Date
June 7, 2025, 10:40 a.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 17.180653] ================================================================== [ 17.181222] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 17.182108] Write of size 1 at addr ffff8881022ee0eb by task kunit_try_catch/168 [ 17.182878] [ 17.183138] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.183244] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.183275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.183323] Call Trace: [ 17.183363] <TASK> [ 17.183406] dump_stack_lvl+0x73/0xb0 [ 17.183486] print_report+0xd1/0x650 [ 17.183538] ? __virt_addr_valid+0x1db/0x2d0 [ 17.183591] ? krealloc_more_oob_helper+0x823/0x930 [ 17.183646] ? kasan_addr_to_slab+0x11/0xa0 [ 17.183708] ? krealloc_more_oob_helper+0x823/0x930 [ 17.183766] kasan_report+0x140/0x180 [ 17.183821] ? krealloc_more_oob_helper+0x823/0x930 [ 17.183909] __asan_report_store1_noabort+0x1b/0x30 [ 17.184032] krealloc_more_oob_helper+0x823/0x930 [ 17.184090] ? __schedule+0xce8/0x2840 [ 17.184153] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.184214] ? finish_task_switch.isra.0+0x153/0x700 [ 17.184276] ? __switch_to+0x5d9/0xf60 [ 17.184339] ? __schedule+0xce8/0x2840 [ 17.184396] ? __pfx_read_tsc+0x10/0x10 [ 17.184437] krealloc_large_more_oob+0x1c/0x30 [ 17.184467] kunit_try_run_case+0x1a6/0x480 [ 17.184499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.184526] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.184555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.184586] ? __kthread_parkme+0x82/0x160 [ 17.184613] ? preempt_count_sub+0x50/0x80 [ 17.184644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.184671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.184702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.184734] kthread+0x324/0x6e0 [ 17.184759] ? trace_preempt_on+0x20/0xc0 [ 17.184789] ? __pfx_kthread+0x10/0x10 [ 17.184816] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.184844] ? calculate_sigpending+0x7b/0xa0 [ 17.184891] ? __pfx_kthread+0x10/0x10 [ 17.184921] ret_from_fork+0x41/0x80 [ 17.184945] ? __pfx_kthread+0x10/0x10 [ 17.184973] ret_from_fork_asm+0x1a/0x30 [ 17.185015] </TASK> [ 17.185029] [ 17.198408] The buggy address belongs to the physical page: [ 17.198916] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.199765] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.200243] flags: 0x200000000000040(head|node=0|zone=2) [ 17.200784] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.201516] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.202229] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.202782] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.203411] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.204078] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.204742] page dumped because: kasan: bad access detected [ 17.205252] [ 17.205503] Memory state around the buggy address: [ 17.205860] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.206552] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.206905] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.207226] ^ [ 17.207956] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.208701] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.209388] ================================================================== [ 16.847070] ================================================================== [ 16.847707] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 16.849098] Write of size 1 at addr ffff888100394eeb by task kunit_try_catch/164 [ 16.849826] [ 16.850828] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.850955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.850988] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.851041] Call Trace: [ 16.851074] <TASK> [ 16.851118] dump_stack_lvl+0x73/0xb0 [ 16.851195] print_report+0xd1/0x650 [ 16.851239] ? __virt_addr_valid+0x1db/0x2d0 [ 16.851287] ? krealloc_more_oob_helper+0x823/0x930 [ 16.851353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.851406] ? krealloc_more_oob_helper+0x823/0x930 [ 16.851455] kasan_report+0x140/0x180 [ 16.851503] ? krealloc_more_oob_helper+0x823/0x930 [ 16.851558] __asan_report_store1_noabort+0x1b/0x30 [ 16.851607] krealloc_more_oob_helper+0x823/0x930 [ 16.851643] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.851671] ? irqentry_exit+0x2a/0x60 [ 16.851708] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.851747] ? __pfx_krealloc_more_oob+0x10/0x10 [ 16.851779] krealloc_more_oob+0x1c/0x30 [ 16.851805] kunit_try_run_case+0x1a6/0x480 [ 16.851836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.851884] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.851916] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.851945] ? __kthread_parkme+0x82/0x160 [ 16.851974] ? preempt_count_sub+0x50/0x80 [ 16.852006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.852034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.852067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.852099] kthread+0x324/0x6e0 [ 16.852125] ? trace_preempt_on+0x20/0xc0 [ 16.852156] ? __pfx_kthread+0x10/0x10 [ 16.852183] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.852210] ? calculate_sigpending+0x7b/0xa0 [ 16.852238] ? __pfx_kthread+0x10/0x10 [ 16.852266] ret_from_fork+0x41/0x80 [ 16.852291] ? __pfx_kthread+0x10/0x10 [ 16.852328] ret_from_fork_asm+0x1a/0x30 [ 16.852373] </TASK> [ 16.852388] [ 16.867576] Allocated by task 164: [ 16.867811] kasan_save_stack+0x45/0x70 [ 16.868243] kasan_save_track+0x18/0x40 [ 16.869644] kasan_save_alloc_info+0x3b/0x50 [ 16.870325] __kasan_krealloc+0x190/0x1f0 [ 16.871010] krealloc_noprof+0xf3/0x340 [ 16.871367] krealloc_more_oob_helper+0x1aa/0x930 [ 16.872290] krealloc_more_oob+0x1c/0x30 [ 16.873264] kunit_try_run_case+0x1a6/0x480 [ 16.873953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874654] kthread+0x324/0x6e0 [ 16.875248] ret_from_fork+0x41/0x80 [ 16.875942] ret_from_fork_asm+0x1a/0x30 [ 16.876416] [ 16.876808] The buggy address belongs to the object at ffff888100394e00 [ 16.876808] which belongs to the cache kmalloc-256 of size 256 [ 16.878322] The buggy address is located 0 bytes to the right of [ 16.878322] allocated 235-byte region [ffff888100394e00, ffff888100394eeb) [ 16.879349] [ 16.879753] The buggy address belongs to the physical page: [ 16.880188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 16.880854] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.881921] flags: 0x200000000000040(head|node=0|zone=2) [ 16.882171] page_type: f5(slab) [ 16.882812] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.883622] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.884237] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.884978] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.885578] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 16.886185] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.886782] page dumped because: kasan: bad access detected [ 16.887049] [ 16.887225] Memory state around the buggy address: [ 16.887830] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.888291] ffff888100394e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.888930] >ffff888100394e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.889650] ^ [ 16.890192] ffff888100394f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.890688] ffff888100394f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891194] ================================================================== [ 17.210949] ================================================================== [ 17.212149] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 17.212830] Write of size 1 at addr ffff8881022ee0f0 by task kunit_try_catch/168 [ 17.213387] [ 17.213635] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.213739] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.213767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.213824] Call Trace: [ 17.213893] <TASK> [ 17.213937] dump_stack_lvl+0x73/0xb0 [ 17.214015] print_report+0xd1/0x650 [ 17.214056] ? __virt_addr_valid+0x1db/0x2d0 [ 17.214100] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.214142] ? kasan_addr_to_slab+0x11/0xa0 [ 17.214176] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.214216] kasan_report+0x140/0x180 [ 17.214256] ? krealloc_more_oob_helper+0x7ed/0x930 [ 17.214344] __asan_report_store1_noabort+0x1b/0x30 [ 17.214395] krealloc_more_oob_helper+0x7ed/0x930 [ 17.214464] ? __schedule+0xce8/0x2840 [ 17.214524] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 17.214579] ? finish_task_switch.isra.0+0x153/0x700 [ 17.214642] ? __switch_to+0x5d9/0xf60 [ 17.214724] ? __schedule+0xce8/0x2840 [ 17.214776] ? __pfx_read_tsc+0x10/0x10 [ 17.214832] krealloc_large_more_oob+0x1c/0x30 [ 17.214906] kunit_try_run_case+0x1a6/0x480 [ 17.214961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.215014] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.215067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.215132] ? __kthread_parkme+0x82/0x160 [ 17.215207] ? preempt_count_sub+0x50/0x80 [ 17.215274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.215370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.215432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.215483] kthread+0x324/0x6e0 [ 17.215524] ? trace_preempt_on+0x20/0xc0 [ 17.215567] ? __pfx_kthread+0x10/0x10 [ 17.215608] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.215651] ? calculate_sigpending+0x7b/0xa0 [ 17.215688] ? __pfx_kthread+0x10/0x10 [ 17.215730] ret_from_fork+0x41/0x80 [ 17.215756] ? __pfx_kthread+0x10/0x10 [ 17.215783] ret_from_fork_asm+0x1a/0x30 [ 17.215826] </TASK> [ 17.215841] [ 17.228247] The buggy address belongs to the physical page: [ 17.228660] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.229346] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.229881] flags: 0x200000000000040(head|node=0|zone=2) [ 17.230234] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.230924] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.231631] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.232340] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.232881] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.233483] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.234137] page dumped because: kasan: bad access detected [ 17.234520] [ 17.234675] Memory state around the buggy address: [ 17.234950] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.235274] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.235990] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 17.236638] ^ [ 17.237177] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.237860] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.238546] ================================================================== [ 16.892827] ================================================================== [ 16.894592] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 16.895120] Write of size 1 at addr ffff888100394ef0 by task kunit_try_catch/164 [ 16.896002] [ 16.896203] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.896290] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.896313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.896348] Call Trace: [ 16.896383] <TASK> [ 16.896415] dump_stack_lvl+0x73/0xb0 [ 16.896486] print_report+0xd1/0x650 [ 16.896526] ? __virt_addr_valid+0x1db/0x2d0 [ 16.896566] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.896608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.896656] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.897348] kasan_report+0x140/0x180 [ 16.897424] ? krealloc_more_oob_helper+0x7ed/0x930 [ 16.897496] __asan_report_store1_noabort+0x1b/0x30 [ 16.897549] krealloc_more_oob_helper+0x7ed/0x930 [ 16.897601] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.897644] ? irqentry_exit+0x2a/0x60 [ 16.897671] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.897710] ? __pfx_krealloc_more_oob+0x10/0x10 [ 16.897741] krealloc_more_oob+0x1c/0x30 [ 16.897768] kunit_try_run_case+0x1a6/0x480 [ 16.897799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.897824] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.897853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.897913] ? __kthread_parkme+0x82/0x160 [ 16.897957] ? preempt_count_sub+0x50/0x80 [ 16.897990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.898019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.898052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.898083] kthread+0x324/0x6e0 [ 16.898109] ? trace_preempt_on+0x20/0xc0 [ 16.898139] ? __pfx_kthread+0x10/0x10 [ 16.898166] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.898194] ? calculate_sigpending+0x7b/0xa0 [ 16.898221] ? __pfx_kthread+0x10/0x10 [ 16.898248] ret_from_fork+0x41/0x80 [ 16.898273] ? __pfx_kthread+0x10/0x10 [ 16.898301] ret_from_fork_asm+0x1a/0x30 [ 16.898353] </TASK> [ 16.898367] [ 16.911394] Allocated by task 164: [ 16.911643] kasan_save_stack+0x45/0x70 [ 16.911942] kasan_save_track+0x18/0x40 [ 16.912180] kasan_save_alloc_info+0x3b/0x50 [ 16.912433] __kasan_krealloc+0x190/0x1f0 [ 16.912667] krealloc_noprof+0xf3/0x340 [ 16.915010] krealloc_more_oob_helper+0x1aa/0x930 [ 16.916023] krealloc_more_oob+0x1c/0x30 [ 16.917021] kunit_try_run_case+0x1a6/0x480 [ 16.917777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.918751] kthread+0x324/0x6e0 [ 16.919709] ret_from_fork+0x41/0x80 [ 16.920310] ret_from_fork_asm+0x1a/0x30 [ 16.920887] [ 16.921495] The buggy address belongs to the object at ffff888100394e00 [ 16.921495] which belongs to the cache kmalloc-256 of size 256 [ 16.922964] The buggy address is located 5 bytes to the right of [ 16.922964] allocated 235-byte region [ffff888100394e00, ffff888100394eeb) [ 16.924269] [ 16.924576] The buggy address belongs to the physical page: [ 16.925245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 16.925945] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.926736] flags: 0x200000000000040(head|node=0|zone=2) [ 16.927440] page_type: f5(slab) [ 16.927827] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.928268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.928689] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.929239] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.930299] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 16.930973] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.931804] page dumped because: kasan: bad access detected [ 16.932565] [ 16.932759] Memory state around the buggy address: [ 16.933167] ffff888100394d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.934385] ffff888100394e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.935034] >ffff888100394e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.935896] ^ [ 16.937188] ffff888100394f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.938153] ffff888100394f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.938490] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 182.279342] WARNING: CPU: 1 PID: 2515 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 182.280323] Modules linked in: [ 182.281334] CPU: 1 UID: 0 PID: 2515 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 182.282350] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 182.282822] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 182.284282] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 182.284932] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 182.286624] RSP: 0000:ffff888103defc78 EFLAGS: 00010286 [ 182.287141] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 182.287939] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb4612fbc [ 182.288409] RBP: ffff888103defca0 R08: 0000000000000000 R09: ffffed10205c3580 [ 182.289246] R10: ffff888102e1ac07 R11: 0000000000000000 R12: ffffffffb4612fa8 [ 182.289861] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103defd38 [ 182.290052] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 182.290234] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.290380] CR2: 00007ffff7ffe000 CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 182.290763] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608263 [ 182.291843] DR3: ffffffffb6608265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 182.292974] Call Trace: [ 182.293305] <TASK> [ 182.294013] drm_test_rect_calc_vscale+0x109/0x270 [ 182.294437] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 182.294960] ? __schedule+0xce8/0x2840 [ 182.295358] ? __pfx_read_tsc+0x10/0x10 [ 182.295987] ? ktime_get_ts64+0x86/0x230 [ 182.296865] kunit_try_run_case+0x1a6/0x480 [ 182.297230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.297500] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 182.298102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 182.298738] ? __kthread_parkme+0x82/0x160 [ 182.299042] ? preempt_count_sub+0x50/0x80 [ 182.299720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.300198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 182.300662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 182.301871] kthread+0x324/0x6e0 [ 182.302317] ? trace_preempt_on+0x20/0xc0 [ 182.302968] ? __pfx_kthread+0x10/0x10 [ 182.303303] ? _raw_spin_unlock_irq+0x47/0x80 [ 182.304303] ? calculate_sigpending+0x7b/0xa0 [ 182.304686] ? __pfx_kthread+0x10/0x10 [ 182.305839] ret_from_fork+0x41/0x80 [ 182.306183] ? __pfx_kthread+0x10/0x10 [ 182.306776] ret_from_fork_asm+0x1a/0x30 [ 182.307312] </TASK> [ 182.307704] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 182.312490] WARNING: CPU: 1 PID: 2517 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 182.313853] Modules linked in: [ 182.314149] CPU: 1 UID: 0 PID: 2517 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 182.314764] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 182.315488] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 182.316400] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 182.317025] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 182.318393] RSP: 0000:ffff888105c2fc78 EFLAGS: 00010286 [ 182.319023] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 182.320022] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffb4612ff4 [ 182.320700] RBP: ffff888105c2fca0 R08: 0000000000000000 R09: ffffed10205c35c0 [ 182.321376] R10: ffff888102e1ae07 R11: 0000000000000000 R12: ffffffffb4612fe0 [ 182.322672] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105c2fd38 [ 182.323104] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 182.323782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.324375] CR2: 00007ffff7ffe000 CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 182.325102] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608263 [ 182.325942] DR3: ffffffffb6608265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 182.326337] Call Trace: [ 182.327063] <TASK> [ 182.327324] drm_test_rect_calc_vscale+0x109/0x270 [ 182.328305] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 182.328807] ? __schedule+0xce8/0x2840 [ 182.329237] ? __pfx_read_tsc+0x10/0x10 [ 182.329934] ? ktime_get_ts64+0x86/0x230 [ 182.330229] kunit_try_run_case+0x1a6/0x480 [ 182.331129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.331642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 182.332278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 182.332740] ? __kthread_parkme+0x82/0x160 [ 182.333304] ? preempt_count_sub+0x50/0x80 [ 182.333977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.334840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 182.335254] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 182.336179] kthread+0x324/0x6e0 [ 182.336746] ? trace_preempt_on+0x20/0xc0 [ 182.337111] ? __pfx_kthread+0x10/0x10 [ 182.337751] ? _raw_spin_unlock_irq+0x47/0x80 [ 182.338206] ? calculate_sigpending+0x7b/0xa0 [ 182.338586] ? __pfx_kthread+0x10/0x10 [ 182.339281] ret_from_fork+0x41/0x80 [ 182.340014] ? __pfx_kthread+0x10/0x10 [ 182.340388] ret_from_fork_asm+0x1a/0x30 [ 182.341214] </TASK> [ 182.341318] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 182.220280] WARNING: CPU: 0 PID: 2505 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 182.222212] Modules linked in: [ 182.222473] CPU: 0 UID: 0 PID: 2505 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 182.223706] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 182.224117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 182.225175] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 182.225922] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b 72 16 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 182.227335] RSP: 0000:ffff888105c27c78 EFLAGS: 00010286 [ 182.228151] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 182.228867] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb4612ff8 [ 182.229288] RBP: ffff888105c27ca0 R08: 0000000000000000 R09: ffffed1020bd7800 [ 182.230276] R10: ffff888105ebc007 R11: 0000000000000000 R12: ffffffffb4612fe0 [ 182.231548] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105c27d38 [ 182.231960] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 182.232366] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.232765] CR2: ffffffffffffffff CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 182.233230] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608262 [ 182.233779] DR3: ffffffffb6608263 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 182.234764] Call Trace: [ 182.235150] <TASK> [ 182.235447] drm_test_rect_calc_hscale+0x109/0x270 [ 182.236081] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 182.236918] ? __pfx_read_tsc+0x10/0x10 [ 182.237670] ? ktime_get_ts64+0x86/0x230 [ 182.238057] kunit_try_run_case+0x1a6/0x480 [ 182.238683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.239224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 182.239752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 182.240335] ? __kthread_parkme+0x82/0x160 [ 182.241003] ? preempt_count_sub+0x50/0x80 [ 182.241333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.242050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 182.242832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 182.243240] kthread+0x324/0x6e0 [ 182.243803] ? trace_preempt_on+0x20/0xc0 [ 182.244270] ? __pfx_kthread+0x10/0x10 [ 182.244669] ? _raw_spin_unlock_irq+0x47/0x80 [ 182.245220] ? calculate_sigpending+0x7b/0xa0 [ 182.246059] ? __pfx_kthread+0x10/0x10 [ 182.246390] ret_from_fork+0x41/0x80 [ 182.247067] ? __pfx_kthread+0x10/0x10 [ 182.247928] ret_from_fork_asm+0x1a/0x30 [ 182.248343] </TASK> [ 182.248869] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 182.186276] WARNING: CPU: 0 PID: 2503 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 182.187708] Modules linked in: [ 182.188298] CPU: 0 UID: 0 PID: 2503 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 182.189516] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 182.190406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 182.191688] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 182.192076] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b 72 16 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 182.193699] RSP: 0000:ffff888105ed7c78 EFLAGS: 00010286 [ 182.193973] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 182.194893] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffb4612fc0 [ 182.195404] RBP: ffff888105ed7ca0 R08: 0000000000000000 R09: ffffed1020b34fc0 [ 182.196201] R10: ffff8881059a7e07 R11: 0000000000000058 R12: ffffffffb4612fa8 [ 182.197160] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105ed7d38 [ 182.197928] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 182.199042] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 182.199426] CR2: ffffffffffffffff CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 182.200130] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608262 [ 182.201167] DR3: ffffffffb6608263 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 182.201784] Call Trace: [ 182.202135] <TASK> [ 182.202275] drm_test_rect_calc_hscale+0x109/0x270 [ 182.202575] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 182.203190] ? __schedule+0xce8/0x2840 [ 182.203815] ? __pfx_read_tsc+0x10/0x10 [ 182.204308] ? ktime_get_ts64+0x86/0x230 [ 182.204937] kunit_try_run_case+0x1a6/0x480 [ 182.205551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.206148] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 182.206880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 182.207445] ? __kthread_parkme+0x82/0x160 [ 182.207829] ? preempt_count_sub+0x50/0x80 [ 182.208108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 182.208532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 182.209662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 182.210137] kthread+0x324/0x6e0 [ 182.210510] ? trace_preempt_on+0x20/0xc0 [ 182.211004] ? __pfx_kthread+0x10/0x10 [ 182.211391] ? _raw_spin_unlock_irq+0x47/0x80 [ 182.212068] ? calculate_sigpending+0x7b/0xa0 [ 182.212430] ? __pfx_kthread+0x10/0x10 [ 182.212775] ret_from_fork+0x41/0x80 [ 182.213204] ? __pfx_kthread+0x10/0x10 [ 182.213495] ret_from_fork_asm+0x1a/0x30 [ 182.214352] </TASK> [ 182.214651] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 180.744800] WARNING: CPU: 0 PID: 2301 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 180.745472] Modules linked in: [ 180.746020] CPU: 0 UID: 0 PID: 2301 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 180.746800] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 180.747401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.748268] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 180.749066] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 180.751288] RSP: 0000:ffff888105307b30 EFLAGS: 00010246 [ 180.751994] RAX: dffffc0000000000 RBX: ffff888105307c28 RCX: 0000000000000000 [ 180.752599] RDX: 1ffff11020a60f8e RSI: ffff888105307c28 RDI: ffff888105307c70 [ 180.752932] RBP: ffff888105307b70 R08: ffff8881055c0000 R09: ffffffffb45bb1e0 [ 180.753535] R10: 0000000000000003 R11: 00000000216473de R12: ffff8881055c0000 [ 180.754458] R13: ffff888100317ae8 R14: ffff888105307ba8 R15: 0000000000000000 [ 180.755001] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 180.755827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.756313] CR2: ffffffffffffffff CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 180.756909] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608262 [ 180.757406] DR3: ffffffffb6608263 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.757999] Call Trace: [ 180.758595] <TASK> [ 180.758871] ? add_dr+0xc1/0x1d0 [ 180.759251] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 180.759987] ? add_dr+0x148/0x1d0 [ 180.760388] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 180.761138] ? __drmm_add_action+0x1a4/0x280 [ 180.761793] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.762281] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.762967] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.763577] ? __schedule+0xce8/0x2840 [ 180.764177] ? __pfx_read_tsc+0x10/0x10 [ 180.764813] ? ktime_get_ts64+0x86/0x230 [ 180.765190] kunit_try_run_case+0x1a6/0x480 [ 180.765670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.766340] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 180.766961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 180.767822] ? __kthread_parkme+0x82/0x160 [ 180.768164] ? preempt_count_sub+0x50/0x80 [ 180.768637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.769039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 180.769435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.770040] kthread+0x324/0x6e0 [ 180.770445] ? trace_preempt_on+0x20/0xc0 [ 180.772069] ? __pfx_kthread+0x10/0x10 [ 180.772507] ? _raw_spin_unlock_irq+0x47/0x80 [ 180.773185] ? calculate_sigpending+0x7b/0xa0 [ 180.773912] ? __pfx_kthread+0x10/0x10 [ 180.774200] ret_from_fork+0x41/0x80 [ 180.775083] ? __pfx_kthread+0x10/0x10 [ 180.775408] ret_from_fork_asm+0x1a/0x30 [ 180.776024] </TASK> [ 180.776400] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.233151] ================================================================== [ 20.234186] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 20.234994] Read of size 1 at addr ffff888102bd9550 by task kunit_try_catch/267 [ 20.235490] [ 20.235800] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.235920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.235952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.236002] Call Trace: [ 20.236043] <TASK> [ 20.236085] dump_stack_lvl+0x73/0xb0 [ 20.236157] print_report+0xd1/0x650 [ 20.236207] ? __virt_addr_valid+0x1db/0x2d0 [ 20.236258] ? kasan_strings+0xa0c/0xb60 [ 20.236308] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.236369] ? kasan_strings+0xa0c/0xb60 [ 20.236426] kasan_report+0x140/0x180 [ 20.236488] ? kasan_strings+0xa0c/0xb60 [ 20.236555] __asan_report_load1_noabort+0x18/0x20 [ 20.236617] kasan_strings+0xa0c/0xb60 [ 20.236668] ? __pfx_kasan_strings+0x10/0x10 [ 20.236702] ? __schedule+0xce8/0x2840 [ 20.236734] ? __pfx_read_tsc+0x10/0x10 [ 20.236763] ? ktime_get_ts64+0x86/0x230 [ 20.236796] kunit_try_run_case+0x1a6/0x480 [ 20.236828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.236877] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.236909] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.236939] ? __kthread_parkme+0x82/0x160 [ 20.236968] ? preempt_count_sub+0x50/0x80 [ 20.237001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.237030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.237063] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.237103] kthread+0x324/0x6e0 [ 20.237138] ? trace_preempt_on+0x20/0xc0 [ 20.237168] ? __pfx_kthread+0x10/0x10 [ 20.237196] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.237224] ? calculate_sigpending+0x7b/0xa0 [ 20.237252] ? __pfx_kthread+0x10/0x10 [ 20.237281] ret_from_fork+0x41/0x80 [ 20.237313] ? __pfx_kthread+0x10/0x10 [ 20.237349] ret_from_fork_asm+0x1a/0x30 [ 20.237389] </TASK> [ 20.237403] [ 20.252095] Allocated by task 267: [ 20.252806] kasan_save_stack+0x45/0x70 [ 20.253140] kasan_save_track+0x18/0x40 [ 20.253551] kasan_save_alloc_info+0x3b/0x50 [ 20.254105] __kasan_kmalloc+0xb7/0xc0 [ 20.254484] __kmalloc_cache_noprof+0x18a/0x420 [ 20.254806] kasan_strings+0xb9/0xb60 [ 20.255070] kunit_try_run_case+0x1a6/0x480 [ 20.255875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.256693] kthread+0x324/0x6e0 [ 20.256936] ret_from_fork+0x41/0x80 [ 20.257254] ret_from_fork_asm+0x1a/0x30 [ 20.257664] [ 20.257809] Freed by task 267: [ 20.258110] kasan_save_stack+0x45/0x70 [ 20.258410] kasan_save_track+0x18/0x40 [ 20.259034] kasan_save_free_info+0x3f/0x60 [ 20.259597] __kasan_slab_free+0x56/0x70 [ 20.260038] kfree+0x224/0x3f0 [ 20.260286] kasan_strings+0x13c/0xb60 [ 20.260551] kunit_try_run_case+0x1a6/0x480 [ 20.260822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.261335] kthread+0x324/0x6e0 [ 20.261893] ret_from_fork+0x41/0x80 [ 20.262268] ret_from_fork_asm+0x1a/0x30 [ 20.262560] [ 20.262694] The buggy address belongs to the object at ffff888102bd9540 [ 20.262694] which belongs to the cache kmalloc-32 of size 32 [ 20.263376] The buggy address is located 16 bytes inside of [ 20.263376] freed 32-byte region [ffff888102bd9540, ffff888102bd9560) [ 20.265028] [ 20.265635] The buggy address belongs to the physical page: [ 20.266100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd9 [ 20.266650] flags: 0x200000000000000(node=0|zone=2) [ 20.267123] page_type: f5(slab) [ 20.267413] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.267975] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.268492] page dumped because: kasan: bad access detected [ 20.268936] [ 20.269137] Memory state around the buggy address: [ 20.269596] ffff888102bd9400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.270062] ffff888102bd9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.270530] >ffff888102bd9500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.270944] ^ [ 20.271493] ffff888102bd9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.271959] ffff888102bd9600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.272476] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.191011] ================================================================== [ 20.192488] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 20.193103] Read of size 1 at addr ffff888102bd9550 by task kunit_try_catch/267 [ 20.193735] [ 20.194224] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.194342] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.194376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.194424] Call Trace: [ 20.194456] <TASK> [ 20.194499] dump_stack_lvl+0x73/0xb0 [ 20.194566] print_report+0xd1/0x650 [ 20.194630] ? __virt_addr_valid+0x1db/0x2d0 [ 20.194687] ? strcmp+0xb0/0xc0 [ 20.194732] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.194788] ? strcmp+0xb0/0xc0 [ 20.194817] kasan_report+0x140/0x180 [ 20.194847] ? strcmp+0xb0/0xc0 [ 20.194901] __asan_report_load1_noabort+0x18/0x20 [ 20.194934] strcmp+0xb0/0xc0 [ 20.194960] kasan_strings+0x2d3/0xb60 [ 20.194986] ? __pfx_kasan_strings+0x10/0x10 [ 20.195014] ? __schedule+0xce8/0x2840 [ 20.195045] ? __pfx_read_tsc+0x10/0x10 [ 20.195073] ? ktime_get_ts64+0x86/0x230 [ 20.195106] kunit_try_run_case+0x1a6/0x480 [ 20.195136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.195162] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.195192] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.195221] ? __kthread_parkme+0x82/0x160 [ 20.195249] ? preempt_count_sub+0x50/0x80 [ 20.195280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.195323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.195358] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.195390] kthread+0x324/0x6e0 [ 20.195416] ? trace_preempt_on+0x20/0xc0 [ 20.195447] ? __pfx_kthread+0x10/0x10 [ 20.195474] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.195502] ? calculate_sigpending+0x7b/0xa0 [ 20.195530] ? __pfx_kthread+0x10/0x10 [ 20.195558] ret_from_fork+0x41/0x80 [ 20.195582] ? __pfx_kthread+0x10/0x10 [ 20.195610] ret_from_fork_asm+0x1a/0x30 [ 20.195649] </TASK> [ 20.195664] [ 20.210128] Allocated by task 267: [ 20.210494] kasan_save_stack+0x45/0x70 [ 20.210901] kasan_save_track+0x18/0x40 [ 20.211230] kasan_save_alloc_info+0x3b/0x50 [ 20.212045] __kasan_kmalloc+0xb7/0xc0 [ 20.212322] __kmalloc_cache_noprof+0x18a/0x420 [ 20.212591] kasan_strings+0xb9/0xb60 [ 20.212944] kunit_try_run_case+0x1a6/0x480 [ 20.213367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.213895] kthread+0x324/0x6e0 [ 20.214135] ret_from_fork+0x41/0x80 [ 20.214448] ret_from_fork_asm+0x1a/0x30 [ 20.215032] [ 20.215334] Freed by task 267: [ 20.215735] kasan_save_stack+0x45/0x70 [ 20.216210] kasan_save_track+0x18/0x40 [ 20.216690] kasan_save_free_info+0x3f/0x60 [ 20.217189] __kasan_slab_free+0x56/0x70 [ 20.217432] kfree+0x224/0x3f0 [ 20.217841] kasan_strings+0x13c/0xb60 [ 20.218340] kunit_try_run_case+0x1a6/0x480 [ 20.218796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.219134] kthread+0x324/0x6e0 [ 20.219593] ret_from_fork+0x41/0x80 [ 20.220024] ret_from_fork_asm+0x1a/0x30 [ 20.220457] [ 20.220897] The buggy address belongs to the object at ffff888102bd9540 [ 20.220897] which belongs to the cache kmalloc-32 of size 32 [ 20.221742] The buggy address is located 16 bytes inside of [ 20.221742] freed 32-byte region [ffff888102bd9540, ffff888102bd9560) [ 20.222567] [ 20.222746] The buggy address belongs to the physical page: [ 20.223040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd9 [ 20.223951] flags: 0x200000000000000(node=0|zone=2) [ 20.224933] page_type: f5(slab) [ 20.225464] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.225917] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.226504] page dumped because: kasan: bad access detected [ 20.227088] [ 20.227493] Memory state around the buggy address: [ 20.227897] ffff888102bd9400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.228216] ffff888102bd9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.228883] >ffff888102bd9500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.229427] ^ [ 20.230291] ffff888102bd9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.230804] ffff888102bd9600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.231329] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.146200] ================================================================== [ 20.147066] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 20.147807] Read of size 1 at addr ffff888102bd9498 by task kunit_try_catch/265 [ 20.148785] [ 20.149049] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.149111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.149129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.149155] Call Trace: [ 20.149173] <TASK> [ 20.149196] dump_stack_lvl+0x73/0xb0 [ 20.149236] print_report+0xd1/0x650 [ 20.149268] ? __virt_addr_valid+0x1db/0x2d0 [ 20.149302] ? memcmp+0x1b4/0x1d0 [ 20.149345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.149405] ? memcmp+0x1b4/0x1d0 [ 20.149455] kasan_report+0x140/0x180 [ 20.149509] ? memcmp+0x1b4/0x1d0 [ 20.149564] __asan_report_load1_noabort+0x18/0x20 [ 20.149621] memcmp+0x1b4/0x1d0 [ 20.149675] kasan_memcmp+0x190/0x390 [ 20.149726] ? trace_hardirqs_on+0x37/0xe0 [ 20.149773] ? __pfx_kasan_memcmp+0x10/0x10 [ 20.149817] ? finish_task_switch.isra.0+0x153/0x700 [ 20.149851] ? __switch_to+0x5d9/0xf60 [ 20.149912] ? __pfx_read_tsc+0x10/0x10 [ 20.149941] ? ktime_get_ts64+0x86/0x230 [ 20.149974] kunit_try_run_case+0x1a6/0x480 [ 20.150006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.150033] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.150066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.150094] ? __kthread_parkme+0x82/0x160 [ 20.150123] ? preempt_count_sub+0x50/0x80 [ 20.150152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.150181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.150214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.150246] kthread+0x324/0x6e0 [ 20.150273] ? trace_preempt_on+0x20/0xc0 [ 20.150309] ? __pfx_kthread+0x10/0x10 [ 20.150347] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.150378] ? calculate_sigpending+0x7b/0xa0 [ 20.150436] ? __pfx_kthread+0x10/0x10 [ 20.150466] ret_from_fork+0x41/0x80 [ 20.150491] ? __pfx_kthread+0x10/0x10 [ 20.150520] ret_from_fork_asm+0x1a/0x30 [ 20.150560] </TASK> [ 20.150576] [ 20.166584] Allocated by task 265: [ 20.167204] kasan_save_stack+0x45/0x70 [ 20.167797] kasan_save_track+0x18/0x40 [ 20.168277] kasan_save_alloc_info+0x3b/0x50 [ 20.168746] __kasan_kmalloc+0xb7/0xc0 [ 20.168985] __kmalloc_cache_noprof+0x18a/0x420 [ 20.169172] kasan_memcmp+0xb8/0x390 [ 20.169335] kunit_try_run_case+0x1a6/0x480 [ 20.169617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.170478] kthread+0x324/0x6e0 [ 20.170921] ret_from_fork+0x41/0x80 [ 20.171331] ret_from_fork_asm+0x1a/0x30 [ 20.171788] [ 20.172047] The buggy address belongs to the object at ffff888102bd9480 [ 20.172047] which belongs to the cache kmalloc-32 of size 32 [ 20.173003] The buggy address is located 0 bytes to the right of [ 20.173003] allocated 24-byte region [ffff888102bd9480, ffff888102bd9498) [ 20.173881] [ 20.174104] The buggy address belongs to the physical page: [ 20.174593] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd9 [ 20.175050] flags: 0x200000000000000(node=0|zone=2) [ 20.175595] page_type: f5(slab) [ 20.175986] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.176549] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.177009] page dumped because: kasan: bad access detected [ 20.177476] [ 20.177691] Memory state around the buggy address: [ 20.178173] ffff888102bd9380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.178840] ffff888102bd9400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.179339] >ffff888102bd9480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.179908] ^ [ 20.180151] ffff888102bd9500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.180767] ffff888102bd9580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.181399] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.370990] ================================================================== [ 18.371547] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 18.372149] Read of size 1 at addr ffff8881024bff78 by task kunit_try_catch/204 [ 18.372636] [ 18.373421] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.373539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.373619] Call Trace: [ 18.373655] <TASK> [ 18.373698] dump_stack_lvl+0x73/0xb0 [ 18.373782] print_report+0xd1/0x650 [ 18.373841] ? __virt_addr_valid+0x1db/0x2d0 [ 18.373913] ? ksize_uaf+0x5e6/0x6c0 [ 18.373957] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.374017] ? ksize_uaf+0x5e6/0x6c0 [ 18.374066] kasan_report+0x140/0x180 [ 18.374144] ? ksize_uaf+0x5e6/0x6c0 [ 18.374206] __asan_report_load1_noabort+0x18/0x20 [ 18.374278] ksize_uaf+0x5e6/0x6c0 [ 18.374325] ? __pfx_ksize_uaf+0x10/0x10 [ 18.374374] ? __pfx_ksize_uaf+0x10/0x10 [ 18.374429] kunit_try_run_case+0x1a6/0x480 [ 18.374492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.374546] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.374608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.374644] ? __kthread_parkme+0x82/0x160 [ 18.374675] ? preempt_count_sub+0x50/0x80 [ 18.374706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.374735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.374768] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.374799] kthread+0x324/0x6e0 [ 18.374826] ? trace_preempt_on+0x20/0xc0 [ 18.374855] ? __pfx_kthread+0x10/0x10 [ 18.374907] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.374936] ? calculate_sigpending+0x7b/0xa0 [ 18.374964] ? __pfx_kthread+0x10/0x10 [ 18.374992] ret_from_fork+0x41/0x80 [ 18.375017] ? __pfx_kthread+0x10/0x10 [ 18.375044] ret_from_fork_asm+0x1a/0x30 [ 18.375084] </TASK> [ 18.375098] [ 18.386216] Allocated by task 204: [ 18.386793] kasan_save_stack+0x45/0x70 [ 18.387258] kasan_save_track+0x18/0x40 [ 18.387773] kasan_save_alloc_info+0x3b/0x50 [ 18.388282] __kasan_kmalloc+0xb7/0xc0 [ 18.388649] __kmalloc_cache_noprof+0x18a/0x420 [ 18.388937] ksize_uaf+0xab/0x6c0 [ 18.389405] kunit_try_run_case+0x1a6/0x480 [ 18.389896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.390407] kthread+0x324/0x6e0 [ 18.390741] ret_from_fork+0x41/0x80 [ 18.391032] ret_from_fork_asm+0x1a/0x30 [ 18.391480] [ 18.391628] Freed by task 204: [ 18.391839] kasan_save_stack+0x45/0x70 [ 18.392247] kasan_save_track+0x18/0x40 [ 18.392742] kasan_save_free_info+0x3f/0x60 [ 18.393242] __kasan_slab_free+0x56/0x70 [ 18.393719] kfree+0x224/0x3f0 [ 18.394120] ksize_uaf+0x12d/0x6c0 [ 18.394480] kunit_try_run_case+0x1a6/0x480 [ 18.394987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.395404] kthread+0x324/0x6e0 [ 18.395845] ret_from_fork+0x41/0x80 [ 18.396162] ret_from_fork_asm+0x1a/0x30 [ 18.396615] [ 18.396762] The buggy address belongs to the object at ffff8881024bff00 [ 18.396762] which belongs to the cache kmalloc-128 of size 128 [ 18.397298] The buggy address is located 120 bytes inside of [ 18.397298] freed 128-byte region [ffff8881024bff00, ffff8881024bff80) [ 18.397796] [ 18.398001] The buggy address belongs to the physical page: [ 18.398482] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 18.399167] flags: 0x200000000000000(node=0|zone=2) [ 18.400124] page_type: f5(slab) [ 18.400810] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.401997] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.402347] page dumped because: kasan: bad access detected [ 18.402613] [ 18.402747] Memory state around the buggy address: [ 18.402987] ffff8881024bfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.403162] ffff8881024bfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.403352] >ffff8881024bff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.403969] ^ [ 18.405271] ffff8881024bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.405925] ffff8881024c0000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.406668] ================================================================== [ 18.328655] ================================================================== [ 18.329216] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 18.329850] Read of size 1 at addr ffff8881024bff00 by task kunit_try_catch/204 [ 18.330197] [ 18.330433] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.330540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.330571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.330614] Call Trace: [ 18.330652] <TASK> [ 18.330687] dump_stack_lvl+0x73/0xb0 [ 18.330754] print_report+0xd1/0x650 [ 18.330796] ? __virt_addr_valid+0x1db/0x2d0 [ 18.330839] ? ksize_uaf+0x600/0x6c0 [ 18.330892] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.330944] ? ksize_uaf+0x600/0x6c0 [ 18.330987] kasan_report+0x140/0x180 [ 18.331029] ? ksize_uaf+0x600/0x6c0 [ 18.331080] __asan_report_load1_noabort+0x18/0x20 [ 18.331136] ksize_uaf+0x600/0x6c0 [ 18.331183] ? __pfx_ksize_uaf+0x10/0x10 [ 18.331232] ? __pfx_ksize_uaf+0x10/0x10 [ 18.331282] kunit_try_run_case+0x1a6/0x480 [ 18.331376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.331455] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.331523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.331584] ? __kthread_parkme+0x82/0x160 [ 18.331643] ? preempt_count_sub+0x50/0x80 [ 18.331713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.331772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.331831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.331908] kthread+0x324/0x6e0 [ 18.331957] ? trace_preempt_on+0x20/0xc0 [ 18.332009] ? __pfx_kthread+0x10/0x10 [ 18.332053] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.332097] ? calculate_sigpending+0x7b/0xa0 [ 18.332136] ? __pfx_kthread+0x10/0x10 [ 18.332179] ret_from_fork+0x41/0x80 [ 18.332219] ? __pfx_kthread+0x10/0x10 [ 18.332267] ret_from_fork_asm+0x1a/0x30 [ 18.332376] </TASK> [ 18.332404] [ 18.342329] Allocated by task 204: [ 18.342762] kasan_save_stack+0x45/0x70 [ 18.343206] kasan_save_track+0x18/0x40 [ 18.343619] kasan_save_alloc_info+0x3b/0x50 [ 18.343987] __kasan_kmalloc+0xb7/0xc0 [ 18.344390] __kmalloc_cache_noprof+0x18a/0x420 [ 18.344853] ksize_uaf+0xab/0x6c0 [ 18.345099] kunit_try_run_case+0x1a6/0x480 [ 18.345521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.346018] kthread+0x324/0x6e0 [ 18.346277] ret_from_fork+0x41/0x80 [ 18.346598] ret_from_fork_asm+0x1a/0x30 [ 18.347007] [ 18.347167] Freed by task 204: [ 18.347538] kasan_save_stack+0x45/0x70 [ 18.347795] kasan_save_track+0x18/0x40 [ 18.348200] kasan_save_free_info+0x3f/0x60 [ 18.348658] __kasan_slab_free+0x56/0x70 [ 18.349036] kfree+0x224/0x3f0 [ 18.349324] ksize_uaf+0x12d/0x6c0 [ 18.349597] kunit_try_run_case+0x1a6/0x480 [ 18.349959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.350257] kthread+0x324/0x6e0 [ 18.350521] ret_from_fork+0x41/0x80 [ 18.350743] ret_from_fork_asm+0x1a/0x30 [ 18.351113] [ 18.351367] The buggy address belongs to the object at ffff8881024bff00 [ 18.351367] which belongs to the cache kmalloc-128 of size 128 [ 18.352622] The buggy address is located 0 bytes inside of [ 18.352622] freed 128-byte region [ffff8881024bff00, ffff8881024bff80) [ 18.354955] [ 18.355186] The buggy address belongs to the physical page: [ 18.356105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 18.357194] flags: 0x200000000000000(node=0|zone=2) [ 18.359595] page_type: f5(slab) [ 18.360219] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.360844] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.361278] page dumped because: kasan: bad access detected [ 18.361602] [ 18.362988] Memory state around the buggy address: [ 18.363883] ffff8881024bfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.365394] ffff8881024bfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.366107] >ffff8881024bff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.366802] ^ [ 18.367036] ffff8881024bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.368403] ffff8881024c0000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.369170] ================================================================== [ 18.284933] ================================================================== [ 18.285611] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 18.286677] Read of size 1 at addr ffff8881024bff00 by task kunit_try_catch/204 [ 18.287241] [ 18.288053] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.288152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.288183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.288233] Call Trace: [ 18.288570] <TASK> [ 18.288628] dump_stack_lvl+0x73/0xb0 [ 18.288706] print_report+0xd1/0x650 [ 18.288749] ? __virt_addr_valid+0x1db/0x2d0 [ 18.288795] ? ksize_uaf+0x19e/0x6c0 [ 18.288833] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.288900] ? ksize_uaf+0x19e/0x6c0 [ 18.288940] kasan_report+0x140/0x180 [ 18.288988] ? ksize_uaf+0x19e/0x6c0 [ 18.289042] ? ksize_uaf+0x19e/0x6c0 [ 18.289124] __kasan_check_byte+0x3d/0x50 [ 18.289177] ksize+0x20/0x60 [ 18.289223] ksize_uaf+0x19e/0x6c0 [ 18.289270] ? __pfx_ksize_uaf+0x10/0x10 [ 18.289324] ? __pfx_ksize_uaf+0x10/0x10 [ 18.289374] kunit_try_run_case+0x1a6/0x480 [ 18.289434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.289481] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.289534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.289577] ? __kthread_parkme+0x82/0x160 [ 18.289619] ? preempt_count_sub+0x50/0x80 [ 18.289667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.289698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.289732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.289764] kthread+0x324/0x6e0 [ 18.289792] ? trace_preempt_on+0x20/0xc0 [ 18.289823] ? __pfx_kthread+0x10/0x10 [ 18.289851] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.289903] ? calculate_sigpending+0x7b/0xa0 [ 18.289931] ? __pfx_kthread+0x10/0x10 [ 18.289959] ret_from_fork+0x41/0x80 [ 18.289985] ? __pfx_kthread+0x10/0x10 [ 18.290013] ret_from_fork_asm+0x1a/0x30 [ 18.290053] </TASK> [ 18.290069] [ 18.305774] Allocated by task 204: [ 18.306217] kasan_save_stack+0x45/0x70 [ 18.307352] kasan_save_track+0x18/0x40 [ 18.308075] kasan_save_alloc_info+0x3b/0x50 [ 18.308785] __kasan_kmalloc+0xb7/0xc0 [ 18.309172] __kmalloc_cache_noprof+0x18a/0x420 [ 18.309669] ksize_uaf+0xab/0x6c0 [ 18.310024] kunit_try_run_case+0x1a6/0x480 [ 18.310382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.310807] kthread+0x324/0x6e0 [ 18.311079] ret_from_fork+0x41/0x80 [ 18.311259] ret_from_fork_asm+0x1a/0x30 [ 18.311532] [ 18.311740] Freed by task 204: [ 18.312257] kasan_save_stack+0x45/0x70 [ 18.312661] kasan_save_track+0x18/0x40 [ 18.313057] kasan_save_free_info+0x3f/0x60 [ 18.313387] __kasan_slab_free+0x56/0x70 [ 18.313683] kfree+0x224/0x3f0 [ 18.314027] ksize_uaf+0x12d/0x6c0 [ 18.314525] kunit_try_run_case+0x1a6/0x480 [ 18.314823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.315156] kthread+0x324/0x6e0 [ 18.315499] ret_from_fork+0x41/0x80 [ 18.315814] ret_from_fork_asm+0x1a/0x30 [ 18.316079] [ 18.316227] The buggy address belongs to the object at ffff8881024bff00 [ 18.316227] which belongs to the cache kmalloc-128 of size 128 [ 18.316955] The buggy address is located 0 bytes inside of [ 18.316955] freed 128-byte region [ffff8881024bff00, ffff8881024bff80) [ 18.317988] [ 18.318130] The buggy address belongs to the physical page: [ 18.318445] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 18.318815] flags: 0x200000000000000(node=0|zone=2) [ 18.319260] page_type: f5(slab) [ 18.319614] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.320225] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.320824] page dumped because: kasan: bad access detected [ 18.321127] [ 18.321265] Memory state around the buggy address: [ 18.322699] ffff8881024bfe00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.323333] ffff8881024bfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.324728] >ffff8881024bff00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.325905] ^ [ 18.326727] ffff8881024bff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.327293] ffff8881024c0000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.327609] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 16.460027] ================================================================== [ 16.460744] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 16.462431] Read of size 1 at addr ffff8881024b00df by task kunit_try_catch/146 [ 16.463846] [ 16.464123] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.464193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.464216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.464261] Call Trace: [ 16.464301] <TASK> [ 16.464344] dump_stack_lvl+0x73/0xb0 [ 16.464496] print_report+0xd1/0x650 [ 16.464554] ? __virt_addr_valid+0x1db/0x2d0 [ 16.464612] ? kmalloc_oob_left+0x363/0x3c0 [ 16.464647] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.464691] ? kmalloc_oob_left+0x363/0x3c0 [ 16.464730] kasan_report+0x140/0x180 [ 16.464769] ? kmalloc_oob_left+0x363/0x3c0 [ 16.464812] __asan_report_load1_noabort+0x18/0x20 [ 16.464855] kmalloc_oob_left+0x363/0x3c0 [ 16.464911] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 16.464950] ? __schedule+0xce8/0x2840 [ 16.464997] ? __pfx_read_tsc+0x10/0x10 [ 16.465038] ? ktime_get_ts64+0x86/0x230 [ 16.465086] kunit_try_run_case+0x1a6/0x480 [ 16.465136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.465179] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.465238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.465297] ? __kthread_parkme+0x82/0x160 [ 16.465368] ? preempt_count_sub+0x50/0x80 [ 16.465417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.465466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.465521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.465568] kthread+0x324/0x6e0 [ 16.465598] ? trace_preempt_on+0x20/0xc0 [ 16.465631] ? __pfx_kthread+0x10/0x10 [ 16.465659] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.465687] ? calculate_sigpending+0x7b/0xa0 [ 16.465715] ? __pfx_kthread+0x10/0x10 [ 16.465743] ret_from_fork+0x41/0x80 [ 16.465767] ? __pfx_kthread+0x10/0x10 [ 16.465795] ret_from_fork_asm+0x1a/0x30 [ 16.465836] </TASK> [ 16.465852] [ 16.481479] Allocated by task 1: [ 16.481860] kasan_save_stack+0x45/0x70 [ 16.482239] kasan_save_track+0x18/0x40 [ 16.483621] kasan_save_alloc_info+0x3b/0x50 [ 16.484089] __kasan_kmalloc+0xb7/0xc0 [ 16.484639] __kmalloc_noprof+0x1ca/0x500 [ 16.485063] kobject_get_path+0xa7/0x1f0 [ 16.485640] kobject_uevent_env+0x1f9/0xff0 [ 16.486081] kobject_uevent+0xf/0x20 [ 16.486854] param_sysfs_builtin_init+0x28c/0x3a0 [ 16.487532] do_one_initcall+0xd9/0x370 [ 16.487855] kernel_init_freeable+0x425/0x6f0 [ 16.488186] kernel_init+0x23/0x1e0 [ 16.488546] ret_from_fork+0x41/0x80 [ 16.489067] ret_from_fork_asm+0x1a/0x30 [ 16.489640] [ 16.489928] Freed by task 1: [ 16.490235] kasan_save_stack+0x45/0x70 [ 16.491264] kasan_save_track+0x18/0x40 [ 16.491845] kasan_save_free_info+0x3f/0x60 [ 16.492227] __kasan_slab_free+0x56/0x70 [ 16.492671] kfree+0x224/0x3f0 [ 16.493034] kobject_uevent_env+0x233/0xff0 [ 16.493483] kobject_uevent+0xf/0x20 [ 16.493845] param_sysfs_builtin_init+0x28c/0x3a0 [ 16.494183] do_one_initcall+0xd9/0x370 [ 16.494468] kernel_init_freeable+0x425/0x6f0 [ 16.494791] kernel_init+0x23/0x1e0 [ 16.495093] ret_from_fork+0x41/0x80 [ 16.495387] ret_from_fork_asm+0x1a/0x30 [ 16.495742] [ 16.496917] The buggy address belongs to the object at ffff8881024b00c0 [ 16.496917] which belongs to the cache kmalloc-16 of size 16 [ 16.497728] The buggy address is located 15 bytes to the right of [ 16.497728] allocated 16-byte region [ffff8881024b00c0, ffff8881024b00d0) [ 16.498737] [ 16.498959] The buggy address belongs to the physical page: [ 16.499286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 16.500730] flags: 0x200000000000000(node=0|zone=2) [ 16.501201] page_type: f5(slab) [ 16.501527] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.502105] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.502762] page dumped because: kasan: bad access detected [ 16.503601] [ 16.503753] Memory state around the buggy address: [ 16.504026] ffff8881024aff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.504526] ffff8881024b0000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.505899] >ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc 00 07 fc fc [ 16.506427] ^ [ 16.506933] ffff8881024b0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.507357] ffff8881024b0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.508107] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 16.341372] ================================================================== [ 16.342469] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 16.343639] Write of size 1 at addr ffff888102971a73 by task kunit_try_catch/144 [ 16.344305] [ 16.345959] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.14.11-rc1 #1 [ 16.346379] Tainted: [N]=TEST [ 16.346415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.346709] Call Trace: [ 16.346807] <TASK> [ 16.347020] dump_stack_lvl+0x73/0xb0 [ 16.347186] print_report+0xd1/0x650 [ 16.347228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.347261] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.347289] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.347332] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.347364] kasan_report+0x140/0x180 [ 16.347393] ? kmalloc_oob_right+0x6f2/0x7f0 [ 16.347425] __asan_report_store1_noabort+0x1b/0x30 [ 16.347454] kmalloc_oob_right+0x6f2/0x7f0 [ 16.347481] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.347508] ? __schedule+0xce8/0x2840 [ 16.347539] ? __pfx_read_tsc+0x10/0x10 [ 16.347567] ? ktime_get_ts64+0x86/0x230 [ 16.347601] kunit_try_run_case+0x1a6/0x480 [ 16.347632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.347658] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.347687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.347730] ? __kthread_parkme+0x82/0x160 [ 16.347760] ? preempt_count_sub+0x50/0x80 [ 16.347792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.347820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.347852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.347902] kthread+0x324/0x6e0 [ 16.347929] ? trace_preempt_on+0x20/0xc0 [ 16.347959] ? __pfx_kthread+0x10/0x10 [ 16.347986] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.348013] ? calculate_sigpending+0x7b/0xa0 [ 16.348043] ? __pfx_kthread+0x10/0x10 [ 16.348070] ret_from_fork+0x41/0x80 [ 16.348094] ? __pfx_kthread+0x10/0x10 [ 16.348121] ret_from_fork_asm+0x1a/0x30 [ 16.348193] </TASK> [ 16.348279] [ 16.361673] Allocated by task 144: [ 16.362460] kasan_save_stack+0x45/0x70 [ 16.362937] kasan_save_track+0x18/0x40 [ 16.363347] kasan_save_alloc_info+0x3b/0x50 [ 16.363682] __kasan_kmalloc+0xb7/0xc0 [ 16.364011] __kmalloc_cache_noprof+0x18a/0x420 [ 16.364468] kmalloc_oob_right+0xaa/0x7f0 [ 16.364784] kunit_try_run_case+0x1a6/0x480 [ 16.365099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.365569] kthread+0x324/0x6e0 [ 16.365900] ret_from_fork+0x41/0x80 [ 16.366144] ret_from_fork_asm+0x1a/0x30 [ 16.366567] [ 16.366924] The buggy address belongs to the object at ffff888102971a00 [ 16.366924] which belongs to the cache kmalloc-128 of size 128 [ 16.368107] The buggy address is located 0 bytes to the right of [ 16.368107] allocated 115-byte region [ffff888102971a00, ffff888102971a73) [ 16.369075] [ 16.369403] The buggy address belongs to the physical page: [ 16.370377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 16.371587] flags: 0x200000000000000(node=0|zone=2) [ 16.372734] page_type: f5(slab) [ 16.373703] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.374179] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.374813] page dumped because: kasan: bad access detected [ 16.375359] [ 16.375592] Memory state around the buggy address: [ 16.376661] ffff888102971900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.377331] ffff888102971980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.377827] >ffff888102971a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.378403] ^ [ 16.379012] ffff888102971a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.379554] ffff888102971b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.379979] ================================================================== [ 16.383030] ================================================================== [ 16.383860] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 16.384531] Write of size 1 at addr ffff888102971a78 by task kunit_try_catch/144 [ 16.385043] [ 16.385660] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.385767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.385798] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.385842] Call Trace: [ 16.385904] <TASK> [ 16.385947] dump_stack_lvl+0x73/0xb0 [ 16.386032] print_report+0xd1/0x650 [ 16.386086] ? __virt_addr_valid+0x1db/0x2d0 [ 16.386136] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.386185] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.386246] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.386299] kasan_report+0x140/0x180 [ 16.386353] ? kmalloc_oob_right+0x6bf/0x7f0 [ 16.386420] __asan_report_store1_noabort+0x1b/0x30 [ 16.386482] kmalloc_oob_right+0x6bf/0x7f0 [ 16.386538] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.386592] ? __schedule+0xce8/0x2840 [ 16.386634] ? __pfx_read_tsc+0x10/0x10 [ 16.386664] ? ktime_get_ts64+0x86/0x230 [ 16.386696] kunit_try_run_case+0x1a6/0x480 [ 16.386727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.386781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.386810] ? __kthread_parkme+0x82/0x160 [ 16.386837] ? preempt_count_sub+0x50/0x80 [ 16.386888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.386918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.386950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.386981] kthread+0x324/0x6e0 [ 16.387007] ? trace_preempt_on+0x20/0xc0 [ 16.387036] ? __pfx_kthread+0x10/0x10 [ 16.387102] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.387130] ? calculate_sigpending+0x7b/0xa0 [ 16.387158] ? __pfx_kthread+0x10/0x10 [ 16.387185] ret_from_fork+0x41/0x80 [ 16.387209] ? __pfx_kthread+0x10/0x10 [ 16.387236] ret_from_fork_asm+0x1a/0x30 [ 16.387275] </TASK> [ 16.387289] [ 16.401028] Allocated by task 144: [ 16.401539] kasan_save_stack+0x45/0x70 [ 16.402056] kasan_save_track+0x18/0x40 [ 16.402522] kasan_save_alloc_info+0x3b/0x50 [ 16.403006] __kasan_kmalloc+0xb7/0xc0 [ 16.403339] __kmalloc_cache_noprof+0x18a/0x420 [ 16.403642] kmalloc_oob_right+0xaa/0x7f0 [ 16.404089] kunit_try_run_case+0x1a6/0x480 [ 16.404476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.404983] kthread+0x324/0x6e0 [ 16.405370] ret_from_fork+0x41/0x80 [ 16.405756] ret_from_fork_asm+0x1a/0x30 [ 16.406195] [ 16.406465] The buggy address belongs to the object at ffff888102971a00 [ 16.406465] which belongs to the cache kmalloc-128 of size 128 [ 16.407244] The buggy address is located 5 bytes to the right of [ 16.407244] allocated 115-byte region [ffff888102971a00, ffff888102971a73) [ 16.408199] [ 16.408478] The buggy address belongs to the physical page: [ 16.408969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 16.409604] flags: 0x200000000000000(node=0|zone=2) [ 16.410122] page_type: f5(slab) [ 16.410449] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.411053] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.411631] page dumped because: kasan: bad access detected [ 16.412176] [ 16.412398] Memory state around the buggy address: [ 16.412733] ffff888102971900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.413464] ffff888102971980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.413832] >ffff888102971a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.414484] ^ [ 16.415092] ffff888102971a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.415614] ffff888102971b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.416228] ================================================================== [ 16.417849] ================================================================== [ 16.418618] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 16.419466] Read of size 1 at addr ffff888102971a80 by task kunit_try_catch/144 [ 16.420066] [ 16.420330] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.420466] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.420491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.420528] Call Trace: [ 16.420564] <TASK> [ 16.420597] dump_stack_lvl+0x73/0xb0 [ 16.420664] print_report+0xd1/0x650 [ 16.420704] ? __virt_addr_valid+0x1db/0x2d0 [ 16.420740] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.420776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.420821] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.420859] kasan_report+0x140/0x180 [ 16.420922] ? kmalloc_oob_right+0x68c/0x7f0 [ 16.420967] __asan_report_load1_noabort+0x18/0x20 [ 16.421009] kmalloc_oob_right+0x68c/0x7f0 [ 16.421051] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 16.421091] ? __schedule+0xce8/0x2840 [ 16.421140] ? __pfx_read_tsc+0x10/0x10 [ 16.421191] ? ktime_get_ts64+0x86/0x230 [ 16.421252] kunit_try_run_case+0x1a6/0x480 [ 16.421324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.421378] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.421426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.421470] ? __kthread_parkme+0x82/0x160 [ 16.421513] ? preempt_count_sub+0x50/0x80 [ 16.421557] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.421597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.421646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.421691] kthread+0x324/0x6e0 [ 16.421731] ? trace_preempt_on+0x20/0xc0 [ 16.421774] ? __pfx_kthread+0x10/0x10 [ 16.421803] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.421833] ? calculate_sigpending+0x7b/0xa0 [ 16.421860] ? __pfx_kthread+0x10/0x10 [ 16.421921] ret_from_fork+0x41/0x80 [ 16.421958] ? __pfx_kthread+0x10/0x10 [ 16.422006] ret_from_fork_asm+0x1a/0x30 [ 16.422076] </TASK> [ 16.422100] [ 16.434474] Allocated by task 144: [ 16.434911] kasan_save_stack+0x45/0x70 [ 16.435368] kasan_save_track+0x18/0x40 [ 16.436066] kasan_save_alloc_info+0x3b/0x50 [ 16.437074] __kasan_kmalloc+0xb7/0xc0 [ 16.437941] __kmalloc_cache_noprof+0x18a/0x420 [ 16.438915] kmalloc_oob_right+0xaa/0x7f0 [ 16.439592] kunit_try_run_case+0x1a6/0x480 [ 16.440471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.440955] kthread+0x324/0x6e0 [ 16.441427] ret_from_fork+0x41/0x80 [ 16.441920] ret_from_fork_asm+0x1a/0x30 [ 16.442464] [ 16.442614] The buggy address belongs to the object at ffff888102971a00 [ 16.442614] which belongs to the cache kmalloc-128 of size 128 [ 16.443446] The buggy address is located 13 bytes to the right of [ 16.443446] allocated 115-byte region [ffff888102971a00, ffff888102971a73) [ 16.444642] [ 16.444857] The buggy address belongs to the physical page: [ 16.445394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 16.446069] flags: 0x200000000000000(node=0|zone=2) [ 16.446597] page_type: f5(slab) [ 16.446890] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.447245] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.447840] page dumped because: kasan: bad access detected [ 16.448418] [ 16.448574] Memory state around the buggy address: [ 16.448826] ffff888102971980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449281] ffff888102971a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 16.449857] >ffff888102971a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.450331] ^ [ 16.450677] ffff888102971b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.451164] ffff888102971b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.451810] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 18.243104] ================================================================== [ 18.243907] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.244470] Read of size 1 at addr ffff888102971e7f by task kunit_try_catch/202 [ 18.244794] [ 18.244999] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.245133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.245163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.245226] Call Trace: [ 18.245270] <TASK> [ 18.245313] dump_stack_lvl+0x73/0xb0 [ 18.245395] print_report+0xd1/0x650 [ 18.245451] ? __virt_addr_valid+0x1db/0x2d0 [ 18.245510] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.245567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.245629] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.245681] kasan_report+0x140/0x180 [ 18.245736] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.245811] __asan_report_load1_noabort+0x18/0x20 [ 18.245898] ksize_unpoisons_memory+0x7b8/0x9b0 [ 18.245957] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.246004] ? finish_task_switch.isra.0+0x153/0x700 [ 18.246063] ? __switch_to+0x5d9/0xf60 [ 18.246105] ? __schedule+0xce8/0x2840 [ 18.246136] ? __pfx_read_tsc+0x10/0x10 [ 18.246164] ? ktime_get_ts64+0x86/0x230 [ 18.246195] kunit_try_run_case+0x1a6/0x480 [ 18.246226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.246252] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.246280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.246315] ? __kthread_parkme+0x82/0x160 [ 18.246353] ? preempt_count_sub+0x50/0x80 [ 18.246382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.246410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.246442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.246473] kthread+0x324/0x6e0 [ 18.246499] ? trace_preempt_on+0x20/0xc0 [ 18.246529] ? __pfx_kthread+0x10/0x10 [ 18.246556] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.246583] ? calculate_sigpending+0x7b/0xa0 [ 18.246609] ? __pfx_kthread+0x10/0x10 [ 18.246637] ret_from_fork+0x41/0x80 [ 18.246660] ? __pfx_kthread+0x10/0x10 [ 18.246687] ret_from_fork_asm+0x1a/0x30 [ 18.246725] </TASK> [ 18.246739] [ 18.261674] Allocated by task 202: [ 18.262117] kasan_save_stack+0x45/0x70 [ 18.262621] kasan_save_track+0x18/0x40 [ 18.263069] kasan_save_alloc_info+0x3b/0x50 [ 18.263374] __kasan_kmalloc+0xb7/0xc0 [ 18.263645] __kmalloc_cache_noprof+0x18a/0x420 [ 18.264171] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.264724] kunit_try_run_case+0x1a6/0x480 [ 18.265160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.265807] kthread+0x324/0x6e0 [ 18.266085] ret_from_fork+0x41/0x80 [ 18.266607] ret_from_fork_asm+0x1a/0x30 [ 18.267038] [ 18.267188] The buggy address belongs to the object at ffff888102971e00 [ 18.267188] which belongs to the cache kmalloc-128 of size 128 [ 18.267952] The buggy address is located 12 bytes to the right of [ 18.267952] allocated 115-byte region [ffff888102971e00, ffff888102971e73) [ 18.268962] [ 18.269178] The buggy address belongs to the physical page: [ 18.269658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 18.270192] flags: 0x200000000000000(node=0|zone=2) [ 18.270692] page_type: f5(slab) [ 18.270984] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.271379] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.271724] page dumped because: kasan: bad access detected [ 18.272128] [ 18.272365] Memory state around the buggy address: [ 18.272815] ffff888102971d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.273552] ffff888102971d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274180] >ffff888102971e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.274900] ^ [ 18.275461] ffff888102971e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.275814] ffff888102971f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.276513] ================================================================== [ 18.167550] ================================================================== [ 18.168211] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 18.169030] Read of size 1 at addr ffff888102971e73 by task kunit_try_catch/202 [ 18.170225] [ 18.170923] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.171034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.171085] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.171404] Call Trace: [ 18.171435] <TASK> [ 18.171461] dump_stack_lvl+0x73/0xb0 [ 18.171512] print_report+0xd1/0x650 [ 18.171542] ? __virt_addr_valid+0x1db/0x2d0 [ 18.171571] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.171598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.171629] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.171657] kasan_report+0x140/0x180 [ 18.171684] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 18.171732] __asan_report_load1_noabort+0x18/0x20 [ 18.171761] ksize_unpoisons_memory+0x81e/0x9b0 [ 18.171789] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.171815] ? finish_task_switch.isra.0+0x153/0x700 [ 18.171845] ? __switch_to+0x5d9/0xf60 [ 18.171900] ? __schedule+0xce8/0x2840 [ 18.171931] ? __pfx_read_tsc+0x10/0x10 [ 18.171958] ? ktime_get_ts64+0x86/0x230 [ 18.171989] kunit_try_run_case+0x1a6/0x480 [ 18.172021] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.172047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.172077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.172105] ? __kthread_parkme+0x82/0x160 [ 18.172134] ? preempt_count_sub+0x50/0x80 [ 18.172163] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.172190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.172221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.172252] kthread+0x324/0x6e0 [ 18.172279] ? trace_preempt_on+0x20/0xc0 [ 18.172316] ? __pfx_kthread+0x10/0x10 [ 18.172352] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.172380] ? calculate_sigpending+0x7b/0xa0 [ 18.172408] ? __pfx_kthread+0x10/0x10 [ 18.172436] ret_from_fork+0x41/0x80 [ 18.172460] ? __pfx_kthread+0x10/0x10 [ 18.172487] ret_from_fork_asm+0x1a/0x30 [ 18.172526] </TASK> [ 18.172540] [ 18.188353] Allocated by task 202: [ 18.189134] kasan_save_stack+0x45/0x70 [ 18.189531] kasan_save_track+0x18/0x40 [ 18.189894] kasan_save_alloc_info+0x3b/0x50 [ 18.190207] __kasan_kmalloc+0xb7/0xc0 [ 18.190572] __kmalloc_cache_noprof+0x18a/0x420 [ 18.190936] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.191249] kunit_try_run_case+0x1a6/0x480 [ 18.192180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.192704] kthread+0x324/0x6e0 [ 18.193043] ret_from_fork+0x41/0x80 [ 18.193286] ret_from_fork_asm+0x1a/0x30 [ 18.193847] [ 18.194243] The buggy address belongs to the object at ffff888102971e00 [ 18.194243] which belongs to the cache kmalloc-128 of size 128 [ 18.195303] The buggy address is located 0 bytes to the right of [ 18.195303] allocated 115-byte region [ffff888102971e00, ffff888102971e73) [ 18.196099] [ 18.196269] The buggy address belongs to the physical page: [ 18.196511] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 18.197818] flags: 0x200000000000000(node=0|zone=2) [ 18.198385] page_type: f5(slab) [ 18.198749] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.199247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.199781] page dumped because: kasan: bad access detected [ 18.200339] [ 18.200525] Memory state around the buggy address: [ 18.200940] ffff888102971d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.201511] ffff888102971d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.202072] >ffff888102971e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.202612] ^ [ 18.203156] ffff888102971e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.203766] ffff888102971f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.204283] ================================================================== [ 18.206679] ================================================================== [ 18.207355] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.208263] Read of size 1 at addr ffff888102971e78 by task kunit_try_catch/202 [ 18.208982] [ 18.209141] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.209198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.209213] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.209238] Call Trace: [ 18.209260] <TASK> [ 18.209283] dump_stack_lvl+0x73/0xb0 [ 18.209341] print_report+0xd1/0x650 [ 18.209372] ? __virt_addr_valid+0x1db/0x2d0 [ 18.209401] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.209429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.209460] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.209487] kasan_report+0x140/0x180 [ 18.209514] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.209547] __asan_report_load1_noabort+0x18/0x20 [ 18.209575] ksize_unpoisons_memory+0x7eb/0x9b0 [ 18.209604] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 18.209630] ? finish_task_switch.isra.0+0x153/0x700 [ 18.209658] ? __switch_to+0x5d9/0xf60 [ 18.209690] ? __schedule+0xce8/0x2840 [ 18.209718] ? __pfx_read_tsc+0x10/0x10 [ 18.209746] ? ktime_get_ts64+0x86/0x230 [ 18.209777] kunit_try_run_case+0x1a6/0x480 [ 18.209806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.209832] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.209877] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.209908] ? __kthread_parkme+0x82/0x160 [ 18.209937] ? preempt_count_sub+0x50/0x80 [ 18.209967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.209994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.210025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.210056] kthread+0x324/0x6e0 [ 18.210082] ? trace_preempt_on+0x20/0xc0 [ 18.210111] ? __pfx_kthread+0x10/0x10 [ 18.210138] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.210165] ? calculate_sigpending+0x7b/0xa0 [ 18.210192] ? __pfx_kthread+0x10/0x10 [ 18.210220] ret_from_fork+0x41/0x80 [ 18.210243] ? __pfx_kthread+0x10/0x10 [ 18.210270] ret_from_fork_asm+0x1a/0x30 [ 18.210318] </TASK> [ 18.210344] [ 18.223720] Allocated by task 202: [ 18.224142] kasan_save_stack+0x45/0x70 [ 18.224736] kasan_save_track+0x18/0x40 [ 18.225216] kasan_save_alloc_info+0x3b/0x50 [ 18.225698] __kasan_kmalloc+0xb7/0xc0 [ 18.226007] __kmalloc_cache_noprof+0x18a/0x420 [ 18.226617] ksize_unpoisons_memory+0xc8/0x9b0 [ 18.227171] kunit_try_run_case+0x1a6/0x480 [ 18.227653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.228132] kthread+0x324/0x6e0 [ 18.228542] ret_from_fork+0x41/0x80 [ 18.228764] ret_from_fork_asm+0x1a/0x30 [ 18.229124] [ 18.229407] The buggy address belongs to the object at ffff888102971e00 [ 18.229407] which belongs to the cache kmalloc-128 of size 128 [ 18.230409] The buggy address is located 5 bytes to the right of [ 18.230409] allocated 115-byte region [ffff888102971e00, ffff888102971e73) [ 18.231419] [ 18.231722] The buggy address belongs to the physical page: [ 18.232107] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 18.232591] flags: 0x200000000000000(node=0|zone=2) [ 18.233116] page_type: f5(slab) [ 18.233532] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.234214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.234903] page dumped because: kasan: bad access detected [ 18.235491] [ 18.235638] Memory state around the buggy address: [ 18.236006] ffff888102971d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.236731] ffff888102971d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.237427] >ffff888102971e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.237791] ^ [ 18.238547] ffff888102971e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239243] ffff888102971f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.239841] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 18.109983] ================================================================== [ 18.110761] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 18.111300] Free of addr ffff8881025fedc0 by task kunit_try_catch/200 [ 18.112263] [ 18.112725] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.112796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.112812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.112837] Call Trace: [ 18.112880] <TASK> [ 18.112916] dump_stack_lvl+0x73/0xb0 [ 18.112988] print_report+0xd1/0x650 [ 18.113041] ? __virt_addr_valid+0x1db/0x2d0 [ 18.113121] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.113256] ? kfree_sensitive+0x2e/0x90 [ 18.113291] kasan_report_invalid_free+0xfc/0x120 [ 18.113348] ? kfree_sensitive+0x2e/0x90 [ 18.113377] ? kfree_sensitive+0x2e/0x90 [ 18.113403] check_slab_allocation+0x101/0x130 [ 18.113437] __kasan_slab_pre_free+0x28/0x40 [ 18.113481] kfree+0xf1/0x3f0 [ 18.113525] ? kfree_sensitive+0x2e/0x90 [ 18.113571] kfree_sensitive+0x2e/0x90 [ 18.113613] kmalloc_double_kzfree+0x19d/0x360 [ 18.113661] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.113708] ? __schedule+0xce8/0x2840 [ 18.113756] ? __pfx_read_tsc+0x10/0x10 [ 18.113803] ? ktime_get_ts64+0x86/0x230 [ 18.113849] kunit_try_run_case+0x1a6/0x480 [ 18.113905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.113932] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.113963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.113992] ? __kthread_parkme+0x82/0x160 [ 18.114020] ? preempt_count_sub+0x50/0x80 [ 18.114051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.114078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.114110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.114142] kthread+0x324/0x6e0 [ 18.114168] ? trace_preempt_on+0x20/0xc0 [ 18.114197] ? __pfx_kthread+0x10/0x10 [ 18.114224] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.114253] ? calculate_sigpending+0x7b/0xa0 [ 18.114279] ? __pfx_kthread+0x10/0x10 [ 18.114314] ret_from_fork+0x41/0x80 [ 18.114346] ? __pfx_kthread+0x10/0x10 [ 18.114374] ret_from_fork_asm+0x1a/0x30 [ 18.114413] </TASK> [ 18.114432] [ 18.133523] Allocated by task 200: [ 18.134267] kasan_save_stack+0x45/0x70 [ 18.134741] kasan_save_track+0x18/0x40 [ 18.134987] kasan_save_alloc_info+0x3b/0x50 [ 18.135304] __kasan_kmalloc+0xb7/0xc0 [ 18.136071] __kmalloc_cache_noprof+0x18a/0x420 [ 18.136590] kmalloc_double_kzfree+0xaa/0x360 [ 18.136849] kunit_try_run_case+0x1a6/0x480 [ 18.137166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.137773] kthread+0x324/0x6e0 [ 18.138610] ret_from_fork+0x41/0x80 [ 18.138819] ret_from_fork_asm+0x1a/0x30 [ 18.139579] [ 18.140001] Freed by task 200: [ 18.140513] kasan_save_stack+0x45/0x70 [ 18.140981] kasan_save_track+0x18/0x40 [ 18.141660] kasan_save_free_info+0x3f/0x60 [ 18.142029] __kasan_slab_free+0x56/0x70 [ 18.142623] kfree+0x224/0x3f0 [ 18.143128] kfree_sensitive+0x67/0x90 [ 18.143669] kmalloc_double_kzfree+0x12c/0x360 [ 18.144232] kunit_try_run_case+0x1a6/0x480 [ 18.144790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.145436] kthread+0x324/0x6e0 [ 18.145793] ret_from_fork+0x41/0x80 [ 18.146323] ret_from_fork_asm+0x1a/0x30 [ 18.146925] [ 18.147673] The buggy address belongs to the object at ffff8881025fedc0 [ 18.147673] which belongs to the cache kmalloc-16 of size 16 [ 18.148443] The buggy address is located 0 bytes inside of [ 18.148443] 16-byte region [ffff8881025fedc0, ffff8881025fedd0) [ 18.149775] [ 18.150090] The buggy address belongs to the physical page: [ 18.150672] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 18.151260] flags: 0x200000000000000(node=0|zone=2) [ 18.151995] page_type: f5(slab) [ 18.152562] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.153491] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.153913] page dumped because: kasan: bad access detected [ 18.154398] [ 18.154570] Memory state around the buggy address: [ 18.155466] ffff8881025fec80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 18.156382] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 18.157362] >ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fc fc fc fc [ 18.158097] ^ [ 18.158818] ffff8881025fee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.159391] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.160203] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 18.062894] ================================================================== [ 18.063820] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 18.064413] Read of size 1 at addr ffff8881025fedc0 by task kunit_try_catch/200 [ 18.065189] [ 18.065685] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.065819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.065847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.065906] Call Trace: [ 18.065932] <TASK> [ 18.065964] dump_stack_lvl+0x73/0xb0 [ 18.066031] print_report+0xd1/0x650 [ 18.066080] ? __virt_addr_valid+0x1db/0x2d0 [ 18.066133] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.066179] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.066232] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.066283] kasan_report+0x140/0x180 [ 18.066334] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.066391] ? kmalloc_double_kzfree+0x19d/0x360 [ 18.066443] __kasan_check_byte+0x3d/0x50 [ 18.066507] kfree_sensitive+0x22/0x90 [ 18.066581] kmalloc_double_kzfree+0x19d/0x360 [ 18.066633] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 18.066683] ? __schedule+0xce8/0x2840 [ 18.066735] ? __pfx_read_tsc+0x10/0x10 [ 18.066783] ? ktime_get_ts64+0x86/0x230 [ 18.066847] kunit_try_run_case+0x1a6/0x480 [ 18.066925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.066971] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.067034] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.067147] ? __kthread_parkme+0x82/0x160 [ 18.067211] ? preempt_count_sub+0x50/0x80 [ 18.067273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.067321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.067364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.067397] kthread+0x324/0x6e0 [ 18.067427] ? trace_preempt_on+0x20/0xc0 [ 18.067479] ? __pfx_kthread+0x10/0x10 [ 18.067525] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.067567] ? calculate_sigpending+0x7b/0xa0 [ 18.067617] ? __pfx_kthread+0x10/0x10 [ 18.067658] ret_from_fork+0x41/0x80 [ 18.067685] ? __pfx_kthread+0x10/0x10 [ 18.067722] ret_from_fork_asm+0x1a/0x30 [ 18.067764] </TASK> [ 18.067779] [ 18.083248] Allocated by task 200: [ 18.083505] kasan_save_stack+0x45/0x70 [ 18.083780] kasan_save_track+0x18/0x40 [ 18.084190] kasan_save_alloc_info+0x3b/0x50 [ 18.084601] __kasan_kmalloc+0xb7/0xc0 [ 18.085584] __kmalloc_cache_noprof+0x18a/0x420 [ 18.086276] kmalloc_double_kzfree+0xaa/0x360 [ 18.087135] kunit_try_run_case+0x1a6/0x480 [ 18.087407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.087809] kthread+0x324/0x6e0 [ 18.088195] ret_from_fork+0x41/0x80 [ 18.089276] ret_from_fork_asm+0x1a/0x30 [ 18.089847] [ 18.090085] Freed by task 200: [ 18.090286] kasan_save_stack+0x45/0x70 [ 18.090524] kasan_save_track+0x18/0x40 [ 18.091048] kasan_save_free_info+0x3f/0x60 [ 18.091489] __kasan_slab_free+0x56/0x70 [ 18.092066] kfree+0x224/0x3f0 [ 18.092432] kfree_sensitive+0x67/0x90 [ 18.093153] kmalloc_double_kzfree+0x12c/0x360 [ 18.093826] kunit_try_run_case+0x1a6/0x480 [ 18.094234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.094877] kthread+0x324/0x6e0 [ 18.095191] ret_from_fork+0x41/0x80 [ 18.095762] ret_from_fork_asm+0x1a/0x30 [ 18.096174] [ 18.096425] The buggy address belongs to the object at ffff8881025fedc0 [ 18.096425] which belongs to the cache kmalloc-16 of size 16 [ 18.097808] The buggy address is located 0 bytes inside of [ 18.097808] freed 16-byte region [ffff8881025fedc0, ffff8881025fedd0) [ 18.098794] [ 18.099177] The buggy