uaf_reclaim+0x50/0x60 [ 18.608813] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.608884] ? rcu_uaf_reclaim+0x50/0x60 [ 18.608953] kasan_report+0x140/0x180 [ 18.609029] ? rcu_uaf_reclaim+0x50/0x60 [ 18.609108] __asan_report_load4_noabort+0x18/0x20 [ 18.609183] rcu_uaf_reclaim+0x50/0x60 [ 18.609261] rcu_core+0x683/0x1c80 [ 18.609303] ? __pfx_rcu_core+0x10/0x10 [ 18.609333] ? lapic_next_event+0x19/0x30 [ 18.609359] ? handle_softirqs+0x18e/0x730 [ 18.609395] rcu_core_si+0x12/0x20 [ 18.609421] handle_softirqs+0x209/0x730 [ 18.609483] ? __pfx_handle_softirqs+0x10/0x10 [ 18.609559] irq_exit_rcu+0x9c/0xd0 [ 18.609590] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.609625] </IRQ> [ 18.609665] <TASK> [ 18.609680] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.609858] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 18.609986] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 2b 3b 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 18.610092] RSP: 0000:ffff888100877dd0 EFLAGS: 00010212 [ 18.610206] RAX: ffff88815b100000 RBX: ffff888100844ec0 RCX: ffffffff86cd4d75 [ 18.610301] RDX: ffffed102b626b2b RSI: 0000000000000004 RDI: 0000000000020a9c [ 18.610360] RBP: ffff888100877dd8 R08: 0000000000000001 R09: ffffed102b626b2a [ 18.610417] R10: ffff88815b135953 R11: 000000000003b800 R12: 0000000000000001 [ 18.610880] R13: ffffed10201089d8 R14: ffffffff88b54e08 R15: 0000000000000000 [ 18.610969] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 18.611044] ? default_idle+0xd/0x20 [ 18.611078] arch_cpu_idle+0xd/0x20 [ 18.611109] default_idle_call+0x48/0x80 [ 18.611139] do_idle+0x313/0x3c0 [ 18.611174] ? __pfx_do_idle+0x10/0x10 [ 18.611211] cpu_startup_entry+0x5c/0x70 [ 18.611280] start_secondary+0x216/0x290 [ 18.611308] ? __pfx_start_secondary+0x10/0x10 [ 18.611340] common_startup_64+0x12c/0x138 [ 18.611381] </TASK> [ 18.611395] [ 18.636140] Allocated by task 203: [ 18.636862] kasan_save_stack+0x45/0x70 [ 18.637329] kasan_save_track+0x18/0x40 [ 18.637958] kasan_save_alloc_info+0x3b/0x50 [ 18.638781] __kasan_kmalloc+0xb7/0xc0 [ 18.639332] __kmalloc_cache_noprof+0x168/0x350 [ 18.640011] rcu_uaf+0xb1/0x330 [ 18.640585] kunit_try_run_case+0x1a6/0x480 [ 18.641140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.641858] kthread+0x257/0x310 [ 18.642284] ret_from_fork+0x41/0x80 [ 18.642859] ret_from_fork_asm+0x1a/0x30 [ 18.643382] [ 18.644044] Freed by task 0: [ 18.644654] kasan_save_stack+0x45/0x70 [ 18.645134] kasan_save_track+0x18/0x40 [ 18.645867] kasan_save_free_info+0x3f/0x60 [ 18.646314] __kasan_slab_free+0x56/0x70 [ 18.646781] kfree+0x123/0x3d0 [ 18.647157] rcu_uaf_reclaim+0x1f/0x60 [ 18.648123] rcu_core+0x683/0x1c80 [ 18.648897] rcu_core_si+0x12/0x20 [ 18.649684] handle_softirqs+0x209/0x730 [ 18.650297] irq_exit_rcu+0x9c/0xd0 [ 18.650824] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.651290] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.651778] [ 18.652311] Last potentially related work creation: [ 18.653018] kasan_save_stack+0x45/0x70 [ 18.653500] __kasan_record_aux_stack+0xae/0xc0 [ 18.654313] kasan_record_aux_stack_noalloc+0xf/0x20 [ 18.654875] __call_rcu_common.constprop.0+0x72/0xaa0 [ 18.655461] call_rcu+0x12/0x20 [ 18.656044] rcu_uaf+0x169/0x330 [ 18.656397] kunit_try_run_case+0x1a6/0x480 [ 18.656941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.657762] kthread+0x257/0x310 [ 18.658200] ret_from_fork+0x41/0x80 [ 18.658892] ret_from_fork_asm+0x1a/0x30 [ 18.659234] [ 18.659754] The buggy address belongs to the object at ffff88810230cdc0 [ 18.659754] which belongs to the cache kmalloc-32 of size 32 [ 18.661385] The buggy address is located 0 bytes inside of [ 18.661385] freed 32-byte region [ffff88810230cdc0, ffff88810230cde0) [ 18.662486] [ 18.663024] The buggy address belongs to the physical page: [ 18.663876] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230c [ 18.665267] flags: 0x200000000000000(node=0|zone=2) [ 18.666018] page_type: f5(slab) [ 18.667038] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.668031] raw: 0000000000000000 0000000080400040 00000001f5000000 0000000000000000 [ 18.669195] page dumped because: kasan: bad access detected [ 18.669953] [ 18.670260] Memory state around the buggy address: [ 18.670882] ffff88810230cc80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.672136] ffff88810230cd00: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 18.673500] >ffff88810230cd80: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 18.673896] ^ [ 18.674093] ffff88810230ce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.674351] ffff88810230ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.674578] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.427757] ================================================================== [ 18.428995] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 18.430835] Read of size 1 at addr ffff888102925800 by task kunit_try_catch/201 [ 18.431759] [ 18.431961] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.432071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.432102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.432155] Call Trace: [ 18.432193] <TASK> [ 18.432258] dump_stack_lvl+0x73/0xb0 [ 18.432340] print_report+0xd1/0x640 [ 18.432412] ? __virt_addr_valid+0x1db/0x2d0 [ 18.432481] ? ksize_uaf+0x19e/0x6c0 [ 18.432531] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.432587] ? ksize_uaf+0x19e/0x6c0 [ 18.432633] kasan_report+0x140/0x180 [ 18.432696] ? ksize_uaf+0x19e/0x6c0 [ 18.432750] ? ksize_uaf+0x19e/0x6c0 [ 18.432800] __kasan_check_byte+0x3d/0x50 [ 18.432859] ksize+0x20/0x60 [ 18.432907] ksize_uaf+0x19e/0x6c0 [ 18.432950] ? __pfx_ksize_uaf+0x10/0x10 [ 18.432999] ? __schedule+0xc49/0x27a0 [ 18.433060] ? __pfx_read_tsc+0x10/0x10 [ 18.433110] ? ktime_get_ts64+0x84/0x230 [ 18.433177] kunit_try_run_case+0x1a6/0x480 [ 18.434093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.434162] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.434237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.434303] ? __kthread_parkme+0x82/0x160 [ 18.434357] ? preempt_count_sub+0x50/0x80 [ 18.434412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.434586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.434652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.434713] kthread+0x257/0x310 [ 18.434757] ? __pfx_kthread+0x10/0x10 [ 18.434803] ret_from_fork+0x41/0x80 [ 18.434886] ? __pfx_kthread+0x10/0x10 [ 18.434931] ret_from_fork_asm+0x1a/0x30 [ 18.435003] </TASK> [ 18.435028] [ 18.457431] Allocated by task 201: [ 18.458121] kasan_save_stack+0x45/0x70 [ 18.458840] kasan_save_track+0x18/0x40 [ 18.459322] kasan_save_alloc_info+0x3b/0x50 [ 18.460206] __kasan_kmalloc+0xb7/0xc0 [ 18.462127] __kmalloc_cache_noprof+0x168/0x350 [ 18.462754] ksize_uaf+0xab/0x6c0 [ 18.463136] kunit_try_run_case+0x1a6/0x480 [ 18.463575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.464644] kthread+0x257/0x310 [ 18.464937] ret_from_fork+0x41/0x80 [ 18.465449] ret_from_fork_asm+0x1a/0x30 [ 18.465867] [ 18.466130] Freed by task 201: [ 18.466513] kasan_save_stack+0x45/0x70 [ 18.467046] kasan_save_track+0x18/0x40 [ 18.467951] kasan_save_free_info+0x3f/0x60 [ 18.468455] __kasan_slab_free+0x56/0x70 [ 18.468844] kfree+0x123/0x3d0 [ 18.469405] ksize_uaf+0x12d/0x6c0 [ 18.469811] kunit_try_run_case+0x1a6/0x480 [ 18.470468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.471249] kthread+0x257/0x310 [ 18.472033] ret_from_fork+0x41/0x80 [ 18.472618] ret_from_fork_asm+0x1a/0x30 [ 18.473044] [ 18.473395] The buggy address belongs to the object at ffff888102925800 [ 18.473395] which belongs to the cache kmalloc-128 of size 128 [ 18.474277] The buggy address is located 0 bytes inside of [ 18.474277] freed 128-byte region [ffff888102925800, ffff888102925880) [ 18.475904] [ 18.476117] The buggy address belongs to the physical page: [ 18.476966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102925 [ 18.477822] flags: 0x200000000000000(node=0|zone=2) [ 18.478328] page_type: f5(slab) [ 18.479003] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.479686] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.480150] page dumped because: kasan: bad access detected [ 18.480979] [ 18.481477] Memory state around the buggy address: [ 18.482382] ffff888102925700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 18.483169] ffff888102925780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.484005] >ffff888102925800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.484696] ^ [ 18.485277] ffff888102925880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.486676] ffff888102925900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.487197] ================================================================== [ 18.539988] ================================================================== [ 18.540599] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 18.541233] Read of size 1 at addr ffff888102925878 by task kunit_try_catch/201 [ 18.542021] [ 18.542308] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.542421] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.542854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.542917] Call Trace: [ 18.542967] <TASK> [ 18.543017] dump_stack_lvl+0x73/0xb0 [ 18.543099] print_report+0xd1/0x640 [ 18.543177] ? __virt_addr_valid+0x1db/0x2d0 [ 18.543294] ? ksize_uaf+0x5e6/0x6c0 [ 18.543364] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.543437] ? ksize_uaf+0x5e6/0x6c0 [ 18.543502] kasan_report+0x140/0x180 [ 18.543580] ? ksize_uaf+0x5e6/0x6c0 [ 18.543655] __asan_report_load1_noabort+0x18/0x20 [ 18.543726] ksize_uaf+0x5e6/0x6c0 [ 18.543791] ? __pfx_ksize_uaf+0x10/0x10 [ 18.543874] ? __schedule+0xc49/0x27a0 [ 18.543947] ? __pfx_read_tsc+0x10/0x10 [ 18.543984] ? ktime_get_ts64+0x84/0x230 [ 18.544023] kunit_try_run_case+0x1a6/0x480 [ 18.544057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.544087] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.544115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.544150] ? __kthread_parkme+0x82/0x160 [ 18.544177] ? preempt_count_sub+0x50/0x80 [ 18.544208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.544265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.544303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.544340] kthread+0x257/0x310 [ 18.544366] ? __pfx_kthread+0x10/0x10 [ 18.544392] ret_from_fork+0x41/0x80 [ 18.544422] ? __pfx_kthread+0x10/0x10 [ 18.544464] ret_from_fork_asm+0x1a/0x30 [ 18.544584] </TASK> [ 18.544601] [ 18.561497] Allocated by task 201: [ 18.562345] kasan_save_stack+0x45/0x70 [ 18.563287] kasan_save_track+0x18/0x40 [ 18.563971] kasan_save_alloc_info+0x3b/0x50 [ 18.564652] __kasan_kmalloc+0xb7/0xc0 [ 18.565183] __kmalloc_cache_noprof+0x168/0x350 [ 18.565879] ksize_uaf+0xab/0x6c0 [ 18.566354] kunit_try_run_case+0x1a6/0x480 [ 18.566853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.567738] kthread+0x257/0x310 [ 18.568492] ret_from_fork+0x41/0x80 [ 18.569249] ret_from_fork_asm+0x1a/0x30 [ 18.569784] [ 18.570034] Freed by task 201: [ 18.570463] kasan_save_stack+0x45/0x70 [ 18.571096] kasan_save_track+0x18/0x40 [ 18.571953] kasan_save_free_info+0x3f/0x60 [ 18.572559] __kasan_slab_free+0x56/0x70 [ 18.573161] kfree+0x123/0x3d0 [ 18.573633] ksize_uaf+0x12d/0x6c0 [ 18.574173] kunit_try_run_case+0x1a6/0x480 [ 18.574980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.575831] kthread+0x257/0x310 [ 18.576256] ret_from_fork+0x41/0x80 [ 18.577020] ret_from_fork_asm+0x1a/0x30 [ 18.577402] [ 18.578195] The buggy address belongs to the object at ffff888102925800 [ 18.578195] which belongs to the cache kmalloc-128 of size 128 [ 18.578902] The buggy address is located 120 bytes inside of [ 18.578902] freed 128-byte region [ffff888102925800, ffff888102925880) [ 18.579317] [ 18.579407] The buggy address belongs to the physical page: [ 18.580499] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102925 [ 18.581317] flags: 0x200000000000000(node=0|zone=2) [ 18.581988] page_type: f5(slab) [ 18.582246] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.583230] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.584437] page dumped because: kasan: bad access detected [ 18.585003] [ 18.585629] Memory state around the buggy address: [ 18.586459] ffff888102925700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 18.586986] ffff888102925780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587523] >ffff888102925800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.588022] ^ [ 18.589135] ffff888102925880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.589911] ffff888102925900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.590685] ================================================================== [ 18.488811] ================================================================== [ 18.491201] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 18.492079] Read of size 1 at addr ffff888102925800 by task kunit_try_catch/201 [ 18.493312] [ 18.493640] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.493781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.493801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.493853] Call Trace: [ 18.493883] <TASK> [ 18.493929] dump_stack_lvl+0x73/0xb0 [ 18.493975] print_report+0xd1/0x640 [ 18.494011] ? __virt_addr_valid+0x1db/0x2d0 [ 18.494045] ? ksize_uaf+0x600/0x6c0 [ 18.494069] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.494102] ? ksize_uaf+0x600/0x6c0 [ 18.494126] kasan_report+0x140/0x180 [ 18.494160] ? ksize_uaf+0x600/0x6c0 [ 18.494192] __asan_report_load1_noabort+0x18/0x20 [ 18.494255] ksize_uaf+0x600/0x6c0 [ 18.494324] ? __pfx_ksize_uaf+0x10/0x10 [ 18.494392] ? __schedule+0xc49/0x27a0 [ 18.494465] ? __pfx_read_tsc+0x10/0x10 [ 18.494533] ? ktime_get_ts64+0x84/0x230 [ 18.494638] kunit_try_run_case+0x1a6/0x480 [ 18.494717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.494750] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.494780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.494821] ? __kthread_parkme+0x82/0x160 [ 18.494878] ? preempt_count_sub+0x50/0x80 [ 18.494910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.494938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.494975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.495011] kthread+0x257/0x310 [ 18.495038] ? __pfx_kthread+0x10/0x10 [ 18.495064] ret_from_fork+0x41/0x80 [ 18.495093] ? __pfx_kthread+0x10/0x10 [ 18.495118] ret_from_fork_asm+0x1a/0x30 [ 18.495159] </TASK> [ 18.495174] [ 18.511956] Allocated by task 201: [ 18.512398] kasan_save_stack+0x45/0x70 [ 18.513019] kasan_save_track+0x18/0x40 [ 18.513389] kasan_save_alloc_info+0x3b/0x50 [ 18.514265] __kasan_kmalloc+0xb7/0xc0 [ 18.514880] __kmalloc_cache_noprof+0x168/0x350 [ 18.515392] ksize_uaf+0xab/0x6c0 [ 18.515874] kunit_try_run_case+0x1a6/0x480 [ 18.516361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.517086] kthread+0x257/0x310 [ 18.517389] ret_from_fork+0x41/0x80 [ 18.518149] ret_from_fork_asm+0x1a/0x30 [ 18.518790] [ 18.519055] Freed by task 201: [ 18.519592] kasan_save_stack+0x45/0x70 [ 18.520031] kasan_save_track+0x18/0x40 [ 18.520425] kasan_save_free_info+0x3f/0x60 [ 18.520991] __kasan_slab_free+0x56/0x70 [ 18.521381] kfree+0x123/0x3d0 [ 18.521749] ksize_uaf+0x12d/0x6c0 [ 18.522114] kunit_try_run_case+0x1a6/0x480 [ 18.522522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.523706] kthread+0x257/0x310 [ 18.524112] ret_from_fork+0x41/0x80 [ 18.524637] ret_from_fork_asm+0x1a/0x30 [ 18.525097] [ 18.525315] The buggy address belongs to the object at ffff888102925800 [ 18.525315] which belongs to the cache kmalloc-128 of size 128 [ 18.526847] The buggy address is located 0 bytes inside of [ 18.526847] freed 128-byte region [ffff888102925800, ffff888102925880) [ 18.527928] [ 18.528175] The buggy address belongs to the physical page: [ 18.528627] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102925 [ 18.529347] flags: 0x200000000000000(node=0|zone=2) [ 18.530008] page_type: f5(slab) [ 18.530314] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.531599] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.532184] page dumped because: kasan: bad access detected [ 18.532796] [ 18.533042] Memory state around the buggy address: [ 18.533601] ffff888102925700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 18.534293] ffff888102925780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.535608] >ffff888102925800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.536236] ^ [ 18.536691] ffff888102925880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.537301] ffff888102925900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.538018] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.337195] ================================================================== [ 18.337836] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.338596] Read of size 1 at addr ffff88810230dd78 by task kunit_try_catch/199 [ 18.339778] [ 18.340195] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.340326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.340355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.340386] Call Trace: [ 18.340423] <TASK> [ 18.340449] dump_stack_lvl+0x73/0xb0 [ 18.340488] print_report+0xd1/0x640 [ 18.340523] ? __virt_addr_valid+0x1db/0x2d0 [ 18.340555] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.340582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.340613] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.340640] kasan_report+0x140/0x180 [ 18.340673] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.340707] __asan_report_load1_noabort+0x18/0x20 [ 18.340736] ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.340765] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.340792] ? finish_task_switch.isra.0+0x153/0x700 [ 18.340841] ? __switch_to+0x5d9/0xf60 [ 18.340921] ? __schedule+0xc49/0x27a0 [ 18.340992] ? __pfx_read_tsc+0x10/0x10 [ 18.341058] ? ktime_get_ts64+0x84/0x230 [ 18.341140] kunit_try_run_case+0x1a6/0x480 [ 18.341230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.341301] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.341345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.341381] ? __kthread_parkme+0x82/0x160 [ 18.341408] ? preempt_count_sub+0x50/0x80 [ 18.341436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.341463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.341499] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.341536] kthread+0x257/0x310 [ 18.341562] ? __pfx_kthread+0x10/0x10 [ 18.341588] ret_from_fork+0x41/0x80 [ 18.341617] ? __pfx_kthread+0x10/0x10 [ 18.341643] ret_from_fork_asm+0x1a/0x30 [ 18.341683] </TASK> [ 18.341696] [ 18.358642] Allocated by task 199: [ 18.359880] kasan_save_stack+0x45/0x70 [ 18.360232] kasan_save_track+0x18/0x40 [ 18.360778] kasan_save_alloc_info+0x3b/0x50 [ 18.361177] __kasan_kmalloc+0xb7/0xc0 [ 18.361567] __kmalloc_cache_noprof+0x168/0x350 [ 18.362408] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.362768] kunit_try_run_case+0x1a6/0x480 [ 18.363341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.363935] kthread+0x257/0x310 [ 18.364325] ret_from_fork+0x41/0x80 [ 18.364992] ret_from_fork_asm+0x1a/0x30 [ 18.365541] [ 18.365742] The buggy address belongs to the object at ffff88810230dd00 [ 18.365742] which belongs to the cache kmalloc-128 of size 128 [ 18.366939] The buggy address is located 5 bytes to the right of [ 18.366939] allocated 115-byte region [ffff88810230dd00, ffff88810230dd73) [ 18.368338] [ 18.368499] The buggy address belongs to the physical page: [ 18.368844] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230d [ 18.369849] flags: 0x200000000000000(node=0|zone=2) [ 18.370388] page_type: f5(slab) [ 18.370738] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.371703] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.372511] page dumped because: kasan: bad access detected [ 18.373085] [ 18.373332] Memory state around the buggy address: [ 18.374076] ffff88810230dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.374601] ffff88810230dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.375423] >ffff88810230dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.375660] ^ [ 18.376061] ffff88810230dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.376665] ffff88810230de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.377258] ================================================================== [ 18.296316] ================================================================== [ 18.297176] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 18.297735] Read of size 1 at addr ffff88810230dd73 by task kunit_try_catch/199 [ 18.298273] [ 18.298811] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.298947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.298982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.299037] Call Trace: [ 18.299074] <TASK> [ 18.299119] dump_stack_lvl+0x73/0xb0 [ 18.299168] print_report+0xd1/0x640 [ 18.299204] ? __virt_addr_valid+0x1db/0x2d0 [ 18.299278] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.299308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.299341] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.299368] kasan_report+0x140/0x180 [ 18.299402] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.299436] __asan_report_load1_noabort+0x18/0x20 [ 18.299467] ksize_unpoisons_memory+0x81e/0x9b0 [ 18.299496] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.299523] ? finish_task_switch.isra.0+0x153/0x700 [ 18.299552] ? __switch_to+0x5d9/0xf60 [ 18.299584] ? __schedule+0xc49/0x27a0 [ 18.299610] ? __pfx_read_tsc+0x10/0x10 [ 18.299635] ? ktime_get_ts64+0x84/0x230 [ 18.299670] kunit_try_run_case+0x1a6/0x480 [ 18.299701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.299728] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.299755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.299789] ? __kthread_parkme+0x82/0x160 [ 18.299831] ? preempt_count_sub+0x50/0x80 [ 18.299939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.300067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.300274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.300356] kthread+0x257/0x310 [ 18.300421] ? __pfx_kthread+0x10/0x10 [ 18.300478] ret_from_fork+0x41/0x80 [ 18.300509] ? __pfx_kthread+0x10/0x10 [ 18.300534] ret_from_fork_asm+0x1a/0x30 [ 18.300576] </TASK> [ 18.300589] [ 18.316654] Allocated by task 199: [ 18.317261] kasan_save_stack+0x45/0x70 [ 18.317643] kasan_save_track+0x18/0x40 [ 18.318557] kasan_save_alloc_info+0x3b/0x50 [ 18.318905] __kasan_kmalloc+0xb7/0xc0 [ 18.319459] __kmalloc_cache_noprof+0x168/0x350 [ 18.320054] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.320490] kunit_try_run_case+0x1a6/0x480 [ 18.320939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.321389] kthread+0x257/0x310 [ 18.321703] ret_from_fork+0x41/0x80 [ 18.322088] ret_from_fork_asm+0x1a/0x30 [ 18.322594] [ 18.322876] The buggy address belongs to the object at ffff88810230dd00 [ 18.322876] which belongs to the cache kmalloc-128 of size 128 [ 18.324098] The buggy address is located 0 bytes to the right of [ 18.324098] allocated 115-byte region [ffff88810230dd00, ffff88810230dd73) [ 18.325062] [ 18.325308] The buggy address belongs to the physical page: [ 18.326000] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230d [ 18.326769] flags: 0x200000000000000(node=0|zone=2) [ 18.327361] page_type: f5(slab) [ 18.327780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.328462] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.329160] page dumped because: kasan: bad access detected [ 18.329665] [ 18.329963] Memory state around the buggy address: [ 18.330541] ffff88810230dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.331306] ffff88810230dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.331972] >ffff88810230dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.332589] ^ [ 18.333246] ffff88810230dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.333916] ffff88810230de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.334536] ================================================================== [ 18.379755] ================================================================== [ 18.380588] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.381254] Read of size 1 at addr ffff88810230dd7f by task kunit_try_catch/199 [ 18.381864] [ 18.382490] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.382594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.382623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.382674] Call Trace: [ 18.382725] <TASK> [ 18.382775] dump_stack_lvl+0x73/0xb0 [ 18.382856] print_report+0xd1/0x640 [ 18.382931] ? __virt_addr_valid+0x1db/0x2d0 [ 18.383010] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.383077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.383453] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.383487] kasan_report+0x140/0x180 [ 18.383522] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.383556] __asan_report_load1_noabort+0x18/0x20 [ 18.383586] ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.383615] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.383643] ? finish_task_switch.isra.0+0x153/0x700 [ 18.383673] ? __switch_to+0x5d9/0xf60 [ 18.383705] ? __schedule+0xc49/0x27a0 [ 18.383731] ? __pfx_read_tsc+0x10/0x10 [ 18.383756] ? ktime_get_ts64+0x84/0x230 [ 18.383790] kunit_try_run_case+0x1a6/0x480 [ 18.383837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.383898] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.383929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.383965] ? __kthread_parkme+0x82/0x160 [ 18.383992] ? preempt_count_sub+0x50/0x80 [ 18.384020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.384047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.384082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.384118] kthread+0x257/0x310 [ 18.384143] ? __pfx_kthread+0x10/0x10 [ 18.384168] ret_from_fork+0x41/0x80 [ 18.384196] ? __pfx_kthread+0x10/0x10 [ 18.384244] ret_from_fork_asm+0x1a/0x30 [ 18.384288] </TASK> [ 18.384301] [ 18.402201] Allocated by task 199: [ 18.402752] kasan_save_stack+0x45/0x70 [ 18.403157] kasan_save_track+0x18/0x40 [ 18.403586] kasan_save_alloc_info+0x3b/0x50 [ 18.403992] __kasan_kmalloc+0xb7/0xc0 [ 18.404840] __kmalloc_cache_noprof+0x168/0x350 [ 18.405424] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.405966] kunit_try_run_case+0x1a6/0x480 [ 18.406507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.407152] kthread+0x257/0x310 [ 18.407466] ret_from_fork+0x41/0x80 [ 18.407821] ret_from_fork_asm+0x1a/0x30 [ 18.408556] [ 18.408774] The buggy address belongs to the object at ffff88810230dd00 [ 18.408774] which belongs to the cache kmalloc-128 of size 128 [ 18.409824] The buggy address is located 12 bytes to the right of [ 18.409824] allocated 115-byte region [ffff88810230dd00, ffff88810230dd73) [ 18.411070] [ 18.411328] The buggy address belongs to the physical page: [ 18.411805] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230d [ 18.412886] flags: 0x200000000000000(node=0|zone=2) [ 18.413341] page_type: f5(slab) [ 18.413492] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.413737] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 18.414734] page dumped because: kasan: bad access detected [ 18.415528] [ 18.415928] Memory state around the buggy address: [ 18.416423] ffff88810230dc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.417192] ffff88810230dc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.417787] >ffff88810230dd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.418405] ^ [ 18.419207] ffff88810230dd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.419912] ffff88810230de00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420921] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.237089] ================================================================== [ 18.238399] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 18.239039] Free of addr ffff888101f801e0 by task kunit_try_catch/197 [ 18.239906] [ 18.240194] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.240326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.240365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.240422] Call Trace: [ 18.240460] <TASK> [ 18.240493] dump_stack_lvl+0x73/0xb0 [ 18.240530] print_report+0xd1/0x640 [ 18.240564] ? __virt_addr_valid+0x1db/0x2d0 [ 18.240600] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.240664] ? kfree_sensitive+0x2e/0x90 [ 18.240702] kasan_report_invalid_free+0xfc/0x120 [ 18.240741] ? kfree_sensitive+0x2e/0x90 [ 18.240769] ? kfree_sensitive+0x2e/0x90 [ 18.240793] check_slab_allocation+0x101/0x130 [ 18.240845] __kasan_slab_pre_free+0x28/0x40 [ 18.240887] kfree+0xf1/0x3d0 [ 18.240915] ? kfree_sensitive+0x2e/0x90 [ 18.240943] kfree_sensitive+0x2e/0x90 [ 18.240967] kmalloc_double_kzfree+0x19d/0x360 [ 18.240995] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.241023] ? __schedule+0xc49/0x27a0 [ 18.241050] ? __pfx_read_tsc+0x10/0x10 [ 18.241076] ? ktime_get_ts64+0x84/0x230 [ 18.241111] kunit_try_run_case+0x1a6/0x480 [ 18.241142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.241169] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.241198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.241272] ? __kthread_parkme+0x82/0x160 [ 18.241337] ? preempt_count_sub+0x50/0x80 [ 18.241407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.241476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.241550] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.241626] kthread+0x257/0x310 [ 18.241683] ? __pfx_kthread+0x10/0x10 [ 18.241749] ret_from_fork+0x41/0x80 [ 18.241783] ? __pfx_kthread+0x10/0x10 [ 18.241819] ret_from_fork_asm+0x1a/0x30 [ 18.241954] </TASK> [ 18.241991] [ 18.262209] Allocated by task 197: [ 18.262720] kasan_save_stack+0x45/0x70 [ 18.263490] kasan_save_track+0x18/0x40 [ 18.264304] kasan_save_alloc_info+0x3b/0x50 [ 18.264846] __kasan_kmalloc+0xb7/0xc0 [ 18.266091] __kmalloc_cache_noprof+0x168/0x350 [ 18.266688] kmalloc_double_kzfree+0xaa/0x360 [ 18.267117] kunit_try_run_case+0x1a6/0x480 [ 18.267641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.268151] kthread+0x257/0x310 [ 18.268805] ret_from_fork+0x41/0x80 [ 18.269157] ret_from_fork_asm+0x1a/0x30 [ 18.269552] [ 18.269747] Freed by task 197: [ 18.270163] kasan_save_stack+0x45/0x70 [ 18.270700] kasan_save_track+0x18/0x40 [ 18.271247] kasan_save_free_info+0x3f/0x60 [ 18.271666] __kasan_slab_free+0x56/0x70 [ 18.272439] kfree+0x123/0x3d0 [ 18.272870] kfree_sensitive+0x67/0x90 [ 18.273171] kmalloc_double_kzfree+0x12c/0x360 [ 18.273625] kunit_try_run_case+0x1a6/0x480 [ 18.274123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.274674] kthread+0x257/0x310 [ 18.275331] ret_from_fork+0x41/0x80 [ 18.275784] ret_from_fork_asm+0x1a/0x30 [ 18.276198] [ 18.276463] The buggy address belongs to the object at ffff888101f801e0 [ 18.276463] which belongs to the cache kmalloc-16 of size 16 [ 18.277725] The buggy address is located 0 bytes inside of [ 18.277725] 16-byte region [ffff888101f801e0, ffff888101f801f0) [ 18.278962] [ 18.279265] The buggy address belongs to the physical page: [ 18.280015] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 18.280717] flags: 0x200000000000000(node=0|zone=2) [ 18.281251] page_type: f5(slab) [ 18.281780] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.282376] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 18.283374] page dumped because: kasan: bad access detected [ 18.284196] [ 18.284461] Memory state around the buggy address: [ 18.284892] ffff888101f80080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.285500] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.286152] >ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.287270] ^ [ 18.288009] ffff888101f80200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288704] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.289280] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.180334] ================================================================== [ 18.181769] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 18.182801] Read of size 1 at addr ffff888101f801e0 by task kunit_try_catch/197 [ 18.183580] [ 18.183820] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.183935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.183969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.184026] Call Trace: [ 18.184062] <TASK> [ 18.184111] dump_stack_lvl+0x73/0xb0 [ 18.184197] print_report+0xd1/0x640 [ 18.184319] ? __virt_addr_valid+0x1db/0x2d0 [ 18.184404] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.184471] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.184544] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.184660] kasan_report+0x140/0x180 [ 18.184721] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.184755] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.184782] __kasan_check_byte+0x3d/0x50 [ 18.184843] kfree_sensitive+0x22/0x90 [ 18.184879] kmalloc_double_kzfree+0x19d/0x360 [ 18.184908] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.184937] ? __schedule+0xc49/0x27a0 [ 18.184964] ? __pfx_read_tsc+0x10/0x10 [ 18.184991] ? ktime_get_ts64+0x84/0x230 [ 18.185027] kunit_try_run_case+0x1a6/0x480 [ 18.185059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.185086] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.185113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.185147] ? __kthread_parkme+0x82/0x160 [ 18.185173] ? preempt_count_sub+0x50/0x80 [ 18.185203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.185262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.185301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.185337] kthread+0x257/0x310 [ 18.185361] ? __pfx_kthread+0x10/0x10 [ 18.185386] ret_from_fork+0x41/0x80 [ 18.185414] ? __pfx_kthread+0x10/0x10 [ 18.185441] ret_from_fork_asm+0x1a/0x30 [ 18.185566] </TASK> [ 18.185586] [ 18.205373] Allocated by task 197: [ 18.205949] kasan_save_stack+0x45/0x70 [ 18.206395] kasan_save_track+0x18/0x40 [ 18.206963] kasan_save_alloc_info+0x3b/0x50 [ 18.207468] __kasan_kmalloc+0xb7/0xc0 [ 18.207960] __kmalloc_cache_noprof+0x168/0x350 [ 18.208642] kmalloc_double_kzfree+0xaa/0x360 [ 18.209192] kunit_try_run_case+0x1a6/0x480 [ 18.209704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.210085] kthread+0x257/0x310 [ 18.210837] ret_from_fork+0x41/0x80 [ 18.211245] ret_from_fork_asm+0x1a/0x30 [ 18.212083] [ 18.212345] Freed by task 197: [ 18.212645] kasan_save_stack+0x45/0x70 [ 18.213245] kasan_save_track+0x18/0x40 [ 18.213885] kasan_save_free_info+0x3f/0x60 [ 18.214289] __kasan_slab_free+0x56/0x70 [ 18.215025] kfree+0x123/0x3d0 [ 18.215595] kfree_sensitive+0x67/0x90 [ 18.216023] kmalloc_double_kzfree+0x12c/0x360 [ 18.217112] kunit_try_run_case+0x1a6/0x480 [ 18.217530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.218117] kthread+0x257/0x310 [ 18.218398] ret_from_fork+0x41/0x80 [ 18.219269] ret_from_fork_asm+0x1a/0x30 [ 18.220001] [ 18.220153] The buggy address belongs to the object at ffff888101f801e0 [ 18.220153] which belongs to the cache kmalloc-16 of size 16 [ 18.221502] The buggy address is located 0 bytes inside of [ 18.221502] freed 16-byte region [ffff888101f801e0, ffff888101f801f0) [ 18.222961] [ 18.223142] The buggy address belongs to the physical page: [ 18.223960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101f80 [ 18.225112] flags: 0x200000000000000(node=0|zone=2) [ 18.225497] page_type: f5(slab) [ 18.226331] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.227285] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 18.228298] page dumped because: kasan: bad access detected [ 18.228866] [ 18.229069] Memory state around the buggy address: [ 18.230004] ffff888101f80080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.230983] ffff888101f80100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.231886] >ffff888101f80180: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.232543] ^ [ 18.233384] ffff888101f80200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.234254] ffff888101f80280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.235208] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 18.104939] ================================================================== [ 18.105834] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 18.106368] Read of size 1 at addr ffff888102920b28 by task kunit_try_catch/193 [ 18.107750] [ 18.108054] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.108235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.108276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.108334] Call Trace: [ 18.108371] <TASK> [ 18.108415] dump_stack_lvl+0x73/0xb0 [ 18.108779] print_report+0xd1/0x640 [ 18.108892] ? __virt_addr_valid+0x1db/0x2d0 [ 18.108970] ? kmalloc_uaf2+0x4aa/0x520 [ 18.109037] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.109106] ? kmalloc_uaf2+0x4aa/0x520 [ 18.109178] kasan_report+0x140/0x180 [ 18.109304] ? kmalloc_uaf2+0x4aa/0x520 [ 18.109394] __asan_report_load1_noabort+0x18/0x20 [ 18.109582] kmalloc_uaf2+0x4aa/0x520 [ 18.109621] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 18.109653] ? irqentry_exit+0x2a/0x60 [ 18.109682] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.109719] ? __pfx_read_tsc+0x10/0x10 [ 18.109747] ? ktime_get_ts64+0x84/0x230 [ 18.109783] kunit_try_run_case+0x1a6/0x480 [ 18.109848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.109883] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.109913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.109949] ? __kthread_parkme+0x82/0x160 [ 18.109976] ? preempt_count_sub+0x50/0x80 [ 18.110007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.110035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.110072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.110108] kthread+0x257/0x310 [ 18.110134] ? __pfx_kthread+0x10/0x10 [ 18.110160] ret_from_fork+0x41/0x80 [ 18.110189] ? __pfx_kthread+0x10/0x10 [ 18.110234] ret_from_fork_asm+0x1a/0x30 [ 18.110284] </TASK> [ 18.110297] [ 18.132193] Allocated by task 193: [ 18.133255] kasan_save_stack+0x45/0x70 [ 18.133627] kasan_save_track+0x18/0x40 [ 18.134115] kasan_save_alloc_info+0x3b/0x50 [ 18.134782] __kasan_kmalloc+0xb7/0xc0 [ 18.135696] __kmalloc_cache_noprof+0x168/0x350 [ 18.136186] kmalloc_uaf2+0xc7/0x520 [ 18.137271] kunit_try_run_case+0x1a6/0x480 [ 18.137647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.138589] kthread+0x257/0x310 [ 18.138913] ret_from_fork+0x41/0x80 [ 18.139625] ret_from_fork_asm+0x1a/0x30 [ 18.140267] [ 18.140988] Freed by task 193: [ 18.141270] kasan_save_stack+0x45/0x70 [ 18.141728] kasan_save_track+0x18/0x40 [ 18.142795] kasan_save_free_info+0x3f/0x60 [ 18.143151] __kasan_slab_free+0x56/0x70 [ 18.144285] kfree+0x123/0x3d0 [ 18.144705] kmalloc_uaf2+0x14d/0x520 [ 18.145284] kunit_try_run_case+0x1a6/0x480 [ 18.145973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.146951] kthread+0x257/0x310 [ 18.147206] ret_from_fork+0x41/0x80 [ 18.147661] ret_from_fork_asm+0x1a/0x30 [ 18.148905] [ 18.149062] The buggy address belongs to the object at ffff888102920b00 [ 18.149062] which belongs to the cache kmalloc-64 of size 64 [ 18.149940] The buggy address is located 40 bytes inside of [ 18.149940] freed 64-byte region [ffff888102920b00, ffff888102920b40) [ 18.150818] [ 18.151050] The buggy address belongs to the physical page: [ 18.151555] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102920 [ 18.153248] flags: 0x200000000000000(node=0|zone=2) [ 18.153720] page_type: f5(slab) [ 18.154102] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.154715] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 18.155597] page dumped because: kasan: bad access detected [ 18.156121] [ 18.156343] Memory state around the buggy address: [ 18.157051] ffff888102920a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.158143] ffff888102920a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.159082] >ffff888102920b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.160209] ^ [ 18.160904] ffff888102920b80: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 18.161437] ffff888102920c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.162419] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 18.041839] ================================================================== [ 18.043178] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 18.044144] Write of size 33 at addr ffff88810230b880 by task kunit_try_catch/191 [ 18.045453] [ 18.045725] CPU: 1 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 18.045787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.045804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.045856] Call Trace: [ 18.045899] <TASK> [ 18.045949] dump_stack_lvl+0x73/0xb0 [ 18.046346] print_report+0xd1/0x640 [ 18.046415] ? __virt_addr_valid+0x1db/0x2d0 [ 18.046474] ? kmalloc_uaf_memset+0x1a4/0x360 [ 18.046550] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.046623] ? kmalloc_uaf_memset+0x1a4/0x360 [ 18.046691] kasan_report+0x140/0x180 [ 18.046764] ? kmalloc_uaf_memset+0x1a4/0x360 [ 18.046850] kasan_check_range+0x10c/0x1c0 [ 18.046897] __asan_memset+0x27/0x50 [ 18.046927] kmalloc_uaf_memset+0x1a4/0x360 [ 18.046960] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 18.046994] ? __schedule+0xc49/0x27a0 [ 18.047025] ? __pfx_read_tsc+0x10/0x10 [ 18.047052] ? ktime_get_ts64+0x84/0x230 [ 18.047089] kunit_try_run_case+0x1a6/0x480 [ 18.047121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.047149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.047177] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.047211] ? __kthread_parkme+0x82/0x160 [ 18.047279] ? preempt_count_sub+0x50/0x80 [ 18.047312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.047340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.047375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.047412] kthread+0x257/0x310 [ 18.047439] ? __pfx_kthread+0x10/0x10 [ 18.047544] ret_from_fork+0x41/0x80 [ 18.047589] ? __pfx_kthread+0x10/0x10 [ 18.047616] ret_from_fork_asm+0x1a/0x30 [ 18.047658] </TASK> [ 18.047672] [ 18.068247] Allocated by task 191: [ 18.069362] kasan_save_stack+0x45/0x70 [ 18.069671] kasan_save_track+0x18/0x40 [ 18.070148] kasan_save_alloc_info+0x3b/0x50 [ 18.070784] __kasan_kmalloc+0xb7/0xc0 [ 18.071366] __kmalloc_cache_noprof+0x168/0x350 [ 18.072366] kmalloc_uaf_memset+0xaa/0x360 [ 18.073018] kunit_try_run_case+0x1a6/0x480 [ 18.073361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.073852] kthread+0x257/0x310 [ 18.074602] ret_from_fork+0x41/0x80 [ 18.075324] ret_from_fork_asm+0x1a/0x30 [ 18.076192] [ 18.076392] Freed by task 191: [ 