Date
June 2, 2025, 2:13 p.m.
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.609562] WARNING: CPU: 1 PID: 1735 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.611203] Modules linked in: [ 138.611842] CPU: 1 UID: 0 PID: 1735 Comm: kunit_try_catch Tainted: G B D N 6.14.10-rc1 #1 [ 138.612661] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 138.613367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.613883] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.614482] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 138.615821] RSP: 0000:ffff8881051c7c90 EFLAGS: 00010246 [ 138.616030] RAX: dffffc0000000000 RBX: ffff88810480c000 RCX: 0000000000000000 [ 138.616244] RDX: 1ffff11020901832 RSI: ffffffff959e1089 RDI: ffff88810480c190 [ 138.616454] RBP: ffff8881051c7ca0 R08: 1ffff11020062f69 R09: ffffed1020a38f65 [ 138.616691] R10: 0000000000000003 R11: ffffffff94f71418 R12: 0000000000000000 [ 138.617243] R13: ffff8881051c7d38 R14: ffff888100317c50 R15: ffff888100317c58 [ 138.618020] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 138.618685] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.619084] CR2: ffffffffffffffff CR3: 00000000244b8000 CR4: 00000000000006f0 [ 138.619446] DR0: ffffffff9a607264 DR1: ffffffff9a607269 DR2: ffffffff9a60726a [ 138.620082] DR3: ffffffff9a60726b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.620511] Call Trace: [ 138.620788] <TASK> [ 138.620900] drm_test_drm_connector_dynamic_register_early_no_init+0x105/0x290 [ 138.621224] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.621843] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.622295] kunit_try_run_case+0x1a6/0x480 [ 138.622632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.623056] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 138.623411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.623835] ? __kthread_parkme+0x82/0x160 [ 138.624166] ? preempt_count_sub+0x50/0x80 [ 138.624476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.624921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.625317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.625880] kthread+0x324/0x6e0 [ 138.626183] ? trace_preempt_on+0x20/0xc0 [ 138.626480] ? __pfx_kthread+0x10/0x10 [ 138.626919] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.627292] ? calculate_sigpending+0x7b/0xa0 [ 138.627716] ? __pfx_kthread+0x10/0x10 [ 138.628004] ret_from_fork+0x41/0x80 [ 138.628162] ? __pfx_kthread+0x10/0x10 [ 138.628510] ret_from_fork_asm+0x1a/0x30 [ 138.628881] </TASK> [ 138.629035] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.687791] WARNING: CPU: 0 PID: 1743 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.688464] Modules linked in: [ 138.688650] CPU: 0 UID: 0 PID: 1743 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 138.688936] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.689240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.690154] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.690462] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 b8 [ 138.691609] RSP: 0000:ffff888104effc90 EFLAGS: 00010246 [ 138.692232] RAX: dffffc0000000000 RBX: ffff888104e8a000 RCX: 0000000000000000 [ 138.692746] RDX: 1ffff110209d1432 RSI: ffffffff959e1089 RDI: ffff888104e8a190 [ 138.693439] RBP: ffff888104effca0 R08: 1ffff11020062f69 R09: ffffed10209dff65 [ 138.694069] R10: 0000000000000003 R11: ffffffff94f71418 R12: 0000000000000000 [ 138.694543] R13: ffff888104effd38 R14: ffff888100317c50 R15: ffff888100317c58 [ 138.694942] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 138.695512] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.695917] CR2: 00007ffff7ffe000 CR3: 00000000244b8000 CR4: 00000000000006f0 [ 138.696225] DR0: ffffffff9a607260 DR1: ffffffff9a607261 DR2: ffffffff9a607263 [ 138.696698] DR3: ffffffff9a607265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.697008] Call Trace: [ 138.697153] <TASK> [ 138.697311] drm_test_drm_connector_dynamic_register_no_init+0x105/0x290 [ 138.697744] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.698069] ? __schedule+0xce8/0x2840 [ 138.698264] ? __pfx_read_tsc+0x10/0x10 [ 138.698456] ? ktime_get_ts64+0x86/0x230 [ 138.698673] kunit_try_run_case+0x1a6/0x480 [ 138.699044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.699226] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 138.699463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.700009] ? __kthread_parkme+0x82/0x160 [ 138.700225] ? preempt_count_sub+0x50/0x80 [ 138.700427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.700838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.701150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.701424] kthread+0x324/0x6e0 [ 138.701805] ? trace_preempt_on+0x20/0xc0 [ 138.702059] ? __pfx_kthread+0x10/0x10 [ 138.702281] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.702453] ? calculate_sigpending+0x7b/0xa0 [ 138.702928] ? __pfx_kthread+0x10/0x10 [ 138.703118] ret_from_fork+0x41/0x80 [ 138.703306] ? __pfx_kthread+0x10/0x10 [ 138.703533] ret_from_fork_asm+0x1a/0x30 [ 138.703711] </TASK> [ 138.703981] ---[ end trace 0000000000000000 ]---
Failure - kunit - _kasan
<8>[ 184.411427] <LAVA_SIGNAL_TESTCASE TEST_CASE_ID=_kasan RESULT=fail> _kasan fail
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 12.744757] ================================================================== [ 12.745206] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x160/0x320 [ 12.745496] Write of size 128 at addr ffff888101bd1900 by task kunit_try_catch/178 [ 12.745885] [ 12.746000] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.746051] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.746062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.746082] Call Trace: [ 12.746094] <TASK> [ 12.746110] dump_stack_lvl+0x73/0xb0 [ 12.746134] print_report+0xd1/0x650 [ 12.746155] ? __virt_addr_valid+0x1db/0x2d0 [ 12.746177] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.746197] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.746221] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.746242] kasan_report+0x140/0x180 [ 12.746262] ? kmalloc_oob_in_memset+0x160/0x320 [ 12.746288] kasan_check_range+0x10c/0x1c0 [ 12.746312] __asan_memset+0x27/0x50 [ 12.746335] kmalloc_oob_in_memset+0x160/0x320 [ 12.746357] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.746381] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 12.746406] kunit_try_run_case+0x1a6/0x480 [ 12.746429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.746450] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.746474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.746498] ? __kthread_parkme+0x82/0x160 [ 12.746519] ? preempt_count_sub+0x50/0x80 [ 12.746544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.746568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.746596] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.746621] kthread+0x324/0x6e0 [ 12.746641] ? trace_preempt_on+0x20/0xc0 [ 12.746663] ? __pfx_kthread+0x10/0x10 [ 12.746685] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.746706] ? calculate_sigpending+0x7b/0xa0 [ 12.746727] ? __pfx_kthread+0x10/0x10 [ 12.746748] ret_from_fork+0x41/0x80 [ 12.746766] ? __pfx_kthread+0x10/0x10 [ 12.746788] ret_from_fork_asm+0x1a/0x30 [ 12.746818] </TASK> [ 12.746828] [ 12.753217] Allocated by task 178: [ 12.753353] kasan_save_stack+0x45/0x70 [ 12.753551] kasan_save_track+0x18/0x40 [ 12.753750] kasan_save_alloc_info+0x3b/0x50 [ 12.753958] __kasan_kmalloc+0xb7/0xc0 [ 12.754165] __kmalloc_cache_noprof+0x18a/0x420 [ 12.754392] kmalloc_oob_in_memset+0xad/0x320 [ 12.754685] kunit_try_run_case+0x1a6/0x480 [ 12.754895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.755130] kthread+0x324/0x6e0 [ 12.755250] ret_from_fork+0x41/0x80 [ 12.755430] ret_from_fork_asm+0x1a/0x30 [ 12.755904] [ 12.756027] The buggy address belongs to the object at ffff888101bd1900 [ 12.756027] which belongs to the cache kmalloc-128 of size 128 [ 12.756507] The buggy address is located 0 bytes inside of [ 12.756507] allocated 120-byte region [ffff888101bd1900, ffff888101bd1978) [ 12.757006] [ 12.757089] The buggy address belongs to the physical page: [ 12.757613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.757953] flags: 0x200000000000000(node=0|zone=2) [ 12.758167] page_type: f5(slab) [ 12.758340] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.759706] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.760056] page dumped because: kasan: bad access detected [ 12.760291] [ 12.760372] Memory state around the buggy address: [ 12.760935] ffff888101bd1800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.761233] ffff888101bd1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.761534] >ffff888101bd1900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.761904] ^ [ 12.762218] ffff888101bd1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.762509] ffff888101bd1a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.763308] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 12.713347] ================================================================== [ 12.713817] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47d/0x4c0 [ 12.714136] Read of size 16 at addr ffff8881025d03a0 by task kunit_try_catch/176 [ 12.714454] [ 12.714555] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.714594] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.714605] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.714624] Call Trace: [ 12.714636] <TASK> [ 12.714652] dump_stack_lvl+0x73/0xb0 [ 12.714679] print_report+0xd1/0x650 [ 12.714703] ? __virt_addr_valid+0x1db/0x2d0 [ 12.714729] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.714751] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.714779] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.714802] kasan_report+0x140/0x180 [ 12.714827] ? kmalloc_uaf_16+0x47d/0x4c0 [ 12.714855] __asan_report_load16_noabort+0x18/0x20 [ 12.714881] kmalloc_uaf_16+0x47d/0x4c0 [ 12.714904] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 12.714928] ? __schedule+0xce8/0x2840 [ 12.714954] ? __pfx_read_tsc+0x10/0x10 [ 12.714978] ? ktime_get_ts64+0x86/0x230 [ 12.715008] kunit_try_run_case+0x1a6/0x480 [ 12.715045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.715069] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.715095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.715121] ? __kthread_parkme+0x82/0x160 [ 12.715147] ? preempt_count_sub+0x50/0x80 [ 12.715174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.715200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.715229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.715258] kthread+0x324/0x6e0 [ 12.715283] ? trace_preempt_on+0x20/0xc0 [ 12.715309] ? __pfx_kthread+0x10/0x10 [ 12.715334] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.715359] ? calculate_sigpending+0x7b/0xa0 [ 12.715384] ? __pfx_kthread+0x10/0x10 [ 12.715409] ret_from_fork+0x41/0x80 [ 12.715431] ? __pfx_kthread+0x10/0x10 [ 12.715457] ret_from_fork_asm+0x1a/0x30 [ 12.715492] </TASK> [ 12.715502] [ 12.723427] Allocated by task 176: [ 12.724142] kasan_save_stack+0x45/0x70 [ 12.724473] kasan_save_track+0x18/0x40 [ 12.724779] kasan_save_alloc_info+0x3b/0x50 [ 12.724986] __kasan_kmalloc+0xb7/0xc0 [ 12.725173] __kmalloc_cache_noprof+0x18a/0x420 [ 12.725380] kmalloc_uaf_16+0x15c/0x4c0 [ 12.725547] kunit_try_run_case+0x1a6/0x480 [ 12.726336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.726991] kthread+0x324/0x6e0 [ 12.727234] ret_from_fork+0x41/0x80 [ 12.727416] ret_from_fork_asm+0x1a/0x30 [ 12.727995] [ 12.728110] Freed by task 176: [ 12.728257] kasan_save_stack+0x45/0x70 [ 12.728444] kasan_save_track+0x18/0x40 [ 12.728970] kasan_save_free_info+0x3f/0x60 [ 12.729393] __kasan_slab_free+0x56/0x70 [ 12.729695] kfree+0x224/0x3f0 [ 12.729979] kmalloc_uaf_16+0x1d7/0x4c0 [ 12.730177] kunit_try_run_case+0x1a6/0x480 [ 12.730368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.730909] kthread+0x324/0x6e0 [ 12.731146] ret_from_fork+0x41/0x80 [ 12.731448] ret_from_fork_asm+0x1a/0x30 [ 12.732088] [ 12.732185] The buggy address belongs to the object at ffff8881025d03a0 [ 12.732185] which belongs to the cache kmalloc-16 of size 16 [ 12.733331] The buggy address is located 0 bytes inside of [ 12.733331] freed 16-byte region [ffff8881025d03a0, ffff8881025d03b0) [ 12.734269] [ 12.734370] The buggy address belongs to the physical page: [ 12.734882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025d0 [ 12.735226] flags: 0x200000000000000(node=0|zone=2) [ 12.735435] page_type: f5(slab) [ 12.736041] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.736448] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.736956] page dumped because: kasan: bad access detected [ 12.737203] [ 12.737289] Memory state around the buggy address: [ 12.737493] ffff8881025d0280: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.738356] ffff8881025d0300: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.739114] >ffff8881025d0380: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.739836] ^ [ 12.740048] ffff8881025d0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.740336] ffff8881025d0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.740916] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 12.687108] ================================================================== [ 12.687496] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x454/0x4a0 [ 12.687732] Write of size 16 at addr ffff888101b5ab60 by task kunit_try_catch/174 [ 12.687955] [ 12.688049] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.688087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.688098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.688119] Call Trace: [ 12.688130] <TASK> [ 12.688146] dump_stack_lvl+0x73/0xb0 [ 12.688170] print_report+0xd1/0x650 [ 12.688191] ? __virt_addr_valid+0x1db/0x2d0 [ 12.688213] ? kmalloc_oob_16+0x454/0x4a0 [ 12.688232] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.688256] ? kmalloc_oob_16+0x454/0x4a0 [ 12.688276] kasan_report+0x140/0x180 [ 12.688297] ? kmalloc_oob_16+0x454/0x4a0 [ 12.688320] __asan_report_store16_noabort+0x1b/0x30 [ 12.688343] kmalloc_oob_16+0x454/0x4a0 [ 12.688363] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 12.688383] ? __schedule+0xce8/0x2840 [ 12.688406] ? __pfx_read_tsc+0x10/0x10 [ 12.688427] ? ktime_get_ts64+0x86/0x230 [ 12.688452] kunit_try_run_case+0x1a6/0x480 [ 12.688475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.688495] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.688518] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.688541] ? __kthread_parkme+0x82/0x160 [ 12.688562] ? preempt_count_sub+0x50/0x80 [ 12.688586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.688608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.688633] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.688659] kthread+0x324/0x6e0 [ 12.688679] ? trace_preempt_on+0x20/0xc0 [ 12.688701] ? __pfx_kthread+0x10/0x10 [ 12.688722] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.688744] ? calculate_sigpending+0x7b/0xa0 [ 12.688765] ? __pfx_kthread+0x10/0x10 [ 12.688786] ret_from_fork+0x41/0x80 [ 12.688805] ? __pfx_kthread+0x10/0x10 [ 12.688827] ret_from_fork_asm+0x1a/0x30 [ 12.688857] </TASK> [ 12.688867] [ 12.700262] Allocated by task 174: [ 12.700451] kasan_save_stack+0x45/0x70 [ 12.700737] kasan_save_track+0x18/0x40 [ 12.700902] kasan_save_alloc_info+0x3b/0x50 [ 12.701102] __kasan_kmalloc+0xb7/0xc0 [ 12.701263] __kmalloc_cache_noprof+0x18a/0x420 [ 12.701470] kmalloc_oob_16+0xa9/0x4a0 [ 12.701715] kunit_try_run_case+0x1a6/0x480 [ 12.701908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.702134] kthread+0x324/0x6e0 [ 12.702301] ret_from_fork+0x41/0x80 [ 12.702445] ret_from_fork_asm+0x1a/0x30 [ 12.702723] [ 12.702822] The buggy address belongs to the object at ffff888101b5ab60 [ 12.702822] which belongs to the cache kmalloc-16 of size 16 [ 12.703268] The buggy address is located 0 bytes inside of [ 12.703268] allocated 13-byte region [ffff888101b5ab60, ffff888101b5ab6d) [ 12.703842] [ 12.703939] The buggy address belongs to the physical page: [ 12.704163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 12.704488] flags: 0x200000000000000(node=0|zone=2) [ 12.704759] page_type: f5(slab) [ 12.704893] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.705127] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.705341] page dumped because: kasan: bad access detected [ 12.705646] [ 12.705750] Memory state around the buggy address: [ 12.705966] ffff888101b5aa00: 00 04 fc fc 00 04 fc fc 00 00 fc fc fa fb fc fc [ 12.706288] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.706621] >ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc 00 05 fc fc [ 12.706902] ^ [ 12.707108] ffff888101b5ab80: 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707341] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.707779] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-preempt-smp-kasan-pti
[ 112.050456] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] PREEMPT SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 49.046431] ================================================================== [ 49.046857] BUG: KFENCE: use-after-free read in test_krealloc+0x6fd/0xbe0 [ 49.046857] [ 49.047245] Use-after-free read at 0x(____ptrval____) (in kfence-#124): [ 49.047521] test_krealloc+0x6fd/0xbe0 [ 49.047728] kunit_try_run_case+0x1a6/0x480 [ 49.048308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.048736] kthread+0x324/0x6e0 [ 49.048911] ret_from_fork+0x41/0x80 [ 49.049104] ret_from_fork_asm+0x1a/0x30 [ 49.049291] [ 49.049396] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 49.049396] [ 49.050106] allocated by task 345 on cpu 0 at 49.045839s (0.004264s ago): [ 49.050522] test_alloc+0x365/0x10f0 [ 49.050814] test_krealloc+0xae/0xbe0 [ 49.051084] kunit_try_run_case+0x1a6/0x480 [ 49.051267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.051609] kthread+0x324/0x6e0 [ 49.051870] ret_from_fork+0x41/0x80 [ 49.052132] ret_from_fork_asm+0x1a/0x30 [ 49.052392] [ 49.052485] freed by task 345 on cpu 0 at 49.046075s (0.006407s ago): [ 49.052947] krealloc_noprof+0x108/0x340 [ 49.053226] test_krealloc+0x227/0xbe0 [ 49.053425] kunit_try_run_case+0x1a6/0x480 [ 49.053739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 49.053960] kthread+0x324/0x6e0 [ 49.054260] ret_from_fork+0x41/0x80 [ 49.054425] ret_from_fork_asm+0x1a/0x30 [ 49.054625] [ 49.054721] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 49.055133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 49.055332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 49.055982] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 48.961785] ================================================================== [ 48.962178] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 48.962178] [ 48.962507] Use-after-free read at 0x(____ptrval____) (in kfence-#123): [ 48.962717] test_memcache_typesafe_by_rcu+0x2ed/0x670 [ 48.962952] kunit_try_run_case+0x1a6/0x480 [ 48.963182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.963418] kthread+0x324/0x6e0 [ 48.964246] ret_from_fork+0x41/0x80 [ 48.964456] ret_from_fork_asm+0x1a/0x30 [ 48.964794] [ 48.964893] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 48.964893] [ 48.965446] allocated by task 343 on cpu 1 at 48.941803s (0.023640s ago): [ 48.965935] test_alloc+0x2a7/0x10f0 [ 48.966087] test_memcache_typesafe_by_rcu+0x170/0x670 [ 48.966260] kunit_try_run_case+0x1a6/0x480 [ 48.966406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.966629] kthread+0x324/0x6e0 [ 48.966758] ret_from_fork+0x41/0x80 [ 48.966913] ret_from_fork_asm+0x1a/0x30 [ 48.967122] [ 48.967203] freed by task 343 on cpu 1 at 48.941901s (0.025300s ago): [ 48.967487] test_memcache_typesafe_by_rcu+0x1c0/0x670 [ 48.968222] kunit_try_run_case+0x1a6/0x480 [ 48.968404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.969132] kthread+0x324/0x6e0 [ 48.969269] ret_from_fork+0x41/0x80 [ 48.969628] ret_from_fork_asm+0x1a/0x30 [ 48.969902] [ 48.970037] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 48.970399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.970540] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.970813] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.892712] ================================================================== [ 23.893243] BUG: KFENCE: invalid read in test_invalid_access+0xf1/0x210 [ 23.893243] [ 23.894102] Invalid read at 0x(____ptrval____): [ 23.894785] test_invalid_access+0xf1/0x210 [ 23.895001] kunit_try_run_case+0x1a6/0x480 [ 23.895218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.895466] kthread+0x324/0x6e0 [ 23.895929] ret_from_fork+0x41/0x80 [ 23.896280] ret_from_fork_asm+0x1a/0x30 [ 23.896796] [ 23.896922] CPU: 1 UID: 0 PID: 339 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.897312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.897518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.898279] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 12.655766] ================================================================== [ 12.656112] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53e/0x5e0 [ 12.656375] Read of size 1 at addr ffff8881003a1a00 by task kunit_try_catch/172 [ 12.656845] [ 12.656933] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.656971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.656982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.657001] Call Trace: [ 12.657028] <TASK> [ 12.657044] dump_stack_lvl+0x73/0xb0 [ 12.657071] print_report+0xd1/0x650 [ 12.657096] ? __virt_addr_valid+0x1db/0x2d0 [ 12.657121] ? krealloc_uaf+0x53e/0x5e0 [ 12.657144] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.657172] ? krealloc_uaf+0x53e/0x5e0 [ 12.657195] kasan_report+0x140/0x180 [ 12.657219] ? krealloc_uaf+0x53e/0x5e0 [ 12.657247] __asan_report_load1_noabort+0x18/0x20 [ 12.657273] krealloc_uaf+0x53e/0x5e0 [ 12.657297] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.657319] ? finish_task_switch.isra.0+0x153/0x700 [ 12.657345] ? __switch_to+0x5d9/0xf60 [ 12.657373] ? __schedule+0xce8/0x2840 [ 12.657398] ? __pfx_read_tsc+0x10/0x10 [ 12.657422] ? ktime_get_ts64+0x86/0x230 [ 12.657449] kunit_try_run_case+0x1a6/0x480 [ 12.657475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.657499] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.657524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.657550] ? __kthread_parkme+0x82/0x160 [ 12.657857] ? preempt_count_sub+0x50/0x80 [ 12.657888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.657914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.657943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.657971] kthread+0x324/0x6e0 [ 12.657994] ? trace_preempt_on+0x20/0xc0 [ 12.658031] ? __pfx_kthread+0x10/0x10 [ 12.658056] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.658081] ? calculate_sigpending+0x7b/0xa0 [ 12.658105] ? __pfx_kthread+0x10/0x10 [ 12.658130] ret_from_fork+0x41/0x80 [ 12.658150] ? __pfx_kthread+0x10/0x10 [ 12.658175] ret_from_fork_asm+0x1a/0x30 [ 12.658210] </TASK> [ 12.658220] [ 12.665607] Allocated by task 172: [ 12.665781] kasan_save_stack+0x45/0x70 [ 12.665998] kasan_save_track+0x18/0x40 [ 12.666338] kasan_save_alloc_info+0x3b/0x50 [ 12.666560] __kasan_kmalloc+0xb7/0xc0 [ 12.666768] __kmalloc_cache_noprof+0x18a/0x420 [ 12.666986] krealloc_uaf+0xbc/0x5e0 [ 12.667180] kunit_try_run_case+0x1a6/0x480 [ 12.667327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.668284] kthread+0x324/0x6e0 [ 12.668856] ret_from_fork+0x41/0x80 [ 12.669324] ret_from_fork_asm+0x1a/0x30 [ 12.669520] [ 12.669879] Freed by task 172: [ 12.670000] kasan_save_stack+0x45/0x70 [ 12.670214] kasan_save_track+0x18/0x40 [ 12.670409] kasan_save_free_info+0x3f/0x60 [ 12.670636] __kasan_slab_free+0x56/0x70 [ 12.670990] kfree+0x224/0x3f0 [ 12.671197] krealloc_uaf+0x13e/0x5e0 [ 12.671350] kunit_try_run_case+0x1a6/0x480 [ 12.671570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.671802] kthread+0x324/0x6e0 [ 12.672078] ret_from_fork+0x41/0x80 [ 12.672264] ret_from_fork_asm+0x1a/0x30 [ 12.672405] [ 12.672474] The buggy address belongs to the object at ffff8881003a1a00 [ 12.672474] which belongs to the cache kmalloc-256 of size 256 [ 12.673258] The buggy address is located 0 bytes inside of [ 12.673258] freed 256-byte region [ffff8881003a1a00, ffff8881003a1b00) [ 12.673831] [ 12.674440] The buggy address belongs to the physical page: [ 12.674802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 12.675776] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.676559] flags: 0x200000000000040(head|node=0|zone=2) [ 12.677237] page_type: f5(slab) [ 12.677546] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.677826] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.678084] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.678613] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.679224] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 12.679668] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.679943] page dumped because: kasan: bad access detected [ 12.680213] [ 12.680297] Memory state around the buggy address: [ 12.680517] ffff8881003a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681201] ffff8881003a1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.681562] >ffff8881003a1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.682056] ^ [ 12.682332] ffff8881003a1a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.683046] ffff8881003a1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.683344] ================================================================== [ 12.624819] ================================================================== [ 12.625892] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b9/0x5e0 [ 12.626211] Read of size 1 at addr ffff8881003a1a00 by task kunit_try_catch/172 [ 12.626498] [ 12.626612] CPU: 0 UID: 0 PID: 172 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.626654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.626666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.626686] Call Trace: [ 12.626699] <TASK> [ 12.626716] dump_stack_lvl+0x73/0xb0 [ 12.626745] print_report+0xd1/0x650 [ 12.626769] ? __virt_addr_valid+0x1db/0x2d0 [ 12.626795] ? krealloc_uaf+0x1b9/0x5e0 [ 12.626817] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.626845] ? krealloc_uaf+0x1b9/0x5e0 [ 12.626868] kasan_report+0x140/0x180 [ 12.626892] ? krealloc_uaf+0x1b9/0x5e0 [ 12.626918] ? krealloc_uaf+0x1b9/0x5e0 [ 12.626942] __kasan_check_byte+0x3d/0x50 [ 12.626966] krealloc_noprof+0x3f/0x340 [ 12.626990] krealloc_uaf+0x1b9/0x5e0 [ 12.627013] ? __pfx_krealloc_uaf+0x10/0x10 [ 12.627049] ? finish_task_switch.isra.0+0x153/0x700 [ 12.627076] ? __switch_to+0x5d9/0xf60 [ 12.627105] ? __schedule+0xce8/0x2840 [ 12.627131] ? __pfx_read_tsc+0x10/0x10 [ 12.627155] ? ktime_get_ts64+0x86/0x230 [ 12.627185] kunit_try_run_case+0x1a6/0x480 [ 12.627214] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.627239] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.627267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.627294] ? __kthread_parkme+0x82/0x160 [ 12.627319] ? preempt_count_sub+0x50/0x80 [ 12.627345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.627370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.627400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.627429] kthread+0x324/0x6e0 [ 12.627527] ? trace_preempt_on+0x20/0xc0 [ 12.627556] ? __pfx_kthread+0x10/0x10 [ 12.627580] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.627605] ? calculate_sigpending+0x7b/0xa0 [ 12.627629] ? __pfx_kthread+0x10/0x10 [ 12.627654] ret_from_fork+0x41/0x80 [ 12.627675] ? __pfx_kthread+0x10/0x10 [ 12.627700] ret_from_fork_asm+0x1a/0x30 [ 12.627734] </TASK> [ 12.627746] [ 12.638084] Allocated by task 172: [ 12.638279] kasan_save_stack+0x45/0x70 [ 12.638474] kasan_save_track+0x18/0x40 [ 12.638973] kasan_save_alloc_info+0x3b/0x50 [ 12.639305] __kasan_kmalloc+0xb7/0xc0 [ 12.639482] __kmalloc_cache_noprof+0x18a/0x420 [ 12.639999] krealloc_uaf+0xbc/0x5e0 [ 12.640210] kunit_try_run_case+0x1a6/0x480 [ 12.640370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.640958] kthread+0x324/0x6e0 [ 12.641263] ret_from_fork+0x41/0x80 [ 12.641546] ret_from_fork_asm+0x1a/0x30 [ 12.641909] [ 12.642027] Freed by task 172: [ 12.642191] kasan_save_stack+0x45/0x70 [ 12.642374] kasan_save_track+0x18/0x40 [ 12.642552] kasan_save_free_info+0x3f/0x60 [ 12.642735] __kasan_slab_free+0x56/0x70 [ 12.642916] kfree+0x224/0x3f0 [ 12.643536] krealloc_uaf+0x13e/0x5e0 [ 12.643752] kunit_try_run_case+0x1a6/0x480 [ 12.644123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.644443] kthread+0x324/0x6e0 [ 12.644800] ret_from_fork+0x41/0x80 [ 12.645099] ret_from_fork_asm+0x1a/0x30 [ 12.645444] [ 12.645543] The buggy address belongs to the object at ffff8881003a1a00 [ 12.645543] which belongs to the cache kmalloc-256 of size 256 [ 12.646244] The buggy address is located 0 bytes inside of [ 12.646244] freed 256-byte region [ffff8881003a1a00, ffff8881003a1b00) [ 12.646875] [ 12.646981] The buggy address belongs to the physical page: [ 12.647416] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 12.647998] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.648391] flags: 0x200000000000040(head|node=0|zone=2) [ 12.648745] page_type: f5(slab) [ 12.648904] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.649221] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.649522] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.650096] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.650501] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 12.650976] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.651365] page dumped because: kasan: bad access detected [ 12.651791] [ 12.651874] Memory state around the buggy address: [ 12.652178] ffff8881003a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.652540] ffff8881003a1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.652959] >ffff8881003a1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.653338] ^ [ 12.653462] ffff8881003a1a80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.654010] ffff8881003a1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.654305] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 12.594150] ================================================================== [ 12.594427] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 12.594684] Write of size 1 at addr ffff8881028860eb by task kunit_try_catch/170 [ 12.594906] [ 12.594987] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.595036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.595047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.595068] Call Trace: [ 12.595084] <TASK> [ 12.595098] dump_stack_lvl+0x73/0xb0 [ 12.595121] print_report+0xd1/0x650 [ 12.595142] ? __virt_addr_valid+0x1db/0x2d0 [ 12.595163] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.595185] ? kasan_addr_to_slab+0x11/0xa0 [ 12.595204] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.595227] kasan_report+0x140/0x180 [ 12.595248] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.595275] __asan_report_store1_noabort+0x1b/0x30 [ 12.595297] krealloc_less_oob_helper+0xd49/0x11d0 [ 12.595321] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.595345] ? finish_task_switch.isra.0+0x153/0x700 [ 12.595368] ? __switch_to+0x5d9/0xf60 [ 12.595392] ? __schedule+0xce8/0x2840 [ 12.595414] ? __pfx_read_tsc+0x10/0x10 [ 12.595438] krealloc_large_less_oob+0x1c/0x30 [ 12.595459] kunit_try_run_case+0x1a6/0x480 [ 12.595482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595504] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.595527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.595550] ? __kthread_parkme+0x82/0x160 [ 12.595571] ? preempt_count_sub+0x50/0x80 [ 12.595595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.595616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.595642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.595667] kthread+0x324/0x6e0 [ 12.595687] ? trace_preempt_on+0x20/0xc0 [ 12.595710] ? __pfx_kthread+0x10/0x10 [ 12.595731] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.595752] ? calculate_sigpending+0x7b/0xa0 [ 12.595772] ? __pfx_kthread+0x10/0x10 [ 12.595794] ret_from_fork+0x41/0x80 [ 12.595811] ? __pfx_kthread+0x10/0x10 [ 12.595832] ret_from_fork_asm+0x1a/0x30 [ 12.595863] </TASK> [ 12.595874] [ 12.607308] The buggy address belongs to the physical page: [ 12.607496] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.608230] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.608951] flags: 0x200000000000040(head|node=0|zone=2) [ 12.609477] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.610194] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.611065] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.611796] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.612494] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.613072] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.613296] page dumped because: kasan: bad access detected [ 12.613466] [ 12.613535] Memory state around the buggy address: [ 12.613736] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.614188] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.614542] >ffff888102886080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.614752] ^ [ 12.615068] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.615430] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.615760] ================================================================== [ 12.459349] ================================================================== [ 12.459737] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd49/0x11d0 [ 12.459978] Write of size 1 at addr ffff888100ad2aeb by task kunit_try_catch/166 [ 12.460525] [ 12.460910] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.460954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.460975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.460994] Call Trace: [ 12.461011] <TASK> [ 12.461037] dump_stack_lvl+0x73/0xb0 [ 12.461064] print_report+0xd1/0x650 [ 12.461084] ? __virt_addr_valid+0x1db/0x2d0 [ 12.461105] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.461128] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.461152] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.461174] kasan_report+0x140/0x180 [ 12.461197] ? krealloc_less_oob_helper+0xd49/0x11d0 [ 12.461225] __asan_report_store1_noabort+0x1b/0x30 [ 12.461248] krealloc_less_oob_helper+0xd49/0x11d0 [ 12.461273] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.461295] ? finish_task_switch.isra.0+0x153/0x700 [ 12.461317] ? __switch_to+0x5d9/0xf60 [ 12.461341] ? __schedule+0xce8/0x2840 [ 12.461362] ? __pfx_read_tsc+0x10/0x10 [ 12.461386] krealloc_less_oob+0x1c/0x30 [ 12.461406] kunit_try_run_case+0x1a6/0x480 [ 12.461428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461448] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.461470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.461493] ? __kthread_parkme+0x82/0x160 [ 12.461514] ? preempt_count_sub+0x50/0x80 [ 12.461538] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.461746] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.461775] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.461801] kthread+0x324/0x6e0 [ 12.461859] ? trace_preempt_on+0x20/0xc0 [ 12.461883] ? __pfx_kthread+0x10/0x10 [ 12.461904] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.461926] ? calculate_sigpending+0x7b/0xa0 [ 12.461946] ? __pfx_kthread+0x10/0x10 [ 12.461968] ret_from_fork+0x41/0x80 [ 12.461986] ? __pfx_kthread+0x10/0x10 [ 12.462007] ret_from_fork_asm+0x1a/0x30 [ 12.462052] </TASK> [ 12.462062] [ 12.471865] Allocated by task 166: [ 12.472068] kasan_save_stack+0x45/0x70 [ 12.472249] kasan_save_track+0x18/0x40 [ 12.472382] kasan_save_alloc_info+0x3b/0x50 [ 12.472555] __kasan_krealloc+0x190/0x1f0 [ 12.472813] krealloc_noprof+0xf3/0x340 [ 12.473004] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.473212] krealloc_less_oob+0x1c/0x30 [ 12.473385] kunit_try_run_case+0x1a6/0x480 [ 12.473653] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473880] kthread+0x324/0x6e0 [ 12.474055] ret_from_fork+0x41/0x80 [ 12.474238] ret_from_fork_asm+0x1a/0x30 [ 12.474401] [ 12.474494] The buggy address belongs to the object at ffff888100ad2a00 [ 12.474494] which belongs to the cache kmalloc-256 of size 256 [ 12.474918] The buggy address is located 34 bytes to the right of [ 12.474918] allocated 201-byte region [ffff888100ad2a00, ffff888100ad2ac9) [ 12.475394] [ 12.475492] The buggy address belongs to the physical page: [ 12.475736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ad2 [ 12.476031] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.476303] flags: 0x200000000000040(head|node=0|zone=2) [ 12.476556] page_type: f5(slab) [ 12.476723] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.477114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.477407] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.477929] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.478245] head: 0200000000000001 ffffea000402b481 ffffffffffffffff 0000000000000000 [ 12.478539] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.478914] page dumped because: kasan: bad access detected [ 12.479131] [ 12.479203] Memory state around the buggy address: [ 12.479408] ffff888100ad2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.479789] ffff888100ad2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.480082] >ffff888100ad2a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.480370] ^ [ 12.480704] ffff888100ad2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.480920] ffff888100ad2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.481208] ================================================================== [ 12.524679] ================================================================== [ 12.525190] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 12.525526] Write of size 1 at addr ffff8881028860c9 by task kunit_try_catch/170 [ 12.525862] [ 12.525944] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.525982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.525993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.526045] Call Trace: [ 12.526059] <TASK> [ 12.526074] dump_stack_lvl+0x73/0xb0 [ 12.526099] print_report+0xd1/0x650 [ 12.526138] ? __virt_addr_valid+0x1db/0x2d0 [ 12.526159] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.526182] ? kasan_addr_to_slab+0x11/0xa0 [ 12.526201] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.526224] kasan_report+0x140/0x180 [ 12.526245] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.526272] __asan_report_store1_noabort+0x1b/0x30 [ 12.526295] krealloc_less_oob_helper+0xd72/0x11d0 [ 12.526336] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.526358] ? finish_task_switch.isra.0+0x153/0x700 [ 12.526395] ? __switch_to+0x5d9/0xf60 [ 12.526421] ? __schedule+0xce8/0x2840 [ 12.526442] ? __pfx_read_tsc+0x10/0x10 [ 12.526466] krealloc_large_less_oob+0x1c/0x30 [ 12.526487] kunit_try_run_case+0x1a6/0x480 [ 12.526510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.526530] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.526553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.526575] ? __kthread_parkme+0x82/0x160 [ 12.526596] ? preempt_count_sub+0x50/0x80 [ 12.526619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.526641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.526666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.526691] kthread+0x324/0x6e0 [ 12.526712] ? trace_preempt_on+0x20/0xc0 [ 12.526734] ? __pfx_kthread+0x10/0x10 [ 12.526755] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.526776] ? calculate_sigpending+0x7b/0xa0 [ 12.526798] ? __pfx_kthread+0x10/0x10 [ 12.526820] ret_from_fork+0x41/0x80 [ 12.526838] ? __pfx_kthread+0x10/0x10 [ 12.526859] ret_from_fork_asm+0x1a/0x30 [ 12.526890] </TASK> [ 12.526900] [ 12.534379] The buggy address belongs to the physical page: [ 12.534657] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.535064] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.535346] flags: 0x200000000000040(head|node=0|zone=2) [ 12.535557] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.535807] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.536057] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.536388] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.536714] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.537073] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.537291] page dumped because: kasan: bad access detected [ 12.537454] [ 12.537562] Memory state around the buggy address: [ 12.537792] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.538234] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.538579] >ffff888102886080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.538889] ^ [ 12.539191] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.539514] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.539817] ================================================================== [ 12.381211] ================================================================== [ 12.381537] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 12.382108] Write of size 1 at addr ffff888100ad2ad0 by task kunit_try_catch/166 [ 12.382415] [ 12.382497] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.382534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.382545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.382565] Call Trace: [ 12.382577] <TASK> [ 12.382591] dump_stack_lvl+0x73/0xb0 [ 12.382616] print_report+0xd1/0x650 [ 12.382636] ? __virt_addr_valid+0x1db/0x2d0 [ 12.382658] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.382680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.382704] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.382727] kasan_report+0x140/0x180 [ 12.382747] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.382775] __asan_report_store1_noabort+0x1b/0x30 [ 12.382851] krealloc_less_oob_helper+0xe25/0x11d0 [ 12.382877] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.382900] ? finish_task_switch.isra.0+0x153/0x700 [ 12.382922] ? __switch_to+0x5d9/0xf60 [ 12.382948] ? __schedule+0xce8/0x2840 [ 12.382970] ? __pfx_read_tsc+0x10/0x10 [ 12.382994] krealloc_less_oob+0x1c/0x30 [ 12.383014] kunit_try_run_case+0x1a6/0x480 [ 12.383049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.383070] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.383093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.383115] ? __kthread_parkme+0x82/0x160 [ 12.383136] ? preempt_count_sub+0x50/0x80 [ 12.383159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.383181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.383207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.383232] kthread+0x324/0x6e0 [ 12.383252] ? trace_preempt_on+0x20/0xc0 [ 12.383275] ? __pfx_kthread+0x10/0x10 [ 12.383296] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.383318] ? calculate_sigpending+0x7b/0xa0 [ 12.383339] ? __pfx_kthread+0x10/0x10 [ 12.383361] ret_from_fork+0x41/0x80 [ 12.383379] ? __pfx_kthread+0x10/0x10 [ 12.383400] ret_from_fork_asm+0x1a/0x30 [ 12.383431] </TASK> [ 12.383440] [ 12.393302] Allocated by task 166: [ 12.393469] kasan_save_stack+0x45/0x70 [ 12.393930] kasan_save_track+0x18/0x40 [ 12.394107] kasan_save_alloc_info+0x3b/0x50 [ 12.394321] __kasan_krealloc+0x190/0x1f0 [ 12.394500] krealloc_noprof+0xf3/0x340 [ 12.395133] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.395352] krealloc_less_oob+0x1c/0x30 [ 12.395507] kunit_try_run_case+0x1a6/0x480 [ 12.395703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.396163] kthread+0x324/0x6e0 [ 12.396327] ret_from_fork+0x41/0x80 [ 12.396487] ret_from_fork_asm+0x1a/0x30 [ 12.396912] [ 12.397039] The buggy address belongs to the object at ffff888100ad2a00 [ 12.397039] which belongs to the cache kmalloc-256 of size 256 [ 12.397556] The buggy address is located 7 bytes to the right of [ 12.397556] allocated 201-byte region [ffff888100ad2a00, ffff888100ad2ac9) [ 12.398438] [ 12.398526] The buggy address belongs to the physical page: [ 12.399126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ad2 [ 12.399457] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.399915] flags: 0x200000000000040(head|node=0|zone=2) [ 12.400254] page_type: f5(slab) [ 12.400391] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.400903] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.401206] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.401628] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.401986] head: 0200000000000001 ffffea000402b481 ffffffffffffffff 0000000000000000 [ 12.402327] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.402858] page dumped because: kasan: bad access detected [ 12.403195] [ 12.403286] Memory state around the buggy address: [ 12.403464] ffff888100ad2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.404086] ffff888100ad2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.404367] >ffff888100ad2a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.404927] ^ [ 12.405141] ffff888100ad2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.405554] ffff888100ad2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.406072] ================================================================== [ 12.572539] ================================================================== [ 12.572865] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 12.573380] Write of size 1 at addr ffff8881028860ea by task kunit_try_catch/170 [ 12.573876] [ 12.573953] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.573987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.573998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.574303] Call Trace: [ 12.574325] <TASK> [ 12.574341] dump_stack_lvl+0x73/0xb0 [ 12.574370] print_report+0xd1/0x650 [ 12.574392] ? __virt_addr_valid+0x1db/0x2d0 [ 12.574414] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.574470] ? kasan_addr_to_slab+0x11/0xa0 [ 12.574490] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.574525] kasan_report+0x140/0x180 [ 12.574559] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.574586] __asan_report_store1_noabort+0x1b/0x30 [ 12.574624] krealloc_less_oob_helper+0xe92/0x11d0 [ 12.574661] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.574683] ? finish_task_switch.isra.0+0x153/0x700 [ 12.574718] ? __switch_to+0x5d9/0xf60 [ 12.574756] ? __schedule+0xce8/0x2840 [ 12.574790] ? __pfx_read_tsc+0x10/0x10 [ 12.574813] krealloc_large_less_oob+0x1c/0x30 [ 12.574835] kunit_try_run_case+0x1a6/0x480 [ 12.574858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574878] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.574900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.574923] ? __kthread_parkme+0x82/0x160 [ 12.574944] ? preempt_count_sub+0x50/0x80 [ 12.574967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.574989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.575014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.575049] kthread+0x324/0x6e0 [ 12.575069] ? trace_preempt_on+0x20/0xc0 [ 12.575092] ? __pfx_kthread+0x10/0x10 [ 12.575113] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.575134] ? calculate_sigpending+0x7b/0xa0 [ 12.575155] ? __pfx_kthread+0x10/0x10 [ 12.575176] ret_from_fork+0x41/0x80 [ 12.575194] ? __pfx_kthread+0x10/0x10 [ 12.575215] ret_from_fork_asm+0x1a/0x30 [ 12.575246] </TASK> [ 12.575256] [ 12.585679] The buggy address belongs to the physical page: [ 12.585931] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.586450] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.586907] flags: 0x200000000000040(head|node=0|zone=2) [ 12.587266] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.587603] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.588046] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.588456] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.588937] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.589372] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.589805] page dumped because: kasan: bad access detected [ 12.590097] [ 12.590203] Memory state around the buggy address: [ 12.590449] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.590986] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.591301] >ffff888102886080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.591808] ^ [ 12.592194] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.592583] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.592898] ================================================================== [ 12.406768] ================================================================== [ 12.407130] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 12.407457] Write of size 1 at addr ffff888100ad2ada by task kunit_try_catch/166 [ 12.408468] [ 12.408784] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.408834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.408846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.408867] Call Trace: [ 12.408878] <TASK> [ 12.408893] dump_stack_lvl+0x73/0xb0 [ 12.408920] print_report+0xd1/0x650 [ 12.408943] ? __virt_addr_valid+0x1db/0x2d0 [ 12.408965] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.408986] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.409011] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.409049] kasan_report+0x140/0x180 [ 12.409072] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.409100] __asan_report_store1_noabort+0x1b/0x30 [ 12.409123] krealloc_less_oob_helper+0xec8/0x11d0 [ 12.409147] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.409170] ? finish_task_switch.isra.0+0x153/0x700 [ 12.409192] ? __switch_to+0x5d9/0xf60 [ 12.409217] ? __schedule+0xce8/0x2840 [ 12.409238] ? __pfx_read_tsc+0x10/0x10 [ 12.409262] krealloc_less_oob+0x1c/0x30 [ 12.409282] kunit_try_run_case+0x1a6/0x480 [ 12.409304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.409324] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.409346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.409369] ? __kthread_parkme+0x82/0x160 [ 12.409390] ? preempt_count_sub+0x50/0x80 [ 12.409413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.409434] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.409459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.409484] kthread+0x324/0x6e0 [ 12.409505] ? trace_preempt_on+0x20/0xc0 [ 12.409527] ? __pfx_kthread+0x10/0x10 [ 12.409548] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.409569] ? calculate_sigpending+0x7b/0xa0 [ 12.409590] ? __pfx_kthread+0x10/0x10 [ 12.409612] ret_from_fork+0x41/0x80 [ 12.409630] ? __pfx_kthread+0x10/0x10 [ 12.409651] ret_from_fork_asm+0x1a/0x30 [ 12.409681] </TASK> [ 12.409692] [ 12.419325] Allocated by task 166: [ 12.419515] kasan_save_stack+0x45/0x70 [ 12.419693] kasan_save_track+0x18/0x40 [ 12.420625] kasan_save_alloc_info+0x3b/0x50 [ 12.420835] __kasan_krealloc+0x190/0x1f0 [ 12.420985] krealloc_noprof+0xf3/0x340 [ 12.421314] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.421574] krealloc_less_oob+0x1c/0x30 [ 12.421883] kunit_try_run_case+0x1a6/0x480 [ 12.422081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.422414] kthread+0x324/0x6e0 [ 12.422718] ret_from_fork+0x41/0x80 [ 12.422862] ret_from_fork_asm+0x1a/0x30 [ 12.423180] [ 12.423282] The buggy address belongs to the object at ffff888100ad2a00 [ 12.423282] which belongs to the cache kmalloc-256 of size 256 [ 12.424264] The buggy address is located 17 bytes to the right of [ 12.424264] allocated 201-byte region [ffff888100ad2a00, ffff888100ad2ac9) [ 12.424919] [ 12.424998] The buggy address belongs to the physical page: [ 12.425269] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ad2 [ 12.425578] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.425900] flags: 0x200000000000040(head|node=0|zone=2) [ 12.426143] page_type: f5(slab) [ 12.426291] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.426575] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.426896] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.427761] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.428208] head: 0200000000000001 ffffea000402b481 ffffffffffffffff 0000000000000000 [ 12.428518] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.429003] page dumped because: kasan: bad access detected [ 12.429342] [ 12.429418] Memory state around the buggy address: [ 12.429640] ffff888100ad2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.430239] ffff888100ad2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.430907] >ffff888100ad2a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.431309] ^ [ 12.431635] ffff888100ad2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.432087] ffff888100ad2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.432455] ================================================================== [ 12.351167] ================================================================== [ 12.351799] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd72/0x11d0 [ 12.352182] Write of size 1 at addr ffff888100ad2ac9 by task kunit_try_catch/166 [ 12.352477] [ 12.352659] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.352699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.352710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.352729] Call Trace: [ 12.352741] <TASK> [ 12.352754] dump_stack_lvl+0x73/0xb0 [ 12.352778] print_report+0xd1/0x650 [ 12.352799] ? __virt_addr_valid+0x1db/0x2d0 [ 12.352821] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.352843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.352868] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.352890] kasan_report+0x140/0x180 [ 12.352911] ? krealloc_less_oob_helper+0xd72/0x11d0 [ 12.352938] __asan_report_store1_noabort+0x1b/0x30 [ 12.352961] krealloc_less_oob_helper+0xd72/0x11d0 [ 12.352985] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.353008] ? finish_task_switch.isra.0+0x153/0x700 [ 12.353044] ? __switch_to+0x5d9/0xf60 [ 12.353071] ? __schedule+0xce8/0x2840 [ 12.353093] ? __pfx_read_tsc+0x10/0x10 [ 12.353117] krealloc_less_oob+0x1c/0x30 [ 12.353138] kunit_try_run_case+0x1a6/0x480 [ 12.353160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.353180] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.353203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.353225] ? __kthread_parkme+0x82/0x160 [ 12.353246] ? preempt_count_sub+0x50/0x80 [ 12.353270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.353292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.353316] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.353341] kthread+0x324/0x6e0 [ 12.353362] ? trace_preempt_on+0x20/0xc0 [ 12.353384] ? __pfx_kthread+0x10/0x10 [ 12.353405] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.353426] ? calculate_sigpending+0x7b/0xa0 [ 12.353448] ? __pfx_kthread+0x10/0x10 [ 12.353470] ret_from_fork+0x41/0x80 [ 12.353487] ? __pfx_kthread+0x10/0x10 [ 12.353509] ret_from_fork_asm+0x1a/0x30 [ 12.353539] </TASK> [ 12.353550] [ 12.362394] Allocated by task 166: [ 12.362538] kasan_save_stack+0x45/0x70 [ 12.365533] kasan_save_track+0x18/0x40 [ 12.367030] kasan_save_alloc_info+0x3b/0x50 [ 12.367696] __kasan_krealloc+0x190/0x1f0 [ 12.367972] krealloc_noprof+0xf3/0x340 [ 12.368391] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.368753] krealloc_less_oob+0x1c/0x30 [ 12.368944] kunit_try_run_case+0x1a6/0x480 [ 12.369297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.369723] kthread+0x324/0x6e0 [ 12.369879] ret_from_fork+0x41/0x80 [ 12.370110] ret_from_fork_asm+0x1a/0x30 [ 12.370444] [ 12.370537] The buggy address belongs to the object at ffff888100ad2a00 [ 12.370537] which belongs to the cache kmalloc-256 of size 256 [ 12.371410] The buggy address is located 0 bytes to the right of [ 12.371410] allocated 201-byte region [ffff888100ad2a00, ffff888100ad2ac9) [ 12.372456] [ 12.372553] The buggy address belongs to the physical page: [ 12.372963] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ad2 [ 12.373425] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.373968] flags: 0x200000000000040(head|node=0|zone=2) [ 12.374392] page_type: f5(slab) [ 12.374535] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.375114] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.375417] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.376095] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.376416] head: 0200000000000001 ffffea000402b481 ffffffffffffffff 0000000000000000 [ 12.377055] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.377509] page dumped because: kasan: bad access detected [ 12.377851] [ 12.377928] Memory state around the buggy address: [ 12.378365] ffff888100ad2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.378915] ffff888100ad2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.379245] >ffff888100ad2a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.379646] ^ [ 12.379946] ffff888100ad2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.380271] ffff888100ad2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.380567] ================================================================== [ 12.433112] ================================================================== [ 12.433684] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe92/0x11d0 [ 12.434166] Write of size 1 at addr ffff888100ad2aea by task kunit_try_catch/166 [ 12.434522] [ 12.434711] CPU: 1 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.434751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.434762] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.434780] Call Trace: [ 12.434794] <TASK> [ 12.434809] dump_stack_lvl+0x73/0xb0 [ 12.434833] print_report+0xd1/0x650 [ 12.435075] ? __virt_addr_valid+0x1db/0x2d0 [ 12.435104] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.435127] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.435152] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.435174] kasan_report+0x140/0x180 [ 12.435195] ? krealloc_less_oob_helper+0xe92/0x11d0 [ 12.435222] __asan_report_store1_noabort+0x1b/0x30 [ 12.435245] krealloc_less_oob_helper+0xe92/0x11d0 [ 12.435269] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.435291] ? finish_task_switch.isra.0+0x153/0x700 [ 12.435313] ? __switch_to+0x5d9/0xf60 [ 12.435338] ? __schedule+0xce8/0x2840 [ 12.435359] ? __pfx_read_tsc+0x10/0x10 [ 12.435383] krealloc_less_oob+0x1c/0x30 [ 12.435403] kunit_try_run_case+0x1a6/0x480 [ 12.435425] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435445] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.435468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.435491] ? __kthread_parkme+0x82/0x160 [ 12.435512] ? preempt_count_sub+0x50/0x80 [ 12.435535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.435557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.435582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.435607] kthread+0x324/0x6e0 [ 12.435627] ? trace_preempt_on+0x20/0xc0 [ 12.435649] ? __pfx_kthread+0x10/0x10 [ 12.435671] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.435691] ? calculate_sigpending+0x7b/0xa0 [ 12.435712] ? __pfx_kthread+0x10/0x10 [ 12.435734] ret_from_fork+0x41/0x80 [ 12.435752] ? __pfx_kthread+0x10/0x10 [ 12.435773] ret_from_fork_asm+0x1a/0x30 [ 12.435804] </TASK> [ 12.435813] [ 12.445848] Allocated by task 166: [ 12.446111] kasan_save_stack+0x45/0x70 [ 12.446266] kasan_save_track+0x18/0x40 [ 12.446527] kasan_save_alloc_info+0x3b/0x50 [ 12.446944] __kasan_krealloc+0x190/0x1f0 [ 12.447117] krealloc_noprof+0xf3/0x340 [ 12.447451] krealloc_less_oob_helper+0x1ab/0x11d0 [ 12.447801] krealloc_less_oob+0x1c/0x30 [ 12.447972] kunit_try_run_case+0x1a6/0x480 [ 12.448312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.448549] kthread+0x324/0x6e0 [ 12.448689] ret_from_fork+0x41/0x80 [ 12.448869] ret_from_fork_asm+0x1a/0x30 [ 12.449045] [ 12.449146] The buggy address belongs to the object at ffff888100ad2a00 [ 12.449146] which belongs to the cache kmalloc-256 of size 256 [ 12.449613] The buggy address is located 33 bytes to the right of [ 12.449613] allocated 201-byte region [ffff888100ad2a00, ffff888100ad2ac9) [ 12.450730] [ 12.450815] The buggy address belongs to the physical page: [ 12.451210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100ad2 [ 12.451596] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.452032] flags: 0x200000000000040(head|node=0|zone=2) [ 12.452276] page_type: f5(slab) [ 12.452428] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.452953] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.453280] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.453777] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.454148] head: 0200000000000001 ffffea000402b481 ffffffffffffffff 0000000000000000 [ 12.454515] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.454926] page dumped because: kasan: bad access detected [ 12.455164] [ 12.455669] Memory state around the buggy address: [ 12.455839] ffff888100ad2980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.456336] ffff888100ad2a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.456768] >ffff888100ad2a80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 12.457186] ^ [ 12.457473] ffff888100ad2b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458033] ffff888100ad2b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.458401] ================================================================== [ 12.556651] ================================================================== [ 12.556994] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec8/0x11d0 [ 12.557506] Write of size 1 at addr ffff8881028860da by task kunit_try_catch/170 [ 12.557881] [ 12.558027] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.558065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.558076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.558111] Call Trace: [ 12.558125] <TASK> [ 12.558138] dump_stack_lvl+0x73/0xb0 [ 12.558163] print_report+0xd1/0x650 [ 12.558184] ? __virt_addr_valid+0x1db/0x2d0 [ 12.558206] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.558228] ? kasan_addr_to_slab+0x11/0xa0 [ 12.558247] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.558269] kasan_report+0x140/0x180 [ 12.558290] ? krealloc_less_oob_helper+0xec8/0x11d0 [ 12.558317] __asan_report_store1_noabort+0x1b/0x30 [ 12.558341] krealloc_less_oob_helper+0xec8/0x11d0 [ 12.558365] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.558388] ? finish_task_switch.isra.0+0x153/0x700 [ 12.558411] ? __switch_to+0x5d9/0xf60 [ 12.558435] ? __schedule+0xce8/0x2840 [ 12.558457] ? __pfx_read_tsc+0x10/0x10 [ 12.558481] krealloc_large_less_oob+0x1c/0x30 [ 12.558503] kunit_try_run_case+0x1a6/0x480 [ 12.558526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.558547] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.558570] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.558592] ? __kthread_parkme+0x82/0x160 [ 12.558614] ? preempt_count_sub+0x50/0x80 [ 12.558637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.558659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.558684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.558709] kthread+0x324/0x6e0 [ 12.558730] ? trace_preempt_on+0x20/0xc0 [ 12.558752] ? __pfx_kthread+0x10/0x10 [ 12.558773] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.558795] ? calculate_sigpending+0x7b/0xa0 [ 12.558815] ? __pfx_kthread+0x10/0x10 [ 12.558837] ret_from_fork+0x41/0x80 [ 12.558855] ? __pfx_kthread+0x10/0x10 [ 12.558876] ret_from_fork_asm+0x1a/0x30 [ 12.558908] </TASK> [ 12.558918] [ 12.566218] The buggy address belongs to the physical page: [ 12.566387] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.566617] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.567199] flags: 0x200000000000040(head|node=0|zone=2) [ 12.567478] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.567856] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.568245] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.568832] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.569192] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.569556] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.569899] page dumped because: kasan: bad access detected [ 12.570156] [ 12.570272] Memory state around the buggy address: [ 12.570494] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.570806] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.571104] >ffff888102886080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.571404] ^ [ 12.571719] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.571959] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.572181] ================================================================== [ 12.540353] ================================================================== [ 12.541067] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe25/0x11d0 [ 12.541382] Write of size 1 at addr ffff8881028860d0 by task kunit_try_catch/170 [ 12.541643] [ 12.541807] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.541843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.541854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.541872] Call Trace: [ 12.541905] <TASK> [ 12.541917] dump_stack_lvl+0x73/0xb0 [ 12.541954] print_report+0xd1/0x650 [ 12.541988] ? __virt_addr_valid+0x1db/0x2d0 [ 12.542010] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.542056] ? kasan_addr_to_slab+0x11/0xa0 [ 12.542075] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.542098] kasan_report+0x140/0x180 [ 12.542133] ? krealloc_less_oob_helper+0xe25/0x11d0 [ 12.542173] __asan_report_store1_noabort+0x1b/0x30 [ 12.542209] krealloc_less_oob_helper+0xe25/0x11d0 [ 12.542234] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 12.542256] ? finish_task_switch.isra.0+0x153/0x700 [ 12.542278] ? __switch_to+0x5d9/0xf60 [ 12.542303] ? __schedule+0xce8/0x2840 [ 12.542325] ? __pfx_read_tsc+0x10/0x10 [ 12.542348] krealloc_large_less_oob+0x1c/0x30 [ 12.542370] kunit_try_run_case+0x1a6/0x480 [ 12.542392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.542412] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.542434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.542457] ? __kthread_parkme+0x82/0x160 [ 12.542478] ? preempt_count_sub+0x50/0x80 [ 12.542501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.542523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.542548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.542573] kthread+0x324/0x6e0 [ 12.542593] ? trace_preempt_on+0x20/0xc0 [ 12.542615] ? __pfx_kthread+0x10/0x10 [ 12.542637] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.542674] ? calculate_sigpending+0x7b/0xa0 [ 12.542708] ? __pfx_kthread+0x10/0x10 [ 12.542730] ret_from_fork+0x41/0x80 [ 12.542748] ? __pfx_kthread+0x10/0x10 [ 12.542769] ret_from_fork_asm+0x1a/0x30 [ 12.542799] </TASK> [ 12.542809] [ 12.550153] The buggy address belongs to the physical page: [ 12.550380] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.550760] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.551092] flags: 0x200000000000040(head|node=0|zone=2) [ 12.551338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.551659] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.551950] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.552286] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.552610] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.552962] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.553256] page dumped because: kasan: bad access detected [ 12.553501] [ 12.553621] Memory state around the buggy address: [ 12.553785] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.554110] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.554425] >ffff888102886080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 12.554763] ^ [ 12.555001] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.555302] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.555596] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 12.502327] ================================================================== [ 12.502916] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 12.503312] Write of size 1 at addr ffff8881028860f0 by task kunit_try_catch/168 [ 12.503725] [ 12.503829] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.503865] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.503876] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.503895] Call Trace: [ 12.503910] <TASK> [ 12.503925] dump_stack_lvl+0x73/0xb0 [ 12.503948] print_report+0xd1/0x650 [ 12.503968] ? __virt_addr_valid+0x1db/0x2d0 [ 12.503990] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.504050] ? kasan_addr_to_slab+0x11/0xa0 [ 12.504069] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.504092] kasan_report+0x140/0x180 [ 12.504114] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.504141] __asan_report_store1_noabort+0x1b/0x30 [ 12.504164] krealloc_more_oob_helper+0x7ed/0x930 [ 12.504184] ? __schedule+0xce8/0x2840 [ 12.504224] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.504247] ? finish_task_switch.isra.0+0x153/0x700 [ 12.504269] ? __switch_to+0x5d9/0xf60 [ 12.504294] ? __schedule+0xce8/0x2840 [ 12.504315] ? __pfx_read_tsc+0x10/0x10 [ 12.504339] krealloc_large_more_oob+0x1c/0x30 [ 12.504360] kunit_try_run_case+0x1a6/0x480 [ 12.504400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.504420] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.504443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.504466] ? __kthread_parkme+0x82/0x160 [ 12.504488] ? preempt_count_sub+0x50/0x80 [ 12.504511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.504533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.504621] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.504647] kthread+0x324/0x6e0 [ 12.504667] ? trace_preempt_on+0x20/0xc0 [ 12.504690] ? __pfx_kthread+0x10/0x10 [ 12.504711] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.504733] ? calculate_sigpending+0x7b/0xa0 [ 12.504755] ? __pfx_kthread+0x10/0x10 [ 12.504796] ret_from_fork+0x41/0x80 [ 12.504813] ? __pfx_kthread+0x10/0x10 [ 12.504835] ret_from_fork_asm+0x1a/0x30 [ 12.504866] </TASK> [ 12.504876] [ 12.512716] The buggy address belongs to the physical page: [ 12.512972] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.513326] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.513552] flags: 0x200000000000040(head|node=0|zone=2) [ 12.513820] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.514151] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.514378] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.514849] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.515231] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.515585] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.515899] page dumped because: kasan: bad access detected [ 12.516127] [ 12.516197] Memory state around the buggy address: [ 12.516439] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.516821] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.517096] >ffff888102886080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.517374] ^ [ 12.517730] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.517988] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.518327] ================================================================== [ 12.486073] ================================================================== [ 12.486694] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 12.487000] Write of size 1 at addr ffff8881028860eb by task kunit_try_catch/168 [ 12.487758] [ 12.487996] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.488050] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.488062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.488082] Call Trace: [ 12.488118] <TASK> [ 12.488134] dump_stack_lvl+0x73/0xb0 [ 12.488162] print_report+0xd1/0x650 [ 12.488183] ? __virt_addr_valid+0x1db/0x2d0 [ 12.488206] ? krealloc_more_oob_helper+0x823/0x930 [ 12.488228] ? kasan_addr_to_slab+0x11/0xa0 [ 12.488248] ? krealloc_more_oob_helper+0x823/0x930 [ 12.488270] kasan_report+0x140/0x180 [ 12.488291] ? krealloc_more_oob_helper+0x823/0x930 [ 12.488320] __asan_report_store1_noabort+0x1b/0x30 [ 12.488344] krealloc_more_oob_helper+0x823/0x930 [ 12.488365] ? __schedule+0xce8/0x2840 [ 12.488388] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.488410] ? finish_task_switch.isra.0+0x153/0x700 [ 12.488434] ? __switch_to+0x5d9/0xf60 [ 12.488459] ? __schedule+0xce8/0x2840 [ 12.488480] ? __pfx_read_tsc+0x10/0x10 [ 12.488504] krealloc_large_more_oob+0x1c/0x30 [ 12.488526] kunit_try_run_case+0x1a6/0x480 [ 12.488548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.488569] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.488592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.488614] ? __kthread_parkme+0x82/0x160 [ 12.488636] ? preempt_count_sub+0x50/0x80 [ 12.488659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.488681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.488707] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.488732] kthread+0x324/0x6e0 [ 12.488752] ? trace_preempt_on+0x20/0xc0 [ 12.488774] ? __pfx_kthread+0x10/0x10 [ 12.488796] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.488817] ? calculate_sigpending+0x7b/0xa0 [ 12.488838] ? __pfx_kthread+0x10/0x10 [ 12.488859] ret_from_fork+0x41/0x80 [ 12.488877] ? __pfx_kthread+0x10/0x10 [ 12.488898] ret_from_fork_asm+0x1a/0x30 [ 12.488929] </TASK> [ 12.488940] [ 12.496546] The buggy address belongs to the physical page: [ 12.496848] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102884 [ 12.497240] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.497522] flags: 0x200000000000040(head|node=0|zone=2) [ 12.497789] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.498099] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.498386] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.498674] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.498978] head: 0200000000000002 ffffea00040a2101 ffffffffffffffff 0000000000000000 [ 12.499209] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.499423] page dumped because: kasan: bad access detected [ 12.499668] [ 12.499762] Memory state around the buggy address: [ 12.499986] ffff888102885f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.500338] ffff888102886000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.500611] >ffff888102886080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 12.500813] ^ [ 12.501003] ffff888102886100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.501214] ffff888102886180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.501444] ================================================================== [ 12.309125] ================================================================== [ 12.309572] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x823/0x930 [ 12.310034] Write of size 1 at addr ffff8881003a18eb by task kunit_try_catch/164 [ 12.310343] [ 12.310452] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.310489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.310500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.310520] Call Trace: [ 12.310531] <TASK> [ 12.310545] dump_stack_lvl+0x73/0xb0 [ 12.310573] print_report+0xd1/0x650 [ 12.310598] ? __virt_addr_valid+0x1db/0x2d0 [ 12.310621] ? krealloc_more_oob_helper+0x823/0x930 [ 12.310646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.310673] ? krealloc_more_oob_helper+0x823/0x930 [ 12.310699] kasan_report+0x140/0x180 [ 12.310723] ? krealloc_more_oob_helper+0x823/0x930 [ 12.310752] __asan_report_store1_noabort+0x1b/0x30 [ 12.310778] krealloc_more_oob_helper+0x823/0x930 [ 12.310802] ? trace_hardirqs_on+0x37/0xe0 [ 12.310828] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.310852] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.310885] ? __pfx_krealloc_more_oob+0x10/0x10 [ 12.310914] krealloc_more_oob+0x1c/0x30 [ 12.310936] kunit_try_run_case+0x1a6/0x480 [ 12.310962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.310986] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.311012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.311048] ? __kthread_parkme+0x82/0x160 [ 12.311073] ? preempt_count_sub+0x50/0x80 [ 12.311101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.311125] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.311153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.311181] kthread+0x324/0x6e0 [ 12.311206] ? trace_preempt_on+0x20/0xc0 [ 12.311230] ? __pfx_kthread+0x10/0x10 [ 12.311255] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.311279] ? calculate_sigpending+0x7b/0xa0 [ 12.311302] ? __pfx_kthread+0x10/0x10 [ 12.311327] ret_from_fork+0x41/0x80 [ 12.311348] ? __pfx_kthread+0x10/0x10 [ 12.311373] ret_from_fork_asm+0x1a/0x30 [ 12.311407] </TASK> [ 12.311417] [ 12.318974] Allocated by task 164: [ 12.319142] kasan_save_stack+0x45/0x70 [ 12.319315] kasan_save_track+0x18/0x40 [ 12.319450] kasan_save_alloc_info+0x3b/0x50 [ 12.319606] __kasan_krealloc+0x190/0x1f0 [ 12.319815] krealloc_noprof+0xf3/0x340 [ 12.320024] krealloc_more_oob_helper+0x1aa/0x930 [ 12.320269] krealloc_more_oob+0x1c/0x30 [ 12.320450] kunit_try_run_case+0x1a6/0x480 [ 12.320596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.320819] kthread+0x324/0x6e0 [ 12.321201] ret_from_fork+0x41/0x80 [ 12.321406] ret_from_fork_asm+0x1a/0x30 [ 12.321658] [ 12.321758] The buggy address belongs to the object at ffff8881003a1800 [ 12.321758] which belongs to the cache kmalloc-256 of size 256 [ 12.322212] The buggy address is located 0 bytes to the right of [ 12.322212] allocated 235-byte region [ffff8881003a1800, ffff8881003a18eb) [ 12.322754] [ 12.322847] The buggy address belongs to the physical page: [ 12.323063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 12.323406] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.323709] flags: 0x200000000000040(head|node=0|zone=2) [ 12.323966] page_type: f5(slab) [ 12.324135] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.324434] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.324666] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.324902] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.325179] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 12.325903] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.326231] page dumped because: kasan: bad access detected [ 12.326402] [ 12.326471] Memory state around the buggy address: [ 12.326823] ffff8881003a1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.327167] ffff8881003a1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.327498] >ffff8881003a1880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.327911] ^ [ 12.328126] ffff8881003a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.328384] ffff8881003a1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.328881] ================================================================== [ 12.329381] ================================================================== [ 12.329850] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7ed/0x930 [ 12.330128] Write of size 1 at addr ffff8881003a18f0 by task kunit_try_catch/164 [ 12.330454] [ 12.330615] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.330655] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.330666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.330686] Call Trace: [ 12.330702] <TASK> [ 12.330717] dump_stack_lvl+0x73/0xb0 [ 12.330744] print_report+0xd1/0x650 [ 12.330768] ? __virt_addr_valid+0x1db/0x2d0 [ 12.330792] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.330816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.330844] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.330870] kasan_report+0x140/0x180 [ 12.330894] ? krealloc_more_oob_helper+0x7ed/0x930 [ 12.330924] __asan_report_store1_noabort+0x1b/0x30 [ 12.330950] krealloc_more_oob_helper+0x7ed/0x930 [ 12.330974] ? trace_hardirqs_on+0x37/0xe0 [ 