Date
May 12, 2025, 6:12 p.m.
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.855058] ================================================================== [ 12.855788] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.856379] Read of size 1 at addr ffff888102add078 by task kunit_try_catch/202 [ 12.856695] [ 12.856809] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.856863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.856875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.856897] Call Trace: [ 12.856918] <TASK> [ 12.856938] dump_stack_lvl+0x73/0xb0 [ 12.856967] print_report+0xd1/0x650 [ 12.856988] ? __virt_addr_valid+0x1db/0x2d0 [ 12.857010] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.857032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.857057] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.857078] kasan_report+0x140/0x180 [ 12.857099] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.857125] __asan_report_load1_noabort+0x18/0x20 [ 12.857148] ksize_unpoisons_memory+0x7eb/0x9b0 [ 12.857171] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.857192] ? finish_task_switch.isra.0+0x153/0x700 [ 12.857215] ? __switch_to+0x5d9/0xf60 [ 12.857241] ? __schedule+0xce8/0x2840 [ 12.857266] ? __pfx_read_tsc+0x10/0x10 [ 12.857287] ? ktime_get_ts64+0x86/0x230 [ 12.857312] kunit_try_run_case+0x1a6/0x480 [ 12.857334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.857354] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.857374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.857397] ? __kthread_parkme+0x82/0x160 [ 12.857419] ? preempt_count_sub+0x50/0x80 [ 12.857442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.857475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.857524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.857548] kthread+0x324/0x6e0 [ 12.857569] ? trace_preempt_on+0x20/0xc0 [ 12.857592] ? __pfx_kthread+0x10/0x10 [ 12.857613] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.857636] ? calculate_sigpending+0x7b/0xa0 [ 12.857657] ? __pfx_kthread+0x10/0x10 [ 12.857679] ret_from_fork+0x41/0x80 [ 12.857696] ? __pfx_kthread+0x10/0x10 [ 12.858036] ret_from_fork_asm+0x1a/0x30 [ 12.858112] </TASK> [ 12.858123] [ 12.866420] Allocated by task 202: [ 12.866793] kasan_save_stack+0x45/0x70 [ 12.867135] kasan_save_track+0x18/0x40 [ 12.867278] kasan_save_alloc_info+0x3b/0x50 [ 12.867513] __kasan_kmalloc+0xb7/0xc0 [ 12.867855] __kmalloc_cache_noprof+0x18a/0x420 [ 12.868080] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.868526] kunit_try_run_case+0x1a6/0x480 [ 12.868762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.868986] kthread+0x324/0x6e0 [ 12.869237] ret_from_fork+0x41/0x80 [ 12.869373] ret_from_fork_asm+0x1a/0x30 [ 12.869515] [ 12.869587] The buggy address belongs to the object at ffff888102add000 [ 12.869587] which belongs to the cache kmalloc-128 of size 128 [ 12.870263] The buggy address is located 5 bytes to the right of [ 12.870263] allocated 115-byte region [ffff888102add000, ffff888102add073) [ 12.870850] [ 12.870954] The buggy address belongs to the physical page: [ 12.871434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 12.871744] flags: 0x200000000000000(node=0|zone=2) [ 12.871923] page_type: f5(slab) [ 12.872063] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.872413] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.872764] page dumped because: kasan: bad access detected [ 12.872942] [ 12.873014] Memory state around the buggy address: [ 12.873208] ffff888102adcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.873536] ffff888102adcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.873864] >ffff888102add000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.874158] ^ [ 12.874468] ffff888102add080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874686] ffff888102add100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.874987] ================================================================== [ 12.834927] ================================================================== [ 12.835537] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 12.835797] Read of size 1 at addr ffff888102add073 by task kunit_try_catch/202 [ 12.836061] [ 12.836663] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.836715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.836728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.836776] Call Trace: [ 12.836802] <TASK> [ 12.836825] dump_stack_lvl+0x73/0xb0 [ 12.836876] print_report+0xd1/0x650 [ 12.836898] ? __virt_addr_valid+0x1db/0x2d0 [ 12.836923] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.836945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.836970] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.836993] kasan_report+0x140/0x180 [ 12.837060] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 12.837087] __asan_report_load1_noabort+0x18/0x20 [ 12.837110] ksize_unpoisons_memory+0x81e/0x9b0 [ 12.837132] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.837153] ? finish_task_switch.isra.0+0x153/0x700 [ 12.837178] ? __switch_to+0x5d9/0xf60 [ 12.837205] ? __schedule+0xce8/0x2840 [ 12.837234] ? __pfx_read_tsc+0x10/0x10 [ 12.837256] ? ktime_get_ts64+0x86/0x230 [ 12.837285] kunit_try_run_case+0x1a6/0x480 [ 12.837310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.837331] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.837352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.837376] ? __kthread_parkme+0x82/0x160 [ 12.837399] ? preempt_count_sub+0x50/0x80 [ 12.837423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.837446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.837471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.837497] kthread+0x324/0x6e0 [ 12.837519] ? trace_preempt_on+0x20/0xc0 [ 12.837548] ? __pfx_kthread+0x10/0x10 [ 12.837572] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.837595] ? calculate_sigpending+0x7b/0xa0 [ 12.837617] ? __pfx_kthread+0x10/0x10 [ 12.837639] ret_from_fork+0x41/0x80 [ 12.837659] ? __pfx_kthread+0x10/0x10 [ 12.837681] ret_from_fork_asm+0x1a/0x30 [ 12.837713] </TASK> [ 12.837724] [ 12.845833] Allocated by task 202: [ 12.846068] kasan_save_stack+0x45/0x70 [ 12.846283] kasan_save_track+0x18/0x40 [ 12.846419] kasan_save_alloc_info+0x3b/0x50 [ 12.846567] __kasan_kmalloc+0xb7/0xc0 [ 12.846734] __kmalloc_cache_noprof+0x18a/0x420 [ 12.846964] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.847177] kunit_try_run_case+0x1a6/0x480 [ 12.847532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.847725] kthread+0x324/0x6e0 [ 12.847861] ret_from_fork+0x41/0x80 [ 12.847991] ret_from_fork_asm+0x1a/0x30 [ 12.848265] [ 12.848358] The buggy address belongs to the object at ffff888102add000 [ 12.848358] which belongs to the cache kmalloc-128 of size 128 [ 12.848832] The buggy address is located 0 bytes to the right of [ 12.848832] allocated 115-byte region [ffff888102add000, ffff888102add073) [ 12.849567] [ 12.849691] The buggy address belongs to the physical page: [ 12.849943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 12.850382] flags: 0x200000000000000(node=0|zone=2) [ 12.850610] page_type: f5(slab) [ 12.850738] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.851120] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.851630] page dumped because: kasan: bad access detected [ 12.851798] [ 12.851877] Memory state around the buggy address: [ 12.852310] ffff888102adcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852626] ffff888102adcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852858] >ffff888102add000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.853070] ^ [ 12.853668] ffff888102add080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854012] ffff888102add100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854461] ================================================================== [ 12.876206] ================================================================== [ 12.876518] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.876874] Read of size 1 at addr ffff888102add07f by task kunit_try_catch/202 [ 12.877196] [ 12.877298] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.877344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.877356] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.877377] Call Trace: [ 12.877398] <TASK> [ 12.877420] dump_stack_lvl+0x73/0xb0 [ 12.877448] print_report+0xd1/0x650 [ 12.877470] ? __virt_addr_valid+0x1db/0x2d0 [ 12.877494] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.877516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.877540] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.877562] kasan_report+0x140/0x180 [ 12.877583] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.877609] __asan_report_load1_noabort+0x18/0x20 [ 12.877631] ksize_unpoisons_memory+0x7b8/0x9b0 [ 12.877653] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.877674] ? finish_task_switch.isra.0+0x153/0x700 [ 12.877697] ? __switch_to+0x5d9/0xf60 [ 12.877723] ? __schedule+0xce8/0x2840 [ 12.877753] ? __pfx_read_tsc+0x10/0x10 [ 12.877774] ? ktime_get_ts64+0x86/0x230 [ 12.877800] kunit_try_run_case+0x1a6/0x480 [ 12.877823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.877855] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.877876] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.877900] ? __kthread_parkme+0x82/0x160 [ 12.877922] ? preempt_count_sub+0x50/0x80 [ 12.877945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.877967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.877992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.878017] kthread+0x324/0x6e0 [ 12.878038] ? trace_preempt_on+0x20/0xc0 [ 12.878061] ? __pfx_kthread+0x10/0x10 [ 12.878083] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.878105] ? calculate_sigpending+0x7b/0xa0 [ 12.878126] ? __pfx_kthread+0x10/0x10 [ 12.878148] ret_from_fork+0x41/0x80 [ 12.878166] ? __pfx_kthread+0x10/0x10 [ 12.878202] ret_from_fork_asm+0x1a/0x30 [ 12.878234] </TASK> [ 12.878244] [ 12.886387] Allocated by task 202: [ 12.886568] kasan_save_stack+0x45/0x70 [ 12.886781] kasan_save_track+0x18/0x40 [ 12.886985] kasan_save_alloc_info+0x3b/0x50 [ 12.887290] __kasan_kmalloc+0xb7/0xc0 [ 12.887424] __kmalloc_cache_noprof+0x18a/0x420 [ 12.887580] ksize_unpoisons_memory+0xc8/0x9b0 [ 12.887784] kunit_try_run_case+0x1a6/0x480 [ 12.888013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.888269] kthread+0x324/0x6e0 [ 12.888444] ret_from_fork+0x41/0x80 [ 12.888632] ret_from_fork_asm+0x1a/0x30 [ 12.888829] [ 12.888924] The buggy address belongs to the object at ffff888102add000 [ 12.888924] which belongs to the cache kmalloc-128 of size 128 [ 12.889325] The buggy address is located 12 bytes to the right of [ 12.889325] allocated 115-byte region [ffff888102add000, ffff888102add073) [ 12.890565] [ 12.890674] The buggy address belongs to the physical page: [ 12.890915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 12.891331] flags: 0x200000000000000(node=0|zone=2) [ 12.891503] page_type: f5(slab) [ 12.891631] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.891914] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.892627] page dumped because: kasan: bad access detected [ 12.892902] [ 12.892998] Memory state around the buggy address: [ 12.893257] ffff888102adcf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893866] ffff888102adcf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.894233] >ffff888102add000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.894451] ^ [ 12.894763] ffff888102add080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.895096] ffff888102add100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.895517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.808420] ================================================================== [ 12.809040] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.809258] Free of addr ffff888101b28040 by task kunit_try_catch/200 [ 12.809551] [ 12.809665] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.809708] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.809720] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.809749] Call Trace: [ 12.809764] <TASK> [ 12.809785] dump_stack_lvl+0x73/0xb0 [ 12.809814] print_report+0xd1/0x650 [ 12.809846] ? __virt_addr_valid+0x1db/0x2d0 [ 12.809871] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.809896] ? kfree_sensitive+0x2e/0x90 [ 12.809916] kasan_report_invalid_free+0xfc/0x120 [ 12.809939] ? kfree_sensitive+0x2e/0x90 [ 12.809959] ? kfree_sensitive+0x2e/0x90 [ 12.809978] check_slab_allocation+0x101/0x130 [ 12.809999] __kasan_slab_pre_free+0x28/0x40 [ 12.810018] kfree+0xf1/0x3f0 [ 12.810039] ? kfree_sensitive+0x2e/0x90 [ 12.810061] kfree_sensitive+0x2e/0x90 [ 12.810080] kmalloc_double_kzfree+0x19d/0x360 [ 12.810102] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.810124] ? __schedule+0xce8/0x2840 [ 12.810150] ? __pfx_read_tsc+0x10/0x10 [ 12.810172] ? ktime_get_ts64+0x86/0x230 [ 12.810199] kunit_try_run_case+0x1a6/0x480 [ 12.810223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810243] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.810265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.810289] ? __kthread_parkme+0x82/0x160 [ 12.810312] ? preempt_count_sub+0x50/0x80 [ 12.810337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.810358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.810383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.810408] kthread+0x324/0x6e0 [ 12.810429] ? trace_preempt_on+0x20/0xc0 [ 12.810754] ? __pfx_kthread+0x10/0x10 [ 12.810777] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.810801] ? calculate_sigpending+0x7b/0xa0 [ 12.810823] ? __pfx_kthread+0x10/0x10 [ 12.810858] ret_from_fork+0x41/0x80 [ 12.810878] ? __pfx_kthread+0x10/0x10 [ 12.810899] ret_from_fork_asm+0x1a/0x30 [ 12.810932] </TASK> [ 12.810943] [ 12.818935] Allocated by task 200: [ 12.819233] kasan_save_stack+0x45/0x70 [ 12.819402] kasan_save_track+0x18/0x40 [ 12.819540] kasan_save_alloc_info+0x3b/0x50 [ 12.819692] __kasan_kmalloc+0xb7/0xc0 [ 12.819906] __kmalloc_cache_noprof+0x18a/0x420 [ 12.820241] kmalloc_double_kzfree+0xaa/0x360 [ 12.820457] kunit_try_run_case+0x1a6/0x480 [ 12.820632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.820856] kthread+0x324/0x6e0 [ 12.820987] ret_from_fork+0x41/0x80 [ 12.821169] ret_from_fork_asm+0x1a/0x30 [ 12.821330] [ 12.821429] Freed by task 200: [ 12.821557] kasan_save_stack+0x45/0x70 [ 12.821755] kasan_save_track+0x18/0x40 [ 12.821934] kasan_save_free_info+0x3f/0x60 [ 12.822129] __kasan_slab_free+0x56/0x70 [ 12.822604] kfree+0x224/0x3f0 [ 12.822772] kfree_sensitive+0x67/0x90 [ 12.822920] kmalloc_double_kzfree+0x12c/0x360 [ 12.823275] kunit_try_run_case+0x1a6/0x480 [ 12.823492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.823753] kthread+0x324/0x6e0 [ 12.823915] ret_from_fork+0x41/0x80 [ 12.824176] ret_from_fork_asm+0x1a/0x30 [ 12.824341] [ 12.824442] The buggy address belongs to the object at ffff888101b28040 [ 12.824442] which belongs to the cache kmalloc-16 of size 16 [ 12.824923] The buggy address is located 0 bytes inside of [ 12.824923] 16-byte region [ffff888101b28040, ffff888101b28050) [ 12.825412] [ 12.825487] The buggy address belongs to the physical page: [ 12.825661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 12.825954] flags: 0x200000000000000(node=0|zone=2) [ 12.826191] page_type: f5(slab) [ 12.826374] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.826707] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.827244] page dumped because: kasan: bad access detected [ 12.827492] [ 12.827568] Memory state around the buggy address: [ 12.827771] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828133] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.828435] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.828653] ^ [ 12.828827] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829167] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.829485] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.785533] ================================================================== [ 12.786454] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 12.786799] Read of size 1 at addr ffff888101b28040 by task kunit_try_catch/200 [ 12.787154] [ 12.787292] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.787343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.787355] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.787377] Call Trace: [ 12.787392] <TASK> [ 12.787412] dump_stack_lvl+0x73/0xb0 [ 12.787440] print_report+0xd1/0x650 [ 12.787601] ? __virt_addr_valid+0x1db/0x2d0 [ 12.787627] ? kmalloc_double_kzfree+0x19d/0x360 [ 12.787649] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.787698] ? kmalloc_double_kzfree+0x19d/0x360 [ 12.787720] kasan_report+0x140/0x180 [ 12.787741] ? kmalloc_double_kzfree+0x19d/0x360 [ 12.787766] ? kmalloc_double_kzfree+0x19d/0x360 [ 12.787787] __kasan_check_byte+0x3d/0x50 [ 12.787808] kfree_sensitive+0x22/0x90 [ 12.787830] kmalloc_double_kzfree+0x19d/0x360 [ 12.787862] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.787885] ? __schedule+0xce8/0x2840 [ 12.787928] ? __pfx_read_tsc+0x10/0x10 [ 12.787951] ? ktime_get_ts64+0x86/0x230 [ 12.787977] kunit_try_run_case+0x1a6/0x480 [ 12.788098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.788120] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.788142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.788166] ? __kthread_parkme+0x82/0x160 [ 12.788190] ? preempt_count_sub+0x50/0x80 [ 12.788214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.788236] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.788262] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.788287] kthread+0x324/0x6e0 [ 12.788308] ? trace_preempt_on+0x20/0xc0 [ 12.788332] ? __pfx_kthread+0x10/0x10 [ 12.788354] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.788377] ? calculate_sigpending+0x7b/0xa0 [ 12.788400] ? __pfx_kthread+0x10/0x10 [ 12.788423] ret_from_fork+0x41/0x80 [ 12.788442] ? __pfx_kthread+0x10/0x10 [ 12.788463] ret_from_fork_asm+0x1a/0x30 [ 12.788496] </TASK> [ 12.788510] [ 12.796312] Allocated by task 200: [ 12.796526] kasan_save_stack+0x45/0x70 [ 12.796750] kasan_save_track+0x18/0x40 [ 12.796975] kasan_save_alloc_info+0x3b/0x50 [ 12.797313] __kasan_kmalloc+0xb7/0xc0 [ 12.797506] __kmalloc_cache_noprof+0x18a/0x420 [ 12.797665] kmalloc_double_kzfree+0xaa/0x360 [ 12.797918] kunit_try_run_case+0x1a6/0x480 [ 12.798218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.798473] kthread+0x324/0x6e0 [ 12.798598] ret_from_fork+0x41/0x80 [ 12.798726] ret_from_fork_asm+0x1a/0x30 [ 12.798913] [ 12.799161] Freed by task 200: [ 12.799327] kasan_save_stack+0x45/0x70 [ 12.799525] kasan_save_track+0x18/0x40 [ 12.799740] kasan_save_free_info+0x3f/0x60 [ 12.799957] __kasan_slab_free+0x56/0x70 [ 12.800237] kfree+0x224/0x3f0 [ 12.800427] kfree_sensitive+0x67/0x90 [ 12.800624] kmalloc_double_kzfree+0x12c/0x360 [ 12.800776] kunit_try_run_case+0x1a6/0x480 [ 12.800964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.801333] kthread+0x324/0x6e0 [ 12.801525] ret_from_fork+0x41/0x80 [ 12.801708] ret_from_fork_asm+0x1a/0x30 [ 12.801922] [ 12.802112] The buggy address belongs to the object at ffff888101b28040 [ 12.802112] which belongs to the cache kmalloc-16 of size 16 [ 12.802588] The buggy address is located 0 bytes inside of [ 12.802588] freed 16-byte region [ffff888101b28040, ffff888101b28050) [ 12.802965] [ 12.803271] The buggy address belongs to the physical page: [ 12.803551] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 12.803941] flags: 0x200000000000000(node=0|zone=2) [ 12.804269] page_type: f5(slab) [ 12.804411] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.804758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.805213] page dumped because: kasan: bad access detected [ 12.805395] [ 12.805465] Memory state around the buggy address: [ 12.805709] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.806130] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.806436] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 12.806649] ^ [ 12.806911] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.807242] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.807535] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.749018] ================================================================== [ 12.750240] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 12.750699] Read of size 1 at addr ffff888101b2b4a8 by task kunit_try_catch/196 [ 12.750938] [ 12.751104] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.751157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.751169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.751191] Call Trace: [ 12.751206] <TASK> [ 12.751260] dump_stack_lvl+0x73/0xb0 [ 12.751505] print_report+0xd1/0x650 [ 12.751530] ? __virt_addr_valid+0x1db/0x2d0 [ 12.751652] ? kmalloc_uaf2+0x4aa/0x520 [ 12.751673] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.751698] ? kmalloc_uaf2+0x4aa/0x520 [ 12.751717] kasan_report+0x140/0x180 [ 12.751739] ? kmalloc_uaf2+0x4aa/0x520 [ 12.751762] __asan_report_load1_noabort+0x18/0x20 [ 12.751784] kmalloc_uaf2+0x4aa/0x520 [ 12.751803] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.751821] ? finish_task_switch.isra.0+0x153/0x700 [ 12.751854] ? __switch_to+0x5d9/0xf60 [ 12.751881] ? __schedule+0xce8/0x2840 [ 12.751905] ? __pfx_read_tsc+0x10/0x10 [ 12.751926] ? ktime_get_ts64+0x86/0x230 [ 12.751951] kunit_try_run_case+0x1a6/0x480 [ 12.751974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.752000] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.752021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.752044] ? __kthread_parkme+0x82/0x160 [ 12.752066] ? preempt_count_sub+0x50/0x80 [ 12.752089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.752110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.752135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.752160] kthread+0x324/0x6e0 [ 12.752180] ? trace_preempt_on+0x20/0xc0 [ 12.752203] ? __pfx_kthread+0x10/0x10 [ 12.752225] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.752247] ? calculate_sigpending+0x7b/0xa0 [ 12.752268] ? __pfx_kthread+0x10/0x10 [ 12.752289] ret_from_fork+0x41/0x80 [ 12.752308] ? __pfx_kthread+0x10/0x10 [ 12.752329] ret_from_fork_asm+0x1a/0x30 [ 12.752360] </TASK> [ 12.752372] [ 12.767170] Allocated by task 196: [ 12.767407] kasan_save_stack+0x45/0x70 [ 12.767628] kasan_save_track+0x18/0x40 [ 12.767811] kasan_save_alloc_info+0x3b/0x50 [ 12.768139] __kasan_kmalloc+0xb7/0xc0 [ 12.768291] __kmalloc_cache_noprof+0x18a/0x420 [ 12.768537] kmalloc_uaf2+0xc7/0x520 [ 12.768720] kunit_try_run_case+0x1a6/0x480 [ 12.768912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.769248] kthread+0x324/0x6e0 [ 12.769433] ret_from_fork+0x41/0x80 [ 12.769638] ret_from_fork_asm+0x1a/0x30 [ 12.769860] [ 12.769978] Freed by task 196: [ 12.770288] kasan_save_stack+0x45/0x70 [ 12.770507] kasan_save_track+0x18/0x40 [ 12.770714] kasan_save_free_info+0x3f/0x60 [ 12.770919] __kasan_slab_free+0x56/0x70 [ 12.771166] kfree+0x224/0x3f0 [ 12.771310] kmalloc_uaf2+0x14d/0x520 [ 12.771496] kunit_try_run_case+0x1a6/0x480 [ 12.771725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.772104] kthread+0x324/0x6e0 [ 12.772286] ret_from_fork+0x41/0x80 [ 12.772421] ret_from_fork_asm+0x1a/0x30 [ 12.772562] [ 12.772638] The buggy address belongs to the object at ffff888101b2b480 [ 12.772638] which belongs to the cache kmalloc-64 of size 64 [ 12.773395] The buggy address is located 40 bytes inside of [ 12.773395] freed 64-byte region [ffff888101b2b480, ffff888101b2b4c0) [ 12.773940] [ 12.774126] The buggy address belongs to the physical page: [ 12.774360] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b2b [ 12.774716] flags: 0x200000000000000(node=0|zone=2) [ 12.774965] page_type: f5(slab) [ 12.775187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.775508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.775828] page dumped because: kasan: bad access detected [ 12.776179] [ 12.776281] Memory state around the buggy address: [ 12.776515] ffff888101b2b380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.776820] ffff888101b2b400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.777218] >ffff888101b2b480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.777558] ^ [ 12.777786] ffff888101b2b500: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.778219] ffff888101b2b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.778530] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.724673] ================================================================== [ 12.725344] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 12.725631] Write of size 33 at addr ffff888101b2b400 by task kunit_try_catch/194 [ 12.725989] [ 12.726344] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.726395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.726407] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.726428] Call Trace: [ 12.726441] <TASK> [ 12.726460] dump_stack_lvl+0x73/0xb0 [ 12.726489] print_report+0xd1/0x650 [ 12.726512] ? __virt_addr_valid+0x1db/0x2d0 [ 12.726534] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.726555] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.726580] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.726600] kasan_report+0x140/0x180 [ 12.726621] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.726645] kasan_check_range+0x10c/0x1c0 [ 12.726668] __asan_memset+0x27/0x50 [ 12.726690] kmalloc_uaf_memset+0x1a4/0x360 [ 12.726710] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.726731] ? __schedule+0xce8/0x2840 [ 12.726756] ? __pfx_read_tsc+0x10/0x10 [ 12.726778] ? ktime_get_ts64+0x86/0x230 [ 12.726805] kunit_try_run_case+0x1a6/0x480 [ 12.726829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.726862] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.726883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.726907] ? __kthread_parkme+0x82/0x160 [ 12.726930] ? preempt_count_sub+0x50/0x80 [ 12.726955] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.726977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.727002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.727027] kthread+0x324/0x6e0 [ 12.727048] ? trace_preempt_on+0x20/0xc0 [ 12.727071] ? __pfx_kthread+0x10/0x10 [ 12.727092] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.727115] ? calculate_sigpending+0x7b/0xa0 [ 12.727137] ? __pfx_kthread+0x10/0x10 [ 12.727159] ret_from_fork+0x41/0x80 [ 12.727194] ? __pfx_kthread+0x10/0x10 [ 12.727215] ret_from_fork_asm+0x1a/0x30 [ 12.727246] </TASK> [ 12.727257] [ 12.734118] Allocated by task 194: [ 12.734669] kasan_save_stack+0x45/0x70 [ 12.734910] kasan_save_track+0x18/0x40 [ 12.735319] kasan_save_alloc_info+0x3b/0x50 [ 12.735544] __kasan_kmalloc+0xb7/0xc0 [ 12.735734] __kmalloc_cache_noprof+0x18a/0x420 [ 12.735981] kmalloc_uaf_memset+0xaa/0x360 [ 12.736246] kunit_try_run_case+0x1a6/0x480 [ 12.736431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.736608] kthread+0x324/0x6e0 [ 12.736777] ret_from_fork+0x41/0x80 [ 12.736966] ret_from_fork_asm+0x1a/0x30 [ 12.737224] [ 12.737324] Freed by task 194: [ 12.737452] kasan_save_stack+0x45/0x70 [ 12.737644] kasan_save_track+0x18/0x40 [ 12.737806] kasan_save_free_info+0x3f/0x60 [ 12.737963] __kasan_slab_free+0x56/0x70 [ 12.738100] kfree+0x224/0x3f0 [ 12.738216] kmalloc_uaf_memset+0x12c/0x360 [ 12.738361] kunit_try_run_case+0x1a6/0x480 [ 12.738553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.738935] kthread+0x324/0x6e0 [ 12.739109] ret_from_fork+0x41/0x80 [ 12.739294] ret_from_fork_asm+0x1a/0x30 [ 12.739780] [ 12.739904] The buggy address belongs to the object at ffff888101b2b400 [ 12.739904] which belongs to the cache kmalloc-64 of size 64 [ 12.740456] The buggy address is located 0 bytes inside of [ 12.740456] freed 64-byte region [ffff888101b2b400, ffff888101b2b440) [ 12.740801] [ 12.740888] The buggy address belongs to the physical page: [ 12.741092] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b2b [ 12.741445] flags: 0x200000000000000(node=0|zone=2) [ 12.741679] page_type: f5(slab) [ 12.741926] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.742453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.742739] page dumped because: kasan: bad access detected [ 12.742916] [ 12.742993] Memory state around the buggy address: [ 12.743251] ffff888101b2b300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.744052] ffff888101b2b380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.744330] >ffff888101b2b400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.744546] ^ [ 12.744745] ffff888101b2b480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.745225] ffff888101b2b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.745567] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.695407] ================================================================== [ 12.695936] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 12.696265] Read of size 1 at addr ffff888101b28028 by task kunit_try_catch/192 [ 12.696523] [ 12.696636] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.696685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.696697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.696734] Call Trace: [ 12.696749] <TASK> [ 12.696771] dump_stack_lvl+0x73/0xb0 [ 12.696800] print_report+0xd1/0x650 [ 12.696823] ? __virt_addr_valid+0x1db/0x2d0 [ 12.696869] ? kmalloc_uaf+0x322/0x380 [ 12.696889] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.696934] ? kmalloc_uaf+0x322/0x380 [ 12.696954] kasan_report+0x140/0x180 [ 12.696975] ? kmalloc_uaf+0x322/0x380 [ 12.696998] __asan_report_load1_noabort+0x18/0x20 [ 12.697021] kmalloc_uaf+0x322/0x380 [ 12.697040] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.697060] ? __schedule+0xce8/0x2840 [ 12.697097] ? __pfx_read_tsc+0x10/0x10 [ 12.697119] ? ktime_get_ts64+0x86/0x230 [ 12.697145] kunit_try_run_case+0x1a6/0x480 [ 12.697169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.697193] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.697215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.697239] ? __kthread_parkme+0x82/0x160 [ 12.697262] ? preempt_count_sub+0x50/0x80 [ 12.697288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.697311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.697336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.697361] kthread+0x324/0x6e0 [ 12.697383] ? trace_preempt_on+0x20/0xc0 [ 12.697407] ? __pfx_kthread+0x10/0x10 [ 12.697429] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.697452] ? calculate_sigpending+0x7b/0xa0 [ 12.697473] ? __pfx_kthread+0x10/0x10 [ 12.697495] ret_from_fork+0x41/0x80 [ 12.697514] ? __pfx_kthread+0x10/0x10 [ 12.697536] ret_from_fork_asm+0x1a/0x30 [ 12.697568] </TASK> [ 12.697579] [ 12.705145] Allocated by task 192: [ 12.705367] kasan_save_stack+0x45/0x70 [ 12.705591] kasan_save_track+0x18/0x40 [ 12.705759] kasan_save_alloc_info+0x3b/0x50 [ 12.705925] __kasan_kmalloc+0xb7/0xc0 [ 12.706298] __kmalloc_cache_noprof+0x18a/0x420 [ 12.706531] kmalloc_uaf+0xab/0x380 [ 12.706717] kunit_try_run_case+0x1a6/0x480 [ 12.706924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.707223] kthread+0x324/0x6e0 [ 12.707405] ret_from_fork+0x41/0x80 [ 12.707555] ret_from_fork_asm+0x1a/0x30 [ 12.707728] [ 12.707828] Freed by task 192: [ 12.707978] kasan_save_stack+0x45/0x70 [ 12.708180] kasan_save_track+0x18/0x40 [ 12.708789] kasan_save_free_info+0x3f/0x60 [ 12.709174] __kasan_slab_free+0x56/0x70 [ 12.709317] kfree+0x224/0x3f0 [ 12.709435] kmalloc_uaf+0x12d/0x380 [ 12.709564] kunit_try_run_case+0x1a6/0x480 [ 12.709778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.710069] kthread+0x324/0x6e0 [ 12.710246] ret_from_fork+0x41/0x80 [ 12.710431] ret_from_fork_asm+0x1a/0x30 [ 12.710622] [ 12.710721] The buggy address belongs to the object at ffff888101b28020 [ 12.710721] which belongs to the cache kmalloc-16 of size 16 [ 12.711334] The buggy address is located 8 bytes inside of [ 12.711334] freed 16-byte region [ffff888101b28020, ffff888101b28030) [ 12.711788] [ 12.711880] The buggy address belongs to the physical page: [ 12.712192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 12.712523] flags: 0x200000000000000(node=0|zone=2) [ 12.712749] page_type: f5(slab) [ 12.712887] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.713154] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.713610] page dumped because: kasan: bad access detected [ 12.713882] [ 12.713968] Memory state around the buggy address: [ 12.714297] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.714556] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.714786] >ffff888101b28000: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.715111] ^ [ 12.715455] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.715782] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.716023] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.658507] ================================================================== [ 12.659294] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 12.660581] Read of size 64 at addr ffff888102ad8484 by task kunit_try_catch/190 [ 12.660874] [ 12.660983] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.661035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.661049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.661070] Call Trace: [ 12.661089] <TASK> [ 12.661121] dump_stack_lvl+0x73/0xb0 [ 12.661155] print_report+0xd1/0x650 [ 12.661178] ? __virt_addr_valid+0x1db/0x2d0 [ 12.661200] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.661224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.661249] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.661272] kasan_report+0x140/0x180 [ 12.661294] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.661321] kasan_check_range+0x10c/0x1c0 [ 12.661344] __asan_memmove+0x27/0x70 [ 12.661366] kmalloc_memmove_invalid_size+0x170/0x330 [ 12.661389] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.661412] ? __schedule+0xce8/0x2840 [ 12.661437] ? __pfx_read_tsc+0x10/0x10 [ 12.661459] ? ktime_get_ts64+0x86/0x230 [ 12.661485] kunit_try_run_case+0x1a6/0x480 [ 12.661510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661530] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.661551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.661575] ? __kthread_parkme+0x82/0x160 [ 12.661597] ? preempt_count_sub+0x50/0x80 [ 12.661622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.661644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.661669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.661694] kthread+0x324/0x6e0 [ 12.661715] ? trace_preempt_on+0x20/0xc0 [ 12.661738] ? __pfx_kthread+0x10/0x10 [ 12.661766] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.661788] ? calculate_sigpending+0x7b/0xa0 [ 12.661809] ? __pfx_kthread+0x10/0x10 [ 12.661831] ret_from_fork+0x41/0x80 [ 12.661859] ? __pfx_kthread+0x10/0x10 [ 12.661881] ret_from_fork_asm+0x1a/0x30 [ 12.661912] </TASK> [ 12.661923] [ 12.676032] Allocated by task 190: [ 12.676495] kasan_save_stack+0x45/0x70 [ 12.676907] kasan_save_track+0x18/0x40 [ 12.677289] kasan_save_alloc_info+0x3b/0x50 [ 12.677671] __kasan_kmalloc+0xb7/0xc0 [ 12.677813] __kmalloc_cache_noprof+0x18a/0x420 [ 12.677979] kmalloc_memmove_invalid_size+0xad/0x330 [ 12.678275] kunit_try_run_case+0x1a6/0x480 [ 12.678670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.679361] kthread+0x324/0x6e0 [ 12.679669] ret_from_fork+0x41/0x80 [ 12.680012] ret_from_fork_asm+0x1a/0x30 [ 12.680460] [ 12.680627] The buggy address belongs to the object at ffff888102ad8480 [ 12.680627] which belongs to the cache kmalloc-64 of size 64 [ 12.681658] The buggy address is located 4 bytes inside of [ 12.681658] allocated 64-byte region [ffff888102ad8480, ffff888102ad84c0) [ 12.682158] [ 12.682356] The buggy address belongs to the physical page: [ 12.682830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 12.683751] flags: 0x200000000000000(node=0|zone=2) [ 12.684314] page_type: f5(slab) [ 12.684692] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.685272] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.685502] page dumped because: kasan: bad access detected [ 12.685674] [ 12.685751] Memory state around the buggy address: [ 12.685930] ffff888102ad8380: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.686237] ffff888102ad8400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.686644] >ffff888102ad8480: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.686891] ^ [ 12.687647] ffff888102ad8500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.687999] ffff888102ad8580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.688323] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.626490] ================================================================== [ 12.628018] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 12.628859] Read of size 18446744073709551614 at addr ffff888102ad8304 by task kunit_try_catch/188 [ 12.629541] [ 12.629643] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.629694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.629707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.629730] Call Trace: [ 12.629752] <TASK> [ 12.629776] dump_stack_lvl+0x73/0xb0 [ 12.629811] print_report+0xd1/0x650 [ 12.629833] ? __virt_addr_valid+0x1db/0x2d0 [ 12.629871] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.629894] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.629920] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.629967] kasan_report+0x140/0x180 [ 12.629989] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.630070] kasan_check_range+0x10c/0x1c0 [ 12.630093] __asan_memmove+0x27/0x70 [ 12.630163] kmalloc_memmove_negative_size+0x172/0x330 [ 12.630186] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.630210] ? __schedule+0xce8/0x2840 [ 12.630237] ? __pfx_read_tsc+0x10/0x10 [ 12.630290] ? ktime_get_ts64+0x86/0x230 [ 12.630318] kunit_try_run_case+0x1a6/0x480 [ 12.630343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.630363] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.630384] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.630409] ? __kthread_parkme+0x82/0x160 [ 12.630431] ? preempt_count_sub+0x50/0x80 [ 12.630457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.630478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.630503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.630528] kthread+0x324/0x6e0 [ 12.630549] ? trace_preempt_on+0x20/0xc0 [ 12.630573] ? __pfx_kthread+0x10/0x10 [ 12.630594] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.630617] ? calculate_sigpending+0x7b/0xa0 [ 12.630639] ? __pfx_kthread+0x10/0x10 [ 12.630661] ret_from_fork+0x41/0x80 [ 12.630679] ? __pfx_kthread+0x10/0x10 [ 12.630700] ret_from_fork_asm+0x1a/0x30 [ 12.630732] </TASK> [ 12.630745] [ 12.644649] Allocated by task 188: [ 12.644820] kasan_save_stack+0x45/0x70 [ 12.645031] kasan_save_track+0x18/0x40 [ 12.645236] kasan_save_alloc_info+0x3b/0x50 [ 12.645400] __kasan_kmalloc+0xb7/0xc0 [ 12.645611] __kmalloc_cache_noprof+0x18a/0x420 [ 12.645831] kmalloc_memmove_negative_size+0xad/0x330 [ 12.646026] kunit_try_run_case+0x1a6/0x480 [ 12.646309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.646661] kthread+0x324/0x6e0 [ 12.646792] ret_from_fork+0x41/0x80 [ 12.646983] ret_from_fork_asm+0x1a/0x30 [ 12.647442] [ 12.647543] The buggy address belongs to the object at ffff888102ad8300 [ 12.647543] which belongs to the cache kmalloc-64 of size 64 [ 12.647987] The buggy address is located 4 bytes inside of [ 12.647987] 64-byte region [ffff888102ad8300, ffff888102ad8340) [ 12.648524] [ 12.648636] The buggy address belongs to the physical page: [ 12.648882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ad8 [ 12.649296] flags: 0x200000000000000(node=0|zone=2) [ 12.649494] page_type: f5(slab) [ 12.649693] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.650032] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.650678] page dumped because: kasan: bad access detected [ 12.650945] [ 12.651458] Memory state around the buggy address: [ 12.651696] ffff888102ad8200: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.652190] ffff888102ad8280: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.652744] >ffff888102ad8300: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.653398] ^ [ 12.653724] ffff888102ad8380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.654523] ffff888102ad8400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.654917] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.581643] ================================================================== [ 12.582494] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 12.582875] Write of size 16 at addr ffff888101b0ec69 by task kunit_try_catch/186 [ 12.583759] [ 12.583876] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.583926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.583938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.583961] Call Trace: [ 12.583988] <TASK> [ 12.584027] dump_stack_lvl+0x73/0xb0 [ 12.584261] print_report+0xd1/0x650 [ 12.584285] ? __virt_addr_valid+0x1db/0x2d0 [ 12.584322] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.584343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.584368] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.584388] kasan_report+0x140/0x180 [ 12.584409] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.584434] kasan_check_range+0x10c/0x1c0 [ 12.584456] __asan_memset+0x27/0x50 [ 12.584478] kmalloc_oob_memset_16+0x167/0x330 [ 12.584499] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.584521] ? __schedule+0xce8/0x2840 [ 12.584547] ? __pfx_read_tsc+0x10/0x10 [ 12.584570] ? ktime_get_ts64+0x86/0x230 [ 12.584596] kunit_try_run_case+0x1a6/0x480 [ 12.584621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.584642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.584663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.584687] ? __kthread_parkme+0x82/0x160 [ 12.584709] ? preempt_count_sub+0x50/0x80 [ 12.584736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.584757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.584782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.584807] kthread+0x324/0x6e0 [ 12.584828] ? trace_preempt_on+0x20/0xc0 [ 12.584863] ? __pfx_kthread+0x10/0x10 [ 12.584884] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.584907] ? calculate_sigpending+0x7b/0xa0 [ 12.584930] ? __pfx_kthread+0x10/0x10 [ 12.584953] ret_from_fork+0x41/0x80 [ 12.584973] ? __pfx_kthread+0x10/0x10 [ 12.584996] ret_from_fork_asm+0x1a/0x30 [ 12.585038] </TASK> [ 12.585060] [ 12.603459] Allocated by task 186: [ 12.604172] kasan_save_stack+0x45/0x70 [ 12.604731] kasan_save_track+0x18/0x40 [ 12.605304] kasan_save_alloc_info+0x3b/0x50 [ 12.605846] __kasan_kmalloc+0xb7/0xc0 [ 12.606024] __kmalloc_cache_noprof+0x18a/0x420 [ 12.606233] kmalloc_oob_memset_16+0xad/0x330 [ 12.606423] kunit_try_run_case+0x1a6/0x480 [ 12.606611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.606834] kthread+0x324/0x6e0 [ 12.607000] ret_from_fork+0x41/0x80 [ 12.607162] ret_from_fork_asm+0x1a/0x30 [ 12.607340] [ 12.607431] The buggy address belongs to the object at ffff888101b0ec00 [ 12.607431] which belongs to the cache kmalloc-128 of size 128 [ 12.608102] The buggy address is located 105 bytes inside of [ 12.608102] allocated 120-byte region [ffff888101b0ec00, ffff888101b0ec78) [ 12.610020] [ 12.610321] The buggy address belongs to the physical page: [ 12.611051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.611977] flags: 0x200000000000000(node=0|zone=2) [ 12.612645] page_type: f5(slab) [ 12.613153] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.614065] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.614934] page dumped because: kasan: bad access detected [ 12.615621] [ 12.615821] Memory state around the buggy address: [ 12.616482] ffff888101b0eb00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.617346] ffff888101b0eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.618196] >ffff888101b0ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.619033] ^ [ 12.619899] ffff888101b0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.620728] ffff888101b0ed00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.621605] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.547495] ================================================================== [ 12.548016] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 12.548791] Write of size 8 at addr ffff888102ac8f71 by task kunit_try_catch/184 [ 12.549674] [ 12.549821] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.549881] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.549893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.549917] Call Trace: [ 12.549933] <TASK> [ 12.549954] dump_stack_lvl+0x73/0xb0 [ 12.549987] print_report+0xd1/0x650 [ 12.550010] ? __virt_addr_valid+0x1db/0x2d0 [ 12.550040] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.550061] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.550086] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.550106] kasan_report+0x140/0x180 [ 12.550127] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.550161] kasan_check_range+0x10c/0x1c0 [ 12.550184] __asan_memset+0x27/0x50 [ 12.550206] kmalloc_oob_memset_8+0x167/0x330 [ 12.550227] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.550248] ? __schedule+0xce8/0x2840 [ 12.550274] ? __pfx_read_tsc+0x10/0x10 [ 12.550297] ? ktime_get_ts64+0x86/0x230 [ 12.550324] kunit_try_run_case+0x1a6/0x480 [ 12.550349] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.550369] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.550412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.550437] ? __kthread_parkme+0x82/0x160 [ 12.550476] ? preempt_count_sub+0x50/0x80 [ 12.550501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.550523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.550548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.550573] kthread+0x324/0x6e0 [ 12.550594] ? trace_preempt_on+0x20/0xc0 [ 12.550618] ? __pfx_kthread+0x10/0x10 [ 12.550640] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.550662] ? calculate_sigpending+0x7b/0xa0 [ 12.550683] ? __pfx_kthread+0x10/0x10 [ 12.550705] ret_from_fork+0x41/0x80 [ 12.550724] ? __pfx_kthread+0x10/0x10 [ 12.550745] ret_from_fork_asm+0x1a/0x30 [ 12.550777] </TASK> [ 12.550789] [ 12.563790] Allocated by task 184: [ 12.563966] kasan_save_stack+0x45/0x70 [ 12.564583] kasan_save_track+0x18/0x40 [ 12.564964] kasan_save_alloc_info+0x3b/0x50 [ 12.565506] __kasan_kmalloc+0xb7/0xc0 [ 12.565927] __kmalloc_cache_noprof+0x18a/0x420 [ 12.566464] kmalloc_oob_memset_8+0xad/0x330 [ 12.566878] kunit_try_run_case+0x1a6/0x480 [ 12.567325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.567783] kthread+0x324/0x6e0 [ 12.567929] ret_from_fork+0x41/0x80 [ 12.568365] ret_from_fork_asm+0x1a/0x30 [ 12.568943] [ 12.569112] The buggy address belongs to the object at ffff888102ac8f00 [ 12.569112] which belongs to the cache kmalloc-128 of size 128 [ 12.570335] The buggy address is located 113 bytes inside of [ 12.570335] allocated 120-byte region [ffff888102ac8f00, ffff888102ac8f78) [ 12.570894] [ 12.570973] The buggy address belongs to the physical page: [ 12.571422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 12.572263] flags: 0x200000000000000(node=0|zone=2) [ 12.572728] page_type: f5(slab) [ 12.573199] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.573801] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.574211] page dumped because: kasan: bad access detected [ 12.574723] [ 12.574901] Memory state around the buggy address: [ 12.575510] ffff888102ac8e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.576198] ffff888102ac8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.576422] >ffff888102ac8f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.576634] ^ [ 12.576864] ffff888102ac8f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.577203] ffff888102ac9000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.577497] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.515711] ================================================================== [ 12.516223] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 12.517170] Write of size 4 at addr ffff888101b0eb75 by task kunit_try_catch/182 [ 12.518175] [ 12.518277] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.518326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.518383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.518405] Call Trace: [ 12.518420] <TASK> [ 12.518467] dump_stack_lvl+0x73/0xb0 [ 12.518498] print_report+0xd1/0x650 [ 12.518675] ? __virt_addr_valid+0x1db/0x2d0 [ 12.518705] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.518727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.518753] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.518775] kasan_report+0x140/0x180 [ 12.518797] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.518822] kasan_check_range+0x10c/0x1c0 [ 12.518857] __asan_memset+0x27/0x50 [ 12.518882] kmalloc_oob_memset_4+0x167/0x330 [ 12.518904] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.518926] ? __schedule+0xce8/0x2840 [ 12.518950] ? __pfx_read_tsc+0x10/0x10 [ 12.518972] ? ktime_get_ts64+0x86/0x230 [ 12.519272] kunit_try_run_case+0x1a6/0x480 [ 12.519312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.519335] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.519356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.519381] ? __kthread_parkme+0x82/0x160 [ 12.519404] ? preempt_count_sub+0x50/0x80 [ 12.519429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.519451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.519476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.519501] kthread+0x324/0x6e0 [ 12.519522] ? trace_preempt_on+0x20/0xc0 [ 12.519546] ? __pfx_kthread+0x10/0x10 [ 12.519567] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.519589] ? calculate_sigpending+0x7b/0xa0 [ 12.519611] ? __pfx_kthread+0x10/0x10 [ 12.519633] ret_from_fork+0x41/0x80 [ 12.519652] ? __pfx_kthread+0x10/0x10 [ 12.519673] ret_from_fork_asm+0x1a/0x30 [ 12.519704] </TASK> [ 12.519716] [ 12.530775] Allocated by task 182: [ 12.530996] kasan_save_stack+0x45/0x70 [ 12.531833] kasan_save_track+0x18/0x40 [ 12.532032] kasan_save_alloc_info+0x3b/0x50 [ 12.532209] __kasan_kmalloc+0xb7/0xc0 [ 12.532405] __kmalloc_cache_noprof+0x18a/0x420 [ 12.532621] kmalloc_oob_memset_4+0xad/0x330 [ 12.532821] kunit_try_run_case+0x1a6/0x480 [ 12.533035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.533723] kthread+0x324/0x6e0 [ 12.533901] ret_from_fork+0x41/0x80 [ 12.534303] ret_from_fork_asm+0x1a/0x30 [ 12.534500] [ 12.534749] The buggy address belongs to the object at ffff888101b0eb00 [ 12.534749] which belongs to the cache kmalloc-128 of size 128 [ 12.535608] The buggy address is located 117 bytes inside of [ 12.535608] allocated 120-byte region [ffff888101b0eb00, ffff888101b0eb78) [ 12.536516] [ 12.536619] The buggy address belongs to the physical page: [ 12.536854] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.537504] flags: 0x200000000000000(node=0|zone=2) [ 12.537693] page_type: f5(slab) [ 12.537973] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.538410] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.538738] page dumped because: kasan: bad access detected [ 12.538988] [ 12.539067] Memory state around the buggy address: [ 12.539888] ffff888101b0ea00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.540330] ffff888101b0ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.540597] >ffff888101b0eb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.540931] ^ [ 12.541591] ffff888101b0eb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542012] ffff888101b0ec00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.542464] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.485378] ================================================================== [ 12.485817] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 12.486091] Write of size 2 at addr ffff888101b0ea77 by task kunit_try_catch/180 [ 12.486318] [ 12.486406] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.486453] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.486465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.486486] Call Trace: [ 12.486500] <TASK> [ 12.486520] dump_stack_lvl+0x73/0xb0 [ 12.486548] print_report+0xd1/0x650 [ 12.486570] ? __virt_addr_valid+0x1db/0x2d0 [ 12.486592] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.486613] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.486637] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.486657] kasan_report+0x140/0x180 [ 12.486678] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.486702] kasan_check_range+0x10c/0x1c0 [ 12.486724] __asan_memset+0x27/0x50 [ 12.486746] kmalloc_oob_memset_2+0x167/0x330 [ 12.486767] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.486788] ? __schedule+0xce8/0x2840 [ 12.486812] ? __pfx_read_tsc+0x10/0x10 [ 12.486834] ? ktime_get_ts64+0x86/0x230 [ 12.486910] kunit_try_run_case+0x1a6/0x480 [ 12.486934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.486955] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.486975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.487000] ? __kthread_parkme+0x82/0x160 [ 12.487022] ? preempt_count_sub+0x50/0x80 [ 12.487344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.487370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.487396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.487788] kthread+0x324/0x6e0 [ 12.487820] ? trace_preempt_on+0x20/0xc0 [ 12.487857] ? __pfx_kthread+0x10/0x10 [ 12.487879] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.488138] ? calculate_sigpending+0x7b/0xa0 [ 12.488164] ? __pfx_kthread+0x10/0x10 [ 12.488186] ret_from_fork+0x41/0x80 [ 12.488207] ? __pfx_kthread+0x10/0x10 [ 12.488228] ret_from_fork_asm+0x1a/0x30 [ 12.488260] </TASK> [ 12.488271] [ 12.502198] Allocated by task 180: [ 12.502562] kasan_save_stack+0x45/0x70 [ 12.502945] kasan_save_track+0x18/0x40 [ 12.503592] kasan_save_alloc_info+0x3b/0x50 [ 12.504050] __kasan_kmalloc+0xb7/0xc0 [ 12.504336] __kmalloc_cache_noprof+0x18a/0x420 [ 12.504501] kmalloc_oob_memset_2+0xad/0x330 [ 12.504647] kunit_try_run_case+0x1a6/0x480 [ 12.504797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.505023] kthread+0x324/0x6e0 [ 12.505227] ret_from_fork+0x41/0x80 [ 12.505386] ret_from_fork_asm+0x1a/0x30 [ 12.505539] [ 12.505636] The buggy address belongs to the object at ffff888101b0ea00 [ 12.505636] which belongs to the cache kmalloc-128 of size 128 [ 12.506253] The buggy address is located 119 bytes inside of [ 12.506253] allocated 120-byte region [ffff888101b0ea00, ffff888101b0ea78) [ 12.506725] [ 12.506800] The buggy address belongs to the physical page: [ 12.507350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.507690] flags: 0x200000000000000(node=0|zone=2) [ 12.507932] page_type: f5(slab) [ 12.508174] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.508508] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.508822] page dumped because: kasan: bad access detected [ 12.509146] [ 12.509245] Memory state around the buggy address: [ 12.509417] ffff888101b0e900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.509702] ffff888101b0e980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.510111] >ffff888101b0ea00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.510400] ^ [ 12.510671] ffff888101b0ea80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.510949] ffff888101b0eb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.511570] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.448109] ================================================================== [ 12.449220] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 12.449488] Write of size 128 at addr ffff888102ac8e00 by task kunit_try_catch/178 [ 12.449719] [ 12.449817] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.449875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.449887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.449909] Call Trace: [ 12.449922] <TASK> [ 12.449942] dump_stack_lvl+0x73/0xb0 [ 12.449969] print_report+0xd1/0x650 [ 12.449991] ? __virt_addr_valid+0x1db/0x2d0 [ 12.450014] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.450034] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.450059] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.450079] kasan_report+0x140/0x180 [ 12.450100] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.450124] kasan_check_range+0x10c/0x1c0 [ 12.450146] __asan_memset+0x27/0x50 [ 12.450168] kmalloc_oob_in_memset+0x160/0x320 [ 12.450189] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.450210] ? __schedule+0xce8/0x2840 [ 12.450235] ? __pfx_read_tsc+0x10/0x10 [ 12.450256] ? ktime_get_ts64+0x86/0x230 [ 12.450282] kunit_try_run_case+0x1a6/0x480 [ 12.450306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.450326] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.450346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.450370] ? __kthread_parkme+0x82/0x160 [ 12.450393] ? preempt_count_sub+0x50/0x80 [ 12.450418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.450439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.450464] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.450489] kthread+0x324/0x6e0 [ 12.450510] ? trace_preempt_on+0x20/0xc0 [ 12.450533] ? __pfx_kthread+0x10/0x10 [ 12.450554] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.450577] ? calculate_sigpending+0x7b/0xa0 [ 12.450598] ? __pfx_kthread+0x10/0x10 [ 12.450620] ret_from_fork+0x41/0x80 [ 12.450638] ? __pfx_kthread+0x10/0x10 [ 12.450660] ret_from_fork_asm+0x1a/0x30 [ 12.450691] </TASK> [ 12.450702] [ 12.466706] Allocated by task 178: [ 12.466945] kasan_save_stack+0x45/0x70 [ 12.467210] kasan_save_track+0x18/0x40 [ 12.467682] kasan_save_alloc_info+0x3b/0x50 [ 12.468151] __kasan_kmalloc+0xb7/0xc0 [ 12.468543] __kmalloc_cache_noprof+0x18a/0x420 [ 12.468809] kmalloc_oob_in_memset+0xad/0x320 [ 12.468970] kunit_try_run_case+0x1a6/0x480 [ 12.469506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.470045] kthread+0x324/0x6e0 [ 12.470515] ret_from_fork+0x41/0x80 [ 12.470880] ret_from_fork_asm+0x1a/0x30 [ 12.471036] [ 12.471498] The buggy address belongs to the object at ffff888102ac8e00 [ 12.471498] which belongs to the cache kmalloc-128 of size 128 [ 12.472466] The buggy address is located 0 bytes inside of [ 12.472466] allocated 120-byte region [ffff888102ac8e00, ffff888102ac8e78) [ 12.472830] [ 12.472920] The buggy address belongs to the physical page: [ 12.473252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 12.474060] flags: 0x200000000000000(node=0|zone=2) [ 12.474616] page_type: f5(slab) [ 12.474941] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.475670] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.476749] page dumped because: kasan: bad access detected [ 12.477361] [ 12.477445] Memory state around the buggy address: [ 12.477831] ffff888102ac8d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.478454] ffff888102ac8d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.478797] >ffff888102ac8e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.479070] ^ [ 12.479755] ffff888102ac8e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.480503] ffff888102ac8f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481167] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.413978] ================================================================== [ 12.414882] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 12.415146] Read of size 16 at addr ffff888101b28000 by task kunit_try_catch/176 [ 12.415877] [ 12.416088] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.416135] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.416147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.416169] Call Trace: [ 12.416182] <TASK> [ 12.416202] dump_stack_lvl+0x73/0xb0 [ 12.416232] print_report+0xd1/0x650 [ 12.416255] ? __virt_addr_valid+0x1db/0x2d0 [ 12.416278] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.416297] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.416323] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.416342] kasan_report+0x140/0x180 [ 12.416363] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.416387] __asan_report_load16_noabort+0x18/0x20 [ 12.416410] kmalloc_uaf_16+0x47d/0x4c0 [ 12.416429] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.416450] ? __schedule+0xce8/0x2840 [ 12.416474] ? __pfx_read_tsc+0x10/0x10 [ 12.416496] ? ktime_get_ts64+0x86/0x230 [ 12.416521] kunit_try_run_case+0x1a6/0x480 [ 12.416544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.416565] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.416585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.416609] ? __kthread_parkme+0x82/0x160 [ 12.416631] ? preempt_count_sub+0x50/0x80 [ 12.416656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.416677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.416702] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.416727] kthread+0x324/0x6e0 [ 12.416748] ? trace_preempt_on+0x20/0xc0 [ 12.416771] ? __pfx_kthread+0x10/0x10 [ 12.416792] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.416815] ? calculate_sigpending+0x7b/0xa0 [ 12.416847] ? __pfx_kthread+0x10/0x10 [ 12.416869] ret_from_fork+0x41/0x80 [ 12.416887] ? __pfx_kthread+0x10/0x10 [ 12.416909] ret_from_fork_asm+0x1a/0x30 [ 12.416940] </TASK> [ 12.416951] [ 12.428931] Allocated by task 176: [ 12.429258] kasan_save_stack+0x45/0x70 [ 12.429624] kasan_save_track+0x18/0x40 [ 12.429994] kasan_save_alloc_info+0x3b/0x50 [ 12.430533] __kasan_kmalloc+0xb7/0xc0 [ 12.430947] __kmalloc_cache_noprof+0x18a/0x420 [ 12.431413] kmalloc_uaf_16+0x15c/0x4c0 [ 12.431815] kunit_try_run_case+0x1a6/0x480 [ 12.432276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.432522] kthread+0x324/0x6e0 [ 12.432654] ret_from_fork+0x41/0x80 [ 12.432786] ret_from_fork_asm+0x1a/0x30 [ 12.432940] [ 12.433025] Freed by task 176: [ 12.433365] kasan_save_stack+0x45/0x70 [ 12.433783] kasan_save_track+0x18/0x40 [ 12.434231] kasan_save_free_info+0x3f/0x60 [ 12.434695] __kasan_slab_free+0x56/0x70 [ 12.435114] kfree+0x224/0x3f0 [ 12.435483] kmalloc_uaf_16+0x1d7/0x4c0 [ 12.435865] kunit_try_run_case+0x1a6/0x480 [ 12.436355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.436863] kthread+0x324/0x6e0 [ 12.437108] ret_from_fork+0x41/0x80 [ 12.437544] ret_from_fork_asm+0x1a/0x30 [ 12.437720] [ 12.437803] The buggy address belongs to the object at ffff888101b28000 [ 12.437803] which belongs to the cache kmalloc-16 of size 16 [ 12.438735] The buggy address is located 0 bytes inside of [ 12.438735] freed 16-byte region [ffff888101b28000, ffff888101b28010) [ 12.439980] [ 12.440269] The buggy address belongs to the physical page: [ 12.440623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 12.440880] flags: 0x200000000000000(node=0|zone=2) [ 12.441063] page_type: f5(slab) [ 12.441274] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.441580] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.441864] page dumped because: kasan: bad access detected [ 12.442202] [ 12.442301] Memory state around the buggy address: [ 12.442496] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.442811] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.443037] >ffff888101b28000: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.443519] ^ [ 12.443734] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.443987] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.444410] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.382815] ================================================================== [ 12.384157] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 12.384894] Write of size 16 at addr ffff888101a9cfa0 by task kunit_try_catch/174 [ 12.385664] [ 12.385890] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.385963] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.385976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.385998] Call Trace: [ 12.386023] <TASK> [ 12.386054] dump_stack_lvl+0x73/0xb0 [ 12.386089] print_report+0xd1/0x650 [ 12.386111] ? __virt_addr_valid+0x1db/0x2d0 [ 12.386135] ? kmalloc_oob_16+0x454/0x4a0 [ 12.386155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.386180] ? kmalloc_oob_16+0x454/0x4a0 [ 12.386200] kasan_report+0x140/0x180 [ 12.386221] ? kmalloc_oob_16+0x454/0x4a0 [ 12.386244] __asan_report_store16_noabort+0x1b/0x30 [ 12.386267] kmalloc_oob_16+0x454/0x4a0 [ 12.386287] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.386308] ? __schedule+0xce8/0x2840 [ 12.386334] ? __pfx_read_tsc+0x10/0x10 [ 12.386356] ? ktime_get_ts64+0x86/0x230 [ 12.386382] kunit_try_run_case+0x1a6/0x480 [ 12.386406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.386426] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.386447] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.386471] ? __kthread_parkme+0x82/0x160 [ 12.386494] ? preempt_count_sub+0x50/0x80 [ 12.386520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.386542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.386567] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.386592] kthread+0x324/0x6e0 [ 12.386612] ? trace_preempt_on+0x20/0xc0 [ 12.386637] ? __pfx_kthread+0x10/0x10 [ 12.386658] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.386680] ? calculate_sigpending+0x7b/0xa0 [ 12.386702] ? __pfx_kthread+0x10/0x10 [ 12.386723] ret_from_fork+0x41/0x80 [ 12.386742] ? __pfx_kthread+0x10/0x10 [ 12.386763] ret_from_fork_asm+0x1a/0x30 [ 12.386796] </TASK> [ 12.386807] [ 12.397589] Allocated by task 174: [ 12.397771] kasan_save_stack+0x45/0x70 [ 12.397982] kasan_save_track+0x18/0x40 [ 12.398503] kasan_save_alloc_info+0x3b/0x50 [ 12.398807] __kasan_kmalloc+0xb7/0xc0 [ 12.399174] __kmalloc_cache_noprof+0x18a/0x420 [ 12.399595] kmalloc_oob_16+0xa9/0x4a0 [ 12.399783] kunit_try_run_case+0x1a6/0x480 [ 12.399992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.400531] kthread+0x324/0x6e0 [ 12.400792] ret_from_fork+0x41/0x80 [ 12.401144] ret_from_fork_asm+0x1a/0x30 [ 12.401332] [ 12.401428] The buggy address belongs to the object at ffff888101a9cfa0 [ 12.401428] which belongs to the cache kmalloc-16 of size 16 [ 12.401953] The buggy address is located 0 bytes inside of [ 12.401953] allocated 13-byte region [ffff888101a9cfa0, ffff888101a9cfad) [ 12.403007] [ 12.403259] The buggy address belongs to the physical page: [ 12.403626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9c [ 12.404154] flags: 0x200000000000000(node=0|zone=2) [ 12.404481] page_type: f5(slab) [ 12.404629] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.404980] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.405695] page dumped because: kasan: bad access detected [ 12.406076] [ 12.406178] Memory state around the buggy address: [ 12.406602] ffff888101a9ce80: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 12.407107] ffff888101a9cf00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 12.407402] >ffff888101a9cf80: fa fb fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 12.407877] ^ [ 12.408398] ffff888101a9d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.408919] ffff888101a9d080: 00 fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 [ 12.409385] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.310088] ================================================================== [ 12.310896] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 12.311618] Read of size 1 at addr ffff8881003b0c00 by task kunit_try_catch/172 [ 12.312447] [ 12.312716] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.312765] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.312778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.312801] Call Trace: [ 12.312815] <TASK> [ 12.312835] dump_stack_lvl+0x73/0xb0 [ 12.312877] print_report+0xd1/0x650 [ 12.312899] ? __virt_addr_valid+0x1db/0x2d0 [ 12.312923] ? krealloc_uaf+0x1b9/0x5e0 [ 12.312943] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.312967] ? krealloc_uaf+0x1b9/0x5e0 [ 12.312987] kasan_report+0x140/0x180 [ 12.313069] ? krealloc_uaf+0x1b9/0x5e0 [ 12.313092] ? krealloc_uaf+0x1b9/0x5e0 [ 12.313112] __kasan_check_byte+0x3d/0x50 [ 12.313132] krealloc_noprof+0x3f/0x340 [ 12.313158] krealloc_uaf+0x1b9/0x5e0 [ 12.313178] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.313197] ? finish_task_switch.isra.0+0x153/0x700 [ 12.313222] ? __switch_to+0x5d9/0xf60 [ 12.313249] ? __schedule+0xce8/0x2840 [ 12.313276] ? __pfx_read_tsc+0x10/0x10 [ 12.313298] ? ktime_get_ts64+0x86/0x230 [ 12.313324] kunit_try_run_case+0x1a6/0x480 [ 12.313348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.313368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.313388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.313412] ? __kthread_parkme+0x82/0x160 [ 12.313435] ? preempt_count_sub+0x50/0x80 [ 12.313458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.313479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.313504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.313529] kthread+0x324/0x6e0 [ 12.313550] ? trace_preempt_on+0x20/0xc0 [ 12.313575] ? __pfx_kthread+0x10/0x10 [ 12.313596] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.313619] ? calculate_sigpending+0x7b/0xa0 [ 12.313640] ? __pfx_kthread+0x10/0x10 [ 12.313662] ret_from_fork+0x41/0x80 [ 12.313681] ? __pfx_kthread+0x10/0x10 [ 12.313702] ret_from_fork_asm+0x1a/0x30 [ 12.313754] </TASK> [ 12.313765] [ 12.327956] Allocated by task 172: [ 12.328374] kasan_save_stack+0x45/0x70 [ 12.328852] kasan_save_track+0x18/0x40 [ 12.329259] kasan_save_alloc_info+0x3b/0x50 [ 12.329493] __kasan_kmalloc+0xb7/0xc0 [ 12.329626] __kmalloc_cache_noprof+0x18a/0x420 [ 12.329788] krealloc_uaf+0xbc/0x5e0 [ 12.329930] kunit_try_run_case+0x1a6/0x480 [ 12.330227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.330410] kthread+0x324/0x6e0 [ 12.330535] ret_from_fork+0x41/0x80 [ 12.330664] ret_from_fork_asm+0x1a/0x30 [ 12.330804] [ 12.330916] Freed by task 172: [ 12.331061] kasan_save_stack+0x45/0x70 [ 12.331479] kasan_save_track+0x18/0x40 [ 12.331856] kasan_save_free_info+0x3f/0x60 [ 12.332265] __kasan_slab_free+0x56/0x70 [ 12.332615] kfree+0x224/0x3f0 [ 12.332950] krealloc_uaf+0x13e/0x5e0 [ 12.333311] kunit_try_run_case+0x1a6/0x480 [ 12.333767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.334390] kthread+0x324/0x6e0 [ 12.334740] ret_from_fork+0x41/0x80 [ 12.335128] ret_from_fork_asm+0x1a/0x30 [ 12.335563] [ 12.335774] The buggy address belongs to the object at ffff8881003b0c00 [ 12.335774] which belongs to the cache kmalloc-256 of size 256 [ 12.337134] The buggy address is located 0 bytes inside of [ 12.337134] freed 256-byte region [ffff8881003b0c00, ffff8881003b0d00) [ 12.338307] [ 12.338580] The buggy address belongs to the physical page: [ 12.339126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003b0 [ 12.339547] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.339779] flags: 0x200000000000040(head|node=0|zone=2) [ 12.339974] page_type: f5(slab) [ 12.340349] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.341060] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.341818] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.342876] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.343609] head: 0200000000000001 ffffea000400ec01 ffffffffffffffff 0000000000000000 [ 12.344391] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.344625] page dumped because: kasan: bad access detected [ 12.344795] [ 12.344880] Memory state around the buggy address: [ 12.345123] ffff8881003b0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.345852] ffff8881003b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.346603] >ffff8881003b0c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.347347] ^ [ 12.347659] ffff8881003b0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.348445] ffff8881003b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.349534] ================================================================== [ 12.350358] ================================================================== [ 12.351350] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 12.352043] Read of size 1 at addr ffff8881003b0c00 by task kunit_try_catch/172 [ 12.352803] [ 12.352928] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.352973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.352985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.353007] Call Trace: [ 12.353034] <TASK> [ 12.353054] dump_stack_lvl+0x73/0xb0 [ 12.353084] print_report+0xd1/0x650 [ 12.353106] ? __virt_addr_valid+0x1db/0x2d0 [ 12.353128] ? krealloc_uaf+0x53e/0x5e0 [ 12.353148] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.353172] ? krealloc_uaf+0x53e/0x5e0 [ 12.353192] kasan_report+0x140/0x180 [ 12.353214] ? krealloc_uaf+0x53e/0x5e0 [ 12.353238] __asan_report_load1_noabort+0x18/0x20 [ 12.353262] krealloc_uaf+0x53e/0x5e0 [ 12.353282] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.353301] ? finish_task_switch.isra.0+0x153/0x700 [ 12.353325] ? __switch_to+0x5d9/0xf60 [ 12.353352] ? __schedule+0xce8/0x2840 [ 12.353376] ? __pfx_read_tsc+0x10/0x10 [ 12.353398] ? ktime_get_ts64+0x86/0x230 [ 12.353422] kunit_try_run_case+0x1a6/0x480 [ 12.353445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.353465] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.353485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.353509] ? __kthread_parkme+0x82/0x160 [ 12.353531] ? preempt_count_sub+0x50/0x80 [ 12.353553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.353575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.353599] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.353624] kthread+0x324/0x6e0 [ 12.353645] ? trace_preempt_on+0x20/0xc0 [ 12.353667] ? __pfx_kthread+0x10/0x10 [ 12.353689] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.353711] ? calculate_sigpending+0x7b/0xa0 [ 12.353732] ? __pfx_kthread+0x10/0x10 [ 12.353759] ret_from_fork+0x41/0x80 [ 12.353778] ? __pfx_kthread+0x10/0x10 [ 12.353800] ret_from_fork_asm+0x1a/0x30 [ 12.353831] </TASK> [ 12.353852] [ 12.361652] Allocated by task 172: [ 12.361823] kasan_save_stack+0x45/0x70 [ 12.362000] kasan_save_track+0x18/0x40 [ 12.362135] kasan_save_alloc_info+0x3b/0x50 [ 12.362340] __kasan_kmalloc+0xb7/0xc0 [ 12.362528] __kmalloc_cache_noprof+0x18a/0x420 [ 12.362753] krealloc_uaf+0xbc/0x5e0 [ 12.362948] kunit_try_run_case+0x1a6/0x480 [ 12.363364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.363555] kthread+0x324/0x6e0 [ 12.363717] ret_from_fork+0x41/0x80 [ 12.363913] ret_from_fork_asm+0x1a/0x30 [ 12.364300] [ 12.364398] Freed by task 172: [ 12.364546] kasan_save_stack+0x45/0x70 [ 12.364684] kasan_save_track+0x18/0x40 [ 12.364818] kasan_save_free_info+0x3f/0x60 [ 12.364974] __kasan_slab_free+0x56/0x70 [ 12.365110] kfree+0x224/0x3f0 [ 12.365275] krealloc_uaf+0x13e/0x5e0 [ 12.365482] kunit_try_run_case+0x1a6/0x480 [ 12.365684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.365950] kthread+0x324/0x6e0 [ 12.366243] ret_from_fork+0x41/0x80 [ 12.366430] ret_from_fork_asm+0x1a/0x30 [ 12.366619] [ 12.366690] The buggy address belongs to the object at ffff8881003b0c00 [ 12.366690] which belongs to the cache kmalloc-256 of size 256 [ 12.367286] The buggy address is located 0 bytes inside of [ 12.367286] freed 256-byte region [ffff8881003b0c00, ffff8881003b0d00) [ 12.367807] [ 12.367901] The buggy address belongs to the physical page: [ 12.368264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003b0 [ 12.368560] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.368877] flags: 0x200000000000040(head|node=0|zone=2) [ 12.369164] page_type: f5(slab) [ 12.369329] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.369559] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.369796] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.371778] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.372964] head: 0200000000000001 ffffea000400ec01 ffffffffffffffff 0000000000000000 [ 12.373615] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.374696] page dumped because: kasan: bad access detected [ 12.375458] [ 12.375610] Memory state around the buggy address: [ 12.375777] ffff8881003b0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.376007] ffff8881003b0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.376232] >ffff8881003b0c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.376443] ^ [ 12.376563] ffff8881003b0c80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.376777] ffff8881003b0d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.378226] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.074692] ================================================================== [ 12.075272] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 12.075693] Write of size 1 at addr ffff888100a45ada by task kunit_try_catch/166 [ 12.076111] [ 12.076242] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.076298] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.076310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.076331] Call Trace: [ 12.076352] <TASK> [ 12.076373] dump_stack_lvl+0x73/0xb0 [ 12.076412] print_report+0xd1/0x650 [ 12.076436] ? __virt_addr_valid+0x1db/0x2d0 [ 12.076460] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.076495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.076520] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.076552] kasan_report+0x140/0x180 [ 12.076574] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.076600] __asan_report_store1_noabort+0x1b/0x30 [ 12.076623] krealloc_less_oob_helper+0xec8/0x11d0 [ 12.076647] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.076669] ? finish_task_switch.isra.0+0x153/0x700 [ 12.076694] ? __switch_to+0x5d9/0xf60 [ 12.076729] ? __schedule+0xce8/0x2840 [ 12.076753] ? __pfx_read_tsc+0x10/0x10 [ 12.076778] krealloc_less_oob+0x1c/0x30 [ 12.076808] kunit_try_run_case+0x1a6/0x480 [ 12.076832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.076861] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.076883] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.076907] ? __kthread_parkme+0x82/0x160 [ 12.076928] ? preempt_count_sub+0x50/0x80 [ 12.076959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.076980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.077057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.077084] kthread+0x324/0x6e0 [ 12.077119] ? trace_preempt_on+0x20/0xc0 [ 12.077143] ? __pfx_kthread+0x10/0x10 [ 12.077165] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.077188] ? calculate_sigpending+0x7b/0xa0 [ 12.077209] ? __pfx_kthread+0x10/0x10 [ 12.077231] ret_from_fork+0x41/0x80 [ 12.077249] ? __pfx_kthread+0x10/0x10 [ 12.077271] ret_from_fork_asm+0x1a/0x30 [ 12.077303] </TASK> [ 12.077313] [ 12.085713] Allocated by task 166: [ 12.085922] kasan_save_stack+0x45/0x70 [ 12.086311] kasan_save_track+0x18/0x40 [ 12.086517] kasan_save_alloc_info+0x3b/0x50 [ 12.086737] __kasan_krealloc+0x190/0x1f0 [ 12.086946] krealloc_noprof+0xf3/0x340 [ 12.087210] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.087435] krealloc_less_oob+0x1c/0x30 [ 12.087575] kunit_try_run_case+0x1a6/0x480 [ 12.087730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.088112] kthread+0x324/0x6e0 [ 12.088289] ret_from_fork+0x41/0x80 [ 12.088472] ret_from_fork_asm+0x1a/0x30 [ 12.088669] [ 12.088765] The buggy address belongs to the object at ffff888100a45a00 [ 12.088765] which belongs to the cache kmalloc-256 of size 256 [ 12.089536] The buggy address is located 17 bytes to the right of [ 12.089536] allocated 201-byte region [ffff888100a45a00, ffff888100a45ac9) [ 12.090258] [ 12.090376] The buggy address belongs to the physical page: [ 12.090645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.090953] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.091392] flags: 0x200000000000040(head|node=0|zone=2) [ 12.091627] page_type: f5(slab) [ 12.091804] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.092208] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.092553] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.092806] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.093404] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.093783] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.094208] page dumped because: kasan: bad access detected [ 12.094451] [ 12.094555] Memory state around the buggy address: [ 12.094779] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.095187] ffff888100a45a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.095457] >ffff888100a45a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.095774] ^ [ 12.096137] ffff888100a45b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.096442] ffff888100a45b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.096745] ================================================================== [ 12.222972] ================================================================== [ 12.223648] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 12.224159] Write of size 1 at addr ffff88810293a0d0 by task kunit_try_catch/170 [ 12.224602] [ 12.224717] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.224761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.224773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.224794] Call Trace: [ 12.224808] <TASK> [ 12.224827] dump_stack_lvl+0x73/0xb0 [ 12.224867] print_report+0xd1/0x650 [ 12.224890] ? __virt_addr_valid+0x1db/0x2d0 [ 12.224912] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.224934] ? kasan_addr_to_slab+0x11/0xa0 [ 12.224953] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.224975] kasan_report+0x140/0x180 [ 12.224996] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.225178] __asan_report_store1_noabort+0x1b/0x30 [ 12.225202] krealloc_less_oob_helper+0xe25/0x11d0 [ 12.225226] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.225249] ? finish_task_switch.isra.0+0x153/0x700 [ 12.225271] ? __switch_to+0x5d9/0xf60 [ 12.225298] ? __schedule+0xce8/0x2840 [ 12.225322] ? __pfx_read_tsc+0x10/0x10 [ 12.225347] krealloc_large_less_oob+0x1c/0x30 [ 12.225368] kunit_try_run_case+0x1a6/0x480 [ 12.225391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.225411] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.225431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.225455] ? __kthread_parkme+0x82/0x160 [ 12.225477] ? preempt_count_sub+0x50/0x80 [ 12.225499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.225521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.225545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.225570] kthread+0x324/0x6e0 [ 12.225591] ? trace_preempt_on+0x20/0xc0 [ 12.225614] ? __pfx_kthread+0x10/0x10 [ 12.225635] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.225658] ? calculate_sigpending+0x7b/0xa0 [ 12.225680] ? __pfx_kthread+0x10/0x10 [ 12.225702] ret_from_fork+0x41/0x80 [ 12.225719] ? __pfx_kthread+0x10/0x10 [ 12.225746] ret_from_fork_asm+0x1a/0x30 [ 12.225777] </TASK> [ 12.225787] [ 12.236583] The buggy address belongs to the physical page: [ 12.236938] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.237499] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.237849] flags: 0x200000000000040(head|node=0|zone=2) [ 12.238269] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.238705] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.239027] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.239599] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.239877] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.240368] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.240920] page dumped because: kasan: bad access detected [ 12.241384] [ 12.241494] Memory state around the buggy address: [ 12.241812] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.242202] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.242770] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.243194] ^ [ 12.243443] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.243773] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.244063] ================================================================== [ 12.120644] ================================================================== [ 12.120985] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 12.121613] Write of size 1 at addr ffff888100a45aeb by task kunit_try_catch/166 [ 12.121908] [ 12.122178] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.122226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.122238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.122259] Call Trace: [ 12.122280] <TASK> [ 12.122299] dump_stack_lvl+0x73/0xb0 [ 12.122326] print_report+0xd1/0x650 [ 12.122362] ? __virt_addr_valid+0x1db/0x2d0 [ 12.122384] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.122406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.122443] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.122465] kasan_report+0x140/0x180 [ 12.122486] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.122513] __asan_report_store1_noabort+0x1b/0x30 [ 12.122535] krealloc_less_oob_helper+0xd49/0x11d0 [ 12.122560] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.122582] ? finish_task_switch.isra.0+0x153/0x700 [ 12.122606] ? __switch_to+0x5d9/0xf60 [ 12.122632] ? __schedule+0xce8/0x2840 [ 12.122665] ? __pfx_read_tsc+0x10/0x10 [ 12.122689] krealloc_less_oob+0x1c/0x30 [ 12.122709] kunit_try_run_case+0x1a6/0x480 [ 12.122742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122762] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.122783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.122814] ? __kthread_parkme+0x82/0x160 [ 12.122851] ? preempt_count_sub+0x50/0x80 [ 12.122876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.122897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.122932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.122957] kthread+0x324/0x6e0 [ 12.122978] ? trace_preempt_on+0x20/0xc0 [ 12.123076] ? __pfx_kthread+0x10/0x10 [ 12.123099] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.123122] ? calculate_sigpending+0x7b/0xa0 [ 12.123144] ? __pfx_kthread+0x10/0x10 [ 12.123166] ret_from_fork+0x41/0x80 [ 12.123184] ? __pfx_kthread+0x10/0x10 [ 12.123205] ret_from_fork_asm+0x1a/0x30 [ 12.123237] </TASK> [ 12.123247] [ 12.131538] Allocated by task 166: [ 12.131765] kasan_save_stack+0x45/0x70 [ 12.132091] kasan_save_track+0x18/0x40 [ 12.132314] kasan_save_alloc_info+0x3b/0x50 [ 12.132549] __kasan_krealloc+0x190/0x1f0 [ 12.132734] krealloc_noprof+0xf3/0x340 [ 12.132942] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.133372] krealloc_less_oob+0x1c/0x30 [ 12.133568] kunit_try_run_case+0x1a6/0x480 [ 12.133782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.134009] kthread+0x324/0x6e0 [ 12.134183] ret_from_fork+0x41/0x80 [ 12.134349] ret_from_fork_asm+0x1a/0x30 [ 12.134523] [ 12.134622] The buggy address belongs to the object at ffff888100a45a00 [ 12.134622] which belongs to the cache kmalloc-256 of size 256 [ 12.135411] The buggy address is located 34 bytes to the right of [ 12.135411] allocated 201-byte region [ffff888100a45a00, ffff888100a45ac9) [ 12.135959] [ 12.136159] The buggy address belongs to the physical page: [ 12.136426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.136685] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.137363] flags: 0x200000000000040(head|node=0|zone=2) [ 12.137628] page_type: f5(slab) [ 