18.076624] kasan_save_stack+0x45/0x70 [ 18.077753] kasan_save_track+0x18/0x40 [ 18.078281] kasan_save_free_info+0x3f/0x60 [ 18.079155] __kasan_slab_free+0x56/0x70 [ 18.079503] kfree+0x123/0x3d0 [ 18.080049] kmalloc_uaf_memset+0x12c/0x360 [ 18.080364] kunit_try_run_case+0x1a6/0x480 [ 18.080794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.081773] kthread+0x257/0x310 [ 18.082027] ret_from_fork+0x41/0x80 [ 18.082595] ret_from_fork_asm+0x1a/0x30 [ 18.083357] [ 18.083711] The buggy address belongs to the object at ffff88810230b880 [ 18.083711] which belongs to the cache kmalloc-64 of size 64 [ 18.085321] The buggy address is located 0 bytes inside of [ 18.085321] freed 64-byte region [ffff88810230b880, ffff88810230b8c0) [ 18.086704] [ 18.087313] The buggy address belongs to the physical page: [ 18.087918] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230b [ 18.088490] flags: 0x200000000000000(node=0|zone=2) [ 18.089412] page_type: f5(slab) [ 18.089720] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.090420] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 18.092163] page dumped because: kasan: bad access detected [ 18.092737] [ 18.093287] Memory state around the buggy address: [ 18.094105] ffff88810230b780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.094787] ffff88810230b800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.095854] >ffff88810230b880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.096393] ^ [ 18.097171] ffff88810230b900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.098094] ffff88810230b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.098902] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.980922] ================================================================== [ 17.982074] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 17.983521] Read of size 1 at addr ffff8881025abd68 by task kunit_try_catch/189 [ 17.984153] [ 17.984543] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.984665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.984701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.984756] Call Trace: [ 17.984794] <TASK> [ 17.984840] dump_stack_lvl+0x73/0xb0 [ 17.985240] print_report+0xd1/0x640 [ 17.985281] ? __virt_addr_valid+0x1db/0x2d0 [ 17.985318] ? kmalloc_uaf+0x322/0x380 [ 17.985347] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.985381] ? kmalloc_uaf+0x322/0x380 [ 17.985411] kasan_report+0x140/0x180 [ 17.985457] ? kmalloc_uaf+0x322/0x380 [ 17.985581] __asan_report_load1_noabort+0x18/0x20 [ 17.985617] kmalloc_uaf+0x322/0x380 [ 17.985649] ? __pfx_kmalloc_uaf+0x10/0x10 [ 17.985681] ? __schedule+0xc49/0x27a0 [ 17.985710] ? __pfx_read_tsc+0x10/0x10 [ 17.985737] ? ktime_get_ts64+0x84/0x230 [ 17.985773] kunit_try_run_case+0x1a6/0x480 [ 17.985821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.985869] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.985898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.985932] ? __kthread_parkme+0x82/0x160 [ 17.985959] ? preempt_count_sub+0x50/0x80 [ 17.985988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.986016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.986052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.986088] kthread+0x257/0x310 [ 17.986112] ? __pfx_kthread+0x10/0x10 [ 17.986140] ret_from_fork+0x41/0x80 [ 17.986169] ? __pfx_kthread+0x10/0x10 [ 17.986194] ret_from_fork_asm+0x1a/0x30 [ 17.986260] </TASK> [ 17.986275] [ 18.004329] Allocated by task 189: [ 18.004701] kasan_save_stack+0x45/0x70 [ 18.005940] kasan_save_track+0x18/0x40 [ 18.006525] kasan_save_alloc_info+0x3b/0x50 [ 18.007205] __kasan_kmalloc+0xb7/0xc0 [ 18.007817] __kmalloc_cache_noprof+0x168/0x350 [ 18.008444] kmalloc_uaf+0xab/0x380 [ 18.009065] kunit_try_run_case+0x1a6/0x480 [ 18.009518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.010624] kthread+0x257/0x310 [ 18.010941] ret_from_fork+0x41/0x80 [ 18.011453] ret_from_fork_asm+0x1a/0x30 [ 18.012184] [ 18.012430] Freed by task 189: [ 18.013304] kasan_save_stack+0x45/0x70 [ 18.014093] kasan_save_track+0x18/0x40 [ 18.014536] kasan_save_free_info+0x3f/0x60 [ 18.014938] __kasan_slab_free+0x56/0x70 [ 18.015323] kfree+0x123/0x3d0 [ 18.015683] kmalloc_uaf+0x12d/0x380 [ 18.016768] kunit_try_run_case+0x1a6/0x480 [ 18.017885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.018303] kthread+0x257/0x310 [ 18.019136] ret_from_fork+0x41/0x80 [ 18.019469] ret_from_fork_asm+0x1a/0x30 [ 18.020299] [ 18.020977] The buggy address belongs to the object at ffff8881025abd60 [ 18.020977] which belongs to the cache kmalloc-16 of size 16 [ 18.021896] The buggy address is located 8 bytes inside of [ 18.021896] freed 16-byte region [ffff8881025abd60, ffff8881025abd70) [ 18.023533] [ 18.024336] The buggy address belongs to the physical page: [ 18.024710] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ab [ 18.025749] flags: 0x200000000000000(node=0|zone=2) [ 18.026160] page_type: f5(slab) [ 18.026511] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.027921] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 18.028418] page dumped because: kasan: bad access detected [ 18.029447] [ 18.029944] Memory state around the buggy address: [ 18.030565] ffff8881025abc00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 18.031022] ffff8881025abc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 18.032409] >ffff8881025abd00: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 18.033092] ^ [ 18.033654] ffff8881025abd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.034728] ffff8881025abe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.035305] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.925017] ================================================================== [ 17.926033] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 17.927665] Read of size 64 at addr ffff88810230b784 by task kunit_try_catch/187 [ 17.929190] [ 17.929596] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.929717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.929751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.929841] Call Trace: [ 17.929880] <TASK> [ 17.929931] dump_stack_lvl+0x73/0xb0 [ 17.930014] print_report+0xd1/0x640 [ 17.930092] ? __virt_addr_valid+0x1db/0x2d0 [ 17.930157] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.930188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.930244] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.930277] kasan_report+0x140/0x180 [ 17.930312] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.930349] kasan_check_range+0x10c/0x1c0 [ 17.930378] __asan_memmove+0x27/0x70 [ 17.930409] kmalloc_memmove_invalid_size+0x170/0x330 [ 17.930443] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 17.930576] ? __schedule+0x1bb4/0x27a0 [ 17.930608] ? __pfx_read_tsc+0x10/0x10 [ 17.930635] ? ktime_get_ts64+0x84/0x230 [ 17.930672] kunit_try_run_case+0x1a6/0x480 [ 17.930705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.930733] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.930761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.930796] ? __kthread_parkme+0x82/0x160 [ 17.930846] ? preempt_count_sub+0x50/0x80 [ 17.930887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.930915] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.930951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.930987] kthread+0x257/0x310 [ 17.931011] ? __pfx_kthread+0x10/0x10 [ 17.931036] ret_from_fork+0x41/0x80 [ 17.931065] ? __pfx_kthread+0x10/0x10 [ 17.931090] ret_from_fork_asm+0x1a/0x30 [ 17.931130] </TASK> [ 17.931143] [ 17.951269] Allocated by task 187: [ 17.951726] kasan_save_stack+0x45/0x70 [ 17.952024] kasan_save_track+0x18/0x40 [ 17.952437] kasan_save_alloc_info+0x3b/0x50 [ 17.953481] __kasan_kmalloc+0xb7/0xc0 [ 17.954155] __kmalloc_cache_noprof+0x168/0x350 [ 17.954802] kmalloc_memmove_invalid_size+0xad/0x330 [ 17.955866] kunit_try_run_case+0x1a6/0x480 [ 17.956176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.956760] kthread+0x257/0x310 [ 17.957093] ret_from_fork+0x41/0x80 [ 17.957504] ret_from_fork_asm+0x1a/0x30 [ 17.957867] [ 17.958064] The buggy address belongs to the object at ffff88810230b780 [ 17.958064] which belongs to the cache kmalloc-64 of size 64 [ 17.960360] The buggy address is located 4 bytes inside of [ 17.960360] allocated 64-byte region [ffff88810230b780, ffff88810230b7c0) [ 17.962128] [ 17.962371] The buggy address belongs to the physical page: [ 17.963131] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230b [ 17.963915] flags: 0x200000000000000(node=0|zone=2) [ 17.964764] page_type: f5(slab) [ 17.965802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.966371] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 17.967690] page dumped because: kasan: bad access detected [ 17.968169] [ 17.968409] Memory state around the buggy address: [ 17.969254] ffff88810230b680: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.970000] ffff88810230b700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.971280] >ffff88810230b780: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.972036] ^ [ 17.973099] ffff88810230b800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973991] ffff88810230b880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.975002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.866916] ================================================================== [ 17.868121] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 17.869515] Read of size 18446744073709551614 at addr ffff88810230b604 by task kunit_try_catch/185 [ 17.870940] [ 17.871173] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.871540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.871577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.871637] Call Trace: [ 17.871751] <TASK> [ 17.871802] dump_stack_lvl+0x73/0xb0 [ 17.871891] print_report+0xd1/0x640 [ 17.871928] ? __virt_addr_valid+0x1db/0x2d0 [ 17.871962] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.871993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.872025] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.872080] kasan_report+0x140/0x180 [ 17.872118] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.872155] kasan_check_range+0x10c/0x1c0 [ 17.872183] __asan_memmove+0x27/0x70 [ 17.872232] kmalloc_memmove_negative_size+0x172/0x330 [ 17.872272] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 17.872304] ? __schedule+0xc49/0x27a0 [ 17.872335] ? __pfx_read_tsc+0x10/0x10 [ 17.872363] ? ktime_get_ts64+0x84/0x230 [ 17.872399] kunit_try_run_case+0x1a6/0x480 [ 17.872432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.872485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.872558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.872604] ? __kthread_parkme+0x82/0x160 [ 17.872633] ? preempt_count_sub+0x50/0x80 [ 17.872664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.872691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.872726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.872763] kthread+0x257/0x310 [ 17.872788] ? __pfx_kthread+0x10/0x10 [ 17.872828] ret_from_fork+0x41/0x80 [ 17.872885] ? __pfx_kthread+0x10/0x10 [ 17.872912] ret_from_fork_asm+0x1a/0x30 [ 17.872953] </TASK> [ 17.872967] [ 17.893140] Allocated by task 185: [ 17.893638] kasan_save_stack+0x45/0x70 [ 17.894140] kasan_save_track+0x18/0x40 [ 17.894542] kasan_save_alloc_info+0x3b/0x50 [ 17.895131] __kasan_kmalloc+0xb7/0xc0 [ 17.895589] __kmalloc_cache_noprof+0x168/0x350 [ 17.896016] kmalloc_memmove_negative_size+0xad/0x330 [ 17.896803] kunit_try_run_case+0x1a6/0x480 [ 17.897453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.898554] kthread+0x257/0x310 [ 17.898988] ret_from_fork+0x41/0x80 [ 17.899538] ret_from_fork_asm+0x1a/0x30 [ 17.899816] [ 17.899974] The buggy address belongs to the object at ffff88810230b600 [ 17.899974] which belongs to the cache kmalloc-64 of size 64 [ 17.901781] The buggy address is located 4 bytes inside of [ 17.901781] 64-byte region [ffff88810230b600, ffff88810230b640) [ 17.902405] [ 17.902594] The buggy address belongs to the physical page: [ 17.903757] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230b [ 17.906862] flags: 0x200000000000000(node=0|zone=2) [ 17.907791] page_type: f5(slab) [ 17.908738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.909179] raw: 0000000000000000 0000000080200020 00000001f5000000 0000000000000000 [ 17.910361] page dumped because: kasan: bad access detected [ 17.910858] [ 17.911724] Memory state around the buggy address: [ 17.912660] ffff88810230b500: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.913268] ffff88810230b580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.914157] >ffff88810230b600: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.915970] ^ [ 17.916697] ffff88810230b680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.917545] ffff88810230b700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.918039] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.822591] ================================================================== [ 17.823705] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 17.824381] Write of size 16 at addr ffff888102921c69 by task kunit_try_catch/183 [ 17.825724] [ 17.826421] CPU: 0 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.826484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.826508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.826566] Call Trace: [ 17.826604] <TASK> [ 17.826650] dump_stack_lvl+0x73/0xb0 [ 17.826923] print_report+0xd1/0x640 [ 17.826962] ? __virt_addr_valid+0x1db/0x2d0 [ 17.827000] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.827033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.827066] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.827100] kasan_report+0x140/0x180 [ 17.827134] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.827177] kasan_check_range+0x10c/0x1c0 [ 17.827207] __asan_memset+0x27/0x50 [ 17.827281] kmalloc_oob_memset_16+0x167/0x330 [ 17.827320] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 17.827355] ? __schedule+0xc49/0x27a0 [ 17.827384] ? __pfx_read_tsc+0x10/0x10 [ 17.827413] ? ktime_get_ts64+0x84/0x230 [ 17.827450] kunit_try_run_case+0x1a6/0x480 [ 