address belongs to the physical page: [ 18.099718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025fe [ 18.100675] flags: 0x200000000000000(node=0|zone=2) [ 18.101053] page_type: f5(slab) [ 18.101711] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 18.102569] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 18.103216] page dumped because: kasan: bad access detected [ 18.103671] [ 18.103893] Memory state around the buggy address: [ 18.104218] ffff8881025fec80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 18.104772] ffff8881025fed00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 18.105334] >ffff8881025fed80: fa fb fc fc 00 05 fc fc fa fb fc fc fc fc fc fc [ 18.105843] ^ [ 18.106541] ffff8881025fee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.106893] ffff8881025fee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.107754] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.980964] ================================================================== [ 17.981577] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 17.982266] Write of size 33 at addr ffff888102ca9380 by task kunit_try_catch/194 [ 17.982826] [ 17.983060] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.983193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.983223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.983268] Call Trace: [ 17.983301] <TASK> [ 17.983338] dump_stack_lvl+0x73/0xb0 [ 17.983438] print_report+0xd1/0x650 [ 17.983494] ? __virt_addr_valid+0x1db/0x2d0 [ 17.983549] ? kmalloc_uaf_memset+0x1a4/0x360 [ 17.983597] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.983657] ? kmalloc_uaf_memset+0x1a4/0x360 [ 17.983723] kasan_report+0x140/0x180 [ 17.983779] ? kmalloc_uaf_memset+0x1a4/0x360 [ 17.983842] kasan_check_range+0x10c/0x1c0 [ 17.983911] __asan_memset+0x27/0x50 [ 17.983966] kmalloc_uaf_memset+0x1a4/0x360 [ 17.984044] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 17.984103] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 17.984161] kunit_try_run_case+0x1a6/0x480 [ 17.984222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.984303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.984362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.984421] ? __kthread_parkme+0x82/0x160 [ 17.984482] ? preempt_count_sub+0x50/0x80 [ 17.984539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.984589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.984627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.984660] kthread+0x324/0x6e0 [ 17.984688] ? trace_preempt_on+0x20/0xc0 [ 17.984718] ? __pfx_kthread+0x10/0x10 [ 17.984745] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.984773] ? calculate_sigpending+0x7b/0xa0 [ 17.984801] ? __pfx_kthread+0x10/0x10 [ 17.984829] ret_from_fork+0x41/0x80 [ 17.984853] ? __pfx_kthread+0x10/0x10 [ 17.984905] ret_from_fork_asm+0x1a/0x30 [ 17.984945] </TASK> [ 17.984959] [ 17.999731] Allocated by task 194: [ 18.000157] kasan_save_stack+0x45/0x70 [ 18.000889] kasan_save_track+0x18/0x40 [ 18.001323] kasan_save_alloc_info+0x3b/0x50 [ 18.001807] __kasan_kmalloc+0xb7/0xc0 [ 18.002265] __kmalloc_cache_noprof+0x18a/0x420 [ 18.002800] kmalloc_uaf_memset+0xaa/0x360 [ 18.003235] kunit_try_run_case+0x1a6/0x480 [ 18.003534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.004250] kthread+0x324/0x6e0 [ 18.004653] ret_from_fork+0x41/0x80 [ 18.005201] ret_from_fork_asm+0x1a/0x30 [ 18.005677] [ 18.005816] Freed by task 194: [ 18.006763] kasan_save_stack+0x45/0x70 [ 18.007079] kasan_save_track+0x18/0x40 [ 18.007317] kasan_save_free_info+0x3f/0x60 [ 18.007894] __kasan_slab_free+0x56/0x70 [ 18.008295] kfree+0x224/0x3f0 [ 18.009134] kmalloc_uaf_memset+0x12c/0x360 [ 18.009446] kunit_try_run_case+0x1a6/0x480 [ 18.010035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.010420] kthread+0x324/0x6e0 [ 18.010958] ret_from_fork+0x41/0x80 [ 18.011332] ret_from_fork_asm+0x1a/0x30 [ 18.011473] [ 18.011545] The buggy address belongs to the object at ffff888102ca9380 [ 18.011545] which belongs to the cache kmalloc-64 of size 64 [ 18.011818] The buggy address is located 0 bytes inside of [ 18.011818] freed 64-byte region [ffff888102ca9380, ffff888102ca93c0) [ 18.012267] [ 18.012954] The buggy address belongs to the physical page: [ 18.013594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ca9 [ 18.014255] flags: 0x200000000000000(node=0|zone=2) [ 18.014900] page_type: f5(slab) [ 18.015298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.016009] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.016796] page dumped because: kasan: bad access detected [ 18.017208] [ 18.017378] Memory state around the buggy address: [ 18.018105] ffff888102ca9280: 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc fc [ 18.018702] ffff888102ca9300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.019368] >ffff888102ca9380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.019975] ^ [ 18.020314] ffff888102ca9400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.020875] ffff888102ca9480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.021783] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.929946] ================================================================== [ 17.931078] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 17.931298] Read of size 1 at addr ffff8881024b0188 by task kunit_try_catch/192 [ 17.932113] [ 17.932432] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.932555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.932585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.932632] Call Trace: [ 17.932665] <TASK> [ 17.932707] dump_stack_lvl+0x73/0xb0 [ 17.932791] print_report+0xd1/0x650 [ 17.932851] ? __virt_addr_valid+0x1db/0x2d0 [ 17.932928] ? kmalloc_uaf+0x322/0x380 [ 17.932977] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.933038] ? kmalloc_uaf+0x322/0x380 [ 17.933091] kasan_report+0x140/0x180 [ 17.933147] ? kmalloc_uaf+0x322/0x380 [ 17.933211] __asan_report_load1_noabort+0x18/0x20 [ 17.933271] kmalloc_uaf+0x322/0x380 [ 17.933315] ? __pfx_kmalloc_uaf+0x10/0x10 [ 17.933362] ? __pfx_kmalloc_uaf+0x10/0x10 [ 17.933401] kunit_try_run_case+0x1a6/0x480 [ 17.933438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.933465] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.933497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.933526] ? __kthread_parkme+0x82/0x160 [ 17.933555] ? preempt_count_sub+0x50/0x80 [ 17.933588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.933616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.933648] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.933679] kthread+0x324/0x6e0 [ 17.933706] ? trace_preempt_on+0x20/0xc0 [ 17.933736] ? __pfx_kthread+0x10/0x10 [ 17.933764] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.933791] ? calculate_sigpending+0x7b/0xa0 [ 17.933819] ? __pfx_kthread+0x10/0x10 [ 17.933846] ret_from_fork+0x41/0x80 [ 17.933917] ? __pfx_kthread+0x10/0x10 [ 17.933966] ret_from_fork_asm+0x1a/0x30 [ 17.934015] </TASK> [ 17.934032] [ 17.949878] Allocated by task 192: [ 17.950281] kasan_save_stack+0x45/0x70 [ 17.950599] kasan_save_track+0x18/0x40 [ 17.950993] kasan_save_alloc_info+0x3b/0x50 [ 17.951301] __kasan_kmalloc+0xb7/0xc0 [ 17.951668] __kmalloc_cache_noprof+0x18a/0x420 [ 17.952762] kmalloc_uaf+0xab/0x380 [ 17.953065] kunit_try_run_case+0x1a6/0x480 [ 17.953765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.954344] kthread+0x324/0x6e0 [ 17.954961] ret_from_fork+0x41/0x80 [ 17.955714] ret_from_fork_asm+0x1a/0x30 [ 17.956021] [ 17.956152] Freed by task 192: [ 17.957166] kasan_save_stack+0x45/0x70 [ 17.957606] kasan_save_track+0x18/0x40 [ 17.957836] kasan_save_free_info+0x3f/0x60 [ 17.958275] __kasan_slab_free+0x56/0x70 [ 17.959114] kfree+0x224/0x3f0 [ 17.959657] kmalloc_uaf+0x12d/0x380 [ 17.960121] kunit_try_run_case+0x1a6/0x480 [ 17.960542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.961155] kthread+0x324/0x6e0 [ 17.961827] ret_from_fork+0x41/0x80 [ 17.962157] ret_from_fork_asm+0x1a/0x30 [ 17.962593] [ 17.962812] The buggy address belongs to the object at ffff8881024b0180 [ 17.962812] which belongs to the cache kmalloc-16 of size 16 [ 17.963613] The buggy address is located 8 bytes inside of [ 17.963613] freed 16-byte region [ffff8881024b0180, ffff8881024b0190) [ 17.964406] [ 17.964626] The buggy address belongs to the physical page: [ 17.965955] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 17.966775] flags: 0x200000000000000(node=0|zone=2) [ 17.967270] page_type: f5(slab) [ 17.967669] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.968137] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.968686] page dumped because: kasan: bad access detected [ 17.969041] [ 17.969169] Memory state around the buggy address: [ 17.970296] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.970783] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.971949] >ffff8881024b0180: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.972498] ^ [ 17.972787] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.973466] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.974472] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.881357] ================================================================== [ 17.882096] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 17.882718] Read of size 64 at addr ffff88810297ae84 by task kunit_try_catch/190 [ 17.883266] [ 17.883499] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.883601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.883628] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.883670] Call Trace: [ 17.883715] <TASK> [ 17.883756] dump_stack_lvl+0x73/0xb0 [ 17.883836] print_report+0xd1/0x650 [ 17.883910] ? __virt_addr_valid+0x1db/0x2d0 [ 17.883965] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.884023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.884082] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.884142] kasan_report+0x140/0x180 [ 17.884193] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 17.884252] kasan_check_range+0x10c/0x1c0 [ 17.884305] __asan_memmove+0x27/0x70 [ 17.884356] kmalloc_memmove_invalid_size+0x170/0x330 [ 17.884412] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 17.884474] ? __schedule+0xce8/0x2840 [ 17.884540] ? __pfx_read_tsc+0x10/0x10 [ 17.884597] ? ktime_get_ts64+0x86/0x230 [ 17.884663] kunit_try_run_case+0x1a6/0x480 [ 17.884717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.884767] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.884821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.884955] ? __kthread_parkme+0x82/0x160 [ 17.885023] ? preempt_count_sub+0x50/0x80 [ 17.885086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.885138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.885200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.885402] kthread+0x324/0x6e0 [ 17.885601] ? trace_preempt_on+0x20/0xc0 [ 17.885678] ? __pfx_kthread+0x10/0x10 [ 17.885720] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.885763] ? calculate_sigpending+0x7b/0xa0 [ 17.885804] ? __pfx_kthread+0x10/0x10 [ 17.885846] ret_from_fork+0x41/0x80 [ 17.885906] ? __pfx_kthread+0x10/0x10 [ 17.885948] ret_from_fork_asm+0x1a/0x30 [ 17.886003] </TASK> [ 17.886019] [ 17.904627] Allocated by task 190: [ 17.905033] kasan_save_stack+0x45/0x70 [ 17.905308] kasan_save_track+0x18/0x40 [ 17.906002] kasan_save_alloc_info+0x3b/0x50 [ 17.906838] __kasan_kmalloc+0xb7/0xc0 [ 17.907188] __kmalloc_cache_noprof+0x18a/0x420 [ 17.907795] kmalloc_memmove_invalid_size+0xad/0x330 [ 17.908660] kunit_try_run_case+0x1a6/0x480 [ 17.909050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.909515] kthread+0x324/0x6e0 [ 17.910774] ret_from_fork+0x41/0x80 [ 17.911035] ret_from_fork_asm+0x1a/0x30 [ 17.911256] [ 17.911877] The buggy address belongs to the object at ffff88810297ae80 [ 17.911877] which belongs to the cache kmalloc-64 of size 64 [ 17.912765] The buggy address is located 4 bytes inside of [ 17.912765] allocated 64-byte region [ffff88810297ae80, ffff88810297aec0) [ 17.913743] [ 17.913936] The buggy address belongs to the physical page: [ 17.915015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297a [ 17.915489] flags: 0x200000000000000(node=0|zone=2) [ 17.916312] page_type: f5(slab) [ 17.916544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.917113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.917790] page dumped because: kasan: bad access detected [ 17.918351] [ 17.919110] Memory state around the buggy address: [ 17.919393] ffff88810297ad80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.920278] ffff88810297ae00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.920980] >ffff88810297ae80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.921409] ^ [ 17.922021] ffff88810297af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.922463] ffff88810297af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.923013] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.840210] ================================================================== [ 17.840840] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 17.841534] Read of size 18446744073709551614 at addr ffff888102ca9204 by task kunit_try_catch/188 [ 17.842983] [ 17.843286] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.843426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.843477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.843505] Call Trace: [ 17.843528] <TASK> [ 17.843552] dump_stack_lvl+0x73/0xb0 [ 17.843599] print_report+0xd1/0x650 [ 17.843645] ? __virt_addr_valid+0x1db/0x2d0 [ 17.843706] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.843757] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.843816] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.843927] kasan_report+0x140/0x180 [ 17.843966] ? kmalloc_memmove_negative_size+0x172/0x330 [ 17.844004] kasan_check_range+0x10c/0x1c0 [ 17.844034] __asan_memmove+0x27/0x70 [ 17.844063] kmalloc_memmove_negative_size+0x172/0x330 [ 17.844093] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 17.844124] ? __schedule+0xce8/0x2840 [ 17.844156] ? __pfx_read_tsc+0x10/0x10 [ 17.844187] ? ktime_get_ts64+0x86/0x230 [ 17.844220] kunit_try_run_case+0x1a6/0x480 [ 17.844251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.844277] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.844324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.844361] ? __kthread_parkme+0x82/0x160 [ 17.844391] ? preempt_count_sub+0x50/0x80 [ 17.844423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.844450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.844483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.844514] kthread+0x324/0x6e0 [ 17.844541] ? trace_preempt_on+0x20/0xc0 [ 17.844570] ? __pfx_kthread+0x10/0x10 [ 17.844598] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.844625] ? calculate_sigpending+0x7b/0xa0 [ 17.844652] ? __pfx_kthread+0x10/0x10 [ 17.844680] ret_from_fork+0x41/0x80 [ 17.844705] ? __pfx_kthread+0x10/0x10 [ 17.844733] ret_from_fork_asm+0x1a/0x30 [ 17.844772] </TASK> [ 17.844788] [ 17.857092] Allocated by task 188: [ 17.857538] kasan_save_stack+0x45/0x70 [ 17.857943] kasan_save_track+0x18/0x40 [ 17.858197] kasan_save_alloc_info+0x3b/0x50 [ 17.858446] __kasan_kmalloc+0xb7/0xc0 [ 17.858793] __kmalloc_cache_noprof+0x18a/0x420 [ 17.859219] kmalloc_memmove_negative_size+0xad/0x330 [ 17.859789] kunit_try_run_case+0x1a6/0x480 [ 17.860225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.860722] kthread+0x324/0x6e0 [ 17.861094] ret_from_fork+0x41/0x80 [ 17.861358] ret_from_fork_asm+0x1a/0x30 [ 17.861651] [ 17.861856] The buggy address belongs to the object at ffff888102ca9200 [ 17.861856] which belongs to the cache kmalloc-64 of size 64 [ 17.862394] The buggy address is located 4 bytes inside of [ 17.862394] 64-byte region [ffff888102ca9200, ffff888102ca9240) [ 17.863012] [ 17.863223] The buggy address belongs to the physical page: [ 17.863967] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ca9 [ 17.864723] flags: 0x200000000000000(node=0|zone=2) [ 17.868213] page_type: f5(slab) [ 17.868492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.869258] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.869699] page dumped because: kasan: bad access detected [ 17.870212] [ 17.870420] Memory state around the buggy address: [ 17.870741] ffff888102ca9100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.871158] ffff888102ca9180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.871728] >ffff888102ca9200: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.872339] ^ [ 17.872585] ffff888102ca9280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.872929] ffff888102ca9300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873554] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.794149] ================================================================== [ 17.795191] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 17.796131] Write of size 16 at addr ffff8881024bfe69 by task kunit_try_catch/186 [ 17.796799] [ 17.796988] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.797046] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.797065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.797103] Call Trace: [ 17.797125] <TASK> [ 17.797150] dump_stack_lvl+0x73/0xb0 [ 17.797197] print_report+0xd1/0x650 [ 17.797227] ? __virt_addr_valid+0x1db/0x2d0 [ 17.797256] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.797282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.797314] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.797340] kasan_report+0x140/0x180 [ 17.797368] ? kmalloc_oob_memset_16+0x167/0x330 [ 17.797400] kasan_check_range+0x10c/0x1c0 [ 17.797428] __asan_memset+0x27/0x50 [ 17.797456] kmalloc_oob_memset_16+0x167/0x330 [ 17.797483] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 17.797510] ? __schedule+0xce8/0x2840 [ 17.797540] ? __pfx_read_tsc+0x10/0x10 [ 17.797568] ? ktime_get_ts64+0x86/0x230 [ 17.797600] kunit_try_run_case+0x1a6/0x480 [ 17.797631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.797657] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.797686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.797714] ? __kthread_parkme+0x82/0x160 [ 17.797742] ? preempt_count_sub+0x50/0x80 [ 17.797772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.797800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.797831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.797918] kthread+0x324/0x6e0 [ 17.797968] ? trace_preempt_on+0x20/0xc0 [ 17.798023] ? __pfx_kthread+0x10/0x10 [ 17.798078] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.798193] ? calculate_sigpending+0x7b/0xa0 [ 17.798250] ? __pfx_kthread+0x10/0x10 [ 17.798310] ret_from_fork+0x41/0x80 [ 17.798362] ? __pfx_kthread+0x10/0x10 [ 17.798417] ret_from_fork_asm+0x1a/0x30 [ 17.798497] </TASK> [ 17.798522] [ 17.813911] Allocated by task 186: [ 17.814766] kasan_save_stack+0x45/0x70 [ 17.815260] kasan_save_track+0x18/0x40 [ 17.815673] kasan_save_alloc_info+0x3b/0x50 [ 17.816135] __kasan_kmalloc+0xb7/0xc0 [ 17.816848] __kmalloc_cache_noprof+0x18a/0x420 [ 17.817114] kmalloc_oob_memset_16+0xad/0x330 [ 17.817652] kunit_try_run_case+0x1a6/0x480 [ 17.818212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.819154] kthread+0x324/0x6e0 [ 17.819486] ret_from_fork+0x41/0x80 [ 17.819898] ret_from_fork_asm+0x1a/0x30 [ 17.820492] [ 17.820709] The buggy address belongs to the object at ffff8881024bfe00 [ 17.820709] which belongs to the cache kmalloc-128 of size 128 [ 17.821202] The buggy address is located 105 bytes inside of [ 17.821202] allocated 120-byte region [ffff8881024bfe00, ffff8881024bfe78) [ 17.822656] [ 17.823182] The buggy address belongs to the physical page: [ 17.824066] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 17.824903] flags: 0x200000000000000(node=0|zone=2) [ 17.825228] page_type: f5(slab) [ 17.825592] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.826140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.827298] page dumped because: kasan: bad access detected [ 17.827926] [ 17.828073] Memory state around the buggy address: [ 17.828690] ffff8881024bfd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.829246] ffff8881024bfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.830158] >ffff8881024bfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.831076] ^ [ 17.831811] ffff8881024bfe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.832240] ffff8881024bff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.833178] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.749252] ================================================================== [ 17.750008] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 17.750524] Write of size 8 at addr ffff8881024bfd71 by task kunit_try_catch/184 [ 17.751205] [ 17.751835] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.752134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.752172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.752220] Call Trace: [ 17.752261] <TASK> [ 17.752306] dump_stack_lvl+0x73/0xb0 [ 17.752395] print_report+0xd1/0x650 [ 17.752553] ? __virt_addr_valid+0x1db/0x2d0 [ 17.752637] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.752693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.752758] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.752814] kasan_report+0x140/0x180 [ 17.752891] ? kmalloc_oob_memset_8+0x167/0x330 [ 17.752961] kasan_check_range+0x10c/0x1c0 [ 17.753021] __asan_memset+0x27/0x50 [ 17.753066] kmalloc_oob_memset_8+0x167/0x330 [ 17.753096] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 17.753124] ? __schedule+0xce8/0x2840 [ 17.753157] ? __pfx_read_tsc+0x10/0x10 [ 17.753185] ? ktime_get_ts64+0x86/0x230 [ 17.753219] kunit_try_run_case+0x1a6/0x480 [ 17.753250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.753278] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.753308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.753351] ? __kthread_parkme+0x82/0x160 [ 17.753382] ? preempt_count_sub+0x50/0x80 [ 17.753413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.753457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.753511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.753555] kthread+0x324/0x6e0 [ 17.753584] ? trace_preempt_on+0x20/0xc0 [ 17.753617] ? __pfx_kthread+0x10/0x10 [ 17.753644] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.753672] ? calculate_sigpending+0x7b/0xa0 [ 17.753700] ? __pfx_kthread+0x10/0x10 [ 17.753727] ret_from_fork+0x41/0x80 [ 17.753752] ? __pfx_kthread+0x10/0x10 [ 17.753779] ret_from_fork_asm+0x1a/0x30 [ 17.753819] </TASK> [ 17.753834] [ 17.768414] Allocated by task 184: [ 17.768933] kasan_save_stack+0x45/0x70 [ 17.769519] kasan_save_track+0x18/0x40 [ 17.770136] kasan_save_alloc_info+0x3b/0x50 [ 17.770711] __kasan_kmalloc+0xb7/0xc0 [ 17.771172] __kmalloc_cache_noprof+0x18a/0x420 [ 17.771931] kmalloc_oob_memset_8+0xad/0x330 [ 17.772450] kunit_try_run_case+0x1a6/0x480 [ 17.772724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.773242] kthread+0x324/0x6e0 [ 17.773951] ret_from_fork+0x41/0x80 [ 17.774141] ret_from_fork_asm+0x1a/0x30 [ 17.774285] [ 17.775097] The buggy address belongs to the object at ffff8881024bfd00 [ 17.775097] which belongs to the cache kmalloc-128 of size 128 [ 17.776334] The buggy address is located 113 bytes inside of [ 17.776334] allocated 120-byte region [ffff8881024bfd00, ffff8881024bfd78) [ 17.777109] [ 17.777741] The buggy address belongs to the physical page: [ 17.778237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 17.779383] flags: 0x200000000000000(node=0|zone=2) [ 17.779854] page_type: f5(slab) [ 17.780173] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.781201] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.782159] page dumped because: kasan: bad access detected [ 17.782516] [ 17.783039] Memory state around the buggy address: [ 17.783829] ffff8881024bfc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.784268] ffff8881024bfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.785101] >ffff8881024bfd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.785369] ^ [ 17.786098] ffff8881024bfd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.786650] ffff8881024bfe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.787147] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.702818] ================================================================== [ 17.703481] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 17.704587] Write of size 4 at addr ffff888102971d75 by task kunit_try_catch/182 [ 17.705100] [ 17.705602] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.705717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.705789] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.705874] Call Trace: [ 17.705949] <TASK> [ 17.706012] dump_stack_lvl+0x73/0xb0 [ 17.706107] print_report+0xd1/0x650 [ 17.706165] ? __virt_addr_valid+0x1db/0x2d0 [ 17.706217] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.706267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.706400] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.706690] kasan_report+0x140/0x180 [ 17.706726] ? kmalloc_oob_memset_4+0x167/0x330 [ 17.706759] kasan_check_range+0x10c/0x1c0 [ 17.706789] __asan_memset+0x27/0x50 [ 17.706817] kmalloc_oob_memset_4+0x167/0x330 [ 17.706845] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 17.706895] ? __schedule+0xce8/0x2840 [ 17.706929] ? __pfx_read_tsc+0x10/0x10 [ 17.706957] ? ktime_get_ts64+0x86/0x230 [ 17.706994] kunit_try_run_case+0x1a6/0x480 [ 17.707024] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.707050] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.707095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.707125] ? __kthread_parkme+0x82/0x160 [ 17.707155] ? preempt_count_sub+0x50/0x80 [ 17.707185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.707213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.707245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.707276] kthread+0x324/0x6e0 [ 17.707317] ? trace_preempt_on+0x20/0xc0 [ 17.707357] ? __pfx_kthread+0x10/0x10 [ 17.707385] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.707412] ? calculate_sigpending+0x7b/0xa0 [ 17.707455] ? __pfx_kthread+0x10/0x10 [ 17.707501] ret_from_fork+0x41/0x80 [ 17.707543] ? __pfx_kthread+0x10/0x10 [ 17.707579] ret_from_fork_asm+0x1a/0x30 [ 17.707621] </TASK> [ 17.707636] [ 17.724121] Allocated by task 182: [ 17.724830] kasan_save_stack+0x45/0x70 [ 17.725583] kasan_save_track+0x18/0x40 [ 17.726031] kasan_save_alloc_info+0x3b/0x50 [ 17.726291] __kasan_kmalloc+0xb7/0xc0 [ 17.727042] __kmalloc_cache_noprof+0x18a/0x420 [ 17.727641] kmalloc_oob_memset_4+0xad/0x330 [ 17.728226] kunit_try_run_case+0x1a6/0x480 [ 17.728853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.729357] kthread+0x324/0x6e0 [ 17.729772] ret_from_fork+0x41/0x80 [ 17.730039] ret_from_fork_asm+0x1a/0x30 [ 17.730462] [ 17.730680] The buggy address belongs to the object at ffff888102971d00 [ 17.730680] which belongs to the cache kmalloc-128 of size 128 [ 17.731506] The buggy address is located 117 bytes inside of [ 17.731506] allocated 120-byte region [ffff888102971d00, ffff888102971d78) [ 17.732787] [ 17.733027] The buggy address belongs to the physical page: [ 17.733392] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 17.734049] flags: 0x200000000000000(node=0|zone=2) [ 17.734732] page_type: f5(slab) [ 17.735029] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.735775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.736734] page dumped because: kasan: bad access detected [ 17.737276] [ 17.737526] Memory state around the buggy address: [ 17.737837] ffff888102971c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.738621] ffff888102971c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.739262] >ffff888102971d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.739965] ^ [ 17.740745] ffff888102971d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.741221] ffff888102971e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.742189] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.661982] ================================================================== [ 17.662555] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 17.663601] Write of size 2 at addr ffff8881024bfc77 by task kunit_try_catch/180 [ 17.664584] [ 17.664752] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.664813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.664829] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.664854] Call Trace: [ 17.664909] <TASK> [ 17.664949] dump_stack_lvl+0x73/0xb0 [ 17.665036] print_report+0xd1/0x650 [ 17.665093] ? __virt_addr_valid+0x1db/0x2d0 [ 17.665151] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.665199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.665249] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.665294] kasan_report+0x140/0x180 [ 17.665385] ? kmalloc_oob_memset_2+0x167/0x330 [ 17.665447] kasan_check_range+0x10c/0x1c0 [ 17.665508] __asan_memset+0x27/0x50 [ 17.665566] kmalloc_oob_memset_2+0x167/0x330 [ 17.665604] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 17.665636] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 17.665668] kunit_try_run_case+0x1a6/0x480 [ 17.665700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.665727] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.665761] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.665790] ? __kthread_parkme+0x82/0x160 [ 17.665820] ? preempt_count_sub+0x50/0x80 [ 17.665852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.665902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.665934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.665965] kthread+0x324/0x6e0 [ 17.665992] ? trace_preempt_on+0x20/0xc0 [ 17.666022] ? __pfx_kthread+0x10/0x10 [ 17.666049] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.666076] ? calculate_sigpending+0x7b/0xa0 [ 17.666104] ? __pfx_kthread+0x10/0x10 [ 17.666131] ret_from_fork+0x41/0x80 [ 17.666157] ? __pfx_kthread+0x10/0x10 [ 17.666184] ret_from_fork_asm+0x1a/0x30 [ 17.666223] </TASK> [ 17.666238] [ 17.676815] Allocated by task 180: [ 17.677179] kasan_save_stack+0x45/0x70 [ 17.677603] kasan_save_track+0x18/0x40 [ 17.677920] kasan_save_alloc_info+0x3b/0x50 [ 17.678340] __kasan_kmalloc+0xb7/0xc0 [ 17.678582] __kmalloc_cache_noprof+0x18a/0x420 [ 17.678910] kmalloc_oob_memset_2+0xad/0x330 [ 17.679345] kunit_try_run_case+0x1a6/0x480 [ 17.679760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.680263] kthread+0x324/0x6e0 [ 17.680666] ret_from_fork+0x41/0x80 [ 17.680990] ret_from_fork_asm+0x1a/0x30 [ 17.681389] [ 17.681541] The buggy address belongs to the object at ffff8881024bfc00 [ 17.681541] which belongs to the cache kmalloc-128 of size 128 [ 17.682263] The buggy address is located 119 bytes inside of [ 17.682263] allocated 120-byte region [ffff8881024bfc00, ffff8881024bfc78) [ 17.683279] [ 17.683487] The buggy address belongs to the physical page: [ 17.683761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 17.684396] flags: 0x200000000000000(node=0|zone=2) [ 17.684858] page_type: f5(slab) [ 17.685214] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.685896] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.686345] page dumped because: kasan: bad access detected [ 17.686812] [ 17.687026] Memory state around the buggy address: [ 17.687409] ffff8881024bfb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.688031] ffff8881024bfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.688530] >ffff8881024bfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.688996] ^ [ 17.689616] ffff8881024bfc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.689993] ffff8881024bfd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.690593] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.621325] ================================================================== [ 17.622342] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 17.623039] Write of size 128 at addr ffff8881024bfb00 by task kunit_try_catch/178 [ 17.623948] [ 17.624239] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.624351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.624382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.624477] Call Trace: [ 17.624517] <TASK> [ 17.624562] dump_stack_lvl+0x73/0xb0 [ 17.624652] print_report+0xd1/0x650 [ 17.624706] ? __virt_addr_valid+0x1db/0x2d0 [ 17.624765] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.624895] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.624998] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.625051] kasan_report+0x140/0x180 [ 17.625106] ? kmalloc_oob_in_memset+0x160/0x320 [ 17.625174] kasan_check_range+0x10c/0x1c0 [ 17.625233] __asan_memset+0x27/0x50 [ 17.625282] kmalloc_oob_in_memset+0x160/0x320 [ 17.625328] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 17.625364] ? __schedule+0x1c5f/0x2840 [ 17.625399] ? __pfx_read_tsc+0x10/0x10 [ 17.625428] ? ktime_get_ts64+0x86/0x230 [ 17.625462] kunit_try_run_case+0x1a6/0x480 [ 17.625495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.625521] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.625552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.625581] ? __kthread_parkme+0x82/0x160 [ 17.625610] ? preempt_count_sub+0x50/0x80 [ 17.625641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.625669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.625701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.625732] kthread+0x324/0x6e0 [ 17.625758] ? trace_preempt_on+0x20/0xc0 [ 17.625789] ? __pfx_kthread+0x10/0x10 [ 17.625816] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.625844] ? calculate_sigpending+0x7b/0xa0 [ 17.625891] ? __pfx_kthread+0x10/0x10 [ 17.625920] ret_from_fork+0x41/0x80 [ 17.625945] ? __pfx_kthread+0x10/0x10 [ 17.625972] ret_from_fork_asm+0x1a/0x30 [ 17.626013] </TASK> [ 17.626028] [ 17.639228] Allocated by task 178: [ 17.639542] kasan_save_stack+0x45/0x70 [ 17.640059] kasan_save_track+0x18/0x40 [ 17.640414] kasan_save_alloc_info+0x3b/0x50 [ 17.640844] __kasan_kmalloc+0xb7/0xc0 [ 17.641189] __kmalloc_cache_noprof+0x18a/0x420 [ 17.641704] kmalloc_oob_in_memset+0xad/0x320 [ 17.642076] kunit_try_run_case+0x1a6/0x480 [ 17.642554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.642973] kthread+0x324/0x6e0 [ 17.643374] ret_from_fork+0x41/0x80 [ 17.643674] ret_from_fork_asm+0x1a/0x30 [ 17.644116] [ 17.644274] The buggy address belongs to the object at ffff8881024bfb00 [ 17.644274] which belongs to the cache kmalloc-128 of size 128 [ 17.644970] The buggy address is located 0 bytes inside of [ 17.644970] allocated 120-byte region [ffff8881024bfb00, ffff8881024bfb78) [ 17.646053] [ 17.646337] The buggy address belongs to the physical page: [ 17.646904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024bf [ 17.647659] flags: 0x200000000000000(node=0|zone=2) [ 17.648214] page_type: f5(slab) [ 17.648623] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.649381] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.649942] page dumped because: kasan: bad access detected [ 17.650421] [ 17.650552] Memory state around the buggy address: [ 17.650804] ffff8881024bfa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.651444] ffff8881024bfa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.652280] >ffff8881024bfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.652847] ^ [ 17.653283] ffff8881024bfb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.653824] ffff8881024bfc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.654359] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.567839] ================================================================== [ 17.568490] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 17.569965] Read of size 16 at addr ffff8881024b0160 by task kunit_try_catch/176 [ 17.571109] [ 17.571383] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.571494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.571524] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.571568] Call Trace: [ 17.571614] <TASK> [ 17.571672] dump_stack_lvl+0x73/0xb0 [ 17.571784] print_report+0xd1/0x650 [ 17.571835] ? __virt_addr_valid+0x1db/0x2d0 [ 17.571911] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.571960] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.572028] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.572096] kasan_report+0x140/0x180 [ 17.572154] ? kmalloc_uaf_16+0x47d/0x4c0 [ 17.572213] __asan_report_load16_noabort+0x18/0x20 [ 17.572264] kmalloc_uaf_16+0x47d/0x4c0 [ 17.572293] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 17.572333] ? __schedule+0xce8/0x2840 [ 17.572372] ? __pfx_read_tsc+0x10/0x10 [ 17.572402] ? ktime_get_ts64+0x86/0x230 [ 17.572447] kunit_try_run_case+0x1a6/0x480 [ 17.572498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.572539] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.572575] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.572605] ? __kthread_parkme+0x82/0x160 [ 17.572636] ? preempt_count_sub+0x50/0x80 [ 17.572667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.572695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.572728] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.572760] kthread+0x324/0x6e0 [ 17.572786] ? trace_preempt_on+0x20/0xc0 [ 17.572817] ? __pfx_kthread+0x10/0x10 [ 17.572844] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.572894] ? calculate_sigpending+0x7b/0xa0 [ 17.572923] ? __pfx_kthread+0x10/0x10 [ 17.572951] ret_from_fork+0x41/0x80 [ 17.572976] ? __pfx_kthread+0x10/0x10 [ 17.573003] ret_from_fork_asm+0x1a/0x30 [ 17.573044] </TASK> [ 17.573059] [ 17.589595] Allocated by task 176: [ 17.590062] kasan_save_stack+0x45/0x70 [ 17.590914] kasan_save_track+0x18/0x40 [ 17.591410] kasan_save_alloc_info+0x3b/0x50 [ 17.591627] __kasan_kmalloc+0xb7/0xc0 [ 17.591766] __kmalloc_cache_noprof+0x18a/0x420 [ 17.591964] kmalloc_uaf_16+0x15c/0x4c0 [ 17.592241] kunit_try_run_case+0x1a6/0x480 [ 17.592676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.593371] kthread+0x324/0x6e0 [ 17.593610] ret_from_fork+0x41/0x80 [ 17.594108] ret_from_fork_asm+0x1a/0x30 [ 17.594550] [ 17.594751] Freed by task 176: [ 17.595092] kasan_save_stack+0x45/0x70 [ 17.595475] kasan_save_track+0x18/0x40 [ 17.596847] kasan_save_free_info+0x3f/0x60 [ 17.597588] __kasan_slab_free+0x56/0x70 [ 17.598161] kfree+0x224/0x3f0 [ 17.598362] kmalloc_uaf_16+0x1d7/0x4c0 [ 17.598947] kunit_try_run_case+0x1a6/0x480 [ 17.599200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.600257] kthread+0x324/0x6e0 [ 17.601113] ret_from_fork+0x41/0x80 [ 17.601897] ret_from_fork_asm+0x1a/0x30 [ 17.602298] [ 17.602559] The buggy address belongs to the object at ffff8881024b0160 [ 17.602559] which belongs to the cache kmalloc-16 of size 16 [ 17.603684] The buggy address is located 0 bytes inside of [ 17.603684] freed 16-byte region [ffff8881024b0160, ffff8881024b0170) [ 17.604495] [ 17.605412] The buggy address belongs to the physical page: [ 17.605943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 17.606234] flags: 0x200000000000000(node=0|zone=2) [ 17.606450] page_type: f5(slab) [ 17.606955] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.607424] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.608124] page dumped because: kasan: bad access detected [ 17.608514] [ 17.608641] Memory state around the buggy address: [ 17.610029] ffff8881024b0000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.610642] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.611273] >ffff8881024b0100: fa fb fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 17.611761] ^ [ 17.612129] ffff8881024b0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.613024] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.613434] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.522887] ================================================================== [ 17.523465] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 17.524140] Write of size 16 at addr ffff8881024b0100 by task kunit_try_catch/174 [ 17.525250] [ 17.525539] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.525648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.525681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.525730] Call Trace: [ 17.525768] <TASK> [ 17.525808] dump_stack_lvl+0x73/0xb0 [ 17.525918] print_report+0xd1/0x650 [ 17.525970] ? __virt_addr_valid+0x1db/0x2d0 [ 17.526019] ? kmalloc_oob_16+0x454/0x4a0 [ 17.526062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.526151] ? kmalloc_oob_16+0x454/0x4a0 [ 17.526204] kasan_report+0x140/0x180 [ 17.526261] ? kmalloc_oob_16+0x454/0x4a0 [ 17.526322] __asan_report_store16_noabort+0x1b/0x30 [ 17.526381] kmalloc_oob_16+0x454/0x4a0 [ 17.526429] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 17.526477] ? __schedule+0xce8/0x2840 [ 17.526531] ? __pfx_read_tsc+0x10/0x10 [ 17.526584] ? ktime_get_ts64+0x86/0x230 [ 17.526624] ? irqentry_exit+0x2a/0x60 [ 17.526653] kunit_try_run_case+0x1a6/0x480 [ 17.526686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.526713] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.526744] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.526773] ? __kthread_parkme+0x82/0x160 [ 17.526802] ? preempt_count_sub+0x50/0x80 [ 17.526834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.526883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.526917] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.526950] kthread+0x324/0x6e0 [ 17.526976] ? trace_preempt_on+0x20/0xc0 [ 17.527009] ? __pfx_kthread+0x10/0x10 [ 17.527036] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.527071] ? calculate_sigpending+0x7b/0xa0 [ 17.527108] ? __pfx_kthread+0x10/0x10 [ 17.527137] ret_from_fork+0x41/0x80 [ 17.527161] ? __pfx_kthread+0x10/0x10 [ 17.527188] ret_from_fork_asm+0x1a/0x30 [ 17.527228] </TASK> [ 17.527243] [ 17.542969] Allocated by task 174: [ 17.543512] kasan_save_stack+0x45/0x70 [ 17.544092] kasan_save_track+0x18/0x40 [ 17.544528] kasan_save_alloc_info+0x3b/0x50 [ 17.545073] __kasan_kmalloc+0xb7/0xc0 [ 17.545529] __kmalloc_cache_noprof+0x18a/0x420 [ 17.546022] kmalloc_oob_16+0xa9/0x4a0 [ 17.546570] kunit_try_run_case+0x1a6/0x480 [ 17.546993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.547654] kthread+0x324/0x6e0 [ 17.548086] ret_from_fork+0x41/0x80 [ 17.548531] ret_from_fork_asm+0x1a/0x30 [ 17.548738] [ 17.549001] The buggy address belongs to the object at ffff8881024b0100 [ 17.549001] which belongs to the cache kmalloc-16 of size 16 [ 17.549915] The buggy address is located 0 bytes inside of [ 17.549915] allocated 13-byte region [ffff8881024b0100, ffff8881024b010d) [ 17.550601] [ 17.550777] The buggy address belongs to the physical page: [ 17.551302] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 17.551770] flags: 0x200000000000000(node=0|zone=2) [ 17.552269] page_type: f5(slab) [ 17.552716] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.553219] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.554066] page dumped because: kasan: bad access detected [ 17.554697] [ 17.554844] Memory state around the buggy address: [ 17.555337] ffff8881024b0000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.555992] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.556549] >ffff8881024b0100: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.557545] ^ [ 17.557935] ffff8881024b0180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.558392] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.559140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 17.475293] ================================================================== [ 17.475918] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 17.476515] Read of size 1 at addr ffff888100395000 by task kunit_try_catch/172 [ 17.477002] [ 17.477162] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.477249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.477273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.477343] Call Trace: [ 17.477382] <TASK> [ 17.477414] dump_stack_lvl+0x73/0xb0 [ 17.477512] print_report+0xd1/0x650 [ 17.477566] ? __virt_addr_valid+0x1db/0x2d0 [ 17.477619] ? krealloc_uaf+0x53e/0x5e0 [ 17.477670] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.477733] ? krealloc_uaf+0x53e/0x5e0 [ 17.477788] kasan_report+0x140/0x180 [ 17.477839] ? krealloc_uaf+0x53e/0x5e0 [ 17.477911] __asan_report_load1_noabort+0x18/0x20 [ 17.477961] krealloc_uaf+0x53e/0x5e0 [ 17.478005] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.478041] ? finish_task_switch.isra.0+0x153/0x700 [ 17.478086] ? __switch_to+0x5d9/0xf60 [ 17.478136] ? __schedule+0xce8/0x2840 [ 17.478183] ? __pfx_read_tsc+0x10/0x10 [ 17.478228] ? ktime_get_ts64+0x86/0x230 [ 17.478278] kunit_try_run_case+0x1a6/0x480 [ 17.478362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.478404] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.478478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.478527] ? __kthread_parkme+0x82/0x160 [ 17.478573] ? preempt_count_sub+0x50/0x80 [ 17.478630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.478683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.478746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.478804] kthread+0x324/0x6e0 [ 17.478851] ? trace_preempt_on+0x20/0xc0 [ 17.478922] ? __pfx_kthread+0x10/0x10 [ 17.478974] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.479029] ? calculate_sigpending+0x7b/0xa0 [ 17.479086] ? __pfx_kthread+0x10/0x10 [ 17.479144] ret_from_fork+0x41/0x80 [ 17.479195] ? __pfx_kthread+0x10/0x10 [ 17.479251] ret_from_fork_asm+0x1a/0x30 [ 17.479361] </TASK> [ 17.479393] [ 17.490192] Allocated by task 172: [ 17.490648] kasan_save_stack+0x45/0x70 [ 17.491103] kasan_save_track+0x18/0x40 [ 17.491502] kasan_save_alloc_info+0x3b/0x50 [ 17.491938] __kasan_kmalloc+0xb7/0xc0 [ 17.492251] __kmalloc_cache_noprof+0x18a/0x420 [ 17.492648] krealloc_uaf+0xbc/0x5e0 [ 17.492901] kunit_try_run_case+0x1a6/0x480 [ 17.493153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.493652] kthread+0x324/0x6e0 [ 17.494027] ret_from_fork+0x41/0x80 [ 17.495198] ret_from_fork_asm+0x1a/0x30 [ 17.495628] [ 17.495848] Freed by task 172: [ 17.496181] kasan_save_stack+0x45/0x70 [ 17.496536] kasan_save_track+0x18/0x40 [ 17.496838] kasan_save_free_info+0x3f/0x60 [ 17.499307] __kasan_slab_free+0x56/0x70 [ 17.499800] kfree+0x224/0x3f0 [ 17.500146] krealloc_uaf+0x13e/0x5e0 [ 17.500713] kunit_try_run_case+0x1a6/0x480 [ 17.501141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.501996] kthread+0x324/0x6e0 [ 17.502273] ret_from_fork+0x41/0x80 [ 17.502763] ret_from_fork_asm+0x1a/0x30 [ 17.503150] [ 17.503287] The buggy address belongs to the object at ffff888100395000 [ 17.503287] which belongs to the cache kmalloc-256 of size 256 [ 17.504059] The buggy address is located 0 bytes inside of [ 17.504059] freed 256-byte region [ffff888100395000, ffff888100395100) [ 17.504584] [ 17.504748] The buggy address belongs to the physical page: [ 17.505387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 17.506079] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.506536] flags: 0x200000000000040(head|node=0|zone=2) [ 17.506842] page_type: f5(slab) [ 17.507275] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.508023] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.508923] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.509288] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.510041] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 17.510471] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.511000] page dumped because: kasan: bad access detected [ 17.511575] [ 17.511802] Memory state around the buggy address: [ 17.512109] ffff888100394f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.512940] ffff888100394f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.513515] >ffff888100395000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.514060] ^ [ 17.514349] ffff888100395080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.514879] ffff888100395100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.515493] ================================================================== [ 17.431948] ================================================================== [ 17.432580] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 17.433349] Read of size 1 at addr ffff888100395000 by task kunit_try_catch/172 [ 17.434020] [ 17.434371] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.434488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.434521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.434575] Call Trace: [ 17.434615] <TASK> [ 17.434664] dump_stack_lvl+0x73/0xb0 [ 17.434777] print_report+0xd1/0x650 [ 17.434838] ? __virt_addr_valid+0x1db/0x2d0 [ 17.434915] ? krealloc_uaf+0x1b9/0x5e0 [ 17.434992] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.435055] ? krealloc_uaf+0x1b9/0x5e0 [ 17.435105] kasan_report+0x140/0x180 [ 17.435160] ? krealloc_uaf+0x1b9/0x5e0 [ 17.435222] ? krealloc_uaf+0x1b9/0x5e0 [ 17.435276] __kasan_check_byte+0x3d/0x50 [ 17.435369] krealloc_noprof+0x3f/0x340 [ 17.435421] ? __kasan_slab_free+0x61/0x70 [ 17.435503] krealloc_uaf+0x1b9/0x5e0 [ 17.435559] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.435608] ? finish_task_switch.isra.0+0x153/0x700 [ 17.435703] ? __switch_to+0x5d9/0xf60 [ 17.435767] ? __schedule+0xce8/0x2840 [ 17.435828] ? __pfx_read_tsc+0x10/0x10 [ 17.435926] ? ktime_get_ts64+0x86/0x230 [ 17.436007] kunit_try_run_case+0x1a6/0x480 [ 17.436065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.436114] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.436175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.436235] ? __kthread_parkme+0x82/0x160 [ 17.436293] ? preempt_count_sub+0x50/0x80 [ 17.436396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.436455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.436524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.436580] kthread+0x324/0x6e0 [ 17.436611] ? trace_preempt_on+0x20/0xc0 [ 17.436645] ? __pfx_kthread+0x10/0x10 [ 17.436674] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.436703] ? calculate_sigpending+0x7b/0xa0 [ 17.436730] ? __pfx_kthread+0x10/0x10 [ 17.436758] ret_from_fork+0x41/0x80 [ 17.436783] ? __pfx_kthread+0x10/0x10 [ 17.436811] ret_from_fork_asm+0x1a/0x30 [ 17.436852] </TASK> [ 17.436890] [ 17.449154] Allocated by task 172: [ 17.449702] kasan_save_stack+0x45/0x70 [ 17.450213] kasan_save_track+0x18/0x40 [ 17.450667] kasan_save_alloc_info+0x3b/0x50 [ 17.451146] __kasan_kmalloc+0xb7/0xc0 [ 17.451583] __kmalloc_cache_noprof+0x18a/0x420 [ 17.452074] krealloc_uaf+0xbc/0x5e0 [ 17.452496] kunit_try_run_case+0x1a6/0x480 [ 17.452953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.453529] kthread+0x324/0x6e0 [ 17.453932] ret_from_fork+0x41/0x80 [ 17.454391] ret_from_fork_asm+0x1a/0x30 [ 17.454806] [ 17.455056] Freed by task 172: [ 17.455422] kasan_save_stack+0x45/0x70 [ 17.455759] kasan_save_track+0x18/0x40 [ 17.456175] kasan_save_free_info+0x3f/0x60 [ 17.456635] __kasan_slab_free+0x56/0x70 [ 17.457001] kfree+0x224/0x3f0 [ 17.457237] krealloc_uaf+0x13e/0x5e0 [ 17.457580] kunit_try_run_case+0x1a6/0x480 [ 17.457919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.458454] kthread+0x324/0x6e0 [ 17.458824] ret_from_fork+0x41/0x80 [ 17.459203] ret_from_fork_asm+0x1a/0x30 [ 17.459623] [ 17.459854] The buggy address belongs to the object at ffff888100395000 [ 17.459854] which belongs to the cache kmalloc-256 of size 256 [ 17.461067] The buggy address is located 0 bytes inside of [ 17.461067] freed 256-byte region [ffff888100395000, ffff888100395100) [ 17.461636] [ 17.461792] The buggy address belongs to the physical page: [ 17.462086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100394 [ 17.462723] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.463419] flags: 0x200000000000040(head|node=0|zone=2) [ 17.463970] page_type: f5(slab) [ 17.464324] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.465916] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.467270] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.467982] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.468489] head: 0200000000000001 ffffea000400e501 ffffffffffffffff 0000000000000000 [ 17.469016] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.469551] page dumped because: kasan: bad access detected [ 17.470032] [ 17.470244] Memory state around the buggy address: [ 17.470592] ffff888100394f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.471123] ffff888100394f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.471586] >ffff888100395000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.472193] ^ [ 17.472447] ffff888100395080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.473051] ffff888100395100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.473520] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 17.086807] ================================================================== [ 17.087429] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 17.087981] Write of size 1 at addr ffff888100adf4ea by task kunit_try_catch/166 [ 17.088900] [ 17.089896] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.090011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.090042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.090133] Call Trace: [ 17.090203] <TASK> [ 17.090257] dump_stack_lvl+0x73/0xb0 [ 17.090345] print_report+0xd1/0x650 [ 17.090396] ? __virt_addr_valid+0x1db/0x2d0 [ 17.090435] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.090508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.090558] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.090599] kasan_report+0x140/0x180 [ 17.090640] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.090691] __asan_report_store1_noabort+0x1b/0x30 [ 17.090734] krealloc_less_oob_helper+0xe92/0x11d0 [ 17.090778] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.090820] ? finish_task_switch.isra.0+0x153/0x700 [ 17.090884] ? __switch_to+0x5d9/0xf60 [ 17.090934] ? __schedule+0xce8/0x2840 [ 17.090978] ? __pfx_read_tsc+0x10/0x10 [ 17.091014] krealloc_less_oob+0x1c/0x30 [ 17.091043] kunit_try_run_case+0x1a6/0x480 [ 17.091074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.091100] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.091129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.091158] ? __kthread_parkme+0x82/0x160 [ 17.091185] ? preempt_count_sub+0x50/0x80 [ 17.091214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.091242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.091273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.091319] kthread+0x324/0x6e0 [ 17.091356] ? trace_preempt_on+0x20/0xc0 [ 17.091386] ? __pfx_kthread+0x10/0x10 [ 17.091414] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.091457] ? calculate_sigpending+0x7b/0xa0 [ 17.091504] ? __pfx_kthread+0x10/0x10 [ 17.091549] ret_from_fork+0x41/0x80 [ 17.091576] ? __pfx_kthread+0x10/0x10 [ 17.091604] ret_from_fork_asm+0x1a/0x30 [ 17.091644] </TASK> [ 17.091658] [ 17.110150] Allocated by task 166: [ 17.111137] kasan_save_stack+0x45/0x70 [ 17.111730] kasan_save_track+0x18/0x40 [ 17.112283] kasan_save_alloc_info+0x3b/0x50 [ 17.112732] __kasan_krealloc+0x190/0x1f0 [ 17.113215] krealloc_noprof+0xf3/0x340 [ 17.113692] krealloc_less_oob_helper+0x1ab/0x11d0 [ 17.114294] krealloc_less_oob+0x1c/0x30 [ 17.114762] kunit_try_run_case+0x1a6/0x480 [ 17.114989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.115752] kthread+0x324/0x6e0 [ 17.116204] ret_from_fork+0x41/0x80 [ 17.116819] ret_from_fork_asm+0x1a/0x30 [ 17.117191] [ 17.117392] The buggy address belongs to the object at ffff888100adf400 [ 17.117392] which belongs to the cache kmalloc-256 of size 256 [ 17.118590] The buggy address is located 33 bytes to the right of [ 17.118590] allocated 201-byte region [ffff888100adf400, ffff888100adf4c9) [ 17.119782] [ 17.119957] The buggy address belongs to the physical page: [ 17.120354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ade [ 17.121264] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.121691] flags: 0x200000000000040(head|node=0|zone=2) [ 17.123149] page_type: f5(slab) [ 17.123424] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.123881] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.124682] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.125286] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.125914] head: 0200000000000001 ffffea000402b781 ffffffffffffffff 0000000000000000 [ 17.126595] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.127086] page dumped because: kasan: bad access detected [ 17.127373] [ 17.127565] Memory state around the buggy address: [ 17.128050] ffff888100adf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.128741] ffff888100adf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.129293] >ffff888100adf480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.129603] ^ [ 17.130276] ffff888100adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.130709] ffff888100adf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.131353] ================================================================== [ 17.132663] ================================================================== [ 17.133481] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 17.133998] Write of size 1 at addr ffff888100adf4eb by task kunit_try_catch/166 [ 17.134513] [ 17.134748] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.134901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.134951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.135002] Call Trace: [ 17.135068] <TASK> [ 17.135114] dump_stack_lvl+0x73/0xb0 [ 17.135206] print_report+0xd1/0x650 [ 17.135251] ? __virt_addr_valid+0x1db/0x2d0 [ 17.135295] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.135373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.135419] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.135493] kasan_report+0x140/0x180 [ 17.135536] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.135591] __asan_report_store1_noabort+0x1b/0x30 [ 17.135639] krealloc_less_oob_helper+0xd49/0x11d0 [ 17.135685] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.135734] ? finish_task_switch.isra.0+0x153/0x700 [ 17.135777] ? __switch_to+0x5d9/0xf60 [ 17.135823] ? __schedule+0xce8/0x2840 [ 17.135883] ? __pfx_read_tsc+0x10/0x10 [ 17.135936] krealloc_less_oob+0x1c/0x30 [ 17.135980] kunit_try_run_case+0x1a6/0x480 [ 17.136033] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.136079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.136123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.136173] ? __kthread_parkme+0x82/0x160 [ 17.136223] ? preempt_count_sub+0x50/0x80 [ 17.136281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.136362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.136413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.136500] kthread+0x324/0x6e0 [ 17.136549] ? trace_preempt_on+0x20/0xc0 [ 17.136609] ? __pfx_kthread+0x10/0x10 [ 17.136665] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.136725] ? calculate_sigpending+0x7b/0xa0 [ 17.136781] ? __pfx_kthread+0x10/0x10 [ 17.136839] ret_from_fork+0x41/0x80 [ 17.136906] ? __pfx_kthread+0x10/0x10 [ 17.136956] ret_from_fork_asm+0x1a/0x30 [ 17.137031] </TASK> [ 17.137092] [ 17.150167] Allocated by task 166: [ 17.150775] kasan_save_stack+0x45/0x70 [ 17.151965] kasan_save_track+0x18/0x40 [ 17.152375] kasan_save_alloc_info+0x3b/0x50 [ 17.152795] __kasan_krealloc+0x190/0x1f0 [ 17.153201] krealloc_noprof+0xf3/0x340 [ 17.153525] krealloc_less_oob_helper+0x1ab/0x11d0 [ 17.155116] krealloc_less_oob+0x1c/0x30 [ 17.156643] kunit_try_run_case+0x1a6/0x480 [ 17.156960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.157485] kthread+0x324/0x6e0 [ 17.157964] ret_from_fork+0x41/0x80 [ 17.158377] ret_from_fork_asm+0x1a/0x30 [ 17.158674] [ 17.158915] The buggy address belongs to the object at ffff888100adf400 [ 17.158915] which belongs to the cache kmalloc-256 of size 256 [ 17.160412] The buggy address is located 34 bytes to the right of [ 17.160412] allocated 201-byte region [ffff888100adf400, ffff888100adf4c9) [ 17.161254] [ 17.161368] The buggy address belongs to the physical page: [ 17.161712] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ade [ 17.162782] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.163122] flags: 0x200000000000040(head|node=0|zone=2) [ 17.163552] page_type: f5(slab) [ 17.164231] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.164942] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.165978] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.166712] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.167161] head: 0200000000000001 ffffea000402b781 ffffffffffffffff 0000000000000000 [ 17.168095] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.169143] page dumped because: kasan: bad access detected [ 17.169771] [ 17.169955] Memory state around the buggy address: [ 17.170448] ffff888100adf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.171505] ffff888100adf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.171857] >ffff888100adf480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.172446] ^ [ 17.173319] ffff888100adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.173896] ffff888100adf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.174645] ================================================================== [ 16.992285] ================================================================== [ 16.992599] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 16.994083] Write of size 1 at addr ffff888100adf4d0 by task kunit_try_catch/166 [ 16.995632] [ 16.995942] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.996033] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.996055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.996092] Call Trace: [ 16.996122] <TASK> [ 16.996153] dump_stack_lvl+0x73/0xb0 [ 16.996218] print_report+0xd1/0x650 [ 16.996258] ? __virt_addr_valid+0x1db/0x2d0 [ 16.996297] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.996354] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.996398] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.996440] kasan_report+0x140/0x180 [ 16.996481] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 16.996529] __asan_report_store1_noabort+0x1b/0x30 [ 16.996570] krealloc_less_oob_helper+0xe25/0x11d0 [ 16.996616] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.996666] ? finish_task_switch.isra.0+0x153/0x700 [ 16.996718] ? __switch_to+0x5d9/0xf60 [ 16.996808] ? __schedule+0xce8/0x2840 [ 16.996883] ? __pfx_read_tsc+0x10/0x10 [ 16.996975] krealloc_less_oob+0x1c/0x30 [ 16.997103] kunit_try_run_case+0x1a6/0x480 [ 16.997202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.997271] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.997376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.997451] ? __kthread_parkme+0x82/0x160 [ 16.997512] ? preempt_count_sub+0x50/0x80 [ 16.997575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.997615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.997667] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.997701] kthread+0x324/0x6e0 [ 16.997733] ? trace_preempt_on+0x20/0xc0 [ 16.997768] ? __pfx_kthread+0x10/0x10 [ 16.997796] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.997832] ? calculate_sigpending+0x7b/0xa0 [ 16.997860] ? __pfx_kthread+0x10/0x10 [ 16.997910] ret_from_fork+0x41/0x80 [ 16.997935] ? __pfx_kthread+0x10/0x10 [ 16.997971] ret_from_fork_asm+0x1a/0x30 [ 16.998012] </TASK> [ 16.998027] [ 17.015549] Allocated by task 166: [ 17.015787] kasan_save_stack+0x45/0x70 [ 17.016449] kasan_save_track+0x18/0x40 [ 17.016996] kasan_save_alloc_info+0x3b/0x50 [ 17.017373] __kasan_krealloc+0x190/0x1f0 [ 17.017744] krealloc_noprof+0xf3/0x340 [ 17.018470] krealloc_less_oob_helper+0x1ab/0x11d0 [ 17.019261] krealloc_less_oob+0x1c/0x30 [ 17.019957] kunit_try_run_case+0x1a6/0x480 [ 17.020285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.021007] kthread+0x324/0x6e0 [ 17.021379] ret_from_fork+0x41/0x80 [ 17.022122] ret_from_fork_asm+0x1a/0x30 [ 17.022678] [ 17.022828] The buggy address belongs to the object at ffff888100adf400 [ 17.022828] which belongs to the cache kmalloc-256 of size 256 [ 17.024218] The buggy address is located 7 bytes to the right of [ 17.024218] allocated 201-byte region [ffff888100adf400, ffff888100adf4c9) [ 17.025608] [ 17.025758] The buggy address belongs to the physical page: [ 17.026127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ade [ 17.026947] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.027689] flags: 0x200000000000040(head|node=0|zone=2) [ 17.028219] page_type: f5(slab) [ 17.028491] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.029764] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.030248] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.031137] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.031368] head: 0200000000000001 ffffea000402b781 ffffffffffffffff 0000000000000000 [ 17.032603] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.032957] page dumped because: kasan: bad access detected [ 17.033758] [ 17.033978] Memory state around the buggy address: [ 17.034977] ffff888100adf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.035598] ffff888100adf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.036177] >ffff888100adf480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.036805] ^ [ 17.037169] ffff888100adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.038015] ffff888100adf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.038888] ================================================================== [ 17.040346] ================================================================== [ 17.041044] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 17.042505] Write of size 1 at addr ffff888100adf4da by task kunit_try_catch/166 [ 17.044045] [ 17.044644] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.044786] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.044819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.044891] Call Trace: [ 17.044932] <TASK> [ 17.044968] dump_stack_lvl+0x73/0xb0 [ 17.045051] print_report+0xd1/0x650 [ 17.045092] ? __virt_addr_valid+0x1db/0x2d0 [ 17.045134] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.045175] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.045221] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.045261] kasan_report+0x140/0x180 [ 17.045291] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.045340] __asan_report_store1_noabort+0x1b/0x30 [ 17.045373] krealloc_less_oob_helper+0xec8/0x11d0 [ 17.045421] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.045470] ? finish_task_switch.isra.0+0x153/0x700 [ 17.045517] ? __switch_to+0x5d9/0xf60 [ 17.045566] ? __schedule+0xce8/0x2840 [ 17.045607] ? __pfx_read_tsc+0x10/0x10 [ 17.045649] krealloc_less_oob+0x1c/0x30 [ 17.045690] kunit_try_run_case+0x1a6/0x480 [ 17.045735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.045775] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.045816] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.045859] ? __kthread_parkme+0x82/0x160 [ 17.045924] ? preempt_count_sub+0x50/0x80 [ 17.045970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.046005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.046040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.046072] kthread+0x324/0x6e0 [ 17.046100] ? trace_preempt_on+0x20/0xc0 [ 17.046130] ? __pfx_kthread+0x10/0x10 [ 17.046157] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.046185] ? calculate_sigpending+0x7b/0xa0 [ 17.046211] ? __pfx_kthread+0x10/0x10 [ 17.046239] ret_from_fork+0x41/0x80 [ 17.046262] ? __pfx_kthread+0x10/0x10 [ 17.046289] ret_from_fork_asm+0x1a/0x30 [ 17.046343] </TASK> [ 17.046358] [ 17.062344] Allocated by task 166: [ 17.063003] kasan_save_stack+0x45/0x70 [ 17.063599] kasan_save_track+0x18/0x40 [ 17.063903] kasan_save_alloc_info+0x3b/0x50 [ 17.064814] __kasan_krealloc+0x190/0x1f0 [ 17.065656] krealloc_noprof+0xf3/0x340 [ 17.066354] krealloc_less_oob_helper+0x1ab/0x11d0 [ 17.066933] krealloc_less_oob+0x1c/0x30 [ 17.067369] kunit_try_run_case+0x1a6/0x480 [ 17.067648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.068186] kthread+0x324/0x6e0 [ 17.068551] ret_from_fork+0x41/0x80 [ 17.069417] ret_from_fork_asm+0x1a/0x30 [ 17.069860] [ 17.069993] The buggy address belongs to the object at ffff888100adf400 [ 17.069993] which belongs to the cache kmalloc-256 of size 256 [ 17.070934] The buggy address is located 17 bytes to the right of [ 17.070934] allocated 201-byte region [ffff888100adf400, ffff888100adf4c9) [ 17.072101] [ 17.072373] The buggy address belongs to the physical page: [ 17.073154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ade [ 17.074076] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.074465] flags: 0x200000000000040(head|node=0|zone=2) [ 17.075107] page_type: f5(slab) [ 17.075638] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.076195] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.076851] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.077746] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.078312] head: 0200000000000001 ffffea000402b781 ffffffffffffffff 0000000000000000 [ 17.079045] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 17.079833] page dumped because: kasan: bad access detected [ 17.080218] [ 17.080767] Memory state around the buggy address: [ 17.081235] ffff888100adf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.081744] ffff888100adf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.082589] >ffff888100adf480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 17.083088] ^ [ 17.083571] ffff888100adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.084160] ffff888100adf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.085120] ================================================================== [ 17.285027] ================================================================== [ 17.285660] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 17.286260] Write of size 1 at addr ffff8881022ee0d0 by task kunit_try_catch/170 [ 17.287398] [ 17.287778] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.287889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.287914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.287954] Call Trace: [ 17.287981] <TASK> [ 17.288017] dump_stack_lvl+0x73/0xb0 [ 17.288081] print_report+0xd1/0x650 [ 17.288131] ? __virt_addr_valid+0x1db/0x2d0 [ 17.288184] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.288237] ? kasan_addr_to_slab+0x11/0xa0 [ 17.288275] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.288340] kasan_report+0x140/0x180 [ 17.288396] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 17.288460] __asan_report_store1_noabort+0x1b/0x30 [ 17.288517] krealloc_less_oob_helper+0xe25/0x11d0 [ 17.288575] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.288630] ? finish_task_switch.isra.0+0x153/0x700 [ 17.288689] ? __switch_to+0x5d9/0xf60 [ 17.288755] ? __schedule+0xce8/0x2840 [ 17.288808] ? __pfx_read_tsc+0x10/0x10 [ 17.288879] krealloc_large_less_oob+0x1c/0x30 [ 17.288931] kunit_try_run_case+0x1a6/0x480 [ 17.288982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.289041] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.289116] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.289175] ? __kthread_parkme+0x82/0x160 [ 17.289233] ? preempt_count_sub+0x50/0x80 [ 17.289295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.289346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.289411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.289469] kthread+0x324/0x6e0 [ 17.289516] ? trace_preempt_on+0x20/0xc0 [ 17.289564] ? __pfx_kthread+0x10/0x10 [ 17.289610] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.289660] ? calculate_sigpending+0x7b/0xa0 [ 17.289692] ? __pfx_kthread+0x10/0x10 [ 17.289721] ret_from_fork+0x41/0x80 [ 17.289746] ? __pfx_kthread+0x10/0x10 [ 17.289774] ret_from_fork_asm+0x1a/0x30 [ 17.289814] </TASK> [ 17.289828] [ 17.306252] The buggy address belongs to the physical page: [ 17.307437] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.308335] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.309618] flags: 0x200000000000040(head|node=0|zone=2) [ 17.310131] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.310908] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.311777] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.312423] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.313067] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.314387] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.315314] page dumped because: kasan: bad access detected [ 17.315848] [ 17.316075] Memory state around the buggy address: [ 17.316851] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.317590] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.318028] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.318675] ^ [ 17.319177] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.320090] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.320663] ================================================================== [ 17.321607] ================================================================== [ 17.322666] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 17.324090] Write of size 1 at addr ffff8881022ee0da by task kunit_try_catch/170 [ 17.325262] [ 17.325682] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.325780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.325801] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.325838] Call Trace: [ 17.325896] <TASK> [ 17.325932] dump_stack_lvl+0x73/0xb0 [ 17.326005] print_report+0xd1/0x650 [ 17.326049] ? __virt_addr_valid+0x1db/0x2d0 [ 17.326092] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.326133] ? kasan_addr_to_slab+0x11/0xa0 [ 17.326170] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.326213] kasan_report+0x140/0x180 [ 17.326259] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 17.326363] __asan_report_store1_noabort+0x1b/0x30 [ 17.326510] krealloc_less_oob_helper+0xec8/0x11d0 [ 17.326584] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.326634] ? finish_task_switch.isra.0+0x153/0x700 [ 17.326684] ? __switch_to+0x5d9/0xf60 [ 17.326743] ? __schedule+0xce8/0x2840 [ 17.326799] ? __pfx_read_tsc+0x10/0x10 [ 17.326854] krealloc_large_less_oob+0x1c/0x30 [ 17.326908] kunit_try_run_case+0x1a6/0x480 [ 17.326939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.326966] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.326995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.327024] ? __kthread_parkme+0x82/0x160 [ 17.327055] ? preempt_count_sub+0x50/0x80 [ 17.327096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.327125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.327157] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.327189] kthread+0x324/0x6e0 [ 17.327215] ? trace_preempt_on+0x20/0xc0 [ 17.327246] ? __pfx_kthread+0x10/0x10 [ 17.327273] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.327313] ? calculate_sigpending+0x7b/0xa0 [ 17.327353] ? __pfx_kthread+0x10/0x10 [ 17.327381] ret_from_fork+0x41/0x80 [ 17.327405] ? __pfx_kthread+0x10/0x10 [ 17.327439] ret_from_fork_asm+0x1a/0x30 [ 17.327506] </TASK> [ 17.327529] [ 17.343154] The buggy address belongs to the physical page: [ 17.344007] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.344499] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.344974] flags: 0x200000000000040(head|node=0|zone=2) [ 17.345344] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.345828] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.347121] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.347465] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.348137] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.349240] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.350274] page dumped because: kasan: bad access detected [ 17.350926] [ 17.351043] Memory state around the buggy address: [ 17.351239] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.352345] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.353200] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.353909] ^ [ 17.354438] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.354924] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.355389] ================================================================== [ 17.356887] ================================================================== [ 17.357648] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 17.358363] Write of size 1 at addr ffff8881022ee0ea by task kunit_try_catch/170 [ 17.359199] [ 17.359663] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.359765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.359788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.359825] Call Trace: [ 17.359879] <TASK> [ 17.359915] dump_stack_lvl+0x73/0xb0 [ 17.360001] print_report+0xd1/0x650 [ 17.360052] ? __virt_addr_valid+0x1db/0x2d0 [ 17.360108] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.360168] ? kasan_addr_to_slab+0x11/0xa0 [ 17.360220] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.360271] kasan_report+0x140/0x180 [ 17.360367] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 17.360459] __asan_report_store1_noabort+0x1b/0x30 [ 17.360523] krealloc_less_oob_helper+0xe92/0x11d0 [ 17.360586] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.360639] ? finish_task_switch.isra.0+0x153/0x700 [ 17.360689] ? __switch_to+0x5d9/0xf60 [ 17.360738] ? __schedule+0xce8/0x2840 [ 17.360783] ? __pfx_read_tsc+0x10/0x10 [ 17.360828] krealloc_large_less_oob+0x1c/0x30 [ 17.360888] kunit_try_run_case+0x1a6/0x480 [ 17.360933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.360972] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.361006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.361035] ? __kthread_parkme+0x82/0x160 [ 17.361065] ? preempt_count_sub+0x50/0x80 [ 17.361096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.361123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.361155] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.361187] kthread+0x324/0x6e0 [ 17.361213] ? trace_preempt_on+0x20/0xc0 [ 17.361243] ? __pfx_kthread+0x10/0x10 [ 17.361270] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.361297] ? calculate_sigpending+0x7b/0xa0 [ 17.361350] ? __pfx_kthread+0x10/0x10 [ 17.361379] ret_from_fork+0x41/0x80 [ 17.361404] ? __pfx_kthread+0x10/0x10 [ 17.361438] ret_from_fork_asm+0x1a/0x30 [ 17.361503] </TASK> [ 17.361527] [ 17.376050] The buggy address belongs to the physical page: [ 17.376628] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.377256] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.379019] flags: 0x200000000000040(head|node=0|zone=2) [ 17.379304] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.379572] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.379910] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.381086] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.381789] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.382261] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.382835] page dumped because: kasan: bad access detected [ 17.383805] [ 17.383945] Memory state around the buggy address: [ 17.385218] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.385817] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.386125] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.386758] ^ [ 17.387510] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.388477] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.389146] ================================================================== [ 17.248689] ================================================================== [ 17.249513] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 17.250844] Write of size 1 at addr ffff8881022ee0c9 by task kunit_try_catch/170 [ 17.251513] [ 17.251844] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.252154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.252180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.252218] Call Trace: [ 17.252254] <TASK> [ 17.252294] dump_stack_lvl+0x73/0xb0 [ 17.252392] print_report+0xd1/0x650 [ 17.252434] ? __virt_addr_valid+0x1db/0x2d0 [ 17.252476] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.252516] ? kasan_addr_to_slab+0x11/0xa0 [ 17.252553] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.252594] kasan_report+0x140/0x180 [ 17.252636] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 17.252683] __asan_report_store1_noabort+0x1b/0x30 [ 17.252724] krealloc_less_oob_helper+0xd72/0x11d0 [ 17.252767] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.252809] ? finish_task_switch.isra.0+0x153/0x700 [ 17.252857] ? __switch_to+0x5d9/0xf60 [ 17.252937] ? __schedule+0xce8/0x2840 [ 17.253000] ? __pfx_read_tsc+0x10/0x10 [ 17.253067] krealloc_large_less_oob+0x1c/0x30 [ 17.253129] kunit_try_run_case+0x1a6/0x480 [ 17.253191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.253244] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.253293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.253345] ? __kthread_parkme+0x82/0x160 [ 17.253401] ? preempt_count_sub+0x50/0x80 [ 17.253452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.253496] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.253545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.253592] kthread+0x324/0x6e0 [ 17.253632] ? trace_preempt_on+0x20/0xc0 [ 17.253675] ? __pfx_kthread+0x10/0x10 [ 17.253712] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.253751] ? calculate_sigpending+0x7b/0xa0 [ 17.253792] ? __pfx_kthread+0x10/0x10 [ 17.253836] ret_from_fork+0x41/0x80 [ 17.253899] ? __pfx_kthread+0x10/0x10 [ 17.253947] ret_from_fork_asm+0x1a/0x30 [ 17.254017] </TASK> [ 17.254044] [ 17.269372] The buggy address belongs to the physical page: [ 17.270172] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.271778] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.272856] flags: 0x200000000000040(head|node=0|zone=2) [ 17.273942] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.274630] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.275448] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.276142] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.276915] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.277521] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.278159] page dumped because: kasan: bad access detected [ 17.278894] [ 17.279306] Memory state around the buggy address: [ 17.279663] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.280490] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.280860] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.281645] ^ [ 17.282047] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.282844] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.283776] ================================================================== [ 17.390987] ================================================================== [ 17.391761] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 17.392332] Write of size 1 at addr ffff8881022ee0eb by task kunit_try_catch/170 [ 17.393286] [ 17.393784] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 17.393914] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.393946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.393986] Call Trace: [ 17.394026] <TASK> [ 17.394061] dump_stack_lvl+0x73/0xb0 [ 17.394146] print_report+0xd1/0x650 [ 17.394199] ? __virt_addr_valid+0x1db/0x2d0 [ 17.394249] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.394296] ? kasan_addr_to_slab+0x11/0xa0 [ 17.394338] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.394391] kasan_report+0x140/0x180 [ 17.394445] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 17.394515] __asan_report_store1_noabort+0x1b/0x30 [ 17.394574] krealloc_less_oob_helper+0xd49/0x11d0 [ 17.394626] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 17.394670] ? finish_task_switch.isra.0+0x153/0x700 [ 17.394713] ? __switch_to+0x5d9/0xf60 [ 17.394758] ? __schedule+0xce8/0x2840 [ 17.394799] ? __pfx_read_tsc+0x10/0x10 [ 17.394845] krealloc_large_less_oob+0x1c/0x30 [ 17.394904] kunit_try_run_case+0x1a6/0x480 [ 17.394944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.394982] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 17.395022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.395062] ? __kthread_parkme+0x82/0x160 [ 17.395102] ? preempt_count_sub+0x50/0x80 [ 17.395145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.395186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.395236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.395271] kthread+0x324/0x6e0 [ 17.395299] ? trace_preempt_on+0x20/0xc0 [ 17.395344] ? __pfx_kthread+0x10/0x10 [ 17.395372] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.395401] ? calculate_sigpending+0x7b/0xa0 [ 17.395435] ? __pfx_kthread+0x10/0x10 [ 17.395482] ret_from_fork+0x41/0x80 [ 17.395521] ? __pfx_kthread+0x10/0x10 [ 17.395564] ret_from_fork_asm+0x1a/0x30 [ 17.395626] </TASK> [ 17.395641] [ 17.409515] The buggy address belongs to the physical page: [ 17.410094] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 17.411587] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.412262] flags: 0x200000000000040(head|node=0|zone=2) [ 17.412788] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.414963] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.415358] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 17.416190] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 17.417179] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 17.417811] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 17.418471] page dumped because: kasan: bad access detected [ 17.418946] [ 17.419160] Memory state around the buggy address: [ 17.420074] ffff8881022edf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.420370] ffff8881022ee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.421037] >ffff8881022ee080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 17.422062] ^ [ 17.422678] ffff8881022ee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.423392] ffff8881022ee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 17.423803] ================================================================== [ 16.944939] ================================================================== [ 16.945780] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 16.946209] Write of size 1 at addr ffff888100adf4c9 by task kunit_try_catch/166 [ 16.946527] [ 16.946651] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.946712] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.946727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.946752] Call Trace: [ 16.946772] <TASK> [ 16.946797] dump_stack_lvl+0x73/0xb0 [ 16.946839] print_report+0xd1/0x650 [ 16.947367] ? __virt_addr_valid+0x1db/0x2d0 [ 16.947447] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.947508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.947560] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.947601] kasan_report+0x140/0x180 [ 16.947642] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 16.947701] __asan_report_store1_noabort+0x1b/0x30 [ 16.947745] krealloc_less_oob_helper+0xd72/0x11d0 [ 16.947792] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.947833] ? finish_task_switch.isra.0+0x153/0x700 [ 16.947897] ? __switch_to+0x5d9/0xf60 [ 16.947947] ? __schedule+0xce8/0x2840 [ 