12.137822] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.138253] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.138624] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.138903] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.139468] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.139752] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.140206] page dumped because: kasan: bad access detected [ 12.140441] [ 12.140540] Memory state around the buggy address: [ 12.140784] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.141360] ffff888100a45a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.141678] >ffff888100a45a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.142088] ^ [ 12.142399] ffff888100a45b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.142674] ffff888100a45b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143139] ================================================================== [ 12.244810] ================================================================== [ 12.245337] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 12.245596] Write of size 1 at addr ffff88810293a0da by task kunit_try_catch/170 [ 12.245923] [ 12.246348] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.246395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.246408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.246429] Call Trace: [ 12.246449] <TASK> [ 12.246469] dump_stack_lvl+0x73/0xb0 [ 12.246498] print_report+0xd1/0x650 [ 12.246521] ? __virt_addr_valid+0x1db/0x2d0 [ 12.246543] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.246565] ? kasan_addr_to_slab+0x11/0xa0 [ 12.246584] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.246606] kasan_report+0x140/0x180 [ 12.246626] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.246652] __asan_report_store1_noabort+0x1b/0x30 [ 12.246677] krealloc_less_oob_helper+0xec8/0x11d0 [ 12.246700] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.246723] ? finish_task_switch.isra.0+0x153/0x700 [ 12.246746] ? __switch_to+0x5d9/0xf60 [ 12.246772] ? __schedule+0xce8/0x2840 [ 12.246796] ? __pfx_read_tsc+0x10/0x10 [ 12.246820] krealloc_large_less_oob+0x1c/0x30 [ 12.246852] kunit_try_run_case+0x1a6/0x480 [ 12.246876] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.246896] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.246917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.246940] ? __kthread_parkme+0x82/0x160 [ 12.246962] ? preempt_count_sub+0x50/0x80 [ 12.246984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.247017] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.247049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.247074] kthread+0x324/0x6e0 [ 12.247095] ? trace_preempt_on+0x20/0xc0 [ 12.247120] ? __pfx_kthread+0x10/0x10 [ 12.247152] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.247174] ? calculate_sigpending+0x7b/0xa0 [ 12.247196] ? __pfx_kthread+0x10/0x10 [ 12.247217] ret_from_fork+0x41/0x80 [ 12.247235] ? __pfx_kthread+0x10/0x10 [ 12.247256] ret_from_fork_asm+0x1a/0x30 [ 12.247288] </TASK> [ 12.247298] [ 12.255064] The buggy address belongs to the physical page: [ 12.255386] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.255696] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.255981] flags: 0x200000000000040(head|node=0|zone=2) [ 12.256276] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.256638] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.256878] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.257365] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.257691] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.257973] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.258477] page dumped because: kasan: bad access detected [ 12.259018] [ 12.259171] Memory state around the buggy address: [ 12.259340] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.259666] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.259955] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.260213] ^ [ 12.260461] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.260884] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.261187] ================================================================== [ 12.195829] ================================================================== [ 12.196300] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 12.196558] Write of size 1 at addr ffff88810293a0c9 by task kunit_try_catch/170 [ 12.196781] [ 12.196878] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.196924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.196935] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.196955] Call Trace: [ 12.196969] <TASK> [ 12.196988] dump_stack_lvl+0x73/0xb0 [ 12.197015] print_report+0xd1/0x650 [ 12.197037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.197059] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.197081] ? kasan_addr_to_slab+0x11/0xa0 [ 12.197099] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.197122] kasan_report+0x140/0x180 [ 12.197142] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.197169] __asan_report_store1_noabort+0x1b/0x30 [ 12.197192] krealloc_less_oob_helper+0xd72/0x11d0 [ 12.197215] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.197238] ? finish_task_switch.isra.0+0x153/0x700 [ 12.197261] ? __switch_to+0x5d9/0xf60 [ 12.197286] ? __schedule+0xce8/0x2840 [ 12.197310] ? __pfx_read_tsc+0x10/0x10 [ 12.197334] krealloc_large_less_oob+0x1c/0x30 [ 12.197355] kunit_try_run_case+0x1a6/0x480 [ 12.197379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.197399] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.197420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.197443] ? __kthread_parkme+0x82/0x160 [ 12.197465] ? preempt_count_sub+0x50/0x80 [ 12.197487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.197509] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.197533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.197558] kthread+0x324/0x6e0 [ 12.197579] ? trace_preempt_on+0x20/0xc0 [ 12.197602] ? __pfx_kthread+0x10/0x10 [ 12.197623] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.197645] ? calculate_sigpending+0x7b/0xa0 [ 12.197666] ? __pfx_kthread+0x10/0x10 [ 12.197687] ret_from_fork+0x41/0x80 [ 12.197705] ? __pfx_kthread+0x10/0x10 [ 12.197727] ret_from_fork_asm+0x1a/0x30 [ 12.197763] </TASK> [ 12.197774] [ 12.214387] The buggy address belongs to the physical page: [ 12.214737] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.215228] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.215774] flags: 0x200000000000040(head|node=0|zone=2) [ 12.216132] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.216604] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.216926] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.217370] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.217764] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.218178] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.218656] page dumped because: kasan: bad access detected [ 12.218909] [ 12.218992] Memory state around the buggy address: [ 12.219673] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.219965] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.220598] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.220933] ^ [ 12.221375] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.221675] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.222199] ================================================================== [ 12.046969] ================================================================== [ 12.047907] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 12.048488] Write of size 1 at addr ffff888100a45ad0 by task kunit_try_catch/166 [ 12.049284] [ 12.049478] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.049538] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.049550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.049572] Call Trace: [ 12.049595] <TASK> [ 12.049618] dump_stack_lvl+0x73/0xb0 [ 12.049647] print_report+0xd1/0x650 [ 12.049679] ? __virt_addr_valid+0x1db/0x2d0 [ 12.049702] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.049724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.049765] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.049788] kasan_report+0x140/0x180 [ 12.049808] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.049835] __asan_report_store1_noabort+0x1b/0x30 [ 12.049867] krealloc_less_oob_helper+0xe25/0x11d0 [ 12.049892] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.049914] ? finish_task_switch.isra.0+0x153/0x700 [ 12.049939] ? __switch_to+0x5d9/0xf60 [ 12.049965] ? __schedule+0xce8/0x2840 [ 12.050010] ? __pfx_read_tsc+0x10/0x10 [ 12.050040] krealloc_less_oob+0x1c/0x30 [ 12.050061] kunit_try_run_case+0x1a6/0x480 [ 12.050084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.050105] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.050126] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.050149] ? __kthread_parkme+0x82/0x160 [ 12.050171] ? preempt_count_sub+0x50/0x80 [ 12.050195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.050217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.050241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.050266] kthread+0x324/0x6e0 [ 12.050287] ? trace_preempt_on+0x20/0xc0 [ 12.050310] ? __pfx_kthread+0x10/0x10 [ 12.050332] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.050355] ? calculate_sigpending+0x7b/0xa0 [ 12.050378] ? __pfx_kthread+0x10/0x10 [ 12.050399] ret_from_fork+0x41/0x80 [ 12.050418] ? __pfx_kthread+0x10/0x10 [ 12.050439] ret_from_fork_asm+0x1a/0x30 [ 12.050471] </TASK> [ 12.050481] [ 12.062565] Allocated by task 166: [ 12.062815] kasan_save_stack+0x45/0x70 [ 12.063301] kasan_save_track+0x18/0x40 [ 12.063513] kasan_save_alloc_info+0x3b/0x50 [ 12.063678] __kasan_krealloc+0x190/0x1f0 [ 12.063847] krealloc_noprof+0xf3/0x340 [ 12.064196] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.064434] krealloc_less_oob+0x1c/0x30 [ 12.064576] kunit_try_run_case+0x1a6/0x480 [ 12.064817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.065171] kthread+0x324/0x6e0 [ 12.065333] ret_from_fork+0x41/0x80 [ 12.065533] ret_from_fork_asm+0x1a/0x30 [ 12.065707] [ 12.065785] The buggy address belongs to the object at ffff888100a45a00 [ 12.065785] which belongs to the cache kmalloc-256 of size 256 [ 12.066455] The buggy address is located 7 bytes to the right of [ 12.066455] allocated 201-byte region [ffff888100a45a00, ffff888100a45ac9) [ 12.066959] [ 12.067365] The buggy address belongs to the physical page: [ 12.067631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.067945] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.068328] flags: 0x200000000000040(head|node=0|zone=2) [ 12.068671] page_type: f5(slab) [ 12.068856] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.069247] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.069564] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.069931] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.070366] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.070698] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.071283] page dumped because: kasan: bad access detected [ 12.071488] [ 12.071606] Memory state around the buggy address: [ 12.071847] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.072306] ffff888100a45a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.072587] >ffff888100a45a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.072907] ^ [ 12.073283] ffff888100a45b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.073613] ffff888100a45b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.073956] ================================================================== [ 12.283738] ================================================================== [ 12.283992] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 12.284934] Write of size 1 at addr ffff88810293a0eb by task kunit_try_catch/170 [ 12.285208] [ 12.285537] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.285601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.285614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.285646] Call Trace: [ 12.285669] <TASK> [ 12.285690] dump_stack_lvl+0x73/0xb0 [ 12.285722] print_report+0xd1/0x650 [ 12.285785] ? __virt_addr_valid+0x1db/0x2d0 [ 12.285821] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.285865] ? kasan_addr_to_slab+0x11/0xa0 [ 12.285885] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.285908] kasan_report+0x140/0x180 [ 12.285929] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.285955] __asan_report_store1_noabort+0x1b/0x30 [ 12.285978] krealloc_less_oob_helper+0xd49/0x11d0 [ 12.286133] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.286166] ? finish_task_switch.isra.0+0x153/0x700 [ 12.286191] ? __switch_to+0x5d9/0xf60 [ 12.286216] ? __schedule+0xce8/0x2840 [ 12.286241] ? __pfx_read_tsc+0x10/0x10 [ 12.286266] krealloc_large_less_oob+0x1c/0x30 [ 12.286288] kunit_try_run_case+0x1a6/0x480 [ 12.286312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.286333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.286353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.286377] ? __kthread_parkme+0x82/0x160 [ 12.286400] ? preempt_count_sub+0x50/0x80 [ 12.286424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.286446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.286471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.286496] kthread+0x324/0x6e0 [ 12.286516] ? trace_preempt_on+0x20/0xc0 [ 12.286539] ? __pfx_kthread+0x10/0x10 [ 12.286561] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.286583] ? calculate_sigpending+0x7b/0xa0 [ 12.286604] ? __pfx_kthread+0x10/0x10 [ 12.286627] ret_from_fork+0x41/0x80 [ 12.286645] ? __pfx_kthread+0x10/0x10 [ 12.286666] ret_from_fork_asm+0x1a/0x30 [ 12.286697] </TASK> [ 12.286708] [ 12.297814] The buggy address belongs to the physical page: [ 12.298545] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.298916] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.299348] flags: 0x200000000000040(head|node=0|zone=2) [ 12.299850] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.300422] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.300922] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.301425] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.301738] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.302052] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.302597] page dumped because: kasan: bad access detected [ 12.302967] [ 12.303081] Memory state around the buggy address: [ 12.303562] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.303959] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.304535] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.305074] ^ [ 12.305671] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.306166] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.306495] ================================================================== [ 12.097685] ================================================================== [ 12.097964] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 12.098515] Write of size 1 at addr ffff888100a45aea by task kunit_try_catch/166 [ 12.098834] [ 12.098940] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.099108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.099123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.099156] Call Trace: [ 12.099178] <TASK> [ 12.099201] dump_stack_lvl+0x73/0xb0 [ 12.099230] print_report+0xd1/0x650 [ 12.099253] ? __virt_addr_valid+0x1db/0x2d0 [ 12.099275] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.099309] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.099335] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.099371] kasan_report+0x140/0x180 [ 12.099396] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.099426] __asan_report_store1_noabort+0x1b/0x30 [ 12.099462] krealloc_less_oob_helper+0xe92/0x11d0 [ 12.099487] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.099510] ? finish_task_switch.isra.0+0x153/0x700 [ 12.099535] ? __switch_to+0x5d9/0xf60 [ 12.099562] ? __schedule+0xce8/0x2840 [ 12.099587] ? __pfx_read_tsc+0x10/0x10 [ 12.099611] krealloc_less_oob+0x1c/0x30 [ 12.099632] kunit_try_run_case+0x1a6/0x480 [ 12.099656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099677] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.099697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.099730] ? __kthread_parkme+0x82/0x160 [ 12.099752] ? preempt_count_sub+0x50/0x80 [ 12.099776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.099807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.099832] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.099866] kthread+0x324/0x6e0 [ 12.099887] ? trace_preempt_on+0x20/0xc0 [ 12.099910] ? __pfx_kthread+0x10/0x10 [ 12.099932] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.099955] ? calculate_sigpending+0x7b/0xa0 [ 12.099977] ? __pfx_kthread+0x10/0x10 [ 12.100101] ret_from_fork+0x41/0x80 [ 12.100123] ? __pfx_kthread+0x10/0x10 [ 12.100145] ret_from_fork_asm+0x1a/0x30 [ 12.100177] </TASK> [ 12.100188] [ 12.108559] Allocated by task 166: [ 12.108749] kasan_save_stack+0x45/0x70 [ 12.108967] kasan_save_track+0x18/0x40 [ 12.109553] kasan_save_alloc_info+0x3b/0x50 [ 12.109784] __kasan_krealloc+0x190/0x1f0 [ 12.109970] krealloc_noprof+0xf3/0x340 [ 12.110289] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.110543] krealloc_less_oob+0x1c/0x30 [ 12.110733] kunit_try_run_case+0x1a6/0x480 [ 12.110891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.111286] kthread+0x324/0x6e0 [ 12.111467] ret_from_fork+0x41/0x80 [ 12.111652] ret_from_fork_asm+0x1a/0x30 [ 12.111856] [ 12.111929] The buggy address belongs to the object at ffff888100a45a00 [ 12.111929] which belongs to the cache kmalloc-256 of size 256 [ 12.112549] The buggy address is located 33 bytes to the right of [ 12.112549] allocated 201-byte region [ffff888100a45a00, ffff888100a45ac9) [ 12.113343] [ 12.113453] The buggy address belongs to the physical page: [ 12.113685] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.114193] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.114467] flags: 0x200000000000040(head|node=0|zone=2) [ 12.114751] page_type: f5(slab) [ 12.114933] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.115216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.115636] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.116068] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.116376] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.116683] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.117322] page dumped because: kasan: bad access detected [ 12.117599] [ 12.117686] Memory state around the buggy address: [ 12.117921] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.118321] ffff888100a45a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.118733] >ffff888100a45a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.119157] ^ [ 12.119437] ffff888100a45b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.119739] ffff888100a45b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.120080] ================================================================== [ 12.261658] ================================================================== [ 12.261907] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 12.262155] Write of size 1 at addr ffff88810293a0ea by task kunit_try_catch/170 [ 12.262769] [ 12.262901] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.262946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.262957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.262978] Call Trace: [ 12.262998] <TASK> [ 12.263016] dump_stack_lvl+0x73/0xb0 [ 12.263043] print_report+0xd1/0x650 [ 12.263064] ? __virt_addr_valid+0x1db/0x2d0 [ 12.263085] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.263107] ? kasan_addr_to_slab+0x11/0xa0 [ 12.263126] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.263148] kasan_report+0x140/0x180 [ 12.263168] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.263195] __asan_report_store1_noabort+0x1b/0x30 [ 12.263218] krealloc_less_oob_helper+0xe92/0x11d0 [ 12.263242] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.263264] ? finish_task_switch.isra.0+0x153/0x700 [ 12.263287] ? __switch_to+0x5d9/0xf60 [ 12.263313] ? __schedule+0xce8/0x2840 [ 12.263338] ? __pfx_read_tsc+0x10/0x10 [ 12.263364] krealloc_large_less_oob+0x1c/0x30 [ 12.263385] kunit_try_run_case+0x1a6/0x480 [ 12.263407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263427] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.263448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.263471] ? __kthread_parkme+0x82/0x160 [ 12.263493] ? preempt_count_sub+0x50/0x80 [ 12.263515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.263537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.263561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.263586] kthread+0x324/0x6e0 [ 12.263607] ? trace_preempt_on+0x20/0xc0 [ 12.263630] ? __pfx_kthread+0x10/0x10 [ 12.263651] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.263674] ? calculate_sigpending+0x7b/0xa0 [ 12.263695] ? __pfx_kthread+0x10/0x10 [ 12.263717] ret_from_fork+0x41/0x80 [ 12.263734] ? __pfx_kthread+0x10/0x10 [ 12.263756] ret_from_fork_asm+0x1a/0x30 [ 12.263787] </TASK> [ 12.263797] [ 12.274749] The buggy address belongs to the physical page: [ 12.275534] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.275890] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.276415] flags: 0x200000000000040(head|node=0|zone=2) [ 12.276665] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.277339] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.277735] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.278312] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.278720] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.279238] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.279679] page dumped because: kasan: bad access detected [ 12.280036] [ 12.280141] Memory state around the buggy address: [ 12.280330] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.280608] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.281041] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.281830] ^ [ 12.282315] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.282700] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.283002] ================================================================== [ 12.016578] ================================================================== [ 12.017055] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 12.017317] Write of size 1 at addr ffff888100a45ac9 by task kunit_try_catch/166 [ 12.017543] [ 12.017634] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.017678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.017690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.017712] Call Trace: [ 12.017726] <TASK> [ 12.017751] dump_stack_lvl+0x73/0xb0 [ 12.017782] print_report+0xd1/0x650 [ 12.017802] ? __virt_addr_valid+0x1db/0x2d0 [ 12.017825] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.017893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.017918] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.017940] kasan_report+0x140/0x180 [ 12.017961] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.017988] __asan_report_store1_noabort+0x1b/0x30 [ 12.018145] krealloc_less_oob_helper+0xd72/0x11d0 [ 12.018176] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.018199] ? finish_task_switch.isra.0+0x153/0x700 [ 12.018226] ? __switch_to+0x5d9/0xf60 [ 12.018252] ? __schedule+0xce8/0x2840 [ 12.018278] ? __pfx_read_tsc+0x10/0x10 [ 12.018302] krealloc_less_oob+0x1c/0x30 [ 12.018322] kunit_try_run_case+0x1a6/0x480 [ 12.018347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.018368] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.018390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.018416] ? __kthread_parkme+0x82/0x160 [ 12.018440] ? preempt_count_sub+0x50/0x80 [ 12.018464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.018485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.018510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.018535] kthread+0x324/0x6e0 [ 12.018556] ? trace_preempt_on+0x20/0xc0 [ 12.018582] ? __pfx_kthread+0x10/0x10 [ 12.018603] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.018625] ? calculate_sigpending+0x7b/0xa0 [ 12.018646] ? __pfx_kthread+0x10/0x10 [ 12.018668] ret_from_fork+0x41/0x80 [ 12.018687] ? __pfx_kthread+0x10/0x10 [ 12.018708] ret_from_fork_asm+0x1a/0x30 [ 12.018741] </TASK> [ 12.018752] [ 12.032152] Allocated by task 166: [ 12.032321] kasan_save_stack+0x45/0x70 [ 12.032823] kasan_save_track+0x18/0x40 [ 12.033252] kasan_save_alloc_info+0x3b/0x50 [ 12.033664] __kasan_krealloc+0x190/0x1f0 [ 12.033880] krealloc_noprof+0xf3/0x340 [ 12.034395] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.034756] krealloc_less_oob+0x1c/0x30 [ 12.034967] kunit_try_run_case+0x1a6/0x480 [ 12.035656] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.035865] kthread+0x324/0x6e0 [ 12.036091] ret_from_fork+0x41/0x80 [ 12.036277] ret_from_fork_asm+0x1a/0x30 [ 12.036477] [ 12.036574] The buggy address belongs to the object at ffff888100a45a00 [ 12.036574] which belongs to the cache kmalloc-256 of size 256 [ 12.037028] The buggy address is located 0 bytes to the right of [ 12.037028] allocated 201-byte region [ffff888100a45a00, ffff888100a45ac9) [ 12.037642] [ 12.037719] The buggy address belongs to the physical page: [ 12.037987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.038416] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.038713] flags: 0x200000000000040(head|node=0|zone=2) [ 12.038965] page_type: f5(slab) [ 12.039469] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.039797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.040235] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.040615] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.040925] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.041393] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.041794] page dumped because: kasan: bad access detected [ 12.042103] [ 12.042251] Memory state around the buggy address: [ 12.042440] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.042769] ffff888100a45a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.043405] >ffff888100a45a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.043939] ^ [ 12.044552] ffff888100a45b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.045310] ffff888100a45b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.045980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.171014] ================================================================== [ 12.171405] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 12.171772] Write of size 1 at addr ffff88810293a0f0 by task kunit_try_catch/168 [ 12.172136] [ 12.172674] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.172723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.172736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.172757] Call Trace: [ 12.172779] <TASK> [ 12.172813] dump_stack_lvl+0x73/0xb0 [ 12.172858] print_report+0xd1/0x650 [ 12.172881] ? __virt_addr_valid+0x1db/0x2d0 [ 12.172903] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.172926] ? kasan_addr_to_slab+0x11/0xa0 [ 12.172945] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.172967] kasan_report+0x140/0x180 [ 12.172988] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.173014] __asan_report_store1_noabort+0x1b/0x30 [ 12.173037] krealloc_more_oob_helper+0x7ed/0x930 [ 12.173057] ? __schedule+0xce8/0x2840 [ 12.173199] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.173223] ? finish_task_switch.isra.0+0x153/0x700 [ 12.173246] ? __switch_to+0x5d9/0xf60 [ 12.173272] ? __schedule+0xce8/0x2840 [ 12.173294] ? __pfx_read_tsc+0x10/0x10 [ 12.173318] krealloc_large_more_oob+0x1c/0x30 [ 12.173339] kunit_try_run_case+0x1a6/0x480 [ 12.173362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.173382] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.173402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.173426] ? __kthread_parkme+0x82/0x160 [ 12.173447] ? preempt_count_sub+0x50/0x80 [ 12.173470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.173491] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.173516] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.173540] kthread+0x324/0x6e0 [ 12.173561] ? trace_preempt_on+0x20/0xc0 [ 12.173584] ? __pfx_kthread+0x10/0x10 [ 12.173605] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.173628] ? calculate_sigpending+0x7b/0xa0 [ 12.173648] ? __pfx_kthread+0x10/0x10 [ 12.173670] ret_from_fork+0x41/0x80 [ 12.173688] ? __pfx_kthread+0x10/0x10 [ 12.173709] ret_from_fork_asm+0x1a/0x30 [ 12.173746] </TASK> [ 12.173757] [ 12.185162] The buggy address belongs to the physical page: [ 12.185465] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.185819] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.186454] flags: 0x200000000000040(head|node=0|zone=2) [ 12.186692] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.187335] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.187708] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.188374] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.188656] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.189181] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.189574] page dumped because: kasan: bad access detected [ 12.189814] [ 12.189921] Memory state around the buggy address: [ 12.190118] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.190409] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.190687] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.191364] ^ [ 12.191859] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.192464] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.192865] ================================================================== [ 11.960983] ================================================================== [ 11.962032] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 11.962878] Write of size 1 at addr ffff888100a458eb by task kunit_try_catch/164 [ 11.963601] [ 11.963780] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.963826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.963850] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.963872] Call Trace: [ 11.963885] <TASK> [ 11.963905] dump_stack_lvl+0x73/0xb0 [ 11.963934] print_report+0xd1/0x650 [ 11.963956] ? __virt_addr_valid+0x1db/0x2d0 [ 11.963978] ? krealloc_more_oob_helper+0x823/0x930 [ 11.964000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.964024] ? krealloc_more_oob_helper+0x823/0x930 [ 11.964047] kasan_report+0x140/0x180 [ 11.964067] ? krealloc_more_oob_helper+0x823/0x930 [ 11.964093] __asan_report_store1_noabort+0x1b/0x30 [ 11.964116] krealloc_more_oob_helper+0x823/0x930 [ 11.964137] ? __schedule+0xce8/0x2840 [ 11.964161] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.964184] ? finish_task_switch.isra.0+0x153/0x700 [ 11.964208] ? __switch_to+0x5d9/0xf60 [ 11.964249] ? __schedule+0xce8/0x2840 [ 11.964272] ? __pfx_read_tsc+0x10/0x10 [ 11.964296] krealloc_more_oob+0x1c/0x30 [ 11.964316] kunit_try_run_case+0x1a6/0x480 [ 11.964340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.964360] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.964380] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.964404] ? __kthread_parkme+0x82/0x160 [ 11.964426] ? preempt_count_sub+0x50/0x80 [ 11.964449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.964470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.964495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.964520] kthread+0x324/0x6e0 [ 11.964541] ? trace_preempt_on+0x20/0xc0 [ 11.964564] ? __pfx_kthread+0x10/0x10 [ 11.964586] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.964608] ? calculate_sigpending+0x7b/0xa0 [ 11.964629] ? __pfx_kthread+0x10/0x10 [ 11.964651] ret_from_fork+0x41/0x80 [ 11.964669] ? __pfx_kthread+0x10/0x10 [ 11.964690] ret_from_fork_asm+0x1a/0x30 [ 11.964722] </TASK> [ 11.964732] [ 11.976647] Allocated by task 164: [ 11.976831] kasan_save_stack+0x45/0x70 [ 11.977031] kasan_save_track+0x18/0x40 [ 11.977225] kasan_save_alloc_info+0x3b/0x50 [ 11.977439] __kasan_krealloc+0x190/0x1f0 [ 11.977616] krealloc_noprof+0xf3/0x340 [ 11.977790] krealloc_more_oob_helper+0x1aa/0x930 [ 11.978221] krealloc_more_oob+0x1c/0x30 [ 11.978477] kunit_try_run_case+0x1a6/0x480 [ 11.978710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.978900] kthread+0x324/0x6e0 [ 11.979163] ret_from_fork+0x41/0x80 [ 11.979439] ret_from_fork_asm+0x1a/0x30 [ 11.979580] [ 11.979653] The buggy address belongs to the object at ffff888100a45800 [ 11.979653] which belongs to the cache kmalloc-256 of size 256 [ 11.980211] The buggy address is located 0 bytes to the right of [ 11.980211] allocated 235-byte region [ffff888100a45800, ffff888100a458eb) [ 11.980680] [ 11.980757] The buggy address belongs to the physical page: [ 11.980970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 11.982070] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.982424] flags: 0x200000000000040(head|node=0|zone=2) [ 11.982692] page_type: f5(slab) [ 11.982873] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.983289] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.983615] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.983926] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.984301] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 11.984606] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 11.984892] page dumped because: kasan: bad access detected [ 11.985086] [ 11.985157] Memory state around the buggy address: [ 11.985317] ffff888100a45780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.985609] ffff888100a45800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.986540] >ffff888100a45880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.986857] ^ [ 11.987214] ffff888100a45900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.987476] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.987687] ================================================================== [ 12.148480] ================================================================== [ 12.148956] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 12.149524] Write of size 1 at addr ffff88810293a0eb by task kunit_try_catch/168 [ 12.149862] [ 12.149980] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.150106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.150120] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.150141] Call Trace: [ 12.150155] <TASK> [ 12.150175] dump_stack_lvl+0x73/0xb0 [ 12.150204] print_report+0xd1/0x650 [ 12.150236] ? __virt_addr_valid+0x1db/0x2d0 [ 12.150258] ? krealloc_more_oob_helper+0x823/0x930 [ 12.150280] ? kasan_addr_to_slab+0x11/0xa0 [ 12.150299] ? krealloc_more_oob_helper+0x823/0x930 [ 12.150332] kasan_report+0x140/0x180 [ 12.150353] ? krealloc_more_oob_helper+0x823/0x930 [ 12.150379] __asan_report_store1_noabort+0x1b/0x30 [ 12.150402] krealloc_more_oob_helper+0x823/0x930 [ 12.150423] ? __schedule+0xce8/0x2840 [ 12.150447] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.150470] ? finish_task_switch.isra.0+0x153/0x700 [ 12.150494] ? __switch_to+0x5d9/0xf60 [ 12.150520] ? __schedule+0xce8/0x2840 [ 12.150542] ? __pfx_read_tsc+0x10/0x10 [ 12.150567] krealloc_large_more_oob+0x1c/0x30 [ 12.150588] kunit_try_run_case+0x1a6/0x480 [ 12.150611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.150631] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.150652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.150675] ? __kthread_parkme+0x82/0x160 [ 12.150707] ? preempt_count_sub+0x50/0x80 [ 12.150730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.150751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.150786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.150811] kthread+0x324/0x6e0 [ 12.150832] ? trace_preempt_on+0x20/0xc0 [ 12.150865] ? __pfx_kthread+0x10/0x10 [ 12.150887] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.150910] ? calculate_sigpending+0x7b/0xa0 [ 12.150932] ? __pfx_kthread+0x10/0x10 [ 12.150954] ret_from_fork+0x41/0x80 [ 12.150972] ? __pfx_kthread+0x10/0x10 [ 12.150993] ret_from_fork_asm+0x1a/0x30 [ 12.151076] </TASK> [ 12.151087] [ 12.161991] The buggy address belongs to the physical page: [ 12.162410] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 12.162931] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.163469] flags: 0x200000000000040(head|node=0|zone=2) [ 12.163854] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.164574] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.165032] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.165576] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.165943] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 12.166474] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.166907] page dumped because: kasan: bad access detected [ 12.167342] [ 12.167437] Memory state around the buggy address: [ 12.167777] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.168547] ffff88810293a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.168809] >ffff88810293a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.169260] ^ [ 12.169612] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.169889] ffff88810293a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.170472] ================================================================== [ 11.988392] ================================================================== [ 11.988742] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 11.989386] Write of size 1 at addr ffff888100a458f0 by task kunit_try_catch/164 [ 11.989635] [ 11.989734] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.989785] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.989797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.989821] Call Trace: [ 11.989847] <TASK> [ 11.989870] dump_stack_lvl+0x73/0xb0 [ 11.989899] print_report+0xd1/0x650 [ 11.989924] ? __virt_addr_valid+0x1db/0x2d0 [ 11.989948] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.989972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.989999] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.990039] kasan_report+0x140/0x180 [ 11.990060] ? krealloc_more_oob_helper+0x7ed/0x930 [ 11.990087] __asan_report_store1_noabort+0x1b/0x30 [ 11.990110] krealloc_more_oob_helper+0x7ed/0x930 [ 11.990131] ? __schedule+0xce8/0x2840 [ 11.990155] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.990178] ? finish_task_switch.isra.0+0x153/0x700 [ 11.990203] ? __switch_to+0x5d9/0xf60 [ 11.990230] ? __schedule+0xce8/0x2840 [ 11.990252] ? __pfx_read_tsc+0x10/0x10 [ 11.990276] krealloc_more_oob+0x1c/0x30 [ 11.990297] kunit_try_run_case+0x1a6/0x480 [ 11.990320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.990340] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.990360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.990385] ? __kthread_parkme+0x82/0x160 [ 11.990406] ? preempt_count_sub+0x50/0x80 [ 11.990429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.990451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.990475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.990500] kthread+0x324/0x6e0 [ 11.990521] ? trace_preempt_on+0x20/0xc0 [ 11.990544] ? __pfx_kthread+0x10/0x10 [ 11.990565] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.990588] ? calculate_sigpending+0x7b/0xa0 [ 11.991095] ? __pfx_kthread+0x10/0x10 [ 11.991129] ret_from_fork+0x41/0x80 [ 11.991148] ? __pfx_kthread+0x10/0x10 [ 11.991169] ret_from_fork_asm+0x1a/0x30 [ 11.991201] </TASK> [ 11.991211] [ 11.999911] Allocated by task 164: [ 12.000306] kasan_save_stack+0x45/0x70 [ 12.000599] kasan_save_track+0x18/0x40 [ 12.000776] kasan_save_alloc_info+0x3b/0x50 [ 12.001036] __kasan_krealloc+0x190/0x1f0 [ 12.001698] krealloc_noprof+0xf3/0x340 [ 12.001941] krealloc_more_oob_helper+0x1aa/0x930 [ 12.002244] krealloc_more_oob+0x1c/0x30 [ 12.002603] kunit_try_run_case+0x1a6/0x480 [ 12.002813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.003199] kthread+0x324/0x6e0 [ 12.003366] ret_from_fork+0x41/0x80 [ 12.003547] ret_from_fork_asm+0x1a/0x30 [ 12.003738] [ 12.003850] The buggy address belongs to the object at ffff888100a45800 [ 12.003850] which belongs to the cache kmalloc-256 of size 256 [ 12.004446] The buggy address is located 5 bytes to the right of [ 12.004446] allocated 235-byte region [ffff888100a45800, ffff888100a458eb) [ 12.004801] [ 12.004904] The buggy address belongs to the physical page: [ 12.005520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a44 [ 12.006322] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.006734] flags: 0x200000000000040(head|node=0|zone=2) [ 12.007179] page_type: f5(slab) [ 12.007346] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.007667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.007986] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.008377] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.008693] head: 0200000000000001 ffffea0004029101 ffffffffffffffff 0000000000000000 [ 12.009191] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.009470] page dumped because: kasan: bad access detected [ 12.009636] [ 12.009705] Memory state around the buggy address: [ 12.009946] ffff888100a45780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.010722] ffff888100a45800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.011067] >ffff888100a45880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.011313] ^ [ 12.011593] ffff888100a45900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.011938] ffff888100a45980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.012220] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 11.713243] ================================================================== [ 11.713692] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 11.714237] Read of size 1 at addr ffff888101a9cf7f by task kunit_try_catch/146 [ 11.714533] [ 11.714645] CPU: 1 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.714693] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.714705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.714728] Call Trace: [ 11.714742] <TASK> [ 11.714764] dump_stack_lvl+0x73/0xb0 [ 11.714795] print_report+0xd1/0x650 [ 11.714817] ? __virt_addr_valid+0x1db/0x2d0 [ 11.714854] ? kmalloc_oob_left+0x363/0x3c0 [ 11.714873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.714898] ? kmalloc_oob_left+0x363/0x3c0 [ 11.714917] kasan_report+0x140/0x180 [ 11.714938] ? kmalloc_oob_left+0x363/0x3c0 [ 11.714962] __asan_report_load1_noabort+0x18/0x20 [ 11.714985] kmalloc_oob_left+0x363/0x3c0 [ 11.715269] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.715302] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 11.715327] kunit_try_run_case+0x1a6/0x480 [ 11.715353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.715374] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.715396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.715421] ? __kthread_parkme+0x82/0x160 [ 11.715444] ? preempt_count_sub+0x50/0x80 [ 11.715471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.715493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.715518] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.715542] kthread+0x324/0x6e0 [ 11.715563] ? trace_preempt_on+0x20/0xc0 [ 11.715588] ? __pfx_kthread+0x10/0x10 [ 11.715610] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.715632] ? calculate_sigpending+0x7b/0xa0 [ 11.715653] ? __pfx_kthread+0x10/0x10 [ 11.715675] ret_from_fork+0x41/0x80 [ 11.715696] ? __pfx_kthread+0x10/0x10 [ 11.715717] ret_from_fork_asm+0x1a/0x30 [ 11.715749] </TASK> [ 11.715760] [ 11.724968] Allocated by task 1: [ 11.725167] kasan_save_stack+0x45/0x70 [ 11.725426] kasan_save_track+0x18/0x40 [ 11.725585] kasan_save_alloc_info+0x3b/0x50 [ 11.725753] __kasan_kmalloc+0xb7/0xc0 [ 11.725953] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 11.726358] kvasprintf+0xc6/0x150 [ 11.726489] __kthread_create_on_node+0x18c/0x3a0 [ 11.726852] kthread_create_on_node+0xac/0xe0 [ 11.727084] create_worker+0x3e7/0x7b0 [ 11.727289] alloc_unbound_pwq+0x8ea/0xdb0 [ 11.727607] apply_wqattrs_prepare+0x332/0xd40 [ 11.727811] apply_workqueue_attrs_locked+0x4d/0xa0 [ 11.728110] alloc_workqueue+0xcc8/0x1ad0 [ 11.728300] latency_fsnotify_init+0x1b/0x50 [ 11.728531] do_one_initcall+0xd9/0x370 [ 11.728729] kernel_init_freeable+0x425/0x6f0 [ 11.728927] kernel_init+0x23/0x1e0 [ 11.729135] ret_from_fork+0x41/0x80 [ 11.729414] ret_from_fork_asm+0x1a/0x30 [ 11.729612] [ 11.729683] The buggy address belongs to the object at ffff888101a9cf60 [ 11.729683] which belongs to the cache kmalloc-16 of size 16 [ 11.730160] The buggy address is located 18 bytes to the right of [ 11.730160] allocated 13-byte region [ffff888101a9cf60, ffff888101a9cf6d) [ 11.730956] [ 11.731058] The buggy address belongs to the physical page: [ 11.731414] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101a9c [ 11.731648] flags: 0x200000000000000(node=0|zone=2) [ 11.732060] page_type: f5(slab) [ 11.732266] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.732645] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.733006] page dumped because: kasan: bad access detected [ 11.733319] [ 11.733463] Memory state around the buggy address: [ 11.733668] ffff888101a9ce00: fa fb fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 11.733998] ffff888101a9ce80: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 11.734317] >ffff888101a9cf00: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 11.734620] ^ [ 11.734924] ffff888101a9cf80: 00 07 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.735133] ffff888101a9d000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.735477] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 11.645528] ================================================================== [ 11.646466] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 11.647261] Write of size 1 at addr ffff888102ac8b73 by task kunit_try_catch/144 [ 11.647644] [ 11.648458] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.14.7-rc1 #1 [ 11.648748] Tainted: [N]=TEST [ 11.648772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.649011] Call Trace: [ 11.649081] <TASK> [ 11.649226] dump_stack_lvl+0x73/0xb0 [ 11.649311] print_report+0xd1/0x650 [ 11.649338] ? __virt_addr_valid+0x1db/0x2d0 [ 11.649362] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.649382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.649406] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.649428] kasan_report+0x140/0x180 [ 11.649450] ? kmalloc_oob_right+0x6f2/0x7f0 [ 11.649474] __asan_report_store1_noabort+0x1b/0x30 [ 11.649497] kmalloc_oob_right+0x6f2/0x7f0 [ 11.649518] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.649539] ? __schedule+0xce8/0x2840 [ 11.649565] ? __pfx_read_tsc+0x10/0x10 [ 11.649587] ? ktime_get_ts64+0x86/0x230 [ 11.649614] kunit_try_run_case+0x1a6/0x480 [ 11.649639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.649659] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.649680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.649704] ? __kthread_parkme+0x82/0x160 [ 11.649727] ? preempt_count_sub+0x50/0x80 [ 11.649760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.649782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.649806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.649831] kthread+0x324/0x6e0 [ 11.649863] ? trace_preempt_on+0x20/0xc0 [ 11.649887] ? __pfx_kthread+0x10/0x10 [ 11.649909] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.649931] ? calculate_sigpending+0x7b/0xa0 [ 11.649953] ? __pfx_kthread+0x10/0x10 [ 11.649975] ret_from_fork+0x41/0x80 [ 11.649993] ? __pfx_kthread+0x10/0x10 [ 11.650029] ret_from_fork_asm+0x1a/0x30 [ 11.650084] </TASK> [ 11.650147] [ 11.657635] Allocated by task 144: [ 11.657964] kasan_save_stack+0x45/0x70 [ 11.658145] kasan_save_track+0x18/0x40 [ 11.658345] kasan_save_alloc_info+0x3b/0x50 [ 11.658554] __kasan_kmalloc+0xb7/0xc0 [ 11.658736] __kmalloc_cache_noprof+0x18a/0x420 [ 11.659077] kmalloc_oob_right+0xaa/0x7f0 [ 11.659216] kunit_try_run_case+0x1a6/0x480 [ 11.659359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.660019] kthread+0x324/0x6e0 [ 11.660214] ret_from_fork+0x41/0x80 [ 11.660396] ret_from_fork_asm+0x1a/0x30 [ 11.660629] [ 11.660777] The buggy address belongs to the object at ffff888102ac8b00 [ 11.660777] which belongs to the cache kmalloc-128 of size 128 [ 11.661801] The buggy address is located 0 bytes to the right of [ 11.661801] allocated 115-byte region [ffff888102ac8b00, ffff888102ac8b73) [ 11.662536] [ 11.662708] The buggy address belongs to the physical page: [ 11.663127] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 11.663747] flags: 0x200000000000000(node=0|zone=2) [ 11.664471] page_type: f5(slab) [ 11.664928] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.665680] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.666248] page dumped because: kasan: bad access detected [ 11.666502] [ 11.666604] Memory state around the buggy address: [ 11.667130] ffff888102ac8a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.667467] ffff888102ac8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.667764] >ffff888102ac8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.668184] ^ [ 11.668510] ffff888102ac8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.668788] ffff888102ac8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.669082] ================================================================== [ 11.688911] ================================================================== [ 11.689252] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 11.689575] Read of size 1 at addr ffff888102ac8b80 by task kunit_try_catch/144 [ 11.690290] [ 11.690424] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.690471] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.690483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.690504] Call Trace: [ 11.690524] <TASK> [ 11.690543] dump_stack_lvl+0x73/0xb0 [ 11.690573] print_report+0xd1/0x650 [ 11.690595] ? __virt_addr_valid+0x1db/0x2d0 [ 11.690617] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.690637] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.690662] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.690682] kasan_report+0x140/0x180 [ 11.690702] ? kmalloc_oob_right+0x68c/0x7f0 [ 11.690727] __asan_report_load1_noabort+0x18/0x20 [ 11.690749] kmalloc_oob_right+0x68c/0x7f0 [ 11.690770] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.690790] ? __schedule+0xce8/0x2840 [ 11.690815] ? __pfx_read_tsc+0x10/0x10 [ 11.690849] ? ktime_get_ts64+0x86/0x230 [ 11.690874] kunit_try_run_case+0x1a6/0x480 [ 11.690897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.690917] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.690937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.690962] ? __kthread_parkme+0x82/0x160 [ 11.690983] ? preempt_count_sub+0x50/0x80 [ 11.691086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.691113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.691139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.691164] kthread+0x324/0x6e0 [ 11.691185] ? trace_preempt_on+0x20/0xc0 [ 11.691208] ? __pfx_kthread+0x10/0x10 [ 11.691229] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.691252] ? calculate_sigpending+0x7b/0xa0 [ 11.691273] ? __pfx_kthread+0x10/0x10 [ 11.691295] ret_from_fork+0x41/0x80 [ 11.691313] ? __pfx_kthread+0x10/0x10 [ 11.691335] ret_from_fork_asm+0x1a/0x30 [ 11.691366] </TASK> [ 11.691377] [ 11.698760] Allocated by task 144: [ 11.699219] kasan_save_stack+0x45/0x70 [ 11.699451] kasan_save_track+0x18/0x40 [ 11.699920] kasan_save_alloc_info+0x3b/0x50 [ 11.700387] __kasan_kmalloc+0xb7/0xc0 [ 11.700553] __kmalloc_cache_noprof+0x18a/0x420 [ 11.700754] kmalloc_oob_right+0xaa/0x7f0 [ 11.700944] kunit_try_run_case+0x1a6/0x480 [ 11.701251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.701475] kthread+0x324/0x6e0 [ 11.701600] ret_from_fork+0x41/0x80 [ 11.701755] ret_from_fork_asm+0x1a/0x30 [ 11.701975] [ 11.702132] The buggy address belongs to the object at ffff888102ac8b00 [ 11.702132] which belongs to the cache kmalloc-128 of size 128 [ 11.702682] The buggy address is located 13 bytes to the right of [ 11.702682] allocated 115-byte region [ffff888102ac8b00, ffff888102ac8b73) [ 11.703557] [ 11.703671] The buggy address belongs to the physical page: [ 11.703874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 11.704398] flags: 0x200000000000000(node=0|zone=2) [ 11.704633] page_type: f5(slab) [ 11.704767] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.705079] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.705302] page dumped because: kasan: bad access detected [ 11.705472] [ 11.705541] Memory state around the buggy address: [ 11.705944] ffff888102ac8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.706540] ffff888102ac8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.706757] >ffff888102ac8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.707587] ^ [ 11.707771] ffff888102ac8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.708282] ffff888102ac8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.708567] ================================================================== [ 11.670320] ================================================================== [ 11.670570] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 11.671058] Write of size 1 at addr ffff888102ac8b78 by task kunit_try_catch/144 [ 11.671502] [ 11.671619] CPU: 0 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.671663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.671675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.671696] Call Trace: [ 11.671717] <TASK> [ 11.671738] dump_stack_lvl+0x73/0xb0 [ 11.671767] print_report+0xd1/0x650 [ 11.671788] ? __virt_addr_valid+0x1db/0x2d0 [ 11.671812] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.671832] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.671870] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.671890] kasan_report+0x140/0x180 [ 11.671911] ? kmalloc_oob_right+0x6bf/0x7f0 [ 11.671935] __asan_report_store1_noabort+0x1b/0x30 [ 11.671958] kmalloc_oob_right+0x6bf/0x7f0 [ 11.671978] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 11.672051] ? __schedule+0xce8/0x2840 [ 11.672082] ? __pfx_read_tsc+0x10/0x10 [ 11.672106] ? ktime_get_ts64+0x86/0x230 [ 11.672131] kunit_try_run_case+0x1a6/0x480 [ 11.672154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672174] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.672195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.672219] ? __kthread_parkme+0x82/0x160 [ 11.672241] ? preempt_count_sub+0x50/0x80 [ 11.672266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.672287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.672312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.672337] kthread+0x324/0x6e0 [ 11.672358] ? trace_preempt_on+0x20/0xc0 [ 11.672381] ? __pfx_kthread+0x10/0x10 [ 11.672402] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.672424] ? calculate_sigpending+0x7b/0xa0 [ 11.672445] ? __pfx_kthread+0x10/0x10 [ 11.672467] ret_from_fork+0x41/0x80 [ 11.672485] ? __pfx_kthread+0x10/0x10 [ 11.672506] ret_from_fork_asm+0x1a/0x30 [ 11.672537] </TASK> [ 11.672547] [ 11.680056] Allocated by task 144: [ 11.680284] kasan_save_stack+0x45/0x70 [ 11.680504] kasan_save_track+0x18/0x40 [ 11.680698] kasan_save_alloc_info+0x3b/0x50 [ 11.680879] __kasan_kmalloc+0xb7/0xc0 [ 11.681016] __kmalloc_cache_noprof+0x18a/0x420 [ 11.681250] kmalloc_oob_right+0xaa/0x7f0 [ 11.681446] kunit_try_run_case+0x1a6/0x480 [ 11.681654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.681903] kthread+0x324/0x6e0 [ 11.682087] ret_from_fork+0x41/0x80 [ 11.682236] ret_from_fork_asm+0x1a/0x30 [ 11.682403] [ 11.682478] The buggy address belongs to the object at ffff888102ac8b00 [ 11.682478] which belongs to the cache kmalloc-128 of size 128 [ 11.683062] The buggy address is located 5 bytes to the right of [ 11.683062] allocated 115-byte region [ffff888102ac8b00, ffff888102ac8b73) [ 11.683441] [ 11.683516] The buggy address belongs to the physical page: [ 11.683689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 11.684314] flags: 0x200000000000000(node=0|zone=2) [ 11.684824] page_type: f5(slab) [ 11.685013] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.685447] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.685744] page dumped because: kasan: bad access detected [ 11.685925] [ 11.685996] Memory state around the buggy address: [ 11.686371] ffff888102ac8a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.686695] ffff888102ac8a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.687028] >ffff888102ac8b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.687411] ^ [ 11.687713] ffff888102ac8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.687995] ffff888102ac8c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.688329] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 148.947532] WARNING: CPU: 0 PID: 2515 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.948671] Modules linked in: [ 148.948983] CPU: 0 UID: 0 PID: 2515 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 148.949332] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.949515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.949790] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.949990] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.952315] RSP: 0000:ffff8881025cfc78 EFLAGS: 00010286 [ 148.953256] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.954055] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa4812b5c [ 148.955180] RBP: ffff8881025cfca0 R08: 0000000000000000 R09: ffffed1020473fe0 [ 148.955868] R10: ffff88810239ff07 R11: 0000000000000000 R12: ffffffffa4812b48 [ 148.956838] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881025cfd38 [ 148.957843] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 148.958647] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.959448] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 148.959681] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a2 [ 148.959906] DR3: ffffffffa680d2a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.960488] Call Trace: [ 148.960740] <TASK> [ 148.960990] drm_test_rect_calc_vscale+0x109/0x270 [ 148.961602] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.962245] ? __schedule+0xce8/0x2840 [ 148.962628] ? __pfx_read_tsc+0x10/0x10 [ 148.963000] ? ktime_get_ts64+0x86/0x230 [ 148.963693] kunit_try_run_case+0x1a6/0x480 [ 148.964204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.964375] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 148.964537] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.964706] ? __kthread_parkme+0x82/0x160 [ 148.964877] ? preempt_count_sub+0x50/0x80 [ 148.965309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.965541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.965773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.966038] kthread+0x324/0x6e0 [ 148.966212] ? trace_preempt_on+0x20/0xc0 [ 148.966770] ? __pfx_kthread+0x10/0x10 [ 148.966953] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.967423] ? calculate_sigpending+0x7b/0xa0 [ 148.967660] ? __pfx_kthread+0x10/0x10 [ 148.967885] ret_from_fork+0x41/0x80 [ 148.968169] ? __pfx_kthread+0x10/0x10 [ 148.968382] ret_from_fork_asm+0x1a/0x30 [ 148.968571] </TASK> [ 148.968668] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.972965] WARNING: CPU: 1 PID: 2517 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 148.973749] Modules linked in: [ 148.973957] CPU: 1 UID: 0 PID: 2517 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 148.974601] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.974894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.975367] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 148.975671] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.976441] RSP: 0000:ffff888106667c78 EFLAGS: 00010286 [ 148.976773] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.977486] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa4812b94 [ 148.977755] RBP: ffff888106667ca0 R08: 0000000000000000 R09: ffffed1020473fc0 [ 148.978062] R10: ffff88810239fe07 R11: 0000000000000000 R12: ffffffffa4812b80 [ 148.978472] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106667d38 [ 148.979107] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 148.979561] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.979798] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 148.980558] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a3 [ 148.980980] DR3: ffffffffa680d2a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.981859] Call Trace: [ 148.982367] <TASK> [ 148.982569] drm_test_rect_calc_vscale+0x109/0x270 [ 148.983118] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 148.983383] ? __schedule+0xce8/0x2840 [ 148.983567] ? __pfx_read_tsc+0x10/0x10 [ 148.983744] ? ktime_get_ts64+0x86/0x230 [ 148.983948] kunit_try_run_case+0x1a6/0x480 [ 148.984767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.985510] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 148.985779] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.986253] ? __kthread_parkme+0x82/0x160 [ 148.986692] ? preempt_count_sub+0x50/0x80 [ 148.986946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.987557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.987910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.988448] kthread+0x324/0x6e0 [ 148.988758] ? trace_preempt_on+0x20/0xc0 [ 148.988971] ? __pfx_kthread+0x10/0x10 [ 148.989432] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.989601] ? calculate_sigpending+0x7b/0xa0 [ 148.990091] ? __pfx_kthread+0x10/0x10 [ 148.990475] ret_from_fork+0x41/0x80 [ 148.990826] ? __pfx_kthread+0x10/0x10 [ 148.991207] ret_from_fork_asm+0x1a/0x30 [ 148.991480] </TASK> [ 148.991614] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 148.906850] WARNING: CPU: 1 PID: 2505 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.907927] Modules linked in: [ 148.908518] CPU: 1 UID: 0 PID: 2505 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 148.909313] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.909506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.909787] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.910236] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b a2 17 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.912504] RSP: 0000:ffff8881025cfc78 EFLAGS: 00010286 [ 148.913126] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 148.913830] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa4812b98 [ 148.914314] RBP: ffff8881025cfca0 R08: 0000000000000000 R09: ffffed1020637680 [ 148.914949] R10: ffff8881031bb407 R11: 0000000000000000 R12: ffffffffa4812b80 [ 148.915567] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881025cfd38 [ 148.916235] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 148.916486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.916669] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 148.916997] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a3 [ 148.917453] DR3: ffffffffa680d2a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.917674] Call Trace: [ 148.917788] <TASK> [ 148.917911] drm_test_rect_calc_hscale+0x109/0x270 [ 148.918706] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.919285] ? __schedule+0xce8/0x2840 [ 148.920037] ? __pfx_read_tsc+0x10/0x10 [ 148.920512] ? ktime_get_ts64+0x86/0x230 [ 148.920923] kunit_try_run_case+0x1a6/0x480 [ 148.921432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.921920] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 148.922395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.922666] ? __kthread_parkme+0x82/0x160 [ 148.922833] ? preempt_count_sub+0x50/0x80 [ 148.922989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.923695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.924448] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.925049] kthread+0x324/0x6e0 [ 148.925539] ? trace_preempt_on+0x20/0xc0 [ 148.925744] ? __pfx_kthread+0x10/0x10 [ 148.925900] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.926191] ? calculate_sigpending+0x7b/0xa0 [ 148.926656] ? __pfx_kthread+0x10/0x10 [ 148.927062] ret_from_fork+0x41/0x80 [ 148.927843] ? __pfx_kthread+0x10/0x10 [ 148.928340] ret_from_fork_asm+0x1a/0x30 [ 148.928594] </TASK> [ 148.928690] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 148.882590] WARNING: CPU: 0 PID: 2503 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 148.883872] Modules linked in: [ 148.884370] CPU: 0 UID: 0 PID: 2503 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 148.884754] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 148.885194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 148.885762] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 148.886216] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b a2 17 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 148.887345] RSP: 0000:ffff8881045a7c78 EFLAGS: 00010286 [ 148.887590] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 148.887892] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa4812b60 [ 148.888712] RBP: ffff8881045a7ca0 R08: 0000000000000000 R09: ffffed1020f045c0 [ 148.889306] R10: ffff888107822e07 R11: 0000000000000000 R12: ffffffffa4812b48 [ 148.889879] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881045a7d38 [ 148.890353] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 148.890885] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 148.891390] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 148.891700] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a2 [ 148.892212] DR3: ffffffffa680d2a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 148.893135] Call Trace: [ 148.893489] <TASK> [ 148.893742] drm_test_rect_calc_hscale+0x109/0x270 [ 148.894208] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 148.894609] ? __schedule+0xce8/0x2840 [ 148.894811] ? __pfx_read_tsc+0x10/0x10 [ 148.895244] ? ktime_get_ts64+0x86/0x230 [ 148.895654] kunit_try_run_case+0x1a6/0x480 [ 148.895943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.896430] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 148.896608] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 148.896852] ? __kthread_parkme+0x82/0x160 [ 148.897388] ? preempt_count_sub+0x50/0x80 [ 148.897801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 148.898323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 148.898605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 148.898876] kthread+0x324/0x6e0 [ 148.899401] ? trace_preempt_on+0x20/0xc0 [ 148.899844] ? __pfx_kthread+0x10/0x10 [ 148.900319] ? _raw_spin_unlock_irq+0x47/0x80 [ 148.900723] ? calculate_sigpending+0x7b/0xa0 [ 148.901155] ? __pfx_kthread+0x10/0x10 [ 148.901317] ret_from_fork+0x41/0x80 [ 148.901694] ? __pfx_kthread+0x10/0x10 [ 148.901923] ret_from_fork_asm+0x1a/0x30 [ 148.902136] </TASK> [ 148.902325] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 147.971358] WARNING: CPU: 0 PID: 2301 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 147.972456] Modules linked in: [ 147.972884] CPU: 0 UID: 0 PID: 2301 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 147.973888] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.974426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.975403] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 147.975903] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 147.977673] RSP: 0000:ffff888106a1fb30 EFLAGS: 00010246 [ 147.978321] RAX: dffffc0000000000 RBX: ffff888106a1fc28 RCX: 0000000000000000 [ 147.978861] RDX: 1ffff11020d43f8e RSI: ffff888106a1fc28 RDI: ffff888106a1fc70 [ 147.979838] RBP: ffff888106a1fb70 R08: ffff888104a46000 R09: ffffffffa47bae20 [ 147.980080] R10: 0000000000000003 R11: 0000000049fc1a9c R12: ffff888104a46000 [ 147.980585] R13: ffff888100317ae8 R14: ffff888106a1fba8 R15: 0000000000000000 [ 147.981203] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 147.981736] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.982074] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 147.982377] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a2 [ 147.982666] DR3: ffffffffa680d2a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.982947] Call Trace: [ 147.983222] <TASK> [ 147.983333] ? add_dr+0xc1/0x1d0 [ 147.983565] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 147.983792] ? add_dr+0x148/0x1d0 [ 147.983981] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 147.984437] ? __drmm_add_action+0x1a4/0x280 [ 147.984950] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.985326] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.985523] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.985801] ? __schedule+0xce8/0x2840 [ 147.986098] ? __pfx_read_tsc+0x10/0x10 [ 147.986254] ? ktime_get_ts64+0x86/0x230 [ 147.986458] kunit_try_run_case+0x1a6/0x480 [ 147.986675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.986942] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 147.987267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.987461] ? __kthread_parkme+0x82/0x160 [ 147.987697] ? preempt_count_sub+0x50/0x80 [ 147.987926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.988180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.988565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.989004] kthread+0x324/0x6e0 [ 147.989663] ? trace_preempt_on+0x20/0xc0 [ 147.989918] ? __pfx_kthread+0x10/0x10 [ 147.990249] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.990459] ? calculate_sigpending+0x7b/0xa0 [ 147.990701] ? __pfx_kthread+0x10/0x10 [ 147.990907] ret_from_fork+0x41/0x80 [ 147.991169] ? __pfx_kthread+0x10/0x10 [ 147.991370] ret_from_fork_asm+0x1a/0x30 [ 147.991602] </TASK> [ 147.991730] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 147.933705] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 147.933863] WARNING: CPU: 1 PID: 2297 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 147.936667] Modules linked in: [ 147.937213] CPU: 1 UID: 0 PID: 2297 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 147.937507] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 147.937685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 147.937970] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 147.938508] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 d4 4c 82 00 48 c7 c1 20 5e 7b a4 4c 89 fa 48 c7 c7 80 5e 7b a4 48 89 c6 e8 0b 36 87 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 147.939498] RSP: 0000:ffff888102cdfb68 EFLAGS: 00010282 [ 147.939876] RAX: 0000000000000000 RBX: ffff888102cdfc40 RCX: 1ffffffff4aa4408 [ 147.940324] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 147.940784] RBP: ffff888102cdfb90 R08: 0000000000000000 R09: fffffbfff4aa4408 [ 147.941238] R10: 0000000000000003 R11: 0000000000031a28 R12: ffff888102cdfc18 [ 147.941652] R13: ffff888102883800 R14: ffff888102933000 R15: ffff888104978100 [ 147.942134] FS: 0000000000000000(0000) GS:ffff888154b00000(0000) knlGS:0000000000000000 [ 147.942459] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 147.942694] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 147.942985] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a3 [ 147.943554] DR3: ffffffffa680d2a5 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 147.943945] Call Trace: [ 147.944059] <TASK> [ 147.944407] drm_test_framebuffer_free+0x1ac/0x610 [ 147.944721] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 147.945095] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.945353] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 147.945745] ? __drmm_add_action_or_reset+0x22/0x50 [ 147.946093] ? __schedule+0xce8/0x2840 [ 147.946479] ? __pfx_read_tsc+0x10/0x10 [ 147.946654] ? ktime_get_ts64+0x86/0x230 [ 147.946860] kunit_try_run_case+0x1a6/0x480 [ 147.947293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.947652] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 147.947864] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 147.948316] ? __kthread_parkme+0x82/0x160 [ 147.948531] ? preempt_count_sub+0x50/0x80 [ 147.948714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 147.949336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 147.949588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 147.949988] kthread+0x324/0x6e0 [ 147.950275] ? trace_preempt_on+0x20/0xc0 [ 147.950434] ? __pfx_kthread+0x10/0x10 [ 147.950783] ? _raw_spin_unlock_irq+0x47/0x80 [ 147.951013] ? calculate_sigpending+0x7b/0xa0 [ 147.951853] ? __pfx_kthread+0x10/0x10 [ 147.952194] ret_from_fork+0x41/0x80 [ 147.952512] ? __pfx_kthread+0x10/0x10 [ 147.952828] ret_from_fork_asm+0x1a/0x30 [ 147.953373] </TASK> [ 147.953529] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 146.458951] WARNING: CPU: 0 PID: 1743 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 146.459745] Modules linked in: [ 146.459984] CPU: 0 UID: 0 PID: 1743 Comm: kunit_try_catch Tainted: G B D W N 6.14.7-rc1 #1 [ 146.460904] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 146.461792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.462279] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 146.462591] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 42 dd 1e 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 146.463680] RSP: 0000:ffff888102d67c90 EFLAGS: 00010246 [ 146.463945] RAX: dffffc0000000000 RBX: ffff8881045e4000 RCX: 0000000000000000 [ 146.464511] RDX: 1ffff110208bc832 RSI: ffffffffa1bde499 RDI: ffff8881045e4190 [ 146.464846] RBP: ffff888102d67ca0 R08: 1ffff11020062f69 R09: ffffed10205acf65 [ 146.465525] R10: 0000000000000003 R11: ffffffffa06043da R12: 0000000000000000 [ 146.466046] R13: ffff888102d67d38 R14: ffff888100317c50 R15: ffff888100317c58 [ 146.466482] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 146.466935] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.467353] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 146.467771] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a2 [ 146.468406] DR3: ffffffffa680d2a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.468760] Call Trace: [ 146.468903] <TASK> [ 146.469056] drm_test_drm_connector_dynamic_register_no_init+0x105/0x290 [ 146.469738] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 146.470417] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 146.470741] kunit_try_run_case+0x1a6/0x480 [ 146.471287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.471517] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 146.471858] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.472384] ? __kthread_parkme+0x82/0x160 [ 146.472602] ? preempt_count_sub+0x50/0x80 [ 146.472918] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.473434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.473674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.473966] kthread+0x324/0x6e0 [ 146.474133] ? trace_preempt_on+0x20/0xc0 [ 146.474317] ? __pfx_kthread+0x10/0x10 [ 146.474473] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.474670] ? calculate_sigpending+0x7b/0xa0 [ 146.475391] ? __pfx_kthread+0x10/0x10 [ 146.475719] ret_from_fork+0x41/0x80 [ 146.476174] ? __pfx_kthread+0x10/0x10 [ 146.476337] ret_from_fork_asm+0x1a/0x30 [ 146.476595] </TASK> [ 146.476698] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 146.370686] WARNING: CPU: 0 PID: 1735 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 146.371559] Modules linked in: [ 146.371787] CPU: 0 UID: 0 PID: 1735 Comm: kunit_try_catch Tainted: G B D N 6.14.7-rc1 #1 [ 146.372150] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 146.372360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 146.372782] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 146.373589] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 42 dd 1e 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 146.374526] RSP: 0000:ffff888106a97c90 EFLAGS: 00010246 [ 146.374789] RAX: dffffc0000000000 RBX: ffff888106ba0000 RCX: 0000000000000000 [ 146.375247] RDX: 1ffff11020d74032 RSI: ffffffffa1bde499 RDI: ffff888106ba0190 [ 146.375576] RBP: ffff888106a97ca0 R08: 1ffff11020062f69 R09: ffffed1020d52f65 [ 146.375899] R10: 0000000000000003 R11: ffffffffa116fe88 R12: 0000000000000000 [ 146.376265] R13: ffff888106a97d38 R14: ffff888100317c50 R15: ffff888100317c58 [ 146.376652] FS: 0000000000000000(0000) GS:ffff888154a00000(0000) knlGS:0000000000000000 [ 146.377427] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 146.377693] CR2: 00007ffff7ffe000 CR3: 0000000168eb8000 CR4: 00000000000006f0 [ 146.378107] DR0: ffffffffa680d2a0 DR1: ffffffffa680d2a1 DR2: ffffffffa680d2a2 [ 146.378453] DR3: ffffffffa680d2a3 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 146.378779] Call Trace: [ 146.378948] <TASK> [ 146.379195] drm_test_drm_connector_dynamic_register_early_no_init+0x105/0x290 [ 146.379633] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 146.380002] ? __schedule+0xce8/0x2840 [ 146.380343] ? __pfx_read_tsc+0x10/0x10 [ 146.380643] ? ktime_get_ts64+0x86/0x230 [ 146.380850] kunit_try_run_case+0x1a6/0x480 [ 146.381458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.381687] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 146.381934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 146.382273] ? __kthread_parkme+0x82/0x160 [ 146.382909] ? preempt_count_sub+0x50/0x80 [ 146.383300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 146.383572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 146.383836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 146.384295] kthread+0x324/0x6e0 [ 146.384518] ? trace_preempt_on+0x20/0xc0 [ 146.384733] ? __pfx_kthread+0x10/0x10 [ 146.385049] ? _raw_spin_unlock_irq+0x47/0x80 [ 146.385261] ? calculate_sigpending+0x7b/0xa0 [ 146.385695] ? __pfx_kthread+0x10/0x10 [ 146.385937] ret_from_fork+0x41/0x80 [ 146.386076] ? __pfx_kthread+0x10/0x10 [ 146.386396] ret_from_fork_asm+0x1a/0x30 [ 146.386900] </TASK> [ 146.387044] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 118.509748] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 51.166166] ================================================================== [ 51.166578] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 51.166578] [ 51.166925] Use-after-free read at 0x(____ptrval____) (in kfence-#144): [ 51.167238] test_krealloc+0x6fd/0xbe0 [ 51.167491] kunit_try_run_case+0x1a6/0x480 [ 51.167726] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.167958] kthread+0x324/0x6e0 [ 51.168087] ret_from_fork+0x41/0x80 [ 51.168281] ret_from_fork_asm+0x1a/0x30 [ 51.168495] [ 51.168593] kfence-#144: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 51.168593] [ 51.168973] allocated by task 345 on cpu 1 at 51.165424s (0.003546s ago): [ 51.169267] test_alloc+0x365/0x10f0 [ 51.169396] test_krealloc+0xae/0xbe0 [ 51.169545] kunit_try_run_case+0x1a6/0x480 [ 51.169757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.170027] kthread+0x324/0x6e0 [ 51.170207] ret_from_fork+0x41/0x80 [ 51.170679] ret_from_fork_asm+0x1a/0x30 [ 51.170870] [ 51.170946] freed by task 345 on cpu 1 at 51.165656s (0.005287s ago): [ 51.171783] krealloc_noprof+0x108/0x340 [ 51.171989] test_krealloc+0x227/0xbe0 [ 51.172165] kunit_try_run_case+0x1a6/0x480 [ 51.172360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.172591] kthread+0x324/0x6e0 [ 51.172761] ret_from_fork+0x41/0x80 [ 51.172959] ret_from_fork_asm+0x1a/0x30 [ 51.173451] [ 51.173567] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 51.174105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.174424] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.174860] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 51.085729] ================================================================== [ 51.086323] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 51.086323] [ 51.087227] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 51.087747] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 51.087937] kunit_try_run_case+0x1a6/0x480 [ 51.088150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.088334] kthread+0x324/0x6e0 [ 51.088466] ret_from_fork+0x41/0x80 [ 51.088599] ret_from_fork_asm+0x1a/0x30 [ 51.088765] [ 51.088879] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 51.088879] [ 51.089280] allocated by task 343 on cpu 1 at 51.061293s (0.027985s ago): [ 51.089533] test_alloc+0x2a7/0x10f0 [ 51.089698] test_memcache_typesafe_by_rcu+0x170/0x670 [ 51.089981] kunit_try_run_case+0x1a6/0x480 [ 51.090189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.090416] kthread+0x324/0x6e0 [ 51.090561] ret_from_fork+0x41/0x80 [ 51.090746] ret_from_fork_asm+0x1a/0x30 [ 51.090958] [ 51.091055] freed by task 343 on cpu 1 at 51.061411s (0.029641s ago): [ 51.091348] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 51.091553] kunit_try_run_case+0x1a6/0x480 [ 51.091765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 51.092005] kthread+0x324/0x6e0 [ 51.092176] ret_from_fork+0x41/0x80 [ 51.092350] ret_from_fork_asm+0x1a/0x30 [ 51.092492] [ 51.092590] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 51.093004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 51.093165] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 51.093434] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 25.487528] ================================================================== [ 25.488567] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 25.488567] [ 25.488978] Invalid read at 0x(____ptrval____): [ 25.490060] test_invalid_access+0xf1/0x210 [ 25.490233] kunit_try_run_case+0x1a6/0x480 [ 25.490384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.491644] kthread+0x324/0x6e0 [ 25.491881] ret_from_fork+0x41/0x80 [ 25.492094] ret_from_fork_asm+0x1a/0x30 [ 25.492399] [ 25.492561] CPU: 0 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 25.492974] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.493141] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.493627] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 25.269682] ================================================================== [ 25.270237] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 25.270237] [ 25.270668] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 25.271229] test_kmalloc_aligned_oob_write+0x251/0x340 [ 25.271511] kunit_try_run_case+0x1a6/0x480 [ 25.271700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.271890] kthread+0x324/0x6e0 [ 25.272067] ret_from_fork+0x41/0x80 [ 25.272258] ret_from_fork_asm+0x1a/0x30 [ 25.272533] [ 25.272619] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.272619] [ 25.272938] allocated by task 333 on cpu 1 at 25.269409s (0.003527s ago): [ 25.273247] test_alloc+0x365/0x10f0 [ 25.273432] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 25.273690] kunit_try_run_case+0x1a6/0x480 [ 25.273873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.274091] kthread+0x324/0x6e0 [ 25.274267] ret_from_fork+0x41/0x80 [ 25.274452] ret_from_fork_asm+0x1a/0x30 [ 25.274629] [ 25.274734] freed by task 333 on cpu 1 at 25.269554s (0.005177s ago): [ 25.275030] test_kmalloc_aligned_oob_write+0x251/0x340 [ 25.275266] kunit_try_run_case+0x1a6/0x480 [ 25.275439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.275679] kthread+0x324/0x6e0 [ 25.275806] ret_from_fork+0x41/0x80 [ 25.275946] ret_from_fork_asm+0x1a/0x30 [ 25.276122] [ 25.276240] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 25.276658] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.276864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.277365] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.061598] ================================================================== [ 25.062050] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 25.062050] [ 25.062437] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#137): [ 25.062788] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 25.063035] kunit_try_run_case+0x1a6/0x480 [ 25.063232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.063454] kthread+0x324/0x6e0 [ 25.063624] ret_from_fork+0x41/0x80 [ 25.063806] ret_from_fork_asm+0x1a/0x30 [ 25.064698] [ 25.064889] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.064889] [ 25.065379] allocated by task 331 on cpu 1 at 25.061367s (0.004010s ago): [ 25.065861] test_alloc+0x365/0x10f0 [ 25.066137] test_kmalloc_aligned_oob_read+0x106/0x570 [ 25.066451] kunit_try_run_case+0x1a6/0x480 [ 25.066632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.067010] kthread+0x324/0x6e0 [ 25.067209] ret_from_fork+0x41/0x80 [ 25.067393] ret_from_fork_asm+0x1a/0x30 [ 25.067579] [ 25.067682] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 25.068345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.068605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.069132] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.237582] ================================================================== [ 19.238042] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 19.238042] [ 19.238384] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#81): [ 19.239013] test_corruption+0x2d4/0x3e0 [ 19.239233] kunit_try_run_case+0x1a6/0x480 [ 19.239439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.239621] kthread+0x324/0x6e0 [ 19.239797] ret_from_fork+0x41/0x80 [ 19.239996] ret_from_fork_asm+0x1a/0x30 [ 19.240221] [ 19.240309] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.240309] [ 19.240691] allocated by task 319 on cpu 0 at 19.237405s (0.003283s ago): [ 19.240947] test_alloc+0x365/0x10f0 [ 19.241168] test_corruption+0xe7/0x3e0 [ 19.241365] kunit_try_run_case+0x1a6/0x480 [ 19.241574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.241791] kthread+0x324/0x6e0 [ 19.241928] ret_from_fork+0x41/0x80 [ 19.242057] ret_from_fork_asm+0x1a/0x30 [ 19.242301] [ 19.242400] freed by task 319 on cpu 0 at 19.237499s (0.004899s ago): [ 19.242833] test_corruption+0x2d4/0x3e0 [ 19.242987] kunit_try_run_case+0x1a6/0x480 [ 19.243304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.243518] kthread+0x324/0x6e0 [ 19.243696] ret_from_fork+0x41/0x80 [ 19.243828] ret_from_fork_asm+0x1a/0x30 [ 19.244000] [ 19.244164] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 19.244574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.244765] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.245182] ================================================================== [ 19.757498] ================================================================== [ 19.757912] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 19.757912] [ 19.758329] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#86): [ 19.758977] test_corruption+0x132/0x3e0 [ 19.759233] kunit_try_run_case+0x1a6/0x480 [ 19.759387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.759753] kthread+0x324/0x6e0 [ 19.759947] ret_from_fork+0x41/0x80 [ 19.760149] ret_from_fork_asm+0x1a/0x30 [ 19.760361] [ 19.760464] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.760464] [ 19.760874] allocated by task 321 on cpu 0 at 19.757359s (0.003513s ago): [ 19.761193] test_alloc+0x2a7/0x10f0 [ 19.761395] test_corruption+0xe7/0x3e0 [ 19.761573] kunit_try_run_case+0x1a6/0x480 [ 19.761806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.762068] kthread+0x324/0x6e0 [ 19.762303] ret_from_fork+0x41/0x80 [ 19.762440] ret_from_fork_asm+0x1a/0x30 [ 19.762581] [ 19.762668] freed by task 321 on cpu 0 at 19.757420s (0.005246s ago): [ 19.763013] test_corruption+0x132/0x3e0 [ 19.763251] kunit_try_run_case+0x1a6/0x480 [ 19.763476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.763728] kthread+0x324/0x6e0 [ 19.763890] ret_from_fork+0x41/0x80 [ 19.764104] ret_from_fork_asm+0x1a/0x30 [ 19.764306] [ 19.764491] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 19.764803] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.764951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.765764] ================================================================== [ 19.445581] ================================================================== [ 19.446003] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 19.446003] [ 19.446389] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#83): [ 19.446798] test_corruption+0x2e1/0x3e0 [ 19.447004] kunit_try_run_case+0x1a6/0x480 [ 19.447178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.447445] kthread+0x324/0x6e0 [ 19.447595] ret_from_fork+0x41/0x80 [ 19.447729] ret_from_fork_asm+0x1a/0x30 [ 19.447943] [ 19.448043] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.448043] [ 19.448497] allocated by task 319 on cpu 0 at 19.445317s (0.003177s ago): [ 19.448748] test_alloc+0x365/0x10f0 [ 19.448889] test_corruption+0x1cc/0x3e0 [ 19.449167] kunit_try_run_case+0x1a6/0x480 [ 19.449389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.449654] kthread+0x324/0x6e0 [ 19.449842] ret_from_fork+0x41/0x80 [ 19.449979] ret_from_fork_asm+0x1a/0x30 [ 19.450149] [ 19.450250] freed by task 319 on cpu 0 at 19.445416s (0.004831s ago): [ 19.450547] test_corruption+0x2e1/0x3e0 [ 19.450686] kunit_try_run_case+0x1a6/0x480 [ 19.450872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.451155] kthread+0x324/0x6e0 [ 19.451373] ret_from_fork+0x41/0x80 [ 19.451556] ret_from_fork_asm+0x1a/0x30 [ 19.451711] [ 19.451803] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 19.452349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.452553] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.452866] ================================================================== [ 19.965526] ================================================================== [ 19.965941] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 19.965941] [ 19.966322] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#88): [ 19.966712] test_corruption+0x217/0x3e0 [ 19.966942] kunit_try_run_case+0x1a6/0x480 [ 19.967199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.967466] kthread+0x324/0x6e0 [ 19.967652] ret_from_fork+0x41/0x80 [ 19.967856] ret_from_fork_asm+0x1a/0x30 [ 19.968080] [ 19.968189] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.968189] [ 19.968671] allocated by task 321 on cpu 0 at 19.965405s (0.003263s ago): [ 19.968975] test_alloc+0x2a7/0x10f0 [ 19.969283] test_corruption+0x1cc/0x3e0 [ 19.969537] kunit_try_run_case+0x1a6/0x480 [ 19.969766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.970062] kthread+0x324/0x6e0 [ 19.970292] ret_from_fork+0x41/0x80 [ 19.970429] ret_from_fork_asm+0x1a/0x30 [ 19.970639] [ 19.970776] freed by task 321 on cpu 0 at 19.965446s (0.005327s ago): [ 19.971182] test_corruption+0x217/0x3e0 [ 19.971353] kunit_try_run_case+0x1a6/0x480 [ 19.971607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.971908] kthread+0x324/0x6e0 [ 19.972065] ret_from_fork+0x41/0x80 [ 19.972279] ret_from_fork_asm+0x1a/0x30 [ 19.972507] [ 19.972633] CPU: 0 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 19.973086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.973314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.973685] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.925539] ================================================================== [ 18.925978] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 18.925978] [ 18.926355] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 18.926653] test_invalid_addr_free+0x1e3/0x260 [ 18.927187] kunit_try_run_case+0x1a6/0x480 [ 18.927393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.927940] kthread+0x324/0x6e0 [ 18.928132] ret_from_fork+0x41/0x80 [ 18.928301] ret_from_fork_asm+0x1a/0x30 [ 18.928654] [ 18.928771] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.928771] [ 18.929423] allocated by task 315 on cpu 0 at 18.925387s (0.004013s ago): [ 18.929762] test_alloc+0x365/0x10f0 [ 18.929949] test_invalid_addr_free+0xdc/0x260 [ 18.930517] kunit_try_run_case+0x1a6/0x480 [ 18.930734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.930994] kthread+0x324/0x6e0 [ 18.931385] ret_from_fork+0x41/0x80 [ 18.931649] ret_from_fork_asm+0x1a/0x30 [ 18.931955] [ 18.932092] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.932603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.932810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.933389] ================================================================== [ 19.029473] ================================================================== [ 19.029891] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 19.029891] [ 19.030299] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 19.030596] test_invalid_addr_free+0xfc/0x260 [ 19.030760] kunit_try_run_case+0x1a6/0x480 [ 19.030983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.031227] kthread+0x324/0x6e0 [ 19.031406] ret_from_fork+0x41/0x80 [ 19.031540] ret_from_fork_asm+0x1a/0x30 [ 19.031746] [ 19.031860] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.031860] [ 19.032287] allocated by task 317 on cpu 1 at 19.029360s (0.002925s ago): [ 19.032639] test_alloc+0x2a7/0x10f0 [ 19.032813] test_invalid_addr_free+0xdc/0x260 [ 19.032984] kunit_try_run_case+0x1a6/0x480 [ 19.033132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.033387] kthread+0x324/0x6e0 [ 19.033558] ret_from_fork+0x41/0x80 [ 19.033718] ret_from_fork_asm+0x1a/0x30 [ 19.033936] [ 19.034032] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 19.034387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.034598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.034995] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.717666] ================================================================== [ 18.718206] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 18.718206] [ 18.718531] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 18.718828] test_double_free+0x1d5/0x260 [ 18.719053] kunit_try_run_case+0x1a6/0x480 [ 18.719276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.719507] kthread+0x324/0x6e0 [ 18.719687] ret_from_fork+0x41/0x80 [ 18.719885] ret_from_fork_asm+0x1a/0x30 [ 18.720086] [ 18.720169] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.720169] [ 18.720550] allocated by task 311 on cpu 0 at 18.717458s (0.003089s ago): [ 18.721458] test_alloc+0x365/0x10f0 [ 18.721767] test_double_free+0xdc/0x260 [ 18.721925] kunit_try_run_case+0x1a6/0x480 [ 18.722312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.722790] kthread+0x324/0x6e0 [ 18.723034] ret_from_fork+0x41/0x80 [ 18.723316] ret_from_fork_asm+0x1a/0x30 [ 18.723606] [ 18.723683] freed by task 311 on cpu 0 at 18.717517s (0.006163s ago): [ 18.723919] test_double_free+0x1e2/0x260 [ 18.724102] kunit_try_run_case+0x1a6/0x480 [ 18.724522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.724912] kthread+0x324/0x6e0 [ 18.725047] ret_from_fork+0x41/0x80 [ 18.725305] ret_from_fork_asm+0x1a/0x30 [ 18.725549] [ 18.725648] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.726052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.726266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.726618] ================================================================== [ 18.821567] ================================================================== [ 18.821988] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 18.821988] [ 18.822341] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 18.822677] test_double_free+0x113/0x260 [ 18.822876] kunit_try_run_case+0x1a6/0x480 [ 18.823030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.823325] kthread+0x324/0x6e0 [ 18.823528] ret_from_fork+0x41/0x80 [ 18.823738] ret_from_fork_asm+0x1a/0x30 [ 18.823976] [ 18.824097] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.824097] [ 18.824508] allocated by task 313 on cpu 1 at 18.821391s (0.003114s ago): [ 18.824787] test_alloc+0x2a7/0x10f0 [ 18.825065] test_double_free+0xdc/0x260 [ 18.825199] kunit_try_run_case+0x1a6/0x480 [ 18.825430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.825682] kthread+0x324/0x6e0 [ 18.825881] ret_from_fork+0x41/0x80 [ 18.826024] ret_from_fork_asm+0x1a/0x30 [ 18.826162] [ 18.826243] freed by task 313 on cpu 1 at 18.821451s (0.004781s ago): [ 18.826591] test_double_free+0xfb/0x260 [ 18.826803] kunit_try_run_case+0x1a6/0x480 [ 18.827006] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.827291] kthread+0x324/0x6e0 [ 18.827461] ret_from_fork+0x41/0x80 [ 18.827653] ret_from_fork_asm+0x1a/0x30 [ 18.827863] [ 18.827978] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.828427] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.828660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.829075] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.405568] ================================================================== [ 18.406018] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 18.406018] [ 18.406407] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 18.406937] test_use_after_free_read+0x12a/0x270 [ 18.407566] kunit_try_run_case+0x1a6/0x480 [ 18.407755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.408166] kthread+0x324/0x6e0 [ 18.408415] ret_from_fork+0x41/0x80 [ 18.408613] ret_from_fork_asm+0x1a/0x30 [ 18.408798] [ 18.408911] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.408911] [ 18.409524] allocated by task 305 on cpu 1 at 18.405426s (0.004095s ago): [ 18.409983] test_alloc+0x2a7/0x10f0 [ 18.410319] test_use_after_free_read+0xdd/0x270 [ 18.410636] kunit_try_run_case+0x1a6/0x480 [ 18.410853] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.411212] kthread+0x324/0x6e0 [ 18.411359] ret_from_fork+0x41/0x80 [ 18.411658] ret_from_fork_asm+0x1a/0x30 [ 18.411865] [ 18.412113] freed by task 305 on cpu 1 at 18.405486s (0.006624s ago): [ 18.412505] test_use_after_free_read+0xfc/0x270 [ 18.412717] kunit_try_run_case+0x1a6/0x480 [ 18.412931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.413402] kthread+0x324/0x6e0 [ 18.413577] ret_from_fork+0x41/0x80 [ 18.413717] ret_from_fork_asm+0x1a/0x30 [ 18.414066] [ 18.414206] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.414725] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.414926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.415400] ================================================================== [ 18.301617] ================================================================== [ 18.302097] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 18.302097] [ 18.302682] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 18.302955] test_use_after_free_read+0x12a/0x270 [ 18.303806] kunit_try_run_case+0x1a6/0x480 [ 18.304031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.304268] kthread+0x324/0x6e0 [ 18.304581] ret_from_fork+0x41/0x80 [ 18.304847] ret_from_fork_asm+0x1a/0x30 [ 18.305014] [ 18.305193] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.305193] [ 18.305616] allocated by task 303 on cpu 1 at 18.301375s (0.004239s ago): [ 18.306187] test_alloc+0x365/0x10f0 [ 18.306437] test_use_after_free_read+0xdd/0x270 [ 18.306716] kunit_try_run_case+0x1a6/0x480 [ 18.306910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.307320] kthread+0x324/0x6e0 [ 18.307559] ret_from_fork+0x41/0x80 [ 18.307820] ret_from_fork_asm+0x1a/0x30 [ 18.308021] [ 18.308212] freed by task 303 on cpu 1 at 18.301452s (0.006757s ago): [ 18.308520] test_use_after_free_read+0x1e9/0x270 [ 18.308732] kunit_try_run_case+0x1a6/0x480 [ 18.308947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.309197] kthread+0x324/0x6e0 [ 18.309692] ret_from_fork+0x41/0x80 [ 18.309877] ret_from_fork_asm+0x1a/0x30 [ 18.310181] [ 18.310411] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.310917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.311252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.311708] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.469513] ================================================================== [ 17.469944] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 17.469944] [ 17.470414] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#64): [ 17.470738] test_out_of_bounds_write+0x10e/0x260 [ 17.470932] kunit_try_run_case+0x1a6/0x480 [ 17.471343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.471576] kthread+0x324/0x6e0 [ 17.471780] ret_from_fork+0x41/0x80 [ 17.471978] ret_from_fork_asm+0x1a/0x30 [ 17.472175] [ 17.472353] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.472353] [ 17.472670] allocated by task 299 on cpu 0 at 17.469385s (0.003283s ago): [ 17.473030] test_alloc+0x365/0x10f0 [ 17.473235] test_out_of_bounds_write+0xd5/0x260 [ 17.473438] kunit_try_run_case+0x1a6/0x480 [ 17.473668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.473932] kthread+0x324/0x6e0 [ 17.474097] ret_from_fork+0x41/0x80 [ 17.474303] ret_from_fork_asm+0x1a/0x30 [ 17.474499] [ 17.474616] CPU: 0 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 17.475011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.475228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.475581] ================================================================== [ 18.197421] ================================================================== [ 18.197895] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 18.197895] [ 18.198361] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 18.198694] test_out_of_bounds_write+0x10e/0x260 [ 18.198941] kunit_try_run_case+0x1a6/0x480 [ 18.199214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.199484] kthread+0x324/0x6e0 [ 18.199617] ret_from_fork+0x41/0x80 [ 18.199751] ret_from_fork_asm+0x1a/0x30 [ 18.199907] [ 18.199983] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.199983] [ 18.200739] allocated by task 301 on cpu 1 at 18.197350s (0.003386s ago): [ 18.201328] test_alloc+0x2a7/0x10f0 [ 18.201554] test_out_of_bounds_write+0xd5/0x260 [ 18.202034] kunit_try_run_case+0x1a6/0x480 [ 18.202264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.202531] kthread+0x324/0x6e0 [ 18.202678] ret_from_fork+0x41/0x80 [ 18.202889] ret_from_fork_asm+0x1a/0x30 [ 18.203075] [ 18.203195] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 18.203585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.203792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.204263] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.157476] ================================================================== [ 17.157910] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 17.157910] [ 17.158325] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 17.158592] test_out_of_bounds_read+0x127/0x4e0 [ 17.158814] kunit_try_run_case+0x1a6/0x480 [ 17.159040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.159294] kthread+0x324/0x6e0 [ 17.159428] ret_from_fork+0x41/0x80 [ 17.159618] ret_from_fork_asm+0x1a/0x30 [ 17.159809] [ 17.159895] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.159895] [ 17.160386] allocated by task 297 on cpu 0 at 17.157411s (0.002972s ago): [ 17.160735] test_alloc+0x2a7/0x10f0 [ 17.160938] test_out_of_bounds_read+0xee/0x4e0 [ 17.161165] kunit_try_run_case+0x1a6/0x480 [ 17.161366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.161587] kthread+0x324/0x6e0 [ 17.161767] ret_from_fork+0x41/0x80 [ 17.161947] ret_from_fork_asm+0x1a/0x30 [ 17.162157] [ 17.162260] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 17.162627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.162817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.163168] ================================================================== [ 17.365385] ================================================================== [ 17.365798] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 17.365798] [ 17.366274] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#63): [ 17.366596] test_out_of_bounds_read+0x217/0x4e0 [ 17.366814] kunit_try_run_case+0x1a6/0x480 [ 17.366991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.367174] kthread+0x324/0x6e0 [ 17.367359] ret_from_fork+0x41/0x80 [ 17.367554] ret_from_fork_asm+0x1a/0x30 [ 17.367865] [ 17.367954] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.367954] [ 17.368358] allocated by task 297 on cpu 0 at 17.365325s (0.003030s ago): [ 17.368642] test_alloc+0x2a7/0x10f0 [ 17.368807] test_out_of_bounds_read+0x1e3/0x4e0 [ 17.368974] kunit_try_run_case+0x1a6/0x480 [ 17.369260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.369596] kthread+0x324/0x6e0 [ 17.369782] ret_from_fork+0x41/0x80 [ 17.369923] ret_from_fork_asm+0x1a/0x30 [ 17.370071] [ 17.370250] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 17.370659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.370824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.371210] ================================================================== [ 16.638433] ================================================================== [ 16.638931] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 16.638931] [ 16.639616] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#56): [ 16.639999] test_out_of_bounds_read+0x127/0x4e0 [ 16.640214] kunit_try_run_case+0x1a6/0x480 [ 16.640389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.640799] kthread+0x324/0x6e0 [ 16.640993] ret_from_fork+0x41/0x80 [ 16.641187] ret_from_fork_asm+0x1a/0x30 [ 16.641429] [ 16.641502] kfence-#56: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.641502] [ 16.641992] allocated by task 295 on cpu 1 at 16.637373s (0.004617s ago): [ 16.642414] test_alloc+0x365/0x10f0 [ 16.642583] test_out_of_bounds_read+0xee/0x4e0 [ 16.642809] kunit_try_run_case+0x1a6/0x480 [ 16.643031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.643358] kthread+0x324/0x6e0 [ 16.643529] ret_from_fork+0x41/0x80 [ 16.643686] ret_from_fork_asm+0x1a/0x30 [ 16.643864] [ 16.643987] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.644534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.644750] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.645109] ================================================================== [ 17.053562] ================================================================== [ 17.054028] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 17.054028] [ 17.054512] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#60): [ 17.054883] test_out_of_bounds_read+0x217/0x4e0 [ 17.055078] kunit_try_run_case+0x1a6/0x480 [ 17.055318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.055532] kthread+0x324/0x6e0 [ 17.055713] ret_from_fork+0x41/0x80 [ 17.055937] ret_from_fork_asm+0x1a/0x30 [ 17.056188] [ 17.056341] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.056341] [ 17.056873] allocated by task 295 on cpu 1 at 17.053385s (0.003485s ago): [ 17.057240] test_alloc+0x365/0x10f0 [ 17.057412] test_out_of_bounds_read+0x1e3/0x4e0 [ 17.057685] kunit_try_run_case+0x1a6/0x480 [ 17.057991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.058307] kthread+0x324/0x6e0 [ 17.058490] ret_from_fork+0x41/0x80 [ 17.058619] ret_from_fork_asm+0x1a/0x30 [ 17.058811] [ 17.058967] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 17.059485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.059667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.060059] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 11.813453] ================================================================== [ 11.816098] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x289/0x530 [ 11.816098] [ 11.816759] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . ] (in kfence-#25): [ 11.818201] kmalloc_track_caller_oob_right+0x289/0x530 [ 11.818688] kunit_try_run_case+0x1a6/0x480 [ 11.819182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.819738] kthread+0x324/0x6e0 [ 11.819989] ret_from_fork+0x41/0x80 [ 11.820392] ret_from_fork_asm+0x1a/0x30 [ 11.820550] [ 11.820773] kfence-#25: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 11.820773] [ 11.821234] allocated by task 150 on cpu 0 at 11.810365s (0.010810s ago): [ 11.821787] kmalloc_track_caller_oob_right+0x19b/0x530 [ 11.822043] kunit_try_run_case+0x1a6/0x480 [ 11.822616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.822906] kthread+0x324/0x6e0 [ 11.823053] ret_from_fork+0x41/0x80 [ 11.823370] ret_from_fork_asm+0x1a/0x30 [ 11.823574] [ 11.823775] freed by task 150 on cpu 0 at 11.811929s (0.011773s ago): [ 11.824067] kmalloc_track_caller_oob_right+0x289/0x530 [ 11.824381] kunit_try_run_case+0x1a6/0x480 [ 11.824753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.825208] kthread+0x324/0x6e0 [ 11.825396] ret_from_fork+0x41/0x80 [ 11.825575] ret_from_fork_asm+0x1a/0x30 [ 11.825786] [ 11.825945] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.826476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.826758] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.827325] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.362892] ================================================================== [ 16.364133] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.364524] Write of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.365217] [ 16.365439] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.365497] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.365511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.365535] Call Trace: [ 16.365558] <TASK> [ 16.365624] dump_stack_lvl+0x73/0xb0 [ 16.365657] print_report+0xd1/0x650 [ 16.365683] ? __virt_addr_valid+0x1db/0x2d0 [ 16.365708] ? strncpy_from_user+0x2e/0x1d0 [ 16.365728] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.365762] ? strncpy_from_user+0x2e/0x1d0 [ 16.365783] kasan_report+0x140/0x180 [ 16.365806] ? strncpy_from_user+0x2e/0x1d0 [ 16.365832] kasan_check_range+0x10c/0x1c0 [ 16.365867] __kasan_check_write+0x18/0x20 [ 16.365890] strncpy_from_user+0x2e/0x1d0 [ 16.365910] ? __kasan_check_read+0x15/0x20 [ 16.365935] copy_user_test_oob+0x761/0x10f0 [ 16.365962] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.365985] ? finish_task_switch.isra.0+0x153/0x700 [ 16.366010] ? __switch_to+0x5d9/0xf60 [ 16.366038] ? __schedule+0xce8/0x2840 [ 16.366065] ? __pfx_read_tsc+0x10/0x10 [ 16.366088] ? ktime_get_ts64+0x86/0x230 [ 16.366114] kunit_try_run_case+0x1a6/0x480 [ 16.366139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366161] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.366183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.366210] ? __kthread_parkme+0x82/0x160 [ 16.366233] ? preempt_count_sub+0x50/0x80 [ 16.366258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.366281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.366309] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.366336] kthread+0x324/0x6e0 [ 16.366358] ? trace_preempt_on+0x20/0xc0 [ 16.366383] ? __pfx_kthread+0x10/0x10 [ 16.366405] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.366430] ? calculate_sigpending+0x7b/0xa0 [ 16.366453] ? __pfx_kthread+0x10/0x10 [ 16.366476] ret_from_fork+0x41/0x80 [ 16.366496] ? __pfx_kthread+0x10/0x10 [ 16.366519] ret_from_fork_asm+0x1a/0x30 [ 16.366552] </TASK> [ 16.366564] [ 16.377712] Allocated by task 293: [ 16.377955] kasan_save_stack+0x45/0x70 [ 16.378345] kasan_save_track+0x18/0x40 [ 16.378648] kasan_save_alloc_info+0x3b/0x50 [ 16.378866] __kasan_kmalloc+0xb7/0xc0 [ 16.379229] __kmalloc_noprof+0x1ca/0x500 [ 16.379476] kunit_kmalloc_array+0x25/0x60 [ 16.379787] copy_user_test_oob+0xac/0x10f0 [ 16.380133] kunit_try_run_case+0x1a6/0x480 [ 16.380473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.380711] kthread+0x324/0x6e0 [ 16.380882] ret_from_fork+0x41/0x80 [ 16.381253] ret_from_fork_asm+0x1a/0x30 [ 16.381495] [ 16.381592] The buggy address belongs to the object at ffff888102adde00 [ 16.381592] which belongs to the cache kmalloc-128 of size 128 [ 16.382627] The buggy address is located 0 bytes inside of [ 16.382627] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.383327] [ 16.383560] The buggy address belongs to the physical page: [ 16.383937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.384460] flags: 0x200000000000000(node=0|zone=2) [ 16.384806] page_type: f5(slab) [ 16.384996] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.385655] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.386180] page dumped because: kasan: bad access detected [ 16.386441] [ 16.386534] Memory state around the buggy address: [ 16.386743] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.387035] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.387323] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.387610] ^ [ 16.388252] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388756] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.389251] ================================================================== [ 16.390631] ================================================================== [ 16.391163] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.391522] Write of size 1 at addr ffff888102adde78 by task kunit_try_catch/293 [ 16.391828] [ 16.391929] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.391975] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.391990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.392013] Call Trace: [ 16.392036] <TASK> [ 16.392059] dump_stack_lvl+0x73/0xb0 [ 16.392087] print_report+0xd1/0x650 [ 16.392110] ? __virt_addr_valid+0x1db/0x2d0 [ 16.392135] ? strncpy_from_user+0x1a5/0x1d0 [ 16.392156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.392183] ? strncpy_from_user+0x1a5/0x1d0 [ 16.392204] kasan_report+0x140/0x180 [ 16.392226] ? strncpy_from_user+0x1a5/0x1d0 [ 16.392252] __asan_report_store1_noabort+0x1b/0x30 [ 16.392276] strncpy_from_user+0x1a5/0x1d0 [ 16.392299] copy_user_test_oob+0x761/0x10f0 [ 16.392325] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.392348] ? finish_task_switch.isra.0+0x153/0x700 [ 16.392373] ? __switch_to+0x5d9/0xf60 [ 16.392401] ? __schedule+0xce8/0x2840 [ 16.392427] ? __pfx_read_tsc+0x10/0x10 [ 16.392451] ? ktime_get_ts64+0x86/0x230 [ 16.392479] kunit_try_run_case+0x1a6/0x480 [ 16.392505] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.392528] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.392550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.392576] ? __kthread_parkme+0x82/0x160 [ 16.392600] ? preempt_count_sub+0x50/0x80 [ 16.392626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.392650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.392677] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.392704] kthread+0x324/0x6e0 [ 16.392727] ? trace_preempt_on+0x20/0xc0 [ 16.392751] ? __pfx_kthread+0x10/0x10 [ 16.392775] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.392798] ? calculate_sigpending+0x7b/0xa0 [ 16.392821] ? __pfx_kthread+0x10/0x10 [ 16.392855] ret_from_fork+0x41/0x80 [ 16.392875] ? __pfx_kthread+0x10/0x10 [ 16.392897] ret_from_fork_asm+0x1a/0x30 [ 16.392930] </TASK> [ 16.392942] [ 16.400175] Allocated by task 293: [ 16.400320] kasan_save_stack+0x45/0x70 [ 16.400525] kasan_save_track+0x18/0x40 [ 16.400715] kasan_save_alloc_info+0x3b/0x50 [ 16.400933] __kasan_kmalloc+0xb7/0xc0 [ 16.401118] __kmalloc_noprof+0x1ca/0x500 [ 16.401361] kunit_kmalloc_array+0x25/0x60 [ 16.401507] copy_user_test_oob+0xac/0x10f0 [ 16.401654] kunit_try_run_case+0x1a6/0x480 [ 16.401806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.402087] kthread+0x324/0x6e0 [ 16.402262] ret_from_fork+0x41/0x80 [ 16.402448] ret_from_fork_asm+0x1a/0x30 [ 16.402649] [ 16.402746] The buggy address belongs to the object at ffff888102adde00 [ 16.402746] which belongs to the cache kmalloc-128 of size 128 [ 16.403289] The buggy address is located 0 bytes to the right of [ 16.403289] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.403658] [ 16.403733] The buggy address belongs to the physical page: [ 16.403995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.404351] flags: 0x200000000000000(node=0|zone=2) [ 16.404601] page_type: f5(slab) [ 16.404771] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.405183] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.405471] page dumped because: kasan: bad access detected [ 16.405642] [ 16.405713] Memory state around the buggy address: [ 16.405888] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.406342] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.406661] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.406990] ^ [ 16.407466] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.407752] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.408044] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.289305] ================================================================== [ 16.289688] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 16.290131] Write of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.290408] [ 16.290524] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.290574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.290587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.290610] Call Trace: [ 16.290627] <TASK> [ 16.290647] dump_stack_lvl+0x73/0xb0 [ 16.290677] print_report+0xd1/0x650 [ 16.290700] ? __virt_addr_valid+0x1db/0x2d0 [ 16.290723] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.290747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.290774] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.290797] kasan_report+0x140/0x180 [ 16.290820] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.290859] kasan_check_range+0x10c/0x1c0 [ 16.290883] __kasan_check_write+0x18/0x20 [ 16.290907] copy_user_test_oob+0x3fe/0x10f0 [ 16.290932] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.290954] ? finish_task_switch.isra.0+0x153/0x700 [ 16.290980] ? __switch_to+0x5d9/0xf60 [ 16.291007] ? __schedule+0xce8/0x2840 [ 16.291033] ? __pfx_read_tsc+0x10/0x10 [ 16.291069] ? ktime_get_ts64+0x86/0x230 [ 16.291096] kunit_try_run_case+0x1a6/0x480 [ 16.291121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.291143] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.291165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.291191] ? __kthread_parkme+0x82/0x160 [ 16.291215] ? preempt_count_sub+0x50/0x80 [ 16.291240] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.291264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.291291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.291321] kthread+0x324/0x6e0 [ 16.291345] ? trace_preempt_on+0x20/0xc0 [ 16.291371] ? __pfx_kthread+0x10/0x10 [ 16.291394] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.291419] ? calculate_sigpending+0x7b/0xa0 [ 16.291442] ? __pfx_kthread+0x10/0x10 [ 16.291467] ret_from_fork+0x41/0x80 [ 16.291486] ? __pfx_kthread+0x10/0x10 [ 16.291510] ret_from_fork_asm+0x1a/0x30 [ 16.291542] </TASK> [ 16.291555] [ 16.298545] Allocated by task 293: [ 16.298750] kasan_save_stack+0x45/0x70 [ 16.298952] kasan_save_track+0x18/0x40 [ 16.299136] kasan_save_alloc_info+0x3b/0x50 [ 16.299290] __kasan_kmalloc+0xb7/0xc0 [ 16.299425] __kmalloc_noprof+0x1ca/0x500 [ 16.299634] kunit_kmalloc_array+0x25/0x60 [ 16.299845] copy_user_test_oob+0xac/0x10f0 [ 16.300090] kunit_try_run_case+0x1a6/0x480 [ 16.300238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.300416] kthread+0x324/0x6e0 [ 16.300578] ret_from_fork+0x41/0x80 [ 16.300770] ret_from_fork_asm+0x1a/0x30 [ 16.300984] [ 16.301120] The buggy address belongs to the object at ffff888102adde00 [ 16.301120] which belongs to the cache kmalloc-128 of size 128 [ 16.301664] The buggy address is located 0 bytes inside of [ 16.301664] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.302178] [ 16.302281] The buggy address belongs to the physical page: [ 16.302501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.302828] flags: 0x200000000000000(node=0|zone=2) [ 16.303030] page_type: f5(slab) [ 16.303161] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.303576] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.303927] page dumped because: kasan: bad access detected [ 16.304141] [ 16.304238] Memory state around the buggy address: [ 16.304458] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.304675] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.304923] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.305235] ^ [ 16.305550] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.305981] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.306195] ================================================================== [ 16.324606] ================================================================== [ 16.325114] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 16.325349] Write of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.326048] [ 16.326159] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.326203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.326216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.326239] Call Trace: [ 16.326259] <TASK> [ 16.326279] dump_stack_lvl+0x73/0xb0 [ 16.326306] print_report+0xd1/0x650 [ 16.326328] ? __virt_addr_valid+0x1db/0x2d0 [ 16.326351] ? copy_user_test_oob+0x558/0x10f0 [ 16.326374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.326400] ? copy_user_test_oob+0x558/0x10f0 [ 16.326424] kasan_report+0x140/0x180 [ 16.326447] ? copy_user_test_oob+0x558/0x10f0 [ 16.326476] kasan_check_range+0x10c/0x1c0 [ 16.326500] __kasan_check_write+0x18/0x20 [ 16.326523] copy_user_test_oob+0x558/0x10f0 [ 16.326548] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.326571] ? finish_task_switch.isra.0+0x153/0x700 [ 16.326596] ? __switch_to+0x5d9/0xf60 [ 16.326624] ? __schedule+0xce8/0x2840 [ 16.326650] ? __pfx_read_tsc+0x10/0x10 [ 16.326673] ? ktime_get_ts64+0x86/0x230 [ 16.326699] kunit_try_run_case+0x1a6/0x480 [ 16.326722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.326745] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.326767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.326793] ? __kthread_parkme+0x82/0x160 [ 16.326816] ? preempt_count_sub+0x50/0x80 [ 16.326852] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.326875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.326902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.326929] kthread+0x324/0x6e0 [ 16.326951] ? trace_preempt_on+0x20/0xc0 [ 16.326976] ? __pfx_kthread+0x10/0x10 [ 16.327000] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.327024] ? calculate_sigpending+0x7b/0xa0 [ 16.327047] ? __pfx_kthread+0x10/0x10 [ 16.327079] ret_from_fork+0x41/0x80 [ 16.327099] ? __pfx_kthread+0x10/0x10 [ 16.327122] ret_from_fork_asm+0x1a/0x30 [ 16.327155] </TASK> [ 16.327167] [ 16.334267] Allocated by task 293: [ 16.334464] kasan_save_stack+0x45/0x70 [ 16.334671] kasan_save_track+0x18/0x40 [ 16.334858] kasan_save_alloc_info+0x3b/0x50 [ 16.335008] __kasan_kmalloc+0xb7/0xc0 [ 16.335263] __kmalloc_noprof+0x1ca/0x500 [ 16.335631] kunit_kmalloc_array+0x25/0x60 [ 16.335777] copy_user_test_oob+0xac/0x10f0 [ 16.335933] kunit_try_run_case+0x1a6/0x480 [ 16.336080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.336257] kthread+0x324/0x6e0 [ 16.336383] ret_from_fork+0x41/0x80 [ 16.336513] ret_from_fork_asm+0x1a/0x30 [ 16.336656] [ 16.336729] The buggy address belongs to the object at ffff888102adde00 [ 16.336729] which belongs to the cache kmalloc-128 of size 128 [ 16.337549] The buggy address is located 0 bytes inside of [ 16.337549] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.338110] [ 16.338208] The buggy address belongs to the physical page: [ 16.338393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.338632] flags: 0x200000000000000(node=0|zone=2) [ 16.338799] page_type: f5(slab) [ 16.338934] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.339165] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.339391] page dumped because: kasan: bad access detected [ 16.339847] [ 16.339946] Memory state around the buggy address: [ 16.340325] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.340654] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.340986] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.341644] ^ [ 16.341981] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342243] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.342486] ================================================================== [ 16.306801] ================================================================== [ 16.307211] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 16.307723] Read of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.308038] [ 16.308161] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.308206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.308220] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.308243] Call Trace: [ 16.308265] <TASK> [ 16.308286] dump_stack_lvl+0x73/0xb0 [ 16.308313] print_report+0xd1/0x650 [ 16.308336] ? __virt_addr_valid+0x1db/0x2d0 [ 16.308359] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.308382] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.308408] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.308432] kasan_report+0x140/0x180 [ 16.308455] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.308483] kasan_check_range+0x10c/0x1c0 [ 16.308507] __kasan_check_read+0x15/0x20 [ 16.308530] copy_user_test_oob+0x4ab/0x10f0 [ 16.308555] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.308578] ? finish_task_switch.isra.0+0x153/0x700 [ 16.308604] ? __switch_to+0x5d9/0xf60 [ 16.308632] ? __schedule+0xce8/0x2840 [ 16.308657] ? __pfx_read_tsc+0x10/0x10 [ 16.308681] ? ktime_get_ts64+0x86/0x230 [ 16.308708] kunit_try_run_case+0x1a6/0x480 [ 16.308733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.308755] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.308776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.308803] ? __kthread_parkme+0x82/0x160 [ 16.308826] ? preempt_count_sub+0x50/0x80 [ 16.308861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.308884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.308911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.308938] kthread+0x324/0x6e0 [ 16.308961] ? trace_preempt_on+0x20/0xc0 [ 16.308986] ? __pfx_kthread+0x10/0x10 [ 16.309009] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.309033] ? calculate_sigpending+0x7b/0xa0 [ 16.309066] ? __pfx_kthread+0x10/0x10 [ 16.309090] ret_from_fork+0x41/0x80 [ 16.309110] ? __pfx_kthread+0x10/0x10 [ 16.309133] ret_from_fork_asm+0x1a/0x30 [ 16.309168] </TASK> [ 16.309180] [ 16.316120] Allocated by task 293: [ 16.316314] kasan_save_stack+0x45/0x70 [ 16.316520] kasan_save_track+0x18/0x40 [ 16.316859] kasan_save_alloc_info+0x3b/0x50 [ 16.317030] __kasan_kmalloc+0xb7/0xc0 [ 16.317218] __kmalloc_noprof+0x1ca/0x500 [ 16.317368] kunit_kmalloc_array+0x25/0x60 [ 16.317512] copy_user_test_oob+0xac/0x10f0 [ 16.317719] kunit_try_run_case+0x1a6/0x480 [ 16.317942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.318281] kthread+0x324/0x6e0 [ 16.318448] ret_from_fork+0x41/0x80 [ 16.318607] ret_from_fork_asm+0x1a/0x30 [ 16.318773] [ 16.318879] The buggy address belongs to the object at ffff888102adde00 [ 16.318879] which belongs to the cache kmalloc-128 of size 128 [ 16.319394] The buggy address is located 0 bytes inside of [ 16.319394] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.319865] [ 16.319970] The buggy address belongs to the physical page: [ 16.320229] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.320533] flags: 0x200000000000000(node=0|zone=2) [ 16.320766] page_type: f5(slab) [ 16.320930] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.321242] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.321558] page dumped because: kasan: bad access detected [ 16.321783] [ 16.321892] Memory state around the buggy address: [ 16.322061] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.322278] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322495] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.322709] ^ [ 16.322970] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.323563] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.323886] ================================================================== [ 16.343157] ================================================================== [ 16.343471] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 16.343708] Read of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.343951] [ 16.344039] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.344085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.344098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.344122] Call Trace: [ 16.344143] <TASK> [ 16.344164] dump_stack_lvl+0x73/0xb0 [ 16.344191] print_report+0xd1/0x650 [ 16.344214] ? __virt_addr_valid+0x1db/0x2d0 [ 16.344238] ? copy_user_test_oob+0x605/0x10f0 [ 16.344261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.344288] ? copy_user_test_oob+0x605/0x10f0 [ 16.344312] kasan_report+0x140/0x180 [ 16.344335] ? copy_user_test_oob+0x605/0x10f0 [ 16.344362] kasan_check_range+0x10c/0x1c0 [ 16.344386] __kasan_check_read+0x15/0x20 [ 16.344409] copy_user_test_oob+0x605/0x10f0 [ 16.344434] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.344457] ? finish_task_switch.isra.0+0x153/0x700 [ 16.344482] ? __switch_to+0x5d9/0xf60 [ 16.344528] ? __schedule+0xce8/0x2840 [ 16.344557] ? __pfx_read_tsc+0x10/0x10 [ 16.344580] ? ktime_get_ts64+0x86/0x230 [ 16.344606] kunit_try_run_case+0x1a6/0x480 [ 16.344630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344653] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.344675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.344701] ? __kthread_parkme+0x82/0x160 [ 16.344725] ? preempt_count_sub+0x50/0x80 [ 16.344750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344828] kthread+0x324/0x6e0 [ 16.344861] ? trace_preempt_on+0x20/0xc0 [ 16.344886] ? __pfx_kthread+0x10/0x10 [ 16.344911] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.344936] ? calculate_sigpending+0x7b/0xa0 [ 16.344959] ? __pfx_kthread+0x10/0x10 [ 16.344983] ret_from_fork+0x41/0x80 [ 16.345002] ? __pfx_kthread+0x10/0x10 [ 16.345025] ret_from_fork_asm+0x1a/0x30 [ 16.345058] </TASK> [ 16.345071] [ 16.352307] Allocated by task 293: [ 16.352500] kasan_save_stack+0x45/0x70 [ 16.352705] kasan_save_track+0x18/0x40 [ 16.352898] kasan_save_alloc_info+0x3b/0x50 [ 16.353061] __kasan_kmalloc+0xb7/0xc0 [ 16.353260] __kmalloc_noprof+0x1ca/0x500 [ 16.353462] kunit_kmalloc_array+0x25/0x60 [ 16.353635] copy_user_test_oob+0xac/0x10f0 [ 16.353829] kunit_try_run_case+0x1a6/0x480 [ 16.353986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354414] kthread+0x324/0x6e0 [ 16.354570] ret_from_fork+0x41/0x80 [ 16.354784] ret_from_fork_asm+0x1a/0x30 [ 16.355011] [ 16.355138] The buggy address belongs to the object at ffff888102adde00 [ 16.355138] which belongs to the cache kmalloc-128 of size 128 [ 16.355506] The buggy address is located 0 bytes inside of [ 16.355506] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.355880] [ 16.355998] The buggy address belongs to the physical page: [ 16.356448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.356803] flags: 0x200000000000000(node=0|zone=2) [ 16.357051] page_type: f5(slab) [ 16.357259] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.357603] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.357829] page dumped because: kasan: bad access detected [ 16.358005] [ 16.358076] Memory state around the buggy address: [ 16.358230] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.358790] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359512] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.359857] ^ [ 16.360450] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361434] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.361883] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.268205] ================================================================== [ 16.268587] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 16.268927] Read of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.269284] [ 16.269384] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.269433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.269447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.269470] Call Trace: [ 16.269492] <TASK> [ 16.269515] dump_stack_lvl+0x73/0xb0 [ 16.269544] print_report+0xd1/0x650 [ 16.269568] ? __virt_addr_valid+0x1db/0x2d0 [ 16.269591] ? _copy_to_user+0x4a/0x70 [ 16.269612] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.269639] ? _copy_to_user+0x4a/0x70 [ 16.269660] kasan_report+0x140/0x180 [ 16.269682] ? _copy_to_user+0x4a/0x70 [ 16.269707] kasan_check_range+0x10c/0x1c0 [ 16.269732] __kasan_check_read+0x15/0x20 [ 16.269761] _copy_to_user+0x4a/0x70 [ 16.269783] copy_user_test_oob+0x365/0x10f0 [ 16.269809] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.269832] ? finish_task_switch.isra.0+0x153/0x700 [ 16.269868] ? __switch_to+0x5d9/0xf60 [ 16.269896] ? __schedule+0xce8/0x2840 [ 16.269923] ? __pfx_read_tsc+0x10/0x10 [ 16.269946] ? ktime_get_ts64+0x86/0x230 [ 16.269973] kunit_try_run_case+0x1a6/0x480 [ 16.269997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270019] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.270041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.270067] ? __kthread_parkme+0x82/0x160 [ 16.270092] ? preempt_count_sub+0x50/0x80 [ 16.270116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.270167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.270194] kthread+0x324/0x6e0 [ 16.270216] ? trace_preempt_on+0x20/0xc0 [ 16.270241] ? __pfx_kthread+0x10/0x10 [ 16.270264] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.270304] ? calculate_sigpending+0x7b/0xa0 [ 16.270329] ? __pfx_kthread+0x10/0x10 [ 16.270353] ret_from_fork+0x41/0x80 [ 16.270373] ? __pfx_kthread+0x10/0x10 [ 16.270396] ret_from_fork_asm+0x1a/0x30 [ 16.270429] </TASK> [ 16.270442] [ 16.277447] Allocated by task 293: [ 16.277632] kasan_save_stack+0x45/0x70 [ 16.277854] kasan_save_track+0x18/0x40 [ 16.278057] kasan_save_alloc_info+0x3b/0x50 [ 16.278280] __kasan_kmalloc+0xb7/0xc0 [ 16.278460] __kmalloc_noprof+0x1ca/0x500 [ 16.278603] kunit_kmalloc_array+0x25/0x60 [ 16.278811] copy_user_test_oob+0xac/0x10f0 [ 16.279029] kunit_try_run_case+0x1a6/0x480 [ 16.279244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.279468] kthread+0x324/0x6e0 [ 16.279642] ret_from_fork+0x41/0x80 [ 16.279810] ret_from_fork_asm+0x1a/0x30 [ 16.280012] [ 16.280141] The buggy address belongs to the object at ffff888102adde00 [ 16.280141] which belongs to the cache kmalloc-128 of size 128 [ 16.280591] The buggy address is located 0 bytes inside of [ 16.280591] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.281058] [ 16.281157] The buggy address belongs to the physical page: [ 16.281402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.281738] flags: 0x200000000000000(node=0|zone=2) [ 16.281935] page_type: f5(slab) [ 16.282159] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.282471] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.282762] page dumped because: kasan: bad access detected [ 16.283009] [ 16.283128] Memory state around the buggy address: [ 16.283323] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.283605] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.283891] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.284167] ^ [ 16.284384] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284602] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.284816] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.241871] ================================================================== [ 16.242477] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.242832] Write of size 121 at addr ffff888102adde00 by task kunit_try_catch/293 [ 16.243124] [ 16.243686] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.243746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.243760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.243786] Call Trace: [ 16.243804] <TASK> [ 16.243829] dump_stack_lvl+0x73/0xb0 [ 16.243876] print_report+0xd1/0x650 [ 16.244019] ? __virt_addr_valid+0x1db/0x2d0 [ 16.244055] ? _copy_from_user+0x32/0x90 [ 16.244076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.244103] ? _copy_from_user+0x32/0x90 [ 16.244123] kasan_report+0x140/0x180 [ 16.244146] ? _copy_from_user+0x32/0x90 [ 16.244171] kasan_check_range+0x10c/0x1c0 [ 16.244195] __kasan_check_write+0x18/0x20 [ 16.244220] _copy_from_user+0x32/0x90 [ 16.244242] copy_user_test_oob+0x2bf/0x10f0 [ 16.244269] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.244292] ? finish_task_switch.isra.0+0x153/0x700 [ 16.244319] ? __switch_to+0x5d9/0xf60 [ 16.244348] ? __schedule+0xce8/0x2840 [ 16.244376] ? __pfx_read_tsc+0x10/0x10 [ 16.244399] ? ktime_get_ts64+0x86/0x230 [ 16.244428] kunit_try_run_case+0x1a6/0x480 [ 16.244453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.244476] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.244498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.244524] ? __kthread_parkme+0x82/0x160 [ 16.244549] ? preempt_count_sub+0x50/0x80 [ 16.244573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.244597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.244625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.244652] kthread+0x324/0x6e0 [ 16.244675] ? trace_preempt_on+0x20/0xc0 [ 16.244702] ? __pfx_kthread+0x10/0x10 [ 16.244725] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.244749] ? calculate_sigpending+0x7b/0xa0 [ 16.244773] ? __pfx_kthread+0x10/0x10 [ 16.244797] ret_from_fork+0x41/0x80 [ 16.244817] ? __pfx_kthread+0x10/0x10 [ 16.244852] ret_from_fork_asm+0x1a/0x30 [ 16.244885] </TASK> [ 16.244899] [ 16.254582] Allocated by task 293: [ 16.254780] kasan_save_stack+0x45/0x70 [ 16.255023] kasan_save_track+0x18/0x40 [ 16.255512] kasan_save_alloc_info+0x3b/0x50 [ 16.255729] __kasan_kmalloc+0xb7/0xc0 [ 16.256025] __kmalloc_noprof+0x1ca/0x500 [ 16.256246] kunit_kmalloc_array+0x25/0x60 [ 16.256440] copy_user_test_oob+0xac/0x10f0 [ 16.256628] kunit_try_run_case+0x1a6/0x480 [ 16.256822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.257070] kthread+0x324/0x6e0 [ 16.257507] ret_from_fork+0x41/0x80 [ 16.257661] ret_from_fork_asm+0x1a/0x30 [ 16.258003] [ 16.258122] The buggy address belongs to the object at ffff888102adde00 [ 16.258122] which belongs to the cache kmalloc-128 of size 128 [ 16.258826] The buggy address is located 0 bytes inside of [ 16.258826] allocated 120-byte region [ffff888102adde00, ffff888102adde78) [ 16.259449] [ 16.259541] The buggy address belongs to the physical page: [ 16.259930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.260368] flags: 0x200000000000000(node=0|zone=2) [ 16.260646] page_type: f5(slab) [ 16.260817] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.261268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.261643] page dumped because: kasan: bad access detected [ 16.261963] [ 16.262044] Memory state around the buggy address: [ 16.262333] ffff888102addd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.262773] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.263178] >ffff888102adde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.263536] ^ [ 16.263858] ffff888102adde80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.264272] ffff888102addf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.264544] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.185735] ================================================================== [ 16.187056] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.187464] Read of size 8 at addr ffff888102addd78 by task kunit_try_catch/289 [ 16.187700] [ 16.187793] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.187854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.187869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.187895] Call Trace: [ 16.187912] <TASK> [ 16.187934] dump_stack_lvl+0x73/0xb0 [ 16.187969] print_report+0xd1/0x650 [ 16.187994] ? __virt_addr_valid+0x1db/0x2d0 [ 16.188020] ? copy_to_kernel_nofault+0x225/0x260 [ 16.188044] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.188072] ? copy_to_kernel_nofault+0x225/0x260 [ 16.188097] kasan_report+0x140/0x180 [ 16.188119] ? copy_to_kernel_nofault+0x225/0x260 [ 16.188149] __asan_report_load8_noabort+0x18/0x20 [ 16.188172] copy_to_kernel_nofault+0x225/0x260 [ 16.188198] copy_to_kernel_nofault_oob+0x1ee/0x560 [ 16.188222] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.188245] ? finish_task_switch.isra.0+0x153/0x700 [ 16.188272] ? __schedule+0xce8/0x2840 [ 16.188299] ? trace_hardirqs_on+0x37/0xe0 [ 16.188332] ? __pfx_read_tsc+0x10/0x10 [ 16.188356] ? ktime_get_ts64+0x86/0x230 [ 16.188384] kunit_try_run_case+0x1a6/0x480 [ 16.188410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188433] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.188456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.188482] ? __kthread_parkme+0x82/0x160 [ 16.188507] ? preempt_count_sub+0x50/0x80 [ 16.188531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.188555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.188582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.188609] kthread+0x324/0x6e0 [ 16.188631] ? trace_preempt_on+0x20/0xc0 [ 16.188655] ? __pfx_kthread+0x10/0x10 [ 16.188679] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.188704] ? calculate_sigpending+0x7b/0xa0 [ 16.188727] ? __pfx_kthread+0x10/0x10 [ 16.188750] ret_from_fork+0x41/0x80 [ 16.188771] ? __pfx_kthread+0x10/0x10 [ 16.188794] ret_from_fork_asm+0x1a/0x30 [ 16.188828] </TASK> [ 16.188850] [ 16.198621] Allocated by task 289: [ 16.198793] kasan_save_stack+0x45/0x70 [ 16.198971] kasan_save_track+0x18/0x40 [ 16.199339] kasan_save_alloc_info+0x3b/0x50 [ 16.199529] __kasan_kmalloc+0xb7/0xc0 [ 16.199665] __kmalloc_cache_noprof+0x18a/0x420 [ 16.199824] copy_to_kernel_nofault_oob+0x130/0x560 [ 16.200244] kunit_try_run_case+0x1a6/0x480 [ 16.200455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.200701] kthread+0x324/0x6e0 [ 16.200887] ret_from_fork+0x41/0x80 [ 16.201092] ret_from_fork_asm+0x1a/0x30 [ 16.201304] [ 16.201395] The buggy address belongs to the object at ffff888102addd00 [ 16.201395] which belongs to the cache kmalloc-128 of size 128 [ 16.201832] The buggy address is located 0 bytes to the right of [ 16.201832] allocated 120-byte region [ffff888102addd00, ffff888102addd78) [ 16.202353] [ 16.202429] The buggy address belongs to the physical page: [ 16.202610] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.202865] flags: 0x200000000000000(node=0|zone=2) [ 16.203289] page_type: f5(slab) [ 16.203477] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.203739] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.203980] page dumped because: kasan: bad access detected [ 16.204420] [ 16.204516] Memory state around the buggy address: [ 16.204897] ffff888102addc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.205353] ffff888102addc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.205572] >ffff888102addd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.205790] ^ [ 16.206233] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.206680] ffff888102adde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.206927] ================================================================== [ 16.208027] ================================================================== [ 16.208329] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.208642] Write of size 8 at addr ffff888102addd78 by task kunit_try_catch/289 [ 16.208905] [ 16.208998] CPU: 0 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.209060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.209074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.209098] Call Trace: [ 16.209113] <TASK> [ 16.209146] dump_stack_lvl+0x73/0xb0 [ 16.209175] print_report+0xd1/0x650 [ 16.209200] ? __virt_addr_valid+0x1db/0x2d0 [ 16.209225] ? copy_to_kernel_nofault+0x99/0x260 [ 16.209249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.209276] ? copy_to_kernel_nofault+0x99/0x260 [ 16.209300] kasan_report+0x140/0x180 [ 16.209324] ? copy_to_kernel_nofault+0x99/0x260 [ 16.209352] kasan_check_range+0x10c/0x1c0 [ 16.209376] __kasan_check_write+0x18/0x20 [ 16.209399] copy_to_kernel_nofault+0x99/0x260 [ 16.209424] copy_to_kernel_nofault_oob+0x289/0x560 [ 16.209448] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.209472] ? finish_task_switch.isra.0+0x153/0x700 [ 16.209497] ? __schedule+0xce8/0x2840 [ 16.209522] ? trace_hardirqs_on+0x37/0xe0 [ 16.209554] ? __pfx_read_tsc+0x10/0x10 [ 16.209578] ? ktime_get_ts64+0x86/0x230 [ 16.209604] kunit_try_run_case+0x1a6/0x480 [ 16.209629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.209653] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.209675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.209701] ? __kthread_parkme+0x82/0x160 [ 16.209725] ? preempt_count_sub+0x50/0x80 [ 16.209759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.209785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.209814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.209854] kthread+0x324/0x6e0 [ 16.209880] ? trace_preempt_on+0x20/0xc0 [ 16.209906] ? __pfx_kthread+0x10/0x10 [ 16.209930] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.209955] ? calculate_sigpending+0x7b/0xa0 [ 16.209979] ? __pfx_kthread+0x10/0x10 [ 16.210003] ret_from_fork+0x41/0x80 [ 16.210025] ? __pfx_kthread+0x10/0x10 [ 16.210048] ret_from_fork_asm+0x1a/0x30 [ 16.210081] </TASK> [ 16.210095] [ 16.218195] Allocated by task 289: [ 16.218352] kasan_save_stack+0x45/0x70 [ 16.218509] kasan_save_track+0x18/0x40 [ 16.218796] kasan_save_alloc_info+0x3b/0x50 [ 16.219016] __kasan_kmalloc+0xb7/0xc0 [ 16.219204] __kmalloc_cache_noprof+0x18a/0x420 [ 16.219403] copy_to_kernel_nofault_oob+0x130/0x560 [ 16.219610] kunit_try_run_case+0x1a6/0x480 [ 16.219961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.220325] kthread+0x324/0x6e0 [ 16.220469] ret_from_fork+0x41/0x80 [ 16.220712] ret_from_fork_asm+0x1a/0x30 [ 16.220869] [ 16.220969] The buggy address belongs to the object at ffff888102addd00 [ 16.220969] which belongs to the cache kmalloc-128 of size 128 [ 16.221563] The buggy address is located 0 bytes to the right of [ 16.221563] allocated 120-byte region [ffff888102addd00, ffff888102addd78) [ 16.221964] [ 16.222040] The buggy address belongs to the physical page: [ 16.222215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 16.222772] flags: 0x200000000000000(node=0|zone=2) [ 16.223280] page_type: f5(slab) [ 16.223419] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.223690] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.224189] page dumped because: kasan: bad access detected [ 16.224400] [ 16.224494] Memory state around the buggy address: [ 16.224682] ffff888102addc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.224968] ffff888102addc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.225429] >ffff888102addd00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.225748] ^ [ 16.226075] ffff888102addd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226371] ffff888102adde00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226654] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 15.534464] ================================================================== [ 15.534828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 15.535567] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.535916] [ 15.536030] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.536087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.536101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.536124] Call Trace: [ 15.536146] <TASK> [ 15.536168] dump_stack_lvl+0x73/0xb0 [ 15.536197] print_report+0xd1/0x650 [ 15.536221] ? __virt_addr_valid+0x1db/0x2d0 [ 15.536245] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.536267] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.536293] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.536315] kasan_report+0x140/0x180 [ 15.536339] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.536366] kasan_check_range+0x10c/0x1c0 [ 15.536392] __kasan_check_read+0x15/0x20 [ 15.536415] kasan_atomics_helper+0x13b6/0x5450 [ 15.536438] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.536460] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.536487] ? kasan_atomics+0x153/0x310 [ 15.536514] kasan_atomics+0x1dd/0x310 [ 15.536537] ? __pfx_kasan_atomics+0x10/0x10 [ 15.536562] ? __pfx_read_tsc+0x10/0x10 [ 15.536585] ? ktime_get_ts64+0x86/0x230 [ 15.536612] kunit_try_run_case+0x1a6/0x480 [ 15.536639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536661] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.536687] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.536713] ? __kthread_parkme+0x82/0x160 [ 15.536737] ? preempt_count_sub+0x50/0x80 [ 15.536763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.536853] kthread+0x324/0x6e0 [ 15.536875] ? trace_preempt_on+0x20/0xc0 [ 15.536900] ? __pfx_kthread+0x10/0x10 [ 15.536923] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.536948] ? calculate_sigpending+0x7b/0xa0 [ 15.536971] ? __pfx_kthread+0x10/0x10 [ 15.536995] ret_from_fork+0x41/0x80 [ 15.537016] ? __pfx_kthread+0x10/0x10 [ 15.537038] ret_from_fork_asm+0x1a/0x30 [ 15.537082] </TASK> [ 15.537093] [ 15.544696] Allocated by task 273: [ 15.544885] kasan_save_stack+0x45/0x70 [ 15.545094] kasan_save_track+0x18/0x40 [ 15.545300] kasan_save_alloc_info+0x3b/0x50 [ 15.545518] __kasan_kmalloc+0xb7/0xc0 [ 15.545667] __kmalloc_cache_noprof+0x18a/0x420 [ 15.545867] kasan_atomics+0x96/0x310 [ 15.546002] kunit_try_run_case+0x1a6/0x480 [ 15.546149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.546328] kthread+0x324/0x6e0 [ 15.546455] ret_from_fork+0x41/0x80 [ 15.546585] ret_from_fork_asm+0x1a/0x30 [ 15.546726] [ 15.546811] The buggy address belongs to the object at ffff888101b3e000 [ 15.546811] which belongs to the cache kmalloc-64 of size 64 [ 15.547503] The buggy address is located 0 bytes to the right of [ 15.547503] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.548074] [ 15.548173] The buggy address belongs to the physical page: [ 15.548425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.548778] flags: 0x200000000000000(node=0|zone=2) [ 15.549027] page_type: f5(slab) [ 15.549216] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.549449] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.549676] page dumped because: kasan: bad access detected [ 15.549862] [ 15.549958] Memory state around the buggy address: [ 15.550339] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550666] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550998] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.551658] ^ [ 15.551864] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552189] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.552462] ================================================================== [ 15.182747] ================================================================== [ 15.183282] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 15.183631] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.183955] [ 15.184044] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.184090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.184103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.184127] Call Trace: [ 15.184150] <TASK> [ 15.184172] dump_stack_lvl+0x73/0xb0 [ 15.184201] print_report+0xd1/0x650 [ 15.184224] ? __virt_addr_valid+0x1db/0x2d0 [ 15.184248] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.184270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.184296] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.184318] kasan_report+0x140/0x180 [ 15.184341] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.184366] kasan_check_range+0x10c/0x1c0 [ 15.184392] __kasan_check_write+0x18/0x20 [ 15.184415] kasan_atomics_helper+0xb6b/0x5450 [ 15.184437] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.184460] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.184487] ? kasan_atomics+0x153/0x310 [ 15.184513] kasan_atomics+0x1dd/0x310 [ 15.184535] ? __pfx_kasan_atomics+0x10/0x10 [ 15.184559] ? __pfx_read_tsc+0x10/0x10 [ 15.184583] ? ktime_get_ts64+0x86/0x230 [ 15.184610] kunit_try_run_case+0x1a6/0x480 [ 15.184634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.184657] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.184680] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.184707] ? __kthread_parkme+0x82/0x160 [ 15.184731] ? preempt_count_sub+0x50/0x80 [ 15.184757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.184781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.184807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.184834] kthread+0x324/0x6e0 [ 15.184890] ? trace_preempt_on+0x20/0xc0 [ 15.184917] ? __pfx_kthread+0x10/0x10 [ 15.184940] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.184965] ? calculate_sigpending+0x7b/0xa0 [ 15.184989] ? __pfx_kthread+0x10/0x10 [ 15.185012] ret_from_fork+0x41/0x80 [ 15.185060] ? __pfx_kthread+0x10/0x10 [ 15.185084] ret_from_fork_asm+0x1a/0x30 [ 15.185117] </TASK> [ 15.185129] [ 15.193266] Allocated by task 273: [ 15.193449] kasan_save_stack+0x45/0x70 [ 15.193685] kasan_save_track+0x18/0x40 [ 15.193846] kasan_save_alloc_info+0x3b/0x50 [ 15.193993] __kasan_kmalloc+0xb7/0xc0 [ 15.194340] __kmalloc_cache_noprof+0x18a/0x420 [ 15.194584] kasan_atomics+0x96/0x310 [ 15.194793] kunit_try_run_case+0x1a6/0x480 [ 15.195023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.195296] kthread+0x324/0x6e0 [ 15.195440] ret_from_fork+0x41/0x80 [ 15.195570] ret_from_fork_asm+0x1a/0x30 [ 15.195707] [ 15.195803] The buggy address belongs to the object at ffff888101b3e000 [ 15.195803] which belongs to the cache kmalloc-64 of size 64 [ 15.196506] The buggy address is located 0 bytes to the right of [ 15.196506] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.196870] [ 15.196953] The buggy address belongs to the physical page: [ 15.197396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.197779] flags: 0x200000000000000(node=0|zone=2) [ 15.198064] page_type: f5(slab) [ 15.198258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.198519] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.198738] page dumped because: kasan: bad access detected [ 15.198955] [ 15.199068] Memory state around the buggy address: [ 15.199367] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.199739] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200124] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.200464] ^ [ 15.200672] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.200922] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.201133] ================================================================== [ 15.696651] ================================================================== [ 15.697443] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 15.700157] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.701163] [ 15.701373] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.701428] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.701443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.701466] Call Trace: [ 15.701492] <TASK> [ 15.701514] dump_stack_lvl+0x73/0xb0 [ 15.701552] print_report+0xd1/0x650 [ 15.701577] ? __virt_addr_valid+0x1db/0x2d0 [ 15.701602] ? kasan_atomics_helper+0x1780/0x5450 [ 15.701626] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.701652] ? kasan_atomics_helper+0x1780/0x5450 [ 15.701674] kasan_report+0x140/0x180 [ 15.701696] ? kasan_atomics_helper+0x1780/0x5450 [ 15.701722] kasan_check_range+0x10c/0x1c0 [ 15.701752] __kasan_check_write+0x18/0x20 [ 15.701775] kasan_atomics_helper+0x1780/0x5450 [ 15.701798] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.701819] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.701855] ? kasan_atomics+0x153/0x310 [ 15.701881] kasan_atomics+0x1dd/0x310 [ 15.701903] ? __pfx_kasan_atomics+0x10/0x10 [ 15.701928] ? __pfx_read_tsc+0x10/0x10 [ 15.701951] ? ktime_get_ts64+0x86/0x230 [ 15.701977] kunit_try_run_case+0x1a6/0x480 [ 15.702002] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702025] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.702058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.702085] ? __kthread_parkme+0x82/0x160 [ 15.702109] ? preempt_count_sub+0x50/0x80 [ 15.702134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.702157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.702184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.702210] kthread+0x324/0x6e0 [ 15.702232] ? trace_preempt_on+0x20/0xc0 [ 15.702257] ? __pfx_kthread+0x10/0x10 [ 15.702281] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.702304] ? calculate_sigpending+0x7b/0xa0 [ 15.702328] ? __pfx_kthread+0x10/0x10 [ 15.702351] ret_from_fork+0x41/0x80 [ 15.702370] ? __pfx_kthread+0x10/0x10 [ 15.702393] ret_from_fork_asm+0x1a/0x30 [ 15.702426] </TASK> [ 15.702437] [ 15.716329] Allocated by task 273: [ 15.716556] kasan_save_stack+0x45/0x70 [ 15.716760] kasan_save_track+0x18/0x40 [ 15.716930] kasan_save_alloc_info+0x3b/0x50 [ 15.717083] __kasan_kmalloc+0xb7/0xc0 [ 15.717220] __kmalloc_cache_noprof+0x18a/0x420 [ 15.717443] kasan_atomics+0x96/0x310 [ 15.717645] kunit_try_run_case+0x1a6/0x480 [ 15.717804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.718008] kthread+0x324/0x6e0 [ 15.718533] ret_from_fork+0x41/0x80 [ 15.718956] ret_from_fork_asm+0x1a/0x30 [ 15.719343] [ 15.719524] The buggy address belongs to the object at ffff888101b3e000 [ 15.719524] which belongs to the cache kmalloc-64 of size 64 [ 15.720784] The buggy address is located 0 bytes to the right of [ 15.720784] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.721905] [ 15.721986] The buggy address belongs to the physical page: [ 15.722207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.722933] flags: 0x200000000000000(node=0|zone=2) [ 15.723425] page_type: f5(slab) [ 15.723738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.724476] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.724943] page dumped because: kasan: bad access detected [ 15.725300] [ 15.725487] Memory state around the buggy address: [ 15.725942] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726659] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.726905] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.727269] ^ [ 15.727714] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.728382] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.729110] ================================================================== [ 15.201730] ================================================================== [ 15.202121] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 15.202486] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.202873] [ 15.202986] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.203068] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.203099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.203127] Call Trace: [ 15.203154] <TASK> [ 15.203196] dump_stack_lvl+0x73/0xb0 [ 15.203250] print_report+0xd1/0x650 [ 15.203277] ? __virt_addr_valid+0x1db/0x2d0 [ 15.203301] ? kasan_atomics_helper+0xc71/0x5450 [ 15.203323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.203351] ? kasan_atomics_helper+0xc71/0x5450 [ 15.203374] kasan_report+0x140/0x180 [ 15.203400] ? kasan_atomics_helper+0xc71/0x5450 [ 15.203442] kasan_check_range+0x10c/0x1c0 [ 15.203467] __kasan_check_write+0x18/0x20 [ 15.203491] kasan_atomics_helper+0xc71/0x5450 [ 15.203514] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.203536] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.203562] ? kasan_atomics+0x153/0x310 [ 15.203606] kasan_atomics+0x1dd/0x310 [ 15.203630] ? __pfx_kasan_atomics+0x10/0x10 [ 15.203654] ? __pfx_read_tsc+0x10/0x10 [ 15.203677] ? ktime_get_ts64+0x86/0x230 [ 15.203704] kunit_try_run_case+0x1a6/0x480 [ 15.203728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203768] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.203792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.203819] ? __kthread_parkme+0x82/0x160 [ 15.203856] ? preempt_count_sub+0x50/0x80 [ 15.203882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.203905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.203933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.203960] kthread+0x324/0x6e0 [ 15.203983] ? trace_preempt_on+0x20/0xc0 [ 15.204008] ? __pfx_kthread+0x10/0x10 [ 15.204032] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.204068] ? calculate_sigpending+0x7b/0xa0 [ 15.204090] ? __pfx_kthread+0x10/0x10 [ 15.204114] ret_from_fork+0x41/0x80 [ 15.204135] ? __pfx_kthread+0x10/0x10 [ 15.204158] ret_from_fork_asm+0x1a/0x30 [ 15.204191] </TASK> [ 15.204203] [ 15.211896] Allocated by task 273: [ 15.212121] kasan_save_stack+0x45/0x70 [ 15.212364] kasan_save_track+0x18/0x40 [ 15.212570] kasan_save_alloc_info+0x3b/0x50 [ 15.212740] __kasan_kmalloc+0xb7/0xc0 [ 15.212915] __kmalloc_cache_noprof+0x18a/0x420 [ 15.213152] kasan_atomics+0x96/0x310 [ 15.213381] kunit_try_run_case+0x1a6/0x480 [ 15.213575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.213903] kthread+0x324/0x6e0 [ 15.214111] ret_from_fork+0x41/0x80 [ 15.214302] ret_from_fork_asm+0x1a/0x30 [ 15.214501] [ 15.214602] The buggy address belongs to the object at ffff888101b3e000 [ 15.214602] which belongs to the cache kmalloc-64 of size 64 [ 15.215131] The buggy address is located 0 bytes to the right of [ 15.215131] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.215674] [ 15.215877] The buggy address belongs to the physical page: [ 15.216149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.216390] flags: 0x200000000000000(node=0|zone=2) [ 15.216554] page_type: f5(slab) [ 15.216706] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.217068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.217427] page dumped because: kasan: bad access detected [ 15.217699] [ 15.217804] Memory state around the buggy address: [ 15.218048] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.218287] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.218594] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.218936] ^ [ 15.219176] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.219447] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.219797] ================================================================== [ 15.321166] ================================================================== [ 15.321519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 15.321895] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.322544] [ 15.322661] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.322707] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.322721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.322745] Call Trace: [ 15.322767] <TASK> [ 15.322788] dump_stack_lvl+0x73/0xb0 [ 15.322817] print_report+0xd1/0x650 [ 15.322851] ? __virt_addr_valid+0x1db/0x2d0 [ 15.322875] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.322897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.322924] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.322946] kasan_report+0x140/0x180 [ 15.322968] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.322994] kasan_check_range+0x10c/0x1c0 [ 15.323018] __kasan_check_write+0x18/0x20 [ 15.323041] kasan_atomics_helper+0xfaa/0x5450 [ 15.323074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.323096] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.323122] ? kasan_atomics+0x153/0x310 [ 15.323149] kasan_atomics+0x1dd/0x310 [ 15.323172] ? __pfx_kasan_atomics+0x10/0x10 [ 15.323198] ? __pfx_read_tsc+0x10/0x10 [ 15.323221] ? ktime_get_ts64+0x86/0x230 [ 15.323248] kunit_try_run_case+0x1a6/0x480 [ 15.323272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.323294] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.323317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.323343] ? __kthread_parkme+0x82/0x160 [ 15.323367] ? preempt_count_sub+0x50/0x80 [ 15.323393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.323415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.323442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.323469] kthread+0x324/0x6e0 [ 15.323492] ? trace_preempt_on+0x20/0xc0 [ 15.323517] ? __pfx_kthread+0x10/0x10 [ 15.323540] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.323564] ? calculate_sigpending+0x7b/0xa0 [ 15.323586] ? __pfx_kthread+0x10/0x10 [ 15.323611] ret_from_fork+0x41/0x80 [ 15.323630] ? __pfx_kthread+0x10/0x10 [ 15.323654] ret_from_fork_asm+0x1a/0x30 [ 15.323686] </TASK> [ 15.323709] [ 15.331466] Allocated by task 273: [ 15.331616] kasan_save_stack+0x45/0x70 [ 15.331772] kasan_save_track+0x18/0x40 [ 15.331993] kasan_save_alloc_info+0x3b/0x50 [ 15.332256] __kasan_kmalloc+0xb7/0xc0 [ 15.332444] __kmalloc_cache_noprof+0x18a/0x420 [ 15.332666] kasan_atomics+0x96/0x310 [ 15.332860] kunit_try_run_case+0x1a6/0x480 [ 15.333083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.333314] kthread+0x324/0x6e0 [ 15.333541] ret_from_fork+0x41/0x80 [ 15.333787] ret_from_fork_asm+0x1a/0x30 [ 15.334039] [ 15.334168] The buggy address belongs to the object at ffff888101b3e000 [ 15.334168] which belongs to the cache kmalloc-64 of size 64 [ 15.334729] The buggy address is located 0 bytes to the right of [ 15.334729] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.335220] [ 15.335296] The buggy address belongs to the physical page: [ 15.335465] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.335791] flags: 0x200000000000000(node=0|zone=2) [ 15.336037] page_type: f5(slab) [ 15.336295] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.336676] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.337018] page dumped because: kasan: bad access detected [ 15.337442] [ 15.337520] Memory state around the buggy address: [ 15.337720] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.338077] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.338416] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.338742] ^ [ 15.338974] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339373] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.339668] ================================================================== [ 16.034289] ================================================================== [ 16.034659] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 16.035053] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.035386] [ 16.035474] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.035524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.035537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.035560] Call Trace: [ 16.035582] <TASK> [ 16.035604] dump_stack_lvl+0x73/0xb0 [ 16.035632] print_report+0xd1/0x650 [ 16.035655] ? __virt_addr_valid+0x1db/0x2d0 [ 16.035679] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.035700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.035726] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.035750] kasan_report+0x140/0x180 [ 16.035773] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.035799] kasan_check_range+0x10c/0x1c0 [ 16.035823] __kasan_check_write+0x18/0x20 [ 16.035858] kasan_atomics_helper+0x20c9/0x5450 [ 16.035881] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.035903] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.035929] ? kasan_atomics+0x153/0x310 [ 16.035954] kasan_atomics+0x1dd/0x310 [ 16.035977] ? __pfx_kasan_atomics+0x10/0x10 [ 16.036001] ? __pfx_read_tsc+0x10/0x10 [ 16.036023] ? ktime_get_ts64+0x86/0x230 [ 16.036050] kunit_try_run_case+0x1a6/0x480 [ 16.036076] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036098] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.036122] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.036148] ? __kthread_parkme+0x82/0x160 [ 16.036171] ? preempt_count_sub+0x50/0x80 [ 16.036197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.036288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.036340] kthread+0x324/0x6e0 [ 16.036390] ? trace_preempt_on+0x20/0xc0 [ 16.036415] ? __pfx_kthread+0x10/0x10 [ 16.036439] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.036462] ? calculate_sigpending+0x7b/0xa0 [ 16.036485] ? __pfx_kthread+0x10/0x10 [ 16.036519] ret_from_fork+0x41/0x80 [ 16.036539] ? __pfx_kthread+0x10/0x10 [ 16.036563] ret_from_fork_asm+0x1a/0x30 [ 16.036596] </TASK> [ 16.036608] [ 16.048287] Allocated by task 273: [ 16.048543] kasan_save_stack+0x45/0x70 [ 16.048878] kasan_save_track+0x18/0x40 [ 16.049188] kasan_save_alloc_info+0x3b/0x50 [ 16.049501] __kasan_kmalloc+0xb7/0xc0 [ 16.049697] __kmalloc_cache_noprof+0x18a/0x420 [ 16.049927] kasan_atomics+0x96/0x310 [ 16.050374] kunit_try_run_case+0x1a6/0x480 [ 16.050670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.051142] kthread+0x324/0x6e0 [ 16.051427] ret_from_fork+0x41/0x80 [ 16.051615] ret_from_fork_asm+0x1a/0x30 [ 16.051802] [ 16.051905] The buggy address belongs to the object at ffff888101b3e000 [ 16.051905] which belongs to the cache kmalloc-64 of size 64 [ 16.052849] The buggy address is located 0 bytes to the right of [ 16.052849] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.053711] [ 16.054005] The buggy address belongs to the physical page: [ 16.054353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.054663] flags: 0x200000000000000(node=0|zone=2) [ 16.054893] page_type: f5(slab) [ 16.055054] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.055368] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.055672] page dumped because: kasan: bad access detected [ 16.056254] [ 16.056496] Memory state around the buggy address: [ 16.056978] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.057437] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.057916] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.058438] ^ [ 16.058832] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059341] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.059757] ================================================================== [ 15.035722] ================================================================== [ 15.036208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 15.036568] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.036869] [ 15.036976] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.037029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.037044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.037067] Call Trace: [ 15.037089] <TASK> [ 15.037110] dump_stack_lvl+0x73/0xb0 [ 15.037140] print_report+0xd1/0x650 [ 15.037163] ? __virt_addr_valid+0x1db/0x2d0 [ 15.037187] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.037208] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.037234] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.037256] kasan_report+0x140/0x180 [ 15.037277] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.037303] kasan_check_range+0x10c/0x1c0 [ 15.037326] __kasan_check_write+0x18/0x20 [ 15.037350] kasan_atomics_helper+0x7c8/0x5450 [ 15.037372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.037394] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.037420] ? kasan_atomics+0x153/0x310 [ 15.037447] kasan_atomics+0x1dd/0x310 [ 15.037469] ? __pfx_kasan_atomics+0x10/0x10 [ 15.037494] ? __pfx_read_tsc+0x10/0x10 [ 15.037518] ? ktime_get_ts64+0x86/0x230 [ 15.037546] kunit_try_run_case+0x1a6/0x480 [ 15.037571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037594] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.037628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.037657] ? __kthread_parkme+0x82/0x160 [ 15.037680] ? preempt_count_sub+0x50/0x80 [ 15.037706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.037732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.037764] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.037792] kthread+0x324/0x6e0 [ 15.037814] ? trace_preempt_on+0x20/0xc0 [ 15.037849] ? __pfx_kthread+0x10/0x10 [ 15.037873] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.037897] ? calculate_sigpending+0x7b/0xa0 [ 15.037922] ? __pfx_kthread+0x10/0x10 [ 15.037945] ret_from_fork+0x41/0x80 [ 15.037965] ? __pfx_kthread+0x10/0x10 [ 15.037988] ret_from_fork_asm+0x1a/0x30 [ 15.038021] </TASK> [ 15.038034] [ 15.047777] Allocated by task 273: [ 15.048007] kasan_save_stack+0x45/0x70 [ 15.048212] kasan_save_track+0x18/0x40 [ 15.048387] kasan_save_alloc_info+0x3b/0x50 [ 15.048561] __kasan_kmalloc+0xb7/0xc0 [ 15.048755] __kmalloc_cache_noprof+0x18a/0x420 [ 15.050240] kasan_atomics+0x96/0x310 [ 15.050730] kunit_try_run_case+0x1a6/0x480 [ 15.051351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.051888] kthread+0x324/0x6e0 [ 15.052545] ret_from_fork+0x41/0x80 [ 15.053166] ret_from_fork_asm+0x1a/0x30 [ 15.053798] [ 15.054206] The buggy address belongs to the object at ffff888101b3e000 [ 15.054206] which belongs to the cache kmalloc-64 of size 64 [ 15.054635] The buggy address is located 0 bytes to the right of [ 15.054635] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.055154] [ 15.055386] The buggy address belongs to the physical page: [ 15.055929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.056666] flags: 0x200000000000000(node=0|zone=2) [ 15.057160] page_type: f5(slab) [ 15.057507] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.058211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.058682] page dumped because: kasan: bad access detected [ 15.058868] [ 15.058940] Memory state around the buggy address: [ 15.059237] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.059877] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.060520] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.061172] ^ [ 15.061577] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.061803] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.062027] ================================================================== [ 15.383498] ================================================================== [ 15.383891] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 15.384311] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.384661] [ 15.384791] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.384847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.384861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.384885] Call Trace: [ 15.385029] <TASK> [ 15.385053] dump_stack_lvl+0x73/0xb0 [ 15.385090] print_report+0xd1/0x650 [ 15.385114] ? __virt_addr_valid+0x1db/0x2d0 [ 15.385138] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.385159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.385186] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.385207] kasan_report+0x140/0x180 [ 15.385230] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.385256] __asan_report_load4_noabort+0x18/0x20 [ 15.385280] kasan_atomics_helper+0x4a1e/0x5450 [ 15.385302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.385325] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.385352] ? kasan_atomics+0x153/0x310 [ 15.385379] kasan_atomics+0x1dd/0x310 [ 15.385402] ? __pfx_kasan_atomics+0x10/0x10 [ 15.385426] ? __pfx_read_tsc+0x10/0x10 [ 15.385450] ? ktime_get_ts64+0x86/0x230 [ 15.385476] kunit_try_run_case+0x1a6/0x480 [ 15.385501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.385523] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.385546] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.385573] ? __kthread_parkme+0x82/0x160 [ 15.385597] ? preempt_count_sub+0x50/0x80 [ 15.385623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.385646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.385673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.385699] kthread+0x324/0x6e0 [ 