17.827481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.827509] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.827537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.827572] ? __kthread_parkme+0x82/0x160 [ 17.827599] ? preempt_count_sub+0x50/0x80 [ 17.827630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.827657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.827694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.827729] kthread+0x257/0x310 [ 17.827755] ? __pfx_kthread+0x10/0x10 [ 17.827781] ret_from_fork+0x41/0x80 [ 17.827818] ? __pfx_kthread+0x10/0x10 [ 17.827873] ret_from_fork_asm+0x1a/0x30 [ 17.827916] </TASK> [ 17.827930] [ 17.843560] Allocated by task 183: [ 17.844077] kasan_save_stack+0x45/0x70 [ 17.844602] kasan_save_track+0x18/0x40 [ 17.845182] kasan_save_alloc_info+0x3b/0x50 [ 17.845624] __kasan_kmalloc+0xb7/0xc0 [ 17.846149] __kmalloc_cache_noprof+0x168/0x350 [ 17.846700] kmalloc_oob_memset_16+0xad/0x330 [ 17.847283] kunit_try_run_case+0x1a6/0x480 [ 17.847697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.848352] kthread+0x257/0x310 [ 17.848670] ret_from_fork+0x41/0x80 [ 17.849256] ret_from_fork_asm+0x1a/0x30 [ 17.849712] [ 17.850049] The buggy address belongs to the object at ffff888102921c00 [ 17.850049] which belongs to the cache kmalloc-128 of size 128 [ 17.850925] The buggy address is located 105 bytes inside of [ 17.850925] allocated 120-byte region [ffff888102921c00, ffff888102921c78) [ 17.851889] [ 17.852070] The buggy address belongs to the physical page: [ 17.852572] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102921 [ 17.853403] flags: 0x200000000000000(node=0|zone=2) [ 17.853984] page_type: f5(slab) [ 17.854302] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.854998] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.855655] page dumped because: kasan: bad access detected [ 17.856187] [ 17.856457] Memory state around the buggy address: [ 17.856980] ffff888102921b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.857548] ffff888102921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.858139] >ffff888102921c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.858795] ^ [ 17.859447] ffff888102921c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.860064] ffff888102921d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.860653] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.764642] ================================================================== [ 17.765447] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 17.766664] Write of size 8 at addr ffff888102921b71 by task kunit_try_catch/181 [ 17.767069] [ 17.768303] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.768406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.768454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.768513] Call Trace: [ 17.768566] <TASK> [ 17.768611] dump_stack_lvl+0x73/0xb0 [ 17.768657] print_report+0xd1/0x640 [ 17.768692] ? __virt_addr_valid+0x1db/0x2d0 [ 17.768727] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.768758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.768789] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.768840] kasan_report+0x140/0x180 [ 17.768883] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.768922] kasan_check_range+0x10c/0x1c0 [ 17.768949] __asan_memset+0x27/0x50 [ 17.768977] kmalloc_oob_memset_8+0x167/0x330 [ 17.769010] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 17.769043] ? __schedule+0xc49/0x27a0 [ 17.769074] ? __pfx_read_tsc+0x10/0x10 [ 17.769103] ? ktime_get_ts64+0x84/0x230 [ 17.769141] kunit_try_run_case+0x1a6/0x480 [ 17.769174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.769202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.769258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.769294] ? __kthread_parkme+0x82/0x160 [ 17.769323] ? preempt_count_sub+0x50/0x80 [ 17.769354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.769382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.769418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.769473] kthread+0x257/0x310 [ 17.769560] ? __pfx_kthread+0x10/0x10 [ 17.769596] ret_from_fork+0x41/0x80 [ 17.769627] ? __pfx_kthread+0x10/0x10 [ 17.769651] ret_from_fork_asm+0x1a/0x30 [ 17.769694] </TASK> [ 17.769708] [ 17.792090] Allocated by task 181: [ 17.792552] kasan_save_stack+0x45/0x70 [ 17.793719] kasan_save_track+0x18/0x40 [ 17.794333] kasan_save_alloc_info+0x3b/0x50 [ 17.794934] __kasan_kmalloc+0xb7/0xc0 [ 17.795813] __kmalloc_cache_noprof+0x168/0x350 [ 17.796417] kmalloc_oob_memset_8+0xad/0x330 [ 17.797262] kunit_try_run_case+0x1a6/0x480 [ 17.797955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.798408] kthread+0x257/0x310 [ 17.798901] ret_from_fork+0x41/0x80 [ 17.799328] ret_from_fork_asm+0x1a/0x30 [ 17.799756] [ 17.800122] The buggy address belongs to the object at ffff888102921b00 [ 17.800122] which belongs to the cache kmalloc-128 of size 128 [ 17.801098] The buggy address is located 113 bytes inside of [ 17.801098] allocated 120-byte region [ffff888102921b00, ffff888102921b78) [ 17.803239] [ 17.803436] The buggy address belongs to the physical page: [ 17.803975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102921 [ 17.805134] flags: 0x200000000000000(node=0|zone=2) [ 17.805904] page_type: f5(slab) [ 17.806263] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.807406] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.808393] page dumped because: kasan: bad access detected [ 17.809234] [ 17.809471] Memory state around the buggy address: [ 17.809815] ffff888102921a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 17.811239] ffff888102921a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.812197] >ffff888102921b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.813084] ^ [ 17.813976] ffff888102921b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.815078] ffff888102921c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.815651] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.719194] ================================================================== [ 17.720279] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 17.720845] Write of size 4 at addr ffff88810230d375 by task kunit_try_catch/179 [ 17.721557] [ 17.721813] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.721933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.721970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.722027] Call Trace: [ 17.722067] <TASK> [ 17.722113] dump_stack_lvl+0x73/0xb0 [ 17.722193] print_report+0xd1/0x640 [ 17.722287] ? __virt_addr_valid+0x1db/0x2d0 [ 17.722363] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.722433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.722505] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.722577] kasan_report+0x140/0x180 [ 17.722655] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.722745] kasan_check_range+0x10c/0x1c0 [ 17.722819] __asan_memset+0x27/0x50 [ 17.722888] kmalloc_oob_memset_4+0x167/0x330 [ 17.722968] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 17.723048] ? __schedule+0xc49/0x27a0 [ 17.723121] ? __pfx_read_tsc+0x10/0x10 [ 17.723186] ? ktime_get_ts64+0x84/0x230 [ 17.723358] kunit_try_run_case+0x1a6/0x480 [ 17.723404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.723432] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.723579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.723616] ? __kthread_parkme+0x82/0x160 [ 17.723643] ? preempt_count_sub+0x50/0x80 [ 17.723672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.723700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.723736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.723772] kthread+0x257/0x310 [ 17.723795] ? __pfx_kthread+0x10/0x10 [ 17.723849] ret_from_fork+0x41/0x80 [ 17.723883] ? __pfx_kthread+0x10/0x10 [ 17.723908] ret_from_fork_asm+0x1a/0x30 [ 17.723949] </TASK> [ 17.723962] [ 17.738944] Allocated by task 179: [ 17.739361] kasan_save_stack+0x45/0x70 [ 17.740242] kasan_save_track+0x18/0x40 [ 17.740775] kasan_save_alloc_info+0x3b/0x50 [ 17.741256] __kasan_kmalloc+0xb7/0xc0 [ 17.741745] __kmalloc_cache_noprof+0x168/0x350 [ 17.742168] kmalloc_oob_memset_4+0xad/0x330 [ 17.742613] kunit_try_run_case+0x1a6/0x480 [ 17.743036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.743530] kthread+0x257/0x310 [ 17.744049] ret_from_fork+0x41/0x80 [ 17.744568] ret_from_fork_asm+0x1a/0x30 [ 17.745042] [ 17.745284] The buggy address belongs to the object at ffff88810230d300 [ 17.745284] which belongs to the cache kmalloc-128 of size 128 [ 17.746710] The buggy address is located 117 bytes inside of [ 17.746710] allocated 120-byte region [ffff88810230d300, ffff88810230d378) [ 17.747811] [ 17.748083] The buggy address belongs to the physical page: [ 17.748713] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10230d [ 17.749366] flags: 0x200000000000000(node=0|zone=2) [ 17.749858] page_type: f5(slab) [ 17.750148] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.750831] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.751488] page dumped because: kasan: bad access detected [ 17.752427] [ 17.752768] Memory state around the buggy address: [ 17.753189] ffff88810230d200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 17.753845] ffff88810230d280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.754355] >ffff88810230d300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.755082] ^ [ 17.755843] ffff88810230d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756856] ffff88810230d400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757583] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.663276] ================================================================== [ 17.664560] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 17.665323] Write of size 2 at addr ffff888102921877 by task kunit_try_catch/177 [ 17.666575] [ 17.666838] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 17.667208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.667274] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.667384] Call Trace: [ 17.667447] <TASK> [ 17.667689] dump_stack_lvl+0x73/0xb0 [ 17.667767] print_report+0xd1/0x640 [ 17.667809] ? __virt_addr_valid+0x1db/0x2d0 [ 17.668308] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.668345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.668378] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.668411] kasan_report+0x140/0x180 [ 17.668475] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.668570] kasan_check_range+0x10c/0x1c0 [ 17.668613] __asan_memset+0x27/0x50 [ 17.668643] kmalloc_oob_memset_2+0x167/0x330 [ 17.668677] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 17.668711] ? __schedule+0xc49/0x27a0 [ 17.668741] ? __pfx_read_tsc+0x10/0x10 [ 17.668769] ? ktime_get_ts64+0x84/0x230 [ 17.668807] kunit_try_run_case+0x1a6/0x480 [ 17.668879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.668909] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.668937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.668971] ? __kthread_parkme+0x82/0x160 [ 17.668998] ? preempt_count_sub+0x50/0x80 [ 17.669027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.669055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.669091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.669126] kthread+0x257/0x310 [ 17.669150] ? __pfx_kthread+0x10/0x10 [ 17.669175] ret_from_fork+0x41/0x80 [ 17.669203] ? __pfx_kthread+0x10/0x10 [ 17.669267] ret_from_fork_asm+0x1a/0x30 [ 17.669312] </TASK> [ 17.669326] [ 17.688620] Allocated by task 177: [ 17.689078] kasan_save_stack+0x45/0x70 [ 17.689436] kasan_save_track+0x18/0x40 [ 17.689752] kasan_save_alloc_info+0x3b/0x50 [ 17.691314] __kasan_kmalloc+0xb7/0xc0 [ 17.691942] __kmalloc_cache_noprof+0x168/0x350 [ 17.692543] kmalloc_oob_memset_2+0xad/0x330 [ 17.693340] kunit_try_run_case+0x1a6/0x480 [ 17.694012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694501] kthread+0x257/0x310 [ 17.695247] ret_from_fork+0x41/0x80 [ 17.695703] ret_from_fork_asm+0x1a/0x30 [ 17.696303] [ 17.696750] The buggy address belongs to the object at ffff888102921800 [ 17.696750] which belongs to the cache kmalloc-128 of size 128 [ 17.698366] The buggy address is located 119 bytes inside of [ 17.698366] allocated 120-byte region [ffff888102921800, ffff888102921878) [ 17.699205] [ 17.699427] The buggy address belongs to the physical page: [ 17.700836] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102921 [ 17.701374] flags: 0x200000000000000(node=0|zone=2) [ 17.702666] page_type: f5(slab) [ 17.703203] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.704071] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 17.704661] page dumped because: kasan: bad access detected [ 17.705456] [ 17.706237] Memory state around the buggy address: [ 17.706675] ffff888102921700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.707782] ffff888102921780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.708324] >ffff888102921800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.710031] ^ [ 17.710762] ffff888102921880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.711545] ffff888102921900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.712265] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.648780] ================================================================== [ 16.650161] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 16.651088] Read of size 1 at addr ffff888102c50000 by task kunit_try_catch/159 [ 16.652277] [ 16.653341] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.653592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.653615] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.653646] Call Trace: [ 16.653668] <TASK> [ 16.653692] dump_stack_lvl+0x73/0xb0 [ 16.653778] print_report+0xd1/0x640 [ 16.653868] ? __virt_addr_valid+0x1db/0x2d0 [ 16.653909] ? page_alloc_uaf+0x358/0x3d0 [ 16.653937] ? kasan_addr_to_slab+0x11/0xa0 [ 16.653967] ? page_alloc_uaf+0x358/0x3d0 [ 16.653993] kasan_report+0x140/0x180 [ 16.654028] ? page_alloc_uaf+0x358/0x3d0 [ 16.654060] __asan_report_load1_noabort+0x18/0x20 [ 16.654091] page_alloc_uaf+0x358/0x3d0 [ 16.654118] ? __pfx_page_alloc_uaf+0x10/0x10 [ 16.654146] ? __schedule+0xc49/0x27a0 [ 16.654175] ? __pfx_read_tsc+0x10/0x10 [ 16.654203] ? ktime_get_ts64+0x84/0x230 [ 16.654271] kunit_try_run_case+0x1a6/0x480 [ 16.654305] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.654333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.654361] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.654396] ? __kthread_parkme+0x82/0x160 [ 16.654424] ? preempt_count_sub+0x50/0x80 [ 16.654469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.654574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.654616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.654653] kthread+0x257/0x310 [ 16.654678] ? __pfx_kthread+0x10/0x10 [ 16.654703] ret_from_fork+0x41/0x80 [ 16.654730] ? __pfx_kthread+0x10/0x10 [ 16.654754] ret_from_fork_asm+0x1a/0x30 [ 16.654798] </TASK> [ 16.654835] [ 16.671145] The buggy address belongs to the physical page: [ 16.671666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c50 [ 16.672461] flags: 0x200000000000000(node=0|zone=2) [ 16.673144] page_type: f0(buddy) [ 16.674168] raw: 0200000000000000 ffff88817fffc4a0 ffff88817fffc4a0 0000000000000000 [ 16.675050] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.675841] page dumped because: kasan: bad access detected [ 16.676286] [ 16.676686] Memory state around the buggy address: [ 16.677173] ffff888102c4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.678323] ffff888102c4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.679077] >ffff888102c50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.679941] ^ [ 16.680361] ffff888102c50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.681126] ffff888102c50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.682264] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 16.598131] ================================================================== [ 16.599015] BUG: KASAN: invalid-free in kfree+0x271/0x3d0 [ 16.599786] Free of addr ffff8881022c4001 by task kunit_try_catch/155 [ 16.600758] [ 16.601108] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.601287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.601368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.601425] Call Trace: [ 16.601605] <TASK> [ 16.601710] dump_stack_lvl+0x73/0xb0 [ 16.601862] print_report+0xd1/0x640 [ 16.601948] ? __virt_addr_valid+0x1db/0x2d0 [ 16.602027] ? kasan_addr_to_slab+0x11/0xa0 [ 16.602152] ? kfree+0x271/0x3d0 [ 16.602267] kasan_report_invalid_free+0xfc/0x120 [ 16.602348] ? kfree+0x271/0x3d0 [ 16.602387] ? kfree+0x271/0x3d0 [ 16.602413] __kasan_kfree_large+0x86/0xd0 [ 16.602473] free_large_kmalloc+0x3b/0xd0 [ 16.602586] kfree+0x271/0x3d0 [ 16.602661] kmalloc_large_invalid_free+0x121/0x2b0 [ 16.602700] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 16.602736] ? __schedule+0xc49/0x27a0 [ 16.602766] ? __pfx_read_tsc+0x10/0x10 [ 16.602792] ? ktime_get_ts64+0x84/0x230 [ 16.602877] kunit_try_run_case+0x1a6/0x480 [ 16.602913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.602943] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.602972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.603008] ? __kthread_parkme+0x82/0x160 [ 16.603036] ? preempt_count_sub+0x50/0x80 [ 16.603066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.603094] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.603130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.603167] kthread+0x257/0x310 [ 16.603192] ? __pfx_kthread+0x10/0x10 [ 16.603246] ret_from_fork+0x41/0x80 [ 16.603290] ? __pfx_kthread+0x10/0x10 [ 16.603317] ret_from_fork_asm+0x1a/0x30 [ 16.603361] </TASK> [ 16.603376] [ 16.622508] The buggy address belongs to the physical page: [ 16.623697] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022c4 [ 16.624513] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.625257] flags: 0x200000000000040(head|node=0|zone=2) [ 16.625479] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.625725] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.626864] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.627493] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.628741] head: 0200000000000002 ffffea000408b101 ffffffffffffffff 0000000000000000 [ 16.629858] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 16.630418] page dumped because: kasan: bad access detected [ 16.631237] [ 16.631478] Memory state around the buggy address: [ 16.632238] ffff8881022c3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.633267] ffff8881022c3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.634110] >ffff8881022c4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.634815] ^ [ 16.635348] ffff8881022c4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.636122] ffff8881022c4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.636737] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.554108] ================================================================== [ 16.555238] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 16.556739] Read of size 1 at addr ffff888102bdc000 by task kunit_try_catch/153 [ 16.557733] [ 16.557938] CPU: 0 UID: 0 PID: 153 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.558000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.558015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.558044] Call Trace: [ 16.558061] <TASK> [ 16.558083] dump_stack_lvl+0x73/0xb0 [ 16.558123] print_report+0xd1/0x640 [ 16.558157] ? __virt_addr_valid+0x1db/0x2d0 [ 16.558191] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.558263] ? kasan_addr_to_slab+0x11/0xa0 [ 16.558337] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.558410] kasan_report+0x140/0x180 [ 16.558488] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.558577] __asan_report_load1_noabort+0x18/0x20 [ 16.558656] kmalloc_large_uaf+0x2f3/0x340 [ 16.558733] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 16.558808] ? __schedule+0xc49/0x27a0 [ 16.558879] ? __pfx_read_tsc+0x10/0x10 [ 16.558941] ? ktime_get_ts64+0x84/0x230 [ 16.559024] kunit_try_run_case+0x1a6/0x480 [ 16.559199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.559291] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.559359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.559424] ? __kthread_parkme+0x82/0x160 [ 16.559490] ? preempt_count_sub+0x50/0x80 [ 16.559567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.559610] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.559650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.559687] kthread+0x257/0x310 [ 16.559712] ? __pfx_kthread+0x10/0x10 [ 16.559737] ret_from_fork+0x41/0x80 [ 16.559765] ? __pfx_kthread+0x10/0x10 [ 16.559789] ret_from_fork_asm+0x1a/0x30 [ 16.559872] </TASK> [ 16.559902] [ 16.578757] The buggy address belongs to the physical page: [ 16.580810] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bdc [ 16.582496] flags: 0x200000000000000(node=0|zone=2) [ 16.583299] raw: 0200000000000000 ffffea00040af808 ffff88815b03f000 0000000000000000 [ 16.584185] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.584836] page dumped because: kasan: bad access detected [ 16.585331] [ 16.586074] Memory state around the buggy address: [ 16.586483] ffff888102bdbf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.587376] ffff888102bdbf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.588447] >ffff888102bdc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.589340] ^ [ 16.589765] ffff888102bdc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.590847] ffff888102bdc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.591561] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.509815] ================================================================== [ 16.510580] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 16.512773] Write of size 1 at addr ffff888102bde00a by task kunit_try_catch/151 [ 16.513338] [ 16.513820] CPU: 0 UID: 0 PID: 151 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.514003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.514042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.514098] Call Trace: [ 16.514146] <TASK> [ 16.514187] dump_stack_lvl+0x73/0xb0 [ 16.514256] print_report+0xd1/0x640 [ 16.514294] ? __virt_addr_valid+0x1db/0x2d0 [ 16.514329] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.514362] ? kasan_addr_to_slab+0x11/0xa0 [ 16.514393] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.514427] kasan_report+0x140/0x180 [ 16.514490] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.514574] __asan_report_store1_noabort+0x1b/0x30 [ 16.514610] kmalloc_large_oob_right+0x2eb/0x340 [ 16.514647] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.514686] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.514726] kunit_try_run_case+0x1a6/0x480 [ 16.514759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.514787] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.514839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.514883] ? __kthread_parkme+0x82/0x160 [ 16.514912] ? preempt_count_sub+0x50/0x80 [ 16.514944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.514972] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.515009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.515046] kthread+0x257/0x310 [ 16.515072] ? __pfx_kthread+0x10/0x10 [ 16.515099] ret_from_fork+0x41/0x80 [ 16.515128] ? __pfx_kthread+0x10/0x10 [ 16.515154] ret_from_fork_asm+0x1a/0x30 [ 16.515196] </TASK> [ 16.515229] [ 16.534288] The buggy address belongs to the physical page: [ 16.535094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bdc [ 16.535812] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.536456] flags: 0x200000000000040(head|node=0|zone=2) [ 16.537374] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.538139] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.539342] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.539915] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.540412] head: 0200000000000002 ffffea00040af701 ffffffffffffffff 0000000000000000 [ 16.541389] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 16.542279] page dumped because: kasan: bad access detected [ 16.542701] [ 16.542910] Memory state around the buggy address: [ 16.543720] ffff888102bddf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.544423] ffff888102bddf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.545104] >ffff888102bde000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.545792] ^ [ 16.546420] ffff888102bde080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.547065] ffff888102bde100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.547648] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.452922] ================================================================== [ 16.453913] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 16.454491] Write of size 1 at addr ffff888101efdf00 by task kunit_try_catch/149 [ 16.455160] [ 16.455751] CPU: 1 UID: 0 PID: 149 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.455893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.455929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.455986] Call Trace: [ 16.456023] <TASK> [ 16.456073] dump_stack_lvl+0x73/0xb0 [ 16.456155] print_report+0xd1/0x640 [ 16.456255] ? __virt_addr_valid+0x1db/0x2d0 [ 16.456363] ? kmalloc_big_oob_right+0x318/0x370 [ 16.456463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.456539] ? kmalloc_big_oob_right+0x318/0x370 [ 16.456611] kasan_report+0x140/0x180 [ 16.456689] ? kmalloc_big_oob_right+0x318/0x370 [ 16.456908] __asan_report_store1_noabort+0x1b/0x30 [ 16.456984] kmalloc_big_oob_right+0x318/0x370 [ 16.457062] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.457100] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.457136] ? trace_hardirqs_on+0x37/0xe0 [ 16.457170] ? __pfx_read_tsc+0x10/0x10 [ 16.457197] ? ktime_get_ts64+0x84/0x230 [ 16.457266] kunit_try_run_case+0x1a6/0x480 [ 16.457301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.457332] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.457360] ? __kthread_parkme+0x82/0x160 [ 16.457387] ? preempt_count_sub+0x50/0x80 [ 16.457418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.457470] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.457600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457640] kthread+0x257/0x310 [ 16.457666] ? __pfx_kthread+0x10/0x10 [ 16.457693] ret_from_fork+0x41/0x80 [ 16.457722] ? __pfx_kthread+0x10/0x10 [ 16.457747] ret_from_fork_asm+0x1a/0x30 [ 16.457789] </TASK> [ 16.457803] [ 16.475142] Allocated by task 149: [ 16.475836] kasan_save_stack+0x45/0x70 [ 16.476336] kasan_save_track+0x18/0x40 [ 16.476881] kasan_save_alloc_info+0x3b/0x50 [ 16.477925] __kasan_kmalloc+0xb7/0xc0 [ 16.478248] __kmalloc_cache_noprof+0x168/0x350 [ 16.478995] kmalloc_big_oob_right+0xaa/0x370 [ 16.479587] kunit_try_run_case+0x1a6/0x480 [ 16.480125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.481043] kthread+0x257/0x310 [ 16.481414] ret_from_fork+0x41/0x80 [ 16.482037] ret_from_fork_asm+0x1a/0x30 [ 16.482435] [ 16.482998] The buggy address belongs to the object at ffff888101efc000 [ 16.482998] which belongs to the cache kmalloc-8k of size 8192 [ 16.484074] The buggy address is located 0 bytes to the right of [ 16.484074] allocated 7936-byte region [ffff888101efc000, ffff888101efdf00) [ 16.485104] [ 16.485360] The buggy address belongs to the physical page: [ 16.485811] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ef8 [ 16.487381] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.488340] flags: 0x200000000000040(head|node=0|zone=2) [ 16.488666] page_type: f5(slab) [ 16.489232] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.489992] raw: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 16.490750] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.491511] head: 0000000000000000 0000000080020002 00000001f5000000 0000000000000000 [ 16.493253] head: 0200000000000003 ffffea000407be01 ffffffffffffffff 0000000000000000 [ 16.494380] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 16.495344] page dumped because: kasan: bad access detected [ 16.495667] [ 16.495831] Memory state around the buggy address: [ 16.496638] ffff888101efde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.497691] ffff888101efde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.498505] >ffff888101efdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.499777] ^ [ 16.500131] ffff888101efdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.501343] ffff888101efe000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.502269] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.395963] ================================================================== [ 16.396870] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 16.397404] Read of size 1 at addr ffff888102b03000 by task kunit_try_catch/147 [ 16.398013] [ 16.398636] CPU: 0 UID: 0 PID: 147 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.398755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.398791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.398886] Call Trace: [ 16.398906] <TASK> [ 16.398936] dump_stack_lvl+0x73/0xb0 [ 16.398986] print_report+0xd1/0x640 [ 16.399026] ? __virt_addr_valid+0x1db/0x2d0 [ 16.399099] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.399169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.399272] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.399343] kasan_report+0x140/0x180 [ 16.399420] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.399640] __asan_report_load1_noabort+0x18/0x20 [ 16.399713] kmalloc_node_oob_right+0x36b/0x3d0 [ 16.399765] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 16.399798] ? __schedule+0xc49/0x27a0 [ 16.399879] ? __pfx_read_tsc+0x10/0x10 [ 16.399908] ? ktime_get_ts64+0x84/0x230 [ 16.399946] kunit_try_run_case+0x1a6/0x480 [ 16.399980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.400011] ? irqentry_exit+0x2a/0x60 [ 16.400042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.400084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.400112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.400148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.400185] kthread+0x257/0x310 [ 16.400236] ? __pfx_kthread+0x10/0x10 [ 16.400267] ret_from_fork+0x41/0x80 [ 16.400296] ? __pfx_kthread+0x10/0x10 [ 16.400323] ret_from_fork_asm+0x1a/0x30 [ 16.400365] </TASK> [ 16.400378] [ 16.417576] Allocated by task 147: [ 16.418136] kasan_save_stack+0x45/0x70 [ 16.418911] kasan_save_track+0x18/0x40 [ 16.419452] kasan_save_alloc_info+0x3b/0x50 [ 16.420113] __kasan_kmalloc+0xb7/0xc0 [ 16.421177] __kmalloc_cache_node_noprof+0x187/0x370 [ 16.421897] kmalloc_node_oob_right+0xac/0x3d0 [ 16.422295] kunit_try_run_case+0x1a6/0x480 [ 16.422719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423472] kthread+0x257/0x310 [ 16.424374] ret_from_fork+0x41/0x80 [ 16.424760] ret_from_fork_asm+0x1a/0x30 [ 16.425711] [ 16.425886] The buggy address belongs to the object at ffff888102b02000 [ 16.425886] which belongs to the cache kmalloc-4k of size 4096 [ 16.427192] The buggy address is located 0 bytes to the right of [ 16.427192] allocated 4096-byte region [ffff888102b02000, ffff888102b03000) [ 16.428593] [ 16.429237] The buggy address belongs to the physical page: [ 16.430115] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b00 [ 16.431327] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.432136] flags: 0x200000000000040(head|node=0|zone=2) [ 16.433136] page_type: f5(slab) [ 16.433768] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.434508] raw: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 16.435371] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.435951] head: 0000000000000000 0000000080040004 00000001f5000000 0000000000000000 [ 16.437069] head: 0200000000000003 ffffea00040ac001 ffffffffffffffff 0000000000000000 [ 16.437925] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 16.438888] page dumped because: kasan: bad access detected [ 16.439798] [ 16.439983] Memory state around the buggy address: [ 16.441061] ffff888102b02f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.441639] ffff888102b02f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.442616] >ffff888102b03000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.443400] ^ [ 16.444143] ffff888102b03080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.444736] ffff888102b03100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.445583] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.343953] ================================================================== [ 16.345006] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 16.345523] Read of size 1 at addr ffff8881025abcff by task kunit_try_catch/145 [ 16.347312] [ 16.347660] CPU: 0 UID: 0 PID: 145 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.347763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.347784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.347842] Call Trace: [ 16.347880] <TASK> [ 16.347906] dump_stack_lvl+0x73/0xb0 [ 16.347950] print_report+0xd1/0x640 [ 16.347986] ? __virt_addr_valid+0x1db/0x2d0 [ 16.348021] ? kmalloc_oob_left+0x363/0x3c0 [ 16.348053] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.348087] ? kmalloc_oob_left+0x363/0x3c0 [ 16.348119] kasan_report+0x140/0x180 [ 16.348153] ? kmalloc_oob_left+0x363/0x3c0 [ 16.348192] __asan_report_load1_noabort+0x18/0x20 [ 16.348260] kmalloc_oob_left+0x363/0x3c0 [ 16.348338] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.348417] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.348588] kunit_try_run_case+0x1a6/0x480 [ 16.348631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.348661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.348692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.348729] ? __kthread_parkme+0x82/0x160 [ 16.348759] ? preempt_count_sub+0x50/0x80 [ 16.348792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.348837] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.348885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.348923] kthread+0x257/0x310 [ 16.348950] ? __pfx_kthread+0x10/0x10 [ 16.348976] ret_from_fork+0x41/0x80 [ 16.349008] ? __pfx_kthread+0x10/0x10 [ 16.349033] ret_from_fork_asm+0x1a/0x30 [ 16.349075] </TASK> [ 16.349089] [ 16.364618] Allocated by task 1: [ 16.364960] kasan_save_stack+0x45/0x70 [ 16.365508] kasan_save_track+0x18/0x40 [ 16.366266] kasan_save_alloc_info+0x3b/0x50 [ 16.366611] __kasan_kmalloc+0xb7/0xc0 [ 16.367300] __kmalloc_node_track_caller_noprof+0x1ee/0x460 [ 16.368038] kvasprintf+0xc6/0x150 [ 16.368436] __kthread_create_on_node+0x18c/0x3a0 [ 16.368840] kthread_create_on_node+0xac/0xe0 [ 16.369292] create_worker+0x3e7/0x7b0 [ 16.369600] alloc_unbound_pwq+0x8ea/0xdb0 [ 16.370253] apply_wqattrs_prepare+0x332/0xd20 [ 16.370690] apply_workqueue_attrs_locked+0x4d/0xa0 [ 16.371278] alloc_workqueue+0xcc8/0x1ad0 [ 16.372305] latency_fsnotify_init+0x1b/0x50 [ 16.373347] do_one_initcall+0xd9/0x370 [ 16.374087] kernel_init_freeable+0x425/0x6f0 [ 16.374876] kernel_init+0x23/0x1e0 [ 16.375581] ret_from_fork+0x41/0x80 [ 16.375964] ret_from_fork_asm+0x1a/0x30 [ 16.376355] [ 16.376582] The buggy address belongs to the object at ffff8881025abce0 [ 16.376582] which belongs to the cache kmalloc-16 of size 16 [ 16.378136] The buggy address is located 18 bytes to the right of [ 16.378136] allocated 13-byte region [ffff8881025abce0, ffff8881025abced) [ 16.379464] [ 16.379649] The buggy address belongs to the physical page: [ 16.381141] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025ab [ 16.381965] flags: 0x200000000000000(node=0|zone=2) [ 16.382337] page_type: f5(slab) [ 16.382786] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.384032] raw: 0000000000000000 0000000080800080 00000001f5000000 0000000000000000 [ 16.384604] page dumped because: kasan: bad access detected [ 16.385618] [ 16.385776] Memory state around the buggy address: [ 16.386547] ffff8881025abb80: 00 03 fc fc fa fb fc fc 00 02 fc fc 00 05 fc fc [ 16.386809] ffff8881025abc00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.387067] >ffff8881025abc80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 16.387407] ^ [ 16.387991] ffff8881025abd00: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389227] ffff8881025abd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389760] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.287994] ================================================================== [ 16.288466] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 16.290248] Read of size 1 at addr ffff888102304f80 by task kunit_try_catch/143 [ 16.290901] [ 16.291112] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.291244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.291295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.291338] Call Trace: [ 16.291361] <TASK> [ 16.291382] dump_stack_lvl+0x73/0xb0 [ 16.291420] print_report+0xd1/0x640 [ 16.291455] ? __virt_addr_valid+0x1db/0x2d0 [ 16.291564] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.291642] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.291716] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.291787] kasan_report+0x140/0x180 [ 16.291864] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.291949] __asan_report_load1_noabort+0x18/0x20 [ 16.292018] kmalloc_oob_right+0x68c/0x7f0 [ 16.292134] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.292236] ? __schedule+0xc49/0x27a0 [ 16.292273] ? __pfx_read_tsc+0x10/0x10 [ 16.292301] ? ktime_get_ts64+0x84/0x230 [ 16.292336] kunit_try_run_case+0x1a6/0x480 [ 16.292367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.292395] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.292422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.292673] ? __kthread_parkme+0x82/0x160 [ 16.292708] ? preempt_count_sub+0x50/0x80 [ 16.292738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.292765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.292801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.292864] kthread+0x257/0x310 [ 16.292893] ? __pfx_kthread+0x10/0x10 [ 16.292919] ret_from_fork+0x41/0x80 [ 16.292951] ? __pfx_kthread+0x10/0x10 [ 16.292976] ret_from_fork_asm+0x1a/0x30 [ 16.293015] </TASK> [ 16.293028] [ 16.316011] Allocated by task 143: [ 16.316447] kasan_save_stack+0x45/0x70 [ 16.317235] kasan_save_track+0x18/0x40 [ 16.318186] kasan_save_alloc_info+0x3b/0x50 [ 16.318959] __kasan_kmalloc+0xb7/0xc0 [ 16.319245] __kmalloc_cache_noprof+0x168/0x350 [ 16.319926] kmalloc_oob_right+0xaa/0x7f0 [ 16.320381] kunit_try_run_case+0x1a6/0x480 [ 16.320785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.321883] kthread+0x257/0x310 [ 16.322263] ret_from_fork+0x41/0x80 [ 16.322807] ret_from_fork_asm+0x1a/0x30 [ 16.323250] [ 16.323870] The buggy address belongs to the object at ffff888102304f00 [ 16.323870] which belongs to the cache kmalloc-128 of size 128 [ 16.324992] The buggy address is located 13 bytes to the right of [ 16.324992] allocated 115-byte region [ffff888102304f00, ffff888102304f73) [ 16.326176] [ 16.326868] The buggy address belongs to the physical page: [ 16.327468] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102304 [ 16.328532] flags: 0x200000000000000(node=0|zone=2) [ 16.329023] page_type: f5(slab) [ 16.329395] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.330480] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.331425] page dumped because: kasan: bad access detected [ 16.332526] [ 16.333047] Memory state around the buggy address: [ 16.333877] ffff888102304e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.334613] ffff888102304f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.335295] >ffff888102304f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335917] ^ [ 16.336304] ffff888102305000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 16.336951] ffff888102305080: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 16.337572] ================================================================== [ 16.244855] ================================================================== [ 16.245802] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 16.246758] Write of size 1 at addr ffff888102304f78 by task kunit_try_catch/143 [ 16.247279] [ 16.247533] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G B N 6.12.33-rc1 #1 [ 16.247651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.247677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.247708] Call Trace: [ 16.247726] <TASK> [ 16.247746] dump_stack_lvl+0x73/0xb0 [ 16.247783] print_report+0xd1/0x640 [ 16.247846] ? __virt_addr_valid+0x1db/0x2d0 [ 16.248154] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.248244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.248318] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.248388] kasan_report+0x140/0x180 [ 16.248633] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.248726] __asan_report_store1_noabort+0x1b/0x30 [ 16.248794] kmalloc_oob_right+0x6bf/0x7f0 [ 16.248873] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.248908] ? __schedule+0xc49/0x27a0 [ 16.248935] ? __pfx_read_tsc+0x10/0x10 [ 16.248960] ? ktime_get_ts64+0x84/0x230 [ 16.248994] kunit_try_run_case+0x1a6/0x480 [ 16.249024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.249052] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.249079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.249114] ? __kthread_parkme+0x82/0x160 [ 16.249143] ? preempt_count_sub+0x50/0x80 [ 16.249171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.249198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.249262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.249299] kthread+0x257/0x310 [ 16.249324] ? __pfx_kthread+0x10/0x10 [ 16.249350] ret_from_fork+0x41/0x80 [ 16.249378] ? __pfx_kthread+0x10/0x10 [ 16.249403] ret_from_fork_asm+0x1a/0x30 [ 16.249448] </TASK> [ 16.249506] [ 16.265859] Allocated by task 143: [ 16.266342] kasan_save_stack+0x45/0x70 [ 16.266977] kasan_save_track+0x18/0x40 [ 16.267423] kasan_save_alloc_info+0x3b/0x50 [ 16.268065] __kasan_kmalloc+0xb7/0xc0 [ 16.268856] __kmalloc_cache_noprof+0x168/0x350 [ 16.269324] kmalloc_oob_right+0xaa/0x7f0 [ 16.269712] kunit_try_run_case+0x1a6/0x480 [ 16.270132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.271011] kthread+0x257/0x310 [ 16.271331] ret_from_fork+0x41/0x80 [ 16.271957] ret_from_fork_asm+0x1a/0x30 [ 16.272425] [ 16.273014] The buggy address belongs to the object at ffff888102304f00 [ 16.273014] which belongs to the cache kmalloc-128 of size 128 [ 16.274241] The buggy address