16.947995] ? __pfx_read_tsc+0x10/0x10 [ 16.948040] krealloc_less_oob+0x1c/0x30 [ 16.948083] kunit_try_run_case+0x1a6/0x480 [ 16.948130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.948173] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.948227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.948285] ? __kthread_parkme+0x82/0x160 [ 16.948334] ? preempt_count_sub+0x50/0x80 [ 16.948389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.948442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.948496] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.948546] kthread+0x324/0x6e0 [ 16.948589] ? trace_preempt_on+0x20/0xc0 [ 16.948645] ? __pfx_kthread+0x10/0x10 [ 16.948694] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.948741] ? calculate_sigpending+0x7b/0xa0 [ 16.948788] ? __pfx_kthread+0x10/0x10 [ 16.948846] ret_from_fork+0x41/0x80 [ 16.948914] ? __pfx_kthread+0x10/0x10 [ 16.948955] ret_from_fork_asm+0x1a/0x30 [ 16.949021] </TASK> [ 16.949046] [ 16.967778] Allocated by task 166: [ 16.968251] kasan_save_stack+0x45/0x70 [ 16.969370] kasan_save_track+0x18/0x40 [ 16.969996] kasan_save_alloc_info+0x3b/0x50 [ 16.970626] __kasan_krealloc+0x190/0x1f0 [ 16.971012] krealloc_noprof+0xf3/0x340 [ 16.971742] krealloc_less_oob_helper+0x1ab/0x11d0 [ 16.972164] krealloc_less_oob+0x1c/0x30 [ 16.972943] kunit_try_run_case+0x1a6/0x480 [ 16.973307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.974030] kthread+0x324/0x6e0 [ 16.974698] ret_from_fork+0x41/0x80 [ 16.974947] ret_from_fork_asm+0x1a/0x30 [ 16.975380] [ 16.975913] The buggy address belongs to the object at ffff888100adf400 [ 16.975913] which belongs to the cache kmalloc-256 of size 256 [ 16.976735] The buggy address is located 0 bytes to the right of [ 16.976735] allocated 201-byte region [ffff888100adf400, ffff888100adf4c9) [ 16.977485] [ 16.977681] The buggy address belongs to the physical page: [ 16.978288] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ade [ 16.979176] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.980030] flags: 0x200000000000040(head|node=0|zone=2) [ 16.980652] page_type: f5(slab) [ 16.981110] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.981785] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.982284] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.983101] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.983930] head: 0200000000000001 ffffea000402b781 ffffffffffffffff 0000000000000000 [ 16.984810] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 16.985491] page dumped because: kasan: bad access detected [ 16.985759] [ 16.985999] Memory state around the buggy address: [ 16.986453] ffff888100adf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.987630] ffff888100adf400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.988599] >ffff888100adf480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.989043] ^ [ 16.989960] ffff888100adf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.990234] ffff888100adf580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.991088] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 23.847765] ================================================================== [ 23.848314] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 23.848801] Write of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.849364] [ 23.849616] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.849730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.849764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.849820] Call Trace: [ 23.849885] <TASK> [ 23.849932] dump_stack_lvl+0x73/0xb0 [ 23.850029] print_report+0xd1/0x650 [ 23.850090] ? __virt_addr_valid+0x1db/0x2d0 [ 23.850149] ? copy_user_test_oob+0x558/0x10f0 [ 23.850204] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.850272] ? copy_user_test_oob+0x558/0x10f0 [ 23.850337] kasan_report+0x140/0x180 [ 23.850402] ? copy_user_test_oob+0x558/0x10f0 [ 23.850477] kasan_check_range+0x10c/0x1c0 [ 23.850543] __kasan_check_write+0x18/0x20 [ 23.850603] copy_user_test_oob+0x558/0x10f0 [ 23.850660] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.850698] ? finish_task_switch.isra.0+0x153/0x700 [ 23.850734] ? __switch_to+0x5d9/0xf60 [ 23.850771] ? __schedule+0xce8/0x2840 [ 23.850803] ? __pfx_read_tsc+0x10/0x10 [ 23.850834] ? ktime_get_ts64+0x86/0x230 [ 23.850890] kunit_try_run_case+0x1a6/0x480 [ 23.850923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.850955] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.850987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.851018] ? __kthread_parkme+0x82/0x160 [ 23.851050] ? preempt_count_sub+0x50/0x80 [ 23.851081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.851111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.851146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.851180] kthread+0x324/0x6e0 [ 23.851209] ? trace_preempt_on+0x20/0xc0 [ 23.851241] ? __pfx_kthread+0x10/0x10 [ 23.851270] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.851314] ? calculate_sigpending+0x7b/0xa0 [ 23.851348] ? __pfx_kthread+0x10/0x10 [ 23.851379] ret_from_fork+0x41/0x80 [ 23.851405] ? __pfx_kthread+0x10/0x10 [ 23.851435] ret_from_fork_asm+0x1a/0x30 [ 23.851478] </TASK> [ 23.851494] [ 23.862647] Allocated by task 293: [ 23.863081] kasan_save_stack+0x45/0x70 [ 23.863379] kasan_save_track+0x18/0x40 [ 23.863829] kasan_save_alloc_info+0x3b/0x50 [ 23.864294] __kasan_kmalloc+0xb7/0xc0 [ 23.864675] __kmalloc_noprof+0x1ca/0x500 [ 23.865094] kunit_kmalloc_array+0x25/0x60 [ 23.865482] copy_user_test_oob+0xac/0x10f0 [ 23.865782] kunit_try_run_case+0x1a6/0x480 [ 23.866064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.866538] kthread+0x324/0x6e0 [ 23.866906] ret_from_fork+0x41/0x80 [ 23.867219] ret_from_fork_asm+0x1a/0x30 [ 23.867638] [ 23.867887] The buggy address belongs to the object at ffff888102c74500 [ 23.867887] which belongs to the cache kmalloc-128 of size 128 [ 23.868903] The buggy address is located 0 bytes inside of [ 23.868903] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.869561] [ 23.869724] The buggy address belongs to the physical page: [ 23.870019] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.870409] flags: 0x200000000000000(node=0|zone=2) [ 23.870688] page_type: f5(slab) [ 23.870922] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.871582] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.872519] page dumped because: kasan: bad access detected [ 23.873011] [ 23.873225] Memory state around the buggy address: [ 23.873873] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.874613] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.875231] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.875782] ^ [ 23.876289] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.877068] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.877696] ================================================================== [ 23.771158] ================================================================== [ 23.772002] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 23.772499] Write of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.773085] [ 23.773287] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.773396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.773431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.773482] Call Trace: [ 23.773525] <TASK> [ 23.773570] dump_stack_lvl+0x73/0xb0 [ 23.773647] print_report+0xd1/0x650 [ 23.773707] ? __virt_addr_valid+0x1db/0x2d0 [ 23.773764] ? copy_user_test_oob+0x3fe/0x10f0 [ 23.773820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.773899] ? copy_user_test_oob+0x3fe/0x10f0 [ 23.773963] kasan_report+0x140/0x180 [ 23.774030] ? copy_user_test_oob+0x3fe/0x10f0 [ 23.774099] kasan_check_range+0x10c/0x1c0 [ 23.774159] __kasan_check_write+0x18/0x20 [ 23.774219] copy_user_test_oob+0x3fe/0x10f0 [ 23.774281] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.774337] ? finish_task_switch.isra.0+0x153/0x700 [ 23.774399] ? __switch_to+0x5d9/0xf60 [ 23.774464] ? __schedule+0xce8/0x2840 [ 23.774521] ? __pfx_read_tsc+0x10/0x10 [ 23.774574] ? ktime_get_ts64+0x86/0x230 [ 23.774637] kunit_try_run_case+0x1a6/0x480 [ 23.774707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.774769] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.774828] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.774885] ? __kthread_parkme+0x82/0x160 [ 23.774919] ? preempt_count_sub+0x50/0x80 [ 23.774953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.774984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.775022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.775056] kthread+0x324/0x6e0 [ 23.775085] ? trace_preempt_on+0x20/0xc0 [ 23.775118] ? __pfx_kthread+0x10/0x10 [ 23.775147] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.775177] ? calculate_sigpending+0x7b/0xa0 [ 23.775206] ? __pfx_kthread+0x10/0x10 [ 23.775236] ret_from_fork+0x41/0x80 [ 23.775262] ? __pfx_kthread+0x10/0x10 [ 23.775298] ret_from_fork_asm+0x1a/0x30 [ 23.775351] </TASK> [ 23.775369] [ 23.789880] Allocated by task 293: [ 23.790251] kasan_save_stack+0x45/0x70 [ 23.790613] kasan_save_track+0x18/0x40 [ 23.790977] kasan_save_alloc_info+0x3b/0x50 [ 23.791397] __kasan_kmalloc+0xb7/0xc0 [ 23.791731] __kmalloc_noprof+0x1ca/0x500 [ 23.792912] kunit_kmalloc_array+0x25/0x60 [ 23.793160] copy_user_test_oob+0xac/0x10f0 [ 23.794013] kunit_try_run_case+0x1a6/0x480 [ 23.794351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.794718] kthread+0x324/0x6e0 [ 23.795261] ret_from_fork+0x41/0x80 [ 23.795836] ret_from_fork_asm+0x1a/0x30 [ 23.796133] [ 23.796268] The buggy address belongs to the object at ffff888102c74500 [ 23.796268] which belongs to the cache kmalloc-128 of size 128 [ 23.797634] The buggy address is located 0 bytes inside of [ 23.797634] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.798599] [ 23.798782] The buggy address belongs to the physical page: [ 23.799043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.800140] flags: 0x200000000000000(node=0|zone=2) [ 23.800957] page_type: f5(slab) [ 23.801225] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.802023] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.803047] page dumped because: kasan: bad access detected [ 23.803414] [ 23.803622] Memory state around the buggy address: [ 23.804154] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.804946] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.805396] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.806033] ^ [ 23.806640] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.807115] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.807812] ================================================================== [ 23.878817] ================================================================== [ 23.879349] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 23.880060] Read of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.880422] [ 23.880596] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.880705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.880740] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.880798] Call Trace: [ 23.881170] <TASK> [ 23.881237] dump_stack_lvl+0x73/0xb0 [ 23.881333] print_report+0xd1/0x650 [ 23.881399] ? __virt_addr_valid+0x1db/0x2d0 [ 23.881463] ? copy_user_test_oob+0x605/0x10f0 [ 23.881525] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.881582] ? copy_user_test_oob+0x605/0x10f0 [ 23.881645] kasan_report+0x140/0x180 [ 23.881709] ? copy_user_test_oob+0x605/0x10f0 [ 23.881786] kasan_check_range+0x10c/0x1c0 [ 23.881869] __kasan_check_read+0x15/0x20 [ 23.881934] copy_user_test_oob+0x605/0x10f0 [ 23.882004] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.882068] ? finish_task_switch.isra.0+0x153/0x700 [ 23.882134] ? __switch_to+0x5d9/0xf60 [ 23.882207] ? __schedule+0xce8/0x2840 [ 23.882267] ? __pfx_read_tsc+0x10/0x10 [ 23.882329] ? ktime_get_ts64+0x86/0x230 [ 23.882398] kunit_try_run_case+0x1a6/0x480 [ 23.882460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.882519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.882573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.882638] ? __kthread_parkme+0x82/0x160 [ 23.882691] ? preempt_count_sub+0x50/0x80 [ 23.882742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.882794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.882878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.882939] kthread+0x324/0x6e0 [ 23.882991] ? trace_preempt_on+0x20/0xc0 [ 23.883053] ? __pfx_kthread+0x10/0x10 [ 23.883112] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.883176] ? calculate_sigpending+0x7b/0xa0 [ 23.883237] ? __pfx_kthread+0x10/0x10 [ 23.883298] ret_from_fork+0x41/0x80 [ 23.883354] ? __pfx_kthread+0x10/0x10 [ 23.883417] ret_from_fork_asm+0x1a/0x30 [ 23.883504] </TASK> [ 23.883536] [ 23.896248] Allocated by task 293: [ 23.896682] kasan_save_stack+0x45/0x70 [ 23.897161] kasan_save_track+0x18/0x40 [ 23.897759] kasan_save_alloc_info+0x3b/0x50 [ 23.898145] __kasan_kmalloc+0xb7/0xc0 [ 23.898672] __kmalloc_noprof+0x1ca/0x500 [ 23.898984] kunit_kmalloc_array+0x25/0x60 [ 23.899359] copy_user_test_oob+0xac/0x10f0 [ 23.899622] kunit_try_run_case+0x1a6/0x480 [ 23.899925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.900483] kthread+0x324/0x6e0 [ 23.900818] ret_from_fork+0x41/0x80 [ 23.901210] ret_from_fork_asm+0x1a/0x30 [ 23.901510] [ 23.901663] The buggy address belongs to the object at ffff888102c74500 [ 23.901663] which belongs to the cache kmalloc-128 of size 128 [ 23.902191] The buggy address is located 0 bytes inside of [ 23.902191] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.903205] [ 23.903491] The buggy address belongs to the physical page: [ 23.903966] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.904790] flags: 0x200000000000000(node=0|zone=2) [ 23.905198] page_type: f5(slab) [ 23.905653] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.906060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.906411] page dumped because: kasan: bad access detected [ 23.906686] [ 23.906828] Memory state around the buggy address: [ 23.907234] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.907972] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908626] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.909239] ^ [ 23.909722] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.910271] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.910720] ================================================================== [ 23.809115] ================================================================== [ 23.810017] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 23.810338] Read of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.810615] [ 23.810757] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.810873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.810910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.810965] Call Trace: [ 23.811071] <TASK> [ 23.811152] dump_stack_lvl+0x73/0xb0 [ 23.811299] print_report+0xd1/0x650 [ 23.811358] ? __virt_addr_valid+0x1db/0x2d0 [ 23.811412] ? copy_user_test_oob+0x4ab/0x10f0 [ 23.811469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.811537] ? copy_user_test_oob+0x4ab/0x10f0 [ 23.811590] kasan_report+0x140/0x180 [ 23.811647] ? copy_user_test_oob+0x4ab/0x10f0 [ 23.811736] kasan_check_range+0x10c/0x1c0 [ 23.811802] __kasan_check_read+0x15/0x20 [ 23.811880] copy_user_test_oob+0x4ab/0x10f0 [ 23.811950] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.812012] ? finish_task_switch.isra.0+0x153/0x700 [ 23.812078] ? __switch_to+0x5d9/0xf60 [ 23.812146] ? __schedule+0xce8/0x2840 [ 23.812207] ? __pfx_read_tsc+0x10/0x10 [ 23.812266] ? ktime_get_ts64+0x86/0x230 [ 23.812335] kunit_try_run_case+0x1a6/0x480 [ 23.812402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.812460] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.812526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.812592] ? __kthread_parkme+0x82/0x160 [ 23.812645] ? preempt_count_sub+0x50/0x80 [ 23.812702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.812759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.812826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.813012] kthread+0x324/0x6e0 [ 23.813075] ? trace_preempt_on+0x20/0xc0 [ 23.813127] ? __pfx_kthread+0x10/0x10 [ 23.813169] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.813214] ? calculate_sigpending+0x7b/0xa0 [ 23.813257] ? __pfx_kthread+0x10/0x10 [ 23.813301] ret_from_fork+0x41/0x80 [ 23.813347] ? __pfx_kthread+0x10/0x10 [ 23.813397] ret_from_fork_asm+0x1a/0x30 [ 23.813480] </TASK> [ 23.813512] [ 23.826716] Allocated by task 293: [ 23.827252] kasan_save_stack+0x45/0x70 [ 23.827559] kasan_save_track+0x18/0x40 [ 23.827823] kasan_save_alloc_info+0x3b/0x50 [ 23.828344] __kasan_kmalloc+0xb7/0xc0 [ 23.828793] __kmalloc_noprof+0x1ca/0x500 [ 23.829282] kunit_kmalloc_array+0x25/0x60 [ 23.829737] copy_user_test_oob+0xac/0x10f0 [ 23.830235] kunit_try_run_case+0x1a6/0x480 [ 23.830596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.831135] kthread+0x324/0x6e0 [ 23.831349] ret_from_fork+0x41/0x80 [ 23.831779] ret_from_fork_asm+0x1a/0x30 [ 23.832266] [ 23.833704] The buggy address belongs to the object at ffff888102c74500 [ 23.833704] which belongs to the cache kmalloc-128 of size 128 [ 23.835588] The buggy address is located 0 bytes inside of [ 23.835588] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.836587] [ 23.836795] The buggy address belongs to the physical page: [ 23.837404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.838324] flags: 0x200000000000000(node=0|zone=2) [ 23.838668] page_type: f5(slab) [ 23.838916] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.840105] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.840842] page dumped because: kasan: bad access detected [ 23.841287] [ 23.841444] Memory state around the buggy address: [ 23.842000] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.842512] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.842963] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.843396] ^ [ 23.844057] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.844588] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.845283] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 23.729072] ================================================================== [ 23.729642] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 23.730224] Read of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.730959] [ 23.731275] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.731427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.731462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.731519] Call Trace: [ 23.731572] <TASK> [ 23.731617] dump_stack_lvl+0x73/0xb0 [ 23.731727] print_report+0xd1/0x650 [ 23.731825] ? __virt_addr_valid+0x1db/0x2d0 [ 23.731905] ? _copy_to_user+0x4a/0x70 [ 23.731963] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.732035] ? _copy_to_user+0x4a/0x70 [ 23.732090] kasan_report+0x140/0x180 [ 23.732150] ? _copy_to_user+0x4a/0x70 [ 23.732208] kasan_check_range+0x10c/0x1c0 [ 23.732247] __kasan_check_read+0x15/0x20 [ 23.732279] _copy_to_user+0x4a/0x70 [ 23.732336] copy_user_test_oob+0x365/0x10f0 [ 23.732372] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.732402] ? finish_task_switch.isra.0+0x153/0x700 [ 23.732436] ? __switch_to+0x5d9/0xf60 [ 23.732472] ? __schedule+0xce8/0x2840 [ 23.732505] ? __pfx_read_tsc+0x10/0x10 [ 23.732534] ? ktime_get_ts64+0x86/0x230 [ 23.732568] kunit_try_run_case+0x1a6/0x480 [ 23.732599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.732627] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.732657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.732689] ? __kthread_parkme+0x82/0x160 [ 23.732720] ? preempt_count_sub+0x50/0x80 [ 23.732752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.732783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.732816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.732872] kthread+0x324/0x6e0 [ 23.732901] ? trace_preempt_on+0x20/0xc0 [ 23.732934] ? __pfx_kthread+0x10/0x10 [ 23.732965] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.732995] ? calculate_sigpending+0x7b/0xa0 [ 23.733025] ? __pfx_kthread+0x10/0x10 [ 23.733055] ret_from_fork+0x41/0x80 [ 23.733080] ? __pfx_kthread+0x10/0x10 [ 23.733110] ret_from_fork_asm+0x1a/0x30 [ 23.733150] </TASK> [ 23.733167] [ 23.747928] Allocated by task 293: [ 23.748331] kasan_save_stack+0x45/0x70 [ 23.748922] kasan_save_track+0x18/0x40 [ 23.749431] kasan_save_alloc_info+0x3b/0x50 [ 23.749913] __kasan_kmalloc+0xb7/0xc0 [ 23.750446] __kmalloc_noprof+0x1ca/0x500 [ 23.750929] kunit_kmalloc_array+0x25/0x60 [ 23.751472] copy_user_test_oob+0xac/0x10f0 [ 23.751957] kunit_try_run_case+0x1a6/0x480 [ 23.752256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.752832] kthread+0x324/0x6e0 [ 23.753126] ret_from_fork+0x41/0x80 [ 23.753578] ret_from_fork_asm+0x1a/0x30 [ 23.753935] [ 23.754181] The buggy address belongs to the object at ffff888102c74500 [ 23.754181] which belongs to the cache kmalloc-128 of size 128 [ 23.754873] The buggy address is located 0 bytes inside of [ 23.754873] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.755817] [ 23.756065] The buggy address belongs to the physical page: [ 23.756519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.757218] flags: 0x200000000000000(node=0|zone=2) [ 23.757609] page_type: f5(slab) [ 23.757999] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.758584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.759136] page dumped because: kasan: bad access detected [ 23.759635] [ 23.759902] Memory state around the buggy address: [ 23.760252] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.760787] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.761425] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.761948] ^ [ 23.762488] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.763026] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.763589] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 23.683158] ================================================================== [ 23.684097] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 23.684685] Write of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.685158] [ 23.686098] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.686214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.686248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.686300] Call Trace: [ 23.686343] <TASK> [ 23.686392] dump_stack_lvl+0x73/0xb0 [ 23.686486] print_report+0xd1/0x650 [ 23.686546] ? __virt_addr_valid+0x1db/0x2d0 [ 23.686611] ? _copy_from_user+0x32/0x90 [ 23.686663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.686703] ? _copy_from_user+0x32/0x90 [ 23.686733] kasan_report+0x140/0x180 [ 23.686764] ? _copy_from_user+0x32/0x90 [ 23.686796] kasan_check_range+0x10c/0x1c0 [ 23.686829] __kasan_check_write+0x18/0x20 [ 23.686883] _copy_from_user+0x32/0x90 [ 23.686913] copy_user_test_oob+0x2bf/0x10f0 [ 23.686949] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.686979] ? finish_task_switch.isra.0+0x153/0x700 [ 23.687013] ? __switch_to+0x5d9/0xf60 [ 23.687050] ? __schedule+0xce8/0x2840 [ 23.687083] ? __pfx_read_tsc+0x10/0x10 [ 23.687113] ? ktime_get_ts64+0x86/0x230 [ 23.687160] kunit_try_run_case+0x1a6/0x480 [ 23.687197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.687226] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.687258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.687297] ? __kthread_parkme+0x82/0x160 [ 23.687341] ? preempt_count_sub+0x50/0x80 [ 23.687375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.687406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.687442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.687476] kthread+0x324/0x6e0 [ 23.687504] ? trace_preempt_on+0x20/0xc0 [ 23.687537] ? __pfx_kthread+0x10/0x10 [ 23.687567] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.687597] ? calculate_sigpending+0x7b/0xa0 [ 23.687627] ? __pfx_kthread+0x10/0x10 [ 23.687657] ret_from_fork+0x41/0x80 [ 23.687697] ? __pfx_kthread+0x10/0x10 [ 23.687729] ret_from_fork_asm+0x1a/0x30 [ 23.687774] </TASK> [ 23.687791] [ 23.705287] Allocated by task 293: [ 23.706111] kasan_save_stack+0x45/0x70 [ 23.706537] kasan_save_track+0x18/0x40 [ 23.706934] kasan_save_alloc_info+0x3b/0x50 [ 23.707230] __kasan_kmalloc+0xb7/0xc0 [ 23.707787] __kmalloc_noprof+0x1ca/0x500 [ 23.708203] kunit_kmalloc_array+0x25/0x60 [ 23.708766] copy_user_test_oob+0xac/0x10f0 [ 23.709053] kunit_try_run_case+0x1a6/0x480 [ 23.709430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.709876] kthread+0x324/0x6e0 [ 23.710280] ret_from_fork+0x41/0x80 [ 23.710590] ret_from_fork_asm+0x1a/0x30 [ 23.711028] [ 23.711357] The buggy address belongs to the object at ffff888102c74500 [ 23.711357] which belongs to the cache kmalloc-128 of size 128 [ 23.712541] The buggy address is located 0 bytes inside of [ 23.712541] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.713699] [ 23.714128] The buggy address belongs to the physical page: [ 23.714714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.715575] flags: 0x200000000000000(node=0|zone=2) [ 23.715988] page_type: f5(slab) [ 23.716340] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.716947] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.717321] page dumped because: kasan: bad access detected [ 23.718473] [ 23.718622] Memory state around the buggy address: [ 23.719376] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.719826] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.720614] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.721238] ^ [ 23.721966] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.722620] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.723221] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 23.618914] ================================================================== [ 23.619766] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 23.621475] Write of size 8 at addr ffff88810298ab78 by task kunit_try_catch/289 [ 23.622162] [ 23.622739] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.622840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.622888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.622931] Call Trace: [ 23.622970] <TASK> [ 23.623007] dump_stack_lvl+0x73/0xb0 [ 23.623099] print_report+0xd1/0x650 [ 23.623166] ? __virt_addr_valid+0x1db/0x2d0 [ 23.623233] ? copy_to_kernel_nofault+0x99/0x260 [ 23.623297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.623368] ? copy_to_kernel_nofault+0x99/0x260 [ 23.623428] kasan_report+0x140/0x180 [ 23.623492] ? copy_to_kernel_nofault+0x99/0x260 [ 23.623562] kasan_check_range+0x10c/0x1c0 [ 23.623624] __kasan_check_write+0x18/0x20 [ 23.623690] copy_to_kernel_nofault+0x99/0x260 [ 23.623807] copy_to_kernel_nofault_oob+0x289/0x560 [ 23.623896] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 23.623963] ? finish_task_switch.isra.0+0x153/0x700 [ 23.624030] ? __schedule+0xce8/0x2840 [ 23.624086] ? trace_hardirqs_on+0x37/0xe0 [ 23.624132] ? __pfx_read_tsc+0x10/0x10 [ 23.624165] ? ktime_get_ts64+0x86/0x230 [ 23.624201] kunit_try_run_case+0x1a6/0x480 [ 23.624236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.624266] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.624309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.624349] ? __kthread_parkme+0x82/0x160 [ 23.624383] ? preempt_count_sub+0x50/0x80 [ 23.624416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.624468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.624528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.624580] kthread+0x324/0x6e0 [ 23.624622] ? trace_preempt_on+0x20/0xc0 [ 23.624669] ? __pfx_kthread+0x10/0x10 [ 23.624701] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.624735] ? calculate_sigpending+0x7b/0xa0 [ 23.624766] ? __pfx_kthread+0x10/0x10 [ 23.624797] ret_from_fork+0x41/0x80 [ 23.624825] ? __pfx_kthread+0x10/0x10 [ 23.624877] ret_from_fork_asm+0x1a/0x30 [ 23.624921] </TASK> [ 23.624937] [ 23.642735] Allocated by task 289: [ 23.643247] kasan_save_stack+0x45/0x70 [ 23.643748] kasan_save_track+0x18/0x40 [ 23.644028] kasan_save_alloc_info+0x3b/0x50 [ 23.644396] __kasan_kmalloc+0xb7/0xc0 [ 23.644990] __kmalloc_cache_noprof+0x18a/0x420 [ 23.645617] copy_to_kernel_nofault_oob+0x130/0x560 [ 23.646313] kunit_try_run_case+0x1a6/0x480 [ 23.646728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.647273] kthread+0x324/0x6e0 [ 23.647685] ret_from_fork+0x41/0x80 [ 23.648087] ret_from_fork_asm+0x1a/0x30 [ 23.648489] [ 23.648736] The buggy address belongs to the object at ffff88810298ab00 [ 23.648736] which belongs to the cache kmalloc-128 of size 128 [ 23.650060] The buggy address is located 0 bytes to the right of [ 23.650060] allocated 120-byte region [ffff88810298ab00, ffff88810298ab78) [ 23.651119] [ 23.651360] The buggy address belongs to the physical page: [ 23.651659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 23.652273] flags: 0x200000000000000(node=0|zone=2) [ 23.652891] page_type: f5(slab) [ 23.653266] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.654079] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.654656] page dumped because: kasan: bad access detected [ 23.655220] [ 23.655510] Memory state around the buggy address: [ 23.656129] ffff88810298aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.656898] ffff88810298aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.658146] >ffff88810298ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.658612] ^ [ 23.659139] ffff88810298ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.659659] ffff88810298ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.660247] ================================================================== [ 23.576394] ================================================================== [ 23.577537] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 23.578510] Read of size 8 at addr ffff88810298ab78 by task kunit_try_catch/289 [ 23.578964] [ 23.579121] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.579181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.579200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.579228] Call Trace: [ 23.579250] <TASK> [ 23.579277] dump_stack_lvl+0x73/0xb0 [ 23.579343] print_report+0xd1/0x650 [ 23.579378] ? __virt_addr_valid+0x1db/0x2d0 [ 23.579413] ? copy_to_kernel_nofault+0x225/0x260 [ 23.579448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.579484] ? copy_to_kernel_nofault+0x225/0x260 [ 23.579516] kasan_report+0x140/0x180 [ 23.579549] ? copy_to_kernel_nofault+0x225/0x260 [ 23.579588] __asan_report_load8_noabort+0x18/0x20 [ 23.579622] copy_to_kernel_nofault+0x225/0x260 [ 23.579657] copy_to_kernel_nofault_oob+0x1ee/0x560 [ 23.579699] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 23.579731] ? finish_task_switch.isra.0+0x153/0x700 [ 23.579764] ? __schedule+0xce8/0x2840 [ 23.579799] ? trace_hardirqs_on+0x37/0xe0 [ 23.579865] ? __pfx_read_tsc+0x10/0x10 [ 23.579929] ? ktime_get_ts64+0x86/0x230 [ 23.579997] kunit_try_run_case+0x1a6/0x480 [ 23.580065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.580124] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.580195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.580264] ? __kthread_parkme+0x82/0x160 [ 23.580340] ? preempt_count_sub+0x50/0x80 [ 23.580394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.580448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.580962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.581041] kthread+0x324/0x6e0 [ 23.581088] ? trace_preempt_on+0x20/0xc0 [ 23.581138] ? __pfx_kthread+0x10/0x10 [ 23.581184] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.581233] ? calculate_sigpending+0x7b/0xa0 [ 23.581278] ? __pfx_kthread+0x10/0x10 [ 23.581340] ret_from_fork+0x41/0x80 [ 23.581382] ? __pfx_kthread+0x10/0x10 [ 23.581425] ret_from_fork_asm+0x1a/0x30 [ 23.581492] </TASK> [ 23.581519] [ 23.598827] Allocated by task 289: [ 23.599113] kasan_save_stack+0x45/0x70 [ 23.599398] kasan_save_track+0x18/0x40 [ 23.599712] kasan_save_alloc_info+0x3b/0x50 [ 23.600203] __kasan_kmalloc+0xb7/0xc0 [ 23.600654] __kmalloc_cache_noprof+0x18a/0x420 [ 23.601170] copy_to_kernel_nofault_oob+0x130/0x560 [ 23.602391] kunit_try_run_case+0x1a6/0x480 [ 23.602972] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.603551] kthread+0x324/0x6e0 [ 23.603908] ret_from_fork+0x41/0x80 [ 23.604376] ret_from_fork_asm+0x1a/0x30 [ 23.605166] [ 23.605455] The buggy address belongs to the object at ffff88810298ab00 [ 23.605455] which belongs to the cache kmalloc-128 of size 128 [ 23.606819] The buggy address is located 0 bytes to the right of [ 23.606819] allocated 120-byte region [ffff88810298ab00, ffff88810298ab78) [ 23.607666] [ 23.608564] The buggy address belongs to the physical page: [ 23.609187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 23.609963] flags: 0x200000000000000(node=0|zone=2) [ 23.610567] page_type: f5(slab) [ 23.610961] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.611408] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.612221] page dumped because: kasan: bad access detected [ 23.613211] [ 23.613558] Memory state around the buggy address: [ 23.613866] ffff88810298aa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.614416] ffff88810298aa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.615074] >ffff88810298ab00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.615661] ^ [ 23.616295] ffff88810298ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.617250] ffff88810298ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.617516] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 146.502818] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 55.764161] ================================================================== [ 55.764553] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 55.764553] [ 55.764953] Use-after-free read at 0x(____ptrval____) (in kfence-#161): [ 55.765632] test_krealloc+0x6fd/0xbe0 [ 55.765921] kunit_try_run_case+0x1a6/0x480 [ 55.766405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.767079] kthread+0x324/0x6e0 [ 55.767502] ret_from_fork+0x41/0x80 [ 55.768008] ret_from_fork_asm+0x1a/0x30 [ 55.768496] [ 55.768747] kfence-#161: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 55.768747] [ 55.769591] allocated by task 345 on cpu 0 at 55.763110s (0.006475s ago): [ 55.770323] test_alloc+0x365/0x10f0 [ 55.770574] test_krealloc+0xae/0xbe0 [ 55.770960] kunit_try_run_case+0x1a6/0x480 [ 55.771279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.771692] kthread+0x324/0x6e0 [ 55.772065] ret_from_fork+0x41/0x80 [ 55.772455] ret_from_fork_asm+0x1a/0x30 [ 55.772720] [ 55.772956] freed by task 345 on cpu 0 at 55.763644s (0.009306s ago): [ 55.773572] krealloc_noprof+0x108/0x340 [ 55.773995] test_krealloc+0x227/0xbe0 [ 55.774355] kunit_try_run_case+0x1a6/0x480 [ 55.774775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.775348] kthread+0x324/0x6e0 [ 55.775747] ret_from_fork+0x41/0x80 [ 55.776012] ret_from_fork_asm+0x1a/0x30 [ 55.776284] [ 55.776471] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 55.777024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.777408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 55.777917] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 21.494962] ================================================================== [ 21.495325] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 21.496736] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.497029] [ 21.497768] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.497903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.497939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.497992] Call Trace: [ 21.498034] <TASK> [ 21.498074] dump_stack_lvl+0x73/0xb0 [ 21.498140] print_report+0xd1/0x650 [ 21.498175] ? __virt_addr_valid+0x1db/0x2d0 [ 21.498209] ? kasan_atomics_helper+0x7c8/0x5450 [ 21.498240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.498274] ? kasan_atomics_helper+0x7c8/0x5450 [ 21.498313] kasan_report+0x140/0x180 [ 21.498367] ? kasan_atomics_helper+0x7c8/0x5450 [ 21.498433] kasan_check_range+0x10c/0x1c0 [ 21.498493] __kasan_check_write+0x18/0x20 [ 21.498549] kasan_atomics_helper+0x7c8/0x5450 [ 21.498623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.498686] ? kasan_save_alloc_info+0x3b/0x50 [ 21.498746] ? kasan_save_track+0x18/0x40 [ 21.498813] kasan_atomics+0x1dd/0x310 [ 21.498894] ? __pfx_kasan_atomics+0x10/0x10 [ 21.498953] ? __pfx_read_tsc+0x10/0x10 [ 21.498987] ? ktime_get_ts64+0x86/0x230 [ 21.499025] kunit_try_run_case+0x1a6/0x480 [ 21.499059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.499089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.499124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.499155] ? __kthread_parkme+0x82/0x160 [ 21.499187] ? preempt_count_sub+0x50/0x80 [ 21.499221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.499253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.499288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.499321] kthread+0x324/0x6e0 [ 21.499351] ? trace_preempt_on+0x20/0xc0 [ 21.499396] ? __pfx_kthread+0x10/0x10 [ 21.499461] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.499527] ? calculate_sigpending+0x7b/0xa0 [ 21.499577] ? __pfx_kthread+0x10/0x10 [ 21.499629] ret_from_fork+0x41/0x80 [ 21.499677] ? __pfx_kthread+0x10/0x10 [ 21.499741] ret_from_fork_asm+0x1a/0x30 [ 21.499813] </TASK> [ 21.499840] [ 21.516159] Allocated by task 273: [ 21.516791] kasan_save_stack+0x45/0x70 [ 21.517222] kasan_save_track+0x18/0x40 [ 21.517709] kasan_save_alloc_info+0x3b/0x50 [ 21.518173] __kasan_kmalloc+0xb7/0xc0 [ 21.519044] __kmalloc_cache_noprof+0x18a/0x420 [ 21.519583] kasan_atomics+0x96/0x310 [ 21.519872] kunit_try_run_case+0x1a6/0x480 [ 21.520406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.521090] kthread+0x324/0x6e0 [ 21.521620] ret_from_fork+0x41/0x80 [ 21.521947] ret_from_fork_asm+0x1a/0x30 [ 21.522553] [ 21.523026] The buggy address belongs to the object at ffff888102993400 [ 21.523026] which belongs to the cache kmalloc-64 of size 64 [ 21.524484] The buggy address is located 0 bytes to the right of [ 21.524484] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.525887] [ 21.526058] The buggy address belongs to the physical page: [ 21.526415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.527927] flags: 0x200000000000000(node=0|zone=2) [ 21.528249] page_type: f5(slab) [ 21.529001] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.529495] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.530491] page dumped because: kasan: bad access detected [ 21.530934] [ 21.531145] Memory state around the buggy address: [ 21.531787] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.532323] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.533102] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.534041] ^ [ 21.534405] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.535345] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.536079] ================================================================== [ 22.339308] ================================================================== [ 22.339839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 22.340612] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.341372] [ 22.341627] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.341733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.341772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.341829] Call Trace: [ 22.341891] <TASK> [ 22.341940] dump_stack_lvl+0x73/0xb0 [ 22.342017] print_report+0xd1/0x650 [ 22.342082] ? __virt_addr_valid+0x1db/0x2d0 [ 22.342156] ? kasan_atomics_helper+0x49d0/0x5450 [ 22.342233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.342304] ? kasan_atomics_helper+0x49d0/0x5450 [ 22.342366] kasan_report+0x140/0x180 [ 22.342433] ? kasan_atomics_helper+0x49d0/0x5450 [ 22.342506] __asan_report_load4_noabort+0x18/0x20 [ 22.342573] kasan_atomics_helper+0x49d0/0x5450 [ 22.342635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.342691] ? kasan_save_alloc_info+0x3b/0x50 [ 22.342739] ? kasan_save_track+0x18/0x40 [ 22.342773] kasan_atomics+0x1dd/0x310 [ 22.342806] ? __pfx_kasan_atomics+0x10/0x10 [ 22.342838] ? __pfx_read_tsc+0x10/0x10 [ 22.342891] ? ktime_get_ts64+0x86/0x230 [ 22.342929] kunit_try_run_case+0x1a6/0x480 [ 22.342962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.342991] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.343027] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.343059] ? __kthread_parkme+0x82/0x160 [ 22.343091] ? preempt_count_sub+0x50/0x80 [ 22.343124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.343156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.343190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.343225] kthread+0x324/0x6e0 [ 22.343254] ? trace_preempt_on+0x20/0xc0 [ 22.343287] ? __pfx_kthread+0x10/0x10 [ 22.343331] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.343364] ? calculate_sigpending+0x7b/0xa0 [ 22.343395] ? __pfx_kthread+0x10/0x10 [ 22.343425] ret_from_fork+0x41/0x80 [ 22.343452] ? __pfx_kthread+0x10/0x10 [ 22.343482] ret_from_fork_asm+0x1a/0x30 [ 22.343525] </TASK> [ 22.343540] [ 22.359280] Allocated by task 273: [ 22.359657] kasan_save_stack+0x45/0x70 [ 22.360735] kasan_save_track+0x18/0x40 [ 22.361059] kasan_save_alloc_info+0x3b/0x50 [ 22.361349] __kasan_kmalloc+0xb7/0xc0 [ 22.361648] __kmalloc_cache_noprof+0x18a/0x420 [ 22.362000] kasan_atomics+0x96/0x310 [ 22.362383] kunit_try_run_case+0x1a6/0x480 [ 22.362687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.363201] kthread+0x324/0x6e0 [ 22.364123] ret_from_fork+0x41/0x80 [ 22.364336] ret_from_fork_asm+0x1a/0x30 [ 22.364912] [ 22.365225] The buggy address belongs to the object at ffff888102993400 [ 22.365225] which belongs to the cache kmalloc-64 of size 64 [ 22.366160] The buggy address is located 0 bytes to the right of [ 22.366160] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.367138] [ 22.367620] The buggy address belongs to the physical page: [ 22.368120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.368737] flags: 0x200000000000000(node=0|zone=2) [ 22.369000] page_type: f5(slab) [ 22.369228] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.370017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.370481] page dumped because: kasan: bad access detected [ 22.370935] [ 22.371145] Memory state around the buggy address: [ 22.371558] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.372371] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.372824] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.373234] ^ [ 22.373726] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.374798] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.375317] ================================================================== [ 22.487833] ================================================================== [ 22.488219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 22.488980] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.489578] [ 22.489758] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.489886] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.489945] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.490003] Call Trace: [ 22.490048] <TASK> [ 22.490095] dump_stack_lvl+0x73/0xb0 [ 22.490169] print_report+0xd1/0x650 [ 22.490234] ? __virt_addr_valid+0x1db/0x2d0 [ 22.490339] ? kasan_atomics_helper+0x50d6/0x5450 [ 22.490402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.490470] ? kasan_atomics_helper+0x50d6/0x5450 [ 22.490538] kasan_report+0x140/0x180 [ 22.490624] ? kasan_atomics_helper+0x50d6/0x5450 [ 22.490692] __asan_report_store8_noabort+0x1b/0x30 [ 22.490755] kasan_atomics_helper+0x50d6/0x5450 [ 22.490816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.490917] ? kasan_save_alloc_info+0x3b/0x50 [ 22.490983] ? kasan_save_track+0x18/0x40 [ 22.491042] kasan_atomics+0x1dd/0x310 [ 22.491102] ? __pfx_kasan_atomics+0x10/0x10 [ 22.491161] ? __pfx_read_tsc+0x10/0x10 [ 22.491235] ? ktime_get_ts64+0x86/0x230 [ 22.491360] kunit_try_run_case+0x1a6/0x480 [ 22.491430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.491498] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.491585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.491651] ? __kthread_parkme+0x82/0x160 [ 22.491718] ? preempt_count_sub+0x50/0x80 [ 22.491762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.491797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.491836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.491892] kthread+0x324/0x6e0 [ 22.491922] ? trace_preempt_on+0x20/0xc0 [ 22.491956] ? __pfx_kthread+0x10/0x10 [ 22.491986] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.492019] ? calculate_sigpending+0x7b/0xa0 [ 22.492050] ? __pfx_kthread+0x10/0x10 [ 22.492080] ret_from_fork+0x41/0x80 [ 22.492107] ? __pfx_kthread+0x10/0x10 [ 22.492136] ret_from_fork_asm+0x1a/0x30 [ 22.492180] </TASK> [ 22.492195] [ 22.504576] Allocated by task 273: [ 22.504900] kasan_save_stack+0x45/0x70 [ 22.505349] kasan_save_track+0x18/0x40 [ 22.505645] kasan_save_alloc_info+0x3b/0x50 [ 22.506068] __kasan_kmalloc+0xb7/0xc0 [ 22.506486] __kmalloc_cache_noprof+0x18a/0x420 [ 22.506768] kasan_atomics+0x96/0x310 [ 22.507280] kunit_try_run_case+0x1a6/0x480 [ 22.507904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.508486] kthread+0x324/0x6e0 [ 22.508819] ret_from_fork+0x41/0x80 [ 22.509118] ret_from_fork_asm+0x1a/0x30 [ 22.509450] [ 22.509631] The buggy address belongs to the object at ffff888102993400 [ 22.509631] which belongs to the cache kmalloc-64 of size 64 [ 22.510500] The buggy address is located 0 bytes to the right of [ 22.510500] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.511306] [ 22.511465] The buggy address belongs to the physical page: [ 22.511754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.512544] flags: 0x200000000000000(node=0|zone=2) [ 22.513207] page_type: f5(slab) [ 22.513711] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.514334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.514756] page dumped because: kasan: bad access detected [ 22.515205] [ 22.515442] Memory state around the buggy address: [ 22.515921] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.516580] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.517082] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.517722] ^ [ 22.518086] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.518668] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.519167] ================================================================== [ 22.049893] ================================================================== [ 22.050544] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 22.051011] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.051383] [ 22.051672] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.051796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.051833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.051907] Call Trace: [ 22.051954] <TASK> [ 22.052001] dump_stack_lvl+0x73/0xb0 [ 22.052084] print_report+0xd1/0x650 [ 22.052152] ? __virt_addr_valid+0x1db/0x2d0 [ 22.052220] ? kasan_atomics_helper+0x4a38/0x5450 [ 22.052282] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.052346] ? kasan_atomics_helper+0x4a38/0x5450 [ 22.052400] kasan_report+0x140/0x180 [ 22.052462] ? kasan_atomics_helper+0x4a38/0x5450 [ 22.052533] __asan_report_load4_noabort+0x18/0x20 [ 22.052602] kasan_atomics_helper+0x4a38/0x5450 [ 22.052666] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.052733] ? kasan_save_alloc_info+0x3b/0x50 [ 22.052796] ? kasan_save_track+0x18/0x40 [ 22.052881] kasan_atomics+0x1dd/0x310 [ 22.052947] ? __pfx_kasan_atomics+0x10/0x10 [ 22.053019] ? __pfx_read_tsc+0x10/0x10 [ 22.053083] ? ktime_get_ts64+0x86/0x230 [ 22.053155] kunit_try_run_case+0x1a6/0x480 [ 22.053226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.053288] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.053353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.053417] ? __kthread_parkme+0x82/0x160 [ 22.053483] ? preempt_count_sub+0x50/0x80 [ 22.053554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.053623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.053697] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.053770] kthread+0x324/0x6e0 [ 22.053829] ? trace_preempt_on+0x20/0xc0 [ 22.053914] ? __pfx_kthread+0x10/0x10 [ 22.053977] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.054042] ? calculate_sigpending+0x7b/0xa0 [ 22.054108] ? __pfx_kthread+0x10/0x10 [ 22.054172] ret_from_fork+0x41/0x80 [ 22.054229] ? __pfx_kthread+0x10/0x10 [ 22.054283] ret_from_fork_asm+0x1a/0x30 [ 22.054358] </TASK> [ 22.054390] [ 22.072949] Allocated by task 273: [ 22.073215] kasan_save_stack+0x45/0x70 [ 22.074098] kasan_save_track+0x18/0x40 [ 22.074753] kasan_save_alloc_info+0x3b/0x50 [ 22.075160] __kasan_kmalloc+0xb7/0xc0 [ 22.075590] __kmalloc_cache_noprof+0x18a/0x420 [ 22.076266] kasan_atomics+0x96/0x310 [ 22.076658] kunit_try_run_case+0x1a6/0x480 [ 22.077208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.077735] kthread+0x324/0x6e0 [ 22.077994] ret_from_fork+0x41/0x80 [ 22.078235] ret_from_fork_asm+0x1a/0x30 [ 22.078603] [ 22.078738] The buggy address belongs to the object at ffff888102993400 [ 22.078738] which belongs to the cache kmalloc-64 of size 64 [ 22.080254] The buggy address is located 0 bytes to the right of [ 22.080254] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.081430] [ 22.081691] The buggy address belongs to the physical page: [ 22.082204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.082973] flags: 0x200000000000000(node=0|zone=2) [ 22.083376] page_type: f5(slab) [ 22.083706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.084211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.085543] page dumped because: kasan: bad access detected [ 22.085912] [ 22.086067] Memory state around the buggy address: [ 22.086803] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.087457] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.087913] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.088942] ^ [ 22.089267] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.089679] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.090100] ================================================================== [ 21.365031] ================================================================== [ 21.365405] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 21.366607] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.367278] [ 21.367522] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.367639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.367674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.367737] Call Trace: [ 21.367781] <TASK> [ 21.367825] dump_stack_lvl+0x73/0xb0 [ 21.368293] print_report+0xd1/0x650 [ 21.368382] ? __virt_addr_valid+0x1db/0x2d0 [ 21.368446] ? kasan_atomics_helper+0x5ff/0x5450 [ 21.368504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.368568] ? kasan_atomics_helper+0x5ff/0x5450 [ 21.368629] kasan_report+0x140/0x180 [ 21.368693] ? kasan_atomics_helper+0x5ff/0x5450 [ 21.368766] kasan_check_range+0x10c/0x1c0 [ 21.368831] __kasan_check_write+0x18/0x20 [ 21.368914] kasan_atomics_helper+0x5ff/0x5450 [ 21.368951] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.368984] ? kasan_save_alloc_info+0x3b/0x50 [ 21.369014] ? kasan_save_track+0x18/0x40 [ 21.369047] kasan_atomics+0x1dd/0x310 [ 21.369077] ? __pfx_kasan_atomics+0x10/0x10 [ 21.369109] ? __pfx_read_tsc+0x10/0x10 [ 21.369139] ? ktime_get_ts64+0x86/0x230 [ 21.369175] kunit_try_run_case+0x1a6/0x480 [ 21.369209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.369238] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.369271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.369314] ? __kthread_parkme+0x82/0x160 [ 21.369366] ? preempt_count_sub+0x50/0x80 [ 21.369424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.369478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.369536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.369593] kthread+0x324/0x6e0 [ 21.369641] ? trace_preempt_on+0x20/0xc0 [ 21.369699] ? __pfx_kthread+0x10/0x10 [ 21.369749] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.369805] ? calculate_sigpending+0x7b/0xa0 [ 21.369876] ? __pfx_kthread+0x10/0x10 [ 21.369912] ret_from_fork+0x41/0x80 [ 21.369940] ? __pfx_kthread+0x10/0x10 [ 21.369971] ret_from_fork_asm+0x1a/0x30 [ 21.370016] </TASK> [ 21.370032] [ 21.387543] Allocated by task 273: [ 21.388004] kasan_save_stack+0x45/0x70 [ 21.388744] kasan_save_track+0x18/0x40 [ 21.389608] kasan_save_alloc_info+0x3b/0x50 [ 21.390061] __kasan_kmalloc+0xb7/0xc0 [ 21.390831] __kmalloc_cache_noprof+0x18a/0x420 [ 21.391576] kasan_atomics+0x96/0x310 [ 21.392139] kunit_try_run_case+0x1a6/0x480 [ 21.392690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.393382] kthread+0x324/0x6e0 [ 21.394250] ret_from_fork+0x41/0x80 [ 21.394645] ret_from_fork_asm+0x1a/0x30 [ 21.395234] [ 21.395463] The buggy address belongs to the object at ffff888102993400 [ 21.395463] which belongs to the cache kmalloc-64 of size 64 [ 21.396583] The buggy address is located 0 bytes to the right of [ 21.396583] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.397720] [ 21.397903] The buggy address belongs to the physical page: [ 21.398946] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.399493] flags: 0x200000000000000(node=0|zone=2) [ 21.400093] page_type: f5(slab) [ 21.400520] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.401276] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.401939] page dumped because: kasan: bad access detected [ 21.402413] [ 21.402989] Memory state around the buggy address: [ 21.403373] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.404423] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.404942] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.405641] ^ [ 21.406121] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.407132] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.407611] ================================================================== [ 22.158315] ================================================================== [ 22.159086] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 22.160050] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.160698] [ 22.160878] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.160981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.161014] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.161065] Call Trace: [ 22.161106] <TASK> [ 22.161148] dump_stack_lvl+0x73/0xb0 [ 22.161230] print_report+0xd1/0x650 [ 22.161332] ? __virt_addr_valid+0x1db/0x2d0 [ 22.161403] ? kasan_atomics_helper+0x1149/0x5450 [ 22.161464] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.161527] ? kasan_atomics_helper+0x1149/0x5450 [ 22.161586] kasan_report+0x140/0x180 [ 22.161641] ? kasan_atomics_helper+0x1149/0x5450 [ 22.161712] kasan_check_range+0x10c/0x1c0 [ 22.161780] __kasan_check_write+0x18/0x20 [ 22.161844] kasan_atomics_helper+0x1149/0x5450 [ 22.161902] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.161935] ? kasan_save_alloc_info+0x3b/0x50 [ 22.161966] ? kasan_save_track+0x18/0x40 [ 22.161998] kasan_atomics+0x1dd/0x310 [ 22.162028] ? __pfx_kasan_atomics+0x10/0x10 [ 22.162060] ? __pfx_read_tsc+0x10/0x10 [ 22.162092] ? ktime_get_ts64+0x86/0x230 [ 22.162127] kunit_try_run_case+0x1a6/0x480 [ 22.162160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.162189] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.162224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.162256] ? __kthread_parkme+0x82/0x160 [ 22.162301] ? preempt_count_sub+0x50/0x80 [ 22.162348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.162381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.162418] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.162454] kthread+0x324/0x6e0 [ 22.162483] ? trace_preempt_on+0x20/0xc0 [ 22.162517] ? __pfx_kthread+0x10/0x10 [ 22.162547] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.162579] ? calculate_sigpending+0x7b/0xa0 [ 22.162610] ? __pfx_kthread+0x10/0x10 [ 22.162640] ret_from_fork+0x41/0x80 [ 22.162666] ? __pfx_kthread+0x10/0x10 [ 22.162695] ret_from_fork_asm+0x1a/0x30 [ 22.162738] </TASK> [ 22.162753] [ 22.178322] Allocated by task 273: [ 22.178788] kasan_save_stack+0x45/0x70 [ 22.179266] kasan_save_track+0x18/0x40 [ 22.179528] kasan_save_alloc_info+0x3b/0x50 [ 22.180189] __kasan_kmalloc+0xb7/0xc0 [ 22.180756] __kmalloc_cache_noprof+0x18a/0x420 [ 22.181103] kasan_atomics+0x96/0x310 [ 22.181602] kunit_try_run_case+0x1a6/0x480 [ 22.182260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.182630] kthread+0x324/0x6e0 [ 22.182888] ret_from_fork+0x41/0x80 [ 22.183105] ret_from_fork_asm+0x1a/0x30 [ 22.183880] [ 22.184015] The buggy address belongs to the object at ffff888102993400 [ 22.184015] which belongs to the cache kmalloc-64 of size 64 [ 22.185536] The buggy address is located 0 bytes to the right of [ 22.185536] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.186488] [ 22.186725] The buggy address belongs to the physical page: [ 22.187055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.187751] flags: 0x200000000000000(node=0|zone=2) [ 22.188163] page_type: f5(slab) [ 22.188464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.189641] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.190167] page dumped because: kasan: bad access detected [ 22.190705] [ 22.191030] Memory state around the buggy address: [ 22.191622] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.191970] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.192623] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.193127] ^ [ 22.193543] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.194032] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.194606] ================================================================== [ 22.971809] ================================================================== [ 22.972263] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 22.972709] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.973439] [ 22.973727] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.973838] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.973893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.973948] Call Trace: [ 22.973996] <TASK> [ 22.974040] dump_stack_lvl+0x73/0xb0 [ 22.974118] print_report+0xd1/0x650 [ 22.974183] ? __virt_addr_valid+0x1db/0x2d0 [ 22.974248] ? kasan_atomics_helper+0x1c19/0x5450 [ 22.974309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.974381] ? kasan_atomics_helper+0x1c19/0x5450 [ 22.974444] kasan_report+0x140/0x180 [ 22.974527] ? kasan_atomics_helper+0x1c19/0x5450 [ 22.974600] kasan_check_range+0x10c/0x1c0 [ 22.974668] __kasan_check_write+0x18/0x20 [ 22.974733] kasan_atomics_helper+0x1c19/0x5450 [ 22.974798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.974878] ? kasan_save_alloc_info+0x3b/0x50 [ 22.974944] ? kasan_save_track+0x18/0x40 [ 22.975009] kasan_atomics+0x1dd/0x310 [ 22.975067] ? __pfx_kasan_atomics+0x10/0x10 [ 22.975131] ? __pfx_read_tsc+0x10/0x10 [ 22.975216] ? ktime_get_ts64+0x86/0x230 [ 22.975290] kunit_try_run_case+0x1a6/0x480 [ 22.975354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.975411] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.975506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.975574] ? __kthread_parkme+0x82/0x160 [ 22.975640] ? preempt_count_sub+0x50/0x80 [ 22.975718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.975779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.975835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.975894] kthread+0x324/0x6e0 [ 22.975926] ? trace_preempt_on+0x20/0xc0 [ 22.975961] ? __pfx_kthread+0x10/0x10 [ 22.975992] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.976024] ? calculate_sigpending+0x7b/0xa0 [ 22.976054] ? __pfx_kthread+0x10/0x10 [ 22.976085] ret_from_fork+0x41/0x80 [ 22.976112] ? __pfx_kthread+0x10/0x10 [ 22.976141] ret_from_fork_asm+0x1a/0x30 [ 22.976183] </TASK> [ 22.976199] [ 22.990277] Allocated by task 273: [ 22.990581] kasan_save_stack+0x45/0x70 [ 22.990869] kasan_save_track+0x18/0x40 [ 22.991418] kasan_save_alloc_info+0x3b/0x50 [ 22.992070] __kasan_kmalloc+0xb7/0xc0 [ 22.992563] __kmalloc_cache_noprof+0x18a/0x420 [ 22.993117] kasan_atomics+0x96/0x310 [ 22.994036] kunit_try_run_case+0x1a6/0x480 [ 22.994410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.995094] kthread+0x324/0x6e0 [ 22.995711] ret_from_fork+0x41/0x80 [ 22.996214] ret_from_fork_asm+0x1a/0x30 [ 22.996714] [ 22.996962] The buggy address belongs to the object at ffff888102993400 [ 22.996962] which belongs to the cache kmalloc-64 of size 64 [ 22.997666] The buggy address is located 0 bytes to the right of [ 22.997666] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.999196] [ 22.999371] The buggy address belongs to the physical page: [ 22.999634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.000598] flags: 0x200000000000000(node=0|zone=2) [ 23.001214] page_type: f5(slab) [ 23.001666] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.002001] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.002965] page dumped because: kasan: bad access detected [ 23.003626] [ 23.004034] Memory state around the buggy address: [ 23.004293] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.004948] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.005664] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.006497] ^ [ 23.007058] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.007478] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.008154] ================================================================== [ 23.072611] ================================================================== [ 23.073272] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 23.074056] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.074685] [ 23.075007] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.075111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.075147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.075200] Call Trace: [ 23.075246] <TASK> [ 23.075289] dump_stack_lvl+0x73/0xb0 [ 23.075364] print_report+0xd1/0x650 [ 23.075429] ? __virt_addr_valid+0x1db/0x2d0 [ 23.075494] ? kasan_atomics_helper+0x1d7b/0x5450 [ 23.075555] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.075624] ? kasan_atomics_helper+0x1d7b/0x5450 [ 23.075695] kasan_report+0x140/0x180 [ 23.075761] ? kasan_atomics_helper+0x1d7b/0x5450 [ 23.075835] kasan_check_range+0x10c/0x1c0 [ 23.075922] __kasan_check_write+0x18/0x20 [ 23.075986] kasan_atomics_helper+0x1d7b/0x5450 [ 23.076051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.076116] ? kasan_save_alloc_info+0x3b/0x50 [ 23.076180] ? kasan_save_track+0x18/0x40 [ 23.076248] kasan_atomics+0x1dd/0x310 [ 23.076310] ? __pfx_kasan_atomics+0x10/0x10 [ 23.076372] ? __pfx_read_tsc+0x10/0x10 [ 23.076429] ? ktime_get_ts64+0x86/0x230 [ 23.076502] kunit_try_run_case+0x1a6/0x480 [ 23.076571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.076627] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.076698] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.076763] ? __kthread_parkme+0x82/0x160 [ 23.076829] ? preempt_count_sub+0x50/0x80 [ 23.076913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.076975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.077046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.077113] kthread+0x324/0x6e0 [ 23.077169] ? trace_preempt_on+0x20/0xc0 [ 23.077230] ? __pfx_kthread+0x10/0x10 [ 23.077289] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.077358] ? calculate_sigpending+0x7b/0xa0 [ 23.077409] ? __pfx_kthread+0x10/0x10 [ 23.077463] ret_from_fork+0x41/0x80 [ 23.077514] ? __pfx_kthread+0x10/0x10 [ 23.077573] ret_from_fork_asm+0x1a/0x30 [ 23.077659] </TASK> [ 23.077691] [ 23.092959] Allocated by task 273: [ 23.093451] kasan_save_stack+0x45/0x70 [ 23.093951] kasan_save_track+0x18/0x40 [ 23.094380] kasan_save_alloc_info+0x3b/0x50 [ 23.094860] __kasan_kmalloc+0xb7/0xc0 [ 23.095303] __kmalloc_cache_noprof+0x18a/0x420 [ 23.095819] kasan_atomics+0x96/0x310 [ 23.096270] kunit_try_run_case+0x1a6/0x480 [ 23.096748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.097238] kthread+0x324/0x6e0 [ 23.097807] ret_from_fork+0x41/0x80 [ 23.098141] ret_from_fork_asm+0x1a/0x30 [ 23.098602] [ 23.099114] The buggy address belongs to the object at ffff888102993400 [ 23.099114] which belongs to the cache kmalloc-64 of size 64 [ 23.099925] The buggy address is located 0 bytes to the right of [ 23.099925] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.101013] [ 23.101100] The buggy address belongs to the physical page: [ 23.101244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.101932] flags: 0x200000000000000(node=0|zone=2) [ 23.102248] page_type: f5(slab) [ 23.103145] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.103971] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.104583] page dumped because: kasan: bad access detected [ 23.105094] [ 23.105618] Memory state around the buggy address: [ 23.105864] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.106096] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.106269] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.106871] ^ [ 23.107339] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.108197] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.108935] ================================================================== [ 23.426322] ================================================================== [ 23.426931] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 23.427584] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.428011] [ 23.428283] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.428417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.428449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.428524] Call Trace: [ 23.428592] <TASK> [ 23.428653] dump_stack_lvl+0x73/0xb0 [ 23.428760] print_report+0xd1/0x650 [ 23.428822] ? __virt_addr_valid+0x1db/0x2d0 [ 23.428879] ? kasan_atomics_helper+0x4fa7/0x5450 [ 23.428912] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.428948] ? kasan_atomics_helper+0x4fa7/0x5450 [ 23.428994] kasan_report+0x140/0x180 [ 23.429049] ? kasan_atomics_helper+0x4fa7/0x5450 [ 23.429116] __asan_report_load8_noabort+0x18/0x20 [ 23.429192] kasan_atomics_helper+0x4fa7/0x5450 [ 23.429275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.429333] ? kasan_save_alloc_info+0x3b/0x50 [ 23.429399] ? kasan_save_track+0x18/0x40 [ 23.429480] kasan_atomics+0x1dd/0x310 [ 23.429546] ? __pfx_kasan_atomics+0x10/0x10 [ 23.429613] ? __pfx_read_tsc+0x10/0x10 [ 23.429668] ? ktime_get_ts64+0x86/0x230 [ 23.429709] kunit_try_run_case+0x1a6/0x480 [ 23.429745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.429775] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.429811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.429860] ? __kthread_parkme+0x82/0x160 [ 23.429898] ? preempt_count_sub+0x50/0x80 [ 23.429932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.429964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.430000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.430035] kthread+0x324/0x6e0 [ 23.430064] ? trace_preempt_on+0x20/0xc0 [ 23.430098] ? __pfx_kthread+0x10/0x10 [ 23.430129] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.430161] ? calculate_sigpending+0x7b/0xa0 [ 23.430191] ? __pfx_kthread+0x10/0x10 [ 23.430221] ret_from_fork+0x41/0x80 [ 23.430248] ? __pfx_kthread+0x10/0x10 [ 23.430277] ret_from_fork_asm+0x1a/0x30 [ 23.430335] </TASK> [ 23.430352] [ 23.443409] Allocated by task 273: [ 23.443866] kasan_save_stack+0x45/0x70 [ 23.444311] kasan_save_track+0x18/0x40 [ 23.444564] kasan_save_alloc_info+0x3b/0x50 [ 23.444830] __kasan_kmalloc+0xb7/0xc0 [ 23.445109] __kmalloc_cache_noprof+0x18a/0x420 [ 23.445431] kasan_atomics+0x96/0x310 [ 23.445888] kunit_try_run_case+0x1a6/0x480 [ 23.446353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.446873] kthread+0x324/0x6e0 [ 23.447292] ret_from_fork+0x41/0x80 [ 23.447672] ret_from_fork_asm+0x1a/0x30 [ 23.448101] [ 23.448319] The buggy address belongs to the object at ffff888102993400 [ 23.448319] which belongs to the cache kmalloc-64 of size 64 [ 23.449016] The buggy address is located 0 bytes to the right of [ 23.449016] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.450143] [ 23.450351] The buggy address belongs to the physical page: [ 23.450834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.451426] flags: 0x200000000000000(node=0|zone=2) [ 23.451739] page_type: f5(slab) [ 23.452021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.452816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.453280] page dumped because: kasan: bad access detected [ 23.453769] [ 23.453961] Memory state around the buggy address: [ 23.454327] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.454736] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.455101] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.455562] ^ [ 23.456131] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.456734] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.457591] ================================================================== [ 22.091179] ================================================================== [ 22.091774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 22.092275] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.093005] [ 22.093239] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.093410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.093441] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.093483] Call Trace: [ 22.093524] <TASK> [ 22.093560] dump_stack_lvl+0x73/0xb0 [ 22.093626] print_report+0xd1/0x650 [ 22.093675] ? __virt_addr_valid+0x1db/0x2d0 [ 22.093726] ? kasan_atomics_helper+0x107a/0x5450 [ 22.093806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.093894] ? kasan_atomics_helper+0x107a/0x5450 [ 22.093955] kasan_report+0x140/0x180 [ 22.094019] ? kasan_atomics_helper+0x107a/0x5450 [ 22.094091] kasan_check_range+0x10c/0x1c0 [ 22.094156] __kasan_check_write+0x18/0x20 [ 22.094214] kasan_atomics_helper+0x107a/0x5450 [ 22.094341] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.094411] ? kasan_save_alloc_info+0x3b/0x50 [ 22.094472] ? kasan_save_track+0x18/0x40 [ 22.094540] kasan_atomics+0x1dd/0x310 [ 22.094632] ? __pfx_kasan_atomics+0x10/0x10 [ 22.094696] ? __pfx_read_tsc+0x10/0x10 [ 22.094755] ? ktime_get_ts64+0x86/0x230 [ 22.094825] kunit_try_run_case+0x1a6/0x480 [ 22.094910] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.094996] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.095072] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.095152] ? __kthread_parkme+0x82/0x160 [ 22.095210] ? preempt_count_sub+0x50/0x80 [ 22.095275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.095378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.095456] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.095514] kthread+0x324/0x6e0 [ 22.095548] ? trace_preempt_on+0x20/0xc0 [ 22.095583] ? __pfx_kthread+0x10/0x10 [ 22.095614] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.095647] ? calculate_sigpending+0x7b/0xa0 [ 22.095688] ? __pfx_kthread+0x10/0x10 [ 22.095720] ret_from_fork+0x41/0x80 [ 22.095748] ? __pfx_kthread+0x10/0x10 [ 22.095777] ret_from_fork_asm+0x1a/0x30 [ 22.095820] </TASK> [ 22.095836] [ 22.108961] Allocated by task 273: [ 22.109417] kasan_save_stack+0x45/0x70 [ 22.109745] kasan_save_track+0x18/0x40 [ 22.110206] kasan_save_alloc_info+0x3b/0x50 [ 22.110665] __kasan_kmalloc+0xb7/0xc0 [ 22.111102] __kmalloc_cache_noprof+0x18a/0x420 [ 22.111546] kasan_atomics+0x96/0x310 [ 22.111974] kunit_try_run_case+0x1a6/0x480 [ 22.112478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.112914] kthread+0x324/0x6e0 [ 22.113280] ret_from_fork+0x41/0x80 [ 22.113742] ret_from_fork_asm+0x1a/0x30 [ 22.114028] [ 22.114265] The buggy address belongs to the object at ffff888102993400 [ 22.114265] which belongs to the cache kmalloc-64 of size 64 [ 22.115036] The buggy address is located 0 bytes to the right of [ 22.115036] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.115737] [ 22.115952] The buggy address belongs to the physical page: [ 22.116492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.117240] flags: 0x200000000000000(node=0|zone=2) [ 22.117732] page_type: f5(slab) [ 22.118104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.118804] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.119524] page dumped because: kasan: bad access detected [ 22.120195] [ 22.121498] Memory state around the buggy address: [ 22.121969] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.122357] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.122698] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.123057] ^ [ 22.123316] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.123727] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.124323] ================================================================== [ 21.578263] ================================================================== [ 21.578935] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 21.579797] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.580928] [ 21.581141] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.581251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.581298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.581356] Call Trace: [ 21.581400] <TASK> [ 21.581446] dump_stack_lvl+0x73/0xb0 [ 21.581527] print_report+0xd1/0x650 [ 21.581592] ? __virt_addr_valid+0x1db/0x2d0 [ 21.581657] ? kasan_atomics_helper+0x8fa/0x5450 [ 21.581717] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.581786] ? kasan_atomics_helper+0x8fa/0x5450 [ 21.581984] kasan_report+0x140/0x180 [ 21.582090] ? kasan_atomics_helper+0x8fa/0x5450 [ 21.582190] kasan_check_range+0x10c/0x1c0 [ 21.582259] __kasan_check_write+0x18/0x20 [ 21.582359] kasan_atomics_helper+0x8fa/0x5450 [ 21.582414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.582478] ? kasan_save_alloc_info+0x3b/0x50 [ 21.582533] ? kasan_save_track+0x18/0x40 [ 21.582574] kasan_atomics+0x1dd/0x310 [ 21.582610] ? __pfx_kasan_atomics+0x10/0x10 [ 21.582642] ? __pfx_read_tsc+0x10/0x10 [ 21.582674] ? ktime_get_ts64+0x86/0x230 [ 21.582710] kunit_try_run_case+0x1a6/0x480 [ 21.582746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.582776] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.582810] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.582843] ? __kthread_parkme+0x82/0x160 [ 21.582898] ? preempt_count_sub+0x50/0x80 [ 21.582933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.582965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.583000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.583035] kthread+0x324/0x6e0 [ 21.583064] ? trace_preempt_on+0x20/0xc0 [ 21.583097] ? __pfx_kthread+0x10/0x10 [ 21.583128] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.583159] ? calculate_sigpending+0x7b/0xa0 [ 21.583189] ? __pfx_kthread+0x10/0x10 [ 21.583218] ret_from_fork+0x41/0x80 [ 21.583245] ? __pfx_kthread+0x10/0x10 [ 21.583275] ret_from_fork_asm+0x1a/0x30 [ 21.583333] </TASK> [ 21.583349] [ 21.602284] Allocated by task 273: [ 21.602983] kasan_save_stack+0x45/0x70 [ 21.603414] kasan_save_track+0x18/0x40 [ 21.603846] kasan_save_alloc_info+0x3b/0x50 [ 21.604228] __kasan_kmalloc+0xb7/0xc0 [ 21.604579] __kmalloc_cache_noprof+0x18a/0x420 [ 21.605591] kasan_atomics+0x96/0x310 [ 21.605925] kunit_try_run_case+0x1a6/0x480 [ 21.606419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.607111] kthread+0x324/0x6e0 [ 21.607668] ret_from_fork+0x41/0x80 [ 21.608019] ret_from_fork_asm+0x1a/0x30 [ 21.608950] [ 21.609169] The buggy address belongs to the object at ffff888102993400 [ 21.609169] which belongs to the cache kmalloc-64 of size 64 [ 21.610197] The buggy address is located 0 bytes to the right of [ 21.610197] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.611593] [ 21.611878] The buggy address belongs to the physical page: [ 21.612283] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.613239] flags: 0x200000000000000(node=0|zone=2) [ 21.614049] page_type: f5(slab) [ 21.614618] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.615223] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.616059] page dumped because: kasan: bad access detected [ 21.616888] [ 21.617026] Memory state around the buggy address: [ 21.617287] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.617863] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.618843] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.619355] ^ [ 21.620009] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.620933] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.621406] ================================================================== [ 22.678147] ================================================================== [ 22.678882] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 22.679579] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.681010] [ 22.681270] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.681407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.681439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.681491] Call Trace: [ 22.681529] <TASK> [ 22.681569] dump_stack_lvl+0x73/0xb0 [ 22.681639] print_report+0xd1/0x650 [ 22.681694] ? __virt_addr_valid+0x1db/0x2d0 [ 22.681748] ? kasan_atomics_helper+0x16e8/0x5450 [ 22.681796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.681873] ? kasan_atomics_helper+0x16e8/0x5450 [ 22.681925] kasan_report+0x140/0x180 [ 22.681977] ? kasan_atomics_helper+0x16e8/0x5450 [ 22.682037] kasan_check_range+0x10c/0x1c0 [ 22.682089] __kasan_check_write+0x18/0x20 [ 22.682140] kasan_atomics_helper+0x16e8/0x5450 [ 22.682191] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.682242] ? kasan_save_alloc_info+0x3b/0x50 [ 22.682332] ? kasan_save_track+0x18/0x40 [ 22.682388] kasan_atomics+0x1dd/0x310 [ 22.682441] ? __pfx_kasan_atomics+0x10/0x10 [ 22.682491] ? __pfx_read_tsc+0x10/0x10 [ 22.682540] ? ktime_get_ts64+0x86/0x230 [ 22.682599] kunit_try_run_case+0x1a6/0x480 [ 22.682660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.682722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.682796] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.682891] ? __kthread_parkme+0x82/0x160 [ 22.682957] ? preempt_count_sub+0x50/0x80 [ 22.683026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.683094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.683185] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.683303] kthread+0x324/0x6e0 [ 22.683357] ? trace_preempt_on+0x20/0xc0 [ 22.683429] ? __pfx_kthread+0x10/0x10 [ 22.683495] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.683557] ? calculate_sigpending+0x7b/0xa0 [ 22.683615] ? __pfx_kthread+0x10/0x10 [ 22.683670] ret_from_fork+0x41/0x80 [ 22.683734] ? __pfx_kthread+0x10/0x10 [ 22.683790] ret_from_fork_asm+0x1a/0x30 [ 22.684843] </TASK> [ 22.684920] [ 22.704002] Allocated by task 273: [ 22.704494] kasan_save_stack+0x45/0x70 [ 22.704962] kasan_save_track+0x18/0x40 [ 22.705177] kasan_save_alloc_info+0x3b/0x50 [ 22.705615] __kasan_kmalloc+0xb7/0xc0 [ 22.705942] __kmalloc_cache_noprof+0x18a/0x420 [ 22.706353] kasan_atomics+0x96/0x310 [ 22.706646] kunit_try_run_case+0x1a6/0x480 [ 22.707109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.707474] kthread+0x324/0x6e0 [ 22.707875] ret_from_fork+0x41/0x80 [ 22.708281] ret_from_fork_asm+0x1a/0x30 [ 22.708766] [ 22.708953] The buggy address belongs to the object at ffff888102993400 [ 22.708953] which belongs to the cache kmalloc-64 of size 64 [ 22.709536] The buggy address is located 0 bytes to the right of [ 22.709536] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.710283] [ 22.710564] The buggy address belongs to the physical page: [ 22.711087] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.711640] flags: 0x200000000000000(node=0|zone=2) [ 22.712156] page_type: f5(slab) [ 22.712449] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.713086] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.713552] page dumped because: kasan: bad access detected [ 22.714048] [ 22.714185] Memory state around the buggy address: [ 22.714863] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.715327] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.715761] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.716197] ^ [ 22.716576] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.717939] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.718474] ================================================================== [ 23.211022] ================================================================== [ 23.211818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 23.212512] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.213055] [ 23.213393] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.213518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.213556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.213628] Call Trace: [ 23.213676] <TASK> [ 23.213737] dump_stack_lvl+0x73/0xb0 [ 23.213839] print_report+0xd1/0x650 [ 23.213921] ? __virt_addr_valid+0x1db/0x2d0 [ 23.213983] ? kasan_atomics_helper+0x4f73/0x5450 [ 23.214047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.214115] ? kasan_atomics_helper+0x4f73/0x5450 [ 23.214177] kasan_report+0x140/0x180 [ 23.214236] ? kasan_atomics_helper+0x4f73/0x5450 [ 23.214349] __asan_report_load8_noabort+0x18/0x20 [ 23.214424] kasan_atomics_helper+0x4f73/0x5450 [ 23.214487] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.214552] ? kasan_save_alloc_info+0x3b/0x50 [ 23.214617] ? kasan_save_track+0x18/0x40 [ 23.214683] kasan_atomics+0x1dd/0x310 [ 23.214748] ? __pfx_kasan_atomics+0x10/0x10 [ 23.214814] ? __pfx_read_tsc+0x10/0x10 [ 23.214895] ? ktime_get_ts64+0x86/0x230 [ 23.214967] kunit_try_run_case+0x1a6/0x480 [ 23.215038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.215098] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.215168] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.215236] ? __kthread_parkme+0x82/0x160 [ 23.215336] ? preempt_count_sub+0x50/0x80 [ 23.215411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.215484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.215557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.215630] kthread+0x324/0x6e0 [ 23.215700] ? trace_preempt_on+0x20/0xc0 [ 23.215769] ? __pfx_kthread+0x10/0x10 [ 23.215822] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.215904] ? calculate_sigpending+0x7b/0xa0 [ 23.215991] ? __pfx_kthread+0x10/0x10 [ 23.216051] ret_from_fork+0x41/0x80 [ 23.216104] ? __pfx_kthread+0x10/0x10 [ 23.216161] ret_from_fork_asm+0x1a/0x30 [ 23.216264] </TASK> [ 23.216327] [ 23.228808] Allocated by task 273: [ 23.229269] kasan_save_stack+0x45/0x70 [ 23.229682] kasan_save_track+0x18/0x40 [ 23.230061] kasan_save_alloc_info+0x3b/0x50 [ 23.230444] __kasan_kmalloc+0xb7/0xc0 [ 23.230896] __kmalloc_cache_noprof+0x18a/0x420 [ 23.231371] kasan_atomics+0x96/0x310 [ 23.231783] kunit_try_run_case+0x1a6/0x480 [ 23.232111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.232698] kthread+0x324/0x6e0 [ 23.233067] ret_from_fork+0x41/0x80 [ 23.233481] ret_from_fork_asm+0x1a/0x30 [ 23.233943] [ 23.234105] The buggy address belongs to the object at ffff888102993400 [ 23.234105] which belongs to the cache kmalloc-64 of size 64 [ 23.235050] The buggy address is located 0 bytes to the right of [ 23.235050] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.235839] [ 23.236103] The buggy address belongs to the physical page: [ 23.236653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.237236] flags: 0x200000000000000(node=0|zone=2) [ 23.237582] page_type: f5(slab) [ 23.237980] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.238686] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.239179] page dumped because: kasan: bad access detected [ 23.240141] [ 23.240311] Memory state around the buggy address: [ 23.240579] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.241463] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.242120] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.243579] ^ [ 23.244446] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.245069] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.245774] ================================================================== [ 23.009535] ================================================================== [ 23.010350] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 23.010722] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.012215] [ 23.012375] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.012465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.012494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.012536] Call Trace: [ 23.012574] <TASK> [ 23.012611] dump_stack_lvl+0x73/0xb0 [ 23.012680] print_report+0xd1/0x650 [ 23.012742] ? __virt_addr_valid+0x1db/0x2d0 [ 23.012803] ? kasan_atomics_helper+0x4f32/0x5450 [ 23.013068] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.013141] ? kasan_atomics_helper+0x4f32/0x5450 [ 23.013201] kasan_report+0x140/0x180 [ 23.013264] ? kasan_atomics_helper+0x4f32/0x5450 [ 23.013325] __asan_report_load8_noabort+0x18/0x20 [ 23.013363] kasan_atomics_helper+0x4f32/0x5450 [ 23.013395] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.013429] ? kasan_save_alloc_info+0x3b/0x50 [ 23.013460] ? kasan_save_track+0x18/0x40 [ 23.013492] kasan_atomics+0x1dd/0x310 [ 23.013523] ? __pfx_kasan_atomics+0x10/0x10 [ 23.013555] ? __pfx_read_tsc+0x10/0x10 [ 23.013584] ? ktime_get_ts64+0x86/0x230 [ 23.013620] kunit_try_run_case+0x1a6/0x480 [ 23.013654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.013683] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.013718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.013750] ? __kthread_parkme+0x82/0x160 [ 23.013781] ? preempt_count_sub+0x50/0x80 [ 23.013814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.013865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.013905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.013941] kthread+0x324/0x6e0 [ 23.013970] ? trace_preempt_on+0x20/0xc0 [ 23.014003] ? __pfx_kthread+0x10/0x10 [ 23.014033] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.014065] ? calculate_sigpending+0x7b/0xa0 [ 23.014096] ? __pfx_kthread+0x10/0x10 [ 23.014126] ret_from_fork+0x41/0x80 [ 23.014152] ? __pfx_kthread+0x10/0x10 [ 23.014182] ret_from_fork_asm+0x1a/0x30 [ 23.014225] </TASK> [ 23.014241] [ 23.025902] Allocated by task 273: [ 23.026248] kasan_save_stack+0x45/0x70 [ 23.026654] kasan_save_track+0x18/0x40 [ 23.026965] kasan_save_alloc_info+0x3b/0x50 [ 23.027251] __kasan_kmalloc+0xb7/0xc0 [ 23.027634] __kmalloc_cache_noprof+0x18a/0x420 [ 23.027968] kasan_atomics+0x96/0x310 [ 23.028340] kunit_try_run_case+0x1a6/0x480 [ 23.028667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.029228] kthread+0x324/0x6e0 [ 23.029572] ret_from_fork+0x41/0x80 [ 23.029837] ret_from_fork_asm+0x1a/0x30 [ 23.030212] [ 23.030362] The buggy address belongs to the object at ffff888102993400 [ 23.030362] which belongs to the cache kmalloc-64 of size 64 [ 23.031257] The buggy address is located 0 bytes to the right of [ 23.031257] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.032256] [ 23.032434] The buggy address belongs to the physical page: [ 23.032730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.033458] flags: 