15.385722] ? trace_preempt_on+0x20/0xc0 [ 15.385754] ? __pfx_kthread+0x10/0x10 [ 15.385778] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.385801] ? calculate_sigpending+0x7b/0xa0 [ 15.385824] ? __pfx_kthread+0x10/0x10 [ 15.385856] ret_from_fork+0x41/0x80 [ 15.385875] ? __pfx_kthread+0x10/0x10 [ 15.385898] ret_from_fork_asm+0x1a/0x30 [ 15.385931] </TASK> [ 15.385942] [ 15.394409] Allocated by task 273: [ 15.394713] kasan_save_stack+0x45/0x70 [ 15.395338] kasan_save_track+0x18/0x40 [ 15.395535] kasan_save_alloc_info+0x3b/0x50 [ 15.395681] __kasan_kmalloc+0xb7/0xc0 [ 15.395810] __kmalloc_cache_noprof+0x18a/0x420 [ 15.396119] kasan_atomics+0x96/0x310 [ 15.396413] kunit_try_run_case+0x1a6/0x480 [ 15.396850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.397220] kthread+0x324/0x6e0 [ 15.397808] ret_from_fork+0x41/0x80 [ 15.398277] ret_from_fork_asm+0x1a/0x30 [ 15.398466] [ 15.398561] The buggy address belongs to the object at ffff888101b3e000 [ 15.398561] which belongs to the cache kmalloc-64 of size 64 [ 15.399568] The buggy address is located 0 bytes to the right of [ 15.399568] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.400080] [ 15.400160] The buggy address belongs to the physical page: [ 15.400794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.401209] flags: 0x200000000000000(node=0|zone=2) [ 15.401627] page_type: f5(slab) [ 15.401956] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.402256] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.402695] page dumped because: kasan: bad access detected [ 15.402931] [ 15.403001] Memory state around the buggy address: [ 15.403336] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.403684] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.404027] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.404357] ^ [ 15.404574] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.404913] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.405298] ================================================================== [ 15.113172] ================================================================== [ 15.113495] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 15.113816] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.114200] [ 15.114309] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.114356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.114370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.114394] Call Trace: [ 15.114417] <TASK> [ 15.114439] dump_stack_lvl+0x73/0xb0 [ 15.114473] print_report+0xd1/0x650 [ 15.114496] ? __virt_addr_valid+0x1db/0x2d0 [ 15.114520] ? kasan_atomics_helper+0x993/0x5450 [ 15.114542] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.114569] ? kasan_atomics_helper+0x993/0x5450 [ 15.114590] kasan_report+0x140/0x180 [ 15.114612] ? kasan_atomics_helper+0x993/0x5450 [ 15.114638] kasan_check_range+0x10c/0x1c0 [ 15.114662] __kasan_check_write+0x18/0x20 [ 15.114685] kasan_atomics_helper+0x993/0x5450 [ 15.114707] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.114729] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.114755] ? kasan_atomics+0x153/0x310 [ 15.114782] kasan_atomics+0x1dd/0x310 [ 15.114804] ? __pfx_kasan_atomics+0x10/0x10 [ 15.114830] ? __pfx_read_tsc+0x10/0x10 [ 15.114876] ? ktime_get_ts64+0x86/0x230 [ 15.114904] kunit_try_run_case+0x1a6/0x480 [ 15.114928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.114950] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.114974] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.114999] ? __kthread_parkme+0x82/0x160 [ 15.115023] ? preempt_count_sub+0x50/0x80 [ 15.115060] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.115083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.115110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.115137] kthread+0x324/0x6e0 [ 15.115159] ? trace_preempt_on+0x20/0xc0 [ 15.115184] ? __pfx_kthread+0x10/0x10 [ 15.115207] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.115231] ? calculate_sigpending+0x7b/0xa0 [ 15.115254] ? __pfx_kthread+0x10/0x10 [ 15.115278] ret_from_fork+0x41/0x80 [ 15.115297] ? __pfx_kthread+0x10/0x10 [ 15.115320] ret_from_fork_asm+0x1a/0x30 [ 15.115353] </TASK> [ 15.115365] [ 15.125268] Allocated by task 273: [ 15.125676] kasan_save_stack+0x45/0x70 [ 15.125920] kasan_save_track+0x18/0x40 [ 15.126335] kasan_save_alloc_info+0x3b/0x50 [ 15.126655] __kasan_kmalloc+0xb7/0xc0 [ 15.126870] __kmalloc_cache_noprof+0x18a/0x420 [ 15.127262] kasan_atomics+0x96/0x310 [ 15.127535] kunit_try_run_case+0x1a6/0x480 [ 15.127827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.128179] kthread+0x324/0x6e0 [ 15.128323] ret_from_fork+0x41/0x80 [ 15.128655] ret_from_fork_asm+0x1a/0x30 [ 15.128890] [ 15.129161] The buggy address belongs to the object at ffff888101b3e000 [ 15.129161] which belongs to the cache kmalloc-64 of size 64 [ 15.129655] The buggy address is located 0 bytes to the right of [ 15.129655] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.130419] [ 15.130522] The buggy address belongs to the physical page: [ 15.130888] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.131430] flags: 0x200000000000000(node=0|zone=2) [ 15.131754] page_type: f5(slab) [ 15.132074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.132416] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.132885] page dumped because: kasan: bad access detected [ 15.133219] [ 15.133342] Memory state around the buggy address: [ 15.133669] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.133993] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.134539] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.134980] ^ [ 15.135310] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.135617] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.136062] ================================================================== [ 16.082736] ================================================================== [ 16.083031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 16.083372] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.083615] [ 16.083702] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.083746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.083759] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.083781] Call Trace: [ 16.083804] <TASK> [ 16.083827] dump_stack_lvl+0x73/0xb0 [ 16.083866] print_report+0xd1/0x650 [ 16.083889] ? __virt_addr_valid+0x1db/0x2d0 [ 16.083913] ? kasan_atomics_helper+0x218b/0x5450 [ 16.083934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.083960] ? kasan_atomics_helper+0x218b/0x5450 [ 16.083982] kasan_report+0x140/0x180 [ 16.084018] ? kasan_atomics_helper+0x218b/0x5450 [ 16.084056] kasan_check_range+0x10c/0x1c0 [ 16.084080] __kasan_check_write+0x18/0x20 [ 16.084104] kasan_atomics_helper+0x218b/0x5450 [ 16.084126] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.084148] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.084175] ? kasan_atomics+0x153/0x310 [ 16.084200] kasan_atomics+0x1dd/0x310 [ 16.084223] ? __pfx_kasan_atomics+0x10/0x10 [ 16.084247] ? __pfx_read_tsc+0x10/0x10 [ 16.084269] ? ktime_get_ts64+0x86/0x230 [ 16.084295] kunit_try_run_case+0x1a6/0x480 [ 16.084321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084343] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.084718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.084745] ? __kthread_parkme+0x82/0x160 [ 16.084768] ? preempt_count_sub+0x50/0x80 [ 16.084794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.084855] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.084882] kthread+0x324/0x6e0 [ 16.084905] ? trace_preempt_on+0x20/0xc0 [ 16.084931] ? __pfx_kthread+0x10/0x10 [ 16.084954] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.084978] ? calculate_sigpending+0x7b/0xa0 [ 16.085014] ? __pfx_kthread+0x10/0x10 [ 16.085038] ret_from_fork+0x41/0x80 [ 16.085066] ? __pfx_kthread+0x10/0x10 [ 16.085090] ret_from_fork_asm+0x1a/0x30 [ 16.085123] </TASK> [ 16.085135] [ 16.092369] Allocated by task 273: [ 16.092528] kasan_save_stack+0x45/0x70 [ 16.092740] kasan_save_track+0x18/0x40 [ 16.092944] kasan_save_alloc_info+0x3b/0x50 [ 16.093163] __kasan_kmalloc+0xb7/0xc0 [ 16.093358] __kmalloc_cache_noprof+0x18a/0x420 [ 16.093588] kasan_atomics+0x96/0x310 [ 16.093784] kunit_try_run_case+0x1a6/0x480 [ 16.093989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094212] kthread+0x324/0x6e0 [ 16.094358] ret_from_fork+0x41/0x80 [ 16.094490] ret_from_fork_asm+0x1a/0x30 [ 16.094651] [ 16.094750] The buggy address belongs to the object at ffff888101b3e000 [ 16.094750] which belongs to the cache kmalloc-64 of size 64 [ 16.095357] The buggy address is located 0 bytes to the right of [ 16.095357] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.095772] [ 16.095856] The buggy address belongs to the physical page: [ 16.096034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.096277] flags: 0x200000000000000(node=0|zone=2) [ 16.096525] page_type: f5(slab) [ 16.096699] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.097057] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.097392] page dumped because: kasan: bad access detected [ 16.097592] [ 16.097691] Memory state around the buggy address: [ 16.097939] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098222] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.098441] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.098655] ^ [ 16.098813] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.099148] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.099469] ================================================================== [ 15.839963] ================================================================== [ 15.841103] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 15.841468] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.841803] [ 15.841911] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.841958] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.841972] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.841995] Call Trace: [ 15.842017] <TASK> [ 15.842040] dump_stack_lvl+0x73/0xb0 [ 15.842068] print_report+0xd1/0x650 [ 15.842092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.842116] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.842138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.842165] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.842188] kasan_report+0x140/0x180 [ 15.842210] ? kasan_atomics_helper+0x1c19/0x5450 [ 15.842236] kasan_check_range+0x10c/0x1c0 [ 15.842259] __kasan_check_write+0x18/0x20 [ 15.842283] kasan_atomics_helper+0x1c19/0x5450 [ 15.842305] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.842328] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.842353] ? kasan_atomics+0x153/0x310 [ 15.842379] kasan_atomics+0x1dd/0x310 [ 15.842402] ? __pfx_kasan_atomics+0x10/0x10 [ 15.842426] ? __pfx_read_tsc+0x10/0x10 [ 15.842449] ? ktime_get_ts64+0x86/0x230 [ 15.842476] kunit_try_run_case+0x1a6/0x480 [ 15.842502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842526] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.842552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.842578] ? __kthread_parkme+0x82/0x160 [ 15.842602] ? preempt_count_sub+0x50/0x80 [ 15.842628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.842652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.842679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.842706] kthread+0x324/0x6e0 [ 15.843106] ? trace_preempt_on+0x20/0xc0 [ 15.843133] ? __pfx_kthread+0x10/0x10 [ 15.843155] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.843180] ? calculate_sigpending+0x7b/0xa0 [ 15.843202] ? __pfx_kthread+0x10/0x10 [ 15.843225] ret_from_fork+0x41/0x80 [ 15.843246] ? __pfx_kthread+0x10/0x10 [ 15.843268] ret_from_fork_asm+0x1a/0x30 [ 15.843301] </TASK> [ 15.843313] [ 15.850660] Allocated by task 273: [ 15.850853] kasan_save_stack+0x45/0x70 [ 15.851061] kasan_save_track+0x18/0x40 [ 15.851251] kasan_save_alloc_info+0x3b/0x50 [ 15.851480] __kasan_kmalloc+0xb7/0xc0 [ 15.851667] __kmalloc_cache_noprof+0x18a/0x420 [ 15.851847] kasan_atomics+0x96/0x310 [ 15.852035] kunit_try_run_case+0x1a6/0x480 [ 15.852198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852404] kthread+0x324/0x6e0 [ 15.852579] ret_from_fork+0x41/0x80 [ 15.852784] ret_from_fork_asm+0x1a/0x30 [ 15.852955] [ 15.853027] The buggy address belongs to the object at ffff888101b3e000 [ 15.853027] which belongs to the cache kmalloc-64 of size 64 [ 15.853487] The buggy address is located 0 bytes to the right of [ 15.853487] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.853963] [ 15.854073] The buggy address belongs to the physical page: [ 15.854319] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.854689] flags: 0x200000000000000(node=0|zone=2) [ 15.854891] page_type: f5(slab) [ 15.855014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.855264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.855623] page dumped because: kasan: bad access detected [ 15.855906] [ 15.856006] Memory state around the buggy address: [ 15.856243] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.856489] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.856810] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.857164] ^ [ 15.857324] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.857585] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.857912] ================================================================== [ 15.955202] ================================================================== [ 15.955774] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 15.956166] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.956720] [ 15.956879] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.956926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.956940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.956962] Call Trace: [ 15.956983] <TASK> [ 15.957005] dump_stack_lvl+0x73/0xb0 [ 15.957034] print_report+0xd1/0x650 [ 15.957056] ? __virt_addr_valid+0x1db/0x2d0 [ 15.957080] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.957102] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.957142] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.957164] kasan_report+0x140/0x180 [ 15.957224] ? kasan_atomics_helper+0x1f44/0x5450 [ 15.957251] kasan_check_range+0x10c/0x1c0 [ 15.957275] __kasan_check_write+0x18/0x20 [ 15.957298] kasan_atomics_helper+0x1f44/0x5450 [ 15.957321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.957344] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.957399] ? kasan_atomics+0x153/0x310 [ 15.957425] kasan_atomics+0x1dd/0x310 [ 15.957448] ? __pfx_kasan_atomics+0x10/0x10 [ 15.957472] ? __pfx_read_tsc+0x10/0x10 [ 15.957524] ? ktime_get_ts64+0x86/0x230 [ 15.957551] kunit_try_run_case+0x1a6/0x480 [ 15.957575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.957597] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.957620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.957675] ? __kthread_parkme+0x82/0x160 [ 15.957699] ? preempt_count_sub+0x50/0x80 [ 15.957725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.957754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.957781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.957849] kthread+0x324/0x6e0 [ 15.957872] ? trace_preempt_on+0x20/0xc0 [ 15.957897] ? __pfx_kthread+0x10/0x10 [ 15.957920] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.957944] ? calculate_sigpending+0x7b/0xa0 [ 15.957999] ? __pfx_kthread+0x10/0x10 [ 15.958024] ret_from_fork+0x41/0x80 [ 15.958044] ? __pfx_kthread+0x10/0x10 [ 15.958067] ret_from_fork_asm+0x1a/0x30 [ 15.958102] </TASK> [ 15.958116] [ 15.966114] Allocated by task 273: [ 15.966293] kasan_save_stack+0x45/0x70 [ 15.966545] kasan_save_track+0x18/0x40 [ 15.966752] kasan_save_alloc_info+0x3b/0x50 [ 15.966995] __kasan_kmalloc+0xb7/0xc0 [ 15.967256] __kmalloc_cache_noprof+0x18a/0x420 [ 15.967505] kasan_atomics+0x96/0x310 [ 15.967701] kunit_try_run_case+0x1a6/0x480 [ 15.967908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.968221] kthread+0x324/0x6e0 [ 15.968400] ret_from_fork+0x41/0x80 [ 15.968588] ret_from_fork_asm+0x1a/0x30 [ 15.968799] [ 15.968914] The buggy address belongs to the object at ffff888101b3e000 [ 15.968914] which belongs to the cache kmalloc-64 of size 64 [ 15.969463] The buggy address is located 0 bytes to the right of [ 15.969463] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.969921] [ 15.970021] The buggy address belongs to the physical page: [ 15.970309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.970575] flags: 0x200000000000000(node=0|zone=2) [ 15.970799] page_type: f5(slab) [ 15.970984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.971414] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.971694] page dumped because: kasan: bad access detected [ 15.971989] [ 15.972156] Memory state around the buggy address: [ 15.972315] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972645] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972962] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.973422] ^ [ 15.973657] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.973943] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.974334] ================================================================== [ 14.888955] ================================================================== [ 14.889386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 14.889667] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.889908] [ 14.889996] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.890042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.890080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.890289] Call Trace: [ 14.890328] <TASK> [ 14.890351] dump_stack_lvl+0x73/0xb0 [ 14.890383] print_report+0xd1/0x650 [ 14.890407] ? __virt_addr_valid+0x1db/0x2d0 [ 14.890430] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.890452] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.890479] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.890501] kasan_report+0x140/0x180 [ 14.890523] ? kasan_atomics_helper+0x4b56/0x5450 [ 14.890550] __asan_report_load4_noabort+0x18/0x20 [ 14.890575] kasan_atomics_helper+0x4b56/0x5450 [ 14.890599] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.890621] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.890647] ? kasan_atomics+0x153/0x310 [ 14.890673] kasan_atomics+0x1dd/0x310 [ 14.890696] ? __pfx_kasan_atomics+0x10/0x10 [ 14.890720] ? __pfx_read_tsc+0x10/0x10 [ 14.890743] ? ktime_get_ts64+0x86/0x230 [ 14.890771] kunit_try_run_case+0x1a6/0x480 [ 14.890795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.890818] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.890853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.890880] ? __kthread_parkme+0x82/0x160 [ 14.890903] ? preempt_count_sub+0x50/0x80 [ 14.890929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.890953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.890980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.891009] kthread+0x324/0x6e0 [ 14.891031] ? trace_preempt_on+0x20/0xc0 [ 14.891059] ? __pfx_kthread+0x10/0x10 [ 14.891194] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.891222] ? calculate_sigpending+0x7b/0xa0 [ 14.891245] ? __pfx_kthread+0x10/0x10 [ 14.891527] ret_from_fork+0x41/0x80 [ 14.891554] ? __pfx_kthread+0x10/0x10 [ 14.891597] ret_from_fork_asm+0x1a/0x30 [ 14.891747] </TASK> [ 14.891808] [ 14.903870] Allocated by task 273: [ 14.904201] kasan_save_stack+0x45/0x70 [ 14.904464] kasan_save_track+0x18/0x40 [ 14.904666] kasan_save_alloc_info+0x3b/0x50 [ 14.904868] __kasan_kmalloc+0xb7/0xc0 [ 14.905174] __kmalloc_cache_noprof+0x18a/0x420 [ 14.905402] kasan_atomics+0x96/0x310 [ 14.905580] kunit_try_run_case+0x1a6/0x480 [ 14.905779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.906209] kthread+0x324/0x6e0 [ 14.906414] ret_from_fork+0x41/0x80 [ 14.906622] ret_from_fork_asm+0x1a/0x30 [ 14.906826] [ 14.906943] The buggy address belongs to the object at ffff888101b3e000 [ 14.906943] which belongs to the cache kmalloc-64 of size 64 [ 14.907712] The buggy address is located 0 bytes to the right of [ 14.907712] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.908313] [ 14.908418] The buggy address belongs to the physical page: [ 14.908720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.909269] flags: 0x200000000000000(node=0|zone=2) [ 14.909505] page_type: f5(slab) [ 14.909641] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.910193] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.910495] page dumped because: kasan: bad access detected [ 14.910783] [ 14.910883] Memory state around the buggy address: [ 14.911372] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.911782] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.912285] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.912600] ^ [ 14.912819] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.913315] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.913645] ================================================================== [ 15.405958] ================================================================== [ 15.406444] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 15.406803] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.407175] [ 15.407273] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.407349] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.407364] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.407387] Call Trace: [ 15.407435] <TASK> [ 15.407458] dump_stack_lvl+0x73/0xb0 [ 15.407486] print_report+0xd1/0x650 [ 15.407509] ? __virt_addr_valid+0x1db/0x2d0 [ 15.407533] ? kasan_atomics_helper+0x1149/0x5450 [ 15.407554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.407581] ? kasan_atomics_helper+0x1149/0x5450 [ 15.407630] kasan_report+0x140/0x180 [ 15.407652] ? kasan_atomics_helper+0x1149/0x5450 [ 15.407678] kasan_check_range+0x10c/0x1c0 [ 15.407712] __kasan_check_write+0x18/0x20 [ 15.407736] kasan_atomics_helper+0x1149/0x5450 [ 15.407758] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.407781] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.407806] ? kasan_atomics+0x153/0x310 [ 15.407833] kasan_atomics+0x1dd/0x310 [ 15.407868] ? __pfx_kasan_atomics+0x10/0x10 [ 15.407892] ? __pfx_read_tsc+0x10/0x10 [ 15.407916] ? ktime_get_ts64+0x86/0x230 [ 15.407942] kunit_try_run_case+0x1a6/0x480 [ 15.407967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.408016] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.408040] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.408067] ? __kthread_parkme+0x82/0x160 [ 15.408101] ? preempt_count_sub+0x50/0x80 [ 15.408127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.408150] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.408177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.408232] kthread+0x324/0x6e0 [ 15.408254] ? trace_preempt_on+0x20/0xc0 [ 15.408305] ? __pfx_kthread+0x10/0x10 [ 15.408328] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.408352] ? calculate_sigpending+0x7b/0xa0 [ 15.408376] ? __pfx_kthread+0x10/0x10 [ 15.408399] ret_from_fork+0x41/0x80 [ 15.408419] ? __pfx_kthread+0x10/0x10 [ 15.408442] ret_from_fork_asm+0x1a/0x30 [ 15.408502] </TASK> [ 15.408514] [ 15.416647] Allocated by task 273: [ 15.416805] kasan_save_stack+0x45/0x70 [ 15.417027] kasan_save_track+0x18/0x40 [ 15.417275] kasan_save_alloc_info+0x3b/0x50 [ 15.417524] __kasan_kmalloc+0xb7/0xc0 [ 15.417715] __kmalloc_cache_noprof+0x18a/0x420 [ 15.417948] kasan_atomics+0x96/0x310 [ 15.418237] kunit_try_run_case+0x1a6/0x480 [ 15.418451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.418717] kthread+0x324/0x6e0 [ 15.418914] ret_from_fork+0x41/0x80 [ 15.419073] ret_from_fork_asm+0x1a/0x30 [ 15.419334] [ 15.419441] The buggy address belongs to the object at ffff888101b3e000 [ 15.419441] which belongs to the cache kmalloc-64 of size 64 [ 15.420044] The buggy address is located 0 bytes to the right of [ 15.420044] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.420590] [ 15.420720] The buggy address belongs to the physical page: [ 15.420985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.421281] flags: 0x200000000000000(node=0|zone=2) [ 15.421444] page_type: f5(slab) [ 15.421568] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.421888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.422456] page dumped because: kasan: bad access detected [ 15.422758] [ 15.422901] Memory state around the buggy address: [ 15.423301] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423681] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423903] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.424342] ^ [ 15.424586] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.424913] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.425312] ================================================================== [ 15.284606] ================================================================== [ 15.285031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 15.285404] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.285718] [ 15.285817] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.285874] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.285888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.285924] Call Trace: [ 15.285946] <TASK> [ 15.285971] dump_stack_lvl+0x73/0xb0 [ 15.286011] print_report+0xd1/0x650 [ 15.286034] ? __virt_addr_valid+0x1db/0x2d0 [ 15.286059] ? kasan_atomics_helper+0xe79/0x5450 [ 15.286081] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.286107] ? kasan_atomics_helper+0xe79/0x5450 [ 15.286129] kasan_report+0x140/0x180 [ 15.286152] ? kasan_atomics_helper+0xe79/0x5450 [ 15.286177] kasan_check_range+0x10c/0x1c0 [ 15.286202] __kasan_check_write+0x18/0x20 [ 15.286225] kasan_atomics_helper+0xe79/0x5450 [ 15.286248] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.286270] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.286296] ? kasan_atomics+0x153/0x310 [ 15.286323] kasan_atomics+0x1dd/0x310 [ 15.286367] ? __pfx_kasan_atomics+0x10/0x10 [ 15.286391] ? __pfx_read_tsc+0x10/0x10 [ 15.286425] ? ktime_get_ts64+0x86/0x230 [ 15.286453] kunit_try_run_case+0x1a6/0x480 [ 15.286477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.286498] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.286522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.286547] ? __kthread_parkme+0x82/0x160 [ 15.286572] ? preempt_count_sub+0x50/0x80 [ 15.286598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.286621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.286647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.286683] kthread+0x324/0x6e0 [ 15.286706] ? trace_preempt_on+0x20/0xc0 [ 15.286730] ? __pfx_kthread+0x10/0x10 [ 15.286763] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.286788] ? calculate_sigpending+0x7b/0xa0 [ 15.286810] ? __pfx_kthread+0x10/0x10 [ 15.286843] ret_from_fork+0x41/0x80 [ 15.286871] ? __pfx_kthread+0x10/0x10 [ 15.286895] ret_from_fork_asm+0x1a/0x30 [ 15.286927] </TASK> [ 15.286950] [ 15.294645] Allocated by task 273: [ 15.294855] kasan_save_stack+0x45/0x70 [ 15.295019] kasan_save_track+0x18/0x40 [ 15.295388] kasan_save_alloc_info+0x3b/0x50 [ 15.295625] __kasan_kmalloc+0xb7/0xc0 [ 15.295805] __kmalloc_cache_noprof+0x18a/0x420 [ 15.296007] kasan_atomics+0x96/0x310 [ 15.296303] kunit_try_run_case+0x1a6/0x480 [ 15.296517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.296696] kthread+0x324/0x6e0 [ 15.296870] ret_from_fork+0x41/0x80 [ 15.297063] ret_from_fork_asm+0x1a/0x30 [ 15.297267] [ 15.297365] The buggy address belongs to the object at ffff888101b3e000 [ 15.297365] which belongs to the cache kmalloc-64 of size 64 [ 15.297897] The buggy address is located 0 bytes to the right of [ 15.297897] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.298446] [ 15.298549] The buggy address belongs to the physical page: [ 15.298764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.299086] flags: 0x200000000000000(node=0|zone=2) [ 15.299318] page_type: f5(slab) [ 15.299449] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.299780] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.300110] page dumped because: kasan: bad access detected [ 15.300358] [ 15.300466] Memory state around the buggy address: [ 15.300679] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301006] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.301361] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.301671] ^ [ 15.301898] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302115] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.302329] ================================================================== [ 14.981370] ================================================================== [ 14.981730] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 14.982187] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.982521] [ 14.982619] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.982664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.982678] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.982702] Call Trace: [ 14.982752] <TASK> [ 14.982774] dump_stack_lvl+0x73/0xb0 [ 14.982804] print_report+0xd1/0x650 [ 14.982827] ? __virt_addr_valid+0x1db/0x2d0 [ 14.982867] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.982887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.982914] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.982935] kasan_report+0x140/0x180 [ 14.982958] ? kasan_atomics_helper+0x5ff/0x5450 [ 14.982983] kasan_check_range+0x10c/0x1c0 [ 14.983007] __kasan_check_write+0x18/0x20 [ 14.983029] kasan_atomics_helper+0x5ff/0x5450 [ 14.983062] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.983085] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.983111] ? kasan_atomics+0x153/0x310 [ 14.983155] kasan_atomics+0x1dd/0x310 [ 14.983191] ? __pfx_kasan_atomics+0x10/0x10 [ 14.983215] ? __pfx_read_tsc+0x10/0x10 [ 14.983252] ? ktime_get_ts64+0x86/0x230 [ 14.983305] kunit_try_run_case+0x1a6/0x480 [ 14.983343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.983378] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.983419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.983459] ? __kthread_parkme+0x82/0x160 [ 14.983483] ? preempt_count_sub+0x50/0x80 [ 14.983510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.983533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.983559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.983587] kthread+0x324/0x6e0 [ 14.983610] ? trace_preempt_on+0x20/0xc0 [ 14.983634] ? __pfx_kthread+0x10/0x10 [ 14.983658] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.983682] ? calculate_sigpending+0x7b/0xa0 [ 14.983706] ? __pfx_kthread+0x10/0x10 [ 14.983729] ret_from_fork+0x41/0x80 [ 14.983749] ? __pfx_kthread+0x10/0x10 [ 14.983772] ret_from_fork_asm+0x1a/0x30 [ 14.983805] </TASK> [ 14.983817] [ 14.991631] Allocated by task 273: [ 14.991793] kasan_save_stack+0x45/0x70 [ 14.991995] kasan_save_track+0x18/0x40 [ 14.992134] kasan_save_alloc_info+0x3b/0x50 [ 14.992284] __kasan_kmalloc+0xb7/0xc0 [ 14.992416] __kmalloc_cache_noprof+0x18a/0x420 [ 14.992573] kasan_atomics+0x96/0x310 [ 14.992706] kunit_try_run_case+0x1a6/0x480 [ 14.992862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.993241] kthread+0x324/0x6e0 [ 14.993420] ret_from_fork+0x41/0x80 [ 14.993730] ret_from_fork_asm+0x1a/0x30 [ 14.993964] [ 14.994063] The buggy address belongs to the object at ffff888101b3e000 [ 14.994063] which belongs to the cache kmalloc-64 of size 64 [ 14.994816] The buggy address is located 0 bytes to the right of [ 14.994816] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.995544] [ 14.995623] The buggy address belongs to the physical page: [ 14.995832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.996087] flags: 0x200000000000000(node=0|zone=2) [ 14.996274] page_type: f5(slab) [ 14.996606] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.996951] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.997412] page dumped because: kasan: bad access detected [ 14.997650] [ 14.997719] Memory state around the buggy address: [ 14.997888] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998099] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.998307] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.998513] ^ [ 14.998663] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.999033] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.999573] ================================================================== [ 15.445783] ================================================================== [ 15.446297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 15.446685] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.447026] [ 15.447176] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.447234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.447248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.447271] Call Trace: [ 15.447311] <TASK> [ 15.447334] dump_stack_lvl+0x73/0xb0 [ 15.447363] print_report+0xd1/0x650 [ 15.447386] ? __virt_addr_valid+0x1db/0x2d0 [ 15.447410] ? kasan_atomics_helper+0x1218/0x5450 [ 15.447431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.447481] ? kasan_atomics_helper+0x1218/0x5450 [ 15.447503] kasan_report+0x140/0x180 [ 15.447536] ? kasan_atomics_helper+0x1218/0x5450 [ 15.447562] kasan_check_range+0x10c/0x1c0 [ 15.447587] __kasan_check_write+0x18/0x20 [ 15.447639] kasan_atomics_helper+0x1218/0x5450 [ 15.447662] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.447684] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.447720] ? kasan_atomics+0x153/0x310 [ 15.447746] kasan_atomics+0x1dd/0x310 [ 15.447793] ? __pfx_kasan_atomics+0x10/0x10 [ 15.447817] ? __pfx_read_tsc+0x10/0x10 [ 15.447856] ? ktime_get_ts64+0x86/0x230 [ 15.447884] kunit_try_run_case+0x1a6/0x480 [ 15.447909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.447931] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.447955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.448008] ? __kthread_parkme+0x82/0x160 [ 15.448070] ? preempt_count_sub+0x50/0x80 [ 15.448097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.448122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.448160] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.448186] kthread+0x324/0x6e0 [ 15.448209] ? trace_preempt_on+0x20/0xc0 [ 15.448234] ? __pfx_kthread+0x10/0x10 [ 15.448257] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.448282] ? calculate_sigpending+0x7b/0xa0 [ 15.448305] ? __pfx_kthread+0x10/0x10 [ 15.448328] ret_from_fork+0x41/0x80 [ 15.448348] ? __pfx_kthread+0x10/0x10 [ 15.448371] ret_from_fork_asm+0x1a/0x30 [ 15.448431] </TASK> [ 15.448444] [ 15.457130] Allocated by task 273: [ 15.457518] kasan_save_stack+0x45/0x70 [ 15.457748] kasan_save_track+0x18/0x40 [ 15.457945] kasan_save_alloc_info+0x3b/0x50 [ 15.458092] __kasan_kmalloc+0xb7/0xc0 [ 15.458221] __kmalloc_cache_noprof+0x18a/0x420 [ 15.458395] kasan_atomics+0x96/0x310 [ 15.458703] kunit_try_run_case+0x1a6/0x480 [ 15.459095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.459410] kthread+0x324/0x6e0 [ 15.459585] ret_from_fork+0x41/0x80 [ 15.459767] ret_from_fork_asm+0x1a/0x30 [ 15.459938] [ 15.460011] The buggy address belongs to the object at ffff888101b3e000 [ 15.460011] which belongs to the cache kmalloc-64 of size 64 [ 15.460589] The buggy address is located 0 bytes to the right of [ 15.460589] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.461077] [ 15.461218] The buggy address belongs to the physical page: [ 15.461477] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.461891] flags: 0x200000000000000(node=0|zone=2) [ 15.462139] page_type: f5(slab) [ 15.462350] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.462722] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.463120] page dumped because: kasan: bad access detected [ 15.463421] [ 15.463567] Memory state around the buggy address: [ 15.463816] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.464242] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.464538] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.464886] ^ [ 15.465227] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465576] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.465913] ================================================================== [ 14.943150] ================================================================== [ 14.943550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 14.944036] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.944352] [ 14.944486] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.944548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.944575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.944599] Call Trace: [ 14.944623] <TASK> [ 14.944646] dump_stack_lvl+0x73/0xb0 [ 14.944704] print_report+0xd1/0x650 [ 14.944729] ? __virt_addr_valid+0x1db/0x2d0 [ 14.944753] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.944775] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.944803] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.944825] kasan_report+0x140/0x180 [ 14.944858] ? kasan_atomics_helper+0x4b3c/0x5450 [ 14.944884] __asan_report_store4_noabort+0x1b/0x30 [ 14.944908] kasan_atomics_helper+0x4b3c/0x5450 [ 14.944931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.944953] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.944979] ? kasan_atomics+0x153/0x310 [ 14.945013] kasan_atomics+0x1dd/0x310 [ 14.945035] ? __pfx_kasan_atomics+0x10/0x10 [ 14.945070] ? __pfx_read_tsc+0x10/0x10 [ 14.945093] ? ktime_get_ts64+0x86/0x230 [ 14.945120] kunit_try_run_case+0x1a6/0x480 [ 14.945145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945167] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.945190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.945217] ? __kthread_parkme+0x82/0x160 [ 14.945240] ? preempt_count_sub+0x50/0x80 [ 14.945267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945291] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945318] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.945345] kthread+0x324/0x6e0 [ 14.945368] ? trace_preempt_on+0x20/0xc0 [ 14.945393] ? __pfx_kthread+0x10/0x10 [ 14.945426] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.945605] ? calculate_sigpending+0x7b/0xa0 [ 14.945629] ? __pfx_kthread+0x10/0x10 [ 14.945654] ret_from_fork+0x41/0x80 [ 14.945674] ? __pfx_kthread+0x10/0x10 [ 14.945697] ret_from_fork_asm+0x1a/0x30 [ 14.945730] </TASK> [ 14.945748] [ 14.953583] Allocated by task 273: [ 14.953791] kasan_save_stack+0x45/0x70 [ 14.954018] kasan_save_track+0x18/0x40 [ 14.954262] kasan_save_alloc_info+0x3b/0x50 [ 14.954476] __kasan_kmalloc+0xb7/0xc0 [ 14.954695] __kmalloc_cache_noprof+0x18a/0x420 [ 14.954929] kasan_atomics+0x96/0x310 [ 14.955126] kunit_try_run_case+0x1a6/0x480 [ 14.955304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.955590] kthread+0x324/0x6e0 [ 14.955824] ret_from_fork+0x41/0x80 [ 14.956030] ret_from_fork_asm+0x1a/0x30 [ 14.956230] [ 14.956328] The buggy address belongs to the object at ffff888101b3e000 [ 14.956328] which belongs to the cache kmalloc-64 of size 64 [ 14.956862] The buggy address is located 0 bytes to the right of [ 14.956862] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.957403] [ 14.957503] The buggy address belongs to the physical page: [ 14.957679] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.957928] flags: 0x200000000000000(node=0|zone=2) [ 14.958091] page_type: f5(slab) [ 14.958276] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.958637] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.959027] page dumped because: kasan: bad access detected [ 14.959314] [ 14.959411] Memory state around the buggy address: [ 14.959654] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.959950] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.960410] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.960747] ^ [ 14.961007] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961312] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961673] ================================================================== [ 15.570603] ================================================================== [ 15.570960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 15.571253] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.571478] [ 15.571563] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.571608] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.571621] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.571644] Call Trace: [ 15.571665] <TASK> [ 15.571684] dump_stack_lvl+0x73/0xb0 [ 15.571712] print_report+0xd1/0x650 [ 15.571734] ? __virt_addr_valid+0x1db/0x2d0 [ 15.571758] ? kasan_atomics_helper+0x1468/0x5450 [ 15.571781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.571807] ? kasan_atomics_helper+0x1468/0x5450 [ 15.571829] kasan_report+0x140/0x180 [ 15.571862] ? kasan_atomics_helper+0x1468/0x5450 [ 15.571887] kasan_check_range+0x10c/0x1c0 [ 15.571929] __kasan_check_write+0x18/0x20 [ 15.571953] kasan_atomics_helper+0x1468/0x5450 [ 15.571976] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.571998] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.572024] ? kasan_atomics+0x153/0x310 [ 15.572050] kasan_atomics+0x1dd/0x310 [ 15.572073] ? __pfx_kasan_atomics+0x10/0x10 [ 15.572097] ? __pfx_read_tsc+0x10/0x10 [ 15.572120] ? ktime_get_ts64+0x86/0x230 [ 15.572153] kunit_try_run_case+0x1a6/0x480 [ 15.572178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572199] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.572222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.572248] ? __kthread_parkme+0x82/0x160 [ 15.572272] ? preempt_count_sub+0x50/0x80 [ 15.572297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.572374] kthread+0x324/0x6e0 [ 15.572396] ? trace_preempt_on+0x20/0xc0 [ 15.572421] ? __pfx_kthread+0x10/0x10 [ 15.572443] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.572468] ? calculate_sigpending+0x7b/0xa0 [ 15.572490] ? __pfx_kthread+0x10/0x10 [ 15.572514] ret_from_fork+0x41/0x80 [ 15.572533] ? __pfx_kthread+0x10/0x10 [ 15.572556] ret_from_fork_asm+0x1a/0x30 [ 15.572588] </TASK> [ 15.572599] [ 15.580346] Allocated by task 273: [ 15.580503] kasan_save_stack+0x45/0x70 [ 15.580662] kasan_save_track+0x18/0x40 [ 15.580833] kasan_save_alloc_info+0x3b/0x50 [ 15.581063] __kasan_kmalloc+0xb7/0xc0 [ 15.581253] __kmalloc_cache_noprof+0x18a/0x420 [ 15.581452] kasan_atomics+0x96/0x310 [ 15.581624] kunit_try_run_case+0x1a6/0x480 [ 15.581809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.582062] kthread+0x324/0x6e0 [ 15.582226] ret_from_fork+0x41/0x80 [ 15.582401] ret_from_fork_asm+0x1a/0x30 [ 15.582555] [ 15.582632] The buggy address belongs to the object at ffff888101b3e000 [ 15.582632] which belongs to the cache kmalloc-64 of size 64 [ 15.583283] The buggy address is located 0 bytes to the right of [ 15.583283] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.583690] [ 15.583765] The buggy address belongs to the physical page: [ 15.585149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.585958] flags: 0x200000000000000(node=0|zone=2) [ 15.586535] page_type: f5(slab) [ 15.586869] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.587165] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.587388] page dumped because: kasan: bad access detected [ 15.587554] [ 15.587626] Memory state around the buggy address: [ 15.587782] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588011] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.588708] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.589402] ^ [ 15.589862] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.590491] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.591168] ================================================================== [ 14.867776] ================================================================== [ 14.868253] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 14.868623] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.868860] [ 14.868949] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.868993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.869007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.869030] Call Trace: [ 14.869051] <TASK> [ 14.869071] dump_stack_lvl+0x73/0xb0 [ 14.869098] print_report+0xd1/0x650 [ 14.869120] ? __virt_addr_valid+0x1db/0x2d0 [ 14.869144] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.869167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.869193] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.869215] kasan_report+0x140/0x180 [ 14.869238] ? kasan_atomics_helper+0x3e0/0x5450 [ 14.869263] kasan_check_range+0x10c/0x1c0 [ 14.869287] __kasan_check_read+0x15/0x20 [ 14.869311] kasan_atomics_helper+0x3e0/0x5450 [ 14.869334] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.869356] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.869382] ? kasan_atomics+0x153/0x310 [ 14.869408] kasan_atomics+0x1dd/0x310 [ 14.869432] ? __pfx_kasan_atomics+0x10/0x10 [ 14.869456] ? __pfx_read_tsc+0x10/0x10 [ 14.869478] ? ktime_get_ts64+0x86/0x230 [ 14.869529] kunit_try_run_case+0x1a6/0x480 [ 14.869554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.869577] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.869617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.869658] ? __kthread_parkme+0x82/0x160 [ 14.869695] ? preempt_count_sub+0x50/0x80 [ 14.869734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.869765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.869805] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.869857] kthread+0x324/0x6e0 [ 14.869894] ? trace_preempt_on+0x20/0xc0 [ 14.869933] ? __pfx_kthread+0x10/0x10 [ 14.869969] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.870020] ? calculate_sigpending+0x7b/0xa0 [ 14.870043] ? __pfx_kthread+0x10/0x10 [ 14.870078] ret_from_fork+0x41/0x80 [ 14.870098] ? __pfx_kthread+0x10/0x10 [ 14.870121] ret_from_fork_asm+0x1a/0x30 [ 14.870153] </TASK> [ 14.870165] [ 14.879402] Allocated by task 273: [ 14.879649] kasan_save_stack+0x45/0x70 [ 14.879884] kasan_save_track+0x18/0x40 [ 14.880151] kasan_save_alloc_info+0x3b/0x50 [ 14.880340] __kasan_kmalloc+0xb7/0xc0 [ 14.880537] __kmalloc_cache_noprof+0x18a/0x420 [ 14.880746] kasan_atomics+0x96/0x310 [ 14.880971] kunit_try_run_case+0x1a6/0x480 [ 14.881227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.881462] kthread+0x324/0x6e0 [ 14.881632] ret_from_fork+0x41/0x80 [ 14.881782] ret_from_fork_asm+0x1a/0x30 [ 14.881987] [ 14.882181] The buggy address belongs to the object at ffff888101b3e000 [ 14.882181] which belongs to the cache kmalloc-64 of size 64 [ 14.882819] The buggy address is located 0 bytes to the right of [ 14.882819] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.883378] [ 14.883480] The buggy address belongs to the physical page: [ 14.883749] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.884126] flags: 0x200000000000000(node=0|zone=2) [ 14.884357] page_type: f5(slab) [ 14.884532] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.884874] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.885309] page dumped because: kasan: bad access detected [ 14.885539] [ 14.885648] Memory state around the buggy address: [ 14.885886] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.886358] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.886740] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.887091] ^ [ 14.887297] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.887582] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.888089] ================================================================== [ 15.635241] ================================================================== [ 15.635740] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 15.636143] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.636438] [ 15.636577] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.636627] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.636640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.636664] Call Trace: [ 15.636691] <TASK> [ 15.636718] dump_stack_lvl+0x73/0xb0 [ 15.636751] print_report+0xd1/0x650 [ 15.636775] ? __virt_addr_valid+0x1db/0x2d0 [ 15.636801] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.636823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.636861] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.636883] kasan_report+0x140/0x180 [ 15.636906] ? kasan_atomics_helper+0x15b7/0x5450 [ 15.636932] kasan_check_range+0x10c/0x1c0 [ 15.636955] __kasan_check_write+0x18/0x20 [ 15.636978] kasan_atomics_helper+0x15b7/0x5450 [ 15.637001] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.637023] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.637049] ? kasan_atomics+0x153/0x310 [ 15.637075] kasan_atomics+0x1dd/0x310 [ 15.637098] ? __pfx_kasan_atomics+0x10/0x10 [ 15.637121] ? __pfx_read_tsc+0x10/0x10 [ 15.637144] ? ktime_get_ts64+0x86/0x230 [ 15.637171] kunit_try_run_case+0x1a6/0x480 [ 15.637195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.637241] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.637265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.637290] ? __kthread_parkme+0x82/0x160 [ 15.637315] ? preempt_count_sub+0x50/0x80 [ 15.637342] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.637365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.637429] kthread+0x324/0x6e0 [ 15.637451] ? trace_preempt_on+0x20/0xc0 [ 15.637476] ? __pfx_kthread+0x10/0x10 [ 15.637499] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.637523] ? calculate_sigpending+0x7b/0xa0 [ 15.637547] ? __pfx_kthread+0x10/0x10 [ 15.637571] ret_from_fork+0x41/0x80 [ 15.637591] ? __pfx_kthread+0x10/0x10 [ 15.637614] ret_from_fork_asm+0x1a/0x30 [ 15.637647] </TASK> [ 15.637659] [ 15.645169] Allocated by task 273: [ 15.645399] kasan_save_stack+0x45/0x70 [ 15.645636] kasan_save_track+0x18/0x40 [ 15.645870] kasan_save_alloc_info+0x3b/0x50 [ 15.646133] __kasan_kmalloc+0xb7/0xc0 [ 15.646340] __kmalloc_cache_noprof+0x18a/0x420 [ 15.646498] kasan_atomics+0x96/0x310 [ 15.646632] kunit_try_run_case+0x1a6/0x480 [ 15.646850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.647244] kthread+0x324/0x6e0 [ 15.647422] ret_from_fork+0x41/0x80 [ 15.647598] ret_from_fork_asm+0x1a/0x30 [ 15.647793] [ 15.647910] The buggy address belongs to the object at ffff888101b3e000 [ 15.647910] which belongs to the cache kmalloc-64 of size 64 [ 15.648461] The buggy address is located 0 bytes to the right of [ 15.648461] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.648977] [ 15.649100] The buggy address belongs to the physical page: [ 15.649355] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.649598] flags: 0x200000000000000(node=0|zone=2) [ 15.649772] page_type: f5(slab) [ 15.649914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.650146] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.650707] page dumped because: kasan: bad access detected [ 15.650968] [ 15.651063] Memory state around the buggy address: [ 15.651286] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.651904] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.652119] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.652344] ^ [ 15.652498] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.652707] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653392] ================================================================== [ 15.675205] ================================================================== [ 15.675476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 15.675829] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.676171] [ 15.676285] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.676333] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.676347] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.676371] Call Trace: [ 15.676395] <TASK> [ 15.676419] dump_stack_lvl+0x73/0xb0 [ 15.676448] print_report+0xd1/0x650 [ 15.676472] ? __virt_addr_valid+0x1db/0x2d0 [ 15.676495] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.676516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.676543] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.676564] kasan_report+0x140/0x180 [ 15.676587] ? kasan_atomics_helper+0x16e8/0x5450 [ 15.676612] kasan_check_range+0x10c/0x1c0 [ 15.676636] __kasan_check_write+0x18/0x20 [ 15.676660] kasan_atomics_helper+0x16e8/0x5450 [ 15.676682] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.676704] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.676729] ? kasan_atomics+0x153/0x310 [ 15.676756] kasan_atomics+0x1dd/0x310 [ 15.676778] ? __pfx_kasan_atomics+0x10/0x10 [ 15.676802] ? __pfx_read_tsc+0x10/0x10 [ 15.676826] ? ktime_get_ts64+0x86/0x230 [ 15.676866] kunit_try_run_case+0x1a6/0x480 [ 15.676891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.676913] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.676935] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.676961] ? __kthread_parkme+0x82/0x160 [ 15.676985] ? preempt_count_sub+0x50/0x80 [ 15.677014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.677037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.677075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.677102] kthread+0x324/0x6e0 [ 15.677124] ? trace_preempt_on+0x20/0xc0 [ 15.677149] ? __pfx_kthread+0x10/0x10 [ 15.677172] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.677196] ? calculate_sigpending+0x7b/0xa0 [ 15.677219] ? __pfx_kthread+0x10/0x10 [ 15.677242] ret_from_fork+0x41/0x80 [ 15.677262] ? __pfx_kthread+0x10/0x10 [ 15.677286] ret_from_fork_asm+0x1a/0x30 [ 15.677318] </TASK> [ 15.677329] [ 15.684439] Allocated by task 273: [ 15.684617] kasan_save_stack+0x45/0x70 [ 15.684826] kasan_save_track+0x18/0x40 [ 15.685025] kasan_save_alloc_info+0x3b/0x50 [ 15.685239] __kasan_kmalloc+0xb7/0xc0 [ 15.685425] __kmalloc_cache_noprof+0x18a/0x420 [ 15.685651] kasan_atomics+0x96/0x310 [ 15.685973] kunit_try_run_case+0x1a6/0x480 [ 15.686211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.686390] kthread+0x324/0x6e0 [ 15.686515] ret_from_fork+0x41/0x80 [ 15.686692] ret_from_fork_asm+0x1a/0x30 [ 15.686901] [ 15.686999] The buggy address belongs to the object at ffff888101b3e000 [ 15.686999] which belongs to the cache kmalloc-64 of size 64 [ 15.687820] The buggy address is located 0 bytes to the right of [ 15.687820] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.688421] [ 15.688500] The buggy address belongs to the physical page: [ 15.688720] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.689040] flags: 0x200000000000000(node=0|zone=2) [ 15.689251] page_type: f5(slab) [ 15.689424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.689759] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.690066] page dumped because: kasan: bad access detected [ 15.690262] [ 15.690333] Memory state around the buggy address: [ 15.690492] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.690710] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.692228] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.692910] ^ [ 15.693507] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.694393] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.695063] ================================================================== [ 16.060914] ================================================================== [ 16.061387] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 16.061717] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.062033] [ 16.062363] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.062638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.062656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.062681] Call Trace: [ 16.062703] <TASK> [ 16.062728] dump_stack_lvl+0x73/0xb0 [ 16.062804] print_report+0xd1/0x650 [ 16.062830] ? __virt_addr_valid+0x1db/0x2d0 [ 16.062864] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.062886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.062912] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.062934] kasan_report+0x140/0x180 [ 16.062957] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.062983] __asan_report_load8_noabort+0x18/0x20 [ 16.063007] kasan_atomics_helper+0x4fb4/0x5450 [ 16.063031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.063054] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.063080] ? kasan_atomics+0x153/0x310 [ 16.063106] kasan_atomics+0x1dd/0x310 [ 16.063128] ? __pfx_kasan_atomics+0x10/0x10 [ 16.063153] ? __pfx_read_tsc+0x10/0x10 [ 16.063175] ? ktime_get_ts64+0x86/0x230 [ 16.063203] kunit_try_run_case+0x1a6/0x480 [ 16.063228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063250] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.063277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.063302] ? __kthread_parkme+0x82/0x160 [ 16.063326] ? preempt_count_sub+0x50/0x80 [ 16.063353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.063404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.063430] kthread+0x324/0x6e0 [ 16.063452] ? trace_preempt_on+0x20/0xc0 [ 16.063477] ? __pfx_kthread+0x10/0x10 [ 16.063500] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.063524] ? calculate_sigpending+0x7b/0xa0 [ 16.063548] ? __pfx_kthread+0x10/0x10 [ 16.063572] ret_from_fork+0x41/0x80 [ 16.063592] ? __pfx_kthread+0x10/0x10 [ 16.063615] ret_from_fork_asm+0x1a/0x30 [ 16.063648] </TASK> [ 16.063660] [ 16.074351] Allocated by task 273: [ 16.074674] kasan_save_stack+0x45/0x70 [ 16.075086] kasan_save_track+0x18/0x40 [ 16.075280] kasan_save_alloc_info+0x3b/0x50 [ 16.075469] __kasan_kmalloc+0xb7/0xc0 [ 16.075638] __kmalloc_cache_noprof+0x18a/0x420 [ 16.075832] kasan_atomics+0x96/0x310 [ 16.075974] kunit_try_run_case+0x1a6/0x480 [ 16.076183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.076423] kthread+0x324/0x6e0 [ 16.076548] ret_from_fork+0x41/0x80 [ 16.076706] ret_from_fork_asm+0x1a/0x30 [ 16.076914] [ 16.077013] The buggy address belongs to the object at ffff888101b3e000 [ 16.077013] which belongs to the cache kmalloc-64 of size 64 [ 16.077489] The buggy address is located 0 bytes to the right of [ 16.077489] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.078105] [ 16.078229] The buggy address belongs to the physical page: [ 16.078447] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.078757] flags: 0x200000000000000(node=0|zone=2) [ 16.078972] page_type: f5(slab) [ 16.079144] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.079460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.079740] page dumped because: kasan: bad access detected [ 16.079976] [ 16.080046] Memory state around the buggy address: [ 16.080204] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.080479] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.080924] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.081164] ^ [ 16.081317] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081628] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.081963] ================================================================== [ 15.000254] ================================================================== [ 15.000608] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 15.000966] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.001309] [ 15.001418] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.001463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.001476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.001500] Call Trace: [ 15.001521] <TASK> [ 15.001543] dump_stack_lvl+0x73/0xb0 [ 15.001571] print_report+0xd1/0x650 [ 15.001594] ? __virt_addr_valid+0x1db/0x2d0 [ 15.001617] ? kasan_atomics_helper+0x698/0x5450 [ 15.001640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.001665] ? kasan_atomics_helper+0x698/0x5450 [ 15.001708] kasan_report+0x140/0x180 [ 15.001731] ? kasan_atomics_helper+0x698/0x5450 [ 15.001762] kasan_check_range+0x10c/0x1c0 [ 15.001786] __kasan_check_write+0x18/0x20 [ 15.001809] kasan_atomics_helper+0x698/0x5450 [ 15.001831] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.001864] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.001889] ? kasan_atomics+0x153/0x310 [ 15.001915] kasan_atomics+0x1dd/0x310 [ 15.001937] ? __pfx_kasan_atomics+0x10/0x10 [ 15.001962] ? __pfx_read_tsc+0x10/0x10 [ 15.001984] ? ktime_get_ts64+0x86/0x230 [ 15.002010] kunit_try_run_case+0x1a6/0x480 [ 15.002035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.002067] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.002090] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.002116] ? __kthread_parkme+0x82/0x160 [ 15.002140] ? preempt_count_sub+0x50/0x80 [ 15.002166] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.002190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.002218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.002244] kthread+0x324/0x6e0 [ 15.002267] ? trace_preempt_on+0x20/0xc0 [ 15.002292] ? __pfx_kthread+0x10/0x10 [ 15.002315] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.002339] ? calculate_sigpending+0x7b/0xa0 [ 15.002362] ? __pfx_kthread+0x10/0x10 [ 15.002385] ret_from_fork+0x41/0x80 [ 15.002405] ? __pfx_kthread+0x10/0x10 [ 15.002428] ret_from_fork_asm+0x1a/0x30 [ 15.002461] </TASK> [ 15.002473] [ 15.009894] Allocated by task 273: [ 15.010052] kasan_save_stack+0x45/0x70 [ 15.010213] kasan_save_track+0x18/0x40 [ 15.010349] kasan_save_alloc_info+0x3b/0x50 [ 15.010498] __kasan_kmalloc+0xb7/0xc0 [ 15.010703] __kmalloc_cache_noprof+0x18a/0x420 [ 15.010941] kasan_atomics+0x96/0x310 [ 15.011128] kunit_try_run_case+0x1a6/0x480 [ 15.011339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.011602] kthread+0x324/0x6e0 [ 15.011791] ret_from_fork+0x41/0x80 [ 15.011986] ret_from_fork_asm+0x1a/0x30 [ 15.012194] [ 15.012299] The buggy address belongs to the object at ffff888101b3e000 [ 15.012299] which belongs to the cache kmalloc-64 of size 64 [ 15.012826] The buggy address is located 0 bytes to the right of [ 15.012826] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.013297] [ 15.013373] The buggy address belongs to the physical page: [ 15.013550] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.013935] flags: 0x200000000000000(node=0|zone=2) [ 15.014326] page_type: f5(slab) [ 15.014511] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.014784] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.015190] page dumped because: kasan: bad access detected [ 15.015405] [ 15.015501] Memory state around the buggy address: [ 15.015694] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016005] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.016307] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.016584] ^ [ 15.016791] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017069] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.017375] ================================================================== [ 14.914266] ================================================================== [ 14.914665] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 14.915226] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.915665] [ 14.915784] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.915832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.915884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.915908] Call Trace: [ 14.915942] <TASK> [ 14.915964] dump_stack_lvl+0x73/0xb0 [ 14.916015] print_report+0xd1/0x650 [ 14.916045] ? __virt_addr_valid+0x1db/0x2d0 [ 14.916069] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.916091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.916117] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.916139] kasan_report+0x140/0x180 [ 14.916163] ? kasan_atomics_helper+0x4a1/0x5450 [ 14.916188] kasan_check_range+0x10c/0x1c0 [ 14.916211] __kasan_check_write+0x18/0x20 [ 14.916235] kasan_atomics_helper+0x4a1/0x5450 [ 14.916258] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.916280] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.916307] ? kasan_atomics+0x153/0x310 [ 14.916333] kasan_atomics+0x1dd/0x310 [ 14.916357] ? __pfx_kasan_atomics+0x10/0x10 [ 14.916381] ? __pfx_read_tsc+0x10/0x10 [ 14.916404] ? ktime_get_ts64+0x86/0x230 [ 14.916432] kunit_try_run_case+0x1a6/0x480 [ 14.916457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916480] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.916503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.916530] ? __kthread_parkme+0x82/0x160 [ 14.916554] ? preempt_count_sub+0x50/0x80 [ 14.916580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.916605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.916632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.916660] kthread+0x324/0x6e0 [ 14.916684] ? trace_preempt_on+0x20/0xc0 [ 14.916710] ? __pfx_kthread+0x10/0x10 [ 14.916734] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.916759] ? calculate_sigpending+0x7b/0xa0 [ 14.916783] ? __pfx_kthread+0x10/0x10 [ 14.916807] ret_from_fork+0x41/0x80 [ 14.916830] ? __pfx_kthread+0x10/0x10 [ 14.916868] ret_from_fork_asm+0x1a/0x30 [ 14.916902] </TASK> [ 14.917023] [ 14.931647] Allocated by task 273: [ 14.932240] kasan_save_stack+0x45/0x70 [ 14.932581] kasan_save_track+0x18/0x40 [ 14.932735] kasan_save_alloc_info+0x3b/0x50 [ 14.932898] __kasan_kmalloc+0xb7/0xc0 [ 14.933036] __kmalloc_cache_noprof+0x18a/0x420 [ 14.933617] kasan_atomics+0x96/0x310 [ 14.933761] kunit_try_run_case+0x1a6/0x480 [ 14.933997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.934177] kthread+0x324/0x6e0 [ 14.934525] ret_from_fork+0x41/0x80 [ 14.934938] ret_from_fork_asm+0x1a/0x30 [ 14.935452] [ 14.935619] The buggy address belongs to the object at ffff888101b3e000 [ 14.935619] which belongs to the cache kmalloc-64 of size 64 [ 14.936716] The buggy address is located 0 bytes to the right of [ 14.936716] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.937505] [ 14.937724] The buggy address belongs to the physical page: [ 14.938263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.939053] flags: 0x200000000000000(node=0|zone=2) [ 14.939226] page_type: f5(slab) [ 14.939371] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.939603] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.939822] page dumped because: kasan: bad access detected [ 14.940005] [ 14.940127] Memory state around the buggy address: [ 14.940408] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.940714] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.940937] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.941151] ^ [ 14.941555] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942075] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942470] ================================================================== [ 15.303014] ================================================================== [ 15.303374] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 15.303717] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.304055] [ 15.304165] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.304212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.304225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.304248] Call Trace: [ 15.304269] <TASK> [ 15.304291] dump_stack_lvl+0x73/0xb0 [ 15.304319] print_report+0xd1/0x650 [ 15.304342] ? __virt_addr_valid+0x1db/0x2d0 [ 15.304366] ? kasan_atomics_helper+0xf11/0x5450 [ 15.304387] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.304413] ? kasan_atomics_helper+0xf11/0x5450 [ 15.304434] kasan_report+0x140/0x180 [ 15.304457] ? kasan_atomics_helper+0xf11/0x5450 [ 15.304482] kasan_check_range+0x10c/0x1c0 [ 15.304506] __kasan_check_write+0x18/0x20 [ 15.304529] kasan_atomics_helper+0xf11/0x5450 [ 15.304571] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.304594] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.304620] ? kasan_atomics+0x153/0x310 [ 15.304646] kasan_atomics+0x1dd/0x310 [ 15.304668] ? __pfx_kasan_atomics+0x10/0x10 [ 15.304692] ? __pfx_read_tsc+0x10/0x10 [ 15.304715] ? ktime_get_ts64+0x86/0x230 [ 15.304742] kunit_try_run_case+0x1a6/0x480 [ 15.304780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.304802] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.304846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.304873] ? __kthread_parkme+0x82/0x160 [ 15.304897] ? preempt_count_sub+0x50/0x80 [ 15.304923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.304946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.304973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.305000] kthread+0x324/0x6e0 [ 15.305023] ? trace_preempt_on+0x20/0xc0 [ 15.305059] ? __pfx_kthread+0x10/0x10 [ 15.305092] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.305120] ? calculate_sigpending+0x7b/0xa0 [ 15.305143] ? __pfx_kthread+0x10/0x10 [ 15.305178] ret_from_fork+0x41/0x80 [ 15.305199] ? __pfx_kthread+0x10/0x10 [ 15.305223] ret_from_fork_asm+0x1a/0x30 [ 15.305256] </TASK> [ 15.305268] [ 15.312895] Allocated by task 273: [ 15.313062] kasan_save_stack+0x45/0x70 [ 15.313282] kasan_save_track+0x18/0x40 [ 15.313476] kasan_save_alloc_info+0x3b/0x50 [ 15.313701] __kasan_kmalloc+0xb7/0xc0 [ 15.313900] __kmalloc_cache_noprof+0x18a/0x420 [ 15.314166] kasan_atomics+0x96/0x310 [ 15.314354] kunit_try_run_case+0x1a6/0x480 [ 15.314573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.314811] kthread+0x324/0x6e0 [ 15.315003] ret_from_fork+0x41/0x80 [ 15.315186] ret_from_fork_asm+0x1a/0x30 [ 15.315412] [ 15.315500] The buggy address belongs to the object at ffff888101b3e000 [ 15.315500] which belongs to the cache kmalloc-64 of size 64 [ 15.315984] The buggy address is located 0 bytes to the right of [ 15.315984] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.316649] [ 15.316724] The buggy address belongs to the physical page: [ 15.316908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.317151] flags: 0x200000000000000(node=0|zone=2) [ 15.317319] page_type: f5(slab) [ 15.317444] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.317736] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.318172] page dumped because: kasan: bad access detected [ 15.318427] [ 15.318521] Memory state around the buggy address: [ 15.318748] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319099] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319363] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.319577] ^ [ 15.319733] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319959] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.320448] ================================================================== [ 15.654182] ================================================================== [ 15.654416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 15.654643] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.654871] [ 15.654955] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.654999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.655013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.655106] Call Trace: [ 15.655133] <TASK> [ 15.655154] dump_stack_lvl+0x73/0xb0 [ 15.655182] print_report+0xd1/0x650 [ 15.655204] ? __virt_addr_valid+0x1db/0x2d0 [ 15.655228] ? kasan_atomics_helper+0x1650/0x5450 [ 15.655277] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.655305] ? kasan_atomics_helper+0x1650/0x5450 [ 15.655326] kasan_report+0x140/0x180 [ 15.655349] ? kasan_atomics_helper+0x1650/0x5450 [ 15.655375] kasan_check_range+0x10c/0x1c0 [ 15.655398] __kasan_check_write+0x18/0x20 [ 15.655421] kasan_atomics_helper+0x1650/0x5450 [ 15.655444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.655465] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.655491] ? kasan_atomics+0x153/0x310 [ 15.655517] kasan_atomics+0x1dd/0x310 [ 15.655541] ? __pfx_kasan_atomics+0x10/0x10 [ 15.655566] ? __pfx_read_tsc+0x10/0x10 [ 15.655588] ? ktime_get_ts64+0x86/0x230 [ 15.655615] kunit_try_run_case+0x1a6/0x480 [ 15.655641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.655663] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.655685] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.655712] ? __kthread_parkme+0x82/0x160 [ 15.655735] ? preempt_count_sub+0x50/0x80 [ 15.655761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.655784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.655810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.655849] kthread+0x324/0x6e0 [ 15.655872] ? trace_preempt_on+0x20/0xc0 [ 15.655896] ? __pfx_kthread+0x10/0x10 [ 15.655920] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.655943] ? calculate_sigpending+0x7b/0xa0 [ 15.655966] ? __pfx_kthread+0x10/0x10 [ 15.655989] ret_from_fork+0x41/0x80 [ 15.656009] ? __pfx_kthread+0x10/0x10 [ 15.656031] ret_from_fork_asm+0x1a/0x30 [ 15.656064] </TASK> [ 15.656076] [ 15.665101] Allocated by task 273: [ 15.665858] kasan_save_stack+0x45/0x70 [ 15.666316] kasan_save_track+0x18/0x40 [ 15.666515] kasan_save_alloc_info+0x3b/0x50 [ 15.666672] __kasan_kmalloc+0xb7/0xc0 [ 15.666990] __kmalloc_cache_noprof+0x18a/0x420 [ 15.667397] kasan_atomics+0x96/0x310 [ 15.667695] kunit_try_run_case+0x1a6/0x480 [ 15.668112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.668476] kthread+0x324/0x6e0 [ 15.668649] ret_from_fork+0x41/0x80 [ 15.668822] ret_from_fork_asm+0x1a/0x30 [ 15.668978] [ 15.669052] The buggy address belongs to the object at ffff888101b3e000 [ 15.669052] which belongs to the cache kmalloc-64 of size 64 [ 15.669697] The buggy address is located 0 bytes to the right of [ 15.669697] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.670374] [ 15.670461] The buggy address belongs to the physical page: [ 15.670705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.670977] flags: 0x200000000000000(node=0|zone=2) [ 15.671252] page_type: f5(slab) [ 15.671462] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.671805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.672185] page dumped because: kasan: bad access detected [ 15.672366] [ 15.672439] Memory state around the buggy address: [ 15.672676] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.673010] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.673309] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.673565] ^ [ 15.673799] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.674066] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.674331] ================================================================== [ 15.975231] ================================================================== [ 15.975602] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 15.976014] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.976353] [ 15.976533] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.977026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.977059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.977085] Call Trace: [ 15.977122] <TASK> [ 15.977148] dump_stack_lvl+0x73/0xb0 [ 15.977187] print_report+0xd1/0x650 [ 15.977211] ? __virt_addr_valid+0x1db/0x2d0 [ 15.977236] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.977257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.977286] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.977309] kasan_report+0x140/0x180 [ 15.977332] ? kasan_atomics_helper+0x4f73/0x5450 [ 15.977361] __asan_report_load8_noabort+0x18/0x20 [ 15.977386] kasan_atomics_helper+0x4f73/0x5450 [ 15.977410] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.977432] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.977459] ? kasan_atomics+0x153/0x310 [ 15.977484] kasan_atomics+0x1dd/0x310 [ 15.977508] ? __pfx_kasan_atomics+0x10/0x10 [ 15.977532] ? __pfx_read_tsc+0x10/0x10 [ 15.977555] ? ktime_get_ts64+0x86/0x230 [ 15.977582] kunit_try_run_case+0x1a6/0x480 [ 15.977607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.977629] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.977652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.977679] ? __kthread_parkme+0x82/0x160 [ 15.977703] ? preempt_count_sub+0x50/0x80 [ 15.977729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.977759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.977786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.977813] kthread+0x324/0x6e0 [ 15.977846] ? trace_preempt_on+0x20/0xc0 [ 15.977871] ? __pfx_kthread+0x10/0x10 [ 15.977894] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.977919] ? calculate_sigpending+0x7b/0xa0 [ 15.977982] ? __pfx_kthread+0x10/0x10 [ 15.978017] ret_from_fork+0x41/0x80 [ 15.978037] ? __pfx_kthread+0x10/0x10 [ 15.978069] ret_from_fork_asm+0x1a/0x30 [ 15.978102] </TASK> [ 15.978114] [ 15.985918] Allocated by task 273: [ 15.986137] kasan_save_stack+0x45/0x70 [ 15.986296] kasan_save_track+0x18/0x40 [ 15.986429] kasan_save_alloc_info+0x3b/0x50 [ 15.986574] __kasan_kmalloc+0xb7/0xc0 [ 15.986935] __kmalloc_cache_noprof+0x18a/0x420 [ 15.987289] kasan_atomics+0x96/0x310 [ 15.987474] kunit_try_run_case+0x1a6/0x480 [ 15.987669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.987960] kthread+0x324/0x6e0 [ 15.988141] ret_from_fork+0x41/0x80 [ 15.988568] ret_from_fork_asm+0x1a/0x30 [ 15.988710] [ 15.988783] The buggy address belongs to the object at ffff888101b3e000 [ 15.988783] which belongs to the cache kmalloc-64 of size 64 [ 15.989313] The buggy address is located 0 bytes to the right of [ 15.989313] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.989956] [ 15.990054] The buggy address belongs to the physical page: [ 15.990304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.990798] flags: 0x200000000000000(node=0|zone=2) [ 15.991046] page_type: f5(slab) [ 15.991218] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.991460] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.991680] page dumped because: kasan: bad access detected [ 15.991856] [ 15.991952] Memory state around the buggy address: [ 15.992332] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.992692] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.993258] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.993569] ^ [ 15.993796] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994202] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.994520] ================================================================== [ 15.616120] ================================================================== [ 15.616536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 15.616888] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.617305] [ 15.617446] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.617494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.617508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.617532] Call Trace: [ 15.617554] <TASK> [ 15.617576] dump_stack_lvl+0x73/0xb0 [ 15.617606] print_report+0xd1/0x650 [ 15.617629] ? __virt_addr_valid+0x1db/0x2d0 [ 15.617653] ? kasan_atomics_helper+0x151e/0x5450 [ 15.617675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.617702] ? kasan_atomics_helper+0x151e/0x5450 [ 15.617724] kasan_report+0x140/0x180 [ 15.617753] ? kasan_atomics_helper+0x151e/0x5450 [ 15.617778] kasan_check_range+0x10c/0x1c0 [ 15.617802] __kasan_check_write+0x18/0x20 [ 15.617826] kasan_atomics_helper+0x151e/0x5450 [ 15.617858] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.617880] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.617905] ? kasan_atomics+0x153/0x310 [ 15.617930] kasan_atomics+0x1dd/0x310 [ 15.617953] ? __pfx_kasan_atomics+0x10/0x10 [ 15.617977] ? __pfx_read_tsc+0x10/0x10 [ 15.618038] ? ktime_get_ts64+0x86/0x230 [ 15.618067] kunit_try_run_case+0x1a6/0x480 [ 15.618116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.618138] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.618162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.618187] ? __kthread_parkme+0x82/0x160 [ 15.618211] ? preempt_count_sub+0x50/0x80 [ 15.618237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.618260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.618287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.618346] kthread+0x324/0x6e0 [ 15.618368] ? trace_preempt_on+0x20/0xc0 [ 15.618393] ? __pfx_kthread+0x10/0x10 [ 15.618416] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.618440] ? calculate_sigpending+0x7b/0xa0 [ 15.618464] ? __pfx_kthread+0x10/0x10 [ 15.618490] ret_from_fork+0x41/0x80 [ 15.618510] ? __pfx_kthread+0x10/0x10 [ 15.618532] ret_from_fork_asm+0x1a/0x30 [ 15.618616] </TASK> [ 15.618629] [ 15.626135] Allocated by task 273: [ 15.626442] kasan_save_stack+0x45/0x70 [ 15.626639] kasan_save_track+0x18/0x40 [ 15.626864] kasan_save_alloc_info+0x3b/0x50 [ 15.627017] __kasan_kmalloc+0xb7/0xc0 [ 15.627344] __kmalloc_cache_noprof+0x18a/0x420 [ 15.627585] kasan_atomics+0x96/0x310 [ 15.627793] kunit_try_run_case+0x1a6/0x480 [ 15.628013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.628230] kthread+0x324/0x6e0 [ 15.628398] ret_from_fork+0x41/0x80 [ 15.628585] ret_from_fork_asm+0x1a/0x30 [ 15.628808] [ 15.628920] The buggy address belongs to the object at ffff888101b3e000 [ 15.628920] which belongs to the cache kmalloc-64 of size 64 [ 15.629409] The buggy address is located 0 bytes to the right of [ 15.629409] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.629778] [ 15.629861] The buggy address belongs to the physical page: [ 15.630317] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.630672] flags: 0x200000000000000(node=0|zone=2) [ 15.630895] page_type: f5(slab) [ 15.631028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.631390] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.631720] page dumped because: kasan: bad access detected [ 15.631941] [ 15.632012] Memory state around the buggy address: [ 15.632412] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.632631] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633033] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.633449] ^ [ 15.633927] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.634200] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.634413] ================================================================== [ 15.858736] ================================================================== [ 15.859087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 15.859487] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.859750] [ 15.859873] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.859919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.859933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.859956] Call Trace: [ 15.859978] <TASK> [ 15.860000] dump_stack_lvl+0x73/0xb0 [ 15.860029] print_report+0xd1/0x650 [ 15.860051] ? __virt_addr_valid+0x1db/0x2d0 [ 15.860086] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.860107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.860134] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.860159] kasan_report+0x140/0x180 [ 15.860182] ? kasan_atomics_helper+0x4f32/0x5450 [ 15.860207] __asan_report_load8_noabort+0x18/0x20 [ 15.860232] kasan_atomics_helper+0x4f32/0x5450 [ 15.860255] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.860276] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.860302] ? kasan_atomics+0x153/0x310 [ 15.860329] kasan_atomics+0x1dd/0x310 [ 15.860351] ? __pfx_kasan_atomics+0x10/0x10 [ 15.860375] ? __pfx_read_tsc+0x10/0x10 [ 15.860399] ? ktime_get_ts64+0x86/0x230 [ 15.860426] kunit_try_run_case+0x1a6/0x480 [ 15.860453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.860475] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.860498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.860525] ? __kthread_parkme+0x82/0x160 [ 15.860549] ? preempt_count_sub+0x50/0x80 [ 15.860575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.860598] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.860625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.860652] kthread+0x324/0x6e0 [ 15.860685] ? trace_preempt_on+0x20/0xc0 [ 15.860710] ? __pfx_kthread+0x10/0x10 [ 15.860772] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.860796] ? calculate_sigpending+0x7b/0xa0 [ 15.860820] ? __pfx_kthread+0x10/0x10 [ 15.860852] ret_from_fork+0x41/0x80 [ 15.860872] ? __pfx_kthread+0x10/0x10 [ 15.860895] ret_from_fork_asm+0x1a/0x30 [ 15.860927] </TASK> [ 15.860938] [ 15.868206] Allocated by task 273: [ 15.868417] kasan_save_stack+0x45/0x70 [ 15.868615] kasan_save_track+0x18/0x40 [ 15.868748] kasan_save_alloc_info+0x3b/0x50 [ 15.868904] __kasan_kmalloc+0xb7/0xc0 [ 15.869037] __kmalloc_cache_noprof+0x18a/0x420 [ 15.869468] kasan_atomics+0x96/0x310 [ 15.869678] kunit_try_run_case+0x1a6/0x480 [ 15.869901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.870106] kthread+0x324/0x6e0 [ 15.870229] ret_from_fork+0x41/0x80 [ 15.870357] ret_from_fork_asm+0x1a/0x30 [ 15.870495] [ 15.870566] The buggy address belongs to the object at ffff888101b3e000 [ 15.870566] which belongs to the cache kmalloc-64 of size 64 [ 15.871660] The buggy address is located 0 bytes to the right of [ 15.871660] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.872089] [ 15.872194] The buggy address belongs to the physical page: [ 15.872475] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.872783] flags: 0x200000000000000(node=0|zone=2) [ 15.872957] page_type: f5(slab) [ 15.873081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.873659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.873968] page dumped because: kasan: bad access detected [ 15.874389] [ 15.874489] Memory state around the buggy address: [ 15.874655] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.874892] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.875691] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.876445] ^ [ 15.876704] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877013] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877589] ================================================================== [ 15.896795] ================================================================== [ 15.897060] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 15.897684] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.898059] [ 15.898174] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.898219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.898233] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.898256] Call Trace: [ 15.898278] <TASK> [ 15.898301] dump_stack_lvl+0x73/0xb0 [ 15.898328] print_report+0xd1/0x650 [ 15.898351] ? __virt_addr_valid+0x1db/0x2d0 [ 15.898375] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.898397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.898424] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.898446] kasan_report+0x140/0x180 [ 15.898468] ? kasan_atomics_helper+0x1d7b/0x5450 [ 15.898494] kasan_check_range+0x10c/0x1c0 [ 15.898518] __kasan_check_write+0x18/0x20 [ 15.898541] kasan_atomics_helper+0x1d7b/0x5450 [ 15.898564] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.898586] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.898611] ? kasan_atomics+0x153/0x310 [ 15.898637] kasan_atomics+0x1dd/0x310 [ 15.898660] ? __pfx_kasan_atomics+0x10/0x10 [ 15.898684] ? __pfx_read_tsc+0x10/0x10 [ 15.898707] ? ktime_get_ts64+0x86/0x230 [ 15.898734] kunit_try_run_case+0x1a6/0x480 [ 15.898783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.898806] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.898829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.898864] ? __kthread_parkme+0x82/0x160 [ 15.898888] ? preempt_count_sub+0x50/0x80 [ 15.898915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.898939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.898966] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.898993] kthread+0x324/0x6e0 [ 15.899016] ? trace_preempt_on+0x20/0xc0 [ 15.899041] ? __pfx_kthread+0x10/0x10 [ 15.899064] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.899088] ? calculate_sigpending+0x7b/0xa0 [ 