is located 5 bytes to the right of [ 16.274241] allocated 115-byte region [ffff888102304f00, ffff888102304f73) [ 16.275428] [ 16.275849] The buggy address belongs to the physical page: [ 16.276386] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102304 [ 16.277423] flags: 0x200000000000000(node=0|zone=2) [ 16.277898] page_type: f5(slab) [ 16.278207] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.279199] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.280101] page dumped because: kasan: bad access detected [ 16.280578] [ 16.281478] Memory state around the buggy address: [ 16.282443] ffff888102304e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 16.283180] ffff888102304e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284132] >ffff888102304f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.285013] ^ [ 16.285625] ffff888102304f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.286374] ffff888102305000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 16.287067] ================================================================== [ 16.190628] ================================================================== [ 16.192059] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 16.193230] Write of size 1 at addr ffff888102304f73 by task kunit_try_catch/143 [ 16.193861] [ 16.195663] CPU: 1 UID: 0 PID: 143 Comm: kunit_try_catch Tainted: G N 6.12.33-rc1 #1 [ 16.196081] Tainted: [N]=TEST [ 16.196117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.196418] Call Trace: [ 16.196584] <TASK> [ 16.196773] dump_stack_lvl+0x73/0xb0 [ 16.196928] print_report+0xd1/0x640 [ 16.196987] ? __virt_addr_valid+0x1db/0x2d0 [ 16.197030] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.197061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.197094] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.197125] kasan_report+0x140/0x180 [ 16.197159] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.197197] __asan_report_store1_noabort+0x1b/0x30 [ 16.197256] kmalloc_oob_right+0x6f2/0x7f0 [ 16.197291] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.197324] ? __schedule+0xc49/0x27a0 [ 16.197353] ? __pfx_read_tsc+0x10/0x10 [ 16.197381] ? ktime_get_ts64+0x84/0x230 [ 16.197418] kunit_try_run_case+0x1a6/0x480 [ 16.197491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.197565] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.197601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.197667] ? __kthread_parkme+0x82/0x160 [ 16.197698] ? preempt_count_sub+0x50/0x80 [ 16.197745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.197776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.197823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.197898] kthread+0x257/0x310 [ 16.197947] ? __pfx_kthread+0x10/0x10 [ 16.197982] ret_from_fork+0x41/0x80 [ 16.198015] ? __pfx_kthread+0x10/0x10 [ 16.198059] ret_from_fork_asm+0x1a/0x30 [ 16.198156] </TASK> [ 16.198278] [ 16.216833] Allocated by task 143: [ 16.217412] kasan_save_stack+0x45/0x70 [ 16.218094] kasan_save_track+0x18/0x40 [ 16.218653] kasan_save_alloc_info+0x3b/0x50 [ 16.219100] __kasan_kmalloc+0xb7/0xc0 [ 16.219430] __kmalloc_cache_noprof+0x168/0x350 [ 16.220647] kmalloc_oob_right+0xaa/0x7f0 [ 16.221260] kunit_try_run_case+0x1a6/0x480 [ 16.221570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.222465] kthread+0x257/0x310 [ 16.222916] ret_from_fork+0x41/0x80 [ 16.223305] ret_from_fork_asm+0x1a/0x30 [ 16.224278] [ 16.224681] The buggy address belongs to the object at ffff888102304f00 [ 16.224681] which belongs to the cache kmalloc-128 of size 128 [ 16.226184] The buggy address is located 0 bytes to the right of [ 16.226184] allocated 115-byte region [ffff888102304f00, ffff888102304f73) [ 16.227734] [ 16.228143] The buggy address belongs to the physical page: [ 16.229194] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102304 [ 16.230314] flags: 0x200000000000000(node=0|zone=2) [ 16.231421] page_type: f5(slab) [ 16.232687] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.233394] raw: 0000000000000000 0000000080100010 00000001f5000000 0000000000000000 [ 16.234854] page dumped because: kasan: bad access detected [ 16.235325] [ 16.235917] Memory state around the buggy address: [ 16.237126] ffff888102304e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc fc [ 16.237718] ffff888102304e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.238283] >ffff888102304f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.239240] ^ [ 16.239972] ffff888102304f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.240808] ffff888102305000: fa fb fb fb fb fb fb fb fb fb fb fb fc fc fc fc [ 16.241807] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 195.856497] WARNING: CPU: 0 PID: 2194 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 195.858615] Modules linked in: [ 195.859023] CPU: 0 UID: 0 PID: 2194 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 195.860372] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 195.861322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.862436] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 195.863142] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 8d 09 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 195.864731] RSP: 0000:ffff888102287ce8 EFLAGS: 00010286 [ 195.865622] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 195.866546] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff873fb394 [ 195.867530] RBP: ffff888102287d10 R08: 0000000000000000 R09: ffffed1020ec0ce0 [ 195.868946] R10: ffff888107606707 R11: 0000000000000000 R12: ffffffff873fb380 [ 195.869814] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102287da8 [ 195.870763] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 195.872043] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.872946] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 195.873735] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 195.874268] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 195.874839] Call Trace: [ 195.875136] <TASK> [ 195.876199] drm_test_rect_calc_vscale+0x109/0x270 [ 195.876717] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 195.877032] ? __schedule+0xc49/0x27a0 [ 195.877565] ? __pfx_read_tsc+0x10/0x10 [ 195.878362] ? ktime_get_ts64+0x84/0x230 [ 195.879139] kunit_try_run_case+0x1a6/0x480 [ 195.880001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.880800] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 195.881296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 195.882225] ? __kthread_parkme+0x82/0x160 [ 195.882877] ? preempt_count_sub+0x50/0x80 [ 195.883462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.884319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 195.885431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 195.886128] kthread+0x257/0x310 [ 195.886575] ? __pfx_kthread+0x10/0x10 [ 195.887410] ret_from_fork+0x41/0x80 [ 195.887854] ? __pfx_kthread+0x10/0x10 [ 195.888892] ret_from_fork_asm+0x1a/0x30 [ 195.889450] </TASK> [ 195.890047] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 195.816164] WARNING: CPU: 0 PID: 2192 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 195.817215] Modules linked in: [ 195.817614] CPU: 0 UID: 0 PID: 2192 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 195.818666] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 195.819197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.820176] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 195.820970] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 8d 09 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 195.822569] RSP: 0000:ffff88810733fce8 EFLAGS: 00010286 [ 195.823150] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 195.823837] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff873fb35c [ 195.825313] RBP: ffff88810733fd10 R08: 0000000000000000 R09: ffffed1020ec0cc0 [ 195.826369] R10: ffff888107606607 R11: 0000000000000000 R12: ffffffff873fb348 [ 195.827360] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810733fda8 [ 195.828258] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 195.829957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.830430] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 195.831561] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 195.832666] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 195.833173] Call Trace: [ 195.833701] <TASK> [ 195.834751] drm_test_rect_calc_vscale+0x109/0x270 [ 195.835724] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 195.836029] ? irqentry_exit+0x2a/0x60 [ 195.836692] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 195.837185] ? trace_hardirqs_on+0x37/0xe0 [ 195.838303] ? __pfx_read_tsc+0x10/0x10 [ 195.838989] ? ktime_get_ts64+0x84/0x230 [ 195.839698] kunit_try_run_case+0x1a6/0x480 [ 195.839918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.840338] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 195.841603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 195.842103] ? __kthread_parkme+0x82/0x160 [ 195.842859] ? preempt_count_sub+0x50/0x80 [ 195.843532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.843993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 195.844937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 195.845644] kthread+0x257/0x310 [ 195.846077] ? __pfx_kthread+0x10/0x10 [ 195.846584] ret_from_fork+0x41/0x80 [ 195.847064] ? __pfx_kthread+0x10/0x10 [ 195.847684] ret_from_fork_asm+0x1a/0x30 [ 195.848157] </TASK> [ 195.848634] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 195.756560] WARNING: CPU: 1 PID: 2182 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 195.759003] Modules linked in: [ 195.761007] CPU: 1 UID: 0 PID: 2182 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 195.762358] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 195.764477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.764917] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 195.765764] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 195.767054] RSP: 0000:ffff888107367ce8 EFLAGS: 00010286 [ 195.768370] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 195.769007] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff873fb398 [ 195.769579] RBP: ffff888107367d10 R08: 0000000000000000 R09: ffffed1020ec0c20 [ 195.770108] R10: ffff888107606107 R11: 0000000000000000 R12: ffffffff873fb380 [ 195.771047] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107367da8 [ 195.772035] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 195.772930] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.773825] CR2: ffffffffffffffff CR3: 00000001334b4000 CR4: 00000000000006f0 [ 195.774194] DR0: ffffffff893bf364 DR1: ffffffff893bf369 DR2: ffffffff893bf36a [ 195.774696] DR3: ffffffff893bf36b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 195.775809] Call Trace: [ 195.776193] <TASK> [ 195.776505] drm_test_rect_calc_hscale+0x109/0x270 [ 195.777620] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 195.778080] ? __schedule+0xc49/0x27a0 [ 195.778458] ? __pfx_read_tsc+0x10/0x10 [ 195.778815] ? ktime_get_ts64+0x84/0x230 [ 195.779187] kunit_try_run_case+0x1a6/0x480 [ 195.780353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.780836] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 195.781251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 195.781697] ? __kthread_parkme+0x82/0x160 [ 195.782060] ? preempt_count_sub+0x50/0x80 [ 195.782815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.783872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 195.785075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 195.786288] kthread+0x257/0x310 [ 195.786989] ? __pfx_kthread+0x10/0x10 [ 195.787734] ret_from_fork+0x41/0x80 [ 195.788323] ? __pfx_kthread+0x10/0x10 [ 195.788880] ret_from_fork_asm+0x1a/0x30 [ 195.789251] </TASK> [ 195.789485] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 195.714392] WARNING: CPU: 0 PID: 2180 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 195.716406] Modules linked in: [ 195.716898] CPU: 0 UID: 0 PID: 2180 Comm: kunit_try_catch Tainted: G B D W N 6.12.33-rc1 #1 [ 195.718258] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 195.718571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 195.719827] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 195.720671] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 195.722448] RSP: 0000:ffff8881010d7ce8 EFLAGS: 00010286 [ 195.723234] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 195.724199] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff873fb360 [ 195.725204] RBP: ffff8881010d7d10 R08: 0000000000000000 R09: ffffed1020ec0c00 [ 195.726058] R10: ffff888107606007 R11: 0000000000000000 R12: ffffffff873fb348 [ 195.727241] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881010d7da8 [ 195.728205] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 195.729717] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 195.730576] CR2: 00007ffff7ffe000 CR3: 00000001334b4000 CR4: 00000000000006f0 [ 195.731610] DR0: ffffffff893bf360 DR1: ffffffff893bf361 DR2: ffffffff893bf363 [ 195.732387] DR3: ffffffff893bf365 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 195.733162] Call Trace: [ 195.733434] <TASK> [ 195.734196] drm_test_rect_calc_hscale+0x109/0x270 [ 195.734833] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 195.735301] ? __schedule+0xc49/0x27a0 [ 195.735742] ? __pfx_read_tsc+0x10/0x10 [ 195.736750] ? ktime_get_ts64+0x84/0x230 [ 195.737335] kunit_try_run_case+0x1a6/0x480 [ 195.737788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.738253] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 195.738951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 195.739322] ? __kthread_parkme+0x82/0x160 [ 195.739677] ? preempt_count_sub+0x50/0x80 [ 195.740298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 195.740760] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 195.741686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 195.742400] kthread+0x257/0x310 [ 195.743336] ? __pfx_kthread+0x10/0x10 [ 195.744192] ret_from_fork+0x41/0x80 [ 195.744780] ? __pfx_kthread+0x10/0x10 [ 195.745214] ret_from_fork_asm+0x1a/0x30 [ 195.746008] </TASK> [ 195.746338] ---[ end trace 0000000000000000 ]---