0x200000000000000(node=0|zone=2) [ 23.033803] page_type: f5(slab) [ 23.034167] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.034992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.035352] page dumped because: kasan: bad access detected [ 23.035630] [ 23.035788] Memory state around the buggy address: [ 23.036306] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.037364] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.038061] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.038627] ^ [ 23.038965] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.039308] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.039913] ================================================================== [ 21.323218] ================================================================== [ 21.323818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 21.324578] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.325257] [ 21.325561] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.325791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.325845] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.325910] Call Trace: [ 21.325953] <TASK> [ 21.325998] dump_stack_lvl+0x73/0xb0 [ 21.326082] print_report+0xd1/0x650 [ 21.326145] ? __virt_addr_valid+0x1db/0x2d0 [ 21.326212] ? kasan_atomics_helper+0x566/0x5450 [ 21.326274] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.326338] ? kasan_atomics_helper+0x566/0x5450 [ 21.326391] kasan_report+0x140/0x180 [ 21.326430] ? kasan_atomics_helper+0x566/0x5450 [ 21.326488] kasan_check_range+0x10c/0x1c0 [ 21.326543] __kasan_check_write+0x18/0x20 [ 21.326594] kasan_atomics_helper+0x566/0x5450 [ 21.326643] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.326694] ? kasan_save_alloc_info+0x3b/0x50 [ 21.326744] ? kasan_save_track+0x18/0x40 [ 21.326797] kasan_atomics+0x1dd/0x310 [ 21.326845] ? __pfx_kasan_atomics+0x10/0x10 [ 21.326901] ? __pfx_read_tsc+0x10/0x10 [ 21.326934] ? ktime_get_ts64+0x86/0x230 [ 21.326971] kunit_try_run_case+0x1a6/0x480 [ 21.327005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.327034] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.327068] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.327127] ? __kthread_parkme+0x82/0x160 [ 21.327162] ? preempt_count_sub+0x50/0x80 [ 21.327198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.327231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.327267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.327302] kthread+0x324/0x6e0 [ 21.327331] ? trace_preempt_on+0x20/0xc0 [ 21.327364] ? __pfx_kthread+0x10/0x10 [ 21.327394] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.327426] ? calculate_sigpending+0x7b/0xa0 [ 21.327456] ? __pfx_kthread+0x10/0x10 [ 21.327486] ret_from_fork+0x41/0x80 [ 21.327512] ? __pfx_kthread+0x10/0x10 [ 21.327542] ret_from_fork_asm+0x1a/0x30 [ 21.327585] </TASK> [ 21.327601] [ 21.345975] Allocated by task 273: [ 21.346669] kasan_save_stack+0x45/0x70 [ 21.346922] kasan_save_track+0x18/0x40 [ 21.347311] kasan_save_alloc_info+0x3b/0x50 [ 21.348191] __kasan_kmalloc+0xb7/0xc0 [ 21.348787] __kmalloc_cache_noprof+0x18a/0x420 [ 21.349251] kasan_atomics+0x96/0x310 [ 21.350030] kunit_try_run_case+0x1a6/0x480 [ 21.350540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.350784] kthread+0x324/0x6e0 [ 21.350993] ret_from_fork+0x41/0x80 [ 21.351327] ret_from_fork_asm+0x1a/0x30 [ 21.351786] [ 21.352003] The buggy address belongs to the object at ffff888102993400 [ 21.352003] which belongs to the cache kmalloc-64 of size 64 [ 21.353006] The buggy address is located 0 bytes to the right of [ 21.353006] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.353874] [ 21.354035] The buggy address belongs to the physical page: [ 21.355098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.355949] flags: 0x200000000000000(node=0|zone=2) [ 21.356345] page_type: f5(slab) [ 21.356923] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.357378] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.358011] page dumped because: kasan: bad access detected [ 21.358399] [ 21.358583] Memory state around the buggy address: [ 21.359062] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.359464] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.361009] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.361799] ^ [ 21.362231] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.362956] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.363567] ================================================================== [ 22.627626] ================================================================== [ 22.628312] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 22.630479] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.632217] [ 22.632510] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.632624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.632662] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.632718] Call Trace: [ 22.632760] <TASK> [ 22.632800] dump_stack_lvl+0x73/0xb0 [ 22.633525] print_report+0xd1/0x650 [ 22.633601] ? __virt_addr_valid+0x1db/0x2d0 [ 22.633660] ? kasan_atomics_helper+0x1650/0x5450 [ 22.633711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.633773] ? kasan_atomics_helper+0x1650/0x5450 [ 22.633833] kasan_report+0x140/0x180 [ 22.633919] ? kasan_atomics_helper+0x1650/0x5450 [ 22.633984] kasan_check_range+0x10c/0x1c0 [ 22.634039] __kasan_check_write+0x18/0x20 [ 22.634097] kasan_atomics_helper+0x1650/0x5450 [ 22.634156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.634207] ? kasan_save_alloc_info+0x3b/0x50 [ 22.634264] ? kasan_save_track+0x18/0x40 [ 22.634375] kasan_atomics+0x1dd/0x310 [ 22.634448] ? __pfx_kasan_atomics+0x10/0x10 [ 22.634510] ? __pfx_read_tsc+0x10/0x10 [ 22.634571] ? ktime_get_ts64+0x86/0x230 [ 22.634635] kunit_try_run_case+0x1a6/0x480 [ 22.634698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.634753] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.634818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.634902] ? __kthread_parkme+0x82/0x160 [ 22.634965] ? preempt_count_sub+0x50/0x80 [ 22.635032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.635097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.635171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.635242] kthread+0x324/0x6e0 [ 22.635343] ? trace_preempt_on+0x20/0xc0 [ 22.635421] ? __pfx_kthread+0x10/0x10 [ 22.635481] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.635550] ? calculate_sigpending+0x7b/0xa0 [ 22.635612] ? __pfx_kthread+0x10/0x10 [ 22.635672] ret_from_fork+0x41/0x80 [ 22.635741] ? __pfx_kthread+0x10/0x10 [ 22.635801] ret_from_fork_asm+0x1a/0x30 [ 22.635907] </TASK> [ 22.635939] [ 22.655703] Allocated by task 273: [ 22.657253] kasan_save_stack+0x45/0x70 [ 22.657774] kasan_save_track+0x18/0x40 [ 22.658318] kasan_save_alloc_info+0x3b/0x50 [ 22.658588] __kasan_kmalloc+0xb7/0xc0 [ 22.658979] __kmalloc_cache_noprof+0x18a/0x420 [ 22.659308] kasan_atomics+0x96/0x310 [ 22.660368] kunit_try_run_case+0x1a6/0x480 [ 22.660668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.660988] kthread+0x324/0x6e0 [ 22.661225] ret_from_fork+0x41/0x80 [ 22.661469] ret_from_fork_asm+0x1a/0x30 [ 22.661721] [ 22.662901] The buggy address belongs to the object at ffff888102993400 [ 22.662901] which belongs to the cache kmalloc-64 of size 64 [ 22.664538] The buggy address is located 0 bytes to the right of [ 22.664538] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.665649] [ 22.665896] The buggy address belongs to the physical page: [ 22.666461] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.667872] flags: 0x200000000000000(node=0|zone=2) [ 22.668422] page_type: f5(slab) [ 22.668795] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.669541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.670222] page dumped because: kasan: bad access detected [ 22.670770] [ 22.670994] Memory state around the buggy address: [ 22.672543] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.673212] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.673916] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.674279] ^ [ 22.674525] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675181] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.675896] ================================================================== [ 21.986610] ================================================================== [ 21.987266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 21.987887] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.988422] [ 21.988612] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.988720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.988752] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.988806] Call Trace: [ 21.988867] <TASK> [ 21.988910] dump_stack_lvl+0x73/0xb0 [ 21.988986] print_report+0xd1/0x650 [ 21.989049] ? __virt_addr_valid+0x1db/0x2d0 [ 21.989110] ? kasan_atomics_helper+0xf11/0x5450 [ 21.989170] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.989234] ? kasan_atomics_helper+0xf11/0x5450 [ 21.989331] kasan_report+0x140/0x180 [ 21.989399] ? kasan_atomics_helper+0xf11/0x5450 [ 21.989470] kasan_check_range+0x10c/0x1c0 [ 21.989531] __kasan_check_write+0x18/0x20 [ 21.989592] kasan_atomics_helper+0xf11/0x5450 [ 21.989646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.989707] ? kasan_save_alloc_info+0x3b/0x50 [ 21.989765] ? kasan_save_track+0x18/0x40 [ 21.989824] kasan_atomics+0x1dd/0x310 [ 21.989902] ? __pfx_kasan_atomics+0x10/0x10 [ 21.989968] ? __pfx_read_tsc+0x10/0x10 [ 21.990031] ? ktime_get_ts64+0x86/0x230 [ 21.990105] kunit_try_run_case+0x1a6/0x480 [ 21.990167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.990227] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.990326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.990392] ? __kthread_parkme+0x82/0x160 [ 21.990453] ? preempt_count_sub+0x50/0x80 [ 21.990523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.990568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.990608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.990645] kthread+0x324/0x6e0 [ 21.990674] ? trace_preempt_on+0x20/0xc0 [ 21.990708] ? __pfx_kthread+0x10/0x10 [ 21.990738] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.990770] ? calculate_sigpending+0x7b/0xa0 [ 21.990799] ? __pfx_kthread+0x10/0x10 [ 21.990831] ret_from_fork+0x41/0x80 [ 21.990879] ? __pfx_kthread+0x10/0x10 [ 21.990910] ret_from_fork_asm+0x1a/0x30 [ 21.990954] </TASK> [ 21.990971] [ 22.002830] Allocated by task 273: [ 22.003235] kasan_save_stack+0x45/0x70 [ 22.003661] kasan_save_track+0x18/0x40 [ 22.004094] kasan_save_alloc_info+0x3b/0x50 [ 22.004608] __kasan_kmalloc+0xb7/0xc0 [ 22.004899] __kmalloc_cache_noprof+0x18a/0x420 [ 22.005353] kasan_atomics+0x96/0x310 [ 22.005623] kunit_try_run_case+0x1a6/0x480 [ 22.005912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.006467] kthread+0x324/0x6e0 [ 22.006787] ret_from_fork+0x41/0x80 [ 22.007090] ret_from_fork_asm+0x1a/0x30 [ 22.007502] [ 22.007717] The buggy address belongs to the object at ffff888102993400 [ 22.007717] which belongs to the cache kmalloc-64 of size 64 [ 22.008794] The buggy address is located 0 bytes to the right of [ 22.008794] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.009356] [ 22.009508] The buggy address belongs to the physical page: [ 22.010015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.010866] flags: 0x200000000000000(node=0|zone=2) [ 22.011313] page_type: f5(slab) [ 22.011617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.012017] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.012366] page dumped because: kasan: bad access detected [ 22.012783] [ 22.013018] Memory state around the buggy address: [ 22.013536] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.014422] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.015062] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.015406] ^ [ 22.015670] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.016394] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.016940] ================================================================== [ 22.231936] ================================================================== [ 22.232445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 22.233418] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.233831] [ 22.234094] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.234200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.234236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.234291] Call Trace: [ 22.234338] <TASK> [ 22.234379] dump_stack_lvl+0x73/0xb0 [ 22.234455] print_report+0xd1/0x650 [ 22.234518] ? __virt_addr_valid+0x1db/0x2d0 [ 22.234581] ? kasan_atomics_helper+0x1218/0x5450 [ 22.234643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.234706] ? kasan_atomics_helper+0x1218/0x5450 [ 22.234759] kasan_report+0x140/0x180 [ 22.234818] ? kasan_atomics_helper+0x1218/0x5450 [ 22.234905] kasan_check_range+0x10c/0x1c0 [ 22.234971] __kasan_check_write+0x18/0x20 [ 22.235036] kasan_atomics_helper+0x1218/0x5450 [ 22.235101] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.235159] ? kasan_save_alloc_info+0x3b/0x50 [ 22.235197] ? kasan_save_track+0x18/0x40 [ 22.235231] kasan_atomics+0x1dd/0x310 [ 22.235263] ? __pfx_kasan_atomics+0x10/0x10 [ 22.235302] ? __pfx_read_tsc+0x10/0x10 [ 22.235344] ? ktime_get_ts64+0x86/0x230 [ 22.235380] kunit_try_run_case+0x1a6/0x480 [ 22.235415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.235444] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.235480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.235511] ? __kthread_parkme+0x82/0x160 [ 22.235543] ? preempt_count_sub+0x50/0x80 [ 22.235576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.235608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.235643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.235688] kthread+0x324/0x6e0 [ 22.235719] ? trace_preempt_on+0x20/0xc0 [ 22.235753] ? __pfx_kthread+0x10/0x10 [ 22.235784] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.235816] ? calculate_sigpending+0x7b/0xa0 [ 22.235846] ? __pfx_kthread+0x10/0x10 [ 22.235898] ret_from_fork+0x41/0x80 [ 22.235925] ? __pfx_kthread+0x10/0x10 [ 22.235955] ret_from_fork_asm+0x1a/0x30 [ 22.235997] </TASK> [ 22.236013] [ 22.250355] Allocated by task 273: [ 22.250642] kasan_save_stack+0x45/0x70 [ 22.251158] kasan_save_track+0x18/0x40 [ 22.251508] kasan_save_alloc_info+0x3b/0x50 [ 22.251796] __kasan_kmalloc+0xb7/0xc0 [ 22.252054] __kmalloc_cache_noprof+0x18a/0x420 [ 22.252634] kasan_atomics+0x96/0x310 [ 22.253093] kunit_try_run_case+0x1a6/0x480 [ 22.253567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.254172] kthread+0x324/0x6e0 [ 22.254632] ret_from_fork+0x41/0x80 [ 22.255083] ret_from_fork_asm+0x1a/0x30 [ 22.255522] [ 22.255673] The buggy address belongs to the object at ffff888102993400 [ 22.255673] which belongs to the cache kmalloc-64 of size 64 [ 22.256770] The buggy address is located 0 bytes to the right of [ 22.256770] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.257694] [ 22.257980] The buggy address belongs to the physical page: [ 22.258520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.259059] flags: 0x200000000000000(node=0|zone=2) [ 22.259605] page_type: f5(slab) [ 22.260048] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.260722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.261384] page dumped because: kasan: bad access detected [ 22.261733] [ 22.261952] Memory state around the buggy address: [ 22.262490] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.263128] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.263872] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.264160] ^ [ 22.264724] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.265323] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.265945] ================================================================== [ 21.450969] ================================================================== [ 21.451641] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 21.452490] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.453216] [ 21.453514] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.453613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.453646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.453692] Call Trace: [ 21.453736] <TASK> [ 21.453774] dump_stack_lvl+0x73/0xb0 [ 21.453846] print_report+0xd1/0x650 [ 21.453920] ? __virt_addr_valid+0x1db/0x2d0 [ 21.453976] ? kasan_atomics_helper+0x730/0x5450 [ 21.454033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.454132] ? kasan_atomics_helper+0x730/0x5450 [ 21.454192] kasan_report+0x140/0x180 [ 21.454275] ? kasan_atomics_helper+0x730/0x5450 [ 21.454400] kasan_check_range+0x10c/0x1c0 [ 21.454518] __kasan_check_write+0x18/0x20 [ 21.454582] kasan_atomics_helper+0x730/0x5450 [ 21.454635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.454689] ? kasan_save_alloc_info+0x3b/0x50 [ 21.454748] ? kasan_save_track+0x18/0x40 [ 21.454813] kasan_atomics+0x1dd/0x310 [ 21.454896] ? __pfx_kasan_atomics+0x10/0x10 [ 21.454963] ? __pfx_read_tsc+0x10/0x10 [ 21.455025] ? ktime_get_ts64+0x86/0x230 [ 21.455097] kunit_try_run_case+0x1a6/0x480 [ 21.455162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.455197] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.455233] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.455267] ? __kthread_parkme+0x82/0x160 [ 21.455318] ? preempt_count_sub+0x50/0x80 [ 21.455359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.455392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.455433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.455492] kthread+0x324/0x6e0 [ 21.455542] ? trace_preempt_on+0x20/0xc0 [ 21.455598] ? __pfx_kthread+0x10/0x10 [ 21.455638] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.455673] ? calculate_sigpending+0x7b/0xa0 [ 21.455715] ? __pfx_kthread+0x10/0x10 [ 21.455746] ret_from_fork+0x41/0x80 [ 21.455775] ? __pfx_kthread+0x10/0x10 [ 21.455805] ret_from_fork_asm+0x1a/0x30 [ 21.455848] </TASK> [ 21.455884] [ 21.473711] Allocated by task 273: [ 21.474050] kasan_save_stack+0x45/0x70 [ 21.475121] kasan_save_track+0x18/0x40 [ 21.475876] kasan_save_alloc_info+0x3b/0x50 [ 21.476167] __kasan_kmalloc+0xb7/0xc0 [ 21.476801] __kmalloc_cache_noprof+0x18a/0x420 [ 21.477360] kasan_atomics+0x96/0x310 [ 21.477891] kunit_try_run_case+0x1a6/0x480 [ 21.478288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.478972] kthread+0x324/0x6e0 [ 21.479843] ret_from_fork+0x41/0x80 [ 21.480229] ret_from_fork_asm+0x1a/0x30 [ 21.480827] [ 21.481081] The buggy address belongs to the object at ffff888102993400 [ 21.481081] which belongs to the cache kmalloc-64 of size 64 [ 21.482448] The buggy address is located 0 bytes to the right of [ 21.482448] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.484057] [ 21.484191] The buggy address belongs to the physical page: [ 21.485045] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.486091] flags: 0x200000000000000(node=0|zone=2) [ 21.486471] page_type: f5(slab) [ 21.486706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.487161] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.487746] page dumped because: kasan: bad access detected [ 21.489032] [ 21.489381] Memory state around the buggy address: [ 21.489961] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.490404] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.491177] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.492134] ^ [ 21.492596] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.493084] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.493556] ================================================================== [ 22.827923] ================================================================== [ 22.828660] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 22.828987] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.829905] [ 22.830219] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.830329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.830367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.830421] Call Trace: [ 22.830467] <TASK> [ 22.830511] dump_stack_lvl+0x73/0xb0 [ 22.830590] print_report+0xd1/0x650 [ 22.830659] ? __virt_addr_valid+0x1db/0x2d0 [ 22.830722] ? kasan_atomics_helper+0x194b/0x5450 [ 22.830781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.830887] ? kasan_atomics_helper+0x194b/0x5450 [ 22.830953] kasan_report+0x140/0x180 [ 22.831020] ? kasan_atomics_helper+0x194b/0x5450 [ 22.831088] kasan_check_range+0x10c/0x1c0 [ 22.831149] __kasan_check_write+0x18/0x20 [ 22.831210] kasan_atomics_helper+0x194b/0x5450 [ 22.831299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.831364] ? kasan_save_alloc_info+0x3b/0x50 [ 22.831428] ? kasan_save_track+0x18/0x40 [ 22.831487] kasan_atomics+0x1dd/0x310 [ 22.831549] ? __pfx_kasan_atomics+0x10/0x10 [ 22.831635] ? __pfx_read_tsc+0x10/0x10 [ 22.831708] ? ktime_get_ts64+0x86/0x230 [ 22.831780] kunit_try_run_case+0x1a6/0x480 [ 22.831861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.831919] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.832016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.832083] ? __kthread_parkme+0x82/0x160 [ 22.832144] ? preempt_count_sub+0x50/0x80 [ 22.832213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.832296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.832364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.832429] kthread+0x324/0x6e0 [ 22.832486] ? trace_preempt_on+0x20/0xc0 [ 22.832553] ? __pfx_kthread+0x10/0x10 [ 22.832611] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.832670] ? calculate_sigpending+0x7b/0xa0 [ 22.832726] ? __pfx_kthread+0x10/0x10 [ 22.832789] ret_from_fork+0x41/0x80 [ 22.832894] ? __pfx_kthread+0x10/0x10 [ 22.832958] ret_from_fork_asm+0x1a/0x30 [ 22.833046] </TASK> [ 22.833081] [ 22.847563] Allocated by task 273: [ 22.848069] kasan_save_stack+0x45/0x70 [ 22.848572] kasan_save_track+0x18/0x40 [ 22.849052] kasan_save_alloc_info+0x3b/0x50 [ 22.849375] __kasan_kmalloc+0xb7/0xc0 [ 22.849618] __kmalloc_cache_noprof+0x18a/0x420 [ 22.849898] kasan_atomics+0x96/0x310 [ 22.850358] kunit_try_run_case+0x1a6/0x480 [ 22.850872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.851476] kthread+0x324/0x6e0 [ 22.851869] ret_from_fork+0x41/0x80 [ 22.852351] ret_from_fork_asm+0x1a/0x30 [ 22.852834] [ 22.853074] The buggy address belongs to the object at ffff888102993400 [ 22.853074] which belongs to the cache kmalloc-64 of size 64 [ 22.854169] The buggy address is located 0 bytes to the right of [ 22.854169] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.855199] [ 22.855507] The buggy address belongs to the physical page: [ 22.856086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.856796] flags: 0x200000000000000(node=0|zone=2) [ 22.857325] page_type: f5(slab) [ 22.857728] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.858190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.858948] page dumped because: kasan: bad access detected [ 22.859527] [ 22.859721] Memory state around the buggy address: [ 22.860231] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.860863] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.861552] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.862105] ^ [ 22.862615] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.863230] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.863769] ================================================================== [ 20.995998] ================================================================== [ 20.997176] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 20.997515] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 20.998205] [ 20.998509] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.998638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.998673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.998730] Call Trace: [ 20.998762] <TASK> [ 20.998803] dump_stack_lvl+0x73/0xb0 [ 20.998900] print_report+0xd1/0x650 [ 20.998963] ? __virt_addr_valid+0x1db/0x2d0 [ 20.999020] ? kasan_atomics_helper+0x4bbe/0x5450 [ 20.999074] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.999137] ? kasan_atomics_helper+0x4bbe/0x5450 [ 20.999194] kasan_report+0x140/0x180 [ 20.999252] ? kasan_atomics_helper+0x4bbe/0x5450 [ 20.999312] __asan_report_load4_noabort+0x18/0x20 [ 20.999380] kasan_atomics_helper+0x4bbe/0x5450 [ 20.999455] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.999527] ? kasan_save_alloc_info+0x3b/0x50 [ 20.999581] ? kasan_save_track+0x18/0x40 [ 20.999634] kasan_atomics+0x1dd/0x310 [ 20.999708] ? __pfx_kasan_atomics+0x10/0x10 [ 20.999769] ? __pfx_read_tsc+0x10/0x10 [ 20.999828] ? ktime_get_ts64+0x86/0x230 [ 20.999920] kunit_try_run_case+0x1a6/0x480 [ 20.999990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.000045] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.000086] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.000118] ? __kthread_parkme+0x82/0x160 [ 21.000151] ? preempt_count_sub+0x50/0x80 [ 21.000184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.000213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.000246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.000280] kthread+0x324/0x6e0 [ 21.000319] ? trace_preempt_on+0x20/0xc0 [ 21.000356] ? __pfx_kthread+0x10/0x10 [ 21.000385] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.000415] ? calculate_sigpending+0x7b/0xa0 [ 21.000458] ? __pfx_kthread+0x10/0x10 [ 21.000507] ret_from_fork+0x41/0x80 [ 21.000548] ? __pfx_kthread+0x10/0x10 [ 21.000580] ret_from_fork_asm+0x1a/0x30 [ 21.000621] </TASK> [ 21.000637] [ 21.016391] Allocated by task 273: [ 21.016991] kasan_save_stack+0x45/0x70 [ 21.017713] kasan_save_track+0x18/0x40 [ 21.018081] kasan_save_alloc_info+0x3b/0x50 [ 21.018729] __kasan_kmalloc+0xb7/0xc0 [ 21.019114] __kmalloc_cache_noprof+0x18a/0x420 [ 21.019620] kasan_atomics+0x96/0x310 [ 21.020049] kunit_try_run_case+0x1a6/0x480 [ 21.020585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.021161] kthread+0x324/0x6e0 [ 21.021670] ret_from_fork+0x41/0x80 [ 21.022128] ret_from_fork_asm+0x1a/0x30 [ 21.022438] [ 21.022873] The buggy address belongs to the object at ffff888102993400 [ 21.022873] which belongs to the cache kmalloc-64 of size 64 [ 21.023751] The buggy address is located 0 bytes to the right of [ 21.023751] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.025060] [ 21.025309] The buggy address belongs to the physical page: [ 21.026054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.026870] flags: 0x200000000000000(node=0|zone=2) [ 21.027378] page_type: f5(slab) [ 21.027898] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.028609] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.029203] page dumped because: kasan: bad access detected [ 21.029870] [ 21.030069] Memory state around the buggy address: [ 21.030445] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.031216] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.031963] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.032523] ^ [ 21.032824] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.033557] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.034280] ================================================================== [ 22.018256] ================================================================== [ 22.018605] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 22.018996] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.019357] [ 22.019545] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.019652] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.019695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.019750] Call Trace: [ 22.019800] <TASK> [ 22.019844] dump_stack_lvl+0x73/0xb0 [ 22.019943] print_report+0xd1/0x650 [ 22.020010] ? __virt_addr_valid+0x1db/0x2d0 [ 22.020077] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.020134] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.020195] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.020248] kasan_report+0x140/0x180 [ 22.020301] ? kasan_atomics_helper+0xfaa/0x5450 [ 22.020362] kasan_check_range+0x10c/0x1c0 [ 22.020418] __kasan_check_write+0x18/0x20 [ 22.020472] kasan_atomics_helper+0xfaa/0x5450 [ 22.020525] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.020580] ? kasan_save_alloc_info+0x3b/0x50 [ 22.020637] ? kasan_save_track+0x18/0x40 [ 22.020697] kasan_atomics+0x1dd/0x310 [ 22.020752] ? __pfx_kasan_atomics+0x10/0x10 [ 22.020813] ? __pfx_read_tsc+0x10/0x10 [ 22.020883] ? ktime_get_ts64+0x86/0x230 [ 22.020949] kunit_try_run_case+0x1a6/0x480 [ 22.021008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.021059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.021121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.021176] ? __kthread_parkme+0x82/0x160 [ 22.021233] ? preempt_count_sub+0x50/0x80 [ 22.021297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.021356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.021419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.021482] kthread+0x324/0x6e0 [ 22.021539] ? trace_preempt_on+0x20/0xc0 [ 22.021606] ? __pfx_kthread+0x10/0x10 [ 22.021666] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.021735] ? calculate_sigpending+0x7b/0xa0 [ 22.021796] ? __pfx_kthread+0x10/0x10 [ 22.021876] ret_from_fork+0x41/0x80 [ 22.021930] ? __pfx_kthread+0x10/0x10 [ 22.021981] ret_from_fork_asm+0x1a/0x30 [ 22.022060] </TASK> [ 22.022088] [ 22.034173] Allocated by task 273: [ 22.034613] kasan_save_stack+0x45/0x70 [ 22.035050] kasan_save_track+0x18/0x40 [ 22.035521] kasan_save_alloc_info+0x3b/0x50 [ 22.035904] __kasan_kmalloc+0xb7/0xc0 [ 22.036159] __kmalloc_cache_noprof+0x18a/0x420 [ 22.036528] kasan_atomics+0x96/0x310 [ 22.036935] kunit_try_run_case+0x1a6/0x480 [ 22.037397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.037947] kthread+0x324/0x6e0 [ 22.038277] ret_from_fork+0x41/0x80 [ 22.038521] ret_from_fork_asm+0x1a/0x30 [ 22.038776] [ 22.038979] The buggy address belongs to the object at ffff888102993400 [ 22.038979] which belongs to the cache kmalloc-64 of size 64 [ 22.040387] The buggy address is located 0 bytes to the right of [ 22.040387] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.041113] [ 22.041269] The buggy address belongs to the physical page: [ 22.041750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.042417] flags: 0x200000000000000(node=0|zone=2) [ 22.042712] page_type: f5(slab) [ 22.043078] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.043610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.044070] page dumped because: kasan: bad access detected [ 22.044351] [ 22.044544] Memory state around the buggy address: [ 22.044957] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.045880] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.046245] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.046580] ^ [ 22.046841] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.047516] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.048169] ================================================================== [ 21.872716] ================================================================== [ 21.873281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 21.874000] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.874370] [ 21.874575] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.875174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.875237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.875294] Call Trace: [ 21.875343] <TASK> [ 21.875390] dump_stack_lvl+0x73/0xb0 [ 21.875476] print_report+0xd1/0x650 [ 21.875547] ? __virt_addr_valid+0x1db/0x2d0 [ 21.875618] ? kasan_atomics_helper+0xd48/0x5450 [ 21.875693] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.875763] ? kasan_atomics_helper+0xd48/0x5450 [ 21.875811] kasan_report+0x140/0x180 [ 21.875865] ? kasan_atomics_helper+0xd48/0x5450 [ 21.875930] kasan_check_range+0x10c/0x1c0 [ 21.875989] __kasan_check_write+0x18/0x20 [ 21.876049] kasan_atomics_helper+0xd48/0x5450 [ 21.876102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.876157] ? kasan_save_alloc_info+0x3b/0x50 [ 21.876214] ? kasan_save_track+0x18/0x40 [ 21.876268] kasan_atomics+0x1dd/0x310 [ 21.876322] ? __pfx_kasan_atomics+0x10/0x10 [ 21.876372] ? __pfx_read_tsc+0x10/0x10 [ 21.876405] ? ktime_get_ts64+0x86/0x230 [ 21.876454] kunit_try_run_case+0x1a6/0x480 [ 21.876491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.876524] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.876561] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.876595] ? __kthread_parkme+0x82/0x160 [ 21.876628] ? preempt_count_sub+0x50/0x80 [ 21.876662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.876694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.876731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.876768] kthread+0x324/0x6e0 [ 21.876797] ? trace_preempt_on+0x20/0xc0 [ 21.876831] ? __pfx_kthread+0x10/0x10 [ 21.876883] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.876923] ? calculate_sigpending+0x7b/0xa0 [ 21.876955] ? __pfx_kthread+0x10/0x10 [ 21.876986] ret_from_fork+0x41/0x80 [ 21.877014] ? __pfx_kthread+0x10/0x10 [ 21.877045] ret_from_fork_asm+0x1a/0x30 [ 21.877088] </TASK> [ 21.877103] [ 21.890360] Allocated by task 273: [ 21.890609] kasan_save_stack+0x45/0x70 [ 21.890904] kasan_save_track+0x18/0x40 [ 21.891291] kasan_save_alloc_info+0x3b/0x50 [ 21.891817] __kasan_kmalloc+0xb7/0xc0 [ 21.892370] __kmalloc_cache_noprof+0x18a/0x420 [ 21.892910] kasan_atomics+0x96/0x310 [ 21.893362] kunit_try_run_case+0x1a6/0x480 [ 21.893906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.894548] kthread+0x324/0x6e0 [ 21.895012] ret_from_fork+0x41/0x80 [ 21.895558] ret_from_fork_asm+0x1a/0x30 [ 21.896253] [ 21.897067] The buggy address belongs to the object at ffff888102993400 [ 21.897067] which belongs to the cache kmalloc-64 of size 64 [ 21.898508] The buggy address is located 0 bytes to the right of [ 21.898508] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.899816] [ 21.900067] The buggy address belongs to the physical page: [ 21.900518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.901053] flags: 0x200000000000000(node=0|zone=2) [ 21.901513] page_type: f5(slab) [ 21.901924] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.902468] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.903149] page dumped because: kasan: bad access detected [ 21.903571] [ 21.903816] Memory state around the buggy address: [ 21.904201] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.904780] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.905283] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.905941] ^ [ 21.906462] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.907180] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.907774] ================================================================== [ 22.377585] ================================================================== [ 22.378109] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 22.378860] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.379516] [ 22.380027] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.380112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.380146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.380197] Call Trace: [ 22.380269] <TASK> [ 22.380317] dump_stack_lvl+0x73/0xb0 [ 22.380387] print_report+0xd1/0x650 [ 22.380424] ? __virt_addr_valid+0x1db/0x2d0 [ 22.380458] ? kasan_atomics_helper+0x13b6/0x5450 [ 22.380489] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.380523] ? kasan_atomics_helper+0x13b6/0x5450 [ 22.380552] kasan_report+0x140/0x180 [ 22.380583] ? kasan_atomics_helper+0x13b6/0x5450 [ 22.380617] kasan_check_range+0x10c/0x1c0 [ 22.380648] __kasan_check_read+0x15/0x20 [ 22.380679] kasan_atomics_helper+0x13b6/0x5450 [ 22.380709] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.380740] ? kasan_save_alloc_info+0x3b/0x50 [ 22.380769] ? kasan_save_track+0x18/0x40 [ 22.380801] kasan_atomics+0x1dd/0x310 [ 22.380831] ? __pfx_kasan_atomics+0x10/0x10 [ 22.380889] ? __pfx_read_tsc+0x10/0x10 [ 22.380935] ? ktime_get_ts64+0x86/0x230 [ 22.381002] kunit_try_run_case+0x1a6/0x480 [ 22.381069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.381105] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.381143] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.381176] ? __kthread_parkme+0x82/0x160 [ 22.381208] ? preempt_count_sub+0x50/0x80 [ 22.381242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.381274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.381328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.381366] kthread+0x324/0x6e0 [ 22.381395] ? trace_preempt_on+0x20/0xc0 [ 22.381429] ? __pfx_kthread+0x10/0x10 [ 22.381460] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.381491] ? calculate_sigpending+0x7b/0xa0 [ 22.381522] ? __pfx_kthread+0x10/0x10 [ 22.381553] ret_from_fork+0x41/0x80 [ 22.381579] ? __pfx_kthread+0x10/0x10 [ 22.381608] ret_from_fork_asm+0x1a/0x30 [ 22.381650] </TASK> [ 22.381667] [ 22.396934] Allocated by task 273: [ 22.397218] kasan_save_stack+0x45/0x70 [ 22.397887] kasan_save_track+0x18/0x40 [ 22.398247] kasan_save_alloc_info+0x3b/0x50 [ 22.398909] __kasan_kmalloc+0xb7/0xc0 [ 22.399236] __kmalloc_cache_noprof+0x18a/0x420 [ 22.399654] kasan_atomics+0x96/0x310 [ 22.400121] kunit_try_run_case+0x1a6/0x480 [ 22.400570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.401403] kthread+0x324/0x6e0 [ 22.401721] ret_from_fork+0x41/0x80 [ 22.402017] ret_from_fork_asm+0x1a/0x30 [ 22.402290] [ 22.402437] The buggy address belongs to the object at ffff888102993400 [ 22.402437] which belongs to the cache kmalloc-64 of size 64 [ 22.403057] The buggy address is located 0 bytes to the right of [ 22.403057] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.404021] [ 22.404180] The buggy address belongs to the physical page: [ 22.404795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.405474] flags: 0x200000000000000(node=0|zone=2) [ 22.406003] page_type: f5(slab) [ 22.406241] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.406830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.407534] page dumped because: kasan: bad access detected [ 22.408425] [ 22.408675] Memory state around the buggy address: [ 22.409131] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.409894] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.410564] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.411300] ^ [ 22.411815] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.412341] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.412957] ================================================================== [ 21.280295] ================================================================== [ 21.281311] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 21.282119] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.282626] [ 21.283502] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.283590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.283610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.283636] Call Trace: [ 21.283663] <TASK> [ 21.283696] dump_stack_lvl+0x73/0xb0 [ 21.283740] print_report+0xd1/0x650 [ 21.283775] ? __virt_addr_valid+0x1db/0x2d0 [ 21.283807] ? kasan_atomics_helper+0x4b3c/0x5450 [ 21.283838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.284258] ? kasan_atomics_helper+0x4b3c/0x5450 [ 21.284291] kasan_report+0x140/0x180 [ 21.284343] ? kasan_atomics_helper+0x4b3c/0x5450 [ 21.284382] __asan_report_store4_noabort+0x1b/0x30 [ 21.284415] kasan_atomics_helper+0x4b3c/0x5450 [ 21.284463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.284516] ? kasan_save_alloc_info+0x3b/0x50 [ 21.284564] ? kasan_save_track+0x18/0x40 [ 21.284597] kasan_atomics+0x1dd/0x310 [ 21.284631] ? __pfx_kasan_atomics+0x10/0x10 [ 21.284663] ? __pfx_read_tsc+0x10/0x10 [ 21.284696] ? ktime_get_ts64+0x86/0x230 [ 21.284732] kunit_try_run_case+0x1a6/0x480 [ 21.284766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.284796] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.284831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.284884] ? __kthread_parkme+0x82/0x160 [ 21.284916] ? preempt_count_sub+0x50/0x80 [ 21.284951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.284983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.285018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.285052] kthread+0x324/0x6e0 [ 21.285081] ? trace_preempt_on+0x20/0xc0 [ 21.285115] ? __pfx_kthread+0x10/0x10 [ 21.285145] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.285176] ? calculate_sigpending+0x7b/0xa0 [ 21.285205] ? __pfx_kthread+0x10/0x10 [ 21.285236] ret_from_fork+0x41/0x80 [ 21.285262] ? __pfx_kthread+0x10/0x10 [ 21.285294] ret_from_fork_asm+0x1a/0x30 [ 21.285349] </TASK> [ 21.285365] [ 21.302117] Allocated by task 273: [ 21.302554] kasan_save_stack+0x45/0x70 [ 21.303166] kasan_save_track+0x18/0x40 [ 21.303582] kasan_save_alloc_info+0x3b/0x50 [ 21.304289] __kasan_kmalloc+0xb7/0xc0 [ 21.304842] __kmalloc_cache_noprof+0x18a/0x420 [ 21.305260] kasan_atomics+0x96/0x310 [ 21.305598] kunit_try_run_case+0x1a6/0x480 [ 21.306007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.306349] kthread+0x324/0x6e0 [ 21.306707] ret_from_fork+0x41/0x80 [ 21.307793] ret_from_fork_asm+0x1a/0x30 [ 21.308106] [ 21.308320] The buggy address belongs to the object at ffff888102993400 [ 21.308320] which belongs to the cache kmalloc-64 of size 64 [ 21.309575] The buggy address is located 0 bytes to the right of [ 21.309575] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.310919] [ 21.311131] The buggy address belongs to the physical page: [ 21.311848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.312644] flags: 0x200000000000000(node=0|zone=2) [ 21.313009] page_type: f5(slab) [ 21.313238] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.313668] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.315147] page dumped because: kasan: bad access detected [ 21.316067] [ 21.316286] Memory state around the buggy address: [ 21.316691] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.317215] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.318359] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.319159] ^ [ 21.319638] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320370] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.320870] ================================================================== [ 22.759141] ================================================================== [ 22.759651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 22.760511] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.761214] [ 22.761774] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.761898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.761938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.761993] Call Trace: [ 22.762038] <TASK> [ 22.762075] dump_stack_lvl+0x73/0xb0 [ 22.762141] print_report+0xd1/0x650 [ 22.762198] ? __virt_addr_valid+0x1db/0x2d0 [ 22.762255] ? kasan_atomics_helper+0x1819/0x5450 [ 22.762311] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.762378] ? kasan_atomics_helper+0x1819/0x5450 [ 22.762434] kasan_report+0x140/0x180 [ 22.762492] ? kasan_atomics_helper+0x1819/0x5450 [ 22.762558] kasan_check_range+0x10c/0x1c0 [ 22.762622] __kasan_check_write+0x18/0x20 [ 22.762685] kasan_atomics_helper+0x1819/0x5450 [ 22.762749] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.762815] ? kasan_save_alloc_info+0x3b/0x50 [ 22.762894] ? kasan_save_track+0x18/0x40 [ 22.762947] kasan_atomics+0x1dd/0x310 [ 22.762982] ? __pfx_kasan_atomics+0x10/0x10 [ 22.763017] ? __pfx_read_tsc+0x10/0x10 [ 22.763049] ? ktime_get_ts64+0x86/0x230 [ 22.763086] kunit_try_run_case+0x1a6/0x480 [ 22.763120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.763149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.763184] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.763215] ? __kthread_parkme+0x82/0x160 [ 22.763247] ? preempt_count_sub+0x50/0x80 [ 22.763281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.763329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.763366] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.763401] kthread+0x324/0x6e0 [ 22.763431] ? trace_preempt_on+0x20/0xc0 [ 22.763463] ? __pfx_kthread+0x10/0x10 [ 22.763494] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.763524] ? calculate_sigpending+0x7b/0xa0 [ 22.763553] ? __pfx_kthread+0x10/0x10 [ 22.763583] ret_from_fork+0x41/0x80 [ 22.763609] ? __pfx_kthread+0x10/0x10 [ 22.763638] ret_from_fork_asm+0x1a/0x30 [ 22.763691] </TASK> [ 22.763708] [ 22.778169] Allocated by task 273: [ 22.778582] kasan_save_stack+0x45/0x70 [ 22.779032] kasan_save_track+0x18/0x40 [ 22.779524] kasan_save_alloc_info+0x3b/0x50 [ 22.780054] __kasan_kmalloc+0xb7/0xc0 [ 22.780530] __kmalloc_cache_noprof+0x18a/0x420 [ 22.780953] kasan_atomics+0x96/0x310 [ 22.781236] kunit_try_run_case+0x1a6/0x480 [ 22.781738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.782124] kthread+0x324/0x6e0 [ 22.782553] ret_from_fork+0x41/0x80 [ 22.782888] ret_from_fork_asm+0x1a/0x30 [ 22.783234] [ 22.783503] The buggy address belongs to the object at ffff888102993400 [ 22.783503] which belongs to the cache kmalloc-64 of size 64 [ 22.784262] The buggy address is located 0 bytes to the right of [ 22.784262] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.785221] [ 22.785486] The buggy address belongs to the physical page: [ 22.785992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.786583] flags: 0x200000000000000(node=0|zone=2) [ 22.787073] page_type: f5(slab) [ 22.787463] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.787984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.788669] page dumped because: kasan: bad access detected [ 22.789162] [ 22.789423] Memory state around the buggy address: [ 22.789735] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.790342] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.790886] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.791464] ^ [ 22.791826] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.792439] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.792938] ================================================================== [ 22.125264] ================================================================== [ 22.126051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 22.126459] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.127143] [ 22.127391] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.127501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.127539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.127596] Call Trace: [ 22.127643] <TASK> [ 22.127695] dump_stack_lvl+0x73/0xb0 [ 22.127776] print_report+0xd1/0x650 [ 22.127836] ? __virt_addr_valid+0x1db/0x2d0 [ 22.127918] ? kasan_atomics_helper+0x4a1e/0x5450 [ 22.127976] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.128041] ? kasan_atomics_helper+0x4a1e/0x5450 [ 22.128095] kasan_report+0x140/0x180 [ 22.128165] ? kasan_atomics_helper+0x4a1e/0x5450 [ 22.128222] __asan_report_load4_noabort+0x18/0x20 [ 22.128282] kasan_atomics_helper+0x4a1e/0x5450 [ 22.128345] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.128408] ? kasan_save_alloc_info+0x3b/0x50 [ 22.128470] ? kasan_save_track+0x18/0x40 [ 22.128535] kasan_atomics+0x1dd/0x310 [ 22.128598] ? __pfx_kasan_atomics+0x10/0x10 [ 22.128658] ? __pfx_read_tsc+0x10/0x10 [ 22.128717] ? ktime_get_ts64+0x86/0x230 [ 22.128789] kunit_try_run_case+0x1a6/0x480 [ 22.128875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.128931] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.128996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.129056] ? __kthread_parkme+0x82/0x160 [ 22.129112] ? preempt_count_sub+0x50/0x80 [ 22.129179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.129244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.129314] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.129384] kthread+0x324/0x6e0 [ 22.129445] ? trace_preempt_on+0x20/0xc0 [ 22.129516] ? __pfx_kthread+0x10/0x10 [ 22.129580] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.129646] ? calculate_sigpending+0x7b/0xa0 [ 22.129710] ? __pfx_kthread+0x10/0x10 [ 22.129775] ret_from_fork+0x41/0x80 [ 22.129832] ? __pfx_kthread+0x10/0x10 [ 22.129912] ret_from_fork_asm+0x1a/0x30 [ 22.129987] </TASK> [ 22.130004] [ 22.142061] Allocated by task 273: [ 22.142434] kasan_save_stack+0x45/0x70 [ 22.142865] kasan_save_track+0x18/0x40 [ 22.143279] kasan_save_alloc_info+0x3b/0x50 [ 22.143823] __kasan_kmalloc+0xb7/0xc0 [ 22.144135] __kmalloc_cache_noprof+0x18a/0x420 [ 22.144735] kasan_atomics+0x96/0x310 [ 22.145026] kunit_try_run_case+0x1a6/0x480 [ 22.145407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.146054] kthread+0x324/0x6e0 [ 22.146300] ret_from_fork+0x41/0x80 [ 22.146672] ret_from_fork_asm+0x1a/0x30 [ 22.146991] [ 22.147174] The buggy address belongs to the object at ffff888102993400 [ 22.147174] which belongs to the cache kmalloc-64 of size 64 [ 22.148045] The buggy address is located 0 bytes to the right of [ 22.148045] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.149057] [ 22.149216] The buggy address belongs to the physical page: [ 22.149491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.149880] flags: 0x200000000000000(node=0|zone=2) [ 22.150163] page_type: f5(slab) [ 22.150380] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.151071] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.151613] page dumped because: kasan: bad access detected [ 22.151970] [ 22.152100] Memory state around the buggy address: [ 22.152425] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.152837] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.154680] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.155035] ^ [ 22.155317] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.155657] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.157054] ================================================================== [ 21.408476] ================================================================== [ 21.409201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 21.410068] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.411158] [ 21.411403] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.411518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.411553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.411734] Call Trace: [ 21.411799] <TASK> [ 21.411863] dump_stack_lvl+0x73/0xb0 [ 21.412012] print_report+0xd1/0x650 [ 21.412082] ? __virt_addr_valid+0x1db/0x2d0 [ 21.412148] ? kasan_atomics_helper+0x698/0x5450 [ 21.412210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.412273] ? kasan_atomics_helper+0x698/0x5450 [ 21.412326] kasan_report+0x140/0x180 [ 21.412386] ? kasan_atomics_helper+0x698/0x5450 [ 21.412644] kasan_check_range+0x10c/0x1c0 [ 21.412738] __kasan_check_write+0x18/0x20 [ 21.412834] kasan_atomics_helper+0x698/0x5450 [ 21.412914] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.412977] ? kasan_save_alloc_info+0x3b/0x50 [ 21.413034] ? kasan_save_track+0x18/0x40 [ 21.413071] kasan_atomics+0x1dd/0x310 [ 21.413103] ? __pfx_kasan_atomics+0x10/0x10 [ 21.413137] ? __pfx_read_tsc+0x10/0x10 [ 21.413170] ? ktime_get_ts64+0x86/0x230 [ 21.413204] kunit_try_run_case+0x1a6/0x480 [ 21.413238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.413267] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.413308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.413353] ? __kthread_parkme+0x82/0x160 [ 21.413385] ? preempt_count_sub+0x50/0x80 [ 21.413420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.413474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.413535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.413581] kthread+0x324/0x6e0 [ 21.413613] ? trace_preempt_on+0x20/0xc0 [ 21.413648] ? __pfx_kthread+0x10/0x10 [ 21.413678] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.413711] ? calculate_sigpending+0x7b/0xa0 [ 21.413741] ? __pfx_kthread+0x10/0x10 [ 21.413771] ret_from_fork+0x41/0x80 [ 21.413798] ? __pfx_kthread+0x10/0x10 [ 21.413828] ret_from_fork_asm+0x1a/0x30 [ 21.413892] </TASK> [ 21.413909] [ 21.432231] Allocated by task 273: [ 21.432644] kasan_save_stack+0x45/0x70 [ 21.432999] kasan_save_track+0x18/0x40 [ 21.433739] kasan_save_alloc_info+0x3b/0x50 [ 21.434051] __kasan_kmalloc+0xb7/0xc0 [ 21.434518] __kmalloc_cache_noprof+0x18a/0x420 [ 21.434868] kasan_atomics+0x96/0x310 [ 21.435266] kunit_try_run_case+0x1a6/0x480 [ 21.435620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.436712] kthread+0x324/0x6e0 [ 21.437283] ret_from_fork+0x41/0x80 [ 21.437669] ret_from_fork_asm+0x1a/0x30 [ 21.438324] [ 21.438536] The buggy address belongs to the object at ffff888102993400 [ 21.438536] which belongs to the cache kmalloc-64 of size 64 [ 21.439872] The buggy address is located 0 bytes to the right of [ 21.439872] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.440915] [ 21.441131] The buggy address belongs to the physical page: [ 21.441902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.442410] flags: 0x200000000000000(node=0|zone=2) [ 21.443025] page_type: f5(slab) [ 21.443385] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.444199] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.445104] page dumped because: kasan: bad access detected [ 21.445580] [ 21.446005] Memory state around the buggy address: [ 21.446370] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.446981] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.447617] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.448573] ^ [ 21.449229] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.449620] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.450159] ================================================================== [ 23.283841] ================================================================== [ 23.284460] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 23.285000] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.285676] [ 23.286029] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.286124] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.286151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.286195] Call Trace: [ 23.286234] <TASK> [ 23.286272] dump_stack_lvl+0x73/0xb0 [ 23.286371] print_report+0xd1/0x650 [ 23.286450] ? __virt_addr_valid+0x1db/0x2d0 [ 23.286514] ? kasan_atomics_helper+0x4f9a/0x5450 [ 23.286576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.286647] ? kasan_atomics_helper+0x4f9a/0x5450 [ 23.286708] kasan_report+0x140/0x180 [ 23.286774] ? kasan_atomics_helper+0x4f9a/0x5450 [ 23.286862] __asan_report_load8_noabort+0x18/0x20 [ 23.286927] kasan_atomics_helper+0x4f9a/0x5450 [ 23.286986] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.287077] ? kasan_save_alloc_info+0x3b/0x50 [ 23.287156] ? kasan_save_track+0x18/0x40 [ 23.287222] kasan_atomics+0x1dd/0x310 [ 23.287357] ? __pfx_kasan_atomics+0x10/0x10 [ 23.287429] ? __pfx_read_tsc+0x10/0x10 [ 23.287483] ? ktime_get_ts64+0x86/0x230 [ 23.287545] kunit_try_run_case+0x1a6/0x480 [ 23.287603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.287654] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.287732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.287797] ? __kthread_parkme+0x82/0x160 [ 23.287878] ? preempt_count_sub+0x50/0x80 [ 23.287935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.287989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.288045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.288098] kthread+0x324/0x6e0 [ 23.288143] ? trace_preempt_on+0x20/0xc0 [ 23.288193] ? __pfx_kthread+0x10/0x10 [ 23.288241] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.288342] ? calculate_sigpending+0x7b/0xa0 [ 23.288409] ? __pfx_kthread+0x10/0x10 [ 23.288474] ret_from_fork+0x41/0x80 [ 23.288532] ? __pfx_kthread+0x10/0x10 [ 23.288593] ret_from_fork_asm+0x1a/0x30 [ 23.288683] </TASK> [ 23.288715] [ 23.301140] Allocated by task 273: [ 23.301977] kasan_save_stack+0x45/0x70 [ 23.302662] kasan_save_track+0x18/0x40 [ 23.303607] kasan_save_alloc_info+0x3b/0x50 [ 23.304408] __kasan_kmalloc+0xb7/0xc0 [ 23.304611] __kmalloc_cache_noprof+0x18a/0x420 [ 23.305102] kasan_atomics+0x96/0x310 [ 23.305663] kunit_try_run_case+0x1a6/0x480 [ 23.306266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.306978] kthread+0x324/0x6e0 [ 23.307506] ret_from_fork+0x41/0x80 [ 23.307813] ret_from_fork_asm+0x1a/0x30 [ 23.308126] [ 23.308335] The buggy address belongs to the object at ffff888102993400 [ 23.308335] which belongs to the cache kmalloc-64 of size 64 [ 23.309183] The buggy address is located 0 bytes to the right of [ 23.309183] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.310721] [ 23.310958] The buggy address belongs to the physical page: [ 23.311204] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.311933] flags: 0x200000000000000(node=0|zone=2) [ 23.312537] page_type: f5(slab) [ 23.313192] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.313898] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.314505] page dumped because: kasan: bad access detected [ 23.314871] [ 23.315080] Memory state around the buggy address: [ 23.315511] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.316027] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.316376] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.316999] ^ [ 23.317418] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.318232] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.318838] ================================================================== [ 23.320249] ================================================================== [ 23.320960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 23.321622] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.322510] [ 23.323022] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.323167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.323224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.323281] Call Trace: [ 23.323345] <TASK> [ 23.323396] dump_stack_lvl+0x73/0xb0 [ 23.323513] print_report+0xd1/0x650 [ 23.323579] ? __virt_addr_valid+0x1db/0x2d0 [ 23.323643] ? kasan_atomics_helper+0x20c9/0x5450 [ 23.323716] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.323787] ? kasan_atomics_helper+0x20c9/0x5450 [ 23.323876] kasan_report+0x140/0x180 [ 23.323942] ? kasan_atomics_helper+0x20c9/0x5450 [ 23.324013] kasan_check_range+0x10c/0x1c0 [ 23.324073] __kasan_check_write+0x18/0x20 [ 23.324125] kasan_atomics_helper+0x20c9/0x5450 [ 23.324186] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.324279] ? kasan_save_alloc_info+0x3b/0x50 [ 23.324344] ? kasan_save_track+0x18/0x40 [ 23.324427] kasan_atomics+0x1dd/0x310 [ 23.324486] ? __pfx_kasan_atomics+0x10/0x10 [ 23.324549] ? __pfx_read_tsc+0x10/0x10 [ 23.324613] ? ktime_get_ts64+0x86/0x230 [ 23.324689] kunit_try_run_case+0x1a6/0x480 [ 23.324752] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.324802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.324842] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.324903] ? __kthread_parkme+0x82/0x160 [ 23.324936] ? preempt_count_sub+0x50/0x80 [ 23.324972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.325004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.325043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.325096] kthread+0x324/0x6e0 [ 23.325138] ? trace_preempt_on+0x20/0xc0 [ 23.325184] ? __pfx_kthread+0x10/0x10 [ 23.325224] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.325270] ? calculate_sigpending+0x7b/0xa0 [ 23.325318] ? __pfx_kthread+0x10/0x10 [ 23.325362] ret_from_fork+0x41/0x80 [ 23.325393] ? __pfx_kthread+0x10/0x10 [ 23.325424] ret_from_fork_asm+0x1a/0x30 [ 23.325468] </TASK> [ 23.325484] [ 23.340221] Allocated by task 273: [ 23.340751] kasan_save_stack+0x45/0x70 [ 23.341117] kasan_save_track+0x18/0x40 [ 23.341641] kasan_save_alloc_info+0x3b/0x50 [ 23.342124] __kasan_kmalloc+0xb7/0xc0 [ 23.342628] __kmalloc_cache_noprof+0x18a/0x420 [ 23.343087] kasan_atomics+0x96/0x310 [ 23.343631] kunit_try_run_case+0x1a6/0x480 [ 23.344111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.344589] kthread+0x324/0x6e0 [ 23.344826] ret_from_fork+0x41/0x80 [ 23.345236] ret_from_fork_asm+0x1a/0x30 [ 23.345628] [ 23.345819] The buggy address belongs to the object at ffff888102993400 [ 23.345819] which belongs to the cache kmalloc-64 of size 64 [ 23.346520] The buggy address is located 0 bytes to the right of [ 23.346520] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.347317] [ 23.347532] The buggy address belongs to the physical page: [ 23.348022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.348543] flags: 0x200000000000000(node=0|zone=2) [ 23.348964] page_type: f5(slab) [ 23.349334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.349878] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.350348] page dumped because: kasan: bad access detected [ 23.350869] [ 23.351093] Memory state around the buggy address: [ 23.351479] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.351949] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.352582] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.352955] ^ [ 23.353456] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.354028] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.354527] ================================================================== [ 22.719768] ================================================================== [ 22.720170] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 22.720892] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.721957] [ 22.722819] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.722940] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.722978] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.723158] Call Trace: [ 22.723206] <TASK> [ 22.723242] dump_stack_lvl+0x73/0xb0 [ 22.723291] print_report+0xd1/0x650 [ 22.723339] ? __virt_addr_valid+0x1db/0x2d0 [ 22.723375] ? kasan_atomics_helper+0x1780/0x5450 [ 22.723406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.723442] ? kasan_atomics_helper+0x1780/0x5450 [ 22.723471] kasan_report+0x140/0x180 [ 22.723501] ? kasan_atomics_helper+0x1780/0x5450 [ 22.723536] kasan_check_range+0x10c/0x1c0 [ 22.723567] __kasan_check_write+0x18/0x20 [ 22.723598] kasan_atomics_helper+0x1780/0x5450 [ 22.723629] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.723660] ? kasan_save_alloc_info+0x3b/0x50 [ 22.723702] ? kasan_save_track+0x18/0x40 [ 22.723734] kasan_atomics+0x1dd/0x310 [ 22.723763] ? __pfx_kasan_atomics+0x10/0x10 [ 22.723795] ? __pfx_read_tsc+0x10/0x10 [ 22.723824] ? ktime_get_ts64+0x86/0x230 [ 22.723879] kunit_try_run_case+0x1a6/0x480 [ 22.723914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.723944] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.723977] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.724010] ? __kthread_parkme+0x82/0x160 [ 22.724041] ? preempt_count_sub+0x50/0x80 [ 22.724089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.724125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.724162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.724206] kthread+0x324/0x6e0 [ 22.724238] ? trace_preempt_on+0x20/0xc0 [ 22.724278] ? __pfx_kthread+0x10/0x10 [ 22.724326] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.724360] ? calculate_sigpending+0x7b/0xa0 [ 22.724396] ? __pfx_kthread+0x10/0x10 [ 22.724431] ret_from_fork+0x41/0x80 [ 22.724457] ? __pfx_kthread+0x10/0x10 [ 22.724498] ret_from_fork_asm+0x1a/0x30 [ 22.724541] </TASK> [ 22.724565] [ 22.741980] Allocated by task 273: [ 22.742191] kasan_save_stack+0x45/0x70 [ 22.742819] kasan_save_track+0x18/0x40 [ 22.743222] kasan_save_alloc_info+0x3b/0x50 [ 22.743878] __kasan_kmalloc+0xb7/0xc0 [ 22.744396] __kmalloc_cache_noprof+0x18a/0x420 [ 22.744749] kasan_atomics+0x96/0x310 [ 22.745376] kunit_try_run_case+0x1a6/0x480 [ 22.745926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.746291] kthread+0x324/0x6e0 [ 22.746817] ret_from_fork+0x41/0x80 [ 22.747094] ret_from_fork_asm+0x1a/0x30 [ 22.747712] [ 22.747973] The buggy address belongs to the object at ffff888102993400 [ 22.747973] which belongs to the cache kmalloc-64 of size 64 [ 22.749032] The buggy address is located 0 bytes to the right of [ 22.749032] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.750119] [ 22.750273] The buggy address belongs to the physical page: [ 22.750813] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.751412] flags: 0x200000000000000(node=0|zone=2) [ 22.752223] page_type: f5(slab) [ 22.752706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.752929] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.753108] page dumped because: kasan: bad access detected [ 22.753245] [ 22.753372] Memory state around the buggy address: [ 22.753634] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.754375] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.755068] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.755754] ^ [ 22.756279] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.756976] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.757583] ================================================================== [ 22.901931] ================================================================== [ 22.902719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 22.903522] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.904188] [ 22.904389] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.904484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.904514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.904558] Call Trace: [ 22.904597] <TASK> [ 22.904633] dump_stack_lvl+0x73/0xb0 [ 22.904699] print_report+0xd1/0x650 [ 22.904750] ? __virt_addr_valid+0x1db/0x2d0 [ 22.904804] ? kasan_atomics_helper+0x1a80/0x5450 [ 22.904878] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.904946] ? kasan_atomics_helper+0x1a80/0x5450 [ 22.905003] kasan_report+0x140/0x180 [ 22.905067] ? kasan_atomics_helper+0x1a80/0x5450 [ 22.905133] kasan_check_range+0x10c/0x1c0 [ 22.905190] __kasan_check_write+0x18/0x20 [ 22.905252] kasan_atomics_helper+0x1a80/0x5450 [ 22.905312] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.905376] ? kasan_save_alloc_info+0x3b/0x50 [ 22.905440] ? kasan_save_track+0x18/0x40 [ 22.905498] kasan_atomics+0x1dd/0x310 [ 22.905554] ? __pfx_kasan_atomics+0x10/0x10 [ 22.905588] ? __pfx_read_tsc+0x10/0x10 [ 22.905631] ? ktime_get_ts64+0x86/0x230 [ 22.905670] kunit_try_run_case+0x1a6/0x480 [ 22.905705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.905735] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.905770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.905802] ? __kthread_parkme+0x82/0x160 [ 22.905833] ? preempt_count_sub+0x50/0x80 [ 22.905887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.905920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.905956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.905991] kthread+0x324/0x6e0 [ 22.906020] ? trace_preempt_on+0x20/0xc0 [ 22.906053] ? __pfx_kthread+0x10/0x10 [ 22.906082] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.906113] ? calculate_sigpending+0x7b/0xa0 [ 22.906143] ? __pfx_kthread+0x10/0x10 [ 22.906173] ret_from_fork+0x41/0x80 [ 22.906200] ? __pfx_kthread+0x10/0x10 [ 22.906230] ret_from_fork_asm+0x1a/0x30 [ 22.906273] </TASK> [ 22.906291] [ 22.918315] Allocated by task 273: [ 22.918608] kasan_save_stack+0x45/0x70 [ 22.918899] kasan_save_track+0x18/0x40 [ 22.919212] kasan_save_alloc_info+0x3b/0x50 [ 22.919659] __kasan_kmalloc+0xb7/0xc0 [ 22.920055] __kmalloc_cache_noprof+0x18a/0x420 [ 22.920552] kasan_atomics+0x96/0x310 [ 22.920926] kunit_try_run_case+0x1a6/0x480 [ 22.921301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.921615] kthread+0x324/0x6e0 [ 22.921844] ret_from_fork+0x41/0x80 [ 22.922245] ret_from_fork_asm+0x1a/0x30 [ 22.922785] [ 22.923025] The buggy address belongs to the object at ffff888102993400 [ 22.923025] which belongs to the cache kmalloc-64 of size 64 [ 22.924187] The buggy address is located 0 bytes to the right of [ 22.924187] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.924770] [ 22.925005] The buggy address belongs to the physical page: [ 22.925518] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.926351] flags: 0x200000000000000(node=0|zone=2) [ 22.926745] page_type: f5(slab) [ 22.926997] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.927711] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.928147] page dumped because: kasan: bad access detected [ 22.928428] [ 22.928572] Memory state around the buggy address: [ 22.928827] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.929524] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.930481] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.931181] ^ [ 22.932648] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.934244] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.934921] ================================================================== [ 22.520356] ================================================================== [ 22.520919] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 22.521297] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.521966] [ 22.522296] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.522416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.522452] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.522526] Call Trace: [ 22.522571] <TASK> [ 22.522613] dump_stack_lvl+0x73/0xb0 [ 22.522697] print_report+0xd1/0x650 [ 22.522762] ? __virt_addr_valid+0x1db/0x2d0 [ 22.522833] ? kasan_atomics_helper+0x151e/0x5450 [ 22.522913] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.522985] ? kasan_atomics_helper+0x151e/0x5450 [ 22.523069] kasan_report+0x140/0x180 [ 22.523171] ? kasan_atomics_helper+0x151e/0x5450 [ 22.523262] kasan_check_range+0x10c/0x1c0 [ 22.523342] __kasan_check_write+0x18/0x20 [ 22.523425] kasan_atomics_helper+0x151e/0x5450 [ 22.523506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.523584] ? kasan_save_alloc_info+0x3b/0x50 [ 22.523647] ? kasan_save_track+0x18/0x40 [ 22.523729] kasan_atomics+0x1dd/0x310 [ 22.523784] ? __pfx_kasan_atomics+0x10/0x10 [ 22.523840] ? __pfx_read_tsc+0x10/0x10 [ 22.523915] ? ktime_get_ts64+0x86/0x230 [ 22.523989] kunit_try_run_case+0x1a6/0x480 [ 22.524075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.524139] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.524206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.524270] ? __kthread_parkme+0x82/0x160 [ 22.524352] ? preempt_count_sub+0x50/0x80 [ 22.524437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.524501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.524568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.524646] kthread+0x324/0x6e0 [ 22.524722] ? trace_preempt_on+0x20/0xc0 [ 22.524792] ? __pfx_kthread+0x10/0x10 [ 22.524865] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.524932] ? calculate_sigpending+0x7b/0xa0 [ 22.525004] ? __pfx_kthread+0x10/0x10 [ 22.525084] ret_from_fork+0x41/0x80 [ 22.525138] ? __pfx_kthread+0x10/0x10 [ 22.525197] ret_from_fork_asm+0x1a/0x30 [ 22.525286] </TASK> [ 22.525319] [ 22.538722] Allocated by task 273: [ 22.539110] kasan_save_stack+0x45/0x70 [ 22.539707] kasan_save_track+0x18/0x40 [ 22.540127] kasan_save_alloc_info+0x3b/0x50 [ 22.540729] __kasan_kmalloc+0xb7/0xc0 [ 22.541026] __kmalloc_cache_noprof+0x18a/0x420 [ 22.541479] kasan_atomics+0x96/0x310 [ 22.541780] kunit_try_run_case+0x1a6/0x480 [ 22.542164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.542953] kthread+0x324/0x6e0 [ 22.543255] ret_from_fork+0x41/0x80 [ 22.543597] ret_from_fork_asm+0x1a/0x30 [ 22.544014] [ 22.544235] The buggy address belongs to the object at ffff888102993400 [ 22.544235] which belongs to the cache kmalloc-64 of size 64 [ 22.544994] The buggy address is located 0 bytes to the right of [ 22.544994] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.545527] [ 22.545675] The buggy address belongs to the physical page: [ 22.546086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.548258] flags: 0x200000000000000(node=0|zone=2) [ 22.548746] page_type: f5(slab) [ 22.548999] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.549656] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.550317] page dumped because: kasan: bad access detected [ 22.550570] [ 22.550706] Memory state around the buggy address: [ 22.551121] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.552723] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.553065] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.553387] ^ [ 22.553637] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.553969] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.556720] ================================================================== [ 21.909353] ================================================================== [ 21.909914] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 21.910581] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.911038] [ 21.911307] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.911417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.911453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.911504] Call Trace: [ 21.911545] <TASK> [ 21.911588] dump_stack_lvl+0x73/0xb0 [ 21.911671] print_report+0xd1/0x650 [ 21.911750] ? __virt_addr_valid+0x1db/0x2d0 [ 21.911819] ? kasan_atomics_helper+0xde1/0x5450 [ 21.911930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.912001] ? kasan_atomics_helper+0xde1/0x5450 [ 21.912063] kasan_report+0x140/0x180 [ 21.912122] ? kasan_atomics_helper+0xde1/0x5450 [ 21.912177] kasan_check_range+0x10c/0x1c0 [ 21.912215] __kasan_check_write+0x18/0x20 [ 21.912248] kasan_atomics_helper+0xde1/0x5450 [ 21.912278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.912335] ? kasan_save_alloc_info+0x3b/0x50 [ 21.912368] ? kasan_save_track+0x18/0x40 [ 21.912401] kasan_atomics+0x1dd/0x310 [ 21.912431] ? __pfx_kasan_atomics+0x10/0x10 [ 21.912464] ? __pfx_read_tsc+0x10/0x10 [ 21.912495] ? ktime_get_ts64+0x86/0x230 [ 21.912531] kunit_try_run_case+0x1a6/0x480 [ 21.912566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.912595] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.912631] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.912663] ? __kthread_parkme+0x82/0x160 [ 21.912693] ? preempt_count_sub+0x50/0x80 [ 21.912726] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.912759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.912793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.912828] kthread+0x324/0x6e0 [ 21.912876] ? trace_preempt_on+0x20/0xc0 [ 21.912910] ? __pfx_kthread+0x10/0x10 [ 21.912940] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.912971] ? calculate_sigpending+0x7b/0xa0 [ 21.913002] ? __pfx_kthread+0x10/0x10 [ 21.913033] ret_from_fork+0x41/0x80 [ 21.913058] ? __pfx_kthread+0x10/0x10 [ 21.913088] ret_from_fork_asm+0x1a/0x30 [ 21.913131] </TASK> [ 21.913146] [ 21.929218] Allocated by task 273: [ 21.930315] kasan_save_stack+0x45/0x70 [ 21.930875] kasan_save_track+0x18/0x40 [ 21.931185] kasan_save_alloc_info+0x3b/0x50 [ 21.931777] __kasan_kmalloc+0xb7/0xc0 [ 21.932092] __kmalloc_cache_noprof+0x18a/0x420 [ 21.932402] kasan_atomics+0x96/0x310 [ 21.933001] kunit_try_run_case+0x1a6/0x480 [ 21.933350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.933694] kthread+0x324/0x6e0 [ 21.933985] ret_from_fork+0x41/0x80 [ 21.934348] ret_from_fork_asm+0x1a/0x30 [ 21.934653] [ 21.935500] The buggy address belongs to the object at ffff888102993400 [ 21.935500] which belongs to the cache kmalloc-64 of size 64 [ 21.936275] The buggy address is located 0 bytes to the right of [ 21.936275] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.937436] [ 21.937560] The buggy address belongs to the physical page: [ 21.938179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.938962] flags: 0x200000000000000(node=0|zone=2) [ 21.939609] page_type: f5(slab) [ 21.939961] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.940768] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.941225] page dumped because: kasan: bad access detected [ 21.942038] [ 21.942254] Memory state around the buggy address: [ 21.942915] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.943341] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.943767] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.944194] ^ [ 21.945198] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.945976] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.946605] ================================================================== [ 21.200784] ================================================================== [ 21.201343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 21.201887] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.202340] [ 21.202528] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.202640] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.202675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.202730] Call Trace: [ 21.202772] <TASK> [ 21.202816] dump_stack_lvl+0x73/0xb0 [ 21.202913] print_report+0xd1/0x650 [ 21.202980] ? __virt_addr_valid+0x1db/0x2d0 [ 21.203044] ? kasan_atomics_helper+0x4b56/0x5450 [ 21.203100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.203167] ? kasan_atomics_helper+0x4b56/0x5450 [ 21.203230] kasan_report+0x140/0x180 [ 21.203293] ? kasan_atomics_helper+0x4b56/0x5450 [ 21.203355] __asan_report_load4_noabort+0x18/0x20 [ 21.203420] kasan_atomics_helper+0x4b56/0x5450 [ 21.203483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.203548] ? kasan_save_alloc_info+0x3b/0x50 [ 21.203603] ? kasan_save_track+0x18/0x40 [ 21.203639] kasan_atomics+0x1dd/0x310 [ 21.203673] ? __pfx_kasan_atomics+0x10/0x10 [ 21.203718] ? __pfx_read_tsc+0x10/0x10 [ 21.203749] ? ktime_get_ts64+0x86/0x230 [ 21.203786] kunit_try_run_case+0x1a6/0x480 [ 21.203821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.203880] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.203947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.203999] ? __kthread_parkme+0x82/0x160 [ 21.204051] ? preempt_count_sub+0x50/0x80 [ 21.204106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.204155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.204213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.204269] kthread+0x324/0x6e0 [ 21.204361] ? trace_preempt_on+0x20/0xc0 [ 21.204421] ? __pfx_kthread+0x10/0x10 [ 21.204508] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.204563] ? calculate_sigpending+0x7b/0xa0 [ 21.204615] ? __pfx_kthread+0x10/0x10 [ 21.204665] ret_from_fork+0x41/0x80 [ 21.204702] ? __pfx_kthread+0x10/0x10 [ 21.204733] ret_from_fork_asm+0x1a/0x30 [ 21.204778] </TASK> [ 21.204794] [ 21.222562] Allocated by task 273: [ 21.223007] kasan_save_stack+0x45/0x70 [ 21.223808] kasan_save_track+0x18/0x40 [ 21.224102] kasan_save_alloc_info+0x3b/0x50 [ 21.224368] __kasan_kmalloc+0xb7/0xc0 [ 21.224801] __kmalloc_cache_noprof+0x18a/0x420 [ 21.225279] kasan_atomics+0x96/0x310 [ 21.225840] kunit_try_run_case+0x1a6/0x480 [ 21.226311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.226885] kthread+0x324/0x6e0 [ 21.227285] ret_from_fork+0x41/0x80 [ 21.228175] ret_from_fork_asm+0x1a/0x30 [ 21.228731] [ 21.229082] The buggy address belongs to the object at ffff888102993400 [ 21.229082] which belongs to the cache kmalloc-64 of size 64 [ 21.230045] The buggy address is located 0 bytes to the right of [ 21.230045] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.230974] [ 21.231109] The buggy address belongs to the physical page: [ 21.231500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.231983] flags: 0x200000000000000(node=0|zone=2) [ 21.232265] page_type: f5(slab) [ 21.233389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.234102] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.235083] page dumped because: kasan: bad access detected [ 21.235542] [ 21.235942] Memory state around the buggy address: [ 21.236351] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.236925] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.237518] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.237875] ^ [ 21.238319] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.238797] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.240030] ================================================================== [ 23.356146] ================================================================== [ 23.356892] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 23.357455] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.358043] [ 23.358237] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.358390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.358425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.358482] Call Trace: [ 23.358529] <TASK> [ 23.358576] dump_stack_lvl+0x73/0xb0 [ 23.358670] print_report+0xd1/0x650 [ 23.358733] ? __virt_addr_valid+0x1db/0x2d0 [ 23.358795] ? kasan_atomics_helper+0x4fb4/0x5450 [ 23.358868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.358936] ? kasan_atomics_helper+0x4fb4/0x5450 [ 23.358990] kasan_report+0x140/0x180 [ 23.359046] ? kasan_atomics_helper+0x4fb4/0x5450 [ 23.359110] __asan_report_load8_noabort+0x18/0x20 [ 23.359175] kasan_atomics_helper+0x4fb4/0x5450 [ 23.359231] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.359330] ? kasan_save_alloc_info+0x3b/0x50 [ 23.359391] ? kasan_save_track+0x18/0x40 [ 23.359456] kasan_atomics+0x1dd/0x310 [ 23.359513] ? __pfx_kasan_atomics+0x10/0x10 [ 23.359573] ? __pfx_read_tsc+0x10/0x10 [ 23.359632] ? ktime_get_ts64+0x86/0x230 [ 23.359711] kunit_try_run_case+0x1a6/0x480 [ 23.359776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.359834] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.359921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.359986] ? __kthread_parkme+0x82/0x160 [ 23.360045] ? preempt_count_sub+0x50/0x80 [ 23.360112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.360171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.360236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.360333] kthread+0x324/0x6e0 [ 23.360397] ? trace_preempt_on+0x20/0xc0 [ 23.360452] ? __pfx_kthread+0x10/0x10 [ 23.360486] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.360522] ? calculate_sigpending+0x7b/0xa0 [ 23.360553] ? __pfx_kthread+0x10/0x10 [ 23.360584] ret_from_fork+0x41/0x80 [ 23.360610] ? __pfx_kthread+0x10/0x10 [ 23.360640] ret_from_fork_asm+0x1a/0x30 [ 23.360684] </TASK> [ 23.360701] [ 23.372221] Allocated by task 273: [ 23.372608] kasan_save_stack+0x45/0x70 [ 23.373018] kasan_save_track+0x18/0x40 [ 23.373411] kasan_save_alloc_info+0x3b/0x50 [ 23.373718] __kasan_kmalloc+0xb7/0xc0 [ 23.374111] __kmalloc_cache_noprof+0x18a/0x420 [ 23.374594] kasan_atomics+0x96/0x310 [ 23.374906] kunit_try_run_case+0x1a6/0x480 [ 23.375178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.375712] kthread+0x324/0x6e0 [ 23.376100] ret_from_fork+0x41/0x80 [ 23.376517] ret_from_fork_asm+0x1a/0x30 [ 23.376926] [ 23.377108] The buggy address belongs to the object at ffff888102993400 [ 23.377108] which belongs to the cache kmalloc-64 of size 64 [ 23.377717] The buggy address is located 0 bytes to the right of [ 23.377717] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.378752] [ 23.378991] The buggy address belongs to the physical page: [ 23.379529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.379946] flags: 0x200000000000000(node=0|zone=2) [ 23.380443] page_type: f5(slab) [ 23.380796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.381479] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.382123] page dumped because: kasan: bad access detected [ 23.382442] [ 23.382593] Memory state around the buggy address: [ 23.382876] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.383543] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.384172] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.384813] ^ [ 23.385140] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.385529] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.386070] ================================================================== [ 22.301635] ================================================================== [ 22.302087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 22.302493] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.303469] [ 22.303727] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.303836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.303886] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.303928] Call Trace: [ 22.303964] <TASK> [ 22.303998] dump_stack_lvl+0x73/0xb0 [ 22.304060] print_report+0xd1/0x650 [ 22.304109] ? __virt_addr_valid+0x1db/0x2d0 [ 22.304155] ? kasan_atomics_helper+0x12e7/0x5450 [ 22.304201] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.304277] ? kasan_atomics_helper+0x12e7/0x5450 [ 22.304354] kasan_report+0x140/0x180 [ 22.304420] ? kasan_atomics_helper+0x12e7/0x5450 [ 22.304496] kasan_check_range+0x10c/0x1c0 [ 22.304562] __kasan_check_write+0x18/0x20 [ 22.304621] kasan_atomics_helper+0x12e7/0x5450 [ 22.304681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.304740] ? kasan_save_alloc_info+0x3b/0x50 [ 22.304803] ? kasan_save_track+0x18/0x40 [ 22.304889] kasan_atomics+0x1dd/0x310 [ 22.304962] ? __pfx_kasan_atomics+0x10/0x10 [ 22.305034] ? __pfx_read_tsc+0x10/0x10 [ 22.305084] ? ktime_get_ts64+0x86/0x230 [ 22.305145] kunit_try_run_case+0x1a6/0x480 [ 22.305210] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.305270] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.305332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.305410] ? __kthread_parkme+0x82/0x160 [ 22.305461] ? preempt_count_sub+0x50/0x80 [ 22.305524] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.305585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.305659] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.305727] kthread+0x324/0x6e0 [ 22.305788] ? trace_preempt_on+0x20/0xc0 [ 22.305870] ? __pfx_kthread+0x10/0x10 [ 22.305930] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.305997] ? calculate_sigpending+0x7b/0xa0 [ 22.306059] ? __pfx_kthread+0x10/0x10 [ 22.306121] ret_from_fork+0x41/0x80 [ 22.306171] ? __pfx_kthread+0x10/0x10 [ 22.306241] ret_from_fork_asm+0x1a/0x30 [ 22.306343] </TASK> [ 22.306378] [ 22.322279] Allocated by task 273: [ 22.322726] kasan_save_stack+0x45/0x70 [ 22.323393] kasan_save_track+0x18/0x40 [ 22.323983] kasan_save_alloc_info+0x3b/0x50 [ 22.324494] __kasan_kmalloc+0xb7/0xc0 [ 22.324985] __kmalloc_cache_noprof+0x18a/0x420 [ 22.325294] kasan_atomics+0x96/0x310 [ 22.325674] kunit_try_run_case+0x1a6/0x480 [ 22.326346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.326819] kthread+0x324/0x6e0 [ 22.327287] ret_from_fork+0x41/0x80 [ 22.327662] ret_from_fork_asm+0x1a/0x30 [ 22.328165] [ 22.328402] The buggy address belongs to the object at ffff888102993400 [ 22.328402] which belongs to the cache kmalloc-64 of size 64 [ 22.329428] The buggy address is located 0 bytes to the right of [ 22.329428] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.330242] [ 22.330463] The buggy address belongs to the physical page: [ 22.331202] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.331755] flags: 0x200000000000000(node=0|zone=2) [ 22.332239] page_type: f5(slab) [ 22.332579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.332989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.333689] page dumped because: kasan: bad access detected [ 22.334115] [ 22.334273] Memory state around the buggy address: [ 