15.899111] ? __pfx_kthread+0x10/0x10 [ 15.899135] ret_from_fork+0x41/0x80 [ 15.899155] ? __pfx_kthread+0x10/0x10 [ 15.899178] ret_from_fork_asm+0x1a/0x30 [ 15.899229] </TASK> [ 15.899240] [ 15.906450] Allocated by task 273: [ 15.906671] kasan_save_stack+0x45/0x70 [ 15.906889] kasan_save_track+0x18/0x40 [ 15.907095] kasan_save_alloc_info+0x3b/0x50 [ 15.907291] __kasan_kmalloc+0xb7/0xc0 [ 15.907420] __kmalloc_cache_noprof+0x18a/0x420 [ 15.907572] kasan_atomics+0x96/0x310 [ 15.907707] kunit_try_run_case+0x1a6/0x480 [ 15.907859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.908034] kthread+0x324/0x6e0 [ 15.908154] ret_from_fork+0x41/0x80 [ 15.908339] ret_from_fork_asm+0x1a/0x30 [ 15.908606] [ 15.908735] The buggy address belongs to the object at ffff888101b3e000 [ 15.908735] which belongs to the cache kmalloc-64 of size 64 [ 15.909440] The buggy address is located 0 bytes to the right of [ 15.909440] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.910505] [ 15.910721] The buggy address belongs to the physical page: [ 15.911042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.911381] flags: 0x200000000000000(node=0|zone=2) [ 15.911551] page_type: f5(slab) [ 15.911677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.911946] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.912343] page dumped because: kasan: bad access detected [ 15.912676] [ 15.912902] Memory state around the buggy address: [ 15.913271] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913582] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.913798] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.914016] ^ [ 15.914228] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.914616] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.915204] ================================================================== [ 15.765656] ================================================================== [ 15.766021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 15.766461] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.766966] [ 15.767079] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.767126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.767139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.767162] Call Trace: [ 15.767184] <TASK> [ 15.767205] dump_stack_lvl+0x73/0xb0 [ 15.767235] print_report+0xd1/0x650 [ 15.767258] ? __virt_addr_valid+0x1db/0x2d0 [ 15.767281] ? kasan_atomics_helper+0x194b/0x5450 [ 15.767303] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.767329] ? kasan_atomics_helper+0x194b/0x5450 [ 15.767352] kasan_report+0x140/0x180 [ 15.767374] ? kasan_atomics_helper+0x194b/0x5450 [ 15.767401] kasan_check_range+0x10c/0x1c0 [ 15.767424] __kasan_check_write+0x18/0x20 [ 15.767447] kasan_atomics_helper+0x194b/0x5450 [ 15.767472] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.767494] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.767519] ? kasan_atomics+0x153/0x310 [ 15.767545] kasan_atomics+0x1dd/0x310 [ 15.767568] ? __pfx_kasan_atomics+0x10/0x10 [ 15.767592] ? __pfx_read_tsc+0x10/0x10 [ 15.767616] ? ktime_get_ts64+0x86/0x230 [ 15.767642] kunit_try_run_case+0x1a6/0x480 [ 15.767665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.767698] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.767720] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.767747] ? __kthread_parkme+0x82/0x160 [ 15.767770] ? preempt_count_sub+0x50/0x80 [ 15.767796] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.767820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.767884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.767912] kthread+0x324/0x6e0 [ 15.767934] ? trace_preempt_on+0x20/0xc0 [ 15.767960] ? __pfx_kthread+0x10/0x10 [ 15.767983] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.768008] ? calculate_sigpending+0x7b/0xa0 [ 15.768031] ? __pfx_kthread+0x10/0x10 [ 15.768054] ret_from_fork+0x41/0x80 [ 15.768074] ? __pfx_kthread+0x10/0x10 [ 15.768115] ret_from_fork_asm+0x1a/0x30 [ 15.768148] </TASK> [ 15.768160] [ 15.775630] Allocated by task 273: [ 15.775846] kasan_save_stack+0x45/0x70 [ 15.776080] kasan_save_track+0x18/0x40 [ 15.776273] kasan_save_alloc_info+0x3b/0x50 [ 15.776482] __kasan_kmalloc+0xb7/0xc0 [ 15.776672] __kmalloc_cache_noprof+0x18a/0x420 [ 15.776890] kasan_atomics+0x96/0x310 [ 15.777091] kunit_try_run_case+0x1a6/0x480 [ 15.777304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.777539] kthread+0x324/0x6e0 [ 15.777704] ret_from_fork+0x41/0x80 [ 15.777888] ret_from_fork_asm+0x1a/0x30 [ 15.778116] [ 15.778219] The buggy address belongs to the object at ffff888101b3e000 [ 15.778219] which belongs to the cache kmalloc-64 of size 64 [ 15.778709] The buggy address is located 0 bytes to the right of [ 15.778709] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.779254] [ 15.779360] The buggy address belongs to the physical page: [ 15.779592] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.779946] flags: 0x200000000000000(node=0|zone=2) [ 15.780145] page_type: f5(slab) [ 15.780327] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.780652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.780889] page dumped because: kasan: bad access detected [ 15.781062] [ 15.781135] Memory state around the buggy address: [ 15.781293] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781604] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.781940] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.782253] ^ [ 15.782518] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.782845] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.783316] ================================================================== [ 15.220810] ================================================================== [ 15.221119] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 15.221880] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.222286] [ 15.222412] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.222465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.222478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.222501] Call Trace: [ 15.222524] <TASK> [ 15.222584] dump_stack_lvl+0x73/0xb0 [ 15.222634] print_report+0xd1/0x650 [ 15.222685] ? __virt_addr_valid+0x1db/0x2d0 [ 15.222722] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.222758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.222789] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.222811] kasan_report+0x140/0x180 [ 15.222833] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.222873] __asan_report_load4_noabort+0x18/0x20 [ 15.222897] kasan_atomics_helper+0x4a86/0x5450 [ 15.222920] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.222942] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.222967] ? kasan_atomics+0x153/0x310 [ 15.222994] kasan_atomics+0x1dd/0x310 [ 15.223018] ? __pfx_kasan_atomics+0x10/0x10 [ 15.223041] ? __pfx_read_tsc+0x10/0x10 [ 15.223064] ? ktime_get_ts64+0x86/0x230 [ 15.223092] kunit_try_run_case+0x1a6/0x480 [ 15.223117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.223139] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.223163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.223189] ? __kthread_parkme+0x82/0x160 [ 15.223213] ? preempt_count_sub+0x50/0x80 [ 15.223239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.223262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.223289] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.223315] kthread+0x324/0x6e0 [ 15.223338] ? trace_preempt_on+0x20/0xc0 [ 15.223362] ? __pfx_kthread+0x10/0x10 [ 15.223386] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.223423] ? calculate_sigpending+0x7b/0xa0 [ 15.223447] ? __pfx_kthread+0x10/0x10 [ 15.223470] ret_from_fork+0x41/0x80 [ 15.223490] ? __pfx_kthread+0x10/0x10 [ 15.223513] ret_from_fork_asm+0x1a/0x30 [ 15.223546] </TASK> [ 15.223558] [ 15.230970] Allocated by task 273: [ 15.231263] kasan_save_stack+0x45/0x70 [ 15.231493] kasan_save_track+0x18/0x40 [ 15.231652] kasan_save_alloc_info+0x3b/0x50 [ 15.231892] __kasan_kmalloc+0xb7/0xc0 [ 15.232068] __kmalloc_cache_noprof+0x18a/0x420 [ 15.232260] kasan_atomics+0x96/0x310 [ 15.232448] kunit_try_run_case+0x1a6/0x480 [ 15.232634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.232877] kthread+0x324/0x6e0 [ 15.233073] ret_from_fork+0x41/0x80 [ 15.233234] ret_from_fork_asm+0x1a/0x30 [ 15.233427] [ 15.233508] The buggy address belongs to the object at ffff888101b3e000 [ 15.233508] which belongs to the cache kmalloc-64 of size 64 [ 15.234034] The buggy address is located 0 bytes to the right of [ 15.234034] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.234557] [ 15.234635] The buggy address belongs to the physical page: [ 15.234907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.235492] flags: 0x200000000000000(node=0|zone=2) [ 15.235703] page_type: f5(slab) [ 15.235828] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.236278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.236652] page dumped because: kasan: bad access detected [ 15.237050] [ 15.237150] Memory state around the buggy address: [ 15.237414] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.237772] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238231] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.238553] ^ [ 15.238710] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.238932] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.239141] ================================================================== [ 14.826778] ================================================================== [ 14.827269] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 14.827777] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.828093] [ 14.828238] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.828299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.828324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.828347] Call Trace: [ 14.828370] <TASK> [ 14.828391] dump_stack_lvl+0x73/0xb0 [ 14.828420] print_report+0xd1/0x650 [ 14.828443] ? __virt_addr_valid+0x1db/0x2d0 [ 14.828465] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.828486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.828529] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.828550] kasan_report+0x140/0x180 [ 14.828571] ? kasan_atomics_helper+0x4b8a/0x5450 [ 14.828596] __asan_report_load4_noabort+0x18/0x20 [ 14.828619] kasan_atomics_helper+0x4b8a/0x5450 [ 14.828641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.828662] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.828688] ? kasan_atomics+0x153/0x310 [ 14.828714] kasan_atomics+0x1dd/0x310 [ 14.828735] ? __pfx_kasan_atomics+0x10/0x10 [ 14.828759] ? __pfx_read_tsc+0x10/0x10 [ 14.828781] ? ktime_get_ts64+0x86/0x230 [ 14.828808] kunit_try_run_case+0x1a6/0x480 [ 14.828871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.828895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.828918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.828943] ? __kthread_parkme+0x82/0x160 [ 14.828966] ? preempt_count_sub+0x50/0x80 [ 14.828998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829047] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829108] kthread+0x324/0x6e0 [ 14.829142] ? trace_preempt_on+0x20/0xc0 [ 14.829166] ? __pfx_kthread+0x10/0x10 [ 14.829187] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.829212] ? calculate_sigpending+0x7b/0xa0 [ 14.829234] ? __pfx_kthread+0x10/0x10 [ 14.829255] ret_from_fork+0x41/0x80 [ 14.829275] ? __pfx_kthread+0x10/0x10 [ 14.829296] ret_from_fork_asm+0x1a/0x30 [ 14.829328] </TASK> [ 14.829339] [ 14.837669] Allocated by task 273: [ 14.837860] kasan_save_stack+0x45/0x70 [ 14.838093] kasan_save_track+0x18/0x40 [ 14.838366] kasan_save_alloc_info+0x3b/0x50 [ 14.838569] __kasan_kmalloc+0xb7/0xc0 [ 14.838755] __kmalloc_cache_noprof+0x18a/0x420 [ 14.838965] kasan_atomics+0x96/0x310 [ 14.839186] kunit_try_run_case+0x1a6/0x480 [ 14.839361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.839638] kthread+0x324/0x6e0 [ 14.839818] ret_from_fork+0x41/0x80 [ 14.840120] ret_from_fork_asm+0x1a/0x30 [ 14.840444] [ 14.840541] The buggy address belongs to the object at ffff888101b3e000 [ 14.840541] which belongs to the cache kmalloc-64 of size 64 [ 14.841091] The buggy address is located 0 bytes to the right of [ 14.841091] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.841534] [ 14.841650] The buggy address belongs to the physical page: [ 14.841924] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.842528] flags: 0x200000000000000(node=0|zone=2) [ 14.842943] page_type: f5(slab) [ 14.843171] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.843547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.843980] page dumped because: kasan: bad access detected [ 14.844300] [ 14.844392] Memory state around the buggy address: [ 14.844612] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.844928] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.845416] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.845644] ^ [ 14.845902] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846302] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.846556] ================================================================== [ 15.466790] ================================================================== [ 15.467417] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 15.467757] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.467999] [ 15.468088] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.468133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.468157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.468181] Call Trace: [ 15.468202] <TASK> [ 15.468256] dump_stack_lvl+0x73/0xb0 [ 15.468286] print_report+0xd1/0x650 [ 15.468309] ? __virt_addr_valid+0x1db/0x2d0 [ 15.468345] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.468367] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.468394] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.468416] kasan_report+0x140/0x180 [ 15.468439] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.468465] __asan_report_load4_noabort+0x18/0x20 [ 15.468489] kasan_atomics_helper+0x49ea/0x5450 [ 15.468512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.468535] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.468588] ? kasan_atomics+0x153/0x310 [ 15.468614] kasan_atomics+0x1dd/0x310 [ 15.468647] ? __pfx_kasan_atomics+0x10/0x10 [ 15.468671] ? __pfx_read_tsc+0x10/0x10 [ 15.468695] ? ktime_get_ts64+0x86/0x230 [ 15.468748] kunit_try_run_case+0x1a6/0x480 [ 15.468773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.468805] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.468829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.468865] ? __kthread_parkme+0x82/0x160 [ 15.468916] ? preempt_count_sub+0x50/0x80 [ 15.468942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.468978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.469005] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.469057] kthread+0x324/0x6e0 [ 15.469081] ? trace_preempt_on+0x20/0xc0 [ 15.469106] ? __pfx_kthread+0x10/0x10 [ 15.469151] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.469176] ? calculate_sigpending+0x7b/0xa0 [ 15.469199] ? __pfx_kthread+0x10/0x10 [ 15.469223] ret_from_fork+0x41/0x80 [ 15.469243] ? __pfx_kthread+0x10/0x10 [ 15.469266] ret_from_fork_asm+0x1a/0x30 [ 15.469300] </TASK> [ 15.469311] [ 15.477716] Allocated by task 273: [ 15.477950] kasan_save_stack+0x45/0x70 [ 15.478183] kasan_save_track+0x18/0x40 [ 15.478444] kasan_save_alloc_info+0x3b/0x50 [ 15.478743] __kasan_kmalloc+0xb7/0xc0 [ 15.478957] __kmalloc_cache_noprof+0x18a/0x420 [ 15.479361] kasan_atomics+0x96/0x310 [ 15.479550] kunit_try_run_case+0x1a6/0x480 [ 15.479757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480022] kthread+0x324/0x6e0 [ 15.480208] ret_from_fork+0x41/0x80 [ 15.480393] ret_from_fork_asm+0x1a/0x30 [ 15.480591] [ 15.480723] The buggy address belongs to the object at ffff888101b3e000 [ 15.480723] which belongs to the cache kmalloc-64 of size 64 [ 15.481372] The buggy address is located 0 bytes to the right of [ 15.481372] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.481949] [ 15.482028] The buggy address belongs to the physical page: [ 15.482421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.482736] flags: 0x200000000000000(node=0|zone=2) [ 15.482916] page_type: f5(slab) [ 15.483045] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.483347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.483691] page dumped because: kasan: bad access detected [ 15.483957] [ 15.484083] Memory state around the buggy address: [ 15.484393] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.484814] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485300] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.485564] ^ [ 15.485724] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.485953] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.486541] ================================================================== [ 15.487294] ================================================================== [ 15.487719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 15.488150] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.488499] [ 15.488648] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.488734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.488748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.488797] Call Trace: [ 15.488848] <TASK> [ 15.488869] dump_stack_lvl+0x73/0xb0 [ 15.488912] print_report+0xd1/0x650 [ 15.488936] ? __virt_addr_valid+0x1db/0x2d0 [ 15.488979] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.489002] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.489040] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.489062] kasan_report+0x140/0x180 [ 15.489085] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.489111] kasan_check_range+0x10c/0x1c0 [ 15.489135] __kasan_check_write+0x18/0x20 [ 15.489158] kasan_atomics_helper+0x12e7/0x5450 [ 15.489182] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.489204] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.489230] ? kasan_atomics+0x153/0x310 [ 15.489256] kasan_atomics+0x1dd/0x310 [ 15.489279] ? __pfx_kasan_atomics+0x10/0x10 [ 15.489303] ? __pfx_read_tsc+0x10/0x10 [ 15.489326] ? ktime_get_ts64+0x86/0x230 [ 15.489353] kunit_try_run_case+0x1a6/0x480 [ 15.489379] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489401] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.489424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.489451] ? __kthread_parkme+0x82/0x160 [ 15.489474] ? preempt_count_sub+0x50/0x80 [ 15.489500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.489524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.489562] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.489589] kthread+0x324/0x6e0 [ 15.489611] ? trace_preempt_on+0x20/0xc0 [ 15.489663] ? __pfx_kthread+0x10/0x10 [ 15.489686] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.489711] ? calculate_sigpending+0x7b/0xa0 [ 15.489772] ? __pfx_kthread+0x10/0x10 [ 15.489796] ret_from_fork+0x41/0x80 [ 15.489816] ? __pfx_kthread+0x10/0x10 [ 15.489859] ret_from_fork_asm+0x1a/0x30 [ 15.489894] </TASK> [ 15.489906] [ 15.502113] Allocated by task 273: [ 15.502333] kasan_save_stack+0x45/0x70 [ 15.502799] kasan_save_track+0x18/0x40 [ 15.502968] kasan_save_alloc_info+0x3b/0x50 [ 15.503471] __kasan_kmalloc+0xb7/0xc0 [ 15.503972] __kmalloc_cache_noprof+0x18a/0x420 [ 15.504533] kasan_atomics+0x96/0x310 [ 15.504861] kunit_try_run_case+0x1a6/0x480 [ 15.505020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.505199] kthread+0x324/0x6e0 [ 15.505329] ret_from_fork+0x41/0x80 [ 15.505461] ret_from_fork_asm+0x1a/0x30 [ 15.505606] [ 15.505681] The buggy address belongs to the object at ffff888101b3e000 [ 15.505681] which belongs to the cache kmalloc-64 of size 64 [ 15.507073] The buggy address is located 0 bytes to the right of [ 15.507073] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.508240] [ 15.508446] The buggy address belongs to the physical page: [ 15.508956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.509667] flags: 0x200000000000000(node=0|zone=2) [ 15.510141] page_type: f5(slab) [ 15.510441] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.511127] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.511786] page dumped because: kasan: bad access detected [ 15.512295] [ 15.512460] Memory state around the buggy address: [ 15.512624] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.512849] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.513090] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.513714] ^ [ 15.514196] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.514810] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.515475] ================================================================== [ 15.783985] ================================================================== [ 15.784375] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 15.784659] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.784898] [ 15.784985] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.785029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.785042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.785066] Call Trace: [ 15.785087] <TASK> [ 15.785107] dump_stack_lvl+0x73/0xb0 [ 15.785134] print_report+0xd1/0x650 [ 15.785176] ? __virt_addr_valid+0x1db/0x2d0 [ 15.785200] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.785221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.785247] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.785272] kasan_report+0x140/0x180 [ 15.785294] ? kasan_atomics_helper+0x19e4/0x5450 [ 15.785321] kasan_check_range+0x10c/0x1c0 [ 15.785345] __kasan_check_write+0x18/0x20 [ 15.785369] kasan_atomics_helper+0x19e4/0x5450 [ 15.785392] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.785414] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.785439] ? kasan_atomics+0x153/0x310 [ 15.785466] kasan_atomics+0x1dd/0x310 [ 15.785490] ? __pfx_kasan_atomics+0x10/0x10 [ 15.785515] ? __pfx_read_tsc+0x10/0x10 [ 15.785538] ? ktime_get_ts64+0x86/0x230 [ 15.785564] kunit_try_run_case+0x1a6/0x480 [ 15.785589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785612] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.785635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.785660] ? __kthread_parkme+0x82/0x160 [ 15.785684] ? preempt_count_sub+0x50/0x80 [ 15.785728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.785758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.785811] kthread+0x324/0x6e0 [ 15.785834] ? trace_preempt_on+0x20/0xc0 [ 15.785867] ? __pfx_kthread+0x10/0x10 [ 15.785891] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.785914] ? calculate_sigpending+0x7b/0xa0 [ 15.785937] ? __pfx_kthread+0x10/0x10 [ 15.785960] ret_from_fork+0x41/0x80 [ 15.785980] ? __pfx_kthread+0x10/0x10 [ 15.786003] ret_from_fork_asm+0x1a/0x30 [ 15.786035] </TASK> [ 15.786046] [ 15.794108] Allocated by task 273: [ 15.794310] kasan_save_stack+0x45/0x70 [ 15.794525] kasan_save_track+0x18/0x40 [ 15.794715] kasan_save_alloc_info+0x3b/0x50 [ 15.794924] __kasan_kmalloc+0xb7/0xc0 [ 15.795267] __kmalloc_cache_noprof+0x18a/0x420 [ 15.796242] kasan_atomics+0x96/0x310 [ 15.796450] kunit_try_run_case+0x1a6/0x480 [ 15.796621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796864] kthread+0x324/0x6e0 [ 15.797030] ret_from_fork+0x41/0x80 [ 15.797235] ret_from_fork_asm+0x1a/0x30 [ 15.797407] [ 15.797524] The buggy address belongs to the object at ffff888101b3e000 [ 15.797524] which belongs to the cache kmalloc-64 of size 64 [ 15.797926] The buggy address is located 0 bytes to the right of [ 15.797926] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.798523] [ 15.798602] The buggy address belongs to the physical page: [ 15.798802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.799352] flags: 0x200000000000000(node=0|zone=2) [ 15.799554] page_type: f5(slab) [ 15.799716] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.800096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.800320] page dumped because: kasan: bad access detected [ 15.800486] [ 15.800586] Memory state around the buggy address: [ 15.800847] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801354] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.801668] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.801971] ^ [ 15.802239] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802553] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.802772] ================================================================== [ 15.803505] ================================================================== [ 15.803847] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 15.804160] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.804493] [ 15.804606] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.804651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.804664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.804711] Call Trace: [ 15.804732] <TASK> [ 15.804753] dump_stack_lvl+0x73/0xb0 [ 15.804783] print_report+0xd1/0x650 [ 15.804806] ? __virt_addr_valid+0x1db/0x2d0 [ 15.804829] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.804861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.804906] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.804928] kasan_report+0x140/0x180 [ 15.804951] ? kasan_atomics_helper+0x1a80/0x5450 [ 15.804977] kasan_check_range+0x10c/0x1c0 [ 15.805002] __kasan_check_write+0x18/0x20 [ 15.805025] kasan_atomics_helper+0x1a80/0x5450 [ 15.805048] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.805071] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.805096] ? kasan_atomics+0x153/0x310 [ 15.805122] kasan_atomics+0x1dd/0x310 [ 15.805159] ? __pfx_kasan_atomics+0x10/0x10 [ 15.805183] ? __pfx_read_tsc+0x10/0x10 [ 15.805206] ? ktime_get_ts64+0x86/0x230 [ 15.805241] kunit_try_run_case+0x1a6/0x480 [ 15.805283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805308] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.805332] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.805358] ? __kthread_parkme+0x82/0x160 [ 15.805382] ? preempt_count_sub+0x50/0x80 [ 15.805408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.805447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.805473] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.805500] kthread+0x324/0x6e0 [ 15.805522] ? trace_preempt_on+0x20/0xc0 [ 15.805547] ? __pfx_kthread+0x10/0x10 [ 15.805569] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.805594] ? calculate_sigpending+0x7b/0xa0 [ 15.805617] ? __pfx_kthread+0x10/0x10 [ 15.805640] ret_from_fork+0x41/0x80 [ 15.805659] ? __pfx_kthread+0x10/0x10 [ 15.805682] ret_from_fork_asm+0x1a/0x30 [ 15.805715] </TASK> [ 15.805726] [ 15.813446] Allocated by task 273: [ 15.813692] kasan_save_stack+0x45/0x70 [ 15.813929] kasan_save_track+0x18/0x40 [ 15.814070] kasan_save_alloc_info+0x3b/0x50 [ 15.814222] __kasan_kmalloc+0xb7/0xc0 [ 15.814409] __kmalloc_cache_noprof+0x18a/0x420 [ 15.814740] kasan_atomics+0x96/0x310 [ 15.814939] kunit_try_run_case+0x1a6/0x480 [ 15.815177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.815502] kthread+0x324/0x6e0 [ 15.815642] ret_from_fork+0x41/0x80 [ 15.815773] ret_from_fork_asm+0x1a/0x30 [ 15.815925] [ 15.815999] The buggy address belongs to the object at ffff888101b3e000 [ 15.815999] which belongs to the cache kmalloc-64 of size 64 [ 15.816401] The buggy address is located 0 bytes to the right of [ 15.816401] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.816989] [ 15.817093] The buggy address belongs to the physical page: [ 15.817404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.817796] flags: 0x200000000000000(node=0|zone=2) [ 15.818094] page_type: f5(slab) [ 15.818230] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.818463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818777] page dumped because: kasan: bad access detected [ 15.819053] [ 15.819150] Memory state around the buggy address: [ 15.819386] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819628] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.819853] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820188] ^ [ 15.820414] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.820866] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.821081] ================================================================== [ 15.821892] ================================================================== [ 15.822215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 15.822539] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.822801] [ 15.822900] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.822947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.822961] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.822984] Call Trace: [ 15.823006] <TASK> [ 15.823028] dump_stack_lvl+0x73/0xb0 [ 15.823055] print_report+0xd1/0x650 [ 15.823078] ? __virt_addr_valid+0x1db/0x2d0 [ 15.823132] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.823154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.823181] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.823202] kasan_report+0x140/0x180 [ 15.823225] ? kasan_atomics_helper+0x1b23/0x5450 [ 15.823251] kasan_check_range+0x10c/0x1c0 [ 15.823274] __kasan_check_write+0x18/0x20 [ 15.823298] kasan_atomics_helper+0x1b23/0x5450 [ 15.823321] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.823344] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.823369] ? kasan_atomics+0x153/0x310 [ 15.823395] kasan_atomics+0x1dd/0x310 [ 15.823418] ? __pfx_kasan_atomics+0x10/0x10 [ 15.823443] ? __pfx_read_tsc+0x10/0x10 [ 15.823466] ? ktime_get_ts64+0x86/0x230 [ 15.823492] kunit_try_run_case+0x1a6/0x480 [ 15.823518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823539] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.823562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.823588] ? __kthread_parkme+0x82/0x160 [ 15.823612] ? preempt_count_sub+0x50/0x80 [ 15.823638] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.823662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.823688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.823714] kthread+0x324/0x6e0 [ 15.823737] ? trace_preempt_on+0x20/0xc0 [ 15.823780] ? __pfx_kthread+0x10/0x10 [ 15.823803] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.823827] ? calculate_sigpending+0x7b/0xa0 [ 15.823862] ? __pfx_kthread+0x10/0x10 [ 15.823885] ret_from_fork+0x41/0x80 [ 15.823906] ? __pfx_kthread+0x10/0x10 [ 15.823928] ret_from_fork_asm+0x1a/0x30 [ 15.823961] </TASK> [ 15.823973] [ 15.831639] Allocated by task 273: [ 15.831795] kasan_save_stack+0x45/0x70 [ 15.832007] kasan_save_track+0x18/0x40 [ 15.832217] kasan_save_alloc_info+0x3b/0x50 [ 15.832506] __kasan_kmalloc+0xb7/0xc0 [ 15.832643] __kmalloc_cache_noprof+0x18a/0x420 [ 15.832800] kasan_atomics+0x96/0x310 [ 15.832945] kunit_try_run_case+0x1a6/0x480 [ 15.833094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.833316] kthread+0x324/0x6e0 [ 15.833474] ret_from_fork+0x41/0x80 [ 15.833629] ret_from_fork_asm+0x1a/0x30 [ 15.833790] [ 15.833875] The buggy address belongs to the object at ffff888101b3e000 [ 15.833875] which belongs to the cache kmalloc-64 of size 64 [ 15.834478] The buggy address is located 0 bytes to the right of [ 15.834478] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.835035] [ 15.835110] The buggy address belongs to the physical page: [ 15.835285] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.835937] flags: 0x200000000000000(node=0|zone=2) [ 15.836195] page_type: f5(slab) [ 15.836371] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.836717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.837034] page dumped because: kasan: bad access detected [ 15.837270] [ 15.837343] Memory state around the buggy address: [ 15.837567] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837868] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838165] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.838484] ^ [ 15.838710] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.838988] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.839299] ================================================================== [ 15.916068] ================================================================== [ 15.916429] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 15.916861] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.917193] [ 15.917312] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.917394] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.917408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.917431] Call Trace: [ 15.917454] <TASK> [ 15.917476] dump_stack_lvl+0x73/0xb0 [ 15.917537] print_report+0xd1/0x650 [ 15.917560] ? __virt_addr_valid+0x1db/0x2d0 [ 15.917584] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.917606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.917631] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.917653] kasan_report+0x140/0x180 [ 15.917675] ? kasan_atomics_helper+0x1e13/0x5450 [ 15.917731] kasan_check_range+0x10c/0x1c0 [ 15.917761] __kasan_check_write+0x18/0x20 [ 15.917785] kasan_atomics_helper+0x1e13/0x5450 [ 15.917808] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.917873] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.917902] ? kasan_atomics+0x153/0x310 [ 15.917928] kasan_atomics+0x1dd/0x310 [ 15.917951] ? __pfx_kasan_atomics+0x10/0x10 [ 15.918005] ? __pfx_read_tsc+0x10/0x10 [ 15.918029] ? ktime_get_ts64+0x86/0x230 [ 15.918056] kunit_try_run_case+0x1a6/0x480 [ 15.918090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.918113] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.918135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.918194] ? __kthread_parkme+0x82/0x160 [ 15.918218] ? preempt_count_sub+0x50/0x80 [ 15.918244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.918267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.918294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.918321] kthread+0x324/0x6e0 [ 15.918343] ? trace_preempt_on+0x20/0xc0 [ 15.918368] ? __pfx_kthread+0x10/0x10 [ 15.918392] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.918416] ? calculate_sigpending+0x7b/0xa0 [ 15.918440] ? __pfx_kthread+0x10/0x10 [ 15.918491] ret_from_fork+0x41/0x80 [ 15.918534] ? __pfx_kthread+0x10/0x10 [ 15.918581] ret_from_fork_asm+0x1a/0x30 [ 15.918636] </TASK> [ 15.918649] [ 15.926699] Allocated by task 273: [ 15.926928] kasan_save_stack+0x45/0x70 [ 15.927227] kasan_save_track+0x18/0x40 [ 15.927432] kasan_save_alloc_info+0x3b/0x50 [ 15.927656] __kasan_kmalloc+0xb7/0xc0 [ 15.927869] __kmalloc_cache_noprof+0x18a/0x420 [ 15.928115] kasan_atomics+0x96/0x310 [ 15.928253] kunit_try_run_case+0x1a6/0x480 [ 15.928397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.928568] kthread+0x324/0x6e0 [ 15.928741] ret_from_fork+0x41/0x80 [ 15.928936] ret_from_fork_asm+0x1a/0x30 [ 15.929221] [ 15.929463] The buggy address belongs to the object at ffff888101b3e000 [ 15.929463] which belongs to the cache kmalloc-64 of size 64 [ 15.930088] The buggy address is located 0 bytes to the right of [ 15.930088] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.930525] [ 15.930599] The buggy address belongs to the physical page: [ 15.930807] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.931322] flags: 0x200000000000000(node=0|zone=2) [ 15.931623] page_type: f5(slab) [ 15.931750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.932108] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.932467] page dumped because: kasan: bad access detected [ 15.932695] [ 15.932767] Memory state around the buggy address: [ 15.932934] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.933438] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.933755] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.934108] ^ [ 15.934343] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.934659] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.934948] ================================================================== [ 16.141258] ================================================================== [ 16.142173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 16.142625] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.143182] [ 16.143389] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.143450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.143464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.143489] Call Trace: [ 16.143511] <TASK> [ 16.143534] dump_stack_lvl+0x73/0xb0 [ 16.143597] print_report+0xd1/0x650 [ 16.143620] ? __virt_addr_valid+0x1db/0x2d0 [ 16.143655] ? kasan_atomics_helper+0x5117/0x5450 [ 16.143678] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.143704] ? kasan_atomics_helper+0x5117/0x5450 [ 16.143726] kasan_report+0x140/0x180 [ 16.143749] ? kasan_atomics_helper+0x5117/0x5450 [ 16.143774] __asan_report_load8_noabort+0x18/0x20 [ 16.143798] kasan_atomics_helper+0x5117/0x5450 [ 16.143822] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.143854] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.143880] ? kasan_atomics+0x153/0x310 [ 16.143906] kasan_atomics+0x1dd/0x310 [ 16.143928] ? __pfx_kasan_atomics+0x10/0x10 [ 16.143953] ? __pfx_read_tsc+0x10/0x10 [ 16.143978] ? ktime_get_ts64+0x86/0x230 [ 16.144007] kunit_try_run_case+0x1a6/0x480 [ 16.144054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144076] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.144100] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.144127] ? __kthread_parkme+0x82/0x160 [ 16.144151] ? preempt_count_sub+0x50/0x80 [ 16.144177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.144202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.144229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.144256] kthread+0x324/0x6e0 [ 16.144280] ? trace_preempt_on+0x20/0xc0 [ 16.144305] ? __pfx_kthread+0x10/0x10 [ 16.144328] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.144352] ? calculate_sigpending+0x7b/0xa0 [ 16.144375] ? __pfx_kthread+0x10/0x10 [ 16.144399] ret_from_fork+0x41/0x80 [ 16.144419] ? __pfx_kthread+0x10/0x10 [ 16.144442] ret_from_fork_asm+0x1a/0x30 [ 16.144475] </TASK> [ 16.144487] [ 16.153887] Allocated by task 273: [ 16.154136] kasan_save_stack+0x45/0x70 [ 16.154447] kasan_save_track+0x18/0x40 [ 16.154690] kasan_save_alloc_info+0x3b/0x50 [ 16.154912] __kasan_kmalloc+0xb7/0xc0 [ 16.155142] __kmalloc_cache_noprof+0x18a/0x420 [ 16.155374] kasan_atomics+0x96/0x310 [ 16.155567] kunit_try_run_case+0x1a6/0x480 [ 16.155764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.156044] kthread+0x324/0x6e0 [ 16.156231] ret_from_fork+0x41/0x80 [ 16.156418] ret_from_fork_asm+0x1a/0x30 [ 16.156656] [ 16.156748] The buggy address belongs to the object at ffff888101b3e000 [ 16.156748] which belongs to the cache kmalloc-64 of size 64 [ 16.157510] The buggy address is located 0 bytes to the right of [ 16.157510] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.158063] [ 16.158185] The buggy address belongs to the physical page: [ 16.158450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.158825] flags: 0x200000000000000(node=0|zone=2) [ 16.159124] page_type: f5(slab) [ 16.159334] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.159699] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.160135] page dumped because: kasan: bad access detected [ 16.160383] [ 16.160474] Memory state around the buggy address: [ 16.160754] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.161079] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.161813] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.162394] ^ [ 16.162606] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.162903] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163630] ================================================================== [ 15.730197] ================================================================== [ 15.730437] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 15.730674] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.730913] [ 15.731003] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.731048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.731061] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.731084] Call Trace: [ 15.731106] <TASK> [ 15.731129] dump_stack_lvl+0x73/0xb0 [ 15.731169] print_report+0xd1/0x650 [ 15.731192] ? __virt_addr_valid+0x1db/0x2d0 [ 15.731217] ? kasan_atomics_helper+0x1819/0x5450 [ 15.731239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.731265] ? kasan_atomics_helper+0x1819/0x5450 [ 15.731287] kasan_report+0x140/0x180 [ 15.731309] ? kasan_atomics_helper+0x1819/0x5450 [ 15.731335] kasan_check_range+0x10c/0x1c0 [ 15.731359] __kasan_check_write+0x18/0x20 [ 15.731383] kasan_atomics_helper+0x1819/0x5450 [ 15.731408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.731430] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.731455] ? kasan_atomics+0x153/0x310 [ 15.731480] kasan_atomics+0x1dd/0x310 [ 15.731503] ? __pfx_kasan_atomics+0x10/0x10 [ 15.731527] ? __pfx_read_tsc+0x10/0x10 [ 15.731550] ? ktime_get_ts64+0x86/0x230 [ 15.731576] kunit_try_run_case+0x1a6/0x480 [ 15.731600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.731622] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.731645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.731671] ? __kthread_parkme+0x82/0x160 [ 15.731694] ? preempt_count_sub+0x50/0x80 [ 15.731720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.731743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.731771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.731798] kthread+0x324/0x6e0 [ 15.731821] ? trace_preempt_on+0x20/0xc0 [ 15.731855] ? __pfx_kthread+0x10/0x10 [ 15.731879] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.731902] ? calculate_sigpending+0x7b/0xa0 [ 15.731925] ? __pfx_kthread+0x10/0x10 [ 15.731949] ret_from_fork+0x41/0x80 [ 15.731968] ? __pfx_kthread+0x10/0x10 [ 15.731993] ret_from_fork_asm+0x1a/0x30 [ 15.732025] </TASK> [ 15.732037] [ 15.739080] Allocated by task 273: [ 15.739224] kasan_save_stack+0x45/0x70 [ 15.739494] kasan_save_track+0x18/0x40 [ 15.739689] kasan_save_alloc_info+0x3b/0x50 [ 15.739920] __kasan_kmalloc+0xb7/0xc0 [ 15.740108] __kmalloc_cache_noprof+0x18a/0x420 [ 15.740357] kasan_atomics+0x96/0x310 [ 15.740668] kunit_try_run_case+0x1a6/0x480 [ 15.740894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.741279] kthread+0x324/0x6e0 [ 15.741455] ret_from_fork+0x41/0x80 [ 15.741629] ret_from_fork_asm+0x1a/0x30 [ 15.741798] [ 15.741895] The buggy address belongs to the object at ffff888101b3e000 [ 15.741895] which belongs to the cache kmalloc-64 of size 64 [ 15.742326] The buggy address is located 0 bytes to the right of [ 15.742326] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.742694] [ 15.742789] The buggy address belongs to the physical page: [ 15.743051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.743408] flags: 0x200000000000000(node=0|zone=2) [ 15.743858] page_type: f5(slab) [ 15.744028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.744264] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.744484] page dumped because: kasan: bad access detected [ 15.744650] [ 15.744720] Memory state around the buggy address: [ 15.744955] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.745378] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.745693] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.746017] ^ [ 15.746229] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746503] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.746767] ================================================================== [ 15.137154] ================================================================== [ 15.137498] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 15.138320] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.138767] [ 15.139083] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.139138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.139153] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.139177] Call Trace: [ 15.139200] <TASK> [ 15.139224] dump_stack_lvl+0x73/0xb0 [ 15.139260] print_report+0xd1/0x650 [ 15.139285] ? __virt_addr_valid+0x1db/0x2d0 [ 15.139309] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.139331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.139358] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.139380] kasan_report+0x140/0x180 [ 15.139404] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.139430] kasan_check_range+0x10c/0x1c0 [ 15.139453] __kasan_check_write+0x18/0x20 [ 15.139477] kasan_atomics_helper+0xa2c/0x5450 [ 15.139499] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.139522] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.139552] ? kasan_atomics+0x153/0x310 [ 15.139578] kasan_atomics+0x1dd/0x310 [ 15.139601] ? __pfx_kasan_atomics+0x10/0x10 [ 15.139625] ? __pfx_read_tsc+0x10/0x10 [ 15.139649] ? ktime_get_ts64+0x86/0x230 [ 15.139676] kunit_try_run_case+0x1a6/0x480 [ 15.139702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.139749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.139776] ? __kthread_parkme+0x82/0x160 [ 15.139799] ? preempt_count_sub+0x50/0x80 [ 15.139826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.139892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.139920] kthread+0x324/0x6e0 [ 15.139943] ? trace_preempt_on+0x20/0xc0 [ 15.139968] ? __pfx_kthread+0x10/0x10 [ 15.139991] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.140015] ? calculate_sigpending+0x7b/0xa0 [ 15.140038] ? __pfx_kthread+0x10/0x10 [ 15.140062] ret_from_fork+0x41/0x80 [ 15.140083] ? __pfx_kthread+0x10/0x10 [ 15.140106] ret_from_fork_asm+0x1a/0x30 [ 15.140138] </TASK> [ 15.140150] [ 15.150453] Allocated by task 273: [ 15.150638] kasan_save_stack+0x45/0x70 [ 15.150859] kasan_save_track+0x18/0x40 [ 15.151037] kasan_save_alloc_info+0x3b/0x50 [ 15.151585] __kasan_kmalloc+0xb7/0xc0 [ 15.151784] __kmalloc_cache_noprof+0x18a/0x420 [ 15.152199] kasan_atomics+0x96/0x310 [ 15.152470] kunit_try_run_case+0x1a6/0x480 [ 15.152682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.153138] kthread+0x324/0x6e0 [ 15.153400] ret_from_fork+0x41/0x80 [ 15.153652] ret_from_fork_asm+0x1a/0x30 [ 15.153884] [ 15.153984] The buggy address belongs to the object at ffff888101b3e000 [ 15.153984] which belongs to the cache kmalloc-64 of size 64 [ 15.154731] The buggy address is located 0 bytes to the right of [ 15.154731] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.155467] [ 15.155558] The buggy address belongs to the physical page: [ 15.155894] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.156526] flags: 0x200000000000000(node=0|zone=2) [ 15.156853] page_type: f5(slab) [ 15.157109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.157438] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.157901] page dumped because: kasan: bad access detected [ 15.158296] [ 15.158419] Memory state around the buggy address: [ 15.158690] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158986] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159548] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.159929] ^ [ 15.160322] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.160708] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.161143] ================================================================== [ 16.014569] ================================================================== [ 16.014875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 16.015275] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.015629] [ 16.015742] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.015788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.015844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.015868] Call Trace: [ 16.015889] <TASK> [ 16.015911] dump_stack_lvl+0x73/0xb0 [ 16.015973] print_report+0xd1/0x650 [ 16.015996] ? __virt_addr_valid+0x1db/0x2d0 [ 16.016020] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.016043] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.016071] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.016092] kasan_report+0x140/0x180 [ 16.016147] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.016176] __asan_report_load8_noabort+0x18/0x20 [ 16.016201] kasan_atomics_helper+0x4f9a/0x5450 [ 16.016225] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.016248] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.016273] ? kasan_atomics+0x153/0x310 [ 16.016331] kasan_atomics+0x1dd/0x310 [ 16.016379] ? __pfx_kasan_atomics+0x10/0x10 [ 16.016432] ? __pfx_read_tsc+0x10/0x10 [ 16.016455] ? ktime_get_ts64+0x86/0x230 [ 16.016483] kunit_try_run_case+0x1a6/0x480 [ 16.016510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.016534] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.016559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.016585] ? __kthread_parkme+0x82/0x160 [ 16.016609] ? preempt_count_sub+0x50/0x80 [ 16.016636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.016660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.016687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.016714] kthread+0x324/0x6e0 [ 16.016768] ? trace_preempt_on+0x20/0xc0 [ 16.016795] ? __pfx_kthread+0x10/0x10 [ 16.016819] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.016851] ? calculate_sigpending+0x7b/0xa0 [ 16.016874] ? __pfx_kthread+0x10/0x10 [ 16.016924] ret_from_fork+0x41/0x80 [ 16.016967] ? __pfx_kthread+0x10/0x10 [ 16.017014] ret_from_fork_asm+0x1a/0x30 [ 16.017114] </TASK> [ 16.017149] [ 16.025160] Allocated by task 273: [ 16.025402] kasan_save_stack+0x45/0x70 [ 16.025635] kasan_save_track+0x18/0x40 [ 16.025809] kasan_save_alloc_info+0x3b/0x50 [ 16.026044] __kasan_kmalloc+0xb7/0xc0 [ 16.026245] __kmalloc_cache_noprof+0x18a/0x420 [ 16.026471] kasan_atomics+0x96/0x310 [ 16.026669] kunit_try_run_case+0x1a6/0x480 [ 16.026882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.027062] kthread+0x324/0x6e0 [ 16.027187] ret_from_fork+0x41/0x80 [ 16.027316] ret_from_fork_asm+0x1a/0x30 [ 16.027455] [ 16.027527] The buggy address belongs to the object at ffff888101b3e000 [ 16.027527] which belongs to the cache kmalloc-64 of size 64 [ 16.027977] The buggy address is located 0 bytes to the right of [ 16.027977] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.028906] [ 16.029007] The buggy address belongs to the physical page: [ 16.029270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.029509] flags: 0x200000000000000(node=0|zone=2) [ 16.029674] page_type: f5(slab) [ 16.029805] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.030058] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.030394] page dumped because: kasan: bad access detected [ 16.030682] [ 16.030810] Memory state around the buggy address: [ 16.031159] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031560] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031896] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.032493] ^ [ 16.032667] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.032891] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.033164] ================================================================== [ 16.100094] ================================================================== [ 16.100713] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 16.101054] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.101381] [ 16.101468] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.101512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.101526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.101549] Call Trace: [ 16.101570] <TASK> [ 16.101591] dump_stack_lvl+0x73/0xb0 [ 16.101618] print_report+0xd1/0x650 [ 16.101642] ? __virt_addr_valid+0x1db/0x2d0 [ 16.101666] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.101688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.101715] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.101736] kasan_report+0x140/0x180 [ 16.101764] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.101790] __asan_report_load8_noabort+0x18/0x20 [ 16.101814] kasan_atomics_helper+0x4fa7/0x5450 [ 16.101885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.101909] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.101935] ? kasan_atomics+0x153/0x310 [ 16.101960] kasan_atomics+0x1dd/0x310 [ 16.101983] ? __pfx_kasan_atomics+0x10/0x10 [ 16.102006] ? __pfx_read_tsc+0x10/0x10 [ 16.102029] ? ktime_get_ts64+0x86/0x230 [ 16.102055] kunit_try_run_case+0x1a6/0x480 [ 16.102080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.102102] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.102125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.102152] ? __kthread_parkme+0x82/0x160 [ 16.102175] ? preempt_count_sub+0x50/0x80 [ 16.102201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.102224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.102251] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.102277] kthread+0x324/0x6e0 [ 16.102301] ? trace_preempt_on+0x20/0xc0 [ 16.102326] ? __pfx_kthread+0x10/0x10 [ 16.102350] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.102374] ? calculate_sigpending+0x7b/0xa0 [ 16.102397] ? __pfx_kthread+0x10/0x10 [ 16.102421] ret_from_fork+0x41/0x80 [ 16.102440] ? __pfx_kthread+0x10/0x10 [ 16.102463] ret_from_fork_asm+0x1a/0x30 [ 16.102496] </TASK> [ 16.102507] [ 16.109918] Allocated by task 273: [ 16.110116] kasan_save_stack+0x45/0x70 [ 16.110336] kasan_save_track+0x18/0x40 [ 16.110528] kasan_save_alloc_info+0x3b/0x50 [ 16.110920] __kasan_kmalloc+0xb7/0xc0 [ 16.111091] __kmalloc_cache_noprof+0x18a/0x420 [ 16.111295] kasan_atomics+0x96/0x310 [ 16.111457] kunit_try_run_case+0x1a6/0x480 [ 16.111606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.111786] kthread+0x324/0x6e0 [ 16.111926] ret_from_fork+0x41/0x80 [ 16.112113] ret_from_fork_asm+0x1a/0x30 [ 16.112315] [ 16.112418] The buggy address belongs to the object at ffff888101b3e000 [ 16.112418] which belongs to the cache kmalloc-64 of size 64 [ 16.112963] The buggy address is located 0 bytes to the right of [ 16.112963] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.113473] [ 16.113565] The buggy address belongs to the physical page: [ 16.113764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.114018] flags: 0x200000000000000(node=0|zone=2) [ 16.114273] page_type: f5(slab) [ 16.114449] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.114796] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.115242] page dumped because: kasan: bad access detected [ 16.115464] [ 16.115536] Memory state around the buggy address: [ 16.115696] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.115926] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116207] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.116525] ^ [ 16.116752] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.116996] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.117212] ================================================================== [ 15.239996] ================================================================== [ 15.240519] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 15.241045] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.241373] [ 15.241484] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.241531] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.241545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.241568] Call Trace: [ 15.241629] <TASK> [ 15.241654] dump_stack_lvl+0x73/0xb0 [ 15.241684] print_report+0xd1/0x650 [ 15.241708] ? __virt_addr_valid+0x1db/0x2d0 [ 15.241734] ? kasan_atomics_helper+0xd48/0x5450 [ 15.241760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.241819] ? kasan_atomics_helper+0xd48/0x5450 [ 15.241851] kasan_report+0x140/0x180 [ 15.241874] ? kasan_atomics_helper+0xd48/0x5450 [ 15.241900] kasan_check_range+0x10c/0x1c0 [ 15.241924] __kasan_check_write+0x18/0x20 [ 15.241979] kasan_atomics_helper+0xd48/0x5450 [ 15.242002] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.242024] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.242062] ? kasan_atomics+0x153/0x310 [ 15.242089] kasan_atomics+0x1dd/0x310 [ 15.242142] ? __pfx_kasan_atomics+0x10/0x10 [ 15.242167] ? __pfx_read_tsc+0x10/0x10 [ 15.242189] ? ktime_get_ts64+0x86/0x230 [ 15.242217] kunit_try_run_case+0x1a6/0x480 [ 15.242241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242293] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.242317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.242344] ? __kthread_parkme+0x82/0x160 [ 15.242367] ? preempt_count_sub+0x50/0x80 [ 15.242424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.242447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.242474] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.242502] kthread+0x324/0x6e0 [ 15.242551] ? trace_preempt_on+0x20/0xc0 [ 15.242576] ? __pfx_kthread+0x10/0x10 [ 15.242599] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.242624] ? calculate_sigpending+0x7b/0xa0 [ 15.242673] ? __pfx_kthread+0x10/0x10 [ 15.242697] ret_from_fork+0x41/0x80 [ 15.242717] ? __pfx_kthread+0x10/0x10 [ 15.242740] ret_from_fork_asm+0x1a/0x30 [ 15.242804] </TASK> [ 15.242816] [ 15.251030] Allocated by task 273: [ 15.251273] kasan_save_stack+0x45/0x70 [ 15.251505] kasan_save_track+0x18/0x40 [ 15.251728] kasan_save_alloc_info+0x3b/0x50 [ 15.251976] __kasan_kmalloc+0xb7/0xc0 [ 15.252206] __kmalloc_cache_noprof+0x18a/0x420 [ 15.252483] kasan_atomics+0x96/0x310 [ 15.252651] kunit_try_run_case+0x1a6/0x480 [ 15.252796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.252981] kthread+0x324/0x6e0 [ 15.253287] ret_from_fork+0x41/0x80 [ 15.253564] ret_from_fork_asm+0x1a/0x30 [ 15.253862] [ 15.253994] The buggy address belongs to the object at ffff888101b3e000 [ 15.253994] which belongs to the cache kmalloc-64 of size 64 [ 15.254497] The buggy address is located 0 bytes to the right of [ 15.254497] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.255003] [ 15.255154] The buggy address belongs to the physical page: [ 15.255435] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.255758] flags: 0x200000000000000(node=0|zone=2) [ 15.255976] page_type: f5(slab) [ 15.256143] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.256606] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.256925] page dumped because: kasan: bad access detected [ 15.257221] [ 15.257347] Memory state around the buggy address: [ 15.257593] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.257959] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.258315] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.258625] ^ [ 15.258867] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259229] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.259531] ================================================================== [ 15.359893] ================================================================== [ 15.360446] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 15.360975] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.361322] [ 15.361413] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.361458] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.361472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.361499] Call Trace: [ 15.361550] <TASK> [ 15.361573] dump_stack_lvl+0x73/0xb0 [ 15.361634] print_report+0xd1/0x650 [ 15.361657] ? __virt_addr_valid+0x1db/0x2d0 [ 15.361680] ? kasan_atomics_helper+0x107a/0x5450 [ 15.361702] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.361728] ? kasan_atomics_helper+0x107a/0x5450 [ 15.361756] kasan_report+0x140/0x180 [ 15.361803] ? kasan_atomics_helper+0x107a/0x5450 [ 15.361830] kasan_check_range+0x10c/0x1c0 [ 15.361871] __kasan_check_write+0x18/0x20 [ 15.361894] kasan_atomics_helper+0x107a/0x5450 [ 15.361917] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.361965] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.361992] ? kasan_atomics+0x153/0x310 [ 15.362019] kasan_atomics+0x1dd/0x310 [ 15.362053] ? __pfx_kasan_atomics+0x10/0x10 [ 15.362077] ? __pfx_read_tsc+0x10/0x10 [ 15.362101] ? ktime_get_ts64+0x86/0x230 [ 15.362153] kunit_try_run_case+0x1a6/0x480 [ 15.362178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362211] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.362235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.362287] ? __kthread_parkme+0x82/0x160 [ 15.362311] ? preempt_count_sub+0x50/0x80 [ 15.362337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.362371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.362422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.362450] kthread+0x324/0x6e0 [ 15.362473] ? trace_preempt_on+0x20/0xc0 [ 15.362508] ? __pfx_kthread+0x10/0x10 [ 15.362531] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.362581] ? calculate_sigpending+0x7b/0xa0 [ 15.362604] ? __pfx_kthread+0x10/0x10 [ 15.362627] ret_from_fork+0x41/0x80 [ 15.362658] ? __pfx_kthread+0x10/0x10 [ 15.362706] ret_from_fork_asm+0x1a/0x30 [ 15.362739] </TASK> [ 15.362751] [ 15.374007] Allocated by task 273: [ 15.374298] kasan_save_stack+0x45/0x70 [ 15.374527] kasan_save_track+0x18/0x40 [ 15.374741] kasan_save_alloc_info+0x3b/0x50 [ 15.374970] __kasan_kmalloc+0xb7/0xc0 [ 15.375233] __kmalloc_cache_noprof+0x18a/0x420 [ 15.375496] kasan_atomics+0x96/0x310 [ 15.375678] kunit_try_run_case+0x1a6/0x480 [ 15.375918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.376196] kthread+0x324/0x6e0 [ 15.376411] ret_from_fork+0x41/0x80 [ 15.376629] ret_from_fork_asm+0x1a/0x30 [ 15.376832] [ 15.376975] The buggy address belongs to the object at ffff888101b3e000 [ 15.376975] which belongs to the cache kmalloc-64 of size 64 [ 15.377513] The buggy address is located 0 bytes to the right of [ 15.377513] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.378105] [ 15.378205] The buggy address belongs to the physical page: [ 15.378490] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.378938] flags: 0x200000000000000(node=0|zone=2) [ 15.379187] page_type: f5(slab) [ 15.379372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.379723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.379991] page dumped because: kasan: bad access detected [ 15.380177] [ 15.380274] Memory state around the buggy address: [ 15.380503] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.380949] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.381340] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.381569] ^ [ 15.381852] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.382319] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.382569] ================================================================== [ 15.553087] ================================================================== [ 15.553399] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 15.553699] Read of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.554026] [ 15.554130] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.554174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.554188] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.554210] Call Trace: [ 15.554231] <TASK> [ 15.554252] dump_stack_lvl+0x73/0xb0 [ 15.554279] print_report+0xd1/0x650 [ 15.554302] ? __virt_addr_valid+0x1db/0x2d0 [ 15.554326] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.554347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.554373] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.554395] kasan_report+0x140/0x180 [ 15.554418] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.554443] __asan_report_load8_noabort+0x18/0x20 [ 15.554468] kasan_atomics_helper+0x4eb0/0x5450 [ 15.554490] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.554513] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.554538] ? kasan_atomics+0x153/0x310 [ 15.554563] kasan_atomics+0x1dd/0x310 [ 15.554586] ? __pfx_kasan_atomics+0x10/0x10 [ 15.554610] ? __pfx_read_tsc+0x10/0x10 [ 15.554632] ? ktime_get_ts64+0x86/0x230 [ 15.554659] kunit_try_run_case+0x1a6/0x480 [ 15.554683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554705] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.554729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.554757] ? __kthread_parkme+0x82/0x160 [ 15.554781] ? preempt_count_sub+0x50/0x80 [ 15.554807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.554894] kthread+0x324/0x6e0 [ 15.554916] ? trace_preempt_on+0x20/0xc0 [ 15.554941] ? __pfx_kthread+0x10/0x10 [ 15.554964] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.554988] ? calculate_sigpending+0x7b/0xa0 [ 15.555011] ? __pfx_kthread+0x10/0x10 [ 15.555034] ret_from_fork+0x41/0x80 [ 15.555064] ? __pfx_kthread+0x10/0x10 [ 15.555087] ret_from_fork_asm+0x1a/0x30 [ 15.555121] </TASK> [ 15.555132] [ 15.562560] Allocated by task 273: [ 15.562743] kasan_save_stack+0x45/0x70 [ 15.562941] kasan_save_track+0x18/0x40 [ 15.563078] kasan_save_alloc_info+0x3b/0x50 [ 15.563372] __kasan_kmalloc+0xb7/0xc0 [ 15.563562] __kmalloc_cache_noprof+0x18a/0x420 [ 15.563786] kasan_atomics+0x96/0x310 [ 15.563935] kunit_try_run_case+0x1a6/0x480 [ 15.564083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.564264] kthread+0x324/0x6e0 [ 15.564390] ret_from_fork+0x41/0x80 [ 15.564522] ret_from_fork_asm+0x1a/0x30 [ 15.564664] [ 15.564736] The buggy address belongs to the object at ffff888101b3e000 [ 15.564736] which belongs to the cache kmalloc-64 of size 64 [ 15.565281] The buggy address is located 0 bytes to the right of [ 15.565281] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.565938] [ 15.566035] The buggy address belongs to the physical page: [ 15.566273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.566524] flags: 0x200000000000000(node=0|zone=2) [ 15.566692] page_type: f5(slab) [ 15.566819] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.567066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.567411] page dumped because: kasan: bad access detected [ 15.567665] [ 15.567762] Memory state around the buggy address: [ 15.568008] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.568711] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569033] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.569324] ^ [ 15.569501] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569718] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569998] ================================================================== [ 14.800373] ================================================================== [ 14.801295] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 14.801674] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.802595] [ 14.802715] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.802764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.802779] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.802802] Call Trace: [ 14.802815] <TASK> [ 14.802848] dump_stack_lvl+0x73/0xb0 [ 14.802882] print_report+0xd1/0x650 [ 14.802903] ? __virt_addr_valid+0x1db/0x2d0 [ 14.802927] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.802948] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.802973] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.802994] kasan_report+0x140/0x180 [ 14.803017] ? kasan_atomics_helper+0x4ba4/0x5450 [ 14.803042] __asan_report_store4_noabort+0x1b/0x30 [ 14.803066] kasan_atomics_helper+0x4ba4/0x5450 [ 14.803087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.803139] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.803164] ? kasan_atomics+0x153/0x310 [ 14.803190] kasan_atomics+0x1dd/0x310 [ 14.803212] ? __pfx_kasan_atomics+0x10/0x10 [ 14.803235] ? __pfx_read_tsc+0x10/0x10 [ 14.803258] ? ktime_get_ts64+0x86/0x230 [ 14.803283] kunit_try_run_case+0x1a6/0x480 [ 14.803307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803328] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.803351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.803376] ? __kthread_parkme+0x82/0x160 [ 14.803398] ? preempt_count_sub+0x50/0x80 [ 14.803424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.803447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.803472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.803498] kthread+0x324/0x6e0 [ 14.803518] ? trace_preempt_on+0x20/0xc0 [ 14.803541] ? __pfx_kthread+0x10/0x10 [ 14.803563] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.803587] ? calculate_sigpending+0x7b/0xa0 [ 14.803609] ? __pfx_kthread+0x10/0x10 [ 14.803630] ret_from_fork+0x41/0x80 [ 14.803649] ? __pfx_kthread+0x10/0x10 [ 14.803670] ret_from_fork_asm+0x1a/0x30 [ 14.803702] </TASK> [ 14.803713] [ 14.814211] Allocated by task 273: [ 14.814409] kasan_save_stack+0x45/0x70 [ 14.814578] kasan_save_track+0x18/0x40 [ 14.814709] kasan_save_alloc_info+0x3b/0x50 [ 14.815209] __kasan_kmalloc+0xb7/0xc0 [ 14.815667] __kmalloc_cache_noprof+0x18a/0x420 [ 14.815997] kasan_atomics+0x96/0x310 [ 14.816556] kunit_try_run_case+0x1a6/0x480 [ 14.816809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.816999] kthread+0x324/0x6e0 [ 14.817529] ret_from_fork+0x41/0x80 [ 14.817972] ret_from_fork_asm+0x1a/0x30 [ 14.818489] [ 14.818761] The buggy address belongs to the object at ffff888101b3e000 [ 14.818761] which belongs to the cache kmalloc-64 of size 64 [ 14.819870] The buggy address is located 0 bytes to the right of [ 14.819870] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.820737] [ 14.820816] The buggy address belongs to the physical page: [ 14.820998] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.821663] flags: 0x200000000000000(node=0|zone=2) [ 14.822171] page_type: f5(slab) [ 14.822517] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.823330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.823820] page dumped because: kasan: bad access detected [ 14.824000] [ 14.824314] Memory state around the buggy address: [ 14.824491] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824700] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.824921] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.825144] ^ [ 14.825571] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.825936] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826250] ================================================================== [ 14.774119] ================================================================== [ 14.774792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 14.775214] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.775534] [ 14.775659] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.775710] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.775723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.775755] Call Trace: [ 14.775768] <TASK> [ 14.775788] dump_stack_lvl+0x73/0xb0 [ 14.775818] print_report+0xd1/0x650 [ 14.775889] ? __virt_addr_valid+0x1db/0x2d0 [ 14.775913] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.775934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.775960] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.775980] kasan_report+0x140/0x180 [ 14.776002] ? kasan_atomics_helper+0x4bbe/0x5450 [ 14.776148] __asan_report_load4_noabort+0x18/0x20 [ 14.776174] kasan_atomics_helper+0x4bbe/0x5450 [ 14.776196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.776217] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.776243] ? kasan_atomics+0x153/0x310 [ 14.776268] kasan_atomics+0x1dd/0x310 [ 14.776290] ? __pfx_kasan_atomics+0x10/0x10 [ 14.776313] ? __pfx_read_tsc+0x10/0x10 [ 14.776336] ? ktime_get_ts64+0x86/0x230 [ 14.776362] kunit_try_run_case+0x1a6/0x480 [ 14.776386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.776472] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.776497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.776522] ? __kthread_parkme+0x82/0x160 [ 14.776545] ? preempt_count_sub+0x50/0x80 [ 14.776570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.776593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.776620] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.776645] kthread+0x324/0x6e0 [ 14.776666] ? trace_preempt_on+0x20/0xc0 [ 14.776690] ? __pfx_kthread+0x10/0x10 [ 14.776712] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.776735] ? calculate_sigpending+0x7b/0xa0 [ 14.776757] ? __pfx_kthread+0x10/0x10 [ 14.776780] ret_from_fork+0x41/0x80 [ 14.776799] ? __pfx_kthread+0x10/0x10 [ 14.776821] ret_from_fork_asm+0x1a/0x30 [ 14.776864] </TASK> [ 14.776875] [ 14.785067] Allocated by task 273: [ 14.785309] kasan_save_stack+0x45/0x70 [ 14.785531] kasan_save_track+0x18/0x40 [ 14.785731] kasan_save_alloc_info+0x3b/0x50 [ 14.786132] __kasan_kmalloc+0xb7/0xc0 [ 14.786493] __kmalloc_cache_noprof+0x18a/0x420 [ 14.786657] kasan_atomics+0x96/0x310 [ 14.786906] kunit_try_run_case+0x1a6/0x480 [ 14.787897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.788112] kthread+0x324/0x6e0 [ 14.788233] ret_from_fork+0x41/0x80 [ 14.788463] ret_from_fork_asm+0x1a/0x30 [ 14.788696] [ 14.788795] The buggy address belongs to the object at ffff888101b3e000 [ 14.788795] which belongs to the cache kmalloc-64 of size 64 [ 14.789849] The buggy address is located 0 bytes to the right of [ 14.789849] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.791672] [ 14.791992] The buggy address belongs to the physical page: [ 14.792415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.792671] flags: 0x200000000000000(node=0|zone=2) [ 14.792852] page_type: f5(slab) [ 14.793561] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.794588] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.795418] page dumped because: kasan: bad access detected [ 14.795598] [ 14.795670] Memory state around the buggy address: [ 14.795830] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796353] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.796832] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.797359] ^ [ 14.797931] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798692] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.799394] ================================================================== [ 15.516579] ================================================================== [ 15.517251] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 15.518036] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.518709] [ 15.518899] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.518947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.518960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.518983] Call Trace: [ 15.519007] <TASK> [ 15.519031] dump_stack_lvl+0x73/0xb0 [ 15.519071] print_report+0xd1/0x650 [ 15.519094] ? __virt_addr_valid+0x1db/0x2d0 [ 15.519118] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.519140] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.519166] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.519189] kasan_report+0x140/0x180 [ 15.519212] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.519238] __asan_report_load4_noabort+0x18/0x20 [ 15.519262] kasan_atomics_helper+0x49d0/0x5450 [ 15.519284] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.519306] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.519332] ? kasan_atomics+0x153/0x310 [ 15.519359] kasan_atomics+0x1dd/0x310 [ 15.519382] ? __pfx_kasan_atomics+0x10/0x10 [ 15.519406] ? __pfx_read_tsc+0x10/0x10 [ 15.519428] ? ktime_get_ts64+0x86/0x230 [ 15.519455] kunit_try_run_case+0x1a6/0x480 [ 15.519480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.519502] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.519526] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.519552] ? __kthread_parkme+0x82/0x160 [ 15.519576] ? preempt_count_sub+0x50/0x80 [ 15.519602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.519626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.519653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.519681] kthread+0x324/0x6e0 [ 15.519704] ? trace_preempt_on+0x20/0xc0 [ 15.519729] ? __pfx_kthread+0x10/0x10 [ 15.519752] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.519776] ? calculate_sigpending+0x7b/0xa0 [ 15.519799] ? __pfx_kthread+0x10/0x10 [ 15.519823] ret_from_fork+0x41/0x80 [ 15.519855] ? __pfx_kthread+0x10/0x10 [ 15.519878] ret_from_fork_asm+0x1a/0x30 [ 15.519911] </TASK> [ 15.519922] [ 15.526704] Allocated by task 273: [ 15.526867] kasan_save_stack+0x45/0x70 [ 15.527099] kasan_save_track+0x18/0x40 [ 15.527295] kasan_save_alloc_info+0x3b/0x50 [ 15.527510] __kasan_kmalloc+0xb7/0xc0 [ 15.527702] __kmalloc_cache_noprof+0x18a/0x420 [ 15.527939] kasan_atomics+0x96/0x310 [ 15.528226] kunit_try_run_case+0x1a6/0x480 [ 15.528435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.528659] kthread+0x324/0x6e0 [ 15.528803] ret_from_fork+0x41/0x80 [ 15.529000] ret_from_fork_asm+0x1a/0x30 [ 15.529170] [ 15.529243] The buggy address belongs to the object at ffff888101b3e000 [ 15.529243] which belongs to the cache kmalloc-64 of size 64 [ 15.529746] The buggy address is located 0 bytes to the right of [ 15.529746] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.530300] [ 15.530384] The buggy address belongs to the physical page: [ 15.530625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.530973] flags: 0x200000000000000(node=0|zone=2) [ 15.531185] page_type: f5(slab) [ 15.531313] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.531547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.531776] page dumped because: kasan: bad access detected [ 15.531987] [ 15.532078] Memory state around the buggy address: [ 15.532303] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532618] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.532920] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.533135] ^ [ 15.533290] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.533505] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.533734] ================================================================== [ 15.592135] ================================================================== [ 15.592849] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 15.593645] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.594362] [ 15.594559] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.594622] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.594640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.594665] Call Trace: [ 15.594686] <TASK> [ 15.594709] dump_stack_lvl+0x73/0xb0 [ 15.594741] print_report+0xd1/0x650 [ 15.594764] ? __virt_addr_valid+0x1db/0x2d0 [ 15.594788] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.594809] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.594847] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.594868] kasan_report+0x140/0x180 [ 15.594891] ? kasan_atomics_helper+0x50d6/0x5450 [ 15.594916] __asan_report_store8_noabort+0x1b/0x30 [ 15.594941] kasan_atomics_helper+0x50d6/0x5450 [ 15.594964] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.594986] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.595011] ? kasan_atomics+0x153/0x310 [ 15.595038] kasan_atomics+0x1dd/0x310 [ 15.595061] ? __pfx_kasan_atomics+0x10/0x10 [ 15.595085] ? __pfx_read_tsc+0x10/0x10 [ 15.595108] ? ktime_get_ts64+0x86/0x230 [ 15.595135] kunit_try_run_case+0x1a6/0x480 [ 15.595160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595181] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.595205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.595231] ? __kthread_parkme+0x82/0x160 [ 15.595254] ? preempt_count_sub+0x50/0x80 [ 15.595280] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.595303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.595330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.595356] kthread+0x324/0x6e0 [ 15.595378] ? trace_preempt_on+0x20/0xc0 [ 15.595403] ? __pfx_kthread+0x10/0x10 [ 15.595426] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.595450] ? calculate_sigpending+0x7b/0xa0 [ 15.595473] ? __pfx_kthread+0x10/0x10 [ 15.595497] ret_from_fork+0x41/0x80 [ 15.595516] ? __pfx_kthread+0x10/0x10 [ 15.595540] ret_from_fork_asm+0x1a/0x30 [ 15.595574] </TASK> [ 15.595586] [ 15.606996] Allocated by task 273: [ 15.607335] kasan_save_stack+0x45/0x70 [ 15.607552] kasan_save_track+0x18/0x40 [ 15.607748] kasan_save_alloc_info+0x3b/0x50 [ 15.607971] __kasan_kmalloc+0xb7/0xc0 [ 15.608188] __kmalloc_cache_noprof+0x18a/0x420 [ 15.608382] kasan_atomics+0x96/0x310 [ 15.608518] kunit_try_run_case+0x1a6/0x480 [ 15.608701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.608998] kthread+0x324/0x6e0 [ 15.609356] ret_from_fork+0x41/0x80 [ 15.609557] ret_from_fork_asm+0x1a/0x30 [ 15.609749] [ 15.609824] The buggy address belongs to the object at ffff888101b3e000 [ 15.609824] which belongs to the cache kmalloc-64 of size 64 [ 15.610545] The buggy address is located 0 bytes to the right of [ 15.610545] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.611102] [ 15.611202] The buggy address belongs to the physical page: [ 15.611517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.611896] flags: 0x200000000000000(node=0|zone=2) [ 15.612130] page_type: f5(slab) [ 15.612307] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.612652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.612926] page dumped because: kasan: bad access detected [ 15.613098] [ 15.613184] Memory state around the buggy address: [ 15.613416] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613788] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614154] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.614464] ^ [ 15.614660] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.614969] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.615365] ================================================================== [ 15.425962] ================================================================== [ 15.426454] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 15.426858] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.427254] [ 15.427381] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.427455] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.427469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.427503] Call Trace: [ 15.427526] <TASK> [ 15.427566] dump_stack_lvl+0x73/0xb0 [ 15.427607] print_report+0xd1/0x650 [ 15.427630] ? __virt_addr_valid+0x1db/0x2d0 [ 15.427666] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.427688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.427741] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.427763] kasan_report+0x140/0x180 [ 15.427825] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.427878] __asan_report_load4_noabort+0x18/0x20 [ 15.427903] kasan_atomics_helper+0x4a04/0x5450 [ 15.427939] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.427975] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.428014] ? kasan_atomics+0x153/0x310 [ 15.428040] kasan_atomics+0x1dd/0x310 [ 15.428084] ? __pfx_kasan_atomics+0x10/0x10 [ 15.428108] ? __pfx_read_tsc+0x10/0x10 [ 15.428131] ? ktime_get_ts64+0x86/0x230 [ 15.428169] kunit_try_run_case+0x1a6/0x480 [ 15.428194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428216] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.428239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.428265] ? __kthread_parkme+0x82/0x160 [ 15.428289] ? preempt_count_sub+0x50/0x80 [ 15.428315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.428338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.428364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.428391] kthread+0x324/0x6e0 [ 15.428414] ? trace_preempt_on+0x20/0xc0 [ 15.428439] ? __pfx_kthread+0x10/0x10 [ 15.428462] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.428487] ? calculate_sigpending+0x7b/0xa0 [ 15.428509] ? __pfx_kthread+0x10/0x10 [ 15.428560] ret_from_fork+0x41/0x80 [ 15.428580] ? __pfx_kthread+0x10/0x10 [ 15.428603] ret_from_fork_asm+0x1a/0x30 [ 15.428648] </TASK> [ 15.428660] [ 15.436291] Allocated by task 273: [ 15.436521] kasan_save_stack+0x45/0x70 [ 15.436766] kasan_save_track+0x18/0x40 [ 15.437011] kasan_save_alloc_info+0x3b/0x50 [ 15.437287] __kasan_kmalloc+0xb7/0xc0 [ 15.437528] __kmalloc_cache_noprof+0x18a/0x420 [ 15.437754] kasan_atomics+0x96/0x310 [ 15.437902] kunit_try_run_case+0x1a6/0x480 [ 15.438054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.438236] kthread+0x324/0x6e0 [ 15.438408] ret_from_fork+0x41/0x80 [ 15.438602] ret_from_fork_asm+0x1a/0x30 [ 15.438945] [ 15.439076] The buggy address belongs to the object at ffff888101b3e000 [ 15.439076] which belongs to the cache kmalloc-64 of size 64 [ 15.440055] The buggy address is located 0 bytes to the right of [ 15.440055] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.440531] [ 15.440607] The buggy address belongs to the physical page: [ 15.440809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.441277] flags: 0x200000000000000(node=0|zone=2) [ 15.441526] page_type: f5(slab) [ 15.441677] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.441916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.442178] page dumped because: kasan: bad access detected [ 15.442423] [ 15.442607] Memory state around the buggy address: [ 15.442991] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.443452] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.443676] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.443941] ^ [ 15.444314] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.444752] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.445157] ================================================================== [ 15.935448] ================================================================== [ 15.935876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 15.936498] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.936877] [ 15.937021] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.937066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.937080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.937103] Call Trace: [ 15.937126] <TASK> [ 15.937147] dump_stack_lvl+0x73/0xb0 [ 15.937176] print_report+0xd1/0x650 [ 15.937197] ? __virt_addr_valid+0x1db/0x2d0 [ 15.937258] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.937280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.937307] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.937329] kasan_report+0x140/0x180 [ 15.937352] ? kasan_atomics_helper+0x1eab/0x5450 [ 15.937407] kasan_check_range+0x10c/0x1c0 [ 15.937431] __kasan_check_write+0x18/0x20 [ 15.937454] kasan_atomics_helper+0x1eab/0x5450 [ 15.937477] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.937499] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.937554] ? kasan_atomics+0x153/0x310 [ 15.937581] kasan_atomics+0x1dd/0x310 [ 15.937604] ? __pfx_kasan_atomics+0x10/0x10 [ 15.937628] ? __pfx_read_tsc+0x10/0x10 [ 15.937651] ? ktime_get_ts64+0x86/0x230 [ 15.937707] kunit_try_run_case+0x1a6/0x480 [ 15.937732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.937760] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.937783] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.937809] ? __kthread_parkme+0x82/0x160 [ 15.937833] ? preempt_count_sub+0x50/0x80 [ 15.937903] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.937927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.937953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.937982] kthread+0x324/0x6e0 [ 15.938004] ? trace_preempt_on+0x20/0xc0 [ 15.938059] ? __pfx_kthread+0x10/0x10 [ 15.938082] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.938107] ? calculate_sigpending+0x7b/0xa0 [ 15.938138] ? __pfx_kthread+0x10/0x10 [ 15.938161] ret_from_fork+0x41/0x80 [ 15.938208] ? __pfx_kthread+0x10/0x10 [ 15.938232] ret_from_fork_asm+0x1a/0x30 [ 15.938265] </TASK> [ 15.938277] [ 15.946066] Allocated by task 273: [ 15.946298] kasan_save_stack+0x45/0x70 [ 15.946459] kasan_save_track+0x18/0x40 [ 