12.331001] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 12.331040] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.331072] ? __pfx_krealloc_more_oob+0x10/0x10 [ 12.331101] krealloc_more_oob+0x1c/0x30 [ 12.331124] kunit_try_run_case+0x1a6/0x480 [ 12.331149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.331172] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.331198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.331225] ? __kthread_parkme+0x82/0x160 [ 12.331249] ? preempt_count_sub+0x50/0x80 [ 12.331275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.331300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.331328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.331356] kthread+0x324/0x6e0 [ 12.331379] ? trace_preempt_on+0x20/0xc0 [ 12.331404] ? __pfx_kthread+0x10/0x10 [ 12.331428] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.331453] ? calculate_sigpending+0x7b/0xa0 [ 12.331477] ? __pfx_kthread+0x10/0x10 [ 12.331501] ret_from_fork+0x41/0x80 [ 12.331522] ? __pfx_kthread+0x10/0x10 [ 12.331546] ret_from_fork_asm+0x1a/0x30 [ 12.331580] </TASK> [ 12.331590] [ 12.338935] Allocated by task 164: [ 12.339121] kasan_save_stack+0x45/0x70 [ 12.339267] kasan_save_track+0x18/0x40 [ 12.339403] kasan_save_alloc_info+0x3b/0x50 [ 12.339551] __kasan_krealloc+0x190/0x1f0 [ 12.339750] krealloc_noprof+0xf3/0x340 [ 12.340175] krealloc_more_oob_helper+0x1aa/0x930 [ 12.340408] krealloc_more_oob+0x1c/0x30 [ 12.340575] kunit_try_run_case+0x1a6/0x480 [ 12.340719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.340895] kthread+0x324/0x6e0 [ 12.341122] ret_from_fork+0x41/0x80 [ 12.341307] ret_from_fork_asm+0x1a/0x30 [ 12.341519] [ 12.341612] The buggy address belongs to the object at ffff8881003a1800 [ 12.341612] which belongs to the cache kmalloc-256 of size 256 [ 12.342488] The buggy address is located 5 bytes to the right of [ 12.342488] allocated 235-byte region [ffff8881003a1800, ffff8881003a18eb) [ 12.343081] [ 12.343182] The buggy address belongs to the physical page: [ 12.343440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1003a0 [ 12.343804] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.344101] flags: 0x200000000000040(head|node=0|zone=2) [ 12.344327] page_type: f5(slab) [ 12.344493] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.344829] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.345074] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 12.345303] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.345569] head: 0200000000000001 ffffea000400e801 ffffffffffffffff 0000000000000000 [ 12.345996] head: 0000000000000002 0000000000000000 00000000ffffffff 0000000000000000 [ 12.346333] page dumped because: kasan: bad access detected [ 12.346578] [ 12.346652] Memory state around the buggy address: [ 12.346801] ffff8881003a1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.347012] ffff8881003a1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.347232] >ffff8881003a1880: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 12.347664] ^ [ 12.347977] ffff8881003a1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348304] ffff8881003a1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.348621] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.670139] ================================================================== [ 23.670524] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x251/0x340 [ 23.670524] [ 23.670868] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#119): [ 23.671456] test_kmalloc_aligned_oob_write+0x251/0x340 [ 23.671761] kunit_try_run_case+0x1a6/0x480 [ 23.671953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.672338] kthread+0x324/0x6e0 [ 23.672529] ret_from_fork+0x41/0x80 [ 23.672699] ret_from_fork_asm+0x1a/0x30 [ 23.672896] [ 23.672983] kfence-#119: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.672983] [ 23.673288] allocated by task 333 on cpu 0 at 23.669856s (0.003429s ago): [ 23.673606] test_alloc+0x365/0x10f0 [ 23.673815] test_kmalloc_aligned_oob_write+0xc9/0x340 [ 23.673988] kunit_try_run_case+0x1a6/0x480 [ 23.674160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.674421] kthread+0x324/0x6e0 [ 23.674656] ret_from_fork+0x41/0x80 [ 23.674854] ret_from_fork_asm+0x1a/0x30 [ 23.675061] [ 23.675134] freed by task 333 on cpu 0 at 23.669998s (0.005133s ago): [ 23.675448] test_kmalloc_aligned_oob_write+0x251/0x340 [ 23.675726] kunit_try_run_case+0x1a6/0x480 [ 23.675904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.676165] kthread+0x324/0x6e0 [ 23.676319] ret_from_fork+0x41/0x80 [ 23.676453] ret_from_fork_asm+0x1a/0x30 [ 23.676597] [ 23.676710] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.677127] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.677310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.677576] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.566118] ================================================================== [ 23.566519] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27f/0x570 [ 23.566519] [ 23.566866] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#118): [ 23.567651] test_kmalloc_aligned_oob_read+0x27f/0x570 [ 23.567897] kunit_try_run_case+0x1a6/0x480 [ 23.568123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.568361] kthread+0x324/0x6e0 [ 23.568539] ret_from_fork+0x41/0x80 [ 23.569081] ret_from_fork_asm+0x1a/0x30 [ 23.569251] [ 23.569486] kfence-#118: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.569486] [ 23.569973] allocated by task 331 on cpu 1 at 23.565883s (0.004087s ago): [ 23.570396] test_alloc+0x365/0x10f0 [ 23.570567] test_kmalloc_aligned_oob_read+0x106/0x570 [ 23.570782] kunit_try_run_case+0x1a6/0x480 [ 23.570965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.571201] kthread+0x324/0x6e0 [ 23.571351] ret_from_fork+0x41/0x80 [ 23.571508] ret_from_fork_asm+0x1a/0x30 [ 23.572120] [ 23.572237] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 23.572726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.572982] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.573436] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 19.198145] ================================================================== [ 19.198572] BUG: KFENCE: memory corruption in test_corruption+0x2d4/0x3e0 [ 19.198572] [ 19.198911] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#76): [ 19.199675] test_corruption+0x2d4/0x3e0 [ 19.200095] kunit_try_run_case+0x1a6/0x480 [ 19.200324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.200557] kthread+0x324/0x6e0 [ 19.200740] ret_from_fork+0x41/0x80 [ 19.200916] ret_from_fork_asm+0x1a/0x30 [ 19.201128] [ 19.201229] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.201229] [ 19.201613] allocated by task 319 on cpu 0 at 19.197891s (0.003720s ago): [ 19.201898] test_alloc+0x365/0x10f0 [ 19.202665] test_corruption+0xe7/0x3e0 [ 19.202840] kunit_try_run_case+0x1a6/0x480 [ 19.203207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.203524] kthread+0x324/0x6e0 [ 19.203750] ret_from_fork+0x41/0x80 [ 19.204058] ret_from_fork_asm+0x1a/0x30 [ 19.204332] [ 19.204417] freed by task 319 on cpu 0 at 19.197964s (0.006451s ago): [ 19.204823] test_corruption+0x2d4/0x3e0 [ 19.205090] kunit_try_run_case+0x1a6/0x480 [ 19.205367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.205661] kthread+0x324/0x6e0 [ 19.205958] ret_from_fork+0x41/0x80 [ 19.206227] ret_from_fork_asm+0x1a/0x30 [ 19.206397] [ 19.206630] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.207119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.207310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.207858] ================================================================== [ 19.614056] ================================================================== [ 19.614435] BUG: KFENCE: memory corruption in test_corruption+0x217/0x3e0 [ 19.614435] [ 19.614828] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#80): [ 19.615209] test_corruption+0x217/0x3e0 [ 19.615390] kunit_try_run_case+0x1a6/0x480 [ 19.615597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.615874] kthread+0x324/0x6e0 [ 19.616052] ret_from_fork+0x41/0x80 [ 19.616244] ret_from_fork_asm+0x1a/0x30 [ 19.616410] [ 19.616509] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.616509] [ 19.616900] allocated by task 321 on cpu 1 at 19.613914s (0.002983s ago): [ 19.617226] test_alloc+0x2a7/0x10f0 [ 19.617443] test_corruption+0x1cc/0x3e0 [ 19.617633] kunit_try_run_case+0x1a6/0x480 [ 19.617835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.618029] kthread+0x324/0x6e0 [ 19.618198] ret_from_fork+0x41/0x80 [ 19.618406] ret_from_fork_asm+0x1a/0x30 [ 19.618630] [ 19.618728] freed by task 321 on cpu 1 at 19.613972s (0.004754s ago): [ 19.619132] test_corruption+0x217/0x3e0 [ 19.619641] kunit_try_run_case+0x1a6/0x480 [ 19.619936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.620692] kthread+0x324/0x6e0 [ 19.620890] ret_from_fork+0x41/0x80 [ 19.621076] ret_from_fork_asm+0x1a/0x30 [ 19.621274] [ 19.621380] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.622058] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.622327] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.622866] ================================================================== [ 19.509936] ================================================================== [ 19.510394] BUG: KFENCE: memory corruption in test_corruption+0x132/0x3e0 [ 19.510394] [ 19.510900] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#79): [ 19.511602] test_corruption+0x132/0x3e0 [ 19.511804] kunit_try_run_case+0x1a6/0x480 [ 19.512033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.512351] kthread+0x324/0x6e0 [ 19.512514] ret_from_fork+0x41/0x80 [ 19.512843] ret_from_fork_asm+0x1a/0x30 [ 19.513138] [ 19.513247] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.513247] [ 19.513867] allocated by task 321 on cpu 1 at 19.509809s (0.004056s ago): [ 19.514328] test_alloc+0x2a7/0x10f0 [ 19.514561] test_corruption+0xe7/0x3e0 [ 19.514773] kunit_try_run_case+0x1a6/0x480 [ 19.514936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.515350] kthread+0x324/0x6e0 [ 19.515572] ret_from_fork+0x41/0x80 [ 19.515820] ret_from_fork_asm+0x1a/0x30 [ 19.515987] [ 19.516096] freed by task 321 on cpu 1 at 19.509861s (0.006232s ago): [ 19.516535] test_corruption+0x132/0x3e0 [ 19.516745] kunit_try_run_case+0x1a6/0x480 [ 19.516924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.517250] kthread+0x324/0x6e0 [ 19.517457] ret_from_fork+0x41/0x80 [ 19.517600] ret_from_fork_asm+0x1a/0x30 [ 19.517989] [ 19.518120] CPU: 1 UID: 0 PID: 321 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.518514] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.518780] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.519257] ================================================================== [ 19.406156] ================================================================== [ 19.406545] BUG: KFENCE: memory corruption in test_corruption+0x2e1/0x3e0 [ 19.406545] [ 19.406840] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#78): [ 19.407234] test_corruption+0x2e1/0x3e0 [ 19.407430] kunit_try_run_case+0x1a6/0x480 [ 19.407588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.407815] kthread+0x324/0x6e0 [ 19.408113] ret_from_fork+0x41/0x80 [ 19.408305] ret_from_fork_asm+0x1a/0x30 [ 19.408505] [ 19.408581] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.408581] [ 19.409596] allocated by task 319 on cpu 0 at 19.405884s (0.003709s ago): [ 19.409914] test_alloc+0x365/0x10f0 [ 19.410118] test_corruption+0x1cc/0x3e0 [ 19.410309] kunit_try_run_case+0x1a6/0x480 [ 19.410504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.411094] kthread+0x324/0x6e0 [ 19.411257] ret_from_fork+0x41/0x80 [ 19.411559] ret_from_fork_asm+0x1a/0x30 [ 19.411725] [ 19.411949] freed by task 319 on cpu 0 at 19.405973s (0.005922s ago): [ 19.412256] test_corruption+0x2e1/0x3e0 [ 19.412591] kunit_try_run_case+0x1a6/0x480 [ 19.412798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.413046] kthread+0x324/0x6e0 [ 19.413210] ret_from_fork+0x41/0x80 [ 19.413376] ret_from_fork_asm+0x1a/0x30 [ 19.413559] [ 19.413668] CPU: 0 UID: 0 PID: 319 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 19.414387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.414670] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.415108] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.782057] ================================================================== [ 18.782502] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e3/0x260 [ 18.782502] [ 18.782897] Invalid free of 0x(____ptrval____) (in kfence-#72): [ 18.783194] test_invalid_addr_free+0x1e3/0x260 [ 18.783405] kunit_try_run_case+0x1a6/0x480 [ 18.783589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.783769] kthread+0x324/0x6e0 [ 18.784047] ret_from_fork+0x41/0x80 [ 18.784250] ret_from_fork_asm+0x1a/0x30 [ 18.784470] [ 18.784576] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.784576] [ 18.785329] allocated by task 315 on cpu 0 at 18.781924s (0.003403s ago): [ 18.785659] test_alloc+0x365/0x10f0 [ 18.785809] test_invalid_addr_free+0xdc/0x260 [ 18.786500] kunit_try_run_case+0x1a6/0x480 [ 18.786725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.786948] kthread+0x324/0x6e0 [ 18.787256] ret_from_fork+0x41/0x80 [ 18.787494] ret_from_fork_asm+0x1a/0x30 [ 18.787790] [ 18.787898] CPU: 0 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.788432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.788582] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.788994] ================================================================== [ 18.886076] ================================================================== [ 18.886446] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfc/0x260 [ 18.886446] [ 18.886823] Invalid free of 0x(____ptrval____) (in kfence-#73): [ 18.887093] test_invalid_addr_free+0xfc/0x260 [ 18.887317] kunit_try_run_case+0x1a6/0x480 [ 18.887532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.887713] kthread+0x324/0x6e0 [ 18.887840] ret_from_fork+0x41/0x80 [ 18.888045] ret_from_fork_asm+0x1a/0x30 [ 18.888251] [ 18.888352] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.888352] [ 18.888648] allocated by task 317 on cpu 1 at 18.885948s (0.002698s ago): [ 18.888964] test_alloc+0x2a7/0x10f0 [ 18.889148] test_invalid_addr_free+0xdc/0x260 [ 18.889322] kunit_try_run_case+0x1a6/0x480 [ 18.889533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.889796] kthread+0x324/0x6e0 [ 18.889920] ret_from_fork+0x41/0x80 [ 18.890060] ret_from_fork_asm+0x1a/0x30 [ 18.890267] [ 18.890386] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.890799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.890947] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.892020] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.678097] ================================================================== [ 18.678480] BUG: KFENCE: invalid free in test_double_free+0x113/0x260 [ 18.678480] [ 18.678837] Invalid free of 0x(____ptrval____) (in kfence-#71): [ 18.679144] test_double_free+0x113/0x260 [ 18.679354] kunit_try_run_case+0x1a6/0x480 [ 18.679576] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.679789] kthread+0x324/0x6e0 [ 18.679962] ret_from_fork+0x41/0x80 [ 18.680159] ret_from_fork_asm+0x1a/0x30 [ 18.680317] [ 18.680388] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.680388] [ 18.680752] allocated by task 313 on cpu 1 at 18.677902s (0.002848s ago): [ 18.681160] test_alloc+0x2a7/0x10f0 [ 18.681362] test_double_free+0xdc/0x260 [ 18.681496] kunit_try_run_case+0x1a6/0x480 [ 18.681692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.681962] kthread+0x324/0x6e0 [ 18.682163] ret_from_fork+0x41/0x80 [ 18.682428] ret_from_fork_asm+0x1a/0x30 [ 18.682696] [ 18.682771] freed by task 313 on cpu 1 at 18.677962s (0.004806s ago): [ 18.683005] test_double_free+0xfb/0x260 [ 18.683239] kunit_try_run_case+0x1a6/0x480 [ 18.683475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.683726] kthread+0x324/0x6e0 [ 18.683878] ret_from_fork+0x41/0x80 [ 18.684090] ret_from_fork_asm+0x1a/0x30 [ 18.684298] [ 18.684431] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.684858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.685084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.685471] ================================================================== [ 18.574180] ================================================================== [ 18.574597] BUG: KFENCE: invalid free in test_double_free+0x1d5/0x260 [ 18.574597] [ 18.574908] Invalid free of 0x(____ptrval____) (in kfence-#70): [ 18.575190] test_double_free+0x1d5/0x260 [ 18.575403] kunit_try_run_case+0x1a6/0x480 [ 18.575557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.575852] kthread+0x324/0x6e0 [ 18.576092] ret_from_fork+0x41/0x80 [ 18.576265] ret_from_fork_asm+0x1a/0x30 [ 18.576421] [ 18.576520] kfence-#70: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.576520] [ 18.576972] allocated by task 311 on cpu 0 at 18.573910s (0.003060s ago): [ 18.577889] test_alloc+0x365/0x10f0 [ 18.578063] test_double_free+0xdc/0x260 [ 18.578268] kunit_try_run_case+0x1a6/0x480 [ 18.578480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.579077] kthread+0x324/0x6e0 [ 18.579244] ret_from_fork+0x41/0x80 [ 18.579426] ret_from_fork_asm+0x1a/0x30 [ 18.579764] [ 18.579847] freed by task 311 on cpu 0 at 18.573975s (0.005870s ago): [ 18.580154] test_double_free+0x1e2/0x260 [ 18.580365] kunit_try_run_case+0x1a6/0x480 [ 18.580564] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.580794] kthread+0x324/0x6e0 [ 18.580964] ret_from_fork+0x41/0x80 [ 18.581115] ret_from_fork_asm+0x1a/0x30 [ 18.581322] [ 18.581431] CPU: 0 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.582311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.582475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.583053] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 18.262052] ================================================================== [ 18.262417] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 18.262417] [ 18.262941] Use-after-free read at 0x(____ptrval____) (in kfence-#67): [ 18.263509] test_use_after_free_read+0x12a/0x270 [ 18.263935] kunit_try_run_case+0x1a6/0x480 [ 18.264243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.264425] kthread+0x324/0x6e0 [ 18.264555] ret_from_fork+0x41/0x80 [ 18.264688] ret_from_fork_asm+0x1a/0x30 [ 18.264835] [ 18.264911] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.264911] [ 18.265241] allocated by task 305 on cpu 0 at 18.261915s (0.003324s ago): [ 18.265508] test_alloc+0x2a7/0x10f0 [ 18.265641] test_use_after_free_read+0xdd/0x270 [ 18.265871] kunit_try_run_case+0x1a6/0x480 [ 18.266113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.266292] kthread+0x324/0x6e0 [ 18.266462] ret_from_fork+0x41/0x80 [ 18.266751] ret_from_fork_asm+0x1a/0x30 [ 18.266959] [ 18.267065] freed by task 305 on cpu 0 at 18.261962s (0.005101s ago): [ 18.267367] test_use_after_free_read+0xfc/0x270 [ 18.267621] kunit_try_run_case+0x1a6/0x480 [ 18.267798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.267982] kthread+0x324/0x6e0 [ 18.268153] ret_from_fork+0x41/0x80 [ 18.268362] ret_from_fork_asm+0x1a/0x30 [ 18.268570] [ 18.268798] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.269164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.269371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.269743] ================================================================== [ 18.158132] ================================================================== [ 18.158552] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x12a/0x270 [ 18.158552] [ 18.159252] Use-after-free read at 0x(____ptrval____) (in kfence-#66): [ 18.159808] test_use_after_free_read+0x12a/0x270 [ 18.160149] kunit_try_run_case+0x1a6/0x480 [ 18.160365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.160756] kthread+0x324/0x6e0 [ 18.161025] ret_from_fork+0x41/0x80 [ 18.161300] ret_from_fork_asm+0x1a/0x30 [ 18.161514] [ 18.161763] kfence-#66: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.161763] [ 18.162165] allocated by task 303 on cpu 1 at 18.157875s (0.004287s ago): [ 18.162491] test_alloc+0x365/0x10f0 [ 18.162686] test_use_after_free_read+0xdd/0x270 [ 18.162889] kunit_try_run_case+0x1a6/0x480 [ 18.163121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.163376] kthread+0x324/0x6e0 [ 18.163497] ret_from_fork+0x41/0x80 [ 18.163640] ret_from_fork_asm+0x1a/0x30 [ 18.163870] [ 18.164131] freed by task 303 on cpu 1 at 18.157942s (0.006106s ago): [ 18.164523] test_use_after_free_read+0x1e9/0x270 [ 18.164717] kunit_try_run_case+0x1a6/0x480 [ 18.164946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.165196] kthread+0x324/0x6e0 [ 18.165361] ret_from_fork+0x41/0x80 [ 18.165553] ret_from_fork_asm+0x1a/0x30 [ 18.165727] [ 18.165875] CPU: 1 UID: 0 PID: 303 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.166266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.166476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.166855] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.009803] ================================================================== [ 12.010461] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f2/0x7f0 [ 12.011138] Write of size 1 at addr ffff888101bd1873 by task kunit_try_catch/144 [ 12.011697] [ 12.012467] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G N 6.14.10-rc1 #1 [ 12.012853] Tainted: [N]=TEST [ 12.012881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.013108] Call Trace: [ 12.013176] <TASK> [ 12.013320] dump_stack_lvl+0x73/0xb0 [ 12.013404] print_report+0xd1/0x650 [ 12.013432] ? __virt_addr_valid+0x1db/0x2d0 [ 12.013456] ? kmalloc_oob_right+0x6f2/0x7f0 [ 12.013475] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.013500] ? kmalloc_oob_right+0x6f2/0x7f0 [ 12.013520] kasan_report+0x140/0x180 [ 12.013541] ? kmalloc_oob_right+0x6f2/0x7f0 [ 12.013565] __asan_report_store1_noabort+0x1b/0x30 [ 12.013588] kmalloc_oob_right+0x6f2/0x7f0 [ 12.013609] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.013631] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.013655] kunit_try_run_case+0x1a6/0x480 [ 12.013680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.013700] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.013725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.013757] ? __kthread_parkme+0x82/0x160 [ 12.013780] ? preempt_count_sub+0x50/0x80 [ 12.013805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.013827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.013853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.013878] kthread+0x324/0x6e0 [ 12.013899] ? trace_preempt_on+0x20/0xc0 [ 12.013923] ? __pfx_kthread+0x10/0x10 [ 12.013944] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.013966] ? calculate_sigpending+0x7b/0xa0 [ 12.013988] ? __pfx_kthread+0x10/0x10 [ 12.014010] ret_from_fork+0x41/0x80 [ 12.014039] ? __pfx_kthread+0x10/0x10 [ 12.014060] ret_from_fork_asm+0x1a/0x30 [ 12.014113] </TASK> [ 12.014175] [ 12.025067] Allocated by task 144: [ 12.025348] kasan_save_stack+0x45/0x70 [ 12.025568] kasan_save_track+0x18/0x40 [ 12.025778] kasan_save_alloc_info+0x3b/0x50 [ 12.025989] __kasan_kmalloc+0xb7/0xc0 [ 12.026133] __kmalloc_cache_noprof+0x18a/0x420 [ 12.026383] kmalloc_oob_right+0xaa/0x7f0 [ 12.026548] kunit_try_run_case+0x1a6/0x480 [ 12.026773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.027000] kthread+0x324/0x6e0 [ 12.027150] ret_from_fork+0x41/0x80 [ 12.027328] ret_from_fork_asm+0x1a/0x30 [ 12.027556] [ 12.027754] The buggy address belongs to the object at ffff888101bd1800 [ 12.027754] which belongs to the cache kmalloc-128 of size 128 [ 12.028542] The buggy address is located 0 bytes to the right of [ 12.028542] allocated 115-byte region [ffff888101bd1800, ffff888101bd1873) [ 12.029108] [ 12.029259] The buggy address belongs to the physical page: [ 12.029693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.030222] flags: 0x200000000000000(node=0|zone=2) [ 12.030818] page_type: f5(slab) [ 12.031304] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.031684] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.032008] page dumped because: kasan: bad access detected [ 12.032286] [ 12.032389] Memory state around the buggy address: [ 12.032909] ffff888101bd1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.033246] ffff888101bd1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.033538] >ffff888101bd1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.033875] ^ [ 12.034190] ffff888101bd1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.034470] ffff888101bd1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.034820] ================================================================== [ 12.036111] ================================================================== [ 12.036366] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bf/0x7f0 [ 12.036662] Write of size 1 at addr ffff888101bd1878 by task kunit_try_catch/144 [ 12.036889] [ 12.036994] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.037057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.037069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.037087] Call Trace: [ 12.037100] <TASK> [ 12.037114] dump_stack_lvl+0x73/0xb0 [ 12.037137] print_report+0xd1/0x650 [ 12.037157] ? __virt_addr_valid+0x1db/0x2d0 [ 12.037178] ? kmalloc_oob_right+0x6bf/0x7f0 [ 12.037198] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.037222] ? kmalloc_oob_right+0x6bf/0x7f0 [ 12.037242] kasan_report+0x140/0x180 [ 12.037263] ? kmalloc_oob_right+0x6bf/0x7f0 [ 12.037288] __asan_report_store1_noabort+0x1b/0x30 [ 12.037310] kmalloc_oob_right+0x6bf/0x7f0 [ 12.037331] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.037354] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.037378] kunit_try_run_case+0x1a6/0x480 [ 12.037400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.037420] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.037443] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.037466] ? __kthread_parkme+0x82/0x160 [ 12.037487] ? preempt_count_sub+0x50/0x80 [ 12.037511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.037533] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.037558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.037583] kthread+0x324/0x6e0 [ 12.037603] ? trace_preempt_on+0x20/0xc0 [ 12.037625] ? __pfx_kthread+0x10/0x10 [ 12.037646] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.037667] ? calculate_sigpending+0x7b/0xa0 [ 12.037688] ? __pfx_kthread+0x10/0x10 [ 12.037710] ret_from_fork+0x41/0x80 [ 12.037728] ? __pfx_kthread+0x10/0x10 [ 12.037754] ret_from_fork_asm+0x1a/0x30 [ 12.037783] </TASK> [ 12.037793] [ 12.044608] Allocated by task 144: [ 12.044763] kasan_save_stack+0x45/0x70 [ 12.044901] kasan_save_track+0x18/0x40 [ 12.045047] kasan_save_alloc_info+0x3b/0x50 [ 12.045425] __kasan_kmalloc+0xb7/0xc0 [ 12.045698] __kmalloc_cache_noprof+0x18a/0x420 [ 12.045859] kmalloc_oob_right+0xaa/0x7f0 [ 12.046049] kunit_try_run_case+0x1a6/0x480 [ 12.046254] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.046448] kthread+0x324/0x6e0 [ 12.046568] ret_from_fork+0x41/0x80 [ 12.046694] ret_from_fork_asm+0x1a/0x30 [ 12.046877] [ 12.046980] The buggy address belongs to the object at ffff888101bd1800 [ 12.046980] which belongs to the cache kmalloc-128 of size 128 [ 12.047606] The buggy address is located 5 bytes to the right of [ 12.047606] allocated 115-byte region [ffff888101bd1800, ffff888101bd1873) [ 12.047972] [ 12.048065] The buggy address belongs to the physical page: [ 12.048398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.048741] flags: 0x200000000000000(node=0|zone=2) [ 12.048955] page_type: f5(slab) [ 12.049113] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.049366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.049641] page dumped because: kasan: bad access detected [ 12.050039] [ 12.050130] Memory state around the buggy address: [ 12.050330] ffff888101bd1700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.050696] ffff888101bd1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.050984] >ffff888101bd1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.051234] ^ [ 12.051445] ffff888101bd1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.051659] ffff888101bd1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.051868] ================================================================== [ 12.052324] ================================================================== [ 12.052825] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68c/0x7f0 [ 12.053151] Read of size 1 at addr ffff888101bd1880 by task kunit_try_catch/144 [ 12.053728] [ 12.053813] CPU: 1 UID: 0 PID: 144 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.053849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.053860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.053879] Call Trace: [ 12.053892] <TASK> [ 12.053905] dump_stack_lvl+0x73/0xb0 [ 12.053929] print_report+0xd1/0x650 [ 12.053949] ? __virt_addr_valid+0x1db/0x2d0 [ 12.053970] ? kmalloc_oob_right+0x68c/0x7f0 [ 12.053990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.054014] ? kmalloc_oob_right+0x68c/0x7f0 [ 12.054045] kasan_report+0x140/0x180 [ 12.054066] ? kmalloc_oob_right+0x68c/0x7f0 [ 12.054090] __asan_report_load1_noabort+0x18/0x20 [ 12.054113] kmalloc_oob_right+0x68c/0x7f0 [ 12.054133] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.054156] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.054180] kunit_try_run_case+0x1a6/0x480 [ 12.054202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.054222] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.054245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.054268] ? __kthread_parkme+0x82/0x160 [ 12.054290] ? preempt_count_sub+0x50/0x80 [ 12.054314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.054337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.054362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.054387] kthread+0x324/0x6e0 [ 12.054407] ? trace_preempt_on+0x20/0xc0 [ 12.054429] ? __pfx_kthread+0x10/0x10 [ 12.054452] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.054473] ? calculate_sigpending+0x7b/0xa0 [ 12.054494] ? __pfx_kthread+0x10/0x10 [ 12.054515] ret_from_fork+0x41/0x80 [ 12.054533] ? __pfx_kthread+0x10/0x10 [ 12.054554] ret_from_fork_asm+0x1a/0x30 [ 12.054584] </TASK> [ 12.054593] [ 12.061872] Allocated by task 144: [ 12.062047] kasan_save_stack+0x45/0x70 [ 12.062191] kasan_save_track+0x18/0x40 [ 12.062322] kasan_save_alloc_info+0x3b/0x50 [ 12.062468] __kasan_kmalloc+0xb7/0xc0 [ 12.062595] __kmalloc_cache_noprof+0x18a/0x420 [ 12.062747] kmalloc_oob_right+0xaa/0x7f0 [ 12.062883] kunit_try_run_case+0x1a6/0x480 [ 12.063079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.063330] kthread+0x324/0x6e0 [ 12.063597] ret_from_fork+0x41/0x80 [ 12.063777] ret_from_fork_asm+0x1a/0x30 [ 12.063984] [ 12.064088] The buggy address belongs to the object at ffff888101bd1800 [ 12.064088] which belongs to the cache kmalloc-128 of size 128 [ 12.064629] The buggy address is located 13 bytes to the right of [ 12.064629] allocated 115-byte region [ffff888101bd1800, ffff888101bd1873) [ 12.065086] [ 12.065236] The buggy address belongs to the physical page: [ 12.065449] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.065874] flags: 0x200000000000000(node=0|zone=2) [ 12.066098] page_type: f5(slab) [ 12.066214] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.066440] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.066970] page dumped because: kasan: bad access detected [ 12.067457] [ 12.067538] Memory state around the buggy address: [ 12.067791] ffff888101bd1780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.068061] ffff888101bd1800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.068474] >ffff888101bd1880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.068882] ^ [ 12.068996] ffff888101bd1900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069324] ffff888101bd1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069543] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.846043] ================================================================== [ 17.846410] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 17.846410] [ 17.847151] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#63): [ 17.847639] test_out_of_bounds_write+0x10e/0x260 [ 17.847833] kunit_try_run_case+0x1a6/0x480 [ 17.847985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.848171] kthread+0x324/0x6e0 [ 17.848295] ret_from_fork+0x41/0x80 [ 17.848424] ret_from_fork_asm+0x1a/0x30 [ 17.848574] [ 17.848739] kfence-#63: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.848739] [ 17.849548] allocated by task 299 on cpu 1 at 17.845904s (0.003642s ago): [ 17.850303] test_alloc+0x365/0x10f0 [ 17.850449] test_out_of_bounds_write+0xd5/0x260 [ 17.850791] kunit_try_run_case+0x1a6/0x480 [ 17.850985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.851232] kthread+0x324/0x6e0 [ 17.851388] ret_from_fork+0x41/0x80 [ 17.851551] ret_from_fork_asm+0x1a/0x30 [ 17.851722] [ 17.851838] CPU: 1 UID: 0 PID: 299 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.852210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.852388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.853215] ================================================================== [ 18.053969] ================================================================== [ 18.054380] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10e/0x260 [ 18.054380] [ 18.054945] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#65): [ 18.055202] test_out_of_bounds_write+0x10e/0x260 [ 18.055442] kunit_try_run_case+0x1a6/0x480 [ 18.055666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.055991] kthread+0x324/0x6e0 [ 18.056255] ret_from_fork+0x41/0x80 [ 18.056444] ret_from_fork_asm+0x1a/0x30 [ 18.056636] [ 18.056728] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.056728] [ 18.057192] allocated by task 301 on cpu 0 at 18.053913s (0.003276s ago): [ 18.057519] test_alloc+0x2a7/0x10f0 [ 18.057698] test_out_of_bounds_write+0xd5/0x260 [ 18.057924] kunit_try_run_case+0x1a6/0x480 [ 18.058287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.058551] kthread+0x324/0x6e0 [ 18.058732] ret_from_fork+0x41/0x80 [ 18.058925] ret_from_fork_asm+0x1a/0x30 [ 18.059152] [ 18.059271] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 18.059743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.059926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.060340] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.325995] ================================================================== [ 17.326406] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 17.326406] [ 17.326903] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#58): [ 17.327283] test_out_of_bounds_read+0x217/0x4e0 [ 17.327459] kunit_try_run_case+0x1a6/0x480 [ 17.327736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.327918] kthread+0x324/0x6e0 [ 17.328174] ret_from_fork+0x41/0x80 [ 17.328388] ret_from_fork_asm+0x1a/0x30 [ 17.328600] [ 17.328723] kfence-#58: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.328723] [ 17.329079] allocated by task 295 on cpu 1 at 17.325900s (0.003176s ago): [ 17.329376] test_alloc+0x365/0x10f0 [ 17.329528] test_out_of_bounds_read+0x1e3/0x4e0 [ 17.329771] kunit_try_run_case+0x1a6/0x480 [ 17.329973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.330153] kthread+0x324/0x6e0 [ 17.330272] ret_from_fork+0x41/0x80 [ 17.330477] ret_from_fork_asm+0x1a/0x30 [ 17.330790] [ 17.330924] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.331320] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.331504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.331832] ================================================================== [ 17.429956] ================================================================== [ 17.430424] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 17.430424] [ 17.431006] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#59): [ 17.431285] test_out_of_bounds_read+0x127/0x4e0 [ 17.431495] kunit_try_run_case+0x1a6/0x480 [ 17.431845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.432296] kthread+0x324/0x6e0 [ 17.432435] ret_from_fork+0x41/0x80 [ 17.432573] ret_from_fork_asm+0x1a/0x30 [ 17.432780] [ 17.432903] kfence-#59: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.432903] [ 17.433775] allocated by task 297 on cpu 0 at 17.429841s (0.003932s ago): [ 17.434464] test_alloc+0x2a7/0x10f0 [ 17.434691] test_out_of_bounds_read+0xee/0x4e0 [ 17.434981] kunit_try_run_case+0x1a6/0x480 [ 17.435234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.435630] kthread+0x324/0x6e0 [ 17.435941] ret_from_fork+0x41/0x80 [ 17.436148] ret_from_fork_asm+0x1a/0x30 [ 17.436474] [ 17.436689] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.437115] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.437450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.438026] ================================================================== [ 17.533958] ================================================================== [ 17.534359] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x217/0x4e0 [ 17.534359] [ 17.534945] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#60): [ 17.535265] test_out_of_bounds_read+0x217/0x4e0 [ 17.535431] kunit_try_run_case+0x1a6/0x480 [ 17.535733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.536050] kthread+0x324/0x6e0 [ 17.536255] ret_from_fork+0x41/0x80 [ 17.536461] ret_from_fork_asm+0x1a/0x30 [ 17.536642] [ 17.536760] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.536760] [ 17.537133] allocated by task 297 on cpu 0 at 17.533908s (0.003223s ago): [ 17.537364] test_alloc+0x2a7/0x10f0 [ 17.537553] test_out_of_bounds_read+0x1e3/0x4e0 [ 17.537873] kunit_try_run_case+0x1a6/0x480 [ 17.538124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.538302] kthread+0x324/0x6e0 [ 17.538499] ret_from_fork+0x41/0x80 [ 17.538777] ret_from_fork_asm+0x1a/0x30 [ 17.538963] [ 17.539084] CPU: 0 UID: 0 PID: 297 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.539489] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.539685] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.540081] ================================================================== [ 17.015186] ================================================================== [ 17.015695] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x127/0x4e0 [ 17.015695] [ 17.016203] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#55): [ 17.016707] test_out_of_bounds_read+0x127/0x4e0 [ 17.016947] kunit_try_run_case+0x1a6/0x480 [ 17.017157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.017399] kthread+0x324/0x6e0 [ 17.017593] ret_from_fork+0x41/0x80 [ 17.017819] ret_from_fork_asm+0x1a/0x30 [ 17.018071] [ 17.018347] kfence-#55: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.018347] [ 17.018876] allocated by task 295 on cpu 1 at 17.013909s (0.004910s ago): [ 17.019471] test_alloc+0x365/0x10f0 [ 17.019774] test_out_of_bounds_read+0xee/0x4e0 [ 17.019998] kunit_try_run_case+0x1a6/0x480 [ 17.020214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020437] kthread+0x324/0x6e0 [ 17.020610] ret_from_fork+0x41/0x80 [ 17.020836] ret_from_fork_asm+0x1a/0x30 [ 17.021078] [ 17.021253] CPU: 1 UID: 0 PID: 295 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 17.021659] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.021859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.022297] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.858219] ================================================================== [ 16.858548] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.858904] Write of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.859228] [ 16.859314] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.859354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.859367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.859389] Call Trace: [ 16.859408] <TASK> [ 16.859425] dump_stack_lvl+0x73/0xb0 [ 16.859455] print_report+0xd1/0x650 [ 16.859482] ? __virt_addr_valid+0x1db/0x2d0 [ 16.859511] ? strncpy_from_user+0x2e/0x1d0 [ 16.859536] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.859568] ? strncpy_from_user+0x2e/0x1d0 [ 16.859593] kasan_report+0x140/0x180 [ 16.859633] ? strncpy_from_user+0x2e/0x1d0 [ 16.859662] kasan_check_range+0x10c/0x1c0 [ 16.859703] __kasan_check_write+0x18/0x20 [ 16.859730] strncpy_from_user+0x2e/0x1d0 [ 16.859753] ? __kasan_check_read+0x15/0x20 [ 16.859784] copy_user_test_oob+0x761/0x10f0 [ 16.859814] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.859841] ? finish_task_switch.isra.0+0x153/0x700 [ 16.859869] ? __switch_to+0x5d9/0xf60 [ 16.859900] ? __schedule+0xce8/0x2840 [ 16.859927] ? __pfx_read_tsc+0x10/0x10 [ 16.859954] ? ktime_get_ts64+0x86/0x230 [ 16.859984] kunit_try_run_case+0x1a6/0x480 [ 16.860020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.860047] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.860076] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.860104] ? __kthread_parkme+0x82/0x160 [ 16.860132] ? preempt_count_sub+0x50/0x80 [ 16.860161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.860189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.860220] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.860260] kthread+0x324/0x6e0 [ 16.860286] ? trace_preempt_on+0x20/0xc0 [ 16.860334] ? __pfx_kthread+0x10/0x10 [ 16.860361] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.860389] ? calculate_sigpending+0x7b/0xa0 [ 16.860426] ? __pfx_kthread+0x10/0x10 [ 16.860454] ret_from_fork+0x41/0x80 [ 16.860478] ? __pfx_kthread+0x10/0x10 [ 16.860505] ret_from_fork_asm+0x1a/0x30 [ 16.860541] </TASK> [ 16.860552] [ 16.868487] Allocated by task 293: [ 16.868699] kasan_save_stack+0x45/0x70 [ 16.868895] kasan_save_track+0x18/0x40 [ 16.869108] kasan_save_alloc_info+0x3b/0x50 [ 16.869307] __kasan_kmalloc+0xb7/0xc0 [ 16.869490] __kmalloc_noprof+0x1ca/0x500 [ 16.869790] kunit_kmalloc_array+0x25/0x60 [ 16.869967] copy_user_test_oob+0xac/0x10f0 [ 16.870194] kunit_try_run_case+0x1a6/0x480 [ 16.870383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.870575] kthread+0x324/0x6e0 [ 16.870769] ret_from_fork+0x41/0x80 [ 16.870968] ret_from_fork_asm+0x1a/0x30 [ 16.871180] [ 16.871276] The buggy address belongs to the object at ffff888102a2cf00 [ 16.871276] which belongs to the cache kmalloc-128 of size 128 [ 16.871907] The buggy address is located 0 bytes inside of [ 16.871907] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.872396] [ 16.872494] The buggy address belongs to the physical page: [ 16.872805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.873169] flags: 0x200000000000000(node=0|zone=2) [ 16.873394] page_type: f5(slab) [ 16.873572] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.873894] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.874138] page dumped because: kasan: bad access detected [ 16.874309] [ 16.874380] Memory state around the buggy address: [ 16.874619] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.874935] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.875336] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.875547] ^ [ 16.875755] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876076] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.876421] ================================================================== [ 16.877025] ================================================================== [ 16.877302] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.877529] Write of size 1 at addr ffff888102a2cf78 by task kunit_try_catch/293 [ 16.877768] [ 16.877847] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.877884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.877898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.877919] Call Trace: [ 16.877933] <TASK> [ 16.877948] dump_stack_lvl+0x73/0xb0 [ 16.877976] print_report+0xd1/0x650 [ 16.878004] ? __virt_addr_valid+0x1db/0x2d0 [ 16.878104] ? strncpy_from_user+0x1a5/0x1d0 [ 16.878129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.878172] ? strncpy_from_user+0x1a5/0x1d0 [ 16.878198] kasan_report+0x140/0x180 [ 16.878226] ? strncpy_from_user+0x1a5/0x1d0 [ 16.878267] __asan_report_store1_noabort+0x1b/0x30 [ 16.878298] strncpy_from_user+0x1a5/0x1d0 [ 16.878326] copy_user_test_oob+0x761/0x10f0 [ 16.878357] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.878384] ? finish_task_switch.isra.0+0x153/0x700 [ 16.878412] ? __switch_to+0x5d9/0xf60 [ 16.878443] ? __schedule+0xce8/0x2840 [ 16.878471] ? __pfx_read_tsc+0x10/0x10 [ 16.878497] ? ktime_get_ts64+0x86/0x230 [ 16.878527] kunit_try_run_case+0x1a6/0x480 [ 16.878574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.878601] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.878629] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.878658] ? __kthread_parkme+0x82/0x160 [ 16.878686] ? preempt_count_sub+0x50/0x80 [ 16.878716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.878744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.878776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.878807] kthread+0x324/0x6e0 [ 16.878833] ? trace_preempt_on+0x20/0xc0 [ 16.878861] ? __pfx_kthread+0x10/0x10 [ 16.878889] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.878917] ? calculate_sigpending+0x7b/0xa0 [ 16.878943] ? __pfx_kthread+0x10/0x10 [ 16.878971] ret_from_fork+0x41/0x80 [ 16.878995] ? __pfx_kthread+0x10/0x10 [ 16.879031] ret_from_fork_asm+0x1a/0x30 [ 16.879066] </TASK> [ 16.879078] [ 16.887323] Allocated by task 293: [ 16.887470] kasan_save_stack+0x45/0x70 [ 16.887641] kasan_save_track+0x18/0x40 [ 16.887780] kasan_save_alloc_info+0x3b/0x50 [ 16.887986] __kasan_kmalloc+0xb7/0xc0 [ 16.888228] __kmalloc_noprof+0x1ca/0x500 [ 16.888488] kunit_kmalloc_array+0x25/0x60 [ 16.888757] copy_user_test_oob+0xac/0x10f0 [ 16.888976] kunit_try_run_case+0x1a6/0x480 [ 16.889187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.889464] kthread+0x324/0x6e0 [ 16.889700] ret_from_fork+0x41/0x80 [ 16.889897] ret_from_fork_asm+0x1a/0x30 [ 16.890131] [ 16.890270] The buggy address belongs to the object at ffff888102a2cf00 [ 16.890270] which belongs to the cache kmalloc-128 of size 128 [ 16.890825] The buggy address is located 0 bytes to the right of [ 16.890825] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.891438] [ 16.891510] The buggy address belongs to the physical page: [ 16.891814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.892168] flags: 0x200000000000000(node=0|zone=2) [ 16.892400] page_type: f5(slab) [ 16.892589] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.892936] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.893283] page dumped because: kasan: bad access detected [ 16.893593] [ 16.893717] Memory state around the buggy address: [ 16.893961] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.894225] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.894434] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.894675] ^ [ 16.895047] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.895370] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.895738] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.839523] ================================================================== [ 16.839886] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x605/0x10f0 [ 16.840477] Read of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.840700] [ 16.840779] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.840816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.840828] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.840850] Call Trace: [ 16.840864] <TASK> [ 16.840899] dump_stack_lvl+0x73/0xb0 [ 16.840930] print_report+0xd1/0x650 [ 16.840958] ? __virt_addr_valid+0x1db/0x2d0 [ 16.840987] ? copy_user_test_oob+0x605/0x10f0 [ 16.841025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.841056] ? copy_user_test_oob+0x605/0x10f0 [ 16.841093] kasan_report+0x140/0x180 [ 16.841120] ? copy_user_test_oob+0x605/0x10f0 [ 16.841164] kasan_check_range+0x10c/0x1c0 [ 16.841192] __kasan_check_read+0x15/0x20 [ 16.841227] copy_user_test_oob+0x605/0x10f0 [ 16.841256] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.841282] ? finish_task_switch.isra.0+0x153/0x700 [ 16.841321] ? __switch_to+0x5d9/0xf60 [ 16.841352] ? __schedule+0xce8/0x2840 [ 16.841380] ? __pfx_read_tsc+0x10/0x10 [ 16.841406] ? ktime_get_ts64+0x86/0x230 [ 16.841436] kunit_try_run_case+0x1a6/0x480 [ 16.841464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.841490] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.841528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.841556] ? __kthread_parkme+0x82/0x160 [ 16.841594] ? preempt_count_sub+0x50/0x80 [ 16.841623] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.841652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.841682] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.841713] kthread+0x324/0x6e0 [ 16.841744] ? trace_preempt_on+0x20/0xc0 [ 16.841782] ? __pfx_kthread+0x10/0x10 [ 16.841809] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.841847] ? calculate_sigpending+0x7b/0xa0 [ 16.841875] ? __pfx_kthread+0x10/0x10 [ 16.841902] ret_from_fork+0x41/0x80 [ 16.841934] ? __pfx_kthread+0x10/0x10 [ 16.841961] ret_from_fork_asm+0x1a/0x30 [ 16.842006] </TASK> [ 16.842025] [ 16.849283] Allocated by task 293: [ 16.849411] kasan_save_stack+0x45/0x70 [ 16.849686] kasan_save_track+0x18/0x40 [ 16.849898] kasan_save_alloc_info+0x3b/0x50 [ 16.850153] __kasan_kmalloc+0xb7/0xc0 [ 16.850364] __kmalloc_noprof+0x1ca/0x500 [ 16.850622] kunit_kmalloc_array+0x25/0x60 [ 16.850773] copy_user_test_oob+0xac/0x10f0 [ 16.850924] kunit_try_run_case+0x1a6/0x480 [ 16.851084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.851266] kthread+0x324/0x6e0 [ 16.851392] ret_from_fork+0x41/0x80 [ 16.851537] ret_from_fork_asm+0x1a/0x30 [ 16.851738] [ 16.851834] The buggy address belongs to the object at ffff888102a2cf00 [ 16.851834] which belongs to the cache kmalloc-128 of size 128 [ 16.852424] The buggy address is located 0 bytes inside of [ 16.852424] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.853065] [ 16.853164] The buggy address belongs to the physical page: [ 16.853459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.853694] flags: 0x200000000000000(node=0|zone=2) [ 16.853864] page_type: f5(slab) [ 16.853984] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.854222] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.854931] page dumped because: kasan: bad access detected [ 16.855201] [ 16.855310] Memory state around the buggy address: [ 16.855562] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.855917] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.856251] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.856614] ^ [ 16.856837] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.857061] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.857395] ================================================================== [ 16.820808] ================================================================== [ 16.821431] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x558/0x10f0 [ 16.821822] Write of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.822172] [ 16.822279] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.822328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.822341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.822362] Call Trace: [ 16.822389] <TASK> [ 16.822404] dump_stack_lvl+0x73/0xb0 [ 16.822434] print_report+0xd1/0x650 [ 16.822470] ? __virt_addr_valid+0x1db/0x2d0 [ 16.822498] ? copy_user_test_oob+0x558/0x10f0 [ 16.822526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.822567] ? copy_user_test_oob+0x558/0x10f0 [ 16.822594] kasan_report+0x140/0x180 [ 16.822621] ? copy_user_test_oob+0x558/0x10f0 [ 16.822652] kasan_check_range+0x10c/0x1c0 [ 16.822688] __kasan_check_write+0x18/0x20 [ 16.822715] copy_user_test_oob+0x558/0x10f0 [ 16.822753] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.822780] ? finish_task_switch.isra.0+0x153/0x700 [ 16.822808] ? __switch_to+0x5d9/0xf60 [ 16.822838] ? __schedule+0xce8/0x2840 [ 16.822866] ? __pfx_read_tsc+0x10/0x10 [ 16.822891] ? ktime_get_ts64+0x86/0x230 [ 16.822921] kunit_try_run_case+0x1a6/0x480 [ 16.822949] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.822975] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.823003] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.823039] ? __kthread_parkme+0x82/0x160 [ 16.823066] ? preempt_count_sub+0x50/0x80 [ 16.823095] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.823123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.823153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.823185] kthread+0x324/0x6e0 [ 16.823211] ? trace_preempt_on+0x20/0xc0 [ 16.823248] ? __pfx_kthread+0x10/0x10 [ 16.823276] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.823313] ? calculate_sigpending+0x7b/0xa0 [ 16.823341] ? __pfx_kthread+0x10/0x10 [ 16.823368] ret_from_fork+0x41/0x80 [ 16.823391] ? __pfx_kthread+0x10/0x10 [ 16.823418] ret_from_fork_asm+0x1a/0x30 [ 16.823453] </TASK> [ 16.823464] [ 16.830934] Allocated by task 293: [ 16.831141] kasan_save_stack+0x45/0x70 [ 16.831300] kasan_save_track+0x18/0x40 [ 16.831441] kasan_save_alloc_info+0x3b/0x50 [ 16.831614] __kasan_kmalloc+0xb7/0xc0 [ 16.831807] __kmalloc_noprof+0x1ca/0x500 [ 16.832044] kunit_kmalloc_array+0x25/0x60 [ 16.832342] copy_user_test_oob+0xac/0x10f0 [ 16.832723] kunit_try_run_case+0x1a6/0x480 [ 16.832920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.833179] kthread+0x324/0x6e0 [ 16.833346] ret_from_fork+0x41/0x80 [ 16.833480] ret_from_fork_asm+0x1a/0x30 [ 16.833833] [ 16.833945] The buggy address belongs to the object at ffff888102a2cf00 [ 16.833945] which belongs to the cache kmalloc-128 of size 128 [ 16.834463] The buggy address is located 0 bytes inside of [ 16.834463] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.835001] [ 16.835103] The buggy address belongs to the physical page: [ 16.835336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.835737] flags: 0x200000000000000(node=0|zone=2) [ 16.835959] page_type: f5(slab) [ 16.836140] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.836464] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.836816] page dumped because: kasan: bad access detected [ 16.837054] [ 16.837151] Memory state around the buggy address: [ 16.837374] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.837621] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.837964] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.838226] ^ [ 16.838510] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.838884] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.839130] ================================================================== [ 16.802811] ================================================================== [ 16.803156] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4ab/0x10f0 [ 16.803461] Read of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.803719] [ 16.803802] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.803842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.803855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.803876] Call Trace: [ 16.803892] <TASK> [ 16.803909] dump_stack_lvl+0x73/0xb0 [ 16.803938] print_report+0xd1/0x650 [ 16.803966] ? __virt_addr_valid+0x1db/0x2d0 [ 16.804035] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.804065] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.804094] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.804122] kasan_report+0x140/0x180 [ 16.804148] ? copy_user_test_oob+0x4ab/0x10f0 [ 16.804180] kasan_check_range+0x10c/0x1c0 [ 16.804208] __kasan_check_read+0x15/0x20 [ 16.804247] copy_user_test_oob+0x4ab/0x10f0 [ 16.804277] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.804314] ? finish_task_switch.isra.0+0x153/0x700 [ 16.804343] ? __switch_to+0x5d9/0xf60 [ 16.804373] ? __schedule+0xce8/0x2840 [ 16.804402] ? __pfx_read_tsc+0x10/0x10 [ 16.804428] ? ktime_get_ts64+0x86/0x230 [ 16.804458] kunit_try_run_case+0x1a6/0x480 [ 16.804487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.804513] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.804541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.804578] ? __kthread_parkme+0x82/0x160 [ 16.804606] ? preempt_count_sub+0x50/0x80 [ 16.804635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.804674] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.804705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.804735] kthread+0x324/0x6e0 [ 16.804762] ? trace_preempt_on+0x20/0xc0 [ 16.804791] ? __pfx_kthread+0x10/0x10 [ 16.804818] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.804845] ? calculate_sigpending+0x7b/0xa0 [ 16.804872] ? __pfx_kthread+0x10/0x10 [ 16.804900] ret_from_fork+0x41/0x80 [ 16.804923] ? __pfx_kthread+0x10/0x10 [ 16.804949] ret_from_fork_asm+0x1a/0x30 [ 16.804986] </TASK> [ 16.804998] [ 16.812342] Allocated by task 293: [ 16.812548] kasan_save_stack+0x45/0x70 [ 16.812774] kasan_save_track+0x18/0x40 [ 16.812945] kasan_save_alloc_info+0x3b/0x50 [ 16.813112] __kasan_kmalloc+0xb7/0xc0 [ 16.813288] __kmalloc_noprof+0x1ca/0x500 [ 16.813521] kunit_kmalloc_array+0x25/0x60 [ 16.813771] copy_user_test_oob+0xac/0x10f0 [ 16.814008] kunit_try_run_case+0x1a6/0x480 [ 16.814227] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.814409] kthread+0x324/0x6e0 [ 16.814537] ret_from_fork+0x41/0x80 [ 16.814723] ret_from_fork_asm+0x1a/0x30 [ 16.815052] [ 16.815173] The buggy address belongs to the object at ffff888102a2cf00 [ 16.815173] which belongs to the cache kmalloc-128 of size 128 [ 16.815753] The buggy address is located 0 bytes inside of [ 16.815753] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.816198] [ 16.816296] The buggy address belongs to the physical page: [ 16.816582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.816859] flags: 0x200000000000000(node=0|zone=2) [ 16.817107] page_type: f5(slab) [ 16.817248] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.817538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.817890] page dumped because: kasan: bad access detected [ 16.818125] [ 16.818231] Memory state around the buggy address: [ 16.818407] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.818778] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.819118] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.819331] ^ [ 16.819809] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.820109] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.820367] ================================================================== [ 16.783622] ================================================================== [ 16.783888] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fe/0x10f0 [ 16.784168] Write of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.784424] [ 16.784510] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.784551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.784563] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.784597] Call Trace: [ 16.784611] <TASK> [ 16.784629] dump_stack_lvl+0x73/0xb0 [ 16.784660] print_report+0xd1/0x650 [ 16.784698] ? __virt_addr_valid+0x1db/0x2d0 [ 16.784726] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.784753] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.784783] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.784811] kasan_report+0x140/0x180 [ 16.784837] ? copy_user_test_oob+0x3fe/0x10f0 [ 16.784869] kasan_check_range+0x10c/0x1c0 [ 16.784905] __kasan_check_write+0x18/0x20 [ 16.784933] copy_user_test_oob+0x3fe/0x10f0 [ 16.784972] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.784998] ? finish_task_switch.isra.0+0x153/0x700 [ 16.785048] ? __switch_to+0x5d9/0xf60 [ 16.785079] ? __schedule+0xce8/0x2840 [ 16.785108] ? __pfx_read_tsc+0x10/0x10 [ 16.785134] ? ktime_get_ts64+0x86/0x230 [ 16.785164] kunit_try_run_case+0x1a6/0x480 [ 16.785192] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.785218] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.785247] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.785276] ? __kthread_parkme+0x82/0x160 [ 16.785304] ? preempt_count_sub+0x50/0x80 [ 16.785333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.785361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.785392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.785423] kthread+0x324/0x6e0 [ 16.785448] ? trace_preempt_on+0x20/0xc0 [ 16.785477] ? __pfx_kthread+0x10/0x10 [ 16.785505] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.785533] ? calculate_sigpending+0x7b/0xa0 [ 16.785559] ? __pfx_kthread+0x10/0x10 [ 16.785588] ret_from_fork+0x41/0x80 [ 16.785612] ? __pfx_kthread+0x10/0x10 [ 16.785640] ret_from_fork_asm+0x1a/0x30 [ 16.785675] </TASK> [ 16.785687] [ 16.793519] Allocated by task 293: [ 16.793726] kasan_save_stack+0x45/0x70 [ 16.793978] kasan_save_track+0x18/0x40 [ 16.794194] kasan_save_alloc_info+0x3b/0x50 [ 16.794353] __kasan_kmalloc+0xb7/0xc0 [ 16.794491] __kmalloc_noprof+0x1ca/0x500 [ 16.794774] kunit_kmalloc_array+0x25/0x60 [ 16.794980] copy_user_test_oob+0xac/0x10f0 [ 16.795190] kunit_try_run_case+0x1a6/0x480 [ 16.795345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.795526] kthread+0x324/0x6e0 [ 16.795716] ret_from_fork+0x41/0x80 [ 16.795931] ret_from_fork_asm+0x1a/0x30 [ 16.796180] [ 16.796259] The buggy address belongs to the object at ffff888102a2cf00 [ 16.796259] which belongs to the cache kmalloc-128 of size 128 [ 16.797552] The buggy address is located 0 bytes inside of [ 16.797552] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.798071] [ 16.798167] The buggy address belongs to the physical page: [ 16.798384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.798772] flags: 0x200000000000000(node=0|zone=2) [ 16.799021] page_type: f5(slab) [ 16.799191] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.799445] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.799735] page dumped because: kasan: bad access detected [ 16.800004] [ 16.800117] Memory state around the buggy address: [ 16.800330] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.800663] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.800950] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.801257] ^ [ 16.801542] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.801762] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.802114] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.759103] ================================================================== [ 16.759423] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 16.759902] Read of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.760238] [ 16.760340] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.760381] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.760394] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.760416] Call Trace: [ 16.760429] <TASK> [ 16.760446] dump_stack_lvl+0x73/0xb0 [ 16.760478] print_report+0xd1/0x650 [ 16.760508] ? __virt_addr_valid+0x1db/0x2d0 [ 16.760537] ? _copy_to_user+0x4a/0x70 [ 16.760562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.760593] ? _copy_to_user+0x4a/0x70 [ 16.760618] kasan_report+0x140/0x180 [ 16.760646] ? _copy_to_user+0x4a/0x70 [ 16.760675] kasan_check_range+0x10c/0x1c0 [ 16.760743] __kasan_check_read+0x15/0x20 [ 16.760772] _copy_to_user+0x4a/0x70 [ 16.760809] copy_user_test_oob+0x365/0x10f0 [ 16.760840] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.760866] ? finish_task_switch.isra.0+0x153/0x700 [ 16.760895] ? __switch_to+0x5d9/0xf60 [ 16.760925] ? __schedule+0xce8/0x2840 [ 16.760954] ? __pfx_read_tsc+0x10/0x10 [ 16.760980] ? ktime_get_ts64+0x86/0x230 [ 16.761011] kunit_try_run_case+0x1a6/0x480 [ 16.761047] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.761073] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.761103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.761131] ? __kthread_parkme+0x82/0x160 [ 16.761159] ? preempt_count_sub+0x50/0x80 [ 16.761188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.761216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.761248] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.761278] kthread+0x324/0x6e0 [ 16.761305] ? trace_preempt_on+0x20/0xc0 [ 16.761334] ? __pfx_kthread+0x10/0x10 [ 16.761361] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.761389] ? calculate_sigpending+0x7b/0xa0 [ 16.761416] ? __pfx_kthread+0x10/0x10 [ 16.761443] ret_from_fork+0x41/0x80 [ 16.761467] ? __pfx_kthread+0x10/0x10 [ 16.761494] ret_from_fork_asm+0x1a/0x30 [ 16.761529] </TASK> [ 16.761540] [ 16.770100] Allocated by task 293: [ 16.770297] kasan_save_stack+0x45/0x70 [ 16.770652] kasan_save_track+0x18/0x40 [ 16.770914] kasan_save_alloc_info+0x3b/0x50 [ 16.771082] __kasan_kmalloc+0xb7/0xc0 [ 16.771269] __kmalloc_noprof+0x1ca/0x500 [ 16.771471] kunit_kmalloc_array+0x25/0x60 [ 16.771898] copy_user_test_oob+0xac/0x10f0 [ 16.772089] kunit_try_run_case+0x1a6/0x480 [ 16.772359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.772638] kthread+0x324/0x6e0 [ 16.772948] ret_from_fork+0x41/0x80 [ 16.773127] ret_from_fork_asm+0x1a/0x30 [ 16.773451] [ 16.773527] The buggy address belongs to the object at ffff888102a2cf00 [ 16.773527] which belongs to the cache kmalloc-128 of size 128 [ 16.774189] The buggy address is located 0 bytes inside of [ 16.774189] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.774740] [ 16.774918] The buggy address belongs to the physical page: [ 16.775159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.775652] flags: 0x200000000000000(node=0|zone=2) [ 16.775831] page_type: f5(slab) [ 16.776004] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.776452] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.776821] page dumped because: kasan: bad access detected [ 16.777077] [ 16.777165] Memory state around the buggy address: [ 16.777376] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.777645] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.778027] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.778341] ^ [ 16.778616] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.778968] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.779266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.729518] ================================================================== [ 16.730192] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.730487] Write of size 121 at addr ffff888102a2cf00 by task kunit_try_catch/293 [ 16.730847] [ 16.731067] CPU: 0 UID: 0 PID: 293 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.731117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.731129] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.731153] Call Trace: [ 16.731166] <TASK> [ 16.731185] dump_stack_lvl+0x73/0xb0 [ 16.731219] print_report+0xd1/0x650 [ 16.731262] ? __virt_addr_valid+0x1db/0x2d0 [ 16.731294] ? _copy_from_user+0x32/0x90 [ 16.731331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.731364] ? _copy_from_user+0x32/0x90 [ 16.731390] kasan_report+0x140/0x180 [ 16.731416] ? _copy_from_user+0x32/0x90 [ 16.731445] kasan_check_range+0x10c/0x1c0 [ 16.731473] __kasan_check_write+0x18/0x20 [ 16.731501] _copy_from_user+0x32/0x90 [ 16.731536] copy_user_test_oob+0x2bf/0x10f0 [ 16.731566] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.731603] ? finish_task_switch.isra.0+0x153/0x700 [ 16.731632] ? __switch_to+0x5d9/0xf60 [ 16.731664] ? __schedule+0xce8/0x2840 [ 16.731693] ? __pfx_read_tsc+0x10/0x10 [ 16.731814] ? ktime_get_ts64+0x86/0x230 [ 16.731850] kunit_try_run_case+0x1a6/0x480 [ 16.731878] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.731904] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.731934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.731962] ? __kthread_parkme+0x82/0x160 [ 16.731989] ? preempt_count_sub+0x50/0x80 [ 16.732028] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.732056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.732088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.732118] kthread+0x324/0x6e0 [ 16.732144] ? trace_preempt_on+0x20/0xc0 [ 16.732174] ? __pfx_kthread+0x10/0x10 [ 16.732201] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.732229] ? calculate_sigpending+0x7b/0xa0 [ 16.732256] ? __pfx_kthread+0x10/0x10 [ 16.732283] ret_from_fork+0x41/0x80 [ 16.732307] ? __pfx_kthread+0x10/0x10 [ 16.732334] ret_from_fork_asm+0x1a/0x30 [ 16.732369] </TASK> [ 16.732382] [ 16.743749] Allocated by task 293: [ 16.743943] kasan_save_stack+0x45/0x70 [ 16.744385] kasan_save_track+0x18/0x40 [ 16.744749] kasan_save_alloc_info+0x3b/0x50 [ 16.744989] __kasan_kmalloc+0xb7/0xc0 [ 16.745269] __kmalloc_noprof+0x1ca/0x500 [ 16.745637] kunit_kmalloc_array+0x25/0x60 [ 16.745921] copy_user_test_oob+0xac/0x10f0 [ 16.746371] kunit_try_run_case+0x1a6/0x480 [ 16.746574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.747031] kthread+0x324/0x6e0 [ 16.747256] ret_from_fork+0x41/0x80 [ 16.747591] ret_from_fork_asm+0x1a/0x30 [ 16.747811] [ 16.747888] The buggy address belongs to the object at ffff888102a2cf00 [ 16.747888] which belongs to the cache kmalloc-128 of size 128 [ 16.748884] The buggy address is located 0 bytes inside of [ 16.748884] allocated 120-byte region [ffff888102a2cf00, ffff888102a2cf78) [ 16.749598] [ 16.749705] The buggy address belongs to the physical page: [ 16.750133] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 16.750680] flags: 0x200000000000000(node=0|zone=2) [ 16.750992] page_type: f5(slab) [ 16.751168] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.751457] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.751989] page dumped because: kasan: bad access detected [ 16.752226] [ 16.752328] Memory state around the buggy address: [ 16.752778] ffff888102a2ce00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.753162] ffff888102a2ce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.753575] >ffff888102a2cf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.754102] ^ [ 16.754532] ffff888102a2cf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.754983] ffff888102a2d000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.755413] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.693003] ================================================================== [ 16.693353] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.693903] Write of size 8 at addr ffff888101bf6278 by task kunit_try_catch/289 [ 16.694610] [ 16.694850] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.695026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.695045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.695068] Call Trace: [ 16.695092] <TASK> [ 16.695108] dump_stack_lvl+0x73/0xb0 [ 16.695135] print_report+0xd1/0x650 [ 16.695172] ? __virt_addr_valid+0x1db/0x2d0 [ 16.695195] ? copy_to_kernel_nofault+0x99/0x260 [ 16.695219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.695256] ? copy_to_kernel_nofault+0x99/0x260 [ 16.695281] kasan_report+0x140/0x180 [ 16.695304] ? copy_to_kernel_nofault+0x99/0x260 [ 16.695332] kasan_check_range+0x10c/0x1c0 [ 16.695356] __kasan_check_write+0x18/0x20 [ 16.695380] copy_to_kernel_nofault+0x99/0x260 [ 16.695405] copy_to_kernel_nofault_oob+0x289/0x560 [ 16.695429] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.695452] ? finish_task_switch.isra.0+0x153/0x700 [ 16.695477] ? __schedule+0xce8/0x2840 [ 16.695499] ? trace_hardirqs_on+0x37/0xe0 [ 16.695530] ? __pfx_read_tsc+0x10/0x10 [ 16.695553] ? ktime_get_ts64+0x86/0x230 [ 16.695579] kunit_try_run_case+0x1a6/0x480 [ 16.695602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.695625] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.695650] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.695675] ? __kthread_parkme+0x82/0x160 [ 16.695698] ? preempt_count_sub+0x50/0x80 [ 16.695723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.695747] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.695774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.695802] kthread+0x324/0x6e0 [ 16.695823] ? trace_preempt_on+0x20/0xc0 [ 16.695847] ? __pfx_kthread+0x10/0x10 [ 16.695870] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.695893] ? calculate_sigpending+0x7b/0xa0 [ 16.695916] ? __pfx_kthread+0x10/0x10 [ 16.695940] ret_from_fork+0x41/0x80 [ 16.695959] ? __pfx_kthread+0x10/0x10 [ 16.695983] ret_from_fork_asm+0x1a/0x30 [ 16.696023] </TASK> [ 16.696035] [ 16.704732] Allocated by task 289: [ 16.704934] kasan_save_stack+0x45/0x70 [ 16.705150] kasan_save_track+0x18/0x40 [ 16.705397] kasan_save_alloc_info+0x3b/0x50 [ 16.705682] __kasan_kmalloc+0xb7/0xc0 [ 16.705917] __kmalloc_cache_noprof+0x18a/0x420 [ 16.706167] copy_to_kernel_nofault_oob+0x130/0x560 [ 16.706385] kunit_try_run_case+0x1a6/0x480 [ 16.706725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.707115] kthread+0x324/0x6e0 [ 16.707288] ret_from_fork+0x41/0x80 [ 16.707468] ret_from_fork_asm+0x1a/0x30 [ 16.707781] [ 16.707878] The buggy address belongs to the object at ffff888101bf6200 [ 16.707878] which belongs to the cache kmalloc-128 of size 128 [ 16.708322] The buggy address is located 0 bytes to the right of [ 16.708322] allocated 120-byte region [ffff888101bf6200, ffff888101bf6278) [ 16.708781] [ 16.708889] The buggy address belongs to the physical page: [ 16.709163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf6 [ 16.709617] flags: 0x200000000000000(node=0|zone=2) [ 16.709789] page_type: f5(slab) [ 16.709914] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.710269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.710683] page dumped because: kasan: bad access detected [ 16.710858] [ 16.711101] Memory state around the buggy address: [ 16.711350] ffff888101bf6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.711927] ffff888101bf6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.712256] >ffff888101bf6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.712490] ^ [ 16.712913] ffff888101bf6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.713336] ffff888101bf6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.713555] ================================================================== [ 16.668136] ================================================================== [ 16.668874] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.669843] Read of size 8 at addr ffff888101bf6278 by task kunit_try_catch/289 [ 16.670472] [ 16.670595] CPU: 1 UID: 0 PID: 289 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.670662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.670676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.670698] Call Trace: [ 16.670712] <TASK> [ 16.670730] dump_stack_lvl+0x73/0xb0 [ 16.670760] print_report+0xd1/0x650 [ 16.670784] ? __virt_addr_valid+0x1db/0x2d0 [ 16.670809] ? copy_to_kernel_nofault+0x225/0x260 [ 16.670834] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.670860] ? copy_to_kernel_nofault+0x225/0x260 [ 16.670885] kasan_report+0x140/0x180 [ 16.670909] ? copy_to_kernel_nofault+0x225/0x260 [ 16.670938] __asan_report_load8_noabort+0x18/0x20 [ 16.670962] copy_to_kernel_nofault+0x225/0x260 [ 16.670988] copy_to_kernel_nofault_oob+0x1ee/0x560 [ 16.671023] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.671047] ? finish_task_switch.isra.0+0x153/0x700 [ 16.671073] ? __schedule+0xce8/0x2840 [ 16.671097] ? trace_hardirqs_on+0x37/0xe0 [ 16.671129] ? __pfx_read_tsc+0x10/0x10 [ 16.671152] ? ktime_get_ts64+0x86/0x230 [ 16.671179] kunit_try_run_case+0x1a6/0x480 [ 16.671203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.671226] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.671251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.671275] ? __kthread_parkme+0x82/0x160 [ 16.671299] ? preempt_count_sub+0x50/0x80 [ 16.671324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.671349] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.671377] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.671405] kthread+0x324/0x6e0 [ 16.671427] ? trace_preempt_on+0x20/0xc0 [ 16.671451] ? __pfx_kthread+0x10/0x10 [ 16.671474] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.671497] ? calculate_sigpending+0x7b/0xa0 [ 16.671520] ? __pfx_kthread+0x10/0x10 [ 16.671551] ret_from_fork+0x41/0x80 [ 16.671571] ? __pfx_kthread+0x10/0x10 [ 16.671595] ret_from_fork_asm+0x1a/0x30 [ 16.671628] </TASK> [ 16.671641] [ 16.682317] Allocated by task 289: [ 16.682648] kasan_save_stack+0x45/0x70 [ 16.682847] kasan_save_track+0x18/0x40 [ 16.683103] kasan_save_alloc_info+0x3b/0x50 [ 16.683372] __kasan_kmalloc+0xb7/0xc0 [ 16.683573] __kmalloc_cache_noprof+0x18a/0x420 [ 16.683976] copy_to_kernel_nofault_oob+0x130/0x560 [ 16.684222] kunit_try_run_case+0x1a6/0x480 [ 16.684455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.684754] kthread+0x324/0x6e0 [ 16.684986] ret_from_fork+0x41/0x80 [ 16.685162] ret_from_fork_asm+0x1a/0x30 [ 16.685305] [ 16.685432] The buggy address belongs to the object at ffff888101bf6200 [ 16.685432] which belongs to the cache kmalloc-128 of size 128 [ 16.686149] The buggy address is located 0 bytes to the right of [ 16.686149] allocated 120-byte region [ffff888101bf6200, ffff888101bf6278) [ 16.686604] [ 16.686707] The buggy address belongs to the physical page: [ 16.687053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf6 [ 16.687450] flags: 0x200000000000000(node=0|zone=2) [ 16.687926] page_type: f5(slab) [ 16.688083] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.688317] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.688726] page dumped because: kasan: bad access detected [ 16.688961] [ 16.689047] Memory state around the buggy address: [ 16.689267] ffff888101bf6100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.689582] ffff888101bf6180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689805] >ffff888101bf6200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.690028] ^ [ 16.690362] ffff888101bf6280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.690959] ffff888101bf6300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.691311] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 16.480495] ================================================================== [ 16.481358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2007/0x5450 [ 16.481738] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.482059] [ 16.482170] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.482211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.482225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.482247] Call Trace: [ 16.482262] <TASK> [ 16.482278] dump_stack_lvl+0x73/0xb0 [ 16.482315] print_report+0xd1/0x650 [ 16.482337] ? __virt_addr_valid+0x1db/0x2d0 [ 16.482371] ? kasan_atomics_helper+0x2007/0x5450 [ 16.482392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.482419] ? kasan_atomics_helper+0x2007/0x5450 [ 16.482441] kasan_report+0x140/0x180 [ 16.482463] ? kasan_atomics_helper+0x2007/0x5450 [ 16.482489] kasan_check_range+0x10c/0x1c0 [ 16.482513] __kasan_check_write+0x18/0x20 [ 16.482536] kasan_atomics_helper+0x2007/0x5450 [ 16.482559] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.482581] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.482616] ? kasan_atomics+0x153/0x310 [ 16.482642] kasan_atomics+0x1dd/0x310 [ 16.482674] ? __pfx_kasan_atomics+0x10/0x10 [ 16.482699] ? __pfx_read_tsc+0x10/0x10 [ 16.482721] ? ktime_get_ts64+0x86/0x230 [ 16.482747] kunit_try_run_case+0x1a6/0x480 [ 16.482770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.482792] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.482826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.482850] ? __kthread_parkme+0x82/0x160 [ 16.482883] ? preempt_count_sub+0x50/0x80 [ 16.482908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.482932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.482959] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.482986] kthread+0x324/0x6e0 [ 16.483008] ? trace_preempt_on+0x20/0xc0 [ 16.483040] ? __pfx_kthread+0x10/0x10 [ 16.483063] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.483086] ? calculate_sigpending+0x7b/0xa0 [ 16.483108] ? __pfx_kthread+0x10/0x10 [ 16.483132] ret_from_fork+0x41/0x80 [ 16.483152] ? __pfx_kthread+0x10/0x10 [ 16.483175] ret_from_fork_asm+0x1a/0x30 [ 16.483206] </TASK> [ 16.483217] [ 16.490979] Allocated by task 273: [ 16.491152] kasan_save_stack+0x45/0x70 [ 16.491369] kasan_save_track+0x18/0x40 [ 16.491563] kasan_save_alloc_info+0x3b/0x50 [ 16.491773] __kasan_kmalloc+0xb7/0xc0 [ 16.491958] __kmalloc_cache_noprof+0x18a/0x420 [ 16.492192] kasan_atomics+0x96/0x310 [ 16.492328] kunit_try_run_case+0x1a6/0x480 [ 16.492542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.492802] kthread+0x324/0x6e0 [ 16.492978] ret_from_fork+0x41/0x80 [ 16.493173] ret_from_fork_asm+0x1a/0x30 [ 16.493373] [ 16.493474] The buggy address belongs to the object at ffff888101bf3e00 [ 16.493474] which belongs to the cache kmalloc-64 of size 64 [ 16.493988] The buggy address is located 0 bytes to the right of [ 16.493988] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.494515] [ 16.494643] The buggy address belongs to the physical page: [ 16.494880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.495244] flags: 0x200000000000000(node=0|zone=2) [ 16.495458] page_type: f5(slab) [ 16.495657] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.495901] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.496138] page dumped because: kasan: bad access detected [ 16.496311] [ 16.496382] Memory state around the buggy address: [ 16.496629] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497003] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.497332] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.497623] ^ [ 16.497800] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498026] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.498237] ================================================================== [ 15.186845] ================================================================== [ 15.187141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b8a/0x5450 [ 15.187505] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.187895] [ 15.188026] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.188065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.188087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.188108] Call Trace: [ 15.188125] <TASK> [ 15.188140] dump_stack_lvl+0x73/0xb0 [ 15.188164] print_report+0xd1/0x650 [ 15.188184] ? __virt_addr_valid+0x1db/0x2d0 [ 15.188206] ? kasan_atomics_helper+0x4b8a/0x5450 [ 15.188226] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.188251] ? kasan_atomics_helper+0x4b8a/0x5450 [ 15.188271] kasan_report+0x140/0x180 [ 15.188292] ? kasan_atomics_helper+0x4b8a/0x5450 [ 15.188317] __asan_report_load4_noabort+0x18/0x20 [ 15.188340] kasan_atomics_helper+0x4b8a/0x5450 [ 15.188372] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.188393] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.188415] ? kasan_atomics+0x153/0x310 [ 15.188451] kasan_atomics+0x1dd/0x310 [ 15.188472] ? __pfx_kasan_atomics+0x10/0x10 [ 15.188496] ? __pfx_read_tsc+0x10/0x10 [ 15.188517] ? ktime_get_ts64+0x86/0x230 [ 15.188541] kunit_try_run_case+0x1a6/0x480 [ 15.188563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188583] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.188607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.188630] ? __kthread_parkme+0x82/0x160 [ 15.188652] ? preempt_count_sub+0x50/0x80 [ 15.188675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.188698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.188723] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.188749] kthread+0x324/0x6e0 [ 15.188770] ? trace_preempt_on+0x20/0xc0 [ 15.188792] ? __pfx_kthread+0x10/0x10 [ 15.188814] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.188835] ? calculate_sigpending+0x7b/0xa0 [ 15.188911] ? __pfx_kthread+0x10/0x10 [ 15.188947] ret_from_fork+0x41/0x80 [ 15.188966] ? __pfx_kthread+0x10/0x10 [ 15.188987] ret_from_fork_asm+0x1a/0x30 [ 15.189026] </TASK> [ 15.189037] [ 15.199285] Allocated by task 273: [ 15.199769] kasan_save_stack+0x45/0x70 [ 15.200055] kasan_save_track+0x18/0x40 [ 15.200429] kasan_save_alloc_info+0x3b/0x50 [ 15.200900] __kasan_kmalloc+0xb7/0xc0 [ 15.201232] __kmalloc_cache_noprof+0x18a/0x420 [ 15.201781] kasan_atomics+0x96/0x310 [ 15.202192] kunit_try_run_case+0x1a6/0x480 [ 15.202554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.202999] kthread+0x324/0x6e0 [ 15.203392] ret_from_fork+0x41/0x80 [ 15.203713] ret_from_fork_asm+0x1a/0x30 [ 15.204129] [ 15.204358] The buggy address belongs to the object at ffff888101bf3e00 [ 15.204358] which belongs to the cache kmalloc-64 of size 64 [ 15.205146] The buggy address is located 0 bytes to the right of [ 15.205146] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.205945] [ 15.206198] The buggy address belongs to the physical page: [ 15.206783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.207434] flags: 0x200000000000000(node=0|zone=2) [ 15.208080] page_type: f5(slab) [ 15.208255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.208550] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.208835] page dumped because: kasan: bad access detected [ 15.209055] [ 15.209128] Memory state around the buggy address: [ 15.209287] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.209723] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.210084] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.210364] ^ [ 15.210628] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.210964] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.211490] ================================================================== [ 16.187274] ================================================================== [ 16.187704] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b2/0x5450 [ 16.188662] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.188915] [ 16.189000] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.189052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.189065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.189087] Call Trace: [ 16.189104] <TASK> [ 16.189120] dump_stack_lvl+0x73/0xb0 [ 16.189146] print_report+0xd1/0x650 [ 16.189168] ? __virt_addr_valid+0x1db/0x2d0 [ 16.189191] ? kasan_atomics_helper+0x18b2/0x5450 [ 16.189213] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.189239] ? kasan_atomics_helper+0x18b2/0x5450 [ 16.189261] kasan_report+0x140/0x180 [ 16.189283] ? kasan_atomics_helper+0x18b2/0x5450 [ 16.189309] kasan_check_range+0x10c/0x1c0 [ 16.189333] __kasan_check_write+0x18/0x20 [ 16.189356] kasan_atomics_helper+0x18b2/0x5450 [ 16.189379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.189401] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.189426] ? kasan_atomics+0x153/0x310 [ 16.189454] kasan_atomics+0x1dd/0x310 [ 16.189477] ? __pfx_kasan_atomics+0x10/0x10 [ 16.189500] ? __pfx_read_tsc+0x10/0x10 [ 16.189522] ? ktime_get_ts64+0x86/0x230 [ 16.189548] kunit_try_run_case+0x1a6/0x480 [ 16.189571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.189593] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.189617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.189653] ? __kthread_parkme+0x82/0x160 [ 16.189676] ? preempt_count_sub+0x50/0x80 [ 16.189701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.189742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.189770] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.189798] kthread+0x324/0x6e0 [ 16.189820] ? trace_preempt_on+0x20/0xc0 [ 16.189853] ? __pfx_kthread+0x10/0x10 [ 16.189876] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.189899] ? calculate_sigpending+0x7b/0xa0 [ 16.189932] ? __pfx_kthread+0x10/0x10 [ 16.189955] ret_from_fork+0x41/0x80 [ 16.189975] ? __pfx_kthread+0x10/0x10 [ 16.189998] ret_from_fork_asm+0x1a/0x30 [ 16.190038] </TASK> [ 16.190050] [ 16.200732] Allocated by task 273: [ 16.201097] kasan_save_stack+0x45/0x70 [ 16.201487] kasan_save_track+0x18/0x40 [ 16.201918] kasan_save_alloc_info+0x3b/0x50 [ 16.202335] __kasan_kmalloc+0xb7/0xc0 [ 16.202709] __kmalloc_cache_noprof+0x18a/0x420 [ 16.203064] kasan_atomics+0x96/0x310 [ 16.203312] kunit_try_run_case+0x1a6/0x480 [ 16.203616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.203798] kthread+0x324/0x6e0 [ 16.203920] ret_from_fork+0x41/0x80 [ 16.204062] ret_from_fork_asm+0x1a/0x30 [ 16.204205] [ 16.204277] The buggy address belongs to the object at ffff888101bf3e00 [ 16.204277] which belongs to the cache kmalloc-64 of size 64 [ 16.204667] The buggy address is located 0 bytes to the right of [ 16.204667] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.205184] [ 16.205281] The buggy address belongs to the physical page: [ 16.205530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.205805] flags: 0x200000000000000(node=0|zone=2) [ 16.206060] page_type: f5(slab) [ 16.206255] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.206589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.206906] page dumped because: kasan: bad access detected [ 16.207167] [ 16.207274] Memory state around the buggy address: [ 16.207475] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.207791] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.208031] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.208373] ^ [ 16.208591] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.208811] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.209146] ================================================================== [ 15.531888] ================================================================== [ 15.532249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2c/0x5450 [ 15.532736] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.533103] [ 15.533190] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.533228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.533242] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.533264] Call Trace: [ 15.533278] <TASK> [ 15.533292] dump_stack_lvl+0x73/0xb0 [ 15.533317] print_report+0xd1/0x650 [ 15.533339] ? __virt_addr_valid+0x1db/0x2d0 [ 15.533362] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.533383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.533410] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.533455] kasan_report+0x140/0x180 [ 15.533478] ? kasan_atomics_helper+0xa2c/0x5450 [ 15.533504] kasan_check_range+0x10c/0x1c0 [ 15.533528] __kasan_check_write+0x18/0x20 [ 15.533551] kasan_atomics_helper+0xa2c/0x5450 [ 15.533623] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.533666] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.533691] ? kasan_atomics+0x153/0x310 [ 15.533718] kasan_atomics+0x1dd/0x310 [ 15.533746] ? __pfx_kasan_atomics+0x10/0x10 [ 15.533771] ? __pfx_read_tsc+0x10/0x10 [ 15.533793] ? ktime_get_ts64+0x86/0x230 [ 15.533819] kunit_try_run_case+0x1a6/0x480 [ 15.533843] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.533865] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.533890] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.533914] ? __kthread_parkme+0x82/0x160 [ 15.533936] ? preempt_count_sub+0x50/0x80 [ 15.533962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.533985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.534048] kthread+0x324/0x6e0 [ 15.534089] ? trace_preempt_on+0x20/0xc0 [ 15.534113] ? __pfx_kthread+0x10/0x10 [ 15.534137] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.534160] ? calculate_sigpending+0x7b/0xa0 [ 15.534182] ? __pfx_kthread+0x10/0x10 [ 15.534206] ret_from_fork+0x41/0x80 [ 15.534225] ? __pfx_kthread+0x10/0x10 [ 15.534248] ret_from_fork_asm+0x1a/0x30 [ 15.534279] </TASK> [ 15.534290] [ 15.542822] Allocated by task 273: [ 15.543191] kasan_save_stack+0x45/0x70 [ 15.543407] kasan_save_track+0x18/0x40 [ 15.543746] kasan_save_alloc_info+0x3b/0x50 [ 15.543908] __kasan_kmalloc+0xb7/0xc0 [ 15.544114] __kmalloc_cache_noprof+0x18a/0x420 [ 15.544340] kasan_atomics+0x96/0x310 [ 15.544533] kunit_try_run_case+0x1a6/0x480 [ 15.544793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.545158] kthread+0x324/0x6e0 [ 15.545350] ret_from_fork+0x41/0x80 [ 15.545534] ret_from_fork_asm+0x1a/0x30 [ 15.545800] [ 15.545890] The buggy address belongs to the object at ffff888101bf3e00 [ 15.545890] which belongs to the cache kmalloc-64 of size 64 [ 15.546242] The buggy address is located 0 bytes to the right of [ 15.546242] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.546786] [ 15.546882] The buggy address belongs to the physical page: [ 15.547137] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.547572] flags: 0x200000000000000(node=0|zone=2) [ 15.547728] page_type: f5(slab) [ 15.547847] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.548200] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.548821] page dumped because: kasan: bad access detected [ 15.549088] [ 15.549173] Memory state around the buggy address: [ 15.549327] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.549841] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.550147] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.550357] ^ [ 15.550593] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.550905] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.551214] ================================================================== [ 15.748937] ================================================================== [ 15.749326] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a38/0x5450 [ 15.749847] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.750204] [ 15.750432] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.750637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.750653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.750675] Call Trace: [ 15.750690] <TASK> [ 15.750706] dump_stack_lvl+0x73/0xb0 [ 15.750735] print_report+0xd1/0x650 [ 15.750757] ? __virt_addr_valid+0x1db/0x2d0 [ 15.750780] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.750826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.750852] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.750876] kasan_report+0x140/0x180 [ 15.751060] ? kasan_atomics_helper+0x4a38/0x5450 [ 15.751096] __asan_report_load4_noabort+0x18/0x20 [ 15.751139] kasan_atomics_helper+0x4a38/0x5450 [ 15.751164] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.751203] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.751228] ? kasan_atomics+0x153/0x310 [ 15.751255] kasan_atomics+0x1dd/0x310 [ 15.751277] ? __pfx_kasan_atomics+0x10/0x10 [ 15.751301] ? __pfx_read_tsc+0x10/0x10 [ 15.751324] ? ktime_get_ts64+0x86/0x230 [ 15.751349] kunit_try_run_case+0x1a6/0x480 [ 15.751373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.751397] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.751422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.751446] ? __kthread_parkme+0x82/0x160 [ 15.751468] ? preempt_count_sub+0x50/0x80 [ 15.751494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.751517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.751544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.751571] kthread+0x324/0x6e0 [ 15.751593] ? trace_preempt_on+0x20/0xc0 [ 15.751617] ? __pfx_kthread+0x10/0x10 [ 15.751640] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.751662] ? calculate_sigpending+0x7b/0xa0 [ 15.751685] ? __pfx_kthread+0x10/0x10 [ 15.751707] ret_from_fork+0x41/0x80 [ 15.751727] ? __pfx_kthread+0x10/0x10 [ 15.751749] ret_from_fork_asm+0x1a/0x30 [ 15.751782] </TASK> [ 15.751792] [ 15.762750] Allocated by task 273: [ 15.762977] kasan_save_stack+0x45/0x70 [ 15.763361] kasan_save_track+0x18/0x40 [ 15.763677] kasan_save_alloc_info+0x3b/0x50 [ 15.763847] __kasan_kmalloc+0xb7/0xc0 [ 15.764047] __kmalloc_cache_noprof+0x18a/0x420 [ 15.764294] kasan_atomics+0x96/0x310 [ 15.764551] kunit_try_run_case+0x1a6/0x480 [ 15.765063] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.765366] kthread+0x324/0x6e0 [ 15.765553] ret_from_fork+0x41/0x80 [ 15.765758] ret_from_fork_asm+0x1a/0x30 [ 15.765962] [ 15.766295] The buggy address belongs to the object at ffff888101bf3e00 [ 15.766295] which belongs to the cache kmalloc-64 of size 64 [ 15.766965] The buggy address is located 0 bytes to the right of [ 15.766965] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.767798] [ 15.767904] The buggy address belongs to the physical page: [ 15.768143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.768749] flags: 0x200000000000000(node=0|zone=2) [ 15.769056] page_type: f5(slab) [ 15.769222] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.769521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.769989] page dumped because: kasan: bad access detected [ 15.770461] [ 15.770552] Memory state around the buggy address: [ 15.770774] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.771232] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.771730] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.772137] ^ [ 15.772433] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.772988] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.773449] ================================================================== [ 15.398334] ================================================================== [ 15.398691] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x698/0x5450 [ 15.399228] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.399632] [ 15.399883] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.399928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.399942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.399965] Call Trace: [ 15.399981] <TASK> [ 15.399996] dump_stack_lvl+0x73/0xb0 [ 15.400037] print_report+0xd1/0x650 [ 15.400059] ? __virt_addr_valid+0x1db/0x2d0 [ 15.400082] ? kasan_atomics_helper+0x698/0x5450 [ 15.400104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.400131] ? kasan_atomics_helper+0x698/0x5450 [ 15.400153] kasan_report+0x140/0x180 [ 15.400177] ? kasan_atomics_helper+0x698/0x5450 [ 15.400204] kasan_check_range+0x10c/0x1c0 [ 15.400228] __kasan_check_write+0x18/0x20 [ 15.400252] kasan_atomics_helper+0x698/0x5450 [ 15.400275] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.400297] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.400322] ? kasan_atomics+0x153/0x310 [ 15.400348] kasan_atomics+0x1dd/0x310 [ 15.400371] ? __pfx_kasan_atomics+0x10/0x10 [ 15.400395] ? __pfx_read_tsc+0x10/0x10 [ 15.400417] ? ktime_get_ts64+0x86/0x230 [ 15.400443] kunit_try_run_case+0x1a6/0x480 [ 15.400467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.400489] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.400514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.400538] ? __kthread_parkme+0x82/0x160 [ 15.400561] ? preempt_count_sub+0x50/0x80 [ 15.400586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.400611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.400638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.400665] kthread+0x324/0x6e0 [ 15.400687] ? trace_preempt_on+0x20/0xc0 [ 15.400711] ? __pfx_kthread+0x10/0x10 [ 15.400734] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.400758] ? calculate_sigpending+0x7b/0xa0 [ 15.400781] ? __pfx_kthread+0x10/0x10 [ 15.400804] ret_from_fork+0x41/0x80 [ 15.400824] ? __pfx_kthread+0x10/0x10 [ 15.400846] ret_from_fork_asm+0x1a/0x30 [ 15.400878] </TASK> [ 15.400889] [ 15.409286] Allocated by task 273: [ 15.409450] kasan_save_stack+0x45/0x70 [ 15.409951] kasan_save_track+0x18/0x40 [ 15.410396] kasan_save_alloc_info+0x3b/0x50 [ 15.410782] __kasan_kmalloc+0xb7/0xc0 [ 15.411163] __kmalloc_cache_noprof+0x18a/0x420 [ 15.411535] kasan_atomics+0x96/0x310 [ 15.411869] kunit_try_run_case+0x1a6/0x480 [ 15.412054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.412275] kthread+0x324/0x6e0 [ 15.412429] ret_from_fork+0x41/0x80 [ 15.412852] ret_from_fork_asm+0x1a/0x30 [ 15.413298] [ 15.413570] The buggy address belongs to the object at ffff888101bf3e00 [ 15.413570] which belongs to the cache kmalloc-64 of size 64 [ 15.414283] The buggy address is located 0 bytes to the right of [ 15.414283] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.415197] [ 15.415290] The buggy address belongs to the physical page: [ 15.415715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.416246] flags: 0x200000000000000(node=0|zone=2) [ 15.416462] page_type: f5(slab) [ 15.416815] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.417355] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.417946] page dumped because: kasan: bad access detected [ 15.418209] [ 15.418301] Memory state around the buggy address: [ 15.418501] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.418805] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.419519] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.420059] ^ [ 15.420435] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.420946] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.421261] ================================================================== [ 16.246409] ================================================================== [ 16.246719] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a80/0x5450 [ 16.246958] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.247303] [ 16.247471] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.247510] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.247523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.247545] Call Trace: [ 16.247559] <TASK> [ 16.247574] dump_stack_lvl+0x73/0xb0 [ 16.247599] print_report+0xd1/0x650 [ 16.247621] ? __virt_addr_valid+0x1db/0x2d0 [ 16.247644] ? kasan_atomics_helper+0x1a80/0x5450 [ 16.247665] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.247692] ? kasan_atomics_helper+0x1a80/0x5450 [ 16.247714] kasan_report+0x140/0x180 [ 16.247737] ? kasan_atomics_helper+0x1a80/0x5450 [ 16.247775] kasan_check_range+0x10c/0x1c0 [ 16.247798] __kasan_check_write+0x18/0x20 [ 16.247829] kasan_atomics_helper+0x1a80/0x5450 [ 16.247851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.247873] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.247898] ? kasan_atomics+0x153/0x310 [ 16.247924] kasan_atomics+0x1dd/0x310 [ 16.247947] ? __pfx_kasan_atomics+0x10/0x10 [ 16.247971] ? __pfx_read_tsc+0x10/0x10 [ 16.247992] ? ktime_get_ts64+0x86/0x230 [ 16.248027] kunit_try_run_case+0x1a6/0x480 [ 16.248050] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.248073] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.248097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.248122] ? __kthread_parkme+0x82/0x160 [ 16.248146] ? preempt_count_sub+0x50/0x80 [ 16.248171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.248194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.248222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.248249] kthread+0x324/0x6e0 [ 16.248271] ? trace_preempt_on+0x20/0xc0 [ 16.248295] ? __pfx_kthread+0x10/0x10 [ 16.248317] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.248340] ? calculate_sigpending+0x7b/0xa0 [ 16.248363] ? __pfx_kthread+0x10/0x10 [ 16.248385] ret_from_fork+0x41/0x80 [ 16.248405] ? __pfx_kthread+0x10/0x10 [ 16.248427] ret_from_fork_asm+0x1a/0x30 [ 16.248460] </TASK> [ 16.248470] [ 16.256199] Allocated by task 273: [ 16.256344] kasan_save_stack+0x45/0x70 [ 16.256488] kasan_save_track+0x18/0x40 [ 16.256668] kasan_save_alloc_info+0x3b/0x50 [ 16.257416] __kasan_kmalloc+0xb7/0xc0 [ 16.257706] __kmalloc_cache_noprof+0x18a/0x420 [ 16.257878] kasan_atomics+0x96/0x310 [ 16.258008] kunit_try_run_case+0x1a6/0x480 [ 16.258165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.258341] kthread+0x324/0x6e0 [ 16.258460] ret_from_fork+0x41/0x80 [ 16.258586] ret_from_fork_asm+0x1a/0x30 [ 16.258724] [ 16.258796] The buggy address belongs to the object at ffff888101bf3e00 [ 16.258796] which belongs to the cache kmalloc-64 of size 64 [ 16.259149] The buggy address is located 0 bytes to the right of [ 16.259149] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.260361] [ 16.260441] The buggy address belongs to the physical page: [ 16.260609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.260846] flags: 0x200000000000000(node=0|zone=2) [ 16.261003] page_type: f5(slab) [ 16.261179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.261407] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.261792] page dumped because: kasan: bad access detected [ 16.262073] [ 16.262172] Memory state around the buggy address: [ 16.262435] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.262952] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.263184] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.263389] ^ [ 16.263540] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.264479] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.264853] ================================================================== [ 15.773939] ================================================================== [ 15.774304] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x107a/0x5450 [ 15.774646] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.774926] [ 15.775012] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.775063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.775076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.775098] Call Trace: [ 15.775115] <TASK> [ 15.775132] dump_stack_lvl+0x73/0xb0 [ 15.775156] print_report+0xd1/0x650 [ 15.775178] ? __virt_addr_valid+0x1db/0x2d0 [ 15.775201] ? kasan_atomics_helper+0x107a/0x5450 [ 15.775222] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.775248] ? kasan_atomics_helper+0x107a/0x5450 [ 15.775272] kasan_report+0x140/0x180 [ 15.775295] ? kasan_atomics_helper+0x107a/0x5450 [ 15.775321] kasan_check_range+0x10c/0x1c0 [ 15.775345] __kasan_check_write+0x18/0x20 [ 15.775368] kasan_atomics_helper+0x107a/0x5450 [ 15.775390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.775413] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.775437] ? kasan_atomics+0x153/0x310 [ 15.775463] kasan_atomics+0x1dd/0x310 [ 15.775486] ? __pfx_kasan_atomics+0x10/0x10 [ 15.775510] ? __pfx_read_tsc+0x10/0x10 [ 15.775532] ? ktime_get_ts64+0x86/0x230 [ 15.775558] kunit_try_run_case+0x1a6/0x480 [ 15.775581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.775603] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.775627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.775651] ? __kthread_parkme+0x82/0x160 [ 15.775674] ? preempt_count_sub+0x50/0x80 [ 15.775699] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.775723] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.775749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.775776] kthread+0x324/0x6e0 [ 15.775798] ? trace_preempt_on+0x20/0xc0 [ 15.775821] ? __pfx_kthread+0x10/0x10 [ 15.775844] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.775866] ? calculate_sigpending+0x7b/0xa0 [ 15.775889] ? __pfx_kthread+0x10/0x10 [ 15.775912] ret_from_fork+0x41/0x80 [ 15.775932] ? __pfx_kthread+0x10/0x10 [ 15.775955] ret_from_fork_asm+0x1a/0x30 [ 15.775986] </TASK> [ 15.775998] [ 15.783730] Allocated by task 273: [ 15.783956] kasan_save_stack+0x45/0x70 [ 15.784162] kasan_save_track+0x18/0x40 [ 15.784474] kasan_save_alloc_info+0x3b/0x50 [ 15.784626] __kasan_kmalloc+0xb7/0xc0 [ 15.784810] __kmalloc_cache_noprof+0x18a/0x420 [ 15.785092] kasan_atomics+0x96/0x310 [ 15.785251] kunit_try_run_case+0x1a6/0x480 [ 15.785395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.785569] kthread+0x324/0x6e0 [ 15.785690] ret_from_fork+0x41/0x80 [ 15.785937] ret_from_fork_asm+0x1a/0x30 [ 15.786276] [ 15.786373] The buggy address belongs to the object at ffff888101bf3e00 [ 15.786373] which belongs to the cache kmalloc-64 of size 64 [ 15.787060] The buggy address is located 0 bytes to the right of [ 15.787060] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.787427] [ 15.787499] The buggy address belongs to the physical page: [ 15.787872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.788234] flags: 0x200000000000000(node=0|zone=2) [ 15.788520] page_type: f5(slab) [ 15.788844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.789153] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.789377] page dumped because: kasan: bad access detected [ 15.789546] [ 15.789615] Memory state around the buggy address: [ 15.789770] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.790433] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.790879] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.791162] ^ [ 15.791316] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.791527] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.791736] ================================================================== [ 16.600467] ================================================================== [ 16.601137] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224d/0x5450 [ 16.601366] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.601601] [ 16.601706] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.601773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.601785] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.601806] Call Trace: [ 16.601821] <TASK> [ 16.601854] dump_stack_lvl+0x73/0xb0 [ 16.601878] print_report+0xd1/0x650 [ 16.601914] ? __virt_addr_valid+0x1db/0x2d0 [ 16.601950] ? kasan_atomics_helper+0x224d/0x5450 [ 16.601971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.601998] ? kasan_atomics_helper+0x224d/0x5450 [ 16.602029] kasan_report+0x140/0x180 [ 16.602053] ? kasan_atomics_helper+0x224d/0x5450 [ 16.602080] kasan_check_range+0x10c/0x1c0 [ 16.602103] __kasan_check_write+0x18/0x20 [ 16.602126] kasan_atomics_helper+0x224d/0x5450 [ 16.602149] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.602171] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.602196] ? kasan_atomics+0x153/0x310 [ 16.602238] kasan_atomics+0x1dd/0x310 [ 16.602273] ? __pfx_kasan_atomics+0x10/0x10 [ 16.602311] ? __pfx_read_tsc+0x10/0x10 [ 16.602346] ? ktime_get_ts64+0x86/0x230 [ 16.602384] kunit_try_run_case+0x1a6/0x480 [ 16.602421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.602468] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.602506] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.602544] ? __kthread_parkme+0x82/0x160 [ 16.602579] ? preempt_count_sub+0x50/0x80 [ 16.602616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.602652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.602706] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.602748] kthread+0x324/0x6e0 [ 16.602796] ? trace_preempt_on+0x20/0xc0 [ 16.602833] ? __pfx_kthread+0x10/0x10 [ 16.602856] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.602880] ? calculate_sigpending+0x7b/0xa0 [ 16.602902] ? __pfx_kthread+0x10/0x10 [ 16.602925] ret_from_fork+0x41/0x80 [ 16.602944] ? __pfx_kthread+0x10/0x10 [ 16.602969] ret_from_fork_asm+0x1a/0x30 [ 16.603002] </TASK> [ 16.603023] [ 16.610756] Allocated by task 273: [ 16.611028] kasan_save_stack+0x45/0x70 [ 16.611256] kasan_save_track+0x18/0x40 [ 16.611489] kasan_save_alloc_info+0x3b/0x50 [ 16.611800] __kasan_kmalloc+0xb7/0xc0 [ 16.611984] __kmalloc_cache_noprof+0x18a/0x420 [ 16.612212] kasan_atomics+0x96/0x310 [ 16.612371] kunit_try_run_case+0x1a6/0x480 [ 16.612512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.613032] kthread+0x324/0x6e0 [ 16.613173] ret_from_fork+0x41/0x80 [ 16.613384] ret_from_fork_asm+0x1a/0x30 [ 16.613617] [ 16.613744] The buggy address belongs to the object at ffff888101bf3e00 [ 16.613744] which belongs to the cache kmalloc-64 of size 64 [ 16.614282] The buggy address is located 0 bytes to the right of [ 16.614282] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.615010] [ 16.615108] The buggy address belongs to the physical page: [ 16.615350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.615641] flags: 0x200000000000000(node=0|zone=2) [ 16.615881] page_type: f5(slab) [ 16.616750] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.617396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.617640] page dumped because: kasan: bad access detected [ 16.617819] [ 16.617892] Memory state around the buggy address: [ 16.618108] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.618794] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.619456] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.619969] ^ [ 16.620386] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.620965] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.621361] ================================================================== [ 15.722799] ================================================================== [ 15.723157] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfaa/0x5450 [ 15.723489] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.723712] [ 15.723791] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.723831] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.723844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.723864] Call Trace: [ 15.723964] <TASK> [ 15.723983] dump_stack_lvl+0x73/0xb0 [ 15.724009] print_report+0xd1/0x650 [ 15.724045] ? __virt_addr_valid+0x1db/0x2d0 [ 15.724067] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.724089] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.724115] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.724136] kasan_report+0x140/0x180 [ 15.724158] ? kasan_atomics_helper+0xfaa/0x5450 [ 15.724184] kasan_check_range+0x10c/0x1c0 [ 15.724207] __kasan_check_write+0x18/0x20 [ 15.724230] kasan_atomics_helper+0xfaa/0x5450 [ 15.724254] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.724277] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.724302] ? kasan_atomics+0x153/0x310 [ 15.724328] kasan_atomics+0x1dd/0x310 [ 15.724351] ? __pfx_kasan_atomics+0x10/0x10 [ 15.724374] ? __pfx_read_tsc+0x10/0x10 [ 15.724397] ? ktime_get_ts64+0x86/0x230 [ 15.724421] kunit_try_run_case+0x1a6/0x480 [ 15.724445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.724467] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.724492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.724516] ? __kthread_parkme+0x82/0x160 [ 15.724538] ? preempt_count_sub+0x50/0x80 [ 15.724563] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.724587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.724613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.724640] kthread+0x324/0x6e0 [ 15.724662] ? trace_preempt_on+0x20/0xc0 [ 15.724685] ? __pfx_kthread+0x10/0x10 [ 15.724708] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.724730] ? calculate_sigpending+0x7b/0xa0 [ 15.724752] ? __pfx_kthread+0x10/0x10 [ 15.724776] ret_from_fork+0x41/0x80 [ 15.724796] ? __pfx_kthread+0x10/0x10 [ 15.724818] ret_from_fork_asm+0x1a/0x30 [ 15.724850] </TASK> [ 15.724861] [ 15.732933] Allocated by task 273: [ 15.733267] kasan_save_stack+0x45/0x70 [ 15.733518] kasan_save_track+0x18/0x40 [ 15.733789] kasan_save_alloc_info+0x3b/0x50 [ 15.734180] __kasan_kmalloc+0xb7/0xc0 [ 15.734351] __kmalloc_cache_noprof+0x18a/0x420 [ 15.734511] kasan_atomics+0x96/0x310 [ 15.734644] kunit_try_run_case+0x1a6/0x480 [ 15.734958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.735295] kthread+0x324/0x6e0 [ 15.735502] ret_from_fork+0x41/0x80 [ 15.735691] ret_from_fork_asm+0x1a/0x30 [ 15.735826] [ 15.735897] The buggy address belongs to the object at ffff888101bf3e00 [ 15.735897] which belongs to the cache kmalloc-64 of size 64 [ 15.736529] The buggy address is located 0 bytes to the right of [ 15.736529] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.737106] [ 15.737181] The buggy address belongs to the physical page: [ 15.737347] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.737631] flags: 0x200000000000000(node=0|zone=2) [ 15.740714] page_type: f5(slab) [ 15.741715] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.743415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.744935] page dumped because: kasan: bad access detected [ 15.745563] [ 15.745847] Memory state around the buggy address: [ 15.746147] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.746609] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.747300] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.747595] ^ [ 15.747821] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.748130] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.748424] ================================================================== [ 16.042905] ================================================================== [ 16.043256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151e/0x5450 [ 16.043590] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.043952] [ 16.044080] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.044118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.044131] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.044152] Call Trace: [ 16.044167] <TASK> [ 16.044182] dump_stack_lvl+0x73/0xb0 [ 16.044206] print_report+0xd1/0x650 [ 16.044228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.044250] ? kasan_atomics_helper+0x151e/0x5450 [ 16.044271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.044297] ? kasan_atomics_helper+0x151e/0x5450 [ 16.044319] kasan_report+0x140/0x180 [ 16.044341] ? kasan_atomics_helper+0x151e/0x5450 [ 16.044367] kasan_check_range+0x10c/0x1c0 [ 16.044392] __kasan_check_write+0x18/0x20 [ 16.044415] kasan_atomics_helper+0x151e/0x5450 [ 16.044438] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.044461] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.044486] ? kasan_atomics+0x153/0x310 [ 16.044512] kasan_atomics+0x1dd/0x310 [ 16.044534] ? __pfx_kasan_atomics+0x10/0x10 [ 16.044558] ? __pfx_read_tsc+0x10/0x10 [ 16.044581] ? ktime_get_ts64+0x86/0x230 [ 16.044606] kunit_try_run_case+0x1a6/0x480 [ 16.044630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.044652] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.044676] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.044701] ? __kthread_parkme+0x82/0x160 [ 16.044725] ? preempt_count_sub+0x50/0x80 [ 16.044750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.044774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.044800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.044827] kthread+0x324/0x6e0 [ 16.044848] ? trace_preempt_on+0x20/0xc0 [ 16.044872] ? __pfx_kthread+0x10/0x10 [ 16.044895] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.044918] ? calculate_sigpending+0x7b/0xa0 [ 16.044941] ? __pfx_kthread+0x10/0x10 [ 16.044964] ret_from_fork+0x41/0x80 [ 16.044984] ? __pfx_kthread+0x10/0x10 [ 16.045007] ret_from_fork_asm+0x1a/0x30 [ 16.045049] </TASK> [ 16.045060] [ 16.053101] Allocated by task 273: [ 16.053294] kasan_save_stack+0x45/0x70 [ 16.053488] kasan_save_track+0x18/0x40 [ 16.053795] kasan_save_alloc_info+0x3b/0x50 [ 16.054004] __kasan_kmalloc+0xb7/0xc0 [ 16.054157] __kmalloc_cache_noprof+0x18a/0x420 [ 16.054313] kasan_atomics+0x96/0x310 [ 16.054501] kunit_try_run_case+0x1a6/0x480 [ 16.054897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.055169] kthread+0x324/0x6e0 [ 16.055327] ret_from_fork+0x41/0x80 [ 16.055497] ret_from_fork_asm+0x1a/0x30 [ 16.055783] [ 16.055869] The buggy address belongs to the object at ffff888101bf3e00 [ 16.055869] which belongs to the cache kmalloc-64 of size 64 [ 16.056346] The buggy address is located 0 bytes to the right of [ 16.056346] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.056808] [ 16.056882] The buggy address belongs to the physical page: [ 16.057134] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.057481] flags: 0x200000000000000(node=0|zone=2) [ 16.057727] page_type: f5(slab) [ 16.057860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.058169] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.058481] page dumped because: kasan: bad access detected [ 16.058726] [ 16.058859] Memory state around the buggy address: [ 16.059077] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059354] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.059778] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.060048] ^ [ 16.060268] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.060577] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.060907] ================================================================== [ 16.402820] ================================================================== [ 16.403148] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eab/0x5450 [ 16.403396] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.403747] [ 16.403840] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.403880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.403893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.403914] Call Trace: [ 16.403927] <TASK> [ 16.403942] dump_stack_lvl+0x73/0xb0 [ 16.403967] print_report+0xd1/0x650 [ 16.403989] ? __virt_addr_valid+0x1db/0x2d0 [ 16.404011] ? kasan_atomics_helper+0x1eab/0x5450 [ 16.404042] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.404069] ? kasan_atomics_helper+0x1eab/0x5450 [ 16.404091] kasan_report+0x140/0x180 [ 16.404114] ? kasan_atomics_helper+0x1eab/0x5450 [ 16.404140] kasan_check_range+0x10c/0x1c0 [ 16.404164] __kasan_check_write+0x18/0x20 [ 16.404187] kasan_atomics_helper+0x1eab/0x5450 [ 16.404210] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.404232] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.404279] ? kasan_atomics+0x153/0x310 [ 16.404315] kasan_atomics+0x1dd/0x310 [ 16.404353] ? __pfx_kasan_atomics+0x10/0x10 [ 16.404404] ? __pfx_read_tsc+0x10/0x10 [ 16.404441] ? ktime_get_ts64+0x86/0x230 [ 16.404492] kunit_try_run_case+0x1a6/0x480 [ 16.404516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.404551] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.404598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.404623] ? __kthread_parkme+0x82/0x160 [ 16.404646] ? preempt_count_sub+0x50/0x80 [ 16.404682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.404706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.404734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.404761] kthread+0x324/0x6e0 [ 16.404783] ? trace_preempt_on+0x20/0xc0 [ 16.404808] ? __pfx_kthread+0x10/0x10 [ 16.404831] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.404854] ? calculate_sigpending+0x7b/0xa0 [ 16.404877] ? __pfx_kthread+0x10/0x10 [ 16.404900] ret_from_fork+0x41/0x80 [ 16.404920] ? __pfx_kthread+0x10/0x10 [ 16.404943] ret_from_fork_asm+0x1a/0x30 [ 16.404975] </TASK> [ 16.404985] [ 16.413238] Allocated by task 273: [ 16.413369] kasan_save_stack+0x45/0x70 [ 16.413507] kasan_save_track+0x18/0x40 [ 16.413869] kasan_save_alloc_info+0x3b/0x50 [ 16.414100] __kasan_kmalloc+0xb7/0xc0 [ 16.414289] __kmalloc_cache_noprof+0x18a/0x420 [ 16.414509] kasan_atomics+0x96/0x310 [ 16.414800] kunit_try_run_case+0x1a6/0x480 [ 16.415136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.415387] kthread+0x324/0x6e0 [ 16.415520] ret_from_fork+0x41/0x80 [ 16.415732] ret_from_fork_asm+0x1a/0x30 [ 16.415994] [ 16.416173] The buggy address belongs to the object at ffff888101bf3e00 [ 16.416173] which belongs to the cache kmalloc-64 of size 64 [ 16.416621] The buggy address is located 0 bytes to the right of [ 16.416621] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.417210] [ 16.417317] The buggy address belongs to the physical page: [ 16.417483] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.417712] flags: 0x200000000000000(node=0|zone=2) [ 16.417874] page_type: f5(slab) [ 16.418081] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.418564] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.418945] page dumped because: kasan: bad access detected [ 16.419213] [ 16.419309] Memory state around the buggy address: [ 16.419690] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.420098] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.420419] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.420791] ^ [ 16.421114] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.421846] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.422320] ================================================================== [ 15.159528] ================================================================== [ 15.160220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba4/0x5450 [ 15.160526] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.161395] [ 15.161801] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.161847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.161859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.161880] Call Trace: [ 15.161894] <TASK> [ 15.161909] dump_stack_lvl+0x73/0xb0 [ 15.161935] print_report+0xd1/0x650 [ 15.161956] ? __virt_addr_valid+0x1db/0x2d0 [ 15.161977] ? kasan_atomics_helper+0x4ba4/0x5450 [ 15.161997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.162032] ? kasan_atomics_helper+0x4ba4/0x5450 [ 15.162054] kasan_report+0x140/0x180 [ 15.162076] ? kasan_atomics_helper+0x4ba4/0x5450 [ 15.162100] __asan_report_store4_noabort+0x1b/0x30 [ 15.162123] kasan_atomics_helper+0x4ba4/0x5450 [ 15.162145] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.162166] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.162189] ? kasan_atomics+0x153/0x310 [ 15.162214] kasan_atomics+0x1dd/0x310 [ 15.162235] ? __pfx_kasan_atomics+0x10/0x10 [ 15.162258] ? __pfx_read_tsc+0x10/0x10 [ 15.162279] ? ktime_get_ts64+0x86/0x230 [ 15.162303] kunit_try_run_case+0x1a6/0x480 [ 15.162326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.162346] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.162369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.162393] ? __kthread_parkme+0x82/0x160 [ 15.162415] ? preempt_count_sub+0x50/0x80 [ 15.162438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.162461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.162486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.162512] kthread+0x324/0x6e0 [ 15.162532] ? trace_preempt_on+0x20/0xc0 [ 15.162555] ? __pfx_kthread+0x10/0x10 [ 15.162630] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.162652] ? calculate_sigpending+0x7b/0xa0 [ 15.162673] ? __pfx_kthread+0x10/0x10 [ 15.162695] ret_from_fork+0x41/0x80 [ 15.162715] ? __pfx_kthread+0x10/0x10 [ 15.162736] ret_from_fork_asm+0x1a/0x30 [ 15.162767] </TASK> [ 15.162777] [ 15.175098] Allocated by task 273: [ 15.175374] kasan_save_stack+0x45/0x70 [ 15.175734] kasan_save_track+0x18/0x40 [ 15.176034] kasan_save_alloc_info+0x3b/0x50 [ 15.176332] __kasan_kmalloc+0xb7/0xc0 [ 15.176528] __kmalloc_cache_noprof+0x18a/0x420 [ 15.176969] kasan_atomics+0x96/0x310 [ 15.177279] kunit_try_run_case+0x1a6/0x480 [ 15.177575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178140] kthread+0x324/0x6e0 [ 15.178443] ret_from_fork+0x41/0x80 [ 15.178811] ret_from_fork_asm+0x1a/0x30 [ 15.179196] [ 15.179421] The buggy address belongs to the object at ffff888101bf3e00 [ 15.179421] which belongs to the cache kmalloc-64 of size 64 [ 15.180207] The buggy address is located 0 bytes to the right of [ 15.180207] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.180978] [ 15.181069] The buggy address belongs to the physical page: [ 15.181334] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.181996] flags: 0x200000000000000(node=0|zone=2) [ 15.182279] page_type: f5(slab) [ 15.182450] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.182810] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.183389] page dumped because: kasan: bad access detected [ 15.183791] [ 15.183908] Memory state around the buggy address: [ 15.184144] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.184420] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.184680] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.185101] ^ [ 15.185455] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185939] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.186298] ================================================================== [ 16.382511] ================================================================== [ 16.383168] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e13/0x5450 [ 16.383496] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.383927] [ 16.384073] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.384126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.384139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.384160] Call Trace: [ 16.384176] <TASK> [ 16.384191] dump_stack_lvl+0x73/0xb0 [ 16.384217] print_report+0xd1/0x650 [ 16.384241] ? __virt_addr_valid+0x1db/0x2d0 [ 16.384263] ? kasan_atomics_helper+0x1e13/0x5450 [ 16.384284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.384341] ? kasan_atomics_helper+0x1e13/0x5450 [ 16.384364] kasan_report+0x140/0x180 [ 16.384404] ? kasan_atomics_helper+0x1e13/0x5450 [ 16.384442] kasan_check_range+0x10c/0x1c0 [ 16.384466] __kasan_check_write+0x18/0x20 [ 16.384489] kasan_atomics_helper+0x1e13/0x5450 [ 16.384512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.384535] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.384560] ? kasan_atomics+0x153/0x310 [ 16.384586] kasan_atomics+0x1dd/0x310 [ 16.384609] ? __pfx_kasan_atomics+0x10/0x10 [ 16.384633] ? __pfx_read_tsc+0x10/0x10 [ 16.384655] ? ktime_get_ts64+0x86/0x230 [ 16.384680] kunit_try_run_case+0x1a6/0x480 [ 16.384731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.384754] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.384791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.384816] ? __kthread_parkme+0x82/0x160 [ 16.384839] ? preempt_count_sub+0x50/0x80 [ 16.384889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.384914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.384941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.384979] kthread+0x324/0x6e0 [ 16.385002] ? trace_preempt_on+0x20/0xc0 [ 16.385060] ? __pfx_kthread+0x10/0x10 [ 16.385084] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.385134] ? calculate_sigpending+0x7b/0xa0 [ 16.385156] ? __pfx_kthread+0x10/0x10 [ 16.385194] ret_from_fork+0x41/0x80 [ 16.385227] ? __pfx_kthread+0x10/0x10 [ 16.385251] ret_from_fork_asm+0x1a/0x30 [ 16.385282] </TASK> [ 16.385293] [ 16.393421] Allocated by task 273: [ 16.393665] kasan_save_stack+0x45/0x70 [ 16.393888] kasan_save_track+0x18/0x40 [ 16.394120] kasan_save_alloc_info+0x3b/0x50 [ 16.394314] __kasan_kmalloc+0xb7/0xc0 [ 16.394535] __kmalloc_cache_noprof+0x18a/0x420 [ 16.394760] kasan_atomics+0x96/0x310 [ 16.394961] kunit_try_run_case+0x1a6/0x480 [ 16.395170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.395452] kthread+0x324/0x6e0 [ 16.395667] ret_from_fork+0x41/0x80 [ 16.395878] ret_from_fork_asm+0x1a/0x30 [ 16.396142] [ 16.396236] The buggy address belongs to the object at ffff888101bf3e00 [ 16.396236] which belongs to the cache kmalloc-64 of size 64 [ 16.396766] The buggy address is located 0 bytes to the right of [ 16.396766] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.397345] [ 16.397421] The buggy address belongs to the physical page: [ 16.397777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.398197] flags: 0x200000000000000(node=0|zone=2) [ 16.398465] page_type: f5(slab) [ 16.398697] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.399034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.399393] page dumped because: kasan: bad access detected [ 16.399619] [ 16.399822] Memory state around the buggy address: [ 16.400081] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.400408] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.400722] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.401106] ^ [ 16.401322] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.401722] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.402055] ================================================================== [ 16.308593] ================================================================== [ 16.308827] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f32/0x5450 [ 16.309615] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.310368] [ 16.310620] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.310663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.310676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.310697] Call Trace: [ 16.310712] <TASK> [ 16.310729] dump_stack_lvl+0x73/0xb0 [ 16.310757] print_report+0xd1/0x650 [ 16.310778] ? __virt_addr_valid+0x1db/0x2d0 [ 16.310801] ? kasan_atomics_helper+0x4f32/0x5450 [ 16.310823] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.310853] ? kasan_atomics_helper+0x4f32/0x5450 [ 16.310876] kasan_report+0x140/0x180 [ 16.310899] ? kasan_atomics_helper+0x4f32/0x5450 [ 16.310925] __asan_report_load8_noabort+0x18/0x20 [ 16.310950] kasan_atomics_helper+0x4f32/0x5450 [ 16.310973] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.310996] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.311035] ? kasan_atomics+0x153/0x310 [ 16.311100] kasan_atomics+0x1dd/0x310 [ 16.311126] ? __pfx_kasan_atomics+0x10/0x10 [ 16.311162] ? __pfx_read_tsc+0x10/0x10 [ 16.311185] ? ktime_get_ts64+0x86/0x230 [ 16.311211] kunit_try_run_case+0x1a6/0x480 [ 16.311235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.311258] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.311283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.311307] ? __kthread_parkme+0x82/0x160 [ 16.311328] ? preempt_count_sub+0x50/0x80 [ 16.311353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.311376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.311404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.311431] kthread+0x324/0x6e0 [ 16.311453] ? trace_preempt_on+0x20/0xc0 [ 16.311476] ? __pfx_kthread+0x10/0x10 [ 16.311500] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.311523] ? calculate_sigpending+0x7b/0xa0 [ 16.311565] ? __pfx_kthread+0x10/0x10 [ 16.311590] ret_from_fork+0x41/0x80 [ 16.311609] ? __pfx_kthread+0x10/0x10 [ 16.311632] ret_from_fork_asm+0x1a/0x30 [ 16.311663] </TASK> [ 16.311676] [ 16.323882] Allocated by task 273: [ 16.324254] kasan_save_stack+0x45/0x70 [ 16.324651] kasan_save_track+0x18/0x40 [ 16.325024] kasan_save_alloc_info+0x3b/0x50 [ 16.325434] __kasan_kmalloc+0xb7/0xc0 [ 16.325758] __kmalloc_cache_noprof+0x18a/0x420 [ 16.326092] kasan_atomics+0x96/0x310 [ 16.326286] kunit_try_run_case+0x1a6/0x480 [ 16.326693] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.326871] kthread+0x324/0x6e0 [ 16.326993] ret_from_fork+0x41/0x80 [ 16.327131] ret_from_fork_asm+0x1a/0x30 [ 16.327270] [ 16.327341] The buggy address belongs to the object at ffff888101bf3e00 [ 16.327341] which belongs to the cache kmalloc-64 of size 64 [ 16.328086] The buggy address is located 0 bytes to the right of [ 16.328086] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.329217] [ 16.329396] The buggy address belongs to the physical page: [ 16.329916] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.330416] flags: 0x200000000000000(node=0|zone=2) [ 16.330676] page_type: f5(slab) [ 16.331000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.331698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.332138] page dumped because: kasan: bad access detected [ 16.332310] [ 16.332380] Memory state around the buggy address: [ 16.332532] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.333193] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.333852] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.334485] ^ [ 16.334954] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335432] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.335902] ================================================================== [ 16.582076] ================================================================== [ 16.582431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa7/0x5450 [ 16.582917] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.583174] [ 16.583277] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.583316] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.583328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.583349] Call Trace: [ 16.583389] <TASK> [ 16.583404] dump_stack_lvl+0x73/0xb0 [ 16.583429] print_report+0xd1/0x650 [ 16.583468] ? __virt_addr_valid+0x1db/0x2d0 [ 16.583490] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.583511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.583538] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.583560] kasan_report+0x140/0x180 [ 16.583582] ? kasan_atomics_helper+0x4fa7/0x5450 [ 16.583608] __asan_report_load8_noabort+0x18/0x20 [ 16.583632] kasan_atomics_helper+0x4fa7/0x5450 [ 16.583654] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.583676] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.583701] ? kasan_atomics+0x153/0x310 [ 16.583743] kasan_atomics+0x1dd/0x310 [ 16.583766] ? __pfx_kasan_atomics+0x10/0x10 [ 16.583790] ? __pfx_read_tsc+0x10/0x10 [ 16.583812] ? ktime_get_ts64+0x86/0x230 [ 16.583837] kunit_try_run_case+0x1a6/0x480 [ 16.583860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.583882] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.583906] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.583931] ? __kthread_parkme+0x82/0x160 [ 16.583955] ? preempt_count_sub+0x50/0x80 [ 16.583980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.584003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.584038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.584064] kthread+0x324/0x6e0 [ 16.584087] ? trace_preempt_on+0x20/0xc0 [ 16.584129] ? __pfx_kthread+0x10/0x10 [ 16.584152] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.584175] ? calculate_sigpending+0x7b/0xa0 [ 16.584214] ? __pfx_kthread+0x10/0x10 [ 16.584238] ret_from_fork+0x41/0x80 [ 16.584256] ? __pfx_kthread+0x10/0x10 [ 16.584279] ret_from_fork_asm+0x1a/0x30 [ 16.584312] </TASK> [ 16.584323] [ 16.591821] Allocated by task 273: [ 16.592035] kasan_save_stack+0x45/0x70 [ 16.592223] kasan_save_track+0x18/0x40 [ 16.592405] kasan_save_alloc_info+0x3b/0x50 [ 16.592713] __kasan_kmalloc+0xb7/0xc0 [ 16.592902] __kmalloc_cache_noprof+0x18a/0x420 [ 16.593083] kasan_atomics+0x96/0x310 [ 16.593276] kunit_try_run_case+0x1a6/0x480 [ 16.593454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.593673] kthread+0x324/0x6e0 [ 16.593809] ret_from_fork+0x41/0x80 [ 16.593938] ret_from_fork_asm+0x1a/0x30 [ 16.594117] [ 16.594212] The buggy address belongs to the object at ffff888101bf3e00 [ 16.594212] which belongs to the cache kmalloc-64 of size 64 [ 16.594721] The buggy address is located 0 bytes to the right of [ 16.594721] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.595287] [ 16.595381] The buggy address belongs to the physical page: [ 16.595580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.595809] flags: 0x200000000000000(node=0|zone=2) [ 16.595966] page_type: f5(slab) [ 16.596091] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.596311] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.596775] page dumped because: kasan: bad access detected [ 16.597057] [ 16.597175] Memory state around the buggy address: [ 16.597420] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.598035] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.598407] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.598955] ^ [ 16.599208] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599436] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.599877] ================================================================== [ 16.562523] ================================================================== [ 16.563009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218b/0x5450 [ 16.563637] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.563956] [ 16.564071] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.564110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.564123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.564144] Call Trace: [ 16.564158] <TASK> [ 16.564173] dump_stack_lvl+0x73/0xb0 [ 16.564197] print_report+0xd1/0x650 [ 16.564218] ? __virt_addr_valid+0x1db/0x2d0 [ 16.564240] ? kasan_atomics_helper+0x218b/0x5450 [ 16.564262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.564287] ? kasan_atomics_helper+0x218b/0x5450 [ 16.564309] kasan_report+0x140/0x180 [ 16.564332] ? kasan_atomics_helper+0x218b/0x5450 [ 16.564357] kasan_check_range+0x10c/0x1c0 [ 16.564380] __kasan_check_write+0x18/0x20 [ 16.564403] kasan_atomics_helper+0x218b/0x5450 [ 16.564425] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.564448] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.564472] ? kasan_atomics+0x153/0x310 [ 16.564497] kasan_atomics+0x1dd/0x310 [ 16.564520] ? __pfx_kasan_atomics+0x10/0x10 [ 16.564545] ? __pfx_read_tsc+0x10/0x10 [ 16.564567] ? ktime_get_ts64+0x86/0x230 [ 16.564613] kunit_try_run_case+0x1a6/0x480 [ 16.564649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564672] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.564709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.564746] ? __kthread_parkme+0x82/0x160 [ 16.564782] ? preempt_count_sub+0x50/0x80 [ 16.564820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.564846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.564899] kthread+0x324/0x6e0 [ 16.564921] ? trace_preempt_on+0x20/0xc0 [ 16.564945] ? __pfx_kthread+0x10/0x10 [ 16.564968] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.564991] ? calculate_sigpending+0x7b/0xa0 [ 16.565022] ? __pfx_kthread+0x10/0x10 [ 16.565046] ret_from_fork+0x41/0x80 [ 16.565081] ? __pfx_kthread+0x10/0x10 [ 16.565117] ret_from_fork_asm+0x1a/0x30 [ 16.565162] </TASK> [ 16.565172] [ 16.572943] Allocated by task 273: [ 16.573263] kasan_save_stack+0x45/0x70 [ 16.573513] kasan_save_track+0x18/0x40 [ 16.573934] kasan_save_alloc_info+0x3b/0x50 [ 16.574118] __kasan_kmalloc+0xb7/0xc0 [ 16.574248] __kmalloc_cache_noprof+0x18a/0x420 [ 16.574397] kasan_atomics+0x96/0x310 [ 16.574523] kunit_try_run_case+0x1a6/0x480 [ 16.574697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.574973] kthread+0x324/0x6e0 [ 16.575239] ret_from_fork+0x41/0x80 [ 16.575426] ret_from_fork_asm+0x1a/0x30 [ 16.575698] [ 16.575796] The buggy address belongs to the object at ffff888101bf3e00 [ 16.575796] which belongs to the cache kmalloc-64 of size 64 [ 16.576336] The buggy address is located 0 bytes to the right of [ 16.576336] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.576923] [ 16.577026] The buggy address belongs to the physical page: [ 16.577279] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.577824] flags: 0x200000000000000(node=0|zone=2) [ 16.578061] page_type: f5(slab) [ 16.578226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.578486] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.578700] page dumped because: kasan: bad access detected [ 16.578864] [ 16.578932] Memory state around the buggy address: [ 16.579427] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.579976] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.580319] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.580666] ^ [ 16.580906] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.581223] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.581526] ================================================================== [ 15.641206] ================================================================== [ 15.641677] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd48/0x5450 [ 15.641908] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.642141] [ 15.642222] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.642263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.642275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.642296] Call Trace: [ 15.642312] <TASK> [ 15.642326] dump_stack_lvl+0x73/0xb0 [ 15.642350] print_report+0xd1/0x650 [ 15.642372] ? __virt_addr_valid+0x1db/0x2d0 [ 15.642394] ? kasan_atomics_helper+0xd48/0x5450 [ 15.642415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.642457] ? kasan_atomics_helper+0xd48/0x5450 [ 15.642480] kasan_report+0x140/0x180 [ 15.642502] ? kasan_atomics_helper+0xd48/0x5450 [ 15.642528] kasan_check_range+0x10c/0x1c0 [ 15.642552] __kasan_check_write+0x18/0x20 [ 15.642576] kasan_atomics_helper+0xd48/0x5450 [ 15.642600] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.642622] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.642647] ? kasan_atomics+0x153/0x310 [ 15.642674] kasan_atomics+0x1dd/0x310 [ 15.642697] ? __pfx_kasan_atomics+0x10/0x10 [ 15.642721] ? __pfx_read_tsc+0x10/0x10 [ 15.642743] ? ktime_get_ts64+0x86/0x230 [ 15.642768] kunit_try_run_case+0x1a6/0x480 [ 15.642792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.642815] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.642839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.642864] ? __kthread_parkme+0x82/0x160 [ 15.642887] ? preempt_count_sub+0x50/0x80 [ 15.642912] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.642936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.642963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.642990] kthread+0x324/0x6e0 [ 15.643012] ? trace_preempt_on+0x20/0xc0 [ 15.643047] ? __pfx_kthread+0x10/0x10 [ 15.643071] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.643094] ? calculate_sigpending+0x7b/0xa0 [ 15.643116] ? __pfx_kthread+0x10/0x10 [ 15.643140] ret_from_fork+0x41/0x80 [ 15.643159] ? __pfx_kthread+0x10/0x10 [ 15.643182] ret_from_fork_asm+0x1a/0x30 [ 15.643214] </TASK> [ 15.643225] [ 15.651923] Allocated by task 273: [ 15.652110] kasan_save_stack+0x45/0x70 [ 15.652308] kasan_save_track+0x18/0x40 [ 15.652471] kasan_save_alloc_info+0x3b/0x50 [ 15.652770] __kasan_kmalloc+0xb7/0xc0 [ 15.652941] __kmalloc_cache_noprof+0x18a/0x420 [ 15.653171] kasan_atomics+0x96/0x310 [ 15.653308] kunit_try_run_case+0x1a6/0x480 [ 15.653454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.653994] kthread+0x324/0x6e0 [ 15.654181] ret_from_fork+0x41/0x80 [ 15.654368] ret_from_fork_asm+0x1a/0x30 [ 15.654552] [ 15.654626] The buggy address belongs to the object at ffff888101bf3e00 [ 15.654626] which belongs to the cache kmalloc-64 of size 64 [ 15.654974] The buggy address is located 0 bytes to the right of [ 15.654974] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.655346] [ 15.655418] The buggy address belongs to the physical page: [ 15.655589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.656161] flags: 0x200000000000000(node=0|zone=2) [ 15.656612] page_type: f5(slab) [ 15.656943] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.657327] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.657554] page dumped because: kasan: bad access detected [ 15.658083] [ 15.658179] Memory state around the buggy address: [ 15.658358] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.658572] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.658784] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.658994] ^ [ 15.659226] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659542] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.660261] ================================================================== [ 15.512267] ================================================================== [ 15.512525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x993/0x5450 [ 15.512984] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.513316] [ 15.513418] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.513478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.513491] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.513514] Call Trace: [ 15.513530] <TASK> [ 15.513546] dump_stack_lvl+0x73/0xb0 [ 15.513620] print_report+0xd1/0x650 [ 15.513667] ? __virt_addr_valid+0x1db/0x2d0 [ 15.513690] ? kasan_atomics_helper+0x993/0x5450 [ 15.513711] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.513742] ? kasan_atomics_helper+0x993/0x5450 [ 15.513764] kasan_report+0x140/0x180 [ 15.513787] ? kasan_atomics_helper+0x993/0x5450 [ 15.513831] kasan_check_range+0x10c/0x1c0 [ 15.513856] __kasan_check_write+0x18/0x20 [ 15.513879] kasan_atomics_helper+0x993/0x5450 [ 15.513901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.513924] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.513950] ? kasan_atomics+0x153/0x310 [ 15.513976] kasan_atomics+0x1dd/0x310 [ 15.513999] ? __pfx_kasan_atomics+0x10/0x10 [ 15.514037] ? __pfx_read_tsc+0x10/0x10 [ 15.514059] ? ktime_get_ts64+0x86/0x230 [ 15.514085] kunit_try_run_case+0x1a6/0x480 [ 15.514108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514149] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.514174] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.514198] ? __kthread_parkme+0x82/0x160 [ 15.514221] ? preempt_count_sub+0x50/0x80 [ 15.514246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.514297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.514324] kthread+0x324/0x6e0 [ 15.514346] ? trace_preempt_on+0x20/0xc0 [ 15.514369] ? __pfx_kthread+0x10/0x10 [ 15.514393] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.514416] ? calculate_sigpending+0x7b/0xa0 [ 15.514440] ? __pfx_kthread+0x10/0x10 [ 15.514464] ret_from_fork+0x41/0x80 [ 15.514483] ? __pfx_kthread+0x10/0x10 [ 15.514505] ret_from_fork_asm+0x1a/0x30 [ 15.514554] </TASK> [ 15.514567] [ 15.522728] Allocated by task 273: [ 15.522859] kasan_save_stack+0x45/0x70 [ 15.523002] kasan_save_track+0x18/0x40 [ 15.523503] kasan_save_alloc_info+0x3b/0x50 [ 15.523732] __kasan_kmalloc+0xb7/0xc0 [ 15.524169] __kmalloc_cache_noprof+0x18a/0x420 [ 15.524399] kasan_atomics+0x96/0x310 [ 15.524601] kunit_try_run_case+0x1a6/0x480 [ 15.524895] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.525165] kthread+0x324/0x6e0 [ 15.525306] ret_from_fork+0x41/0x80 [ 15.525491] ret_from_fork_asm+0x1a/0x30 [ 15.525761] [ 15.525860] The buggy address belongs to the object at ffff888101bf3e00 [ 15.525860] which belongs to the cache kmalloc-64 of size 64 [ 15.526343] The buggy address is located 0 bytes to the right of [ 15.526343] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.527033] [ 15.527163] The buggy address belongs to the physical page: [ 15.527408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.527860] flags: 0x200000000000000(node=0|zone=2) [ 15.528113] page_type: f5(slab) [ 15.528287] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.528543] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.528921] page dumped because: kasan: bad access detected [ 15.529134] [ 15.529231] Memory state around the buggy address: [ 15.529456] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.529665] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.530206] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.530541] ^ [ 15.530965] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531294] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.531505] ================================================================== [ 15.212069] ================================================================== [ 15.212361] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b70/0x5450 [ 15.212843] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.213138] [ 15.213220] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.213261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.213273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.213293] Call Trace: [ 15.213307] <TASK> [ 15.213339] dump_stack_lvl+0x73/0xb0 [ 15.213362] print_report+0xd1/0x650 [ 15.213383] ? __virt_addr_valid+0x1db/0x2d0 [ 15.213404] ? kasan_atomics_helper+0x4b70/0x5450 [ 15.213424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.213449] ? kasan_atomics_helper+0x4b70/0x5450 [ 15.213469] kasan_report+0x140/0x180 [ 15.213491] ? kasan_atomics_helper+0x4b70/0x5450 [ 15.213516] __asan_report_store4_noabort+0x1b/0x30 [ 15.213540] kasan_atomics_helper+0x4b70/0x5450 [ 15.213667] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.213690] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.213776] ? kasan_atomics+0x153/0x310 [ 15.213804] kasan_atomics+0x1dd/0x310 [ 15.213840] ? __pfx_kasan_atomics+0x10/0x10 [ 15.213865] ? __pfx_read_tsc+0x10/0x10 [ 15.213888] ? ktime_get_ts64+0x86/0x230 [ 15.213914] kunit_try_run_case+0x1a6/0x480 [ 15.213937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.213959] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.213983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.214007] ? __kthread_parkme+0x82/0x160 [ 15.214039] ? preempt_count_sub+0x50/0x80 [ 15.214064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.214119] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.214146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.214184] kthread+0x324/0x6e0 [ 15.214206] ? trace_preempt_on+0x20/0xc0 [ 15.214229] ? __pfx_kthread+0x10/0x10 [ 15.214253] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.214277] ? calculate_sigpending+0x7b/0xa0 [ 15.214300] ? __pfx_kthread+0x10/0x10 [ 15.214323] ret_from_fork+0x41/0x80 [ 15.214343] ? __pfx_kthread+0x10/0x10 [ 15.214366] ret_from_fork_asm+0x1a/0x30 [ 15.214397] </TASK> [ 15.214409] [ 15.229481] Allocated by task 273: [ 15.230241] kasan_save_stack+0x45/0x70 [ 15.230426] kasan_save_track+0x18/0x40 [ 15.230725] kasan_save_alloc_info+0x3b/0x50 [ 15.231136] __kasan_kmalloc+0xb7/0xc0 [ 15.231332] __kmalloc_cache_noprof+0x18a/0x420 [ 15.231733] kasan_atomics+0x96/0x310 [ 15.231973] kunit_try_run_case+0x1a6/0x480 [ 15.232268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.232640] kthread+0x324/0x6e0 [ 15.232787] ret_from_fork+0x41/0x80 [ 15.232973] ret_from_fork_asm+0x1a/0x30 [ 15.233168] [ 15.233266] The buggy address belongs to the object at ffff888101bf3e00 [ 15.233266] which belongs to the cache kmalloc-64 of size 64 [ 15.233768] The buggy address is located 0 bytes to the right of [ 15.233768] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.234731] [ 15.235080] The buggy address belongs to the physical page: [ 15.235402] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.235856] flags: 0x200000000000000(node=0|zone=2) [ 15.236123] page_type: f5(slab) [ 15.236264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.236889] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.237194] page dumped because: kasan: bad access detected [ 15.237524] [ 15.238051] Memory state around the buggy address: [ 15.238265] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.238559] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.239048] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.239356] ^ [ 15.239745] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240210] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.240619] ================================================================== [ 15.660686] ================================================================== [ 15.661043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde1/0x5450 [ 15.661343] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.661703] [ 15.661810] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.661847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.661859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.661880] Call Trace: [ 15.661895] <TASK> [ 15.661910] dump_stack_lvl+0x73/0xb0 [ 15.661934] print_report+0xd1/0x650 [ 15.661956] ? __virt_addr_valid+0x1db/0x2d0 [ 15.661979] ? kasan_atomics_helper+0xde1/0x5450 [ 15.662000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.662038] ? kasan_atomics_helper+0xde1/0x5450 [ 15.662059] kasan_report+0x140/0x180 [ 15.662081] ? kasan_atomics_helper+0xde1/0x5450 [ 15.662107] kasan_check_range+0x10c/0x1c0 [ 15.662132] __kasan_check_write+0x18/0x20 [ 15.662156] kasan_atomics_helper+0xde1/0x5450 [ 15.662178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.662200] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.662224] ? kasan_atomics+0x153/0x310 [ 15.662250] kasan_atomics+0x1dd/0x310 [ 15.662273] ? __pfx_kasan_atomics+0x10/0x10 [ 15.662297] ? __pfx_read_tsc+0x10/0x10 [ 15.662319] ? ktime_get_ts64+0x86/0x230 [ 15.662346] kunit_try_run_case+0x1a6/0x480 [ 15.662370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662392] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.662417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.662441] ? __kthread_parkme+0x82/0x160 [ 15.662464] ? preempt_count_sub+0x50/0x80 [ 15.662490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.662514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.662541] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.662567] kthread+0x324/0x6e0 [ 15.662590] ? trace_preempt_on+0x20/0xc0 [ 15.662614] ? __pfx_kthread+0x10/0x10 [ 15.662637] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.662660] ? calculate_sigpending+0x7b/0xa0 [ 15.662682] ? __pfx_kthread+0x10/0x10 [ 15.662706] ret_from_fork+0x41/0x80 [ 15.662725] ? __pfx_kthread+0x10/0x10 [ 15.662748] ret_from_fork_asm+0x1a/0x30 [ 15.662780] </TASK> [ 15.662791] [ 15.674111] Allocated by task 273: [ 15.674441] kasan_save_stack+0x45/0x70 [ 15.674851] kasan_save_track+0x18/0x40 [ 15.675249] kasan_save_alloc_info+0x3b/0x50 [ 15.675699] __kasan_kmalloc+0xb7/0xc0 [ 15.676258] __kmalloc_cache_noprof+0x18a/0x420 [ 15.676689] kasan_atomics+0x96/0x310 [ 15.677119] kunit_try_run_case+0x1a6/0x480 [ 15.677440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.677924] kthread+0x324/0x6e0 [ 15.678302] ret_from_fork+0x41/0x80 [ 15.678696] ret_from_fork_asm+0x1a/0x30 [ 15.678973] [ 15.679062] The buggy address belongs to the object at ffff888101bf3e00 [ 15.679062] which belongs to the cache kmalloc-64 of size 64 [ 15.679412] The buggy address is located 0 bytes to the right of [ 15.679412] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.679974] [ 15.680108] The buggy address belongs to the physical page: [ 15.680375] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.680838] flags: 0x200000000000000(node=0|zone=2) [ 15.681010] page_type: f5(slab) [ 15.681188] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.681531] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.681926] page dumped because: kasan: bad access detected [ 15.682152] [ 15.682254] Memory state around the buggy address: [ 15.682430] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.682890] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.683193] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.683431] ^ [ 15.683658] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684154] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.684455] ================================================================== [ 15.133376] ================================================================== [ 15.133973] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbe/0x5450 [ 15.134335] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.134679] [ 15.134859] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.134917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.134930] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.134962] Call Trace: [ 15.134987] <TASK> [ 15.135011] dump_stack_lvl+0x73/0xb0 [ 15.135046] print_report+0xd1/0x650 [ 15.135079] ? __virt_addr_valid+0x1db/0x2d0 [ 15.135101] ? kasan_atomics_helper+0x4bbe/0x5450 [ 15.135121] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.135145] ? kasan_atomics_helper+0x4bbe/0x5450 [ 15.135165] kasan_report+0x140/0x180 [ 15.135187] ? kasan_atomics_helper+0x4bbe/0x5450 [ 15.135212] __asan_report_load4_noabort+0x18/0x20 [ 15.135235] kasan_atomics_helper+0x4bbe/0x5450 [ 15.135256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.135278] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.135302] ? kasan_atomics+0x153/0x310 [ 15.135327] kasan_atomics+0x1dd/0x310 [ 15.135348] ? __pfx_kasan_atomics+0x10/0x10 [ 15.135371] ? __pfx_read_tsc+0x10/0x10 [ 15.135413] ? ktime_get_ts64+0x86/0x230 [ 15.135447] kunit_try_run_case+0x1a6/0x480 [ 15.135470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135519] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.135542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.135565] ? __kthread_parkme+0x82/0x160 [ 15.135586] ? preempt_count_sub+0x50/0x80 [ 15.135610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.135631] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.135657] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.135684] kthread+0x324/0x6e0 [ 15.135704] ? trace_preempt_on+0x20/0xc0 [ 15.135726] ? __pfx_kthread+0x10/0x10 [ 