22.334706] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.335076] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.336113] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.336549] ^ [ 22.337010] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.337467] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.337842] ================================================================== [ 21.831530] ================================================================== [ 21.832261] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 21.833355] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.833819] [ 21.834219] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.834352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.834389] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.834444] Call Trace: [ 21.834486] <TASK> [ 21.834530] dump_stack_lvl+0x73/0xb0 [ 21.834815] print_report+0xd1/0x650 [ 21.834910] ? __virt_addr_valid+0x1db/0x2d0 [ 21.834978] ? kasan_atomics_helper+0x4a86/0x5450 [ 21.835042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.835111] ? kasan_atomics_helper+0x4a86/0x5450 [ 21.835166] kasan_report+0x140/0x180 [ 21.835203] ? kasan_atomics_helper+0x4a86/0x5450 [ 21.835238] __asan_report_load4_noabort+0x18/0x20 [ 21.835271] kasan_atomics_helper+0x4a86/0x5450 [ 21.835310] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.835350] ? kasan_save_alloc_info+0x3b/0x50 [ 21.835380] ? kasan_save_track+0x18/0x40 [ 21.835413] kasan_atomics+0x1dd/0x310 [ 21.835459] ? __pfx_kasan_atomics+0x10/0x10 [ 21.835515] ? __pfx_read_tsc+0x10/0x10 [ 21.835562] ? ktime_get_ts64+0x86/0x230 [ 21.835600] kunit_try_run_case+0x1a6/0x480 [ 21.835635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.835665] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.835711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.835744] ? __kthread_parkme+0x82/0x160 [ 21.835777] ? preempt_count_sub+0x50/0x80 [ 21.835811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.835844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.835900] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.835935] kthread+0x324/0x6e0 [ 21.835966] ? trace_preempt_on+0x20/0xc0 [ 21.836001] ? __pfx_kthread+0x10/0x10 [ 21.836031] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.836063] ? calculate_sigpending+0x7b/0xa0 [ 21.836093] ? __pfx_kthread+0x10/0x10 [ 21.836124] ret_from_fork+0x41/0x80 [ 21.836151] ? __pfx_kthread+0x10/0x10 [ 21.836181] ret_from_fork_asm+0x1a/0x30 [ 21.836224] </TASK> [ 21.836240] [ 21.853103] Allocated by task 273: [ 21.853533] kasan_save_stack+0x45/0x70 [ 21.853975] kasan_save_track+0x18/0x40 [ 21.854359] kasan_save_alloc_info+0x3b/0x50 [ 21.854805] __kasan_kmalloc+0xb7/0xc0 [ 21.855619] __kmalloc_cache_noprof+0x18a/0x420 [ 21.855986] kasan_atomics+0x96/0x310 [ 21.856943] kunit_try_run_case+0x1a6/0x480 [ 21.857364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.857977] kthread+0x324/0x6e0 [ 21.858386] ret_from_fork+0x41/0x80 [ 21.858961] ret_from_fork_asm+0x1a/0x30 [ 21.859352] [ 21.859663] The buggy address belongs to the object at ffff888102993400 [ 21.859663] which belongs to the cache kmalloc-64 of size 64 [ 21.861082] The buggy address is located 0 bytes to the right of [ 21.861082] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.862182] [ 21.862647] The buggy address belongs to the physical page: [ 21.863052] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.863744] flags: 0x200000000000000(node=0|zone=2) [ 21.864250] page_type: f5(slab) [ 21.865090] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.865749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.866378] page dumped because: kasan: bad access detected [ 21.866913] [ 21.867303] Memory state around the buggy address: [ 21.867660] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.868094] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.868488] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.869687] ^ [ 21.870141] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.870660] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.871433] ================================================================== [ 21.241247] ================================================================== [ 21.241838] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 21.242538] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.243573] [ 21.243791] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.243953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.243992] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.244045] Call Trace: [ 21.244093] <TASK> [ 21.244136] dump_stack_lvl+0x73/0xb0 [ 21.244215] print_report+0xd1/0x650 [ 21.244276] ? __virt_addr_valid+0x1db/0x2d0 [ 21.244657] ? kasan_atomics_helper+0x4a1/0x5450 [ 21.244726] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.244797] ? kasan_atomics_helper+0x4a1/0x5450 [ 21.244876] kasan_report+0x140/0x180 [ 21.244933] ? kasan_atomics_helper+0x4a1/0x5450 [ 21.245004] kasan_check_range+0x10c/0x1c0 [ 21.245071] __kasan_check_write+0x18/0x20 [ 21.245130] kasan_atomics_helper+0x4a1/0x5450 [ 21.245190] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.245251] ? kasan_save_alloc_info+0x3b/0x50 [ 21.245351] ? kasan_save_track+0x18/0x40 [ 21.245408] kasan_atomics+0x1dd/0x310 [ 21.245467] ? __pfx_kasan_atomics+0x10/0x10 [ 21.245501] ? __pfx_read_tsc+0x10/0x10 [ 21.245534] ? ktime_get_ts64+0x86/0x230 [ 21.245570] kunit_try_run_case+0x1a6/0x480 [ 21.245604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.245632] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.245667] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.245700] ? __kthread_parkme+0x82/0x160 [ 21.245730] ? preempt_count_sub+0x50/0x80 [ 21.245764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.245795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.245829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.245890] kthread+0x324/0x6e0 [ 21.245940] ? trace_preempt_on+0x20/0xc0 [ 21.245987] ? __pfx_kthread+0x10/0x10 [ 21.246019] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.246052] ? calculate_sigpending+0x7b/0xa0 [ 21.246083] ? __pfx_kthread+0x10/0x10 [ 21.246113] ret_from_fork+0x41/0x80 [ 21.246140] ? __pfx_kthread+0x10/0x10 [ 21.246169] ret_from_fork_asm+0x1a/0x30 [ 21.246213] </TASK> [ 21.246228] [ 21.261248] Allocated by task 273: [ 21.261735] kasan_save_stack+0x45/0x70 [ 21.262153] kasan_save_track+0x18/0x40 [ 21.262873] kasan_save_alloc_info+0x3b/0x50 [ 21.263324] __kasan_kmalloc+0xb7/0xc0 [ 21.263879] __kmalloc_cache_noprof+0x18a/0x420 [ 21.264318] kasan_atomics+0x96/0x310 [ 21.264693] kunit_try_run_case+0x1a6/0x480 [ 21.264986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.265290] kthread+0x324/0x6e0 [ 21.265659] ret_from_fork+0x41/0x80 [ 21.266044] ret_from_fork_asm+0x1a/0x30 [ 21.266467] [ 21.266680] The buggy address belongs to the object at ffff888102993400 [ 21.266680] which belongs to the cache kmalloc-64 of size 64 [ 21.268252] The buggy address is located 0 bytes to the right of [ 21.268252] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.269281] [ 21.269680] The buggy address belongs to the physical page: [ 21.270057] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.271084] flags: 0x200000000000000(node=0|zone=2) [ 21.271560] page_type: f5(slab) [ 21.272098] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.272988] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.273351] page dumped because: kasan: bad access detected [ 21.273978] [ 21.274192] Memory state around the buggy address: [ 21.275204] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.275972] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.276485] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.276883] ^ [ 21.277352] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.277780] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.278820] ================================================================== [ 23.387554] ================================================================== [ 23.391264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 23.391976] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.392486] [ 23.392751] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.392887] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.392925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.392976] Call Trace: [ 23.393019] <TASK> [ 23.393064] dump_stack_lvl+0x73/0xb0 [ 23.393153] print_report+0xd1/0x650 [ 23.393222] ? __virt_addr_valid+0x1db/0x2d0 [ 23.393329] ? kasan_atomics_helper+0x218b/0x5450 [ 23.393398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.393461] ? kasan_atomics_helper+0x218b/0x5450 [ 23.393511] kasan_report+0x140/0x180 [ 23.393546] ? kasan_atomics_helper+0x218b/0x5450 [ 23.393582] kasan_check_range+0x10c/0x1c0 [ 23.393614] __kasan_check_write+0x18/0x20 [ 23.393645] kasan_atomics_helper+0x218b/0x5450 [ 23.393675] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.393706] ? kasan_save_alloc_info+0x3b/0x50 [ 23.393737] ? kasan_save_track+0x18/0x40 [ 23.393768] kasan_atomics+0x1dd/0x310 [ 23.393799] ? __pfx_kasan_atomics+0x10/0x10 [ 23.393830] ? __pfx_read_tsc+0x10/0x10 [ 23.393885] ? ktime_get_ts64+0x86/0x230 [ 23.393923] kunit_try_run_case+0x1a6/0x480 [ 23.393958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.393987] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.394023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.394054] ? __kthread_parkme+0x82/0x160 [ 23.394087] ? preempt_count_sub+0x50/0x80 [ 23.394120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.394152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.394186] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.394221] kthread+0x324/0x6e0 [ 23.394250] ? trace_preempt_on+0x20/0xc0 [ 23.394294] ? __pfx_kthread+0x10/0x10 [ 23.394340] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.394375] ? calculate_sigpending+0x7b/0xa0 [ 23.394406] ? __pfx_kthread+0x10/0x10 [ 23.394437] ret_from_fork+0x41/0x80 [ 23.394463] ? __pfx_kthread+0x10/0x10 [ 23.394492] ret_from_fork_asm+0x1a/0x30 [ 23.394535] </TASK> [ 23.394552] [ 23.409070] Allocated by task 273: [ 23.409548] kasan_save_stack+0x45/0x70 [ 23.409898] kasan_save_track+0x18/0x40 [ 23.410336] kasan_save_alloc_info+0x3b/0x50 [ 23.410814] __kasan_kmalloc+0xb7/0xc0 [ 23.411205] __kmalloc_cache_noprof+0x18a/0x420 [ 23.411487] kasan_atomics+0x96/0x310 [ 23.411734] kunit_try_run_case+0x1a6/0x480 [ 23.412186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.412763] kthread+0x324/0x6e0 [ 23.413168] ret_from_fork+0x41/0x80 [ 23.413716] ret_from_fork_asm+0x1a/0x30 [ 23.414152] [ 23.414564] The buggy address belongs to the object at ffff888102993400 [ 23.414564] which belongs to the cache kmalloc-64 of size 64 [ 23.415831] The buggy address is located 0 bytes to the right of [ 23.415831] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.416726] [ 23.416903] The buggy address belongs to the physical page: [ 23.417180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.418017] flags: 0x200000000000000(node=0|zone=2) [ 23.418634] page_type: f5(slab) [ 23.419031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.419782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.420404] page dumped because: kasan: bad access detected [ 23.420650] [ 23.420889] Memory state around the buggy address: [ 23.421365] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.421900] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.422491] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.423038] ^ [ 23.423601] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.424339] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.424791] ================================================================== [ 23.493814] ================================================================== [ 23.495610] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 23.496431] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.497188] [ 23.497518] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.497641] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.497679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.497740] Call Trace: [ 23.497792] <TASK> [ 23.497842] dump_stack_lvl+0x73/0xb0 [ 23.497987] print_report+0xd1/0x650 [ 23.498059] ? __virt_addr_valid+0x1db/0x2d0 [ 23.498141] ? kasan_atomics_helper+0x5117/0x5450 [ 23.498199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.498259] ? kasan_atomics_helper+0x5117/0x5450 [ 23.498356] kasan_report+0x140/0x180 [ 23.498424] ? kasan_atomics_helper+0x5117/0x5450 [ 23.498499] __asan_report_load8_noabort+0x18/0x20 [ 23.498565] kasan_atomics_helper+0x5117/0x5450 [ 23.498630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.498695] ? kasan_save_alloc_info+0x3b/0x50 [ 23.498759] ? kasan_save_track+0x18/0x40 [ 23.498824] kasan_atomics+0x1dd/0x310 [ 23.499127] ? __pfx_kasan_atomics+0x10/0x10 [ 23.499174] ? __pfx_read_tsc+0x10/0x10 [ 23.499209] ? ktime_get_ts64+0x86/0x230 [ 23.499245] kunit_try_run_case+0x1a6/0x480 [ 23.499297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.499342] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.499379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.499414] ? __kthread_parkme+0x82/0x160 [ 23.499446] ? preempt_count_sub+0x50/0x80 [ 23.499480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.499512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.499547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.499582] kthread+0x324/0x6e0 [ 23.499612] ? trace_preempt_on+0x20/0xc0 [ 23.499645] ? __pfx_kthread+0x10/0x10 [ 23.499691] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.499724] ? calculate_sigpending+0x7b/0xa0 [ 23.499754] ? __pfx_kthread+0x10/0x10 [ 23.499785] ret_from_fork+0x41/0x80 [ 23.499810] ? __pfx_kthread+0x10/0x10 [ 23.499840] ret_from_fork_asm+0x1a/0x30 [ 23.499904] </TASK> [ 23.499921] [ 23.512665] Allocated by task 273: [ 23.513003] kasan_save_stack+0x45/0x70 [ 23.513481] kasan_save_track+0x18/0x40 [ 23.513966] kasan_save_alloc_info+0x3b/0x50 [ 23.514254] __kasan_kmalloc+0xb7/0xc0 [ 23.514503] __kmalloc_cache_noprof+0x18a/0x420 [ 23.514881] kasan_atomics+0x96/0x310 [ 23.515435] kunit_try_run_case+0x1a6/0x480 [ 23.515930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.516582] kthread+0x324/0x6e0 [ 23.516955] ret_from_fork+0x41/0x80 [ 23.517291] ret_from_fork_asm+0x1a/0x30 [ 23.517560] [ 23.517780] The buggy address belongs to the object at ffff888102993400 [ 23.517780] which belongs to the cache kmalloc-64 of size 64 [ 23.518876] The buggy address is located 0 bytes to the right of [ 23.518876] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.519867] [ 23.520076] The buggy address belongs to the physical page: [ 23.520360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.521056] flags: 0x200000000000000(node=0|zone=2) [ 23.521668] page_type: f5(slab) [ 23.522054] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.522693] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.523185] page dumped because: kasan: bad access detected [ 23.523467] [ 23.523653] Memory state around the buggy address: [ 23.524179] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.525213] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.525905] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.526300] ^ [ 23.526822] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.527470] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.527824] ================================================================== [ 21.791768] ================================================================== [ 21.792345] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 21.793909] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.794363] [ 21.795033] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.795104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.795132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.795182] Call Trace: [ 21.795226] <TASK> [ 21.795267] dump_stack_lvl+0x73/0xb0 [ 21.795415] print_report+0xd1/0x650 [ 21.795498] ? __virt_addr_valid+0x1db/0x2d0 [ 21.795563] ? kasan_atomics_helper+0xc71/0x5450 [ 21.795617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.795677] ? kasan_atomics_helper+0xc71/0x5450 [ 21.795731] kasan_report+0x140/0x180 [ 21.795766] ? kasan_atomics_helper+0xc71/0x5450 [ 21.795802] kasan_check_range+0x10c/0x1c0 [ 21.795834] __kasan_check_write+0x18/0x20 [ 21.795887] kasan_atomics_helper+0xc71/0x5450 [ 21.795918] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.795949] ? kasan_save_alloc_info+0x3b/0x50 [ 21.795979] ? kasan_save_track+0x18/0x40 [ 21.796011] kasan_atomics+0x1dd/0x310 [ 21.796042] ? __pfx_kasan_atomics+0x10/0x10 [ 21.796074] ? __pfx_read_tsc+0x10/0x10 [ 21.796107] ? ktime_get_ts64+0x86/0x230 [ 21.796142] kunit_try_run_case+0x1a6/0x480 [ 21.796176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.796206] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.796241] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.796274] ? __kthread_parkme+0x82/0x160 [ 21.796304] ? preempt_count_sub+0x50/0x80 [ 21.796338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.796370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.796405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.796440] kthread+0x324/0x6e0 [ 21.796483] ? trace_preempt_on+0x20/0xc0 [ 21.796542] ? __pfx_kthread+0x10/0x10 [ 21.796590] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.796624] ? calculate_sigpending+0x7b/0xa0 [ 21.796655] ? __pfx_kthread+0x10/0x10 [ 21.796687] ret_from_fork+0x41/0x80 [ 21.796716] ? __pfx_kthread+0x10/0x10 [ 21.796747] ret_from_fork_asm+0x1a/0x30 [ 21.796792] </TASK> [ 21.796807] [ 21.813029] Allocated by task 273: [ 21.813913] kasan_save_stack+0x45/0x70 [ 21.814266] kasan_save_track+0x18/0x40 [ 21.814819] kasan_save_alloc_info+0x3b/0x50 [ 21.815151] __kasan_kmalloc+0xb7/0xc0 [ 21.815780] __kmalloc_cache_noprof+0x18a/0x420 [ 21.816144] kasan_atomics+0x96/0x310 [ 21.816656] kunit_try_run_case+0x1a6/0x480 [ 21.816987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.817935] kthread+0x324/0x6e0 [ 21.818322] ret_from_fork+0x41/0x80 [ 21.818622] ret_from_fork_asm+0x1a/0x30 [ 21.819076] [ 21.819269] The buggy address belongs to the object at ffff888102993400 [ 21.819269] which belongs to the cache kmalloc-64 of size 64 [ 21.820187] The buggy address is located 0 bytes to the right of [ 21.820187] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.821096] [ 21.821364] The buggy address belongs to the physical page: [ 21.822375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.823088] flags: 0x200000000000000(node=0|zone=2) [ 21.823792] page_type: f5(slab) [ 21.824113] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.824863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.825511] page dumped because: kasan: bad access detected [ 21.825882] [ 21.826100] Memory state around the buggy address: [ 21.826479] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.826896] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.827276] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.827829] ^ [ 21.828668] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.830388] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.830796] ================================================================== [ 21.709431] ================================================================== [ 21.709929] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 21.710960] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.711744] [ 21.712017] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.712186] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.712223] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.712282] Call Trace: [ 21.712329] <TASK> [ 21.712373] dump_stack_lvl+0x73/0xb0 [ 21.712455] print_report+0xd1/0x650 [ 21.712518] ? __virt_addr_valid+0x1db/0x2d0 [ 21.712714] ? kasan_atomics_helper+0xac8/0x5450 [ 21.712781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.713203] ? kasan_atomics_helper+0xac8/0x5450 [ 21.713275] kasan_report+0x140/0x180 [ 21.713337] ? kasan_atomics_helper+0xac8/0x5450 [ 21.713410] kasan_check_range+0x10c/0x1c0 [ 21.713475] __kasan_check_write+0x18/0x20 [ 21.713513] kasan_atomics_helper+0xac8/0x5450 [ 21.713545] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.713577] ? kasan_save_alloc_info+0x3b/0x50 [ 21.713608] ? kasan_save_track+0x18/0x40 [ 21.713640] kasan_atomics+0x1dd/0x310 [ 21.713671] ? __pfx_kasan_atomics+0x10/0x10 [ 21.713703] ? __pfx_read_tsc+0x10/0x10 [ 21.713733] ? ktime_get_ts64+0x86/0x230 [ 21.713769] kunit_try_run_case+0x1a6/0x480 [ 21.713803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.713832] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.713896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.713952] ? __kthread_parkme+0x82/0x160 [ 21.714009] ? preempt_count_sub+0x50/0x80 [ 21.714055] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.714090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.714127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.714163] kthread+0x324/0x6e0 [ 21.714192] ? trace_preempt_on+0x20/0xc0 [ 21.714226] ? __pfx_kthread+0x10/0x10 [ 21.714257] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.714290] ? calculate_sigpending+0x7b/0xa0 [ 21.714336] ? __pfx_kthread+0x10/0x10 [ 21.714369] ret_from_fork+0x41/0x80 [ 21.714420] ? __pfx_kthread+0x10/0x10 [ 21.714476] ret_from_fork_asm+0x1a/0x30 [ 21.714546] </TASK> [ 21.714567] [ 21.731197] Allocated by task 273: [ 21.731580] kasan_save_stack+0x45/0x70 [ 21.731948] kasan_save_track+0x18/0x40 [ 21.732364] kasan_save_alloc_info+0x3b/0x50 [ 21.732678] __kasan_kmalloc+0xb7/0xc0 [ 21.733782] __kmalloc_cache_noprof+0x18a/0x420 [ 21.734168] kasan_atomics+0x96/0x310 [ 21.734703] kunit_try_run_case+0x1a6/0x480 [ 21.735166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.735603] kthread+0x324/0x6e0 [ 21.735983] ret_from_fork+0x41/0x80 [ 21.736422] ret_from_fork_asm+0x1a/0x30 [ 21.737473] [ 21.737630] The buggy address belongs to the object at ffff888102993400 [ 21.737630] which belongs to the cache kmalloc-64 of size 64 [ 21.738138] The buggy address is located 0 bytes to the right of [ 21.738138] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.740028] [ 21.740179] The buggy address belongs to the physical page: [ 21.740602] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.741390] flags: 0x200000000000000(node=0|zone=2) [ 21.742481] page_type: f5(slab) [ 21.742767] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.743266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.744241] page dumped because: kasan: bad access detected [ 21.744874] [ 21.745407] Memory state around the buggy address: [ 21.746346] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.746984] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.747663] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.748237] ^ [ 21.749153] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.749926] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.750357] ================================================================== [ 21.113985] ================================================================== [ 21.114811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 21.115325] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.115788] [ 21.116746] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.116882] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.116917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.116970] Call Trace: [ 21.117012] <TASK> [ 21.117055] dump_stack_lvl+0x73/0xb0 [ 21.117129] print_report+0xd1/0x650 [ 21.117192] ? __virt_addr_valid+0x1db/0x2d0 [ 21.117253] ? kasan_atomics_helper+0x4b70/0x5450 [ 21.117309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.117366] ? kasan_atomics_helper+0x4b70/0x5450 [ 21.117420] kasan_report+0x140/0x180 [ 21.117475] ? kasan_atomics_helper+0x4b70/0x5450 [ 21.117543] __asan_report_store4_noabort+0x1b/0x30 [ 21.117604] kasan_atomics_helper+0x4b70/0x5450 [ 21.117658] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.117709] ? kasan_save_alloc_info+0x3b/0x50 [ 21.117757] ? kasan_save_track+0x18/0x40 [ 21.117812] kasan_atomics+0x1dd/0x310 [ 21.117886] ? __pfx_kasan_atomics+0x10/0x10 [ 21.117952] ? __pfx_read_tsc+0x10/0x10 [ 21.118009] ? ktime_get_ts64+0x86/0x230 [ 21.118080] kunit_try_run_case+0x1a6/0x480 [ 21.118142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.118201] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.118268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.118327] ? __kthread_parkme+0x82/0x160 [ 21.118365] ? preempt_count_sub+0x50/0x80 [ 21.118398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.118429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.118465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.118499] kthread+0x324/0x6e0 [ 21.118526] ? trace_preempt_on+0x20/0xc0 [ 21.118558] ? __pfx_kthread+0x10/0x10 [ 21.118586] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.118616] ? calculate_sigpending+0x7b/0xa0 [ 21.118644] ? __pfx_kthread+0x10/0x10 [ 21.118673] ret_from_fork+0x41/0x80 [ 21.118697] ? __pfx_kthread+0x10/0x10 [ 21.118725] ret_from_fork_asm+0x1a/0x30 [ 21.118766] </TASK> [ 21.118780] [ 21.136366] Allocated by task 273: [ 21.137345] kasan_save_stack+0x45/0x70 [ 21.138160] kasan_save_track+0x18/0x40 [ 21.138884] kasan_save_alloc_info+0x3b/0x50 [ 21.139378] __kasan_kmalloc+0xb7/0xc0 [ 21.139623] __kmalloc_cache_noprof+0x18a/0x420 [ 21.139783] kasan_atomics+0x96/0x310 [ 21.139980] kunit_try_run_case+0x1a6/0x480 [ 21.140523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.140828] kthread+0x324/0x6e0 [ 21.141073] ret_from_fork+0x41/0x80 [ 21.141292] ret_from_fork_asm+0x1a/0x30 [ 21.142173] [ 21.142719] The buggy address belongs to the object at ffff888102993400 [ 21.142719] which belongs to the cache kmalloc-64 of size 64 [ 21.143645] The buggy address is located 0 bytes to the right of [ 21.143645] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.144952] [ 21.145201] The buggy address belongs to the physical page: [ 21.145904] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.146708] flags: 0x200000000000000(node=0|zone=2) [ 21.147186] page_type: f5(slab) [ 21.147892] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.148347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.148989] page dumped because: kasan: bad access detected [ 21.149307] [ 21.150041] Memory state around the buggy address: [ 21.150615] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.151675] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.152322] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.152816] ^ [ 21.153388] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.153739] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.154825] ================================================================== [ 21.752140] ================================================================== [ 21.753135] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 21.753530] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.754390] [ 21.754844] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.754973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.755011] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.755062] Call Trace: [ 21.755109] <TASK> [ 21.755156] dump_stack_lvl+0x73/0xb0 [ 21.755234] print_report+0xd1/0x650 [ 21.755337] ? __virt_addr_valid+0x1db/0x2d0 [ 21.755409] ? kasan_atomics_helper+0xb6b/0x5450 [ 21.755506] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.755564] ? kasan_atomics_helper+0xb6b/0x5450 [ 21.755596] kasan_report+0x140/0x180 [ 21.755629] ? kasan_atomics_helper+0xb6b/0x5450 [ 21.755666] kasan_check_range+0x10c/0x1c0 [ 21.755712] __kasan_check_write+0x18/0x20 [ 21.755744] kasan_atomics_helper+0xb6b/0x5450 [ 21.755774] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.755805] ? kasan_save_alloc_info+0x3b/0x50 [ 21.755836] ? kasan_save_track+0x18/0x40 [ 21.755890] kasan_atomics+0x1dd/0x310 [ 21.755922] ? __pfx_kasan_atomics+0x10/0x10 [ 21.755955] ? __pfx_read_tsc+0x10/0x10 [ 21.755987] ? ktime_get_ts64+0x86/0x230 [ 21.756024] kunit_try_run_case+0x1a6/0x480 [ 21.756058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.756089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.756125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.756159] ? __kthread_parkme+0x82/0x160 [ 21.756190] ? preempt_count_sub+0x50/0x80 [ 21.756226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.756258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.756296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.756344] kthread+0x324/0x6e0 [ 21.756374] ? trace_preempt_on+0x20/0xc0 [ 21.756410] ? __pfx_kthread+0x10/0x10 [ 21.756456] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.756514] ? calculate_sigpending+0x7b/0xa0 [ 21.756569] ? __pfx_kthread+0x10/0x10 [ 21.756622] ret_from_fork+0x41/0x80 [ 21.756671] ? __pfx_kthread+0x10/0x10 [ 21.756723] ret_from_fork_asm+0x1a/0x30 [ 21.756799] </TASK> [ 21.756821] [ 21.772249] Allocated by task 273: [ 21.772899] kasan_save_stack+0x45/0x70 [ 21.773229] kasan_save_track+0x18/0x40 [ 21.773646] kasan_save_alloc_info+0x3b/0x50 [ 21.774108] __kasan_kmalloc+0xb7/0xc0 [ 21.774999] __kmalloc_cache_noprof+0x18a/0x420 [ 21.775444] kasan_atomics+0x96/0x310 [ 21.775895] kunit_try_run_case+0x1a6/0x480 [ 21.776334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.776751] kthread+0x324/0x6e0 [ 21.777091] ret_from_fork+0x41/0x80 [ 21.777376] ret_from_fork_asm+0x1a/0x30 [ 21.777725] [ 21.778164] The buggy address belongs to the object at ffff888102993400 [ 21.778164] which belongs to the cache kmalloc-64 of size 64 [ 21.779214] The buggy address is located 0 bytes to the right of [ 21.779214] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.780558] [ 21.780797] The buggy address belongs to the physical page: [ 21.781320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.782125] flags: 0x200000000000000(node=0|zone=2) [ 21.782982] page_type: f5(slab) [ 21.783335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.783945] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.784744] page dumped because: kasan: bad access detected [ 21.785098] [ 21.785319] Memory state around the buggy address: [ 21.785916] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.786322] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.787394] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.788268] ^ [ 21.789002] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.789745] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.790390] ================================================================== [ 23.041090] ================================================================== [ 23.041575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 23.041969] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.042646] [ 23.042907] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.043016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.043054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.043111] Call Trace: [ 23.043158] <TASK> [ 23.043199] dump_stack_lvl+0x73/0xb0 [ 23.043277] print_report+0xd1/0x650 [ 23.043343] ? __virt_addr_valid+0x1db/0x2d0 [ 23.043407] ? kasan_atomics_helper+0x1ce2/0x5450 [ 23.043469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.043541] ? kasan_atomics_helper+0x1ce2/0x5450 [ 23.043603] kasan_report+0x140/0x180 [ 23.043667] ? kasan_atomics_helper+0x1ce2/0x5450 [ 23.043752] kasan_check_range+0x10c/0x1c0 [ 23.043819] __kasan_check_write+0x18/0x20 [ 23.043899] kasan_atomics_helper+0x1ce2/0x5450 [ 23.043956] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.044014] ? kasan_save_alloc_info+0x3b/0x50 [ 23.044074] ? kasan_save_track+0x18/0x40 [ 23.044143] kasan_atomics+0x1dd/0x310 [ 23.044207] ? __pfx_kasan_atomics+0x10/0x10 [ 23.044273] ? __pfx_read_tsc+0x10/0x10 [ 23.044329] ? ktime_get_ts64+0x86/0x230 [ 23.044403] kunit_try_run_case+0x1a6/0x480 [ 23.044471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.044530] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.044602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.044671] ? __kthread_parkme+0x82/0x160 [ 23.044734] ? preempt_count_sub+0x50/0x80 [ 23.044805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.044888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.044965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.045040] kthread+0x324/0x6e0 [ 23.045102] ? trace_preempt_on+0x20/0xc0 [ 23.045169] ? __pfx_kthread+0x10/0x10 [ 23.045233] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.045300] ? calculate_sigpending+0x7b/0xa0 [ 23.045362] ? __pfx_kthread+0x10/0x10 [ 23.045428] ret_from_fork+0x41/0x80 [ 23.045484] ? __pfx_kthread+0x10/0x10 [ 23.045543] ret_from_fork_asm+0x1a/0x30 [ 23.045622] </TASK> [ 23.045654] [ 23.057598] Allocated by task 273: [ 23.058009] kasan_save_stack+0x45/0x70 [ 23.058481] kasan_save_track+0x18/0x40 [ 23.058884] kasan_save_alloc_info+0x3b/0x50 [ 23.059210] __kasan_kmalloc+0xb7/0xc0 [ 23.059826] __kmalloc_cache_noprof+0x18a/0x420 [ 23.060204] kasan_atomics+0x96/0x310 [ 23.060687] kunit_try_run_case+0x1a6/0x480 [ 23.061077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.061609] kthread+0x324/0x6e0 [ 23.061869] ret_from_fork+0x41/0x80 [ 23.062107] ret_from_fork_asm+0x1a/0x30 [ 23.062355] [ 23.062501] The buggy address belongs to the object at ffff888102993400 [ 23.062501] which belongs to the cache kmalloc-64 of size 64 [ 23.063449] The buggy address is located 0 bytes to the right of [ 23.063449] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.064618] [ 23.064841] The buggy address belongs to the physical page: [ 23.065253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.065668] flags: 0x200000000000000(node=0|zone=2) [ 23.066065] page_type: f5(slab) [ 23.066454] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.067089] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.067724] page dumped because: kasan: bad access detected [ 23.068126] [ 23.068351] Memory state around the buggy address: [ 23.068662] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.069031] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.069391] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.070177] ^ [ 23.070705] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.071221] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.071625] ================================================================== [ 21.948209] ================================================================== [ 21.949492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 21.949812] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.950496] [ 21.950737] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.950847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.950899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.950953] Call Trace: [ 21.950999] <TASK> [ 21.951041] dump_stack_lvl+0x73/0xb0 [ 21.951120] print_report+0xd1/0x650 [ 21.951182] ? __virt_addr_valid+0x1db/0x2d0 [ 21.951248] ? kasan_atomics_helper+0xe79/0x5450 [ 21.951308] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.951381] ? kasan_atomics_helper+0xe79/0x5450 [ 21.951444] kasan_report+0x140/0x180 [ 21.951509] ? kasan_atomics_helper+0xe79/0x5450 [ 21.951581] kasan_check_range+0x10c/0x1c0 [ 21.951642] __kasan_check_write+0x18/0x20 [ 21.951710] kasan_atomics_helper+0xe79/0x5450 [ 21.951770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.951830] ? kasan_save_alloc_info+0x3b/0x50 [ 21.951910] ? kasan_save_track+0x18/0x40 [ 21.951971] kasan_atomics+0x1dd/0x310 [ 21.952031] ? __pfx_kasan_atomics+0x10/0x10 [ 21.952087] ? __pfx_read_tsc+0x10/0x10 [ 21.952148] ? ktime_get_ts64+0x86/0x230 [ 21.952219] kunit_try_run_case+0x1a6/0x480 [ 21.952292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.952341] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.952381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.952417] ? __kthread_parkme+0x82/0x160 [ 21.952448] ? preempt_count_sub+0x50/0x80 [ 21.952482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.952514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.952551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.952586] kthread+0x324/0x6e0 [ 21.952615] ? trace_preempt_on+0x20/0xc0 [ 21.952648] ? __pfx_kthread+0x10/0x10 [ 21.952679] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.952711] ? calculate_sigpending+0x7b/0xa0 [ 21.952740] ? __pfx_kthread+0x10/0x10 [ 21.952770] ret_from_fork+0x41/0x80 [ 21.952796] ? __pfx_kthread+0x10/0x10 [ 21.952826] ret_from_fork_asm+0x1a/0x30 [ 21.952887] </TASK> [ 21.952905] [ 21.968490] Allocated by task 273: [ 21.968877] kasan_save_stack+0x45/0x70 [ 21.969278] kasan_save_track+0x18/0x40 [ 21.969777] kasan_save_alloc_info+0x3b/0x50 [ 21.970118] __kasan_kmalloc+0xb7/0xc0 [ 21.970935] __kmalloc_cache_noprof+0x18a/0x420 [ 21.971502] kasan_atomics+0x96/0x310 [ 21.971921] kunit_try_run_case+0x1a6/0x480 [ 21.973422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.973725] kthread+0x324/0x6e0 [ 21.974149] ret_from_fork+0x41/0x80 [ 21.974679] ret_from_fork_asm+0x1a/0x30 [ 21.975126] [ 21.975374] The buggy address belongs to the object at ffff888102993400 [ 21.975374] which belongs to the cache kmalloc-64 of size 64 [ 21.976595] The buggy address is located 0 bytes to the right of [ 21.976595] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.977623] [ 21.977939] The buggy address belongs to the physical page: [ 21.978533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.979145] flags: 0x200000000000000(node=0|zone=2) [ 21.979448] page_type: f5(slab) [ 21.979806] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.980404] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.980786] page dumped because: kasan: bad access detected [ 21.981173] [ 21.981410] Memory state around the buggy address: [ 21.981863] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.982490] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.983036] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.983529] ^ [ 21.983957] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.984548] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.985009] ================================================================== [ 23.179585] ================================================================== [ 23.180110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 23.180561] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.180931] [ 23.181238] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.181352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.181381] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.181423] Call Trace: [ 23.181465] <TASK> [ 23.181500] dump_stack_lvl+0x73/0xb0 [ 23.181575] print_report+0xd1/0x650 [ 23.181635] ? __virt_addr_valid+0x1db/0x2d0 [ 23.181696] ? kasan_atomics_helper+0x1f44/0x5450 [ 23.181755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.181824] ? kasan_atomics_helper+0x1f44/0x5450 [ 23.181902] kasan_report+0x140/0x180 [ 23.181965] ? kasan_atomics_helper+0x1f44/0x5450 [ 23.182037] kasan_check_range+0x10c/0x1c0 [ 23.182104] __kasan_check_write+0x18/0x20 [ 23.182170] kasan_atomics_helper+0x1f44/0x5450 [ 23.182234] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.182334] ? kasan_save_alloc_info+0x3b/0x50 [ 23.182405] ? kasan_save_track+0x18/0x40 [ 23.182473] kasan_atomics+0x1dd/0x310 [ 23.182535] ? __pfx_kasan_atomics+0x10/0x10 [ 23.182595] ? __pfx_read_tsc+0x10/0x10 [ 23.182672] ? ktime_get_ts64+0x86/0x230 [ 23.182732] kunit_try_run_case+0x1a6/0x480 [ 23.182791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.182863] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.182929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.182992] ? __kthread_parkme+0x82/0x160 [ 23.183051] ? preempt_count_sub+0x50/0x80 [ 23.183118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.183186] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.183263] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.183379] kthread+0x324/0x6e0 [ 23.183442] ? trace_preempt_on+0x20/0xc0 [ 23.183510] ? __pfx_kthread+0x10/0x10 [ 23.183571] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.183638] ? calculate_sigpending+0x7b/0xa0 [ 23.183711] ? __pfx_kthread+0x10/0x10 [ 23.183775] ret_from_fork+0x41/0x80 [ 23.183831] ? __pfx_kthread+0x10/0x10 [ 23.183910] ret_from_fork_asm+0x1a/0x30 [ 23.183999] </TASK> [ 23.184033] [ 23.196431] Allocated by task 273: [ 23.196820] kasan_save_stack+0x45/0x70 [ 23.197215] kasan_save_track+0x18/0x40 [ 23.197509] kasan_save_alloc_info+0x3b/0x50 [ 23.197937] __kasan_kmalloc+0xb7/0xc0 [ 23.198372] __kmalloc_cache_noprof+0x18a/0x420 [ 23.198807] kasan_atomics+0x96/0x310 [ 23.199088] kunit_try_run_case+0x1a6/0x480 [ 23.199406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.199727] kthread+0x324/0x6e0 [ 23.200064] ret_from_fork+0x41/0x80 [ 23.200496] ret_from_fork_asm+0x1a/0x30 [ 23.200929] [ 23.201147] The buggy address belongs to the object at ffff888102993400 [ 23.201147] which belongs to the cache kmalloc-64 of size 64 [ 23.202136] The buggy address is located 0 bytes to the right of [ 23.202136] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.203202] [ 23.203466] The buggy address belongs to the physical page: [ 23.203834] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.204228] flags: 0x200000000000000(node=0|zone=2) [ 23.204720] page_type: f5(slab) [ 23.205065] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.205718] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.206087] page dumped because: kasan: bad access detected [ 23.206406] [ 23.206551] Memory state around the buggy address: [ 23.206809] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.207506] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.208174] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.209017] ^ [ 23.209328] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.209676] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.210019] ================================================================== [ 22.937215] ================================================================== [ 22.937604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 22.938658] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.939230] [ 22.939447] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.939583] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.939624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.939688] Call Trace: [ 22.939754] <TASK> [ 22.939801] dump_stack_lvl+0x73/0xb0 [ 22.939892] print_report+0xd1/0x650 [ 22.939958] ? __virt_addr_valid+0x1db/0x2d0 [ 22.940023] ? kasan_atomics_helper+0x1b23/0x5450 [ 22.940084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.940146] ? kasan_atomics_helper+0x1b23/0x5450 [ 22.940203] kasan_report+0x140/0x180 [ 22.940265] ? kasan_atomics_helper+0x1b23/0x5450 [ 22.940334] kasan_check_range+0x10c/0x1c0 [ 22.940400] __kasan_check_write+0x18/0x20 [ 22.940493] kasan_atomics_helper+0x1b23/0x5450 [ 22.940556] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.940621] ? kasan_save_alloc_info+0x3b/0x50 [ 22.940686] ? kasan_save_track+0x18/0x40 [ 22.940731] kasan_atomics+0x1dd/0x310 [ 22.940765] ? __pfx_kasan_atomics+0x10/0x10 [ 22.940799] ? __pfx_read_tsc+0x10/0x10 [ 22.940831] ? ktime_get_ts64+0x86/0x230 [ 22.940888] kunit_try_run_case+0x1a6/0x480 [ 22.940924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.940953] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.940990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.941022] ? __kthread_parkme+0x82/0x160 [ 22.941054] ? preempt_count_sub+0x50/0x80 [ 22.941088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.941119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.941154] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.941190] kthread+0x324/0x6e0 [ 22.941218] ? trace_preempt_on+0x20/0xc0 [ 22.941252] ? __pfx_kthread+0x10/0x10 [ 22.941282] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.941330] ? calculate_sigpending+0x7b/0xa0 [ 22.941361] ? __pfx_kthread+0x10/0x10 [ 22.941391] ret_from_fork+0x41/0x80 [ 22.941418] ? __pfx_kthread+0x10/0x10 [ 22.941448] ret_from_fork_asm+0x1a/0x30 [ 22.941491] </TASK> [ 22.941507] [ 22.954277] Allocated by task 273: [ 22.954883] kasan_save_stack+0x45/0x70 [ 22.955160] kasan_save_track+0x18/0x40 [ 22.955836] kasan_save_alloc_info+0x3b/0x50 [ 22.956164] __kasan_kmalloc+0xb7/0xc0 [ 22.956405] __kmalloc_cache_noprof+0x18a/0x420 [ 22.956677] kasan_atomics+0x96/0x310 [ 22.956927] kunit_try_run_case+0x1a6/0x480 [ 22.957183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.957726] kthread+0x324/0x6e0 [ 22.958218] ret_from_fork+0x41/0x80 [ 22.958541] ret_from_fork_asm+0x1a/0x30 [ 22.959000] [ 22.959188] The buggy address belongs to the object at ffff888102993400 [ 22.959188] which belongs to the cache kmalloc-64 of size 64 [ 22.959986] The buggy address is located 0 bytes to the right of [ 22.959986] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.960524] [ 22.960756] The buggy address belongs to the physical page: [ 22.961286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.962640] flags: 0x200000000000000(node=0|zone=2) [ 22.964059] page_type: f5(slab) [ 22.964408] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.965231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.965914] page dumped because: kasan: bad access detected [ 22.966264] [ 22.966515] Memory state around the buggy address: [ 22.966985] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.967361] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.967989] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.968721] ^ [ 22.969261] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.969628] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.970273] ================================================================== [ 22.267082] ================================================================== [ 22.267874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 22.268580] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.269061] [ 22.269392] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.269500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.269572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.269646] Call Trace: [ 22.269698] <TASK> [ 22.269740] dump_stack_lvl+0x73/0xb0 [ 22.269864] print_report+0xd1/0x650 [ 22.269958] ? __virt_addr_valid+0x1db/0x2d0 [ 22.270026] ? kasan_atomics_helper+0x49ea/0x5450 [ 22.270084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.270187] ? kasan_atomics_helper+0x49ea/0x5450 [ 22.270269] kasan_report+0x140/0x180 [ 22.270375] ? kasan_atomics_helper+0x49ea/0x5450 [ 22.270466] __asan_report_load4_noabort+0x18/0x20 [ 22.270572] kasan_atomics_helper+0x49ea/0x5450 [ 22.270656] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.270717] ? kasan_save_alloc_info+0x3b/0x50 [ 22.270809] ? kasan_save_track+0x18/0x40 [ 22.270900] kasan_atomics+0x1dd/0x310 [ 22.270967] ? __pfx_kasan_atomics+0x10/0x10 [ 22.271025] ? __pfx_read_tsc+0x10/0x10 [ 22.271060] ? ktime_get_ts64+0x86/0x230 [ 22.271099] kunit_try_run_case+0x1a6/0x480 [ 22.271134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.271164] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.271200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.271233] ? __kthread_parkme+0x82/0x160 [ 22.271265] ? preempt_count_sub+0x50/0x80 [ 22.271322] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.271359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.271396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.271430] kthread+0x324/0x6e0 [ 22.271460] ? trace_preempt_on+0x20/0xc0 [ 22.271494] ? __pfx_kthread+0x10/0x10 [ 22.271525] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.271557] ? calculate_sigpending+0x7b/0xa0 [ 22.271588] ? __pfx_kthread+0x10/0x10 [ 22.271619] ret_from_fork+0x41/0x80 [ 22.271645] ? __pfx_kthread+0x10/0x10 [ 22.271676] ret_from_fork_asm+0x1a/0x30 [ 22.271731] </TASK> [ 22.271747] [ 22.285649] Allocated by task 273: [ 22.285919] kasan_save_stack+0x45/0x70 [ 22.286450] kasan_save_track+0x18/0x40 [ 22.286899] kasan_save_alloc_info+0x3b/0x50 [ 22.287454] __kasan_kmalloc+0xb7/0xc0 [ 22.287747] __kmalloc_cache_noprof+0x18a/0x420 [ 22.288044] kasan_atomics+0x96/0x310 [ 22.288287] kunit_try_run_case+0x1a6/0x480 [ 22.288752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.289440] kthread+0x324/0x6e0 [ 22.289811] ret_from_fork+0x41/0x80 [ 22.290216] ret_from_fork_asm+0x1a/0x30 [ 22.290673] [ 22.290940] The buggy address belongs to the object at ffff888102993400 [ 22.290940] which belongs to the cache kmalloc-64 of size 64 [ 22.291814] The buggy address is located 0 bytes to the right of [ 22.291814] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.292725] [ 22.292952] The buggy address belongs to the physical page: [ 22.293522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.293991] flags: 0x200000000000000(node=0|zone=2) [ 22.294504] page_type: f5(slab) [ 22.294781] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.295536] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.296046] page dumped because: kasan: bad access detected [ 22.296400] [ 22.296632] Memory state around the buggy address: [ 22.297152] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.297595] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.298258] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.298596] ^ [ 22.299093] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.299559] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.300156] ================================================================== [ 22.196025] ================================================================== [ 22.196552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 22.196878] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.197203] [ 22.197396] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.197508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.197543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.197598] Call Trace: [ 22.197648] <TASK> [ 22.197695] dump_stack_lvl+0x73/0xb0 [ 22.197774] print_report+0xd1/0x650 [ 22.197836] ? __virt_addr_valid+0x1db/0x2d0 [ 22.197916] ? kasan_atomics_helper+0x4a04/0x5450 [ 22.197975] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.198048] ? kasan_atomics_helper+0x4a04/0x5450 [ 22.198113] kasan_report+0x140/0x180 [ 22.198178] ? kasan_atomics_helper+0x4a04/0x5450 [ 22.198254] __asan_report_load4_noabort+0x18/0x20 [ 22.198390] kasan_atomics_helper+0x4a04/0x5450 [ 22.198464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.198527] ? kasan_save_alloc_info+0x3b/0x50 [ 22.198618] ? kasan_save_track+0x18/0x40 [ 22.198698] kasan_atomics+0x1dd/0x310 [ 22.198764] ? __pfx_kasan_atomics+0x10/0x10 [ 22.198831] ? __pfx_read_tsc+0x10/0x10 [ 22.198910] ? ktime_get_ts64+0x86/0x230 [ 22.198985] kunit_try_run_case+0x1a6/0x480 [ 22.199053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.199114] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.199182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.199246] ? __kthread_parkme+0x82/0x160 [ 22.199346] ? preempt_count_sub+0x50/0x80 [ 22.199420] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.199469] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.199509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.199545] kthread+0x324/0x6e0 [ 22.199575] ? trace_preempt_on+0x20/0xc0 [ 22.199609] ? __pfx_kthread+0x10/0x10 [ 22.199639] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.199672] ? calculate_sigpending+0x7b/0xa0 [ 22.199715] ? __pfx_kthread+0x10/0x10 [ 22.199745] ret_from_fork+0x41/0x80 [ 22.199772] ? __pfx_kthread+0x10/0x10 [ 22.199801] ret_from_fork_asm+0x1a/0x30 [ 22.199844] </TASK> [ 22.199881] [ 22.212867] Allocated by task 273: [ 22.213261] kasan_save_stack+0x45/0x70 [ 22.213715] kasan_save_track+0x18/0x40 [ 22.214146] kasan_save_alloc_info+0x3b/0x50 [ 22.215113] __kasan_kmalloc+0xb7/0xc0 [ 22.215416] __kmalloc_cache_noprof+0x18a/0x420 [ 22.215697] kasan_atomics+0x96/0x310 [ 22.216107] kunit_try_run_case+0x1a6/0x480 [ 22.216384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.216822] kthread+0x324/0x6e0 [ 22.217103] ret_from_fork+0x41/0x80 [ 22.217592] ret_from_fork_asm+0x1a/0x30 [ 22.218027] [ 22.218195] The buggy address belongs to the object at ffff888102993400 [ 22.218195] which belongs to the cache kmalloc-64 of size 64 [ 22.218820] The buggy address is located 0 bytes to the right of [ 22.218820] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.220514] [ 22.220706] The buggy address belongs to the physical page: [ 22.221120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.221625] flags: 0x200000000000000(node=0|zone=2) [ 22.221928] page_type: f5(slab) [ 22.222149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.223634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.224684] page dumped because: kasan: bad access detected [ 22.225040] [ 22.225172] Memory state around the buggy address: [ 22.225943] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.226881] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.227556] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.228103] ^ [ 22.228509] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.229209] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.229911] ================================================================== [ 23.147091] ================================================================== [ 23.148702] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 23.149949] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.150817] [ 23.151347] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.151599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.151642] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.151755] Call Trace: [ 23.151792] <TASK> [ 23.151821] dump_stack_lvl+0x73/0xb0 [ 23.151888] print_report+0xd1/0x650 [ 23.151923] ? __virt_addr_valid+0x1db/0x2d0 [ 23.151957] ? kasan_atomics_helper+0x1eab/0x5450 [ 23.151987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.152022] ? kasan_atomics_helper+0x1eab/0x5450 [ 23.152051] kasan_report+0x140/0x180 [ 23.152082] ? kasan_atomics_helper+0x1eab/0x5450 [ 23.152117] kasan_check_range+0x10c/0x1c0 [ 23.152148] __kasan_check_write+0x18/0x20 [ 23.152179] kasan_atomics_helper+0x1eab/0x5450 [ 23.152209] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.152239] ? kasan_save_alloc_info+0x3b/0x50 [ 23.152268] ? kasan_save_track+0x18/0x40 [ 23.152313] kasan_atomics+0x1dd/0x310 [ 23.152350] ? __pfx_kasan_atomics+0x10/0x10 [ 23.152383] ? __pfx_read_tsc+0x10/0x10 [ 23.152415] ? ktime_get_ts64+0x86/0x230 [ 23.152450] kunit_try_run_case+0x1a6/0x480 [ 23.152484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.152515] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.152549] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.152582] ? __kthread_parkme+0x82/0x160 [ 23.152613] ? preempt_count_sub+0x50/0x80 [ 23.152648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.152680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.152715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.152749] kthread+0x324/0x6e0 [ 23.152778] ? trace_preempt_on+0x20/0xc0 [ 23.152812] ? __pfx_kthread+0x10/0x10 [ 23.152842] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.152891] ? calculate_sigpending+0x7b/0xa0 [ 23.152921] ? __pfx_kthread+0x10/0x10 [ 23.152952] ret_from_fork+0x41/0x80 [ 23.152979] ? __pfx_kthread+0x10/0x10 [ 23.153009] ret_from_fork_asm+0x1a/0x30 [ 23.153051] </TASK> [ 23.153067] [ 23.164814] Allocated by task 273: [ 23.165181] kasan_save_stack+0x45/0x70 [ 23.165543] kasan_save_track+0x18/0x40 [ 23.165801] kasan_save_alloc_info+0x3b/0x50 [ 23.166233] __kasan_kmalloc+0xb7/0xc0 [ 23.166676] __kmalloc_cache_noprof+0x18a/0x420 [ 23.167101] kasan_atomics+0x96/0x310 [ 23.167395] kunit_try_run_case+0x1a6/0x480 [ 23.167829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.168394] kthread+0x324/0x6e0 [ 23.168752] ret_from_fork+0x41/0x80 [ 23.169046] ret_from_fork_asm+0x1a/0x30 [ 23.169481] [ 23.169697] The buggy address belongs to the object at ffff888102993400 [ 23.169697] which belongs to the cache kmalloc-64 of size 64 [ 23.170532] The buggy address is located 0 bytes to the right of [ 23.170532] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.171282] [ 23.171537] The buggy address belongs to the physical page: [ 23.171829] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.172224] flags: 0x200000000000000(node=0|zone=2) [ 23.172547] page_type: f5(slab) [ 23.172768] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.173485] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.174159] page dumped because: kasan: bad access detected [ 23.174658] [ 23.174892] Memory state around the buggy address: [ 23.175366] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.175995] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.176641] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.177228] ^ [ 23.177509] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.177919] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.178273] ================================================================== [ 22.794929] ================================================================== [ 22.795531] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 22.796037] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.796632] [ 22.796897] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.796995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.797029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.797083] Call Trace: [ 22.797172] <TASK> [ 22.797238] dump_stack_lvl+0x73/0xb0 [ 22.797352] print_report+0xd1/0x650 [ 22.797391] ? __virt_addr_valid+0x1db/0x2d0 [ 22.797427] ? kasan_atomics_helper+0x18b2/0x5450 [ 22.797458] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.797514] ? kasan_atomics_helper+0x18b2/0x5450 [ 22.797569] kasan_report+0x140/0x180 [ 22.797629] ? kasan_atomics_helper+0x18b2/0x5450 [ 22.797702] kasan_check_range+0x10c/0x1c0 [ 22.797764] __kasan_check_write+0x18/0x20 [ 22.797833] kasan_atomics_helper+0x18b2/0x5450 [ 22.797919] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.797985] ? kasan_save_alloc_info+0x3b/0x50 [ 22.798050] ? kasan_save_track+0x18/0x40 [ 22.798106] kasan_atomics+0x1dd/0x310 [ 22.798141] ? __pfx_kasan_atomics+0x10/0x10 [ 22.798175] ? __pfx_read_tsc+0x10/0x10 [ 22.798208] ? ktime_get_ts64+0x86/0x230 [ 22.798245] kunit_try_run_case+0x1a6/0x480 [ 22.798278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.798333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.798371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.798405] ? __kthread_parkme+0x82/0x160 [ 22.798436] ? preempt_count_sub+0x50/0x80 [ 22.798469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.798501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.798535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.798570] kthread+0x324/0x6e0 [ 22.798599] ? trace_preempt_on+0x20/0xc0 [ 22.798632] ? __pfx_kthread+0x10/0x10 [ 22.798662] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.798693] ? calculate_sigpending+0x7b/0xa0 [ 22.798723] ? __pfx_kthread+0x10/0x10 [ 22.798753] ret_from_fork+0x41/0x80 [ 22.798779] ? __pfx_kthread+0x10/0x10 [ 22.798808] ret_from_fork_asm+0x1a/0x30 [ 22.798868] </TASK> [ 22.798885] [ 22.812336] Allocated by task 273: [ 22.812655] kasan_save_stack+0x45/0x70 [ 22.813113] kasan_save_track+0x18/0x40 [ 22.813618] kasan_save_alloc_info+0x3b/0x50 [ 22.814303] __kasan_kmalloc+0xb7/0xc0 [ 22.814685] __kmalloc_cache_noprof+0x18a/0x420 [ 22.814986] kasan_atomics+0x96/0x310 [ 22.815235] kunit_try_run_case+0x1a6/0x480 [ 22.815482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.815995] kthread+0x324/0x6e0 [ 22.816416] ret_from_fork+0x41/0x80 [ 22.816896] ret_from_fork_asm+0x1a/0x30 [ 22.817280] [ 22.817522] The buggy address belongs to the object at ffff888102993400 [ 22.817522] which belongs to the cache kmalloc-64 of size 64 [ 22.818192] The buggy address is located 0 bytes to the right of [ 22.818192] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.819033] [ 22.819194] The buggy address belongs to the physical page: [ 22.819600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.820569] flags: 0x200000000000000(node=0|zone=2) [ 22.821064] page_type: f5(slab) [ 22.821422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.822101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.822459] page dumped because: kasan: bad access detected [ 22.823007] [ 22.823226] Memory state around the buggy address: [ 22.823738] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.824525] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.824989] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.825490] ^ [ 22.825925] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.826288] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.826916] ================================================================== [ 21.537068] ================================================================== [ 21.538042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 21.539170] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.539756] [ 21.539925] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.539988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.540006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.540035] Call Trace: [ 21.540061] <TASK> [ 21.540087] dump_stack_lvl+0x73/0xb0 [ 21.540130] print_report+0xd1/0x650 [ 21.540163] ? __virt_addr_valid+0x1db/0x2d0 [ 21.540198] ? kasan_atomics_helper+0x861/0x5450 [ 21.540228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.540264] ? kasan_atomics_helper+0x861/0x5450 [ 21.540300] kasan_report+0x140/0x180 [ 21.540359] ? kasan_atomics_helper+0x861/0x5450 [ 21.540429] kasan_check_range+0x10c/0x1c0 [ 21.540499] __kasan_check_write+0x18/0x20 [ 21.540566] kasan_atomics_helper+0x861/0x5450 [ 21.540634] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.540700] ? kasan_save_alloc_info+0x3b/0x50 [ 21.540760] ? kasan_save_track+0x18/0x40 [ 21.540819] kasan_atomics+0x1dd/0x310 [ 21.540890] ? __pfx_kasan_atomics+0x10/0x10 [ 21.540949] ? __pfx_read_tsc+0x10/0x10 [ 21.540999] ? ktime_get_ts64+0x86/0x230 [ 21.541059] kunit_try_run_case+0x1a6/0x480 [ 21.541120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.541188] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.541275] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.541348] ? __kthread_parkme+0x82/0x160 [ 21.541429] ? preempt_count_sub+0x50/0x80 [ 21.541499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.541569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.541644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.541717] kthread+0x324/0x6e0 [ 21.541777] ? trace_preempt_on+0x20/0xc0 [ 21.541841] ? __pfx_kthread+0x10/0x10 [ 21.541913] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.541978] ? calculate_sigpending+0x7b/0xa0 [ 21.542036] ? __pfx_kthread+0x10/0x10 [ 21.542107] ret_from_fork+0x41/0x80 [ 21.542173] ? __pfx_kthread+0x10/0x10 [ 21.542231] ret_from_fork_asm+0x1a/0x30 [ 21.542306] </TASK> [ 21.542335] [ 21.560058] Allocated by task 273: [ 21.560478] kasan_save_stack+0x45/0x70 [ 21.560848] kasan_save_track+0x18/0x40 [ 21.561568] kasan_save_alloc_info+0x3b/0x50 [ 21.562072] __kasan_kmalloc+0xb7/0xc0 [ 21.562509] __kmalloc_cache_noprof+0x18a/0x420 [ 21.562830] kasan_atomics+0x96/0x310 [ 21.563245] kunit_try_run_case+0x1a6/0x480 [ 21.563569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.564730] kthread+0x324/0x6e0 [ 21.565042] ret_from_fork+0x41/0x80 [ 21.565303] ret_from_fork_asm+0x1a/0x30 [ 21.565701] [ 21.566113] The buggy address belongs to the object at ffff888102993400 [ 21.566113] which belongs to the cache kmalloc-64 of size 64 [ 21.566973] The buggy address is located 0 bytes to the right of [ 21.566973] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.567815] [ 21.567997] The buggy address belongs to the physical page: [ 21.568891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.569491] flags: 0x200000000000000(node=0|zone=2) [ 21.569977] page_type: f5(slab) [ 21.570245] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.571085] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.571903] page dumped because: kasan: bad access detected [ 21.572240] [ 21.572369] Memory state around the buggy address: [ 21.573683] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.574109] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.574672] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.574996] ^ [ 21.575442] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.576951] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.577433] ================================================================== [ 21.622392] ================================================================== [ 21.623236] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 21.624252] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.625796] [ 21.626055] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.626158] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.626191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.626243] Call Trace: [ 21.626306] <TASK> [ 21.626352] dump_stack_lvl+0x73/0xb0 [ 21.626433] print_report+0xd1/0x650 [ 21.626482] ? __virt_addr_valid+0x1db/0x2d0 [ 21.626518] ? kasan_atomics_helper+0x993/0x5450 [ 21.626549] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.626585] ? kasan_atomics_helper+0x993/0x5450 [ 21.626630] kasan_report+0x140/0x180 [ 21.626684] ? kasan_atomics_helper+0x993/0x5450 [ 21.626743] kasan_check_range+0x10c/0x1c0 [ 21.626800] __kasan_check_write+0x18/0x20 [ 21.626875] kasan_atomics_helper+0x993/0x5450 [ 21.626941] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.627005] ? kasan_save_alloc_info+0x3b/0x50 [ 21.627068] ? kasan_save_track+0x18/0x40 [ 21.627140] kasan_atomics+0x1dd/0x310 [ 21.627183] ? __pfx_kasan_atomics+0x10/0x10 [ 21.627218] ? __pfx_read_tsc+0x10/0x10 [ 21.627249] ? ktime_get_ts64+0x86/0x230 [ 21.627284] kunit_try_run_case+0x1a6/0x480 [ 21.627333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.627363] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.627399] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.627439] ? __kthread_parkme+0x82/0x160 [ 21.627492] ? preempt_count_sub+0x50/0x80 [ 21.627549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.627602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.627643] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.627690] kthread+0x324/0x6e0 [ 21.627720] ? trace_preempt_on+0x20/0xc0 [ 21.627754] ? __pfx_kthread+0x10/0x10 [ 21.627784] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.627817] ? calculate_sigpending+0x7b/0xa0 [ 21.627847] ? __pfx_kthread+0x10/0x10 [ 21.627896] ret_from_fork+0x41/0x80 [ 21.627924] ? __pfx_kthread+0x10/0x10 [ 21.627954] ret_from_fork_asm+0x1a/0x30 [ 21.627996] </TASK> [ 21.628011] [ 21.645956] Allocated by task 273: [ 21.646348] kasan_save_stack+0x45/0x70 [ 21.646789] kasan_save_track+0x18/0x40 [ 21.647600] kasan_save_alloc_info+0x3b/0x50 [ 21.648057] __kasan_kmalloc+0xb7/0xc0 [ 21.648493] __kmalloc_cache_noprof+0x18a/0x420 [ 21.648959] kasan_atomics+0x96/0x310 [ 21.649802] kunit_try_run_case+0x1a6/0x480 [ 21.650099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.650868] kthread+0x324/0x6e0 [ 21.651252] ret_from_fork+0x41/0x80 [ 21.651701] ret_from_fork_asm+0x1a/0x30 [ 21.652254] [ 21.652450] The buggy address belongs to the object at ffff888102993400 [ 21.652450] which belongs to the cache kmalloc-64 of size 64 [ 21.653737] The buggy address is located 0 bytes to the right of [ 21.653737] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.654491] [ 21.654706] The buggy address belongs to the physical page: [ 21.655183] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.655701] flags: 0x200000000000000(node=0|zone=2) [ 21.656930] page_type: f5(slab) [ 21.657295] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.657812] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.658355] page dumped because: kasan: bad access detected [ 21.658675] [ 21.659138] Memory state around the buggy address: [ 21.659554] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.660168] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.660811] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.661938] ^ [ 21.662524] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.663178] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.663807] ================================================================== [ 23.109960] ================================================================== [ 23.110998] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 23.111547] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.112050] [ 23.112340] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.112450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.112490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.112540] Call Trace: [ 23.112611] <TASK> [ 23.112654] dump_stack_lvl+0x73/0xb0 [ 23.112735] print_report+0xd1/0x650 [ 23.112802] ? __virt_addr_valid+0x1db/0x2d0 [ 23.112880] ? kasan_atomics_helper+0x1e13/0x5450 [ 23.112969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.113038] ? kasan_atomics_helper+0x1e13/0x5450 [ 23.113121] kasan_report+0x140/0x180 [ 23.113184] ? kasan_atomics_helper+0x1e13/0x5450 [ 23.113251] kasan_check_range+0x10c/0x1c0 [ 23.113356] __kasan_check_write+0x18/0x20 [ 23.113417] kasan_atomics_helper+0x1e13/0x5450 [ 23.113478] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.113520] ? kasan_save_alloc_info+0x3b/0x50 [ 23.113553] ? kasan_save_track+0x18/0x40 [ 23.113587] kasan_atomics+0x1dd/0x310 [ 23.113617] ? __pfx_kasan_atomics+0x10/0x10 [ 23.113650] ? __pfx_read_tsc+0x10/0x10 [ 23.113681] ? ktime_get_ts64+0x86/0x230 [ 23.113717] kunit_try_run_case+0x1a6/0x480 [ 23.113750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.113779] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.113814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.113866] ? __kthread_parkme+0x82/0x160 [ 23.113902] ? preempt_count_sub+0x50/0x80 [ 23.113936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.113967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.114004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.114039] kthread+0x324/0x6e0 [ 23.114067] ? trace_preempt_on+0x20/0xc0 [ 23.114101] ? __pfx_kthread+0x10/0x10 [ 23.114131] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.114162] ? calculate_sigpending+0x7b/0xa0 [ 23.114194] ? __pfx_kthread+0x10/0x10 [ 23.114224] ret_from_fork+0x41/0x80 [ 23.114250] ? __pfx_kthread+0x10/0x10 [ 23.114280] ret_from_fork_asm+0x1a/0x30 [ 23.114350] </TASK> [ 23.114368] [ 23.131112] Allocated by task 273: [ 23.131404] kasan_save_stack+0x45/0x70 [ 23.132085] kasan_save_track+0x18/0x40 [ 23.132515] kasan_save_alloc_info+0x3b/0x50 [ 23.132979] __kasan_kmalloc+0xb7/0xc0 [ 23.133411] __kmalloc_cache_noprof+0x18a/0x420 [ 23.133861] kasan_atomics+0x96/0x310 [ 23.134192] kunit_try_run_case+0x1a6/0x480 [ 23.134611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.135447] kthread+0x324/0x6e0 [ 23.135728] ret_from_fork+0x41/0x80 [ 23.136276] ret_from_fork_asm+0x1a/0x30 [ 23.136965] [ 23.137137] The buggy address belongs to the object at ffff888102993400 [ 23.137137] which belongs to the cache kmalloc-64 of size 64 [ 23.137986] The buggy address is located 0 bytes to the right of [ 23.137986] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.138812] [ 23.139075] The buggy address belongs to the physical page: [ 23.139358] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.140064] flags: 0x200000000000000(node=0|zone=2) [ 23.140532] page_type: f5(slab) [ 23.140874] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.141471] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.141866] page dumped because: kasan: bad access detected [ 23.142342] [ 23.142555] Memory state around the buggy address: [ 23.142942] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.143292] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.143920] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.144298] ^ [ 23.144824] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.145310] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.145994] ================================================================== [ 22.559187] ================================================================== [ 22.559978] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 22.560484] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.561072] [ 22.561246] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.561321] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.561341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.561369] Call Trace: [ 22.561399] <TASK> [ 22.561424] dump_stack_lvl+0x73/0xb0 [ 22.561471] print_report+0xd1/0x650 [ 22.561504] ? __virt_addr_valid+0x1db/0x2d0 [ 22.561537] ? kasan_atomics_helper+0x15b7/0x5450 [ 22.561567] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.561601] ? kasan_atomics_helper+0x15b7/0x5450 [ 22.561630] kasan_report+0x140/0x180 [ 22.561669] ? kasan_atomics_helper+0x15b7/0x5450 [ 22.561726] kasan_check_range+0x10c/0x1c0 [ 22.561775] __kasan_check_write+0x18/0x20 [ 22.561823] kasan_atomics_helper+0x15b7/0x5450 [ 22.561885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.561936] ? kasan_save_alloc_info+0x3b/0x50 [ 22.562001] ? kasan_save_track+0x18/0x40 [ 22.562063] kasan_atomics+0x1dd/0x310 [ 22.562119] ? __pfx_kasan_atomics+0x10/0x10 [ 22.562182] ? __pfx_read_tsc+0x10/0x10 [ 22.562238] ? ktime_get_ts64+0x86/0x230 [ 22.562301] kunit_try_run_case+0x1a6/0x480 [ 22.562363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.562416] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.562484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.562545] ? __kthread_parkme+0x82/0x160 [ 22.562601] ? preempt_count_sub+0x50/0x80 [ 22.562662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.562720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.562785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.563337] kthread+0x324/0x6e0 [ 22.563427] ? trace_preempt_on+0x20/0xc0 [ 22.563548] ? __pfx_kthread+0x10/0x10 [ 22.563606] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.563663] ? calculate_sigpending+0x7b/0xa0 [ 22.563727] ? __pfx_kthread+0x10/0x10 [ 22.563781] ret_from_fork+0x41/0x80 [ 22.563827] ? __pfx_kthread+0x10/0x10 [ 22.563903] ret_from_fork_asm+0x1a/0x30 [ 22.564006] </TASK> [ 22.564040] [ 22.592322] Allocated by task 273: [ 22.592608] kasan_save_stack+0x45/0x70 [ 22.594640] kasan_save_track+0x18/0x40 [ 22.595885] kasan_save_alloc_info+0x3b/0x50 [ 22.596865] __kasan_kmalloc+0xb7/0xc0 [ 22.597153] __kmalloc_cache_noprof+0x18a/0x420 [ 22.599664] kasan_atomics+0x96/0x310 [ 22.600879] kunit_try_run_case+0x1a6/0x480 [ 22.602123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.603405] kthread+0x324/0x6e0 [ 22.604135] ret_from_fork+0x41/0x80 [ 22.605328] ret_from_fork_asm+0x1a/0x30 [ 22.606084] [ 22.606343] The buggy address belongs to the object at ffff888102993400 [ 22.606343] which belongs to the cache kmalloc-64 of size 64 [ 22.608469] The buggy address is located 0 bytes to the right of [ 22.608469] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.609678] [ 22.609825] The buggy address belongs to the physical page: [ 22.610481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.611191] flags: 0x200000000000000(node=0|zone=2) [ 22.611691] page_type: f5(slab) [ 22.612079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.613142] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.613544] page dumped because: kasan: bad access detected [ 22.613826] [ 22.614012] Memory state around the buggy address: [ 22.614268] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.614594] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.617636] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.618761] ^ [ 22.619064] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.620612] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.622194] ================================================================== [ 23.458934] ================================================================== [ 23.459623] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 23.460665] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.461189] [ 23.461421] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.461539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.461573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.461631] Call Trace: [ 23.461680] <TASK> [ 23.461724] dump_stack_lvl+0x73/0xb0 [ 23.461815] print_report+0xd1/0x650 [ 23.461901] ? __virt_addr_valid+0x1db/0x2d0 [ 23.461961] ? kasan_atomics_helper+0x224d/0x5450 [ 23.462023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.462094] ? kasan_atomics_helper+0x224d/0x5450 [ 23.462149] kasan_report+0x140/0x180 [ 23.462210] ? kasan_atomics_helper+0x224d/0x5450 [ 23.462282] kasan_check_range+0x10c/0x1c0 [ 23.462348] __kasan_check_write+0x18/0x20 [ 23.462411] kasan_atomics_helper+0x224d/0x5450 [ 23.462469] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.462522] ? kasan_save_alloc_info+0x3b/0x50 [ 23.462577] ? kasan_save_track+0x18/0x40 [ 23.462653] kasan_atomics+0x1dd/0x310 [ 23.462703] ? __pfx_kasan_atomics+0x10/0x10 [ 23.462760] ? __pfx_read_tsc+0x10/0x10 [ 23.462819] ? ktime_get_ts64+0x86/0x230 [ 23.462904] kunit_try_run_case+0x1a6/0x480 [ 23.462972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.463030] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.463099] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.463161] ? __kthread_parkme+0x82/0x160 [ 23.463223] ? preempt_count_sub+0x50/0x80 [ 23.463290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.463355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.463417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.463484] kthread+0x324/0x6e0 [ 23.463543] ? trace_preempt_on+0x20/0xc0 [ 23.463608] ? __pfx_kthread+0x10/0x10 [ 23.463671] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.463750] ? calculate_sigpending+0x7b/0xa0 [ 23.463800] ? __pfx_kthread+0x10/0x10 [ 23.463955] ret_from_fork+0x41/0x80 [ 23.464028] ? __pfx_kthread+0x10/0x10 [ 23.464094] ret_from_fork_asm+0x1a/0x30 [ 23.464184] </TASK> [ 23.464216] [ 23.477352] Allocated by task 273: [ 23.477737] kasan_save_stack+0x45/0x70 [ 23.478246] kasan_save_track+0x18/0x40 [ 23.478684] kasan_save_alloc_info+0x3b/0x50 [ 23.479135] __kasan_kmalloc+0xb7/0xc0 [ 23.479570] __kmalloc_cache_noprof+0x18a/0x420 [ 23.480060] kasan_atomics+0x96/0x310 [ 23.480510] kunit_try_run_case+0x1a6/0x480 [ 23.480968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.481564] kthread+0x324/0x6e0 [ 23.481964] ret_from_fork+0x41/0x80 [ 23.482377] ret_from_fork_asm+0x1a/0x30 [ 23.482642] [ 23.482778] The buggy address belongs to the object at ffff888102993400 [ 23.482778] which belongs to the cache kmalloc-64 of size 64 [ 23.483792] The buggy address is located 0 bytes to the right of [ 23.483792] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.484778] [ 23.484995] The buggy address belongs to the physical page: [ 23.485422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.485827] flags: 0x200000000000000(node=0|zone=2) [ 23.486126] page_type: f5(slab) [ 23.486353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.486709] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.487529] page dumped because: kasan: bad access detected [ 23.488065] [ 23.488337] Memory state around the buggy address: [ 23.488824] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.489534] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.490200] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.490908] ^ [ 23.491368] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.491815] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.492171] ================================================================== [ 21.157050] ================================================================== [ 21.157403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 21.158050] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.158623] [ 21.159087] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.159201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.159236] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.159289] Call Trace: [ 21.159335] <TASK> [ 21.159372] dump_stack_lvl+0x73/0xb0 [ 21.159596] print_report+0xd1/0x650 [ 21.159672] ? __virt_addr_valid+0x1db/0x2d0 [ 21.159749] ? kasan_atomics_helper+0x3e0/0x5450 [ 21.159815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.160139] ? kasan_atomics_helper+0x3e0/0x5450 [ 21.160225] kasan_report+0x140/0x180 [ 21.160357] ? kasan_atomics_helper+0x3e0/0x5450 [ 21.160400] kasan_check_range+0x10c/0x1c0 [ 21.160442] __kasan_check_read+0x15/0x20 [ 21.160764] kasan_atomics_helper+0x3e0/0x5450 [ 21.160799] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.160832] ? kasan_save_alloc_info+0x3b/0x50 [ 21.160888] ? kasan_save_track+0x18/0x40 [ 21.160921] kasan_atomics+0x1dd/0x310 [ 21.160954] ? __pfx_kasan_atomics+0x10/0x10 [ 21.160985] ? __pfx_read_tsc+0x10/0x10 [ 21.161016] ? ktime_get_ts64+0x86/0x230 [ 21.161052] kunit_try_run_case+0x1a6/0x480 [ 21.161086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.161116] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.161150] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.161182] ? __kthread_parkme+0x82/0x160 [ 21.161212] ? preempt_count_sub+0x50/0x80 [ 21.161246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.161279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.161328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.161366] kthread+0x324/0x6e0 [ 21.161395] ? trace_preempt_on+0x20/0xc0 [ 21.161435] ? __pfx_kthread+0x10/0x10 [ 21.161487] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.161543] ? calculate_sigpending+0x7b/0xa0 [ 21.161579] ? __pfx_kthread+0x10/0x10 [ 21.161610] ret_from_fork+0x41/0x80 [ 21.161639] ? __pfx_kthread+0x10/0x10 [ 21.161669] ret_from_fork_asm+0x1a/0x30 [ 21.161712] </TASK> [ 21.161728] [ 21.178499] Allocated by task 273: [ 21.178939] kasan_save_stack+0x45/0x70 [ 21.179759] kasan_save_track+0x18/0x40 [ 21.180290] kasan_save_alloc_info+0x3b/0x50 [ 21.181055] __kasan_kmalloc+0xb7/0xc0 [ 21.181365] __kmalloc_cache_noprof+0x18a/0x420 [ 21.181885] kasan_atomics+0x96/0x310 [ 21.182803] kunit_try_run_case+0x1a6/0x480 [ 21.183195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.183979] kthread+0x324/0x6e0 [ 21.184539] ret_from_fork+0x41/0x80 [ 21.185070] ret_from_fork_asm+0x1a/0x30 [ 21.185649] [ 21.185805] The buggy address belongs to the object at ffff888102993400 [ 21.185805] which belongs to the cache kmalloc-64 of size 64 [ 21.187431] The buggy address is located 0 bytes to the right of [ 21.187431] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.188165] [ 21.188754] The buggy address belongs to the physical page: [ 21.189315] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.190218] flags: 0x200000000000000(node=0|zone=2) [ 21.190737] page_type: f5(slab) [ 21.190985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.192285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.192990] page dumped because: kasan: bad access detected [ 21.193814] [ 21.194173] Memory state around the buggy address: [ 21.195164] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.195794] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196362] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.196966] ^ [ 21.197320] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.197784] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.198619] ================================================================== [ 22.865769] ================================================================== [ 22.866330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 22.866954] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.867535] [ 22.867901] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.868039] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.868093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.868151] Call Trace: [ 22.868196] <TASK> [ 22.868242] dump_stack_lvl+0x73/0xb0 [ 22.868372] print_report+0xd1/0x650 [ 22.868466] ? __virt_addr_valid+0x1db/0x2d0 [ 22.868535] ? kasan_atomics_helper+0x19e4/0x5450 [ 22.868597] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.868659] ? kasan_atomics_helper+0x19e4/0x5450 [ 22.868693] kasan_report+0x140/0x180 [ 22.868727] ? kasan_atomics_helper+0x19e4/0x5450 [ 22.868762] kasan_check_range+0x10c/0x1c0 [ 22.868795] __kasan_check_write+0x18/0x20 [ 22.868826] kasan_atomics_helper+0x19e4/0x5450 [ 22.868881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.868931] ? kasan_save_alloc_info+0x3b/0x50 [ 22.868963] ? kasan_save_track+0x18/0x40 [ 22.868995] kasan_atomics+0x1dd/0x310 [ 22.869027] ? __pfx_kasan_atomics+0x10/0x10 [ 22.869059] ? __pfx_read_tsc+0x10/0x10 [ 22.869089] ? ktime_get_ts64+0x86/0x230 [ 22.869124] kunit_try_run_case+0x1a6/0x480 [ 22.869158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.869187] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.869222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.869255] ? __kthread_parkme+0x82/0x160 [ 22.869300] ? preempt_count_sub+0x50/0x80 [ 22.869344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.869378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.869415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.869448] kthread+0x324/0x6e0 [ 22.869476] ? trace_preempt_on+0x20/0xc0 [ 22.869509] ? __pfx_kthread+0x10/0x10 [ 22.869539] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.869570] ? calculate_sigpending+0x7b/0xa0 [ 22.869600] ? __pfx_kthread+0x10/0x10 [ 22.869630] ret_from_fork+0x41/0x80 [ 22.869655] ? __pfx_kthread+0x10/0x10 [ 22.869684] ret_from_fork_asm+0x1a/0x30 [ 22.869727] </TASK> [ 22.869743] [ 22.884469] Allocated by task 273: [ 22.884945] kasan_save_stack+0x45/0x70 [ 22.885455] kasan_save_track+0x18/0x40 [ 22.885875] kasan_save_alloc_info+0x3b/0x50 [ 22.886402] __kasan_kmalloc+0xb7/0xc0 [ 22.886839] __kmalloc_cache_noprof+0x18a/0x420 [ 22.887328] kasan_atomics+0x96/0x310 [ 22.887623] kunit_try_run_case+0x1a6/0x480 [ 22.888151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.888742] kthread+0x324/0x6e0 [ 22.889172] ret_from_fork+0x41/0x80 [ 22.889650] ret_from_fork_asm+0x1a/0x30 [ 22.890031] [ 22.890311] The buggy address belongs to the object at ffff888102993400 [ 22.890311] which belongs to the cache kmalloc-64 of size 64 [ 22.891163] The buggy address is located 0 bytes to the right of [ 22.891163] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.891896] [ 22.892127] The buggy address belongs to the physical page: [ 22.892503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.893117] flags: 0x200000000000000(node=0|zone=2) [ 22.893450] page_type: f5(slab) [ 22.893683] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.894563] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.895280] page dumped because: kasan: bad access detected [ 22.895956] [ 22.896435] Memory state around the buggy address: [ 22.897324] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.897756] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.898432] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.898935] ^ [ 22.899307] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.899911] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.900287] ================================================================== [ 21.035262] ================================================================== [ 