15.946591] kasan_save_alloc_info+0x3b/0x50 [ 15.946737] __kasan_kmalloc+0xb7/0xc0 [ 15.946880] __kmalloc_cache_noprof+0x18a/0x420 [ 15.947033] kasan_atomics+0x96/0x310 [ 15.947161] kunit_try_run_case+0x1a6/0x480 [ 15.947342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.947636] kthread+0x324/0x6e0 [ 15.947807] ret_from_fork+0x41/0x80 [ 15.947999] ret_from_fork_asm+0x1a/0x30 [ 15.948194] [ 15.948289] The buggy address belongs to the object at ffff888101b3e000 [ 15.948289] which belongs to the cache kmalloc-64 of size 64 [ 15.948916] The buggy address is located 0 bytes to the right of [ 15.948916] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.949754] [ 15.949966] The buggy address belongs to the physical page: [ 15.950257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.950618] flags: 0x200000000000000(node=0|zone=2) [ 15.951000] page_type: f5(slab) [ 15.951333] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.951665] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.951951] page dumped because: kasan: bad access detected [ 15.952293] [ 15.952389] Memory state around the buggy address: [ 15.952655] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.952905] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.953271] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.953589] ^ [ 15.953933] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.954236] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.954446] ================================================================== [ 15.162256] ================================================================== [ 15.162572] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 15.162898] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.164315] [ 15.164427] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.164520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.164534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.164559] Call Trace: [ 15.164582] <TASK> [ 15.164606] dump_stack_lvl+0x73/0xb0 [ 15.164642] print_report+0xd1/0x650 [ 15.164666] ? __virt_addr_valid+0x1db/0x2d0 [ 15.164690] ? kasan_atomics_helper+0xac8/0x5450 [ 15.164712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164739] ? kasan_atomics_helper+0xac8/0x5450 [ 15.164761] kasan_report+0x140/0x180 [ 15.164783] ? kasan_atomics_helper+0xac8/0x5450 [ 15.164809] kasan_check_range+0x10c/0x1c0 [ 15.164833] __kasan_check_write+0x18/0x20 [ 15.164867] kasan_atomics_helper+0xac8/0x5450 [ 15.164891] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.164914] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.164939] ? kasan_atomics+0x153/0x310 [ 15.164967] kasan_atomics+0x1dd/0x310 [ 15.164990] ? __pfx_kasan_atomics+0x10/0x10 [ 15.165014] ? __pfx_read_tsc+0x10/0x10 [ 15.165037] ? ktime_get_ts64+0x86/0x230 [ 15.165076] kunit_try_run_case+0x1a6/0x480 [ 15.165101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165124] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.165147] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.165174] ? __kthread_parkme+0x82/0x160 [ 15.165197] ? preempt_count_sub+0x50/0x80 [ 15.165224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.165248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.165274] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.165302] kthread+0x324/0x6e0 [ 15.165324] ? trace_preempt_on+0x20/0xc0 [ 15.165349] ? __pfx_kthread+0x10/0x10 [ 15.165373] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.165398] ? calculate_sigpending+0x7b/0xa0 [ 15.165421] ? __pfx_kthread+0x10/0x10 [ 15.165444] ret_from_fork+0x41/0x80 [ 15.165465] ? __pfx_kthread+0x10/0x10 [ 15.165488] ret_from_fork_asm+0x1a/0x30 [ 15.165521] </TASK> [ 15.165534] [ 15.173421] Allocated by task 273: [ 15.173632] kasan_save_stack+0x45/0x70 [ 15.173853] kasan_save_track+0x18/0x40 [ 15.174068] kasan_save_alloc_info+0x3b/0x50 [ 15.174258] __kasan_kmalloc+0xb7/0xc0 [ 15.174455] __kmalloc_cache_noprof+0x18a/0x420 [ 15.174660] kasan_atomics+0x96/0x310 [ 15.174791] kunit_try_run_case+0x1a6/0x480 [ 15.174966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.175445] kthread+0x324/0x6e0 [ 15.175644] ret_from_fork+0x41/0x80 [ 15.175790] ret_from_fork_asm+0x1a/0x30 [ 15.176010] [ 15.176146] The buggy address belongs to the object at ffff888101b3e000 [ 15.176146] which belongs to the cache kmalloc-64 of size 64 [ 15.176620] The buggy address is located 0 bytes to the right of [ 15.176620] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.177193] [ 15.177278] The buggy address belongs to the physical page: [ 15.177561] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.177965] flags: 0x200000000000000(node=0|zone=2) [ 15.178260] page_type: f5(slab) [ 15.178456] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.178806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.179148] page dumped because: kasan: bad access detected [ 15.179476] [ 15.179546] Memory state around the buggy address: [ 15.179699] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180092] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180414] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.180730] ^ [ 15.180964] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181548] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.181855] ================================================================== [ 14.847331] ================================================================== [ 14.847756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 14.848296] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.848614] [ 14.848711] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.848756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.848768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.848791] Call Trace: [ 14.848812] <TASK> [ 14.848833] dump_stack_lvl+0x73/0xb0 [ 14.848872] print_report+0xd1/0x650 [ 14.848894] ? __virt_addr_valid+0x1db/0x2d0 [ 14.848917] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.848937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.848962] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.848983] kasan_report+0x140/0x180 [ 14.849026] ? kasan_atomics_helper+0x4b70/0x5450 [ 14.849067] __asan_report_store4_noabort+0x1b/0x30 [ 14.849090] kasan_atomics_helper+0x4b70/0x5450 [ 14.849112] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.849133] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.849158] ? kasan_atomics+0x153/0x310 [ 14.849183] kasan_atomics+0x1dd/0x310 [ 14.849205] ? __pfx_kasan_atomics+0x10/0x10 [ 14.849228] ? __pfx_read_tsc+0x10/0x10 [ 14.849250] ? ktime_get_ts64+0x86/0x230 [ 14.849275] kunit_try_run_case+0x1a6/0x480 [ 14.849300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.849320] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.849343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.849369] ? __kthread_parkme+0x82/0x160 [ 14.849392] ? preempt_count_sub+0x50/0x80 [ 14.849417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.849440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.849465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.849491] kthread+0x324/0x6e0 [ 14.849511] ? trace_preempt_on+0x20/0xc0 [ 14.849535] ? __pfx_kthread+0x10/0x10 [ 14.849557] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.849580] ? calculate_sigpending+0x7b/0xa0 [ 14.849602] ? __pfx_kthread+0x10/0x10 [ 14.849624] ret_from_fork+0x41/0x80 [ 14.849642] ? __pfx_kthread+0x10/0x10 [ 14.849664] ret_from_fork_asm+0x1a/0x30 [ 14.849718] </TASK> [ 14.849729] [ 14.858468] Allocated by task 273: [ 14.858654] kasan_save_stack+0x45/0x70 [ 14.858799] kasan_save_track+0x18/0x40 [ 14.859066] kasan_save_alloc_info+0x3b/0x50 [ 14.859306] __kasan_kmalloc+0xb7/0xc0 [ 14.859459] __kmalloc_cache_noprof+0x18a/0x420 [ 14.859611] kasan_atomics+0x96/0x310 [ 14.859738] kunit_try_run_case+0x1a6/0x480 [ 14.859894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.860214] kthread+0x324/0x6e0 [ 14.860389] ret_from_fork+0x41/0x80 [ 14.860597] ret_from_fork_asm+0x1a/0x30 [ 14.860974] [ 14.861076] The buggy address belongs to the object at ffff888101b3e000 [ 14.861076] which belongs to the cache kmalloc-64 of size 64 [ 14.861605] The buggy address is located 0 bytes to the right of [ 14.861605] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.862270] [ 14.862371] The buggy address belongs to the physical page: [ 14.862657] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.863042] flags: 0x200000000000000(node=0|zone=2) [ 14.863469] page_type: f5(slab) [ 14.863723] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.864070] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.864303] page dumped because: kasan: bad access detected [ 14.864474] [ 14.864543] Memory state around the buggy address: [ 14.864700] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.865090] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.865419] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.866293] ^ [ 14.866557] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.866888] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.867194] ================================================================== [ 15.340347] ================================================================== [ 15.340695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 15.341061] Read of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.341431] [ 15.341543] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.341589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.341603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.341626] Call Trace: [ 15.341647] <TASK> [ 15.341670] dump_stack_lvl+0x73/0xb0 [ 15.341699] print_report+0xd1/0x650 [ 15.341722] ? __virt_addr_valid+0x1db/0x2d0 [ 15.341752] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.341774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.341801] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.341823] kasan_report+0x140/0x180 [ 15.341854] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.341881] __asan_report_load4_noabort+0x18/0x20 [ 15.341905] kasan_atomics_helper+0x4a38/0x5450 [ 15.341928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.341950] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.341976] ? kasan_atomics+0x153/0x310 [ 15.342001] kasan_atomics+0x1dd/0x310 [ 15.342037] ? __pfx_kasan_atomics+0x10/0x10 [ 15.342062] ? __pfx_read_tsc+0x10/0x10 [ 15.342086] ? ktime_get_ts64+0x86/0x230 [ 15.342134] kunit_try_run_case+0x1a6/0x480 [ 15.342169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342207] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.342255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.342296] ? __kthread_parkme+0x82/0x160 [ 15.342332] ? preempt_count_sub+0x50/0x80 [ 15.342359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.342405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.342432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.342469] kthread+0x324/0x6e0 [ 15.342491] ? trace_preempt_on+0x20/0xc0 [ 15.342517] ? __pfx_kthread+0x10/0x10 [ 15.342540] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.342565] ? calculate_sigpending+0x7b/0xa0 [ 15.342587] ? __pfx_kthread+0x10/0x10 [ 15.342611] ret_from_fork+0x41/0x80 [ 15.342631] ? __pfx_kthread+0x10/0x10 [ 15.342655] ret_from_fork_asm+0x1a/0x30 [ 15.342687] </TASK> [ 15.342700] [ 15.350338] Allocated by task 273: [ 15.350565] kasan_save_stack+0x45/0x70 [ 15.350809] kasan_save_track+0x18/0x40 [ 15.351066] kasan_save_alloc_info+0x3b/0x50 [ 15.351307] __kasan_kmalloc+0xb7/0xc0 [ 15.351480] __kmalloc_cache_noprof+0x18a/0x420 [ 15.351690] kasan_atomics+0x96/0x310 [ 15.351859] kunit_try_run_case+0x1a6/0x480 [ 15.352148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.352548] kthread+0x324/0x6e0 [ 15.352792] ret_from_fork+0x41/0x80 [ 15.353010] ret_from_fork_asm+0x1a/0x30 [ 15.353416] [ 15.353512] The buggy address belongs to the object at ffff888101b3e000 [ 15.353512] which belongs to the cache kmalloc-64 of size 64 [ 15.354051] The buggy address is located 0 bytes to the right of [ 15.354051] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.354655] [ 15.354757] The buggy address belongs to the physical page: [ 15.355015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.355373] flags: 0x200000000000000(node=0|zone=2) [ 15.355606] page_type: f5(slab) [ 15.355739] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.355982] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.356623] page dumped because: kasan: bad access detected [ 15.356888] [ 15.356985] Memory state around the buggy address: [ 15.357289] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357608] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.357824] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.358176] ^ [ 15.358435] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.358894] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.359248] ================================================================== [ 15.018099] ================================================================== [ 15.018355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 15.018604] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.018872] [ 15.018980] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.019040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.019054] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.019077] Call Trace: [ 15.019099] <TASK> [ 15.019121] dump_stack_lvl+0x73/0xb0 [ 15.019150] print_report+0xd1/0x650 [ 15.019173] ? __virt_addr_valid+0x1db/0x2d0 [ 15.019197] ? kasan_atomics_helper+0x730/0x5450 [ 15.019218] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.019244] ? kasan_atomics_helper+0x730/0x5450 [ 15.019265] kasan_report+0x140/0x180 [ 15.019288] ? kasan_atomics_helper+0x730/0x5450 [ 15.019313] kasan_check_range+0x10c/0x1c0 [ 15.019337] __kasan_check_write+0x18/0x20 [ 15.019360] kasan_atomics_helper+0x730/0x5450 [ 15.019382] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.019404] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.019430] ? kasan_atomics+0x153/0x310 [ 15.019455] kasan_atomics+0x1dd/0x310 [ 15.019478] ? __pfx_kasan_atomics+0x10/0x10 [ 15.019502] ? __pfx_read_tsc+0x10/0x10 [ 15.019524] ? ktime_get_ts64+0x86/0x230 [ 15.019551] kunit_try_run_case+0x1a6/0x480 [ 15.019575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019597] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.019620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.019647] ? __kthread_parkme+0x82/0x160 [ 15.019670] ? preempt_count_sub+0x50/0x80 [ 15.019698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.019721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.019748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.019775] kthread+0x324/0x6e0 [ 15.019797] ? trace_preempt_on+0x20/0xc0 [ 15.019822] ? __pfx_kthread+0x10/0x10 [ 15.019856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.019880] ? calculate_sigpending+0x7b/0xa0 [ 15.019903] ? __pfx_kthread+0x10/0x10 [ 15.019927] ret_from_fork+0x41/0x80 [ 15.019946] ? __pfx_kthread+0x10/0x10 [ 15.019969] ret_from_fork_asm+0x1a/0x30 [ 15.020002] </TASK> [ 15.020014] [ 15.027877] Allocated by task 273: [ 15.028026] kasan_save_stack+0x45/0x70 [ 15.028245] kasan_save_track+0x18/0x40 [ 15.028445] kasan_save_alloc_info+0x3b/0x50 [ 15.028668] __kasan_kmalloc+0xb7/0xc0 [ 15.028866] __kmalloc_cache_noprof+0x18a/0x420 [ 15.029066] kasan_atomics+0x96/0x310 [ 15.029225] kunit_try_run_case+0x1a6/0x480 [ 15.029416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.029594] kthread+0x324/0x6e0 [ 15.029730] ret_from_fork+0x41/0x80 [ 15.029931] ret_from_fork_asm+0x1a/0x30 [ 15.030228] [ 15.030327] The buggy address belongs to the object at ffff888101b3e000 [ 15.030327] which belongs to the cache kmalloc-64 of size 64 [ 15.030785] The buggy address is located 0 bytes to the right of [ 15.030785] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.031341] [ 15.031442] The buggy address belongs to the physical page: [ 15.031670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.031978] flags: 0x200000000000000(node=0|zone=2) [ 15.032258] page_type: f5(slab) [ 15.032410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.032697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.033017] page dumped because: kasan: bad access detected [ 15.033271] [ 15.033355] Memory state around the buggy address: [ 15.033547] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.033857] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034154] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.034396] ^ [ 15.034553] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.034766] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.035057] ================================================================== [ 15.088779] ================================================================== [ 15.089172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 15.089535] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.089876] [ 15.089986] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.090032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.090048] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.090072] Call Trace: [ 15.090096] <TASK> [ 15.090120] dump_stack_lvl+0x73/0xb0 [ 15.090152] print_report+0xd1/0x650 [ 15.090175] ? __virt_addr_valid+0x1db/0x2d0 [ 15.090199] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.090221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.090247] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.090269] kasan_report+0x140/0x180 [ 15.090291] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.090318] kasan_check_range+0x10c/0x1c0 [ 15.090341] __kasan_check_write+0x18/0x20 [ 15.090365] kasan_atomics_helper+0x8fa/0x5450 [ 15.090388] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.090409] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.090435] ? kasan_atomics+0x153/0x310 [ 15.090461] kasan_atomics+0x1dd/0x310 [ 15.090484] ? __pfx_kasan_atomics+0x10/0x10 [ 15.090508] ? __pfx_read_tsc+0x10/0x10 [ 15.090531] ? ktime_get_ts64+0x86/0x230 [ 15.090560] kunit_try_run_case+0x1a6/0x480 [ 15.090585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090607] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.090629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.090656] ? __kthread_parkme+0x82/0x160 [ 15.090679] ? preempt_count_sub+0x50/0x80 [ 15.090705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.090728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.090755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.090781] kthread+0x324/0x6e0 [ 15.090804] ? trace_preempt_on+0x20/0xc0 [ 15.090829] ? __pfx_kthread+0x10/0x10 [ 15.091299] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.091329] ? calculate_sigpending+0x7b/0xa0 [ 15.091354] ? __pfx_kthread+0x10/0x10 [ 15.091378] ret_from_fork+0x41/0x80 [ 15.091400] ? __pfx_kthread+0x10/0x10 [ 15.091424] ret_from_fork_asm+0x1a/0x30 [ 15.091457] </TASK> [ 15.091469] [ 15.102383] Allocated by task 273: [ 15.102609] kasan_save_stack+0x45/0x70 [ 15.102922] kasan_save_track+0x18/0x40 [ 15.103287] kasan_save_alloc_info+0x3b/0x50 [ 15.103645] __kasan_kmalloc+0xb7/0xc0 [ 15.103851] __kmalloc_cache_noprof+0x18a/0x420 [ 15.104311] kasan_atomics+0x96/0x310 [ 15.104668] kunit_try_run_case+0x1a6/0x480 [ 15.105209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105896] kthread+0x324/0x6e0 [ 15.106444] ret_from_fork+0x41/0x80 [ 15.106847] ret_from_fork_asm+0x1a/0x30 [ 15.106999] [ 15.107083] The buggy address belongs to the object at ffff888101b3e000 [ 15.107083] which belongs to the cache kmalloc-64 of size 64 [ 15.107430] The buggy address is located 0 bytes to the right of [ 15.107430] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.107904] [ 15.108011] The buggy address belongs to the physical page: [ 15.108246] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.108611] flags: 0x200000000000000(node=0|zone=2) [ 15.109413] page_type: f5(slab) [ 15.109597] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.109977] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.110322] page dumped because: kasan: bad access detected [ 15.110543] [ 15.110638] Memory state around the buggy address: [ 15.110858] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111139] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.111445] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.111733] ^ [ 15.111948] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112229] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.112515] ================================================================== [ 15.878574] ================================================================== [ 15.878867] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 15.879230] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.879583] [ 15.879708] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.879758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.879773] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.879798] Call Trace: [ 15.879821] <TASK> [ 15.879856] dump_stack_lvl+0x73/0xb0 [ 15.879909] print_report+0xd1/0x650 [ 15.879933] ? __virt_addr_valid+0x1db/0x2d0 [ 15.879957] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.879979] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.880006] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.880028] kasan_report+0x140/0x180 [ 15.880051] ? kasan_atomics_helper+0x1ce2/0x5450 [ 15.880077] kasan_check_range+0x10c/0x1c0 [ 15.880101] __kasan_check_write+0x18/0x20 [ 15.880125] kasan_atomics_helper+0x1ce2/0x5450 [ 15.880159] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.880181] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.880207] ? kasan_atomics+0x153/0x310 [ 15.880234] kasan_atomics+0x1dd/0x310 [ 15.880257] ? __pfx_kasan_atomics+0x10/0x10 [ 15.880281] ? __pfx_read_tsc+0x10/0x10 [ 15.880304] ? ktime_get_ts64+0x86/0x230 [ 15.880331] kunit_try_run_case+0x1a6/0x480 [ 15.880357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880379] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.880403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.880430] ? __kthread_parkme+0x82/0x160 [ 15.880454] ? preempt_count_sub+0x50/0x80 [ 15.880481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.880532] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.880560] kthread+0x324/0x6e0 [ 15.880583] ? trace_preempt_on+0x20/0xc0 [ 15.880608] ? __pfx_kthread+0x10/0x10 [ 15.880652] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.880679] ? calculate_sigpending+0x7b/0xa0 [ 15.880701] ? __pfx_kthread+0x10/0x10 [ 15.880726] ret_from_fork+0x41/0x80 [ 15.880746] ? __pfx_kthread+0x10/0x10 [ 15.880769] ret_from_fork_asm+0x1a/0x30 [ 15.880802] </TASK> [ 15.880813] [ 15.888363] Allocated by task 273: [ 15.888516] kasan_save_stack+0x45/0x70 [ 15.888678] kasan_save_track+0x18/0x40 [ 15.888877] kasan_save_alloc_info+0x3b/0x50 [ 15.889087] __kasan_kmalloc+0xb7/0xc0 [ 15.889274] __kmalloc_cache_noprof+0x18a/0x420 [ 15.889636] kasan_atomics+0x96/0x310 [ 15.889806] kunit_try_run_case+0x1a6/0x480 [ 15.889963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.890187] kthread+0x324/0x6e0 [ 15.890362] ret_from_fork+0x41/0x80 [ 15.890548] ret_from_fork_asm+0x1a/0x30 [ 15.890861] [ 15.890936] The buggy address belongs to the object at ffff888101b3e000 [ 15.890936] which belongs to the cache kmalloc-64 of size 64 [ 15.891318] The buggy address is located 0 bytes to the right of [ 15.891318] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.891899] [ 15.891986] The buggy address belongs to the physical page: [ 15.892342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.892628] flags: 0x200000000000000(node=0|zone=2) [ 15.892799] page_type: f5(slab) [ 15.892937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.893171] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.893608] page dumped because: kasan: bad access detected [ 15.893888] [ 15.894006] Memory state around the buggy address: [ 15.894236] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.894558] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.894892] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.895195] ^ [ 15.895355] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.895717] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.895984] ================================================================== [ 15.747445] ================================================================== [ 15.747749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 15.748037] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.748467] [ 15.748613] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.748657] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.748670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.748694] Call Trace: [ 15.748714] <TASK> [ 15.748734] dump_stack_lvl+0x73/0xb0 [ 15.748763] print_report+0xd1/0x650 [ 15.748785] ? __virt_addr_valid+0x1db/0x2d0 [ 15.748809] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.748830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.748868] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.748890] kasan_report+0x140/0x180 [ 15.748913] ? kasan_atomics_helper+0x18b2/0x5450 [ 15.748951] kasan_check_range+0x10c/0x1c0 [ 15.748975] __kasan_check_write+0x18/0x20 [ 15.748998] kasan_atomics_helper+0x18b2/0x5450 [ 15.749020] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.749042] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.749068] ? kasan_atomics+0x153/0x310 [ 15.749094] kasan_atomics+0x1dd/0x310 [ 15.749116] ? __pfx_kasan_atomics+0x10/0x10 [ 15.749139] ? __pfx_read_tsc+0x10/0x10 [ 15.749162] ? ktime_get_ts64+0x86/0x230 [ 15.749188] kunit_try_run_case+0x1a6/0x480 [ 15.749211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749233] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.749256] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.749281] ? __kthread_parkme+0x82/0x160 [ 15.749304] ? preempt_count_sub+0x50/0x80 [ 15.749331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.749354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749381] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.749407] kthread+0x324/0x6e0 [ 15.749436] ? trace_preempt_on+0x20/0xc0 [ 15.749462] ? __pfx_kthread+0x10/0x10 [ 15.749485] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.749508] ? calculate_sigpending+0x7b/0xa0 [ 15.749532] ? __pfx_kthread+0x10/0x10 [ 15.749555] ret_from_fork+0x41/0x80 [ 15.749575] ? __pfx_kthread+0x10/0x10 [ 15.749598] ret_from_fork_asm+0x1a/0x30 [ 15.749630] </TASK> [ 15.749641] [ 15.757528] Allocated by task 273: [ 15.757715] kasan_save_stack+0x45/0x70 [ 15.757955] kasan_save_track+0x18/0x40 [ 15.758148] kasan_save_alloc_info+0x3b/0x50 [ 15.758298] __kasan_kmalloc+0xb7/0xc0 [ 15.758430] __kmalloc_cache_noprof+0x18a/0x420 [ 15.758586] kasan_atomics+0x96/0x310 [ 15.758722] kunit_try_run_case+0x1a6/0x480 [ 15.758881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.759058] kthread+0x324/0x6e0 [ 15.759250] ret_from_fork+0x41/0x80 [ 15.759427] ret_from_fork_asm+0x1a/0x30 [ 15.759621] [ 15.759716] The buggy address belongs to the object at ffff888101b3e000 [ 15.759716] which belongs to the cache kmalloc-64 of size 64 [ 15.760235] The buggy address is located 0 bytes to the right of [ 15.760235] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.760725] [ 15.760799] The buggy address belongs to the physical page: [ 15.760984] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.761225] flags: 0x200000000000000(node=0|zone=2) [ 15.761714] page_type: f5(slab) [ 15.761900] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.762272] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.762731] page dumped because: kasan: bad access detected [ 15.762929] [ 15.763026] Memory state around the buggy address: [ 15.763379] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.763650] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.763959] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.764234] ^ [ 15.764392] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.764727] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.765069] ================================================================== [ 15.995123] ================================================================== [ 15.995909] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 15.996335] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.996693] [ 15.996804] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.996862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.996876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.996899] Call Trace: [ 15.996922] <TASK> [ 15.996944] dump_stack_lvl+0x73/0xb0 [ 15.996972] print_report+0xd1/0x650 [ 15.996995] ? __virt_addr_valid+0x1db/0x2d0 [ 15.997019] ? kasan_atomics_helper+0x2007/0x5450 [ 15.997041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.997067] ? kasan_atomics_helper+0x2007/0x5450 [ 15.997089] kasan_report+0x140/0x180 [ 15.997111] ? kasan_atomics_helper+0x2007/0x5450 [ 15.997136] kasan_check_range+0x10c/0x1c0 [ 15.997160] __kasan_check_write+0x18/0x20 [ 15.997184] kasan_atomics_helper+0x2007/0x5450 [ 15.997207] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.997229] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.997255] ? kasan_atomics+0x153/0x310 [ 15.997281] kasan_atomics+0x1dd/0x310 [ 15.997303] ? __pfx_kasan_atomics+0x10/0x10 [ 15.997327] ? __pfx_read_tsc+0x10/0x10 [ 15.997350] ? ktime_get_ts64+0x86/0x230 [ 15.997377] kunit_try_run_case+0x1a6/0x480 [ 15.997401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.997423] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.997446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.997473] ? __kthread_parkme+0x82/0x160 [ 15.997496] ? preempt_count_sub+0x50/0x80 [ 15.997522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.997546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.997572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.997599] kthread+0x324/0x6e0 [ 15.997622] ? trace_preempt_on+0x20/0xc0 [ 15.997647] ? __pfx_kthread+0x10/0x10 [ 15.997670] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.997694] ? calculate_sigpending+0x7b/0xa0 [ 15.997717] ? __pfx_kthread+0x10/0x10 [ 15.997787] ret_from_fork+0x41/0x80 [ 15.997833] ? __pfx_kthread+0x10/0x10 [ 15.997864] ret_from_fork_asm+0x1a/0x30 [ 15.997898] </TASK> [ 15.997910] [ 16.005706] Allocated by task 273: [ 16.005872] kasan_save_stack+0x45/0x70 [ 16.006025] kasan_save_track+0x18/0x40 [ 16.006259] kasan_save_alloc_info+0x3b/0x50 [ 16.006469] __kasan_kmalloc+0xb7/0xc0 [ 16.006651] __kmalloc_cache_noprof+0x18a/0x420 [ 16.006880] kasan_atomics+0x96/0x310 [ 16.007060] kunit_try_run_case+0x1a6/0x480 [ 16.007265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.007542] kthread+0x324/0x6e0 [ 16.007734] ret_from_fork+0x41/0x80 [ 16.007972] ret_from_fork_asm+0x1a/0x30 [ 16.008191] [ 16.008288] The buggy address belongs to the object at ffff888101b3e000 [ 16.008288] which belongs to the cache kmalloc-64 of size 64 [ 16.008814] The buggy address is located 0 bytes to the right of [ 16.008814] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.009393] [ 16.009526] The buggy address belongs to the physical page: [ 16.009788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.010172] flags: 0x200000000000000(node=0|zone=2) [ 16.010430] page_type: f5(slab) [ 16.010631] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.010963] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.011373] page dumped because: kasan: bad access detected [ 16.011627] [ 16.011722] Memory state around the buggy address: [ 16.011980] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.012312] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.012628] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.012978] ^ [ 16.013204] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013529] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013849] ================================================================== [ 16.118180] ================================================================== [ 16.118548] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 16.118917] Write of size 8 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 16.119385] [ 16.119495] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 16.119539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.119552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.119576] Call Trace: [ 16.119597] <TASK> [ 16.119618] dump_stack_lvl+0x73/0xb0 [ 16.119645] print_report+0xd1/0x650 [ 16.119667] ? __virt_addr_valid+0x1db/0x2d0 [ 16.119691] ? kasan_atomics_helper+0x224d/0x5450 [ 16.119713] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.119740] ? kasan_atomics_helper+0x224d/0x5450 [ 16.119761] kasan_report+0x140/0x180 [ 16.119783] ? kasan_atomics_helper+0x224d/0x5450 [ 16.119809] kasan_check_range+0x10c/0x1c0 [ 16.119832] __kasan_check_write+0x18/0x20 [ 16.119867] kasan_atomics_helper+0x224d/0x5450 [ 16.119889] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.119912] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.119936] ? kasan_atomics+0x153/0x310 [ 16.119962] kasan_atomics+0x1dd/0x310 [ 16.119984] ? __pfx_kasan_atomics+0x10/0x10 [ 16.120008] ? __pfx_read_tsc+0x10/0x10 [ 16.120031] ? ktime_get_ts64+0x86/0x230 [ 16.120068] kunit_try_run_case+0x1a6/0x480 [ 16.120095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.120117] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.120140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.120166] ? __kthread_parkme+0x82/0x160 [ 16.120190] ? preempt_count_sub+0x50/0x80 [ 16.120215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.120238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.120265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.120291] kthread+0x324/0x6e0 [ 16.120315] ? trace_preempt_on+0x20/0xc0 [ 16.120339] ? __pfx_kthread+0x10/0x10 [ 16.120363] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.120387] ? calculate_sigpending+0x7b/0xa0 [ 16.120410] ? __pfx_kthread+0x10/0x10 [ 16.120433] ret_from_fork+0x41/0x80 [ 16.120452] ? __pfx_kthread+0x10/0x10 [ 16.120476] ret_from_fork_asm+0x1a/0x30 [ 16.120508] </TASK> [ 16.120520] [ 16.127819] Allocated by task 273: [ 16.128024] kasan_save_stack+0x45/0x70 [ 16.128234] kasan_save_track+0x18/0x40 [ 16.128436] kasan_save_alloc_info+0x3b/0x50 [ 16.128669] __kasan_kmalloc+0xb7/0xc0 [ 16.128874] __kmalloc_cache_noprof+0x18a/0x420 [ 16.129101] kasan_atomics+0x96/0x310 [ 16.129295] kunit_try_run_case+0x1a6/0x480 [ 16.129507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.129852] kthread+0x324/0x6e0 [ 16.130125] ret_from_fork+0x41/0x80 [ 16.130259] ret_from_fork_asm+0x1a/0x30 [ 16.130403] [ 16.130475] The buggy address belongs to the object at ffff888101b3e000 [ 16.130475] which belongs to the cache kmalloc-64 of size 64 [ 16.131015] The buggy address is located 0 bytes to the right of [ 16.131015] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 16.131528] [ 16.131608] The buggy address belongs to the physical page: [ 16.131782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 16.132534] flags: 0x200000000000000(node=0|zone=2) [ 16.132741] page_type: f5(slab) [ 16.132914] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.134499] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.134755] page dumped because: kasan: bad access detected [ 16.135501] [ 16.135952] Memory state around the buggy address: [ 16.136631] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137759] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.138337] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.138561] ^ [ 16.138726] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.139321] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.139993] ================================================================== [ 15.260230] ================================================================== [ 15.260475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 15.260705] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.261322] [ 15.261483] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.261536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.261552] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.261577] Call Trace: [ 15.261598] <TASK> [ 15.261620] dump_stack_lvl+0x73/0xb0 [ 15.261651] print_report+0xd1/0x650 [ 15.261676] ? __virt_addr_valid+0x1db/0x2d0 [ 15.261699] ? kasan_atomics_helper+0xde1/0x5450 [ 15.261720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.261754] ? kasan_atomics_helper+0xde1/0x5450 [ 15.261776] kasan_report+0x140/0x180 [ 15.261799] ? kasan_atomics_helper+0xde1/0x5450 [ 15.261825] kasan_check_range+0x10c/0x1c0 [ 15.261862] __kasan_check_write+0x18/0x20 [ 15.261886] kasan_atomics_helper+0xde1/0x5450 [ 15.261908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.261930] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.261956] ? kasan_atomics+0x153/0x310 [ 15.261982] kasan_atomics+0x1dd/0x310 [ 15.262005] ? __pfx_kasan_atomics+0x10/0x10 [ 15.262029] ? __pfx_read_tsc+0x10/0x10 [ 15.262052] ? ktime_get_ts64+0x86/0x230 [ 15.262078] kunit_try_run_case+0x1a6/0x480 [ 15.262104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262126] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.262149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.262176] ? __kthread_parkme+0x82/0x160 [ 15.262199] ? preempt_count_sub+0x50/0x80 [ 15.262225] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.262248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.262275] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.262301] kthread+0x324/0x6e0 [ 15.262323] ? trace_preempt_on+0x20/0xc0 [ 15.262348] ? __pfx_kthread+0x10/0x10 [ 15.262371] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.262395] ? calculate_sigpending+0x7b/0xa0 [ 15.262418] ? __pfx_kthread+0x10/0x10 [ 15.262442] ret_from_fork+0x41/0x80 [ 15.262462] ? __pfx_kthread+0x10/0x10 [ 15.262484] ret_from_fork_asm+0x1a/0x30 [ 15.262517] </TASK> [ 15.262529] [ 15.272615] Allocated by task 273: [ 15.273227] kasan_save_stack+0x45/0x70 [ 15.273861] kasan_save_track+0x18/0x40 [ 15.274465] kasan_save_alloc_info+0x3b/0x50 [ 15.275026] __kasan_kmalloc+0xb7/0xc0 [ 15.275570] __kmalloc_cache_noprof+0x18a/0x420 [ 15.275746] kasan_atomics+0x96/0x310 [ 15.275891] kunit_try_run_case+0x1a6/0x480 [ 15.276037] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.276213] kthread+0x324/0x6e0 [ 15.276336] ret_from_fork+0x41/0x80 [ 15.276544] ret_from_fork_asm+0x1a/0x30 [ 15.276780] [ 15.276908] The buggy address belongs to the object at ffff888101b3e000 [ 15.276908] which belongs to the cache kmalloc-64 of size 64 [ 15.277755] The buggy address is located 0 bytes to the right of [ 15.277755] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.279061] [ 15.279226] The buggy address belongs to the physical page: [ 15.279645] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.280056] flags: 0x200000000000000(node=0|zone=2) [ 15.280603] page_type: f5(slab) [ 15.280931] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.281318] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.281547] page dumped because: kasan: bad access detected [ 15.281719] [ 15.281797] Memory state around the buggy address: [ 15.281974] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.282334] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.282613] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.282927] ^ [ 15.283219] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283493] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.283813] ================================================================== [ 14.962479] ================================================================== [ 14.962792] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 14.963337] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 14.963650] [ 14.963738] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.963813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.963827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.963876] Call Trace: [ 14.963898] <TASK> [ 14.963934] dump_stack_lvl+0x73/0xb0 [ 14.963990] print_report+0xd1/0x650 [ 14.964027] ? __virt_addr_valid+0x1db/0x2d0 [ 14.964051] ? kasan_atomics_helper+0x566/0x5450 [ 14.964085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.964139] ? kasan_atomics_helper+0x566/0x5450 [ 14.964174] kasan_report+0x140/0x180 [ 14.964212] ? kasan_atomics_helper+0x566/0x5450 [ 14.964252] kasan_check_range+0x10c/0x1c0 [ 14.964289] __kasan_check_write+0x18/0x20 [ 14.964312] kasan_atomics_helper+0x566/0x5450 [ 14.964335] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.964358] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.964384] ? kasan_atomics+0x153/0x310 [ 14.964410] kasan_atomics+0x1dd/0x310 [ 14.964432] ? __pfx_kasan_atomics+0x10/0x10 [ 14.964456] ? __pfx_read_tsc+0x10/0x10 [ 14.964480] ? ktime_get_ts64+0x86/0x230 [ 14.964509] kunit_try_run_case+0x1a6/0x480 [ 14.964535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.964557] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.964580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.964607] ? __kthread_parkme+0x82/0x160 [ 14.964631] ? preempt_count_sub+0x50/0x80 [ 14.964657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.964680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.964708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.964735] kthread+0x324/0x6e0 [ 14.964757] ? trace_preempt_on+0x20/0xc0 [ 14.964782] ? __pfx_kthread+0x10/0x10 [ 14.964806] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.964831] ? calculate_sigpending+0x7b/0xa0 [ 14.964864] ? __pfx_kthread+0x10/0x10 [ 14.964887] ret_from_fork+0x41/0x80 [ 14.964906] ? __pfx_kthread+0x10/0x10 [ 14.964929] ret_from_fork_asm+0x1a/0x30 [ 14.964962] </TASK> [ 14.964974] [ 14.972672] Allocated by task 273: [ 14.972883] kasan_save_stack+0x45/0x70 [ 14.973040] kasan_save_track+0x18/0x40 [ 14.973171] kasan_save_alloc_info+0x3b/0x50 [ 14.973317] __kasan_kmalloc+0xb7/0xc0 [ 14.973446] __kmalloc_cache_noprof+0x18a/0x420 [ 14.973729] kasan_atomics+0x96/0x310 [ 14.974116] kunit_try_run_case+0x1a6/0x480 [ 14.974324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.974567] kthread+0x324/0x6e0 [ 14.974741] ret_from_fork+0x41/0x80 [ 14.974933] ret_from_fork_asm+0x1a/0x30 [ 14.975218] [ 14.975303] The buggy address belongs to the object at ffff888101b3e000 [ 14.975303] which belongs to the cache kmalloc-64 of size 64 [ 14.975644] The buggy address is located 0 bytes to the right of [ 14.975644] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 14.976004] [ 14.976153] The buggy address belongs to the physical page: [ 14.976412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 14.976804] flags: 0x200000000000000(node=0|zone=2) [ 14.977120] page_type: f5(slab) [ 14.977328] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.977716] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.978144] page dumped because: kasan: bad access detected [ 14.978404] [ 14.978513] Memory state around the buggy address: [ 14.978734] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979113] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979432] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.979757] ^ [ 14.979973] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980383] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.980746] ================================================================== [ 15.063220] ================================================================== [ 15.063901] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 15.064617] Write of size 4 at addr ffff888101b3e030 by task kunit_try_catch/273 [ 15.065299] [ 15.065504] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 15.065552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.065565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.065589] Call Trace: [ 15.065612] <TASK> [ 15.065644] dump_stack_lvl+0x73/0xb0 [ 15.065674] print_report+0xd1/0x650 [ 15.065709] ? __virt_addr_valid+0x1db/0x2d0 [ 15.065732] ? kasan_atomics_helper+0x861/0x5450 [ 15.065758] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.065785] ? kasan_atomics_helper+0x861/0x5450 [ 15.065806] kasan_report+0x140/0x180 [ 15.065829] ? kasan_atomics_helper+0x861/0x5450 [ 15.065863] kasan_check_range+0x10c/0x1c0 [ 15.065886] __kasan_check_write+0x18/0x20 [ 15.065909] kasan_atomics_helper+0x861/0x5450 [ 15.065932] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.065954] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.065980] ? kasan_atomics+0x153/0x310 [ 15.066005] kasan_atomics+0x1dd/0x310 [ 15.066028] ? __pfx_kasan_atomics+0x10/0x10 [ 15.066070] ? __pfx_read_tsc+0x10/0x10 [ 15.066093] ? ktime_get_ts64+0x86/0x230 [ 15.066120] kunit_try_run_case+0x1a6/0x480 [ 15.066144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066170] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.066193] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.066220] ? __kthread_parkme+0x82/0x160 [ 15.066243] ? preempt_count_sub+0x50/0x80 [ 15.066269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.066293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.066319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.066346] kthread+0x324/0x6e0 [ 15.066368] ? trace_preempt_on+0x20/0xc0 [ 15.066394] ? __pfx_kthread+0x10/0x10 [ 15.066417] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.066443] ? calculate_sigpending+0x7b/0xa0 [ 15.066465] ? __pfx_kthread+0x10/0x10 [ 15.066489] ret_from_fork+0x41/0x80 [ 15.066509] ? __pfx_kthread+0x10/0x10 [ 15.066532] ret_from_fork_asm+0x1a/0x30 [ 15.066565] </TASK> [ 15.066577] [ 15.077764] Allocated by task 273: [ 15.078239] kasan_save_stack+0x45/0x70 [ 15.078408] kasan_save_track+0x18/0x40 [ 15.078541] kasan_save_alloc_info+0x3b/0x50 [ 15.078686] __kasan_kmalloc+0xb7/0xc0 [ 15.078814] __kmalloc_cache_noprof+0x18a/0x420 [ 15.078984] kasan_atomics+0x96/0x310 [ 15.079280] kunit_try_run_case+0x1a6/0x480 [ 15.079512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.079763] kthread+0x324/0x6e0 [ 15.079966] ret_from_fork+0x41/0x80 [ 15.080191] ret_from_fork_asm+0x1a/0x30 [ 15.080402] [ 15.080500] The buggy address belongs to the object at ffff888101b3e000 [ 15.080500] which belongs to the cache kmalloc-64 of size 64 [ 15.080969] The buggy address is located 0 bytes to the right of [ 15.080969] allocated 48-byte region [ffff888101b3e000, ffff888101b3e030) [ 15.081323] [ 15.081445] The buggy address belongs to the physical page: [ 15.081727] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3e [ 15.082140] flags: 0x200000000000000(node=0|zone=2) [ 15.082682] page_type: f5(slab) [ 15.083176] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.083918] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.084360] page dumped because: kasan: bad access detected [ 15.084735] [ 15.084876] Memory state around the buggy address: [ 15.085246] ffff888101b3df00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085536] ffff888101b3df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.085967] >ffff888101b3e000: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.086288] ^ [ 15.086634] ffff888101b3e080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087039] ffff888101b3e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.087500] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.663722] ================================================================== [ 14.664215] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.664499] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.664811] [ 14.664938] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.664982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.664995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.665018] Call Trace: [ 14.665037] <TASK> [ 14.665064] dump_stack_lvl+0x73/0xb0 [ 14.665093] print_report+0xd1/0x650 [ 14.665114] ? __virt_addr_valid+0x1db/0x2d0 [ 14.665137] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.665165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.665191] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.665218] kasan_report+0x140/0x180 [ 14.665240] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.665272] kasan_check_range+0x10c/0x1c0 [ 14.665295] __kasan_check_write+0x18/0x20 [ 14.665319] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 14.665345] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.665373] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.665397] ? trace_hardirqs_on+0x37/0xe0 [ 14.665420] ? kasan_bitops_generic+0x93/0x1c0 [ 14.665446] kasan_bitops_generic+0x122/0x1c0 [ 14.665469] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.665493] ? __pfx_read_tsc+0x10/0x10 [ 14.665515] ? ktime_get_ts64+0x86/0x230 [ 14.665540] kunit_try_run_case+0x1a6/0x480 [ 14.665564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.665585] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.665606] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.665631] ? __kthread_parkme+0x82/0x160 [ 14.665654] ? preempt_count_sub+0x50/0x80 [ 14.665679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.665701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.665726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.665758] kthread+0x324/0x6e0 [ 14.665779] ? trace_preempt_on+0x20/0xc0 [ 14.665801] ? __pfx_kthread+0x10/0x10 [ 14.665823] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.665856] ? calculate_sigpending+0x7b/0xa0 [ 14.665877] ? __pfx_kthread+0x10/0x10 [ 14.665900] ret_from_fork+0x41/0x80 [ 14.665920] ? __pfx_kthread+0x10/0x10 [ 14.665942] ret_from_fork_asm+0x1a/0x30 [ 14.665974] </TASK> [ 14.665985] [ 14.678062] Allocated by task 269: [ 14.678472] kasan_save_stack+0x45/0x70 [ 14.678807] kasan_save_track+0x18/0x40 [ 14.679127] kasan_save_alloc_info+0x3b/0x50 [ 14.679329] __kasan_kmalloc+0xb7/0xc0 [ 14.679498] __kmalloc_cache_noprof+0x18a/0x420 [ 14.679693] kasan_bitops_generic+0x93/0x1c0 [ 14.679897] kunit_try_run_case+0x1a6/0x480 [ 14.680341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.680824] kthread+0x324/0x6e0 [ 14.681093] ret_from_fork+0x41/0x80 [ 14.681392] ret_from_fork_asm+0x1a/0x30 [ 14.681781] [ 14.682011] The buggy address belongs to the object at ffff888101b28060 [ 14.682011] which belongs to the cache kmalloc-16 of size 16 [ 14.682625] The buggy address is located 8 bytes inside of [ 14.682625] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.683211] [ 14.683312] The buggy address belongs to the physical page: [ 14.683538] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.684188] flags: 0x200000000000000(node=0|zone=2) [ 14.684517] page_type: f5(slab) [ 14.684803] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.685440] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.685948] page dumped because: kasan: bad access detected [ 14.686409] [ 14.686674] Memory state around the buggy address: [ 14.686969] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687477] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.687779] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.688309] ^ [ 14.688637] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689257] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.689695] ================================================================== [ 14.623318] ================================================================== [ 14.623821] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.624759] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.625057] [ 14.625146] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.625211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.625224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.625246] Call Trace: [ 14.625267] <TASK> [ 14.625305] dump_stack_lvl+0x73/0xb0 [ 14.625334] print_report+0xd1/0x650 [ 14.625356] ? __virt_addr_valid+0x1db/0x2d0 [ 14.625397] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.625423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.625448] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.625475] kasan_report+0x140/0x180 [ 14.625496] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.625526] kasan_check_range+0x10c/0x1c0 [ 14.625567] __kasan_check_write+0x18/0x20 [ 14.625590] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.625617] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.625657] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.625695] ? trace_hardirqs_on+0x37/0xe0 [ 14.625718] ? kasan_bitops_generic+0x93/0x1c0 [ 14.625749] kasan_bitops_generic+0x122/0x1c0 [ 14.625785] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.625823] ? __pfx_read_tsc+0x10/0x10 [ 14.625854] ? ktime_get_ts64+0x86/0x230 [ 14.625879] kunit_try_run_case+0x1a6/0x480 [ 14.625902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.625924] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.625947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.625972] ? __kthread_parkme+0x82/0x160 [ 14.625994] ? preempt_count_sub+0x50/0x80 [ 14.626019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.626042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.626068] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.626094] kthread+0x324/0x6e0 [ 14.626115] ? trace_preempt_on+0x20/0xc0 [ 14.626137] ? __pfx_kthread+0x10/0x10 [ 14.626160] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.626183] ? calculate_sigpending+0x7b/0xa0 [ 14.626219] ? __pfx_kthread+0x10/0x10 [ 14.626242] ret_from_fork+0x41/0x80 [ 14.626261] ? __pfx_kthread+0x10/0x10 [ 14.626283] ret_from_fork_asm+0x1a/0x30 [ 14.626314] </TASK> [ 14.626325] [ 14.634553] Allocated by task 269: [ 14.634775] kasan_save_stack+0x45/0x70 [ 14.635004] kasan_save_track+0x18/0x40 [ 14.635216] kasan_save_alloc_info+0x3b/0x50 [ 14.635449] __kasan_kmalloc+0xb7/0xc0 [ 14.635593] __kmalloc_cache_noprof+0x18a/0x420 [ 14.635804] kasan_bitops_generic+0x93/0x1c0 [ 14.636093] kunit_try_run_case+0x1a6/0x480 [ 14.636387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.636572] kthread+0x324/0x6e0 [ 14.636695] ret_from_fork+0x41/0x80 [ 14.636821] ret_from_fork_asm+0x1a/0x30 [ 14.636976] [ 14.637050] The buggy address belongs to the object at ffff888101b28060 [ 14.637050] which belongs to the cache kmalloc-16 of size 16 [ 14.637643] The buggy address is located 8 bytes inside of [ 14.637643] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.638191] [ 14.638386] The buggy address belongs to the physical page: [ 14.638751] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.639152] flags: 0x200000000000000(node=0|zone=2) [ 14.639404] page_type: f5(slab) [ 14.639585] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.639925] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.640327] page dumped because: kasan: bad access detected [ 14.640718] [ 14.640816] Memory state around the buggy address: [ 14.640990] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.641383] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.641766] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.642122] ^ [ 14.642338] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642553] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.642784] ================================================================== [ 14.690542] ================================================================== [ 14.690859] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.691143] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.691488] [ 14.691600] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.691645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.691658] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.691680] Call Trace: [ 14.691701] <TASK> [ 14.691724] dump_stack_lvl+0x73/0xb0 [ 14.691751] print_report+0xd1/0x650 [ 14.691772] ? __virt_addr_valid+0x1db/0x2d0 [ 14.691795] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.691821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.691858] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.691884] kasan_report+0x140/0x180 [ 14.691905] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.691936] kasan_check_range+0x10c/0x1c0 [ 14.691958] __kasan_check_write+0x18/0x20 [ 14.691980] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 14.692007] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.692033] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.692067] ? trace_hardirqs_on+0x37/0xe0 [ 14.692092] ? kasan_bitops_generic+0x93/0x1c0 [ 14.692118] kasan_bitops_generic+0x122/0x1c0 [ 14.692141] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.692165] ? __pfx_read_tsc+0x10/0x10 [ 14.692188] ? ktime_get_ts64+0x86/0x230 [ 14.692213] kunit_try_run_case+0x1a6/0x480 [ 14.692236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.692280] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.692308] ? __kthread_parkme+0x82/0x160 [ 14.692330] ? preempt_count_sub+0x50/0x80 [ 14.692356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.692378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.692403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.692431] kthread+0x324/0x6e0 [ 14.692453] ? trace_preempt_on+0x20/0xc0 [ 14.692475] ? __pfx_kthread+0x10/0x10 [ 14.692497] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.692520] ? calculate_sigpending+0x7b/0xa0 [ 14.692542] ? __pfx_kthread+0x10/0x10 [ 14.692564] ret_from_fork+0x41/0x80 [ 14.692583] ? __pfx_kthread+0x10/0x10 [ 14.692606] ret_from_fork_asm+0x1a/0x30 [ 14.692637] </TASK> [ 14.692648] [ 14.700620] Allocated by task 269: [ 14.700790] kasan_save_stack+0x45/0x70 [ 14.700980] kasan_save_track+0x18/0x40 [ 14.701278] kasan_save_alloc_info+0x3b/0x50 [ 14.701464] __kasan_kmalloc+0xb7/0xc0 [ 14.701627] __kmalloc_cache_noprof+0x18a/0x420 [ 14.701830] kasan_bitops_generic+0x93/0x1c0 [ 14.702050] kunit_try_run_case+0x1a6/0x480 [ 14.702224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.702470] kthread+0x324/0x6e0 [ 14.702639] ret_from_fork+0x41/0x80 [ 14.702796] ret_from_fork_asm+0x1a/0x30 [ 14.702993] [ 14.703117] The buggy address belongs to the object at ffff888101b28060 [ 14.703117] which belongs to the cache kmalloc-16 of size 16 [ 14.703481] The buggy address is located 8 bytes inside of [ 14.703481] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.703829] [ 14.703921] The buggy address belongs to the physical page: [ 14.704174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.704710] flags: 0x200000000000000(node=0|zone=2) [ 14.704937] page_type: f5(slab) [ 14.705062] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.705299] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.705525] page dumped because: kasan: bad access detected [ 14.705753] [ 14.705857] Memory state around the buggy address: [ 14.706121] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706448] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.706768] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.707107] ^ [ 14.707411] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.707735] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.708072] ================================================================== [ 14.747209] ================================================================== [ 14.747471] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.747896] Read of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.748219] [ 14.748329] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.748375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.748388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.748411] Call Trace: [ 14.748436] <TASK> [ 14.748457] dump_stack_lvl+0x73/0xb0 [ 14.748487] print_report+0xd1/0x650 [ 14.748509] ? __virt_addr_valid+0x1db/0x2d0 [ 14.748536] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.748565] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.748592] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.748618] kasan_report+0x140/0x180 [ 14.748639] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.748669] __asan_report_load8_noabort+0x18/0x20 [ 14.748693] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 14.748719] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.748746] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.748769] ? trace_hardirqs_on+0x37/0xe0 [ 14.748792] ? kasan_bitops_generic+0x93/0x1c0 [ 14.748818] kasan_bitops_generic+0x122/0x1c0 [ 14.748852] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.748878] ? __pfx_read_tsc+0x10/0x10 [ 14.748899] ? ktime_get_ts64+0x86/0x230 [ 14.748926] kunit_try_run_case+0x1a6/0x480 [ 14.748951] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.748973] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.748995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.749021] ? __kthread_parkme+0x82/0x160 [ 14.749046] ? preempt_count_sub+0x50/0x80 [ 14.749082] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.749105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.749131] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.749157] kthread+0x324/0x6e0 [ 14.749179] ? trace_preempt_on+0x20/0xc0 [ 14.749202] ? __pfx_kthread+0x10/0x10 [ 14.749224] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.749247] ? calculate_sigpending+0x7b/0xa0 [ 14.749268] ? __pfx_kthread+0x10/0x10 [ 14.749291] ret_from_fork+0x41/0x80 [ 14.749309] ? __pfx_kthread+0x10/0x10 [ 14.749331] ret_from_fork_asm+0x1a/0x30 [ 14.749362] </TASK> [ 14.749373] [ 14.756914] Allocated by task 269: [ 14.757044] kasan_save_stack+0x45/0x70 [ 14.757187] kasan_save_track+0x18/0x40 [ 14.757321] kasan_save_alloc_info+0x3b/0x50 [ 14.757469] __kasan_kmalloc+0xb7/0xc0 [ 14.757783] __kmalloc_cache_noprof+0x18a/0x420 [ 14.758024] kasan_bitops_generic+0x93/0x1c0 [ 14.758243] kunit_try_run_case+0x1a6/0x480 [ 14.758458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.758723] kthread+0x324/0x6e0 [ 14.758907] ret_from_fork+0x41/0x80 [ 14.759139] ret_from_fork_asm+0x1a/0x30 [ 14.759340] [ 14.759440] The buggy address belongs to the object at ffff888101b28060 [ 14.759440] which belongs to the cache kmalloc-16 of size 16 [ 14.759853] The buggy address is located 8 bytes inside of [ 14.759853] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.760360] [ 14.760456] The buggy address belongs to the physical page: [ 14.760956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.761263] flags: 0x200000000000000(node=0|zone=2) [ 14.761429] page_type: f5(slab) [ 14.761576] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.761941] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.762331] page dumped because: kasan: bad access detected [ 14.762556] [ 14.762640] Memory state around the buggy address: [ 14.762860] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.763189] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.763407] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.763619] ^ [ 14.763818] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.764269] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.764581] ================================================================== [ 14.708970] ================================================================== [ 14.709693] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.710122] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.710349] [ 14.710434] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.710477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.710489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.710510] Call Trace: [ 14.710531] <TASK> [ 14.710550] dump_stack_lvl+0x73/0xb0 [ 14.710578] print_report+0xd1/0x650 [ 14.710600] ? __virt_addr_valid+0x1db/0x2d0 [ 14.710623] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.710649] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.710674] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.710700] kasan_report+0x140/0x180 [ 14.710721] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.710751] kasan_check_range+0x10c/0x1c0 [ 14.710774] __kasan_check_write+0x18/0x20 [ 14.710796] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 14.710822] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.710859] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.710884] ? trace_hardirqs_on+0x37/0xe0 [ 14.710906] ? kasan_bitops_generic+0x93/0x1c0 [ 14.710931] kasan_bitops_generic+0x122/0x1c0 [ 14.710954] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.710977] ? __pfx_read_tsc+0x10/0x10 [ 14.710999] ? ktime_get_ts64+0x86/0x230 [ 14.711024] kunit_try_run_case+0x1a6/0x480 [ 14.711047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711080] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.711102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.711127] ? __kthread_parkme+0x82/0x160 [ 14.711150] ? preempt_count_sub+0x50/0x80 [ 14.711176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.711198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.711226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.711252] kthread+0x324/0x6e0 [ 14.711273] ? trace_preempt_on+0x20/0xc0 [ 14.711295] ? __pfx_kthread+0x10/0x10 [ 14.711317] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.711341] ? calculate_sigpending+0x7b/0xa0 [ 14.711363] ? __pfx_kthread+0x10/0x10 [ 14.711386] ret_from_fork+0x41/0x80 [ 14.711404] ? __pfx_kthread+0x10/0x10 [ 14.711425] ret_from_fork_asm+0x1a/0x30 [ 14.711457] </TASK> [ 14.711467] [ 14.719661] Allocated by task 269: [ 14.719806] kasan_save_stack+0x45/0x70 [ 14.719981] kasan_save_track+0x18/0x40 [ 14.720306] kasan_save_alloc_info+0x3b/0x50 [ 14.720516] __kasan_kmalloc+0xb7/0xc0 [ 14.720697] __kmalloc_cache_noprof+0x18a/0x420 [ 14.720866] kasan_bitops_generic+0x93/0x1c0 [ 14.721015] kunit_try_run_case+0x1a6/0x480 [ 14.721159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.721412] kthread+0x324/0x6e0 [ 14.721655] ret_from_fork+0x41/0x80 [ 14.721848] ret_from_fork_asm+0x1a/0x30 [ 14.722062] [ 14.722157] The buggy address belongs to the object at ffff888101b28060 [ 14.722157] which belongs to the cache kmalloc-16 of size 16 [ 14.722574] The buggy address is located 8 bytes inside of [ 14.722574] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.722932] [ 14.723005] The buggy address belongs to the physical page: [ 14.723189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.723765] flags: 0x200000000000000(node=0|zone=2) [ 14.724020] page_type: f5(slab) [ 14.724192] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.724535] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.724784] page dumped because: kasan: bad access detected [ 14.724963] [ 14.725032] Memory state around the buggy address: [ 14.725329] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.725643] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.725976] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.726254] ^ [ 14.726453] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726668] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.726934] ================================================================== [ 14.645115] ================================================================== [ 14.645468] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.646085] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.646486] [ 14.646609] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.646661] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.646676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.646699] Call Trace: [ 14.646714] <TASK> [ 14.646735] dump_stack_lvl+0x73/0xb0 [ 14.646765] print_report+0xd1/0x650 [ 14.646788] ? __virt_addr_valid+0x1db/0x2d0 [ 14.646811] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.646851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.646877] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.646903] kasan_report+0x140/0x180 [ 14.646924] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.646955] kasan_check_range+0x10c/0x1c0 [ 14.646977] __kasan_check_write+0x18/0x20 [ 14.646999] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.647026] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.647052] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.647076] ? trace_hardirqs_on+0x37/0xe0 [ 14.647099] ? kasan_bitops_generic+0x93/0x1c0 [ 14.647124] kasan_bitops_generic+0x122/0x1c0 [ 14.647147] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.647170] ? __pfx_read_tsc+0x10/0x10 [ 14.647192] ? ktime_get_ts64+0x86/0x230 [ 14.647217] kunit_try_run_case+0x1a6/0x480 [ 14.647242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647263] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.647285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.647310] ? __kthread_parkme+0x82/0x160 [ 14.647333] ? preempt_count_sub+0x50/0x80 [ 14.647357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.647432] kthread+0x324/0x6e0 [ 14.647454] ? trace_preempt_on+0x20/0xc0 [ 14.647476] ? __pfx_kthread+0x10/0x10 [ 14.647497] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.647520] ? calculate_sigpending+0x7b/0xa0 [ 14.647542] ? __pfx_kthread+0x10/0x10 [ 14.647565] ret_from_fork+0x41/0x80 [ 14.647583] ? __pfx_kthread+0x10/0x10 [ 14.647605] ret_from_fork_asm+0x1a/0x30 [ 14.647637] </TASK> [ 14.647648] [ 14.655610] Allocated by task 269: [ 14.655753] kasan_save_stack+0x45/0x70 [ 14.655903] kasan_save_track+0x18/0x40 [ 14.656106] kasan_save_alloc_info+0x3b/0x50 [ 14.656319] __kasan_kmalloc+0xb7/0xc0 [ 14.656498] __kmalloc_cache_noprof+0x18a/0x420 [ 14.656713] kasan_bitops_generic+0x93/0x1c0 [ 14.656902] kunit_try_run_case+0x1a6/0x480 [ 14.657103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.657325] kthread+0x324/0x6e0 [ 14.657559] ret_from_fork+0x41/0x80 [ 14.657750] ret_from_fork_asm+0x1a/0x30 [ 14.657920] [ 14.658018] The buggy address belongs to the object at ffff888101b28060 [ 14.658018] which belongs to the cache kmalloc-16 of size 16 [ 14.658540] The buggy address is located 8 bytes inside of [ 14.658540] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.658933] [ 14.659031] The buggy address belongs to the physical page: [ 14.659337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.659611] flags: 0x200000000000000(node=0|zone=2) [ 14.659864] page_type: f5(slab) [ 14.660009] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.660231] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.660447] page dumped because: kasan: bad access detected [ 14.660611] [ 14.660678] Memory state around the buggy address: [ 14.660906] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.661468] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.661780] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.662115] ^ [ 14.662316] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.662523] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.662887] ================================================================== [ 14.600279] ================================================================== [ 14.600688] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.601231] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.601527] [ 14.601642] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.601688] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.601701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.601723] Call Trace: [ 14.601736] <TASK> [ 14.601761] dump_stack_lvl+0x73/0xb0 [ 14.601791] print_report+0xd1/0x650 [ 14.601813] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601846] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.601874] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.601899] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.601926] kasan_report+0x140/0x180 [ 14.601947] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.601978] kasan_check_range+0x10c/0x1c0 [ 14.602001] __kasan_check_write+0x18/0x20 [ 14.602023] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.602060] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.602087] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.602130] ? trace_hardirqs_on+0x37/0xe0 [ 14.602168] ? kasan_bitops_generic+0x93/0x1c0 [ 14.602194] kasan_bitops_generic+0x122/0x1c0 [ 14.602217] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.602240] ? __pfx_read_tsc+0x10/0x10 [ 14.602263] ? ktime_get_ts64+0x86/0x230 [ 14.602288] kunit_try_run_case+0x1a6/0x480 [ 14.602312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.602333] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.602356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.602381] ? __kthread_parkme+0x82/0x160 [ 14.602404] ? preempt_count_sub+0x50/0x80 [ 14.602429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.602451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.602478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.602503] kthread+0x324/0x6e0 [ 14.602524] ? trace_preempt_on+0x20/0xc0 [ 14.602547] ? __pfx_kthread+0x10/0x10 [ 14.602568] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.602610] ? calculate_sigpending+0x7b/0xa0 [ 14.602632] ? __pfx_kthread+0x10/0x10 [ 14.602667] ret_from_fork+0x41/0x80 [ 14.602685] ? __pfx_kthread+0x10/0x10 [ 14.602707] ret_from_fork_asm+0x1a/0x30 [ 14.602738] </TASK> [ 14.602750] [ 14.614599] Allocated by task 269: [ 14.614788] kasan_save_stack+0x45/0x70 [ 14.614980] kasan_save_track+0x18/0x40 [ 14.615183] kasan_save_alloc_info+0x3b/0x50 [ 14.615403] __kasan_kmalloc+0xb7/0xc0 [ 14.615585] __kmalloc_cache_noprof+0x18a/0x420 [ 14.615810] kasan_bitops_generic+0x93/0x1c0 [ 14.616022] kunit_try_run_case+0x1a6/0x480 [ 14.616242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.616445] kthread+0x324/0x6e0 [ 14.616637] ret_from_fork+0x41/0x80 [ 14.616833] ret_from_fork_asm+0x1a/0x30 [ 14.617056] [ 14.617151] The buggy address belongs to the object at ffff888101b28060 [ 14.617151] which belongs to the cache kmalloc-16 of size 16 [ 14.617641] The buggy address is located 8 bytes inside of [ 14.617641] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.618123] [ 14.618222] The buggy address belongs to the physical page: [ 14.618470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.618711] flags: 0x200000000000000(node=0|zone=2) [ 14.618983] page_type: f5(slab) [ 14.619258] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.619607] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.619904] page dumped because: kasan: bad access detected [ 14.620156] [ 14.620243] Memory state around the buggy address: [ 14.620491] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.620781] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.621089] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.621370] ^ [ 14.621704] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622042] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622329] ================================================================== [ 14.727871] ================================================================== [ 14.728965] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.729489] Read of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.729847] [ 14.729942] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.729988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.730000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.730022] Call Trace: [ 14.730041] <TASK> [ 14.730063] dump_stack_lvl+0x73/0xb0 [ 14.730089] print_report+0xd1/0x650 [ 14.730111] ? __virt_addr_valid+0x1db/0x2d0 [ 14.730134] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.730160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.730185] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.730211] kasan_report+0x140/0x180 [ 14.730232] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.730263] kasan_check_range+0x10c/0x1c0 [ 14.730285] __kasan_check_read+0x15/0x20 [ 14.730306] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 14.730333] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.730359] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.730382] ? trace_hardirqs_on+0x37/0xe0 [ 14.730417] ? kasan_bitops_generic+0x93/0x1c0 [ 14.730443] kasan_bitops_generic+0x122/0x1c0 [ 14.730465] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.730489] ? __pfx_read_tsc+0x10/0x10 [ 14.730511] ? ktime_get_ts64+0x86/0x230 [ 14.730536] kunit_try_run_case+0x1a6/0x480 [ 14.730561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.730582] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.730604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.730629] ? __kthread_parkme+0x82/0x160 [ 14.730652] ? preempt_count_sub+0x50/0x80 [ 14.730676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.730699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.730726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.730751] kthread+0x324/0x6e0 [ 14.730772] ? trace_preempt_on+0x20/0xc0 [ 14.730794] ? __pfx_kthread+0x10/0x10 [ 14.730816] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.730848] ? calculate_sigpending+0x7b/0xa0 [ 14.730871] ? __pfx_kthread+0x10/0x10 [ 14.730893] ret_from_fork+0x41/0x80 [ 14.730912] ? __pfx_kthread+0x10/0x10 [ 14.730934] ret_from_fork_asm+0x1a/0x30 [ 14.730966] </TASK> [ 14.730976] [ 14.738619] Allocated by task 269: [ 14.738817] kasan_save_stack+0x45/0x70 [ 14.739054] kasan_save_track+0x18/0x40 [ 14.739248] kasan_save_alloc_info+0x3b/0x50 [ 14.739459] __kasan_kmalloc+0xb7/0xc0 [ 14.739645] __kmalloc_cache_noprof+0x18a/0x420 [ 14.739881] kasan_bitops_generic+0x93/0x1c0 [ 14.740097] kunit_try_run_case+0x1a6/0x480 [ 14.740275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.740491] kthread+0x324/0x6e0 [ 14.740615] ret_from_fork+0x41/0x80 [ 14.740746] ret_from_fork_asm+0x1a/0x30 [ 14.740897] [ 14.740994] The buggy address belongs to the object at ffff888101b28060 [ 14.740994] which belongs to the cache kmalloc-16 of size 16 [ 14.741978] The buggy address is located 8 bytes inside of [ 14.741978] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.742438] [ 14.742514] The buggy address belongs to the physical page: [ 14.742707] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.743039] flags: 0x200000000000000(node=0|zone=2) [ 14.743264] page_type: f5(slab) [ 14.743425] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.743783] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.744143] page dumped because: kasan: bad access detected [ 14.744369] [ 14.744454] Memory state around the buggy address: [ 14.744634] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.744923] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.745246] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.745532] ^ [ 14.745785] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746119] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.746398] ================================================================== [ 14.579355] ================================================================== [ 14.579726] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.580616] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.580918] [ 14.581016] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.581061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.581074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.581096] Call Trace: [ 14.581117] <TASK> [ 14.581138] dump_stack_lvl+0x73/0xb0 [ 14.581168] print_report+0xd1/0x650 [ 14.581191] ? __virt_addr_valid+0x1db/0x2d0 [ 14.581214] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.581240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.581295] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.581323] kasan_report+0x140/0x180 [ 14.581344] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.581394] kasan_check_range+0x10c/0x1c0 [ 14.581417] __kasan_check_write+0x18/0x20 [ 14.581440] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.581466] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.581510] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.581534] ? trace_hardirqs_on+0x37/0xe0 [ 14.581557] ? kasan_bitops_generic+0x93/0x1c0 [ 14.581583] kasan_bitops_generic+0x122/0x1c0 [ 14.581606] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.581629] ? __pfx_read_tsc+0x10/0x10 [ 14.581668] ? ktime_get_ts64+0x86/0x230 [ 14.581694] kunit_try_run_case+0x1a6/0x480 [ 14.581719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581746] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.581770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.581796] ? __kthread_parkme+0x82/0x160 [ 14.581819] ? preempt_count_sub+0x50/0x80 [ 14.581853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.581876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.581902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.581927] kthread+0x324/0x6e0 [ 14.581949] ? trace_preempt_on+0x20/0xc0 [ 14.581971] ? __pfx_kthread+0x10/0x10 [ 14.581993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.582016] ? calculate_sigpending+0x7b/0xa0 [ 14.582039] ? __pfx_kthread+0x10/0x10 [ 14.582081] ret_from_fork+0x41/0x80 [ 14.582118] ? __pfx_kthread+0x10/0x10 [ 14.582140] ret_from_fork_asm+0x1a/0x30 [ 14.582173] </TASK> [ 14.582184] [ 14.590499] Allocated by task 269: [ 14.590708] kasan_save_stack+0x45/0x70 [ 14.590971] kasan_save_track+0x18/0x40 [ 14.591303] kasan_save_alloc_info+0x3b/0x50 [ 14.591542] __kasan_kmalloc+0xb7/0xc0 [ 14.591726] __kmalloc_cache_noprof+0x18a/0x420 [ 14.591956] kasan_bitops_generic+0x93/0x1c0 [ 14.592248] kunit_try_run_case+0x1a6/0x480 [ 14.592458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592719] kthread+0x324/0x6e0 [ 14.592855] ret_from_fork+0x41/0x80 [ 14.593063] ret_from_fork_asm+0x1a/0x30 [ 14.593273] [ 14.593363] The buggy address belongs to the object at ffff888101b28060 [ 14.593363] which belongs to the cache kmalloc-16 of size 16 [ 14.593893] The buggy address is located 8 bytes inside of [ 14.593893] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.594410] [ 14.594527] The buggy address belongs to the physical page: [ 14.594730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.595056] flags: 0x200000000000000(node=0|zone=2) [ 14.595293] page_type: f5(slab) [ 14.595463] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.595832] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.596247] page dumped because: kasan: bad access detected [ 14.596419] [ 14.596488] Memory state around the buggy address: [ 14.596691] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597058] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.597401] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.597673] ^ [ 14.597984] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598432] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598700] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.432114] ================================================================== [ 14.432412] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.432801] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.433276] [ 14.433396] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.433442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.433455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.433478] Call Trace: [ 14.433499] <TASK> [ 14.433519] dump_stack_lvl+0x73/0xb0 [ 14.433547] print_report+0xd1/0x650 [ 14.433569] ? __virt_addr_valid+0x1db/0x2d0 [ 14.433592] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.433616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.433643] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.433668] kasan_report+0x140/0x180 [ 14.433690] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.433719] kasan_check_range+0x10c/0x1c0 [ 14.433746] __kasan_check_write+0x18/0x20 [ 14.433767] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.433792] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.433856] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.433879] ? trace_hardirqs_on+0x37/0xe0 [ 14.433902] ? kasan_bitops_generic+0x93/0x1c0 [ 14.433945] kasan_bitops_generic+0x117/0x1c0 [ 14.433968] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.433992] ? __pfx_read_tsc+0x10/0x10 [ 14.434029] ? ktime_get_ts64+0x86/0x230 [ 14.434054] kunit_try_run_case+0x1a6/0x480 [ 14.434093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.434114] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.434135] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.434174] ? __kthread_parkme+0x82/0x160 [ 14.434209] ? preempt_count_sub+0x50/0x80 [ 14.434234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.434269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.434307] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.434343] kthread+0x324/0x6e0 [ 14.434368] ? trace_preempt_on+0x20/0xc0 [ 14.434389] ? __pfx_kthread+0x10/0x10 [ 14.434411] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.434435] ? calculate_sigpending+0x7b/0xa0 [ 14.434456] ? __pfx_kthread+0x10/0x10 [ 14.434479] ret_from_fork+0x41/0x80 [ 14.434496] ? __pfx_kthread+0x10/0x10 [ 14.434519] ret_from_fork_asm+0x1a/0x30 [ 14.434550] </TASK> [ 14.434561] [ 14.442823] Allocated by task 269: [ 14.443068] kasan_save_stack+0x45/0x70 [ 14.443292] kasan_save_track+0x18/0x40 [ 14.443447] kasan_save_alloc_info+0x3b/0x50 [ 14.443596] __kasan_kmalloc+0xb7/0xc0 [ 14.443738] __kmalloc_cache_noprof+0x18a/0x420 [ 14.443994] kasan_bitops_generic+0x93/0x1c0 [ 14.444225] kunit_try_run_case+0x1a6/0x480 [ 14.444563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.444921] kthread+0x324/0x6e0 [ 14.445120] ret_from_fork+0x41/0x80 [ 14.445347] ret_from_fork_asm+0x1a/0x30 [ 14.445549] [ 14.445722] The buggy address belongs to the object at ffff888101b28060 [ 14.445722] which belongs to the cache kmalloc-16 of size 16 [ 14.446274] The buggy address is located 8 bytes inside of [ 14.446274] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.446639] [ 14.446714] The buggy address belongs to the physical page: [ 14.446897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.447484] flags: 0x200000000000000(node=0|zone=2) [ 14.447721] page_type: f5(slab) [ 14.447926] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.448293] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.448542] page dumped because: kasan: bad access detected [ 14.448710] [ 14.449606] Memory state around the buggy address: [ 14.449850] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.450210] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.450533] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.451167] ^ [ 14.451526] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.451916] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.452293] ================================================================== [ 14.453965] ================================================================== [ 14.454368] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.454848] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.455540] [ 14.455674] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.455866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.455882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.455905] Call Trace: [ 14.455927] <TASK> [ 14.455949] dump_stack_lvl+0x73/0xb0 [ 14.455981] print_report+0xd1/0x650 [ 14.456003] ? __virt_addr_valid+0x1db/0x2d0 [ 14.456027] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.456051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.456077] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.456101] kasan_report+0x140/0x180 [ 14.456123] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.456151] kasan_check_range+0x10c/0x1c0 [ 14.456174] __kasan_check_write+0x18/0x20 [ 14.456196] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.456221] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.456246] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.456269] ? trace_hardirqs_on+0x37/0xe0 [ 14.456292] ? kasan_bitops_generic+0x93/0x1c0 [ 