15.135748] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.135770] ? calculate_sigpending+0x7b/0xa0 [ 15.135791] ? __pfx_kthread+0x10/0x10 [ 15.135813] ret_from_fork+0x41/0x80 [ 15.135831] ? __pfx_kthread+0x10/0x10 [ 15.135853] ret_from_fork_asm+0x1a/0x30 [ 15.135884] </TASK> [ 15.135894] [ 15.147113] Allocated by task 273: [ 15.147447] kasan_save_stack+0x45/0x70 [ 15.147830] kasan_save_track+0x18/0x40 [ 15.147979] kasan_save_alloc_info+0x3b/0x50 [ 15.148209] __kasan_kmalloc+0xb7/0xc0 [ 15.148403] __kmalloc_cache_noprof+0x18a/0x420 [ 15.148643] kasan_atomics+0x96/0x310 [ 15.149167] kunit_try_run_case+0x1a6/0x480 [ 15.149363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.149616] kthread+0x324/0x6e0 [ 15.150062] ret_from_fork+0x41/0x80 [ 15.150350] ret_from_fork_asm+0x1a/0x30 [ 15.150511] [ 15.150701] The buggy address belongs to the object at ffff888101bf3e00 [ 15.150701] which belongs to the cache kmalloc-64 of size 64 [ 15.151489] The buggy address is located 0 bytes to the right of [ 15.151489] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.152336] [ 15.152441] The buggy address belongs to the physical page: [ 15.152869] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.153522] flags: 0x200000000000000(node=0|zone=2) [ 15.153892] page_type: f5(slab) [ 15.154226] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.154805] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.155198] page dumped because: kasan: bad access detected [ 15.155541] [ 15.155675] Memory state around the buggy address: [ 15.156064] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.156551] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.156957] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.157579] ^ [ 15.157977] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158397] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158929] ================================================================== [ 15.325560] ================================================================== [ 15.326220] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3c/0x5450 [ 15.326962] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.327198] [ 15.327278] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.327317] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.327329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.327350] Call Trace: [ 15.327365] <TASK> [ 15.327381] dump_stack_lvl+0x73/0xb0 [ 15.327406] print_report+0xd1/0x650 [ 15.327428] ? __virt_addr_valid+0x1db/0x2d0 [ 15.327451] ? kasan_atomics_helper+0x4b3c/0x5450 [ 15.327472] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.327499] ? kasan_atomics_helper+0x4b3c/0x5450 [ 15.327520] kasan_report+0x140/0x180 [ 15.327543] ? kasan_atomics_helper+0x4b3c/0x5450 [ 15.327570] __asan_report_store4_noabort+0x1b/0x30 [ 15.327594] kasan_atomics_helper+0x4b3c/0x5450 [ 15.327617] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.327640] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.327666] ? kasan_atomics+0x153/0x310 [ 15.327692] kasan_atomics+0x1dd/0x310 [ 15.327715] ? __pfx_kasan_atomics+0x10/0x10 [ 15.327739] ? __pfx_read_tsc+0x10/0x10 [ 15.327762] ? ktime_get_ts64+0x86/0x230 [ 15.327787] kunit_try_run_case+0x1a6/0x480 [ 15.327811] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.327834] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.327859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.327884] ? __kthread_parkme+0x82/0x160 [ 15.327907] ? preempt_count_sub+0x50/0x80 [ 15.327933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.327957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.327984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.328011] kthread+0x324/0x6e0 [ 15.328044] ? trace_preempt_on+0x20/0xc0 [ 15.328069] ? __pfx_kthread+0x10/0x10 [ 15.328093] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.328116] ? calculate_sigpending+0x7b/0xa0 [ 15.328138] ? __pfx_kthread+0x10/0x10 [ 15.328162] ret_from_fork+0x41/0x80 [ 15.328182] ? __pfx_kthread+0x10/0x10 [ 15.328205] ret_from_fork_asm+0x1a/0x30 [ 15.328237] </TASK> [ 15.328247] [ 15.335747] Allocated by task 273: [ 15.335904] kasan_save_stack+0x45/0x70 [ 15.336115] kasan_save_track+0x18/0x40 [ 15.336288] kasan_save_alloc_info+0x3b/0x50 [ 15.336543] __kasan_kmalloc+0xb7/0xc0 [ 15.336764] __kmalloc_cache_noprof+0x18a/0x420 [ 15.336966] kasan_atomics+0x96/0x310 [ 15.337161] kunit_try_run_case+0x1a6/0x480 [ 15.337363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.337541] kthread+0x324/0x6e0 [ 15.337663] ret_from_fork+0x41/0x80 [ 15.337800] ret_from_fork_asm+0x1a/0x30 [ 15.338050] [ 15.338143] The buggy address belongs to the object at ffff888101bf3e00 [ 15.338143] which belongs to the cache kmalloc-64 of size 64 [ 15.338770] The buggy address is located 0 bytes to the right of [ 15.338770] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.339179] [ 15.339305] The buggy address belongs to the physical page: [ 15.339565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.340033] flags: 0x200000000000000(node=0|zone=2) [ 15.340312] page_type: f5(slab) [ 15.340473] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.340830] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.341110] page dumped because: kasan: bad access detected [ 15.341363] [ 15.341435] Memory state around the buggy address: [ 15.341706] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342040] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.342335] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.342545] ^ [ 15.342782] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343151] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.343499] ================================================================== [ 15.703619] ================================================================== [ 15.704225] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf11/0x5450 [ 15.704455] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.705042] [ 15.705153] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.705191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.705204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.705225] Call Trace: [ 15.705239] <TASK> [ 15.705253] dump_stack_lvl+0x73/0xb0 [ 15.705277] print_report+0xd1/0x650 [ 15.705298] ? __virt_addr_valid+0x1db/0x2d0 [ 15.705320] ? kasan_atomics_helper+0xf11/0x5450 [ 15.705343] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.705370] ? kasan_atomics_helper+0xf11/0x5450 [ 15.705391] kasan_report+0x140/0x180 [ 15.705414] ? kasan_atomics_helper+0xf11/0x5450 [ 15.705439] kasan_check_range+0x10c/0x1c0 [ 15.705463] __kasan_check_write+0x18/0x20 [ 15.705486] kasan_atomics_helper+0xf11/0x5450 [ 15.705509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.705531] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.705558] ? kasan_atomics+0x153/0x310 [ 15.705584] kasan_atomics+0x1dd/0x310 [ 15.705606] ? __pfx_kasan_atomics+0x10/0x10 [ 15.705631] ? __pfx_read_tsc+0x10/0x10 [ 15.705652] ? ktime_get_ts64+0x86/0x230 [ 15.705677] kunit_try_run_case+0x1a6/0x480 [ 15.705700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.705722] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.705752] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.705777] ? __kthread_parkme+0x82/0x160 [ 15.705799] ? preempt_count_sub+0x50/0x80 [ 15.705824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.705847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.705873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.705900] kthread+0x324/0x6e0 [ 15.705922] ? trace_preempt_on+0x20/0xc0 [ 15.705945] ? __pfx_kthread+0x10/0x10 [ 15.705968] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.705991] ? calculate_sigpending+0x7b/0xa0 [ 15.706024] ? __pfx_kthread+0x10/0x10 [ 15.706048] ret_from_fork+0x41/0x80 [ 15.706066] ? __pfx_kthread+0x10/0x10 [ 15.706089] ret_from_fork_asm+0x1a/0x30 [ 15.706121] </TASK> [ 15.706133] [ 15.714112] Allocated by task 273: [ 15.714278] kasan_save_stack+0x45/0x70 [ 15.714460] kasan_save_track+0x18/0x40 [ 15.714733] kasan_save_alloc_info+0x3b/0x50 [ 15.714943] __kasan_kmalloc+0xb7/0xc0 [ 15.715112] __kmalloc_cache_noprof+0x18a/0x420 [ 15.715306] kasan_atomics+0x96/0x310 [ 15.715437] kunit_try_run_case+0x1a6/0x480 [ 15.715579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.715752] kthread+0x324/0x6e0 [ 15.716049] ret_from_fork+0x41/0x80 [ 15.716242] ret_from_fork_asm+0x1a/0x30 [ 15.716443] [ 15.716541] The buggy address belongs to the object at ffff888101bf3e00 [ 15.716541] which belongs to the cache kmalloc-64 of size 64 [ 15.716976] The buggy address is located 0 bytes to the right of [ 15.716976] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.717343] [ 15.717416] The buggy address belongs to the physical page: [ 15.718141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.718512] flags: 0x200000000000000(node=0|zone=2) [ 15.719008] page_type: f5(slab) [ 15.719189] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.719484] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.719769] page dumped because: kasan: bad access detected [ 15.719941] [ 15.720012] Memory state around the buggy address: [ 15.720176] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.720444] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.720758] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.721090] ^ [ 15.721473] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.721880] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.722337] ================================================================== [ 15.818414] ================================================================== [ 15.818648] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1149/0x5450 [ 15.819723] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.819988] [ 15.820228] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.820273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.820288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.820386] Call Trace: [ 15.820463] <TASK> [ 15.820480] dump_stack_lvl+0x73/0xb0 [ 15.820508] print_report+0xd1/0x650 [ 15.820530] ? __virt_addr_valid+0x1db/0x2d0 [ 15.820555] ? kasan_atomics_helper+0x1149/0x5450 [ 15.820576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.820603] ? kasan_atomics_helper+0x1149/0x5450 [ 15.820625] kasan_report+0x140/0x180 [ 15.820647] ? kasan_atomics_helper+0x1149/0x5450 [ 15.820674] kasan_check_range+0x10c/0x1c0 [ 15.820697] __kasan_check_write+0x18/0x20 [ 15.820720] kasan_atomics_helper+0x1149/0x5450 [ 15.820743] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.820765] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.820791] ? kasan_atomics+0x153/0x310 [ 15.820817] kasan_atomics+0x1dd/0x310 [ 15.820839] ? __pfx_kasan_atomics+0x10/0x10 [ 15.820864] ? __pfx_read_tsc+0x10/0x10 [ 15.820887] ? ktime_get_ts64+0x86/0x230 [ 15.820912] kunit_try_run_case+0x1a6/0x480 [ 15.820936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.820958] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.820983] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.821007] ? __kthread_parkme+0x82/0x160 [ 15.821042] ? preempt_count_sub+0x50/0x80 [ 15.821067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.821091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.821117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.821144] kthread+0x324/0x6e0 [ 15.821166] ? trace_preempt_on+0x20/0xc0 [ 15.821189] ? __pfx_kthread+0x10/0x10 [ 15.821212] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.821235] ? calculate_sigpending+0x7b/0xa0 [ 15.821257] ? __pfx_kthread+0x10/0x10 [ 15.821280] ret_from_fork+0x41/0x80 [ 15.821300] ? __pfx_kthread+0x10/0x10 [ 15.821323] ret_from_fork_asm+0x1a/0x30 [ 15.821355] </TASK> [ 15.821365] [ 15.831626] Allocated by task 273: [ 15.832436] kasan_save_stack+0x45/0x70 [ 15.832590] kasan_save_track+0x18/0x40 [ 15.832946] kasan_save_alloc_info+0x3b/0x50 [ 15.833236] __kasan_kmalloc+0xb7/0xc0 [ 15.833392] __kmalloc_cache_noprof+0x18a/0x420 [ 15.833610] kasan_atomics+0x96/0x310 [ 15.833908] kunit_try_run_case+0x1a6/0x480 [ 15.834128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.834366] kthread+0x324/0x6e0 [ 15.834522] ret_from_fork+0x41/0x80 [ 15.834713] ret_from_fork_asm+0x1a/0x30 [ 15.835284] [ 15.835365] The buggy address belongs to the object at ffff888101bf3e00 [ 15.835365] which belongs to the cache kmalloc-64 of size 64 [ 15.836107] The buggy address is located 0 bytes to the right of [ 15.836107] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.836612] [ 15.836686] The buggy address belongs to the physical page: [ 15.837106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.837451] flags: 0x200000000000000(node=0|zone=2) [ 15.838009] page_type: f5(slab) [ 15.838170] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.838623] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.839088] page dumped because: kasan: bad access detected [ 15.839308] [ 15.839408] Memory state around the buggy address: [ 15.839860] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840125] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.840439] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.841001] ^ [ 15.841225] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841743] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842211] ================================================================== [ 15.864541] ================================================================== [ 15.864876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1218/0x5450 [ 15.865186] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.865480] [ 15.865575] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.865613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.865626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.865652] Call Trace: [ 15.865669] <TASK> [ 15.865684] dump_stack_lvl+0x73/0xb0 [ 15.865708] print_report+0xd1/0x650 [ 15.865730] ? __virt_addr_valid+0x1db/0x2d0 [ 15.865759] ? kasan_atomics_helper+0x1218/0x5450 [ 15.865781] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.865808] ? kasan_atomics_helper+0x1218/0x5450 [ 15.865830] kasan_report+0x140/0x180 [ 15.865852] ? kasan_atomics_helper+0x1218/0x5450 [ 15.865878] kasan_check_range+0x10c/0x1c0 [ 15.865902] __kasan_check_write+0x18/0x20 [ 15.865925] kasan_atomics_helper+0x1218/0x5450 [ 15.865948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.865970] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.865995] ? kasan_atomics+0x153/0x310 [ 15.866031] kasan_atomics+0x1dd/0x310 [ 15.866054] ? __pfx_kasan_atomics+0x10/0x10 [ 15.866078] ? __pfx_read_tsc+0x10/0x10 [ 15.866100] ? ktime_get_ts64+0x86/0x230 [ 15.866126] kunit_try_run_case+0x1a6/0x480 [ 15.866150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866173] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.866197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.866222] ? __kthread_parkme+0x82/0x160 [ 15.866245] ? preempt_count_sub+0x50/0x80 [ 15.866270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.866293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.866320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.866347] kthread+0x324/0x6e0 [ 15.866369] ? trace_preempt_on+0x20/0xc0 [ 15.866392] ? __pfx_kthread+0x10/0x10 [ 15.866416] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.866438] ? calculate_sigpending+0x7b/0xa0 [ 15.866460] ? __pfx_kthread+0x10/0x10 [ 15.866483] ret_from_fork+0x41/0x80 [ 15.866502] ? __pfx_kthread+0x10/0x10 [ 15.866525] ret_from_fork_asm+0x1a/0x30 [ 15.866557] </TASK> [ 15.866567] [ 15.874528] Allocated by task 273: [ 15.874717] kasan_save_stack+0x45/0x70 [ 15.874925] kasan_save_track+0x18/0x40 [ 15.875324] kasan_save_alloc_info+0x3b/0x50 [ 15.875522] __kasan_kmalloc+0xb7/0xc0 [ 15.875805] __kmalloc_cache_noprof+0x18a/0x420 [ 15.875969] kasan_atomics+0x96/0x310 [ 15.876118] kunit_try_run_case+0x1a6/0x480 [ 15.876333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.876586] kthread+0x324/0x6e0 [ 15.876779] ret_from_fork+0x41/0x80 [ 15.876946] ret_from_fork_asm+0x1a/0x30 [ 15.877152] [ 15.877238] The buggy address belongs to the object at ffff888101bf3e00 [ 15.877238] which belongs to the cache kmalloc-64 of size 64 [ 15.877949] The buggy address is located 0 bytes to the right of [ 15.877949] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.878440] [ 15.878537] The buggy address belongs to the physical page: [ 15.878937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.879199] flags: 0x200000000000000(node=0|zone=2) [ 15.879371] page_type: f5(slab) [ 15.879542] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.880111] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.880446] page dumped because: kasan: bad access detected [ 15.880885] [ 15.880984] Memory state around the buggy address: [ 15.881178] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.881395] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.881842] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.882143] ^ [ 15.882351] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882594] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.882908] ================================================================== [ 15.958344] ================================================================== [ 15.958569] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eb0/0x5450 [ 15.958793] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.959452] [ 15.959555] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.959591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.959604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.959626] Call Trace: [ 15.959639] <TASK> [ 15.959653] dump_stack_lvl+0x73/0xb0 [ 15.959690] print_report+0xd1/0x650 [ 15.959712] ? __virt_addr_valid+0x1db/0x2d0 [ 15.959734] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.959755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.959783] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.959805] kasan_report+0x140/0x180 [ 15.959828] ? kasan_atomics_helper+0x4eb0/0x5450 [ 15.959854] __asan_report_load8_noabort+0x18/0x20 [ 15.959878] kasan_atomics_helper+0x4eb0/0x5450 [ 15.959901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.959923] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.959947] ? kasan_atomics+0x153/0x310 [ 15.959974] kasan_atomics+0x1dd/0x310 [ 15.959996] ? __pfx_kasan_atomics+0x10/0x10 [ 15.960030] ? __pfx_read_tsc+0x10/0x10 [ 15.960051] ? ktime_get_ts64+0x86/0x230 [ 15.960077] kunit_try_run_case+0x1a6/0x480 [ 15.960101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.960122] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.960146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.960171] ? __kthread_parkme+0x82/0x160 [ 15.960192] ? preempt_count_sub+0x50/0x80 [ 15.960218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.960241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.960269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.960296] kthread+0x324/0x6e0 [ 15.960317] ? trace_preempt_on+0x20/0xc0 [ 15.960341] ? __pfx_kthread+0x10/0x10 [ 15.960364] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.960386] ? calculate_sigpending+0x7b/0xa0 [ 15.960409] ? __pfx_kthread+0x10/0x10 [ 15.960431] ret_from_fork+0x41/0x80 [ 15.960451] ? __pfx_kthread+0x10/0x10 [ 15.960473] ret_from_fork_asm+0x1a/0x30 [ 15.960505] </TASK> [ 15.960516] [ 15.969211] Allocated by task 273: [ 15.969398] kasan_save_stack+0x45/0x70 [ 15.969884] kasan_save_track+0x18/0x40 [ 15.970160] kasan_save_alloc_info+0x3b/0x50 [ 15.970558] __kasan_kmalloc+0xb7/0xc0 [ 15.970907] __kmalloc_cache_noprof+0x18a/0x420 [ 15.971110] kasan_atomics+0x96/0x310 [ 15.971247] kunit_try_run_case+0x1a6/0x480 [ 15.971396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.971835] kthread+0x324/0x6e0 [ 15.972295] ret_from_fork+0x41/0x80 [ 15.972617] ret_from_fork_asm+0x1a/0x30 [ 15.973010] [ 15.973242] The buggy address belongs to the object at ffff888101bf3e00 [ 15.973242] which belongs to the cache kmalloc-64 of size 64 [ 15.974224] The buggy address is located 0 bytes to the right of [ 15.974224] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.975497] [ 15.975771] The buggy address belongs to the physical page: [ 15.975997] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.976327] flags: 0x200000000000000(node=0|zone=2) [ 15.976544] page_type: f5(slab) [ 15.977029] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.977470] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.977936] page dumped because: kasan: bad access detected [ 15.978357] [ 15.978454] Memory state around the buggy address: [ 15.978835] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.979317] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.979833] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.980302] ^ [ 15.980777] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981080] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.981363] ================================================================== [ 15.684948] ================================================================== [ 15.685310] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe79/0x5450 [ 15.685567] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.685896] [ 15.685979] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.686026] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.686039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.686061] Call Trace: [ 15.686079] <TASK> [ 15.686096] dump_stack_lvl+0x73/0xb0 [ 15.686208] print_report+0xd1/0x650 [ 15.686232] ? __virt_addr_valid+0x1db/0x2d0 [ 15.686256] ? kasan_atomics_helper+0xe79/0x5450 [ 15.686278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.686304] ? kasan_atomics_helper+0xe79/0x5450 [ 15.686326] kasan_report+0x140/0x180 [ 15.686348] ? kasan_atomics_helper+0xe79/0x5450 [ 15.686374] kasan_check_range+0x10c/0x1c0 [ 15.686398] __kasan_check_write+0x18/0x20 [ 15.686421] kasan_atomics_helper+0xe79/0x5450 [ 15.686444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.686466] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.686491] ? kasan_atomics+0x153/0x310 [ 15.686516] kasan_atomics+0x1dd/0x310 [ 15.686541] ? __pfx_kasan_atomics+0x10/0x10 [ 15.686565] ? __pfx_read_tsc+0x10/0x10 [ 15.686587] ? ktime_get_ts64+0x86/0x230 [ 15.686613] kunit_try_run_case+0x1a6/0x480 [ 15.686636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.686658] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.686682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.686708] ? __kthread_parkme+0x82/0x160 [ 15.686731] ? preempt_count_sub+0x50/0x80 [ 15.686757] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.686780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.686806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.686834] kthread+0x324/0x6e0 [ 15.686855] ? trace_preempt_on+0x20/0xc0 [ 15.686879] ? __pfx_kthread+0x10/0x10 [ 15.686902] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.686925] ? calculate_sigpending+0x7b/0xa0 [ 15.686948] ? __pfx_kthread+0x10/0x10 [ 15.686971] ret_from_fork+0x41/0x80 [ 15.686990] ? __pfx_kthread+0x10/0x10 [ 15.687026] ret_from_fork_asm+0x1a/0x30 [ 15.687059] </TASK> [ 15.687070] [ 15.694813] Allocated by task 273: [ 15.694995] kasan_save_stack+0x45/0x70 [ 15.695216] kasan_save_track+0x18/0x40 [ 15.695408] kasan_save_alloc_info+0x3b/0x50 [ 15.695626] __kasan_kmalloc+0xb7/0xc0 [ 15.695819] __kmalloc_cache_noprof+0x18a/0x420 [ 15.696314] kasan_atomics+0x96/0x310 [ 15.696519] kunit_try_run_case+0x1a6/0x480 [ 15.696671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.696850] kthread+0x324/0x6e0 [ 15.697091] ret_from_fork+0x41/0x80 [ 15.697282] ret_from_fork_asm+0x1a/0x30 [ 15.697481] [ 15.697577] The buggy address belongs to the object at ffff888101bf3e00 [ 15.697577] which belongs to the cache kmalloc-64 of size 64 [ 15.698156] The buggy address is located 0 bytes to the right of [ 15.698156] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.698553] [ 15.698656] The buggy address belongs to the physical page: [ 15.698913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.699374] flags: 0x200000000000000(node=0|zone=2) [ 15.699773] page_type: f5(slab) [ 15.699937] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.700247] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.700659] page dumped because: kasan: bad access detected [ 15.700882] [ 15.700981] Memory state around the buggy address: [ 15.701151] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.701430] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.701747] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.702366] ^ [ 15.702630] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.702926] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.703194] ================================================================== [ 16.138933] ================================================================== [ 16.139994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1780/0x5450 [ 16.140445] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.140869] [ 16.141074] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.141126] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.141139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.141160] Call Trace: [ 16.141177] <TASK> [ 16.141213] dump_stack_lvl+0x73/0xb0 [ 16.141239] print_report+0xd1/0x650 [ 16.141260] ? __virt_addr_valid+0x1db/0x2d0 [ 16.141293] ? kasan_atomics_helper+0x1780/0x5450 [ 16.141315] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.141340] ? kasan_atomics_helper+0x1780/0x5450 [ 16.141362] kasan_report+0x140/0x180 [ 16.141384] ? kasan_atomics_helper+0x1780/0x5450 [ 16.141411] kasan_check_range+0x10c/0x1c0 [ 16.141433] __kasan_check_write+0x18/0x20 [ 16.141457] kasan_atomics_helper+0x1780/0x5450 [ 16.141479] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.141501] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.141526] ? kasan_atomics+0x153/0x310 [ 16.141551] kasan_atomics+0x1dd/0x310 [ 16.141574] ? __pfx_kasan_atomics+0x10/0x10 [ 16.141598] ? __pfx_read_tsc+0x10/0x10 [ 16.141620] ? ktime_get_ts64+0x86/0x230 [ 16.141645] kunit_try_run_case+0x1a6/0x480 [ 16.141669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.141690] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.141715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.141746] ? __kthread_parkme+0x82/0x160 [ 16.141767] ? preempt_count_sub+0x50/0x80 [ 16.141793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.141817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.141843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.141871] kthread+0x324/0x6e0 [ 16.141892] ? trace_preempt_on+0x20/0xc0 [ 16.141916] ? __pfx_kthread+0x10/0x10 [ 16.141939] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.141962] ? calculate_sigpending+0x7b/0xa0 [ 16.141986] ? __pfx_kthread+0x10/0x10 [ 16.142009] ret_from_fork+0x41/0x80 [ 16.142038] ? __pfx_kthread+0x10/0x10 [ 16.142061] ret_from_fork_asm+0x1a/0x30 [ 16.142093] </TASK> [ 16.142103] [ 16.155034] Allocated by task 273: [ 16.155167] kasan_save_stack+0x45/0x70 [ 16.155312] kasan_save_track+0x18/0x40 [ 16.155445] kasan_save_alloc_info+0x3b/0x50 [ 16.155680] __kasan_kmalloc+0xb7/0xc0 [ 16.156034] __kmalloc_cache_noprof+0x18a/0x420 [ 16.156454] kasan_atomics+0x96/0x310 [ 16.156883] kunit_try_run_case+0x1a6/0x480 [ 16.157328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.157984] kthread+0x324/0x6e0 [ 16.158328] ret_from_fork+0x41/0x80 [ 16.158671] ret_from_fork_asm+0x1a/0x30 [ 16.159087] [ 16.159249] The buggy address belongs to the object at ffff888101bf3e00 [ 16.159249] which belongs to the cache kmalloc-64 of size 64 [ 16.160349] The buggy address is located 0 bytes to the right of [ 16.160349] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.160969] [ 16.161139] The buggy address belongs to the physical page: [ 16.161519] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.162148] flags: 0x200000000000000(node=0|zone=2) [ 16.162314] page_type: f5(slab) [ 16.162436] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.162916] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.163585] page dumped because: kasan: bad access detected [ 16.164132] [ 16.164314] Memory state around the buggy address: [ 16.164874] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.165350] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.165581] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.165976] ^ [ 16.166142] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.166356] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.166578] ================================================================== [ 15.344083] ================================================================== [ 15.344355] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x566/0x5450 [ 15.344584] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.344813] [ 15.344893] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.344932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.344946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.344968] Call Trace: [ 15.344985] <TASK> [ 15.345002] dump_stack_lvl+0x73/0xb0 [ 15.345038] print_report+0xd1/0x650 [ 15.345060] ? __virt_addr_valid+0x1db/0x2d0 [ 15.345083] ? kasan_atomics_helper+0x566/0x5450 [ 15.345105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.345131] ? kasan_atomics_helper+0x566/0x5450 [ 15.345168] kasan_report+0x140/0x180 [ 15.345191] ? kasan_atomics_helper+0x566/0x5450 [ 15.345217] kasan_check_range+0x10c/0x1c0 [ 15.345240] __kasan_check_write+0x18/0x20 [ 15.345264] kasan_atomics_helper+0x566/0x5450 [ 15.345286] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.345309] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.345334] ? kasan_atomics+0x153/0x310 [ 15.345359] kasan_atomics+0x1dd/0x310 [ 15.345382] ? __pfx_kasan_atomics+0x10/0x10 [ 15.345406] ? __pfx_read_tsc+0x10/0x10 [ 15.345429] ? ktime_get_ts64+0x86/0x230 [ 15.345454] kunit_try_run_case+0x1a6/0x480 [ 15.345478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.345501] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.345525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.345550] ? __kthread_parkme+0x82/0x160 [ 15.345573] ? preempt_count_sub+0x50/0x80 [ 15.345598] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.345622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.345649] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.345676] kthread+0x324/0x6e0 [ 15.345698] ? trace_preempt_on+0x20/0xc0 [ 15.345721] ? __pfx_kthread+0x10/0x10 [ 15.345751] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.345774] ? calculate_sigpending+0x7b/0xa0 [ 15.345797] ? __pfx_kthread+0x10/0x10 [ 15.345820] ret_from_fork+0x41/0x80 [ 15.345840] ? __pfx_kthread+0x10/0x10 [ 15.345863] ret_from_fork_asm+0x1a/0x30 [ 15.345895] </TASK> [ 15.345906] [ 15.358896] Allocated by task 273: [ 15.359297] kasan_save_stack+0x45/0x70 [ 15.359510] kasan_save_track+0x18/0x40 [ 15.360104] kasan_save_alloc_info+0x3b/0x50 [ 15.360399] __kasan_kmalloc+0xb7/0xc0 [ 15.360812] __kmalloc_cache_noprof+0x18a/0x420 [ 15.360972] kasan_atomics+0x96/0x310 [ 15.361117] kunit_try_run_case+0x1a6/0x480 [ 15.361259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.361431] kthread+0x324/0x6e0 [ 15.361576] ret_from_fork+0x41/0x80 [ 15.362172] ret_from_fork_asm+0x1a/0x30 [ 15.362665] [ 15.362841] The buggy address belongs to the object at ffff888101bf3e00 [ 15.362841] which belongs to the cache kmalloc-64 of size 64 [ 15.364082] The buggy address is located 0 bytes to the right of [ 15.364082] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.365318] [ 15.365486] The buggy address belongs to the physical page: [ 15.366118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.366844] flags: 0x200000000000000(node=0|zone=2) [ 15.367011] page_type: f5(slab) [ 15.367146] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.367372] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.367727] page dumped because: kasan: bad access detected [ 15.368271] [ 15.368435] Memory state around the buggy address: [ 15.368996] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.369869] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.370551] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.371250] ^ [ 15.371771] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372333] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.372557] ================================================================== [ 16.453895] ================================================================== [ 16.454594] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f73/0x5450 [ 16.455324] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.456137] [ 16.456339] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.456379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.456391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.456415] Call Trace: [ 16.456432] <TASK> [ 16.456449] dump_stack_lvl+0x73/0xb0 [ 16.456474] print_report+0xd1/0x650 [ 16.456496] ? __virt_addr_valid+0x1db/0x2d0 [ 16.456518] ? kasan_atomics_helper+0x4f73/0x5450 [ 16.456539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.456565] ? kasan_atomics_helper+0x4f73/0x5450 [ 16.456587] kasan_report+0x140/0x180 [ 16.456610] ? kasan_atomics_helper+0x4f73/0x5450 [ 16.456636] __asan_report_load8_noabort+0x18/0x20 [ 16.456661] kasan_atomics_helper+0x4f73/0x5450 [ 16.456684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.456705] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.456730] ? kasan_atomics+0x153/0x310 [ 16.456756] kasan_atomics+0x1dd/0x310 [ 16.456779] ? __pfx_kasan_atomics+0x10/0x10 [ 16.456803] ? __pfx_read_tsc+0x10/0x10 [ 16.456825] ? ktime_get_ts64+0x86/0x230 [ 16.456851] kunit_try_run_case+0x1a6/0x480 [ 16.456875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.456897] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.456921] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.456946] ? __kthread_parkme+0x82/0x160 [ 16.456969] ? preempt_count_sub+0x50/0x80 [ 16.456994] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.457032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.457070] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.457097] kthread+0x324/0x6e0 [ 16.457125] ? trace_preempt_on+0x20/0xc0 [ 16.457149] ? __pfx_kthread+0x10/0x10 [ 16.457172] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.457195] ? calculate_sigpending+0x7b/0xa0 [ 16.457218] ? __pfx_kthread+0x10/0x10 [ 16.457242] ret_from_fork+0x41/0x80 [ 16.457261] ? __pfx_kthread+0x10/0x10 [ 16.457284] ret_from_fork_asm+0x1a/0x30 [ 16.457316] </TASK> [ 16.457327] [ 16.468153] Allocated by task 273: [ 16.468344] kasan_save_stack+0x45/0x70 [ 16.468565] kasan_save_track+0x18/0x40 [ 16.468854] kasan_save_alloc_info+0x3b/0x50 [ 16.469024] __kasan_kmalloc+0xb7/0xc0 [ 16.469160] __kmalloc_cache_noprof+0x18a/0x420 [ 16.469387] kasan_atomics+0x96/0x310 [ 16.469573] kunit_try_run_case+0x1a6/0x480 [ 16.469783] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.470546] kthread+0x324/0x6e0 [ 16.470969] ret_from_fork+0x41/0x80 [ 16.471279] ret_from_fork_asm+0x1a/0x30 [ 16.471754] [ 16.471990] The buggy address belongs to the object at ffff888101bf3e00 [ 16.471990] which belongs to the cache kmalloc-64 of size 64 [ 16.472509] The buggy address is located 0 bytes to the right of [ 16.472509] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.473524] [ 16.473792] The buggy address belongs to the physical page: [ 16.474235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.474859] flags: 0x200000000000000(node=0|zone=2) [ 16.475235] page_type: f5(slab) [ 16.475675] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.476214] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.476884] page dumped because: kasan: bad access detected [ 16.477279] [ 16.477373] Memory state around the buggy address: [ 16.477790] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.478251] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.478541] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.478821] ^ [ 16.479036] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479255] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.479586] ================================================================== [ 16.517228] ================================================================== [ 16.517582] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c9/0x5450 [ 16.517921] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.518247] [ 16.518353] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.518392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.518405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.518436] Call Trace: [ 16.518451] <TASK> [ 16.518467] dump_stack_lvl+0x73/0xb0 [ 16.518491] print_report+0xd1/0x650 [ 16.518525] ? __virt_addr_valid+0x1db/0x2d0 [ 16.518546] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.518568] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.518594] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.518616] kasan_report+0x140/0x180 [ 16.518647] ? kasan_atomics_helper+0x20c9/0x5450 [ 16.518673] kasan_check_range+0x10c/0x1c0 [ 16.518696] __kasan_check_write+0x18/0x20 [ 16.518731] kasan_atomics_helper+0x20c9/0x5450 [ 16.518754] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.518776] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.518810] ? kasan_atomics+0x153/0x310 [ 16.518835] kasan_atomics+0x1dd/0x310 [ 16.518857] ? __pfx_kasan_atomics+0x10/0x10 [ 16.518892] ? __pfx_read_tsc+0x10/0x10 [ 16.518915] ? ktime_get_ts64+0x86/0x230 [ 16.518940] kunit_try_run_case+0x1a6/0x480 [ 16.518971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.518993] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.519414] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.519454] ? __kthread_parkme+0x82/0x160 [ 16.519478] ? preempt_count_sub+0x50/0x80 [ 16.519504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.519528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.519558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.519586] kthread+0x324/0x6e0 [ 16.519621] ? trace_preempt_on+0x20/0xc0 [ 16.519645] ? __pfx_kthread+0x10/0x10 [ 16.519668] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.520070] ? calculate_sigpending+0x7b/0xa0 [ 16.520098] ? __pfx_kthread+0x10/0x10 [ 16.520135] ret_from_fork+0x41/0x80 [ 16.520156] ? __pfx_kthread+0x10/0x10 [ 16.520179] ret_from_fork_asm+0x1a/0x30 [ 16.521605] </TASK> [ 16.521623] [ 16.535278] Allocated by task 273: [ 16.535525] kasan_save_stack+0x45/0x70 [ 16.535961] kasan_save_track+0x18/0x40 [ 16.536396] kasan_save_alloc_info+0x3b/0x50 [ 16.536792] __kasan_kmalloc+0xb7/0xc0 [ 16.536928] __kmalloc_cache_noprof+0x18a/0x420 [ 16.537097] kasan_atomics+0x96/0x310 [ 16.537233] kunit_try_run_case+0x1a6/0x480 [ 16.537379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.537556] kthread+0x324/0x6e0 [ 16.537716] ret_from_fork+0x41/0x80 [ 16.537884] ret_from_fork_asm+0x1a/0x30 [ 16.538091] [ 16.538189] The buggy address belongs to the object at ffff888101bf3e00 [ 16.538189] which belongs to the cache kmalloc-64 of size 64 [ 16.538659] The buggy address is located 0 bytes to the right of [ 16.538659] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.539282] [ 16.539359] The buggy address belongs to the physical page: [ 16.539530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.539907] flags: 0x200000000000000(node=0|zone=2) [ 16.540269] page_type: f5(slab) [ 16.540482] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.540893] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.541263] page dumped because: kasan: bad access detected [ 16.541486] [ 16.541600] Memory state around the buggy address: [ 16.541796] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542050] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.542418] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.542744] ^ [ 16.543078] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543356] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.543731] ================================================================== [ 15.842685] ================================================================== [ 15.842936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a04/0x5450 [ 15.843247] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.843556] [ 15.843720] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.843775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.843788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.843809] Call Trace: [ 15.843825] <TASK> [ 15.843842] dump_stack_lvl+0x73/0xb0 [ 15.843867] print_report+0xd1/0x650 [ 15.843890] ? __virt_addr_valid+0x1db/0x2d0 [ 15.843912] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.843933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.843960] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.843982] kasan_report+0x140/0x180 [ 15.844004] ? kasan_atomics_helper+0x4a04/0x5450 [ 15.844039] __asan_report_load4_noabort+0x18/0x20 [ 15.844064] kasan_atomics_helper+0x4a04/0x5450 [ 15.844087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.844109] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.844134] ? kasan_atomics+0x153/0x310 [ 15.844160] kasan_atomics+0x1dd/0x310 [ 15.844183] ? __pfx_kasan_atomics+0x10/0x10 [ 15.844207] ? __pfx_read_tsc+0x10/0x10 [ 15.844229] ? ktime_get_ts64+0x86/0x230 [ 15.844254] kunit_try_run_case+0x1a6/0x480 [ 15.844278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844300] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.844324] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.844349] ? __kthread_parkme+0x82/0x160 [ 15.844370] ? preempt_count_sub+0x50/0x80 [ 15.844395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.844420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.844446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.844473] kthread+0x324/0x6e0 [ 15.844494] ? trace_preempt_on+0x20/0xc0 [ 15.844518] ? __pfx_kthread+0x10/0x10 [ 15.844540] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.844564] ? calculate_sigpending+0x7b/0xa0 [ 15.844586] ? __pfx_kthread+0x10/0x10 [ 15.844609] ret_from_fork+0x41/0x80 [ 15.844628] ? __pfx_kthread+0x10/0x10 [ 15.844651] ret_from_fork_asm+0x1a/0x30 [ 15.844683] </TASK> [ 15.844693] [ 15.854507] Allocated by task 273: [ 15.855190] kasan_save_stack+0x45/0x70 [ 15.855375] kasan_save_track+0x18/0x40 [ 15.855651] kasan_save_alloc_info+0x3b/0x50 [ 15.856069] __kasan_kmalloc+0xb7/0xc0 [ 15.856272] __kmalloc_cache_noprof+0x18a/0x420 [ 15.856482] kasan_atomics+0x96/0x310 [ 15.856946] kunit_try_run_case+0x1a6/0x480 [ 15.857218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.857536] kthread+0x324/0x6e0 [ 15.857831] ret_from_fork+0x41/0x80 [ 15.857979] ret_from_fork_asm+0x1a/0x30 [ 15.858204] [ 15.858306] The buggy address belongs to the object at ffff888101bf3e00 [ 15.858306] which belongs to the cache kmalloc-64 of size 64 [ 15.859058] The buggy address is located 0 bytes to the right of [ 15.859058] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.859536] [ 15.859619] The buggy address belongs to the physical page: [ 15.859959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.860305] flags: 0x200000000000000(node=0|zone=2) [ 15.860524] page_type: f5(slab) [ 15.860851] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.861159] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.861414] page dumped because: kasan: bad access detected [ 15.861661] [ 15.861763] Memory state around the buggy address: [ 15.862008] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862382] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.862653] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.863192] ^ [ 15.863434] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.863732] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.864088] ================================================================== [ 15.241299] ================================================================== [ 15.242031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3e0/0x5450 [ 15.242364] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.242802] [ 15.242896] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.242938] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.242951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.242973] Call Trace: [ 15.242987] <TASK> [ 15.243003] dump_stack_lvl+0x73/0xb0 [ 15.243041] print_report+0xd1/0x650 [ 15.243064] ? __virt_addr_valid+0x1db/0x2d0 [ 15.243086] ? kasan_atomics_helper+0x3e0/0x5450 [ 15.243108] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.243134] ? kasan_atomics_helper+0x3e0/0x5450 [ 15.243156] kasan_report+0x140/0x180 [ 15.243404] ? kasan_atomics_helper+0x3e0/0x5450 [ 15.243435] kasan_check_range+0x10c/0x1c0 [ 15.243460] __kasan_check_read+0x15/0x20 [ 15.243482] kasan_atomics_helper+0x3e0/0x5450 [ 15.243505] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.243527] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.243552] ? kasan_atomics+0x153/0x310 [ 15.243577] kasan_atomics+0x1dd/0x310 [ 15.243600] ? __pfx_kasan_atomics+0x10/0x10 [ 15.243624] ? __pfx_read_tsc+0x10/0x10 [ 15.243646] ? ktime_get_ts64+0x86/0x230 [ 15.243671] kunit_try_run_case+0x1a6/0x480 [ 15.243695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.243718] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.243741] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.243767] ? __kthread_parkme+0x82/0x160 [ 15.243790] ? preempt_count_sub+0x50/0x80 [ 15.243815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.243838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.243865] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.243892] kthread+0x324/0x6e0 [ 15.243915] ? trace_preempt_on+0x20/0xc0 [ 15.243938] ? __pfx_kthread+0x10/0x10 [ 15.243961] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.243985] ? calculate_sigpending+0x7b/0xa0 [ 15.244007] ? __pfx_kthread+0x10/0x10 [ 15.244041] ret_from_fork+0x41/0x80 [ 15.244061] ? __pfx_kthread+0x10/0x10 [ 15.244084] ret_from_fork_asm+0x1a/0x30 [ 15.244115] </TASK> [ 15.244127] [ 15.254717] Allocated by task 273: [ 15.254847] kasan_save_stack+0x45/0x70 [ 15.255251] kasan_save_track+0x18/0x40 [ 15.255443] kasan_save_alloc_info+0x3b/0x50 [ 15.255638] __kasan_kmalloc+0xb7/0xc0 [ 15.256003] __kmalloc_cache_noprof+0x18a/0x420 [ 15.256407] kasan_atomics+0x96/0x310 [ 15.256604] kunit_try_run_case+0x1a6/0x480 [ 15.256973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257327] kthread+0x324/0x6e0 [ 15.257468] ret_from_fork+0x41/0x80 [ 15.257833] ret_from_fork_asm+0x1a/0x30 [ 15.258134] [ 15.258237] The buggy address belongs to the object at ffff888101bf3e00 [ 15.258237] which belongs to the cache kmalloc-64 of size 64 [ 15.258905] The buggy address is located 0 bytes to the right of [ 15.258905] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.259728] [ 15.259834] The buggy address belongs to the physical page: [ 15.260393] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.260838] flags: 0x200000000000000(node=0|zone=2) [ 15.261155] page_type: f5(slab) [ 15.261337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.262034] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.262465] page dumped because: kasan: bad access detected [ 15.262671] [ 15.262980] Memory state around the buggy address: [ 15.263508] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.264419] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.265088] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.265850] ^ [ 15.266134] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.266894] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.267121] ================================================================== [ 15.421951] ================================================================== [ 15.422281] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x730/0x5450 [ 15.423002] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.423504] [ 15.423728] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.423776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.423885] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.423909] Call Trace: [ 15.423926] <TASK> [ 15.423943] dump_stack_lvl+0x73/0xb0 [ 15.423971] print_report+0xd1/0x650 [ 15.423993] ? __virt_addr_valid+0x1db/0x2d0 [ 15.424030] ? kasan_atomics_helper+0x730/0x5450 [ 15.424052] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.424079] ? kasan_atomics_helper+0x730/0x5450 [ 15.424101] kasan_report+0x140/0x180 [ 15.424125] ? kasan_atomics_helper+0x730/0x5450 [ 15.424152] kasan_check_range+0x10c/0x1c0 [ 15.424176] __kasan_check_write+0x18/0x20 [ 15.424200] kasan_atomics_helper+0x730/0x5450 [ 15.424223] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.424246] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.424270] ? kasan_atomics+0x153/0x310 [ 15.424296] kasan_atomics+0x1dd/0x310 [ 15.424319] ? __pfx_kasan_atomics+0x10/0x10 [ 15.424343] ? __pfx_read_tsc+0x10/0x10 [ 15.424365] ? ktime_get_ts64+0x86/0x230 [ 15.424391] kunit_try_run_case+0x1a6/0x480 [ 15.424415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424437] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.424462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.424486] ? __kthread_parkme+0x82/0x160 [ 15.424509] ? preempt_count_sub+0x50/0x80 [ 15.424535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.424638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.424666] kthread+0x324/0x6e0 [ 15.424688] ? trace_preempt_on+0x20/0xc0 [ 15.424712] ? __pfx_kthread+0x10/0x10 [ 15.424735] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.424759] ? calculate_sigpending+0x7b/0xa0 [ 15.424781] ? __pfx_kthread+0x10/0x10 [ 15.424804] ret_from_fork+0x41/0x80 [ 15.424824] ? __pfx_kthread+0x10/0x10 [ 15.424851] ret_from_fork_asm+0x1a/0x30 [ 15.424884] </TASK> [ 15.424896] [ 15.435689] Allocated by task 273: [ 15.435872] kasan_save_stack+0x45/0x70 [ 15.436656] kasan_save_track+0x18/0x40 [ 15.436988] kasan_save_alloc_info+0x3b/0x50 [ 15.437420] __kasan_kmalloc+0xb7/0xc0 [ 15.437932] __kmalloc_cache_noprof+0x18a/0x420 [ 15.438338] kasan_atomics+0x96/0x310 [ 15.438800] kunit_try_run_case+0x1a6/0x480 [ 15.439075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.439329] kthread+0x324/0x6e0 [ 15.439492] ret_from_fork+0x41/0x80 [ 15.439994] ret_from_fork_asm+0x1a/0x30 [ 15.440448] [ 15.440704] The buggy address belongs to the object at ffff888101bf3e00 [ 15.440704] which belongs to the cache kmalloc-64 of size 64 [ 15.441637] The buggy address is located 0 bytes to the right of [ 15.441637] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.442617] [ 15.442842] The buggy address belongs to the physical page: [ 15.443322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.443802] flags: 0x200000000000000(node=0|zone=2) [ 15.444036] page_type: f5(slab) [ 15.444200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.444493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.445140] page dumped because: kasan: bad access detected [ 15.445973] [ 15.446092] Memory state around the buggy address: [ 15.446475] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.447145] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.447665] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.448168] ^ [ 15.448654] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449097] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.449594] ================================================================== [ 16.361011] ================================================================== [ 16.361465] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7b/0x5450 [ 16.361960] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.362515] [ 16.362605] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.362645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362682] Call Trace: [ 16.362699] <TASK> [ 16.362716] dump_stack_lvl+0x73/0xb0 [ 16.362740] print_report+0xd1/0x650 [ 16.363077] ? __virt_addr_valid+0x1db/0x2d0 [ 16.363109] ? kasan_atomics_helper+0x1d7b/0x5450 [ 16.363131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.363158] ? kasan_atomics_helper+0x1d7b/0x5450 [ 16.363179] kasan_report+0x140/0x180 [ 16.363203] ? kasan_atomics_helper+0x1d7b/0x5450 [ 16.363229] kasan_check_range+0x10c/0x1c0 [ 16.363253] __kasan_check_write+0x18/0x20 [ 16.363276] kasan_atomics_helper+0x1d7b/0x5450 [ 16.363299] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.363322] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.363348] ? kasan_atomics+0x153/0x310 [ 16.363374] kasan_atomics+0x1dd/0x310 [ 16.363397] ? __pfx_kasan_atomics+0x10/0x10 [ 16.363421] ? __pfx_read_tsc+0x10/0x10 [ 16.363444] ? ktime_get_ts64+0x86/0x230 [ 16.363470] kunit_try_run_case+0x1a6/0x480 [ 16.363494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363517] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.363542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.363566] ? __kthread_parkme+0x82/0x160 [ 16.363589] ? preempt_count_sub+0x50/0x80 [ 16.363614] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.363638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.363665] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.363693] kthread+0x324/0x6e0 [ 16.363714] ? trace_preempt_on+0x20/0xc0 [ 16.363738] ? __pfx_kthread+0x10/0x10 [ 16.363762] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.363785] ? calculate_sigpending+0x7b/0xa0 [ 16.363807] ? __pfx_kthread+0x10/0x10 [ 16.363831] ret_from_fork+0x41/0x80 [ 16.363850] ? __pfx_kthread+0x10/0x10 [ 16.363874] ret_from_fork_asm+0x1a/0x30 [ 16.363906] </TASK> [ 16.363918] [ 16.372944] Allocated by task 273: [ 16.373111] kasan_save_stack+0x45/0x70 [ 16.373259] kasan_save_track+0x18/0x40 [ 16.373452] kasan_save_alloc_info+0x3b/0x50 [ 16.373795] __kasan_kmalloc+0xb7/0xc0 [ 16.374028] __kmalloc_cache_noprof+0x18a/0x420 [ 16.374194] kasan_atomics+0x96/0x310 [ 16.374465] kunit_try_run_case+0x1a6/0x480 [ 16.374817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.375121] kthread+0x324/0x6e0 [ 16.375283] ret_from_fork+0x41/0x80 [ 16.375510] ret_from_fork_asm+0x1a/0x30 [ 16.375713] [ 16.375814] The buggy address belongs to the object at ffff888101bf3e00 [ 16.375814] which belongs to the cache kmalloc-64 of size 64 [ 16.376386] The buggy address is located 0 bytes to the right of [ 16.376386] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.376999] [ 16.377131] The buggy address belongs to the physical page: [ 16.377425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.377840] flags: 0x200000000000000(node=0|zone=2) [ 16.378134] page_type: f5(slab) [ 16.378326] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.378647] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.379040] page dumped because: kasan: bad access detected [ 16.379266] [ 16.379394] Memory state around the buggy address: [ 16.379653] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.380034] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.380363] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.380655] ^ [ 16.380911] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381267] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.381591] ================================================================== [ 16.622334] ================================================================== [ 16.622807] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5117/0x5450 [ 16.623501] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.624002] [ 16.624097] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.624136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.624150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.624172] Call Trace: [ 16.624188] <TASK> [ 16.624202] dump_stack_lvl+0x73/0xb0 [ 16.624227] print_report+0xd1/0x650 [ 16.624248] ? __virt_addr_valid+0x1db/0x2d0 [ 16.624271] ? kasan_atomics_helper+0x5117/0x5450 [ 16.624292] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.624318] ? kasan_atomics_helper+0x5117/0x5450 [ 16.624339] kasan_report+0x140/0x180 [ 16.624362] ? kasan_atomics_helper+0x5117/0x5450 [ 16.624387] __asan_report_load8_noabort+0x18/0x20 [ 16.624411] kasan_atomics_helper+0x5117/0x5450 [ 16.624434] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.624456] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.624480] ? kasan_atomics+0x153/0x310 [ 16.624506] kasan_atomics+0x1dd/0x310 [ 16.624528] ? __pfx_kasan_atomics+0x10/0x10 [ 16.624578] ? __pfx_read_tsc+0x10/0x10 [ 16.624601] ? ktime_get_ts64+0x86/0x230 [ 16.624626] kunit_try_run_case+0x1a6/0x480 [ 16.624660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.624682] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.624706] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.624742] ? __kthread_parkme+0x82/0x160 [ 16.624766] ? preempt_count_sub+0x50/0x80 [ 16.624790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.624814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.624850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.624878] kthread+0x324/0x6e0 [ 16.624900] ? trace_preempt_on+0x20/0xc0 [ 16.624934] ? __pfx_kthread+0x10/0x10 [ 16.624957] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.624980] ? calculate_sigpending+0x7b/0xa0 [ 16.625003] ? __pfx_kthread+0x10/0x10 [ 16.625035] ret_from_fork+0x41/0x80 [ 16.625054] ? __pfx_kthread+0x10/0x10 [ 16.625078] ret_from_fork_asm+0x1a/0x30 [ 16.625109] </TASK> [ 16.625120] [ 16.637742] Allocated by task 273: [ 16.638108] kasan_save_stack+0x45/0x70 [ 16.638495] kasan_save_track+0x18/0x40 [ 16.638826] kasan_save_alloc_info+0x3b/0x50 [ 16.639095] __kasan_kmalloc+0xb7/0xc0 [ 16.639391] __kmalloc_cache_noprof+0x18a/0x420 [ 16.639570] kasan_atomics+0x96/0x310 [ 16.639948] kunit_try_run_case+0x1a6/0x480 [ 16.640359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.640810] kthread+0x324/0x6e0 [ 16.640964] ret_from_fork+0x41/0x80 [ 16.641194] ret_from_fork_asm+0x1a/0x30 [ 16.641611] [ 16.641778] The buggy address belongs to the object at ffff888101bf3e00 [ 16.641778] which belongs to the cache kmalloc-64 of size 64 [ 16.642292] The buggy address is located 0 bytes to the right of [ 16.642292] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.642926] [ 16.643107] The buggy address belongs to the physical page: [ 16.643633] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.644330] flags: 0x200000000000000(node=0|zone=2) [ 16.644794] page_type: f5(slab) [ 16.645104] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.645521] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.646476] page dumped because: kasan: bad access detected [ 16.646843] [ 16.647004] Memory state around the buggy address: [ 16.647309] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.647747] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.647963] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.648188] ^ [ 16.648344] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648582] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649250] ================================================================== [ 16.014223] ================================================================== [ 16.014961] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d6/0x5450 [ 16.015953] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.016282] [ 16.016369] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.016410] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.016423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.016445] Call Trace: [ 16.016463] <TASK> [ 16.016480] dump_stack_lvl+0x73/0xb0 [ 16.016507] print_report+0xd1/0x650 [ 16.016529] ? __virt_addr_valid+0x1db/0x2d0 [ 16.016559] ? kasan_atomics_helper+0x50d6/0x5450 [ 16.016581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.016607] ? kasan_atomics_helper+0x50d6/0x5450 [ 16.016629] kasan_report+0x140/0x180 [ 16.016653] ? kasan_atomics_helper+0x50d6/0x5450 [ 16.016679] __asan_report_store8_noabort+0x1b/0x30 [ 16.016703] kasan_atomics_helper+0x50d6/0x5450 [ 16.016725] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.016748] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.016772] ? kasan_atomics+0x153/0x310 [ 16.016800] kasan_atomics+0x1dd/0x310 [ 16.016824] ? __pfx_kasan_atomics+0x10/0x10 [ 16.016848] ? __pfx_read_tsc+0x10/0x10 [ 16.016871] ? ktime_get_ts64+0x86/0x230 [ 16.016897] kunit_try_run_case+0x1a6/0x480 [ 16.016921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.016943] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.016969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.016993] ? __kthread_parkme+0x82/0x160 [ 16.017210] ? preempt_count_sub+0x50/0x80 [ 16.017245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.017270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.017297] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.017325] kthread+0x324/0x6e0 [ 16.017378] ? trace_preempt_on+0x20/0xc0 [ 16.017404] ? __pfx_kthread+0x10/0x10 [ 16.017427] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.017450] ? calculate_sigpending+0x7b/0xa0 [ 16.017473] ? __pfx_kthread+0x10/0x10 [ 16.017496] ret_from_fork+0x41/0x80 [ 16.017515] ? __pfx_kthread+0x10/0x10 [ 16.017538] ret_from_fork_asm+0x1a/0x30 [ 16.017570] </TASK> [ 16.017582] [ 16.033247] Allocated by task 273: [ 16.033597] kasan_save_stack+0x45/0x70 [ 16.034006] kasan_save_track+0x18/0x40 [ 16.034421] kasan_save_alloc_info+0x3b/0x50 [ 16.034891] __kasan_kmalloc+0xb7/0xc0 [ 16.035280] __kmalloc_cache_noprof+0x18a/0x420 [ 16.035710] kasan_atomics+0x96/0x310 [ 16.035979] kunit_try_run_case+0x1a6/0x480 [ 16.036137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.036318] kthread+0x324/0x6e0 [ 16.036443] ret_from_fork+0x41/0x80 [ 16.036574] ret_from_fork_asm+0x1a/0x30 [ 16.036800] [ 16.036872] The buggy address belongs to the object at ffff888101bf3e00 [ 16.036872] which belongs to the cache kmalloc-64 of size 64 [ 16.037487] The buggy address is located 0 bytes to the right of [ 16.037487] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.038086] [ 16.038205] The buggy address belongs to the physical page: [ 16.038455] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.038874] flags: 0x200000000000000(node=0|zone=2) [ 16.039131] page_type: f5(slab) [ 16.039259] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.039565] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.039941] page dumped because: kasan: bad access detected [ 16.040191] [ 16.040272] Memory state around the buggy address: [ 16.040428] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.040996] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.041299] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.041511] ^ [ 16.041795] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.042279] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.042495] ================================================================== [ 15.940706] ================================================================== [ 15.941071] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b6/0x5450 [ 15.941351] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.941773] [ 15.941860] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.941901] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.941914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.941938] Call Trace: [ 15.941956] <TASK> [ 15.941973] dump_stack_lvl+0x73/0xb0 [ 15.941998] print_report+0xd1/0x650 [ 15.942032] ? __virt_addr_valid+0x1db/0x2d0 [ 15.942056] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.942077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.942103] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.942125] kasan_report+0x140/0x180 [ 15.942148] ? kasan_atomics_helper+0x13b6/0x5450 [ 15.942174] kasan_check_range+0x10c/0x1c0 [ 15.942198] __kasan_check_read+0x15/0x20 [ 15.942221] kasan_atomics_helper+0x13b6/0x5450 [ 15.942246] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.942268] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.942293] ? kasan_atomics+0x153/0x310 [ 15.942320] kasan_atomics+0x1dd/0x310 [ 15.942343] ? __pfx_kasan_atomics+0x10/0x10 [ 15.942368] ? __pfx_read_tsc+0x10/0x10 [ 15.942390] ? ktime_get_ts64+0x86/0x230 [ 15.942416] kunit_try_run_case+0x1a6/0x480 [ 15.942439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942462] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.942486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.942510] ? __kthread_parkme+0x82/0x160 [ 15.942533] ? preempt_count_sub+0x50/0x80 [ 15.942558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.942581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.942608] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.942635] kthread+0x324/0x6e0 [ 15.942656] ? trace_preempt_on+0x20/0xc0 [ 15.942680] ? __pfx_kthread+0x10/0x10 [ 15.942702] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.942725] ? calculate_sigpending+0x7b/0xa0 [ 15.942747] ? __pfx_kthread+0x10/0x10 [ 15.942771] ret_from_fork+0x41/0x80 [ 15.942790] ? __pfx_kthread+0x10/0x10 [ 15.942814] ret_from_fork_asm+0x1a/0x30 [ 15.942845] </TASK> [ 15.942857] [ 15.950541] Allocated by task 273: [ 15.950737] kasan_save_stack+0x45/0x70 [ 15.950905] kasan_save_track+0x18/0x40 [ 15.951084] kasan_save_alloc_info+0x3b/0x50 [ 15.951236] __kasan_kmalloc+0xb7/0xc0 [ 15.951370] __kmalloc_cache_noprof+0x18a/0x420 [ 15.951525] kasan_atomics+0x96/0x310 [ 15.951657] kunit_try_run_case+0x1a6/0x480 [ 15.951814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.952197] kthread+0x324/0x6e0 [ 15.952367] ret_from_fork+0x41/0x80 [ 15.952546] ret_from_fork_asm+0x1a/0x30 [ 15.952740] [ 15.952843] The buggy address belongs to the object at ffff888101bf3e00 [ 15.952843] which belongs to the cache kmalloc-64 of size 64 [ 15.953370] The buggy address is located 0 bytes to the right of [ 15.953370] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.953934] [ 15.954039] The buggy address belongs to the physical page: [ 15.954282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.954522] flags: 0x200000000000000(node=0|zone=2) [ 15.955027] page_type: f5(slab) [ 15.955201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.955540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.955874] page dumped because: kasan: bad access detected [ 15.956083] [ 15.956154] Memory state around the buggy address: [ 15.956306] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.956522] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.956834] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.957158] ^ [ 15.957530] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.957829] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.958052] ================================================================== [ 16.228538] ================================================================== [ 16.228885] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e4/0x5450 [ 16.229130] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.229585] [ 16.229767] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.229833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.229846] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.229894] Call Trace: [ 16.229910] <TASK> [ 16.229925] dump_stack_lvl+0x73/0xb0 [ 16.229963] print_report+0xd1/0x650 [ 16.229985] ? __virt_addr_valid+0x1db/0x2d0 [ 16.230007] ? kasan_atomics_helper+0x19e4/0x5450 [ 16.230037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.230063] ? kasan_atomics_helper+0x19e4/0x5450 [ 16.230085] kasan_report+0x140/0x180 [ 16.230107] ? kasan_atomics_helper+0x19e4/0x5450 [ 16.230132] kasan_check_range+0x10c/0x1c0 [ 16.230156] __kasan_check_write+0x18/0x20 [ 16.230179] kasan_atomics_helper+0x19e4/0x5450 [ 16.230202] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.230224] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.230249] ? kasan_atomics+0x153/0x310 [ 16.230275] kasan_atomics+0x1dd/0x310 [ 16.230297] ? __pfx_kasan_atomics+0x10/0x10 [ 16.230321] ? __pfx_read_tsc+0x10/0x10 [ 16.230342] ? ktime_get_ts64+0x86/0x230 [ 16.230368] kunit_try_run_case+0x1a6/0x480 [ 16.230391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230414] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.230441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.230475] ? __kthread_parkme+0x82/0x160 [ 16.230496] ? preempt_count_sub+0x50/0x80 [ 16.230532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.230582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.230609] kthread+0x324/0x6e0 [ 16.230631] ? trace_preempt_on+0x20/0xc0 [ 16.230654] ? __pfx_kthread+0x10/0x10 [ 16.230677] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.230700] ? calculate_sigpending+0x7b/0xa0 [ 16.230731] ? __pfx_kthread+0x10/0x10 [ 16.230754] ret_from_fork+0x41/0x80 [ 16.230773] ? __pfx_kthread+0x10/0x10 [ 16.230795] ret_from_fork_asm+0x1a/0x30 [ 16.230838] </TASK> [ 16.230849] [ 16.238360] Allocated by task 273: [ 16.238539] kasan_save_stack+0x45/0x70 [ 16.238732] kasan_save_track+0x18/0x40 [ 16.238918] kasan_save_alloc_info+0x3b/0x50 [ 16.239124] __kasan_kmalloc+0xb7/0xc0 [ 16.239252] __kmalloc_cache_noprof+0x18a/0x420 [ 16.239399] kasan_atomics+0x96/0x310 [ 16.239527] kunit_try_run_case+0x1a6/0x480 [ 16.239667] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.239924] kthread+0x324/0x6e0 [ 16.240106] ret_from_fork+0x41/0x80 [ 16.240315] ret_from_fork_asm+0x1a/0x30 [ 16.240517] [ 16.240621] The buggy address belongs to the object at ffff888101bf3e00 [ 16.240621] which belongs to the cache kmalloc-64 of size 64 [ 16.241252] The buggy address is located 0 bytes to the right of [ 16.241252] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.241649] [ 16.241770] The buggy address belongs to the physical page: [ 16.242028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.242306] flags: 0x200000000000000(node=0|zone=2) [ 16.242462] page_type: f5(slab) [ 16.242580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.242861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.243233] page dumped because: kasan: bad access detected [ 16.243491] [ 16.243593] Memory state around the buggy address: [ 16.243967] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.244320] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.244656] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.244927] ^ [ 16.245088] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245394] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.245803] ================================================================== [ 16.422878] ================================================================== [ 16.423678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f44/0x5450 [ 16.424450] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.425202] [ 16.425433] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.425473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.425486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.425506] Call Trace: [ 16.425520] <TASK> [ 16.425583] dump_stack_lvl+0x73/0xb0 [ 16.425610] print_report+0xd1/0x650 [ 16.425644] ? __virt_addr_valid+0x1db/0x2d0 [ 16.425667] ? kasan_atomics_helper+0x1f44/0x5450 [ 16.425689] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.425716] ? kasan_atomics_helper+0x1f44/0x5450 [ 16.425743] kasan_report+0x140/0x180 [ 16.425766] ? kasan_atomics_helper+0x1f44/0x5450 [ 16.425792] kasan_check_range+0x10c/0x1c0 [ 16.425816] __kasan_check_write+0x18/0x20 [ 16.425839] kasan_atomics_helper+0x1f44/0x5450 [ 16.425862] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.425885] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.425909] ? kasan_atomics+0x153/0x310 [ 16.425936] kasan_atomics+0x1dd/0x310 [ 16.425958] ? __pfx_kasan_atomics+0x10/0x10 [ 16.425982] ? __pfx_read_tsc+0x10/0x10 [ 16.426005] ? ktime_get_ts64+0x86/0x230 [ 16.426041] kunit_try_run_case+0x1a6/0x480 [ 16.426065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426088] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.426112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.426137] ? __kthread_parkme+0x82/0x160 [ 16.426160] ? preempt_count_sub+0x50/0x80 [ 16.426186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.426209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.426236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.426263] kthread+0x324/0x6e0 [ 16.426285] ? trace_preempt_on+0x20/0xc0 [ 16.426309] ? __pfx_kthread+0x10/0x10 [ 16.426333] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.426357] ? calculate_sigpending+0x7b/0xa0 [ 16.426379] ? __pfx_kthread+0x10/0x10 [ 16.426403] ret_from_fork+0x41/0x80 [ 16.426422] ? __pfx_kthread+0x10/0x10 [ 16.426446] ret_from_fork_asm+0x1a/0x30 [ 16.426478] </TASK> [ 16.426488] [ 16.439623] Allocated by task 273: [ 16.440048] kasan_save_stack+0x45/0x70 [ 16.440445] kasan_save_track+0x18/0x40 [ 16.440888] kasan_save_alloc_info+0x3b/0x50 [ 16.441322] __kasan_kmalloc+0xb7/0xc0 [ 16.441709] __kmalloc_cache_noprof+0x18a/0x420 [ 16.442229] kasan_atomics+0x96/0x310 [ 16.442683] kunit_try_run_case+0x1a6/0x480 [ 16.443194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.443379] kthread+0x324/0x6e0 [ 16.443503] ret_from_fork+0x41/0x80 [ 16.443837] ret_from_fork_asm+0x1a/0x30 [ 16.444251] [ 16.444440] The buggy address belongs to the object at ffff888101bf3e00 [ 16.444440] which belongs to the cache kmalloc-64 of size 64 [ 16.445803] The buggy address is located 0 bytes to the right of [ 16.445803] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.446184] [ 16.446259] The buggy address belongs to the physical page: [ 16.446432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.446961] flags: 0x200000000000000(node=0|zone=2) [ 16.447437] page_type: f5(slab) [ 16.447788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.448512] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.449207] page dumped because: kasan: bad access detected [ 16.449762] [ 16.449922] Memory state around the buggy address: [ 16.450426] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.451086] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.451762] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.452034] ^ [ 16.452479] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453110] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.453325] ================================================================== [ 15.467538] ================================================================== [ 15.468230] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x861/0x5450 [ 15.468605] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.468942] [ 15.469060] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.469100] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.469112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.469133] Call Trace: [ 15.469147] <TASK> [ 15.469162] dump_stack_lvl+0x73/0xb0 [ 15.469186] print_report+0xd1/0x650 [ 15.469208] ? __virt_addr_valid+0x1db/0x2d0 [ 15.469230] ? kasan_atomics_helper+0x861/0x5450 [ 15.469251] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.469278] ? kasan_atomics_helper+0x861/0x5450 [ 15.469300] kasan_report+0x140/0x180 [ 15.469322] ? kasan_atomics_helper+0x861/0x5450 [ 15.469348] kasan_check_range+0x10c/0x1c0 [ 15.469372] __kasan_check_write+0x18/0x20 [ 15.469397] kasan_atomics_helper+0x861/0x5450 [ 15.469420] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.469444] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.469470] ? kasan_atomics+0x153/0x310 [ 15.469496] kasan_atomics+0x1dd/0x310 [ 15.469519] ? __pfx_kasan_atomics+0x10/0x10 [ 15.469576] ? __pfx_read_tsc+0x10/0x10 [ 15.469600] ? ktime_get_ts64+0x86/0x230 [ 15.469625] kunit_try_run_case+0x1a6/0x480 [ 15.469649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469671] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.469697] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.469721] ? __kthread_parkme+0x82/0x160 [ 15.469750] ? preempt_count_sub+0x50/0x80 [ 15.469775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.469798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.469825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.469853] kthread+0x324/0x6e0 [ 15.469875] ? trace_preempt_on+0x20/0xc0 [ 15.469899] ? __pfx_kthread+0x10/0x10 [ 15.469922] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.469945] ? calculate_sigpending+0x7b/0xa0 [ 15.469967] ? __pfx_kthread+0x10/0x10 [ 15.469991] ret_from_fork+0x41/0x80 [ 15.470011] ? __pfx_kthread+0x10/0x10 [ 15.470043] ret_from_fork_asm+0x1a/0x30 [ 15.470075] </TASK> [ 15.470086] [ 15.478497] Allocated by task 273: [ 15.478659] kasan_save_stack+0x45/0x70 [ 15.478807] kasan_save_track+0x18/0x40 [ 15.478943] kasan_save_alloc_info+0x3b/0x50 [ 15.479244] __kasan_kmalloc+0xb7/0xc0 [ 15.479505] __kmalloc_cache_noprof+0x18a/0x420 [ 15.479728] kasan_atomics+0x96/0x310 [ 15.479864] kunit_try_run_case+0x1a6/0x480 [ 15.480056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.480316] kthread+0x324/0x6e0 [ 15.480489] ret_from_fork+0x41/0x80 [ 15.481111] ret_from_fork_asm+0x1a/0x30 [ 15.481730] [ 15.481844] The buggy address belongs to the object at ffff888101bf3e00 [ 15.481844] which belongs to the cache kmalloc-64 of size 64 [ 15.483330] The buggy address is located 0 bytes to the right of [ 15.483330] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.484413] [ 15.484519] The buggy address belongs to the physical page: [ 15.487303] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.487811] flags: 0x200000000000000(node=0|zone=2) [ 15.488165] page_type: f5(slab) [ 15.488342] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.488671] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.488986] page dumped because: kasan: bad access detected [ 15.489279] [ 15.489356] Memory state around the buggy address: [ 15.489702] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.490034] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.490340] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.490755] ^ [ 15.490985] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.491318] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.491597] ================================================================== [ 16.336818] ================================================================== [ 16.337231] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce2/0x5450 [ 16.337892] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.338132] [ 16.338215] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.338254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.338268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.338289] Call Trace: [ 16.338304] <TASK> [ 16.338319] dump_stack_lvl+0x73/0xb0 [ 16.338346] print_report+0xd1/0x650 [ 16.338368] ? __virt_addr_valid+0x1db/0x2d0 [ 16.338391] ? kasan_atomics_helper+0x1ce2/0x5450 [ 16.338413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.338440] ? kasan_atomics_helper+0x1ce2/0x5450 [ 16.338461] kasan_report+0x140/0x180 [ 16.338484] ? kasan_atomics_helper+0x1ce2/0x5450 [ 16.338510] kasan_check_range+0x10c/0x1c0 [ 16.338534] __kasan_check_write+0x18/0x20 [ 16.338588] kasan_atomics_helper+0x1ce2/0x5450 [ 16.338614] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.338636] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.338672] ? kasan_atomics+0x153/0x310 [ 16.338698] kasan_atomics+0x1dd/0x310 [ 16.338721] ? __pfx_kasan_atomics+0x10/0x10 [ 16.338757] ? __pfx_read_tsc+0x10/0x10 [ 16.338779] ? ktime_get_ts64+0x86/0x230 [ 16.338805] kunit_try_run_case+0x1a6/0x480 [ 16.338838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.338861] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.338888] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.338923] ? __kthread_parkme+0x82/0x160 [ 16.338946] ? preempt_count_sub+0x50/0x80 [ 16.338972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.339003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.339045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.339072] kthread+0x324/0x6e0 [ 16.339094] ? trace_preempt_on+0x20/0xc0 [ 16.339118] ? __pfx_kthread+0x10/0x10 [ 16.339142] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.339165] ? calculate_sigpending+0x7b/0xa0 [ 16.339187] ? __pfx_kthread+0x10/0x10 [ 16.339210] ret_from_fork+0x41/0x80 [ 16.339229] ? __pfx_kthread+0x10/0x10 [ 16.339252] ret_from_fork_asm+0x1a/0x30 [ 16.339285] </TASK> [ 16.339295] [ 16.351906] Allocated by task 273: [ 16.352258] kasan_save_stack+0x45/0x70 [ 16.352630] kasan_save_track+0x18/0x40 [ 16.352983] kasan_save_alloc_info+0x3b/0x50 [ 16.353380] __kasan_kmalloc+0xb7/0xc0 [ 16.353769] __kmalloc_cache_noprof+0x18a/0x420 [ 16.354189] kasan_atomics+0x96/0x310 [ 16.354534] kunit_try_run_case+0x1a6/0x480 [ 16.354928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.355158] kthread+0x324/0x6e0 [ 16.355282] ret_from_fork+0x41/0x80 [ 16.355410] ret_from_fork_asm+0x1a/0x30 [ 16.355552] [ 16.355631] The buggy address belongs to the object at ffff888101bf3e00 [ 16.355631] which belongs to the cache kmalloc-64 of size 64 [ 16.356108] The buggy address is located 0 bytes to the right of [ 16.356108] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.356543] [ 16.356639] The buggy address belongs to the physical page: [ 16.356944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.357239] flags: 0x200000000000000(node=0|zone=2) [ 16.357475] page_type: f5(slab) [ 16.357684] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.357989] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.358272] page dumped because: kasan: bad access detected [ 16.358458] [ 16.358552] Memory state around the buggy address: [ 16.358777] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359071] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.359324] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.359638] ^ [ 16.359857] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360158] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360420] ================================================================== [ 15.570584] ================================================================== [ 15.570825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6b/0x5450 [ 15.571212] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.571546] [ 15.571646] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.571684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.571697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.571719] Call Trace: [ 15.571731] <TASK> [ 15.571746] dump_stack_lvl+0x73/0xb0 [ 15.571770] print_report+0xd1/0x650 [ 15.571792] ? __virt_addr_valid+0x1db/0x2d0 [ 15.571814] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.571835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.571861] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.571883] kasan_report+0x140/0x180 [ 15.571906] ? kasan_atomics_helper+0xb6b/0x5450 [ 15.571932] kasan_check_range+0x10c/0x1c0 [ 15.571956] __kasan_check_write+0x18/0x20 [ 15.571980] kasan_atomics_helper+0xb6b/0x5450 [ 15.572002] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.572055] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.572079] ? kasan_atomics+0x153/0x310 [ 15.572106] kasan_atomics+0x1dd/0x310 [ 15.572129] ? __pfx_kasan_atomics+0x10/0x10 [ 15.572154] ? __pfx_read_tsc+0x10/0x10 [ 15.572176] ? ktime_get_ts64+0x86/0x230 [ 15.572202] kunit_try_run_case+0x1a6/0x480 [ 15.572226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.572273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.572298] ? __kthread_parkme+0x82/0x160 [ 15.572321] ? preempt_count_sub+0x50/0x80 [ 15.572347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.572371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.572399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.572427] kthread+0x324/0x6e0 [ 15.572448] ? trace_preempt_on+0x20/0xc0 [ 15.572471] ? __pfx_kthread+0x10/0x10 [ 15.572495] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.572517] ? calculate_sigpending+0x7b/0xa0 [ 15.572540] ? __pfx_kthread+0x10/0x10 [ 15.572563] ret_from_fork+0x41/0x80 [ 15.572582] ? __pfx_kthread+0x10/0x10 [ 15.572606] ret_from_fork_asm+0x1a/0x30 [ 15.572638] </TASK> [ 15.572649] [ 15.583317] Allocated by task 273: [ 15.583488] kasan_save_stack+0x45/0x70 [ 15.584041] kasan_save_track+0x18/0x40 [ 15.584267] kasan_save_alloc_info+0x3b/0x50 [ 15.584639] __kasan_kmalloc+0xb7/0xc0 [ 15.584961] __kmalloc_cache_noprof+0x18a/0x420 [ 15.585350] kasan_atomics+0x96/0x310 [ 15.585692] kunit_try_run_case+0x1a6/0x480 [ 15.586031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.586279] kthread+0x324/0x6e0 [ 15.586447] ret_from_fork+0x41/0x80 [ 15.586835] ret_from_fork_asm+0x1a/0x30 [ 15.587174] [ 15.587401] The buggy address belongs to the object at ffff888101bf3e00 [ 15.587401] which belongs to the cache kmalloc-64 of size 64 [ 15.588296] The buggy address is located 0 bytes to the right of [ 15.588296] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.589168] [ 15.589275] The buggy address belongs to the physical page: [ 15.589489] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.590055] flags: 0x200000000000000(node=0|zone=2) [ 15.590415] page_type: f5(slab) [ 15.590732] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.591115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.591439] page dumped because: kasan: bad access detected [ 15.592058] [ 15.592147] Memory state around the buggy address: [ 15.592558] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.593037] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.593529] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.594128] ^ [ 15.594352] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.594833] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.595327] ================================================================== [ 15.883317] ================================================================== [ 15.883816] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ea/0x5450 [ 15.884103] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.884414] [ 15.884518] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.884558] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.884624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.884645] Call Trace: [ 15.884661] <TASK> [ 15.884677] dump_stack_lvl+0x73/0xb0 [ 15.884702] print_report+0xd1/0x650 [ 15.884724] ? __virt_addr_valid+0x1db/0x2d0 [ 15.884746] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.884768] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.884795] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.884817] kasan_report+0x140/0x180 [ 15.884839] ? kasan_atomics_helper+0x49ea/0x5450 [ 15.884866] __asan_report_load4_noabort+0x18/0x20 [ 15.884892] kasan_atomics_helper+0x49ea/0x5450 [ 15.884915] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.884937] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.884962] ? kasan_atomics+0x153/0x310 [ 15.884989] kasan_atomics+0x1dd/0x310 [ 15.885012] ? __pfx_kasan_atomics+0x10/0x10 [ 15.885047] ? __pfx_read_tsc+0x10/0x10 [ 15.885069] ? ktime_get_ts64+0x86/0x230 [ 15.885095] kunit_try_run_case+0x1a6/0x480 [ 15.885119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.885141] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.885165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.885190] ? __kthread_parkme+0x82/0x160 [ 15.885213] ? preempt_count_sub+0x50/0x80 [ 15.885239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.885262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.885288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.885315] kthread+0x324/0x6e0 [ 15.885337] ? trace_preempt_on+0x20/0xc0 [ 15.885361] ? __pfx_kthread+0x10/0x10 [ 15.885384] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.885408] ? calculate_sigpending+0x7b/0xa0 [ 15.885430] ? __pfx_kthread+0x10/0x10 [ 15.885453] ret_from_fork+0x41/0x80 [ 15.885473] ? __pfx_kthread+0x10/0x10 [ 15.885495] ret_from_fork_asm+0x1a/0x30 [ 15.885527] </TASK> [ 15.885538] [ 15.893237] Allocated by task 273: [ 15.893369] kasan_save_stack+0x45/0x70 [ 15.893513] kasan_save_track+0x18/0x40 [ 15.893647] kasan_save_alloc_info+0x3b/0x50 [ 15.893801] __kasan_kmalloc+0xb7/0xc0 [ 15.894161] __kmalloc_cache_noprof+0x18a/0x420 [ 15.894408] kasan_atomics+0x96/0x310 [ 15.894631] kunit_try_run_case+0x1a6/0x480 [ 15.894844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.895116] kthread+0x324/0x6e0 [ 15.895289] ret_from_fork+0x41/0x80 [ 15.895474] ret_from_fork_asm+0x1a/0x30 [ 15.895873] [ 15.895975] The buggy address belongs to the object at ffff888101bf3e00 [ 15.895975] which belongs to the cache kmalloc-64 of size 64 [ 15.896458] The buggy address is located 0 bytes to the right of [ 15.896458] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.896959] [ 15.897051] The buggy address belongs to the physical page: [ 15.897307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.897877] flags: 0x200000000000000(node=0|zone=2) [ 15.898110] page_type: f5(slab) [ 15.898258] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.898527] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.899154] page dumped because: kasan: bad access detected [ 15.899359] [ 15.899431] Memory state around the buggy address: [ 15.899585] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.899799] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.900184] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.900504] ^ [ 15.900733] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.901062] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.901293] ================================================================== [ 16.544296] ================================================================== [ 16.544636] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb4/0x5450 [ 16.544985] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.545374] [ 16.545458] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.545495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.545508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.545529] Call Trace: [ 16.545544] <TASK> [ 16.545560] dump_stack_lvl+0x73/0xb0 [ 16.545583] print_report+0xd1/0x650 [ 16.545605] ? __virt_addr_valid+0x1db/0x2d0 [ 16.545627] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.545648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.545699] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.545721] kasan_report+0x140/0x180 [ 16.545749] ? kasan_atomics_helper+0x4fb4/0x5450 [ 16.545793] __asan_report_load8_noabort+0x18/0x20 [ 16.545817] kasan_atomics_helper+0x4fb4/0x5450 [ 16.545841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.545863] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.545887] ? kasan_atomics+0x153/0x310 [ 16.545913] kasan_atomics+0x1dd/0x310 [ 16.545935] ? __pfx_kasan_atomics+0x10/0x10 [ 16.545959] ? __pfx_read_tsc+0x10/0x10 [ 16.545999] ? ktime_get_ts64+0x86/0x230 [ 16.546034] kunit_try_run_case+0x1a6/0x480 [ 16.546058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.546097] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.546121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.546146] ? __kthread_parkme+0x82/0x160 [ 16.546168] ? preempt_count_sub+0x50/0x80 [ 16.546193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.546217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.546243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.546271] kthread+0x324/0x6e0 [ 16.546308] ? trace_preempt_on+0x20/0xc0 [ 16.546346] ? __pfx_kthread+0x10/0x10 [ 16.546383] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.546419] ? calculate_sigpending+0x7b/0xa0 [ 16.546442] ? __pfx_kthread+0x10/0x10 [ 16.546465] ret_from_fork+0x41/0x80 [ 16.546484] ? __pfx_kthread+0x10/0x10 [ 16.546507] ret_from_fork_asm+0x1a/0x30 [ 16.546539] </TASK> [ 16.546550] [ 16.554481] Allocated by task 273: [ 16.554733] kasan_save_stack+0x45/0x70 [ 16.554951] kasan_save_track+0x18/0x40 [ 16.555136] kasan_save_alloc_info+0x3b/0x50 [ 16.555350] __kasan_kmalloc+0xb7/0xc0 [ 16.555552] __kmalloc_cache_noprof+0x18a/0x420 [ 16.555711] kasan_atomics+0x96/0x310 [ 16.555913] kunit_try_run_case+0x1a6/0x480 [ 16.556120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.556372] kthread+0x324/0x6e0 [ 16.556560] ret_from_fork+0x41/0x80 [ 16.556786] ret_from_fork_asm+0x1a/0x30 [ 16.556951] [ 16.557033] The buggy address belongs to the object at ffff888101bf3e00 [ 16.557033] which belongs to the cache kmalloc-64 of size 64 [ 16.557543] The buggy address is located 0 bytes to the right of [ 16.557543] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.558004] [ 16.558085] The buggy address belongs to the physical page: [ 16.558255] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.558492] flags: 0x200000000000000(node=0|zone=2) [ 16.558833] page_type: f5(slab) [ 16.559119] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.559461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.559809] page dumped because: kasan: bad access detected [ 16.560049] [ 16.560162] Memory state around the buggy address: [ 16.560397] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.560739] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.560997] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.561210] ^ [ 16.561358] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561563] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.561906] ================================================================== [ 16.167607] ================================================================== [ 16.168297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1819/0x5450 [ 16.169010] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.169748] [ 16.169918] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.169967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.169979] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.170000] Call Trace: [ 16.170035] <TASK> [ 16.170052] dump_stack_lvl+0x73/0xb0 [ 16.170079] print_report+0xd1/0x650 [ 16.170100] ? __virt_addr_valid+0x1db/0x2d0 [ 16.170124] ? kasan_atomics_helper+0x1819/0x5450 [ 16.170154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.170181] ? kasan_atomics_helper+0x1819/0x5450 [ 16.170203] kasan_report+0x140/0x180 [ 16.170236] ? kasan_atomics_helper+0x1819/0x5450 [ 16.170262] kasan_check_range+0x10c/0x1c0 [ 16.170285] __kasan_check_write+0x18/0x20 [ 16.170308] kasan_atomics_helper+0x1819/0x5450 [ 16.170331] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.170353] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.170377] ? kasan_atomics+0x153/0x310 [ 16.170403] kasan_atomics+0x1dd/0x310 [ 16.170425] ? __pfx_kasan_atomics+0x10/0x10 [ 16.170449] ? __pfx_read_tsc+0x10/0x10 [ 16.170471] ? ktime_get_ts64+0x86/0x230 [ 16.170496] kunit_try_run_case+0x1a6/0x480 [ 16.170519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.170541] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.170567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.170591] ? __kthread_parkme+0x82/0x160 [ 16.170614] ? preempt_count_sub+0x50/0x80 [ 16.170640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.170664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.170690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.170718] kthread+0x324/0x6e0 [ 16.170739] ? trace_preempt_on+0x20/0xc0 [ 16.170763] ? __pfx_kthread+0x10/0x10 [ 16.170786] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.170809] ? calculate_sigpending+0x7b/0xa0 [ 16.170831] ? __pfx_kthread+0x10/0x10 [ 16.170855] ret_from_fork+0x41/0x80 [ 16.170874] ? __pfx_kthread+0x10/0x10 [ 16.170897] ret_from_fork_asm+0x1a/0x30 [ 16.170929] </TASK> [ 16.170940] [ 16.178840] Allocated by task 273: [ 16.179041] kasan_save_stack+0x45/0x70 [ 16.179207] kasan_save_track+0x18/0x40 [ 16.179417] kasan_save_alloc_info+0x3b/0x50 [ 16.179624] __kasan_kmalloc+0xb7/0xc0 [ 16.179894] __kmalloc_cache_noprof+0x18a/0x420 [ 16.180078] kasan_atomics+0x96/0x310 [ 16.180221] kunit_try_run_case+0x1a6/0x480 [ 16.180451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.180730] kthread+0x324/0x6e0 [ 16.180976] ret_from_fork+0x41/0x80 [ 16.181168] ret_from_fork_asm+0x1a/0x30 [ 16.181326] [ 16.181400] The buggy address belongs to the object at ffff888101bf3e00 [ 16.181400] which belongs to the cache kmalloc-64 of size 64 [ 16.182069] The buggy address is located 0 bytes to the right of [ 16.182069] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.182606] [ 16.182711] The buggy address belongs to the physical page: [ 16.182949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.183307] flags: 0x200000000000000(node=0|zone=2) [ 16.183535] page_type: f5(slab) [ 16.183745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.184062] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.184388] page dumped because: kasan: bad access detected [ 16.184676] [ 16.184757] Memory state around the buggy address: [ 16.184971] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.185195] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.185409] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.185619] ^ [ 16.185872] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.186201] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.186514] ================================================================== [ 16.498626] ================================================================== [ 16.498979] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f9a/0x5450 [ 16.499326] Read of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.499855] [ 16.499969] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.500008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.500032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.500063] Call Trace: [ 16.500078] <TASK> [ 16.500093] dump_stack_lvl+0x73/0xb0 [ 16.500130] print_report+0xd1/0x650 [ 16.500151] ? __virt_addr_valid+0x1db/0x2d0 [ 16.500174] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.500195] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.500222] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.500244] kasan_report+0x140/0x180 [ 16.500266] ? kasan_atomics_helper+0x4f9a/0x5450 [ 16.500292] __asan_report_load8_noabort+0x18/0x20 [ 16.500325] kasan_atomics_helper+0x4f9a/0x5450 [ 16.500349] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.500371] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.500407] ? kasan_atomics+0x153/0x310 [ 16.500434] kasan_atomics+0x1dd/0x310 [ 16.500457] ? __pfx_kasan_atomics+0x10/0x10 [ 16.500482] ? __pfx_read_tsc+0x10/0x10 [ 16.500504] ? ktime_get_ts64+0x86/0x230 [ 16.500529] kunit_try_run_case+0x1a6/0x480 [ 16.500553] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.500576] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.500610] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.500634] ? __kthread_parkme+0x82/0x160 [ 16.500658] ? preempt_count_sub+0x50/0x80 [ 16.500694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.500717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.500745] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.500772] kthread+0x324/0x6e0 [ 16.500797] ? trace_preempt_on+0x20/0xc0 [ 16.500821] ? __pfx_kthread+0x10/0x10 [ 16.500853] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.500877] ? calculate_sigpending+0x7b/0xa0 [ 16.500900] ? __pfx_kthread+0x10/0x10 [ 16.500934] ret_from_fork+0x41/0x80 [ 16.500953] ? __pfx_kthread+0x10/0x10 [ 16.500976] ret_from_fork_asm+0x1a/0x30 [ 16.501026] </TASK> [ 16.501037] [ 16.508535] Allocated by task 273: [ 16.508787] kasan_save_stack+0x45/0x70 [ 16.508960] kasan_save_track+0x18/0x40 [ 16.509201] kasan_save_alloc_info+0x3b/0x50 [ 16.509391] __kasan_kmalloc+0xb7/0xc0 [ 16.509604] __kmalloc_cache_noprof+0x18a/0x420 [ 16.509823] kasan_atomics+0x96/0x310 [ 16.510005] kunit_try_run_case+0x1a6/0x480 [ 16.510231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.510471] kthread+0x324/0x6e0 [ 16.510672] ret_from_fork+0x41/0x80 [ 16.510871] ret_from_fork_asm+0x1a/0x30 [ 16.511084] [ 16.511184] The buggy address belongs to the object at ffff888101bf3e00 [ 16.511184] which belongs to the cache kmalloc-64 of size 64 [ 16.511705] The buggy address is located 0 bytes to the right of [ 16.511705] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.512242] [ 16.512343] The buggy address belongs to the physical page: [ 16.512626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.512871] flags: 0x200000000000000(node=0|zone=2) [ 16.513044] page_type: f5(slab) [ 16.513163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.513432] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.513794] page dumped because: kasan: bad access detected [ 16.514110] [ 16.514223] Memory state around the buggy address: [ 16.514500] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.514898] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.515154] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.515404] ^ [ 16.515664] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516021] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.516365] ================================================================== [ 15.551750] ================================================================== [ 15.552335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac8/0x5450 [ 15.553065] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.553333] [ 15.553442] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.553482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.553496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.553517] Call Trace: [ 15.553529] <TASK> [ 15.553546] dump_stack_lvl+0x73/0xb0 [ 15.553571] print_report+0xd1/0x650 [ 15.553594] ? __virt_addr_valid+0x1db/0x2d0 [ 15.553616] ? kasan_atomics_helper+0xac8/0x5450 [ 15.553638] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.553664] ? kasan_atomics_helper+0xac8/0x5450 [ 15.553686] kasan_report+0x140/0x180 [ 15.553709] ? kasan_atomics_helper+0xac8/0x5450 [ 15.553741] kasan_check_range+0x10c/0x1c0 [ 15.553765] __kasan_check_write+0x18/0x20 [ 15.553788] kasan_atomics_helper+0xac8/0x5450 [ 15.553811] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.553833] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.553859] ? kasan_atomics+0x153/0x310 [ 15.553886] kasan_atomics+0x1dd/0x310 [ 15.553909] ? __pfx_kasan_atomics+0x10/0x10 [ 15.553933] ? __pfx_read_tsc+0x10/0x10 [ 15.553956] ? ktime_get_ts64+0x86/0x230 [ 15.553981] kunit_try_run_case+0x1a6/0x480 [ 15.554005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554037] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.554061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.554086] ? __kthread_parkme+0x82/0x160 [ 15.554109] ? preempt_count_sub+0x50/0x80 [ 15.554134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.554158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.554184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.554212] kthread+0x324/0x6e0 [ 15.554234] ? trace_preempt_on+0x20/0xc0 [ 15.554258] ? __pfx_kthread+0x10/0x10 [ 15.554281] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.554304] ? calculate_sigpending+0x7b/0xa0 [ 15.554326] ? __pfx_kthread+0x10/0x10 [ 15.554350] ret_from_fork+0x41/0x80 [ 15.554369] ? __pfx_kthread+0x10/0x10 [ 15.554393] ret_from_fork_asm+0x1a/0x30 [ 15.554424] </TASK> [ 15.554434] [ 15.562273] Allocated by task 273: [ 15.562456] kasan_save_stack+0x45/0x70 [ 15.562688] kasan_save_track+0x18/0x40 [ 15.562822] kasan_save_alloc_info+0x3b/0x50 [ 15.562970] __kasan_kmalloc+0xb7/0xc0 [ 15.563233] __kmalloc_cache_noprof+0x18a/0x420 [ 15.563477] kasan_atomics+0x96/0x310 [ 15.563663] kunit_try_run_case+0x1a6/0x480 [ 15.563829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.564007] kthread+0x324/0x6e0 [ 15.564137] ret_from_fork+0x41/0x80 [ 15.564477] ret_from_fork_asm+0x1a/0x30 [ 15.564849] [ 15.565035] The buggy address belongs to the object at ffff888101bf3e00 [ 15.565035] which belongs to the cache kmalloc-64 of size 64 [ 15.565504] The buggy address is located 0 bytes to the right of [ 15.565504] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.566035] [ 15.566109] The buggy address belongs to the physical page: [ 15.566281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.566518] flags: 0x200000000000000(node=0|zone=2) [ 15.566678] page_type: f5(slab) [ 15.566798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.567240] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.567570] page dumped because: kasan: bad access detected [ 15.567793] [ 15.567916] Memory state around the buggy address: [ 15.568188] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.568406] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.568816] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.569244] ^ [ 15.569482] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569778] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570171] ================================================================== [ 15.982424] ================================================================== [ 15.983075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1468/0x5450 [ 15.983536] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.984095] [ 15.984212] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.984256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.984270] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.984292] Call Trace: [ 15.984308] <TASK> [ 15.984325] dump_stack_lvl+0x73/0xb0 [ 15.984350] print_report+0xd1/0x650 [ 15.984372] ? __virt_addr_valid+0x1db/0x2d0 [ 15.984394] ? kasan_atomics_helper+0x1468/0x5450 [ 15.984415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.984441] ? kasan_atomics_helper+0x1468/0x5450 [ 15.984462] kasan_report+0x140/0x180 [ 15.984484] ? kasan_atomics_helper+0x1468/0x5450 [ 15.984511] kasan_check_range+0x10c/0x1c0 [ 15.984534] __kasan_check_write+0x18/0x20 [ 15.984557] kasan_atomics_helper+0x1468/0x5450 [ 15.984580] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.984601] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.984625] ? kasan_atomics+0x153/0x310 [ 15.984651] kasan_atomics+0x1dd/0x310 [ 15.984674] ? __pfx_kasan_atomics+0x10/0x10 [ 15.984697] ? __pfx_read_tsc+0x10/0x10 [ 15.984719] ? ktime_get_ts64+0x86/0x230 [ 15.984744] kunit_try_run_case+0x1a6/0x480 [ 15.984767] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.984789] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.984814] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.984837] ? __kthread_parkme+0x82/0x160 [ 15.984859] ? preempt_count_sub+0x50/0x80 [ 15.984884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.984907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.984934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.984961] kthread+0x324/0x6e0 [ 15.984984] ? trace_preempt_on+0x20/0xc0 [ 15.985008] ? __pfx_kthread+0x10/0x10 [ 15.985040] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.985063] ? calculate_sigpending+0x7b/0xa0 [ 15.985086] ? __pfx_kthread+0x10/0x10 [ 15.985110] ret_from_fork+0x41/0x80 [ 15.985129] ? __pfx_kthread+0x10/0x10 [ 15.985152] ret_from_fork_asm+0x1a/0x30 [ 15.985183] </TASK> [ 15.985195] [ 15.995414] Allocated by task 273: [ 15.995655] kasan_save_stack+0x45/0x70 [ 15.995859] kasan_save_track+0x18/0x40 [ 15.996067] kasan_save_alloc_info+0x3b/0x50 [ 15.996473] __kasan_kmalloc+0xb7/0xc0 [ 15.997297] __kmalloc_cache_noprof+0x18a/0x420 [ 15.997473] kasan_atomics+0x96/0x310 [ 15.997609] kunit_try_run_case+0x1a6/0x480 [ 15.997763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.997941] kthread+0x324/0x6e0 [ 15.998629] ret_from_fork+0x41/0x80 [ 15.999427] ret_from_fork_asm+0x1a/0x30 [ 16.000004] [ 16.000197] The buggy address belongs to the object at ffff888101bf3e00 [ 16.000197] which belongs to the cache kmalloc-64 of size 64 [ 16.002406] The buggy address is located 0 bytes to the right of [ 16.002406] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.003361] [ 16.003446] The buggy address belongs to the physical page: [ 16.004090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.004984] flags: 0x200000000000000(node=0|zone=2) [ 16.005684] page_type: f5(slab) [ 16.006133] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.006374] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.006980] page dumped because: kasan: bad access detected [ 16.007713] [ 16.008025] Memory state around the buggy address: [ 16.008616] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.009480] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.010158] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.011132] ^ [ 16.011462] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.012247] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.013288] ================================================================== [ 16.267187] ================================================================== [ 16.268506] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b23/0x5450 [ 16.269300] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.269813] [ 16.269939] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.269983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.270059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.270082] Call Trace: [ 16.270110] <TASK> [ 16.270129] dump_stack_lvl+0x73/0xb0 [ 16.270156] print_report+0xd1/0x650 [ 16.270178] ? __virt_addr_valid+0x1db/0x2d0 [ 16.270240] ? kasan_atomics_helper+0x1b23/0x5450 [ 16.270263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.270289] ? kasan_atomics_helper+0x1b23/0x5450 [ 16.270311] kasan_report+0x140/0x180 [ 16.270334] ? kasan_atomics_helper+0x1b23/0x5450 [ 16.270360] kasan_check_range+0x10c/0x1c0 [ 16.270384] __kasan_check_write+0x18/0x20 [ 16.270407] kasan_atomics_helper+0x1b23/0x5450 [ 16.270430] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.270452] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.270477] ? kasan_atomics+0x153/0x310 [ 16.270503] kasan_atomics+0x1dd/0x310 [ 16.270525] ? __pfx_kasan_atomics+0x10/0x10 [ 16.270556] ? __pfx_read_tsc+0x10/0x10 [ 16.270580] ? ktime_get_ts64+0x86/0x230 [ 16.270605] kunit_try_run_case+0x1a6/0x480 [ 16.270628] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270650] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.270674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.270699] ? __kthread_parkme+0x82/0x160 [ 16.270721] ? preempt_count_sub+0x50/0x80 [ 16.270747] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.270771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.270797] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.270825] kthread+0x324/0x6e0 [ 16.270847] ? trace_preempt_on+0x20/0xc0 [ 16.270869] ? __pfx_kthread+0x10/0x10 [ 16.270892] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.270914] ? calculate_sigpending+0x7b/0xa0 [ 16.270937] ? __pfx_kthread+0x10/0x10 [ 16.270960] ret_from_fork+0x41/0x80 [ 16.270979] ? __pfx_kthread+0x10/0x10 [ 16.271002] ret_from_fork_asm+0x1a/0x30 [ 16.271043] </TASK> [ 16.271054] [ 16.280416] Allocated by task 273: [ 16.280623] kasan_save_stack+0x45/0x70 [ 16.280782] kasan_save_track+0x18/0x40 [ 16.280919] kasan_save_alloc_info+0x3b/0x50 [ 16.281080] __kasan_kmalloc+0xb7/0xc0 [ 16.281269] __kmalloc_cache_noprof+0x18a/0x420 [ 16.281492] kasan_atomics+0x96/0x310 [ 16.281675] kunit_try_run_case+0x1a6/0x480 [ 16.281883] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.282156] kthread+0x324/0x6e0 [ 16.282293] ret_from_fork+0x41/0x80 [ 16.282498] ret_from_fork_asm+0x1a/0x30 [ 16.282662] [ 16.282763] The buggy address belongs to the object at ffff888101bf3e00 [ 16.282763] which belongs to the cache kmalloc-64 of size 64 [ 16.283220] The buggy address is located 0 bytes to the right of [ 16.283220] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.283879] [ 16.284003] The buggy address belongs to the physical page: [ 16.284270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.284571] flags: 0x200000000000000(node=0|zone=2) [ 16.284843] page_type: f5(slab) [ 16.285042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.285281] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.285683] page dumped because: kasan: bad access detected [ 16.285912] [ 16.285984] Memory state around the buggy address: [ 16.286152] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.286447] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.286893] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.287177] ^ [ 16.287380] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.287705] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.288011] ================================================================== [ 15.920222] ================================================================== [ 15.920566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49d0/0x5450 [ 15.921179] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.921511] [ 15.921737] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.921779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.921792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.921812] Call Trace: [ 15.921826] <TASK> [ 15.921841] dump_stack_lvl+0x73/0xb0 [ 15.921866] print_report+0xd1/0x650 [ 15.921888] ? __virt_addr_valid+0x1db/0x2d0 [ 15.921910] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.921932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.921958] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.921981] kasan_report+0x140/0x180 [ 15.922004] ? kasan_atomics_helper+0x49d0/0x5450 [ 15.922042] __asan_report_load4_noabort+0x18/0x20 [ 15.922067] kasan_atomics_helper+0x49d0/0x5450 [ 15.922090] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.922113] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.922137] ? kasan_atomics+0x153/0x310 [ 15.922164] kasan_atomics+0x1dd/0x310 [ 15.922186] ? __pfx_kasan_atomics+0x10/0x10 [ 15.922210] ? __pfx_read_tsc+0x10/0x10 [ 15.922232] ? ktime_get_ts64+0x86/0x230 [ 15.922258] kunit_try_run_case+0x1a6/0x480 [ 15.922282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922304] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.922329] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.922354] ? __kthread_parkme+0x82/0x160 [ 15.922377] ? preempt_count_sub+0x50/0x80 [ 15.922403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.922426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.922452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.922480] kthread+0x324/0x6e0 [ 15.922502] ? trace_preempt_on+0x20/0xc0 [ 15.922526] ? __pfx_kthread+0x10/0x10 [ 15.922548] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.922613] ? calculate_sigpending+0x7b/0xa0 [ 15.922637] ? __pfx_kthread+0x10/0x10 [ 15.922661] ret_from_fork+0x41/0x80 [ 15.922680] ? __pfx_kthread+0x10/0x10 [ 15.922703] ret_from_fork_asm+0x1a/0x30 [ 15.922734] </TASK> [ 15.922745] [ 15.930685] Allocated by task 273: [ 15.930824] kasan_save_stack+0x45/0x70 [ 15.930966] kasan_save_track+0x18/0x40 [ 15.931113] kasan_save_alloc_info+0x3b/0x50 [ 15.931261] __kasan_kmalloc+0xb7/0xc0 [ 15.931396] __kmalloc_cache_noprof+0x18a/0x420 [ 15.931662] kasan_atomics+0x96/0x310 [ 15.931848] kunit_try_run_case+0x1a6/0x480 [ 15.932319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.932674] kthread+0x324/0x6e0 [ 15.932852] ret_from_fork+0x41/0x80 [ 15.933043] ret_from_fork_asm+0x1a/0x30 [ 15.933214] [ 15.933314] The buggy address belongs to the object at ffff888101bf3e00 [ 15.933314] which belongs to the cache kmalloc-64 of size 64 [ 15.933946] The buggy address is located 0 bytes to the right of [ 15.933946] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.934438] [ 15.934542] The buggy address belongs to the physical page: [ 15.934821] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.935136] flags: 0x200000000000000(node=0|zone=2) [ 15.935333] page_type: f5(slab) [ 15.935455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.935683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.936077] page dumped because: kasan: bad access detected [ 15.936316] [ 15.936409] Memory state around the buggy address: [ 15.937483] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.937806] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.938033] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.938982] ^ [ 15.939309] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.939926] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.940258] ================================================================== [ 15.596392] ================================================================== [ 15.597051] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc71/0x5450 [ 15.597341] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.597866] [ 15.598225] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.598271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.598285] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.598307] Call Trace: [ 15.598323] <TASK> [ 15.598378] dump_stack_lvl+0x73/0xb0 [ 15.598408] print_report+0xd1/0x650 [ 15.598430] ? __virt_addr_valid+0x1db/0x2d0 [ 15.598454] ? kasan_atomics_helper+0xc71/0x5450 [ 15.598477] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.598506] ? kasan_atomics_helper+0xc71/0x5450 [ 15.598528] kasan_report+0x140/0x180 [ 15.598550] ? kasan_atomics_helper+0xc71/0x5450 [ 15.598578] kasan_check_range+0x10c/0x1c0 [ 15.598603] __kasan_check_write+0x18/0x20 [ 15.598626] kasan_atomics_helper+0xc71/0x5450 [ 15.598651] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.598675] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.598699] ? kasan_atomics+0x153/0x310 [ 15.598727] kasan_atomics+0x1dd/0x310 [ 15.598751] ? __pfx_kasan_atomics+0x10/0x10 [ 15.598775] ? __pfx_read_tsc+0x10/0x10 [ 15.598798] ? ktime_get_ts64+0x86/0x230 [ 15.598824] kunit_try_run_case+0x1a6/0x480 [ 15.598847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.598870] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.598894] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.598918] ? __kthread_parkme+0x82/0x160 [ 15.598941] ? preempt_count_sub+0x50/0x80 [ 15.598968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.598991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.599029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.599058] kthread+0x324/0x6e0 [ 15.599080] ? trace_preempt_on+0x20/0xc0 [ 15.599103] ? __pfx_kthread+0x10/0x10 [ 15.599126] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.599149] ? calculate_sigpending+0x7b/0xa0 [ 15.599172] ? __pfx_kthread+0x10/0x10 [ 15.599195] ret_from_fork+0x41/0x80 [ 15.599215] ? __pfx_kthread+0x10/0x10 [ 15.599239] ret_from_fork_asm+0x1a/0x30 [ 15.599272] </TASK> [ 15.599284] [ 15.610859] Allocated by task 273: [ 15.611301] kasan_save_stack+0x45/0x70 [ 15.611558] kasan_save_track+0x18/0x40 [ 15.611765] kasan_save_alloc_info+0x3b/0x50 [ 15.611965] __kasan_kmalloc+0xb7/0xc0 [ 15.612147] __kmalloc_cache_noprof+0x18a/0x420 [ 15.612346] kasan_atomics+0x96/0x310 [ 15.612516] kunit_try_run_case+0x1a6/0x480 [ 15.613085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.613370] kthread+0x324/0x6e0 [ 15.613702] ret_from_fork+0x41/0x80 [ 15.613983] ret_from_fork_asm+0x1a/0x30 [ 15.614356] [ 15.614447] The buggy address belongs to the object at ffff888101bf3e00 [ 15.614447] which belongs to the cache kmalloc-64 of size 64 [ 15.615277] The buggy address is located 0 bytes to the right of [ 15.615277] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.616134] [ 15.616380] The buggy address belongs to the physical page: [ 15.616844] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.617466] flags: 0x200000000000000(node=0|zone=2) [ 15.617849] page_type: f5(slab) [ 15.618030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.618346] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.619030] page dumped because: kasan: bad access detected [ 15.619314] [ 15.619545] Memory state around the buggy address: [ 15.620025] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.620510] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.621186] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.621544] ^ [ 15.621831] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622246] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.622505] ================================================================== [ 15.622996] ================================================================== [ 15.623370] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a86/0x5450 [ 15.623614] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.623939] [ 15.624082] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.624122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.624135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.624156] Call Trace: [ 15.624171] <TASK> [ 15.624186] dump_stack_lvl+0x73/0xb0 [ 15.624210] print_report+0xd1/0x650 [ 15.624232] ? __virt_addr_valid+0x1db/0x2d0 [ 15.624255] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.624276] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.624302] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.624324] kasan_report+0x140/0x180 [ 15.624347] ? kasan_atomics_helper+0x4a86/0x5450 [ 15.624372] __asan_report_load4_noabort+0x18/0x20 [ 15.624397] kasan_atomics_helper+0x4a86/0x5450 [ 15.624420] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.624442] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.624467] ? kasan_atomics+0x153/0x310 [ 15.624493] kasan_atomics+0x1dd/0x310 [ 15.624516] ? __pfx_kasan_atomics+0x10/0x10 [ 15.624540] ? __pfx_read_tsc+0x10/0x10 [ 15.624562] ? ktime_get_ts64+0x86/0x230 [ 15.624588] kunit_try_run_case+0x1a6/0x480 [ 15.624611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624634] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.624658] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.624685] ? __kthread_parkme+0x82/0x160 [ 15.624707] ? preempt_count_sub+0x50/0x80 [ 15.624733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.624783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.624811] kthread+0x324/0x6e0 [ 15.624833] ? trace_preempt_on+0x20/0xc0 [ 15.624857] ? __pfx_kthread+0x10/0x10 [ 15.624880] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.624903] ? calculate_sigpending+0x7b/0xa0 [ 15.624927] ? __pfx_kthread+0x10/0x10 [ 15.624950] ret_from_fork+0x41/0x80 [ 15.624970] ? __pfx_kthread+0x10/0x10 [ 15.624993] ret_from_fork_asm+0x1a/0x30 [ 15.625037] </TASK> [ 15.625049] [ 15.632633] Allocated by task 273: [ 15.632791] kasan_save_stack+0x45/0x70 [ 15.633190] kasan_save_track+0x18/0x40 [ 15.633383] kasan_save_alloc_info+0x3b/0x50 [ 15.633589] __kasan_kmalloc+0xb7/0xc0 [ 15.633778] __kmalloc_cache_noprof+0x18a/0x420 [ 15.634339] kasan_atomics+0x96/0x310 [ 15.634482] kunit_try_run_case+0x1a6/0x480 [ 15.634630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.635145] kthread+0x324/0x6e0 [ 15.635321] ret_from_fork+0x41/0x80 [ 15.635506] ret_from_fork_asm+0x1a/0x30 [ 15.635819] [ 15.636005] The buggy address belongs to the object at ffff888101bf3e00 [ 15.636005] which belongs to the cache kmalloc-64 of size 64 [ 15.636458] The buggy address is located 0 bytes to the right of [ 15.636458] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.637049] [ 15.637147] The buggy address belongs to the physical page: [ 15.637384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.637711] flags: 0x200000000000000(node=0|zone=2) [ 15.637913] page_type: f5(slab) [ 15.638100] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.638331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.638711] page dumped because: kasan: bad access detected [ 15.638964] [ 15.639068] Memory state around the buggy address: [ 15.639248] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.639544] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.639757] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.639966] ^ [ 15.640130] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640343] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.640737] ================================================================== [ 16.061276] ================================================================== [ 16.061582] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b7/0x5450 [ 16.061872] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.062444] [ 16.062550] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.062590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.062601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.062622] Call Trace: [ 16.062637] <TASK> [ 16.062651] dump_stack_lvl+0x73/0xb0 [ 16.062676] print_report+0xd1/0x650 [ 16.062697] ? __virt_addr_valid+0x1db/0x2d0 [ 16.062720] ? kasan_atomics_helper+0x15b7/0x5450 [ 16.062741] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.062767] ? kasan_atomics_helper+0x15b7/0x5450 [ 16.062789] kasan_report+0x140/0x180 [ 16.062811] ? kasan_atomics_helper+0x15b7/0x5450 [ 16.062837] kasan_check_range+0x10c/0x1c0 [ 16.062861] __kasan_check_write+0x18/0x20 [ 16.062884] kasan_atomics_helper+0x15b7/0x5450 [ 16.062907] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.062930] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.062954] ? kasan_atomics+0x153/0x310 [ 16.062980] kasan_atomics+0x1dd/0x310 [ 16.063003] ? __pfx_kasan_atomics+0x10/0x10 [ 16.063038] ? __pfx_read_tsc+0x10/0x10 [ 16.063061] ? ktime_get_ts64+0x86/0x230 [ 16.063087] kunit_try_run_case+0x1a6/0x480 [ 16.063110] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063133] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.063157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.063182] ? __kthread_parkme+0x82/0x160 [ 16.063205] ? preempt_count_sub+0x50/0x80 [ 16.063230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.063253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.063280] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.063307] kthread+0x324/0x6e0 [ 16.063329] ? trace_preempt_on+0x20/0xc0 [ 16.063353] ? __pfx_kthread+0x10/0x10 [ 16.063375] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.063398] ? calculate_sigpending+0x7b/0xa0 [ 16.063421] ? __pfx_kthread+0x10/0x10 [ 16.063445] ret_from_fork+0x41/0x80 [ 16.063464] ? __pfx_kthread+0x10/0x10 [ 16.063487] ret_from_fork_asm+0x1a/0x30 [ 16.063519] </TASK> [ 16.063531] [ 16.070912] Allocated by task 273: [ 16.071097] kasan_save_stack+0x45/0x70 [ 16.071292] kasan_save_track+0x18/0x40 [ 16.071481] kasan_save_alloc_info+0x3b/0x50 [ 16.071898] __kasan_kmalloc+0xb7/0xc0 [ 16.072121] __kmalloc_cache_noprof+0x18a/0x420 [ 16.072333] kasan_atomics+0x96/0x310 [ 16.072465] kunit_try_run_case+0x1a6/0x480 [ 16.072609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.072785] kthread+0x324/0x6e0 [ 16.072907] ret_from_fork+0x41/0x80 [ 16.073043] ret_from_fork_asm+0x1a/0x30 [ 16.073182] [ 16.073252] The buggy address belongs to the object at ffff888101bf3e00 [ 16.073252] which belongs to the cache kmalloc-64 of size 64 [ 16.074276] The buggy address is located 0 bytes to the right of [ 16.074276] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.075217] [ 16.075308] The buggy address belongs to the physical page: [ 16.075521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.075950] flags: 0x200000000000000(node=0|zone=2) [ 16.076184] page_type: f5(slab) [ 16.076305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.076534] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.076758] page dumped because: kasan: bad access detected [ 16.076928] [ 16.076997] Memory state around the buggy address: [ 16.077302] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077659] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.077978] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.078296] ^ [ 16.078681] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.079179] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.079621] ================================================================== [ 16.080186] ================================================================== [ 16.080416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1650/0x5450 [ 16.080699] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.081038] [ 16.081145] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.081182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.081194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.081215] Call Trace: [ 16.081228] <TASK> [ 16.081243] dump_stack_lvl+0x73/0xb0 [ 16.081267] print_report+0xd1/0x650 [ 16.081289] ? __virt_addr_valid+0x1db/0x2d0 [ 16.081311] ? kasan_atomics_helper+0x1650/0x5450 [ 16.081333] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.081360] ? kasan_atomics_helper+0x1650/0x5450 [ 16.081381] kasan_report+0x140/0x180 [ 16.081418] ? kasan_atomics_helper+0x1650/0x5450 [ 16.081446] kasan_check_range+0x10c/0x1c0 [ 16.081469] __kasan_check_write+0x18/0x20 [ 16.081492] kasan_atomics_helper+0x1650/0x5450 [ 16.081515] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.081536] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.081561] ? kasan_atomics+0x153/0x310 [ 16.081587] kasan_atomics+0x1dd/0x310 [ 16.081610] ? __pfx_kasan_atomics+0x10/0x10 [ 16.081634] ? __pfx_read_tsc+0x10/0x10 [ 16.081656] ? ktime_get_ts64+0x86/0x230 [ 16.081682] kunit_try_run_case+0x1a6/0x480 [ 16.081704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081727] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.081758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.081783] ? __kthread_parkme+0x82/0x160 [ 16.081805] ? preempt_count_sub+0x50/0x80 [ 16.081831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.081882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.081909] kthread+0x324/0x6e0 [ 16.081931] ? trace_preempt_on+0x20/0xc0 [ 16.081955] ? __pfx_kthread+0x10/0x10 [ 16.081978] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.082000] ? calculate_sigpending+0x7b/0xa0 [ 16.082033] ? __pfx_kthread+0x10/0x10 [ 16.082057] ret_from_fork+0x41/0x80 [ 16.082076] ? __pfx_kthread+0x10/0x10 [ 16.082099] ret_from_fork_asm+0x1a/0x30 [ 16.082131] </TASK> [ 16.082141] [ 16.090689] Allocated by task 273: [ 16.090821] kasan_save_stack+0x45/0x70 [ 16.090966] kasan_save_track+0x18/0x40 [ 16.091113] kasan_save_alloc_info+0x3b/0x50 [ 16.091326] __kasan_kmalloc+0xb7/0xc0 [ 16.091519] __kmalloc_cache_noprof+0x18a/0x420 [ 16.091749] kasan_atomics+0x96/0x310 [ 16.091945] kunit_try_run_case+0x1a6/0x480 [ 16.093228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094270] kthread+0x324/0x6e0 [ 16.094853] ret_from_fork+0x41/0x80 [ 16.095493] ret_from_fork_asm+0x1a/0x30 [ 16.096384] [ 16.096791] The buggy address belongs to the object at ffff888101bf3e00 [ 16.096791] which belongs to the cache kmalloc-64 of size 64 [ 16.098276] The buggy address is located 0 bytes to the right of [ 16.098276] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.099044] [ 16.099439] The buggy address belongs to the physical page: [ 16.100336] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.101448] flags: 0x200000000000000(node=0|zone=2) [ 16.101994] page_type: f5(slab) [ 16.102527] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.103310] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.104100] page dumped because: kasan: bad access detected [ 16.104287] [ 16.104364] Memory state around the buggy address: [ 16.104522] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.105215] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.105916] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.106622] ^ [ 16.107088] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.107751] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.108286] ================================================================== [ 16.209726] ================================================================== [ 16.210063] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194b/0x5450 [ 16.210355] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.210733] [ 16.210854] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.210905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.210918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.210940] Call Trace: [ 16.210954] <TASK> [ 16.210968] dump_stack_lvl+0x73/0xb0 [ 16.210991] print_report+0xd1/0x650 [ 16.211023] ? __virt_addr_valid+0x1db/0x2d0 [ 16.211056] ? kasan_atomics_helper+0x194b/0x5450 [ 16.211076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.211103] ? kasan_atomics_helper+0x194b/0x5450 [ 16.211136] kasan_report+0x140/0x180 [ 16.211158] ? kasan_atomics_helper+0x194b/0x5450 [ 16.211184] kasan_check_range+0x10c/0x1c0 [ 16.211208] __kasan_check_write+0x18/0x20 [ 16.211241] kasan_atomics_helper+0x194b/0x5450 [ 16.211263] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.211285] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.211321] ? kasan_atomics+0x153/0x310 [ 16.211346] kasan_atomics+0x1dd/0x310 [ 16.211370] ? __pfx_kasan_atomics+0x10/0x10 [ 16.211394] ? __pfx_read_tsc+0x10/0x10 [ 16.211415] ? ktime_get_ts64+0x86/0x230 [ 16.211440] kunit_try_run_case+0x1a6/0x480 [ 16.211463] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.211486] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.211510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.211534] ? __kthread_parkme+0x82/0x160 [ 16.211556] ? preempt_count_sub+0x50/0x80 [ 16.211581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.211613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.211639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.211676] kthread+0x324/0x6e0 [ 16.211699] ? trace_preempt_on+0x20/0xc0 [ 16.211723] ? __pfx_kthread+0x10/0x10 [ 16.211746] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.211768] ? calculate_sigpending+0x7b/0xa0 [ 16.211800] ? __pfx_kthread+0x10/0x10 [ 16.211824] ret_from_fork+0x41/0x80 [ 16.211843] ? __pfx_kthread+0x10/0x10 [ 16.211875] ret_from_fork_asm+0x1a/0x30 [ 16.211908] </TASK> [ 16.211919] [ 16.219549] Allocated by task 273: [ 16.219738] kasan_save_stack+0x45/0x70 [ 16.219989] kasan_save_track+0x18/0x40 [ 16.220191] kasan_save_alloc_info+0x3b/0x50 [ 16.220402] __kasan_kmalloc+0xb7/0xc0 [ 16.220620] __kmalloc_cache_noprof+0x18a/0x420 [ 16.220876] kasan_atomics+0x96/0x310 [ 16.221082] kunit_try_run_case+0x1a6/0x480 [ 16.221228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.221422] kthread+0x324/0x6e0 [ 16.221638] ret_from_fork+0x41/0x80 [ 16.221968] ret_from_fork_asm+0x1a/0x30 [ 16.222236] [ 16.222400] The buggy address belongs to the object at ffff888101bf3e00 [ 16.222400] which belongs to the cache kmalloc-64 of size 64 [ 16.222999] The buggy address is located 0 bytes to the right of [ 16.222999] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.223480] [ 16.223637] The buggy address belongs to the physical page: [ 16.223895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.224143] flags: 0x200000000000000(node=0|zone=2) [ 16.224302] page_type: f5(slab) [ 16.224516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.225268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.225612] page dumped because: kasan: bad access detected [ 16.225896] [ 16.226009] Memory state around the buggy address: [ 16.226258] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.226479] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.226694] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.226940] ^ [ 16.227199] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.227594] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.228001] ================================================================== [ 15.901936] ================================================================== [ 15.902284] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e7/0x5450 [ 15.902669] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.902907] [ 15.902987] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.903037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.903049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.903071] Call Trace: [ 15.903084] <TASK> [ 15.903099] dump_stack_lvl+0x73/0xb0 [ 15.903125] print_report+0xd1/0x650 [ 15.903146] ? __virt_addr_valid+0x1db/0x2d0 [ 15.903168] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.903190] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.903217] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.903239] kasan_report+0x140/0x180 [ 15.903261] ? kasan_atomics_helper+0x12e7/0x5450 [ 15.903287] kasan_check_range+0x10c/0x1c0 [ 15.903311] __kasan_check_write+0x18/0x20 [ 15.903334] kasan_atomics_helper+0x12e7/0x5450 [ 15.903357] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.903380] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.903405] ? kasan_atomics+0x153/0x310 [ 15.903430] kasan_atomics+0x1dd/0x310 [ 15.903453] ? __pfx_kasan_atomics+0x10/0x10 [ 15.903478] ? __pfx_read_tsc+0x10/0x10 [ 15.903500] ? ktime_get_ts64+0x86/0x230 [ 15.903526] kunit_try_run_case+0x1a6/0x480 [ 15.903550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903573] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.903596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.903621] ? __kthread_parkme+0x82/0x160 [ 15.903644] ? preempt_count_sub+0x50/0x80 [ 15.903668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903692] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.903719] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.903746] kthread+0x324/0x6e0 [ 15.903847] ? trace_preempt_on+0x20/0xc0 [ 15.903873] ? __pfx_kthread+0x10/0x10 [ 15.903896] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.903920] ? calculate_sigpending+0x7b/0xa0 [ 15.903941] ? __pfx_kthread+0x10/0x10 [ 15.903965] ret_from_fork+0x41/0x80 [ 15.903984] ? __pfx_kthread+0x10/0x10 [ 15.904008] ret_from_fork_asm+0x1a/0x30 [ 15.904050] </TASK> [ 15.904061] [ 15.912263] Allocated by task 273: [ 15.912414] kasan_save_stack+0x45/0x70 [ 15.912678] kasan_save_track+0x18/0x40 [ 15.912818] kasan_save_alloc_info+0x3b/0x50 [ 15.912978] __kasan_kmalloc+0xb7/0xc0 [ 15.913182] __kmalloc_cache_noprof+0x18a/0x420 [ 15.913406] kasan_atomics+0x96/0x310 [ 15.913598] kunit_try_run_case+0x1a6/0x480 [ 15.913787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.914034] kthread+0x324/0x6e0 [ 15.914191] ret_from_fork+0x41/0x80 [ 15.914321] ret_from_fork_asm+0x1a/0x30 [ 15.914492] [ 15.914786] The buggy address belongs to the object at ffff888101bf3e00 [ 15.914786] which belongs to the cache kmalloc-64 of size 64 [ 15.915304] The buggy address is located 0 bytes to the right of [ 15.915304] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.915971] [ 15.916074] The buggy address belongs to the physical page: [ 15.916249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.916653] flags: 0x200000000000000(node=0|zone=2) [ 15.916896] page_type: f5(slab) [ 15.917083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.917406] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.917750] page dumped because: kasan: bad access detected [ 15.917978] [ 15.918091] Memory state around the buggy address: [ 15.918305] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.918566] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.918873] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.919153] ^ [ 15.919309] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919520] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.919730] ================================================================== [ 16.288582] ================================================================== [ 16.288821] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c19/0x5450 [ 16.289173] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.289539] [ 16.289648] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.289685] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.289698] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.289719] Call Trace: [ 16.289739] <TASK> [ 16.289752] dump_stack_lvl+0x73/0xb0 [ 16.289814] print_report+0xd1/0x650 [ 16.289836] ? __virt_addr_valid+0x1db/0x2d0 [ 16.289858] ? kasan_atomics_helper+0x1c19/0x5450 [ 16.289880] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.289906] ? kasan_atomics_helper+0x1c19/0x5450 [ 16.289929] kasan_report+0x140/0x180 [ 16.289951] ? kasan_atomics_helper+0x1c19/0x5450 [ 16.289977] kasan_check_range+0x10c/0x1c0 [ 16.290001] __kasan_check_write+0x18/0x20 [ 16.290036] kasan_atomics_helper+0x1c19/0x5450 [ 16.290059] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.290081] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.290106] ? kasan_atomics+0x153/0x310 [ 16.290132] kasan_atomics+0x1dd/0x310 [ 16.290154] ? __pfx_kasan_atomics+0x10/0x10 [ 16.290179] ? __pfx_read_tsc+0x10/0x10 [ 16.290201] ? ktime_get_ts64+0x86/0x230 [ 16.290227] kunit_try_run_case+0x1a6/0x480 [ 16.290251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.290273] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.290318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.290344] ? __kthread_parkme+0x82/0x160 [ 16.290366] ? preempt_count_sub+0x50/0x80 [ 16.290390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.290415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.290442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.290469] kthread+0x324/0x6e0 [ 16.290490] ? trace_preempt_on+0x20/0xc0 [ 16.290514] ? __pfx_kthread+0x10/0x10 [ 16.290537] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.290561] ? calculate_sigpending+0x7b/0xa0 [ 16.290584] ? __pfx_kthread+0x10/0x10 [ 16.290606] ret_from_fork+0x41/0x80 [ 16.290626] ? __pfx_kthread+0x10/0x10 [ 16.290649] ret_from_fork_asm+0x1a/0x30 [ 16.290681] </TASK> [ 16.290691] [ 16.298773] Allocated by task 273: [ 16.299005] kasan_save_stack+0x45/0x70 [ 16.299198] kasan_save_track+0x18/0x40 [ 16.299450] kasan_save_alloc_info+0x3b/0x50 [ 16.299672] __kasan_kmalloc+0xb7/0xc0 [ 16.299908] __kmalloc_cache_noprof+0x18a/0x420 [ 16.300143] kasan_atomics+0x96/0x310 [ 16.300276] kunit_try_run_case+0x1a6/0x480 [ 16.300428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.300857] kthread+0x324/0x6e0 [ 16.301042] ret_from_fork+0x41/0x80 [ 16.301207] ret_from_fork_asm+0x1a/0x30 [ 16.301596] [ 16.301789] The buggy address belongs to the object at ffff888101bf3e00 [ 16.301789] which belongs to the cache kmalloc-64 of size 64 [ 16.302471] The buggy address is located 0 bytes to the right of [ 16.302471] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.303075] [ 16.303150] The buggy address belongs to the physical page: [ 16.303320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.303555] flags: 0x200000000000000(node=0|zone=2) [ 16.304026] page_type: f5(slab) [ 16.304197] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.304636] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.305210] page dumped because: kasan: bad access detected [ 16.305428] [ 16.305500] Memory state around the buggy address: [ 16.305949] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.306275] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.306608] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.306915] ^ [ 16.307726] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.307973] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.308207] ================================================================== [ 15.268072] ================================================================== [ 15.268949] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b56/0x5450 [ 15.269458] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.269749] [ 15.269836] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.269976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.269991] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.270181] Call Trace: [ 15.270201] <TASK> [ 15.270218] dump_stack_lvl+0x73/0xb0 [ 15.270269] print_report+0xd1/0x650 [ 15.270292] ? __virt_addr_valid+0x1db/0x2d0 [ 15.270315] ? kasan_atomics_helper+0x4b56/0x5450 [ 15.270446] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.270477] ? kasan_atomics_helper+0x4b56/0x5450 [ 15.270499] kasan_report+0x140/0x180 [ 15.270522] ? kasan_atomics_helper+0x4b56/0x5450 [ 15.270548] __asan_report_load4_noabort+0x18/0x20 [ 15.270573] kasan_atomics_helper+0x4b56/0x5450 [ 15.270596] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.270618] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.270643] ? kasan_atomics+0x153/0x310 [ 15.270670] kasan_atomics+0x1dd/0x310 [ 15.270692] ? __pfx_kasan_atomics+0x10/0x10 [ 15.270716] ? __pfx_read_tsc+0x10/0x10 [ 15.270738] ? ktime_get_ts64+0x86/0x230 [ 15.270764] kunit_try_run_case+0x1a6/0x480 [ 15.270787] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.270809] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.270834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.270858] ? __kthread_parkme+0x82/0x160 [ 15.270880] ? preempt_count_sub+0x50/0x80 [ 15.270905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.270929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.270956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.270982] kthread+0x324/0x6e0 [ 15.271004] ? trace_preempt_on+0x20/0xc0 [ 15.271040] ? __pfx_kthread+0x10/0x10 [ 15.271063] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.271086] ? calculate_sigpending+0x7b/0xa0 [ 15.271107] ? __pfx_kthread+0x10/0x10 [ 15.271131] ret_from_fork+0x41/0x80 [ 15.271150] ? __pfx_kthread+0x10/0x10 [ 15.271173] ret_from_fork_asm+0x1a/0x30 [ 15.271204] </TASK> [ 15.271216] [ 15.284075] Allocated by task 273: [ 15.284588] kasan_save_stack+0x45/0x70 [ 15.284773] kasan_save_track+0x18/0x40 [ 15.285313] kasan_save_alloc_info+0x3b/0x50 [ 15.285502] __kasan_kmalloc+0xb7/0xc0 [ 15.285706] __kmalloc_cache_noprof+0x18a/0x420 [ 15.286301] kasan_atomics+0x96/0x310 [ 15.286443] kunit_try_run_case+0x1a6/0x480 [ 15.286639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.286979] kthread+0x324/0x6e0 [ 15.287273] ret_from_fork+0x41/0x80 [ 15.287701] ret_from_fork_asm+0x1a/0x30 [ 15.287912] [ 15.287995] The buggy address belongs to the object at ffff888101bf3e00 [ 15.287995] which belongs to the cache kmalloc-64 of size 64 [ 15.288904] The buggy address is located 0 bytes to the right of [ 15.288904] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.289514] [ 15.289639] The buggy address belongs to the physical page: [ 15.289824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.290199] flags: 0x200000000000000(node=0|zone=2) [ 15.290428] page_type: f5(slab) [ 15.290907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.291190] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.291666] page dumped because: kasan: bad access detected [ 15.292064] [ 15.292153] Memory state around the buggy address: [ 15.292514] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.292997] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.293317] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.293839] ^ [ 15.294059] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.294373] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.294847] ================================================================== [ 15.792157] ================================================================== [ 15.792494] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1e/0x5450 [ 15.793096] Read of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.793420] [ 15.793522] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.793560] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.793572] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.793593] Call Trace: [ 15.793606] <TASK> [ 15.793621] dump_stack_lvl+0x73/0xb0 [ 15.793646] print_report+0xd1/0x650 [ 15.793667] ? __virt_addr_valid+0x1db/0x2d0 [ 15.793690] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.793714] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.793748] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.793771] kasan_report+0x140/0x180 [ 15.793795] ? kasan_atomics_helper+0x4a1e/0x5450 [ 15.793821] __asan_report_load4_noabort+0x18/0x20 [ 15.793845] kasan_atomics_helper+0x4a1e/0x5450 [ 15.793868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.793890] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.793915] ? kasan_atomics+0x153/0x310 [ 15.793941] kasan_atomics+0x1dd/0x310 [ 15.793963] ? __pfx_kasan_atomics+0x10/0x10 [ 15.793989] ? __pfx_read_tsc+0x10/0x10 [ 15.794010] ? ktime_get_ts64+0x86/0x230 [ 15.794046] kunit_try_run_case+0x1a6/0x480 [ 15.794070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.794092] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.794115] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.794139] ? __kthread_parkme+0x82/0x160 [ 15.794162] ? preempt_count_sub+0x50/0x80 [ 15.794186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.794209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.794237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.794263] kthread+0x324/0x6e0 [ 15.794284] ? trace_preempt_on+0x20/0xc0 [ 15.794309] ? __pfx_kthread+0x10/0x10 [ 15.794331] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.794354] ? calculate_sigpending+0x7b/0xa0 [ 15.794376] ? __pfx_kthread+0x10/0x10 [ 15.794400] ret_from_fork+0x41/0x80 [ 15.794419] ? __pfx_kthread+0x10/0x10 [ 15.794442] ret_from_fork_asm+0x1a/0x30 [ 15.794473] </TASK> [ 15.794484] [ 15.803187] Allocated by task 273: [ 15.803325] kasan_save_stack+0x45/0x70 [ 15.803470] kasan_save_track+0x18/0x40 [ 15.803607] kasan_save_alloc_info+0x3b/0x50 [ 15.803753] __kasan_kmalloc+0xb7/0xc0 [ 15.803884] __kmalloc_cache_noprof+0x18a/0x420 [ 15.804050] kasan_atomics+0x96/0x310 [ 15.804186] kunit_try_run_case+0x1a6/0x480 [ 15.805393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.806312] kthread+0x324/0x6e0 [ 15.806972] ret_from_fork+0x41/0x80 [ 15.807922] ret_from_fork_asm+0x1a/0x30 [ 15.808855] [ 15.809131] The buggy address belongs to the object at ffff888101bf3e00 [ 15.809131] which belongs to the cache kmalloc-64 of size 64 [ 15.810929] The buggy address is located 0 bytes to the right of [ 15.810929] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.812361] [ 15.812452] The buggy address belongs to the physical page: [ 15.812986] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.813365] flags: 0x200000000000000(node=0|zone=2) [ 15.813546] page_type: f5(slab) [ 15.813899] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.814298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.814785] page dumped because: kasan: bad access detected [ 15.815149] [ 15.815256] Memory state around the buggy address: [ 15.815459] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.815987] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.816448] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.816844] ^ [ 15.817163] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.817460] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.817906] ================================================================== [ 15.492219] ================================================================== [ 15.492545] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8fa/0x5450 [ 15.492840] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.493168] [ 15.493248] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.493287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.493300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.493321] Call Trace: [ 15.493337] <TASK> [ 15.493353] dump_stack_lvl+0x73/0xb0 [ 15.493378] print_report+0xd1/0x650 [ 15.493400] ? __virt_addr_valid+0x1db/0x2d0 [ 15.493489] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.493511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.493537] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.493559] kasan_report+0x140/0x180 [ 15.493582] ? kasan_atomics_helper+0x8fa/0x5450 [ 15.493608] kasan_check_range+0x10c/0x1c0 [ 15.493632] __kasan_check_write+0x18/0x20 [ 15.493655] kasan_atomics_helper+0x8fa/0x5450 [ 15.493677] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.493980] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.494030] ? kasan_atomics+0x153/0x310 [ 15.494057] kasan_atomics+0x1dd/0x310 [ 15.494081] ? __pfx_kasan_atomics+0x10/0x10 [ 15.494105] ? __pfx_read_tsc+0x10/0x10 [ 15.494151] ? ktime_get_ts64+0x86/0x230 [ 15.494178] kunit_try_run_case+0x1a6/0x480 [ 15.494202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.494225] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.494250] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.494275] ? __kthread_parkme+0x82/0x160 [ 15.494318] ? preempt_count_sub+0x50/0x80 [ 15.494344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.494368] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.494394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.494422] kthread+0x324/0x6e0 [ 15.494444] ? trace_preempt_on+0x20/0xc0 [ 15.494468] ? __pfx_kthread+0x10/0x10 [ 15.494491] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.494514] ? calculate_sigpending+0x7b/0xa0 [ 15.494536] ? __pfx_kthread+0x10/0x10 [ 15.494560] ret_from_fork+0x41/0x80 [ 15.494746] ? __pfx_kthread+0x10/0x10 [ 15.494772] ret_from_fork_asm+0x1a/0x30 [ 15.494805] </TASK> [ 15.494816] [ 15.503086] Allocated by task 273: [ 15.503415] kasan_save_stack+0x45/0x70 [ 15.503631] kasan_save_track+0x18/0x40 [ 15.503827] kasan_save_alloc_info+0x3b/0x50 [ 15.503984] __kasan_kmalloc+0xb7/0xc0 [ 15.504128] __kmalloc_cache_noprof+0x18a/0x420 [ 15.504282] kasan_atomics+0x96/0x310 [ 15.504465] kunit_try_run_case+0x1a6/0x480 [ 15.504797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.505059] kthread+0x324/0x6e0 [ 15.505318] ret_from_fork+0x41/0x80 [ 15.505452] ret_from_fork_asm+0x1a/0x30 [ 15.505778] [ 15.505876] The buggy address belongs to the object at ffff888101bf3e00 [ 15.505876] which belongs to the cache kmalloc-64 of size 64 [ 15.506459] The buggy address is located 0 bytes to the right of [ 15.506459] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.507143] [ 15.507250] The buggy address belongs to the physical page: [ 15.507510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.507885] flags: 0x200000000000000(node=0|zone=2) [ 15.508078] page_type: f5(slab) [ 15.508288] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.508757] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.509195] page dumped because: kasan: bad access detected [ 15.509414] [ 15.509511] Memory state around the buggy address: [ 15.509858] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.510141] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.510471] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.510736] ^ [ 15.510967] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.511504] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.511732] ================================================================== [ 15.295543] ================================================================== [ 15.296499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1/0x5450 [ 15.297158] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.297684] [ 15.297916] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.297962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.297976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.297996] Call Trace: [ 15.298012] <TASK> [ 15.298043] dump_stack_lvl+0x73/0xb0 [ 15.298070] print_report+0xd1/0x650 [ 15.298092] ? __virt_addr_valid+0x1db/0x2d0 [ 15.298137] ? kasan_atomics_helper+0x4a1/0x5450 [ 15.298159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.298186] ? kasan_atomics_helper+0x4a1/0x5450 [ 15.298208] kasan_report+0x140/0x180 [ 15.298230] ? kasan_atomics_helper+0x4a1/0x5450 [ 15.298256] kasan_check_range+0x10c/0x1c0 [ 15.298280] __kasan_check_write+0x18/0x20 [ 15.298303] kasan_atomics_helper+0x4a1/0x5450 [ 15.298326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.298349] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.298374] ? kasan_atomics+0x153/0x310 [ 15.298402] kasan_atomics+0x1dd/0x310 [ 15.298425] ? __pfx_kasan_atomics+0x10/0x10 [ 15.298449] ? __pfx_read_tsc+0x10/0x10 [ 15.298472] ? ktime_get_ts64+0x86/0x230 [ 15.298497] kunit_try_run_case+0x1a6/0x480 [ 15.298521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.298543] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.298568] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.298592] ? __kthread_parkme+0x82/0x160 [ 15.298614] ? preempt_count_sub+0x50/0x80 [ 15.298639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.298662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.298688] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.298716] kthread+0x324/0x6e0 [ 15.298738] ? trace_preempt_on+0x20/0xc0 [ 15.298761] ? __pfx_kthread+0x10/0x10 [ 15.298784] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.298807] ? calculate_sigpending+0x7b/0xa0 [ 15.298830] ? __pfx_kthread+0x10/0x10 [ 15.298853] ret_from_fork+0x41/0x80 [ 15.298872] ? __pfx_kthread+0x10/0x10 [ 15.298895] ret_from_fork_asm+0x1a/0x30 [ 15.298926] </TASK> [ 15.298937] [ 15.310979] Allocated by task 273: [ 15.311116] kasan_save_stack+0x45/0x70 [ 15.311259] kasan_save_track+0x18/0x40 [ 15.311391] kasan_save_alloc_info+0x3b/0x50 [ 15.311533] __kasan_kmalloc+0xb7/0xc0 [ 15.311892] __kmalloc_cache_noprof+0x18a/0x420 [ 15.312327] kasan_atomics+0x96/0x310 [ 15.312695] kunit_try_run_case+0x1a6/0x480 [ 15.313192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.313717] kthread+0x324/0x6e0 [ 15.314070] ret_from_fork+0x41/0x80 [ 15.314393] ret_from_fork_asm+0x1a/0x30 [ 15.314811] [ 15.314995] The buggy address belongs to the object at ffff888101bf3e00 [ 15.314995] which belongs to the cache kmalloc-64 of size 64 [ 15.316264] The buggy address is located 0 bytes to the right of [ 15.316264] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.317550] [ 15.317715] The buggy address belongs to the physical page: [ 15.318181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.318570] flags: 0x200000000000000(node=0|zone=2) [ 15.319084] page_type: f5(slab) [ 15.319410] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.320195] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.320860] page dumped because: kasan: bad access detected [ 15.321084] [ 15.321155] Memory state around the buggy address: [ 15.321304] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.321508] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.322095] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.322807] ^ [ 15.323248] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.323996] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.324694] ================================================================== [ 16.108713] ================================================================== [ 16.109323] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e8/0x5450 [ 16.109994] Write of size 8 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 16.110790] [ 16.111157] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 16.111202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.111215] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.111237] Call Trace: [ 16.111249] <TASK> [ 16.111266] dump_stack_lvl+0x73/0xb0 [ 16.111460] print_report+0xd1/0x650 [ 16.111497] ? __virt_addr_valid+0x1db/0x2d0 [ 16.111520] ? kasan_atomics_helper+0x16e8/0x5450 [ 16.111541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.111580] ? kasan_atomics_helper+0x16e8/0x5450 [ 16.111601] kasan_report+0x140/0x180 [ 16.111624] ? kasan_atomics_helper+0x16e8/0x5450 [ 16.111662] kasan_check_range+0x10c/0x1c0 [ 16.111686] __kasan_check_write+0x18/0x20 [ 16.111710] kasan_atomics_helper+0x16e8/0x5450 [ 16.111744] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.111765] ? __kmalloc_cache_noprof+0x18a/0x420 [ 16.111791] ? kasan_atomics+0x153/0x310 [ 16.111828] kasan_atomics+0x1dd/0x310 [ 16.111851] ? __pfx_kasan_atomics+0x10/0x10 [ 16.111886] ? __pfx_read_tsc+0x10/0x10 [ 16.111908] ? ktime_get_ts64+0x86/0x230 [ 16.111934] kunit_try_run_case+0x1a6/0x480 [ 16.111968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.111991] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 16.112031] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.112056] ? __kthread_parkme+0x82/0x160 [ 16.112079] ? preempt_count_sub+0x50/0x80 [ 16.112116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.112140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.112206] kthread+0x324/0x6e0 [ 16.112228] ? trace_preempt_on+0x20/0xc0 [ 16.112263] ? __pfx_kthread+0x10/0x10 [ 16.112286] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.112309] ? calculate_sigpending+0x7b/0xa0 [ 16.112344] ? __pfx_kthread+0x10/0x10 [ 16.112367] ret_from_fork+0x41/0x80 [ 16.112386] ? __pfx_kthread+0x10/0x10 [ 16.112419] ret_from_fork_asm+0x1a/0x30 [ 16.112451] </TASK> [ 16.112462] [ 16.125258] Allocated by task 273: [ 16.125391] kasan_save_stack+0x45/0x70 [ 16.125534] kasan_save_track+0x18/0x40 [ 16.125912] kasan_save_alloc_info+0x3b/0x50 [ 16.126312] __kasan_kmalloc+0xb7/0xc0 [ 16.126683] __kmalloc_cache_noprof+0x18a/0x420 [ 16.127111] kasan_atomics+0x96/0x310 [ 16.127473] kunit_try_run_case+0x1a6/0x480 [ 16.127905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.128408] kthread+0x324/0x6e0 [ 16.128753] ret_from_fork+0x41/0x80 [ 16.129142] ret_from_fork_asm+0x1a/0x30 [ 16.129531] [ 16.129724] The buggy address belongs to the object at ffff888101bf3e00 [ 16.129724] which belongs to the cache kmalloc-64 of size 64 [ 16.130333] The buggy address is located 0 bytes to the right of [ 16.130333] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 16.131027] [ 16.131203] The buggy address belongs to the physical page: [ 16.131723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 16.132428] flags: 0x200000000000000(node=0|zone=2) [ 16.132942] page_type: f5(slab) [ 16.133289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.133522] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.134220] page dumped because: kasan: bad access detected [ 16.134767] [ 16.134990] Memory state around the buggy address: [ 16.135410] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.135653] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.136225] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.136437] ^ [ 16.136618] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137265] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.137953] ================================================================== [ 15.450105] ================================================================== [ 15.450353] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c8/0x5450 [ 15.450748] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.451094] [ 15.451215] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.451255] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.451268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.451291] Call Trace: [ 15.451307] <TASK> [ 15.451322] dump_stack_lvl+0x73/0xb0 [ 15.451346] print_report+0xd1/0x650 [ 15.451369] ? __virt_addr_valid+0x1db/0x2d0 [ 15.451392] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.451414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.451442] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.451467] kasan_report+0x140/0x180 [ 15.451490] ? kasan_atomics_helper+0x7c8/0x5450 [ 15.451517] kasan_check_range+0x10c/0x1c0 [ 15.451540] __kasan_check_write+0x18/0x20 [ 15.451588] kasan_atomics_helper+0x7c8/0x5450 [ 15.451611] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.451634] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.451678] ? kasan_atomics+0x153/0x310 [ 15.451704] kasan_atomics+0x1dd/0x310 [ 15.451728] ? __pfx_kasan_atomics+0x10/0x10 [ 15.451752] ? __pfx_read_tsc+0x10/0x10 [ 15.451774] ? ktime_get_ts64+0x86/0x230 [ 15.451801] kunit_try_run_case+0x1a6/0x480 [ 15.451823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451846] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.451870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.451895] ? __kthread_parkme+0x82/0x160 [ 15.451918] ? preempt_count_sub+0x50/0x80 [ 15.451943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.451994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.452030] kthread+0x324/0x6e0 [ 15.452053] ? trace_preempt_on+0x20/0xc0 [ 15.452077] ? __pfx_kthread+0x10/0x10 [ 15.452100] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.452123] ? calculate_sigpending+0x7b/0xa0 [ 15.452145] ? __pfx_kthread+0x10/0x10 [ 15.452169] ret_from_fork+0x41/0x80 [ 15.452188] ? __pfx_kthread+0x10/0x10 [ 15.452211] ret_from_fork_asm+0x1a/0x30 [ 15.452243] </TASK> [ 15.452255] [ 15.459540] Allocated by task 273: [ 15.459788] kasan_save_stack+0x45/0x70 [ 15.460056] kasan_save_track+0x18/0x40 [ 15.460249] kasan_save_alloc_info+0x3b/0x50 [ 15.460465] __kasan_kmalloc+0xb7/0xc0 [ 15.460686] __kmalloc_cache_noprof+0x18a/0x420 [ 15.460921] kasan_atomics+0x96/0x310 [ 15.461124] kunit_try_run_case+0x1a6/0x480 [ 15.461426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.461764] kthread+0x324/0x6e0 [ 15.461888] ret_from_fork+0x41/0x80 [ 15.462079] ret_from_fork_asm+0x1a/0x30 [ 15.462279] [ 15.462378] The buggy address belongs to the object at ffff888101bf3e00 [ 15.462378] which belongs to the cache kmalloc-64 of size 64 [ 15.462855] The buggy address is located 0 bytes to the right of [ 15.462855] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.463357] [ 15.463454] The buggy address belongs to the physical page: [ 15.463783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.464140] flags: 0x200000000000000(node=0|zone=2) [ 15.464344] page_type: f5(slab) [ 15.464468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.464724] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.464949] page dumped because: kasan: bad access detected [ 15.465178] [ 15.465272] Memory state around the buggy address: [ 15.465495] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.465939] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.466218] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.466523] ^ [ 15.466710] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.466924] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.467146] ================================================================== [ 15.372932] ================================================================== [ 15.373208] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5ff/0x5450 [ 15.373541] Write of size 4 at addr ffff888101bf3e30 by task kunit_try_catch/273 [ 15.374144] [ 15.374348] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.374430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.374445] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.374468] Call Trace: [ 15.374483] <TASK> [ 15.374499] dump_stack_lvl+0x73/0xb0 [ 15.374525] print_report+0xd1/0x650 [ 15.374548] ? __virt_addr_valid+0x1db/0x2d0 [ 15.374571] ? kasan_atomics_helper+0x5ff/0x5450 [ 15.374592] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.374618] ? kasan_atomics_helper+0x5ff/0x5450 [ 15.374640] kasan_report+0x140/0x180 [ 15.374663] ? kasan_atomics_helper+0x5ff/0x5450 [ 15.374689] kasan_check_range+0x10c/0x1c0 [ 15.374713] __kasan_check_write+0x18/0x20 [ 15.374736] kasan_atomics_helper+0x5ff/0x5450 [ 15.374760] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.374783] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.374808] ? kasan_atomics+0x153/0x310 [ 15.374834] kasan_atomics+0x1dd/0x310 [ 15.374857] ? __pfx_kasan_atomics+0x10/0x10 [ 15.374881] ? __pfx_read_tsc+0x10/0x10 [ 15.374904] ? ktime_get_ts64+0x86/0x230 [ 15.374930] kunit_try_run_case+0x1a6/0x480 [ 15.374953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.374975] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 15.375000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.375036] ? __kthread_parkme+0x82/0x160 [ 15.375059] ? preempt_count_sub+0x50/0x80 [ 15.375084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.375108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.375135] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.375162] kthread+0x324/0x6e0 [ 15.375184] ? trace_preempt_on+0x20/0xc0 [ 15.375208] ? __pfx_kthread+0x10/0x10 [ 15.375231] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.375255] ? calculate_sigpending+0x7b/0xa0 [ 15.375278] ? __pfx_kthread+0x10/0x10 [ 15.375302] ret_from_fork+0x41/0x80 [ 15.375322] ? __pfx_kthread+0x10/0x10 [ 15.375345] ret_from_fork_asm+0x1a/0x30 [ 15.375378] </TASK> [ 15.375390] [ 15.386896] Allocated by task 273: [ 15.387281] kasan_save_stack+0x45/0x70 [ 15.387452] kasan_save_track+0x18/0x40 [ 15.387891] kasan_save_alloc_info+0x3b/0x50 [ 15.388085] __kasan_kmalloc+0xb7/0xc0 [ 15.388302] __kmalloc_cache_noprof+0x18a/0x420 [ 15.388714] kasan_atomics+0x96/0x310 [ 15.388881] kunit_try_run_case+0x1a6/0x480 [ 15.389243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.389531] kthread+0x324/0x6e0 [ 15.389888] ret_from_fork+0x41/0x80 [ 15.390093] ret_from_fork_asm+0x1a/0x30 [ 15.390287] [ 15.390359] The buggy address belongs to the object at ffff888101bf3e00 [ 15.390359] which belongs to the cache kmalloc-64 of size 64 [ 15.390971] The buggy address is located 0 bytes to the right of [ 15.390971] allocated 48-byte region [ffff888101bf3e00, ffff888101bf3e30) [ 15.391854] [ 15.391955] The buggy address belongs to the physical page: [ 15.392192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf3 [ 15.392544] flags: 0x200000000000000(node=0|zone=2) [ 15.392914] page_type: f5(slab) [ 15.393464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.393895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.394458] page dumped because: kasan: bad access detected [ 15.394728] [ 15.395028] Memory state around the buggy address: [ 15.395327] ffff888101bf3d00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.395766] ffff888101bf3d80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.396172] >ffff888101bf3e00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.396495] ^ [ 15.396877] ffff888101bf3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397167] ffff888101bf3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.397472] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 15.081584] ================================================================== [ 15.082180] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 15.082492] Read of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 15.082934] [ 15.083048] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.083087] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.083099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.083119] Call Trace: [ 15.083132] <TASK> [ 15.083147] dump_stack_lvl+0x73/0xb0 [ 15.083171] print_report+0xd1/0x650 [ 15.083192] ? __virt_addr_valid+0x1db/0x2d0 [ 15.083214] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 15.083240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.083265] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 15.083292] kasan_report+0x140/0x180 [ 15.083313] ? kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 15.083344] kasan_check_range+0x10c/0x1c0 [ 15.083366] __kasan_check_read+0x15/0x20 [ 15.083388] kasan_bitops_test_and_modify.constprop.0+0x558/0xd90 [ 15.083415] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.083442] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.083465] ? trace_hardirqs_on+0x37/0xe0 [ 15.083486] ? kasan_bitops_generic+0x93/0x1c0 [ 15.083514] kasan_bitops_generic+0x122/0x1c0 [ 15.083535] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.083556] ? trace_hardirqs_on+0x37/0xe0 [ 15.083657] ? __pfx_read_tsc+0x10/0x10 [ 15.083678] ? ktime_get_ts64+0x86/0x230 [ 15.083700] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.083726] kunit_try_run_case+0x1a6/0x480 [ 15.083749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.083771] ? queued_spin_lock_slowpath+0x117/0xb40 [ 15.083796] ? __kthread_parkme+0x82/0x160 [ 15.083817] ? preempt_count_sub+0x50/0x80 [ 15.083842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.083864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.083889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.083914] kthread+0x324/0x6e0 [ 15.083936] ? trace_preempt_on+0x20/0xc0 [ 15.083958] ? __pfx_kthread+0x10/0x10 [ 15.083979] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.084001] ? calculate_sigpending+0x7b/0xa0 [ 15.084034] ? __pfx_kthread+0x10/0x10 [ 15.084057] ret_from_fork+0x41/0x80 [ 15.084074] ? __pfx_kthread+0x10/0x10 [ 15.084096] ret_from_fork_asm+0x1a/0x30 [ 15.084126] </TASK> [ 15.084136] [ 15.094038] Allocated by task 269: [ 15.094220] kasan_save_stack+0x45/0x70 [ 15.094391] kasan_save_track+0x18/0x40 [ 15.094627] kasan_save_alloc_info+0x3b/0x50 [ 15.094818] __kasan_kmalloc+0xb7/0xc0 [ 15.094995] __kmalloc_cache_noprof+0x18a/0x420 [ 15.095212] kasan_bitops_generic+0x93/0x1c0 [ 15.095409] kunit_try_run_case+0x1a6/0x480 [ 15.095828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.096068] kthread+0x324/0x6e0 [ 15.096223] ret_from_fork+0x41/0x80 [ 15.096351] ret_from_fork_asm+0x1a/0x30 [ 15.096488] [ 15.096558] The buggy address belongs to the object at ffff888101b5abe0 [ 15.096558] which belongs to the cache kmalloc-16 of size 16 [ 15.096923] The buggy address is located 8 bytes inside of [ 15.096923] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 15.097501] [ 15.097618] The buggy address belongs to the physical page: [ 15.098116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 15.098438] flags: 0x200000000000000(node=0|zone=2) [ 15.098866] page_type: f5(slab) [ 15.098991] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.099227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.099441] page dumped because: kasan: bad access detected [ 15.100050] [ 15.100180] Memory state around the buggy address: [ 15.100449] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.101000] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 15.101353] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.101840] ^ [ 15.102172] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102439] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.102641] ================================================================== [ 15.053569] ================================================================== [ 15.053822] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 15.054235] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 15.054561] [ 15.054663] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.054702] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.054714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.054733] Call Trace: [ 15.054747] <TASK> [ 15.054761] dump_stack_lvl+0x73/0xb0 [ 15.054784] print_report+0xd1/0x650 [ 15.054803] ? __virt_addr_valid+0x1db/0x2d0 [ 15.054825] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 15.054850] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.054876] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 15.054901] kasan_report+0x140/0x180 [ 15.054923] ? kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 15.054953] kasan_check_range+0x10c/0x1c0 [ 15.054976] __kasan_check_write+0x18/0x20 [ 15.054998] kasan_bitops_test_and_modify.constprop.0+0x4ba/0xd90 [ 15.055034] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.055062] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.055085] ? trace_hardirqs_on+0x37/0xe0 [ 15.055106] ? kasan_bitops_generic+0x93/0x1c0 [ 15.055132] kasan_bitops_generic+0x122/0x1c0 [ 15.055154] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.055176] ? trace_hardirqs_on+0x37/0xe0 [ 15.055197] ? __pfx_read_tsc+0x10/0x10 [ 15.055218] ? ktime_get_ts64+0x86/0x230 [ 15.055239] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.055265] kunit_try_run_case+0x1a6/0x480 [ 15.055287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055311] ? queued_spin_lock_slowpath+0x117/0xb40 [ 15.055333] ? __kthread_parkme+0x82/0x160 [ 15.055354] ? preempt_count_sub+0x50/0x80 [ 15.055377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.055399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.055425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.055451] kthread+0x324/0x6e0 [ 15.055471] ? trace_preempt_on+0x20/0xc0 [ 15.055492] ? __pfx_kthread+0x10/0x10 [ 15.055515] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.055536] ? calculate_sigpending+0x7b/0xa0 [ 15.055557] ? __pfx_kthread+0x10/0x10 [ 15.055578] ret_from_fork+0x41/0x80 [ 15.055596] ? __pfx_kthread+0x10/0x10 [ 15.055617] ret_from_fork_asm+0x1a/0x30 [ 15.055648] </TASK> [ 15.055657] [ 15.067288] Allocated by task 269: [ 15.067450] kasan_save_stack+0x45/0x70 [ 15.067596] kasan_save_track+0x18/0x40 [ 15.067785] kasan_save_alloc_info+0x3b/0x50 [ 15.068133] __kasan_kmalloc+0xb7/0xc0 [ 15.068329] __kmalloc_cache_noprof+0x18a/0x420 [ 15.068553] kasan_bitops_generic+0x93/0x1c0 [ 15.068772] kunit_try_run_case+0x1a6/0x480 [ 15.069813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.070224] kthread+0x324/0x6e0 [ 15.070356] ret_from_fork+0x41/0x80 [ 15.070485] ret_from_fork_asm+0x1a/0x30 [ 15.071266] [ 15.071444] The buggy address belongs to the object at ffff888101b5abe0 [ 15.071444] which belongs to the cache kmalloc-16 of size 16 [ 15.073165] The buggy address is located 8 bytes inside of [ 15.073165] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 15.073512] [ 15.074071] The buggy address belongs to the physical page: [ 15.074765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 15.075849] flags: 0x200000000000000(node=0|zone=2) [ 15.076255] page_type: f5(slab) [ 15.076997] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.077994] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.078248] page dumped because: kasan: bad access detected [ 15.078419] [ 15.078490] Memory state around the buggy address: [ 15.079123] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.079616] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 15.080039] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.080319] ^ [ 15.080577] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.080835] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.081145] ================================================================== [ 15.001957] ================================================================== [ 15.002387] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 15.003289] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 15.003761] [ 15.004253] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.004313] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.004326] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.004347] Call Trace: [ 15.004391] <TASK> [ 15.004408] dump_stack_lvl+0x73/0xb0 [ 15.004436] print_report+0xd1/0x650 [ 15.004458] ? __virt_addr_valid+0x1db/0x2d0 [ 15.004479] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 15.004505] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.004532] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 15.004559] kasan_report+0x140/0x180 [ 15.004580] ? kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 15.004611] kasan_check_range+0x10c/0x1c0 [ 15.004633] __kasan_check_write+0x18/0x20 [ 15.004655] kasan_bitops_test_and_modify.constprop.0+0x37d/0xd90 [ 15.004681] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.004708] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.004731] ? trace_hardirqs_on+0x37/0xe0 [ 15.004753] ? kasan_bitops_generic+0x93/0x1c0 [ 15.004779] kasan_bitops_generic+0x122/0x1c0 [ 15.004801] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.004824] ? trace_hardirqs_on+0x37/0xe0 [ 15.004846] ? __pfx_read_tsc+0x10/0x10 [ 15.004867] ? ktime_get_ts64+0x86/0x230 [ 15.004889] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.004915] kunit_try_run_case+0x1a6/0x480 [ 15.004937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.004959] ? queued_spin_lock_slowpath+0x117/0xb40 [ 15.004984] ? __kthread_parkme+0x82/0x160 [ 15.005006] ? preempt_count_sub+0x50/0x80 [ 15.005040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.005062] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.005088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.005115] kthread+0x324/0x6e0 [ 15.005135] ? trace_preempt_on+0x20/0xc0 [ 15.005156] ? __pfx_kthread+0x10/0x10 [ 15.005178] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.005199] ? calculate_sigpending+0x7b/0xa0 [ 15.005219] ? __pfx_kthread+0x10/0x10 [ 15.005242] ret_from_fork+0x41/0x80 [ 15.005259] ? __pfx_kthread+0x10/0x10 [ 15.005281] ret_from_fork_asm+0x1a/0x30 [ 15.005311] </TASK> [ 15.005320] [ 15.019116] Allocated by task 269: [ 15.019296] kasan_save_stack+0x45/0x70 [ 15.019480] kasan_save_track+0x18/0x40 [ 15.020067] kasan_save_alloc_info+0x3b/0x50 [ 15.020334] __kasan_kmalloc+0xb7/0xc0 [ 15.020685] __kmalloc_cache_noprof+0x18a/0x420 [ 15.021147] kasan_bitops_generic+0x93/0x1c0 [ 15.021433] kunit_try_run_case+0x1a6/0x480 [ 15.021904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.022363] kthread+0x324/0x6e0 [ 15.022563] ret_from_fork+0x41/0x80 [ 15.022884] ret_from_fork_asm+0x1a/0x30 [ 15.023078] [ 15.023168] The buggy address belongs to the object at ffff888101b5abe0 [ 15.023168] which belongs to the cache kmalloc-16 of size 16 [ 15.023953] The buggy address is located 8 bytes inside of [ 15.023953] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 15.025071] [ 15.025315] The buggy address belongs to the physical page: [ 15.025723] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 15.026281] flags: 0x200000000000000(node=0|zone=2) [ 15.026789] page_type: f5(slab) [ 15.027306] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.027772] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.028244] page dumped because: kasan: bad access detected [ 15.028483] [ 15.028799] Memory state around the buggy address: [ 15.029234] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.029754] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 15.030342] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.031087] ^ [ 15.031568] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032099] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.032594] ================================================================== [ 15.103228] ================================================================== [ 15.103593] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 15.104036] Read of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 15.104434] [ 15.104577] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.104676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.104690] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.104712] Call Trace: [ 15.104728] <TASK> [ 15.104743] dump_stack_lvl+0x73/0xb0 [ 15.104769] print_report+0xd1/0x650 [ 15.104790] ? __virt_addr_valid+0x1db/0x2d0 [ 15.104811] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 15.104838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.104864] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 15.104890] kasan_report+0x140/0x180 [ 15.104912] ? kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 15.104944] __asan_report_load8_noabort+0x18/0x20 [ 15.104968] kasan_bitops_test_and_modify.constprop.0+0xd08/0xd90 [ 15.104994] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.105035] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.105058] ? trace_hardirqs_on+0x37/0xe0 [ 15.105081] ? kasan_bitops_generic+0x93/0x1c0 [ 15.105106] kasan_bitops_generic+0x122/0x1c0 [ 15.105128] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.105150] ? trace_hardirqs_on+0x37/0xe0 [ 15.105171] ? __pfx_read_tsc+0x10/0x10 [ 15.105193] ? ktime_get_ts64+0x86/0x230 [ 15.105214] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.105240] kunit_try_run_case+0x1a6/0x480 [ 15.105262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105285] ? queued_spin_lock_slowpath+0x117/0xb40 [ 15.105310] ? __kthread_parkme+0x82/0x160 [ 15.105331] ? preempt_count_sub+0x50/0x80 [ 15.105355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.105377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.105403] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.105428] kthread+0x324/0x6e0 [ 15.105449] ? trace_preempt_on+0x20/0xc0 [ 15.105471] ? __pfx_kthread+0x10/0x10 [ 15.105493] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.105515] ? calculate_sigpending+0x7b/0xa0 [ 15.105536] ? __pfx_kthread+0x10/0x10 [ 15.105558] ret_from_fork+0x41/0x80 [ 15.105576] ? __pfx_kthread+0x10/0x10 [ 15.105598] ret_from_fork_asm+0x1a/0x30 [ 15.105629] </TASK> [ 15.105638] [ 15.117425] Allocated by task 269: [ 15.117899] kasan_save_stack+0x45/0x70 [ 15.118101] kasan_save_track+0x18/0x40 [ 15.118387] kasan_save_alloc_info+0x3b/0x50 [ 15.118660] __kasan_kmalloc+0xb7/0xc0 [ 15.118985] __kmalloc_cache_noprof+0x18a/0x420 [ 15.119312] kasan_bitops_generic+0x93/0x1c0 [ 15.119664] kunit_try_run_case+0x1a6/0x480 [ 15.119849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.120095] kthread+0x324/0x6e0 [ 15.120357] ret_from_fork+0x41/0x80 [ 15.120812] ret_from_fork_asm+0x1a/0x30 [ 15.121062] [ 15.121147] The buggy address belongs to the object at ffff888101b5abe0 [ 15.121147] which belongs to the cache kmalloc-16 of size 16 [ 15.121641] The buggy address is located 8 bytes inside of [ 15.121641] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 15.122195] [ 15.122325] The buggy address belongs to the physical page: [ 15.122621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 15.122959] flags: 0x200000000000000(node=0|zone=2) [ 15.123131] page_type: f5(slab) [ 15.123298] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.124080] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.124538] page dumped because: kasan: bad access detected [ 15.124867] [ 15.124958] Memory state around the buggy address: [ 15.125338] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.125798] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 15.126243] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.126685] ^ [ 15.127134] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.127523] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.128084] ================================================================== [ 14.926516] ================================================================== [ 14.926947] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.927372] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.927786] [ 14.927892] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.927930] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.927942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.927963] Call Trace: [ 14.927978] <TASK> [ 14.927994] dump_stack_lvl+0x73/0xb0 [ 14.928029] print_report+0xd1/0x650 [ 14.928049] ? __virt_addr_valid+0x1db/0x2d0 [ 14.928070] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.928096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.928121] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.928147] kasan_report+0x140/0x180 [ 14.928169] ? kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.928200] kasan_check_range+0x10c/0x1c0 [ 14.928223] __kasan_check_write+0x18/0x20 [ 14.928245] kasan_bitops_test_and_modify.constprop.0+0x1a1/0xd90 [ 14.928272] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.928299] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.928322] ? trace_hardirqs_on+0x37/0xe0 [ 14.928342] ? kasan_bitops_generic+0x93/0x1c0 [ 14.928369] kasan_bitops_generic+0x122/0x1c0 [ 14.928391] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.928413] ? trace_hardirqs_on+0x37/0xe0 [ 14.928434] ? __pfx_read_tsc+0x10/0x10 [ 14.928455] ? ktime_get_ts64+0x86/0x230 [ 14.928476] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.928501] kunit_try_run_case+0x1a6/0x480 [ 14.928523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.928546] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.928568] ? __kthread_parkme+0x82/0x160 [ 14.928590] ? preempt_count_sub+0x50/0x80 [ 14.928612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.928635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.928661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.928687] kthread+0x324/0x6e0 [ 14.928707] ? trace_preempt_on+0x20/0xc0 [ 14.928729] ? __pfx_kthread+0x10/0x10 [ 14.928751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.928772] ? calculate_sigpending+0x7b/0xa0 [ 14.928793] ? __pfx_kthread+0x10/0x10 [ 14.928815] ret_from_fork+0x41/0x80 [ 14.928833] ? __pfx_kthread+0x10/0x10 [ 14.928854] ret_from_fork_asm+0x1a/0x30 [ 14.928885] </TASK> [ 14.928894] [ 14.937455] Allocated by task 269: [ 14.937586] kasan_save_stack+0x45/0x70 [ 14.937811] kasan_save_track+0x18/0x40 [ 14.938004] kasan_save_alloc_info+0x3b/0x50 [ 14.938227] __kasan_kmalloc+0xb7/0xc0 [ 14.938412] __kmalloc_cache_noprof+0x18a/0x420 [ 14.938855] kasan_bitops_generic+0x93/0x1c0 [ 14.939097] kunit_try_run_case+0x1a6/0x480 [ 14.939305] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.939559] kthread+0x324/0x6e0 [ 14.939808] ret_from_fork+0x41/0x80 [ 14.939998] ret_from_fork_asm+0x1a/0x30 [ 14.940206] [ 14.940300] The buggy address belongs to the object at ffff888101b5abe0 [ 14.940300] which belongs to the cache kmalloc-16 of size 16 [ 14.940908] The buggy address is located 8 bytes inside of [ 14.940908] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.941338] [ 14.941411] The buggy address belongs to the physical page: [ 14.941582] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.941899] flags: 0x200000000000000(node=0|zone=2) [ 14.942146] page_type: f5(slab) [ 14.942316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.942895] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.943244] page dumped because: kasan: bad access detected [ 14.943500] [ 14.943596] Memory state around the buggy address: [ 14.943911] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.944154] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.944367] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.944640] ^ [ 14.944929] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945247] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.945553] ================================================================== [ 15.033060] ================================================================== [ 15.033329] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 15.033678] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 15.034100] [ 15.034197] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 15.034235] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.034247] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.034269] Call Trace: [ 15.034284] <TASK> [ 15.034301] dump_stack_lvl+0x73/0xb0 [ 15.034324] print_report+0xd1/0x650 [ 15.034345] ? __virt_addr_valid+0x1db/0x2d0 [ 15.034367] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 15.034393] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.034418] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 15.034444] kasan_report+0x140/0x180 [ 15.034465] ? kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 15.034496] kasan_check_range+0x10c/0x1c0 [ 15.034518] __kasan_check_write+0x18/0x20 [ 15.034553] kasan_bitops_test_and_modify.constprop.0+0x41b/0xd90 [ 15.034580] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 15.034618] ? __kmalloc_cache_noprof+0x18a/0x420 [ 15.034649] ? trace_hardirqs_on+0x37/0xe0 [ 15.034671] ? kasan_bitops_generic+0x93/0x1c0 [ 15.034697] kasan_bitops_generic+0x122/0x1c0 [ 15.034729] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.034752] ? trace_hardirqs_on+0x37/0xe0 [ 15.034774] ? __pfx_read_tsc+0x10/0x10 [ 15.034794] ? ktime_get_ts64+0x86/0x230 [ 15.034816] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.034843] kunit_try_run_case+0x1a6/0x480 [ 15.034866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.034889] ? queued_spin_lock_slowpath+0x117/0xb40 [ 15.034913] ? __kthread_parkme+0x82/0x160 [ 15.034935] ? preempt_count_sub+0x50/0x80 [ 15.034958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.034980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.035006] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.035041] kthread+0x324/0x6e0 [ 15.035061] ? trace_preempt_on+0x20/0xc0 [ 15.035084] ? __pfx_kthread+0x10/0x10 [ 15.035105] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.035126] ? calculate_sigpending+0x7b/0xa0 [ 15.035148] ? __pfx_kthread+0x10/0x10 [ 15.035170] ret_from_fork+0x41/0x80 [ 15.035187] ? __pfx_kthread+0x10/0x10 [ 15.035209] ret_from_fork_asm+0x1a/0x30 [ 15.035239] </TASK> [ 15.035250] [ 15.044507] Allocated by task 269: [ 15.044641] kasan_save_stack+0x45/0x70 [ 15.044783] kasan_save_track+0x18/0x40 [ 15.044918] kasan_save_alloc_info+0x3b/0x50 [ 15.045075] __kasan_kmalloc+0xb7/0xc0 [ 15.045204] __kmalloc_cache_noprof+0x18a/0x420 [ 15.045528] kasan_bitops_generic+0x93/0x1c0 [ 15.045779] kunit_try_run_case+0x1a6/0x480 [ 15.046203] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.046461] kthread+0x324/0x6e0 [ 15.046717] ret_from_fork+0x41/0x80 [ 15.046918] ret_from_fork_asm+0x1a/0x30 [ 15.047149] [ 15.047259] The buggy address belongs to the object at ffff888101b5abe0 [ 15.047259] which belongs to the cache kmalloc-16 of size 16 [ 15.047851] The buggy address is located 8 bytes inside of [ 15.047851] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 15.048412] [ 15.048531] The buggy address belongs to the physical page: [ 15.048931] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 15.049248] flags: 0x200000000000000(node=0|zone=2) [ 15.049414] page_type: f5(slab) [ 15.049572] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.050267] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.050825] page dumped because: kasan: bad access detected [ 15.051148] [ 15.051226] Memory state around the buggy address: [ 15.051425] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.051742] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 15.052110] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 15.052360] ^ [ 15.052661] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.052941] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.053164] ================================================================== [ 14.906737] ================================================================== [ 14.907101] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.907505] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.908186] [ 14.908298] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.908337] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.908349] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.908368] Call Trace: [ 14.908383] <TASK> [ 14.908396] dump_stack_lvl+0x73/0xb0 [ 14.908422] print_report+0xd1/0x650 [ 14.908443] ? __virt_addr_valid+0x1db/0x2d0 [ 14.908465] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.908491] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.908516] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.908543] kasan_report+0x140/0x180 [ 14.908647] ? kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.908678] kasan_check_range+0x10c/0x1c0 [ 14.908701] __kasan_check_write+0x18/0x20 [ 14.908723] kasan_bitops_test_and_modify.constprop.0+0x102/0xd90 [ 14.908750] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.908777] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.908799] ? trace_hardirqs_on+0x37/0xe0 [ 14.908821] ? kasan_bitops_generic+0x93/0x1c0 [ 14.908847] kasan_bitops_generic+0x122/0x1c0 [ 14.908869] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.908890] ? trace_hardirqs_on+0x37/0xe0 [ 14.908912] ? __pfx_read_tsc+0x10/0x10 [ 14.908934] ? ktime_get_ts64+0x86/0x230 [ 14.908956] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.908982] kunit_try_run_case+0x1a6/0x480 [ 14.909005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.909040] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.909066] ? __kthread_parkme+0x82/0x160 [ 14.909087] ? preempt_count_sub+0x50/0x80 [ 14.909112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.909134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.909159] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.909185] kthread+0x324/0x6e0 [ 14.909206] ? trace_preempt_on+0x20/0xc0 [ 14.909227] ? __pfx_kthread+0x10/0x10 [ 14.909249] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.909271] ? calculate_sigpending+0x7b/0xa0 [ 14.909292] ? __pfx_kthread+0x10/0x10 [ 14.909314] ret_from_fork+0x41/0x80 [ 14.909332] ? __pfx_kthread+0x10/0x10 [ 14.909353] ret_from_fork_asm+0x1a/0x30 [ 14.909384] </TASK> [ 14.909393] [ 14.918222] Allocated by task 269: [ 14.918352] kasan_save_stack+0x45/0x70 [ 14.918550] kasan_save_track+0x18/0x40 [ 14.918822] kasan_save_alloc_info+0x3b/0x50 [ 14.919050] __kasan_kmalloc+0xb7/0xc0 [ 14.919221] __kmalloc_cache_noprof+0x18a/0x420 [ 14.919373] kasan_bitops_generic+0x93/0x1c0 [ 14.919531] kunit_try_run_case+0x1a6/0x480 [ 14.920002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.920298] kthread+0x324/0x6e0 [ 14.920484] ret_from_fork+0x41/0x80 [ 14.920755] ret_from_fork_asm+0x1a/0x30 [ 14.920919] [ 14.920990] The buggy address belongs to the object at ffff888101b5abe0 [ 14.920990] which belongs to the cache kmalloc-16 of size 16 [ 14.921534] The buggy address is located 8 bytes inside of [ 14.921534] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.922117] [ 14.922191] The buggy address belongs to the physical page: [ 14.922386] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.922771] flags: 0x200000000000000(node=0|zone=2) [ 14.922984] page_type: f5(slab) [ 14.923133] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.923414] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.923761] page dumped because: kasan: bad access detected [ 14.924023] [ 14.924117] Memory state around the buggy address: [ 14.924271] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.924484] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.924696] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.924994] ^ [ 14.925517] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925920] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.926169] ================================================================== [ 14.975206] ================================================================== [ 14.975545] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.976685] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.977455] [ 14.977575] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.977863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.977878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.977898] Call Trace: [ 14.977913] <TASK> [ 14.977929] dump_stack_lvl+0x73/0xb0 [ 14.977955] print_report+0xd1/0x650 [ 14.977976] ? __virt_addr_valid+0x1db/0x2d0 [ 14.977997] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.978035] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.978060] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.978087] kasan_report+0x140/0x180 [ 14.978108] ? kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.978139] kasan_check_range+0x10c/0x1c0 [ 14.978162] __kasan_check_write+0x18/0x20 [ 14.978184] kasan_bitops_test_and_modify.constprop.0+0x2de/0xd90 [ 14.978211] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.978238] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.978261] ? trace_hardirqs_on+0x37/0xe0 [ 14.978282] ? kasan_bitops_generic+0x93/0x1c0 [ 14.978308] kasan_bitops_generic+0x122/0x1c0 [ 14.978331] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.978353] ? trace_hardirqs_on+0x37/0xe0 [ 14.978376] ? __pfx_read_tsc+0x10/0x10 [ 14.978397] ? ktime_get_ts64+0x86/0x230 [ 14.978418] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.978444] kunit_try_run_case+0x1a6/0x480 [ 14.978467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978490] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.978516] ? __kthread_parkme+0x82/0x160 [ 14.978537] ? preempt_count_sub+0x50/0x80 [ 14.978561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.978583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.978635] kthread+0x324/0x6e0 [ 14.978655] ? trace_preempt_on+0x20/0xc0 [ 14.978677] ? __pfx_kthread+0x10/0x10 [ 14.978698] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.978719] ? calculate_sigpending+0x7b/0xa0 [ 14.978741] ? __pfx_kthread+0x10/0x10 [ 14.978763] ret_from_fork+0x41/0x80 [ 14.978781] ? __pfx_kthread+0x10/0x10 [ 14.978802] ret_from_fork_asm+0x1a/0x30 [ 14.978833] </TASK> [ 14.978843] [ 14.989239] Allocated by task 269: [ 14.989374] kasan_save_stack+0x45/0x70 [ 14.989518] kasan_save_track+0x18/0x40 [ 14.989912] kasan_save_alloc_info+0x3b/0x50 [ 14.990136] __kasan_kmalloc+0xb7/0xc0 [ 14.990327] __kmalloc_cache_noprof+0x18a/0x420 [ 14.990550] kasan_bitops_generic+0x93/0x1c0 [ 14.990728] kunit_try_run_case+0x1a6/0x480 [ 14.990901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.991170] kthread+0x324/0x6e0 [ 14.991305] ret_from_fork+0x41/0x80 [ 14.991489] ret_from_fork_asm+0x1a/0x30 [ 14.991677] [ 14.991750] The buggy address belongs to the object at ffff888101b5abe0 [ 14.991750] which belongs to the cache kmalloc-16 of size 16 [ 14.992113] The buggy address is located 8 bytes inside of [ 14.992113] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.992629] [ 14.992721] The buggy address belongs to the physical page: [ 14.993951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.994308] flags: 0x200000000000000(node=0|zone=2) [ 14.994523] page_type: f5(slab) [ 14.995003] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.995717] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.996400] page dumped because: kasan: bad access detected [ 14.996891] [ 14.997159] Memory state around the buggy address: [ 14.997393] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.997932] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.998500] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.999204] ^ [ 14.999900] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000363] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.000979] ================================================================== [ 14.946001] ================================================================== [ 14.946442] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.947005] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.947327] [ 14.947406] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.947443] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.947455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.947475] Call Trace: [ 14.947488] <TASK> [ 14.947500] dump_stack_lvl+0x73/0xb0 [ 14.947524] print_report+0xd1/0x650 [ 14.947646] ? __virt_addr_valid+0x1db/0x2d0 [ 14.947674] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.947701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.947726] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.947752] kasan_report+0x140/0x180 [ 14.947773] ? kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.947804] kasan_check_range+0x10c/0x1c0 [ 14.947827] __kasan_check_write+0x18/0x20 [ 14.947851] kasan_bitops_test_and_modify.constprop.0+0x23f/0xd90 [ 14.947877] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.947904] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.947927] ? trace_hardirqs_on+0x37/0xe0 [ 14.947949] ? kasan_bitops_generic+0x93/0x1c0 [ 14.947975] kasan_bitops_generic+0x122/0x1c0 [ 14.947998] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.948032] ? trace_hardirqs_on+0x37/0xe0 [ 14.948055] ? __pfx_read_tsc+0x10/0x10 [ 14.948078] ? ktime_get_ts64+0x86/0x230 [ 14.948099] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.948127] kunit_try_run_case+0x1a6/0x480 [ 14.948151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.948174] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.948199] ? __kthread_parkme+0x82/0x160 [ 14.948220] ? preempt_count_sub+0x50/0x80 [ 14.948244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.948268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.948293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.948319] kthread+0x324/0x6e0 [ 14.948341] ? trace_preempt_on+0x20/0xc0 [ 14.948362] ? __pfx_kthread+0x10/0x10 [ 14.948385] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.948406] ? calculate_sigpending+0x7b/0xa0 [ 14.948428] ? __pfx_kthread+0x10/0x10 [ 14.948450] ret_from_fork+0x41/0x80 [ 14.948468] ? __pfx_kthread+0x10/0x10 [ 14.948489] ret_from_fork_asm+0x1a/0x30 [ 14.948519] </TASK> [ 14.948529] [ 14.962304] Allocated by task 269: [ 14.962444] kasan_save_stack+0x45/0x70 [ 14.963212] kasan_save_track+0x18/0x40 [ 14.963933] kasan_save_alloc_info+0x3b/0x50 [ 14.964784] __kasan_kmalloc+0xb7/0xc0 [ 14.965306] __kmalloc_cache_noprof+0x18a/0x420 [ 14.965476] kasan_bitops_generic+0x93/0x1c0 [ 14.965654] kunit_try_run_case+0x1a6/0x480 [ 14.966218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.966432] kthread+0x324/0x6e0 [ 14.966682] ret_from_fork+0x41/0x80 [ 14.966985] ret_from_fork_asm+0x1a/0x30 [ 14.967298] [ 14.967605] The buggy address belongs to the object at ffff888101b5abe0 [ 14.967605] which belongs to the cache kmalloc-16 of size 16 [ 14.968107] The buggy address is located 8 bytes inside of [ 14.968107] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.968584] [ 14.969004] The buggy address belongs to the physical page: [ 14.969220] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.969768] flags: 0x200000000000000(node=0|zone=2) [ 14.969990] page_type: f5(slab) [ 14.970316] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.970774] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.971343] page dumped because: kasan: bad access detected [ 14.971539] [ 14.971637] Memory state around the buggy address: [ 14.972240] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.972547] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.973036] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.973451] ^ [ 14.973863] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974288] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.974738] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.726043] ================================================================== [ 14.726312] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.726770] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.727073] [ 14.727179] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.727217] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.727229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.727250] Call Trace: [ 14.727263] <TASK> [ 14.727276] dump_stack_lvl+0x73/0xb0 [ 14.727301] print_report+0xd1/0x650 [ 14.727322] ? __virt_addr_valid+0x1db/0x2d0 [ 14.727342] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.727366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.727391] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.727415] kasan_report+0x140/0x180 [ 14.727436] ? kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.727465] kasan_check_range+0x10c/0x1c0 [ 14.727487] __kasan_check_write+0x18/0x20 [ 14.727509] kasan_bitops_modify.constprop.0+0x19d/0xd50 [ 14.727536] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.727561] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.727584] ? trace_hardirqs_on+0x37/0xe0 [ 14.727606] ? kasan_bitops_generic+0x93/0x1c0 [ 14.727631] kasan_bitops_generic+0x117/0x1c0 [ 14.727654] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.727675] ? trace_hardirqs_on+0x37/0xe0 [ 14.727697] ? __pfx_read_tsc+0x10/0x10 [ 14.727718] ? ktime_get_ts64+0x86/0x230 [ 14.727740] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.727765] kunit_try_run_case+0x1a6/0x480 [ 14.727788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.727811] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.727835] ? __kthread_parkme+0x82/0x160 [ 14.727856] ? preempt_count_sub+0x50/0x80 [ 14.727880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.727903] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.727928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.727954] kthread+0x324/0x6e0 [ 14.727975] ? trace_preempt_on+0x20/0xc0 [ 14.727997] ? __pfx_kthread+0x10/0x10 [ 14.728029] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.728051] ? calculate_sigpending+0x7b/0xa0 [ 14.728071] ? __pfx_kthread+0x10/0x10 [ 14.728093] ret_from_fork+0x41/0x80 [ 14.728111] ? __pfx_kthread+0x10/0x10 [ 14.728133] ret_from_fork_asm+0x1a/0x30 [ 14.728163] </TASK> [ 14.728173] [ 14.736730] Allocated by task 269: [ 14.736861] kasan_save_stack+0x45/0x70 [ 14.737003] kasan_save_track+0x18/0x40 [ 14.737209] kasan_save_alloc_info+0x3b/0x50 [ 14.737426] __kasan_kmalloc+0xb7/0xc0 [ 14.737797] __kmalloc_cache_noprof+0x18a/0x420 [ 14.738009] kasan_bitops_generic+0x93/0x1c0 [ 14.738182] kunit_try_run_case+0x1a6/0x480 [ 14.738394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.738718] kthread+0x324/0x6e0 [ 14.738880] ret_from_fork+0x41/0x80 [ 14.739044] ret_from_fork_asm+0x1a/0x30 [ 14.739219] [ 14.739311] The buggy address belongs to the object at ffff888101b5abe0 [ 14.739311] which belongs to the cache kmalloc-16 of size 16 [ 14.739848] The buggy address is located 8 bytes inside of [ 14.739848] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.740209] [ 14.740281] The buggy address belongs to the physical page: [ 14.740460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.740804] flags: 0x200000000000000(node=0|zone=2) [ 14.741041] page_type: f5(slab) [ 14.741327] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.741945] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.742194] page dumped because: kasan: bad access detected [ 14.742365] [ 14.742434] Memory state around the buggy address: [ 14.742586] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.742887] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.743214] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.743534] ^ [ 14.743836] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.744176] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.744535] ================================================================== [ 14.745059] ================================================================== [ 14.745355] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.745868] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.746112] [ 14.746192] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.746228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.746240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.746260] Call Trace: [ 14.746272] <TASK> [ 14.746286] dump_stack_lvl+0x73/0xb0 [ 14.746310] print_report+0xd1/0x650 [ 14.746332] ? __virt_addr_valid+0x1db/0x2d0 [ 14.746353] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.746377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.746403] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.746430] kasan_report+0x140/0x180 [ 14.746450] ? kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.746478] kasan_check_range+0x10c/0x1c0 [ 14.746501] __kasan_check_write+0x18/0x20 [ 14.746523] kasan_bitops_modify.constprop.0+0x23b/0xd50 [ 14.746548] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.746574] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.746596] ? trace_hardirqs_on+0x37/0xe0 [ 14.746618] ? kasan_bitops_generic+0x93/0x1c0 [ 14.746645] kasan_bitops_generic+0x117/0x1c0 [ 14.746667] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.746689] ? trace_hardirqs_on+0x37/0xe0 [ 14.746709] ? __pfx_read_tsc+0x10/0x10 [ 14.746730] ? ktime_get_ts64+0x86/0x230 [ 14.746751] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.746777] kunit_try_run_case+0x1a6/0x480 [ 14.746799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.746822] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.746847] ? __kthread_parkme+0x82/0x160 [ 14.746867] ? preempt_count_sub+0x50/0x80 [ 14.746892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.746914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.746940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.746965] kthread+0x324/0x6e0 [ 14.746986] ? trace_preempt_on+0x20/0xc0 [ 14.747007] ? __pfx_kthread+0x10/0x10 [ 14.747039] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.747061] ? calculate_sigpending+0x7b/0xa0 [ 14.747082] ? __pfx_kthread+0x10/0x10 [ 14.747104] ret_from_fork+0x41/0x80 [ 14.747121] ? __pfx_kthread+0x10/0x10 [ 14.747143] ret_from_fork_asm+0x1a/0x30 [ 14.747173] </TASK> [ 14.747183] [ 14.755923] Allocated by task 269: [ 14.756104] kasan_save_stack+0x45/0x70 [ 14.756257] kasan_save_track+0x18/0x40 [ 14.756390] kasan_save_alloc_info+0x3b/0x50 [ 14.756536] __kasan_kmalloc+0xb7/0xc0 [ 14.756665] __kmalloc_cache_noprof+0x18a/0x420 [ 14.756883] kasan_bitops_generic+0x93/0x1c0 [ 14.757270] kunit_try_run_case+0x1a6/0x480 [ 14.757488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757939] kthread+0x324/0x6e0 [ 14.758086] ret_from_fork+0x41/0x80 [ 14.758216] ret_from_fork_asm+0x1a/0x30 [ 14.758389] [ 14.758484] The buggy address belongs to the object at ffff888101b5abe0 [ 14.758484] which belongs to the cache kmalloc-16 of size 16 [ 14.759409] The buggy address is located 8 bytes inside of [ 14.759409] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.759938] [ 14.760057] The buggy address belongs to the physical page: [ 14.760281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.760753] flags: 0x200000000000000(node=0|zone=2) [ 14.761000] page_type: f5(slab) [ 14.761143] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.761454] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.762058] page dumped because: kasan: bad access detected [ 14.762278] [ 14.762377] Memory state around the buggy address: [ 14.762560] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.762861] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.763101] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.763357] ^ [ 14.763659] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.764068] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.764282] ================================================================== [ 14.819405] ================================================================== [ 14.820113] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.820747] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.821389] [ 14.821644] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.821683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.821694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.821714] Call Trace: [ 14.821728] <TASK> [ 14.821749] dump_stack_lvl+0x73/0xb0 [ 14.821774] print_report+0xd1/0x650 [ 14.821794] ? __virt_addr_valid+0x1db/0x2d0 [ 14.821816] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.821840] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.821865] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.821901] kasan_report+0x140/0x180 [ 14.821923] ? kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.821952] kasan_check_range+0x10c/0x1c0 [ 14.821986] __kasan_check_write+0x18/0x20 [ 14.822008] kasan_bitops_modify.constprop.0+0x40f/0xd50 [ 14.822043] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.822068] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.822092] ? trace_hardirqs_on+0x37/0xe0 [ 14.822114] ? kasan_bitops_generic+0x93/0x1c0 [ 14.822139] kasan_bitops_generic+0x117/0x1c0 [ 14.822162] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.822183] ? trace_hardirqs_on+0x37/0xe0 [ 14.822204] ? __pfx_read_tsc+0x10/0x10 [ 14.822226] ? ktime_get_ts64+0x86/0x230 [ 14.822247] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.822273] kunit_try_run_case+0x1a6/0x480 [ 14.822296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822318] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.822342] ? __kthread_parkme+0x82/0x160 [ 14.822365] ? preempt_count_sub+0x50/0x80 [ 14.822388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.822411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.822436] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.822462] kthread+0x324/0x6e0 [ 14.822482] ? trace_preempt_on+0x20/0xc0 [ 14.822503] ? __pfx_kthread+0x10/0x10 [ 14.822526] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.822554] ? calculate_sigpending+0x7b/0xa0 [ 14.822576] ? __pfx_kthread+0x10/0x10 [ 14.822598] ret_from_fork+0x41/0x80 [ 14.822616] ? __pfx_kthread+0x10/0x10 [ 14.822638] ret_from_fork_asm+0x1a/0x30 [ 14.822669] </TASK> [ 14.822678] [ 14.836799] Allocated by task 269: [ 14.836934] kasan_save_stack+0x45/0x70 [ 14.837281] kasan_save_track+0x18/0x40 [ 14.837649] kasan_save_alloc_info+0x3b/0x50 [ 14.838207] __kasan_kmalloc+0xb7/0xc0 [ 14.838586] __kmalloc_cache_noprof+0x18a/0x420 [ 14.839117] kasan_bitops_generic+0x93/0x1c0 [ 14.839570] kunit_try_run_case+0x1a6/0x480 [ 14.840075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.840663] kthread+0x324/0x6e0 [ 14.840995] ret_from_fork+0x41/0x80 [ 14.841361] ret_from_fork_asm+0x1a/0x30 [ 14.841818] [ 14.841999] The buggy address belongs to the object at ffff888101b5abe0 [ 14.841999] which belongs to the cache kmalloc-16 of size 16 [ 14.843184] The buggy address is located 8 bytes inside of [ 14.843184] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.844376] [ 14.844574] The buggy address belongs to the physical page: [ 14.845040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.845279] flags: 0x200000000000000(node=0|zone=2) [ 14.845440] page_type: f5(slab) [ 14.845589] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.846345] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.847134] page dumped because: kasan: bad access detected [ 14.847686] [ 14.847847] Memory state around the buggy address: [ 14.848314] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.849037] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.849761] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.849972] ^ [ 14.850181] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850397] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.850781] ================================================================== [ 14.764629] ================================================================== [ 14.764961] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.765979] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.766325] [ 14.766414] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.766452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.766464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.766485] Call Trace: [ 14.766503] <TASK> [ 14.766517] dump_stack_lvl+0x73/0xb0 [ 14.766543] print_report+0xd1/0x650 [ 14.766563] ? __virt_addr_valid+0x1db/0x2d0 [ 14.766650] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.766675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.766700] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.766726] kasan_report+0x140/0x180 [ 14.766747] ? kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.766777] kasan_check_range+0x10c/0x1c0 [ 14.766799] __kasan_check_write+0x18/0x20 [ 14.766820] kasan_bitops_modify.constprop.0+0x2d6/0xd50 [ 14.766845] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.766869] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.766893] ? trace_hardirqs_on+0x37/0xe0 [ 14.766914] ? kasan_bitops_generic+0x93/0x1c0 [ 14.766940] kasan_bitops_generic+0x117/0x1c0 [ 14.766962] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.766983] ? trace_hardirqs_on+0x37/0xe0 [ 14.767005] ? __pfx_read_tsc+0x10/0x10 [ 14.767036] ? ktime_get_ts64+0x86/0x230 [ 14.767058] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.767084] kunit_try_run_case+0x1a6/0x480 [ 14.767107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.767129] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.767153] ? __kthread_parkme+0x82/0x160 [ 14.767174] ? preempt_count_sub+0x50/0x80 [ 14.767197] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.767220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.767244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.767270] kthread+0x324/0x6e0 [ 14.767291] ? trace_preempt_on+0x20/0xc0 [ 14.767312] ? __pfx_kthread+0x10/0x10 [ 14.767373] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.767395] ? calculate_sigpending+0x7b/0xa0 [ 14.767416] ? __pfx_kthread+0x10/0x10 [ 14.767439] ret_from_fork+0x41/0x80 [ 14.767457] ? __pfx_kthread+0x10/0x10 [ 14.767478] ret_from_fork_asm+0x1a/0x30 [ 14.767509] </TASK> [ 14.767519] [ 14.775576] Allocated by task 269: [ 14.775753] kasan_save_stack+0x45/0x70 [ 14.775952] kasan_save_track+0x18/0x40 [ 14.776149] kasan_save_alloc_info+0x3b/0x50 [ 14.776355] __kasan_kmalloc+0xb7/0xc0 [ 14.776537] __kmalloc_cache_noprof+0x18a/0x420 [ 14.776819] kasan_bitops_generic+0x93/0x1c0 [ 14.777029] kunit_try_run_case+0x1a6/0x480 [ 14.777208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.777384] kthread+0x324/0x6e0 [ 14.777505] ret_from_fork+0x41/0x80 [ 14.777630] ret_from_fork_asm+0x1a/0x30 [ 14.778027] [ 14.778128] The buggy address belongs to the object at ffff888101b5abe0 [ 14.778128] which belongs to the cache kmalloc-16 of size 16 [ 14.778671] The buggy address is located 8 bytes inside of [ 14.778671] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.779486] [ 14.779566] The buggy address belongs to the physical page: [ 14.779754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.780005] flags: 0x200000000000000(node=0|zone=2) [ 14.780252] page_type: f5(slab) [ 14.780428] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.780747] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.780969] page dumped because: kasan: bad access detected [ 14.782353] [ 14.782827] Memory state around the buggy address: [ 14.783655] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.784368] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.784600] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.784813] ^ [ 14.785021] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.785240] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.786052] ================================================================== [ 14.786909] ================================================================== [ 14.787474] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.788107] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.788685] [ 14.788900] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.788942] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.788954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.788983] Call Trace: [ 14.788996] <TASK> [ 14.789011] dump_stack_lvl+0x73/0xb0 [ 14.789054] print_report+0xd1/0x650 [ 14.789075] ? __virt_addr_valid+0x1db/0x2d0 [ 14.789096] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.789120] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.789145] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.789169] kasan_report+0x140/0x180 [ 14.789190] ? kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.789218] kasan_check_range+0x10c/0x1c0 [ 14.789240] __kasan_check_write+0x18/0x20 [ 14.789262] kasan_bitops_modify.constprop.0+0x374/0xd50 [ 14.789286] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.789311] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.789333] ? trace_hardirqs_on+0x37/0xe0 [ 14.789356] ? kasan_bitops_generic+0x93/0x1c0 [ 14.789381] kasan_bitops_generic+0x117/0x1c0 [ 14.789403] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.789425] ? trace_hardirqs_on+0x37/0xe0 [ 14.789446] ? __pfx_read_tsc+0x10/0x10 [ 14.789467] ? ktime_get_ts64+0x86/0x230 [ 14.789487] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.789513] kunit_try_run_case+0x1a6/0x480 [ 14.789535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.789764] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.789791] ? __kthread_parkme+0x82/0x160 [ 14.789813] ? preempt_count_sub+0x50/0x80 [ 14.789837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.789859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.789886] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.789911] kthread+0x324/0x6e0 [ 14.789933] ? trace_preempt_on+0x20/0xc0 [ 14.789955] ? __pfx_kthread+0x10/0x10 [ 14.789976] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.789998] ? calculate_sigpending+0x7b/0xa0 [ 14.790034] ? __pfx_kthread+0x10/0x10 [ 14.790055] ret_from_fork+0x41/0x80 [ 14.790074] ? __pfx_kthread+0x10/0x10 [ 14.790095] ret_from_fork_asm+0x1a/0x30 [ 14.790125] </TASK> [ 14.790136] [ 14.804490] Allocated by task 269: [ 14.804910] kasan_save_stack+0x45/0x70 [ 14.805299] kasan_save_track+0x18/0x40 [ 14.805878] kasan_save_alloc_info+0x3b/0x50 [ 14.806316] __kasan_kmalloc+0xb7/0xc0 [ 14.806702] __kmalloc_cache_noprof+0x18a/0x420 [ 14.807058] kasan_bitops_generic+0x93/0x1c0 [ 14.807399] kunit_try_run_case+0x1a6/0x480 [ 14.807730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.807913] kthread+0x324/0x6e0 [ 14.808046] ret_from_fork+0x41/0x80 [ 14.808174] ret_from_fork_asm+0x1a/0x30 [ 14.808313] [ 14.808390] The buggy address belongs to the object at ffff888101b5abe0 [ 14.808390] which belongs to the cache kmalloc-16 of size 16 [ 14.809250] The buggy address is located 8 bytes inside of [ 14.809250] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.810497] [ 14.810744] The buggy address belongs to the physical page: [ 14.811295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.812114] flags: 0x200000000000000(node=0|zone=2) [ 14.812595] page_type: f5(slab) [ 14.812897] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.813613] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.814193] page dumped because: kasan: bad access detected [ 14.814365] [ 14.814435] Memory state around the buggy address: [ 14.814712] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.815450] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.816276] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.816968] ^ [ 14.817597] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.817871] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.818387] ================================================================== [ 14.705133] ================================================================== [ 14.705572] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.706049] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.706360] [ 14.706468] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.706509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.706520] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.706541] Call Trace: [ 14.706554] <TASK> [ 14.706570] dump_stack_lvl+0x73/0xb0 [ 14.706595] print_report+0xd1/0x650 [ 14.706617] ? __virt_addr_valid+0x1db/0x2d0 [ 14.706638] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.706663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.706688] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.706713] kasan_report+0x140/0x180 [ 14.706734] ? kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.706763] kasan_check_range+0x10c/0x1c0 [ 14.706785] __kasan_check_write+0x18/0x20 [ 14.706808] kasan_bitops_modify.constprop.0+0x102/0xd50 [ 14.706832] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.706857] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.706880] ? trace_hardirqs_on+0x37/0xe0 [ 14.706901] ? kasan_bitops_generic+0x93/0x1c0 [ 14.706927] kasan_bitops_generic+0x117/0x1c0 [ 14.706949] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.706971] ? trace_hardirqs_on+0x37/0xe0 [ 14.706993] ? __pfx_read_tsc+0x10/0x10 [ 14.707027] ? ktime_get_ts64+0x86/0x230 [ 14.707050] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.707077] kunit_try_run_case+0x1a6/0x480 [ 14.707099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.707122] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.707146] ? __kthread_parkme+0x82/0x160 [ 14.707166] ? preempt_count_sub+0x50/0x80 [ 14.707191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.707213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.707238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.707265] kthread+0x324/0x6e0 [ 14.707286] ? trace_preempt_on+0x20/0xc0 [ 14.707307] ? __pfx_kthread+0x10/0x10 [ 14.707329] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.707351] ? calculate_sigpending+0x7b/0xa0 [ 14.707374] ? __pfx_kthread+0x10/0x10 [ 14.707396] ret_from_fork+0x41/0x80 [ 14.707415] ? __pfx_kthread+0x10/0x10 [ 14.707436] ret_from_fork_asm+0x1a/0x30 [ 14.707467] </TASK> [ 14.707478] [ 14.715525] Allocated by task 269: [ 14.715843] kasan_save_stack+0x45/0x70 [ 14.716061] kasan_save_track+0x18/0x40 [ 14.716308] kasan_save_alloc_info+0x3b/0x50 [ 14.716518] __kasan_kmalloc+0xb7/0xc0 [ 14.716808] __kmalloc_cache_noprof+0x18a/0x420 [ 14.717038] kasan_bitops_generic+0x93/0x1c0 [ 14.717187] kunit_try_run_case+0x1a6/0x480 [ 14.717331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.717539] kthread+0x324/0x6e0 [ 14.717706] ret_from_fork+0x41/0x80 [ 14.717889] ret_from_fork_asm+0x1a/0x30 [ 14.718186] [ 14.718279] The buggy address belongs to the object at ffff888101b5abe0 [ 14.718279] which belongs to the cache kmalloc-16 of size 16 [ 14.718973] The buggy address is located 8 bytes inside of [ 14.718973] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.720506] [ 14.720815] The buggy address belongs to the physical page: [ 14.721321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.721696] flags: 0x200000000000000(node=0|zone=2) [ 14.722162] page_type: f5(slab) [ 14.722458] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.722988] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.723231] page dumped because: kasan: bad access detected [ 14.723401] [ 14.723472] Memory state around the buggy address: [ 14.723662] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.723970] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.724297] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.724729] ^ [ 14.724945] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.725280] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.725562] ================================================================== [ 14.851712] ================================================================== [ 14.852439] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.853268] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.854007] [ 14.854206] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.854257] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.854269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.854302] Call Trace: [ 14.854318] <TASK> [ 14.854342] dump_stack_lvl+0x73/0xb0 [ 14.854366] print_report+0xd1/0x650 [ 14.854387] ? __virt_addr_valid+0x1db/0x2d0 [ 14.854420] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.854444] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.854469] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.854493] kasan_report+0x140/0x180 [ 14.854515] ? kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.854560] kasan_check_range+0x10c/0x1c0 [ 14.854583] __kasan_check_write+0x18/0x20 [ 14.854605] kasan_bitops_modify.constprop.0+0x4ad/0xd50 [ 14.854629] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.854654] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.854677] ? trace_hardirqs_on+0x37/0xe0 [ 14.854699] ? kasan_bitops_generic+0x93/0x1c0 [ 14.854739] kasan_bitops_generic+0x117/0x1c0 [ 14.854762] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.854783] ? trace_hardirqs_on+0x37/0xe0 [ 14.854804] ? __pfx_read_tsc+0x10/0x10 [ 14.854826] ? ktime_get_ts64+0x86/0x230 [ 14.854848] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.854875] kunit_try_run_case+0x1a6/0x480 [ 14.854897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.854920] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.854945] ? __kthread_parkme+0x82/0x160 [ 14.854968] ? preempt_count_sub+0x50/0x80 [ 14.854992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.855023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.855049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.855075] kthread+0x324/0x6e0 [ 14.855096] ? trace_preempt_on+0x20/0xc0 [ 14.855117] ? __pfx_kthread+0x10/0x10 [ 14.855139] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.855162] ? calculate_sigpending+0x7b/0xa0 [ 14.855183] ? __pfx_kthread+0x10/0x10 [ 14.855205] ret_from_fork+0x41/0x80 [ 14.855223] ? __pfx_kthread+0x10/0x10 [ 14.855245] ret_from_fork_asm+0x1a/0x30 [ 14.855276] </TASK> [ 14.855286] [ 14.871707] Allocated by task 269: [ 14.871892] kasan_save_stack+0x45/0x70 [ 14.872046] kasan_save_track+0x18/0x40 [ 14.872523] kasan_save_alloc_info+0x3b/0x50 [ 14.872994] __kasan_kmalloc+0xb7/0xc0 [ 14.873147] __kmalloc_cache_noprof+0x18a/0x420 [ 14.873460] kasan_bitops_generic+0x93/0x1c0 [ 14.873954] kunit_try_run_case+0x1a6/0x480 [ 14.874369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.874844] kthread+0x324/0x6e0 [ 14.874995] ret_from_fork+0x41/0x80 [ 14.875169] ret_from_fork_asm+0x1a/0x30 [ 14.875599] [ 14.875759] The buggy address belongs to the object at ffff888101b5abe0 [ 14.875759] which belongs to the cache kmalloc-16 of size 16 [ 14.876901] The buggy address is located 8 bytes inside of [ 14.876901] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.877755] [ 14.877957] The buggy address belongs to the physical page: [ 14.878136] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.878923] flags: 0x200000000000000(node=0|zone=2) [ 14.879366] page_type: f5(slab) [ 14.879484] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.880252] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.881130] page dumped because: kasan: bad access detected [ 14.881672] [ 14.881786] Memory state around the buggy address: [ 14.881964] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.882651] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.883165] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.883371] ^ [ 14.883608] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.884292] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.885077] ================================================================== [ 14.885946] ================================================================== [ 14.886663] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.887265] Write of size 8 at addr ffff888101b5abe8 by task kunit_try_catch/269 [ 14.887490] [ 14.887614] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.887653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.887664] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.887685] Call Trace: [ 14.887699] <TASK> [ 14.887714] dump_stack_lvl+0x73/0xb0 [ 14.887740] print_report+0xd1/0x650 [ 14.887772] ? __virt_addr_valid+0x1db/0x2d0 [ 14.887792] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.887817] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.887852] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.887877] kasan_report+0x140/0x180 [ 14.887898] ? kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.887928] kasan_check_range+0x10c/0x1c0 [ 14.887950] __kasan_check_write+0x18/0x20 [ 14.887971] kasan_bitops_modify.constprop.0+0x548/0xd50 [ 14.887996] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.888030] ? __kmalloc_cache_noprof+0x18a/0x420 [ 14.888053] ? trace_hardirqs_on+0x37/0xe0 [ 14.888075] ? kasan_bitops_generic+0x93/0x1c0 [ 14.888101] kasan_bitops_generic+0x117/0x1c0 [ 14.888123] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.888154] ? trace_hardirqs_on+0x37/0xe0 [ 14.888175] ? __pfx_read_tsc+0x10/0x10 [ 14.888196] ? ktime_get_ts64+0x86/0x230 [ 14.888227] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.888254] kunit_try_run_case+0x1a6/0x480 [ 14.888276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.888299] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.888323] ? __kthread_parkme+0x82/0x160 [ 14.888353] ? preempt_count_sub+0x50/0x80 [ 14.888377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.888399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.888435] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.888461] kthread+0x324/0x6e0 [ 14.888481] ? trace_preempt_on+0x20/0xc0 [ 14.888503] ? __pfx_kthread+0x10/0x10 [ 14.888525] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.888579] ? calculate_sigpending+0x7b/0xa0 [ 14.888601] ? __pfx_kthread+0x10/0x10 [ 14.888623] ret_from_fork+0x41/0x80 [ 14.888641] ? __pfx_kthread+0x10/0x10 [ 14.888664] ret_from_fork_asm+0x1a/0x30 [ 14.888695] </TASK> [ 14.888705] [ 14.898163] Allocated by task 269: [ 14.898347] kasan_save_stack+0x45/0x70 [ 14.898568] kasan_save_track+0x18/0x40 [ 14.898822] kasan_save_alloc_info+0x3b/0x50 [ 14.898997] __kasan_kmalloc+0xb7/0xc0 [ 14.899200] __kmalloc_cache_noprof+0x18a/0x420 [ 14.899390] kasan_bitops_generic+0x93/0x1c0 [ 14.899562] kunit_try_run_case+0x1a6/0x480 [ 14.899773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.900032] kthread+0x324/0x6e0 [ 14.900203] ret_from_fork+0x41/0x80 [ 14.900339] ret_from_fork_asm+0x1a/0x30 [ 14.900478] [ 14.900568] The buggy address belongs to the object at ffff888101b5abe0 [ 14.900568] which belongs to the cache kmalloc-16 of size 16 [ 14.901139] The buggy address is located 8 bytes inside of [ 14.901139] allocated 9-byte region [ffff888101b5abe0, ffff888101b5abe9) [ 14.902050] [ 14.902137] The buggy address belongs to the physical page: [ 14.902382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 14.902678] flags: 0x200000000000000(node=0|zone=2) [ 14.902841] page_type: f5(slab) [ 14.902962] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.903208] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.903797] page dumped because: kasan: bad access detected [ 14.904054] [ 14.904148] Memory state around the buggy address: [ 14.904366] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.904724] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 14.905067] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 14.905274] ^ [ 14.905472] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.905709] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.906187] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.674219] ================================================================== [ 14.674557] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.674984] Read of size 1 at addr ffff888101bf5750 by task kunit_try_catch/267 [ 14.675270] [ 14.675371] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.675409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.675420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.675441] Call Trace: [ 14.675456] <TASK> [ 14.675470] dump_stack_lvl+0x73/0xb0 [ 14.675492] print_report+0xd1/0x650 [ 14.675512] ? __virt_addr_valid+0x1db/0x2d0 [ 14.675532] ? strnlen+0x73/0x80 [ 14.675550] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.675627] ? strnlen+0x73/0x80 [ 14.675648] kasan_report+0x140/0x180 [ 14.675669] ? strnlen+0x73/0x80 [ 14.675693] __asan_report_load1_noabort+0x18/0x20 [ 14.675717] strnlen+0x73/0x80 [ 14.675738] kasan_strings+0x4c3/0xb60 [ 14.675760] ? __pfx_kasan_strings+0x10/0x10 [ 14.675780] ? __schedule+0xce8/0x2840 [ 14.675802] ? __pfx_read_tsc+0x10/0x10 [ 14.675822] ? ktime_get_ts64+0x86/0x230 [ 14.675847] kunit_try_run_case+0x1a6/0x480 [ 14.675869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.675891] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.675914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.675937] ? __kthread_parkme+0x82/0x160 [ 14.675959] ? preempt_count_sub+0x50/0x80 [ 14.675984] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.676007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.676043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.676069] kthread+0x324/0x6e0 [ 14.676090] ? trace_preempt_on+0x20/0xc0 [ 14.676112] ? __pfx_kthread+0x10/0x10 [ 14.676134] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.676156] ? calculate_sigpending+0x7b/0xa0 [ 14.676176] ? __pfx_kthread+0x10/0x10 [ 14.676198] ret_from_fork+0x41/0x80 [ 14.676217] ? __pfx_kthread+0x10/0x10 [ 14.676239] ret_from_fork_asm+0x1a/0x30 [ 14.676269] </TASK> [ 14.676279] [ 14.683262] Allocated by task 267: [ 14.683390] kasan_save_stack+0x45/0x70 [ 14.683534] kasan_save_track+0x18/0x40 [ 14.683666] kasan_save_alloc_info+0x3b/0x50 [ 14.683872] __kasan_kmalloc+0xb7/0xc0 [ 14.684146] __kmalloc_cache_noprof+0x18a/0x420 [ 14.684370] kasan_strings+0xb9/0xb60 [ 14.684551] kunit_try_run_case+0x1a6/0x480 [ 14.684755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.685001] kthread+0x324/0x6e0 [ 14.685178] ret_from_fork+0x41/0x80 [ 14.685356] ret_from_fork_asm+0x1a/0x30 [ 14.685555] [ 14.685649] Freed by task 267: [ 14.685807] kasan_save_stack+0x45/0x70 [ 14.685977] kasan_save_track+0x18/0x40 [ 14.686203] kasan_save_free_info+0x3f/0x60 [ 14.686387] __kasan_slab_free+0x56/0x70 [ 14.686558] kfree+0x224/0x3f0 [ 14.686873] kasan_strings+0x13c/0xb60 [ 14.687075] kunit_try_run_case+0x1a6/0x480 [ 14.687268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.687494] kthread+0x324/0x6e0 [ 14.687733] ret_from_fork+0x41/0x80 [ 14.687865] ret_from_fork_asm+0x1a/0x30 [ 14.688003] [ 14.688087] The buggy address belongs to the object at ffff888101bf5740 [ 14.688087] which belongs to the cache kmalloc-32 of size 32 [ 14.688550] The buggy address is located 16 bytes inside of [ 14.688550] freed 32-byte region [ffff888101bf5740, ffff888101bf5760) [ 14.689523] [ 14.689620] The buggy address belongs to the physical page: [ 14.689847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf5 [ 14.690195] flags: 0x200000000000000(node=0|zone=2) [ 14.690367] page_type: f5(slab) [ 14.690485] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.690871] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.691198] page dumped because: kasan: bad access detected [ 14.691784] [ 14.691894] Memory state around the buggy address: [ 14.692067] ffff888101bf5600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.692297] ffff888101bf5680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.692607] >ffff888101bf5700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.693025] ^ [ 14.693203] ffff888101bf5780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.693415] ffff888101bf5800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.693623] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.654108] ================================================================== [ 14.654452] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.654687] Read of size 1 at addr ffff888101bf5750 by task kunit_try_catch/267 [ 14.655117] [ 14.655224] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.655261] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.655273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.655292] Call Trace: [ 14.655305] <TASK> [ 14.655320] dump_stack_lvl+0x73/0xb0 [ 14.655343] print_report+0xd1/0x650 [ 14.655364] ? __virt_addr_valid+0x1db/0x2d0 [ 14.655385] ? strlen+0x8f/0xb0 [ 14.655403] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.655428] ? strlen+0x8f/0xb0 [ 14.655445] kasan_report+0x140/0x180 [ 14.655467] ? strlen+0x8f/0xb0 [ 14.655489] __asan_report_load1_noabort+0x18/0x20 [ 14.655512] strlen+0x8f/0xb0 [ 14.655530] kasan_strings+0x425/0xb60 [ 14.655551] ? __pfx_kasan_strings+0x10/0x10 [ 14.655571] ? __schedule+0xce8/0x2840 [ 14.655593] ? __pfx_read_tsc+0x10/0x10 [ 14.655613] ? ktime_get_ts64+0x86/0x230 [ 14.655638] kunit_try_run_case+0x1a6/0x480 [ 14.655660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655681] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.655704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.655726] ? __kthread_parkme+0x82/0x160 [ 14.655748] ? preempt_count_sub+0x50/0x80 [ 14.655772] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.655819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.655844] kthread+0x324/0x6e0 [ 14.655865] ? trace_preempt_on+0x20/0xc0 [ 14.655887] ? __pfx_kthread+0x10/0x10 [ 14.655909] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.655931] ? calculate_sigpending+0x7b/0xa0 [ 14.655951] ? __pfx_kthread+0x10/0x10 [ 14.655973] ret_from_fork+0x41/0x80 [ 14.655990] ? __pfx_kthread+0x10/0x10 [ 14.656012] ret_from_fork_asm+0x1a/0x30 [ 14.656052] </TASK> [ 14.656061] [ 14.663180] Allocated by task 267: [ 14.663402] kasan_save_stack+0x45/0x70 [ 14.663596] kasan_save_track+0x18/0x40 [ 14.663729] kasan_save_alloc_info+0x3b/0x50 [ 14.663875] __kasan_kmalloc+0xb7/0xc0 [ 14.664004] __kmalloc_cache_noprof+0x18a/0x420 [ 14.664305] kasan_strings+0xb9/0xb60 [ 14.664502] kunit_try_run_case+0x1a6/0x480 [ 14.664708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.664963] kthread+0x324/0x6e0 [ 14.665207] ret_from_fork+0x41/0x80 [ 14.665401] ret_from_fork_asm+0x1a/0x30 [ 14.665652] [ 14.665750] Freed by task 267: [ 14.665887] kasan_save_stack+0x45/0x70 [ 14.666031] kasan_save_track+0x18/0x40 [ 14.666164] kasan_save_free_info+0x3f/0x60 [ 14.666306] __kasan_slab_free+0x56/0x70 [ 14.666462] kfree+0x224/0x3f0 [ 14.666618] kasan_strings+0x13c/0xb60 [ 14.666800] kunit_try_run_case+0x1a6/0x480 [ 14.667001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.667604] kthread+0x324/0x6e0 [ 14.667791] ret_from_fork+0x41/0x80 [ 14.668045] ret_from_fork_asm+0x1a/0x30 [ 14.668189] [ 14.668258] The buggy address belongs to the object at ffff888101bf5740 [ 14.668258] which belongs to the cache kmalloc-32 of size 32 [ 14.669052] The buggy address is located 16 bytes inside of [ 14.669052] freed 32-byte region [ffff888101bf5740, ffff888101bf5760) [ 14.669538] [ 14.669751] The buggy address belongs to the physical page: [ 14.669953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf5 [ 14.670290] flags: 0x200000000000000(node=0|zone=2) [ 14.670493] page_type: f5(slab) [ 14.670845] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.671139] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.671363] page dumped because: kasan: bad access detected [ 14.671533] [ 14.671637] Memory state around the buggy address: [ 14.671862] ffff888101bf5600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.672228] ffff888101bf5680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.672615] >ffff888101bf5700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.672888] ^ [ 14.673080] ffff888101bf5780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.673330] ffff888101bf5800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.673652] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 14.626188] ================================================================== [ 14.626425] BUG: KASAN: slab-use-after-free in kasan_strings+0xa0c/0xb60 [ 14.626819] Read of size 1 at addr ffff888101bf5750 by task kunit_try_catch/267 [ 14.627283] [ 14.627367] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.627407] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.627418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.627439] Call Trace: [ 14.627454] <TASK> [ 14.627469] dump_stack_lvl+0x73/0xb0 [ 14.627493] print_report+0xd1/0x650 [ 14.627513] ? __virt_addr_valid+0x1db/0x2d0 [ 14.627535] ? kasan_strings+0xa0c/0xb60 [ 14.627553] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.627578] ? kasan_strings+0xa0c/0xb60 [ 14.627597] kasan_report+0x140/0x180 [ 14.627619] ? kasan_strings+0xa0c/0xb60 [ 14.627642] __asan_report_load1_noabort+0x18/0x20 [ 14.627665] kasan_strings+0xa0c/0xb60 [ 14.627757] ? __pfx_kasan_strings+0x10/0x10 [ 14.627778] ? __schedule+0xce8/0x2840 [ 14.627801] ? __pfx_read_tsc+0x10/0x10 [ 14.627822] ? ktime_get_ts64+0x86/0x230 [ 14.627847] kunit_try_run_case+0x1a6/0x480 [ 14.627869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627889] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.627912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627935] ? __kthread_parkme+0x82/0x160 [ 14.627956] ? preempt_count_sub+0x50/0x80 [ 14.627980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.628002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.628039] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.628065] kthread+0x324/0x6e0 [ 14.628085] ? trace_preempt_on+0x20/0xc0 [ 14.628107] ? __pfx_kthread+0x10/0x10 [ 14.628152] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.628174] ? calculate_sigpending+0x7b/0xa0 [ 14.628196] ? __pfx_kthread+0x10/0x10 [ 14.628230] ret_from_fork+0x41/0x80 [ 14.628248] ? __pfx_kthread+0x10/0x10 [ 14.628270] ret_from_fork_asm+0x1a/0x30 [ 14.628303] </TASK> [ 14.628313] [ 14.641182] Allocated by task 267: [ 14.641515] kasan_save_stack+0x45/0x70 [ 14.641917] kasan_save_track+0x18/0x40 [ 14.642177] kasan_save_alloc_info+0x3b/0x50 [ 14.642599] __kasan_kmalloc+0xb7/0xc0 [ 14.642999] __kmalloc_cache_noprof+0x18a/0x420 [ 14.643203] kasan_strings+0xb9/0xb60 [ 14.643329] kunit_try_run_case+0x1a6/0x480 [ 14.643466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.643760] kthread+0x324/0x6e0 [ 14.644089] ret_from_fork+0x41/0x80 [ 14.644418] ret_from_fork_asm+0x1a/0x30 [ 14.644850] [ 14.645012] Freed by task 267: [ 14.645307] kasan_save_stack+0x45/0x70 [ 14.645653] kasan_save_track+0x18/0x40 [ 14.646230] kasan_save_free_info+0x3f/0x60 [ 14.646614] __kasan_slab_free+0x56/0x70 [ 14.646998] kfree+0x224/0x3f0 [ 14.647133] kasan_strings+0x13c/0xb60 [ 14.647266] kunit_try_run_case+0x1a6/0x480 [ 14.647409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647597] kthread+0x324/0x6e0 [ 14.647719] ret_from_fork+0x41/0x80 [ 14.647990] ret_from_fork_asm+0x1a/0x30 [ 14.648202] [ 14.648289] The buggy address belongs to the object at ffff888101bf5740 [ 14.648289] which belongs to the cache kmalloc-32 of size 32 [ 14.648916] The buggy address is located 16 bytes inside of [ 14.648916] freed 32-byte region [ffff888101bf5740, ffff888101bf5760) [ 14.649394] [ 14.649465] The buggy address belongs to the physical page: [ 14.649634] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf5 [ 14.649986] flags: 0x200000000000000(node=0|zone=2) [ 14.650347] page_type: f5(slab) [ 14.650528] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.650832] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.651189] page dumped because: kasan: bad access detected [ 14.651443] [ 14.651518] Memory state around the buggy address: [ 14.651885] ffff888101bf5600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.652154] ffff888101bf5680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.652377] >ffff888101bf5700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.652681] ^ [ 14.652970] ffff888101bf5780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.653255] ffff888101bf5800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.653487] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 14.588653] ================================================================== [ 14.591041] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 14.591764] Read of size 1 at addr ffff888101bf5750 by task kunit_try_catch/267 [ 14.592467] [ 14.592713] CPU: 1 UID: 0 PID: 267 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.592756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.592769] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.592789] Call Trace: [ 14.592803] <TASK> [ 14.592819] dump_stack_lvl+0x73/0xb0 [ 14.592844] print_report+0xd1/0x650 [ 14.592866] ? __virt_addr_valid+0x1db/0x2d0 [ 14.592887] ? strcmp+0xb0/0xc0 [ 14.592905] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.592929] ? strcmp+0xb0/0xc0 [ 14.592947] kasan_report+0x140/0x180 [ 14.592968] ? strcmp+0xb0/0xc0 [ 14.593010] __asan_report_load1_noabort+0x18/0x20 [ 14.593044] strcmp+0xb0/0xc0 [ 14.593063] kasan_strings+0x2d3/0xb60 [ 14.593084] ? __pfx_kasan_strings+0x10/0x10 [ 14.593103] ? __schedule+0xce8/0x2840 [ 14.593126] ? __pfx_read_tsc+0x10/0x10 [ 14.593146] ? ktime_get_ts64+0x86/0x230 [ 14.593172] kunit_try_run_case+0x1a6/0x480 [ 14.593194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593214] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.593237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.593260] ? __kthread_parkme+0x82/0x160 [ 14.593281] ? preempt_count_sub+0x50/0x80 [ 14.593306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.593353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.593379] kthread+0x324/0x6e0 [ 14.593399] ? trace_preempt_on+0x20/0xc0 [ 14.593422] ? __pfx_kthread+0x10/0x10 [ 14.593443] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.593464] ? calculate_sigpending+0x7b/0xa0 [ 14.593485] ? __pfx_kthread+0x10/0x10 [ 14.593508] ret_from_fork+0x41/0x80 [ 14.593525] ? __pfx_kthread+0x10/0x10 [ 14.593547] ret_from_fork_asm+0x1a/0x30 [ 14.593578] </TASK> [ 14.593588] [ 14.606318] Allocated by task 267: [ 14.606459] kasan_save_stack+0x45/0x70 [ 14.606698] kasan_save_track+0x18/0x40 [ 14.607155] kasan_save_alloc_info+0x3b/0x50 [ 14.607578] __kasan_kmalloc+0xb7/0xc0 [ 14.608031] __kmalloc_cache_noprof+0x18a/0x420 [ 14.608533] kasan_strings+0xb9/0xb60 [ 14.608942] kunit_try_run_case+0x1a6/0x480 [ 14.609393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.609952] kthread+0x324/0x6e0 [ 14.610265] ret_from_fork+0x41/0x80 [ 14.610673] ret_from_fork_asm+0x1a/0x30 [ 14.611127] [ 14.611344] Freed by task 267: [ 14.611552] kasan_save_stack+0x45/0x70 [ 14.611870] kasan_save_track+0x18/0x40 [ 14.612307] kasan_save_free_info+0x3f/0x60 [ 14.612783] __kasan_slab_free+0x56/0x70 [ 14.613090] kfree+0x224/0x3f0 [ 14.613388] kasan_strings+0x13c/0xb60 [ 14.613670] kunit_try_run_case+0x1a6/0x480 [ 14.613964] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.614184] kthread+0x324/0x6e0 [ 14.614306] ret_from_fork+0x41/0x80 [ 14.614429] ret_from_fork_asm+0x1a/0x30 [ 14.614563] [ 14.614681] The buggy address belongs to the object at ffff888101bf5740 [ 14.614681] which belongs to the cache kmalloc-32 of size 32 [ 14.615893] The buggy address is located 16 bytes inside of [ 14.615893] freed 32-byte region [ffff888101bf5740, ffff888101bf5760) [ 14.617112] [ 14.617276] The buggy address belongs to the physical page: [ 14.617823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf5 [ 14.618549] flags: 0x200000000000000(node=0|zone=2) [ 14.619074] page_type: f5(slab) [ 14.619420] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.620229] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.620982] page dumped because: kasan: bad access detected [ 14.621476] [ 14.621636] Memory state around the buggy address: [ 14.622077] ffff888101bf5600: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.622381] ffff888101bf5680: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.623085] >ffff888101bf5700: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.623736] ^ [ 14.623988] ffff888101bf5780: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.624786] ffff888101bf5800: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 14.625470] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 14.558786] ================================================================== [ 14.559390] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 14.559816] Read of size 1 at addr ffff888102a33fd8 by task kunit_try_catch/265 [ 14.560300] [ 14.560664] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.560835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.560851] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.560872] Call Trace: [ 14.560884] <TASK> [ 14.560899] dump_stack_lvl+0x73/0xb0 [ 14.560929] print_report+0xd1/0x650 [ 14.560953] ? __virt_addr_valid+0x1db/0x2d0 [ 14.560978] ? memcmp+0x1b4/0x1d0 [ 14.561000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.561041] ? memcmp+0x1b4/0x1d0 [ 14.561063] kasan_report+0x140/0x180 [ 14.561088] ? memcmp+0x1b4/0x1d0 [ 14.561114] __asan_report_load1_noabort+0x18/0x20 [ 14.561140] memcmp+0x1b4/0x1d0 [ 14.561164] kasan_memcmp+0x190/0x390 [ 14.561188] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.561211] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.561244] ? __pfx_kasan_memcmp+0x10/0x10 [ 14.561271] kunit_try_run_case+0x1a6/0x480 [ 14.561296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561320] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.561346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.561373] ? __kthread_parkme+0x82/0x160 [ 14.561397] ? preempt_count_sub+0x50/0x80 [ 14.561424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.561450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.561478] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.561506] kthread+0x324/0x6e0 [ 14.561530] ? trace_preempt_on+0x20/0xc0 [ 14.561579] ? __pfx_kthread+0x10/0x10 [ 14.561605] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.561629] ? calculate_sigpending+0x7b/0xa0 [ 14.561654] ? __pfx_kthread+0x10/0x10 [ 14.561679] ret_from_fork+0x41/0x80 [ 14.561702] ? __pfx_kthread+0x10/0x10 [ 14.561727] ret_from_fork_asm+0x1a/0x30 [ 14.561766] </TASK> [ 14.561775] [ 14.571534] Allocated by task 265: [ 14.572160] kasan_save_stack+0x45/0x70 [ 14.572459] kasan_save_track+0x18/0x40 [ 14.572819] kasan_save_alloc_info+0x3b/0x50 [ 14.573160] __kasan_kmalloc+0xb7/0xc0 [ 14.573457] __kmalloc_cache_noprof+0x18a/0x420 [ 14.573858] kasan_memcmp+0xb8/0x390 [ 14.574164] kunit_try_run_case+0x1a6/0x480 [ 14.574456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.574892] kthread+0x324/0x6e0 [ 14.575179] ret_from_fork+0x41/0x80 [ 14.575448] ret_from_fork_asm+0x1a/0x30 [ 14.575847] [ 14.575944] The buggy address belongs to the object at ffff888102a33fc0 [ 14.575944] which belongs to the cache kmalloc-32 of size 32 [ 14.576416] The buggy address is located 0 bytes to the right of [ 14.576416] allocated 24-byte region [ffff888102a33fc0, ffff888102a33fd8) [ 14.576905] [ 14.577004] The buggy address belongs to the physical page: [ 14.577867] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a33 [ 14.578353] flags: 0x200000000000000(node=0|zone=2) [ 14.578769] page_type: f5(slab) [ 14.579050] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.579482] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.579973] page dumped because: kasan: bad access detected [ 14.580336] [ 14.580624] Memory state around the buggy address: [ 14.580937] ffff888102a33e80: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 14.581345] ffff888102a33f00: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 14.581997] >ffff888102a33f80: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.582400] ^ [ 14.582760] ffff888102a34000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.583146] ffff888102a34080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.583700] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 14.530736] ================================================================== [ 14.531207] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x32b/0x390 [ 14.531522] Read of size 1 at addr ffff888102d27c4a by task kunit_try_catch/261 [ 14.532100] [ 14.532203] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.532241] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.532252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.532272] Call Trace: [ 14.532283] <TASK> [ 14.532297] dump_stack_lvl+0x73/0xb0 [ 14.532323] print_report+0xd1/0x650 [ 14.532360] ? __virt_addr_valid+0x1db/0x2d0 [ 14.532384] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.532421] ? kasan_addr_to_slab+0x11/0xa0 [ 14.532443] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.532468] kasan_report+0x140/0x180 [ 14.532493] ? kasan_alloca_oob_right+0x32b/0x390 [ 14.532522] __asan_report_load1_noabort+0x18/0x20 [ 14.532548] kasan_alloca_oob_right+0x32b/0x390 [ 14.532573] ? irqentry_exit+0x2a/0x60 [ 14.532604] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.532633] ? trace_hardirqs_on+0x37/0xe0 [ 14.532661] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.532752] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 14.532793] kunit_try_run_case+0x1a6/0x480 [ 14.532820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.532845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.532880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.532907] ? __kthread_parkme+0x82/0x160 [ 14.532942] ? preempt_count_sub+0x50/0x80 [ 14.532969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.532994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.533031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.533060] kthread+0x324/0x6e0 [ 14.533084] ? trace_preempt_on+0x20/0xc0 [ 14.533109] ? __pfx_kthread+0x10/0x10 [ 14.533134] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.533159] ? calculate_sigpending+0x7b/0xa0 [ 14.533184] ? __pfx_kthread+0x10/0x10 [ 14.533209] ret_from_fork+0x41/0x80 [ 14.533231] ? __pfx_kthread+0x10/0x10 [ 14.533256] ret_from_fork_asm+0x1a/0x30 [ 14.533290] </TASK> [ 14.533300] [ 14.543976] The buggy address belongs to stack of task kunit_try_catch/261 [ 14.544279] [ 14.544366] The buggy address belongs to the physical page: [ 14.544954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d27 [ 14.545302] flags: 0x200000000000000(node=0|zone=2) [ 14.545530] raw: 0200000000000000 ffffea00040b49c8 ffffea00040b49c8 0000000000000000 [ 14.546343] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.547318] page dumped because: kasan: bad access detected [ 14.547766] [ 14.547862] Memory state around the buggy address: [ 14.548227] ffff888102d27b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.548509] ffff888102d27b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.549224] >ffff888102d27c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.550083] ^ [ 14.550458] ffff888102d27c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.551021] ffff888102d27d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.551502] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 140.791070] WARNING: CPU: 1 PID: 2517 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.791411] Modules linked in: [ 140.791828] CPU: 1 UID: 0 PID: 2517 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 140.792781] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.793121] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.793370] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.793963] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.795402] RSP: 0000:ffff888102657c78 EFLAGS: 00010286 [ 140.795597] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.795800] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff98612ff4 [ 140.796223] RBP: ffff888102657ca0 R08: 0000000000000000 R09: ffffed10204db620 [ 140.796976] R10: ffff8881026db107 R11: 0000000000000000 R12: ffffffff98612fe0 [ 140.797809] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102657d38 [ 140.798439] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 140.799085] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.799267] CR2: ffffffffffffffff CR3: 00000000244b8000 CR4: 00000000000006f0 [ 140.799470] DR0: ffffffff9a607264 DR1: ffffffff9a607269 DR2: ffffffff9a60726a [ 140.800168] DR3: ffffffff9a60726b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.800923] Call Trace: [ 140.801208] <TASK> [ 140.801456] drm_test_rect_calc_vscale+0x109/0x270 [ 140.802155] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.802342] ? __schedule+0xce8/0x2840 [ 140.802511] ? __pfx_read_tsc+0x10/0x10 [ 140.802979] ? ktime_get_ts64+0x86/0x230 [ 140.803375] kunit_try_run_case+0x1a6/0x480 [ 140.803888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.804299] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 140.804457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.805080] ? __kthread_parkme+0x82/0x160 [ 140.805463] ? preempt_count_sub+0x50/0x80 [ 140.806006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.806324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.806755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.807200] kthread+0x324/0x6e0 [ 140.807351] ? trace_preempt_on+0x20/0xc0 [ 140.807733] ? __pfx_kthread+0x10/0x10 [ 140.808134] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.808428] ? calculate_sigpending+0x7b/0xa0 [ 140.808770] ? __pfx_kthread+0x10/0x10 [ 140.808915] ret_from_fork+0x41/0x80 [ 140.809300] ? __pfx_kthread+0x10/0x10 [ 140.809680] ret_from_fork_asm+0x1a/0x30 [ 140.810270] </TASK> [ 140.810372] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.761398] WARNING: CPU: 0 PID: 2515 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 140.762799] Modules linked in: [ 140.762978] CPU: 0 UID: 0 PID: 2515 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 140.763254] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.763428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.764520] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 140.765076] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.767119] RSP: 0000:ffff88810513fc78 EFLAGS: 00010286 [ 140.767778] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.768009] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff98612fbc [ 140.768218] RBP: ffff88810513fca0 R08: 0000000000000000 R09: ffffed10203d7be0 [ 140.768423] R10: ffff888101ebdf07 R11: 0000000000000000 R12: ffffffff98612fa8 [ 140.768629] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810513fd38 [ 140.768835] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 140.769073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.769248] CR2: 00007ffff7ffe000 CR3: 00000000244b8000 CR4: 00000000000006f0 [ 140.769453] DR0: ffffffff9a607260 DR1: ffffffff9a607261 DR2: ffffffff9a607263 [ 140.769662] DR3: ffffffff9a607265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.769868] Call Trace: [ 140.769992] <TASK> [ 140.770270] drm_test_rect_calc_vscale+0x109/0x270 [ 140.770880] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 140.771443] ? __schedule+0xce8/0x2840 [ 140.772051] ? __pfx_read_tsc+0x10/0x10 [ 140.772465] ? ktime_get_ts64+0x86/0x230 [ 140.773045] kunit_try_run_case+0x1a6/0x480 [ 140.773500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.774245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 140.774837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.775624] ? __kthread_parkme+0x82/0x160 [ 140.776870] ? preempt_count_sub+0x50/0x80 [ 140.777122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.777360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.778450] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.778968] kthread+0x324/0x6e0 [ 140.779630] ? trace_preempt_on+0x20/0xc0 [ 140.780471] ? __pfx_kthread+0x10/0x10 [ 140.781219] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.781385] ? calculate_sigpending+0x7b/0xa0 [ 140.782041] ? __pfx_kthread+0x10/0x10 [ 140.782762] ret_from_fork+0x41/0x80 [ 140.783317] ? __pfx_kthread+0x10/0x10 [ 140.783878] ret_from_fork_asm+0x1a/0x30 [ 140.784069] </TASK> [ 140.784537] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 140.732067] WARNING: CPU: 1 PID: 2505 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.732465] Modules linked in: [ 140.732844] CPU: 1 UID: 0 PID: 2505 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 140.733918] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.734450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.735392] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.736104] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b 72 16 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.737907] RSP: 0000:ffff888105cf7c78 EFLAGS: 00010286 [ 140.738400] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 140.739377] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff98612ff8 [ 140.740143] RBP: ffff888105cf7ca0 R08: 0000000000000000 R09: ffffed10203d7b40 [ 140.740855] R10: ffff888101ebda07 R11: 0000000000000000 R12: ffffffff98612fe0 [ 140.741453] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888105cf7d38 [ 140.741688] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 140.742016] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.742201] CR2: ffffffffffffffff CR3: 00000000244b8000 CR4: 00000000000006f0 [ 140.742410] DR0: ffffffff9a607264 DR1: ffffffff9a607269 DR2: ffffffff9a60726a [ 140.742849] DR3: ffffffff9a60726b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.743167] Call Trace: [ 140.743304] <TASK> [ 140.743426] drm_test_rect_calc_hscale+0x109/0x270 [ 140.743687] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.743957] ? __schedule+0xce8/0x2840 [ 140.744130] ? __pfx_read_tsc+0x10/0x10 [ 140.744334] ? ktime_get_ts64+0x86/0x230 [ 140.744517] kunit_try_run_case+0x1a6/0x480 [ 140.744827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.745037] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 140.745265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.745496] ? __kthread_parkme+0x82/0x160 [ 140.745765] ? preempt_count_sub+0x50/0x80 [ 140.745915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.746308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.746757] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.747022] kthread+0x324/0x6e0 [ 140.747203] ? trace_preempt_on+0x20/0xc0 [ 140.747362] ? __pfx_kthread+0x10/0x10 [ 140.747550] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.747883] ? calculate_sigpending+0x7b/0xa0 [ 140.748100] ? __pfx_kthread+0x10/0x10 [ 140.748268] ret_from_fork+0x41/0x80 [ 140.748454] ? __pfx_kthread+0x10/0x10 [ 140.748676] ret_from_fork_asm+0x1a/0x30 [ 140.748829] </TASK> [ 140.748919] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 140.707418] WARNING: CPU: 0 PID: 2503 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 140.708033] Modules linked in: [ 140.708242] CPU: 0 UID: 0 PID: 2503 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 140.708691] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.709118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.709496] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 140.709760] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 4b 72 16 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 140.711474] RSP: 0000:ffff88810252fc78 EFLAGS: 00010286 [ 140.711683] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 140.712192] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff98612fc0 [ 140.712723] RBP: ffff88810252fca0 R08: 0000000000000000 R09: ffffed10203d7b20 [ 140.713449] R10: ffff888101ebd907 R11: 0000000000000000 R12: ffffffff98612fa8 [ 140.713977] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810252fd38 [ 140.714197] FS: 0000000000000000(0000) GS:ffff88815b000000(0000) knlGS:0000000000000000 [ 140.714434] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.715307] CR2: 00007ffff7ffe000 CR3: 00000000244b8000 CR4: 00000000000006f0 [ 140.716225] DR0: ffffffff9a607260 DR1: ffffffff9a607261 DR2: ffffffff9a607263 [ 140.717238] DR3: ffffffff9a607265 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.718065] Call Trace: [ 140.718455] <TASK> [ 140.718864] drm_test_rect_calc_hscale+0x109/0x270 [ 140.719313] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 140.719496] ? __schedule+0xce8/0x2840 [ 140.720117] ? __pfx_read_tsc+0x10/0x10 [ 140.720510] ? ktime_get_ts64+0x86/0x230 [ 140.721119] kunit_try_run_case+0x1a6/0x480 [ 140.721445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.721709] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 140.721881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.722506] ? __kthread_parkme+0x82/0x160 [ 140.723182] ? preempt_count_sub+0x50/0x80 [ 140.723704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.724115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.724305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.724500] kthread+0x324/0x6e0 [ 140.724989] ? trace_preempt_on+0x20/0xc0 [ 140.725426] ? __pfx_kthread+0x10/0x10 [ 140.725927] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.726380] ? calculate_sigpending+0x7b/0xa0 [ 140.726907] ? __pfx_kthread+0x10/0x10 [ 140.727140] ret_from_fork+0x41/0x80 [ 140.727279] ? __pfx_kthread+0x10/0x10 [ 140.727420] ret_from_fork_asm+0x1a/0x30 [ 140.727605] </TASK> [ 140.727704] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 139.951413] WARNING: CPU: 1 PID: 2301 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 139.952400] Modules linked in: [ 139.952568] CPU: 1 UID: 0 PID: 2301 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 139.952852] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.953240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.954056] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 139.954400] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 139.955889] RSP: 0000:ffff8881062c7b30 EFLAGS: 00010246 [ 139.956304] RAX: dffffc0000000000 RBX: ffff8881062c7c28 RCX: 0000000000000000 [ 139.956677] RDX: 1ffff11020c58f8e RSI: ffff8881062c7c28 RDI: ffff8881062c7c70 [ 139.957509] RBP: ffff8881062c7b70 R08: ffff888100c8c000 R09: ffffffff985bb1e0 [ 139.958180] R10: 0000000000000003 R11: 000000002c6d1ea5 R12: ffff888100c8c000 [ 139.958862] R13: ffff888100317ae8 R14: ffff8881062c7ba8 R15: 0000000000000000 [ 139.959505] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 139.959962] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.960151] CR2: ffffffffffffffff CR3: 00000000244b8000 CR4: 00000000000006f0 [ 139.960363] DR0: ffffffff9a607264 DR1: ffffffff9a607269 DR2: ffffffff9a60726a [ 139.961145] DR3: ffffffff9a60726b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.961996] Call Trace: [ 139.962328] <TASK> [ 139.962635] ? add_dr+0xc1/0x1d0 [ 139.963187] drm_test_framebuffer_init_bad_format+0xfd/0x240 [ 139.963935] ? add_dr+0x148/0x1d0 [ 139.964371] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 139.965119] ? __drmm_add_action+0x1a4/0x280 [ 139.965511] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.965888] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.966397] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.966992] ? __schedule+0xce8/0x2840 [ 139.967192] ? __pfx_read_tsc+0x10/0x10 [ 139.967339] ? ktime_get_ts64+0x86/0x230 [ 139.967493] kunit_try_run_case+0x1a6/0x480 [ 139.967821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.968248] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.968654] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.969362] ? __kthread_parkme+0x82/0x160 [ 139.969780] ? preempt_count_sub+0x50/0x80 [ 139.970168] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.970644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.970892] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.971104] kthread+0x324/0x6e0 [ 139.971232] ? trace_preempt_on+0x20/0xc0 [ 139.971379] ? __pfx_kthread+0x10/0x10 [ 139.971554] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.971942] ? calculate_sigpending+0x7b/0xa0 [ 139.972452] ? __pfx_kthread+0x10/0x10 [ 139.972921] ret_from_fork+0x41/0x80 [ 139.973269] ? __pfx_kthread+0x10/0x10 [ 139.973686] ret_from_fork_asm+0x1a/0x30 [ 139.974111] </TASK> [ 139.974335] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 139.917585] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 139.917767] WARNING: CPU: 1 PID: 2297 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x136/0x1b0 [ 139.919266] Modules linked in: [ 139.919458] CPU: 1 UID: 0 PID: 2297 Comm: kunit_try_catch Tainted: G B D W N 6.14.10-rc1 #1 [ 139.920332] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 139.920518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 139.921430] RIP: 0010:drm_framebuffer_free+0x136/0x1b0 [ 139.922152] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 64 63 82 00 48 c7 c1 e0 61 5b 98 4c 89 fa 48 c7 c7 40 62 5b 98 48 89 c6 e8 eb c7 86 fe 90 <0f> 0b 90 90 e9 25 ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 139.923371] RSP: 0000:ffff888105f97b68 EFLAGS: 00010282 [ 139.923753] RAX: 0000000000000000 RBX: ffff888105f97c40 RCX: 1ffffffff3264420 [ 139.924678] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 139.925112] RBP: ffff888105f97b90 R08: 0000000000000000 R09: fffffbfff3264420 [ 139.925403] R10: 0000000000000003 R11: 00000000000325c8 R12: ffff888105f97c18 [ 139.925872] R13: ffff888105d7d000 R14: ffff888100c8a000 R15: ffff888106807200 [ 139.926194] FS: 0000000000000000(0000) GS:ffff88815b100000(0000) knlGS:0000000000000000 [ 139.926521] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 139.926810] CR2: ffffffffffffffff CR3: 00000000244b8000 CR4: 00000000000006f0 [ 139.927235] DR0: ffffffff9a607264 DR1: ffffffff9a607269 DR2: ffffffff9a60726a [ 139.927504] DR3: ffffffff9a60726b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 139.927850] Call Trace: [ 139.928074] <TASK> [ 139.928205] drm_test_framebuffer_free+0x1ac/0x610 [ 139.928401] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 139.928782] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.929020] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 139.929309] ? __drmm_add_action_or_reset+0x22/0x50 [ 139.929507] ? __schedule+0xce8/0x2840 [ 139.929688] ? __pfx_read_tsc+0x10/0x10 [ 139.930151] ? ktime_get_ts64+0x86/0x230 [ 139.930420] kunit_try_run_case+0x1a6/0x480 [ 139.930712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.930976] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 139.931158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 139.931415] ? __kthread_parkme+0x82/0x160 [ 139.931590] ? preempt_count_sub+0x50/0x80 [ 139.931806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 139.932136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 139.932399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 139.932769] kthread+0x324/0x6e0 [ 139.932987] ? trace_preempt_on+0x20/0xc0 [ 139.933176] ? __pfx_kthread+0x10/0x10 [ 139.933361] ? _raw_spin_unlock_irq+0x47/0x80 [ 139.933612] ? calculate_sigpending+0x7b/0xa0 [ 139.933814] ? __pfx_kthread+0x10/0x10 [ 139.934316] ret_from_fork+0x41/0x80 [ 139.934501] ? __pfx_kthread+0x10/0x10 [ 139.934838] ret_from_fork_asm+0x1a/0x30 [ 139.935090] </TASK> [ 139.935185] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 14.511223] ================================================================== [ 14.511683] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x322/0x380 [ 14.511931] Read of size 1 at addr ffff888102bdfc3f by task kunit_try_catch/259 [ 14.512501] [ 14.512779] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.512822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.512834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.512855] Call Trace: [ 14.512867] <TASK> [ 14.512883] dump_stack_lvl+0x73/0xb0 [ 14.512909] print_report+0xd1/0x650 [ 14.512931] ? __virt_addr_valid+0x1db/0x2d0 [ 14.512954] ? kasan_alloca_oob_left+0x322/0x380 [ 14.512975] ? kasan_addr_to_slab+0x11/0xa0 [ 14.512995] ? kasan_alloca_oob_left+0x322/0x380 [ 14.513029] kasan_report+0x140/0x180 [ 14.513051] ? kasan_alloca_oob_left+0x322/0x380 [ 14.513077] __asan_report_load1_noabort+0x18/0x20 [ 14.513101] kasan_alloca_oob_left+0x322/0x380 [ 14.513124] ? finish_task_switch.isra.0+0x153/0x700 [ 14.513147] ? __ww_mutex_lock.constprop.0+0x4fe/0x1f20 [ 14.513174] ? trace_hardirqs_on+0x37/0xe0 [ 14.513199] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 14.513223] ? __schedule+0xce8/0x2840 [ 14.513245] ? __pfx_read_tsc+0x10/0x10 [ 14.513267] ? ktime_get_ts64+0x86/0x230 [ 14.513293] kunit_try_run_case+0x1a6/0x480 [ 14.513317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513337] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.513360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.513383] ? __kthread_parkme+0x82/0x160 [ 14.513405] ? preempt_count_sub+0x50/0x80 [ 14.513429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.513451] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.513476] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.513502] kthread+0x324/0x6e0 [ 14.513522] ? trace_preempt_on+0x20/0xc0 [ 14.513545] ? __pfx_kthread+0x10/0x10 [ 14.513567] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.513589] ? calculate_sigpending+0x7b/0xa0 [ 14.513611] ? __pfx_kthread+0x10/0x10 [ 14.513633] ret_from_fork+0x41/0x80 [ 14.513650] ? __pfx_kthread+0x10/0x10 [ 14.513672] ret_from_fork_asm+0x1a/0x30 [ 14.513704] </TASK> [ 14.513715] [ 14.522712] The buggy address belongs to stack of task kunit_try_catch/259 [ 14.523066] [ 14.523160] The buggy address belongs to the physical page: [ 14.523387] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bdf [ 14.523745] flags: 0x200000000000000(node=0|zone=2) [ 14.523973] raw: 0200000000000000 ffffea00040af7c8 ffffea00040af7c8 0000000000000000 [ 14.524283] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.524519] page dumped because: kasan: bad access detected [ 14.524715] [ 14.524804] Memory state around the buggy address: [ 14.525033] ffff888102bdfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.525533] ffff888102bdfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.525799] >ffff888102bdfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 14.526008] ^ [ 14.526247] ffff888102bdfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 14.526555] ffff888102bdfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.526813] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 14.479053] ================================================================== [ 14.480698] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b7/0x300 [ 14.480997] Read of size 1 at addr ffff888102cd7d02 by task kunit_try_catch/257 [ 14.481225] [ 14.481308] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.481348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.481360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.481382] Call Trace: [ 14.481395] <TASK> [ 14.481411] dump_stack_lvl+0x73/0xb0 [ 14.481442] print_report+0xd1/0x650 [ 14.481466] ? __virt_addr_valid+0x1db/0x2d0 [ 14.481493] ? kasan_stack_oob+0x2b7/0x300 [ 14.481514] ? kasan_addr_to_slab+0x11/0xa0 [ 14.481537] ? kasan_stack_oob+0x2b7/0x300 [ 14.481559] kasan_report+0x140/0x180 [ 14.481596] ? kasan_stack_oob+0x2b7/0x300 [ 14.481624] __asan_report_load1_noabort+0x18/0x20 [ 14.481651] kasan_stack_oob+0x2b7/0x300 [ 14.481673] ? __pfx_kasan_stack_oob+0x10/0x10 [ 14.481695] ? finish_task_switch.isra.0+0x153/0x700 [ 14.481722] ? __switch_to+0x5d9/0xf60 [ 14.481756] ? __schedule+0xce8/0x2840 [ 14.481782] ? __pfx_read_tsc+0x10/0x10 [ 14.481806] ? ktime_get_ts64+0x86/0x230 [ 14.481834] kunit_try_run_case+0x1a6/0x480 [ 14.481863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.481887] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.481913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.481939] ? __kthread_parkme+0x82/0x160 [ 14.481964] ? preempt_count_sub+0x50/0x80 [ 14.481991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.482027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.482055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.482084] kthread+0x324/0x6e0 [ 14.482107] ? trace_preempt_on+0x20/0xc0 [ 14.482136] ? __pfx_kthread+0x10/0x10 [ 14.482161] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.482186] ? calculate_sigpending+0x7b/0xa0 [ 14.482211] ? __pfx_kthread+0x10/0x10 [ 14.482236] ret_from_fork+0x41/0x80 [ 14.482258] ? __pfx_kthread+0x10/0x10 [ 14.482283] ret_from_fork_asm+0x1a/0x30 [ 14.482317] </TASK> [ 14.482328] [ 14.495319] The buggy address belongs to stack of task kunit_try_catch/257 [ 14.495650] and is located at offset 138 in frame: [ 14.496103] kasan_stack_oob+0x0/0x300 [ 14.496579] [ 14.496765] This frame has 4 objects: [ 14.497403] [48, 49) '__assertion' [ 14.497431] [64, 72) 'array' [ 14.497844] [96, 112) '__assertion' [ 14.498169] [128, 138) 'stack_array' [ 14.498512] [ 14.499119] The buggy address belongs to the physical page: [ 14.499517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cd7 [ 14.500117] flags: 0x200000000000000(node=0|zone=2) [ 14.500292] raw: 0200000000000000 ffffea00040b35c8 ffffea00040b35c8 0000000000000000 [ 14.500522] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 14.501206] page dumped because: kasan: bad access detected [ 14.501778] [ 14.502212] Memory state around the buggy address: [ 14.502717] ffff888102cd7c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.503341] ffff888102cd7c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 14.503821] >ffff888102cd7d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 14.504317] ^ [ 14.504437] ffff888102cd7d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 14.504859] ffff888102cd7e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.505486] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 14.449125] ================================================================== [ 14.449649] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x288/0x2d0 [ 14.449987] Read of size 1 at addr ffffffff9a618d0d by task kunit_try_catch/253 [ 14.450830] [ 14.450951] CPU: 1 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.450993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.451006] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.451262] Call Trace: [ 14.451277] <TASK> [ 14.451293] dump_stack_lvl+0x73/0xb0 [ 14.451319] print_report+0xd1/0x650 [ 14.451342] ? __virt_addr_valid+0x1db/0x2d0 [ 14.451363] ? kasan_global_oob_right+0x288/0x2d0 [ 14.451383] ? kasan_addr_to_slab+0x11/0xa0 [ 14.451404] ? kasan_global_oob_right+0x288/0x2d0 [ 14.451425] kasan_report+0x140/0x180 [ 14.451446] ? kasan_global_oob_right+0x288/0x2d0 [ 14.451471] __asan_report_load1_noabort+0x18/0x20 [ 14.451495] kasan_global_oob_right+0x288/0x2d0 [ 14.451516] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 14.451540] ? __schedule+0xce8/0x2840 [ 14.451591] ? __pfx_read_tsc+0x10/0x10 [ 14.451613] ? ktime_get_ts64+0x86/0x230 [ 14.451638] kunit_try_run_case+0x1a6/0x480 [ 14.451661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451698] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.451722] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451745] ? __kthread_parkme+0x82/0x160 [ 14.451765] ? preempt_count_sub+0x50/0x80 [ 14.451790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.451865] kthread+0x324/0x6e0 [ 14.451885] ? trace_preempt_on+0x20/0xc0 [ 14.451908] ? __pfx_kthread+0x10/0x10 [ 14.451929] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.451950] ? calculate_sigpending+0x7b/0xa0 [ 14.451971] ? __pfx_kthread+0x10/0x10 [ 14.451994] ret_from_fork+0x41/0x80 [ 14.452011] ? __pfx_kthread+0x10/0x10 [ 14.452053] ret_from_fork_asm+0x1a/0x30 [ 14.452083] </TASK> [ 14.452094] [ 14.466008] The buggy address belongs to the variable: [ 14.466396] global_array+0xd/0x40 [ 14.466576] [ 14.466968] The buggy address belongs to the physical page: [ 14.467529] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x25818 [ 14.468152] flags: 0x100000000002000(reserved|node=0|zone=1) [ 14.468354] raw: 0100000000002000 ffffea0000960608 ffffea0000960608 0000000000000000 [ 14.468775] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.469466] page dumped because: kasan: bad access detected [ 14.470238] [ 14.470421] Memory state around the buggy address: [ 14.470916] ffffffff9a618c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.471433] ffffffff9a618c80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.471983] >ffffffff9a618d00: 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 f9 f9 f9 f9 [ 14.472212] ^ [ 14.472336] ffffffff9a618d80: 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 f9 f9 f9 f9 [ 14.472608] ffffffff9a618e00: 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 00 00 00 00 [ 14.473277] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 14.423729] ================================================================== [ 14.424351] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.424752] Free of addr ffff888102cdc001 by task kunit_try_catch/251 [ 14.425144] [ 14.425290] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.425332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.425343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.425365] Call Trace: [ 14.425377] <TASK> [ 14.425393] dump_stack_lvl+0x73/0xb0 [ 14.425423] print_report+0xd1/0x650 [ 14.425447] ? __virt_addr_valid+0x1db/0x2d0 [ 14.425473] ? kasan_addr_to_slab+0x11/0xa0 [ 14.425495] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.425523] kasan_report_invalid_free+0xfc/0x120 [ 14.425549] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.425580] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.425606] __kasan_mempool_poison_object+0x102/0x1d0 [ 14.425632] mempool_free+0x2ec/0x380 [ 14.425659] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.425687] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.425718] ? finish_task_switch.isra.0+0x153/0x700 [ 14.425755] mempool_kmalloc_large_invalid_free+0xee/0x140 [ 14.425781] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 14.425809] ? __kasan_check_write+0x18/0x20 [ 14.425836] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.425858] ? __pfx_mempool_kfree+0x10/0x10 [ 14.425882] ? __pfx_read_tsc+0x10/0x10 [ 14.425906] ? ktime_get_ts64+0x86/0x230 [ 14.425931] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.425962] kunit_try_run_case+0x1a6/0x480 [ 14.425987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.426026] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.426073] ? __kthread_parkme+0x82/0x160 [ 14.426101] ? preempt_count_sub+0x50/0x80 [ 14.426129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.426157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.426187] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.426216] kthread+0x324/0x6e0 [ 14.426240] ? trace_preempt_on+0x20/0xc0 [ 14.426268] ? __pfx_kthread+0x10/0x10 [ 14.426294] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.426320] ? calculate_sigpending+0x7b/0xa0 [ 14.426345] ? __pfx_kthread+0x10/0x10 [ 14.426371] ret_from_fork+0x41/0x80 [ 14.426393] ? __pfx_kthread+0x10/0x10 [ 14.426419] ret_from_fork_asm+0x1a/0x30 [ 14.426454] </TASK> [ 14.426465] [ 14.435361] The buggy address belongs to the physical page: [ 14.435569] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cdc [ 14.435891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.436126] flags: 0x200000000000040(head|node=0|zone=2) [ 14.437317] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.437643] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.437883] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.439012] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.440423] head: 0200000000000002 ffffea00040b3701 ffffffffffffffff 0000000000000000 [ 14.440659] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.442991] page dumped because: kasan: bad access detected [ 14.443457] [ 14.443537] Memory state around the buggy address: [ 14.443700] ffff888102cdbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.444102] ffff888102cdbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.444322] >ffff888102cdc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.444533] ^ [ 14.444848] ffff888102cdc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.445471] ffff888102cdc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.446310] ================================================================== [ 14.395920] ================================================================== [ 14.396430] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.396762] Free of addr ffff888101bd1f01 by task kunit_try_catch/249 [ 14.397131] [ 14.397246] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.397287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.397298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.397318] Call Trace: [ 14.397330] <TASK> [ 14.397345] dump_stack_lvl+0x73/0xb0 [ 14.397370] print_report+0xd1/0x650 [ 14.397393] ? __virt_addr_valid+0x1db/0x2d0 [ 14.397415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.397440] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.397465] kasan_report_invalid_free+0xfc/0x120 [ 14.397487] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.397514] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.397537] ? mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.397560] check_slab_allocation+0x11f/0x130 [ 14.397580] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.397603] mempool_free+0x2ec/0x380 [ 14.397625] mempool_kmalloc_invalid_free_helper+0x133/0x2e0 [ 14.397650] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 14.397678] ? finish_task_switch.isra.0+0x153/0x700 [ 14.397703] mempool_kmalloc_invalid_free+0xee/0x140 [ 14.397727] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 14.397761] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.397779] ? __pfx_mempool_kfree+0x10/0x10 [ 14.397800] ? __pfx_read_tsc+0x10/0x10 [ 14.397822] ? ktime_get_ts64+0x86/0x230 [ 14.397846] kunit_try_run_case+0x1a6/0x480 [ 14.397869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.397892] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.397915] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.397939] ? __kthread_parkme+0x82/0x160 [ 14.397960] ? preempt_count_sub+0x50/0x80 [ 14.397983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.398005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.398041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.398067] kthread+0x324/0x6e0 [ 14.398087] ? trace_preempt_on+0x20/0xc0 [ 14.398110] ? __pfx_kthread+0x10/0x10 [ 14.398132] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.398154] ? calculate_sigpending+0x7b/0xa0 [ 14.398175] ? __pfx_kthread+0x10/0x10 [ 14.398197] ret_from_fork+0x41/0x80 [ 14.398216] ? __pfx_kthread+0x10/0x10 [ 14.398237] ret_from_fork_asm+0x1a/0x30 [ 14.398268] </TASK> [ 14.398277] [ 14.407356] Allocated by task 249: [ 14.407630] kasan_save_stack+0x45/0x70 [ 14.408134] kasan_save_track+0x18/0x40 [ 14.408285] kasan_save_alloc_info+0x3b/0x50 [ 14.408438] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.408722] remove_element+0x11e/0x190 [ 14.409196] mempool_alloc_preallocated+0x4d/0x90 [ 14.409421] mempool_kmalloc_invalid_free_helper+0x84/0x2e0 [ 14.409816] mempool_kmalloc_invalid_free+0xee/0x140 [ 14.410126] kunit_try_run_case+0x1a6/0x480 [ 14.410348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410604] kthread+0x324/0x6e0 [ 14.410900] ret_from_fork+0x41/0x80 [ 14.411137] ret_from_fork_asm+0x1a/0x30 [ 14.411343] [ 14.411416] The buggy address belongs to the object at ffff888101bd1f00 [ 14.411416] which belongs to the cache kmalloc-128 of size 128 [ 14.411816] The buggy address is located 1 bytes inside of [ 14.411816] 128-byte region [ffff888101bd1f00, ffff888101bd1f80) [ 14.412596] [ 14.412939] The buggy address belongs to the physical page: [ 14.413281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 14.413547] flags: 0x200000000000000(node=0|zone=2) [ 14.413805] page_type: f5(slab) [ 14.414094] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.414501] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 14.414878] page dumped because: kasan: bad access detected [ 14.415304] [ 14.415376] Memory state around the buggy address: [ 14.415562] ffff888101bd1e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.415881] ffff888101bd1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.416190] >ffff888101bd1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.416478] ^ [ 14.416836] ffff888101bd1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.417176] ffff888101bd2000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.417398] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 14.368270] ================================================================== [ 14.368701] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.368942] Free of addr ffff888102898000 by task kunit_try_catch/247 [ 14.369189] [ 14.369624] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.369673] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.369686] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.369707] Call Trace: [ 14.369720] <TASK> [ 14.369743] dump_stack_lvl+0x73/0xb0 [ 14.369770] print_report+0xd1/0x650 [ 14.369791] ? __virt_addr_valid+0x1db/0x2d0 [ 14.369814] ? kasan_addr_to_slab+0x11/0xa0 [ 14.369833] ? mempool_double_free_helper+0x185/0x370 [ 14.369857] kasan_report_invalid_free+0xfc/0x120 [ 14.369879] ? mempool_double_free_helper+0x185/0x370 [ 14.369904] ? mempool_double_free_helper+0x185/0x370 [ 14.369927] __kasan_mempool_poison_pages+0x115/0x130 [ 14.369950] mempool_free+0x290/0x380 [ 14.369972] mempool_double_free_helper+0x185/0x370 [ 14.369994] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.370031] ? finish_task_switch.isra.0+0x153/0x700 [ 14.370059] mempool_page_alloc_double_free+0xe9/0x140 [ 14.370083] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 14.370110] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.370129] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.370152] ? __pfx_read_tsc+0x10/0x10 [ 14.370173] ? ktime_get_ts64+0x86/0x230 [ 14.370198] kunit_try_run_case+0x1a6/0x480 [ 14.370222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.370245] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.370271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.370296] ? __kthread_parkme+0x82/0x160 [ 14.370319] ? preempt_count_sub+0x50/0x80 [ 14.370343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.370366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.370393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.370418] kthread+0x324/0x6e0 [ 14.370440] ? trace_preempt_on+0x20/0xc0 [ 14.370463] ? __pfx_kthread+0x10/0x10 [ 14.370485] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.370507] ? calculate_sigpending+0x7b/0xa0 [ 14.370529] ? __pfx_kthread+0x10/0x10 [ 14.370559] ret_from_fork+0x41/0x80 [ 14.370579] ? __pfx_kthread+0x10/0x10 [ 14.370601] ret_from_fork_asm+0x1a/0x30 [ 14.370632] </TASK> [ 14.370643] [ 14.386985] The buggy address belongs to the physical page: [ 14.387471] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898 [ 14.388093] flags: 0x200000000000000(node=0|zone=2) [ 14.388587] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.389085] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.389526] page dumped because: kasan: bad access detected [ 14.389872] [ 14.389945] Memory state around the buggy address: [ 14.390110] ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.390316] ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.390522] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.390821] ^ [ 14.390990] ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.391276] ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.391555] ================================================================== [ 14.341052] ================================================================== [ 14.341372] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.341783] Free of addr ffff888102898000 by task kunit_try_catch/245 [ 14.342036] [ 14.342121] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.342160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.342171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.342191] Call Trace: [ 14.342205] <TASK> [ 14.342220] dump_stack_lvl+0x73/0xb0 [ 14.342248] print_report+0xd1/0x650 [ 14.342270] ? __virt_addr_valid+0x1db/0x2d0 [ 14.342294] ? kasan_addr_to_slab+0x11/0xa0 [ 14.342314] ? mempool_double_free_helper+0x185/0x370 [ 14.342337] kasan_report_invalid_free+0xfc/0x120 [ 14.342360] ? mempool_double_free_helper+0x185/0x370 [ 14.342387] ? mempool_double_free_helper+0x185/0x370 [ 14.342409] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 14.342433] mempool_free+0x2ec/0x380 [ 14.342455] mempool_double_free_helper+0x185/0x370 [ 14.342479] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.342506] ? finish_task_switch.isra.0+0x153/0x700 [ 14.342534] mempool_kmalloc_large_double_free+0xee/0x140 [ 14.342559] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 14.342586] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.342605] ? __pfx_mempool_kfree+0x10/0x10 [ 14.342626] ? __pfx_read_tsc+0x10/0x10 [ 14.342646] ? ktime_get_ts64+0x86/0x230 [ 14.342682] kunit_try_run_case+0x1a6/0x480 [ 14.342704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342725] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.342749] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.342773] ? __kthread_parkme+0x82/0x160 [ 14.342794] ? preempt_count_sub+0x50/0x80 [ 14.342818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.342841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.342867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.342893] kthread+0x324/0x6e0 [ 14.342913] ? trace_preempt_on+0x20/0xc0 [ 14.342936] ? __pfx_kthread+0x10/0x10 [ 14.342957] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.342979] ? calculate_sigpending+0x7b/0xa0 [ 14.343001] ? __pfx_kthread+0x10/0x10 [ 14.343035] ret_from_fork+0x41/0x80 [ 14.343052] ? __pfx_kthread+0x10/0x10 [ 14.343075] ret_from_fork_asm+0x1a/0x30 [ 14.343104] </TASK> [ 14.343115] [ 14.354487] The buggy address belongs to the physical page: [ 14.355303] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898 [ 14.355907] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.356357] flags: 0x200000000000040(head|node=0|zone=2) [ 14.357031] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.357366] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.357793] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.358107] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.358405] head: 0200000000000002 ffffea00040a2601 ffffffffffffffff 0000000000000000 [ 14.359094] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.359725] page dumped because: kasan: bad access detected [ 14.360165] [ 14.360388] Memory state around the buggy address: [ 14.361067] ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.361455] ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.362210] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.362687] ^ [ 14.362970] ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.363408] ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.364131] ================================================================== [ 14.312936] ================================================================== [ 14.313437] BUG: KASAN: double-free in mempool_double_free_helper+0x185/0x370 [ 14.313910] Free of addr ffff888102a2cd00 by task kunit_try_catch/243 [ 14.314202] [ 14.314312] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.314378] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.314391] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.314412] Call Trace: [ 14.314425] <TASK> [ 14.314440] dump_stack_lvl+0x73/0xb0 [ 14.314471] print_report+0xd1/0x650 [ 14.314495] ? __virt_addr_valid+0x1db/0x2d0 [ 14.314541] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.314654] ? mempool_double_free_helper+0x185/0x370 [ 14.314680] kasan_report_invalid_free+0xfc/0x120 [ 14.314708] ? mempool_double_free_helper+0x185/0x370 [ 14.314736] ? mempool_double_free_helper+0x185/0x370 [ 14.314760] ? mempool_double_free_helper+0x185/0x370 [ 14.314785] check_slab_allocation+0x101/0x130 [ 14.314809] __kasan_mempool_poison_object+0x91/0x1d0 [ 14.314835] mempool_free+0x2ec/0x380 [ 14.314857] ? __wake_up+0x49/0x60 [ 14.314884] mempool_double_free_helper+0x185/0x370 [ 14.314911] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 14.314959] ? finish_task_switch.isra.0+0x153/0x700 [ 14.314989] mempool_kmalloc_double_free+0xee/0x140 [ 14.315025] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 14.315054] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.315076] ? __pfx_mempool_kfree+0x10/0x10 [ 14.315100] ? __pfx_read_tsc+0x10/0x10 [ 14.315125] ? ktime_get_ts64+0x86/0x230 [ 14.315154] kunit_try_run_case+0x1a6/0x480 [ 14.315181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.315205] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.315234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.315260] ? __kthread_parkme+0x82/0x160 [ 14.315285] ? preempt_count_sub+0x50/0x80 [ 14.315312] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.315338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.315395] kthread+0x324/0x6e0 [ 14.315420] ? trace_preempt_on+0x20/0xc0 [ 14.315446] ? __pfx_kthread+0x10/0x10 [ 14.315471] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.315496] ? calculate_sigpending+0x7b/0xa0 [ 14.315521] ? __pfx_kthread+0x10/0x10 [ 14.315595] ret_from_fork+0x41/0x80 [ 14.315621] ? __pfx_kthread+0x10/0x10 [ 14.315646] ret_from_fork_asm+0x1a/0x30 [ 14.315681] </TASK> [ 14.315691] [ 14.324383] Allocated by task 243: [ 14.324565] kasan_save_stack+0x45/0x70 [ 14.324893] kasan_save_track+0x18/0x40 [ 14.325045] kasan_save_alloc_info+0x3b/0x50 [ 14.325267] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.325518] remove_element+0x11e/0x190 [ 14.325789] mempool_alloc_preallocated+0x4d/0x90 [ 14.326055] mempool_double_free_helper+0x8b/0x370 [ 14.326270] mempool_kmalloc_double_free+0xee/0x140 [ 14.326433] kunit_try_run_case+0x1a6/0x480 [ 14.326658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.326855] kthread+0x324/0x6e0 [ 14.327064] ret_from_fork+0x41/0x80 [ 14.327267] ret_from_fork_asm+0x1a/0x30 [ 14.327414] [ 14.327497] Freed by task 243: [ 14.327736] kasan_save_stack+0x45/0x70 [ 14.327938] kasan_save_track+0x18/0x40 [ 14.328098] kasan_save_free_info+0x3f/0x60 [ 14.328242] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.328499] mempool_free+0x2ec/0x380 [ 14.328749] mempool_double_free_helper+0x10a/0x370 [ 14.328991] mempool_kmalloc_double_free+0xee/0x140 [ 14.329230] kunit_try_run_case+0x1a6/0x480 [ 14.329393] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.329833] kthread+0x324/0x6e0 [ 14.330030] ret_from_fork+0x41/0x80 [ 14.330233] ret_from_fork_asm+0x1a/0x30 [ 14.330401] [ 14.330471] The buggy address belongs to the object at ffff888102a2cd00 [ 14.330471] which belongs to the cache kmalloc-128 of size 128 [ 14.331033] The buggy address is located 0 bytes inside of [ 14.331033] 128-byte region [ffff888102a2cd00, ffff888102a2cd80) [ 14.331549] [ 14.331714] The buggy address belongs to the physical page: [ 14.331957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 14.332263] flags: 0x200000000000000(node=0|zone=2) [ 14.332511] page_type: f5(slab) [ 14.332738] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.333082] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.333411] page dumped because: kasan: bad access detected [ 14.333663] [ 14.333782] Memory state around the buggy address: [ 14.333996] ffff888102a2cc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.334265] ffff888102a2cc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334545] >ffff888102a2cd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.335041] ^ [ 14.335217] ffff888102a2cd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.335545] ffff888102a2ce00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.335870] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 14.283880] ================================================================== [ 14.284764] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 14.286318] Read of size 1 at addr ffff888102898000 by task kunit_try_catch/241 [ 14.286836] [ 14.287241] CPU: 1 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.287288] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.287301] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.287439] Call Trace: [ 14.287455] <TASK> [ 14.287472] dump_stack_lvl+0x73/0xb0 [ 14.287501] print_report+0xd1/0x650 [ 14.287521] ? __virt_addr_valid+0x1db/0x2d0 [ 14.287610] ? mempool_uaf_helper+0x394/0x400 [ 14.287637] ? kasan_addr_to_slab+0x11/0xa0 [ 14.287657] ? mempool_uaf_helper+0x394/0x400 [ 14.287691] kasan_report+0x140/0x180 [ 14.287711] ? mempool_uaf_helper+0x394/0x400 [ 14.287737] __asan_report_load1_noabort+0x18/0x20 [ 14.287760] mempool_uaf_helper+0x394/0x400 [ 14.287781] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.287806] ? finish_task_switch.isra.0+0x153/0x700 [ 14.287833] mempool_page_alloc_uaf+0xee/0x140 [ 14.287855] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 14.287881] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 14.287902] ? __pfx_mempool_free_pages+0x10/0x10 [ 14.287924] ? __pfx_read_tsc+0x10/0x10 [ 14.287946] ? ktime_get_ts64+0x86/0x230 [ 14.287971] kunit_try_run_case+0x1a6/0x480 [ 14.287993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288023] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.288047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.288070] ? __kthread_parkme+0x82/0x160 [ 14.288092] ? preempt_count_sub+0x50/0x80 [ 14.288115] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.288137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.288162] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.288187] kthread+0x324/0x6e0 [ 14.288208] ? trace_preempt_on+0x20/0xc0 [ 14.288231] ? __pfx_kthread+0x10/0x10 [ 14.288253] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.288275] ? calculate_sigpending+0x7b/0xa0 [ 14.288297] ? __pfx_kthread+0x10/0x10 [ 14.288319] ret_from_fork+0x41/0x80 [ 14.288338] ? __pfx_kthread+0x10/0x10 [ 14.288359] ret_from_fork_asm+0x1a/0x30 [ 14.288389] </TASK> [ 14.288401] [ 14.303352] The buggy address belongs to the physical page: [ 14.303828] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898 [ 14.304244] flags: 0x200000000000000(node=0|zone=2) [ 14.304782] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 14.305479] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.306105] page dumped because: kasan: bad access detected [ 14.306699] [ 14.306858] Memory state around the buggy address: [ 14.307365] ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.307835] ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.308067] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.308275] ^ [ 14.308391] ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.308713] ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.309392] ================================================================== [ 14.221706] ================================================================== [ 14.222197] BUG: KASAN: use-after-free in mempool_uaf_helper+0x394/0x400 [ 14.222423] Read of size 1 at addr ffff888102898000 by task kunit_try_catch/237 [ 14.222926] [ 14.223141] CPU: 1 UID: 0 PID: 237 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.223185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.223197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.223218] Call Trace: [ 14.223230] <TASK> [ 14.223247] dump_stack_lvl+0x73/0xb0 [ 14.223274] print_report+0xd1/0x650 [ 14.223295] ? __virt_addr_valid+0x1db/0x2d0 [ 14.223317] ? mempool_uaf_helper+0x394/0x400 [ 14.223338] ? kasan_addr_to_slab+0x11/0xa0 [ 14.223359] ? mempool_uaf_helper+0x394/0x400 [ 14.223382] kasan_report+0x140/0x180 [ 14.223403] ? mempool_uaf_helper+0x394/0x400 [ 14.223429] __asan_report_load1_noabort+0x18/0x20 [ 14.223452] mempool_uaf_helper+0x394/0x400 [ 14.223473] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.223498] ? finish_task_switch.isra.0+0x153/0x700 [ 14.223526] mempool_kmalloc_large_uaf+0xf0/0x140 [ 14.223556] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 14.223580] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.223600] ? __pfx_mempool_kfree+0x10/0x10 [ 14.223622] ? __pfx_read_tsc+0x10/0x10 [ 14.223643] ? ktime_get_ts64+0x86/0x230 [ 14.223668] kunit_try_run_case+0x1a6/0x480 [ 14.223691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.223711] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.223736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.223759] ? __kthread_parkme+0x82/0x160 [ 14.223781] ? preempt_count_sub+0x50/0x80 [ 14.223805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.223827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.223853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.223879] kthread+0x324/0x6e0 [ 14.223899] ? trace_preempt_on+0x20/0xc0 [ 14.223923] ? __pfx_kthread+0x10/0x10 [ 14.223944] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.223966] ? calculate_sigpending+0x7b/0xa0 [ 14.223987] ? __pfx_kthread+0x10/0x10 [ 14.224009] ret_from_fork+0x41/0x80 [ 14.224037] ? __pfx_kthread+0x10/0x10 [ 14.224058] ret_from_fork_asm+0x1a/0x30 [ 14.224089] </TASK> [ 14.224099] [ 14.236594] The buggy address belongs to the physical page: [ 14.237153] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102898 [ 14.237906] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.238153] flags: 0x200000000000040(head|node=0|zone=2) [ 14.238342] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.238618] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.239294] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.240067] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.240809] head: 0200000000000002 ffffea00040a2601 ffffffffffffffff 0000000000000000 [ 14.241478] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.242253] page dumped because: kasan: bad access detected [ 14.242824] [ 14.242904] Memory state around the buggy address: [ 14.243073] ffff888102897f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.243288] ffff888102897f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.243506] >ffff888102898000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.243749] ^ [ 14.243929] ffff888102898080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.244244] ffff888102898100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.244478] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 14.249333] ================================================================== [ 14.250253] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 14.251105] Read of size 1 at addr ffff888102a3d240 by task kunit_try_catch/239 [ 14.251748] [ 14.251977] CPU: 0 UID: 0 PID: 239 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.252040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.252055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.252084] Call Trace: [ 14.252098] <TASK> [ 14.252118] dump_stack_lvl+0x73/0xb0 [ 14.252156] print_report+0xd1/0x650 [ 14.252183] ? __virt_addr_valid+0x1db/0x2d0 [ 14.252212] ? mempool_uaf_helper+0x394/0x400 [ 14.252240] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.252273] ? mempool_uaf_helper+0x394/0x400 [ 14.252301] kasan_report+0x140/0x180 [ 14.252328] ? mempool_uaf_helper+0x394/0x400 [ 14.252361] __asan_report_load1_noabort+0x18/0x20 [ 14.252391] mempool_uaf_helper+0x394/0x400 [ 14.252419] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.252451] ? finish_task_switch.isra.0+0x153/0x700 [ 14.252486] mempool_slab_uaf+0xeb/0x140 [ 14.252514] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 14.252545] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.252573] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.252601] ? __pfx_read_tsc+0x10/0x10 [ 14.252628] ? ktime_get_ts64+0x86/0x230 [ 14.252659] kunit_try_run_case+0x1a6/0x480 [ 14.252689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252717] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.252748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.252778] ? __kthread_parkme+0x82/0x160 [ 14.252806] ? preempt_count_sub+0x50/0x80 [ 14.252836] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.252897] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.252931] kthread+0x324/0x6e0 [ 14.252956] ? trace_preempt_on+0x20/0xc0 [ 14.252985] ? __pfx_kthread+0x10/0x10 [ 14.253012] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.253048] ? calculate_sigpending+0x7b/0xa0 [ 14.253076] ? __pfx_kthread+0x10/0x10 [ 14.253103] ret_from_fork+0x41/0x80 [ 14.253128] ? __pfx_kthread+0x10/0x10 [ 14.253155] ret_from_fork_asm+0x1a/0x30 [ 14.253194] </TASK> [ 14.253206] [ 14.264872] Allocated by task 239: [ 14.265066] kasan_save_stack+0x45/0x70 [ 14.265216] kasan_save_track+0x18/0x40 [ 14.265356] kasan_save_alloc_info+0x3b/0x50 [ 14.265509] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.265765] remove_element+0x11e/0x190 [ 14.266201] mempool_alloc_preallocated+0x4d/0x90 [ 14.266444] mempool_uaf_helper+0x97/0x400 [ 14.266754] mempool_slab_uaf+0xeb/0x140 [ 14.266903] kunit_try_run_case+0x1a6/0x480 [ 14.267085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.267350] kthread+0x324/0x6e0 [ 14.267526] ret_from_fork+0x41/0x80 [ 14.267759] ret_from_fork_asm+0x1a/0x30 [ 14.267964] [ 14.268073] Freed by task 239: [ 14.268235] kasan_save_stack+0x45/0x70 [ 14.268404] kasan_save_track+0x18/0x40 [ 14.268589] kasan_save_free_info+0x3f/0x60 [ 14.268766] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.268970] mempool_free+0x2ec/0x380 [ 14.269122] mempool_uaf_helper+0x11b/0x400 [ 14.269333] mempool_slab_uaf+0xeb/0x140 [ 14.269518] kunit_try_run_case+0x1a6/0x480 [ 14.269665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.269853] kthread+0x324/0x6e0 [ 14.269996] ret_from_fork+0x41/0x80 [ 14.270231] ret_from_fork_asm+0x1a/0x30 [ 14.270557] [ 14.270765] The buggy address belongs to the object at ffff888102a3d240 [ 14.270765] which belongs to the cache test_cache of size 123 [ 14.271257] The buggy address is located 0 bytes inside of [ 14.271257] freed 123-byte region [ffff888102a3d240, ffff888102a3d2bb) [ 14.271753] [ 14.271854] The buggy address belongs to the physical page: [ 14.272128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3d [ 14.272475] flags: 0x200000000000000(node=0|zone=2) [ 14.272890] page_type: f5(slab) [ 14.273088] raw: 0200000000000000 ffff888101beb140 dead000000000122 0000000000000000 [ 14.273358] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.273837] page dumped because: kasan: bad access detected [ 14.274082] [ 14.274181] Memory state around the buggy address: [ 14.274385] ffff888102a3d100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.274608] ffff888102a3d180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.274841] >ffff888102a3d200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.275253] ^ [ 14.275504] ffff888102a3d280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.275890] ffff888102a3d300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.276118] ================================================================== [ 14.188915] ================================================================== [ 14.189671] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x394/0x400 [ 14.190188] Read of size 1 at addr ffff888102a2c900 by task kunit_try_catch/235 [ 14.190489] [ 14.190618] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.190663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.190676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.190697] Call Trace: [ 14.190710] <TASK> [ 14.190726] dump_stack_lvl+0x73/0xb0 [ 14.190758] print_report+0xd1/0x650 [ 14.190784] ? __virt_addr_valid+0x1db/0x2d0 [ 14.190812] ? mempool_uaf_helper+0x394/0x400 [ 14.190837] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.190866] ? mempool_uaf_helper+0x394/0x400 [ 14.190891] kasan_report+0x140/0x180 [ 14.190916] ? mempool_uaf_helper+0x394/0x400 [ 14.190946] __asan_report_load1_noabort+0x18/0x20 [ 14.190973] mempool_uaf_helper+0x394/0x400 [ 14.190999] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 14.191048] ? finish_task_switch.isra.0+0x153/0x700 [ 14.191080] mempool_kmalloc_uaf+0xf0/0x140 [ 14.191106] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 14.191132] ? __kasan_check_write+0x18/0x20 [ 14.191159] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.191183] ? __pfx_mempool_kfree+0x10/0x10 [ 14.191208] ? __pfx_read_tsc+0x10/0x10 [ 14.191232] ? ktime_get_ts64+0x86/0x230 [ 14.191258] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 14.191291] kunit_try_run_case+0x1a6/0x480 [ 14.191319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.191345] ? queued_spin_lock_slowpath+0x117/0xb40 [ 14.191375] ? __kthread_parkme+0x82/0x160 [ 14.191402] ? preempt_count_sub+0x50/0x80 [ 14.191430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.191457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.191486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.191515] kthread+0x324/0x6e0 [ 14.191539] ? trace_preempt_on+0x20/0xc0 [ 14.191599] ? __pfx_kthread+0x10/0x10 [ 14.191628] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.191655] ? calculate_sigpending+0x7b/0xa0 [ 14.191681] ? __pfx_kthread+0x10/0x10 [ 14.191707] ret_from_fork+0x41/0x80 [ 14.191729] ? __pfx_kthread+0x10/0x10 [ 14.191753] ret_from_fork_asm+0x1a/0x30 [ 14.191789] </TASK> [ 14.191800] [ 14.202278] Allocated by task 235: [ 14.202473] kasan_save_stack+0x45/0x70 [ 14.203128] kasan_save_track+0x18/0x40 [ 14.203398] kasan_save_alloc_info+0x3b/0x50 [ 14.203855] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.204119] remove_element+0x11e/0x190 [ 14.204308] mempool_alloc_preallocated+0x4d/0x90 [ 14.204519] mempool_uaf_helper+0x97/0x400 [ 14.205161] mempool_kmalloc_uaf+0xf0/0x140 [ 14.205438] kunit_try_run_case+0x1a6/0x480 [ 14.205876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206336] kthread+0x324/0x6e0 [ 14.206579] ret_from_fork+0x41/0x80 [ 14.206907] ret_from_fork_asm+0x1a/0x30 [ 14.207135] [ 14.207209] Freed by task 235: [ 14.207324] kasan_save_stack+0x45/0x70 [ 14.207469] kasan_save_track+0x18/0x40 [ 14.207605] kasan_save_free_info+0x3f/0x60 [ 14.207754] __kasan_mempool_poison_object+0x131/0x1d0 [ 14.207925] mempool_free+0x2ec/0x380 [ 14.208070] mempool_uaf_helper+0x11b/0x400 [ 14.208224] mempool_kmalloc_uaf+0xf0/0x140 [ 14.208371] kunit_try_run_case+0x1a6/0x480 [ 14.208984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.209187] kthread+0x324/0x6e0 [ 