21.035612] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 21.036352] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.037076] [ 21.037479] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.037588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.037621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.037709] Call Trace: [ 21.037756] <TASK> [ 21.037877] dump_stack_lvl+0x73/0xb0 [ 21.037975] print_report+0xd1/0x650 [ 21.038055] ? __virt_addr_valid+0x1db/0x2d0 [ 21.038119] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.038179] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.038243] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.038311] kasan_report+0x140/0x180 [ 21.038374] ? kasan_atomics_helper+0x4ba4/0x5450 [ 21.038440] __asan_report_store4_noabort+0x1b/0x30 [ 21.038498] kasan_atomics_helper+0x4ba4/0x5450 [ 21.038546] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.038589] ? kasan_save_alloc_info+0x3b/0x50 [ 21.038630] ? kasan_save_track+0x18/0x40 [ 21.038674] kasan_atomics+0x1dd/0x310 [ 21.038713] ? __pfx_kasan_atomics+0x10/0x10 [ 21.038759] ? __pfx_read_tsc+0x10/0x10 [ 21.038804] ? ktime_get_ts64+0x86/0x230 [ 21.038871] kunit_try_run_case+0x1a6/0x480 [ 21.038923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.038966] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.039017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.039073] ? __kthread_parkme+0x82/0x160 [ 21.039128] ? preempt_count_sub+0x50/0x80 [ 21.039190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.039248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.039317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.039426] kthread+0x324/0x6e0 [ 21.039505] ? trace_preempt_on+0x20/0xc0 [ 21.039556] ? __pfx_kthread+0x10/0x10 [ 21.039604] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.039653] ? calculate_sigpending+0x7b/0xa0 [ 21.039712] ? __pfx_kthread+0x10/0x10 [ 21.039761] ret_from_fork+0x41/0x80 [ 21.039802] ? __pfx_kthread+0x10/0x10 [ 21.039866] ret_from_fork_asm+0x1a/0x30 [ 21.039944] </TASK> [ 21.039973] [ 21.056274] Allocated by task 273: [ 21.056716] kasan_save_stack+0x45/0x70 [ 21.057420] kasan_save_track+0x18/0x40 [ 21.057820] kasan_save_alloc_info+0x3b/0x50 [ 21.058080] __kasan_kmalloc+0xb7/0xc0 [ 21.058626] __kmalloc_cache_noprof+0x18a/0x420 [ 21.059031] kasan_atomics+0x96/0x310 [ 21.059395] kunit_try_run_case+0x1a6/0x480 [ 21.059926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.060228] kthread+0x324/0x6e0 [ 21.060510] ret_from_fork+0x41/0x80 [ 21.060966] ret_from_fork_asm+0x1a/0x30 [ 21.061407] [ 21.061642] The buggy address belongs to the object at ffff888102993400 [ 21.061642] which belongs to the cache kmalloc-64 of size 64 [ 21.063276] The buggy address is located 0 bytes to the right of [ 21.063276] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.064736] [ 21.064988] The buggy address belongs to the physical page: [ 21.065953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.066623] flags: 0x200000000000000(node=0|zone=2) [ 21.066966] page_type: f5(slab) [ 21.067359] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.068539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.068908] page dumped because: kasan: bad access detected [ 21.069685] [ 21.069921] Memory state around the buggy address: [ 21.070341] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.071051] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.072005] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.072441] ^ [ 21.072705] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.073338] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.074223] ================================================================== [ 23.246686] ================================================================== [ 23.247157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 23.247938] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 23.248635] [ 23.248898] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.249006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.249041] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.249090] Call Trace: [ 23.249135] <TASK> [ 23.249175] dump_stack_lvl+0x73/0xb0 [ 23.249253] print_report+0xd1/0x650 [ 23.249362] ? __virt_addr_valid+0x1db/0x2d0 [ 23.249423] ? kasan_atomics_helper+0x2007/0x5450 [ 23.249477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.249544] ? kasan_atomics_helper+0x2007/0x5450 [ 23.249599] kasan_report+0x140/0x180 [ 23.249660] ? kasan_atomics_helper+0x2007/0x5450 [ 23.249735] kasan_check_range+0x10c/0x1c0 [ 23.249800] __kasan_check_write+0x18/0x20 [ 23.249879] kasan_atomics_helper+0x2007/0x5450 [ 23.249948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.250015] ? kasan_save_alloc_info+0x3b/0x50 [ 23.250053] ? kasan_save_track+0x18/0x40 [ 23.250087] kasan_atomics+0x1dd/0x310 [ 23.250118] ? __pfx_kasan_atomics+0x10/0x10 [ 23.250150] ? __pfx_read_tsc+0x10/0x10 [ 23.250182] ? ktime_get_ts64+0x86/0x230 [ 23.250217] kunit_try_run_case+0x1a6/0x480 [ 23.250251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.250279] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.250342] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.250377] ? __kthread_parkme+0x82/0x160 [ 23.250409] ? preempt_count_sub+0x50/0x80 [ 23.250444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.250475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.250511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.250546] kthread+0x324/0x6e0 [ 23.250576] ? trace_preempt_on+0x20/0xc0 [ 23.250609] ? __pfx_kthread+0x10/0x10 [ 23.250639] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.250670] ? calculate_sigpending+0x7b/0xa0 [ 23.250701] ? __pfx_kthread+0x10/0x10 [ 23.250730] ret_from_fork+0x41/0x80 [ 23.250757] ? __pfx_kthread+0x10/0x10 [ 23.250786] ret_from_fork_asm+0x1a/0x30 [ 23.250830] </TASK> [ 23.250863] [ 23.266841] Allocated by task 273: [ 23.267313] kasan_save_stack+0x45/0x70 [ 23.267817] kasan_save_track+0x18/0x40 [ 23.268589] kasan_save_alloc_info+0x3b/0x50 [ 23.268942] __kasan_kmalloc+0xb7/0xc0 [ 23.269492] __kmalloc_cache_noprof+0x18a/0x420 [ 23.269935] kasan_atomics+0x96/0x310 [ 23.270570] kunit_try_run_case+0x1a6/0x480 [ 23.271139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.271597] kthread+0x324/0x6e0 [ 23.272018] ret_from_fork+0x41/0x80 [ 23.272294] ret_from_fork_asm+0x1a/0x30 [ 23.272759] [ 23.273194] The buggy address belongs to the object at ffff888102993400 [ 23.273194] which belongs to the cache kmalloc-64 of size 64 [ 23.274299] The buggy address is located 0 bytes to the right of [ 23.274299] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 23.274997] [ 23.275536] The buggy address belongs to the physical page: [ 23.276132] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 23.277022] flags: 0x200000000000000(node=0|zone=2) [ 23.277366] page_type: f5(slab) [ 23.277498] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.277682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.277881] page dumped because: kasan: bad access detected [ 23.278354] [ 23.278567] Memory state around the buggy address: [ 23.279086] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.279774] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.280463] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.280900] ^ [ 23.281258] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.281966] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.282541] ================================================================== [ 22.415056] ================================================================== [ 22.415780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 22.416452] Read of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.416928] [ 22.417084] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.417154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.417173] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.417203] Call Trace: [ 22.417228] <TASK> [ 22.417253] dump_stack_lvl+0x73/0xb0 [ 22.417315] print_report+0xd1/0x650 [ 22.417354] ? __virt_addr_valid+0x1db/0x2d0 [ 22.417389] ? kasan_atomics_helper+0x4eb0/0x5450 [ 22.417420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.417456] ? kasan_atomics_helper+0x4eb0/0x5450 [ 22.417488] kasan_report+0x140/0x180 [ 22.417519] ? kasan_atomics_helper+0x4eb0/0x5450 [ 22.417553] __asan_report_load8_noabort+0x18/0x20 [ 22.417586] kasan_atomics_helper+0x4eb0/0x5450 [ 22.417616] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.417647] ? kasan_save_alloc_info+0x3b/0x50 [ 22.417677] ? kasan_save_track+0x18/0x40 [ 22.417709] kasan_atomics+0x1dd/0x310 [ 22.417740] ? __pfx_kasan_atomics+0x10/0x10 [ 22.417771] ? __pfx_read_tsc+0x10/0x10 [ 22.417801] ? ktime_get_ts64+0x86/0x230 [ 22.417837] kunit_try_run_case+0x1a6/0x480 [ 22.417906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.417965] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.418306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.418404] ? __kthread_parkme+0x82/0x160 [ 22.418474] ? preempt_count_sub+0x50/0x80 [ 22.418544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.418609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.418678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.418747] kthread+0x324/0x6e0 [ 22.418805] ? trace_preempt_on+0x20/0xc0 [ 22.418893] ? __pfx_kthread+0x10/0x10 [ 22.418982] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.419074] ? calculate_sigpending+0x7b/0xa0 [ 22.419141] ? __pfx_kthread+0x10/0x10 [ 22.419202] ret_from_fork+0x41/0x80 [ 22.419235] ? __pfx_kthread+0x10/0x10 [ 22.419267] ret_from_fork_asm+0x1a/0x30 [ 22.419336] </TASK> [ 22.419353] [ 22.435794] Allocated by task 273: [ 22.436548] kasan_save_stack+0x45/0x70 [ 22.436790] kasan_save_track+0x18/0x40 [ 22.437270] kasan_save_alloc_info+0x3b/0x50 [ 22.437775] __kasan_kmalloc+0xb7/0xc0 [ 22.438106] __kmalloc_cache_noprof+0x18a/0x420 [ 22.438598] kasan_atomics+0x96/0x310 [ 22.439096] kunit_try_run_case+0x1a6/0x480 [ 22.439503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.439947] kthread+0x324/0x6e0 [ 22.440425] ret_from_fork+0x41/0x80 [ 22.440878] ret_from_fork_asm+0x1a/0x30 [ 22.441272] [ 22.441487] The buggy address belongs to the object at ffff888102993400 [ 22.441487] which belongs to the cache kmalloc-64 of size 64 [ 22.442102] The buggy address is located 0 bytes to the right of [ 22.442102] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.443359] [ 22.443749] The buggy address belongs to the physical page: [ 22.444023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.444874] flags: 0x200000000000000(node=0|zone=2) [ 22.445156] page_type: f5(slab) [ 22.445675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.446207] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.446998] page dumped because: kasan: bad access detected [ 22.447543] [ 22.447825] Memory state around the buggy address: [ 22.448217] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.449107] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.449656] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.450237] ^ [ 22.450576] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.451101] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.451823] ================================================================== [ 21.076265] ================================================================== [ 21.076761] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 21.077417] Read of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.078002] [ 21.078196] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.078338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.078379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.078431] Call Trace: [ 21.078474] <TASK> [ 21.078512] dump_stack_lvl+0x73/0xb0 [ 21.078587] print_report+0xd1/0x650 [ 21.078649] ? __virt_addr_valid+0x1db/0x2d0 [ 21.078709] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.078807] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.078895] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.078953] kasan_report+0x140/0x180 [ 21.079014] ? kasan_atomics_helper+0x4b8a/0x5450 [ 21.079082] __asan_report_load4_noabort+0x18/0x20 [ 21.079140] kasan_atomics_helper+0x4b8a/0x5450 [ 21.079192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.079243] ? kasan_save_alloc_info+0x3b/0x50 [ 21.079338] ? kasan_save_track+0x18/0x40 [ 21.079401] kasan_atomics+0x1dd/0x310 [ 21.079490] ? __pfx_kasan_atomics+0x10/0x10 [ 21.079550] ? __pfx_read_tsc+0x10/0x10 [ 21.079599] ? ktime_get_ts64+0x86/0x230 [ 21.079658] kunit_try_run_case+0x1a6/0x480 [ 21.079723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.079771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.079829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.079906] ? __kthread_parkme+0x82/0x160 [ 21.079968] ? preempt_count_sub+0x50/0x80 [ 21.080030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.080066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.080104] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.080138] kthread+0x324/0x6e0 [ 21.080166] ? trace_preempt_on+0x20/0xc0 [ 21.080198] ? __pfx_kthread+0x10/0x10 [ 21.080226] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.080257] ? calculate_sigpending+0x7b/0xa0 [ 21.080285] ? __pfx_kthread+0x10/0x10 [ 21.080338] ret_from_fork+0x41/0x80 [ 21.080365] ? __pfx_kthread+0x10/0x10 [ 21.080393] ret_from_fork_asm+0x1a/0x30 [ 21.080446] </TASK> [ 21.080470] [ 21.095277] Allocated by task 273: [ 21.095665] kasan_save_stack+0x45/0x70 [ 21.095966] kasan_save_track+0x18/0x40 [ 21.096213] kasan_save_alloc_info+0x3b/0x50 [ 21.096650] __kasan_kmalloc+0xb7/0xc0 [ 21.097097] __kmalloc_cache_noprof+0x18a/0x420 [ 21.097756] kasan_atomics+0x96/0x310 [ 21.098730] kunit_try_run_case+0x1a6/0x480 [ 21.099197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.099886] kthread+0x324/0x6e0 [ 21.100125] ret_from_fork+0x41/0x80 [ 21.100362] ret_from_fork_asm+0x1a/0x30 [ 21.100740] [ 21.101090] The buggy address belongs to the object at ffff888102993400 [ 21.101090] which belongs to the cache kmalloc-64 of size 64 [ 21.101937] The buggy address is located 0 bytes to the right of [ 21.101937] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.102937] [ 21.103093] The buggy address belongs to the physical page: [ 21.103361] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.103743] flags: 0x200000000000000(node=0|zone=2) [ 21.104196] page_type: f5(slab) [ 21.104557] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.105232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.106665] page dumped because: kasan: bad access detected [ 21.107148] [ 21.107538] Memory state around the buggy address: [ 21.107927] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.108320] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.108665] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.109362] ^ [ 21.110194] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.111165] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.111847] ================================================================== [ 22.453318] ================================================================== [ 22.454120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 22.455078] Write of size 8 at addr ffff888102993430 by task kunit_try_catch/273 [ 22.456016] [ 22.456220] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 22.456323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.456361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.456413] Call Trace: [ 22.456440] <TASK> [ 22.456467] dump_stack_lvl+0x73/0xb0 [ 22.456510] print_report+0xd1/0x650 [ 22.456545] ? __virt_addr_valid+0x1db/0x2d0 [ 22.456598] ? kasan_atomics_helper+0x1468/0x5450 [ 22.456634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.456669] ? kasan_atomics_helper+0x1468/0x5450 [ 22.456699] kasan_report+0x140/0x180 [ 22.456730] ? kasan_atomics_helper+0x1468/0x5450 [ 22.456765] kasan_check_range+0x10c/0x1c0 [ 22.456797] __kasan_check_write+0x18/0x20 [ 22.456827] kasan_atomics_helper+0x1468/0x5450 [ 22.456884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.456944] ? kasan_save_alloc_info+0x3b/0x50 [ 22.457006] ? kasan_save_track+0x18/0x40 [ 22.457074] kasan_atomics+0x1dd/0x310 [ 22.457136] ? __pfx_kasan_atomics+0x10/0x10 [ 22.457201] ? __pfx_read_tsc+0x10/0x10 [ 22.457261] ? ktime_get_ts64+0x86/0x230 [ 22.457329] kunit_try_run_case+0x1a6/0x480 [ 22.457397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.457457] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 22.457530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.457599] ? __kthread_parkme+0x82/0x160 [ 22.457662] ? preempt_count_sub+0x50/0x80 [ 22.457701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.457735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.457773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.457808] kthread+0x324/0x6e0 [ 22.457837] ? trace_preempt_on+0x20/0xc0 [ 22.457892] ? __pfx_kthread+0x10/0x10 [ 22.457922] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.457955] ? calculate_sigpending+0x7b/0xa0 [ 22.457986] ? __pfx_kthread+0x10/0x10 [ 22.458016] ret_from_fork+0x41/0x80 [ 22.458042] ? __pfx_kthread+0x10/0x10 [ 22.458072] ret_from_fork_asm+0x1a/0x30 [ 22.458114] </TASK> [ 22.458129] [ 22.471751] Allocated by task 273: [ 22.472186] kasan_save_stack+0x45/0x70 [ 22.472701] kasan_save_track+0x18/0x40 [ 22.473153] kasan_save_alloc_info+0x3b/0x50 [ 22.473497] __kasan_kmalloc+0xb7/0xc0 [ 22.473814] __kmalloc_cache_noprof+0x18a/0x420 [ 22.474348] kasan_atomics+0x96/0x310 [ 22.474787] kunit_try_run_case+0x1a6/0x480 [ 22.475315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.475839] kthread+0x324/0x6e0 [ 22.476079] ret_from_fork+0x41/0x80 [ 22.476543] ret_from_fork_asm+0x1a/0x30 [ 22.476918] [ 22.477194] The buggy address belongs to the object at ffff888102993400 [ 22.477194] which belongs to the cache kmalloc-64 of size 64 [ 22.478066] The buggy address is located 0 bytes to the right of [ 22.478066] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 22.478928] [ 22.479181] The buggy address belongs to the physical page: [ 22.479627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 22.480221] flags: 0x200000000000000(node=0|zone=2) [ 22.480672] page_type: f5(slab) [ 22.481071] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.481584] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.482198] page dumped because: kasan: bad access detected [ 22.482560] [ 22.482800] Memory state around the buggy address: [ 22.483240] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.483806] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.484402] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.485019] ^ [ 22.485518] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486112] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.486662] ================================================================== [ 21.665242] ================================================================== [ 21.665773] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 21.666285] Write of size 4 at addr ffff888102993430 by task kunit_try_catch/273 [ 21.666919] [ 21.667178] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 21.667294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.667327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.667380] Call Trace: [ 21.667423] <TASK> [ 21.667463] dump_stack_lvl+0x73/0xb0 [ 21.667538] print_report+0xd1/0x650 [ 21.667595] ? __virt_addr_valid+0x1db/0x2d0 [ 21.667655] ? kasan_atomics_helper+0xa2c/0x5450 [ 21.667723] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.667787] ? kasan_atomics_helper+0xa2c/0x5450 [ 21.667844] kasan_report+0x140/0x180 [ 21.667922] ? kasan_atomics_helper+0xa2c/0x5450 [ 21.667987] kasan_check_range+0x10c/0x1c0 [ 21.668054] __kasan_check_write+0x18/0x20 [ 21.668118] kasan_atomics_helper+0xa2c/0x5450 [ 21.668178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.668237] ? kasan_save_alloc_info+0x3b/0x50 [ 21.668295] ? kasan_save_track+0x18/0x40 [ 21.668357] kasan_atomics+0x1dd/0x310 [ 21.668423] ? __pfx_kasan_atomics+0x10/0x10 [ 21.668481] ? __pfx_read_tsc+0x10/0x10 [ 21.668535] ? ktime_get_ts64+0x86/0x230 [ 21.668592] kunit_try_run_case+0x1a6/0x480 [ 21.668649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.668697] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 21.668755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.668811] ? __kthread_parkme+0x82/0x160 [ 21.668882] ? preempt_count_sub+0x50/0x80 [ 21.668945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.669013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.669088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.669159] kthread+0x324/0x6e0 [ 21.669218] ? trace_preempt_on+0x20/0xc0 [ 21.669258] ? __pfx_kthread+0x10/0x10 [ 21.669290] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.669339] ? calculate_sigpending+0x7b/0xa0 [ 21.669371] ? __pfx_kthread+0x10/0x10 [ 21.669403] ret_from_fork+0x41/0x80 [ 21.669436] ? __pfx_kthread+0x10/0x10 [ 21.669488] ret_from_fork_asm+0x1a/0x30 [ 21.669561] </TASK> [ 21.669590] [ 21.688521] Allocated by task 273: [ 21.689072] kasan_save_stack+0x45/0x70 [ 21.689637] kasan_save_track+0x18/0x40 [ 21.690011] kasan_save_alloc_info+0x3b/0x50 [ 21.690749] __kasan_kmalloc+0xb7/0xc0 [ 21.691269] __kmalloc_cache_noprof+0x18a/0x420 [ 21.692316] kasan_atomics+0x96/0x310 [ 21.692670] kunit_try_run_case+0x1a6/0x480 [ 21.693332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.693896] kthread+0x324/0x6e0 [ 21.694278] ret_from_fork+0x41/0x80 [ 21.694709] ret_from_fork_asm+0x1a/0x30 [ 21.695172] [ 21.695324] The buggy address belongs to the object at ffff888102993400 [ 21.695324] which belongs to the cache kmalloc-64 of size 64 [ 21.697182] The buggy address is located 0 bytes to the right of [ 21.697182] allocated 48-byte region [ffff888102993400, ffff888102993430) [ 21.698901] [ 21.699051] The buggy address belongs to the physical page: [ 21.699952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102993 [ 21.700397] flags: 0x200000000000000(node=0|zone=2) [ 21.700949] page_type: f5(slab) [ 21.701390] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.702156] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.703021] page dumped because: kasan: bad access detected [ 21.703576] [ 21.703731] Memory state around the buggy address: [ 21.704032] ffff888102993300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.705143] ffff888102993380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.705715] >ffff888102993400: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.706524] ^ [ 21.706946] ffff888102993480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.707511] ffff888102993500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.708138] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.730660] ================================================================== [ 20.731709] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.732495] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.733020] [ 20.733172] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.733227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.733243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.733268] Call Trace: [ 20.733293] <TASK> [ 20.733326] dump_stack_lvl+0x73/0xb0 [ 20.733367] print_report+0xd1/0x650 [ 20.733397] ? __virt_addr_valid+0x1db/0x2d0 [ 20.733427] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.733495] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733528] kasan_report+0x140/0x180 [ 20.733556] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733595] kasan_check_range+0x10c/0x1c0 [ 20.733625] __kasan_check_write+0x18/0x20 [ 20.733653] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 20.733686] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.733720] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.733749] ? trace_hardirqs_on+0x37/0xe0 [ 20.733777] ? kasan_bitops_generic+0x93/0x1c0 [ 20.733810] kasan_bitops_generic+0x122/0x1c0 [ 20.733839] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.733899] ? __pfx_read_tsc+0x10/0x10 [ 20.733948] ? ktime_get_ts64+0x86/0x230 [ 20.734011] kunit_try_run_case+0x1a6/0x480 [ 20.734070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.734126] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.734186] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.734248] ? __kthread_parkme+0x82/0x160 [ 20.734305] ? preempt_count_sub+0x50/0x80 [ 20.734368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.734423] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.734484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.734548] kthread+0x324/0x6e0 [ 20.734605] ? trace_preempt_on+0x20/0xc0 [ 20.734664] ? __pfx_kthread+0x10/0x10 [ 20.734724] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.734783] ? calculate_sigpending+0x7b/0xa0 [ 20.734839] ? __pfx_kthread+0x10/0x10 [ 20.734913] ret_from_fork+0x41/0x80 [ 20.734959] ? __pfx_kthread+0x10/0x10 [ 20.735000] ret_from_fork_asm+0x1a/0x30 [ 20.735044] </TASK> [ 20.735057] [ 20.752002] Allocated by task 269: [ 20.752224] kasan_save_stack+0x45/0x70 [ 20.752835] kasan_save_track+0x18/0x40 [ 20.753177] kasan_save_alloc_info+0x3b/0x50 [ 20.753566] __kasan_kmalloc+0xb7/0xc0 [ 20.754254] __kmalloc_cache_noprof+0x18a/0x420 [ 20.754562] kasan_bitops_generic+0x93/0x1c0 [ 20.755173] kunit_try_run_case+0x1a6/0x480 [ 20.755719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.756083] kthread+0x324/0x6e0 [ 20.756323] ret_from_fork+0x41/0x80 [ 20.756566] ret_from_fork_asm+0x1a/0x30 [ 20.756824] [ 20.756964] The buggy address belongs to the object at ffff8881024b01a0 [ 20.756964] which belongs to the cache kmalloc-16 of size 16 [ 20.757761] The buggy address is located 8 bytes inside of [ 20.757761] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.759288] [ 20.759533] The buggy address belongs to the physical page: [ 20.760030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.760667] flags: 0x200000000000000(node=0|zone=2) [ 20.761514] page_type: f5(slab) [ 20.761885] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.762495] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.763133] page dumped because: kasan: bad access detected [ 20.763638] [ 20.763784] Memory state around the buggy address: [ 20.764230] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.764845] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.765419] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.766445] ^ [ 20.766979] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.767334] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.768020] ================================================================== [ 20.656902] ================================================================== [ 20.657752] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.658453] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.658889] [ 20.659115] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.659219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.659253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.659332] Call Trace: [ 20.659379] <TASK> [ 20.659416] dump_stack_lvl+0x73/0xb0 [ 20.659487] print_report+0xd1/0x650 [ 20.659545] ? __virt_addr_valid+0x1db/0x2d0 [ 20.659605] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659673] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.659751] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659822] kasan_report+0x140/0x180 [ 20.659894] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.659973] kasan_check_range+0x10c/0x1c0 [ 20.660024] __kasan_check_write+0x18/0x20 [ 20.660071] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 20.660136] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.660199] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.660252] ? trace_hardirqs_on+0x37/0xe0 [ 20.660343] ? kasan_bitops_generic+0x93/0x1c0 [ 20.660412] kasan_bitops_generic+0x122/0x1c0 [ 20.660474] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.660540] ? __pfx_read_tsc+0x10/0x10 [ 20.660595] ? ktime_get_ts64+0x86/0x230 [ 20.660652] kunit_try_run_case+0x1a6/0x480 [ 20.660715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.660771] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.660833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.660909] ? __kthread_parkme+0x82/0x160 [ 20.660964] ? preempt_count_sub+0x50/0x80 [ 20.661022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.661081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.661152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.661221] kthread+0x324/0x6e0 [ 20.661275] ? trace_preempt_on+0x20/0xc0 [ 20.661376] ? __pfx_kthread+0x10/0x10 [ 20.661434] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.661495] ? calculate_sigpending+0x7b/0xa0 [ 20.661551] ? __pfx_kthread+0x10/0x10 [ 20.661614] ret_from_fork+0x41/0x80 [ 20.661666] ? __pfx_kthread+0x10/0x10 [ 20.661722] ret_from_fork_asm+0x1a/0x30 [ 20.661793] </TASK> [ 20.661811] [ 20.677994] Allocated by task 269: [ 20.678439] kasan_save_stack+0x45/0x70 [ 20.678790] kasan_save_track+0x18/0x40 [ 20.679145] kasan_save_alloc_info+0x3b/0x50 [ 20.679541] __kasan_kmalloc+0xb7/0xc0 [ 20.679793] __kmalloc_cache_noprof+0x18a/0x420 [ 20.680330] kasan_bitops_generic+0x93/0x1c0 [ 20.680768] kunit_try_run_case+0x1a6/0x480 [ 20.681218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.681685] kthread+0x324/0x6e0 [ 20.682110] ret_from_fork+0x41/0x80 [ 20.682543] ret_from_fork_asm+0x1a/0x30 [ 20.682803] [ 20.682961] The buggy address belongs to the object at ffff8881024b01a0 [ 20.682961] which belongs to the cache kmalloc-16 of size 16 [ 20.684007] The buggy address is located 8 bytes inside of [ 20.684007] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.684784] [ 20.685009] The buggy address belongs to the physical page: [ 20.685586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.686238] flags: 0x200000000000000(node=0|zone=2) [ 20.686635] page_type: f5(slab) [ 20.687024] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.687759] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.688151] page dumped because: kasan: bad access detected [ 20.688719] [ 20.688970] Memory state around the buggy address: [ 20.689431] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.689955] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.690620] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.691171] ^ [ 20.691662] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.692198] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.692721] ================================================================== [ 20.808025] ================================================================== [ 20.808645] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.809289] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.809731] [ 20.809980] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.810082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.810112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.810165] Call Trace: [ 20.810207] <TASK> [ 20.810250] dump_stack_lvl+0x73/0xb0 [ 20.810318] print_report+0xd1/0x650 [ 20.810375] ? __virt_addr_valid+0x1db/0x2d0 [ 20.810428] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810493] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.810557] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810620] kasan_report+0x140/0x180 [ 20.810678] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810756] kasan_check_range+0x10c/0x1c0 [ 20.810821] __kasan_check_write+0x18/0x20 [ 20.810898] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 20.810969] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.811041] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.811100] ? trace_hardirqs_on+0x37/0xe0 [ 20.811153] ? kasan_bitops_generic+0x93/0x1c0 [ 20.811225] kasan_bitops_generic+0x122/0x1c0 [ 20.811285] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.811343] ? __pfx_read_tsc+0x10/0x10 [ 20.811398] ? ktime_get_ts64+0x86/0x230 [ 20.811458] kunit_try_run_case+0x1a6/0x480 [ 20.811516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.811564] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.811621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.811692] ? __kthread_parkme+0x82/0x160 [ 20.811754] ? preempt_count_sub+0x50/0x80 [ 20.811812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.811845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.811901] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.811934] kthread+0x324/0x6e0 [ 20.811961] ? trace_preempt_on+0x20/0xc0 [ 20.812003] ? __pfx_kthread+0x10/0x10 [ 20.812031] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.812064] ? calculate_sigpending+0x7b/0xa0 [ 20.812098] ? __pfx_kthread+0x10/0x10 [ 20.812126] ret_from_fork+0x41/0x80 [ 20.812159] ? __pfx_kthread+0x10/0x10 [ 20.812189] ret_from_fork_asm+0x1a/0x30 [ 20.812237] </TASK> [ 20.812254] [ 20.824997] Allocated by task 269: [ 20.825361] kasan_save_stack+0x45/0x70 [ 20.825623] kasan_save_track+0x18/0x40 [ 20.825883] kasan_save_alloc_info+0x3b/0x50 [ 20.826147] __kasan_kmalloc+0xb7/0xc0 [ 20.826533] __kmalloc_cache_noprof+0x18a/0x420 [ 20.827147] kasan_bitops_generic+0x93/0x1c0 [ 20.827784] kunit_try_run_case+0x1a6/0x480 [ 20.828234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.828717] kthread+0x324/0x6e0 [ 20.829073] ret_from_fork+0x41/0x80 [ 20.829304] ret_from_fork_asm+0x1a/0x30 [ 20.829694] [ 20.829916] The buggy address belongs to the object at ffff8881024b01a0 [ 20.829916] which belongs to the cache kmalloc-16 of size 16 [ 20.831247] The buggy address is located 8 bytes inside of [ 20.831247] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.831970] [ 20.832211] The buggy address belongs to the physical page: [ 20.832682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.833095] flags: 0x200000000000000(node=0|zone=2) [ 20.833416] page_type: f5(slab) [ 20.833765] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.834448] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.835098] page dumped because: kasan: bad access detected [ 20.835383] [ 20.835526] Memory state around the buggy address: [ 20.835786] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.836378] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.836910] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.837467] ^ [ 20.837727] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.838215] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.839027] ================================================================== [ 20.874328] ================================================================== [ 20.875131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.876271] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.877751] [ 20.877980] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.878088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.878120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.878173] Call Trace: [ 20.878215] <TASK> [ 20.878254] dump_stack_lvl+0x73/0xb0 [ 20.878325] print_report+0xd1/0x650 [ 20.878382] ? __virt_addr_valid+0x1db/0x2d0 [ 20.878443] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.878580] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878651] kasan_report+0x140/0x180 [ 20.878711] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.878794] kasan_check_range+0x10c/0x1c0 [ 20.878876] __kasan_check_write+0x18/0x20 [ 20.878936] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 20.879000] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.879072] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.879134] ? trace_hardirqs_on+0x37/0xe0 [ 20.879188] ? kasan_bitops_generic+0x93/0x1c0 [ 20.879257] kasan_bitops_generic+0x122/0x1c0 [ 20.879315] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.879381] ? __pfx_read_tsc+0x10/0x10 [ 20.879436] ? ktime_get_ts64+0x86/0x230 [ 20.879503] kunit_try_run_case+0x1a6/0x480 [ 20.879569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.879626] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.879704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.879769] ? __kthread_parkme+0x82/0x160 [ 20.879831] ? preempt_count_sub+0x50/0x80 [ 20.879912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.879973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.880042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.880110] kthread+0x324/0x6e0 [ 20.880167] ? trace_preempt_on+0x20/0xc0 [ 20.880226] ? __pfx_kthread+0x10/0x10 [ 20.880284] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.880335] ? calculate_sigpending+0x7b/0xa0 [ 20.880383] ? __pfx_kthread+0x10/0x10 [ 20.880438] ret_from_fork+0x41/0x80 [ 20.880489] ? __pfx_kthread+0x10/0x10 [ 20.880544] ret_from_fork_asm+0x1a/0x30 [ 20.880626] </TASK> [ 20.880654] [ 20.894175] Allocated by task 269: [ 20.894488] kasan_save_stack+0x45/0x70 [ 20.894937] kasan_save_track+0x18/0x40 [ 20.896879] kasan_save_alloc_info+0x3b/0x50 [ 20.897372] __kasan_kmalloc+0xb7/0xc0 [ 20.897774] __kmalloc_cache_noprof+0x18a/0x420 [ 20.898100] kasan_bitops_generic+0x93/0x1c0 [ 20.898355] kunit_try_run_case+0x1a6/0x480 [ 20.898786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.900894] kthread+0x324/0x6e0 [ 20.901275] ret_from_fork+0x41/0x80 [ 20.901645] ret_from_fork_asm+0x1a/0x30 [ 20.901946] [ 20.902092] The buggy address belongs to the object at ffff8881024b01a0 [ 20.902092] which belongs to the cache kmalloc-16 of size 16 [ 20.904158] The buggy address is located 8 bytes inside of [ 20.904158] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.904693] [ 20.904777] The buggy address belongs to the physical page: [ 20.904996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.906009] flags: 0x200000000000000(node=0|zone=2) [ 20.906553] page_type: f5(slab) [ 20.906999] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.907786] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.908715] page dumped because: kasan: bad access detected [ 20.909002] [ 20.909166] Memory state around the buggy address: [ 20.909592] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.910397] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.911066] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.911594] ^ [ 20.911951] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.912455] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.912880] ================================================================== [ 20.914148] ================================================================== [ 20.914821] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.915599] Read of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.916238] [ 20.916543] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.916648] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.916680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.916756] Call Trace: [ 20.916799] <TASK> [ 20.916871] dump_stack_lvl+0x73/0xb0 [ 20.916945] print_report+0xd1/0x650 [ 20.917001] ? __virt_addr_valid+0x1db/0x2d0 [ 20.917060] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.917227] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917304] kasan_report+0x140/0x180 [ 20.917364] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917498] kasan_check_range+0x10c/0x1c0 [ 20.917584] __kasan_check_read+0x15/0x20 [ 20.917645] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 20.917708] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.917777] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.917841] ? trace_hardirqs_on+0x37/0xe0 [ 20.917920] ? kasan_bitops_generic+0x93/0x1c0 [ 20.917964] kasan_bitops_generic+0x122/0x1c0 [ 20.917997] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.918029] ? __pfx_read_tsc+0x10/0x10 [ 20.918058] ? ktime_get_ts64+0x86/0x230 [ 20.918092] kunit_try_run_case+0x1a6/0x480 [ 20.918121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.918149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.918180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.918212] ? __kthread_parkme+0x82/0x160 [ 20.918241] ? preempt_count_sub+0x50/0x80 [ 20.918272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.918322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.918359] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.918393] kthread+0x324/0x6e0 [ 20.918419] ? trace_preempt_on+0x20/0xc0 [ 20.918447] ? __pfx_kthread+0x10/0x10 [ 20.918475] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.918503] ? calculate_sigpending+0x7b/0xa0 [ 20.918530] ? __pfx_kthread+0x10/0x10 [ 20.918559] ret_from_fork+0x41/0x80 [ 20.918582] ? __pfx_kthread+0x10/0x10 [ 20.918610] ret_from_fork_asm+0x1a/0x30 [ 20.918650] </TASK> [ 20.918663] [ 20.932390] Allocated by task 269: [ 20.932729] kasan_save_stack+0x45/0x70 [ 20.933018] kasan_save_track+0x18/0x40 [ 20.933480] kasan_save_alloc_info+0x3b/0x50 [ 20.933950] __kasan_kmalloc+0xb7/0xc0 [ 20.934424] __kmalloc_cache_noprof+0x18a/0x420 [ 20.934882] kasan_bitops_generic+0x93/0x1c0 [ 20.935220] kunit_try_run_case+0x1a6/0x480 [ 20.935516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.936111] kthread+0x324/0x6e0 [ 20.936687] ret_from_fork+0x41/0x80 [ 20.937238] ret_from_fork_asm+0x1a/0x30 [ 20.937896] [ 20.938117] The buggy address belongs to the object at ffff8881024b01a0 [ 20.938117] which belongs to the cache kmalloc-16 of size 16 [ 20.938669] The buggy address is located 8 bytes inside of [ 20.938669] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.939705] [ 20.939944] The buggy address belongs to the physical page: [ 20.940353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.941033] flags: 0x200000000000000(node=0|zone=2) [ 20.941610] page_type: f5(slab) [ 20.941970] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.942585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.942999] page dumped because: kasan: bad access detected [ 20.943643] [ 20.943869] Memory state around the buggy address: [ 20.944429] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.945187] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.945696] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.946041] ^ [ 20.946328] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.946897] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.947809] ================================================================== [ 20.840226] ================================================================== [ 20.840770] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.841846] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.842300] [ 20.842476] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.842579] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.842613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.842664] Call Trace: [ 20.842709] <TASK> [ 20.842749] dump_stack_lvl+0x73/0xb0 [ 20.842818] print_report+0xd1/0x650 [ 20.842891] ? __virt_addr_valid+0x1db/0x2d0 [ 20.842948] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.843082] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843153] kasan_report+0x140/0x180 [ 20.843212] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843289] kasan_check_range+0x10c/0x1c0 [ 20.843347] __kasan_check_write+0x18/0x20 [ 20.843407] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 20.843474] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.843548] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.843610] ? trace_hardirqs_on+0x37/0xe0 [ 20.843670] ? kasan_bitops_generic+0x93/0x1c0 [ 20.843751] kasan_bitops_generic+0x122/0x1c0 [ 20.843814] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.843894] ? __pfx_read_tsc+0x10/0x10 [ 20.843952] ? ktime_get_ts64+0x86/0x230 [ 20.844019] kunit_try_run_case+0x1a6/0x480 [ 20.844081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.844137] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.844210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.844259] ? __kthread_parkme+0x82/0x160 [ 20.844309] ? preempt_count_sub+0x50/0x80 [ 20.844366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.844425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.844488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.844548] kthread+0x324/0x6e0 [ 20.844604] ? trace_preempt_on+0x20/0xc0 [ 20.844661] ? __pfx_kthread+0x10/0x10 [ 20.844717] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.844778] ? calculate_sigpending+0x7b/0xa0 [ 20.844834] ? __pfx_kthread+0x10/0x10 [ 20.844911] ret_from_fork+0x41/0x80 [ 20.844960] ? __pfx_kthread+0x10/0x10 [ 20.845019] ret_from_fork_asm+0x1a/0x30 [ 20.845101] </TASK> [ 20.845131] [ 20.859063] Allocated by task 269: [ 20.859373] kasan_save_stack+0x45/0x70 [ 20.859691] kasan_save_track+0x18/0x40 [ 20.860030] kasan_save_alloc_info+0x3b/0x50 [ 20.860414] __kasan_kmalloc+0xb7/0xc0 [ 20.860807] __kmalloc_cache_noprof+0x18a/0x420 [ 20.861120] kasan_bitops_generic+0x93/0x1c0 [ 20.861666] kunit_try_run_case+0x1a6/0x480 [ 20.862028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.862443] kthread+0x324/0x6e0 [ 20.862798] ret_from_fork+0x41/0x80 [ 20.863131] ret_from_fork_asm+0x1a/0x30 [ 20.863632] [ 20.863868] The buggy address belongs to the object at ffff8881024b01a0 [ 20.863868] which belongs to the cache kmalloc-16 of size 16 [ 20.864639] The buggy address is located 8 bytes inside of [ 20.864639] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.865558] [ 20.865708] The buggy address belongs to the physical page: [ 20.866236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.866778] flags: 0x200000000000000(node=0|zone=2) [ 20.867074] page_type: f5(slab) [ 20.867331] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.867693] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.868261] page dumped because: kasan: bad access detected [ 20.868817] [ 20.869045] Memory state around the buggy address: [ 20.869471] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.870505] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.871137] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.871905] ^ [ 20.872177] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.872991] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.873320] ================================================================== [ 20.949460] ================================================================== [ 20.950159] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.951053] Read of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.951667] [ 20.951891] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.952001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.952034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.952082] Call Trace: [ 20.952125] <TASK> [ 20.952167] dump_stack_lvl+0x73/0xb0 [ 20.952237] print_report+0xd1/0x650 [ 20.952333] ? __virt_addr_valid+0x1db/0x2d0 [ 20.952398] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952465] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.952541] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952627] kasan_report+0x140/0x180 [ 20.952692] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952774] __asan_report_load8_noabort+0x18/0x20 [ 20.952838] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 20.952919] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.952969] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.953002] ? trace_hardirqs_on+0x37/0xe0 [ 20.953034] ? kasan_bitops_generic+0x93/0x1c0 [ 20.953068] kasan_bitops_generic+0x122/0x1c0 [ 20.953098] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.953130] ? __pfx_read_tsc+0x10/0x10 [ 20.953159] ? ktime_get_ts64+0x86/0x230 [ 20.953190] kunit_try_run_case+0x1a6/0x480 [ 20.953220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.953248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.953278] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.953334] ? __kthread_parkme+0x82/0x160 [ 20.953365] ? preempt_count_sub+0x50/0x80 [ 20.953398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.953426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.953459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.953492] kthread+0x324/0x6e0 [ 20.953519] ? trace_preempt_on+0x20/0xc0 [ 20.953546] ? __pfx_kthread+0x10/0x10 [ 20.953575] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.953602] ? calculate_sigpending+0x7b/0xa0 [ 20.953631] ? __pfx_kthread+0x10/0x10 [ 20.953660] ret_from_fork+0x41/0x80 [ 20.953684] ? __pfx_kthread+0x10/0x10 [ 20.953712] ret_from_fork_asm+0x1a/0x30 [ 20.953752] </TASK> [ 20.953765] [ 20.970609] Allocated by task 269: [ 20.970969] kasan_save_stack+0x45/0x70 [ 20.971515] kasan_save_track+0x18/0x40 [ 20.971976] kasan_save_alloc_info+0x3b/0x50 [ 20.972499] __kasan_kmalloc+0xb7/0xc0 [ 20.972932] __kmalloc_cache_noprof+0x18a/0x420 [ 20.973377] kasan_bitops_generic+0x93/0x1c0 [ 20.973694] kunit_try_run_case+0x1a6/0x480 [ 20.974043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.974388] kthread+0x324/0x6e0 [ 20.974707] ret_from_fork+0x41/0x80 [ 20.975052] ret_from_fork_asm+0x1a/0x30 [ 20.975343] [ 20.975487] The buggy address belongs to the object at ffff8881024b01a0 [ 20.975487] which belongs to the cache kmalloc-16 of size 16 [ 20.976596] The buggy address is located 8 bytes inside of [ 20.976596] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.977437] [ 20.977710] The buggy address belongs to the physical page: [ 20.978093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.978510] flags: 0x200000000000000(node=0|zone=2) [ 20.979040] page_type: f5(slab) [ 20.979506] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.980233] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.980913] page dumped because: kasan: bad access detected [ 20.981474] [ 20.981703] Memory state around the buggy address: [ 20.982152] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.982798] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.983354] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.983795] ^ [ 20.984289] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.984841] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.985225] ================================================================== [ 20.770514] ================================================================== [ 20.770993] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.771780] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.772412] [ 20.773021] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.773243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.773266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.773306] Call Trace: [ 20.773346] <TASK> [ 20.773376] dump_stack_lvl+0x73/0xb0 [ 20.773417] print_report+0xd1/0x650 [ 20.773446] ? __virt_addr_valid+0x1db/0x2d0 [ 20.773476] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.773543] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773577] kasan_report+0x140/0x180 [ 20.773605] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773644] kasan_check_range+0x10c/0x1c0 [ 20.773673] __kasan_check_write+0x18/0x20 [ 20.773702] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 20.773736] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.773770] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.773801] ? trace_hardirqs_on+0x37/0xe0 [ 20.773829] ? kasan_bitops_generic+0x93/0x1c0 [ 20.773882] kasan_bitops_generic+0x122/0x1c0 [ 20.773913] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.773943] ? __pfx_read_tsc+0x10/0x10 [ 20.773970] ? ktime_get_ts64+0x86/0x230 [ 20.774003] kunit_try_run_case+0x1a6/0x480 [ 20.774032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.774059] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.774089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.774118] ? __kthread_parkme+0x82/0x160 [ 20.774147] ? preempt_count_sub+0x50/0x80 [ 20.774178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.774206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.774239] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.774270] kthread+0x324/0x6e0 [ 20.774301] ? trace_preempt_on+0x20/0xc0 [ 20.774340] ? __pfx_kthread+0x10/0x10 [ 20.774368] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.774396] ? calculate_sigpending+0x7b/0xa0 [ 20.774423] ? __pfx_kthread+0x10/0x10 [ 20.774452] ret_from_fork+0x41/0x80 [ 20.774475] ? __pfx_kthread+0x10/0x10 [ 20.774502] ret_from_fork_asm+0x1a/0x30 [ 20.774542] </TASK> [ 20.774555] [ 20.791911] Allocated by task 269: [ 20.792185] kasan_save_stack+0x45/0x70 [ 20.792628] kasan_save_track+0x18/0x40 [ 20.793035] kasan_save_alloc_info+0x3b/0x50 [ 20.793839] __kasan_kmalloc+0xb7/0xc0 [ 20.794153] __kmalloc_cache_noprof+0x18a/0x420 [ 20.794761] kasan_bitops_generic+0x93/0x1c0 [ 20.795264] kunit_try_run_case+0x1a6/0x480 [ 20.795841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.796223] kthread+0x324/0x6e0 [ 20.796837] ret_from_fork+0x41/0x80 [ 20.797145] ret_from_fork_asm+0x1a/0x30 [ 20.797450] [ 20.797971] The buggy address belongs to the object at ffff8881024b01a0 [ 20.797971] which belongs to the cache kmalloc-16 of size 16 [ 20.798690] The buggy address is located 8 bytes inside of [ 20.798690] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.799912] [ 20.800447] The buggy address belongs to the physical page: [ 20.800976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.801197] flags: 0x200000000000000(node=0|zone=2) [ 20.801409] page_type: f5(slab) [ 20.801728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.802273] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.802718] page dumped because: kasan: bad access detected [ 20.803273] [ 20.803493] Memory state around the buggy address: [ 20.803914] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.804411] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.804783] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.805434] ^ [ 20.805753] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806207] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.806850] ================================================================== [ 20.694012] ================================================================== [ 20.694657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.695267] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.695823] [ 20.696071] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.696175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.696210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.696255] Call Trace: [ 20.696335] <TASK> [ 20.696399] dump_stack_lvl+0x73/0xb0 [ 20.696492] print_report+0xd1/0x650 [ 20.696545] ? __virt_addr_valid+0x1db/0x2d0 [ 20.696594] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.696693] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696743] kasan_report+0x140/0x180 [ 20.696785] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.696848] kasan_check_range+0x10c/0x1c0 [ 20.696925] __kasan_check_write+0x18/0x20 [ 20.696984] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 20.697055] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.697189] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.697240] ? trace_hardirqs_on+0x37/0xe0 [ 20.697334] ? kasan_bitops_generic+0x93/0x1c0 [ 20.697436] kasan_bitops_generic+0x122/0x1c0 [ 20.697500] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.697559] ? __pfx_read_tsc+0x10/0x10 [ 20.697615] ? ktime_get_ts64+0x86/0x230 [ 20.697673] kunit_try_run_case+0x1a6/0x480 [ 20.697760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.697816] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.697917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.697981] ? __kthread_parkme+0x82/0x160 [ 20.698041] ? preempt_count_sub+0x50/0x80 [ 20.698104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.698168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.698232] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.698350] kthread+0x324/0x6e0 [ 20.698413] ? trace_preempt_on+0x20/0xc0 [ 20.698469] ? __pfx_kthread+0x10/0x10 [ 20.698549] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.698607] ? calculate_sigpending+0x7b/0xa0 [ 20.698665] ? __pfx_kthread+0x10/0x10 [ 20.698724] ret_from_fork+0x41/0x80 [ 20.698795] ? __pfx_kthread+0x10/0x10 [ 20.698849] ret_from_fork_asm+0x1a/0x30 [ 20.698946] </TASK> [ 20.698976] [ 20.712529] Allocated by task 269: [ 20.712975] kasan_save_stack+0x45/0x70 [ 20.713446] kasan_save_track+0x18/0x40 [ 20.713874] kasan_save_alloc_info+0x3b/0x50 [ 20.714326] __kasan_kmalloc+0xb7/0xc0 [ 20.714793] __kmalloc_cache_noprof+0x18a/0x420 [ 20.715456] kasan_bitops_generic+0x93/0x1c0 [ 20.716087] kunit_try_run_case+0x1a6/0x480 [ 20.716450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.716746] kthread+0x324/0x6e0 [ 20.717462] ret_from_fork+0x41/0x80 [ 20.717929] ret_from_fork_asm+0x1a/0x30 [ 20.718187] [ 20.718361] The buggy address belongs to the object at ffff8881024b01a0 [ 20.718361] which belongs to the cache kmalloc-16 of size 16 [ 20.719456] The buggy address is located 8 bytes inside of [ 20.719456] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.720598] [ 20.720904] The buggy address belongs to the physical page: [ 20.721430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.722172] flags: 0x200000000000000(node=0|zone=2) [ 20.722723] page_type: f5(slab) [ 20.722971] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.723829] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.724570] page dumped because: kasan: bad access detected [ 20.724881] [ 20.725073] Memory state around the buggy address: [ 20.725703] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.726240] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.726894] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.727413] ^ [ 20.728004] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.728546] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.729192] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.475584] ================================================================== [ 20.476208] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 20.476934] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.477324] [ 20.477563] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.477662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.477692] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.477742] Call Trace: [ 20.477786] <TASK> [ 20.477825] dump_stack_lvl+0x73/0xb0 [ 20.478409] print_report+0xd1/0x650 [ 20.478470] ? __virt_addr_valid+0x1db/0x2d0 [ 20.478522] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 20.478583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.478645] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 20.478701] kasan_report+0x140/0x180 [ 20.478755] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 20.478828] kasan_check_range+0x10c/0x1c0 [ 20.478900] __kasan_check_write+0x18/0x20 [ 20.478961] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 20.479020] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.479078] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.479134] ? trace_hardirqs_on+0x37/0xe0 [ 20.479194] ? kasan_bitops_generic+0x93/0x1c0 [ 20.479258] kasan_bitops_generic+0x117/0x1c0 [ 20.479356] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.479420] ? __pfx_read_tsc+0x10/0x10 [ 20.479471] ? ktime_get_ts64+0x86/0x230 [ 20.479537] kunit_try_run_case+0x1a6/0x480 [ 20.479593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.479643] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.479711] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.479767] ? __kthread_parkme+0x82/0x160 [ 20.479820] ? preempt_count_sub+0x50/0x80 [ 20.479893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.479948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.480011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.480050] kthread+0x324/0x6e0 [ 20.480080] ? trace_preempt_on+0x20/0xc0 [ 20.480111] ? __pfx_kthread+0x10/0x10 [ 20.480139] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.480185] ? calculate_sigpending+0x7b/0xa0 [ 20.480236] ? __pfx_kthread+0x10/0x10 [ 20.480327] ret_from_fork+0x41/0x80 [ 20.480381] ? __pfx_kthread+0x10/0x10 [ 20.480436] ret_from_fork_asm+0x1a/0x30 [ 20.480510] </TASK> [ 20.480541] [ 20.493011] Allocated by task 269: [ 20.493250] kasan_save_stack+0x45/0x70 [ 20.493674] kasan_save_track+0x18/0x40 [ 20.494098] kasan_save_alloc_info+0x3b/0x50 [ 20.494565] __kasan_kmalloc+0xb7/0xc0 [ 20.494966] __kmalloc_cache_noprof+0x18a/0x420 [ 20.495437] kasan_bitops_generic+0x93/0x1c0 [ 20.495890] kunit_try_run_case+0x1a6/0x480 [ 20.496250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.496609] kthread+0x324/0x6e0 [ 20.496841] ret_from_fork+0x41/0x80 [ 20.497263] ret_from_fork_asm+0x1a/0x30 [ 20.497680] [ 20.497904] The buggy address belongs to the object at ffff8881024b01a0 [ 20.497904] which belongs to the cache kmalloc-16 of size 16 [ 20.498907] The buggy address is located 8 bytes inside of [ 20.498907] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.499604] [ 20.499767] The buggy address belongs to the physical page: [ 20.500245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.500941] flags: 0x200000000000000(node=0|zone=2) [ 20.501473] page_type: f5(slab) [ 20.501825] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.502246] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.502968] page dumped because: kasan: bad access detected [ 20.503521] [ 20.503752] Memory state around the buggy address: [ 20.504228] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.504930] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.505520] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.506117] ^ [ 20.506462] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507184] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507958] ================================================================== [ 20.547167] ================================================================== [ 20.548342] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 20.548746] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.549268] [ 20.549586] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.549695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.549745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.549809] Call Trace: [ 20.549870] <TASK> [ 20.549911] dump_stack_lvl+0x73/0xb0 [ 20.549982] print_report+0xd1/0x650 [ 20.550039] ? __virt_addr_valid+0x1db/0x2d0 [ 20.550094] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 20.550150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.550212] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 20.550277] kasan_report+0x140/0x180 [ 20.550378] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 20.550458] kasan_check_range+0x10c/0x1c0 [ 20.550500] __kasan_check_write+0x18/0x20 [ 20.550531] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 20.550564] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.550597] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.550628] ? trace_hardirqs_on+0x37/0xe0 [ 20.550658] ? kasan_bitops_generic+0x93/0x1c0 [ 20.550692] kasan_bitops_generic+0x117/0x1c0 [ 20.550722] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.550752] ? __pfx_read_tsc+0x10/0x10 [ 20.550780] ? ktime_get_ts64+0x86/0x230 [ 20.550812] kunit_try_run_case+0x1a6/0x480 [ 20.550842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.550891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.550923] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.550954] ? __kthread_parkme+0x82/0x160 [ 20.550983] ? preempt_count_sub+0x50/0x80 [ 20.551013] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.551043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.551074] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.551108] kthread+0x324/0x6e0 [ 20.551135] ? trace_preempt_on+0x20/0xc0 [ 20.551163] ? __pfx_kthread+0x10/0x10 [ 20.551192] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.551219] ? calculate_sigpending+0x7b/0xa0 [ 20.551247] ? __pfx_kthread+0x10/0x10 [ 20.551276] ret_from_fork+0x41/0x80 [ 20.551318] ? __pfx_kthread+0x10/0x10 [ 20.551354] ret_from_fork_asm+0x1a/0x30 [ 20.551395] </TASK> [ 20.551410] [ 20.566608] Allocated by task 269: [ 20.567094] kasan_save_stack+0x45/0x70 [ 20.567540] kasan_save_track+0x18/0x40 [ 20.567884] kasan_save_alloc_info+0x3b/0x50 [ 20.568342] __kasan_kmalloc+0xb7/0xc0 [ 20.568757] __kmalloc_cache_noprof+0x18a/0x420 [ 20.569083] kasan_bitops_generic+0x93/0x1c0 [ 20.569572] kunit_try_run_case+0x1a6/0x480 [ 20.569987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.570599] kthread+0x324/0x6e0 [ 20.570874] ret_from_fork+0x41/0x80 [ 20.571402] ret_from_fork_asm+0x1a/0x30 [ 20.571784] [ 20.571947] The buggy address belongs to the object at ffff8881024b01a0 [ 20.571947] which belongs to the cache kmalloc-16 of size 16 [ 20.572842] The buggy address is located 8 bytes inside of [ 20.572842] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.573878] [ 20.574028] The buggy address belongs to the physical page: [ 20.574444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.575286] flags: 0x200000000000000(node=0|zone=2) [ 20.575758] page_type: f5(slab) [ 20.576170] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.576646] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.577279] page dumped because: kasan: bad access detected [ 20.577865] [ 20.578083] Memory state around the buggy address: [ 20.578515] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.579102] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.579805] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.580260] ^ [ 20.580689] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.581205] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.581641] ================================================================== [ 20.442436] ================================================================== [ 20.442739] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 20.443256] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.444016] [ 20.444286] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.444426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.444460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.444506] Call Trace: [ 20.444536] <TASK> [ 20.444573] dump_stack_lvl+0x73/0xb0 [ 20.444673] print_report+0xd1/0x650 [ 20.444731] ? __virt_addr_valid+0x1db/0x2d0 [ 20.444789] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 20.444869] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.444923] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 20.444958] kasan_report+0x140/0x180 [ 20.444988] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 20.445026] kasan_check_range+0x10c/0x1c0 [ 20.445055] __kasan_check_write+0x18/0x20 [ 20.445084] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 20.445115] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.445147] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.445177] ? trace_hardirqs_on+0x37/0xe0 [ 20.445206] ? kasan_bitops_generic+0x93/0x1c0 [ 20.445240] kasan_bitops_generic+0x117/0x1c0 [ 20.445268] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.445317] ? __pfx_read_tsc+0x10/0x10 [ 20.445351] ? ktime_get_ts64+0x86/0x230 [ 20.445386] kunit_try_run_case+0x1a6/0x480 [ 20.445417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.445445] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.445475] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.445505] ? __kthread_parkme+0x82/0x160 [ 20.445535] ? preempt_count_sub+0x50/0x80 [ 20.445566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.445596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.445629] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.445661] kthread+0x324/0x6e0 [ 20.445688] ? trace_preempt_on+0x20/0xc0 [ 20.445717] ? __pfx_kthread+0x10/0x10 [ 20.445744] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.445772] ? calculate_sigpending+0x7b/0xa0 [ 20.445801] ? __pfx_kthread+0x10/0x10 [ 20.445830] ret_from_fork+0x41/0x80 [ 20.445873] ? __pfx_kthread+0x10/0x10 [ 20.445902] ret_from_fork_asm+0x1a/0x30 [ 20.445942] </TASK> [ 20.445957] [ 20.459961] Allocated by task 269: [ 20.460206] kasan_save_stack+0x45/0x70 [ 20.460503] kasan_save_track+0x18/0x40 [ 20.460803] kasan_save_alloc_info+0x3b/0x50 [ 20.461246] __kasan_kmalloc+0xb7/0xc0 [ 20.461679] __kmalloc_cache_noprof+0x18a/0x420 [ 20.462146] kasan_bitops_generic+0x93/0x1c0 [ 20.462576] kunit_try_run_case+0x1a6/0x480 [ 20.462881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.463182] kthread+0x324/0x6e0 [ 20.463559] ret_from_fork+0x41/0x80 [ 20.463950] ret_from_fork_asm+0x1a/0x30 [ 20.464396] [ 20.464600] The buggy address belongs to the object at ffff8881024b01a0 [ 20.464600] which belongs to the cache kmalloc-16 of size 16 [ 20.465528] The buggy address is located 8 bytes inside of [ 20.465528] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.466285] [ 20.466472] The buggy address belongs to the physical page: [ 20.466850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.467364] flags: 0x200000000000000(node=0|zone=2) [ 20.467829] page_type: f5(slab) [ 20.468067] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.468590] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.469222] page dumped because: kasan: bad access detected [ 20.469642] [ 20.469849] Memory state around the buggy address: [ 20.470252] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.470804] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.471220] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.471746] ^ [ 20.472192] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.472694] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.473146] ================================================================== [ 20.399034] ================================================================== [ 20.399534] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 20.400531] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.401203] [ 20.401466] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.401566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.401585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.401613] Call Trace: [ 20.401636] <TASK> [ 20.401658] dump_stack_lvl+0x73/0xb0 [ 20.401700] print_report+0xd1/0x650 [ 20.401747] ? __virt_addr_valid+0x1db/0x2d0 [ 20.401801] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 20.401876] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.401943] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 20.402009] kasan_report+0x140/0x180 [ 20.402065] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 20.402141] kasan_check_range+0x10c/0x1c0 [ 20.402192] __kasan_check_write+0x18/0x20 [ 20.402242] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 20.402294] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.402345] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.402391] ? trace_hardirqs_on+0x37/0xe0 [ 20.402437] ? kasan_bitops_generic+0x93/0x1c0 [ 20.402492] kasan_bitops_generic+0x117/0x1c0 [ 20.402542] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.402593] ? __pfx_read_tsc+0x10/0x10 [ 20.402636] ? ktime_get_ts64+0x86/0x230 [ 20.402685] kunit_try_run_case+0x1a6/0x480 [ 20.402735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.402781] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.402833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.403050] ? __kthread_parkme+0x82/0x160 [ 20.403121] ? preempt_count_sub+0x50/0x80 [ 20.403187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.403243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.403343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.403387] kthread+0x324/0x6e0 [ 20.403418] ? trace_preempt_on+0x20/0xc0 [ 20.403465] ? __pfx_kthread+0x10/0x10 [ 20.403513] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.403561] ? calculate_sigpending+0x7b/0xa0 [ 20.403595] ? __pfx_kthread+0x10/0x10 [ 20.403627] ret_from_fork+0x41/0x80 [ 20.403653] ? __pfx_kthread+0x10/0x10 [ 20.403692] ret_from_fork_asm+0x1a/0x30 [ 20.403736] </TASK> [ 20.403750] [ 20.420786] Allocated by task 269: [ 20.421225] kasan_save_stack+0x45/0x70 [ 20.421876] kasan_save_track+0x18/0x40 [ 20.422284] kasan_save_alloc_info+0x3b/0x50 [ 20.422719] __kasan_kmalloc+0xb7/0xc0 [ 20.423127] __kmalloc_cache_noprof+0x18a/0x420 [ 20.424135] kasan_bitops_generic+0x93/0x1c0 [ 20.424832] kunit_try_run_case+0x1a6/0x480 [ 20.425570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.426243] kthread+0x324/0x6e0 [ 20.426545] ret_from_fork+0x41/0x80 [ 20.426787] ret_from_fork_asm+0x1a/0x30 [ 20.427242] [ 20.427422] The buggy address belongs to the object at ffff8881024b01a0 [ 20.427422] which belongs to the cache kmalloc-16 of size 16 [ 20.428721] The buggy address is located 8 bytes inside of [ 20.428721] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.429882] [ 20.430037] The buggy address belongs to the physical page: [ 20.430721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.431370] flags: 0x200000000000000(node=0|zone=2) [ 20.432357] page_type: f5(slab) [ 20.432870] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.433582] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.434143] page dumped because: kasan: bad access detected [ 20.434810] [ 20.434988] Memory state around the buggy address: [ 20.435709] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.436574] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.437142] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.437959] ^ [ 20.438346] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.439002] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.439615] ================================================================== [ 20.622672] ================================================================== [ 20.623162] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 20.623939] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.624690] [ 20.624886] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.624986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.625015] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.625065] Call Trace: [ 20.625108] <TASK> [ 20.625161] dump_stack_lvl+0x73/0xb0 [ 20.625240] print_report+0xd1/0x650 [ 20.625318] ? __virt_addr_valid+0x1db/0x2d0 [ 20.625381] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 20.625442] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.625502] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 20.625546] kasan_report+0x140/0x180 [ 20.625578] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 20.625618] kasan_check_range+0x10c/0x1c0 [ 20.625649] __kasan_check_write+0x18/0x20 [ 20.625678] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 20.625710] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.625742] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.625772] ? trace_hardirqs_on+0x37/0xe0 [ 20.625800] ? kasan_bitops_generic+0x93/0x1c0 [ 20.625834] kasan_bitops_generic+0x117/0x1c0 [ 20.625887] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.625919] ? __pfx_read_tsc+0x10/0x10 [ 20.625947] ? ktime_get_ts64+0x86/0x230 [ 20.625980] kunit_try_run_case+0x1a6/0x480 [ 20.626009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.626037] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.626066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.626096] ? __kthread_parkme+0x82/0x160 [ 20.626124] ? preempt_count_sub+0x50/0x80 [ 20.626155] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.626184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.626216] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.626248] kthread+0x324/0x6e0 [ 20.626275] ? trace_preempt_on+0x20/0xc0 [ 20.626311] ? __pfx_kthread+0x10/0x10 [ 20.626346] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.626374] ? calculate_sigpending+0x7b/0xa0 [ 20.626401] ? __pfx_kthread+0x10/0x10 [ 20.626431] ret_from_fork+0x41/0x80 [ 20.626455] ? __pfx_kthread+0x10/0x10 [ 20.626483] ret_from_fork_asm+0x1a/0x30 [ 20.626523] </TASK> [ 20.626538] [ 20.640759] Allocated by task 269: [ 20.641158] kasan_save_stack+0x45/0x70 [ 20.641616] kasan_save_track+0x18/0x40 [ 20.642031] kasan_save_alloc_info+0x3b/0x50 [ 20.642495] __kasan_kmalloc+0xb7/0xc0 [ 20.642892] __kmalloc_cache_noprof+0x18a/0x420 [ 20.643174] kasan_bitops_generic+0x93/0x1c0 [ 20.643632] kunit_try_run_case+0x1a6/0x480 [ 20.643918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.644433] kthread+0x324/0x6e0 [ 20.644798] ret_from_fork+0x41/0x80 [ 20.645177] ret_from_fork_asm+0x1a/0x30 [ 20.645596] [ 20.645808] The buggy address belongs to the object at ffff8881024b01a0 [ 20.645808] which belongs to the cache kmalloc-16 of size 16 [ 20.646614] The buggy address is located 8 bytes inside of [ 20.646614] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.647438] [ 20.647604] The buggy address belongs to the physical page: [ 20.648089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.648668] flags: 0x200000000000000(node=0|zone=2) [ 20.649055] page_type: f5(slab) [ 20.649423] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.649998] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.650488] page dumped because: kasan: bad access detected [ 20.650764] [ 20.650921] Memory state around the buggy address: [ 20.651171] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.651817] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.652465] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.653075] ^ [ 20.653539] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.654058] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.654561] ================================================================== [ 20.358759] ================================================================== [ 20.359326] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 20.359903] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.360997] [ 20.361274] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.361660] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.361702] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.361760] Call Trace: [ 20.361790] <TASK> [ 20.361824] dump_stack_lvl+0x73/0xb0 [ 20.361915] print_report+0xd1/0x650 [ 20.361973] ? __virt_addr_valid+0x1db/0x2d0 [ 20.362034] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 20.362084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.362118] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 20.362152] kasan_report+0x140/0x180 [ 20.362181] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 20.362218] kasan_check_range+0x10c/0x1c0 [ 20.362250] __kasan_check_write+0x18/0x20 [ 20.362278] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 20.362335] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.362370] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.362400] ? trace_hardirqs_on+0x37/0xe0 [ 20.362436] ? kasan_bitops_generic+0x93/0x1c0 [ 20.362496] kasan_bitops_generic+0x117/0x1c0 [ 20.362549] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.362603] ? __pfx_read_tsc+0x10/0x10 [ 20.362636] ? ktime_get_ts64+0x86/0x230 [ 20.362670] kunit_try_run_case+0x1a6/0x480 [ 20.362701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.362728] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.362760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.362790] ? __kthread_parkme+0x82/0x160 [ 20.362819] ? preempt_count_sub+0x50/0x80 [ 20.362850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.362901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.362934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.362967] kthread+0x324/0x6e0 [ 20.362994] ? trace_preempt_on+0x20/0xc0 [ 20.363024] ? __pfx_kthread+0x10/0x10 [ 20.363052] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.363079] ? calculate_sigpending+0x7b/0xa0 [ 20.363108] ? __pfx_kthread+0x10/0x10 [ 20.363136] ret_from_fork+0x41/0x80 [ 20.363161] ? __pfx_kthread+0x10/0x10 [ 20.363189] ret_from_fork_asm+0x1a/0x30 [ 20.363228] </TASK> [ 20.363242] [ 20.379126] Allocated by task 269: [ 20.379387] kasan_save_stack+0x45/0x70 [ 20.379644] kasan_save_track+0x18/0x40 [ 20.379902] kasan_save_alloc_info+0x3b/0x50 [ 20.380331] __kasan_kmalloc+0xb7/0xc0 [ 20.380729] __kmalloc_cache_noprof+0x18a/0x420 [ 20.381376] kasan_bitops_generic+0x93/0x1c0 [ 20.382089] kunit_try_run_case+0x1a6/0x480 [ 20.382734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.383363] kthread+0x324/0x6e0 [ 20.384002] ret_from_fork+0x41/0x80 [ 20.384641] ret_from_fork_asm+0x1a/0x30 [ 20.385082] [ 20.385287] The buggy address belongs to the object at ffff8881024b01a0 [ 20.385287] which belongs to the cache kmalloc-16 of size 16 [ 20.386571] The buggy address is located 8 bytes inside of [ 20.386571] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.387643] [ 20.388170] The buggy address belongs to the physical page: [ 20.388670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.389613] flags: 0x200000000000000(node=0|zone=2) [ 20.390232] page_type: f5(slab) [ 20.390870] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.392091] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.392610] page dumped because: kasan: bad access detected [ 20.393161] [ 20.393347] Memory state around the buggy address: [ 20.394139] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.394629] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.395175] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.395588] ^ [ 20.396386] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397010] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397676] ================================================================== [ 20.583080] ================================================================== [ 20.584055] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 20.584948] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.585464] [ 20.585616] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.585671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.585687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.585711] Call Trace: [ 20.585733] <TASK> [ 20.585756] dump_stack_lvl+0x73/0xb0 [ 20.585793] print_report+0xd1/0x650 [ 20.585823] ? __virt_addr_valid+0x1db/0x2d0 [ 20.585850] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 20.585903] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.585937] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 20.585969] kasan_report+0x140/0x180 [ 20.585996] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 20.586033] kasan_check_range+0x10c/0x1c0 [ 20.586062] __kasan_check_write+0x18/0x20 [ 20.586092] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 20.586122] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.586154] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.586183] ? trace_hardirqs_on+0x37/0xe0 [ 20.586212] ? kasan_bitops_generic+0x93/0x1c0 [ 20.586245] kasan_bitops_generic+0x117/0x1c0 [ 20.586275] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.586318] ? __pfx_read_tsc+0x10/0x10 [ 20.586367] ? ktime_get_ts64+0x86/0x230 [ 20.586432] kunit_try_run_case+0x1a6/0x480 [ 20.586495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.586553] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.586615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.586674] ? __kthread_parkme+0x82/0x160 [ 20.586730] ? preempt_count_sub+0x50/0x80 [ 20.586787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.586845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.586929] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.586996] kthread+0x324/0x6e0 [ 20.587053] ? trace_preempt_on+0x20/0xc0 [ 20.587107] ? __pfx_kthread+0x10/0x10 [ 20.587162] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.587211] ? calculate_sigpending+0x7b/0xa0 [ 20.587249] ? __pfx_kthread+0x10/0x10 [ 20.587280] ret_from_fork+0x41/0x80 [ 20.587316] ? __pfx_kthread+0x10/0x10 [ 20.587353] ret_from_fork_asm+0x1a/0x30 [ 20.587395] </TASK> [ 20.587409] [ 20.603155] Allocated by task 269: [ 20.603748] kasan_save_stack+0x45/0x70 [ 20.604053] kasan_save_track+0x18/0x40 [ 20.604321] kasan_save_alloc_info+0x3b/0x50 [ 20.604605] __kasan_kmalloc+0xb7/0xc0 [ 20.604850] __kmalloc_cache_noprof+0x18a/0x420 [ 20.605329] kasan_bitops_generic+0x93/0x1c0 [ 20.606315] kunit_try_run_case+0x1a6/0x480 [ 20.606776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.607322] kthread+0x324/0x6e0 [ 20.607966] ret_from_fork+0x41/0x80 [ 20.608535] ret_from_fork_asm+0x1a/0x30 [ 20.608847] [ 20.608988] The buggy address belongs to the object at ffff8881024b01a0 [ 20.608988] which belongs to the cache kmalloc-16 of size 16 [ 20.610528] The buggy address is located 8 bytes inside of [ 20.610528] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.611429] [ 20.611649] The buggy address belongs to the physical page: [ 20.612464] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.613160] flags: 0x200000000000000(node=0|zone=2) [ 20.613653] page_type: f5(slab) [ 20.614087] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.614758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.615247] page dumped because: kasan: bad access detected [ 20.615755] [ 20.615920] Memory state around the buggy address: [ 20.616327] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.617214] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.617936] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.618730] ^ [ 20.619310] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.620014] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.620788] ================================================================== [ 20.509740] ================================================================== [ 20.510536] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 20.511232] Write of size 8 at addr ffff8881024b01a8 by task kunit_try_catch/269 [ 20.511964] [ 20.512275] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.512417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.512448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.512502] Call Trace: [ 20.512577] <TASK> [ 20.512636] dump_stack_lvl+0x73/0xb0 [ 20.512713] print_report+0xd1/0x650 [ 20.512771] ? __virt_addr_valid+0x1db/0x2d0 [ 20.512831] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 20.512911] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.512978] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 20.513043] kasan_report+0x140/0x180 [ 20.513091] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 20.513132] kasan_check_range+0x10c/0x1c0 [ 20.513163] __kasan_check_write+0x18/0x20 [ 20.513192] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 20.513224] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.513256] ? __kmalloc_cache_noprof+0x18a/0x420 [ 20.513286] ? trace_hardirqs_on+0x37/0xe0 [ 20.513344] ? kasan_bitops_generic+0x93/0x1c0 [ 20.513381] kasan_bitops_generic+0x117/0x1c0 [ 20.513411] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.513442] ? __pfx_read_tsc+0x10/0x10 [ 20.513470] ? ktime_get_ts64+0x86/0x230 [ 20.513502] kunit_try_run_case+0x1a6/0x480 [ 20.513533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.513559] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.513589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.513619] ? __kthread_parkme+0x82/0x160 [ 20.513646] ? preempt_count_sub+0x50/0x80 [ 20.513678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.513706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.513737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.513770] kthread+0x324/0x6e0 [ 20.513796] ? trace_preempt_on+0x20/0xc0 [ 20.513824] ? __pfx_kthread+0x10/0x10 [ 20.513869] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.513900] ? calculate_sigpending+0x7b/0xa0 [ 20.513928] ? __pfx_kthread+0x10/0x10 [ 20.513958] ret_from_fork+0x41/0x80 [ 20.513982] ? __pfx_kthread+0x10/0x10 [ 20.514009] ret_from_fork_asm+0x1a/0x30 [ 20.514050] </TASK> [ 20.514064] [ 20.530808] Allocated by task 269: [ 20.531219] kasan_save_stack+0x45/0x70 [ 20.531538] kasan_save_track+0x18/0x40 [ 20.531931] kasan_save_alloc_info+0x3b/0x50 [ 20.532239] __kasan_kmalloc+0xb7/0xc0 [ 20.532597] __kmalloc_cache_noprof+0x18a/0x420 [ 20.533028] kasan_bitops_generic+0x93/0x1c0 [ 20.533466] kunit_try_run_case+0x1a6/0x480 [ 20.533878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.534182] kthread+0x324/0x6e0 [ 20.534439] ret_from_fork+0x41/0x80 [ 20.534873] ret_from_fork_asm+0x1a/0x30 [ 20.535288] [ 20.535537] The buggy address belongs to the object at ffff8881024b01a0 [ 20.535537] which belongs to the cache kmalloc-16 of size 16 [ 20.536634] The buggy address is located 8 bytes inside of [ 20.536634] allocated 9-byte region [ffff8881024b01a0, ffff8881024b01a9) [ 20.537467] [ 20.537620] The buggy address belongs to the physical page: [ 20.537906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1024b0 [ 20.538622] flags: 0x200000000000000(node=0|zone=2) [ 20.539164] page_type: f5(slab) [ 20.539594] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.540242] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.540632] page dumped because: kasan: bad access detected [ 20.541042] [ 20.541343] Memory state around the buggy address: [ 20.541847] ffff8881024b0080: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.542552] ffff8881024b0100: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 20.543941] >ffff8881024b0180: fa fb fc fc 00 01 fc fc fc fc fc fc fc fc fc fc [ 20.544462] ^ [ 20.545362] ffff8881024b0200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.545766] ffff8881024b0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.546298] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.316742] ================================================================== [ 20.317290] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 20.317735] Read of size 1 at addr ffff888102bd9550 by task kunit_try_catch/267 [ 20.318437] [ 20.318620] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.318720] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.318751] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.318797] Call Trace: [ 20.318836] <TASK> [ 20.318892] dump_stack_lvl+0x73/0xb0 [ 20.318960] print_report+0xd1/0x650 [ 20.319016] ? __virt_addr_valid+0x1db/0x2d0 [ 20.319070] ? strnlen+0x73/0x80 [ 20.319113] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.319169] ? strnlen+0x73/0x80 [ 20.319221] kasan_report+0x140/0x180 [ 20.319277] ? strnlen+0x73/0x80 [ 20.319330] __asan_report_load1_noabort+0x18/0x20 [ 20.319390] strnlen+0x73/0x80 [ 20.319440] kasan_strings+0x4c3/0xb60 [ 20.319496] ? __pfx_kasan_strings+0x10/0x10 [ 20.319552] ? __schedule+0xce8/0x2840 [ 20.319604] ? __pfx_read_tsc+0x10/0x10 [ 20.319653] ? ktime_get_ts64+0x86/0x230 [ 20.319726] kunit_try_run_case+0x1a6/0x480 [ 20.319787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.319842] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.319920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.319981] ? __kthread_parkme+0x82/0x160 [ 20.320017] ? preempt_count_sub+0x50/0x80 [ 20.320051] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.320080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.320114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.320147] kthread+0x324/0x6e0 [ 20.320174] ? trace_preempt_on+0x20/0xc0 [ 20.320206] ? __pfx_kthread+0x10/0x10 [ 20.320234] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.320262] ? calculate_sigpending+0x7b/0xa0 [ 20.320289] ? __pfx_kthread+0x10/0x10 [ 20.320335] ret_from_fork+0x41/0x80 [ 20.320362] ? __pfx_kthread+0x10/0x10 [ 20.320390] ret_from_fork_asm+0x1a/0x30 [ 20.320430] </TASK> [ 20.320444] [ 20.331412] Allocated by task 267: [ 20.331779] kasan_save_stack+0x45/0x70 [ 20.332212] kasan_save_track+0x18/0x40 [ 20.333478] kasan_save_alloc_info+0x3b/0x50 [ 20.333827] __kasan_kmalloc+0xb7/0xc0 [ 20.334086] __kmalloc_cache_noprof+0x18a/0x420 [ 20.334390] kasan_strings+0xb9/0xb60 [ 20.334778] kunit_try_run_case+0x1a6/0x480 [ 20.335219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.335566] kthread+0x324/0x6e0 [ 20.335800] ret_from_fork+0x41/0x80 [ 20.336171] ret_from_fork_asm+0x1a/0x30 [ 20.336648] [ 20.336874] Freed by task 267: [ 20.337207] kasan_save_stack+0x45/0x70 [ 20.337639] kasan_save_track+0x18/0x40 [ 20.337940] kasan_save_free_info+0x3f/0x60 [ 20.338242] __kasan_slab_free+0x56/0x70 [ 20.338492] kfree+0x224/0x3f0 [ 20.338804] kasan_strings+0x13c/0xb60 [ 20.339349] kunit_try_run_case+0x1a6/0x480 [ 20.339767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.340294] kthread+0x324/0x6e0 [ 20.340616] ret_from_fork+0x41/0x80 [ 20.340896] ret_from_fork_asm+0x1a/0x30 [ 20.341150] [ 20.341290] The buggy address belongs to the object at ffff888102bd9540 [ 20.341290] which belongs to the cache kmalloc-32 of size 32 [ 20.342252] The buggy address is located 16 bytes inside of [ 20.342252] freed 32-byte region [ffff888102bd9540, ffff888102bd9560) [ 20.342896] [ 20.343049] The buggy address belongs to the physical page: [ 20.343494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd9 [ 20.344177] flags: 0x200000000000000(node=0|zone=2) [ 20.344780] page_type: f5(slab) [ 20.345134] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.345526] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.345902] page dumped because: kasan: bad access detected [ 20.346544] [ 20.346749] Memory state around the buggy address: [ 20.347177] ffff888102bd9400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.347849] ffff888102bd9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.348207] >ffff888102bd9500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.348535] ^ [ 20.349209] ffff888102bd9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.349825] ffff888102bd9600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.350609] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 55.674540] ================================================================== [ 55.675095] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 55.675095] [ 55.675614] Use-after-free read at 0x(____ptrval____) (in kfence-#160): [ 55.675963] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 55.676246] kunit_try_run_case+0x1a6/0x480 [ 55.676485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.677211] kthread+0x324/0x6e0 [ 55.677794] ret_from_fork+0x41/0x80 [ 55.678058] ret_from_fork_asm+0x1a/0x30 [ 55.678330] [ 55.678467] kfence-#160: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 55.678467] [ 55.678852] allocated by task 343 on cpu 0 at 55.657128s (0.021719s ago): [ 55.679210] test_alloc+0x2a7/0x10f0 [ 55.679425] test_memcache_typesafe_by_rcu+0x170/0x670 [ 55.679894] kunit_try_run_case+0x1a6/0x480 [ 55.680165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.680527] kthread+0x324/0x6e0 [ 55.680766] ret_from_fork+0x41/0x80 [ 55.680987] ret_from_fork_asm+0x1a/0x30 [ 55.681234] [ 55.681358] freed by task 343 on cpu 0 at 55.657315s (0.024039s ago): [ 55.681818] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 55.682155] kunit_try_run_case+0x1a6/0x480 [ 55.682453] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 55.682755] kthread+0x324/0x6e0 [ 55.683107] ret_from_fork+0x41/0x80 [ 55.683501] ret_from_fork_asm+0x1a/0x30 [ 55.683917] [ 55.684209] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 55.684969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 55.685403] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 55.686151] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 31.706146] ================================================================== [ 31.706811] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 31.706811] [ 31.708163] Invalid read at 0x(____ptrval____): [ 31.708669] test_invalid_access+0xf1/0x210 [ 31.709431] kunit_try_run_case+0x1a6/0x480 [ 31.709923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.710561] kthread+0x324/0x6e0 [ 31.710837] ret_from_fork+0x41/0x80 [ 31.711327] ret_from_fork_asm+0x1a/0x30 [ 31.711913] [ 31.712115] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.713076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.713683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.714367] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 31.475647] ================================================================== [ 31.476078] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 31.476078] [ 31.476493] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#156): [ 31.478349] test_kmalloc_aligned_oob_write+0x251/0x340 [ 31.478747] kunit_try_run_case+0x1a6/0x480 [ 31.479107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.479549] kthread+0x324/0x6e0 [ 31.479814] ret_from_fork+0x41/0x80 [ 31.480213] ret_from_fork_asm+0x1a/0x30 [ 31.480585] [ 31.480803] kfence-#156: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 31.480803] [ 31.481379] allocated by task 333 on cpu 0 at 31.475154s (0.006218s ago): [ 31.482035] test_alloc+0x365/0x10f0 [ 31.482459] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 31.482940] kunit_try_run_case+0x1a6/0x480 [ 31.483232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.483703] kthread+0x324/0x6e0 [ 31.484045] ret_from_fork+0x41/0x80 [ 31.484421] ret_from_fork_asm+0x1a/0x30 [ 31.484849] [ 31.485027] freed by task 333 on cpu 0 at 31.475400s (0.009622s ago): [ 31.485453] test_kmalloc_aligned_oob_write+0x251/0x340 [ 31.485967] kunit_try_run_case+0x1a6/0x480 [ 31.486399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.486740] kthread+0x324/0x6e0 [ 31.487079] ret_from_fork+0x41/0x80 [ 31.487443] ret_from_fork_asm+0x1a/0x30 [ 31.487866] [ 31.488136] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.488809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.489131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.489770] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 31.267575] ================================================================== [ 31.268107] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 31.268107] [ 31.268733] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#154): [ 31.269331] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 31.269642] kunit_try_run_case+0x1a6/0x480 [ 31.270049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.270389] kthread+0x324/0x6e0 [ 31.270780] ret_from_fork+0x41/0x80 [ 31.271184] ret_from_fork_asm+0x1a/0x30 [ 31.271446] [ 31.271599] kfence-#154: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 31.271599] [ 31.272509] allocated by task 331 on cpu 1 at 31.267113s (0.005390s ago): [ 31.273586] test_alloc+0x365/0x10f0 [ 31.273931] test_kmalloc_aligned_oob_read+0x106/0x570 [ 31.274223] kunit_try_run_case+0x1a6/0x480 [ 31.274644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 31.275175] kthread+0x324/0x6e0 [ 31.275553] ret_from_fork+0x41/0x80 [ 31.275891] ret_from_fork_asm+0x1a/0x30 [ 31.276186] [ 31.276380] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 31.276903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 31.277321] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 31.277962] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 27.003382] ================================================================== [ 27.003982] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 27.003982] [ 27.004508] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#113): [ 27.005144] test_corruption+0x2e1/0x3e0 [ 27.005569] kunit_try_run_case+0x1a6/0x480 [ 27.006244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.006740] kthread+0x324/0x6e0 [ 27.007020] ret_from_fork+0x41/0x80 [ 27.007307] ret_from_fork_asm+0x1a/0x30 [ 27.007894] [ 27.008139] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.008139] [ 27.009013] allocated by task 319 on cpu 0 at 27.002994s (0.006012s ago): [ 27.009771] test_alloc+0x365/0x10f0 [ 27.010807] test_corruption+0x1cc/0x3e0 [ 27.011112] kunit_try_run_case+0x1a6/0x480 [ 27.011435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.012006] kthread+0x324/0x6e0 [ 27.012367] ret_from_fork+0x41/0x80 [ 27.012671] ret_from_fork_asm+0x1a/0x30 [ 27.013126] [ 27.013345] freed by task 319 on cpu 0 at 27.003147s (0.010192s ago): [ 27.013768] test_corruption+0x2e1/0x3e0 [ 27.014212] kunit_try_run_case+0x1a6/0x480 [ 27.014543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.015264] kthread+0x324/0x6e0 [ 27.015757] ret_from_fork+0x41/0x80 [ 27.016030] ret_from_fork_asm+0x1a/0x30 [ 27.016543] [ 27.016767] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.017451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.017771] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.018597] ================================================================== [ 26.587370] ================================================================== [ 26.587941] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 26.587941] [ 26.588824] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#109): [ 26.590530] test_corruption+0x2d4/0x3e0 [ 26.590875] kunit_try_run_case+0x1a6/0x480 [ 26.591387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.591750] kthread+0x324/0x6e0 [ 26.592191] ret_from_fork+0x41/0x80 [ 26.592515] ret_from_fork_asm+0x1a/0x30 [ 26.592964] [ 26.593198] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.593198] [ 26.593860] allocated by task 319 on cpu 0 at 26.586996s (0.006859s ago): [ 26.594477] test_alloc+0x365/0x10f0 [ 26.594909] test_corruption+0xe7/0x3e0 [ 26.595250] kunit_try_run_case+0x1a6/0x480 [ 26.595738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.596161] kthread+0x324/0x6e0 [ 26.596596] ret_from_fork+0x41/0x80 [ 26.596874] ret_from_fork_asm+0x1a/0x30 [ 26.597386] [ 26.597610] freed by task 319 on cpu 0 at 26.587145s (0.010461s ago): [ 26.598041] test_corruption+0x2d4/0x3e0 [ 26.598492] kunit_try_run_case+0x1a6/0x480 [ 26.598922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.599432] kthread+0x324/0x6e0 [ 26.599736] ret_from_fork+0x41/0x80 [ 26.600160] ret_from_fork_asm+0x1a/0x30 [ 26.600519] [ 26.600705] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.601588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.601834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.602567] ================================================================== [ 27.107219] ================================================================== [ 27.107707] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 27.107707] [ 27.108113] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 27.109424] test_corruption+0x132/0x3e0 [ 27.109730] kunit_try_run_case+0x1a6/0x480 [ 27.110182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.110584] kthread+0x324/0x6e0 [ 27.111023] ret_from_fork+0x41/0x80 [ 27.111442] ret_from_fork_asm+0x1a/0x30 [ 27.111814] [ 27.112064] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.112064] [ 27.112589] allocated by task 321 on cpu 1 at 27.107033s (0.005549s ago): [ 27.113280] test_alloc+0x2a7/0x10f0 [ 27.113597] test_corruption+0xe7/0x3e0 [ 27.114007] kunit_try_run_case+0x1a6/0x480 [ 27.114409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.114868] kthread+0x324/0x6e0 [ 27.115099] ret_from_fork+0x41/0x80 [ 27.115461] ret_from_fork_asm+0x1a/0x30 [ 27.116013] [ 27.116230] freed by task 321 on cpu 1 at 27.107101s (0.009123s ago): [ 27.116731] test_corruption+0x132/0x3e0 [ 27.117068] kunit_try_run_case+0x1a6/0x480 [ 27.117362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.117780] kthread+0x324/0x6e0 [ 27.118032] ret_from_fork+0x41/0x80 [ 27.118333] ret_from_fork_asm+0x1a/0x30 [ 27.118851] [ 27.119092] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.119733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.120020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.120700] ================================================================== [ 27.211210] ================================================================== [ 27.211777] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 27.211777] [ 27.212314] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#115): [ 27.212873] test_corruption+0x217/0x3e0 [ 27.213367] kunit_try_run_case+0x1a6/0x480 [ 27.213750] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.214278] kthread+0x324/0x6e0 [ 27.214525] ret_from_fork+0x41/0x80 [ 27.214927] ret_from_fork_asm+0x1a/0x30 [ 27.215279] [ 27.215466] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.215466] [ 27.215918] allocated by task 321 on cpu 1 at 27.211016s (0.004896s ago): [ 27.216528] test_alloc+0x2a7/0x10f0 [ 27.216926] test_corruption+0x1cc/0x3e0 [ 27.217280] kunit_try_run_case+0x1a6/0x480 [ 27.217694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.218021] kthread+0x324/0x6e0 [ 27.218262] ret_from_fork+0x41/0x80 [ 27.218644] ret_from_fork_asm+0x1a/0x30 [ 27.219059] [ 27.219272] freed by task 321 on cpu 1 at 27.211101s (0.008166s ago): [ 27.219868] test_corruption+0x217/0x3e0 [ 27.220192] kunit_try_run_case+0x1a6/0x480 [ 27.220640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.221099] kthread+0x324/0x6e0 [ 27.221499] ret_from_fork+0x41/0x80 [ 27.221764] ret_from_fork_asm+0x1a/0x30 [ 27.222129] [ 27.222313] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 27.222738] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.223205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.224232] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 26.483190] ================================================================== [ 26.483768] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 26.483768] [ 26.484320] Invalid free of 0x(____ptrval____) (in kfence-#108): [ 26.484958] test_invalid_addr_free+0xfc/0x260 [ 26.485291] kunit_try_run_case+0x1a6/0x480 [ 26.485555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.486045] kthread+0x324/0x6e0 [ 26.486437] ret_from_fork+0x41/0x80 [ 26.486727] ret_from_fork_asm+0x1a/0x30 [ 26.487001] [ 26.487238] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.487238] [ 26.488101] allocated by task 317 on cpu 0 at 26.483018s (0.005078s ago): [ 26.488675] test_alloc+0x2a7/0x10f0 [ 26.489057] test_invalid_addr_free+0xdc/0x260 [ 26.489324] kunit_try_run_case+0x1a6/0x480 [ 26.489749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.490482] kthread+0x324/0x6e0 [ 26.490830] ret_from_fork+0x41/0x80 [ 26.491217] ret_from_fork_asm+0x1a/0x30 [ 26.491467] [ 26.491647] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.492231] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.492608] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.493577] ================================================================== [ 26.379235] ================================================================== [ 26.379857] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 26.379857] [ 26.380418] Invalid free of 0x(____ptrval____) (in kfence-#107): [ 26.380992] test_invalid_addr_free+0x1e3/0x260 [ 26.381337] kunit_try_run_case+0x1a6/0x480 [ 26.381693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.382076] kthread+0x324/0x6e0 [ 26.382434] ret_from_fork+0x41/0x80 [ 26.382980] ret_from_fork_asm+0x1a/0x30 [ 26.383343] [ 26.383582] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.383582] [ 26.384263] allocated by task 315 on cpu 1 at 26.379062s (0.005196s ago): [ 26.384805] test_alloc+0x365/0x10f0 [ 26.385221] test_invalid_addr_free+0xdc/0x260 [ 26.385807] kunit_try_run_case+0x1a6/0x480 [ 26.386257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.386701] kthread+0x324/0x6e0 [ 26.387109] ret_from_fork+0x41/0x80 [ 26.387455] ret_from_fork_asm+0x1a/0x30 [ 26.387798] [ 26.388134] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.389313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.389650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.390222] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.275015] ================================================================== [ 20.275545] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 20.275989] Read of size 1 at addr ffff888102bd9550 by task kunit_try_catch/267 [ 20.276463] [ 20.276642] CPU: 0 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.276743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.276775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.276822] Call Trace: [ 20.276872] <TASK> [ 20.276913] dump_stack_lvl+0x73/0xb0 [ 20.276977] print_report+0xd1/0x650 [ 20.277037] ? __virt_addr_valid+0x1db/0x2d0 [ 20.277090] ? strlen+0x8f/0xb0 [ 20.277136] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.277191] ? strlen+0x8f/0xb0 [ 20.277234] kasan_report+0x140/0x180 [ 20.277291] ? strlen+0x8f/0xb0 [ 20.277351] __asan_report_load1_noabort+0x18/0x20 [ 20.277407] strlen+0x8f/0xb0 [ 20.277457] kasan_strings+0x425/0xb60 [ 20.277512] ? __pfx_kasan_strings+0x10/0x10 [ 20.277567] ? __schedule+0xce8/0x2840 [ 20.277628] ? __pfx_read_tsc+0x10/0x10 [ 20.277677] ? ktime_get_ts64+0x86/0x230 [ 20.277736] kunit_try_run_case+0x1a6/0x480 [ 20.277793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.277845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.277926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.277989] ? __kthread_parkme+0x82/0x160 [ 20.278044] ? preempt_count_sub+0x50/0x80 [ 20.278080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.278110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.278144] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.278176] kthread+0x324/0x6e0 [ 20.278203] ? trace_preempt_on+0x20/0xc0 [ 20.278234] ? __pfx_kthread+0x10/0x10 [ 20.278262] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.278290] ? calculate_sigpending+0x7b/0xa0 [ 20.278334] ? __pfx_kthread+0x10/0x10 [ 20.278365] ret_from_fork+0x41/0x80 [ 20.278389] ? __pfx_kthread+0x10/0x10 [ 20.278417] ret_from_fork_asm+0x1a/0x30 [ 20.278457] </TASK> [ 20.278471] [ 20.292582] Allocated by task 267: [ 20.293171] kasan_save_stack+0x45/0x70 [ 20.293532] kasan_save_track+0x18/0x40 [ 20.293840] kasan_save_alloc_info+0x3b/0x50 [ 20.294206] __kasan_kmalloc+0xb7/0xc0 [ 20.294887] __kmalloc_cache_noprof+0x18a/0x420 [ 20.295234] kasan_strings+0xb9/0xb60 [ 20.295806] kunit_try_run_case+0x1a6/0x480 [ 20.296293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.296876] kthread+0x324/0x6e0 [ 20.297102] ret_from_fork+0x41/0x80 [ 20.297638] ret_from_fork_asm+0x1a/0x30 [ 20.298052] [ 20.298229] Freed by task 267: [ 20.298799] kasan_save_stack+0x45/0x70 [ 20.299050] kasan_save_track+0x18/0x40 [ 20.299755] kasan_save_free_info+0x3f/0x60 [ 20.300153] __kasan_slab_free+0x56/0x70 [ 20.300462] kfree+0x224/0x3f0 [ 20.300754] kasan_strings+0x13c/0xb60 [ 20.301359] kunit_try_run_case+0x1a6/0x480 [ 20.301925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.302435] kthread+0x324/0x6e0 [ 20.302773] ret_from_fork+0x41/0x80 [ 20.303060] ret_from_fork_asm+0x1a/0x30 [ 20.303830] [ 20.304023] The buggy address belongs to the object at ffff888102bd9540 [ 20.304023] which belongs to the cache kmalloc-32 of size 32 [ 20.304776] The buggy address is located 16 bytes inside of [ 20.304776] freed 32-byte region [ffff888102bd9540, ffff888102bd9560) [ 20.305956] [ 20.306094] The buggy address belongs to the physical page: [ 20.306580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd9 [ 20.307226] flags: 0x200000000000000(node=0|zone=2) [ 20.307553] page_type: f5(slab) [ 20.308470] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.308909] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.309591] page dumped because: kasan: bad access detected [ 20.310090] [ 20.310302] Memory state around the buggy address: [ 20.310938] ffff888102bd9400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.311585] ffff888102bd9480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.312273] >ffff888102bd9500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.312949] ^ [ 20.313310] ffff888102bd9580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.313829] ffff888102bd9600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 20.314254] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 26.275499] ================================================================== [ 26.276029] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 26.276029] [ 26.276559] Invalid free of 0x(____ptrval____) (in kfence-#106): [ 26.276954] test_double_free+0x113/0x260 [ 26.277192] kunit_try_run_case+0x1a6/0x480 [ 26.277574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.278186] kthread+0x324/0x6e0 [ 26.278474] ret_from_fork+0x41/0x80 [ 26.278715] ret_from_fork_asm+0x1a/0x30 [ 26.279132] [ 26.279358] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.279358] [ 26.280041] allocated by task 313 on cpu 1 at 26.275102s (0.004933s ago): [ 26.280597] test_alloc+0x2a7/0x10f0 [ 26.280835] test_double_free+0xdc/0x260 [ 26.281232] kunit_try_run_case+0x1a6/0x480 [ 26.281782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.282241] kthread+0x324/0x6e0 [ 26.282478] ret_from_fork+0x41/0x80 [ 26.282777] ret_from_fork_asm+0x1a/0x30 [ 26.283331] [ 26.283555] freed by task 313 on cpu 1 at 26.275198s (0.008351s ago): [ 26.284185] test_double_free+0xfb/0x260 [ 26.284499] kunit_try_run_case+0x1a6/0x480 [ 26.284763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.285284] kthread+0x324/0x6e0 [ 26.285655] ret_from_fork+0x41/0x80 [ 26.286049] ret_from_fork_asm+0x1a/0x30 [ 26.286483] [ 26.286698] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.287296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.287548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.287984] ================================================================== [ 26.171517] ================================================================== [ 26.172167] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 26.172167] [ 26.172507] Invalid free of 0x(____ptrval____) (in kfence-#105): [ 26.172700] test_double_free+0x1d5/0x260 [ 26.172861] kunit_try_run_case+0x1a6/0x480 [ 26.173068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.173399] kthread+0x324/0x6e0 [ 26.173674] ret_from_fork+0x41/0x80 [ 26.174046] ret_from_fork_asm+0x1a/0x30 [ 26.174306] [ 26.174518] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.174518] [ 26.175370] allocated by task 311 on cpu 0 at 26.171037s (0.004326s ago): [ 26.175876] test_alloc+0x365/0x10f0 [ 26.176185] test_double_free+0xdc/0x260 [ 26.176536] kunit_try_run_case+0x1a6/0x480 [ 26.177462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.177957] kthread+0x324/0x6e0 [ 26.178202] ret_from_fork+0x41/0x80 [ 26.178669] ret_from_fork_asm+0x1a/0x30 [ 26.179167] [ 26.179319] freed by task 311 on cpu 0 at 26.171153s (0.008161s ago): [ 26.179694] test_double_free+0x1e2/0x260 [ 26.180157] kunit_try_run_case+0x1a6/0x480 [ 26.181017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.181952] kthread+0x324/0x6e0 [ 26.182699] ret_from_fork+0x41/0x80 [ 26.183045] ret_from_fork_asm+0x1a/0x30 [ 26.183340] [ 26.183612] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 26.184251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.184685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.185166] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 25.755418] ================================================================== [ 25.756019] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 25.756019] [ 25.756859] Use-after-free read at 0x(____ptrval____) (in kfence-#101): [ 25.757603] test_use_after_free_read+0x12a/0x270 [ 25.758236] kunit_try_run_case+0x1a6/0x480 [ 25.758756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.759339] kthread+0x324/0x6e0 [ 25.759649] ret_from_fork+0x41/0x80 [ 25.760074] ret_from_fork_asm+0x1a/0x30 [ 25.760545] [ 25.760736] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.760736] [ 25.761411] allocated by task 303 on cpu 0 at 25.755110s (0.006295s ago): [ 25.761818] test_alloc+0x365/0x10f0 [ 25.762268] test_use_after_free_read+0xdd/0x270 [ 25.762682] kunit_try_run_case+0x1a6/0x480 [ 25.763110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.763583] kthread+0x324/0x6e0 [ 25.764152] ret_from_fork+0x41/0x80 [ 25.764435] ret_from_fork_asm+0x1a/0x30 [ 25.764997] [ 25.765222] freed by task 303 on cpu 0 at 25.755238s (0.009979s ago): [ 25.765762] test_use_after_free_read+0x1e9/0x270 [ 25.766205] kunit_try_run_case+0x1a6/0x480 [ 25.766747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.767097] kthread+0x324/0x6e0 [ 25.767566] ret_from_fork+0x41/0x80 [ 25.768064] ret_from_fork_asm+0x1a/0x30 [ 25.768601] [ 25.768819] CPU: 0 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.769472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.769934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.770730] ================================================================== [ 25.859320] ================================================================== [ 25.859860] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 25.859860] [ 25.860548] Use-after-free read at 0x(____ptrval____) (in kfence-#102): [ 25.860888] test_use_after_free_read+0x12a/0x270 [ 25.861437] kunit_try_run_case+0x1a6/0x480 [ 25.861816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.862264] kthread+0x324/0x6e0 [ 25.862641] ret_from_fork+0x41/0x80 [ 25.863053] ret_from_fork_asm+0x1a/0x30 [ 25.863389] [ 25.863548] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.863548] [ 25.864215] allocated by task 305 on cpu 0 at 25.859094s (0.005115s ago): [ 25.864872] test_alloc+0x2a7/0x10f0 [ 25.865119] test_use_after_free_read+0xdd/0x270 [ 25.865619] kunit_try_run_case+0x1a6/0x480 [ 25.866072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.866782] kthread+0x324/0x6e0 [ 25.867057] ret_from_fork+0x41/0x80 [ 25.867342] ret_from_fork_asm+0x1a/0x30 [ 25.867756] [ 25.867995] freed by task 305 on cpu 0 at 25.859195s (0.008794s ago): [ 25.868811] test_use_after_free_read+0xfc/0x270 [ 25.869221] kunit_try_run_case+0x1a6/0x480 [ 25.869490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.869936] kthread+0x324/0x6e0 [ 25.870287] ret_from_fork+0x41/0x80 [ 25.870685] ret_from_fork_asm+0x1a/0x30 [ 25.871216] [ 25.871561] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.872134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.872486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.873348] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 25.651134] ================================================================== [ 25.651709] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 25.651709] [ 25.652808] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#100): [ 25.653387] test_out_of_bounds_write+0x10e/0x260 [ 25.653746] kunit_try_run_case+0x1a6/0x480 [ 25.654605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.654978] kthread+0x324/0x6e0 [ 25.655214] ret_from_fork+0x41/0x80 [ 25.655894] ret_from_fork_asm+0x1a/0x30 [ 25.656312] [ 25.656611] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.656611] [ 25.657129] allocated by task 301 on cpu 1 at 25.651045s (0.006078s ago): [ 25.657679] test_alloc+0x2a7/0x10f0 [ 25.658066] test_out_of_bounds_write+0xd5/0x260 [ 25.658502] kunit_try_run_case+0x1a6/0x480 [ 25.658990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.659453] kthread+0x324/0x6e0 [ 25.659752] ret_from_fork+0x41/0x80 [ 25.660021] ret_from_fork_asm+0x1a/0x30 [ 25.660454] [ 25.660692] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.661227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.661653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.662351] ================================================================== [ 25.547223] ================================================================== [ 25.547914] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 25.547914] [ 25.548521] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#99): [ 25.549146] test_out_of_bounds_write+0x10e/0x260 [ 25.549476] kunit_try_run_case+0x1a6/0x480 [ 25.549809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.550337] kthread+0x324/0x6e0 [ 25.550750] ret_from_fork+0x41/0x80 [ 25.551045] ret_from_fork_asm+0x1a/0x30 [ 25.551441] [ 25.551598] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.551598] [ 25.552400] allocated by task 299 on cpu 0 at 25.547017s (0.005377s ago): [ 25.552786] test_alloc+0x365/0x10f0 [ 25.553053] test_out_of_bounds_write+0xd5/0x260 [ 25.553476] kunit_try_run_case+0x1a6/0x480 [ 25.553998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.554534] kthread+0x324/0x6e0 [ 25.554917] ret_from_fork+0x41/0x80 [ 25.555196] ret_from_fork_asm+0x1a/0x30 [ 25.555452] [ 25.555697] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 25.556890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.557242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.557770] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 24.195504] ================================================================== [ 24.196217] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 24.196217] [ 24.196920] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#86): [ 24.197596] test_out_of_bounds_read+0x127/0x4e0 [ 24.198300] kunit_try_run_case+0x1a6/0x480 [ 24.198663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.199120] kthread+0x324/0x6e0 [ 24.199468] ret_from_fork+0x41/0x80 [ 24.199875] ret_from_fork_asm+0x1a/0x30 [ 24.200319] [ 24.200520] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.200520] [ 24.200971] allocated by task 295 on cpu 1 at 24.195102s (0.005864s ago): [ 24.201651] test_alloc+0x365/0x10f0 [ 24.202211] test_out_of_bounds_read+0xee/0x4e0 [ 24.202737] kunit_try_run_case+0x1a6/0x480 [ 24.203122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.203494] kthread+0x324/0x6e0 [ 24.203880] ret_from_fork+0x41/0x80 [ 24.204222] ret_from_fork_asm+0x1a/0x30 [ 24.204710] [ 24.205008] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.205833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.206286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.206967] ================================================================== [ 24.299411] ================================================================== [ 24.300083] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 24.300083] [ 24.301084] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#87): [ 24.301644] test_out_of_bounds_read+0x217/0x4e0 [ 24.302212] kunit_try_run_case+0x1a6/0x480 [ 24.302574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.303154] kthread+0x324/0x6e0 [ 24.303525] ret_from_fork+0x41/0x80 [ 24.303927] ret_from_fork_asm+0x1a/0x30 [ 24.304456] [ 24.304752] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.304752] [ 24.305523] allocated by task 295 on cpu 1 at 24.299065s (0.006452s ago): [ 24.306025] test_alloc+0x365/0x10f0 [ 24.306491] test_out_of_bounds_read+0x1e3/0x4e0 [ 24.307013] kunit_try_run_case+0x1a6/0x480 [ 24.307514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.307833] kthread+0x324/0x6e0 [ 24.308269] ret_from_fork+0x41/0x80 [ 24.308696] ret_from_fork_asm+0x1a/0x30 [ 24.309124] [ 24.309379] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.309944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.310270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.311095] ================================================================== [ 24.923112] ================================================================== [ 24.923716] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 24.923716] [ 24.924445] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#93): [ 24.924930] test_out_of_bounds_read+0x217/0x4e0 [ 24.925600] kunit_try_run_case+0x1a6/0x480 [ 24.925961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.926443] kthread+0x324/0x6e0 [ 24.927010] ret_from_fork+0x41/0x80 [ 24.927354] ret_from_fork_asm+0x1a/0x30 [ 24.927665] [ 24.927836] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.927836] [ 24.928698] allocated by task 297 on cpu 0 at 24.923021s (0.005671s ago): [ 24.929263] test_alloc+0x2a7/0x10f0 [ 24.929584] test_out_of_bounds_read+0x1e3/0x4e0 [ 24.929999] kunit_try_run_case+0x1a6/0x480 [ 24.930456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.930947] kthread+0x324/0x6e0 [ 24.931323] ret_from_fork+0x41/0x80 [ 24.931828] ret_from_fork_asm+0x1a/0x30 [ 24.932204] [ 24.932411] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.933177] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.933610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.934170] ================================================================== [ 24.403137] ================================================================== [ 24.403747] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 24.403747] [ 24.404521] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#88): [ 24.404893] test_out_of_bounds_read+0x127/0x4e0 [ 24.405989] kunit_try_run_case+0x1a6/0x480 [ 24.406627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.407206] kthread+0x324/0x6e0 [ 24.407781] ret_from_fork+0x41/0x80 [ 24.408247] ret_from_fork_asm+0x1a/0x30 [ 24.408754] [ 24.409109] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.409109] [ 24.409935] allocated by task 297 on cpu 0 at 24.403041s (0.006888s ago): [ 24.411117] test_alloc+0x2a7/0x10f0 [ 24.411441] test_out_of_bounds_read+0xee/0x4e0 [ 24.411956] kunit_try_run_case+0x1a6/0x480 [ 24.412436] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.412870] kthread+0x324/0x6e0 [ 24.413227] ret_from_fork+0x41/0x80 [ 24.413552] ret_from_fork_asm+0x1a/0x30 [ 24.413864] [ 24.414058] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 24.414909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.415343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.416152] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-kmalloc_uaf2
[ 18.029367] ================================================================== [ 18.030299] BUG: KFENCE: use-after-free read in kmalloc_uaf2+0x233/0x520 [ 18.030299] [ 18.031205] Use-after-free read at 0x(____ptrval____) (in kfence-#59): [ 18.032914] kmalloc_uaf2+0x233/0x520 [ 18.033418] kunit_try_run_case+0x1a6/0x480 [ 18.033665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.034836] kthread+0x324/0x6e0 [ 18.035131] ret_from_fork+0x41/0x80 [ 18.035834] ret_from_fork_asm+0x1a/0x30 [ 18.036220] [ 18.037164] kfence-#59: 0x(____ptrval____)-0x(____ptrval____), size=43, cache=kmalloc-64 [ 18.037164] [ 18.038355] allocated by task 196 on cpu 0 at 18.027299s (0.010955s ago): [ 18.040005] kmalloc_uaf2+0xc7/0x520 [ 18.040383] kunit_try_run_case+0x1a6/0x480 [ 18.041029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.041415] kthread+0x324/0x6e0 [ 18.041722] ret_from_fork+0x41/0x80 [ 18.042010] ret_from_fork_asm+0x1a/0x30 [ 18.042533] [ 18.042960] freed by task 196 on cpu 0 at 18.027412s (0.015360s ago): [ 18.044040] kmalloc_uaf2+0x14d/0x520 [ 18.044174] kunit_try_run_case+0x1a6/0x480 [ 18.044317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.044592] kthread+0x324/0x6e0 [ 18.045579] ret_from_fork+0x41/0x80 [ 18.045994] ret_from_fork_asm+0x1a/0x30 [ 18.046308] [ 18.046631] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.047392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.047630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.048651] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 23.912051] ================================================================== [ 23.912510] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 23.912914] Write of size 121 at addr ffff888102c74500 by task kunit_try_catch/293 [ 23.913273] [ 23.913445] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.913576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.913611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.913661] Call Trace: [ 23.913708] <TASK> [ 23.913752] dump_stack_lvl+0x73/0xb0 [ 23.913827] print_report+0xd1/0x650 [ 23.913901] ? __virt_addr_valid+0x1db/0x2d0 [ 23.913962] ? strncpy_from_user+0x2e/0x1d0 [ 23.914021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.914094] ? strncpy_from_user+0x2e/0x1d0 [ 23.914153] kasan_report+0x140/0x180 [ 23.914217] ? strncpy_from_user+0x2e/0x1d0 [ 23.914288] kasan_check_range+0x10c/0x1c0 [ 23.914353] __kasan_check_write+0x18/0x20 [ 23.914417] strncpy_from_user+0x2e/0x1d0 [ 23.914474] ? __kasan_check_read+0x15/0x20 [ 23.914543] copy_user_test_oob+0x761/0x10f0 [ 23.914615] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.914677] ? finish_task_switch.isra.0+0x153/0x700 [ 23.914742] ? __switch_to+0x5d9/0xf60 [ 23.914813] ? __schedule+0xce8/0x2840 [ 23.914889] ? __pfx_read_tsc+0x10/0x10 [ 23.914950] ? ktime_get_ts64+0x86/0x230 [ 23.915016] kunit_try_run_case+0x1a6/0x480 [ 23.915085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.915146] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.915210] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.915277] ? __kthread_parkme+0x82/0x160 [ 23.915340] ? preempt_count_sub+0x50/0x80 [ 23.915410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.915475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.915547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.915620] kthread+0x324/0x6e0 [ 23.915690] ? trace_preempt_on+0x20/0xc0 [ 23.915759] ? __pfx_kthread+0x10/0x10 [ 23.915823] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.915903] ? calculate_sigpending+0x7b/0xa0 [ 23.915960] ? __pfx_kthread+0x10/0x10 [ 23.916024] ret_from_fork+0x41/0x80 [ 23.916079] ? __pfx_kthread+0x10/0x10 [ 23.916140] ret_from_fork_asm+0x1a/0x30 [ 23.916227] </TASK> [ 23.916261] [ 23.932522] Allocated by task 293: [ 23.932833] kasan_save_stack+0x45/0x70 [ 23.933315] kasan_save_track+0x18/0x40 [ 23.933874] kasan_save_alloc_info+0x3b/0x50 [ 23.934326] __kasan_kmalloc+0xb7/0xc0 [ 23.934721] __kmalloc_noprof+0x1ca/0x500 [ 23.935142] kunit_kmalloc_array+0x25/0x60 [ 23.935606] copy_user_test_oob+0xac/0x10f0 [ 23.935940] kunit_try_run_case+0x1a6/0x480 [ 23.936245] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.936618] kthread+0x324/0x6e0 [ 23.936888] ret_from_fork+0x41/0x80 [ 23.937204] ret_from_fork_asm+0x1a/0x30 [ 23.937725] [ 23.937890] The buggy address belongs to the object at ffff888102c74500 [ 23.937890] which belongs to the cache kmalloc-128 of size 128 [ 23.938548] The buggy address is located 0 bytes inside of [ 23.938548] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.939275] [ 23.939436] The buggy address belongs to the physical page: [ 23.939718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.940374] flags: 0x200000000000000(node=0|zone=2) [ 23.940988] page_type: f5(slab) [ 23.941348] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.942005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.942883] page dumped because: kasan: bad access detected [ 23.943381] [ 23.943576] Memory state around the buggy address: [ 23.943874] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.944222] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.944861] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.945621] ^ [ 23.946051] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.946449] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.947146] ================================================================== [ 23.948883] ================================================================== [ 23.949609] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 23.950598] Write of size 1 at addr ffff888102c74578 by task kunit_try_catch/293 [ 23.951262] [ 23.952446] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 23.952575] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.952612] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.952669] Call Trace: [ 23.952727] <TASK> [ 23.952779] dump_stack_lvl+0x73/0xb0 [ 23.952905] print_report+0xd1/0x650 [ 23.952973] ? __virt_addr_valid+0x1db/0x2d0 [ 23.953038] ? strncpy_from_user+0x1a5/0x1d0 [ 23.953098] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.953171] ? strncpy_from_user+0x1a5/0x1d0 [ 23.953229] kasan_report+0x140/0x180 [ 23.953305] ? strncpy_from_user+0x1a5/0x1d0 [ 23.953378] __asan_report_store1_noabort+0x1b/0x30 [ 23.953447] strncpy_from_user+0x1a5/0x1d0 [ 23.953513] copy_user_test_oob+0x761/0x10f0 [ 23.953584] ? __pfx_copy_user_test_oob+0x10/0x10 [ 23.953647] ? finish_task_switch.isra.0+0x153/0x700 [ 23.953712] ? __switch_to+0x5d9/0xf60 [ 23.953782] ? __schedule+0xce8/0x2840 [ 23.954217] ? __pfx_read_tsc+0x10/0x10 [ 23.954364] ? ktime_get_ts64+0x86/0x230 [ 23.954454] kunit_try_run_case+0x1a6/0x480 [ 23.954527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.954608] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 23.954689] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.954753] ? __kthread_parkme+0x82/0x160 [ 23.954835] ? preempt_count_sub+0x50/0x80 [ 23.954916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.954969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.955028] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.955091] kthread+0x324/0x6e0 [ 23.955151] ? trace_preempt_on+0x20/0xc0 [ 23.955218] ? __pfx_kthread+0x10/0x10 [ 23.955279] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.955389] ? calculate_sigpending+0x7b/0xa0 [ 23.955452] ? __pfx_kthread+0x10/0x10 [ 23.955517] ret_from_fork+0x41/0x80 [ 23.955573] ? __pfx_kthread+0x10/0x10 [ 23.955635] ret_from_fork_asm+0x1a/0x30 [ 23.955734] </TASK> [ 23.955771] [ 23.970214] Allocated by task 293: [ 23.970671] kasan_save_stack+0x45/0x70 [ 23.971119] kasan_save_track+0x18/0x40 [ 23.971366] kasan_save_alloc_info+0x3b/0x50 [ 23.971611] __kasan_kmalloc+0xb7/0xc0 [ 23.972587] __kmalloc_noprof+0x1ca/0x500 [ 23.973574] kunit_kmalloc_array+0x25/0x60 [ 23.974000] copy_user_test_oob+0xac/0x10f0 [ 23.974363] kunit_try_run_case+0x1a6/0x480 [ 23.974910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.975249] kthread+0x324/0x6e0 [ 23.975622] ret_from_fork+0x41/0x80 [ 23.975914] ret_from_fork_asm+0x1a/0x30 [ 23.976356] [ 23.976561] The buggy address belongs to the object at ffff888102c74500 [ 23.976561] which belongs to the cache kmalloc-128 of size 128 [ 23.977459] The buggy address is located 0 bytes to the right of [ 23.977459] allocated 120-byte region [ffff888102c74500, ffff888102c74578) [ 23.978624] [ 23.978719] The buggy address belongs to the physical page: [ 23.978882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 23.979737] flags: 0x200000000000000(node=0|zone=2) [ 23.980701] page_type: f5(slab) [ 23.980936] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 23.981601] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 23.982194] page dumped because: kasan: bad access detected [ 23.982517] [ 23.982663] Memory state around the buggy address: [ 23.982829] ffff888102c74400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 23.983815] ffff888102c74480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.984276] >ffff888102c74500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 23.984696] ^ [ 23.985112] ffff888102c74580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.986093] ffff888102c74600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.986943] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.102842] ================================================================== [ 20.103421] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x32b/0x390 [ 20.104138] Read of size 1 at addr ffff888102d0fc4a by task kunit_try_catch/261 [ 20.105529] [ 20.105704] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.105764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.105781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.105809] Call Trace: [ 20.105826] <TASK> [ 20.105849] dump_stack_lvl+0x73/0xb0 [ 20.105913] print_report+0xd1/0x650 [ 20.105944] ? __virt_addr_valid+0x1db/0x2d0 [ 20.105976] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.106004] ? kasan_addr_to_slab+0x11/0xa0 [ 20.106030] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.106059] kasan_report+0x140/0x180 [ 20.106087] ? kasan_alloca_oob_right+0x32b/0x390 [ 20.106121] __asan_report_load1_noabort+0x18/0x20 [ 20.106152] kasan_alloca_oob_right+0x32b/0x390 [ 20.106182] ? finish_task_switch.isra.0+0x153/0x700 [ 20.106213] ? __ww_mutex_lock.constprop.0+0x4fe/0x1f20 [ 20.106247] ? trace_hardirqs_on+0x37/0xe0 [ 20.106280] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 20.106326] ? __schedule+0xce8/0x2840 [ 20.106376] ? __pfx_read_tsc+0x10/0x10 [ 20.106434] ? ktime_get_ts64+0x86/0x230 [ 20.106499] kunit_try_run_case+0x1a6/0x480 [ 20.106561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.106613] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.106671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.106725] ? __kthread_parkme+0x82/0x160 [ 20.106783] ? preempt_count_sub+0x50/0x80 [ 20.106839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.106909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.106974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.107032] kthread+0x324/0x6e0 [ 20.107085] ? trace_preempt_on+0x20/0xc0 [ 20.107135] ? __pfx_kthread+0x10/0x10 [ 20.107191] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.107236] ? calculate_sigpending+0x7b/0xa0 [ 20.107288] ? __pfx_kthread+0x10/0x10 [ 20.107334] ret_from_fork+0x41/0x80 [ 20.107378] ? __pfx_kthread+0x10/0x10 [ 20.107425] ret_from_fork_asm+0x1a/0x30 [ 20.107498] </TASK> [ 20.107524] [ 20.124172] The buggy address belongs to stack of task kunit_try_catch/261 [ 20.124751] [ 20.124919] The buggy address belongs to the physical page: [ 20.125252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d0f [ 20.127480] flags: 0x200000000000000(node=0|zone=2) [ 20.127992] raw: 0200000000000000 ffffea00040b43c8 ffffea00040b43c8 0000000000000000 [ 20.128460] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.128903] page dumped because: kasan: bad access detected [ 20.129396] [ 20.129601] Memory state around the buggy address: [ 20.130076] ffff888102d0fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.130985] ffff888102d0fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.131730] >ffff888102d0fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.132400] ^ [ 20.132930] ffff888102d0fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.133568] ffff888102d0fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.134250] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 20.066842] ================================================================== [ 20.067776] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380 [ 20.068328] Read of size 1 at addr ffff888102b87c3f by task kunit_try_catch/259 [ 20.068733] [ 20.068919] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.069028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.069059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.069091] Call Trace: [ 20.069111] <TASK> [ 20.069134] dump_stack_lvl+0x73/0xb0 [ 20.069173] print_report+0xd1/0x650 [ 20.069204] ? __virt_addr_valid+0x1db/0x2d0 [ 20.069256] ? kasan_alloca_oob_left+0x322/0x380 [ 20.069287] ? kasan_addr_to_slab+0x11/0xa0 [ 20.069314] ? kasan_alloca_oob_left+0x322/0x380 [ 20.069342] kasan_report+0x140/0x180 [ 20.069371] ? kasan_alloca_oob_left+0x322/0x380 [ 20.069405] __asan_report_load1_noabort+0x18/0x20 [ 20.069434] kasan_alloca_oob_left+0x322/0x380 [ 20.069463] ? finish_task_switch.isra.0+0x153/0x700 [ 20.069493] ? __ww_mutex_lock.constprop.0+0x4fe/0x1f20 [ 20.069527] ? trace_hardirqs_on+0x37/0xe0 [ 20.069559] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 20.069589] ? __schedule+0xce8/0x2840 [ 20.069618] ? __pfx_read_tsc+0x10/0x10 [ 20.069645] ? ktime_get_ts64+0x86/0x230 [ 20.069677] kunit_try_run_case+0x1a6/0x480 [ 20.069707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.069736] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.069764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.069793] ? __kthread_parkme+0x82/0x160 [ 20.069821] ? preempt_count_sub+0x50/0x80 [ 20.069850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.070223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.070293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.070357] kthread+0x324/0x6e0 [ 20.070416] ? trace_preempt_on+0x20/0xc0 [ 20.070473] ? __pfx_kthread+0x10/0x10 [ 20.070532] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.070590] ? calculate_sigpending+0x7b/0xa0 [ 20.070652] ? __pfx_kthread+0x10/0x10 [ 20.070705] ret_from_fork+0x41/0x80 [ 20.070750] ? __pfx_kthread+0x10/0x10 [ 20.070783] ret_from_fork_asm+0x1a/0x30 [ 20.070823] </TASK> [ 20.070838] [ 20.086307] The buggy address belongs to stack of task kunit_try_catch/259 [ 20.086873] [ 20.087084] The buggy address belongs to the physical page: [ 20.087475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b87 [ 20.088286] flags: 0x200000000000000(node=0|zone=2) [ 20.088950] raw: 0200000000000000 ffffea00040ae1c8 ffffea00040ae1c8 0000000000000000 [ 20.089622] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.090017] page dumped because: kasan: bad access detected [ 20.090644] [ 20.090868] Memory state around the buggy address: [ 20.091195] ffff888102b87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.092191] ffff888102b87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.092879] >ffff888102b87c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.093342] ^ [ 20.093941] ffff888102b87c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.094368] ffff888102b87d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.095021] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 20.027385] ================================================================== [ 20.028515] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b7/0x300 [ 20.029043] Read of size 1 at addr ffff888102dbfd02 by task kunit_try_catch/257 [ 20.029548] [ 20.029763] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 20.029880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.029918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.029966] Call Trace: [ 20.030011] <TASK> [ 20.030049] dump_stack_lvl+0x73/0xb0 [ 20.030118] print_report+0xd1/0x650 [ 20.030171] ? __virt_addr_valid+0x1db/0x2d0 [ 20.030229] ? kasan_stack_oob+0x2b7/0x300 [ 20.030281] ? kasan_addr_to_slab+0x11/0xa0 [ 20.030331] ? kasan_stack_oob+0x2b7/0x300 [ 20.030385] kasan_report+0x140/0x180 [ 20.030443] ? kasan_stack_oob+0x2b7/0x300 [ 20.030509] __asan_report_load1_noabort+0x18/0x20 [ 20.030573] kasan_stack_oob+0x2b7/0x300 [ 20.030628] ? __pfx_kasan_stack_oob+0x10/0x10 [ 20.030672] ? finish_task_switch.isra.0+0x153/0x700 [ 20.030727] ? __switch_to+0x5d9/0xf60 [ 20.030793] ? __schedule+0xce8/0x2840 [ 20.030850] ? __pfx_read_tsc+0x10/0x10 [ 20.030926] ? ktime_get_ts64+0x86/0x230 [ 20.030985] kunit_try_run_case+0x1a6/0x480 [ 20.031041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.031088] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 20.031139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.031193] ? __kthread_parkme+0x82/0x160 [ 20.031248] ? preempt_count_sub+0x50/0x80 [ 20.031302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.031357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.031424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.031482] kthread+0x324/0x6e0 [ 20.031530] ? trace_preempt_on+0x20/0xc0 [ 20.031589] ? __pfx_kthread+0x10/0x10 [ 20.031631] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.031664] ? calculate_sigpending+0x7b/0xa0 [ 20.031707] ? __pfx_kthread+0x10/0x10 [ 20.031736] ret_from_fork+0x41/0x80 [ 20.031762] ? __pfx_kthread+0x10/0x10 [ 20.031790] ret_from_fork_asm+0x1a/0x30 [ 20.031831] </TASK> [ 20.031848] [ 20.046304] The buggy address belongs to stack of task kunit_try_catch/257 [ 20.047162] and is located at offset 138 in frame: [ 20.047650] kasan_stack_oob+0x0/0x300 [ 20.049135] [ 20.049243] This frame has 4 objects: [ 20.049939] [48, 49) '__assertion' [ 20.050091] [64, 72) 'array' [ 20.050490] [96, 112) '__assertion' [ 20.050767] [128, 138) 'stack_array' [ 20.051053] [ 20.052203] The buggy address belongs to the physical page: [ 20.052527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dbf [ 20.053175] flags: 0x200000000000000(node=0|zone=2) [ 20.053495] raw: 0200000000000000 ffffea00040b6fc8 ffffea00040b6fc8 0000000000000000 [ 20.054072] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.054950] page dumped because: kasan: bad access detected [ 20.056117] [ 20.056594] Memory state around the buggy address: [ 20.057297] ffff888102dbfc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.058018] ffff888102dbfc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 20.058754] >ffff888102dbfd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.059340] ^ [ 20.059678] ffff888102dbfd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 20.060256] ffff888102dbfe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.061085] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.987936] ================================================================== [ 19.988826] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 19.989847] Read of size 1 at addr ffffffffb6619d0d by task kunit_try_catch/253 [ 19.990895] [ 19.991312] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.991573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.991594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.991622] Call Trace: [ 19.991643] <TASK> [ 19.991665] dump_stack_lvl+0x73/0xb0 [ 19.991719] print_report+0xd1/0x650 [ 19.991748] ? __virt_addr_valid+0x1db/0x2d0 [ 19.991779] ? kasan_global_oob_right+0x288/0x2d0 [ 19.991806] ? kasan_addr_to_slab+0x11/0xa0 [ 19.991830] ? kasan_global_oob_right+0x288/0x2d0 [ 19.991878] kasan_report+0x140/0x180 [ 19.991907] ? kasan_global_oob_right+0x288/0x2d0 [ 19.991940] __asan_report_load1_noabort+0x18/0x20 [ 19.991970] kasan_global_oob_right+0x288/0x2d0 [ 19.991997] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 19.992027] ? __schedule+0xce8/0x2840 [ 19.992058] ? __pfx_read_tsc+0x10/0x10 [ 19.992085] ? ktime_get_ts64+0x86/0x230 [ 19.992118] kunit_try_run_case+0x1a6/0x480 [ 19.992147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.992174] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.992202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.992232] ? __kthread_parkme+0x82/0x160 [ 19.992260] ? preempt_count_sub+0x50/0x80 [ 19.992290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.992319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.992350] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.992389] kthread+0x324/0x6e0 [ 19.992428] ? trace_preempt_on+0x20/0xc0 [ 19.992481] ? __pfx_kthread+0x10/0x10 [ 19.992528] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.992559] ? calculate_sigpending+0x7b/0xa0 [ 19.992589] ? __pfx_kthread+0x10/0x10 [ 19.992619] ret_from_fork+0x41/0x80 [ 19.992644] ? __pfx_kthread+0x10/0x10 [ 19.992673] ret_from_fork_asm+0x1a/0x30 [ 19.992713] </TASK> [ 19.992727] [ 20.006966] The buggy address belongs to the variable: [ 20.007603] global_array+0xd/0x40 [ 20.008106] [ 20.008417] The buggy address belongs to the physical page: [ 20.008975] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x46019 [ 20.009899] flags: 0x100000000002000(reserved|node=0|zone=1) [ 20.010480] raw: 0100000000002000 ffffea0001180648 ffffea0001180648 0000000000000000 [ 20.011055] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 20.011877] page dumped because: kasan: bad access detected [ 20.012402] [ 20.012765] Memory state around the buggy address: [ 20.013150] ffffffffb6619c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.013969] ffffffffb6619c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.014443] >ffffffffb6619d00: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 20.015060] ^ [ 20.015793] ffffffffb6619d80: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 20.016244] ffffffffb6619e00: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 20.017125] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.949266] ================================================================== [ 19.950208] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.950954] Free of addr ffff888102d78001 by task kunit_try_catch/251 [ 19.951817] [ 19.952078] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.952141] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.952158] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.952184] Call Trace: [ 19.952202] <TASK> [ 19.952225] dump_stack_lvl+0x73/0xb0 [ 19.952263] print_report+0xd1/0x650 [ 19.952295] ? __virt_addr_valid+0x1db/0x2d0 [ 19.952339] ? kasan_addr_to_slab+0x11/0xa0 [ 19.952366] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.952398] kasan_report_invalid_free+0xfc/0x120 [ 19.952428] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.952462] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.952492] __kasan_mempool_poison_object+0x102/0x1d0 [ 19.952521] mempool_free+0x2ec/0x380 [ 19.952551] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.952582] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 19.952617] ? finish_task_switch.isra.0+0x153/0x700 [ 19.952651] mempool_kmalloc_large_invalid_free+0xee/0x140 [ 19.952681] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 19.952714] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.952738] ? __pfx_mempool_kfree+0x10/0x10 [ 19.952764] ? __pfx_read_tsc+0x10/0x10 [ 19.952791] ? ktime_get_ts64+0x86/0x230 [ 19.952823] kunit_try_run_case+0x1a6/0x480 [ 19.952871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.952921] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.952983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.953038] ? __kthread_parkme+0x82/0x160 [ 19.953071] ? preempt_count_sub+0x50/0x80 [ 19.953104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.953134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.953168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.953225] kthread+0x324/0x6e0 [ 19.953273] ? trace_preempt_on+0x20/0xc0 [ 19.953332] ? __pfx_kthread+0x10/0x10 [ 19.953389] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.953443] ? calculate_sigpending+0x7b/0xa0 [ 19.953498] ? __pfx_kthread+0x10/0x10 [ 19.953556] ret_from_fork+0x41/0x80 [ 19.953609] ? __pfx_kthread+0x10/0x10 [ 19.953643] ret_from_fork_asm+0x1a/0x30 [ 19.953687] </TASK> [ 19.953702] [ 19.971312] The buggy address belongs to the physical page: [ 19.971841] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d78 [ 19.972434] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.972839] flags: 0x200000000000040(head|node=0|zone=2) [ 19.973378] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.973918] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.974568] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.975045] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.975497] head: 0200000000000002 ffffea00040b5e01 ffffffffffffffff 0000000000000000 [ 19.976226] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.977141] page dumped because: kasan: bad access detected [ 19.977869] [ 19.978183] Memory state around the buggy address: [ 19.978657] ffff888102d77f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.979135] ffff888102d77f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.980156] >ffff888102d78000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.980871] ^ [ 19.981204] ffff888102d78080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.981648] ffff888102d78100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.982036] ================================================================== [ 19.900472] ================================================================== [ 19.901387] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.901830] Free of addr ffff88810298a901 by task kunit_try_catch/249 [ 19.902377] [ 19.902561] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.902665] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.902695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.902743] Call Trace: [ 19.902775] <TASK> [ 19.902815] dump_stack_lvl+0x73/0xb0 [ 19.903034] print_report+0xd1/0x650 [ 19.903104] ? __virt_addr_valid+0x1db/0x2d0 [ 19.903165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.903226] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.903287] kasan_report_invalid_free+0xfc/0x120 [ 19.903378] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.903543] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.903622] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.903692] check_slab_allocation+0x11f/0x130 [ 19.903752] __kasan_mempool_poison_object+0x91/0x1d0 [ 19.903808] mempool_free+0x2ec/0x380 [ 19.903885] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 19.903946] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 19.904010] ? finish_task_switch.isra.0+0x153/0x700 [ 19.904072] mempool_kmalloc_invalid_free+0xee/0x140 [ 19.904125] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 19.904189] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.904236] ? __pfx_mempool_kfree+0x10/0x10 [ 19.904266] ? __pfx_read_tsc+0x10/0x10 [ 19.904314] ? ktime_get_ts64+0x86/0x230 [ 19.904357] kunit_try_run_case+0x1a6/0x480 [ 19.904392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.904422] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.904534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.904568] ? __kthread_parkme+0x82/0x160 [ 19.904599] ? preempt_count_sub+0x50/0x80 [ 19.904631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.904661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.904695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.904727] kthread+0x324/0x6e0 [ 19.904755] ? trace_preempt_on+0x20/0xc0 [ 19.904785] ? __pfx_kthread+0x10/0x10 [ 19.904813] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.904841] ? calculate_sigpending+0x7b/0xa0 [ 19.904889] ? __pfx_kthread+0x10/0x10 [ 19.904919] ret_from_fork+0x41/0x80 [ 19.904944] ? __pfx_kthread+0x10/0x10 [ 19.904972] ret_from_fork_asm+0x1a/0x30 [ 19.905014] </TASK> [ 19.905029] [ 19.923174] Allocated by task 249: [ 19.923457] kasan_save_stack+0x45/0x70 [ 19.923897] kasan_save_track+0x18/0x40 [ 19.924550] kasan_save_alloc_info+0x3b/0x50 [ 19.924833] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.925119] remove_element+0x11e/0x190 [ 19.925446] mempool_alloc_preallocated+0x4d/0x90 [ 19.926053] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 19.926593] mempool_kmalloc_invalid_free+0xee/0x140 [ 19.927261] kunit_try_run_case+0x1a6/0x480 [ 19.927907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.928233] kthread+0x324/0x6e0 [ 19.928695] ret_from_fork+0x41/0x80 [ 19.929101] ret_from_fork_asm+0x1a/0x30 [ 19.929886] [ 19.930031] The buggy address belongs to the object at ffff88810298a900 [ 19.930031] which belongs to the cache kmalloc-128 of size 128 [ 19.931505] The buggy address is located 1 bytes inside of [ 19.931505] 128-byte region [ffff88810298a900, ffff88810298a980) [ 19.932376] [ 19.933097] The buggy address belongs to the physical page: [ 19.933514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 19.934036] flags: 0x200000000000000(node=0|zone=2) [ 19.934426] page_type: f5(slab) [ 19.934650] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.935908] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.936633] page dumped because: kasan: bad access detected [ 19.937248] [ 19.937688] Memory state around the buggy address: [ 19.938003] ffff88810298a800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.939371] ffff88810298a880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.939915] >ffff88810298a900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.940565] ^ [ 19.940924] ffff88810298a980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.941876] ffff88810298aa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.942430] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.824630] ================================================================== [ 19.825441] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 19.826702] Free of addr ffff888102cbc000 by task kunit_try_catch/245 [ 19.827037] [ 19.827237] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.827345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.827379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.827433] Call Trace: [ 19.827464] <TASK> [ 19.827505] dump_stack_lvl+0x73/0xb0 [ 19.827582] print_report+0xd1/0x650 [ 19.827634] ? __virt_addr_valid+0x1db/0x2d0 [ 19.827672] ? kasan_addr_to_slab+0x11/0xa0 [ 19.827711] ? mempool_double_free_helper+0x185/0x370 [ 19.827743] kasan_report_invalid_free+0xfc/0x120 [ 19.827780] ? mempool_double_free_helper+0x185/0x370 [ 19.827833] ? mempool_double_free_helper+0x185/0x370 [ 19.827881] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 19.827914] mempool_free+0x2ec/0x380 [ 19.827947] mempool_double_free_helper+0x185/0x370 [ 19.827979] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.828015] ? finish_task_switch.isra.0+0x153/0x700 [ 19.828051] mempool_kmalloc_large_double_free+0xee/0x140 [ 19.828081] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 19.828116] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.828141] ? __pfx_mempool_kfree+0x10/0x10 [ 19.828168] ? __pfx_read_tsc+0x10/0x10 [ 19.828197] ? ktime_get_ts64+0x86/0x230 [ 19.828231] kunit_try_run_case+0x1a6/0x480 [ 19.828263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.828290] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.828372] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.828436] ? __kthread_parkme+0x82/0x160 [ 19.828497] ? preempt_count_sub+0x50/0x80 [ 19.828563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.828615] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.828685] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.828755] kthread+0x324/0x6e0 [ 19.828813] ? trace_preempt_on+0x20/0xc0 [ 19.828896] ? __pfx_kthread+0x10/0x10 [ 19.828950] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.829005] ? calculate_sigpending+0x7b/0xa0 [ 19.829044] ? __pfx_kthread+0x10/0x10 [ 19.829075] ret_from_fork+0x41/0x80 [ 19.829103] ? __pfx_kthread+0x10/0x10 [ 19.829132] ret_from_fork_asm+0x1a/0x30 [ 19.829173] </TASK> [ 19.829189] [ 19.847869] The buggy address belongs to the physical page: [ 19.848563] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbc [ 19.849302] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.849956] flags: 0x200000000000040(head|node=0|zone=2) [ 19.850624] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.851519] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.852329] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.853154] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.853920] head: 0200000000000002 ffffea00040b2f01 ffffffffffffffff 0000000000000000 [ 19.854915] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.855454] page dumped because: kasan: bad access detected [ 19.855964] [ 19.856173] Memory state around the buggy address: [ 19.856520] ffff888102cbbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.857464] ffff888102cbbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.858132] >ffff888102cbc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.858994] ^ [ 19.859387] ffff888102cbc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.859997] ffff888102cbc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.860457] ================================================================== [ 19.768174] ================================================================== [ 19.769001] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 19.769743] Free of addr ffff88810298a500 by task kunit_try_catch/243 [ 19.770393] [ 19.770735] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.770842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.770895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.770948] Call Trace: [ 19.770978] <TASK> [ 19.771019] dump_stack_lvl+0x73/0xb0 [ 19.771092] print_report+0xd1/0x650 [ 19.771147] ? __virt_addr_valid+0x1db/0x2d0 [ 19.771210] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.771272] ? mempool_double_free_helper+0x185/0x370 [ 19.771326] kasan_report_invalid_free+0xfc/0x120 [ 19.771382] ? mempool_double_free_helper+0x185/0x370 [ 19.771435] ? mempool_double_free_helper+0x185/0x370 [ 19.771487] ? mempool_double_free_helper+0x185/0x370 [ 19.771537] check_slab_allocation+0x101/0x130 [ 19.771603] __kasan_mempool_poison_object+0x91/0x1d0 [ 19.771680] mempool_free+0x2ec/0x380 [ 19.771760] mempool_double_free_helper+0x185/0x370 [ 19.771819] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.771910] ? finish_task_switch.isra.0+0x153/0x700 [ 19.771979] mempool_kmalloc_double_free+0xee/0x140 [ 19.772015] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 19.772049] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.772074] ? __pfx_mempool_kfree+0x10/0x10 [ 19.772103] ? __pfx_read_tsc+0x10/0x10 [ 19.772132] ? ktime_get_ts64+0x86/0x230 [ 19.772166] kunit_try_run_case+0x1a6/0x480 [ 19.772198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.772226] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.772258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.772288] ? __kthread_parkme+0x82/0x160 [ 19.772333] ? preempt_count_sub+0x50/0x80 [ 19.772365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.772394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.772431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.772487] kthread+0x324/0x6e0 [ 19.772534] ? trace_preempt_on+0x20/0xc0 [ 19.772569] ? __pfx_kthread+0x10/0x10 [ 19.772598] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.772627] ? calculate_sigpending+0x7b/0xa0 [ 19.772656] ? __pfx_kthread+0x10/0x10 [ 19.772684] ret_from_fork+0x41/0x80 [ 19.772709] ? __pfx_kthread+0x10/0x10 [ 19.772737] ret_from_fork_asm+0x1a/0x30 [ 19.772778] </TASK> [ 19.772793] [ 19.790871] Allocated by task 243: [ 19.791774] kasan_save_stack+0x45/0x70 [ 19.792102] kasan_save_track+0x18/0x40 [ 19.792396] kasan_save_alloc_info+0x3b/0x50 [ 19.792821] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.793883] remove_element+0x11e/0x190 [ 19.794334] mempool_alloc_preallocated+0x4d/0x90 [ 19.795325] mempool_double_free_helper+0x8b/0x370 [ 19.795666] mempool_kmalloc_double_free+0xee/0x140 [ 19.796405] kunit_try_run_case+0x1a6/0x480 [ 19.797024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.797776] kthread+0x324/0x6e0 [ 19.798307] ret_from_fork+0x41/0x80 [ 19.798895] ret_from_fork_asm+0x1a/0x30 [ 19.799367] [ 19.799801] Freed by task 243: [ 19.800030] kasan_save_stack+0x45/0x70 [ 19.800425] kasan_save_track+0x18/0x40 [ 19.800747] kasan_save_free_info+0x3f/0x60 [ 19.801751] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.802107] mempool_free+0x2ec/0x380 [ 19.802971] mempool_double_free_helper+0x10a/0x370 [ 19.803224] mempool_kmalloc_double_free+0xee/0x140 [ 19.804038] kunit_try_run_case+0x1a6/0x480 [ 19.805008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.805392] kthread+0x324/0x6e0 [ 19.805937] ret_from_fork+0x41/0x80 [ 19.806192] ret_from_fork_asm+0x1a/0x30 [ 19.807055] [ 19.807224] The buggy address belongs to the object at ffff88810298a500 [ 19.807224] which belongs to the cache kmalloc-128 of size 128 [ 19.808562] The buggy address is located 0 bytes inside of [ 19.808562] 128-byte region [ffff88810298a500, ffff88810298a580) [ 19.809607] [ 19.809938] The buggy address belongs to the physical page: [ 19.810398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 19.811203] flags: 0x200000000000000(node=0|zone=2) [ 19.811742] page_type: f5(slab) [ 19.812214] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.813181] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.813939] page dumped because: kasan: bad access detected [ 19.814618] [ 19.815006] Memory state around the buggy address: [ 19.815590] ffff88810298a400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.816119] ffff88810298a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.816302] >ffff88810298a500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.816603] ^ [ 19.816969] ffff88810298a580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.817587] ffff88810298a600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.818291] ================================================================== [ 19.865293] ================================================================== [ 19.866203] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 19.866841] Free of addr ffff888102d78000 by task kunit_try_catch/247 [ 19.867182] [ 19.867437] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.867546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.867576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.867622] Call Trace: [ 19.867654] <TASK> [ 19.867698] dump_stack_lvl+0x73/0xb0 [ 19.867770] print_report+0xd1/0x650 [ 19.867822] ? __virt_addr_valid+0x1db/0x2d0 [ 19.867899] ? kasan_addr_to_slab+0x11/0xa0 [ 19.867948] ? mempool_double_free_helper+0x185/0x370 [ 19.868001] kasan_report_invalid_free+0xfc/0x120 [ 19.868061] ? mempool_double_free_helper+0x185/0x370 [ 19.868126] ? mempool_double_free_helper+0x185/0x370 [ 19.868178] __kasan_mempool_poison_pages+0x115/0x130 [ 19.868213] mempool_free+0x290/0x380 [ 19.868247] mempool_double_free_helper+0x185/0x370 [ 19.868277] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.868322] ? finish_task_switch.isra.0+0x153/0x700 [ 19.868381] mempool_page_alloc_double_free+0xe9/0x140 [ 19.868444] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 19.868508] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 19.868562] ? __pfx_mempool_free_pages+0x10/0x10 [ 19.868617] ? __pfx_read_tsc+0x10/0x10 [ 19.868669] ? ktime_get_ts64+0x86/0x230 [ 19.868726] kunit_try_run_case+0x1a6/0x480 [ 19.868787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.868845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.868926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.868978] ? __kthread_parkme+0x82/0x160 [ 19.869011] ? preempt_count_sub+0x50/0x80 [ 19.869043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.869073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.869107] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.869140] kthread+0x324/0x6e0 [ 19.869168] ? trace_preempt_on+0x20/0xc0 [ 19.869199] ? __pfx_kthread+0x10/0x10 [ 19.869227] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.869255] ? calculate_sigpending+0x7b/0xa0 [ 19.869283] ? __pfx_kthread+0x10/0x10 [ 19.869325] ret_from_fork+0x41/0x80 [ 19.869371] ? __pfx_kthread+0x10/0x10 [ 19.869418] ret_from_fork_asm+0x1a/0x30 [ 19.869490] </TASK> [ 19.869513] [ 19.882755] The buggy address belongs to the physical page: [ 19.883604] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d78 [ 19.884304] flags: 0x200000000000000(node=0|zone=2) [ 19.884911] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.885266] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.885963] page dumped because: kasan: bad access detected [ 19.886512] [ 19.886655] Memory state around the buggy address: [ 19.886923] ffff888102d77f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.887470] ffff888102d77f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.888258] >ffff888102d78000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.889207] ^ [ 19.889433] ffff888102d78080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.889773] ffff888102d78100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.890467] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.634986] ================================================================== [ 19.636094] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.637264] Read of size 1 at addr ffff888102cb8000 by task kunit_try_catch/237 [ 19.637959] [ 19.638217] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.638328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.638359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.638413] Call Trace: [ 19.638455] <TASK> [ 19.638494] dump_stack_lvl+0x73/0xb0 [ 19.638580] print_report+0xd1/0x650 [ 19.638635] ? __virt_addr_valid+0x1db/0x2d0 [ 19.638690] ? mempool_uaf_helper+0x394/0x400 [ 19.638741] ? kasan_addr_to_slab+0x11/0xa0 [ 19.638786] ? mempool_uaf_helper+0x394/0x400 [ 19.638832] kasan_report+0x140/0x180 [ 19.638906] ? mempool_uaf_helper+0x394/0x400 [ 19.638971] __asan_report_load1_noabort+0x18/0x20 [ 19.639034] mempool_uaf_helper+0x394/0x400 [ 19.639095] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.639156] ? irqentry_exit+0x2a/0x60 [ 19.639212] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.639286] mempool_kmalloc_large_uaf+0xf0/0x140 [ 19.639352] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.639418] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.639454] ? __pfx_mempool_kfree+0x10/0x10 [ 19.639481] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.639516] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.639550] kunit_try_run_case+0x1a6/0x480 [ 19.639583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.639612] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.639643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.639673] ? __kthread_parkme+0x82/0x160 [ 19.639717] ? preempt_count_sub+0x50/0x80 [ 19.639749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.639779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.639813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.639845] kthread+0x324/0x6e0 [ 19.639894] ? trace_preempt_on+0x20/0xc0 [ 19.639926] ? __pfx_kthread+0x10/0x10 [ 19.639954] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.639983] ? calculate_sigpending+0x7b/0xa0 [ 19.640011] ? __pfx_kthread+0x10/0x10 [ 19.640039] ret_from_fork+0x41/0x80 [ 19.640065] ? __pfx_kthread+0x10/0x10 [ 19.640092] ret_from_fork_asm+0x1a/0x30 [ 19.640134] </TASK> [ 19.640148] [ 19.652031] The buggy address belongs to the physical page: [ 19.652617] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb8 [ 19.653379] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.654036] flags: 0x200000000000040(head|node=0|zone=2) [ 19.654602] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.655154] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.655559] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.656211] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.656907] head: 0200000000000002 ffffea00040b2e01 ffffffffffffffff 0000000000000000 [ 19.657628] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.658213] page dumped because: kasan: bad access detected [ 19.658493] [ 19.658687] Memory state around the buggy address: [ 19.659157] ffff888102cb7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.659706] ffff888102cb7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.660159] >ffff888102cb8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.660704] ^ [ 19.660948] ffff888102cb8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.661289] ffff888102cb8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.661649] ================================================================== [ 19.728929] ================================================================== [ 19.729564] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.730620] Read of size 1 at addr ffff888102cbc000 by task kunit_try_catch/241 [ 19.732219] [ 19.732408] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.732716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.732749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.732798] Call Trace: [ 19.732836] <TASK> [ 19.732893] dump_stack_lvl+0x73/0xb0 [ 19.732992] print_report+0xd1/0x650 [ 19.733050] ? __virt_addr_valid+0x1db/0x2d0 [ 19.733107] ? mempool_uaf_helper+0x394/0x400 [ 19.733167] ? kasan_addr_to_slab+0x11/0xa0 [ 19.733218] ? mempool_uaf_helper+0x394/0x400 [ 19.733271] kasan_report+0x140/0x180 [ 19.733327] ? mempool_uaf_helper+0x394/0x400 [ 19.733369] __asan_report_load1_noabort+0x18/0x20 [ 19.733403] mempool_uaf_helper+0x394/0x400 [ 19.733444] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.733502] ? finish_task_switch.isra.0+0x153/0x700 [ 19.733563] mempool_page_alloc_uaf+0xee/0x140 [ 19.733600] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 19.733636] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 19.733666] ? __pfx_mempool_free_pages+0x10/0x10 [ 19.733696] ? __pfx_read_tsc+0x10/0x10 [ 19.733726] ? ktime_get_ts64+0x86/0x230 [ 19.733761] kunit_try_run_case+0x1a6/0x480 [ 19.733795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.733824] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.733881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.733916] ? __kthread_parkme+0x82/0x160 [ 19.733948] ? preempt_count_sub+0x50/0x80 [ 19.733979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.734010] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.734044] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.734077] kthread+0x324/0x6e0 [ 19.734106] ? trace_preempt_on+0x20/0xc0 [ 19.734138] ? __pfx_kthread+0x10/0x10 [ 19.734167] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.734197] ? calculate_sigpending+0x7b/0xa0 [ 19.734227] ? __pfx_kthread+0x10/0x10 [ 19.734257] ret_from_fork+0x41/0x80 [ 19.734282] ? __pfx_kthread+0x10/0x10 [ 19.734325] ret_from_fork_asm+0x1a/0x30 [ 19.734371] </TASK> [ 19.734388] [ 19.751841] The buggy address belongs to the physical page: [ 19.752395] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cbc [ 19.753470] flags: 0x200000000000000(node=0|zone=2) [ 19.753813] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.754144] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.754852] page dumped because: kasan: bad access detected [ 19.755739] [ 19.756022] Memory state around the buggy address: [ 19.756900] ffff888102cbbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.757395] ffff888102cbbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.758025] >ffff888102cbc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.758527] ^ [ 19.758882] ffff888102cbc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.760084] ffff888102cbc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.760738] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.671402] ================================================================== [ 19.672085] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.672814] Read of size 1 at addr ffff888102990240 by task kunit_try_catch/239 [ 19.673623] [ 19.673894] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.673998] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.674030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.674080] Call Trace: [ 19.674110] <TASK> [ 19.674155] dump_stack_lvl+0x73/0xb0 [ 19.674267] print_report+0xd1/0x650 [ 19.674383] ? __virt_addr_valid+0x1db/0x2d0 [ 19.674477] ? mempool_uaf_helper+0x394/0x400 [ 19.674533] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.674585] ? mempool_uaf_helper+0x394/0x400 [ 19.674624] kasan_report+0x140/0x180 [ 19.674669] ? mempool_uaf_helper+0x394/0x400 [ 19.674719] __asan_report_load1_noabort+0x18/0x20 [ 19.674767] mempool_uaf_helper+0x394/0x400 [ 19.674808] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.674877] ? finish_task_switch.isra.0+0x153/0x700 [ 19.674933] mempool_slab_uaf+0xeb/0x140 [ 19.674981] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 19.675034] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.675083] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.675138] ? __pfx_read_tsc+0x10/0x10 [ 19.675196] ? ktime_get_ts64+0x86/0x230 [ 19.675262] kunit_try_run_case+0x1a6/0x480 [ 19.675364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.675420] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.675560] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.675619] ? __kthread_parkme+0x82/0x160 [ 19.675675] ? preempt_count_sub+0x50/0x80 [ 19.675744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.675793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.675847] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.675919] kthread+0x324/0x6e0 [ 19.675965] ? trace_preempt_on+0x20/0xc0 [ 19.676026] ? __pfx_kthread+0x10/0x10 [ 19.676084] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.676144] ? calculate_sigpending+0x7b/0xa0 [ 19.676201] ? __pfx_kthread+0x10/0x10 [ 19.676235] ret_from_fork+0x41/0x80 [ 19.676263] ? __pfx_kthread+0x10/0x10 [ 19.676292] ret_from_fork_asm+0x1a/0x30 [ 19.676361] </TASK> [ 19.676378] [ 19.692801] Allocated by task 239: [ 19.693174] kasan_save_stack+0x45/0x70 [ 19.693705] kasan_save_track+0x18/0x40 [ 19.694183] kasan_save_alloc_info+0x3b/0x50 [ 19.694678] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 19.695051] remove_element+0x11e/0x190 [ 19.695557] mempool_alloc_preallocated+0x4d/0x90 [ 19.696110] mempool_uaf_helper+0x97/0x400 [ 19.696642] mempool_slab_uaf+0xeb/0x140 [ 19.697090] kunit_try_run_case+0x1a6/0x480 [ 19.697481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.698063] kthread+0x324/0x6e0 [ 19.698489] ret_from_fork+0x41/0x80 [ 19.698784] ret_from_fork_asm+0x1a/0x30 [ 19.699360] [ 19.699535] Freed by task 239: [ 19.699908] kasan_save_stack+0x45/0x70 [ 19.700402] kasan_save_track+0x18/0x40 [ 19.700839] kasan_save_free_info+0x3f/0x60 [ 19.701393] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.701947] mempool_free+0x2ec/0x380 [ 19.702375] mempool_uaf_helper+0x11b/0x400 [ 19.702975] mempool_slab_uaf+0xeb/0x140 [ 19.703347] kunit_try_run_case+0x1a6/0x480 [ 19.703851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.704496] kthread+0x324/0x6e0 [ 19.704895] ret_from_fork+0x41/0x80 [ 19.705283] ret_from_fork_asm+0x1a/0x30 [ 19.705803] [ 19.706071] The buggy address belongs to the object at ffff888102990240 [ 19.706071] which belongs to the cache test_cache of size 123 [ 19.707320] The buggy address is located 0 bytes inside of [ 19.707320] freed 123-byte region [ffff888102990240, ffff8881029902bb) [ 19.708467] [ 19.708617] The buggy address belongs to the physical page: [ 19.708836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102990 [ 19.709186] flags: 0x200000000000000(node=0|zone=2) [ 19.709778] page_type: f5(slab) [ 19.710191] raw: 0200000000000000 ffff888101da98c0 dead000000000122 0000000000000000 [ 19.710973] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.711766] page dumped because: kasan: bad access detected [ 19.712368] [ 19.712644] Memory state around the buggy address: [ 19.713209] ffff888102990100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.713839] ffff888102990180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.714569] >ffff888102990200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.715239] ^ [ 19.715837] ffff888102990280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.716517] ffff888102990300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.717224] ================================================================== [ 19.578151] ================================================================== [ 19.579330] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 19.579753] Read of size 1 at addr ffff888102c74200 by task kunit_try_catch/235 [ 19.580961] [ 19.581211] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.581319] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.581349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.581396] Call Trace: [ 19.581433] <TASK> [ 19.581500] dump_stack_lvl+0x73/0xb0 [ 19.581612] print_report+0xd1/0x650 [ 19.581675] ? __virt_addr_valid+0x1db/0x2d0 [ 19.581869] ? mempool_uaf_helper+0x394/0x400 [ 19.581958] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.582025] ? mempool_uaf_helper+0x394/0x400 [ 19.582075] kasan_report+0x140/0x180 [ 19.582132] ? mempool_uaf_helper+0x394/0x400 [ 19.582202] __asan_report_load1_noabort+0x18/0x20 [ 19.582267] mempool_uaf_helper+0x394/0x400 [ 19.582323] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.582382] ? irqentry_exit+0x2a/0x60 [ 19.582415] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.582499] mempool_kmalloc_uaf+0xf0/0x140 [ 19.582552] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 19.582587] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.582618] ? __pfx_mempool_kfree+0x10/0x10 [ 19.582644] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 19.582677] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 19.582708] kunit_try_run_case+0x1a6/0x480 [ 19.582739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.582767] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.582801] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.582832] ? __kthread_parkme+0x82/0x160 [ 19.582886] ? preempt_count_sub+0x50/0x80 [ 19.582920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.582950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.582983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.583016] kthread+0x324/0x6e0 [ 19.583043] ? trace_preempt_on+0x20/0xc0 [ 19.583075] ? __pfx_kthread+0x10/0x10 [ 19.583103] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.583133] ? calculate_sigpending+0x7b/0xa0 [ 19.583162] ? __pfx_kthread+0x10/0x10 [ 19.583190] ret_from_fork+0x41/0x80 [ 19.583216] ? __pfx_kthread+0x10/0x10 [ 19.583244] ret_from_fork_asm+0x1a/0x30 [ 19.583285] </TASK> [ 19.583316] [ 19.602693] Allocated by task 235: [ 19.603133] kasan_save_stack+0x45/0x70 [ 19.603699] kasan_save_track+0x18/0x40 [ 19.604187] kasan_save_alloc_info+0x3b/0x50 [ 19.604747] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.605229] remove_element+0x11e/0x190 [ 19.605779] mempool_alloc_preallocated+0x4d/0x90 [ 19.606178] mempool_uaf_helper+0x97/0x400 [ 19.606772] mempool_kmalloc_uaf+0xf0/0x140 [ 19.607226] kunit_try_run_case+0x1a6/0x480 [ 19.608283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.608881] kthread+0x324/0x6e0 [ 19.609325] ret_from_fork+0x41/0x80 [ 19.609924] ret_from_fork_asm+0x1a/0x30 [ 19.610394] [ 19.610542] Freed by task 235: [ 19.610877] kasan_save_stack+0x45/0x70 [ 19.611278] kasan_save_track+0x18/0x40 [ 19.611641] kasan_save_free_info+0x3f/0x60 [ 19.612083] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.612438] mempool_free+0x2ec/0x380 [ 19.613154] mempool_uaf_helper+0x11b/0x400 [ 19.614018] mempool_kmalloc_uaf+0xf0/0x140 [ 19.614353] kunit_try_run_case+0x1a6/0x480 [ 19.614561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.614869] kthread+0x324/0x6e0 [ 19.615083] ret_from_fork+0x41/0x80 [ 19.615452] ret_from_fork_asm+0x1a/0x30 [ 19.615904] [ 19.616160] The buggy address belongs to the object at ffff888102c74200 [ 19.616160] which belongs to the cache kmalloc-128 of size 128 [ 19.617028] The buggy address is located 0 bytes inside of [ 19.617028] freed 128-byte region [ffff888102c74200, ffff888102c74280) [ 19.617903] [ 19.618150] The buggy address belongs to the physical page: [ 19.618814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c74 [ 19.620029] flags: 0x200000000000000(node=0|zone=2) [ 19.620677] page_type: f5(slab) [ 19.621060] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.621398] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.622062] page dumped because: kasan: bad access detected [ 19.622382] [ 19.622584] Memory state around the buggy address: [ 19.623626] ffff888102c74100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.624034] ffff888102c74180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.624834] >ffff888102c74200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.625209] ^ [ 19.626399] ffff888102c74280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.627068] ffff888102c74300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.627697] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.523340] ================================================================== [ 19.524030] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.524911] Read of size 1 at addr ffff88810298d2bb by task kunit_try_catch/233 [ 19.525812] [ 19.526132] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.526263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.526339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.526413] Call Trace: [ 19.526928] <TASK> [ 19.526973] dump_stack_lvl+0x73/0xb0 [ 19.527074] print_report+0xd1/0x650 [ 19.527125] ? __virt_addr_valid+0x1db/0x2d0 [ 19.527180] ? mempool_oob_right_helper+0x31a/0x380 [ 19.527233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.527295] ? mempool_oob_right_helper+0x31a/0x380 [ 19.527348] kasan_report+0x140/0x180 [ 19.527409] ? mempool_oob_right_helper+0x31a/0x380 [ 19.527474] __asan_report_load1_noabort+0x18/0x20 [ 19.527533] mempool_oob_right_helper+0x31a/0x380 [ 19.527586] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.527637] ? finish_task_switch.isra.0+0x153/0x700 [ 19.527676] mempool_slab_oob_right+0xee/0x140 [ 19.527720] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 19.527753] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.527782] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.527810] ? __pfx_read_tsc+0x10/0x10 [ 19.527838] ? ktime_get_ts64+0x86/0x230 [ 19.527894] kunit_try_run_case+0x1a6/0x480 [ 19.527927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.527954] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.527986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.528016] ? __kthread_parkme+0x82/0x160 [ 19.528045] ? preempt_count_sub+0x50/0x80 [ 19.528076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.528103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.528136] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.528167] kthread+0x324/0x6e0 [ 19.528194] ? trace_preempt_on+0x20/0xc0 [ 19.528225] ? __pfx_kthread+0x10/0x10 [ 19.528253] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.528280] ? calculate_sigpending+0x7b/0xa0 [ 19.528319] ? __pfx_kthread+0x10/0x10 [ 19.528352] ret_from_fork+0x41/0x80 [ 19.528378] ? __pfx_kthread+0x10/0x10 [ 19.528405] ret_from_fork_asm+0x1a/0x30 [ 19.528466] </TASK> [ 19.528491] [ 19.547376] Allocated by task 233: [ 19.548121] kasan_save_stack+0x45/0x70 [ 19.548980] kasan_save_track+0x18/0x40 [ 19.549285] kasan_save_alloc_info+0x3b/0x50 [ 19.550092] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 19.550353] remove_element+0x11e/0x190 [ 19.550754] mempool_alloc_preallocated+0x4d/0x90 [ 19.551164] mempool_oob_right_helper+0x8b/0x380 [ 19.552016] mempool_slab_oob_right+0xee/0x140 [ 19.552236] kunit_try_run_case+0x1a6/0x480 [ 19.552602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.552990] kthread+0x324/0x6e0 [ 19.553217] ret_from_fork+0x41/0x80 [ 19.553518] ret_from_fork_asm+0x1a/0x30 [ 19.553813] [ 19.554996] The buggy address belongs to the object at ffff88810298d240 [ 19.554996] which belongs to the cache test_cache of size 123 [ 19.556011] The buggy address is located 0 bytes to the right of [ 19.556011] allocated 123-byte region [ffff88810298d240, ffff88810298d2bb) [ 19.556928] [ 19.557210] The buggy address belongs to the physical page: [ 19.557701] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298d [ 19.558345] flags: 0x200000000000000(node=0|zone=2) [ 19.558836] page_type: f5(slab) [ 19.559222] raw: 0200000000000000 ffff888101da9780 dead000000000122 0000000000000000 [ 19.560347] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.561154] page dumped because: kasan: bad access detected [ 19.561728] [ 19.562067] Memory state around the buggy address: [ 19.562594] ffff88810298d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.563266] ffff88810298d200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.564606] >ffff88810298d280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.565105] ^ [ 19.565594] ffff88810298d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.566297] ffff88810298d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.566847] ================================================================== [ 19.430964] ================================================================== [ 19.431568] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.432556] Read of size 1 at addr ffff88810298a173 by task kunit_try_catch/229 [ 19.433210] [ 19.433496] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.433605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.433636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.433686] Call Trace: [ 19.433721] <TASK> [ 19.433763] dump_stack_lvl+0x73/0xb0 [ 19.433852] print_report+0xd1/0x650 [ 19.434434] ? __virt_addr_valid+0x1db/0x2d0 [ 19.434499] ? mempool_oob_right_helper+0x31a/0x380 [ 19.434548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.434599] ? mempool_oob_right_helper+0x31a/0x380 [ 19.434643] kasan_report+0x140/0x180 [ 19.434688] ? mempool_oob_right_helper+0x31a/0x380 [ 19.434746] __asan_report_load1_noabort+0x18/0x20 [ 19.434799] mempool_oob_right_helper+0x31a/0x380 [ 19.434846] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.434920] ? finish_task_switch.isra.0+0x153/0x700 [ 19.434988] mempool_kmalloc_oob_right+0xf3/0x150 [ 19.435050] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 19.435116] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.435170] ? __pfx_mempool_kfree+0x10/0x10 [ 19.435223] ? __pfx_read_tsc+0x10/0x10 [ 19.435280] ? ktime_get_ts64+0x86/0x230 [ 19.435345] kunit_try_run_case+0x1a6/0x480 [ 19.435405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.435460] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.435521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.435581] ? __kthread_parkme+0x82/0x160 [ 19.435638] ? preempt_count_sub+0x50/0x80 [ 19.435707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.435766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.435829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.435904] kthread+0x324/0x6e0 [ 19.435948] ? trace_preempt_on+0x20/0xc0 [ 19.435999] ? __pfx_kthread+0x10/0x10 [ 19.436050] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.436103] ? calculate_sigpending+0x7b/0xa0 [ 19.436153] ? __pfx_kthread+0x10/0x10 [ 19.436202] ret_from_fork+0x41/0x80 [ 19.436248] ? __pfx_kthread+0x10/0x10 [ 19.436293] ret_from_fork_asm+0x1a/0x30 [ 19.436358] </TASK> [ 19.436381] [ 19.454180] Allocated by task 229: [ 19.454482] kasan_save_stack+0x45/0x70 [ 19.455369] kasan_save_track+0x18/0x40 [ 19.456007] kasan_save_alloc_info+0x3b/0x50 [ 19.456275] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.456828] remove_element+0x11e/0x190 [ 19.457597] mempool_alloc_preallocated+0x4d/0x90 [ 19.458307] mempool_oob_right_helper+0x8b/0x380 [ 19.458678] mempool_kmalloc_oob_right+0xf3/0x150 [ 19.459073] kunit_try_run_case+0x1a6/0x480 [ 19.459442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.459680] kthread+0x324/0x6e0 [ 19.460119] ret_from_fork+0x41/0x80 [ 19.460668] ret_from_fork_asm+0x1a/0x30 [ 19.461732] [ 19.461871] The buggy address belongs to the object at ffff88810298a100 [ 19.461871] which belongs to the cache kmalloc-128 of size 128 [ 19.462169] The buggy address is located 0 bytes to the right of [ 19.462169] allocated 115-byte region [ffff88810298a100, ffff88810298a173) [ 19.462725] [ 19.463030] The buggy address belongs to the physical page: [ 19.463574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10298a [ 19.463994] flags: 0x200000000000000(node=0|zone=2) [ 19.464803] page_type: f5(slab) [ 19.465251] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.466280] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.466834] page dumped because: kasan: bad access detected [ 19.467282] [ 19.467416] Memory state around the buggy address: [ 19.468383] ffff88810298a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.468954] ffff88810298a080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.469483] >ffff88810298a100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.470120] ^ [ 19.470795] ffff88810298a180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.472109] ffff88810298a200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.472566] ================================================================== [ 19.480376] ================================================================== [ 19.481313] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 19.481719] Read of size 1 at addr ffff888102cba001 by task kunit_try_catch/231 [ 19.482054] [ 19.482287] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 19.482390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.482421] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.482465] Call Trace: [ 19.482498] <TASK> [ 19.482541] dump_stack_lvl+0x73/0xb0 [ 19.482629] print_report+0xd1/0x650 [ 19.482689] ? __virt_addr_valid+0x1db/0x2d0 [ 19.482749] ? mempool_oob_right_helper+0x31a/0x380 [ 19.482801] ? kasan_addr_to_slab+0x11/0xa0 [ 19.482845] ? mempool_oob_right_helper+0x31a/0x380 [ 19.483079] kasan_report+0x140/0x180 [ 19.483141] ? mempool_oob_right_helper+0x31a/0x380 [ 19.483214] __asan_report_load1_noabort+0x18/0x20 [ 19.483279] mempool_oob_right_helper+0x31a/0x380 [ 19.483341] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.483411] ? finish_task_switch.isra.0+0x153/0x700 [ 19.483473] mempool_kmalloc_large_oob_right+0xf3/0x150 [ 19.483536] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 19.483597] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.483649] ? __pfx_mempool_kfree+0x10/0x10 [ 19.483724] ? __pfx_read_tsc+0x10/0x10 [ 19.483783] ? ktime_get_ts64+0x86/0x230 [ 19.483848] kunit_try_run_case+0x1a6/0x480 [ 19.484023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.484100] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 19.484172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.484237] ? __kthread_parkme+0x82/0x160 [ 19.484281] ? preempt_count_sub+0x50/0x80 [ 19.484324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.484363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.484398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.484439] kthread+0x324/0x6e0 [ 19.484513] ? trace_preempt_on+0x20/0xc0 [ 19.484561] ? __pfx_kthread+0x10/0x10 [ 19.484592] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.484625] ? calculate_sigpending+0x7b/0xa0 [ 19.484654] ? __pfx_kthread+0x10/0x10 [ 19.484684] ret_from_fork+0x41/0x80 [ 19.484709] ? __pfx_kthread+0x10/0x10 [ 19.484739] ret_from_fork_asm+0x1a/0x30 [ 19.484781] </TASK> [ 19.484797] [ 19.501824] The buggy address belongs to the physical page: [ 19.502407] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb8 [ 19.503135] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.503760] flags: 0x200000000000040(head|node=0|zone=2) [ 19.504409] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.505748] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.506254] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.507033] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.507713] head: 0200000000000002 ffffea00040b2e01 ffffffffffffffff 0000000000000000 [ 19.508360] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 19.509011] page dumped because: kasan: bad access detected [ 19.509563] [ 19.509793] Memory state around the buggy address: [ 19.510053] ffff888102cb9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.511156] ffff888102cb9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.511647] >ffff888102cba000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.512180] ^ [ 19.512502] ffff888102cba080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.513808] ffff888102cba100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.515249] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.824699] ================================================================== [ 18.825464] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 18.826833] Read of size 1 at addr ffff888101da9640 by task kunit_try_catch/223 [ 18.827878] [ 18.828171] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.828531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.828572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.828614] Call Trace: [ 18.828646] <TASK> [ 18.828682] dump_stack_lvl+0x73/0xb0 [ 18.828758] print_report+0xd1/0x650 [ 18.828803] ? __virt_addr_valid+0x1db/0x2d0 [ 18.828847] ? kmem_cache_double_destroy+0x1bd/0x380 [ 18.828915] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.828959] ? kmem_cache_double_destroy+0x1bd/0x380 [ 18.828990] kasan_report+0x140/0x180 [ 18.829019] ? kmem_cache_double_destroy+0x1bd/0x380 [ 18.829052] ? kmem_cache_double_destroy+0x1bd/0x380 [ 18.829082] __kasan_check_byte+0x3d/0x50 [ 18.829108] kmem_cache_destroy+0x25/0x1d0 [ 18.829137] kmem_cache_double_destroy+0x1bd/0x380 [ 18.829489] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 18.829524] ? finish_task_switch.isra.0+0x153/0x700 [ 18.829556] ? __switch_to+0x5d9/0xf60 [ 18.829595] ? __pfx_empty_cache_ctor+0x10/0x10 [ 18.829622] ? __pfx_read_tsc+0x10/0x10 [ 18.829650] ? ktime_get_ts64+0x86/0x230 [ 18.829683] kunit_try_run_case+0x1a6/0x480 [ 18.829717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.829754] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.829809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.829874] ? __kthread_parkme+0x82/0x160 [ 18.829915] ? preempt_count_sub+0x50/0x80 [ 18.829948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.829977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.830012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.830045] kthread+0x324/0x6e0 [ 18.830072] ? trace_preempt_on+0x20/0xc0 [ 18.830104] ? __pfx_kthread+0x10/0x10 [ 18.830133] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.830161] ? calculate_sigpending+0x7b/0xa0 [ 18.830190] ? __pfx_kthread+0x10/0x10 [ 18.830218] ret_from_fork+0x41/0x80 [ 18.830243] ? __pfx_kthread+0x10/0x10 [ 18.830271] ret_from_fork_asm+0x1a/0x30 [ 18.830323] </TASK> [ 18.830342] [ 18.847190] Allocated by task 223: [ 18.847826] kasan_save_stack+0x45/0x70 [ 18.848356] kasan_save_track+0x18/0x40 [ 18.849233] kasan_save_alloc_info+0x3b/0x50 [ 18.849880] __kasan_slab_alloc+0x91/0xa0 [ 18.850236] kmem_cache_alloc_noprof+0x124/0x400 [ 18.850938] __kmem_cache_create_args+0x177/0x250 [ 18.851347] kmem_cache_double_destroy+0xd3/0x380 [ 18.851995] kunit_try_run_case+0x1a6/0x480 [ 18.852353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.853377] kthread+0x324/0x6e0 [ 18.853653] ret_from_fork+0x41/0x80 [ 18.853921] ret_from_fork_asm+0x1a/0x30 [ 18.854185] [ 18.854323] Freed by task 223: [ 18.854543] kasan_save_stack+0x45/0x70 [ 18.855991] kasan_save_track+0x18/0x40 [ 18.856334] kasan_save_free_info+0x3f/0x60 [ 18.856620] __kasan_slab_free+0x56/0x70 [ 18.856899] kmem_cache_free+0x24b/0x420 [ 18.857113] slab_kmem_cache_release+0x2e/0x40 [ 18.858237] kmem_cache_release+0x16/0x20 [ 18.858639] kobject_put+0x181/0x450 [ 18.859175] sysfs_slab_release+0x16/0x20 [ 18.859667] kmem_cache_destroy+0xf0/0x1d0 [ 18.860175] kmem_cache_double_destroy+0x14c/0x380 [ 18.861101] kunit_try_run_case+0x1a6/0x480 [ 18.861693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.862002] kthread+0x324/0x6e0 [ 18.862291] ret_from_fork+0x41/0x80 [ 18.862790] ret_from_fork_asm+0x1a/0x30 [ 18.863119] [ 18.863614] The buggy address belongs to the object at ffff888101da9640 [ 18.863614] which belongs to the cache kmem_cache of size 208 [ 18.865070] The buggy address is located 0 bytes inside of [ 18.865070] freed 208-byte region [ffff888101da9640, ffff888101da9710) [ 18.866208] [ 18.866756] The buggy address belongs to the physical page: [ 18.867231] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101da9 [ 18.867722] flags: 0x200000000000000(node=0|zone=2) [ 18.868576] page_type: f5(slab) [ 18.868809] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 18.869562] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.870197] page dumped because: kasan: bad access detected [ 18.870694] [ 18.870909] Memory state around the buggy address: [ 18.871266] ffff888101da9500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.872282] ffff888101da9580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.873063] >ffff888101da9600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.873641] ^ [ 18.874193] ffff888101da9680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.874898] ffff888101da9700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.875697] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.754817] ================================================================== [ 18.755828] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 18.756576] Read of size 1 at addr ffff888102cae000 by task kunit_try_catch/221 [ 18.757003] [ 18.757189] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.757296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.757328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.757371] Call Trace: [ 18.757406] <TASK> [ 18.757447] dump_stack_lvl+0x73/0xb0 [ 18.757528] print_report+0xd1/0x650 [ 18.757583] ? __virt_addr_valid+0x1db/0x2d0 [ 18.757642] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 18.757698] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.757753] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 18.757798] kasan_report+0x140/0x180 [ 18.757847] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 18.758022] __asan_report_load1_noabort+0x18/0x20 [ 18.758078] kmem_cache_rcu_uaf+0x3e5/0x510 [ 18.758133] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 18.758187] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.758265] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 18.758344] kunit_try_run_case+0x1a6/0x480 [ 18.758410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.758465] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.758527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.758587] ? __kthread_parkme+0x82/0x160 [ 18.758648] ? preempt_count_sub+0x50/0x80 [ 18.758711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.758760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.758816] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.758876] kthread+0x324/0x6e0 [ 18.758909] ? trace_preempt_on+0x20/0xc0 [ 18.758942] ? __pfx_kthread+0x10/0x10 [ 18.758970] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.758998] ? calculate_sigpending+0x7b/0xa0 [ 18.759026] ? __pfx_kthread+0x10/0x10 [ 18.759054] ret_from_fork+0x41/0x80 [ 18.759079] ? __pfx_kthread+0x10/0x10 [ 18.759106] ret_from_fork_asm+0x1a/0x30 [ 18.759147] </TASK> [ 18.759162] [ 18.772978] Allocated by task 221: [ 18.773292] kasan_save_stack+0x45/0x70 [ 18.773564] kasan_save_track+0x18/0x40 [ 18.773965] kasan_save_alloc_info+0x3b/0x50 [ 18.774302] __kasan_slab_alloc+0x91/0xa0 [ 18.774592] kmem_cache_alloc_noprof+0x124/0x400 [ 18.775038] kmem_cache_rcu_uaf+0x156/0x510 [ 18.775339] kunit_try_run_case+0x1a6/0x480 [ 18.776007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.777568] kthread+0x324/0x6e0 [ 18.777964] ret_from_fork+0x41/0x80 [ 18.778227] ret_from_fork_asm+0x1a/0x30 [ 18.778750] [ 18.778923] Freed by task 0: [ 18.779115] kasan_save_stack+0x45/0x70 [ 18.779647] kasan_save_track+0x18/0x40 [ 18.780057] kasan_save_free_info+0x3f/0x60 [ 18.780573] __kasan_slab_free+0x56/0x70 [ 18.780900] slab_free_after_rcu_debug+0xe4/0x310 [ 18.781356] rcu_core+0x680/0x1d70 [ 18.782497] rcu_core_si+0x12/0x20 [ 18.782786] handle_softirqs+0x209/0x730 [ 18.783282] __irq_exit_rcu+0xc9/0x110 [ 18.783842] irq_exit_rcu+0x12/0x20 [ 18.784230] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.784739] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.785209] [ 18.785584] Last potentially related work creation: [ 18.785965] kasan_save_stack+0x45/0x70 [ 18.786356] kasan_record_aux_stack+0xb2/0xc0 [ 18.786631] kmem_cache_free+0x132/0x420 [ 18.787046] kmem_cache_rcu_uaf+0x195/0x510 [ 18.787440] kunit_try_run_case+0x1a6/0x480 [ 18.787710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.788214] kthread+0x324/0x6e0 [ 18.788553] ret_from_fork+0x41/0x80 [ 18.789970] ret_from_fork_asm+0x1a/0x30 [ 18.790188] [ 18.790386] The buggy address belongs to the object at ffff888102cae000 [ 18.790386] which belongs to the cache test_cache of size 200 [ 18.791596] The buggy address is located 0 bytes inside of [ 18.791596] freed 200-byte region [ffff888102cae000, ffff888102cae0c8) [ 18.792407] [ 18.792762] The buggy address belongs to the physical page: [ 18.793143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cae [ 18.794378] flags: 0x200000000000000(node=0|zone=2) [ 18.794810] page_type: f5(slab) [ 18.795346] raw: 0200000000000000 ffff8881003b1280 dead000000000122 0000000000000000 [ 18.795819] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.796412] page dumped because: kasan: bad access detected [ 18.796791] [ 18.797146] Memory state around the buggy address: [ 18.797711] ffff888102cadf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.798219] ffff888102cadf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.798873] >ffff888102cae000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.799276] ^ [ 18.800395] ffff888102cae080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.800775] ffff888102cae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.801222] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.671980] ================================================================== [ 18.672718] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 18.673559] Free of addr ffff888102cad001 by task kunit_try_catch/219 [ 18.674760] [ 18.675189] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.675436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.675467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.675497] Call Trace: [ 18.675520] <TASK> [ 18.675549] dump_stack_lvl+0x73/0xb0 [ 18.675600] print_report+0xd1/0x650 [ 18.675631] ? __virt_addr_valid+0x1db/0x2d0 [ 18.675663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.675709] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.675740] kasan_report_invalid_free+0xfc/0x120 [ 18.675770] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.675802] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.675832] check_slab_allocation+0x11f/0x130 [ 18.675876] __kasan_slab_pre_free+0x28/0x40 [ 18.675906] kmem_cache_free+0xee/0x420 [ 18.675932] ? kmem_cache_alloc_noprof+0x124/0x400 [ 18.675957] ? kmem_cache_invalid_free+0x1d9/0x470 [ 18.675989] kmem_cache_invalid_free+0x1d9/0x470 [ 18.676019] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 18.676047] ? finish_task_switch.isra.0+0x153/0x700 [ 18.676078] ? __switch_to+0x5d9/0xf60 [ 18.676115] ? __pfx_read_tsc+0x10/0x10 [ 18.676143] ? ktime_get_ts64+0x86/0x230 [ 18.676175] kunit_try_run_case+0x1a6/0x480 [ 18.676206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.676232] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.676263] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.676292] ? __kthread_parkme+0x82/0x160 [ 18.676337] ? preempt_count_sub+0x50/0x80 [ 18.676368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.676397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.676430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.676461] kthread+0x324/0x6e0 [ 18.676487] ? trace_preempt_on+0x20/0xc0 [ 18.676518] ? __pfx_kthread+0x10/0x10 [ 18.676545] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.676572] ? calculate_sigpending+0x7b/0xa0 [ 18.676600] ? __pfx_kthread+0x10/0x10 [ 18.676628] ret_from_fork+0x41/0x80 [ 18.676651] ? __pfx_kthread+0x10/0x10 [ 18.676678] ret_from_fork_asm+0x1a/0x30 [ 18.676719] </TASK> [ 18.676733] [ 18.691591] Allocated by task 219: [ 18.692651] kasan_save_stack+0x45/0x70 [ 18.693642] kasan_save_track+0x18/0x40 [ 18.694180] kasan_save_alloc_info+0x3b/0x50 [ 18.694749] __kasan_slab_alloc+0x91/0xa0 [ 18.695299] kmem_cache_alloc_noprof+0x124/0x400 [ 18.695661] kmem_cache_invalid_free+0x158/0x470 [ 18.696154] kunit_try_run_case+0x1a6/0x480 [ 18.696626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.697228] kthread+0x324/0x6e0 [ 18.697872] ret_from_fork+0x41/0x80 [ 18.698185] ret_from_fork_asm+0x1a/0x30 [ 18.698511] [ 18.698948] The buggy address belongs to the object at ffff888102cad000 [ 18.698948] which belongs to the cache test_cache of size 200 [ 18.699674] The buggy address is located 1 bytes inside of [ 18.699674] 200-byte region [ffff888102cad000, ffff888102cad0c8) [ 18.700602] [ 18.700760] The buggy address belongs to the physical page: [ 18.701217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cad [ 18.701954] flags: 0x200000000000000(node=0|zone=2) [ 18.702377] page_type: f5(slab) [ 18.702635] raw: 0200000000000000 ffff8881003b1140 dead000000000122 0000000000000000 [ 18.703164] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.703811] page dumped because: kasan: bad access detected [ 18.704419] [ 18.704563] Memory state around the buggy address: [ 18.705057] ffff888102cacf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.705928] ffff888102cacf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.706246] >ffff888102cad000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.707637] ^ [ 18.707903] ffff888102cad080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.708448] ffff888102cad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.709197] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.612657] ================================================================== [ 18.613156] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 18.613550] Free of addr ffff888102cab000 by task kunit_try_catch/217 [ 18.614103] [ 18.614614] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.614725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.614750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.614791] Call Trace: [ 18.614822] <TASK> [ 18.614882] dump_stack_lvl+0x73/0xb0 [ 18.614968] print_report+0xd1/0x650 [ 18.615015] ? __virt_addr_valid+0x1db/0x2d0 [ 18.615064] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.615121] ? kmem_cache_double_free+0x1e6/0x490 [ 18.615175] kasan_report_invalid_free+0xfc/0x120 [ 18.615229] ? kmem_cache_double_free+0x1e6/0x490 [ 18.615291] ? kmem_cache_double_free+0x1e6/0x490 [ 18.615341] check_slab_allocation+0x101/0x130 [ 18.615385] __kasan_slab_pre_free+0x28/0x40 [ 18.615434] kmem_cache_free+0xee/0x420 [ 18.615484] ? kasan_save_track+0x18/0x40 [ 18.615531] ? kasan_save_track+0x18/0x40 [ 18.615578] ? kasan_save_stack+0x45/0x70 [ 18.615625] ? kmem_cache_double_free+0x1e6/0x490 [ 18.615679] ? __kasan_slab_free+0x61/0x70 [ 18.615742] kmem_cache_double_free+0x1e6/0x490 [ 18.615795] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 18.615844] ? finish_task_switch.isra.0+0x153/0x700 [ 18.615919] ? __switch_to+0x5d9/0xf60 [ 18.615993] ? __pfx_read_tsc+0x10/0x10 [ 18.616047] ? ktime_get_ts64+0x86/0x230 [ 18.616110] kunit_try_run_case+0x1a6/0x480 [ 18.616174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.616230] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.616293] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.616353] ? __kthread_parkme+0x82/0x160 [ 18.616400] ? preempt_count_sub+0x50/0x80 [ 18.616446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.616488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.616537] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.616582] kthread+0x324/0x6e0 [ 18.616618] ? trace_preempt_on+0x20/0xc0 [ 18.616659] ? __pfx_kthread+0x10/0x10 [ 18.616697] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.616740] ? calculate_sigpending+0x7b/0xa0 [ 18.616780] ? __pfx_kthread+0x10/0x10 [ 18.616819] ret_from_fork+0x41/0x80 [ 18.616891] ? __pfx_kthread+0x10/0x10 [ 18.616933] ret_from_fork_asm+0x1a/0x30 [ 18.617010] </TASK> [ 18.617034] [ 18.635943] Allocated by task 217: [ 18.636174] kasan_save_stack+0x45/0x70 [ 18.636660] kasan_save_track+0x18/0x40 [ 18.637291] kasan_save_alloc_info+0x3b/0x50 [ 18.637825] __kasan_slab_alloc+0x91/0xa0 [ 18.638474] kmem_cache_alloc_noprof+0x124/0x400 [ 18.638903] kmem_cache_double_free+0x150/0x490 [ 18.639476] kunit_try_run_case+0x1a6/0x480 [ 18.639853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.640465] kthread+0x324/0x6e0 [ 18.640911] ret_from_fork+0x41/0x80 [ 18.641496] ret_from_fork_asm+0x1a/0x30 [ 18.641950] [ 18.642150] Freed by task 217: [ 18.642519] kasan_save_stack+0x45/0x70 [ 18.643169] kasan_save_track+0x18/0x40 [ 18.643756] kasan_save_free_info+0x3f/0x60 [ 18.644244] __kasan_slab_free+0x56/0x70 [ 18.644745] kmem_cache_free+0x24b/0x420 [ 18.645184] kmem_cache_double_free+0x16b/0x490 [ 18.645454] kunit_try_run_case+0x1a6/0x480 [ 18.645653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.646065] kthread+0x324/0x6e0 [ 18.646576] ret_from_fork+0x41/0x80 [ 18.647148] ret_from_fork_asm+0x1a/0x30 [ 18.647698] [ 18.647962] The buggy address belongs to the object at ffff888102cab000 [ 18.647962] which belongs to the cache test_cache of size 200 [ 18.649482] The buggy address is located 0 bytes inside of [ 18.649482] 200-byte region [ffff888102cab000, ffff888102cab0c8) [ 18.650536] [ 18.650756] The buggy address belongs to the physical page: [ 18.651400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cab [ 18.652095] flags: 0x200000000000000(node=0|zone=2) [ 18.652695] page_type: f5(slab) [ 18.653102] raw: 0200000000000000 ffff8881003b1000 dead000000000122 0000000000000000 [ 18.653773] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.654450] page dumped because: kasan: bad access detected [ 18.654598] [ 18.654668] Memory state around the buggy address: [ 18.654798] ffff888102caaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.655082] ffff888102caaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.655506] >ffff888102cab000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.657210] ^ [ 18.657555] ffff888102cab080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.657843] ffff888102cab100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.658450] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.549798] ================================================================== [ 18.550413] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 18.551084] Read of size 1 at addr ffff8881029850c8 by task kunit_try_catch/215 [ 18.551463] [ 18.551637] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.551755] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.551788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.551828] Call Trace: [ 18.551849] <TASK> [ 18.552024] dump_stack_lvl+0x73/0xb0 [ 18.552133] print_report+0xd1/0x650 [ 18.552184] ? __virt_addr_valid+0x1db/0x2d0 [ 18.552233] ? kmem_cache_oob+0x404/0x530 [ 18.552287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.552391] ? kmem_cache_oob+0x404/0x530 [ 18.552445] kasan_report+0x140/0x180 [ 18.552492] ? kmem_cache_oob+0x404/0x530 [ 18.552549] __asan_report_load1_noabort+0x18/0x20 [ 18.552607] kmem_cache_oob+0x404/0x530 [ 18.552661] ? trace_hardirqs_on+0x37/0xe0 [ 18.552727] ? __pfx_kmem_cache_oob+0x10/0x10 [ 18.552783] ? finish_task_switch.isra.0+0x153/0x700 [ 18.552842] ? __switch_to+0x5d9/0xf60 [ 18.552936] ? __pfx_read_tsc+0x10/0x10 [ 18.552994] ? ktime_get_ts64+0x86/0x230 [ 18.553046] kunit_try_run_case+0x1a6/0x480 [ 18.553093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.553130] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.553175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.553218] ? __kthread_parkme+0x82/0x160 [ 18.553260] ? preempt_count_sub+0x50/0x80 [ 18.553291] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.553346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.553381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.553414] kthread+0x324/0x6e0 [ 18.553452] ? trace_preempt_on+0x20/0xc0 [ 18.553498] ? __pfx_kthread+0x10/0x10 [ 18.553540] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.553569] ? calculate_sigpending+0x7b/0xa0 [ 18.553598] ? __pfx_kthread+0x10/0x10 [ 18.553626] ret_from_fork+0x41/0x80 [ 18.553651] ? __pfx_kthread+0x10/0x10 [ 18.553679] ret_from_fork_asm+0x1a/0x30 [ 18.553720] </TASK> [ 18.553735] [ 18.569317] Allocated by task 215: [ 18.570364] kasan_save_stack+0x45/0x70 [ 18.571395] kasan_save_track+0x18/0x40 [ 18.572004] kasan_save_alloc_info+0x3b/0x50 [ 18.572480] __kasan_slab_alloc+0x91/0xa0 [ 18.572703] kmem_cache_alloc_noprof+0x124/0x400 [ 18.573189] kmem_cache_oob+0x158/0x530 [ 18.573512] kunit_try_run_case+0x1a6/0x480 [ 18.573771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.574709] kthread+0x324/0x6e0 [ 18.574963] ret_from_fork+0x41/0x80 [ 18.575328] ret_from_fork_asm+0x1a/0x30 [ 18.575940] [ 18.576155] The buggy address belongs to the object at ffff888102985000 [ 18.576155] which belongs to the cache test_cache of size 200 [ 18.577825] The buggy address is located 0 bytes to the right of [ 18.577825] allocated 200-byte region [ffff888102985000, ffff8881029850c8) [ 18.578943] [ 18.579086] The buggy address belongs to the physical page: [ 18.579444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102985 [ 18.580826] flags: 0x200000000000000(node=0|zone=2) [ 18.581467] page_type: f5(slab) [ 18.582017] raw: 0200000000000000 ffff888101da9500 dead000000000122 0000000000000000 [ 18.582293] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.582985] page dumped because: kasan: bad access detected [ 18.583481] [ 18.583647] Memory state around the buggy address: [ 18.584059] ffff888102984f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.584637] ffff888102985000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.585848] >ffff888102985080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.586376] ^ [ 18.586966] ffff888102985100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.587974] ffff888102985180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.588366] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.477717] ================================================================== [ 18.478757] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 18.479514] Read of size 8 at addr ffff888102ca8d00 by task kunit_try_catch/208 [ 18.480689] [ 18.481500] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 18.481833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.481889] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.481943] Call Trace: [ 18.481975] <TASK> [ 18.482015] dump_stack_lvl+0x73/0xb0 [ 18.482098] print_report+0xd1/0x650 [ 18.482147] ? __virt_addr_valid+0x1db/0x2d0 [ 18.482195] ? workqueue_uaf+0x4d8/0x560 [ 18.482234] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.482283] ? workqueue_uaf+0x4d8/0x560 [ 18.482324] kasan_report+0x140/0x180 [ 18.482378] ? workqueue_uaf+0x4d8/0x560 [ 18.482428] __asan_report_load8_noabort+0x18/0x20 [ 18.482477] workqueue_uaf+0x4d8/0x560 [ 18.482520] ? __pfx_workqueue_uaf+0x10/0x10 [ 18.482564] ? __pfx_workqueue_uaf+0x10/0x10 [ 18.482614] kunit_try_run_case+0x1a6/0x480 [ 18.482675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.483004] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 18.483124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.483165] ? __kthread_parkme+0x82/0x160 [ 18.483197] ? preempt_count_sub+0x50/0x80 [ 18.483231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.483261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.483296] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.483359] kthread+0x324/0x6e0 [ 18.483386] ? trace_preempt_on+0x20/0xc0 [ 18.483419] ? __pfx_kthread+0x10/0x10 [ 18.483559] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.483591] ? calculate_sigpending+0x7b/0xa0 [ 18.483622] ? __pfx_kthread+0x10/0x10 [ 18.483651] ret_from_fork+0x41/0x80 [ 18.483678] ? __pfx_kthread+0x10/0x10 [ 18.483719] ret_from_fork_asm+0x1a/0x30 [ 18.483761] </TASK> [ 18.483776] [ 18.499806] Allocated by task 208: [ 18.500138] kasan_save_stack+0x45/0x70 [ 18.500799] kasan_save_track+0x18/0x40 [ 18.501198] kasan_save_alloc_info+0x3b/0x50 [ 18.502253] __kasan_kmalloc+0xb7/0xc0 [ 18.502773] __kmalloc_cache_noprof+0x18a/0x420 [ 18.503131] workqueue_uaf+0x153/0x560 [ 18.503759] kunit_try_run_case+0x1a6/0x480 [ 18.504136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.504817] kthread+0x324/0x6e0 [ 18.505194] ret_from_fork+0x41/0x80 [ 18.506007] ret_from_fork_asm+0x1a/0x30 [ 18.506652] [ 18.506831] Freed by task 72: [ 18.507147] kasan_save_stack+0x45/0x70 [ 18.507532] kasan_save_track+0x18/0x40 [ 18.508034] kasan_save_free_info+0x3f/0x60 [ 18.508433] __kasan_slab_free+0x56/0x70 [ 18.508940] kfree+0x224/0x3f0 [ 18.509344] workqueue_uaf_work+0x12/0x20 [ 18.510150] process_one_work+0x5ee/0xf60 [ 18.510881] worker_thread+0x753/0x1200 [ 18.511386] kthread+0x324/0x6e0 [ 18.511683] ret_from_fork+0x41/0x80 [ 18.512116] ret_from_fork_asm+0x1a/0x30 [ 18.512626] [ 18.512886] Last potentially related work creation: [ 18.513272] kasan_save_stack+0x45/0x70 [ 18.514384] kasan_record_aux_stack+0xb2/0xc0 [ 18.514630] __queue_work+0x626/0xeb0 [ 18.515260] queue_work_on+0x74/0xa0 [ 18.515831] workqueue_uaf+0x26e/0x560 [ 18.516162] kunit_try_run_case+0x1a6/0x480 [ 18.516722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.517216] kthread+0x324/0x6e0 [ 18.518230] ret_from_fork+0x41/0x80 [ 18.518584] ret_from_fork_asm+0x1a/0x30 [ 18.519041] [ 18.519256] The buggy address belongs to the object at ffff888102ca8d00 [ 18.519256] which belongs to the cache kmalloc-32 of size 32 [ 18.520043] The buggy address is located 0 bytes inside of [ 18.520043] freed 32-byte region [ffff888102ca8d00, ffff888102ca8d20) [ 18.520938] [ 18.521166] The buggy address belongs to the physical page: [ 18.522560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ca8 [ 18.523214] flags: 0x200000000000000(node=0|zone=2) [ 18.524033] page_type: f5(slab) [ 18.524344] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.524946] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.525129] page dumped because: kasan: bad access detected [ 18.525265] [ 18.525333] Memory state around the buggy address: [ 18.526036] ffff888102ca8c00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.527124] ffff888102ca8c80: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.528065] >ffff888102ca8d00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.528926] ^ [ 18.529253] ffff888102ca8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.529874] ffff888102ca8e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.530377] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.420655] ================================================================== [ 18.421332] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 18.422156] Read of size 4 at addr ffff88810297cb80 by task swapper/1/0 [ 18.422914] [ 18.423190] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.14.11-rc1 #1 [ 18.423292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.423322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.423372] Call Trace: [ 18.423476] <IRQ> [ 18.423547] dump_stack_lvl+0x73/0xb0 [ 18.423644] print_report+0xd1/0x650 [ 18.423707] ? __virt_addr_valid+0x1db/0x2d0 [ 18.423765] ? rcu_uaf_reclaim+0x50/0x60 [ 18.423814] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.423899] ? rcu_uaf_reclaim+0x50/0x60 [ 18.423967] kasan_report+0x140/0x180 [ 18.424025] ? rcu_uaf_reclaim+0x50/0x60 [ 18.424080] __asan_report_load4_noabort+0x18/0x20 [ 18.424136] rcu_uaf_reclaim+0x50/0x60 [ 18.424184] rcu_core+0x680/0x1d70 [ 18.424272] ? __pfx_rcu_core+0x10/0x10 [ 18.424346] ? ktime_get+0x6b/0x150 [ 18.424402] ? handle_softirqs+0x18e/0x730 [ 18.424465] rcu_core_si+0x12/0x20 [ 18.424519] handle_softirqs+0x209/0x730 [ 18.424581] ? hrtimer_interrupt+0x2fe/0x780 [ 18.424656] ? __pfx_handle_softirqs+0x10/0x10 [ 18.424724] __irq_exit_rcu+0xc9/0x110 [ 18.424769] irq_exit_rcu+0x12/0x20 [ 18.424798] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.424835] </IRQ> [ 18.424917] <TASK> [ 18.424949] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.425198] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 18.425451] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 63 11 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 18.425668] RSP: 0000:ffff88810088fdd0 EFLAGS: 00010216 [ 18.425904] RAX: ffff88815b100000 RBX: ffff8881008790c0 RCX: ffffffffb4171d35 [ 18.426053] RDX: ffffed102b626ae3 RSI: 0000000000000004 RDI: 000000000001920c [ 18.426191] RBP: ffff88810088fdd8 R08: 0000000000000001 R09: ffffed102b626ae2 [ 18.426266] R10: ffff88815b135713 R11: 0000000000064000 R12: 0000000000000001 [ 18.426341] R13: ffffed102010f218 R14: ffffffffb5d80310 R15: 0000000000000000 [ 18.426430] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 18.426515] ? default_idle+0xd/0x20 [ 18.426544] arch_cpu_idle+0xd/0x20 [ 18.426570] default_idle_call+0x48/0x80 [ 18.426595] do_idle+0x310/0x3c0 [ 18.426626] ? __pfx_do_idle+0x10/0x10 [ 18.426649] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 18.426678] ? complete+0x15b/0x1d0 [ 18.426707] cpu_startup_entry+0x5c/0x70 [ 18.426733] start_secondary+0x212/0x290 [ 18.426760] ? __pfx_start_secondary+0x10/0x10 [ 18.426792] common_startup_64+0x12c/0x138 [ 18.426833] </TASK> [ 18.426850] [ 18.442470] Allocated by task 206: [ 18.442937] kasan_save_stack+0x45/0x70 [ 18.443448] kasan_save_track+0x18/0x40 [ 18.443842] kasan_save_alloc_info+0x3b/0x50 [ 18.444311] __kasan_kmalloc+0xb7/0xc0 [ 18.444612] __kmalloc_cache_noprof+0x18a/0x420 [ 18.445029] rcu_uaf+0xb1/0x330 [ 18.445381] kunit_try_run_case+0x1a6/0x480 [ 18.445731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.446216] kthread+0x324/0x6e0 [ 18.446497] ret_from_fork+0x41/0x80 [ 18.446731] ret_from_fork_asm+0x1a/0x30 [ 18.447083] [ 18.447348] Freed by task 0: [ 18.447667] kasan_save_stack+0x45/0x70 [ 18.448089] kasan_save_track+0x18/0x40 [ 18.448501] kasan_save_free_info+0x3f/0x60 [ 18.448963] __kasan_slab_free+0x56/0x70 [ 18.449394] kfree+0x224/0x3f0 [ 18.449746] rcu_uaf_reclaim+0x1f/0x60 [ 18.450100] rcu_core+0x680/0x1d70 [ 18.450375] rcu_core_si+0x12/0x20 [ 18.450774] handle_softirqs+0x209/0x730 [ 18.451227] __irq_exit_rcu+0xc9/0x110 [ 18.451641] irq_exit_rcu+0x12/0x20 [ 18.452056] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.452418] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.452710] [ 18.452927] Last potentially related work creation: [ 18.453481] kasan_save_stack+0x45/0x70 [ 18.453892] kasan_record_aux_stack+0xb2/0xc0 [ 18.454389] __call_rcu_common.constprop.0+0x72/0xaa0 [ 18.454894] call_rcu+0x12/0x20 [ 18.455240] rcu_uaf+0x169/0x330 [ 18.455534] kunit_try_run_case+0x1a6/0x480 [ 18.455981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.456427] kthread+0x324/0x6e0 [ 18.456774] ret_from_fork+0x41/0x80 [ 18.457084] ret_from_fork_asm+0x1a/0x30 [ 18.457604] [ 18.457852] The buggy address belongs to the object at ffff88810297cb80 [ 18.457852] which belongs to the cache kmalloc-32 of size 32 [ 18.458629] The buggy address is located 0 bytes inside of [ 18.458629] freed 32-byte region [ffff88810297cb80, ffff88810297cba0) [ 18.459507] [ 18.459739] The buggy address belongs to the physical page: [ 18.460180] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10297c [ 18.460719] flags: 0x200000000000000(node=0|zone=2) [ 18.460995] page_type: f5(slab) [ 18.461210] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.461937] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.462379] page dumped because: kasan: bad access detected [ 18.462656] [ 18.462793] Memory state around the buggy address: [ 18.463251] ffff88810297ca80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.463961] ffff88810297cb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.464586] >ffff88810297cb80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.465152] ^ [ 18.465540] ffff88810297cc00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.465992] ffff88810297cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.466521] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.809248] ================================================================== [ 16.810495] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 16.811115] Read of size 1 at addr ffff888102cb0000 by task kunit_try_catch/162 [ 16.811882] [ 16.812130] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.812238] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.812266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.812358] Call Trace: [ 16.812401] <TASK> [ 16.812447] dump_stack_lvl+0x73/0xb0 [ 16.812545] print_report+0xd1/0x650 [ 16.812596] ? __virt_addr_valid+0x1db/0x2d0 [ 16.812645] ? page_alloc_uaf+0x358/0x3d0 [ 16.812693] ? kasan_addr_to_slab+0x11/0xa0 [ 16.812741] ? page_alloc_uaf+0x358/0x3d0 [ 16.812796] kasan_report+0x140/0x180 [ 16.812853] ? page_alloc_uaf+0x358/0x3d0 [ 16.812964] __asan_report_load1_noabort+0x18/0x20 [ 16.813027] page_alloc_uaf+0x358/0x3d0 [ 16.813081] ? __pfx_page_alloc_uaf+0x10/0x10 [ 16.813138] ? __schedule+0xce8/0x2840 [ 16.813196] ? __pfx_read_tsc+0x10/0x10 [ 16.813243] ? ktime_get_ts64+0x86/0x230 [ 16.813295] kunit_try_run_case+0x1a6/0x480 [ 16.813382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813454] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.813512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.813552] ? __kthread_parkme+0x82/0x160 [ 16.813584] ? preempt_count_sub+0x50/0x80 [ 16.813616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.813645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.813679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.813710] kthread+0x324/0x6e0 [ 16.813737] ? trace_preempt_on+0x20/0xc0 [ 16.813768] ? __pfx_kthread+0x10/0x10 [ 16.813795] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.813822] ? calculate_sigpending+0x7b/0xa0 [ 16.813849] ? __pfx_kthread+0x10/0x10 [ 16.813898] ret_from_fork+0x41/0x80 [ 16.813924] ? __pfx_kthread+0x10/0x10 [ 16.813951] ret_from_fork_asm+0x1a/0x30 [ 16.813992] </TASK> [ 16.814007] [ 16.829141] The buggy address belongs to the physical page: [ 16.830108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cb0 [ 16.831047] flags: 0x200000000000000(node=0|zone=2) [ 16.831911] page_type: f0(buddy) [ 16.832345] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 16.833155] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 16.833810] page dumped because: kasan: bad access detected [ 16.834066] [ 16.834275] Memory state around the buggy address: [ 16.834813] ffff888102caff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.835261] ffff888102caff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.836794] >ffff888102cb0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.837179] ^ [ 16.837524] ffff888102cb0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.838694] ffff888102cb0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.839132] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 16.767277] ================================================================== [ 16.768179] BUG: KASAN: invalid-free in kfree+0x276/0x3f0 [ 16.768805] Free of addr ffff8881022ec001 by task kunit_try_catch/158 [ 16.769210] [ 16.769353] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.769452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.769479] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.769537] Call Trace: [ 16.769574] <TASK> [ 16.769630] dump_stack_lvl+0x73/0xb0 [ 16.769705] print_report+0xd1/0x650 [ 16.769757] ? __virt_addr_valid+0x1db/0x2d0 [ 16.769814] ? kasan_addr_to_slab+0x11/0xa0 [ 16.769888] ? kfree+0x276/0x3f0 [ 16.769941] kasan_report_invalid_free+0xfc/0x120 [ 16.770020] ? kfree+0x276/0x3f0 [ 16.770072] ? kfree+0x276/0x3f0 [ 16.770106] __kasan_kfree_large+0x86/0xd0 [ 16.770134] free_large_kmalloc+0x3b/0xd0 [ 16.770162] kfree+0x276/0x3f0 [ 16.770194] kmalloc_large_invalid_free+0x121/0x2b0 [ 16.770228] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 16.770274] ? __schedule+0xce8/0x2840 [ 16.770330] ? __pfx_read_tsc+0x10/0x10 [ 16.770383] ? ktime_get_ts64+0x86/0x230 [ 16.770456] kunit_try_run_case+0x1a6/0x480 [ 16.770535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.770590] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.770641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.770695] ? __kthread_parkme+0x82/0x160 [ 16.770751] ? preempt_count_sub+0x50/0x80 [ 16.770825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.770916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.770976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.771030] kthread+0x324/0x6e0 [ 16.771064] ? trace_preempt_on+0x20/0xc0 [ 16.771096] ? __pfx_kthread+0x10/0x10 [ 16.771125] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.771153] ? calculate_sigpending+0x7b/0xa0 [ 16.771181] ? __pfx_kthread+0x10/0x10 [ 16.771209] ret_from_fork+0x41/0x80 [ 16.771234] ? __pfx_kthread+0x10/0x10 [ 16.771261] ret_from_fork_asm+0x1a/0x30 [ 16.771301] </TASK> [ 16.771324] [ 16.785682] The buggy address belongs to the physical page: [ 16.785966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 16.786732] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.787317] flags: 0x200000000000040(head|node=0|zone=2) [ 16.787903] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.788495] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.789118] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.789925] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.790630] head: 0200000000000002 ffffea000408bb01 ffffffffffffffff 0000000000000000 [ 16.791509] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 16.792062] page dumped because: kasan: bad access detected [ 16.792515] [ 16.792753] Memory state around the buggy address: [ 16.793291] ffff8881022ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.793632] ffff8881022ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.794254] >ffff8881022ec000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.794724] ^ [ 16.795048] ffff8881022ec080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.795533] ffff8881022ec100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.796089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.731985] ================================================================== [ 16.733397] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 16.733858] Read of size 1 at addr ffff8881022ec000 by task kunit_try_catch/156 [ 16.734619] [ 16.734801] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.734923] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.734952] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.734994] Call Trace: [ 16.735027] <TASK> [ 16.735060] dump_stack_lvl+0x73/0xb0 [ 16.735136] print_report+0xd1/0x650 [ 16.735190] ? __virt_addr_valid+0x1db/0x2d0 [ 16.735243] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.735294] ? kasan_addr_to_slab+0x11/0xa0 [ 16.735357] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.735404] kasan_report+0x140/0x180 [ 16.735451] ? kmalloc_large_uaf+0x2f3/0x340 [ 16.735511] __asan_report_load1_noabort+0x18/0x20 [ 16.735569] kmalloc_large_uaf+0x2f3/0x340 [ 16.735618] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 16.735670] ? __schedule+0xce8/0x2840 [ 16.735734] ? __pfx_read_tsc+0x10/0x10 [ 16.735780] ? ktime_get_ts64+0x86/0x230 [ 16.735837] kunit_try_run_case+0x1a6/0x480 [ 16.735913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.735967] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.736028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.736088] ? __kthread_parkme+0x82/0x160 [ 16.736145] ? preempt_count_sub+0x50/0x80 [ 16.736201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.736250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.736305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.736362] kthread+0x324/0x6e0 [ 16.736412] ? trace_preempt_on+0x20/0xc0 [ 16.736467] ? __pfx_kthread+0x10/0x10 [ 16.736515] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.736571] ? calculate_sigpending+0x7b/0xa0 [ 16.736618] ? __pfx_kthread+0x10/0x10 [ 16.736665] ret_from_fork+0x41/0x80 [ 16.736701] ? __pfx_kthread+0x10/0x10 [ 16.736731] ret_from_fork_asm+0x1a/0x30 [ 16.736771] </TASK> [ 16.736787] [ 16.752656] The buggy address belongs to the physical page: [ 16.753205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1022ec [ 16.754099] flags: 0x200000000000000(node=0|zone=2) [ 16.754747] raw: 0200000000000000 ffff88815b13ef40 ffff88815b13ef40 0000000000000000 [ 16.755320] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.755991] page dumped because: kasan: bad access detected [ 16.756355] [ 16.756562] Memory state around the buggy address: [ 16.757025] ffff8881022ebf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.757861] ffff8881022ebf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.758355] >ffff8881022ec000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.759200] ^ [ 16.759927] ffff8881022ec080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.760498] ffff8881022ec100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.760855] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.691920] ================================================================== [ 16.693052] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 16.693765] Write of size 1 at addr ffff888102b5600a by task kunit_try_catch/154 [ 16.694712] [ 16.695006] CPU: 0 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.695114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.695146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.695198] Call Trace: [ 16.695237] <TASK> [ 16.695279] dump_stack_lvl+0x73/0xb0 [ 16.695366] print_report+0xd1/0x650 [ 16.695456] ? __virt_addr_valid+0x1db/0x2d0 [ 16.695503] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.695544] ? kasan_addr_to_slab+0x11/0xa0 [ 16.695583] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.695626] kasan_report+0x140/0x180 [ 16.695674] ? kmalloc_large_oob_right+0x2eb/0x340 [ 16.695744] __asan_report_store1_noabort+0x1b/0x30 [ 16.695801] kmalloc_large_oob_right+0x2eb/0x340 [ 16.695845] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.695911] ? __schedule+0xce8/0x2840 [ 16.695974] ? __pfx_read_tsc+0x10/0x10 [ 16.696030] ? ktime_get_ts64+0x86/0x230 [ 16.696093] kunit_try_run_case+0x1a6/0x480 [ 16.696152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.696202] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.696257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.696313] ? __kthread_parkme+0x82/0x160 [ 16.696370] ? preempt_count_sub+0x50/0x80 [ 16.696427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.696475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.696528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.696578] kthread+0x324/0x6e0 [ 16.696629] ? trace_preempt_on+0x20/0xc0 [ 16.696688] ? __pfx_kthread+0x10/0x10 [ 16.696742] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.696798] ? calculate_sigpending+0x7b/0xa0 [ 16.696850] ? __pfx_kthread+0x10/0x10 [ 16.697001] ret_from_fork+0x41/0x80 [ 16.697056] ? __pfx_kthread+0x10/0x10 [ 16.697108] ret_from_fork_asm+0x1a/0x30 [ 16.697189] </TASK> [ 16.697219] [ 16.713217] The buggy address belongs to the physical page: [ 16.714012] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b54 [ 16.714810] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.715354] flags: 0x200000000000040(head|node=0|zone=2) [ 16.716031] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.716764] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.717274] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.717883] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 16.718345] head: 0200000000000002 ffffea00040ad501 ffffffffffffffff 0000000000000000 [ 16.719014] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 16.720145] page dumped because: kasan: bad access detected [ 16.720607] [ 16.720745] Memory state around the buggy address: [ 16.721201] ffff888102b55f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.721697] ffff888102b55f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.722552] >ffff888102b56000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.723088] ^ [ 16.724068] ffff888102b56080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.724581] ffff888102b56100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.725318] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.650168] ================================================================== [ 16.651429] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 16.652004] Write of size 1 at addr ffff888102c59f00 by task kunit_try_catch/152 [ 16.652565] [ 16.652823] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.652941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.652973] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.653017] Call Trace: [ 16.653050] <TASK> [ 16.653092] dump_stack_lvl+0x73/0xb0 [ 16.653172] print_report+0xd1/0x650 [ 16.653228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.653282] ? kmalloc_big_oob_right+0x318/0x370 [ 16.653327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.653381] ? kmalloc_big_oob_right+0x318/0x370 [ 16.653432] kasan_report+0x140/0x180 [ 16.653483] ? kmalloc_big_oob_right+0x318/0x370 [ 16.653548] __asan_report_store1_noabort+0x1b/0x30 [ 16.653609] kmalloc_big_oob_right+0x318/0x370 [ 16.653665] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.653724] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.653788] kunit_try_run_case+0x1a6/0x480 [ 16.653852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.653924] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.653989] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.654035] ? __kthread_parkme+0x82/0x160 [ 16.654068] ? preempt_count_sub+0x50/0x80 [ 16.654102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.654130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.654163] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.654194] kthread+0x324/0x6e0 [ 16.654221] ? trace_preempt_on+0x20/0xc0 [ 16.654252] ? __pfx_kthread+0x10/0x10 [ 16.654280] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.654311] ? calculate_sigpending+0x7b/0xa0 [ 16.654350] ? __pfx_kthread+0x10/0x10 [ 16.654379] ret_from_fork+0x41/0x80 [ 16.654405] ? __pfx_kthread+0x10/0x10 [ 16.654432] ret_from_fork_asm+0x1a/0x30 [ 16.654473] </TASK> [ 16.654488] [ 16.667094] Allocated by task 152: [ 16.667434] kasan_save_stack+0x45/0x70 [ 16.667799] kasan_save_track+0x18/0x40 [ 16.668196] kasan_save_alloc_info+0x3b/0x50 [ 16.668475] __kasan_kmalloc+0xb7/0xc0 [ 16.668712] __kmalloc_cache_noprof+0x18a/0x420 [ 16.669247] kmalloc_big_oob_right+0xaa/0x370 [ 16.669681] kunit_try_run_case+0x1a6/0x480 [ 16.670115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.671233] kthread+0x324/0x6e0 [ 16.671563] ret_from_fork+0x41/0x80 [ 16.671969] ret_from_fork_asm+0x1a/0x30 [ 16.672320] [ 16.672466] The buggy address belongs to the object at ffff888102c58000 [ 16.672466] which belongs to the cache kmalloc-8k of size 8192 [ 16.673072] The buggy address is located 0 bytes to the right of [ 16.673072] allocated 7936-byte region [ffff888102c58000, ffff888102c59f00) [ 16.674002] [ 16.674207] The buggy address belongs to the physical page: [ 16.674751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c58 [ 16.675293] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.676268] flags: 0x200000000000040(head|node=0|zone=2) [ 16.676883] page_type: f5(slab) [ 16.677266] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.677951] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.678573] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.679151] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.679720] head: 0200000000000003 ffffea00040b1601 ffffffffffffffff 0000000000000000 [ 16.680267] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 16.680737] page dumped because: kasan: bad access detected [ 16.681026] [ 16.681227] Memory state around the buggy address: [ 16.681704] ffff888102c59e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.682126] ffff888102c59e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.682728] >ffff888102c59f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.683147] ^ [ 16.683494] ffff888102c59f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684105] ffff888102c5a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.684530] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.603750] ================================================================== [ 16.604500] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 16.605572] Write of size 1 at addr ffff888102971c78 by task kunit_try_catch/150 [ 16.606370] [ 16.606622] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.606729] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.606758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.606788] Call Trace: [ 16.606812] <TASK> [ 16.606837] dump_stack_lvl+0x73/0xb0 [ 16.606908] print_report+0xd1/0x650 [ 16.606956] ? __virt_addr_valid+0x1db/0x2d0 [ 16.607001] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 16.607084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.607129] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 16.607169] kasan_report+0x140/0x180 [ 16.607210] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 16.607262] __asan_report_store1_noabort+0x1b/0x30 [ 16.607304] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 16.607351] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.607397] ? __schedule+0xce8/0x2840 [ 16.607443] ? __pfx_read_tsc+0x10/0x10 [ 16.607482] ? ktime_get_ts64+0x86/0x230 [ 16.607527] kunit_try_run_case+0x1a6/0x480 [ 16.607576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607619] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.607687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.607759] ? __kthread_parkme+0x82/0x160 [ 16.607813] ? preempt_count_sub+0x50/0x80 [ 16.607888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.608004] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.608072] kthread+0x324/0x6e0 [ 16.608129] ? trace_preempt_on+0x20/0xc0 [ 16.608190] ? __pfx_kthread+0x10/0x10 [ 16.608237] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.608270] ? calculate_sigpending+0x7b/0xa0 [ 16.608299] ? __pfx_kthread+0x10/0x10 [ 16.608352] ret_from_fork+0x41/0x80 [ 16.608378] ? __pfx_kthread+0x10/0x10 [ 16.608405] ret_from_fork_asm+0x1a/0x30 [ 16.608464] </TASK> [ 16.608488] [ 16.624186] Allocated by task 150: [ 16.624811] kasan_save_stack+0x45/0x70 [ 16.625267] kasan_save_track+0x18/0x40 [ 16.625736] kasan_save_alloc_info+0x3b/0x50 [ 16.626139] __kasan_kmalloc+0xb7/0xc0 [ 16.627554] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 16.628072] kmalloc_track_caller_oob_right+0x19b/0x530 [ 16.628442] kunit_try_run_case+0x1a6/0x480 [ 16.628824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.629332] kthread+0x324/0x6e0 [ 16.629695] ret_from_fork+0x41/0x80 [ 16.630724] ret_from_fork_asm+0x1a/0x30 [ 16.630954] [ 16.631065] The buggy address belongs to the object at ffff888102971c00 [ 16.631065] which belongs to the cache kmalloc-128 of size 128 [ 16.631848] The buggy address is located 0 bytes to the right of [ 16.631848] allocated 120-byte region [ffff888102971c00, ffff888102971c78) [ 16.633539] [ 16.634091] The buggy address belongs to the physical page: [ 16.634649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 16.635511] flags: 0x200000000000000(node=0|zone=2) [ 16.635891] page_type: f5(slab) [ 16.636110] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.637137] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.637850] page dumped because: kasan: bad access detected [ 16.638484] [ 16.638692] Memory state around the buggy address: [ 16.639302] ffff888102971b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.640375] ffff888102971b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.640672] >ffff888102971c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.640945] ^ [ 16.641128] ffff888102971c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641295] ffff888102971d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.642339] ================================================================== [ 16.562135] ================================================================== [ 16.562859] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 16.563520] Write of size 1 at addr ffff888102971b78 by task kunit_try_catch/150 [ 16.564151] [ 16.564392] CPU: 1 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.564498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.564556] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.564597] Call Trace: [ 16.564626] <TASK> [ 16.564659] dump_stack_lvl+0x73/0xb0 [ 16.564728] print_report+0xd1/0x650 [ 16.564768] ? __virt_addr_valid+0x1db/0x2d0 [ 16.564810] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 16.564855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.564917] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 16.564962] kasan_report+0x140/0x180 [ 16.565008] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 16.565065] __asan_report_store1_noabort+0x1b/0x30 [ 16.565120] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 16.565180] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.565232] ? __schedule+0xce8/0x2840 [ 16.565286] ? __pfx_read_tsc+0x10/0x10 [ 16.565383] ? ktime_get_ts64+0x86/0x230 [ 16.565480] kunit_try_run_case+0x1a6/0x480 [ 16.565546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.565601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.565656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.565703] ? __kthread_parkme+0x82/0x160 [ 16.565751] ? preempt_count_sub+0x50/0x80 [ 16.565808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.565858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.565938] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.565999] kthread+0x324/0x6e0 [ 16.566048] ? trace_preempt_on+0x20/0xc0 [ 16.566098] ? __pfx_kthread+0x10/0x10 [ 16.566143] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.566188] ? calculate_sigpending+0x7b/0xa0 [ 16.566232] ? __pfx_kthread+0x10/0x10 [ 16.566273] ret_from_fork+0x41/0x80 [ 16.566343] ? __pfx_kthread+0x10/0x10 [ 16.566384] ret_from_fork_asm+0x1a/0x30 [ 16.566468] </TASK> [ 16.566492] [ 16.582641] Allocated by task 150: [ 16.583050] kasan_save_stack+0x45/0x70 [ 16.583769] kasan_save_track+0x18/0x40 [ 16.584175] kasan_save_alloc_info+0x3b/0x50 [ 16.584626] __kasan_kmalloc+0xb7/0xc0 [ 16.584920] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 16.585350] kmalloc_track_caller_oob_right+0x9a/0x530 [ 16.585737] kunit_try_run_case+0x1a6/0x480 [ 16.586155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.586459] kthread+0x324/0x6e0 [ 16.586686] ret_from_fork+0x41/0x80 [ 16.588151] ret_from_fork_asm+0x1a/0x30 [ 16.588756] [ 16.588996] The buggy address belongs to the object at ffff888102971b00 [ 16.588996] which belongs to the cache kmalloc-128 of size 128 [ 16.590287] The buggy address is located 0 bytes to the right of [ 16.590287] allocated 120-byte region [ffff888102971b00, ffff888102971b78) [ 16.591425] [ 16.591643] The buggy address belongs to the physical page: [ 16.592596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102971 [ 16.593438] flags: 0x200000000000000(node=0|zone=2) [ 16.594021] page_type: f5(slab) [ 16.594301] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.595180] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.596076] page dumped because: kasan: bad access detected [ 16.596902] [ 16.597155] Memory state around the buggy address: [ 16.597913] ffff888102971a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.598211] ffff888102971a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599424] >ffff888102971b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.599741] ^ [ 16.600338] ffff888102971b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.600666] ffff888102971c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601851] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 16.515386] ================================================================== [ 16.516208] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 16.516920] Read of size 1 at addr ffff8881027ad000 by task kunit_try_catch/148 [ 16.517263] [ 16.517503] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.11-rc1 #1 [ 16.517608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.517639] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.517691] Call Trace: [ 16.517724] <TASK> [ 16.517765] dump_stack_lvl+0x73/0xb0 [ 16.517846] print_report+0xd1/0x650 [ 16.517951] ? __virt_addr_valid+0x1db/0x2d0 [ 16.518010] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.518056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.518105] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.518148] kasan_report+0x140/0x180 [ 16.518197] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 16.518257] __asan_report_load1_noabort+0x18/0x20 [ 16.518343] kmalloc_node_oob_right+0x36b/0x3d0 [ 16.518404] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 16.518492] ? __schedule+0xce8/0x2840 [ 16.518548] ? __pfx_read_tsc+0x10/0x10 [ 16.518598] ? ktime_get_ts64+0x86/0x230 [ 16.518662] kunit_try_run_case+0x1a6/0x480 [ 16.518724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.518770] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.518826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.518900] ? __kthread_parkme+0x82/0x160 [ 16.518957] ? preempt_count_sub+0x50/0x80 [ 16.519018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.519179] kthread+0x324/0x6e0 [ 16.519226] ? trace_preempt_on+0x20/0xc0 [ 16.519282] ? __pfx_kthread+0x10/0x10 [ 16.519373] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.519457] ? calculate_sigpending+0x7b/0xa0 [ 16.519513] ? __pfx_kthread+0x10/0x10 [ 16.519561] ret_from_fork+0x41/0x80 [ 16.519600] ? __pfx_kthread+0x10/0x10 [ 16.519639] ret_from_fork_asm+0x1a/0x30 [ 16.519709] </TASK> [ 16.519727] [ 16.533190] Allocated by task 148: [ 16.533778] kasan_save_stack+0x45/0x70 [ 16.534187] kasan_save_track+0x18/0x40 [ 16.534709] kasan_save_alloc_info+0x3b/0x50 [ 16.535005] __kasan_kmalloc+0xb7/0xc0 [ 16.535353] __kmalloc_cache_node_noprof+0x189/0x420 [ 16.536145] kmalloc_node_oob_right+0xac/0x3d0 [ 16.536494] kunit_try_run_case+0x1a6/0x480 [ 16.536924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.537342] kthread+0x324/0x6e0 [ 16.537832] ret_from_fork+0x41/0x80 [ 16.538232] ret_from_fork_asm+0x1a/0x30 [ 16.538602] [ 16.538814] The buggy address belongs to the object at ffff8881027ac000 [ 16.538814] which belongs to the cache kmalloc-4k of size 4096 [ 16.539575] The buggy address is located 0 bytes to the right of [ 16.539575] allocated 4096-byte region [ffff8881027ac000, ffff8881027ad000) [ 16.540400] [ 16.540619] The buggy address belongs to the physical page: [ 16.541853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027a8 [ 16.543076] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.543817] flags: 0x200000000000040(head|node=0|zone=2) [ 16.544819] page_type: f5(slab) [ 16.545097] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.545737] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.546453] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.546899] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.547290] head: 0200000000000003 ffffea000409ea01 ffffffffffffffff 0000000000000000 [ 16.548293] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 16.549327] page dumped because: kasan: bad access detected [ 16.549893] [ 16.550038] Memory state around the buggy address: [ 16.550595] ffff8881027acf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.551108] ffff8881027acf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.551770] >ffff8881027ad000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552234] ^ [ 16.552833] ffff8881027ad080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553403] ffff8881027ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554269] ==================================================================
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 180.676701] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 180.677739] WARNING: CPU: 1 PID: 2297 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 180.680193] Modules linked in: [ 180.680807] CPU: 1 UID: 0 PID: 2297 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 180.681483] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 180.682157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 180.683007] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 180.683889] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 64 63 82 00 48 c7 c1 e0 61 5b b4 4c 89 fa 48 c7 c7 40 62 5b b4 48 89 c6 e8 eb c7 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 180.685251] RSP: 0000:ffff8881052efb68 EFLAGS: 00010282 [ 180.685624] RAX: 0000000000000000 RBX: ffff8881052efc40 RCX: 1ffffffff6a64420 [ 180.687663] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 180.688258] RBP: ffff8881052efb90 R08: 0000000000000000 R09: fffffbfff6a64420 [ 180.689149] R10: 0000000000000003 R11: 0000000000031278 R12: ffff8881052efc18 [ 180.689761] R13: ffff888105171000 R14: ffff8881050d5000 R15: ffff888103bba900 [ 180.691794] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 180.692630] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 180.693840] CR2: 00007ffff7ffe000 CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 180.694755] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608263 [ 180.697037] DR3: ffffffffb6608265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 180.697350] Call Trace: [ 180.698095] <TASK> [ 180.698857] drm_test_framebuffer_free+0x1ac/0x610 [ 180.699317] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 180.700258] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.701223] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 180.701975] ? __drmm_add_action_or_reset+0x22/0x50 [ 180.702622] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 180.703193] kunit_try_run_case+0x1a6/0x480 [ 180.703586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.704080] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 180.704615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 180.705166] ? __kthread_parkme+0x82/0x160 [ 180.705735] ? preempt_count_sub+0x50/0x80 [ 180.706287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 180.707006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 180.707683] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 180.708121] kthread+0x324/0x6e0 [ 180.708326] ? trace_preempt_on+0x20/0xc0 [ 180.709577] ? __pfx_kthread+0x10/0x10 [ 180.709998] ? _raw_spin_unlock_irq+0x47/0x80 [ 180.710285] ? calculate_sigpending+0x7b/0xa0 [ 180.711080] ? __pfx_kthread+0x10/0x10 [ 180.711679] ret_from_fork+0x41/0x80 [ 180.711974] ? __pfx_kthread+0x10/0x10 [ 180.712453] ret_from_fork_asm+0x1a/0x30 [ 180.713077] </TASK> [ 180.713264] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 177.961700] WARNING: CPU: 1 PID: 1735 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 177.962311] Modules linked in: [ 177.963163] CPU: 1 UID: 0 PID: 1735 Comm: kunit_try_catch Tainted: G B D N 6.14.11-rc1 #1 [ 177.964397] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 177.964998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 177.965681] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 177.966237] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 177.967787] RSP: 0000:ffff888103fc7c90 EFLAGS: 00010246 [ 177.968182] RAX: dffffc0000000000 RBX: ffff8881033f4000 RCX: 0000000000000000 [ 177.968808] RDX: 1ffff1102067e832 RSI: ffffffffb19e1089 RDI: ffff8881033f4190 [ 177.969593] RBP: ffff888103fc7ca0 R08: 1ffff11020062f69 R09: ffffed10207f8f65 [ 177.970222] R10: 0000000000000003 R11: ffffffffb0f71418 R12: 0000000000000000 [ 177.970973] R13: ffff888103fc7d38 R14: ffff888100317c50 R15: ffff888100317c58 [ 177.971415] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 177.972655] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 177.973127] CR2: 00007ffff7ffe000 CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 177.974028] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608263 [ 177.974578] DR3: ffffffffb6608265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 177.974929] Call Trace: [ 177.975288] <TASK> [ 177.975721] drm_test_drm_connector_dynamic_register_early_no_init+0x105/0x290 [ 177.976554] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 177.977448] ? __schedule+0xce8/0x2840 [ 177.977808] ? __pfx_read_tsc+0x10/0x10 [ 177.978223] ? ktime_get_ts64+0x86/0x230 [ 177.978910] kunit_try_run_case+0x1a6/0x480 [ 177.979161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 177.980104] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 177.980836] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 177.981199] ? __kthread_parkme+0x82/0x160 [ 177.981557] ? preempt_count_sub+0x50/0x80 [ 177.982357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 177.982923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 177.983318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 177.984340] kthread+0x324/0x6e0 [ 177.984699] ? trace_preempt_on+0x20/0xc0 [ 177.985033] ? __pfx_kthread+0x10/0x10 [ 177.985854] ? _raw_spin_unlock_irq+0x47/0x80 [ 177.986190] ? calculate_sigpending+0x7b/0xa0 [ 177.987004] ? __pfx_kthread+0x10/0x10 [ 177.987408] ret_from_fork+0x41/0x80 [ 177.987792] ? __pfx_kthread+0x10/0x10 [ 177.988211] ret_from_fork_asm+0x1a/0x30 [ 177.989032] </TASK> [ 177.989388] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 178.110336] WARNING: CPU: 1 PID: 1743 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 178.111918] Modules linked in: [ 178.112210] CPU: 1 UID: 0 PID: 1743 Comm: kunit_try_catch Tainted: G B D W N 6.14.11-rc1 #1 [ 178.113512] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 178.114170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 178.114861] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 178.115849] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 178.117221] RSP: 0000:ffff888103ac7c90 EFLAGS: 00010246 [ 178.117840] RAX: dffffc0000000000 RBX: ffff8881070ca000 RCX: 0000000000000000 [ 178.118348] RDX: 1ffff11020e19432 RSI: ffffffffb19e1089 RDI: ffff8881070ca190 [ 178.119228] RBP: ffff888103ac7ca0 R08: 1ffff11020062f69 R09: ffffed1020758f65 [ 178.119754] R10: 0000000000000003 R11: ffffffffb0f71418 R12: 0000000000000000 [ 178.120208] R13: ffff888103ac7d38 R14: ffff888100317c50 R15: ffff888100317c58 [ 178.120613] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 178.121104] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 178.121788] CR2: 00007ffff7ffe000 CR3: 0000000044cb8000 CR4: 00000000000006f0 [ 178.122255] DR0: ffffffffb6608260 DR1: ffffffffb6608261 DR2: ffffffffb6608263 [ 178.122839] DR3: ffffffffb6608265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 178.123365] Call Trace: [ 178.123851] <TASK> [ 178.124128] drm_test_drm_connector_dynamic_register_no_init+0x105/0x290 [ 178.124800] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 178.125405] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 178.126092] kunit_try_run_case+0x1a6/0x480 [ 178.126669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 178.127093] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 178.127569] ? __kthread_parkme+0x82/0x160 [ 178.128028] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 178.128653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 178.129044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 178.129602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 178.130117] kthread+0x324/0x6e0 [ 178.130567] ? trace_preempt_on+0x20/0xc0 [ 178.131008] ? __pfx_kthread+0x10/0x10 [ 178.131346] ? _raw_spin_unlock_irq+0x47/0x80 [ 178.131982] ? calculate_sigpending+0x7b/0xa0 [ 178.132318] ? __pfx_kthread+0x10/0x10 [ 178.132861] ret_from_fork+0x41/0x80 [ 178.133290] ? __pfx_kthread+0x10/0x10 [ 178.133742] ret_from_fork_asm+0x1a/0x30 [ 178.134235] </TASK> [ 178.134620] ---[ end trace 0000000000000000 ]---
Failure - kunit - _kasan
<8>[ 315.122871] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=_kasan RESULT=fail> _kasan fail