14.456317] kasan_bitops_generic+0x117/0x1c0 [ 14.456339] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.456363] ? __pfx_read_tsc+0x10/0x10 [ 14.456385] ? ktime_get_ts64+0x86/0x230 [ 14.456411] kunit_try_run_case+0x1a6/0x480 [ 14.456529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.456553] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.456578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.456605] ? __kthread_parkme+0x82/0x160 [ 14.456628] ? preempt_count_sub+0x50/0x80 [ 14.456653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.456674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.456701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.456727] kthread+0x324/0x6e0 [ 14.456748] ? trace_preempt_on+0x20/0xc0 [ 14.456771] ? __pfx_kthread+0x10/0x10 [ 14.456794] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.456817] ? calculate_sigpending+0x7b/0xa0 [ 14.456849] ? __pfx_kthread+0x10/0x10 [ 14.456871] ret_from_fork+0x41/0x80 [ 14.456890] ? __pfx_kthread+0x10/0x10 [ 14.456913] ret_from_fork_asm+0x1a/0x30 [ 14.456944] </TASK> [ 14.456955] [ 14.465510] Allocated by task 269: [ 14.465662] kasan_save_stack+0x45/0x70 [ 14.465920] kasan_save_track+0x18/0x40 [ 14.466192] kasan_save_alloc_info+0x3b/0x50 [ 14.466429] __kasan_kmalloc+0xb7/0xc0 [ 14.466622] __kmalloc_cache_noprof+0x18a/0x420 [ 14.466857] kasan_bitops_generic+0x93/0x1c0 [ 14.467079] kunit_try_run_case+0x1a6/0x480 [ 14.467294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467607] kthread+0x324/0x6e0 [ 14.467820] ret_from_fork+0x41/0x80 [ 14.468030] ret_from_fork_asm+0x1a/0x30 [ 14.468223] [ 14.468385] The buggy address belongs to the object at ffff888101b28060 [ 14.468385] which belongs to the cache kmalloc-16 of size 16 [ 14.469002] The buggy address is located 8 bytes inside of [ 14.469002] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.469915] [ 14.470019] The buggy address belongs to the physical page: [ 14.470324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.470562] flags: 0x200000000000000(node=0|zone=2) [ 14.470784] page_type: f5(slab) [ 14.470990] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.471369] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.471723] page dumped because: kasan: bad access detected [ 14.471918] [ 14.471986] Memory state around the buggy address: [ 14.472387] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.472717] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473023] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.473337] ^ [ 14.473568] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.473955] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.474287] ================================================================== [ 14.538232] ================================================================== [ 14.538885] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.539248] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.539599] [ 14.539706] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.539751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.539764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.539786] Call Trace: [ 14.539807] <TASK> [ 14.539827] dump_stack_lvl+0x73/0xb0 [ 14.539888] print_report+0xd1/0x650 [ 14.539909] ? __virt_addr_valid+0x1db/0x2d0 [ 14.539932] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.539972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.539997] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.540036] kasan_report+0x140/0x180 [ 14.540067] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.540096] kasan_check_range+0x10c/0x1c0 [ 14.540119] __kasan_check_write+0x18/0x20 [ 14.540141] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.540165] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.540206] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.540242] ? trace_hardirqs_on+0x37/0xe0 [ 14.540265] ? kasan_bitops_generic+0x93/0x1c0 [ 14.540305] kasan_bitops_generic+0x117/0x1c0 [ 14.540341] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.540380] ? __pfx_read_tsc+0x10/0x10 [ 14.540415] ? ktime_get_ts64+0x86/0x230 [ 14.540442] kunit_try_run_case+0x1a6/0x480 [ 14.540466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.540489] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.540511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.540536] ? __kthread_parkme+0x82/0x160 [ 14.540558] ? preempt_count_sub+0x50/0x80 [ 14.540585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.540608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.540634] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.540660] kthread+0x324/0x6e0 [ 14.540682] ? trace_preempt_on+0x20/0xc0 [ 14.540704] ? __pfx_kthread+0x10/0x10 [ 14.540727] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.540751] ? calculate_sigpending+0x7b/0xa0 [ 14.540775] ? __pfx_kthread+0x10/0x10 [ 14.540797] ret_from_fork+0x41/0x80 [ 14.540816] ? __pfx_kthread+0x10/0x10 [ 14.540848] ret_from_fork_asm+0x1a/0x30 [ 14.540879] </TASK> [ 14.540891] [ 14.549142] Allocated by task 269: [ 14.549329] kasan_save_stack+0x45/0x70 [ 14.549530] kasan_save_track+0x18/0x40 [ 14.549716] kasan_save_alloc_info+0x3b/0x50 [ 14.549936] __kasan_kmalloc+0xb7/0xc0 [ 14.550134] __kmalloc_cache_noprof+0x18a/0x420 [ 14.550295] kasan_bitops_generic+0x93/0x1c0 [ 14.550442] kunit_try_run_case+0x1a6/0x480 [ 14.550584] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.550754] kthread+0x324/0x6e0 [ 14.550935] ret_from_fork+0x41/0x80 [ 14.551207] ret_from_fork_asm+0x1a/0x30 [ 14.551436] [ 14.551533] The buggy address belongs to the object at ffff888101b28060 [ 14.551533] which belongs to the cache kmalloc-16 of size 16 [ 14.552103] The buggy address is located 8 bytes inside of [ 14.552103] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.552644] [ 14.552738] The buggy address belongs to the physical page: [ 14.553002] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.553330] flags: 0x200000000000000(node=0|zone=2) [ 14.553542] page_type: f5(slab) [ 14.553731] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.554065] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.554376] page dumped because: kasan: bad access detected [ 14.554589] [ 14.554705] Memory state around the buggy address: [ 14.554900] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555261] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.555529] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.555868] ^ [ 14.556267] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556539] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.556817] ================================================================== [ 14.411936] ================================================================== [ 14.412718] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.413190] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.413564] [ 14.413682] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.413757] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.413770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.413793] Call Trace: [ 14.413807] <TASK> [ 14.413828] dump_stack_lvl+0x73/0xb0 [ 14.413868] print_report+0xd1/0x650 [ 14.413909] ? __virt_addr_valid+0x1db/0x2d0 [ 14.413932] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.413956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.413980] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.414005] kasan_report+0x140/0x180 [ 14.414027] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.414054] kasan_check_range+0x10c/0x1c0 [ 14.414077] __kasan_check_write+0x18/0x20 [ 14.414098] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.414122] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.414148] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.414172] ? trace_hardirqs_on+0x37/0xe0 [ 14.414205] ? kasan_bitops_generic+0x93/0x1c0 [ 14.414231] kasan_bitops_generic+0x117/0x1c0 [ 14.414253] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.414277] ? __pfx_read_tsc+0x10/0x10 [ 14.414318] ? ktime_get_ts64+0x86/0x230 [ 14.414344] kunit_try_run_case+0x1a6/0x480 [ 14.414381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.414402] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.414424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.414449] ? __kthread_parkme+0x82/0x160 [ 14.414472] ? preempt_count_sub+0x50/0x80 [ 14.414497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.414519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.414544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.414570] kthread+0x324/0x6e0 [ 14.414591] ? trace_preempt_on+0x20/0xc0 [ 14.414613] ? __pfx_kthread+0x10/0x10 [ 14.414635] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.414658] ? calculate_sigpending+0x7b/0xa0 [ 14.414680] ? __pfx_kthread+0x10/0x10 [ 14.414702] ret_from_fork+0x41/0x80 [ 14.414720] ? __pfx_kthread+0x10/0x10 [ 14.414742] ret_from_fork_asm+0x1a/0x30 [ 14.414774] </TASK> [ 14.414786] [ 14.422513] Allocated by task 269: [ 14.422715] kasan_save_stack+0x45/0x70 [ 14.422953] kasan_save_track+0x18/0x40 [ 14.423295] kasan_save_alloc_info+0x3b/0x50 [ 14.423527] __kasan_kmalloc+0xb7/0xc0 [ 14.423686] __kmalloc_cache_noprof+0x18a/0x420 [ 14.423847] kasan_bitops_generic+0x93/0x1c0 [ 14.424085] kunit_try_run_case+0x1a6/0x480 [ 14.424287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.424543] kthread+0x324/0x6e0 [ 14.424749] ret_from_fork+0x41/0x80 [ 14.424984] ret_from_fork_asm+0x1a/0x30 [ 14.425229] [ 14.425325] The buggy address belongs to the object at ffff888101b28060 [ 14.425325] which belongs to the cache kmalloc-16 of size 16 [ 14.425933] The buggy address is located 8 bytes inside of [ 14.425933] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.426438] [ 14.426573] The buggy address belongs to the physical page: [ 14.426750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.427117] flags: 0x200000000000000(node=0|zone=2) [ 14.427353] page_type: f5(slab) [ 14.427529] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.427791] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.428108] page dumped because: kasan: bad access detected [ 14.428376] [ 14.428473] Memory state around the buggy address: [ 14.428666] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.428992] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.429360] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.429667] ^ [ 14.429950] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430268] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.430593] ================================================================== [ 14.497533] ================================================================== [ 14.497912] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.499002] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.499255] [ 14.499343] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.499387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.499400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.499422] Call Trace: [ 14.499444] <TASK> [ 14.499464] dump_stack_lvl+0x73/0xb0 [ 14.499493] print_report+0xd1/0x650 [ 14.499515] ? __virt_addr_valid+0x1db/0x2d0 [ 14.499539] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.499563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.499589] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.499614] kasan_report+0x140/0x180 [ 14.499636] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.499689] kasan_check_range+0x10c/0x1c0 [ 14.499712] __kasan_check_write+0x18/0x20 [ 14.499735] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.499776] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.499801] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.499825] ? trace_hardirqs_on+0x37/0xe0 [ 14.499873] ? kasan_bitops_generic+0x93/0x1c0 [ 14.499913] kasan_bitops_generic+0x117/0x1c0 [ 14.499935] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.499959] ? __pfx_read_tsc+0x10/0x10 [ 14.499981] ? ktime_get_ts64+0x86/0x230 [ 14.500006] kunit_try_run_case+0x1a6/0x480 [ 14.500029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500052] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.500075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.500099] ? __kthread_parkme+0x82/0x160 [ 14.500122] ? preempt_count_sub+0x50/0x80 [ 14.500146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.500168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.500194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.500218] kthread+0x324/0x6e0 [ 14.500240] ? trace_preempt_on+0x20/0xc0 [ 14.500262] ? __pfx_kthread+0x10/0x10 [ 14.500284] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.500307] ? calculate_sigpending+0x7b/0xa0 [ 14.500329] ? __pfx_kthread+0x10/0x10 [ 14.500355] ret_from_fork+0x41/0x80 [ 14.500373] ? __pfx_kthread+0x10/0x10 [ 14.500395] ret_from_fork_asm+0x1a/0x30 [ 14.500427] </TASK> [ 14.500439] [ 14.508603] Allocated by task 269: [ 14.508785] kasan_save_stack+0x45/0x70 [ 14.508995] kasan_save_track+0x18/0x40 [ 14.509132] kasan_save_alloc_info+0x3b/0x50 [ 14.509276] __kasan_kmalloc+0xb7/0xc0 [ 14.509404] __kmalloc_cache_noprof+0x18a/0x420 [ 14.509743] kasan_bitops_generic+0x93/0x1c0 [ 14.509965] kunit_try_run_case+0x1a6/0x480 [ 14.510360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.510640] kthread+0x324/0x6e0 [ 14.510856] ret_from_fork+0x41/0x80 [ 14.511058] ret_from_fork_asm+0x1a/0x30 [ 14.511273] [ 14.511365] The buggy address belongs to the object at ffff888101b28060 [ 14.511365] which belongs to the cache kmalloc-16 of size 16 [ 14.511705] The buggy address is located 8 bytes inside of [ 14.511705] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.512261] [ 14.512395] The buggy address belongs to the physical page: [ 14.512675] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.513071] flags: 0x200000000000000(node=0|zone=2) [ 14.513304] page_type: f5(slab) [ 14.513473] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.513792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.514021] page dumped because: kasan: bad access detected [ 14.514322] [ 14.514417] Memory state around the buggy address: [ 14.514665] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.515033] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.515388] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.515619] ^ [ 14.515942] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516319] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516657] ================================================================== [ 14.557874] ================================================================== [ 14.558240] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.559205] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.559476] [ 14.559611] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.559676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.559690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.559712] Call Trace: [ 14.559727] <TASK> [ 14.559748] dump_stack_lvl+0x73/0xb0 [ 14.559779] print_report+0xd1/0x650 [ 14.559820] ? __virt_addr_valid+0x1db/0x2d0 [ 14.559853] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.559877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.559903] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.559928] kasan_report+0x140/0x180 [ 14.559949] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.559994] kasan_check_range+0x10c/0x1c0 [ 14.560017] __kasan_check_write+0x18/0x20 [ 14.560038] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.560072] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.560097] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.560137] ? trace_hardirqs_on+0x37/0xe0 [ 14.560174] ? kasan_bitops_generic+0x93/0x1c0 [ 14.560212] kasan_bitops_generic+0x117/0x1c0 [ 14.560248] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.560285] ? __pfx_read_tsc+0x10/0x10 [ 14.560308] ? ktime_get_ts64+0x86/0x230 [ 14.560346] kunit_try_run_case+0x1a6/0x480 [ 14.560384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560405] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.560427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.560452] ? __kthread_parkme+0x82/0x160 [ 14.560475] ? preempt_count_sub+0x50/0x80 [ 14.560501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.560523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.560551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.560576] kthread+0x324/0x6e0 [ 14.560597] ? trace_preempt_on+0x20/0xc0 [ 14.560620] ? __pfx_kthread+0x10/0x10 [ 14.560642] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.560666] ? calculate_sigpending+0x7b/0xa0 [ 14.560688] ? __pfx_kthread+0x10/0x10 [ 14.560710] ret_from_fork+0x41/0x80 [ 14.560729] ? __pfx_kthread+0x10/0x10 [ 14.560751] ret_from_fork_asm+0x1a/0x30 [ 14.560783] </TASK> [ 14.560795] [ 14.568872] Allocated by task 269: [ 14.569064] kasan_save_stack+0x45/0x70 [ 14.569256] kasan_save_track+0x18/0x40 [ 14.569446] kasan_save_alloc_info+0x3b/0x50 [ 14.569609] __kasan_kmalloc+0xb7/0xc0 [ 14.569818] __kmalloc_cache_noprof+0x18a/0x420 [ 14.570066] kasan_bitops_generic+0x93/0x1c0 [ 14.570262] kunit_try_run_case+0x1a6/0x480 [ 14.570420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.570642] kthread+0x324/0x6e0 [ 14.570812] ret_from_fork+0x41/0x80 [ 14.571002] ret_from_fork_asm+0x1a/0x30 [ 14.571390] [ 14.571464] The buggy address belongs to the object at ffff888101b28060 [ 14.571464] which belongs to the cache kmalloc-16 of size 16 [ 14.571843] The buggy address is located 8 bytes inside of [ 14.571843] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.572267] [ 14.572367] The buggy address belongs to the physical page: [ 14.572674] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.573067] flags: 0x200000000000000(node=0|zone=2) [ 14.573329] page_type: f5(slab) [ 14.573501] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.573770] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.574002] page dumped because: kasan: bad access detected [ 14.574512] [ 14.574627] Memory state around the buggy address: [ 14.574881] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575216] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.575440] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.575734] ^ [ 14.576064] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576542] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.576868] ================================================================== [ 14.517822] ================================================================== [ 14.518755] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.519195] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.519539] [ 14.519647] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.519692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.519704] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.519727] Call Trace: [ 14.519748] <TASK> [ 14.519768] dump_stack_lvl+0x73/0xb0 [ 14.519819] print_report+0xd1/0x650 [ 14.519851] ? __virt_addr_valid+0x1db/0x2d0 [ 14.519874] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.519916] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.519942] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.519966] kasan_report+0x140/0x180 [ 14.519987] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.520016] kasan_check_range+0x10c/0x1c0 [ 14.520038] __kasan_check_write+0x18/0x20 [ 14.520070] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.520095] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.520120] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.520144] ? trace_hardirqs_on+0x37/0xe0 [ 14.520167] ? kasan_bitops_generic+0x93/0x1c0 [ 14.520211] kasan_bitops_generic+0x117/0x1c0 [ 14.520234] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.520266] ? __pfx_read_tsc+0x10/0x10 [ 14.520288] ? ktime_get_ts64+0x86/0x230 [ 14.520312] kunit_try_run_case+0x1a6/0x480 [ 14.520337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520455] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.520480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.520506] ? __kthread_parkme+0x82/0x160 [ 14.520528] ? preempt_count_sub+0x50/0x80 [ 14.520553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.520576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.520601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.520627] kthread+0x324/0x6e0 [ 14.520647] ? trace_preempt_on+0x20/0xc0 [ 14.520670] ? __pfx_kthread+0x10/0x10 [ 14.520692] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.520715] ? calculate_sigpending+0x7b/0xa0 [ 14.520736] ? __pfx_kthread+0x10/0x10 [ 14.520801] ret_from_fork+0x41/0x80 [ 14.520821] ? __pfx_kthread+0x10/0x10 [ 14.520866] ret_from_fork_asm+0x1a/0x30 [ 14.520911] </TASK> [ 14.520921] [ 14.529207] Allocated by task 269: [ 14.529406] kasan_save_stack+0x45/0x70 [ 14.529606] kasan_save_track+0x18/0x40 [ 14.529857] kasan_save_alloc_info+0x3b/0x50 [ 14.530145] __kasan_kmalloc+0xb7/0xc0 [ 14.530331] __kmalloc_cache_noprof+0x18a/0x420 [ 14.530555] kasan_bitops_generic+0x93/0x1c0 [ 14.530743] kunit_try_run_case+0x1a6/0x480 [ 14.530918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.531164] kthread+0x324/0x6e0 [ 14.531324] ret_from_fork+0x41/0x80 [ 14.531449] ret_from_fork_asm+0x1a/0x30 [ 14.531637] [ 14.531733] The buggy address belongs to the object at ffff888101b28060 [ 14.531733] which belongs to the cache kmalloc-16 of size 16 [ 14.532362] The buggy address is located 8 bytes inside of [ 14.532362] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.532713] [ 14.532785] The buggy address belongs to the physical page: [ 14.532963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.533223] flags: 0x200000000000000(node=0|zone=2) [ 14.533454] page_type: f5(slab) [ 14.533646] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.533989] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.534313] page dumped because: kasan: bad access detected [ 14.534607] [ 14.534758] Memory state around the buggy address: [ 14.534989] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.535267] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.535475] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.535679] ^ [ 14.535975] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.536609] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.536961] ================================================================== [ 14.477611] ================================================================== [ 14.477997] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.478385] Write of size 8 at addr ffff888101b28068 by task kunit_try_catch/269 [ 14.478690] [ 14.478810] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.478869] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.478882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.478905] Call Trace: [ 14.478921] <TASK> [ 14.478964] dump_stack_lvl+0x73/0xb0 [ 14.478997] print_report+0xd1/0x650 [ 14.479039] ? __virt_addr_valid+0x1db/0x2d0 [ 14.479064] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.479089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.479115] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.479140] kasan_report+0x140/0x180 [ 14.479162] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.479191] kasan_check_range+0x10c/0x1c0 [ 14.479214] __kasan_check_write+0x18/0x20 [ 14.479236] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.479276] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.479315] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.479340] ? trace_hardirqs_on+0x37/0xe0 [ 14.479365] ? kasan_bitops_generic+0x93/0x1c0 [ 14.479391] kasan_bitops_generic+0x117/0x1c0 [ 14.479413] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.479438] ? __pfx_read_tsc+0x10/0x10 [ 14.479459] ? ktime_get_ts64+0x86/0x230 [ 14.479486] kunit_try_run_case+0x1a6/0x480 [ 14.479511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479531] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.479554] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.479580] ? __kthread_parkme+0x82/0x160 [ 14.479603] ? preempt_count_sub+0x50/0x80 [ 14.479629] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.479676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.479702] kthread+0x324/0x6e0 [ 14.479723] ? trace_preempt_on+0x20/0xc0 [ 14.479744] ? __pfx_kthread+0x10/0x10 [ 14.479766] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.479789] ? calculate_sigpending+0x7b/0xa0 [ 14.479811] ? __pfx_kthread+0x10/0x10 [ 14.479833] ret_from_fork+0x41/0x80 [ 14.479864] ? __pfx_kthread+0x10/0x10 [ 14.479886] ret_from_fork_asm+0x1a/0x30 [ 14.479919] </TASK> [ 14.479929] [ 14.488404] Allocated by task 269: [ 14.488570] kasan_save_stack+0x45/0x70 [ 14.488725] kasan_save_track+0x18/0x40 [ 14.488882] kasan_save_alloc_info+0x3b/0x50 [ 14.489132] __kasan_kmalloc+0xb7/0xc0 [ 14.489343] __kmalloc_cache_noprof+0x18a/0x420 [ 14.489583] kasan_bitops_generic+0x93/0x1c0 [ 14.489801] kunit_try_run_case+0x1a6/0x480 [ 14.490034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.490301] kthread+0x324/0x6e0 [ 14.490452] ret_from_fork+0x41/0x80 [ 14.490583] ret_from_fork_asm+0x1a/0x30 [ 14.490726] [ 14.490799] The buggy address belongs to the object at ffff888101b28060 [ 14.490799] which belongs to the cache kmalloc-16 of size 16 [ 14.491313] The buggy address is located 8 bytes inside of [ 14.491313] allocated 9-byte region [ffff888101b28060, ffff888101b28069) [ 14.491854] [ 14.491953] The buggy address belongs to the physical page: [ 14.492198] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b28 [ 14.492443] flags: 0x200000000000000(node=0|zone=2) [ 14.492613] page_type: f5(slab) [ 14.492789] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.493162] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.493768] page dumped because: kasan: bad access detected [ 14.494145] [ 14.494293] Memory state around the buggy address: [ 14.494534] ffff888101b27f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.494866] ffff888101b27f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.495203] >ffff888101b28000: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.495514] ^ [ 14.495887] ffff888101b28080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.496249] ffff888101b28100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.496528] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.386432] ================================================================== [ 14.386813] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.387764] Read of size 1 at addr ffff888101b3b550 by task kunit_try_catch/267 [ 14.388076] [ 14.388208] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.388255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.388267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.388290] Call Trace: [ 14.388323] <TASK> [ 14.388344] dump_stack_lvl+0x73/0xb0 [ 14.388373] print_report+0xd1/0x650 [ 14.388395] ? __virt_addr_valid+0x1db/0x2d0 [ 14.388417] ? strnlen+0x73/0x80 [ 14.388438] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.388463] ? strnlen+0x73/0x80 [ 14.388483] kasan_report+0x140/0x180 [ 14.388504] ? strnlen+0x73/0x80 [ 14.388528] __asan_report_load1_noabort+0x18/0x20 [ 14.388550] strnlen+0x73/0x80 [ 14.388571] kasan_strings+0x4c3/0xb60 [ 14.388591] ? __pfx_kasan_strings+0x10/0x10 [ 14.388614] ? ktime_get_ts64+0xfb/0x230 [ 14.388637] ? ktime_get_ts64+0x86/0x230 [ 14.388660] kunit_try_run_case+0x1a6/0x480 [ 14.388684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388704] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.388726] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.388751] ? __kthread_parkme+0x82/0x160 [ 14.388773] ? preempt_count_sub+0x50/0x80 [ 14.388797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.388819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.388876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.388903] kthread+0x324/0x6e0 [ 14.388924] ? trace_preempt_on+0x20/0xc0 [ 14.388964] ? __pfx_kthread+0x10/0x10 [ 14.388986] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.389009] ? calculate_sigpending+0x7b/0xa0 [ 14.389048] ? __pfx_kthread+0x10/0x10 [ 14.389070] ret_from_fork+0x41/0x80 [ 14.389089] ? __pfx_kthread+0x10/0x10 [ 14.389111] ret_from_fork_asm+0x1a/0x30 [ 14.389142] </TASK> [ 14.389153] [ 14.396008] Allocated by task 267: [ 14.396234] kasan_save_stack+0x45/0x70 [ 14.396444] kasan_save_track+0x18/0x40 [ 14.396618] kasan_save_alloc_info+0x3b/0x50 [ 14.396853] __kasan_kmalloc+0xb7/0xc0 [ 14.397001] __kmalloc_cache_noprof+0x18a/0x420 [ 14.397245] kasan_strings+0xb9/0xb60 [ 14.397440] kunit_try_run_case+0x1a6/0x480 [ 14.397613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.397929] kthread+0x324/0x6e0 [ 14.398238] ret_from_fork+0x41/0x80 [ 14.398431] ret_from_fork_asm+0x1a/0x30 [ 14.398625] [ 14.398713] Freed by task 267: [ 14.398873] kasan_save_stack+0x45/0x70 [ 14.399024] kasan_save_track+0x18/0x40 [ 14.399262] kasan_save_free_info+0x3f/0x60 [ 14.399509] __kasan_slab_free+0x56/0x70 [ 14.399644] kfree+0x224/0x3f0 [ 14.399761] kasan_strings+0x13c/0xb60 [ 14.399971] kunit_try_run_case+0x1a6/0x480 [ 14.400406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.400682] kthread+0x324/0x6e0 [ 14.400898] ret_from_fork+0x41/0x80 [ 14.401029] ret_from_fork_asm+0x1a/0x30 [ 14.401249] [ 14.401342] The buggy address belongs to the object at ffff888101b3b540 [ 14.401342] which belongs to the cache kmalloc-32 of size 32 [ 14.401805] The buggy address is located 16 bytes inside of [ 14.401805] freed 32-byte region [ffff888101b3b540, ffff888101b3b560) [ 14.402214] [ 14.402332] The buggy address belongs to the physical page: [ 14.402609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 14.402993] flags: 0x200000000000000(node=0|zone=2) [ 14.403253] page_type: f5(slab) [ 14.403448] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.403702] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.404019] page dumped because: kasan: bad access detected [ 14.404366] [ 14.404548] Memory state around the buggy address: [ 14.404771] ffff888101b3b400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.405083] ffff888101b3b480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.405367] >ffff888101b3b500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.405663] ^ [ 14.405874] ffff888101b3b580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.406200] ffff888101b3b600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.406514] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.362334] ================================================================== [ 14.363148] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.364013] Read of size 1 at addr ffff888101b3b550 by task kunit_try_catch/267 [ 14.364806] [ 14.364922] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.364972] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.364984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.365009] Call Trace: [ 14.365030] <TASK> [ 14.365051] dump_stack_lvl+0x73/0xb0 [ 14.365082] print_report+0xd1/0x650 [ 14.365104] ? __virt_addr_valid+0x1db/0x2d0 [ 14.365127] ? strlen+0x8f/0xb0 [ 14.365147] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.365173] ? strlen+0x8f/0xb0 [ 14.365192] kasan_report+0x140/0x180 [ 14.365212] ? strlen+0x8f/0xb0 [ 14.365236] __asan_report_load1_noabort+0x18/0x20 [ 14.365258] strlen+0x8f/0xb0 [ 14.365279] kasan_strings+0x425/0xb60 [ 14.365299] ? __pfx_kasan_strings+0x10/0x10 [ 14.365321] ? ktime_get_ts64+0xfb/0x230 [ 14.365345] ? ktime_get_ts64+0x86/0x230 [ 14.365369] kunit_try_run_case+0x1a6/0x480 [ 14.365392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365413] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.365434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.365459] ? __kthread_parkme+0x82/0x160 [ 14.365482] ? preempt_count_sub+0x50/0x80 [ 14.365507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.365528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365554] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.365579] kthread+0x324/0x6e0 [ 14.365600] ? trace_preempt_on+0x20/0xc0 [ 14.365623] ? __pfx_kthread+0x10/0x10 [ 14.365645] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365668] ? calculate_sigpending+0x7b/0xa0 [ 14.365689] ? __pfx_kthread+0x10/0x10 [ 14.365711] ret_from_fork+0x41/0x80 [ 14.365732] ? __pfx_kthread+0x10/0x10 [ 14.365759] ret_from_fork_asm+0x1a/0x30 [ 14.365791] </TASK> [ 14.365802] [ 14.375091] Allocated by task 267: [ 14.375341] kasan_save_stack+0x45/0x70 [ 14.375561] kasan_save_track+0x18/0x40 [ 14.375734] kasan_save_alloc_info+0x3b/0x50 [ 14.375915] __kasan_kmalloc+0xb7/0xc0 [ 14.376102] __kmalloc_cache_noprof+0x18a/0x420 [ 14.376415] kasan_strings+0xb9/0xb60 [ 14.376568] kunit_try_run_case+0x1a6/0x480 [ 14.376714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.377002] kthread+0x324/0x6e0 [ 14.377210] ret_from_fork+0x41/0x80 [ 14.377397] ret_from_fork_asm+0x1a/0x30 [ 14.377574] [ 14.377645] Freed by task 267: [ 14.377811] kasan_save_stack+0x45/0x70 [ 14.378031] kasan_save_track+0x18/0x40 [ 14.378197] kasan_save_free_info+0x3f/0x60 [ 14.378396] __kasan_slab_free+0x56/0x70 [ 14.378584] kfree+0x224/0x3f0 [ 14.378749] kasan_strings+0x13c/0xb60 [ 14.378950] kunit_try_run_case+0x1a6/0x480 [ 14.379178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.379447] kthread+0x324/0x6e0 [ 14.379612] ret_from_fork+0x41/0x80 [ 14.379780] ret_from_fork_asm+0x1a/0x30 [ 14.380002] [ 14.380128] The buggy address belongs to the object at ffff888101b3b540 [ 14.380128] which belongs to the cache kmalloc-32 of size 32 [ 14.380615] The buggy address is located 16 bytes inside of [ 14.380615] freed 32-byte region [ffff888101b3b540, ffff888101b3b560) [ 14.381138] [ 14.381249] The buggy address belongs to the physical page: [ 14.381515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 14.381897] flags: 0x200000000000000(node=0|zone=2) [ 14.382159] page_type: f5(slab) [ 14.382359] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.382701] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.382940] page dumped because: kasan: bad access detected [ 14.383113] [ 14.383218] Memory state around the buggy address: [ 14.383457] ffff888101b3b400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.383803] ffff888101b3b480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.384165] >ffff888101b3b500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.384528] ^ [ 14.384785] ffff888101b3b580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.385120] ffff888101b3b600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.385330] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.333035] ================================================================== [ 14.333414] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 14.333649] Read of size 1 at addr ffff888101b3b550 by task kunit_try_catch/267 [ 14.333894] [ 14.333985] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.334029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.334067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.334090] Call Trace: [ 14.334111] <TASK> [ 14.334132] dump_stack_lvl+0x73/0xb0 [ 14.334161] print_report+0xd1/0x650 [ 14.334182] ? __virt_addr_valid+0x1db/0x2d0 [ 14.334205] ? kasan_strings+0xa0c/0xb60 [ 14.334224] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.334249] ? kasan_strings+0xa0c/0xb60 [ 14.334268] kasan_report+0x140/0x180 [ 14.334291] ? kasan_strings+0xa0c/0xb60 [ 14.334560] __asan_report_load1_noabort+0x18/0x20 [ 14.334596] kasan_strings+0xa0c/0xb60 [ 14.334617] ? __pfx_kasan_strings+0x10/0x10 [ 14.334640] ? ktime_get_ts64+0xfb/0x230 [ 14.334663] ? ktime_get_ts64+0x86/0x230 [ 14.334687] kunit_try_run_case+0x1a6/0x480 [ 14.334711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334731] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.334753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.334778] ? __kthread_parkme+0x82/0x160 [ 14.334800] ? preempt_count_sub+0x50/0x80 [ 14.334825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.334964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.334990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.335016] kthread+0x324/0x6e0 [ 14.335062] ? trace_preempt_on+0x20/0xc0 [ 14.335087] ? __pfx_kthread+0x10/0x10 [ 14.335109] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.335133] ? calculate_sigpending+0x7b/0xa0 [ 14.335155] ? __pfx_kthread+0x10/0x10 [ 14.335176] ret_from_fork+0x41/0x80 [ 14.335196] ? __pfx_kthread+0x10/0x10 [ 14.335217] ret_from_fork_asm+0x1a/0x30 [ 14.335250] </TASK> [ 14.335260] [ 14.344432] Allocated by task 267: [ 14.344683] kasan_save_stack+0x45/0x70 [ 14.345076] kasan_save_track+0x18/0x40 [ 14.345285] kasan_save_alloc_info+0x3b/0x50 [ 14.345459] __kasan_kmalloc+0xb7/0xc0 [ 14.345615] __kmalloc_cache_noprof+0x18a/0x420 [ 14.345805] kasan_strings+0xb9/0xb60 [ 14.345943] kunit_try_run_case+0x1a6/0x480 [ 14.346088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.346388] kthread+0x324/0x6e0 [ 14.346565] ret_from_fork+0x41/0x80 [ 14.346750] ret_from_fork_asm+0x1a/0x30 [ 14.346958] [ 14.347052] Freed by task 267: [ 14.347276] kasan_save_stack+0x45/0x70 [ 14.347564] kasan_save_track+0x18/0x40 [ 14.347790] kasan_save_free_info+0x3f/0x60 [ 14.347947] __kasan_slab_free+0x56/0x70 [ 14.348085] kfree+0x224/0x3f0 [ 14.348204] kasan_strings+0x13c/0xb60 [ 14.348336] kunit_try_run_case+0x1a6/0x480 [ 14.348745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.349011] kthread+0x324/0x6e0 [ 14.349776] ret_from_fork+0x41/0x80 [ 14.350233] ret_from_fork_asm+0x1a/0x30 [ 14.350658] [ 14.351078] The buggy address belongs to the object at ffff888101b3b540 [ 14.351078] which belongs to the cache kmalloc-32 of size 32 [ 14.351945] The buggy address is located 16 bytes inside of [ 14.351945] freed 32-byte region [ffff888101b3b540, ffff888101b3b560) [ 14.352864] [ 14.352964] The buggy address belongs to the physical page: [ 14.353624] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 14.353969] flags: 0x200000000000000(node=0|zone=2) [ 14.354404] page_type: f5(slab) [ 14.354737] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.355317] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.355989] page dumped because: kasan: bad access detected [ 14.356326] [ 14.356587] Memory state around the buggy address: [ 14.356913] ffff888101b3b400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.357314] ffff888101b3b480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.357530] >ffff888101b3b500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.357737] ^ [ 14.357938] ffff888101b3b580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.358688] ffff888101b3b600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.359478] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.302673] ================================================================== [ 14.303915] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.304322] Read of size 1 at addr ffff888101b3b550 by task kunit_try_catch/267 [ 14.304805] [ 14.304941] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.304991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.305004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.305026] Call Trace: [ 14.305041] <TASK> [ 14.305186] dump_stack_lvl+0x73/0xb0 [ 14.305218] print_report+0xd1/0x650 [ 14.305242] ? __virt_addr_valid+0x1db/0x2d0 [ 14.305265] ? strcmp+0xb0/0xc0 [ 14.305286] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.305311] ? strcmp+0xb0/0xc0 [ 14.305331] kasan_report+0x140/0x180 [ 14.305352] ? strcmp+0xb0/0xc0 [ 14.305376] __asan_report_load1_noabort+0x18/0x20 [ 14.305399] strcmp+0xb0/0xc0 [ 14.305420] kasan_strings+0x2d3/0xb60 [ 14.305441] ? __pfx_kasan_strings+0x10/0x10 [ 14.305462] ? ktime_get_ts64+0xfb/0x230 [ 14.305487] ? ktime_get_ts64+0x86/0x230 [ 14.305510] kunit_try_run_case+0x1a6/0x480 [ 14.305536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305557] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.305579] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.305604] ? __kthread_parkme+0x82/0x160 [ 14.305627] ? preempt_count_sub+0x50/0x80 [ 14.305652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.305674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.305700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.305725] kthread+0x324/0x6e0 [ 14.305753] ? trace_preempt_on+0x20/0xc0 [ 14.305776] ? __pfx_kthread+0x10/0x10 [ 14.305799] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.305821] ? calculate_sigpending+0x7b/0xa0 [ 14.305854] ? __pfx_kthread+0x10/0x10 [ 14.305877] ret_from_fork+0x41/0x80 [ 14.305896] ? __pfx_kthread+0x10/0x10 [ 14.305918] ret_from_fork_asm+0x1a/0x30 [ 14.305950] </TASK> [ 14.305961] [ 14.315797] Allocated by task 267: [ 14.316011] kasan_save_stack+0x45/0x70 [ 14.316209] kasan_save_track+0x18/0x40 [ 14.316388] kasan_save_alloc_info+0x3b/0x50 [ 14.316582] __kasan_kmalloc+0xb7/0xc0 [ 14.316749] __kmalloc_cache_noprof+0x18a/0x420 [ 14.316956] kasan_strings+0xb9/0xb60 [ 14.317455] kunit_try_run_case+0x1a6/0x480 [ 14.317889] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.318368] kthread+0x324/0x6e0 [ 14.318610] ret_from_fork+0x41/0x80 [ 14.318929] ret_from_fork_asm+0x1a/0x30 [ 14.319321] [ 14.319416] Freed by task 267: [ 14.319823] kasan_save_stack+0x45/0x70 [ 14.320032] kasan_save_track+0x18/0x40 [ 14.320330] kasan_save_free_info+0x3f/0x60 [ 14.320530] __kasan_slab_free+0x56/0x70 [ 14.320708] kfree+0x224/0x3f0 [ 14.320858] kasan_strings+0x13c/0xb60 [ 14.321027] kunit_try_run_case+0x1a6/0x480 [ 14.321593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.321923] kthread+0x324/0x6e0 [ 14.322350] ret_from_fork+0x41/0x80 [ 14.322605] ret_from_fork_asm+0x1a/0x30 [ 14.322799] [ 14.322897] The buggy address belongs to the object at ffff888101b3b540 [ 14.322897] which belongs to the cache kmalloc-32 of size 32 [ 14.323777] The buggy address is located 16 bytes inside of [ 14.323777] freed 32-byte region [ffff888101b3b540, ffff888101b3b560) [ 14.324705] [ 14.324792] The buggy address belongs to the physical page: [ 14.325261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 14.325801] flags: 0x200000000000000(node=0|zone=2) [ 14.326469] page_type: f5(slab) [ 14.326716] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.327220] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.327651] page dumped because: kasan: bad access detected [ 14.327896] [ 14.327983] Memory state around the buggy address: [ 14.328607] ffff888101b3b400: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 14.329078] ffff888101b3b480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.329583] >ffff888101b3b500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.330110] ^ [ 14.330377] ffff888101b3b580: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.330671] ffff888101b3b600: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.330965] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.273907] ================================================================== [ 14.274354] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.274620] Read of size 1 at addr ffff888101b3b498 by task kunit_try_catch/265 [ 14.274910] [ 14.275020] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.275066] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.275079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.275101] Call Trace: [ 14.275114] <TASK> [ 14.275134] dump_stack_lvl+0x73/0xb0 [ 14.275159] print_report+0xd1/0x650 [ 14.275183] ? __virt_addr_valid+0x1db/0x2d0 [ 14.275207] ? memcmp+0x1b4/0x1d0 [ 14.275227] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.275253] ? memcmp+0x1b4/0x1d0 [ 14.275274] kasan_report+0x140/0x180 [ 14.275297] ? memcmp+0x1b4/0x1d0 [ 14.275322] __asan_report_load1_noabort+0x18/0x20 [ 14.275345] memcmp+0x1b4/0x1d0 [ 14.275368] kasan_memcmp+0x190/0x390 [ 14.275387] ? trace_hardirqs_on+0x37/0xe0 [ 14.275412] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.275431] ? finish_task_switch.isra.0+0x153/0x700 [ 14.275456] ? __switch_to+0x5d9/0xf60 [ 14.275485] ? __pfx_read_tsc+0x10/0x10 [ 14.275507] ? ktime_get_ts64+0x86/0x230 [ 14.275534] kunit_try_run_case+0x1a6/0x480 [ 14.275558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275579] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.275601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275625] ? __kthread_parkme+0x82/0x160 [ 14.275648] ? preempt_count_sub+0x50/0x80 [ 14.275671] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275720] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275746] kthread+0x324/0x6e0 [ 14.275767] ? trace_preempt_on+0x20/0xc0 [ 14.275789] ? __pfx_kthread+0x10/0x10 [ 14.275811] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275834] ? calculate_sigpending+0x7b/0xa0 [ 14.276367] ? __pfx_kthread+0x10/0x10 [ 14.276393] ret_from_fork+0x41/0x80 [ 14.276414] ? __pfx_kthread+0x10/0x10 [ 14.276436] ret_from_fork_asm+0x1a/0x30 [ 14.276468] </TASK> [ 14.276480] [ 14.284769] Allocated by task 265: [ 14.285005] kasan_save_stack+0x45/0x70 [ 14.285564] kasan_save_track+0x18/0x40 [ 14.285770] kasan_save_alloc_info+0x3b/0x50 [ 14.285946] __kasan_kmalloc+0xb7/0xc0 [ 14.286088] __kmalloc_cache_noprof+0x18a/0x420 [ 14.286420] kasan_memcmp+0xb8/0x390 [ 14.286807] kunit_try_run_case+0x1a6/0x480 [ 14.287036] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.287360] kthread+0x324/0x6e0 [ 14.287601] ret_from_fork+0x41/0x80 [ 14.287747] ret_from_fork_asm+0x1a/0x30 [ 14.287901] [ 14.287976] The buggy address belongs to the object at ffff888101b3b480 [ 14.287976] which belongs to the cache kmalloc-32 of size 32 [ 14.288727] The buggy address is located 0 bytes to the right of [ 14.288727] allocated 24-byte region [ffff888101b3b480, ffff888101b3b498) [ 14.289151] [ 14.289230] The buggy address belongs to the physical page: [ 14.289897] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b3b [ 14.290642] flags: 0x200000000000000(node=0|zone=2) [ 14.290877] page_type: f5(slab) [ 14.291068] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.291376] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.291603] page dumped because: kasan: bad access detected [ 14.291829] [ 14.291935] Memory state around the buggy address: [ 14.292163] ffff888101b3b380: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.292501] ffff888101b3b400: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.292975] >ffff888101b3b480: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293486] ^ [ 14.293634] ffff888101b3b500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.293969] ffff888101b3b580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.294286] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.251242] ================================================================== [ 14.251740] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x32b/0x390 [ 14.252109] Read of size 1 at addr ffff888102d5fc4a by task kunit_try_catch/261 [ 14.252504] [ 14.252616] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.252664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.252677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.252700] Call Trace: [ 14.252715] <TASK> [ 14.252734] dump_stack_lvl+0x73/0xb0 [ 14.252763] print_report+0xd1/0x650 [ 14.252786] ? __virt_addr_valid+0x1db/0x2d0 [ 14.252809] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.252831] ? kasan_addr_to_slab+0x11/0xa0 [ 14.252863] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.252884] kasan_report+0x140/0x180 [ 14.252906] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.252931] __asan_report_load1_noabort+0x18/0x20 [ 14.252955] kasan_alloca_oob_right+0x32b/0x390 [ 14.252978] ? finish_task_switch.isra.0+0x153/0x700 [ 14.253002] ? rwsem_down_write_slowpath+0x1de/0x1110 [ 14.253027] ? trace_hardirqs_on+0x37/0xe0 [ 14.253052] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.253075] ? __kasan_check_write+0x18/0x20 [ 14.253111] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.253134] ? trace_hardirqs_on+0x37/0xe0 [ 14.253156] ? __pfx_read_tsc+0x10/0x10 [ 14.253178] ? ktime_get_ts64+0x86/0x230 [ 14.253203] kunit_try_run_case+0x1a6/0x480 [ 14.253227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.253250] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.253272] ? __kthread_parkme+0x82/0x160 [ 14.253294] ? preempt_count_sub+0x50/0x80 [ 14.253317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.253339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.253365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.253390] kthread+0x324/0x6e0 [ 14.253412] ? trace_preempt_on+0x20/0xc0 [ 14.253433] ? __pfx_kthread+0x10/0x10 [ 14.253455] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.253479] ? calculate_sigpending+0x7b/0xa0 [ 14.253499] ? __pfx_kthread+0x10/0x10 [ 14.253522] ret_from_fork+0x41/0x80 [ 14.253540] ? __pfx_kthread+0x10/0x10 [ 14.253562] ret_from_fork_asm+0x1a/0x30 [ 14.253593] </TASK> [ 14.253605] [ 14.262179] The buggy address belongs to stack of task kunit_try_catch/261 [ 14.262466] [ 14.262563] The buggy address belongs to the physical page: [ 14.262809] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d5f [ 14.263084] flags: 0x200000000000000(node=0|zone=2) [ 14.263334] raw: 0200000000000000 ffffea00040b57c8 ffffea00040b57c8 0000000000000000 [ 14.263684] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.264566] page dumped because: kasan: bad access detected [ 14.264785] [ 14.264894] Memory state around the buggy address: [ 14.265212] ffff888102d5fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.265455] ffff888102d5fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.265671] >ffff888102d5fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.265932] ^ [ 14.266186] ffff888102d5fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.266502] ffff888102d5fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.266772] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.229258] ================================================================== [ 14.229709] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380 [ 14.230164] Read of size 1 at addr ffff888102be7c3f by task kunit_try_catch/259 [ 14.230508] [ 14.230615] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.230663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.230687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.230711] Call Trace: [ 14.230725] <TASK> [ 14.230746] dump_stack_lvl+0x73/0xb0 [ 14.230775] print_report+0xd1/0x650 [ 14.230808] ? __virt_addr_valid+0x1db/0x2d0 [ 14.230832] ? kasan_alloca_oob_left+0x322/0x380 [ 14.230869] ? kasan_addr_to_slab+0x11/0xa0 [ 14.230889] ? kasan_alloca_oob_left+0x322/0x380 [ 14.230910] kasan_report+0x140/0x180 [ 14.230933] ? kasan_alloca_oob_left+0x322/0x380 [ 14.230960] __asan_report_load1_noabort+0x18/0x20 [ 14.230992] kasan_alloca_oob_left+0x322/0x380 [ 14.231076] ? __schedule+0xce8/0x2840 [ 14.231101] ? finish_task_switch.isra.0+0x153/0x700 [ 14.231129] ? finish_task_switch.isra.0+0x156/0x700 [ 14.231154] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.231179] ? __schedule+0xce8/0x2840 [ 14.231203] ? __pfx_read_tsc+0x10/0x10 [ 14.231235] ? ktime_get_ts64+0x86/0x230 [ 14.231261] kunit_try_run_case+0x1a6/0x480 [ 14.231285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.231317] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.231339] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.231364] ? __kthread_parkme+0x82/0x160 [ 14.231386] ? preempt_count_sub+0x50/0x80 [ 14.231419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.231441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.231467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.231502] kthread+0x324/0x6e0 [ 14.231524] ? trace_preempt_on+0x20/0xc0 [ 14.231548] ? __pfx_kthread+0x10/0x10 [ 14.231570] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.231593] ? calculate_sigpending+0x7b/0xa0 [ 14.231616] ? __pfx_kthread+0x10/0x10 [ 14.231638] ret_from_fork+0x41/0x80 [ 14.231658] ? __pfx_kthread+0x10/0x10 [ 14.231680] ret_from_fork_asm+0x1a/0x30 [ 14.231714] </TASK> [ 14.231725] [ 14.241491] The buggy address belongs to stack of task kunit_try_catch/259 [ 14.242291] [ 14.242409] The buggy address belongs to the physical page: [ 14.242617] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be7 [ 14.243313] flags: 0x200000000000000(node=0|zone=2) [ 14.243717] raw: 0200000000000000 ffffea00040af9c8 ffffea00040af9c8 0000000000000000 [ 14.244227] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.244650] page dumped because: kasan: bad access detected [ 14.244908] [ 14.245007] Memory state around the buggy address: [ 14.245398] ffff888102be7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.245690] ffff888102be7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.246004] >ffff888102be7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.246585] ^ [ 14.246804] ffff888102be7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.247284] ffff888102be7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.247612] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.204060] ================================================================== [ 14.204717] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b7/0x300 [ 14.205258] Read of size 1 at addr ffff888102be7d02 by task kunit_try_catch/257 [ 14.205584] [ 14.205971] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.206038] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.206069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.206092] Call Trace: [ 14.206108] <TASK> [ 14.206128] dump_stack_lvl+0x73/0xb0 [ 14.206210] print_report+0xd1/0x650 [ 14.206251] ? __virt_addr_valid+0x1db/0x2d0 [ 14.206276] ? kasan_stack_oob+0x2b7/0x300 [ 14.206296] ? kasan_addr_to_slab+0x11/0xa0 [ 14.206326] ? kasan_stack_oob+0x2b7/0x300 [ 14.206345] kasan_report+0x140/0x180 [ 14.206367] ? kasan_stack_oob+0x2b7/0x300 [ 14.206404] __asan_report_load1_noabort+0x18/0x20 [ 14.206427] kasan_stack_oob+0x2b7/0x300 [ 14.206447] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.206466] ? finish_task_switch.isra.0+0x153/0x700 [ 14.206493] ? __switch_to+0x5d9/0xf60 [ 14.206521] ? __schedule+0xce8/0x2840 [ 14.206548] ? __pfx_read_tsc+0x10/0x10 [ 14.206570] ? ktime_get_ts64+0x86/0x230 [ 14.206596] kunit_try_run_case+0x1a6/0x480 [ 14.206621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206641] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.206662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.206687] ? __kthread_parkme+0x82/0x160 [ 14.206711] ? preempt_count_sub+0x50/0x80 [ 14.206733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206782] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.206808] kthread+0x324/0x6e0 [ 14.206830] ? trace_preempt_on+0x20/0xc0 [ 14.206864] ? __pfx_kthread+0x10/0x10 [ 14.206887] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.206909] ? calculate_sigpending+0x7b/0xa0 [ 14.206931] ? __pfx_kthread+0x10/0x10 [ 14.206953] ret_from_fork+0x41/0x80 [ 14.206972] ? __pfx_kthread+0x10/0x10 [ 14.206994] ret_from_fork_asm+0x1a/0x30 [ 14.207078] </TASK> [ 14.207090] [ 14.216713] The buggy address belongs to stack of task kunit_try_catch/257 [ 14.217152] and is located at offset 138 in frame: [ 14.217461] kasan_stack_oob+0x0/0x300 [ 14.217834] [ 14.217977] This frame has 4 objects: [ 14.218205] [48, 49) '__assertion' [ 14.218229] [64, 72) 'array' [ 14.218357] [96, 112) '__assertion' [ 14.218531] [128, 138) 'stack_array' [ 14.218979] [ 14.219288] The buggy address belongs to the physical page: [ 14.219469] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be7 [ 14.219830] flags: 0x200000000000000(node=0|zone=2) [ 14.220290] raw: 0200000000000000 ffffea00040af9c8 ffffea00040af9c8 0000000000000000 [ 14.220691] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.221028] page dumped because: kasan: bad access detected [ 14.221697] [ 14.221814] Memory state around the buggy address: [ 14.222139] ffff888102be7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.222449] ffff888102be7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.222746] >ffff888102be7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.223141] ^ [ 14.223313] ffff888102be7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.223629] ffff888102be7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.223943] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.174432] ================================================================== [ 14.176426] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 14.177592] Read of size 1 at addr ffffffffa681ed4d by task kunit_try_catch/253 [ 14.177965] [ 14.178402] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.178556] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.178572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.178597] Call Trace: [ 14.178618] <TASK> [ 14.178640] dump_stack_lvl+0x73/0xb0 [ 14.178675] print_report+0xd1/0x650 [ 14.178700] ? __virt_addr_valid+0x1db/0x2d0 [ 14.178724] ? kasan_global_oob_right+0x288/0x2d0 [ 14.178745] ? kasan_addr_to_slab+0x11/0xa0 [ 14.178766] ? kasan_global_oob_right+0x288/0x2d0 [ 14.178786] kasan_report+0x140/0x180 [ 14.178808] ? kasan_global_oob_right+0x288/0x2d0 [ 14.178833] __asan_report_load1_noabort+0x18/0x20 [ 14.178871] kasan_global_oob_right+0x288/0x2d0 [ 14.178892] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.178916] ? __schedule+0xce8/0x2840 [ 14.178942] ? __pfx_read_tsc+0x10/0x10 [ 14.178965] ? ktime_get_ts64+0x86/0x230 [ 14.178992] kunit_try_run_case+0x1a6/0x480 [ 14.179074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.179096] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.179117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.179143] ? __kthread_parkme+0x82/0x160 [ 14.179166] ? preempt_count_sub+0x50/0x80 [ 14.179192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.179214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.179240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.179266] kthread+0x324/0x6e0 [ 14.179287] ? trace_preempt_on+0x20/0xc0 [ 14.179311] ? __pfx_kthread+0x10/0x10 [ 14.179332] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.179356] ? calculate_sigpending+0x7b/0xa0 [ 14.179378] ? __pfx_kthread+0x10/0x10 [ 14.179400] ret_from_fork+0x41/0x80 [ 14.179422] ? __pfx_kthread+0x10/0x10 [ 14.179444] ret_from_fork_asm+0x1a/0x30 [ 14.179478] </TASK> [ 14.179490] [ 14.190375] The buggy address belongs to the variable: [ 14.190640] global_array+0xd/0x40 [ 14.190948] [ 14.191325] The buggy address belongs to the physical page: [ 14.191966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x16a21e [ 14.192382] flags: 0x200000000002000(reserved|node=0|zone=2) [ 14.192716] raw: 0200000000002000 ffffea0005a88788 ffffea0005a88788 0000000000000000 [ 14.193105] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.193414] page dumped because: kasan: bad access detected [ 14.193765] [ 14.193923] Memory state around the buggy address: [ 14.194182] ffffffffa681ec00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.194626] ffffffffa681ec80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.194953] >ffffffffa681ed00: 00 00 00 00 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 [ 14.195357] ^ [ 14.195688] ffffffffa681ed80: 00 f9 f9 f9 f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 [ 14.195965] ffffffffa681ee00: 02 f9 f9 f9 f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 [ 14.196381] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.122864] ================================================================== [ 14.124238] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.124876] Free of addr ffff888102addb01 by task kunit_try_catch/249 [ 14.125471] [ 14.125695] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.125753] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.125766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.125788] Call Trace: [ 14.125804] <TASK> [ 14.125826] dump_stack_lvl+0x73/0xb0 [ 14.125873] print_report+0xd1/0x650 [ 14.125917] ? __virt_addr_valid+0x1db/0x2d0 [ 14.125943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.125969] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.125993] kasan_report_invalid_free+0xfc/0x120 [ 14.126017] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.126064] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.126100] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.126125] check_slab_allocation+0x11f/0x130 [ 14.126146] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.126169] mempool_free+0x2ec/0x380 [ 14.126194] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.126219] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.126246] ? finish_task_switch.isra.0+0x153/0x700 [ 14.126274] mempool_kmalloc_invalid_free+0xee/0x140 [ 14.126297] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.126322] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.126341] ? __pfx_mempool_kfree+0x10/0x10 [ 14.126363] ? __pfx_read_tsc+0x10/0x10 [ 14.126386] ? ktime_get_ts64+0x86/0x230 [ 14.126411] kunit_try_run_case+0x1a6/0x480 [ 14.126436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126458] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.126482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.126508] ? __kthread_parkme+0x82/0x160 [ 14.126532] ? preempt_count_sub+0x50/0x80 [ 14.126555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.126604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.126630] kthread+0x324/0x6e0 [ 14.126652] ? trace_preempt_on+0x20/0xc0 [ 14.126677] ? __pfx_kthread+0x10/0x10 [ 14.126700] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.126723] ? calculate_sigpending+0x7b/0xa0 [ 14.126745] ? __pfx_kthread+0x10/0x10 [ 14.126768] ret_from_fork+0x41/0x80 [ 14.126786] ? __pfx_kthread+0x10/0x10 [ 14.126808] ret_from_fork_asm+0x1a/0x30 [ 14.126850] </TASK> [ 14.126862] [ 14.138121] Allocated by task 249: [ 14.138343] kasan_save_stack+0x45/0x70 [ 14.138570] kasan_save_track+0x18/0x40 [ 14.138759] kasan_save_alloc_info+0x3b/0x50 [ 14.138972] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.139346] remove_element+0x11e/0x190 [ 14.139526] mempool_alloc_preallocated+0x4d/0x90 [ 14.139729] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 14.139935] mempool_kmalloc_invalid_free+0xee/0x140 [ 14.140234] kunit_try_run_case+0x1a6/0x480 [ 14.140445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.140695] kthread+0x324/0x6e0 [ 14.140908] ret_from_fork+0x41/0x80 [ 14.141139] ret_from_fork_asm+0x1a/0x30 [ 14.141288] [ 14.141387] The buggy address belongs to the object at ffff888102addb00 [ 14.141387] which belongs to the cache kmalloc-128 of size 128 [ 14.141934] The buggy address is located 1 bytes inside of [ 14.141934] 128-byte region [ffff888102addb00, ffff888102addb80) [ 14.142409] [ 14.142513] The buggy address belongs to the physical page: [ 14.142784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 14.143188] flags: 0x200000000000000(node=0|zone=2) [ 14.143402] page_type: f5(slab) [ 14.143578] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.143892] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.144407] page dumped because: kasan: bad access detected [ 14.144629] [ 14.144724] Memory state around the buggy address: [ 14.144946] ffff888102adda00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.145247] ffff888102adda80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.145521] >ffff888102addb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.145850] ^ [ 14.146085] ffff888102addb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146404] ffff888102addc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.146714] ================================================================== [ 14.152441] ================================================================== [ 14.152947] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.153539] Free of addr ffff888102d20001 by task kunit_try_catch/251 [ 14.153761] [ 14.153863] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.153915] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.153928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.153952] Call Trace: [ 14.153966] <TASK> [ 14.153986] dump_stack_lvl+0x73/0xb0 [ 14.154312] print_report+0xd1/0x650 [ 14.154343] ? __virt_addr_valid+0x1db/0x2d0 [ 14.154368] ? kasan_addr_to_slab+0x11/0xa0 [ 14.154387] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.154413] kasan_report_invalid_free+0xfc/0x120 [ 14.154437] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.154464] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.154488] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.154512] mempool_free+0x2ec/0x380 [ 14.154536] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.154560] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.154589] ? finish_task_switch.isra.0+0x153/0x700 [ 14.154617] mempool_kmalloc_large_invalid_free+0xee/0x140 [ 14.154642] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.154669] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.154689] ? __pfx_mempool_kfree+0x10/0x10 [ 14.154709] ? __pfx_read_tsc+0x10/0x10 [ 14.154732] ? ktime_get_ts64+0x86/0x230 [ 14.154758] kunit_try_run_case+0x1a6/0x480 [ 14.154781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.154803] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.154825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.154865] ? __kthread_parkme+0x82/0x160 [ 14.154889] ? preempt_count_sub+0x50/0x80 [ 14.154913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.154937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.154962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.154989] kthread+0x324/0x6e0 [ 14.155026] ? trace_preempt_on+0x20/0xc0 [ 14.155057] ? __pfx_kthread+0x10/0x10 [ 14.155079] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.155103] ? calculate_sigpending+0x7b/0xa0 [ 14.155125] ? __pfx_kthread+0x10/0x10 [ 14.155148] ret_from_fork+0x41/0x80 [ 14.155166] ? __pfx_kthread+0x10/0x10 [ 14.155188] ret_from_fork_asm+0x1a/0x30 [ 14.155220] </TASK> [ 14.155231] [ 14.164637] The buggy address belongs to the physical page: [ 14.164895] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d20 [ 14.165382] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.165658] flags: 0x200000000000040(head|node=0|zone=2) [ 14.165953] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.166306] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.166566] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.166792] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.167097] head: 0200000000000002 ffffea00040b4801 ffffffffffffffff 0000000000000000 [ 14.167582] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.167814] page dumped because: kasan: bad access detected [ 14.167988] [ 14.168058] Memory state around the buggy address: [ 14.168523] ffff888102d1ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.168876] ffff888102d1ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.169405] >ffff888102d20000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.169715] ^ [ 14.169902] ffff888102d20080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.170254] ffff888102d20100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.170501] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.034723] ================================================================== [ 14.035430] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.035684] Free of addr ffff888102add700 by task kunit_try_catch/243 [ 14.035898] [ 14.035988] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.036051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.036063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.036088] Call Trace: [ 14.036101] <TASK> [ 14.036120] dump_stack_lvl+0x73/0xb0 [ 14.036149] print_report+0xd1/0x650 [ 14.036171] ? __virt_addr_valid+0x1db/0x2d0 [ 14.036196] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.036221] ? mempool_double_free_helper+0x185/0x370 [ 14.036245] kasan_report_invalid_free+0xfc/0x120 [ 14.036269] ? mempool_double_free_helper+0x185/0x370 [ 14.036293] ? mempool_double_free_helper+0x185/0x370 [ 14.036314] ? mempool_double_free_helper+0x185/0x370 [ 14.036337] check_slab_allocation+0x101/0x130 [ 14.036358] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.036381] mempool_free+0x2ec/0x380 [ 14.036720] mempool_double_free_helper+0x185/0x370 [ 14.036761] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.036797] ? finish_task_switch.isra.0+0x153/0x700 [ 14.036828] mempool_kmalloc_double_free+0xee/0x140 [ 14.036863] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.036888] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.036909] ? __pfx_mempool_kfree+0x10/0x10 [ 14.036931] ? __pfx_read_tsc+0x10/0x10 [ 14.036954] ? ktime_get_ts64+0x86/0x230 [ 14.036979] kunit_try_run_case+0x1a6/0x480 [ 14.037003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.037025] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.037338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.037398] ? __kthread_parkme+0x82/0x160 [ 14.037424] ? preempt_count_sub+0x50/0x80 [ 14.037449] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.037473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.037499] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.037525] kthread+0x324/0x6e0 [ 14.037546] ? trace_preempt_on+0x20/0xc0 [ 14.037571] ? __pfx_kthread+0x10/0x10 [ 14.037593] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.037617] ? calculate_sigpending+0x7b/0xa0 [ 14.037640] ? __pfx_kthread+0x10/0x10 [ 14.037663] ret_from_fork+0x41/0x80 [ 14.037682] ? __pfx_kthread+0x10/0x10 [ 14.037704] ret_from_fork_asm+0x1a/0x30 [ 14.037736] </TASK> [ 14.037753] [ 14.054461] Allocated by task 243: [ 14.055007] kasan_save_stack+0x45/0x70 [ 14.055217] kasan_save_track+0x18/0x40 [ 14.055419] kasan_save_alloc_info+0x3b/0x50 [ 14.055610] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.055860] remove_element+0x11e/0x190 [ 14.056037] mempool_alloc_preallocated+0x4d/0x90 [ 14.056558] mempool_double_free_helper+0x8b/0x370 [ 14.056884] mempool_kmalloc_double_free+0xee/0x140 [ 14.057169] kunit_try_run_case+0x1a6/0x480 [ 14.057432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.057779] kthread+0x324/0x6e0 [ 14.057945] ret_from_fork+0x41/0x80 [ 14.058290] ret_from_fork_asm+0x1a/0x30 [ 14.058589] [ 14.058695] Freed by task 243: [ 14.058881] kasan_save_stack+0x45/0x70 [ 14.059108] kasan_save_track+0x18/0x40 [ 14.059303] kasan_save_free_info+0x3f/0x60 [ 14.059521] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.059753] mempool_free+0x2ec/0x380 [ 14.059913] mempool_double_free_helper+0x10a/0x370 [ 14.060175] mempool_kmalloc_double_free+0xee/0x140 [ 14.060380] kunit_try_run_case+0x1a6/0x480 [ 14.060580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.060820] kthread+0x324/0x6e0 [ 14.060971] ret_from_fork+0x41/0x80 [ 14.061114] ret_from_fork_asm+0x1a/0x30 [ 14.061340] [ 14.061490] The buggy address belongs to the object at ffff888102add700 [ 14.061490] which belongs to the cache kmalloc-128 of size 128 [ 14.062013] The buggy address is located 0 bytes inside of [ 14.062013] 128-byte region [ffff888102add700, ffff888102add780) [ 14.062527] [ 14.062603] The buggy address belongs to the physical page: [ 14.062776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 14.063727] flags: 0x200000000000000(node=0|zone=2) [ 14.064210] page_type: f5(slab) [ 14.064532] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.065227] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.065565] page dumped because: kasan: bad access detected [ 14.065804] [ 14.065902] Memory state around the buggy address: [ 14.066407] ffff888102add600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.066886] ffff888102add680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.067391] >ffff888102add700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.067825] ^ [ 14.067991] ffff888102add780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.068856] ffff888102add800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.069383] ================================================================== [ 14.073492] ================================================================== [ 14.073934] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.074433] Free of addr ffff888102954000 by task kunit_try_catch/245 [ 14.075258] [ 14.075355] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.075405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.075418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.075442] Call Trace: [ 14.075456] <TASK> [ 14.075478] dump_stack_lvl+0x73/0xb0 [ 14.075511] print_report+0xd1/0x650 [ 14.075533] ? __virt_addr_valid+0x1db/0x2d0 [ 14.075558] ? kasan_addr_to_slab+0x11/0xa0 [ 14.075578] ? mempool_double_free_helper+0x185/0x370 [ 14.075602] kasan_report_invalid_free+0xfc/0x120 [ 14.075625] ? mempool_double_free_helper+0x185/0x370 [ 14.075650] ? mempool_double_free_helper+0x185/0x370 [ 14.075672] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.075695] mempool_free+0x2ec/0x380 [ 14.075720] mempool_double_free_helper+0x185/0x370 [ 14.075742] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.075769] ? finish_task_switch.isra.0+0x153/0x700 [ 14.075797] mempool_kmalloc_large_double_free+0xee/0x140 [ 14.075821] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.075864] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.075883] ? __pfx_mempool_kfree+0x10/0x10 [ 14.075904] ? __pfx_read_tsc+0x10/0x10 [ 14.075928] ? ktime_get_ts64+0x86/0x230 [ 14.075953] kunit_try_run_case+0x1a6/0x480 [ 14.075978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.076000] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.076023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.076049] ? __kthread_parkme+0x82/0x160 [ 14.076072] ? preempt_count_sub+0x50/0x80 [ 14.076095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.076117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.076142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.076168] kthread+0x324/0x6e0 [ 14.076188] ? trace_preempt_on+0x20/0xc0 [ 14.076213] ? __pfx_kthread+0x10/0x10 [ 14.076234] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.076257] ? calculate_sigpending+0x7b/0xa0 [ 14.076280] ? __pfx_kthread+0x10/0x10 [ 14.076324] ret_from_fork+0x41/0x80 [ 14.076343] ? __pfx_kthread+0x10/0x10 [ 14.076365] ret_from_fork_asm+0x1a/0x30 [ 14.076396] </TASK> [ 14.076408] [ 14.085103] The buggy address belongs to the physical page: [ 14.085393] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 14.085643] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.085967] flags: 0x200000000000040(head|node=0|zone=2) [ 14.086409] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.087711] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.088259] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.088736] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.089333] head: 0200000000000002 ffffea00040a5501 ffffffffffffffff 0000000000000000 [ 14.089649] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.089970] page dumped because: kasan: bad access detected [ 14.090784] [ 14.091392] Memory state around the buggy address: [ 14.091708] ffff888102953f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.092562] ffff888102953f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.093072] >ffff888102954000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.093526] ^ [ 14.093681] ffff888102954080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.093971] ffff888102954100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.095047] ================================================================== [ 14.100618] ================================================================== [ 14.101187] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.101528] Free of addr ffff888102954000 by task kunit_try_catch/247 [ 14.101809] [ 14.101936] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.101986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.101998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.102021] Call Trace: [ 14.102036] <TASK> [ 14.102055] dump_stack_lvl+0x73/0xb0 [ 14.102084] print_report+0xd1/0x650 [ 14.102107] ? __virt_addr_valid+0x1db/0x2d0 [ 14.102131] ? kasan_addr_to_slab+0x11/0xa0 [ 14.102150] ? mempool_double_free_helper+0x185/0x370 [ 14.102174] kasan_report_invalid_free+0xfc/0x120 [ 14.102197] ? mempool_double_free_helper+0x185/0x370 [ 14.102222] ? mempool_double_free_helper+0x185/0x370 [ 14.102244] __kasan_mempool_poison_pages+0x115/0x130 [ 14.102267] mempool_free+0x290/0x380 [ 14.102290] mempool_double_free_helper+0x185/0x370 [ 14.102313] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.102339] ? finish_task_switch.isra.0+0x153/0x700 [ 14.102368] mempool_page_alloc_double_free+0xe9/0x140 [ 14.102394] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.102421] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.102440] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.102462] ? __pfx_read_tsc+0x10/0x10 [ 14.102484] ? ktime_get_ts64+0x86/0x230 [ 14.102509] kunit_try_run_case+0x1a6/0x480 [ 14.102533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.102554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.102576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.102602] ? __kthread_parkme+0x82/0x160 [ 14.102625] ? preempt_count_sub+0x50/0x80 [ 14.102649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.102672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.102698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.102724] kthread+0x324/0x6e0 [ 14.102746] ? trace_preempt_on+0x20/0xc0 [ 14.102770] ? __pfx_kthread+0x10/0x10 [ 14.102792] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.102815] ? calculate_sigpending+0x7b/0xa0 [ 14.102875] ? __pfx_kthread+0x10/0x10 [ 14.102901] ret_from_fork+0x41/0x80 [ 14.102921] ? __pfx_kthread+0x10/0x10 [ 14.102943] ret_from_fork_asm+0x1a/0x30 [ 14.103016] </TASK> [ 14.103029] [ 14.113364] The buggy address belongs to the physical page: [ 14.113676] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102954 [ 14.114120] flags: 0x200000000000000(node=0|zone=2) [ 14.114338] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.114651] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.114963] page dumped because: kasan: bad access detected [ 14.115318] [ 14.115418] Memory state around the buggy address: [ 14.115614] ffff888102953f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.115946] ffff888102953f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.116293] >ffff888102954000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.116565] ^ [ 14.116689] ffff888102954080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.116939] ffff888102954100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.117333] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.002595] ================================================================== [ 14.004902] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 14.005867] Read of size 1 at addr ffff888102d1c000 by task kunit_try_catch/241 [ 14.006959] [ 14.007359] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 14.007417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.007430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.007454] Call Trace: [ 14.007479] <TASK> [ 14.007502] dump_stack_lvl+0x73/0xb0 [ 14.007538] print_report+0xd1/0x650 [ 14.007607] ? __virt_addr_valid+0x1db/0x2d0 [ 14.007646] ? mempool_uaf_helper+0x394/0x400 [ 14.007670] ? kasan_addr_to_slab+0x11/0xa0 [ 14.007691] ? mempool_uaf_helper+0x394/0x400 [ 14.007724] kasan_report+0x140/0x180 [ 14.007746] ? mempool_uaf_helper+0x394/0x400 [ 14.007772] __asan_report_load1_noabort+0x18/0x20 [ 14.007797] mempool_uaf_helper+0x394/0x400 [ 14.007819] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.007854] ? finish_task_switch.isra.0+0x153/0x700 [ 14.007883] mempool_page_alloc_uaf+0xee/0x140 [ 14.007908] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.007933] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.007957] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.007979] ? __pfx_read_tsc+0x10/0x10 [ 14.008001] ? ktime_get_ts64+0x86/0x230 [ 14.008028] kunit_try_run_case+0x1a6/0x480 [ 14.008073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.008094] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.008117] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.008158] ? __kthread_parkme+0x82/0x160 [ 14.008194] ? preempt_count_sub+0x50/0x80 [ 14.008219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.008242] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.008267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.008293] kthread+0x324/0x6e0 [ 14.008314] ? trace_preempt_on+0x20/0xc0 [ 14.008339] ? __pfx_kthread+0x10/0x10 [ 14.008361] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.008384] ? calculate_sigpending+0x7b/0xa0 [ 14.008407] ? __pfx_kthread+0x10/0x10 [ 14.008429] ret_from_fork+0x41/0x80 [ 14.008449] ? __pfx_kthread+0x10/0x10 [ 14.008470] ret_from_fork_asm+0x1a/0x30 [ 14.008502] </TASK> [ 14.008514] [ 14.020474] The buggy address belongs to the physical page: [ 14.020762] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d1c [ 14.022116] flags: 0x200000000000000(node=0|zone=2) [ 14.023389] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.023652] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.023899] page dumped because: kasan: bad access detected [ 14.024217] [ 14.024385] Memory state around the buggy address: [ 14.024876] ffff888102d1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.025852] ffff888102d1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.026655] >ffff888102d1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.027652] ^ [ 14.027783] ffff888102d1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.028012] ffff888102d1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.028902] ================================================================== [ 13.944765] ================================================================== [ 13.945281] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.945737] Read of size 1 at addr ffff888102d1c000 by task kunit_try_catch/237 [ 13.946142] [ 13.946234] CPU: 0 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.946343] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.946358] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.946381] Call Trace: [ 13.946436] <TASK> [ 13.946457] dump_stack_lvl+0x73/0xb0 [ 13.946489] print_report+0xd1/0x650 [ 13.946513] ? __virt_addr_valid+0x1db/0x2d0 [ 13.946537] ? mempool_uaf_helper+0x394/0x400 [ 13.946610] ? kasan_addr_to_slab+0x11/0xa0 [ 13.946631] ? mempool_uaf_helper+0x394/0x400 [ 13.946653] kasan_report+0x140/0x180 [ 13.946674] ? mempool_uaf_helper+0x394/0x400 [ 13.946699] __asan_report_load1_noabort+0x18/0x20 [ 13.946723] mempool_uaf_helper+0x394/0x400 [ 13.946776] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.946801] ? finish_task_switch.isra.0+0x153/0x700 [ 13.946833] mempool_kmalloc_large_uaf+0xf0/0x140 [ 13.946866] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.946891] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.946940] ? __pfx_mempool_kfree+0x10/0x10 [ 13.946962] ? __pfx_read_tsc+0x10/0x10 [ 13.946985] ? ktime_get_ts64+0x86/0x230 [ 13.947058] kunit_try_run_case+0x1a6/0x480 [ 13.947087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.947109] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.947132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.947157] ? __kthread_parkme+0x82/0x160 [ 13.947182] ? preempt_count_sub+0x50/0x80 [ 13.947209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.947231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.947257] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.947283] kthread+0x324/0x6e0 [ 13.947306] ? trace_preempt_on+0x20/0xc0 [ 13.947330] ? __pfx_kthread+0x10/0x10 [ 13.947353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.947377] ? calculate_sigpending+0x7b/0xa0 [ 13.947400] ? __pfx_kthread+0x10/0x10 [ 13.947423] ret_from_fork+0x41/0x80 [ 13.947443] ? __pfx_kthread+0x10/0x10 [ 13.947465] ret_from_fork_asm+0x1a/0x30 [ 13.947497] </TASK> [ 13.947508] [ 13.957952] The buggy address belongs to the physical page: [ 13.958447] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d1c [ 13.958800] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.959463] flags: 0x200000000000040(head|node=0|zone=2) [ 13.959802] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.960457] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.960885] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.961675] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.962287] head: 0200000000000002 ffffea00040b4701 ffffffffffffffff 0000000000000000 [ 13.962786] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.963731] page dumped because: kasan: bad access detected [ 13.964132] [ 13.964229] Memory state around the buggy address: [ 13.964683] ffff888102d1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.964981] ffff888102d1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.965681] >ffff888102d1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.966131] ^ [ 13.966295] ffff888102d1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.966590] ffff888102d1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.966886] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.916189] ================================================================== [ 13.916658] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.917083] Read of size 1 at addr ffff888102add300 by task kunit_try_catch/235 [ 13.917387] [ 13.917631] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.917682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.917695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.917718] Call Trace: [ 13.917733] <TASK> [ 13.917761] dump_stack_lvl+0x73/0xb0 [ 13.917915] print_report+0xd1/0x650 [ 13.917939] ? __virt_addr_valid+0x1db/0x2d0 [ 13.917963] ? mempool_uaf_helper+0x394/0x400 [ 13.917986] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.918011] ? mempool_uaf_helper+0x394/0x400 [ 13.918069] kasan_report+0x140/0x180 [ 13.918103] ? mempool_uaf_helper+0x394/0x400 [ 13.918128] __asan_report_load1_noabort+0x18/0x20 [ 13.918191] mempool_uaf_helper+0x394/0x400 [ 13.918213] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.918237] ? finish_task_switch.isra.0+0x153/0x700 [ 13.918267] mempool_kmalloc_uaf+0xf0/0x140 [ 13.918289] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.918313] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.918335] ? __pfx_mempool_kfree+0x10/0x10 [ 13.918356] ? __pfx_read_tsc+0x10/0x10 [ 13.918379] ? ktime_get_ts64+0x86/0x230 [ 13.918437] kunit_try_run_case+0x1a6/0x480 [ 13.918463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918485] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.918509] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.918535] ? __kthread_parkme+0x82/0x160 [ 13.918558] ? preempt_count_sub+0x50/0x80 [ 13.918613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.918636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.918661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.918687] kthread+0x324/0x6e0 [ 13.918708] ? trace_preempt_on+0x20/0xc0 [ 13.918733] ? __pfx_kthread+0x10/0x10 [ 13.918755] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.918779] ? calculate_sigpending+0x7b/0xa0 [ 13.918801] ? __pfx_kthread+0x10/0x10 [ 13.918824] ret_from_fork+0x41/0x80 [ 13.918853] ? __pfx_kthread+0x10/0x10 [ 13.918875] ret_from_fork_asm+0x1a/0x30 [ 13.918910] </TASK> [ 13.918922] [ 13.927772] Allocated by task 235: [ 13.927948] kasan_save_stack+0x45/0x70 [ 13.928125] kasan_save_track+0x18/0x40 [ 13.928366] kasan_save_alloc_info+0x3b/0x50 [ 13.928766] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.929309] remove_element+0x11e/0x190 [ 13.929456] mempool_alloc_preallocated+0x4d/0x90 [ 13.929609] mempool_uaf_helper+0x97/0x400 [ 13.929789] mempool_kmalloc_uaf+0xf0/0x140 [ 13.930109] kunit_try_run_case+0x1a6/0x480 [ 13.930350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.930609] kthread+0x324/0x6e0 [ 13.930808] ret_from_fork+0x41/0x80 [ 13.931022] ret_from_fork_asm+0x1a/0x30 [ 13.931308] [ 13.931380] Freed by task 235: [ 13.931516] kasan_save_stack+0x45/0x70 [ 13.931707] kasan_save_track+0x18/0x40 [ 13.931936] kasan_save_free_info+0x3f/0x60 [ 13.932142] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.932305] mempool_free+0x2ec/0x380 [ 13.932433] mempool_uaf_helper+0x11b/0x400 [ 13.932921] mempool_kmalloc_uaf+0xf0/0x140 [ 13.933345] kunit_try_run_case+0x1a6/0x480 [ 13.933670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.933940] kthread+0x324/0x6e0 [ 13.934214] ret_from_fork+0x41/0x80 [ 13.934412] ret_from_fork_asm+0x1a/0x30 [ 13.934617] [ 13.934711] The buggy address belongs to the object at ffff888102add300 [ 13.934711] which belongs to the cache kmalloc-128 of size 128 [ 13.935075] The buggy address is located 0 bytes inside of [ 13.935075] freed 128-byte region [ffff888102add300, ffff888102add380) [ 13.935822] [ 13.935976] The buggy address belongs to the physical page: [ 13.936321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102add [ 13.936617] flags: 0x200000000000000(node=0|zone=2) [ 13.936872] page_type: f5(slab) [ 13.937236] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.937553] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.937853] page dumped because: kasan: bad access detected [ 13.938021] [ 13.938090] Memory state around the buggy address: [ 13.938433] ffff888102add200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.938755] ffff888102add280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.939084] >ffff888102add300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.939642] ^ [ 13.939813] ffff888102add380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.940216] ffff888102add400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.940479] ================================================================== [ 13.972101] ================================================================== [ 13.972654] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 13.973019] Read of size 1 at addr ffff888101b38240 by task kunit_try_catch/239 [ 13.973451] [ 13.973565] CPU: 1 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.973614] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.973661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.973685] Call Trace: [ 13.973699] <TASK> [ 13.973726] dump_stack_lvl+0x73/0xb0 [ 13.973767] print_report+0xd1/0x650 [ 13.973790] ? __virt_addr_valid+0x1db/0x2d0 [ 13.973814] ? mempool_uaf_helper+0x394/0x400 [ 13.973880] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.973907] ? mempool_uaf_helper+0x394/0x400 [ 13.973927] kasan_report+0x140/0x180 [ 13.973949] ? mempool_uaf_helper+0x394/0x400 [ 13.973975] __asan_report_load1_noabort+0x18/0x20 [ 13.973997] mempool_uaf_helper+0x394/0x400 [ 13.974036] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.974116] ? finish_task_switch.isra.0+0x153/0x700 [ 13.974181] mempool_slab_uaf+0xeb/0x140 [ 13.974229] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.974255] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.974278] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.974299] ? __pfx_read_tsc+0x10/0x10 [ 13.974322] ? ktime_get_ts64+0x86/0x230 [ 13.974349] kunit_try_run_case+0x1a6/0x480 [ 13.974374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974395] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.974419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.974445] ? __kthread_parkme+0x82/0x160 [ 13.974468] ? preempt_count_sub+0x50/0x80 [ 13.974492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.974567] kthread+0x324/0x6e0 [ 13.974589] ? trace_preempt_on+0x20/0xc0 [ 13.974613] ? __pfx_kthread+0x10/0x10 [ 13.974637] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.974661] ? calculate_sigpending+0x7b/0xa0 [ 13.974683] ? __pfx_kthread+0x10/0x10 [ 13.974707] ret_from_fork+0x41/0x80 [ 13.974728] ? __pfx_kthread+0x10/0x10 [ 13.974751] ret_from_fork_asm+0x1a/0x30 [ 13.974783] </TASK> [ 13.974794] [ 13.983517] Allocated by task 239: [ 13.983742] kasan_save_stack+0x45/0x70 [ 13.984017] kasan_save_track+0x18/0x40 [ 13.984366] kasan_save_alloc_info+0x3b/0x50 [ 13.984547] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.984751] remove_element+0x11e/0x190 [ 13.984953] mempool_alloc_preallocated+0x4d/0x90 [ 13.985266] mempool_uaf_helper+0x97/0x400 [ 13.985405] mempool_slab_uaf+0xeb/0x140 [ 13.985541] kunit_try_run_case+0x1a6/0x480 [ 13.985963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.986287] kthread+0x324/0x6e0 [ 13.986461] ret_from_fork+0x41/0x80 [ 13.986681] ret_from_fork_asm+0x1a/0x30 [ 13.986913] [ 13.987156] Freed by task 239: [ 13.987319] kasan_save_stack+0x45/0x70 [ 13.987506] kasan_save_track+0x18/0x40 [ 13.987771] kasan_save_free_info+0x3f/0x60 [ 13.987985] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.988241] mempool_free+0x2ec/0x380 [ 13.988373] mempool_uaf_helper+0x11b/0x400 [ 13.988514] mempool_slab_uaf+0xeb/0x140 [ 13.988648] kunit_try_run_case+0x1a6/0x480 [ 13.988787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.989037] kthread+0x324/0x6e0 [ 13.989269] ret_from_fork+0x41/0x80 [ 13.989455] ret_from_fork_asm+0x1a/0x30 [ 13.989656] [ 13.989759] The buggy address belongs to the object at ffff888101b38240 [ 13.989759] which belongs to the cache test_cache of size 123 [ 13.990496] The buggy address is located 0 bytes inside of [ 13.990496] freed 123-byte region [ffff888101b38240, ffff888101b382bb) [ 13.990955] [ 13.991031] The buggy address belongs to the physical page: [ 13.991504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b38 [ 13.991907] flags: 0x200000000000000(node=0|zone=2) [ 13.992241] page_type: f5(slab) [ 13.992370] raw: 0200000000000000 ffff888101ab2dc0 dead000000000122 0000000000000000 [ 13.992595] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.992813] page dumped because: kasan: bad access detected [ 13.993203] [ 13.993303] Memory state around the buggy address: [ 13.993535] ffff888101b38100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.993878] ffff888101b38180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.994560] >ffff888101b38200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.994862] ^ [ 13.995234] ffff888101b38280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.995552] ffff888101b38300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.995863] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.887493] ================================================================== [ 13.888513] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.888964] Read of size 1 at addr ffff888102aee2bb by task kunit_try_catch/233 [ 13.889353] [ 13.889472] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.889525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.889557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.889582] Call Trace: [ 13.889597] <TASK> [ 13.889618] dump_stack_lvl+0x73/0xb0 [ 13.889652] print_report+0xd1/0x650 [ 13.889674] ? __virt_addr_valid+0x1db/0x2d0 [ 13.889700] ? mempool_oob_right_helper+0x31a/0x380 [ 13.889747] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.889774] ? mempool_oob_right_helper+0x31a/0x380 [ 13.889797] kasan_report+0x140/0x180 [ 13.889818] ? mempool_oob_right_helper+0x31a/0x380 [ 13.889855] __asan_report_load1_noabort+0x18/0x20 [ 13.889878] mempool_oob_right_helper+0x31a/0x380 [ 13.889902] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.889928] ? finish_task_switch.isra.0+0x153/0x700 [ 13.889975] mempool_slab_oob_right+0xee/0x140 [ 13.889999] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.890038] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.890061] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.890083] ? __pfx_read_tsc+0x10/0x10 [ 13.890106] ? ktime_get_ts64+0x86/0x230 [ 13.890133] kunit_try_run_case+0x1a6/0x480 [ 13.890170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890191] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.890215] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890241] ? __kthread_parkme+0x82/0x160 [ 13.890264] ? preempt_count_sub+0x50/0x80 [ 13.890289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890338] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.890364] kthread+0x324/0x6e0 [ 13.890386] ? trace_preempt_on+0x20/0xc0 [ 13.890410] ? __pfx_kthread+0x10/0x10 [ 13.890433] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.890457] ? calculate_sigpending+0x7b/0xa0 [ 13.890480] ? __pfx_kthread+0x10/0x10 [ 13.890502] ret_from_fork+0x41/0x80 [ 13.890522] ? __pfx_kthread+0x10/0x10 [ 13.890544] ret_from_fork_asm+0x1a/0x30 [ 13.890577] </TASK> [ 13.890589] [ 13.899400] Allocated by task 233: [ 13.899657] kasan_save_stack+0x45/0x70 [ 13.899866] kasan_save_track+0x18/0x40 [ 13.900072] kasan_save_alloc_info+0x3b/0x50 [ 13.900304] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.900622] remove_element+0x11e/0x190 [ 13.900824] mempool_alloc_preallocated+0x4d/0x90 [ 13.901099] mempool_oob_right_helper+0x8b/0x380 [ 13.901381] mempool_slab_oob_right+0xee/0x140 [ 13.901563] kunit_try_run_case+0x1a6/0x480 [ 13.901706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.902000] kthread+0x324/0x6e0 [ 13.902341] ret_from_fork+0x41/0x80 [ 13.902508] ret_from_fork_asm+0x1a/0x30 [ 13.902683] [ 13.902779] The buggy address belongs to the object at ffff888102aee240 [ 13.902779] which belongs to the cache test_cache of size 123 [ 13.903466] The buggy address is located 0 bytes to the right of [ 13.903466] allocated 123-byte region [ffff888102aee240, ffff888102aee2bb) [ 13.904026] [ 13.904137] The buggy address belongs to the physical page: [ 13.904384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102aee [ 13.904742] flags: 0x200000000000000(node=0|zone=2) [ 13.904942] page_type: f5(slab) [ 13.905064] raw: 0200000000000000 ffff888102aeb000 dead000000000122 0000000000000000 [ 13.905286] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.905913] page dumped because: kasan: bad access detected [ 13.906411] [ 13.906532] Memory state around the buggy address: [ 13.906794] ffff888102aee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.907249] ffff888102aee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.907585] >ffff888102aee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.907907] ^ [ 13.908136] ffff888102aee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.908362] ffff888102aee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.908567] ================================================================== [ 13.864163] ================================================================== [ 13.864657] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.865129] Read of size 1 at addr ffff888102952001 by task kunit_try_catch/231 [ 13.865545] [ 13.865749] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.865802] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.865814] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.865849] Call Trace: [ 13.865862] <TASK> [ 13.865895] dump_stack_lvl+0x73/0xb0 [ 13.866023] print_report+0xd1/0x650 [ 13.866048] ? __virt_addr_valid+0x1db/0x2d0 [ 13.866072] ? mempool_oob_right_helper+0x31a/0x380 [ 13.866094] ? kasan_addr_to_slab+0x11/0xa0 [ 13.866114] ? mempool_oob_right_helper+0x31a/0x380 [ 13.866136] kasan_report+0x140/0x180 [ 13.866157] ? mempool_oob_right_helper+0x31a/0x380 [ 13.866184] __asan_report_load1_noabort+0x18/0x20 [ 13.866207] mempool_oob_right_helper+0x31a/0x380 [ 13.866231] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.866399] ? finish_task_switch.isra.0+0x153/0x700 [ 13.866441] mempool_kmalloc_large_oob_right+0xf3/0x150 [ 13.866478] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.866505] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.866527] ? __pfx_mempool_kfree+0x10/0x10 [ 13.866548] ? __pfx_read_tsc+0x10/0x10 [ 13.866572] ? ktime_get_ts64+0x86/0x230 [ 13.866597] kunit_try_run_case+0x1a6/0x480 [ 13.866622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.866642] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.866664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.866689] ? __kthread_parkme+0x82/0x160 [ 13.866713] ? preempt_count_sub+0x50/0x80 [ 13.866735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.866758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.866783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.866809] kthread+0x324/0x6e0 [ 13.866830] ? trace_preempt_on+0x20/0xc0 [ 13.866863] ? __pfx_kthread+0x10/0x10 [ 13.866885] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.866908] ? calculate_sigpending+0x7b/0xa0 [ 13.866930] ? __pfx_kthread+0x10/0x10 [ 13.866952] ret_from_fork+0x41/0x80 [ 13.866971] ? __pfx_kthread+0x10/0x10 [ 13.866993] ret_from_fork_asm+0x1a/0x30 [ 13.867065] </TASK> [ 13.867078] [ 13.875950] The buggy address belongs to the physical page: [ 13.876478] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102950 [ 13.876898] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.877483] flags: 0x200000000000040(head|node=0|zone=2) [ 13.877822] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.878237] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.878478] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.878747] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.879235] head: 0200000000000002 ffffea00040a5401 ffffffffffffffff 0000000000000000 [ 13.879778] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 13.880299] page dumped because: kasan: bad access detected [ 13.880505] [ 13.880601] Memory state around the buggy address: [ 13.880821] ffff888102951f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.881441] ffff888102951f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.881779] >ffff888102952000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.882202] ^ [ 13.882418] ffff888102952080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.882763] ffff888102952100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.883174] ================================================================== [ 13.835487] ================================================================== [ 13.836004] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 13.836530] Read of size 1 at addr ffff888101b34073 by task kunit_try_catch/229 [ 13.836871] [ 13.836976] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.837180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.837198] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.837222] Call Trace: [ 13.837238] <TASK> [ 13.837259] dump_stack_lvl+0x73/0xb0 [ 13.837293] print_report+0xd1/0x650 [ 13.837316] ? __virt_addr_valid+0x1db/0x2d0 [ 13.837339] ? mempool_oob_right_helper+0x31a/0x380 [ 13.837586] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.837613] ? mempool_oob_right_helper+0x31a/0x380 [ 13.837637] kasan_report+0x140/0x180 [ 13.837659] ? mempool_oob_right_helper+0x31a/0x380 [ 13.837686] __asan_report_load1_noabort+0x18/0x20 [ 13.837710] mempool_oob_right_helper+0x31a/0x380 [ 13.837734] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.837767] ? finish_task_switch.isra.0+0x153/0x700 [ 13.837795] mempool_kmalloc_oob_right+0xf3/0x150 [ 13.837818] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.837854] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.837876] ? __pfx_mempool_kfree+0x10/0x10 [ 13.837897] ? __pfx_read_tsc+0x10/0x10 [ 13.837920] ? ktime_get_ts64+0x86/0x230 [ 13.837946] kunit_try_run_case+0x1a6/0x480 [ 13.837970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.837991] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.838240] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.838269] ? __kthread_parkme+0x82/0x160 [ 13.838293] ? preempt_count_sub+0x50/0x80 [ 13.838317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.838341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.838367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.838393] kthread+0x324/0x6e0 [ 13.838415] ? trace_preempt_on+0x20/0xc0 [ 13.838441] ? __pfx_kthread+0x10/0x10 [ 13.838463] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.838486] ? calculate_sigpending+0x7b/0xa0 [ 13.838508] ? __pfx_kthread+0x10/0x10 [ 13.838531] ret_from_fork+0x41/0x80 [ 13.838551] ? __pfx_kthread+0x10/0x10 [ 13.838572] ret_from_fork_asm+0x1a/0x30 [ 13.838605] </TASK> [ 13.838617] [ 13.848868] Allocated by task 229: [ 13.849226] kasan_save_stack+0x45/0x70 [ 13.849397] kasan_save_track+0x18/0x40 [ 13.849756] kasan_save_alloc_info+0x3b/0x50 [ 13.849973] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.850455] remove_element+0x11e/0x190 [ 13.850884] mempool_alloc_preallocated+0x4d/0x90 [ 13.851233] mempool_oob_right_helper+0x8b/0x380 [ 13.851388] mempool_kmalloc_oob_right+0xf3/0x150 [ 13.851539] kunit_try_run_case+0x1a6/0x480 [ 13.851738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.852012] kthread+0x324/0x6e0 [ 13.852534] ret_from_fork+0x41/0x80 [ 13.852716] ret_from_fork_asm+0x1a/0x30 [ 13.852868] [ 13.852940] The buggy address belongs to the object at ffff888101b34000 [ 13.852940] which belongs to the cache kmalloc-128 of size 128 [ 13.853867] The buggy address is located 0 bytes to the right of [ 13.853867] allocated 115-byte region [ffff888101b34000, ffff888101b34073) [ 13.854387] [ 13.854606] The buggy address belongs to the physical page: [ 13.854882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b34 [ 13.855270] flags: 0x200000000000000(node=0|zone=2) [ 13.855607] page_type: f5(slab) [ 13.855735] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.856406] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.856662] page dumped because: kasan: bad access detected [ 13.856965] [ 13.857147] Memory state around the buggy address: [ 13.857354] ffff888101b33f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.857766] ffff888101b33f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.858216] >ffff888101b34000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.858547] ^ [ 13.858894] ffff888101b34080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.859220] ffff888101b34100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.859629] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.273562] ================================================================== [ 13.274086] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 13.274474] Read of size 1 at addr ffff888101ab2b40 by task kunit_try_catch/223 [ 13.275145] [ 13.275566] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.275624] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.275637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.275660] Call Trace: [ 13.275676] <TASK> [ 13.275698] dump_stack_lvl+0x73/0xb0 [ 13.275732] print_report+0xd1/0x650 [ 13.275756] ? __virt_addr_valid+0x1db/0x2d0 [ 13.275779] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.275803] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.275829] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.275867] kasan_report+0x140/0x180 [ 13.275889] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.275915] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.275938] __kasan_check_byte+0x3d/0x50 [ 13.275960] kmem_cache_destroy+0x25/0x1d0 [ 13.275984] kmem_cache_double_destroy+0x1bd/0x380 [ 13.276007] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.276244] ? finish_task_switch.isra.0+0x153/0x700 [ 13.276272] ? __switch_to+0x5d9/0xf60 [ 13.276301] ? __pfx_empty_cache_ctor+0x10/0x10 [ 13.276323] ? __pfx_read_tsc+0x10/0x10 [ 13.276368] ? ktime_get_ts64+0x86/0x230 [ 13.276394] kunit_try_run_case+0x1a6/0x480 [ 13.276419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276440] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.276465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.276490] ? __kthread_parkme+0x82/0x160 [ 13.276513] ? preempt_count_sub+0x50/0x80 [ 13.276537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.276559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.276585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.276611] kthread+0x324/0x6e0 [ 13.276632] ? trace_preempt_on+0x20/0xc0 [ 13.276657] ? __pfx_kthread+0x10/0x10 [ 13.276678] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.276705] ? calculate_sigpending+0x7b/0xa0 [ 13.276727] ? __pfx_kthread+0x10/0x10 [ 13.276750] ret_from_fork+0x41/0x80 [ 13.276769] ? __pfx_kthread+0x10/0x10 [ 13.276792] ret_from_fork_asm+0x1a/0x30 [ 13.276825] </TASK> [ 13.276851] [ 13.286993] Allocated by task 223: [ 13.287290] kasan_save_stack+0x45/0x70 [ 13.287522] kasan_save_track+0x18/0x40 [ 13.287687] kasan_save_alloc_info+0x3b/0x50 [ 13.287904] __kasan_slab_alloc+0x91/0xa0 [ 13.288505] kmem_cache_alloc_noprof+0x124/0x400 [ 13.288694] __kmem_cache_create_args+0x177/0x250 [ 13.289013] kmem_cache_double_destroy+0xd3/0x380 [ 13.289328] kunit_try_run_case+0x1a6/0x480 [ 13.289516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.289748] kthread+0x324/0x6e0 [ 13.289927] ret_from_fork+0x41/0x80 [ 13.290509] ret_from_fork_asm+0x1a/0x30 [ 13.290687] [ 13.290784] Freed by task 223: [ 13.290950] kasan_save_stack+0x45/0x70 [ 13.291108] kasan_save_track+0x18/0x40 [ 13.291271] kasan_save_free_info+0x3f/0x60 [ 13.291604] __kasan_slab_free+0x56/0x70 [ 13.291774] kmem_cache_free+0x24b/0x420 [ 13.291990] slab_kmem_cache_release+0x2e/0x40 [ 13.292279] kmem_cache_release+0x16/0x20 [ 13.292460] kobject_put+0x181/0x450 [ 13.292647] sysfs_slab_release+0x16/0x20 [ 13.292820] kmem_cache_destroy+0xf0/0x1d0 [ 13.293046] kmem_cache_double_destroy+0x14c/0x380 [ 13.293293] kunit_try_run_case+0x1a6/0x480 [ 13.293500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.293724] kthread+0x324/0x6e0 [ 13.293904] ret_from_fork+0x41/0x80 [ 13.294381] ret_from_fork_asm+0x1a/0x30 [ 13.294562] [ 13.294658] The buggy address belongs to the object at ffff888101ab2b40 [ 13.294658] which belongs to the cache kmem_cache of size 208 [ 13.295093] The buggy address is located 0 bytes inside of [ 13.295093] freed 208-byte region [ffff888101ab2b40, ffff888101ab2c10) [ 13.295711] [ 13.295794] The buggy address belongs to the physical page: [ 13.296165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab2 [ 13.296536] flags: 0x200000000000000(node=0|zone=2) [ 13.296753] page_type: f5(slab) [ 13.296921] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.297282] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.297563] page dumped because: kasan: bad access detected [ 13.297821] [ 13.297930] Memory state around the buggy address: [ 13.298216] ffff888101ab2a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.298436] ffff888101ab2a80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.298737] >ffff888101ab2b00: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.299083] ^ [ 13.299284] ffff888101ab2b80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.299574] ffff888101ab2c00: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.299885] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.210433] ================================================================== [ 13.211024] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.211864] Read of size 1 at addr ffff888102ae7000 by task kunit_try_catch/221 [ 13.212705] [ 13.213262] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.213318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.213330] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.213355] Call Trace: [ 13.213371] <TASK> [ 13.213393] dump_stack_lvl+0x73/0xb0 [ 13.213428] print_report+0xd1/0x650 [ 13.213451] ? __virt_addr_valid+0x1db/0x2d0 [ 13.213475] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.213497] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.213522] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.213543] kasan_report+0x140/0x180 [ 13.213564] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.213590] __asan_report_load1_noabort+0x18/0x20 [ 13.213612] kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.213634] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.213655] ? finish_task_switch.isra.0+0x153/0x700 [ 13.213680] ? __switch_to+0x5d9/0xf60 [ 13.213708] ? __pfx_read_tsc+0x10/0x10 [ 13.213730] ? ktime_get_ts64+0x86/0x230 [ 13.213763] kunit_try_run_case+0x1a6/0x480 [ 13.213788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.213808] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.213830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.213870] ? __kthread_parkme+0x82/0x160 [ 13.213893] ? preempt_count_sub+0x50/0x80 [ 13.213916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.213938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.213963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.213987] kthread+0x324/0x6e0 [ 13.214026] ? trace_preempt_on+0x20/0xc0 [ 13.214051] ? __pfx_kthread+0x10/0x10 [ 13.214073] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.214095] ? calculate_sigpending+0x7b/0xa0 [ 13.214117] ? __pfx_kthread+0x10/0x10 [ 13.214139] ret_from_fork+0x41/0x80 [ 13.214157] ? __pfx_kthread+0x10/0x10 [ 13.214178] ret_from_fork_asm+0x1a/0x30 [ 13.214210] </TASK> [ 13.214221] [ 13.227607] Allocated by task 221: [ 13.227975] kasan_save_stack+0x45/0x70 [ 13.228478] kasan_save_track+0x18/0x40 [ 13.228848] kasan_save_alloc_info+0x3b/0x50 [ 13.229336] __kasan_slab_alloc+0x91/0xa0 [ 13.229756] kmem_cache_alloc_noprof+0x124/0x400 [ 13.229937] kmem_cache_rcu_uaf+0x156/0x510 [ 13.230123] kunit_try_run_case+0x1a6/0x480 [ 13.230714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.231301] kthread+0x324/0x6e0 [ 13.231642] ret_from_fork+0x41/0x80 [ 13.231986] ret_from_fork_asm+0x1a/0x30 [ 13.232429] [ 13.232606] Freed by task 0: [ 13.232718] kasan_save_stack+0x45/0x70 [ 13.232867] kasan_save_track+0x18/0x40 [ 13.233040] kasan_save_free_info+0x3f/0x60 [ 13.233420] __kasan_slab_free+0x56/0x70 [ 13.233784] slab_free_after_rcu_debug+0xe4/0x310 [ 13.234359] rcu_core+0x680/0x1d70 [ 13.234714] rcu_core_si+0x12/0x20 [ 13.235147] handle_softirqs+0x209/0x730 [ 13.235296] __irq_exit_rcu+0xc9/0x110 [ 13.235430] irq_exit_rcu+0x12/0x20 [ 13.235559] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.235719] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.235911] [ 13.236001] Last potentially related work creation: [ 13.236294] kasan_save_stack+0x45/0x70 [ 13.236506] kasan_record_aux_stack+0xb2/0xc0 [ 13.236655] kmem_cache_free+0x132/0x420 [ 13.236922] kmem_cache_rcu_uaf+0x195/0x510 [ 13.237482] kunit_try_run_case+0x1a6/0x480 [ 13.237646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.237829] kthread+0x324/0x6e0 [ 13.238028] ret_from_fork+0x41/0x80 [ 13.238227] ret_from_fork_asm+0x1a/0x30 [ 13.238434] [ 13.238530] The buggy address belongs to the object at ffff888102ae7000 [ 13.238530] which belongs to the cache test_cache of size 200 [ 13.239011] The buggy address is located 0 bytes inside of [ 13.239011] freed 200-byte region [ffff888102ae7000, ffff888102ae70c8) [ 13.239574] [ 13.239653] The buggy address belongs to the physical page: [ 13.239898] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae7 [ 13.240330] flags: 0x200000000000000(node=0|zone=2) [ 13.240571] page_type: f5(slab) [ 13.240726] raw: 0200000000000000 ffff8881011e9c80 dead000000000122 0000000000000000 [ 13.241047] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.241396] page dumped because: kasan: bad access detected [ 13.241600] [ 13.241694] Memory state around the buggy address: [ 13.241914] ffff888102ae6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.242135] ffff888102ae6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.242388] >ffff888102ae7000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.242856] ^ [ 13.243021] ffff888102ae7080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.243291] ffff888102ae7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.243943] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.142346] ================================================================== [ 13.144023] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 13.144397] Free of addr ffff888101b30001 by task kunit_try_catch/219 [ 13.144603] [ 13.144933] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.145018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.145258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.145289] Call Trace: [ 13.145305] <TASK> [ 13.145327] dump_stack_lvl+0x73/0xb0 [ 13.145362] print_report+0xd1/0x650 [ 13.145385] ? __virt_addr_valid+0x1db/0x2d0 [ 13.145410] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.145435] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.145460] kasan_report_invalid_free+0xfc/0x120 [ 13.145483] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.145508] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.145531] check_slab_allocation+0x11f/0x130 [ 13.145552] __kasan_slab_pre_free+0x28/0x40 [ 13.145571] kmem_cache_free+0xee/0x420 [ 13.145591] ? kmem_cache_alloc_noprof+0x124/0x400 [ 13.145614] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.145641] kmem_cache_invalid_free+0x1d9/0x470 [ 13.145664] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.145686] ? finish_task_switch.isra.0+0x153/0x700 [ 13.145711] ? __switch_to+0x5d9/0xf60 [ 13.145747] ? __pfx_read_tsc+0x10/0x10 [ 13.145768] ? ktime_get_ts64+0x86/0x230 [ 13.145794] kunit_try_run_case+0x1a6/0x480 [ 13.145819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145851] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.145874] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.145899] ? __kthread_parkme+0x82/0x160 [ 13.145922] ? preempt_count_sub+0x50/0x80 [ 13.145945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.145967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.146012] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.146051] kthread+0x324/0x6e0 [ 13.146073] ? trace_preempt_on+0x20/0xc0 [ 13.146097] ? __pfx_kthread+0x10/0x10 [ 13.146119] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.146142] ? calculate_sigpending+0x7b/0xa0 [ 13.146163] ? __pfx_kthread+0x10/0x10 [ 13.146185] ret_from_fork+0x41/0x80 [ 13.146203] ? __pfx_kthread+0x10/0x10 [ 13.146225] ret_from_fork_asm+0x1a/0x30 [ 13.146259] </TASK> [ 13.146271] [ 13.161965] Allocated by task 219: [ 13.162474] kasan_save_stack+0x45/0x70 [ 13.162958] kasan_save_track+0x18/0x40 [ 13.163507] kasan_save_alloc_info+0x3b/0x50 [ 13.164055] __kasan_slab_alloc+0x91/0xa0 [ 13.164657] kmem_cache_alloc_noprof+0x124/0x400 [ 13.165319] kmem_cache_invalid_free+0x158/0x470 [ 13.165867] kunit_try_run_case+0x1a6/0x480 [ 13.166648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.167182] kthread+0x324/0x6e0 [ 13.167518] ret_from_fork+0x41/0x80 [ 13.167920] ret_from_fork_asm+0x1a/0x30 [ 13.168288] [ 13.168544] The buggy address belongs to the object at ffff888101b30000 [ 13.168544] which belongs to the cache test_cache of size 200 [ 13.169409] The buggy address is located 1 bytes inside of [ 13.169409] 200-byte region [ffff888101b30000, ffff888101b300c8) [ 13.169760] [ 13.169851] The buggy address belongs to the physical page: [ 13.170398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b30 [ 13.170760] flags: 0x200000000000000(node=0|zone=2) [ 13.170972] page_type: f5(slab) [ 13.171120] raw: 0200000000000000 ffff888101ab2a00 dead000000000122 0000000000000000 [ 13.171664] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.172073] page dumped because: kasan: bad access detected [ 13.172355] [ 13.172461] Memory state around the buggy address: [ 13.172646] ffff888101b2ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.172940] ffff888101b2ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.173626] >ffff888101b30000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.174027] ^ [ 13.174356] ffff888101b30080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.174684] ffff888101b30100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.175012] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.107717] ================================================================== [ 13.108557] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 13.108906] Free of addr ffff888102ae5000 by task kunit_try_catch/217 [ 13.109242] [ 13.109332] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.109380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.109392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.109414] Call Trace: [ 13.109427] <TASK> [ 13.109448] dump_stack_lvl+0x73/0xb0 [ 13.109477] print_report+0xd1/0x650 [ 13.109499] ? __virt_addr_valid+0x1db/0x2d0 [ 13.109523] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.109548] ? kmem_cache_double_free+0x1e6/0x490 [ 13.109571] kasan_report_invalid_free+0xfc/0x120 [ 13.109594] ? kmem_cache_double_free+0x1e6/0x490 [ 13.109618] ? kmem_cache_double_free+0x1e6/0x490 [ 13.109641] check_slab_allocation+0x101/0x130 [ 13.109661] __kasan_slab_pre_free+0x28/0x40 [ 13.109680] kmem_cache_free+0xee/0x420 [ 13.109699] ? kmem_cache_alloc_noprof+0x124/0x400 [ 13.109723] ? kmem_cache_double_free+0x1e6/0x490 [ 13.109754] kmem_cache_double_free+0x1e6/0x490 [ 13.109777] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.109799] ? finish_task_switch.isra.0+0x153/0x700 [ 13.109823] ? __switch_to+0x5d9/0xf60 [ 13.109892] ? __pfx_read_tsc+0x10/0x10 [ 13.109915] ? ktime_get_ts64+0x86/0x230 [ 13.109941] kunit_try_run_case+0x1a6/0x480 [ 13.109965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.109985] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.110035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.110059] ? __kthread_parkme+0x82/0x160 [ 13.110131] ? preempt_count_sub+0x50/0x80 [ 13.110170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.110192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.110218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.110243] kthread+0x324/0x6e0 [ 13.110264] ? trace_preempt_on+0x20/0xc0 [ 13.110287] ? __pfx_kthread+0x10/0x10 [ 13.110310] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.110333] ? calculate_sigpending+0x7b/0xa0 [ 13.110354] ? __pfx_kthread+0x10/0x10 [ 13.110376] ret_from_fork+0x41/0x80 [ 13.110394] ? __pfx_kthread+0x10/0x10 [ 13.110415] ret_from_fork_asm+0x1a/0x30 [ 13.110462] </TASK> [ 13.110474] [ 13.121068] Allocated by task 217: [ 13.121357] kasan_save_stack+0x45/0x70 [ 13.121622] kasan_save_track+0x18/0x40 [ 13.121844] kasan_save_alloc_info+0x3b/0x50 [ 13.122049] __kasan_slab_alloc+0x91/0xa0 [ 13.122331] kmem_cache_alloc_noprof+0x124/0x400 [ 13.122693] kmem_cache_double_free+0x150/0x490 [ 13.122951] kunit_try_run_case+0x1a6/0x480 [ 13.123358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123649] kthread+0x324/0x6e0 [ 13.123854] ret_from_fork+0x41/0x80 [ 13.124179] ret_from_fork_asm+0x1a/0x30 [ 13.124445] [ 13.124574] Freed by task 217: [ 13.124738] kasan_save_stack+0x45/0x70 [ 13.124954] kasan_save_track+0x18/0x40 [ 13.125157] kasan_save_free_info+0x3f/0x60 [ 13.125379] __kasan_slab_free+0x56/0x70 [ 13.125578] kmem_cache_free+0x24b/0x420 [ 13.125992] kmem_cache_double_free+0x16b/0x490 [ 13.126281] kunit_try_run_case+0x1a6/0x480 [ 13.126521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.126752] kthread+0x324/0x6e0 [ 13.126890] ret_from_fork+0x41/0x80 [ 13.127322] ret_from_fork_asm+0x1a/0x30 [ 13.127536] [ 13.127637] The buggy address belongs to the object at ffff888102ae5000 [ 13.127637] which belongs to the cache test_cache of size 200 [ 13.128263] The buggy address is located 0 bytes inside of [ 13.128263] 200-byte region [ffff888102ae5000, ffff888102ae50c8) [ 13.129064] [ 13.129143] The buggy address belongs to the physical page: [ 13.129312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae5 [ 13.129548] flags: 0x200000000000000(node=0|zone=2) [ 13.129714] page_type: f5(slab) [ 13.130016] raw: 0200000000000000 ffff8881011e9b40 dead000000000122 0000000000000000 [ 13.130492] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.131360] page dumped because: kasan: bad access detected [ 13.131758] [ 13.131868] Memory state around the buggy address: [ 13.132194] ffff888102ae4f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.132764] ffff888102ae4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.133243] >ffff888102ae5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.133454] ^ [ 13.133604] ffff888102ae5080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.133983] ffff888102ae5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.134414] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.065448] ================================================================== [ 13.066094] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 13.066561] Read of size 1 at addr ffff888102ae20c8 by task kunit_try_catch/215 [ 13.067009] [ 13.067115] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.067166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.067178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.067201] Call Trace: [ 13.067215] <TASK> [ 13.067237] dump_stack_lvl+0x73/0xb0 [ 13.067551] print_report+0xd1/0x650 [ 13.067577] ? __virt_addr_valid+0x1db/0x2d0 [ 13.067601] ? kmem_cache_oob+0x404/0x530 [ 13.067622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.067648] ? kmem_cache_oob+0x404/0x530 [ 13.067669] kasan_report+0x140/0x180 [ 13.067690] ? kmem_cache_oob+0x404/0x530 [ 13.067716] __asan_report_load1_noabort+0x18/0x20 [ 13.067738] kmem_cache_oob+0x404/0x530 [ 13.067758] ? trace_hardirqs_on+0x37/0xe0 [ 13.067783] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.067805] ? __kasan_check_write+0x18/0x20 [ 13.067826] ? queued_spin_lock_slowpath+0x117/0xb40 [ 13.067863] ? irqentry_exit+0x2a/0x60 [ 13.067884] ? trace_hardirqs_on+0x37/0xe0 [ 13.067905] ? __pfx_read_tsc+0x10/0x10 [ 13.067927] ? ktime_get_ts64+0x86/0x230 [ 13.067954] kunit_try_run_case+0x1a6/0x480 [ 13.067978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.068000] ? queued_spin_lock_slowpath+0x117/0xb40 [ 13.068021] ? __kthread_parkme+0x82/0x160 [ 13.068257] ? preempt_count_sub+0x50/0x80 [ 13.068293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.068317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.068342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.068367] kthread+0x324/0x6e0 [ 13.068389] ? trace_preempt_on+0x20/0xc0 [ 13.068412] ? __pfx_kthread+0x10/0x10 [ 13.068434] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.068458] ? calculate_sigpending+0x7b/0xa0 [ 13.068480] ? __pfx_kthread+0x10/0x10 [ 13.068502] ret_from_fork+0x41/0x80 [ 13.068521] ? __pfx_kthread+0x10/0x10 [ 13.068543] ret_from_fork_asm+0x1a/0x30 [ 13.068575] </TASK> [ 13.068587] [ 13.080020] Allocated by task 215: [ 13.080712] kasan_save_stack+0x45/0x70 [ 13.081190] kasan_save_track+0x18/0x40 [ 13.081360] kasan_save_alloc_info+0x3b/0x50 [ 13.081766] __kasan_slab_alloc+0x91/0xa0 [ 13.082061] kmem_cache_alloc_noprof+0x124/0x400 [ 13.082512] kmem_cache_oob+0x158/0x530 [ 13.082802] kunit_try_run_case+0x1a6/0x480 [ 13.083116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.083360] kthread+0x324/0x6e0 [ 13.083520] ret_from_fork+0x41/0x80 [ 13.083696] ret_from_fork_asm+0x1a/0x30 [ 13.083900] [ 13.083986] The buggy address belongs to the object at ffff888102ae2000 [ 13.083986] which belongs to the cache test_cache of size 200 [ 13.085118] The buggy address is located 0 bytes to the right of [ 13.085118] allocated 200-byte region [ffff888102ae2000, ffff888102ae20c8) [ 13.085502] [ 13.085580] The buggy address belongs to the physical page: [ 13.085762] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ae2 [ 13.086781] flags: 0x200000000000000(node=0|zone=2) [ 13.087417] page_type: f5(slab) [ 13.088108] raw: 0200000000000000 ffff8881011e9a00 dead000000000122 0000000000000000 [ 13.088816] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.089645] page dumped because: kasan: bad access detected [ 13.090237] [ 13.090608] Memory state around the buggy address: [ 13.091137] ffff888102ae1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.091359] ffff888102ae2000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.091575] >ffff888102ae2080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.091787] ^ [ 13.091987] ffff888102ae2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.092489] ffff888102ae2180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.092776] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.014744] ================================================================== [ 13.016031] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 13.016429] Read of size 8 at addr ffff888101b25f00 by task kunit_try_catch/208 [ 13.017017] [ 13.017214] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 13.017264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.017276] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.017298] Call Trace: [ 13.017314] <TASK> [ 13.017335] dump_stack_lvl+0x73/0xb0 [ 13.017366] print_report+0xd1/0x650 [ 13.017388] ? __virt_addr_valid+0x1db/0x2d0 [ 13.017410] ? workqueue_uaf+0x4d8/0x560 [ 13.017431] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.017455] ? workqueue_uaf+0x4d8/0x560 [ 13.017475] kasan_report+0x140/0x180 [ 13.017496] ? workqueue_uaf+0x4d8/0x560 [ 13.017520] __asan_report_load8_noabort+0x18/0x20 [ 13.017543] workqueue_uaf+0x4d8/0x560 [ 13.017576] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.017597] ? __schedule+0xce8/0x2840 [ 13.017633] ? __pfx_read_tsc+0x10/0x10 [ 13.017656] ? ktime_get_ts64+0x86/0x230 [ 13.017681] kunit_try_run_case+0x1a6/0x480 [ 13.017705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.017725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.017759] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.017783] ? __kthread_parkme+0x82/0x160 [ 13.017806] ? preempt_count_sub+0x50/0x80 [ 13.017830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.017861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.017886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.017911] kthread+0x324/0x6e0 [ 13.017932] ? trace_preempt_on+0x20/0xc0 [ 13.017956] ? __pfx_kthread+0x10/0x10 [ 13.017977] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.017999] ? calculate_sigpending+0x7b/0xa0 [ 13.018021] ? __pfx_kthread+0x10/0x10 [ 13.018056] ret_from_fork+0x41/0x80 [ 13.018075] ? __pfx_kthread+0x10/0x10 [ 13.018096] ret_from_fork_asm+0x1a/0x30 [ 13.018128] </TASK> [ 13.018139] [ 13.029829] Allocated by task 208: [ 13.030332] kasan_save_stack+0x45/0x70 [ 13.030768] kasan_save_track+0x18/0x40 [ 13.031193] kasan_save_alloc_info+0x3b/0x50 [ 13.031351] __kasan_kmalloc+0xb7/0xc0 [ 13.031485] __kmalloc_cache_noprof+0x18a/0x420 [ 13.031644] workqueue_uaf+0x153/0x560 [ 13.031778] kunit_try_run_case+0x1a6/0x480 [ 13.032536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.033189] kthread+0x324/0x6e0 [ 13.033691] ret_from_fork+0x41/0x80 [ 13.034280] ret_from_fork_asm+0x1a/0x30 [ 13.034773] [ 13.035245] Freed by task 84: [ 13.035397] kasan_save_stack+0x45/0x70 [ 13.035551] kasan_save_track+0x18/0x40 [ 13.035686] kasan_save_free_info+0x3f/0x60 [ 13.035834] __kasan_slab_free+0x56/0x70 [ 13.035986] kfree+0x224/0x3f0 [ 13.036700] workqueue_uaf_work+0x12/0x20 [ 13.037297] process_one_work+0x5ee/0xf60 [ 13.037812] worker_thread+0x720/0x1300 [ 13.038387] kthread+0x324/0x6e0 [ 13.038830] ret_from_fork+0x41/0x80 [ 13.039338] ret_from_fork_asm+0x1a/0x30 [ 13.039849] [ 13.040017] Last potentially related work creation: [ 13.040714] kasan_save_stack+0x45/0x70 [ 13.040878] kasan_record_aux_stack+0xb2/0xc0 [ 13.041042] __queue_work+0x626/0xeb0 [ 13.041608] queue_work_on+0x74/0xa0 [ 13.042146] workqueue_uaf+0x26e/0x560 [ 13.042644] kunit_try_run_case+0x1a6/0x480 [ 13.043177] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.043377] kthread+0x324/0x6e0 [ 13.043989] ret_from_fork+0x41/0x80 [ 13.044497] ret_from_fork_asm+0x1a/0x30 [ 13.044651] [ 13.044746] The buggy address belongs to the object at ffff888101b25f00 [ 13.044746] which belongs to the cache kmalloc-32 of size 32 [ 13.046346] The buggy address is located 0 bytes inside of [ 13.046346] freed 32-byte region [ffff888101b25f00, ffff888101b25f20) [ 13.046702] [ 13.046777] The buggy address belongs to the physical page: [ 13.046968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b25 [ 13.047999] flags: 0x200000000000000(node=0|zone=2) [ 13.048442] page_type: f5(slab) [ 13.049013] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.049851] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.050801] page dumped because: kasan: bad access detected [ 13.051464] [ 13.051544] Memory state around the buggy address: [ 13.051707] ffff888101b25e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.051940] ffff888101b25e80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.052489] >ffff888101b25f00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.052809] ^ [ 13.052993] ffff888101b25f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.053558] ffff888101b26000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.054023] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.980141] ================================================================== [ 12.980720] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.980976] Read of size 4 at addr ffff888101b25e40 by task swapper/1/0 [ 12.981623] [ 12.981759] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.14.7-rc1 #1 [ 12.981813] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.981825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.981862] Call Trace: [ 12.981900] <IRQ> [ 12.981922] dump_stack_lvl+0x73/0xb0 [ 12.981955] print_report+0xd1/0x650 [ 12.981978] ? __virt_addr_valid+0x1db/0x2d0 [ 12.982085] ? rcu_uaf_reclaim+0x50/0x60 [ 12.982107] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.982132] ? rcu_uaf_reclaim+0x50/0x60 [ 12.982151] kasan_report+0x140/0x180 [ 12.982172] ? rcu_uaf_reclaim+0x50/0x60 [ 12.982195] __asan_report_load4_noabort+0x18/0x20 [ 12.982218] rcu_uaf_reclaim+0x50/0x60 [ 12.982237] rcu_core+0x680/0x1d70 [ 12.982267] ? __pfx_rcu_core+0x10/0x10 [ 12.982289] ? ktime_get+0x6b/0x150 [ 12.982311] ? handle_softirqs+0x18e/0x730 [ 12.982337] rcu_core_si+0x12/0x20 [ 12.982357] handle_softirqs+0x209/0x730 [ 12.982378] ? hrtimer_interrupt+0x2fe/0x780 [ 12.982400] ? __pfx_handle_softirqs+0x10/0x10 [ 12.982426] __irq_exit_rcu+0xc9/0x110 [ 12.982447] irq_exit_rcu+0x12/0x20 [ 12.982468] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.982493] </IRQ> [ 12.982526] <TASK> [ 12.982536] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.982631] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.982758] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 33 b2 10 00 fb f4 <e9> cc 1c 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.982856] RSP: 0000:ffff88810088fdd0 EFLAGS: 00010216 [ 12.982952] RAX: ffff888154b00000 RBX: ffff8881008790c0 RCX: ffffffffa437ce05 [ 12.983390] RDX: ffffed102a966ae3 RSI: 0000000000000004 RDI: 000000000000e7dc [ 12.983451] RBP: ffff88810088fdd8 R08: 0000000000000001 R09: ffffed102a966ae2 [ 12.983506] R10: ffff888154b35713 R11: 00000000000b5000 R12: 0000000000000001 [ 12.983549] R13: ffffed102010f218 R14: ffffffffa5f83210 R15: 0000000000000000 [ 12.983613] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.983673] ? default_idle+0xd/0x20 [ 12.983693] arch_cpu_idle+0xd/0x20 [ 12.983712] default_idle_call+0x48/0x80 [ 12.983732] do_idle+0x310/0x3c0 [ 12.983752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.983778] ? __pfx_do_idle+0x10/0x10 [ 12.983795] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 12.983819] ? complete+0x15b/0x1d0 [ 12.983856] cpu_startup_entry+0x5c/0x70 [ 12.983877] start_secondary+0x216/0x290 [ 12.983899] ? __pfx_start_secondary+0x10/0x10 [ 12.983924] common_startup_64+0x12c/0x138 [ 12.983956] </TASK> [ 12.983968] [ 12.994344] Allocated by task 206: [ 12.994508] kasan_save_stack+0x45/0x70 [ 12.994717] kasan_save_track+0x18/0x40 [ 12.994919] kasan_save_alloc_info+0x3b/0x50 [ 12.995369] __kasan_kmalloc+0xb7/0xc0 [ 12.995515] __kmalloc_cache_noprof+0x18a/0x420 [ 12.995674] rcu_uaf+0xb1/0x330 [ 12.995851] kunit_try_run_case+0x1a6/0x480 [ 12.996179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.996456] kthread+0x324/0x6e0 [ 12.996645] ret_from_fork+0x41/0x80 [ 12.996849] ret_from_fork_asm+0x1a/0x30 [ 12.997099] [ 12.997174] Freed by task 0: [ 12.997331] kasan_save_stack+0x45/0x70 [ 12.997527] kasan_save_track+0x18/0x40 [ 12.997723] kasan_save_free_info+0x3f/0x60 [ 12.997958] __kasan_slab_free+0x56/0x70 [ 12.998196] kfree+0x224/0x3f0 [ 12.998354] rcu_uaf_reclaim+0x1f/0x60 [ 12.998544] rcu_core+0x680/0x1d70 [ 12.998692] rcu_core_si+0x12/0x20 [ 12.998883] handle_softirqs+0x209/0x730 [ 12.999406] __irq_exit_rcu+0xc9/0x110 [ 12.999616] irq_exit_rcu+0x12/0x20 [ 12.999753] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.999942] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.000283] [ 13.000420] Last potentially related work creation: [ 13.000658] kasan_save_stack+0x45/0x70 [ 13.000817] kasan_record_aux_stack+0xb2/0xc0 [ 13.001139] __call_rcu_common.constprop.0+0x72/0xaa0 [ 13.001371] call_rcu+0x12/0x20 [ 13.001512] rcu_uaf+0x169/0x330 [ 13.001663] kunit_try_run_case+0x1a6/0x480 [ 13.001882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.002215] kthread+0x324/0x6e0 [ 13.002381] ret_from_fork+0x41/0x80 [ 13.002542] ret_from_fork_asm+0x1a/0x30 [ 13.002727] [ 13.002833] The buggy address belongs to the object at ffff888101b25e40 [ 13.002833] which belongs to the cache kmalloc-32 of size 32 [ 13.003550] The buggy address is located 0 bytes inside of [ 13.003550] freed 32-byte region [ffff888101b25e40, ffff888101b25e60) [ 13.004135] [ 13.004240] The buggy address belongs to the physical page: [ 13.004423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b25 [ 13.004663] flags: 0x200000000000000(node=0|zone=2) [ 13.004872] page_type: f5(slab) [ 13.005155] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.005505] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.005821] page dumped because: kasan: bad access detected [ 13.006090] [ 13.006165] Memory state around the buggy address: [ 13.006394] ffff888101b25d00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.006719] ffff888101b25d80: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 13.007338] >ffff888101b25e00: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.007651] ^ [ 13.007821] ffff888101b25e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008252] ffff888101b25f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.008575] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.925287] ================================================================== [ 12.925637] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 12.925959] Read of size 1 at addr ffff888101b0ed00 by task kunit_try_catch/204 [ 12.926365] [ 12.926458] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.926504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.926516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.926538] Call Trace: [ 12.926563] <TASK> [ 12.926583] dump_stack_lvl+0x73/0xb0 [ 12.926613] print_report+0xd1/0x650 [ 12.926635] ? __virt_addr_valid+0x1db/0x2d0 [ 12.926658] ? ksize_uaf+0x600/0x6c0 [ 12.926677] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.926702] ? ksize_uaf+0x600/0x6c0 [ 12.926721] kasan_report+0x140/0x180 [ 12.926742] ? ksize_uaf+0x600/0x6c0 [ 12.926766] __asan_report_load1_noabort+0x18/0x20 [ 12.926788] ksize_uaf+0x600/0x6c0 [ 12.926807] ? __pfx_ksize_uaf+0x10/0x10 [ 12.926827] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.926861] ? trace_hardirqs_on+0x37/0xe0 [ 12.926884] ? __pfx_read_tsc+0x10/0x10 [ 12.926905] ? ktime_get_ts64+0x86/0x230 [ 12.926930] kunit_try_run_case+0x1a6/0x480 [ 12.926952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.926974] ? queued_spin_lock_slowpath+0x117/0xb40 [ 12.927100] ? __kthread_parkme+0x82/0x160 [ 12.927125] ? preempt_count_sub+0x50/0x80 [ 12.927150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.927172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.927197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.927223] kthread+0x324/0x6e0 [ 12.927243] ? trace_preempt_on+0x20/0xc0 [ 12.927266] ? __pfx_kthread+0x10/0x10 [ 12.927287] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.927311] ? calculate_sigpending+0x7b/0xa0 [ 12.927333] ? __pfx_kthread+0x10/0x10 [ 12.927354] ret_from_fork+0x41/0x80 [ 12.927373] ? __pfx_kthread+0x10/0x10 [ 12.927394] ret_from_fork_asm+0x1a/0x30 [ 12.927426] </TASK> [ 12.927436] [ 12.934775] Allocated by task 204: [ 12.934978] kasan_save_stack+0x45/0x70 [ 12.935260] kasan_save_track+0x18/0x40 [ 12.935451] kasan_save_alloc_info+0x3b/0x50 [ 12.935653] __kasan_kmalloc+0xb7/0xc0 [ 12.935805] __kmalloc_cache_noprof+0x18a/0x420 [ 12.936202] ksize_uaf+0xab/0x6c0 [ 12.936356] kunit_try_run_case+0x1a6/0x480 [ 12.936556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.936790] kthread+0x324/0x6e0 [ 12.936931] ret_from_fork+0x41/0x80 [ 12.937189] ret_from_fork_asm+0x1a/0x30 [ 12.937396] [ 12.937493] Freed by task 204: [ 12.937657] kasan_save_stack+0x45/0x70 [ 12.937867] kasan_save_track+0x18/0x40 [ 12.938162] kasan_save_free_info+0x3f/0x60 [ 12.938341] __kasan_slab_free+0x56/0x70 [ 12.938524] kfree+0x224/0x3f0 [ 12.938694] ksize_uaf+0x12d/0x6c0 [ 12.938883] kunit_try_run_case+0x1a6/0x480 [ 12.939193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.939432] kthread+0x324/0x6e0 [ 12.939580] ret_from_fork+0x41/0x80 [ 12.939749] ret_from_fork_asm+0x1a/0x30 [ 12.939938] [ 12.940269] The buggy address belongs to the object at ffff888101b0ed00 [ 12.940269] which belongs to the cache kmalloc-128 of size 128 [ 12.940743] The buggy address is located 0 bytes inside of [ 12.940743] freed 128-byte region [ffff888101b0ed00, ffff888101b0ed80) [ 12.941199] [ 12.941280] The buggy address belongs to the physical page: [ 12.941507] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.941876] flags: 0x200000000000000(node=0|zone=2) [ 12.942256] page_type: f5(slab) [ 12.942434] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.942775] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.943218] page dumped because: kasan: bad access detected [ 12.943434] [ 12.943528] Memory state around the buggy address: [ 12.943737] ffff888101b0ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.944289] ffff888101b0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.944521] >ffff888101b0ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.944747] ^ [ 12.944926] ffff888101b0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.945364] ffff888101b0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.945697] ================================================================== [ 12.946275] ================================================================== [ 12.946633] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 12.946933] Read of size 1 at addr ffff888101b0ed78 by task kunit_try_catch/204 [ 12.947341] [ 12.947446] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.947490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.947502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.947523] Call Trace: [ 12.947542] <TASK> [ 12.947561] dump_stack_lvl+0x73/0xb0 [ 12.947589] print_report+0xd1/0x650 [ 12.947610] ? __virt_addr_valid+0x1db/0x2d0 [ 12.947632] ? ksize_uaf+0x5e6/0x6c0 [ 12.947651] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.947675] ? ksize_uaf+0x5e6/0x6c0 [ 12.947695] kasan_report+0x140/0x180 [ 12.947716] ? ksize_uaf+0x5e6/0x6c0 [ 12.947740] __asan_report_load1_noabort+0x18/0x20 [ 12.947763] ksize_uaf+0x5e6/0x6c0 [ 12.947782] ? __pfx_ksize_uaf+0x10/0x10 [ 12.947801] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.947824] ? trace_hardirqs_on+0x37/0xe0 [ 12.947859] ? __pfx_read_tsc+0x10/0x10 [ 12.947880] ? ktime_get_ts64+0x86/0x230 [ 12.947905] kunit_try_run_case+0x1a6/0x480 [ 12.947928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.947950] ? queued_spin_lock_slowpath+0x117/0xb40 [ 12.947971] ? __kthread_parkme+0x82/0x160 [ 12.948254] ? preempt_count_sub+0x50/0x80 [ 12.948289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.948312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.948337] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.948363] kthread+0x324/0x6e0 [ 12.948385] ? trace_preempt_on+0x20/0xc0 [ 12.948408] ? __pfx_kthread+0x10/0x10 [ 12.948429] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.948452] ? calculate_sigpending+0x7b/0xa0 [ 12.948474] ? __pfx_kthread+0x10/0x10 [ 12.948496] ret_from_fork+0x41/0x80 [ 12.948514] ? __pfx_kthread+0x10/0x10 [ 12.948535] ret_from_fork_asm+0x1a/0x30 [ 12.948566] </TASK> [ 12.948577] [ 12.955691] Allocated by task 204: [ 12.955869] kasan_save_stack+0x45/0x70 [ 12.956305] kasan_save_track+0x18/0x40 [ 12.956465] kasan_save_alloc_info+0x3b/0x50 [ 12.956616] __kasan_kmalloc+0xb7/0xc0 [ 12.956748] __kmalloc_cache_noprof+0x18a/0x420 [ 12.956933] ksize_uaf+0xab/0x6c0 [ 12.957215] kunit_try_run_case+0x1a6/0x480 [ 12.957470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.957737] kthread+0x324/0x6e0 [ 12.957930] ret_from_fork+0x41/0x80 [ 12.958257] ret_from_fork_asm+0x1a/0x30 [ 12.958464] [ 12.958560] Freed by task 204: [ 12.958721] kasan_save_stack+0x45/0x70 [ 12.958901] kasan_save_track+0x18/0x40 [ 12.959171] kasan_save_free_info+0x3f/0x60 [ 12.959329] __kasan_slab_free+0x56/0x70 [ 12.959466] kfree+0x224/0x3f0 [ 12.959585] ksize_uaf+0x12d/0x6c0 [ 12.959711] kunit_try_run_case+0x1a6/0x480 [ 12.959926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.960519] kthread+0x324/0x6e0 [ 12.960712] ret_from_fork+0x41/0x80 [ 12.960905] ret_from_fork_asm+0x1a/0x30 [ 12.961164] [ 12.961240] The buggy address belongs to the object at ffff888101b0ed00 [ 12.961240] which belongs to the cache kmalloc-128 of size 128 [ 12.961781] The buggy address is located 120 bytes inside of [ 12.961781] freed 128-byte region [ffff888101b0ed00, ffff888101b0ed80) [ 12.962394] [ 12.962495] The buggy address belongs to the physical page: [ 12.962724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.963146] flags: 0x200000000000000(node=0|zone=2) [ 12.963352] page_type: f5(slab) [ 12.963525] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.963797] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.964337] page dumped because: kasan: bad access detected [ 12.964588] [ 12.964662] Memory state around the buggy address: [ 12.964881] ffff888101b0ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.965268] ffff888101b0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.965551] >ffff888101b0ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.965852] ^ [ 12.966249] ffff888101b0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.966498] ffff888101b0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.966779] ================================================================== [ 12.901085] ================================================================== [ 12.901502] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 12.901729] Read of size 1 at addr ffff888101b0ed00 by task kunit_try_catch/204 [ 12.902004] [ 12.902192] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 12.902240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.902251] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.902273] Call Trace: [ 12.902287] <TASK> [ 12.902307] dump_stack_lvl+0x73/0xb0 [ 12.902336] print_report+0xd1/0x650 [ 12.902357] ? __virt_addr_valid+0x1db/0x2d0 [ 12.902380] ? ksize_uaf+0x19e/0x6c0 [ 12.902399] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.902424] ? ksize_uaf+0x19e/0x6c0 [ 12.902444] kasan_report+0x140/0x180 [ 12.902464] ? ksize_uaf+0x19e/0x6c0 [ 12.902486] ? ksize_uaf+0x19e/0x6c0 [ 12.902505] __kasan_check_byte+0x3d/0x50 [ 12.902526] ksize+0x20/0x60 [ 12.902545] ksize_uaf+0x19e/0x6c0 [ 12.902564] ? __pfx_ksize_uaf+0x10/0x10 [ 12.902583] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.902605] ? trace_hardirqs_on+0x37/0xe0 [ 12.902629] ? __pfx_read_tsc+0x10/0x10 [ 12.902650] ? ktime_get_ts64+0x86/0x230 [ 12.902676] kunit_try_run_case+0x1a6/0x480 [ 12.902699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902721] ? queued_spin_lock_slowpath+0x117/0xb40 [ 12.902742] ? __kthread_parkme+0x82/0x160 [ 12.902765] ? preempt_count_sub+0x50/0x80 [ 12.902789] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.902811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.902848] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.902873] kthread+0x324/0x6e0 [ 12.902894] ? trace_preempt_on+0x20/0xc0 [ 12.902915] ? __pfx_kthread+0x10/0x10 [ 12.902937] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.902960] ? calculate_sigpending+0x7b/0xa0 [ 12.902981] ? __pfx_kthread+0x10/0x10 [ 12.903003] ret_from_fork+0x41/0x80 [ 12.903775] ? __pfx_kthread+0x10/0x10 [ 12.903825] ret_from_fork_asm+0x1a/0x30 [ 12.903872] </TASK> [ 12.903885] [ 12.913817] Allocated by task 204: [ 12.914140] kasan_save_stack+0x45/0x70 [ 12.914369] kasan_save_track+0x18/0x40 [ 12.914550] kasan_save_alloc_info+0x3b/0x50 [ 12.914753] __kasan_kmalloc+0xb7/0xc0 [ 12.914902] __kmalloc_cache_noprof+0x18a/0x420 [ 12.915201] ksize_uaf+0xab/0x6c0 [ 12.915359] kunit_try_run_case+0x1a6/0x480 [ 12.915566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.915819] kthread+0x324/0x6e0 [ 12.916190] ret_from_fork+0x41/0x80 [ 12.916400] ret_from_fork_asm+0x1a/0x30 [ 12.916598] [ 12.916685] Freed by task 204: [ 12.916818] kasan_save_stack+0x45/0x70 [ 12.917122] kasan_save_track+0x18/0x40 [ 12.917298] kasan_save_free_info+0x3f/0x60 [ 12.917476] __kasan_slab_free+0x56/0x70 [ 12.917616] kfree+0x224/0x3f0 [ 12.917783] ksize_uaf+0x12d/0x6c0 [ 12.917970] kunit_try_run_case+0x1a6/0x480 [ 12.918283] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.918467] kthread+0x324/0x6e0 [ 12.918591] ret_from_fork+0x41/0x80 [ 12.918720] ret_from_fork_asm+0x1a/0x30 [ 12.918874] [ 12.918961] The buggy address belongs to the object at ffff888101b0ed00 [ 12.918961] which belongs to the cache kmalloc-128 of size 128 [ 12.919574] The buggy address is located 0 bytes inside of [ 12.919574] freed 128-byte region [ffff888101b0ed00, ffff888101b0ed80) [ 12.920309] [ 12.920414] The buggy address belongs to the physical page: [ 12.920665] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b0e [ 12.920961] flags: 0x200000000000000(node=0|zone=2) [ 12.921218] page_type: f5(slab) [ 12.921377] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.921733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.922201] page dumped because: kasan: bad access detected [ 12.922459] [ 12.922553] Memory state around the buggy address: [ 12.922762] ffff888101b0ec00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.923153] ffff888101b0ec80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.923443] >ffff888101b0ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.923725] ^ [ 12.923865] ffff888101b0ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.924397] ffff888101b0ee00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.924678] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.933709] ================================================================== [ 11.934603] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 11.934855] Read of size 1 at addr ffff888102c70000 by task kunit_try_catch/162 [ 11.935116] [ 11.935438] CPU: 0 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.935488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.935500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.935523] Call Trace: [ 11.935537] <TASK> [ 11.935558] dump_stack_lvl+0x73/0xb0 [ 11.935591] print_report+0xd1/0x650 [ 11.935612] ? __virt_addr_valid+0x1db/0x2d0 [ 11.935636] ? page_alloc_uaf+0x358/0x3d0 [ 11.935657] ? kasan_addr_to_slab+0x11/0xa0 [ 11.935676] ? page_alloc_uaf+0x358/0x3d0 [ 11.935697] kasan_report+0x140/0x180 [ 11.935717] ? page_alloc_uaf+0x358/0x3d0 [ 11.935742] __asan_report_load1_noabort+0x18/0x20 [ 11.935765] page_alloc_uaf+0x358/0x3d0 [ 11.935785] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.935807] ? __schedule+0xce8/0x2840 [ 11.935833] ? __pfx_read_tsc+0x10/0x10 [ 11.935866] ? ktime_get_ts64+0x86/0x230 [ 11.935931] kunit_try_run_case+0x1a6/0x480 [ 11.935970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.936002] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.936023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.936047] ? __kthread_parkme+0x82/0x160 [ 11.936070] ? preempt_count_sub+0x50/0x80 [ 11.936095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.936117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.936142] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.936167] kthread+0x324/0x6e0 [ 11.936188] ? trace_preempt_on+0x20/0xc0 [ 11.936212] ? __pfx_kthread+0x10/0x10 [ 11.936233] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.936256] ? calculate_sigpending+0x7b/0xa0 [ 11.936277] ? __pfx_kthread+0x10/0x10 [ 11.936299] ret_from_fork+0x41/0x80 [ 11.936318] ? __pfx_kthread+0x10/0x10 [ 11.936340] ret_from_fork_asm+0x1a/0x30 [ 11.936373] </TASK> [ 11.936384] [ 11.949980] The buggy address belongs to the physical page: [ 11.950650] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c70 [ 11.950929] flags: 0x200000000000000(node=0|zone=2) [ 11.951423] page_type: f0(buddy) [ 11.951746] raw: 0200000000000000 ffff88817fffd4a0 ffff88817fffd4a0 0000000000000000 [ 11.952552] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.953319] page dumped because: kasan: bad access detected [ 11.953783] [ 11.953867] Memory state around the buggy address: [ 11.954078] ffff888102c6ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.954778] ffff888102c6ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.955671] >ffff888102c70000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.956047] ^ [ 11.956360] ffff888102c70080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.956947] ffff888102c70100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.957220] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 11.907618] ================================================================== [ 11.908238] BUG: KASAN: invalid-free in kfree+0x276/0x3f0 [ 11.908580] Free of addr ffff888102938001 by task kunit_try_catch/158 [ 11.908885] [ 11.909060] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.909126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.909138] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.909161] Call Trace: [ 11.909176] <TASK> [ 11.909199] dump_stack_lvl+0x73/0xb0 [ 11.909232] print_report+0xd1/0x650 [ 11.909255] ? __virt_addr_valid+0x1db/0x2d0 [ 11.909280] ? kasan_addr_to_slab+0x11/0xa0 [ 11.909300] ? kfree+0x276/0x3f0 [ 11.909323] kasan_report_invalid_free+0xfc/0x120 [ 11.909346] ? kfree+0x276/0x3f0 [ 11.909368] ? kfree+0x276/0x3f0 [ 11.909388] __kasan_kfree_large+0x86/0xd0 [ 11.909408] free_large_kmalloc+0x3b/0xd0 [ 11.909430] kfree+0x276/0x3f0 [ 11.909451] ? kmalloc_large_invalid_free+0x90/0x2b0 [ 11.909474] kmalloc_large_invalid_free+0x121/0x2b0 [ 11.909495] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.909530] ? __pfx_queued_spin_lock_slowpath+0x10/0x10 [ 11.909555] ? __pfx_read_tsc+0x10/0x10 [ 11.909578] ? ktime_get_ts64+0x86/0x230 [ 11.909616] kunit_try_run_case+0x1a6/0x480 [ 11.909641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.909662] ? _raw_spin_lock_irqsave+0xfb/0x110 [ 11.909681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.909706] ? __kthread_parkme+0x82/0x160 [ 11.909729] ? preempt_count_sub+0x50/0x80 [ 11.909760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.909781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.909806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.909831] kthread+0x324/0x6e0 [ 11.909861] ? trace_preempt_on+0x20/0xc0 [ 11.909887] ? __pfx_kthread+0x10/0x10 [ 11.909909] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.909932] ? calculate_sigpending+0x7b/0xa0 [ 11.909954] ? __pfx_kthread+0x10/0x10 [ 11.909976] ret_from_fork+0x41/0x80 [ 11.910013] ? __pfx_kthread+0x10/0x10 [ 11.910059] ret_from_fork_asm+0x1a/0x30 [ 11.910091] </TASK> [ 11.910114] [ 11.918943] The buggy address belongs to the physical page: [ 11.919351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 11.919732] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.920075] flags: 0x200000000000040(head|node=0|zone=2) [ 11.920361] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.920653] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.921128] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.921468] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.921804] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 11.922369] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.922695] page dumped because: kasan: bad access detected [ 11.922961] [ 11.923147] Memory state around the buggy address: [ 11.923396] ffff888102937f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.923676] ffff888102937f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.923968] >ffff888102938000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.924356] ^ [ 11.924524] ffff888102938080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.924848] ffff888102938100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.925278] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.885747] ================================================================== [ 11.886710] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 11.887267] Read of size 1 at addr ffff888102938000 by task kunit_try_catch/156 [ 11.887597] [ 11.887711] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.887758] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.887770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.887791] Call Trace: [ 11.887807] <TASK> [ 11.887827] dump_stack_lvl+0x73/0xb0 [ 11.887869] print_report+0xd1/0x650 [ 11.887892] ? __virt_addr_valid+0x1db/0x2d0 [ 11.887914] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.887943] ? kasan_addr_to_slab+0x11/0xa0 [ 11.887962] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.887982] kasan_report+0x140/0x180 [ 11.888158] ? kmalloc_large_uaf+0x2f3/0x340 [ 11.888185] __asan_report_load1_noabort+0x18/0x20 [ 11.888209] kmalloc_large_uaf+0x2f3/0x340 [ 11.888229] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.888250] ? __schedule+0xce8/0x2840 [ 11.888275] ? __pfx_read_tsc+0x10/0x10 [ 11.888297] ? ktime_get_ts64+0x86/0x230 [ 11.888323] kunit_try_run_case+0x1a6/0x480 [ 11.888347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.888367] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.888387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.888411] ? __kthread_parkme+0x82/0x160 [ 11.888433] ? preempt_count_sub+0x50/0x80 [ 11.888457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.888478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.888503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.888528] kthread+0x324/0x6e0 [ 11.888550] ? trace_preempt_on+0x20/0xc0 [ 11.888573] ? __pfx_kthread+0x10/0x10 [ 11.888595] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.888617] ? calculate_sigpending+0x7b/0xa0 [ 11.888638] ? __pfx_kthread+0x10/0x10 [ 11.888660] ret_from_fork+0x41/0x80 [ 11.888678] ? __pfx_kthread+0x10/0x10 [ 11.888699] ret_from_fork_asm+0x1a/0x30 [ 11.888730] </TASK> [ 11.888741] [ 11.896642] The buggy address belongs to the physical page: [ 11.896930] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 11.897321] flags: 0x200000000000000(node=0|zone=2) [ 11.897606] raw: 0200000000000000 ffffea00040a4f08 ffff888154b3ef40 0000000000000000 [ 11.897928] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.898279] page dumped because: kasan: bad access detected [ 11.898534] [ 11.898645] Memory state around the buggy address: [ 11.898894] ffff888102937f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.899544] ffff888102937f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.899884] >ffff888102938000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.900328] ^ [ 11.900506] ffff888102938080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.900798] ffff888102938100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.901162] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.864748] ================================================================== [ 11.865436] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 11.865696] Write of size 1 at addr ffff88810293a00a by task kunit_try_catch/154 [ 11.865958] [ 11.866138] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.866188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.866200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.866223] Call Trace: [ 11.866237] <TASK> [ 11.866258] dump_stack_lvl+0x73/0xb0 [ 11.866286] print_report+0xd1/0x650 [ 11.866309] ? __virt_addr_valid+0x1db/0x2d0 [ 11.866331] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.866351] ? kasan_addr_to_slab+0x11/0xa0 [ 11.866371] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.866391] kasan_report+0x140/0x180 [ 11.866412] ? kmalloc_large_oob_right+0x2eb/0x340 [ 11.866436] __asan_report_store1_noabort+0x1b/0x30 [ 11.866460] kmalloc_large_oob_right+0x2eb/0x340 [ 11.866481] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.866502] ? __schedule+0xce8/0x2840 [ 11.866526] ? __pfx_read_tsc+0x10/0x10 [ 11.866548] ? ktime_get_ts64+0x86/0x230 [ 11.866574] kunit_try_run_case+0x1a6/0x480 [ 11.866598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866619] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.866639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.866689] ? __kthread_parkme+0x82/0x160 [ 11.866715] ? preempt_count_sub+0x50/0x80 [ 11.866741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.866776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.866802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.866827] kthread+0x324/0x6e0 [ 11.866858] ? trace_preempt_on+0x20/0xc0 [ 11.866882] ? __pfx_kthread+0x10/0x10 [ 11.866904] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.866927] ? calculate_sigpending+0x7b/0xa0 [ 11.866949] ? __pfx_kthread+0x10/0x10 [ 11.866971] ret_from_fork+0x41/0x80 [ 11.867008] ? __pfx_kthread+0x10/0x10 [ 11.867030] ret_from_fork_asm+0x1a/0x30 [ 11.867077] </TASK> [ 11.867088] [ 11.875404] The buggy address belongs to the physical page: [ 11.875690] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102938 [ 11.876192] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.876535] flags: 0x200000000000040(head|node=0|zone=2) [ 11.876810] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.877312] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.877640] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.877981] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 11.878363] head: 0200000000000002 ffffea00040a4e01 ffffffffffffffff 0000000000000000 [ 11.878629] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 11.879313] page dumped because: kasan: bad access detected [ 11.879582] [ 11.879678] Memory state around the buggy address: [ 11.879949] ffff888102939f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.880431] ffff888102939f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.880728] >ffff88810293a000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.881185] ^ [ 11.881397] ffff88810293a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.881698] ffff88810293a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.881956] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.830745] ================================================================== [ 11.832181] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 11.832886] Write of size 1 at addr ffff888102c21f00 by task kunit_try_catch/152 [ 11.833335] [ 11.833524] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.833571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.833597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.833646] Call Trace: [ 11.833661] <TASK> [ 11.833683] dump_stack_lvl+0x73/0xb0 [ 11.833712] print_report+0xd1/0x650 [ 11.833735] ? __virt_addr_valid+0x1db/0x2d0 [ 11.833763] ? kmalloc_big_oob_right+0x318/0x370 [ 11.833797] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.833821] ? kmalloc_big_oob_right+0x318/0x370 [ 11.833853] kasan_report+0x140/0x180 [ 11.833876] ? kmalloc_big_oob_right+0x318/0x370 [ 11.833901] __asan_report_store1_noabort+0x1b/0x30 [ 11.833924] kmalloc_big_oob_right+0x318/0x370 [ 11.833945] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.833966] ? __schedule+0xce8/0x2840 [ 11.834010] ? __pfx_read_tsc+0x10/0x10 [ 11.834067] ? ktime_get_ts64+0x86/0x230 [ 11.834095] kunit_try_run_case+0x1a6/0x480 [ 11.834119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.834139] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.834160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.834183] ? __kthread_parkme+0x82/0x160 [ 11.834205] ? preempt_count_sub+0x50/0x80 [ 11.834229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.834251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.834276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.834302] kthread+0x324/0x6e0 [ 11.834323] ? trace_preempt_on+0x20/0xc0 [ 11.834346] ? __pfx_kthread+0x10/0x10 [ 11.834368] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.834390] ? calculate_sigpending+0x7b/0xa0 [ 11.834411] ? __pfx_kthread+0x10/0x10 [ 11.834433] ret_from_fork+0x41/0x80 [ 11.834451] ? __pfx_kthread+0x10/0x10 [ 11.834473] ret_from_fork_asm+0x1a/0x30 [ 11.834503] </TASK> [ 11.834514] [ 11.845813] Allocated by task 152: [ 11.846174] kasan_save_stack+0x45/0x70 [ 11.846605] kasan_save_track+0x18/0x40 [ 11.846873] kasan_save_alloc_info+0x3b/0x50 [ 11.847287] __kasan_kmalloc+0xb7/0xc0 [ 11.847640] __kmalloc_cache_noprof+0x18a/0x420 [ 11.847873] kmalloc_big_oob_right+0xaa/0x370 [ 11.848033] kunit_try_run_case+0x1a6/0x480 [ 11.848230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.848412] kthread+0x324/0x6e0 [ 11.848536] ret_from_fork+0x41/0x80 [ 11.848665] ret_from_fork_asm+0x1a/0x30 [ 11.848810] [ 11.848902] The buggy address belongs to the object at ffff888102c20000 [ 11.848902] which belongs to the cache kmalloc-8k of size 8192 [ 11.849531] The buggy address is located 0 bytes to the right of [ 11.849531] allocated 7936-byte region [ffff888102c20000, ffff888102c21f00) [ 11.849971] [ 11.850077] The buggy address belongs to the physical page: [ 11.850626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c20 [ 11.851429] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.852187] flags: 0x200000000000040(head|node=0|zone=2) [ 11.852610] page_type: f5(slab) [ 11.852742] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.852984] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.853787] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.854699] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.855478] head: 0200000000000003 ffffea00040b0801 ffffffffffffffff 0000000000000000 [ 11.855917] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 11.856556] page dumped because: kasan: bad access detected [ 11.857120] [ 11.857297] Memory state around the buggy address: [ 11.857589] ffff888102c21e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.857812] ffff888102c21e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.858132] >ffff888102c21f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.858849] ^ [ 11.859167] ffff888102c21f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.859875] ffff888102c22000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.860656] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 11.775736] ================================================================== [ 11.777701] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 11.778605] Write of size 1 at addr ffff888102ac8c78 by task kunit_try_catch/150 [ 11.778999] [ 11.779295] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.779347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.779359] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.779392] Call Trace: [ 11.779406] <TASK> [ 11.779427] dump_stack_lvl+0x73/0xb0 [ 11.779474] print_report+0xd1/0x650 [ 11.779496] ? __virt_addr_valid+0x1db/0x2d0 [ 11.779520] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 11.779544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.779568] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 11.779591] kasan_report+0x140/0x180 [ 11.779611] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 11.779639] __asan_report_store1_noabort+0x1b/0x30 [ 11.779661] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 11.779684] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.779708] ? __schedule+0xce8/0x2840 [ 11.779734] ? __pfx_read_tsc+0x10/0x10 [ 11.779757] ? ktime_get_ts64+0x86/0x230 [ 11.779783] kunit_try_run_case+0x1a6/0x480 [ 11.779808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.779828] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.779860] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.779884] ? __kthread_parkme+0x82/0x160 [ 11.779907] ? preempt_count_sub+0x50/0x80 [ 11.779932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.779953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.779978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.780217] kthread+0x324/0x6e0 [ 11.780252] ? trace_preempt_on+0x20/0xc0 [ 11.780278] ? __pfx_kthread+0x10/0x10 [ 11.780299] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.780323] ? calculate_sigpending+0x7b/0xa0 [ 11.780344] ? __pfx_kthread+0x10/0x10 [ 11.780366] ret_from_fork+0x41/0x80 [ 11.780385] ? __pfx_kthread+0x10/0x10 [ 11.780406] ret_from_fork_asm+0x1a/0x30 [ 11.780438] </TASK> [ 11.780450] [ 11.793221] Allocated by task 150: [ 11.794178] kasan_save_stack+0x45/0x70 [ 11.794689] kasan_save_track+0x18/0x40 [ 11.795241] kasan_save_alloc_info+0x3b/0x50 [ 11.795754] __kasan_kmalloc+0xb7/0xc0 [ 11.796406] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 11.796953] kmalloc_track_caller_oob_right+0x9a/0x530 [ 11.797828] kunit_try_run_case+0x1a6/0x480 [ 11.798252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.798734] kthread+0x324/0x6e0 [ 11.798882] ret_from_fork+0x41/0x80 [ 11.799066] ret_from_fork_asm+0x1a/0x30 [ 11.799711] [ 11.799981] The buggy address belongs to the object at ffff888102ac8c00 [ 11.799981] which belongs to the cache kmalloc-128 of size 128 [ 11.801517] The buggy address is located 0 bytes to the right of [ 11.801517] allocated 120-byte region [ffff888102ac8c00, ffff888102ac8c78) [ 11.802256] [ 11.802545] The buggy address belongs to the physical page: [ 11.803211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac8 [ 11.804169] flags: 0x200000000000000(node=0|zone=2) [ 11.804386] page_type: f5(slab) [ 11.804516] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.804747] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.804986] page dumped because: kasan: bad access detected [ 11.805503] [ 11.805602] Memory state around the buggy address: [ 11.805770] ffff888102ac8b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.805997] ffff888102ac8b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.806751] >ffff888102ac8c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.807473] ^ [ 11.808096] ffff888102ac8c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.808574] ffff888102ac8d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.809517] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 11.739255] ================================================================== [ 11.739724] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 11.739981] Read of size 1 at addr ffff888102b7b000 by task kunit_try_catch/148 [ 11.741140] [ 11.741573] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.7-rc1 #1 [ 11.741664] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.741772] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.741795] Call Trace: [ 11.741811] <TASK> [ 11.741832] dump_stack_lvl+0x73/0xb0 [ 11.741876] print_report+0xd1/0x650 [ 11.741898] ? __virt_addr_valid+0x1db/0x2d0 [ 11.741921] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.741943] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.741969] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.742014] kasan_report+0x140/0x180 [ 11.742050] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 11.742077] __asan_report_load1_noabort+0x18/0x20 [ 11.742099] kmalloc_node_oob_right+0x36b/0x3d0 [ 11.742122] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.742147] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 11.742173] kunit_try_run_case+0x1a6/0x480 [ 11.742197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.742218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 11.742239] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.742264] ? __kthread_parkme+0x82/0x160 [ 11.742286] ? preempt_count_sub+0x50/0x80 [ 11.742311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.742332] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.742357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.742382] kthread+0x324/0x6e0 [ 11.742403] ? trace_preempt_on+0x20/0xc0 [ 11.742426] ? __pfx_kthread+0x10/0x10 [ 11.742448] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.742471] ? calculate_sigpending+0x7b/0xa0 [ 11.742491] ? __pfx_kthread+0x10/0x10 [ 11.742513] ret_from_fork+0x41/0x80 [ 11.742532] ? __pfx_kthread+0x10/0x10 [ 11.742554] ret_from_fork_asm+0x1a/0x30 [ 11.742584] </TASK> [ 11.742595] [ 11.754276] Allocated by task 148: [ 11.754662] kasan_save_stack+0x45/0x70 [ 11.755139] kasan_save_track+0x18/0x40 [ 11.755296] kasan_save_alloc_info+0x3b/0x50 [ 11.755638] __kasan_kmalloc+0xb7/0xc0 [ 11.756210] __kmalloc_cache_node_noprof+0x189/0x420 [ 11.756544] kmalloc_node_oob_right+0xac/0x3d0 [ 11.756701] kunit_try_run_case+0x1a6/0x480 [ 11.756859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.757220] kthread+0x324/0x6e0 [ 11.757542] ret_from_fork+0x41/0x80 [ 11.757906] ret_from_fork_asm+0x1a/0x30 [ 11.758387] [ 11.758554] The buggy address belongs to the object at ffff888102b7a000 [ 11.758554] which belongs to the cache kmalloc-4k of size 4096 [ 11.759701] The buggy address is located 0 bytes to the right of [ 11.759701] allocated 4096-byte region [ffff888102b7a000, ffff888102b7b000) [ 11.760552] [ 11.760631] The buggy address belongs to the physical page: [ 11.760891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b78 [ 11.762259] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.762940] flags: 0x200000000000040(head|node=0|zone=2) [ 11.763590] page_type: f5(slab) [ 11.763719] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.763974] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.764788] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 11.765574] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 11.766590] head: 0200000000000003 ffffea00040ade01 ffffffffffffffff 0000000000000000 [ 11.766833] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 11.767423] page dumped because: kasan: bad access detected [ 11.767966] [ 11.768223] Memory state around the buggy address: [ 11.768678] ffff888102b7af00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.769425] ffff888102b7af80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.769757] >ffff888102b7b000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.770080] ^ [ 11.770431] ffff888102b7b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.771512] ffff888102b7b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.772227] ==================================================================
Failure - kunit - _kasan
<8>[ 198.409248] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=_kasan RESULT=fail> _kasan fail