14.209313] ret_from_fork+0x41/0x80 [ 14.209502] ret_from_fork_asm+0x1a/0x30 [ 14.210078] [ 14.210329] The buggy address belongs to the object at ffff888102a2c900 [ 14.210329] which belongs to the cache kmalloc-128 of size 128 [ 14.211241] The buggy address is located 0 bytes inside of [ 14.211241] freed 128-byte region [ffff888102a2c900, ffff888102a2c980) [ 14.212125] [ 14.212224] The buggy address belongs to the physical page: [ 14.212466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 14.213118] flags: 0x200000000000000(node=0|zone=2) [ 14.213486] page_type: f5(slab) [ 14.213704] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.214260] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.214847] page dumped because: kasan: bad access detected [ 14.215065] [ 14.215138] Memory state around the buggy address: [ 14.215292] ffff888102a2c800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.215888] ffff888102a2c880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.216385] >ffff888102a2c900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.216936] ^ [ 14.217382] ffff888102a2c980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.217808] ffff888102a2ca00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.218235] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 14.146535] ================================================================== [ 14.148060] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 14.149230] Read of size 1 at addr ffff888101bf12bb by task kunit_try_catch/233 [ 14.150217] [ 14.150508] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.150672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.150689] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.150711] Call Trace: [ 14.150724] <TASK> [ 14.150741] dump_stack_lvl+0x73/0xb0 [ 14.150771] print_report+0xd1/0x650 [ 14.150795] ? __virt_addr_valid+0x1db/0x2d0 [ 14.150856] ? mempool_oob_right_helper+0x31a/0x380 [ 14.150879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.150905] ? mempool_oob_right_helper+0x31a/0x380 [ 14.150927] kasan_report+0x140/0x180 [ 14.150948] ? mempool_oob_right_helper+0x31a/0x380 [ 14.150975] __asan_report_load1_noabort+0x18/0x20 [ 14.150998] mempool_oob_right_helper+0x31a/0x380 [ 14.151033] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.151060] ? finish_task_switch.isra.0+0x153/0x700 [ 14.151088] mempool_slab_oob_right+0xee/0x140 [ 14.151111] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 14.151136] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 14.151157] ? __pfx_mempool_free_slab+0x10/0x10 [ 14.151179] ? __pfx_read_tsc+0x10/0x10 [ 14.151201] ? ktime_get_ts64+0x86/0x230 [ 14.151226] kunit_try_run_case+0x1a6/0x480 [ 14.151250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.151270] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.151295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.151318] ? __kthread_parkme+0x82/0x160 [ 14.151341] ? preempt_count_sub+0x50/0x80 [ 14.151364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.151387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.151412] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.151438] kthread+0x324/0x6e0 [ 14.151458] ? trace_preempt_on+0x20/0xc0 [ 14.151482] ? __pfx_kthread+0x10/0x10 [ 14.151504] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.151526] ? calculate_sigpending+0x7b/0xa0 [ 14.151569] ? __pfx_kthread+0x10/0x10 [ 14.151592] ret_from_fork+0x41/0x80 [ 14.151611] ? __pfx_kthread+0x10/0x10 [ 14.151632] ret_from_fork_asm+0x1a/0x30 [ 14.151664] </TASK> [ 14.151675] [ 14.169270] Allocated by task 233: [ 14.169412] kasan_save_stack+0x45/0x70 [ 14.169561] kasan_save_track+0x18/0x40 [ 14.169695] kasan_save_alloc_info+0x3b/0x50 [ 14.169850] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 14.170031] remove_element+0x11e/0x190 [ 14.170166] mempool_alloc_preallocated+0x4d/0x90 [ 14.170323] mempool_oob_right_helper+0x8b/0x380 [ 14.170485] mempool_slab_oob_right+0xee/0x140 [ 14.170639] kunit_try_run_case+0x1a6/0x480 [ 14.170784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.170960] kthread+0x324/0x6e0 [ 14.171395] ret_from_fork+0x41/0x80 [ 14.171622] ret_from_fork_asm+0x1a/0x30 [ 14.171984] [ 14.172098] The buggy address belongs to the object at ffff888101bf1240 [ 14.172098] which belongs to the cache test_cache of size 123 [ 14.172458] The buggy address is located 0 bytes to the right of [ 14.172458] allocated 123-byte region [ffff888101bf1240, ffff888101bf12bb) [ 14.173516] [ 14.173762] The buggy address belongs to the physical page: [ 14.174251] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bf1 [ 14.175274] flags: 0x200000000000000(node=0|zone=2) [ 14.175498] page_type: f5(slab) [ 14.175640] raw: 0200000000000000 ffff888101b62b40 dead000000000122 0000000000000000 [ 14.175958] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 14.177495] page dumped because: kasan: bad access detected [ 14.177691] [ 14.177773] Memory state around the buggy address: [ 14.177930] ffff888101bf1180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.178157] ffff888101bf1200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 14.179254] >ffff888101bf1280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 14.179636] ^ [ 14.179883] ffff888101bf1300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180249] ffff888101bf1380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.180625] ================================================================== [ 14.097990] ================================================================== [ 14.098431] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 14.098830] Read of size 1 at addr ffff888102a2c573 by task kunit_try_catch/229 [ 14.099192] [ 14.099311] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.099356] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.099404] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.099452] Call Trace: [ 14.099476] <TASK> [ 14.099497] dump_stack_lvl+0x73/0xb0 [ 14.099580] print_report+0xd1/0x650 [ 14.099625] ? __virt_addr_valid+0x1db/0x2d0 [ 14.099654] ? mempool_oob_right_helper+0x31a/0x380 [ 14.099681] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.099710] ? mempool_oob_right_helper+0x31a/0x380 [ 14.099736] kasan_report+0x140/0x180 [ 14.099760] ? mempool_oob_right_helper+0x31a/0x380 [ 14.099791] __asan_report_load1_noabort+0x18/0x20 [ 14.099816] mempool_oob_right_helper+0x31a/0x380 [ 14.099843] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.099872] ? finish_task_switch.isra.0+0x153/0x700 [ 14.099905] mempool_kmalloc_oob_right+0xf3/0x150 [ 14.099932] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 14.099959] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.099985] ? __pfx_mempool_kfree+0x10/0x10 [ 14.100009] ? __pfx_read_tsc+0x10/0x10 [ 14.100043] ? ktime_get_ts64+0x86/0x230 [ 14.100073] kunit_try_run_case+0x1a6/0x480 [ 14.100102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.100127] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.100156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.100184] ? __kthread_parkme+0x82/0x160 [ 14.100211] ? preempt_count_sub+0x50/0x80 [ 14.100238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.100264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.100294] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.100322] kthread+0x324/0x6e0 [ 14.100346] ? trace_preempt_on+0x20/0xc0 [ 14.100374] ? __pfx_kthread+0x10/0x10 [ 14.100398] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.100424] ? calculate_sigpending+0x7b/0xa0 [ 14.100450] ? __pfx_kthread+0x10/0x10 [ 14.100475] ret_from_fork+0x41/0x80 [ 14.100497] ? __pfx_kthread+0x10/0x10 [ 14.100522] ret_from_fork_asm+0x1a/0x30 [ 14.100558] </TASK> [ 14.100569] [ 14.110216] Allocated by task 229: [ 14.110611] kasan_save_stack+0x45/0x70 [ 14.110833] kasan_save_track+0x18/0x40 [ 14.111089] kasan_save_alloc_info+0x3b/0x50 [ 14.111361] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 14.111742] remove_element+0x11e/0x190 [ 14.111991] mempool_alloc_preallocated+0x4d/0x90 [ 14.112253] mempool_oob_right_helper+0x8b/0x380 [ 14.112530] mempool_kmalloc_oob_right+0xf3/0x150 [ 14.112729] kunit_try_run_case+0x1a6/0x480 [ 14.112945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.113192] kthread+0x324/0x6e0 [ 14.113362] ret_from_fork+0x41/0x80 [ 14.113548] ret_from_fork_asm+0x1a/0x30 [ 14.113729] [ 14.113827] The buggy address belongs to the object at ffff888102a2c500 [ 14.113827] which belongs to the cache kmalloc-128 of size 128 [ 14.114325] The buggy address is located 0 bytes to the right of [ 14.114325] allocated 115-byte region [ffff888102a2c500, ffff888102a2c573) [ 14.114969] [ 14.115112] The buggy address belongs to the physical page: [ 14.115401] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 14.115848] flags: 0x200000000000000(node=0|zone=2) [ 14.116093] page_type: f5(slab) [ 14.116251] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.117071] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.117358] page dumped because: kasan: bad access detected [ 14.117690] [ 14.117785] Memory state around the buggy address: [ 14.118125] ffff888102a2c400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.118416] ffff888102a2c480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.118852] >ffff888102a2c500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.119125] ^ [ 14.119408] ffff888102a2c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.119969] ffff888102a2c600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.120231] ================================================================== [ 14.124118] ================================================================== [ 14.124582] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x31a/0x380 [ 14.125158] Read of size 1 at addr ffff888102cda001 by task kunit_try_catch/231 [ 14.125509] [ 14.125796] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 14.125842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.125854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.125875] Call Trace: [ 14.125887] <TASK> [ 14.125904] dump_stack_lvl+0x73/0xb0 [ 14.125936] print_report+0xd1/0x650 [ 14.125963] ? __virt_addr_valid+0x1db/0x2d0 [ 14.125989] ? mempool_oob_right_helper+0x31a/0x380 [ 14.126027] ? kasan_addr_to_slab+0x11/0xa0 [ 14.126071] ? mempool_oob_right_helper+0x31a/0x380 [ 14.126097] kasan_report+0x140/0x180 [ 14.126123] ? mempool_oob_right_helper+0x31a/0x380 [ 14.126153] __asan_report_load1_noabort+0x18/0x20 [ 14.126181] mempool_oob_right_helper+0x31a/0x380 [ 14.126208] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 14.126237] ? finish_task_switch.isra.0+0x153/0x700 [ 14.126268] mempool_kmalloc_large_oob_right+0xf3/0x150 [ 14.126296] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 14.126326] ? __pfx_mempool_kmalloc+0x10/0x10 [ 14.126350] ? __pfx_mempool_kfree+0x10/0x10 [ 14.126374] ? __pfx_read_tsc+0x10/0x10 [ 14.126398] ? ktime_get_ts64+0x86/0x230 [ 14.126427] kunit_try_run_case+0x1a6/0x480 [ 14.126454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126479] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 14.126507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.126535] ? __kthread_parkme+0x82/0x160 [ 14.126561] ? preempt_count_sub+0x50/0x80 [ 14.126589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.126646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.126675] kthread+0x324/0x6e0 [ 14.126699] ? trace_preempt_on+0x20/0xc0 [ 14.126726] ? __pfx_kthread+0x10/0x10 [ 14.126751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.126777] ? calculate_sigpending+0x7b/0xa0 [ 14.126803] ? __pfx_kthread+0x10/0x10 [ 14.126829] ret_from_fork+0x41/0x80 [ 14.126852] ? __pfx_kthread+0x10/0x10 [ 14.126876] ret_from_fork_asm+0x1a/0x30 [ 14.126912] </TASK> [ 14.126922] [ 14.136281] The buggy address belongs to the physical page: [ 14.136527] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102cd8 [ 14.136930] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 14.137164] flags: 0x200000000000040(head|node=0|zone=2) [ 14.137355] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.137807] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.138378] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 14.138906] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 14.139236] head: 0200000000000002 ffffea00040b3601 ffffffffffffffff 0000000000000000 [ 14.139489] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 14.140010] page dumped because: kasan: bad access detected [ 14.140295] [ 14.140374] Memory state around the buggy address: [ 14.140666] ffff888102cd9f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.140987] ffff888102cd9f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.141317] >ffff888102cda000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.141650] ^ [ 14.141967] ffff888102cda080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.142249] ffff888102cda100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 14.142521] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 13.530679] ================================================================== [ 13.531275] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bd/0x380 [ 13.531539] Read of size 1 at addr ffff888101b628c0 by task kunit_try_catch/223 [ 13.532407] [ 13.532586] CPU: 1 UID: 0 PID: 223 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.532629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.532641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.532664] Call Trace: [ 13.532677] <TASK> [ 13.532695] dump_stack_lvl+0x73/0xb0 [ 13.532724] print_report+0xd1/0x650 [ 13.532745] ? __virt_addr_valid+0x1db/0x2d0 [ 13.532769] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.532792] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.532818] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.532843] kasan_report+0x140/0x180 [ 13.532902] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.532931] ? kmem_cache_double_destroy+0x1bd/0x380 [ 13.532956] __kasan_check_byte+0x3d/0x50 [ 13.532978] kmem_cache_destroy+0x25/0x1d0 [ 13.533000] kmem_cache_double_destroy+0x1bd/0x380 [ 13.533036] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 13.533060] ? finish_task_switch.isra.0+0x153/0x700 [ 13.533084] ? __switch_to+0x5d9/0xf60 [ 13.533110] ? __pfx_empty_cache_ctor+0x10/0x10 [ 13.533131] ? __pfx_read_tsc+0x10/0x10 [ 13.533152] ? ktime_get_ts64+0x86/0x230 [ 13.533178] kunit_try_run_case+0x1a6/0x480 [ 13.533202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.533224] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.533248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.533273] ? __kthread_parkme+0x82/0x160 [ 13.533295] ? preempt_count_sub+0x50/0x80 [ 13.533319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.533342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.533368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.533395] kthread+0x324/0x6e0 [ 13.533415] ? trace_preempt_on+0x20/0xc0 [ 13.533440] ? __pfx_kthread+0x10/0x10 [ 13.533461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.533484] ? calculate_sigpending+0x7b/0xa0 [ 13.533507] ? __pfx_kthread+0x10/0x10 [ 13.533529] ret_from_fork+0x41/0x80 [ 13.533548] ? __pfx_kthread+0x10/0x10 [ 13.533569] ret_from_fork_asm+0x1a/0x30 [ 13.533601] </TASK> [ 13.533611] [ 13.546272] Allocated by task 223: [ 13.546403] kasan_save_stack+0x45/0x70 [ 13.546549] kasan_save_track+0x18/0x40 [ 13.546688] kasan_save_alloc_info+0x3b/0x50 [ 13.547035] __kasan_slab_alloc+0x91/0xa0 [ 13.547181] kmem_cache_alloc_noprof+0x124/0x400 [ 13.547332] __kmem_cache_create_args+0x177/0x250 [ 13.547481] kmem_cache_double_destroy+0xd3/0x380 [ 13.547633] kunit_try_run_case+0x1a6/0x480 [ 13.548143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.548359] kthread+0x324/0x6e0 [ 13.548516] ret_from_fork+0x41/0x80 [ 13.548929] ret_from_fork_asm+0x1a/0x30 [ 13.549112] [ 13.549202] Freed by task 223: [ 13.549348] kasan_save_stack+0x45/0x70 [ 13.549519] kasan_save_track+0x18/0x40 [ 13.550053] kasan_save_free_info+0x3f/0x60 [ 13.550458] __kasan_slab_free+0x56/0x70 [ 13.550773] kmem_cache_free+0x24b/0x420 [ 13.551113] slab_kmem_cache_release+0x2e/0x40 [ 13.551342] kmem_cache_release+0x16/0x20 [ 13.551812] kobject_put+0x181/0x450 [ 13.552172] sysfs_slab_release+0x16/0x20 [ 13.552567] kmem_cache_destroy+0xf0/0x1d0 [ 13.552891] kmem_cache_double_destroy+0x14c/0x380 [ 13.553258] kunit_try_run_case+0x1a6/0x480 [ 13.553457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.554105] kthread+0x324/0x6e0 [ 13.554323] ret_from_fork+0x41/0x80 [ 13.554638] ret_from_fork_asm+0x1a/0x30 [ 13.555116] [ 13.555364] The buggy address belongs to the object at ffff888101b628c0 [ 13.555364] which belongs to the cache kmem_cache of size 208 [ 13.556286] The buggy address is located 0 bytes inside of [ 13.556286] freed 208-byte region [ffff888101b628c0, ffff888101b62990) [ 13.557232] [ 13.557346] The buggy address belongs to the physical page: [ 13.557794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b62 [ 13.558242] flags: 0x200000000000000(node=0|zone=2) [ 13.558462] page_type: f5(slab) [ 13.558872] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 13.559553] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 13.559870] page dumped because: kasan: bad access detected [ 13.560101] [ 13.560185] Memory state around the buggy address: [ 13.560390] ffff888101b62780: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.561039] ffff888101b62800: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 13.561559] >ffff888101b62880: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.562230] ^ [ 13.562547] ffff888101b62900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.563240] ffff888101b62980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.563515] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 13.484746] ================================================================== [ 13.485818] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.486289] Read of size 1 at addr ffff888101beb000 by task kunit_try_catch/221 [ 13.487033] [ 13.487136] CPU: 1 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.487179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.487191] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.487211] Call Trace: [ 13.487236] <TASK> [ 13.487255] dump_stack_lvl+0x73/0xb0 [ 13.487285] print_report+0xd1/0x650 [ 13.487319] ? __virt_addr_valid+0x1db/0x2d0 [ 13.487344] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.487365] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.487390] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.487412] kasan_report+0x140/0x180 [ 13.487433] ? kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.487459] __asan_report_load1_noabort+0x18/0x20 [ 13.487481] kmem_cache_rcu_uaf+0x3e5/0x510 [ 13.487502] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 13.487523] ? finish_task_switch.isra.0+0x153/0x700 [ 13.487547] ? __switch_to+0x5d9/0xf60 [ 13.487576] ? __pfx_read_tsc+0x10/0x10 [ 13.487597] ? ktime_get_ts64+0x86/0x230 [ 13.487622] kunit_try_run_case+0x1a6/0x480 [ 13.487647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.487667] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.487692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.487714] ? __kthread_parkme+0x82/0x160 [ 13.487737] ? preempt_count_sub+0x50/0x80 [ 13.487760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.487782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.487807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.487832] kthread+0x324/0x6e0 [ 13.487853] ? trace_preempt_on+0x20/0xc0 [ 13.487877] ? __pfx_kthread+0x10/0x10 [ 13.487898] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.487919] ? calculate_sigpending+0x7b/0xa0 [ 13.487941] ? __pfx_kthread+0x10/0x10 [ 13.487962] ret_from_fork+0x41/0x80 [ 13.487980] ? __pfx_kthread+0x10/0x10 [ 13.488002] ret_from_fork_asm+0x1a/0x30 [ 13.488043] </TASK> [ 13.488053] [ 13.496439] Allocated by task 221: [ 13.496630] kasan_save_stack+0x45/0x70 [ 13.496814] kasan_save_track+0x18/0x40 [ 13.497000] kasan_save_alloc_info+0x3b/0x50 [ 13.497157] __kasan_slab_alloc+0x91/0xa0 [ 13.497295] kmem_cache_alloc_noprof+0x124/0x400 [ 13.497500] kmem_cache_rcu_uaf+0x156/0x510 [ 13.497754] kunit_try_run_case+0x1a6/0x480 [ 13.497969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.498237] kthread+0x324/0x6e0 [ 13.498390] ret_from_fork+0x41/0x80 [ 13.498521] ret_from_fork_asm+0x1a/0x30 [ 13.498758] [ 13.498836] Freed by task 0: [ 13.498987] kasan_save_stack+0x45/0x70 [ 13.499162] kasan_save_track+0x18/0x40 [ 13.499326] kasan_save_free_info+0x3f/0x60 [ 13.499514] __kasan_slab_free+0x56/0x70 [ 13.499888] slab_free_after_rcu_debug+0xe4/0x310 [ 13.500100] rcu_core+0x680/0x1d70 [ 13.500225] rcu_core_si+0x12/0x20 [ 13.500345] handle_softirqs+0x209/0x730 [ 13.500482] __irq_exit_rcu+0xc9/0x110 [ 13.500612] irq_exit_rcu+0x12/0x20 [ 13.500757] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.501359] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.501692] [ 13.501806] Last potentially related work creation: [ 13.502050] kasan_save_stack+0x45/0x70 [ 13.502249] kasan_record_aux_stack+0xb2/0xc0 [ 13.502461] kmem_cache_free+0x132/0x420 [ 13.502763] kmem_cache_rcu_uaf+0x195/0x510 [ 13.502948] kunit_try_run_case+0x1a6/0x480 [ 13.503124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.503327] kthread+0x324/0x6e0 [ 13.503499] ret_from_fork+0x41/0x80 [ 13.503847] ret_from_fork_asm+0x1a/0x30 [ 13.503996] [ 13.504078] The buggy address belongs to the object at ffff888101beb000 [ 13.504078] which belongs to the cache test_cache of size 200 [ 13.505050] The buggy address is located 0 bytes inside of [ 13.505050] freed 200-byte region [ffff888101beb000, ffff888101beb0c8) [ 13.505547] [ 13.505919] The buggy address belongs to the physical page: [ 13.506408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101beb [ 13.507054] flags: 0x200000000000000(node=0|zone=2) [ 13.507288] page_type: f5(slab) [ 13.507450] raw: 0200000000000000 ffff888101b62780 dead000000000122 0000000000000000 [ 13.508402] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.508891] page dumped because: kasan: bad access detected [ 13.509132] [ 13.509225] Memory state around the buggy address: [ 13.509429] ffff888101beaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.510232] ffff888101beaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.510757] >ffff888101beb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.511209] ^ [ 13.511366] ffff888101beb080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.512221] ffff888101beb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.512709] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 13.414792] ================================================================== [ 13.415966] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d9/0x470 [ 13.417181] Free of addr ffff888102a35001 by task kunit_try_catch/219 [ 13.417463] [ 13.417576] CPU: 0 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.417618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.417630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.417651] Call Trace: [ 13.417666] <TASK> [ 13.417685] dump_stack_lvl+0x73/0xb0 [ 13.417717] print_report+0xd1/0x650 [ 13.417747] ? __virt_addr_valid+0x1db/0x2d0 [ 13.417773] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.417800] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.417827] kasan_report_invalid_free+0xfc/0x120 [ 13.417852] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.417880] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.417905] check_slab_allocation+0x11f/0x130 [ 13.417929] __kasan_slab_pre_free+0x28/0x40 [ 13.417951] kmem_cache_free+0xee/0x420 [ 13.417972] ? kmem_cache_alloc_noprof+0x124/0x400 [ 13.417994] ? kmem_cache_invalid_free+0x1d9/0x470 [ 13.418035] kmem_cache_invalid_free+0x1d9/0x470 [ 13.418061] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 13.418086] ? finish_task_switch.isra.0+0x153/0x700 [ 13.418112] ? __switch_to+0x5d9/0xf60 [ 13.418423] ? __pfx_read_tsc+0x10/0x10 [ 13.418458] ? ktime_get_ts64+0x86/0x230 [ 13.418487] kunit_try_run_case+0x1a6/0x480 [ 13.418514] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418538] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.418565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.418590] ? __kthread_parkme+0x82/0x160 [ 13.418615] ? preempt_count_sub+0x50/0x80 [ 13.418642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.418666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.418695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.418722] kthread+0x324/0x6e0 [ 13.418746] ? trace_preempt_on+0x20/0xc0 [ 13.418772] ? __pfx_kthread+0x10/0x10 [ 13.418796] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.418821] ? calculate_sigpending+0x7b/0xa0 [ 13.418846] ? __pfx_kthread+0x10/0x10 [ 13.418870] ret_from_fork+0x41/0x80 [ 13.418891] ? __pfx_kthread+0x10/0x10 [ 13.418915] ret_from_fork_asm+0x1a/0x30 [ 13.418949] </TASK> [ 13.418960] [ 13.432423] Allocated by task 219: [ 13.432622] kasan_save_stack+0x45/0x70 [ 13.433278] kasan_save_track+0x18/0x40 [ 13.433485] kasan_save_alloc_info+0x3b/0x50 [ 13.433767] __kasan_slab_alloc+0x91/0xa0 [ 13.434284] kmem_cache_alloc_noprof+0x124/0x400 [ 13.434599] kmem_cache_invalid_free+0x158/0x470 [ 13.434836] kunit_try_run_case+0x1a6/0x480 [ 13.435404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.435808] kthread+0x324/0x6e0 [ 13.435987] ret_from_fork+0x41/0x80 [ 13.436330] ret_from_fork_asm+0x1a/0x30 [ 13.436668] [ 13.436772] The buggy address belongs to the object at ffff888102a35000 [ 13.436772] which belongs to the cache test_cache of size 200 [ 13.437293] The buggy address is located 1 bytes inside of [ 13.437293] 200-byte region [ffff888102a35000, ffff888102a350c8) [ 13.438166] [ 13.438274] The buggy address belongs to the physical page: [ 13.438484] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a35 [ 13.439241] flags: 0x200000000000000(node=0|zone=2) [ 13.439447] page_type: f5(slab) [ 13.439907] raw: 0200000000000000 ffff888101689dc0 dead000000000122 0000000000000000 [ 13.440295] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.440807] page dumped because: kasan: bad access detected [ 13.441034] [ 13.441149] Memory state around the buggy address: [ 13.441439] ffff888102a34f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.442071] ffff888102a34f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.442443] >ffff888102a35000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.442830] ^ [ 13.443269] ffff888102a35080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.443709] ffff888102a35100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.444086] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 13.367258] ================================================================== [ 13.368073] BUG: KASAN: double-free in kmem_cache_double_free+0x1e6/0x490 [ 13.368306] Free of addr ffff888102a33000 by task kunit_try_catch/217 [ 13.368501] [ 13.368612] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.368653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.368666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.368688] Call Trace: [ 13.368700] <TASK> [ 13.368717] dump_stack_lvl+0x73/0xb0 [ 13.368746] print_report+0xd1/0x650 [ 13.368770] ? __virt_addr_valid+0x1db/0x2d0 [ 13.368796] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.368823] ? kmem_cache_double_free+0x1e6/0x490 [ 13.368850] kasan_report_invalid_free+0xfc/0x120 [ 13.368875] ? kmem_cache_double_free+0x1e6/0x490 [ 13.368903] ? kmem_cache_double_free+0x1e6/0x490 [ 13.368929] check_slab_allocation+0x101/0x130 [ 13.368952] __kasan_slab_pre_free+0x28/0x40 [ 13.368974] kmem_cache_free+0xee/0x420 [ 13.368996] ? kmem_cache_alloc_noprof+0x124/0x400 [ 13.369028] ? kmem_cache_double_free+0x1e6/0x490 [ 13.369057] kmem_cache_double_free+0x1e6/0x490 [ 13.369083] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 13.369108] ? finish_task_switch.isra.0+0x153/0x700 [ 13.369134] ? __switch_to+0x5d9/0xf60 [ 13.369166] ? __pfx_read_tsc+0x10/0x10 [ 13.369190] ? ktime_get_ts64+0x86/0x230 [ 13.369218] kunit_try_run_case+0x1a6/0x480 [ 13.369244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.369268] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.369295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.369321] ? __kthread_parkme+0x82/0x160 [ 13.369345] ? preempt_count_sub+0x50/0x80 [ 13.369371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.369397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.369425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.369453] kthread+0x324/0x6e0 [ 13.369477] ? trace_preempt_on+0x20/0xc0 [ 13.369503] ? __pfx_kthread+0x10/0x10 [ 13.369527] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.369551] ? calculate_sigpending+0x7b/0xa0 [ 13.369576] ? __pfx_kthread+0x10/0x10 [ 13.369601] ret_from_fork+0x41/0x80 [ 13.369622] ? __pfx_kthread+0x10/0x10 [ 13.369647] ret_from_fork_asm+0x1a/0x30 [ 13.369681] </TASK> [ 13.369691] [ 13.384416] Allocated by task 217: [ 13.384554] kasan_save_stack+0x45/0x70 [ 13.384914] kasan_save_track+0x18/0x40 [ 13.385268] kasan_save_alloc_info+0x3b/0x50 [ 13.385641] __kasan_slab_alloc+0x91/0xa0 [ 13.386084] kmem_cache_alloc_noprof+0x124/0x400 [ 13.386498] kmem_cache_double_free+0x150/0x490 [ 13.386964] kunit_try_run_case+0x1a6/0x480 [ 13.387343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.387943] kthread+0x324/0x6e0 [ 13.388307] ret_from_fork+0x41/0x80 [ 13.388715] ret_from_fork_asm+0x1a/0x30 [ 13.388897] [ 13.388967] Freed by task 217: [ 13.389087] kasan_save_stack+0x45/0x70 [ 13.389223] kasan_save_track+0x18/0x40 [ 13.389357] kasan_save_free_info+0x3f/0x60 [ 13.389505] __kasan_slab_free+0x56/0x70 [ 13.389846] kmem_cache_free+0x24b/0x420 [ 13.390201] kmem_cache_double_free+0x16b/0x490 [ 13.390607] kunit_try_run_case+0x1a6/0x480 [ 13.390986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.391466] kthread+0x324/0x6e0 [ 13.391789] ret_from_fork+0x41/0x80 [ 13.392133] ret_from_fork_asm+0x1a/0x30 [ 13.392500] [ 13.392672] The buggy address belongs to the object at ffff888102a33000 [ 13.392672] which belongs to the cache test_cache of size 200 [ 13.393739] The buggy address is located 0 bytes inside of [ 13.393739] 200-byte region [ffff888102a33000, ffff888102a330c8) [ 13.394281] [ 13.394352] The buggy address belongs to the physical page: [ 13.394521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a33 [ 13.395274] flags: 0x200000000000000(node=0|zone=2) [ 13.395779] page_type: f5(slab) [ 13.396124] raw: 0200000000000000 ffff888101689c80 dead000000000122 0000000000000000 [ 13.396803] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.397445] page dumped because: kasan: bad access detected [ 13.397648] [ 13.397740] Memory state around the buggy address: [ 13.397897] ffff888102a32f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398121] ffff888102a32f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.398332] >ffff888102a33000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.398540] ^ [ 13.398845] ffff888102a33080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 13.399442] ffff888102a33100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.400136] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 13.326878] ================================================================== [ 13.327342] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x404/0x530 [ 13.327804] Read of size 1 at addr ffff888102a310c8 by task kunit_try_catch/215 [ 13.328098] [ 13.328209] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.328247] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.328258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.328277] Call Trace: [ 13.328289] <TASK> [ 13.328304] dump_stack_lvl+0x73/0xb0 [ 13.328333] print_report+0xd1/0x650 [ 13.328358] ? __virt_addr_valid+0x1db/0x2d0 [ 13.328383] ? kmem_cache_oob+0x404/0x530 [ 13.328406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.328435] ? kmem_cache_oob+0x404/0x530 [ 13.328459] kasan_report+0x140/0x180 [ 13.328483] ? kmem_cache_oob+0x404/0x530 [ 13.328512] __asan_report_load1_noabort+0x18/0x20 [ 13.328538] kmem_cache_oob+0x404/0x530 [ 13.328561] ? trace_hardirqs_on+0x37/0xe0 [ 13.328587] ? __pfx_kmem_cache_oob+0x10/0x10 [ 13.328613] ? __kasan_check_write+0x18/0x20 [ 13.328638] ? queued_spin_lock_slowpath+0x117/0xb40 [ 13.328664] ? irqentry_exit+0x2a/0x60 [ 13.328687] ? trace_hardirqs_on+0x37/0xe0 [ 13.328713] ? __pfx_read_tsc+0x10/0x10 [ 13.328736] ? ktime_get_ts64+0x86/0x230 [ 13.328765] kunit_try_run_case+0x1a6/0x480 [ 13.328791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.328817] ? queued_spin_lock_slowpath+0x117/0xb40 [ 13.328843] ? __kthread_parkme+0x82/0x160 [ 13.328868] ? preempt_count_sub+0x50/0x80 [ 13.328895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.328920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.328949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.328977] kthread+0x324/0x6e0 [ 13.329001] ? trace_preempt_on+0x20/0xc0 [ 13.329035] ? __pfx_kthread+0x10/0x10 [ 13.329060] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.329084] ? calculate_sigpending+0x7b/0xa0 [ 13.329108] ? __pfx_kthread+0x10/0x10 [ 13.329133] ret_from_fork+0x41/0x80 [ 13.329154] ? __pfx_kthread+0x10/0x10 [ 13.329178] ret_from_fork_asm+0x1a/0x30 [ 13.329212] </TASK> [ 13.329222] [ 13.340167] Allocated by task 215: [ 13.340314] kasan_save_stack+0x45/0x70 [ 13.340503] kasan_save_track+0x18/0x40 [ 13.341031] kasan_save_alloc_info+0x3b/0x50 [ 13.341341] __kasan_slab_alloc+0x91/0xa0 [ 13.341748] kmem_cache_alloc_noprof+0x124/0x400 [ 13.342217] kmem_cache_oob+0x158/0x530 [ 13.342369] kunit_try_run_case+0x1a6/0x480 [ 13.342519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.342706] kthread+0x324/0x6e0 [ 13.342832] ret_from_fork+0x41/0x80 [ 13.342961] ret_from_fork_asm+0x1a/0x30 [ 13.343113] [ 13.343185] The buggy address belongs to the object at ffff888102a31000 [ 13.343185] which belongs to the cache test_cache of size 200 [ 13.343536] The buggy address is located 0 bytes to the right of [ 13.343536] allocated 200-byte region [ffff888102a31000, ffff888102a310c8) [ 13.343892] [ 13.343963] The buggy address belongs to the physical page: [ 13.344591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a31 [ 13.345522] flags: 0x200000000000000(node=0|zone=2) [ 13.345986] page_type: f5(slab) [ 13.346331] raw: 0200000000000000 ffff888101689b40 dead000000000122 0000000000000000 [ 13.347152] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 13.347937] page dumped because: kasan: bad access detected [ 13.348449] [ 13.348645] Memory state around the buggy address: [ 13.349132] ffff888102a30f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.349817] ffff888102a31000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.350487] >ffff888102a31080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 13.351291] ^ [ 13.351846] ffff888102a31100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.352606] ffff888102a31180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.353228] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 13.284337] ================================================================== [ 13.285104] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d8/0x560 [ 13.285647] Read of size 8 at addr ffff888102a2ab80 by task kunit_try_catch/208 [ 13.285960] [ 13.286080] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.286122] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.286133] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.286154] Call Trace: [ 13.286166] <TASK> [ 13.286182] dump_stack_lvl+0x73/0xb0 [ 13.286210] print_report+0xd1/0x650 [ 13.286234] ? __virt_addr_valid+0x1db/0x2d0 [ 13.286259] ? workqueue_uaf+0x4d8/0x560 [ 13.286282] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.286310] ? workqueue_uaf+0x4d8/0x560 [ 13.286333] kasan_report+0x140/0x180 [ 13.286356] ? workqueue_uaf+0x4d8/0x560 [ 13.286384] __asan_report_load8_noabort+0x18/0x20 [ 13.286410] workqueue_uaf+0x4d8/0x560 [ 13.286434] ? __pfx_workqueue_uaf+0x10/0x10 [ 13.286458] ? __schedule+0xce8/0x2840 [ 13.286483] ? __pfx_read_tsc+0x10/0x10 [ 13.286507] ? ktime_get_ts64+0x86/0x230 [ 13.286536] kunit_try_run_case+0x1a6/0x480 [ 13.286562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286585] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.286611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.286636] ? __kthread_parkme+0x82/0x160 [ 13.286661] ? preempt_count_sub+0x50/0x80 [ 13.286688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.286712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.286740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.286768] kthread+0x324/0x6e0 [ 13.286792] ? trace_preempt_on+0x20/0xc0 [ 13.286817] ? __pfx_kthread+0x10/0x10 [ 13.286842] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.286866] ? calculate_sigpending+0x7b/0xa0 [ 13.286891] ? __pfx_kthread+0x10/0x10 [ 13.286916] ret_from_fork+0x41/0x80 [ 13.286937] ? __pfx_kthread+0x10/0x10 [ 13.286961] ret_from_fork_asm+0x1a/0x30 [ 13.286994] </TASK> [ 13.287004] [ 13.296269] Allocated by task 208: [ 13.296676] kasan_save_stack+0x45/0x70 [ 13.296863] kasan_save_track+0x18/0x40 [ 13.297183] kasan_save_alloc_info+0x3b/0x50 [ 13.297458] __kasan_kmalloc+0xb7/0xc0 [ 13.297618] __kmalloc_cache_noprof+0x18a/0x420 [ 13.298006] workqueue_uaf+0x153/0x560 [ 13.298362] kunit_try_run_case+0x1a6/0x480 [ 13.298799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.299065] kthread+0x324/0x6e0 [ 13.299237] ret_from_fork+0x41/0x80 [ 13.299397] ret_from_fork_asm+0x1a/0x30 [ 13.299904] [ 13.300005] Freed by task 9: [ 13.300150] kasan_save_stack+0x45/0x70 [ 13.300335] kasan_save_track+0x18/0x40 [ 13.300814] kasan_save_free_info+0x3f/0x60 [ 13.301093] __kasan_slab_free+0x56/0x70 [ 13.301292] kfree+0x224/0x3f0 [ 13.301522] workqueue_uaf_work+0x12/0x20 [ 13.301672] process_one_work+0x5ee/0xf60 [ 13.301879] worker_thread+0x753/0x1200 [ 13.302066] kthread+0x324/0x6e0 [ 13.302227] ret_from_fork+0x41/0x80 [ 13.302387] ret_from_fork_asm+0x1a/0x30 [ 13.302972] [ 13.303086] Last potentially related work creation: [ 13.303290] kasan_save_stack+0x45/0x70 [ 13.303480] kasan_record_aux_stack+0xb2/0xc0 [ 13.303915] __queue_work+0x626/0xeb0 [ 13.304071] queue_work_on+0x74/0xa0 [ 13.304263] workqueue_uaf+0x26e/0x560 [ 13.304466] kunit_try_run_case+0x1a6/0x480 [ 13.304908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.305269] kthread+0x324/0x6e0 [ 13.305408] ret_from_fork+0x41/0x80 [ 13.305599] ret_from_fork_asm+0x1a/0x30 [ 13.306232] [ 13.306313] The buggy address belongs to the object at ffff888102a2ab80 [ 13.306313] which belongs to the cache kmalloc-32 of size 32 [ 13.306980] The buggy address is located 0 bytes inside of [ 13.306980] freed 32-byte region [ffff888102a2ab80, ffff888102a2aba0) [ 13.307451] [ 13.307549] The buggy address belongs to the physical page: [ 13.308069] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2a [ 13.308481] flags: 0x200000000000000(node=0|zone=2) [ 13.308899] page_type: f5(slab) [ 13.309150] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.309557] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.309852] page dumped because: kasan: bad access detected [ 13.310090] [ 13.310172] Memory state around the buggy address: [ 13.310364] ffff888102a2aa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.310971] ffff888102a2ab00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.311229] >ffff888102a2ab80: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 13.311741] ^ [ 13.311881] ffff888102a2ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.312314] ffff888102a2ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.312866] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 13.241675] ================================================================== [ 13.242121] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 13.242425] Read of size 4 at addr ffff888102a2aac0 by task swapper/0/0 [ 13.242708] [ 13.242836] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.14.10-rc1 #1 [ 13.242876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.242887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.242917] Call Trace: [ 13.242942] <IRQ> [ 13.242959] dump_stack_lvl+0x73/0xb0 [ 13.243000] print_report+0xd1/0x650 [ 13.243034] ? __virt_addr_valid+0x1db/0x2d0 [ 13.243059] ? rcu_uaf_reclaim+0x50/0x60 [ 13.243090] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.243118] ? rcu_uaf_reclaim+0x50/0x60 [ 13.243140] kasan_report+0x140/0x180 [ 13.243175] ? rcu_uaf_reclaim+0x50/0x60 [ 13.243201] __asan_report_load4_noabort+0x18/0x20 [ 13.243227] rcu_uaf_reclaim+0x50/0x60 [ 13.243249] rcu_core+0x680/0x1d70 [ 13.243290] ? __pfx_rcu_core+0x10/0x10 [ 13.243322] rcu_core_si+0x12/0x20 [ 13.243355] handle_softirqs+0x209/0x730 [ 13.243381] ? hrtimer_interrupt+0x2fe/0x780 [ 13.243408] ? __pfx_handle_softirqs+0x10/0x10 [ 13.243438] __irq_exit_rcu+0xc9/0x110 [ 13.243462] irq_exit_rcu+0x12/0x20 [ 13.243486] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.243513] </IRQ> [ 13.243538] <TASK> [ 13.243548] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.243648] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 13.243759] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 63 11 00 fb f4 <c3> cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 13.243839] RSP: 0000:ffffffff99207de0 EFLAGS: 00010202 [ 13.243926] RAX: ffff88815b000000 RBX: ffffffff9921a600 RCX: ffffffff98171d35 [ 13.243971] RDX: ffffed102b606ae3 RSI: 0000000000000004 RDI: 0000000000011184 [ 13.244013] RBP: ffffffff99207de8 R08: 0000000000000001 R09: ffffed102b606ae2 [ 13.244067] R10: ffff88815b035713 R11: 000000000003a180 R12: 0000000000000000 [ 13.244108] R13: fffffbfff32434c0 R14: ffffffff99d80310 R15: 0000000000000000 [ 13.244164] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 13.244216] ? default_idle+0xd/0x20 [ 13.244237] arch_cpu_idle+0xd/0x20 [ 13.244258] default_idle_call+0x48/0x80 [ 13.244280] do_idle+0x310/0x3c0 [ 13.244305] ? __pfx_do_idle+0x10/0x10 [ 13.244327] ? trace_preempt_on+0x20/0xc0 [ 13.244352] ? schedule+0x86/0x310 [ 13.244374] ? preempt_count_sub+0x50/0x80 [ 13.244401] cpu_startup_entry+0x5c/0x70 [ 13.244424] rest_init+0x11a/0x140 [ 13.244444] ? acpi_subsystem_init+0x5d/0x150 [ 13.244474] start_kernel+0x32b/0x410 [ 13.244501] x86_64_start_reservations+0x1c/0x30 [ 13.244527] x86_64_start_kernel+0xcf/0xe0 [ 13.244552] common_startup_64+0x12c/0x138 [ 13.244587] </TASK> [ 13.244598] [ 13.262345] Allocated by task 206: [ 13.262757] kasan_save_stack+0x45/0x70 [ 13.263250] kasan_save_track+0x18/0x40 [ 13.263426] kasan_save_alloc_info+0x3b/0x50 [ 13.263895] __kasan_kmalloc+0xb7/0xc0 [ 13.264265] __kmalloc_cache_noprof+0x18a/0x420 [ 13.264544] rcu_uaf+0xb1/0x330 [ 13.264660] kunit_try_run_case+0x1a6/0x480 [ 13.264803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.264972] kthread+0x324/0x6e0 [ 13.265107] ret_from_fork+0x41/0x80 [ 13.265235] ret_from_fork_asm+0x1a/0x30 [ 13.265431] [ 13.265527] Freed by task 0: [ 13.265638] kasan_save_stack+0x45/0x70 [ 13.265854] kasan_save_track+0x18/0x40 [ 13.266109] kasan_save_free_info+0x3f/0x60 [ 13.266253] __kasan_slab_free+0x56/0x70 [ 13.266453] kfree+0x224/0x3f0 [ 13.266617] rcu_uaf_reclaim+0x1f/0x60 [ 13.266760] rcu_core+0x680/0x1d70 [ 13.266973] rcu_core_si+0x12/0x20 [ 13.267144] handle_softirqs+0x209/0x730 [ 13.267282] __irq_exit_rcu+0xc9/0x110 [ 13.267467] irq_exit_rcu+0x12/0x20 [ 13.267671] sysvec_apic_timer_interrupt+0x81/0x90 [ 13.268184] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 13.268371] [ 13.268461] Last potentially related work creation: [ 13.268938] kasan_save_stack+0x45/0x70 [ 13.269286] kasan_record_aux_stack+0xb2/0xc0 [ 13.269500] __call_rcu_common.constprop.0+0x72/0xaa0 [ 13.269919] call_rcu+0x12/0x20 [ 13.270223] rcu_uaf+0x169/0x330 [ 13.270383] kunit_try_run_case+0x1a6/0x480 [ 13.270765] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.271089] kthread+0x324/0x6e0 [ 13.271375] ret_from_fork+0x41/0x80 [ 13.271546] ret_from_fork_asm+0x1a/0x30 [ 13.271730] [ 13.271827] The buggy address belongs to the object at ffff888102a2aac0 [ 13.271827] which belongs to the cache kmalloc-32 of size 32 [ 13.272284] The buggy address is located 0 bytes inside of [ 13.272284] freed 32-byte region [ffff888102a2aac0, ffff888102a2aae0) [ 13.273215] [ 13.273465] The buggy address belongs to the physical page: [ 13.273811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2a [ 13.274482] flags: 0x200000000000000(node=0|zone=2) [ 13.274812] page_type: f5(slab) [ 13.275255] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.275747] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.276065] page dumped because: kasan: bad access detected [ 13.276280] [ 13.276364] Memory state around the buggy address: [ 13.276553] ffff888102a2a980: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 13.276830] ffff888102a2aa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.277116] >ffff888102a2aa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.277399] ^ [ 13.278096] ffff888102a2ab00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.278444] ffff888102a2ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.278959] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 13.161301] ================================================================== [ 13.162128] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19e/0x6c0 [ 13.162649] Read of size 1 at addr ffff888101bd1c00 by task kunit_try_catch/204 [ 13.163316] [ 13.163424] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.163592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.163606] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.163625] Call Trace: [ 13.163637] <TASK> [ 13.163653] dump_stack_lvl+0x73/0xb0 [ 13.163681] print_report+0xd1/0x650 [ 13.163702] ? __virt_addr_valid+0x1db/0x2d0 [ 13.163724] ? ksize_uaf+0x19e/0x6c0 [ 13.163755] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.163779] ? ksize_uaf+0x19e/0x6c0 [ 13.163798] kasan_report+0x140/0x180 [ 13.163879] ? ksize_uaf+0x19e/0x6c0 [ 13.163906] ? ksize_uaf+0x19e/0x6c0 [ 13.163927] __kasan_check_byte+0x3d/0x50 [ 13.163948] ksize+0x20/0x60 [ 13.163968] ksize_uaf+0x19e/0x6c0 [ 13.163987] ? __pfx_ksize_uaf+0x10/0x10 [ 13.164008] ? __schedule+0xce8/0x2840 [ 13.164043] ? __pfx_read_tsc+0x10/0x10 [ 13.164063] ? ktime_get_ts64+0x86/0x230 [ 13.164098] kunit_try_run_case+0x1a6/0x480 [ 13.164121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164142] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.164175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.164198] ? __kthread_parkme+0x82/0x160 [ 13.164219] ? preempt_count_sub+0x50/0x80 [ 13.164243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.164299] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.164324] kthread+0x324/0x6e0 [ 13.164355] ? trace_preempt_on+0x20/0xc0 [ 13.164377] ? __pfx_kthread+0x10/0x10 [ 13.164399] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.164420] ? calculate_sigpending+0x7b/0xa0 [ 13.164441] ? __pfx_kthread+0x10/0x10 [ 13.164463] ret_from_fork+0x41/0x80 [ 13.164481] ? __pfx_kthread+0x10/0x10 [ 13.164502] ret_from_fork_asm+0x1a/0x30 [ 13.164532] </TASK> [ 13.164543] [ 13.172255] Allocated by task 204: [ 13.172398] kasan_save_stack+0x45/0x70 [ 13.172621] kasan_save_track+0x18/0x40 [ 13.172812] kasan_save_alloc_info+0x3b/0x50 [ 13.173026] __kasan_kmalloc+0xb7/0xc0 [ 13.173209] __kmalloc_cache_noprof+0x18a/0x420 [ 13.173399] ksize_uaf+0xab/0x6c0 [ 13.173520] kunit_try_run_case+0x1a6/0x480 [ 13.174124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.174445] kthread+0x324/0x6e0 [ 13.174701] ret_from_fork+0x41/0x80 [ 13.174835] ret_from_fork_asm+0x1a/0x30 [ 13.174969] [ 13.175078] Freed by task 204: [ 13.175229] kasan_save_stack+0x45/0x70 [ 13.175417] kasan_save_track+0x18/0x40 [ 13.175595] kasan_save_free_info+0x3f/0x60 [ 13.175749] __kasan_slab_free+0x56/0x70 [ 13.175880] kfree+0x224/0x3f0 [ 13.176052] ksize_uaf+0x12d/0x6c0 [ 13.176228] kunit_try_run_case+0x1a6/0x480 [ 13.176538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.176877] kthread+0x324/0x6e0 [ 13.177069] ret_from_fork+0x41/0x80 [ 13.177194] ret_from_fork_asm+0x1a/0x30 [ 13.177374] [ 13.177469] The buggy address belongs to the object at ffff888101bd1c00 [ 13.177469] which belongs to the cache kmalloc-128 of size 128 [ 13.178253] The buggy address is located 0 bytes inside of [ 13.178253] freed 128-byte region [ffff888101bd1c00, ffff888101bd1c80) [ 13.178950] [ 13.179079] The buggy address belongs to the physical page: [ 13.179292] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 13.179632] flags: 0x200000000000000(node=0|zone=2) [ 13.179884] page_type: f5(slab) [ 13.180004] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.180271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.180607] page dumped because: kasan: bad access detected [ 13.180848] [ 13.181066] Memory state around the buggy address: [ 13.181298] ffff888101bd1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.181780] ffff888101bd1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.182127] >ffff888101bd1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.182387] ^ [ 13.182512] ffff888101bd1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.182870] ffff888101bd1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.183277] ================================================================== [ 13.183998] ================================================================== [ 13.184346] BUG: KASAN: slab-use-after-free in ksize_uaf+0x600/0x6c0 [ 13.184672] Read of size 1 at addr ffff888101bd1c00 by task kunit_try_catch/204 [ 13.185031] [ 13.185153] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.185190] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.185212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.185232] Call Trace: [ 13.185243] <TASK> [ 13.185256] dump_stack_lvl+0x73/0xb0 [ 13.185279] print_report+0xd1/0x650 [ 13.185299] ? __virt_addr_valid+0x1db/0x2d0 [ 13.185321] ? ksize_uaf+0x600/0x6c0 [ 13.185340] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.185364] ? ksize_uaf+0x600/0x6c0 [ 13.185384] kasan_report+0x140/0x180 [ 13.185405] ? ksize_uaf+0x600/0x6c0 [ 13.185429] __asan_report_load1_noabort+0x18/0x20 [ 13.185451] ksize_uaf+0x600/0x6c0 [ 13.185480] ? __pfx_ksize_uaf+0x10/0x10 [ 13.185501] ? __schedule+0xce8/0x2840 [ 13.185522] ? __pfx_read_tsc+0x10/0x10 [ 13.185554] ? ktime_get_ts64+0x86/0x230 [ 13.185578] kunit_try_run_case+0x1a6/0x480 [ 13.185601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.185621] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.185644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.185666] ? __kthread_parkme+0x82/0x160 [ 13.185688] ? preempt_count_sub+0x50/0x80 [ 13.185711] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.185738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.185763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.185788] kthread+0x324/0x6e0 [ 13.185974] ? trace_preempt_on+0x20/0xc0 [ 13.185999] ? __pfx_kthread+0x10/0x10 [ 13.186040] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.186064] ? calculate_sigpending+0x7b/0xa0 [ 13.186085] ? __pfx_kthread+0x10/0x10 [ 13.186108] ret_from_fork+0x41/0x80 [ 13.186126] ? __pfx_kthread+0x10/0x10 [ 13.186147] ret_from_fork_asm+0x1a/0x30 [ 13.186177] </TASK> [ 13.186187] [ 13.193555] Allocated by task 204: [ 13.193853] kasan_save_stack+0x45/0x70 [ 13.194147] kasan_save_track+0x18/0x40 [ 13.194351] kasan_save_alloc_info+0x3b/0x50 [ 13.194567] __kasan_kmalloc+0xb7/0xc0 [ 13.194875] __kmalloc_cache_noprof+0x18a/0x420 [ 13.195123] ksize_uaf+0xab/0x6c0 [ 13.195292] kunit_try_run_case+0x1a6/0x480 [ 13.195467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.195838] kthread+0x324/0x6e0 [ 13.196049] ret_from_fork+0x41/0x80 [ 13.196219] ret_from_fork_asm+0x1a/0x30 [ 13.196406] [ 13.196508] Freed by task 204: [ 13.196731] kasan_save_stack+0x45/0x70 [ 13.196946] kasan_save_track+0x18/0x40 [ 13.197139] kasan_save_free_info+0x3f/0x60 [ 13.197325] __kasan_slab_free+0x56/0x70 [ 13.197495] kfree+0x224/0x3f0 [ 13.198062] ksize_uaf+0x12d/0x6c0 [ 13.198211] kunit_try_run_case+0x1a6/0x480 [ 13.198359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.198538] kthread+0x324/0x6e0 [ 13.198661] ret_from_fork+0x41/0x80 [ 13.198798] ret_from_fork_asm+0x1a/0x30 [ 13.199041] [ 13.199136] The buggy address belongs to the object at ffff888101bd1c00 [ 13.199136] which belongs to the cache kmalloc-128 of size 128 [ 13.199855] The buggy address is located 0 bytes inside of [ 13.199855] freed 128-byte region [ffff888101bd1c00, ffff888101bd1c80) [ 13.200394] [ 13.200491] The buggy address belongs to the physical page: [ 13.200794] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 13.201132] flags: 0x200000000000000(node=0|zone=2) [ 13.201408] page_type: f5(slab) [ 13.201814] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.202214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.202523] page dumped because: kasan: bad access detected [ 13.202923] [ 13.203006] Memory state around the buggy address: [ 13.203165] ffff888101bd1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.203370] ffff888101bd1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.203705] >ffff888101bd1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.204133] ^ [ 13.204319] ffff888101bd1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.204820] ffff888101bd1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.205139] ================================================================== [ 13.205512] ================================================================== [ 13.205843] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e6/0x6c0 [ 13.206276] Read of size 1 at addr ffff888101bd1c78 by task kunit_try_catch/204 [ 13.206496] [ 13.206575] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.206613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.206624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.206643] Call Trace: [ 13.206658] <TASK> [ 13.206672] dump_stack_lvl+0x73/0xb0 [ 13.206865] print_report+0xd1/0x650 [ 13.206888] ? __virt_addr_valid+0x1db/0x2d0 [ 13.206909] ? ksize_uaf+0x5e6/0x6c0 [ 13.206928] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.206952] ? ksize_uaf+0x5e6/0x6c0 [ 13.206972] kasan_report+0x140/0x180 [ 13.206993] ? ksize_uaf+0x5e6/0x6c0 [ 13.207028] __asan_report_load1_noabort+0x18/0x20 [ 13.207051] ksize_uaf+0x5e6/0x6c0 [ 13.207070] ? __pfx_ksize_uaf+0x10/0x10 [ 13.207090] ? __schedule+0xce8/0x2840 [ 13.207112] ? __pfx_read_tsc+0x10/0x10 [ 13.207133] ? ktime_get_ts64+0x86/0x230 [ 13.207156] kunit_try_run_case+0x1a6/0x480 [ 13.207179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.207199] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.207222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.207244] ? __kthread_parkme+0x82/0x160 [ 13.207266] ? preempt_count_sub+0x50/0x80 [ 13.207289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.207311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.207336] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.207371] kthread+0x324/0x6e0 [ 13.207391] ? trace_preempt_on+0x20/0xc0 [ 13.207414] ? __pfx_kthread+0x10/0x10 [ 13.207446] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.207467] ? calculate_sigpending+0x7b/0xa0 [ 13.207497] ? __pfx_kthread+0x10/0x10 [ 13.207520] ret_from_fork+0x41/0x80 [ 13.207538] ? __pfx_kthread+0x10/0x10 [ 13.207569] ret_from_fork_asm+0x1a/0x30 [ 13.207599] </TASK> [ 13.207609] [ 13.215160] Allocated by task 204: [ 13.215320] kasan_save_stack+0x45/0x70 [ 13.215463] kasan_save_track+0x18/0x40 [ 13.215597] kasan_save_alloc_info+0x3b/0x50 [ 13.215805] __kasan_kmalloc+0xb7/0xc0 [ 13.216000] __kmalloc_cache_noprof+0x18a/0x420 [ 13.216237] ksize_uaf+0xab/0x6c0 [ 13.216418] kunit_try_run_case+0x1a6/0x480 [ 13.216668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.216900] kthread+0x324/0x6e0 [ 13.217030] ret_from_fork+0x41/0x80 [ 13.217237] ret_from_fork_asm+0x1a/0x30 [ 13.217458] [ 13.217620] Freed by task 204: [ 13.217782] kasan_save_stack+0x45/0x70 [ 13.217929] kasan_save_track+0x18/0x40 [ 13.218095] kasan_save_free_info+0x3f/0x60 [ 13.218301] __kasan_slab_free+0x56/0x70 [ 13.218521] kfree+0x224/0x3f0 [ 13.218825] ksize_uaf+0x12d/0x6c0 [ 13.219085] kunit_try_run_case+0x1a6/0x480 [ 13.219261] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.219523] kthread+0x324/0x6e0 [ 13.219778] ret_from_fork+0x41/0x80 [ 13.219999] ret_from_fork_asm+0x1a/0x30 [ 13.220219] [ 13.220289] The buggy address belongs to the object at ffff888101bd1c00 [ 13.220289] which belongs to the cache kmalloc-128 of size 128 [ 13.220636] The buggy address is located 120 bytes inside of [ 13.220636] freed 128-byte region [ffff888101bd1c00, ffff888101bd1c80) [ 13.221075] [ 13.221168] The buggy address belongs to the physical page: [ 13.221444] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 13.221801] flags: 0x200000000000000(node=0|zone=2) [ 13.222042] page_type: f5(slab) [ 13.222353] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.222849] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.223232] page dumped because: kasan: bad access detected [ 13.223407] [ 13.223502] Memory state around the buggy address: [ 13.223958] ffff888101bd1b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.224301] ffff888101bd1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.224596] >ffff888101bd1c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.224953] ^ [ 13.225264] ffff888101bd1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.225562] ffff888101bd1d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.226002] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 13.091873] ================================================================== [ 13.092272] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81e/0x9b0 [ 13.092520] Read of size 1 at addr ffff888102a2c273 by task kunit_try_catch/202 [ 13.093670] [ 13.093887] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.093928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.093940] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.093961] Call Trace: [ 13.093973] <TASK> [ 13.093989] dump_stack_lvl+0x73/0xb0 [ 13.094030] print_report+0xd1/0x650 [ 13.094054] ? __virt_addr_valid+0x1db/0x2d0 [ 13.094080] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 13.094104] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.094131] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 13.094156] kasan_report+0x140/0x180 [ 13.094180] ? ksize_unpoisons_memory+0x81e/0x9b0 [ 13.094209] __asan_report_load1_noabort+0x18/0x20 [ 13.094235] ksize_unpoisons_memory+0x81e/0x9b0 [ 13.094260] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.094284] ? finish_task_switch.isra.0+0x153/0x700 [ 13.094310] ? __switch_to+0x5d9/0xf60 [ 13.094339] ? __schedule+0xce8/0x2840 [ 13.094365] ? __pfx_read_tsc+0x10/0x10 [ 13.094389] ? ktime_get_ts64+0x86/0x230 [ 13.094417] kunit_try_run_case+0x1a6/0x480 [ 13.094443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.094466] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.094492] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.094518] ? __kthread_parkme+0x82/0x160 [ 13.094542] ? preempt_count_sub+0x50/0x80 [ 13.094569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.094594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.094623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.094651] kthread+0x324/0x6e0 [ 13.094674] ? trace_preempt_on+0x20/0xc0 [ 13.094700] ? __pfx_kthread+0x10/0x10 [ 13.094724] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.094760] ? calculate_sigpending+0x7b/0xa0 [ 13.094784] ? __pfx_kthread+0x10/0x10 [ 13.094809] ret_from_fork+0x41/0x80 [ 13.094841] ? __pfx_kthread+0x10/0x10 [ 13.094865] ret_from_fork_asm+0x1a/0x30 [ 13.094899] </TASK> [ 13.094910] [ 13.106658] Allocated by task 202: [ 13.107001] kasan_save_stack+0x45/0x70 [ 13.107374] kasan_save_track+0x18/0x40 [ 13.107888] kasan_save_alloc_info+0x3b/0x50 [ 13.108318] __kasan_kmalloc+0xb7/0xc0 [ 13.108743] __kmalloc_cache_noprof+0x18a/0x420 [ 13.109188] ksize_unpoisons_memory+0xc8/0x9b0 [ 13.109618] kunit_try_run_case+0x1a6/0x480 [ 13.110087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.110359] kthread+0x324/0x6e0 [ 13.110590] ret_from_fork+0x41/0x80 [ 13.111035] ret_from_fork_asm+0x1a/0x30 [ 13.111426] [ 13.111646] The buggy address belongs to the object at ffff888102a2c200 [ 13.111646] which belongs to the cache kmalloc-128 of size 128 [ 13.112235] The buggy address is located 0 bytes to the right of [ 13.112235] allocated 115-byte region [ffff888102a2c200, ffff888102a2c273) [ 13.112822] [ 13.113090] The buggy address belongs to the physical page: [ 13.113658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 13.114377] flags: 0x200000000000000(node=0|zone=2) [ 13.114915] page_type: f5(slab) [ 13.115243] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.115921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.116160] page dumped because: kasan: bad access detected [ 13.116330] [ 13.116400] Memory state around the buggy address: [ 13.116555] ffff888102a2c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.116830] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.117103] >ffff888102a2c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.117410] ^ [ 13.117636] ffff888102a2c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.118131] ffff888102a2c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.118432] ================================================================== [ 13.138368] ================================================================== [ 13.140640] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b8/0x9b0 [ 13.141089] Read of size 1 at addr ffff888102a2c27f by task kunit_try_catch/202 [ 13.141308] [ 13.141388] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.141426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.141437] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.141456] Call Trace: [ 13.141469] <TASK> [ 13.141484] dump_stack_lvl+0x73/0xb0 [ 13.141511] print_report+0xd1/0x650 [ 13.141535] ? __virt_addr_valid+0x1db/0x2d0 [ 13.141559] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 13.141583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.141610] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 13.141635] kasan_report+0x140/0x180 [ 13.141659] ? ksize_unpoisons_memory+0x7b8/0x9b0 [ 13.141688] __asan_report_load1_noabort+0x18/0x20 [ 13.141786] ksize_unpoisons_memory+0x7b8/0x9b0 [ 13.141817] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.141843] ? finish_task_switch.isra.0+0x153/0x700 [ 13.141881] ? __switch_to+0x5d9/0xf60 [ 13.141908] ? __schedule+0xce8/0x2840 [ 13.141945] ? __pfx_read_tsc+0x10/0x10 [ 13.141969] ? ktime_get_ts64+0x86/0x230 [ 13.141996] kunit_try_run_case+0x1a6/0x480 [ 13.142044] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.142077] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.142103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.142128] ? __kthread_parkme+0x82/0x160 [ 13.142164] ? preempt_count_sub+0x50/0x80 [ 13.142190] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.142215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.142252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.142280] kthread+0x324/0x6e0 [ 13.142304] ? trace_preempt_on+0x20/0xc0 [ 13.142339] ? __pfx_kthread+0x10/0x10 [ 13.142363] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.142388] ? calculate_sigpending+0x7b/0xa0 [ 13.142420] ? __pfx_kthread+0x10/0x10 [ 13.142445] ret_from_fork+0x41/0x80 [ 13.142508] ? __pfx_kthread+0x10/0x10 [ 13.142534] ret_from_fork_asm+0x1a/0x30 [ 13.142568] </TASK> [ 13.142578] [ 13.150033] Allocated by task 202: [ 13.150167] kasan_save_stack+0x45/0x70 [ 13.150315] kasan_save_track+0x18/0x40 [ 13.150453] kasan_save_alloc_info+0x3b/0x50 [ 13.150609] __kasan_kmalloc+0xb7/0xc0 [ 13.150744] __kmalloc_cache_noprof+0x18a/0x420 [ 13.150901] ksize_unpoisons_memory+0xc8/0x9b0 [ 13.151100] kunit_try_run_case+0x1a6/0x480 [ 13.151365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.151625] kthread+0x324/0x6e0 [ 13.151793] ret_from_fork+0x41/0x80 [ 13.151990] ret_from_fork_asm+0x1a/0x30 [ 13.152203] [ 13.152372] The buggy address belongs to the object at ffff888102a2c200 [ 13.152372] which belongs to the cache kmalloc-128 of size 128 [ 13.152939] The buggy address is located 12 bytes to the right of [ 13.152939] allocated 115-byte region [ffff888102a2c200, ffff888102a2c273) [ 13.153773] [ 13.153873] The buggy address belongs to the physical page: [ 13.154148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 13.154387] flags: 0x200000000000000(node=0|zone=2) [ 13.154543] page_type: f5(slab) [ 13.155067] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.155486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.155919] page dumped because: kasan: bad access detected [ 13.156200] [ 13.156295] Memory state around the buggy address: [ 13.156449] ffff888102a2c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.156663] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.156875] >ffff888102a2c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.157275] ^ [ 13.157599] ffff888102a2c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.157975] ffff888102a2c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.158411] ================================================================== [ 13.118979] ================================================================== [ 13.119494] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7eb/0x9b0 [ 13.119887] Read of size 1 at addr ffff888102a2c278 by task kunit_try_catch/202 [ 13.120268] [ 13.120393] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.120444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.120456] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.120474] Call Trace: [ 13.120489] <TASK> [ 13.120503] dump_stack_lvl+0x73/0xb0 [ 13.120540] print_report+0xd1/0x650 [ 13.120564] ? __virt_addr_valid+0x1db/0x2d0 [ 13.120587] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 13.120622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.120650] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 13.120675] kasan_report+0x140/0x180 [ 13.120699] ? ksize_unpoisons_memory+0x7eb/0x9b0 [ 13.120772] __asan_report_load1_noabort+0x18/0x20 [ 13.120813] ksize_unpoisons_memory+0x7eb/0x9b0 [ 13.120839] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 13.120863] ? finish_task_switch.isra.0+0x153/0x700 [ 13.120888] ? __switch_to+0x5d9/0xf60 [ 13.120916] ? __schedule+0xce8/0x2840 [ 13.120940] ? __pfx_read_tsc+0x10/0x10 [ 13.120964] ? ktime_get_ts64+0x86/0x230 [ 13.120991] kunit_try_run_case+0x1a6/0x480 [ 13.121025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.121049] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.121083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.121109] ? __kthread_parkme+0x82/0x160 [ 13.121144] ? preempt_count_sub+0x50/0x80 [ 13.121170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.121195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.121223] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.121260] kthread+0x324/0x6e0 [ 13.121283] ? trace_preempt_on+0x20/0xc0 [ 13.121320] ? __pfx_kthread+0x10/0x10 [ 13.121345] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.121369] ? calculate_sigpending+0x7b/0xa0 [ 13.121393] ? __pfx_kthread+0x10/0x10 [ 13.121418] ret_from_fork+0x41/0x80 [ 13.121439] ? __pfx_kthread+0x10/0x10 [ 13.121463] ret_from_fork_asm+0x1a/0x30 [ 13.121497] </TASK> [ 13.121506] [ 13.129423] Allocated by task 202: [ 13.129667] kasan_save_stack+0x45/0x70 [ 13.129911] kasan_save_track+0x18/0x40 [ 13.130117] kasan_save_alloc_info+0x3b/0x50 [ 13.130329] __kasan_kmalloc+0xb7/0xc0 [ 13.130526] __kmalloc_cache_noprof+0x18a/0x420 [ 13.130822] ksize_unpoisons_memory+0xc8/0x9b0 [ 13.131072] kunit_try_run_case+0x1a6/0x480 [ 13.131279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.131503] kthread+0x324/0x6e0 [ 13.131822] ret_from_fork+0x41/0x80 [ 13.131992] ret_from_fork_asm+0x1a/0x30 [ 13.132200] [ 13.132310] The buggy address belongs to the object at ffff888102a2c200 [ 13.132310] which belongs to the cache kmalloc-128 of size 128 [ 13.132790] The buggy address is located 5 bytes to the right of [ 13.132790] allocated 115-byte region [ffff888102a2c200, ffff888102a2c273) [ 13.133428] [ 13.133529] The buggy address belongs to the physical page: [ 13.133882] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 13.134389] flags: 0x200000000000000(node=0|zone=2) [ 13.134619] page_type: f5(slab) [ 13.134863] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.135189] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.135506] page dumped because: kasan: bad access detected [ 13.135756] [ 13.135824] Memory state around the buggy address: [ 13.135973] ffff888102a2c100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.136195] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.136722] >ffff888102a2c200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.137092] ^ [ 13.137327] ffff888102a2c280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137539] ffff888102a2c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.137902] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 13.061255] ================================================================== [ 13.061841] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 13.062128] Free of addr ffff888101b5abc0 by task kunit_try_catch/200 [ 13.062779] [ 13.062999] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.063061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.063175] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.063200] Call Trace: [ 13.063213] <TASK> [ 13.063227] dump_stack_lvl+0x73/0xb0 [ 13.063266] print_report+0xd1/0x650 [ 13.063288] ? __virt_addr_valid+0x1db/0x2d0 [ 13.063316] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.063341] ? kfree_sensitive+0x2e/0x90 [ 13.063361] kasan_report_invalid_free+0xfc/0x120 [ 13.063383] ? kfree_sensitive+0x2e/0x90 [ 13.063404] ? kfree_sensitive+0x2e/0x90 [ 13.063423] check_slab_allocation+0x101/0x130 [ 13.063443] __kasan_slab_pre_free+0x28/0x40 [ 13.063462] kfree+0xf1/0x3f0 [ 13.063481] ? kfree_sensitive+0x2e/0x90 [ 13.063503] kfree_sensitive+0x2e/0x90 [ 13.063522] kmalloc_double_kzfree+0x19d/0x360 [ 13.063543] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.063565] ? __schedule+0xce8/0x2840 [ 13.063587] ? __pfx_read_tsc+0x10/0x10 [ 13.063607] ? ktime_get_ts64+0x86/0x230 [ 13.063630] kunit_try_run_case+0x1a6/0x480 [ 13.063653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.063673] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.063695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.063718] ? __kthread_parkme+0x82/0x160 [ 13.063739] ? preempt_count_sub+0x50/0x80 [ 13.063764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.063785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.063811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.063837] kthread+0x324/0x6e0 [ 13.063857] ? trace_preempt_on+0x20/0xc0 [ 13.063879] ? __pfx_kthread+0x10/0x10 [ 13.063900] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.063921] ? calculate_sigpending+0x7b/0xa0 [ 13.063942] ? __pfx_kthread+0x10/0x10 [ 13.063963] ret_from_fork+0x41/0x80 [ 13.063980] ? __pfx_kthread+0x10/0x10 [ 13.064002] ret_from_fork_asm+0x1a/0x30 [ 13.064042] </TASK> [ 13.064052] [ 13.074484] Allocated by task 200: [ 13.074985] kasan_save_stack+0x45/0x70 [ 13.075207] kasan_save_track+0x18/0x40 [ 13.075498] kasan_save_alloc_info+0x3b/0x50 [ 13.075857] __kasan_kmalloc+0xb7/0xc0 [ 13.075992] __kmalloc_cache_noprof+0x18a/0x420 [ 13.076290] kmalloc_double_kzfree+0xaa/0x360 [ 13.076494] kunit_try_run_case+0x1a6/0x480 [ 13.076722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.076971] kthread+0x324/0x6e0 [ 13.077382] ret_from_fork+0x41/0x80 [ 13.077702] ret_from_fork_asm+0x1a/0x30 [ 13.077861] [ 13.077962] Freed by task 200: [ 13.078129] kasan_save_stack+0x45/0x70 [ 13.078614] kasan_save_track+0x18/0x40 [ 13.078775] kasan_save_free_info+0x3f/0x60 [ 13.078975] __kasan_slab_free+0x56/0x70 [ 13.079251] kfree+0x224/0x3f0 [ 13.079373] kfree_sensitive+0x67/0x90 [ 13.079754] kmalloc_double_kzfree+0x12c/0x360 [ 13.079923] kunit_try_run_case+0x1a6/0x480 [ 13.080339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.080717] kthread+0x324/0x6e0 [ 13.080909] ret_from_fork+0x41/0x80 [ 13.081304] ret_from_fork_asm+0x1a/0x30 [ 13.081463] [ 13.081554] The buggy address belongs to the object at ffff888101b5abc0 [ 13.081554] which belongs to the cache kmalloc-16 of size 16 [ 13.082422] The buggy address is located 0 bytes inside of [ 13.082422] 16-byte region [ffff888101b5abc0, ffff888101b5abd0) [ 13.083134] [ 13.083261] The buggy address belongs to the physical page: [ 13.083703] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 13.084047] flags: 0x200000000000000(node=0|zone=2) [ 13.084276] page_type: f5(slab) [ 13.084422] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.084908] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.085304] page dumped because: kasan: bad access detected [ 13.085508] [ 13.085723] Memory state around the buggy address: [ 13.086070] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.086303] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.086923] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.087293] ^ [ 13.087590] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.088104] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.088415] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 13.035691] ================================================================== [ 13.036157] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19d/0x360 [ 13.036401] Read of size 1 at addr ffff888101b5abc0 by task kunit_try_catch/200 [ 13.036677] [ 13.037185] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.037232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.037244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.037265] Call Trace: [ 13.037277] <TASK> [ 13.037295] dump_stack_lvl+0x73/0xb0 [ 13.037324] print_report+0xd1/0x650 [ 13.037345] ? __virt_addr_valid+0x1db/0x2d0 [ 13.037367] ? kmalloc_double_kzfree+0x19d/0x360 [ 13.037388] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.037412] ? kmalloc_double_kzfree+0x19d/0x360 [ 13.037434] kasan_report+0x140/0x180 [ 13.037454] ? kmalloc_double_kzfree+0x19d/0x360 [ 13.037478] ? kmalloc_double_kzfree+0x19d/0x360 [ 13.037499] __kasan_check_byte+0x3d/0x50 [ 13.037520] kfree_sensitive+0x22/0x90 [ 13.037541] kmalloc_double_kzfree+0x19d/0x360 [ 13.037562] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 13.037584] ? __schedule+0xce8/0x2840 [ 13.037607] ? __pfx_read_tsc+0x10/0x10 [ 13.037628] ? ktime_get_ts64+0x86/0x230 [ 13.037653] kunit_try_run_case+0x1a6/0x480 [ 13.037676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037697] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.037719] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.037748] ? __kthread_parkme+0x82/0x160 [ 13.037769] ? preempt_count_sub+0x50/0x80 [ 13.037793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.037866] kthread+0x324/0x6e0 [ 13.037886] ? trace_preempt_on+0x20/0xc0 [ 13.037921] ? __pfx_kthread+0x10/0x10 [ 13.037943] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.037964] ? calculate_sigpending+0x7b/0xa0 [ 13.037997] ? __pfx_kthread+0x10/0x10 [ 13.038027] ret_from_fork+0x41/0x80 [ 13.038045] ? __pfx_kthread+0x10/0x10 [ 13.038066] ret_from_fork_asm+0x1a/0x30 [ 13.038097] </TASK> [ 13.038107] [ 13.046395] Allocated by task 200: [ 13.046526] kasan_save_stack+0x45/0x70 [ 13.046816] kasan_save_track+0x18/0x40 [ 13.047104] kasan_save_alloc_info+0x3b/0x50 [ 13.047326] __kasan_kmalloc+0xb7/0xc0 [ 13.047493] __kmalloc_cache_noprof+0x18a/0x420 [ 13.047902] kmalloc_double_kzfree+0xaa/0x360 [ 13.048103] kunit_try_run_case+0x1a6/0x480 [ 13.048246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.048524] kthread+0x324/0x6e0 [ 13.048697] ret_from_fork+0x41/0x80 [ 13.048880] ret_from_fork_asm+0x1a/0x30 [ 13.049319] [ 13.049417] Freed by task 200: [ 13.049527] kasan_save_stack+0x45/0x70 [ 13.049860] kasan_save_track+0x18/0x40 [ 13.050098] kasan_save_free_info+0x3f/0x60 [ 13.050364] __kasan_slab_free+0x56/0x70 [ 13.050559] kfree+0x224/0x3f0 [ 13.050673] kfree_sensitive+0x67/0x90 [ 13.050801] kmalloc_double_kzfree+0x12c/0x360 [ 13.050945] kunit_try_run_case+0x1a6/0x480 [ 13.051161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.051436] kthread+0x324/0x6e0 [ 13.051707] ret_from_fork+0x41/0x80 [ 13.051916] ret_from_fork_asm+0x1a/0x30 [ 13.052128] [ 13.052225] The buggy address belongs to the object at ffff888101b5abc0 [ 13.052225] which belongs to the cache kmalloc-16 of size 16 [ 13.052717] The buggy address is located 0 bytes inside of [ 13.052717] freed 16-byte region [ffff888101b5abc0, ffff888101b5abd0) [ 13.053393] [ 13.053487] The buggy address belongs to the physical page: [ 13.053659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 13.053907] flags: 0x200000000000000(node=0|zone=2) [ 13.054357] page_type: f5(slab) [ 13.054537] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.055622] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.056541] page dumped because: kasan: bad access detected [ 13.057264] [ 13.057387] Memory state around the buggy address: [ 13.057762] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.058196] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 13.058499] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 13.058986] ^ [ 13.059443] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.059921] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.060216] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 13.000145] ================================================================== [ 13.001005] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4aa/0x520 [ 13.001393] Read of size 1 at addr ffff888102a295a8 by task kunit_try_catch/196 [ 13.001783] [ 13.001971] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 13.002010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.002031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.002051] Call Trace: [ 13.002063] <TASK> [ 13.002080] dump_stack_lvl+0x73/0xb0 [ 13.002108] print_report+0xd1/0x650 [ 13.002132] ? __virt_addr_valid+0x1db/0x2d0 [ 13.002157] ? kmalloc_uaf2+0x4aa/0x520 [ 13.002179] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.002206] ? kmalloc_uaf2+0x4aa/0x520 [ 13.002228] kasan_report+0x140/0x180 [ 13.002252] ? kmalloc_uaf2+0x4aa/0x520 [ 13.002279] __asan_report_load1_noabort+0x18/0x20 [ 13.002305] kmalloc_uaf2+0x4aa/0x520 [ 13.002327] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 13.002348] ? finish_task_switch.isra.0+0x153/0x700 [ 13.002375] ? __switch_to+0x5d9/0xf60 [ 13.002403] ? __schedule+0xce8/0x2840 [ 13.002429] ? __pfx_read_tsc+0x10/0x10 [ 13.002453] ? ktime_get_ts64+0x86/0x230 [ 13.002481] kunit_try_run_case+0x1a6/0x480 [ 13.002506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002530] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 13.002576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.002602] ? __kthread_parkme+0x82/0x160 [ 13.002627] ? preempt_count_sub+0x50/0x80 [ 13.002653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.002680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.002708] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.002736] kthread+0x324/0x6e0 [ 13.002759] ? trace_preempt_on+0x20/0xc0 [ 13.002785] ? __pfx_kthread+0x10/0x10 [ 13.002809] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.002834] ? calculate_sigpending+0x7b/0xa0 [ 13.002858] ? __pfx_kthread+0x10/0x10 [ 13.002883] ret_from_fork+0x41/0x80 [ 13.002903] ? __pfx_kthread+0x10/0x10 [ 13.002928] ret_from_fork_asm+0x1a/0x30 [ 13.002961] </TASK> [ 13.002971] [ 13.014174] Allocated by task 196: [ 13.014493] kasan_save_stack+0x45/0x70 [ 13.014889] kasan_save_track+0x18/0x40 [ 13.015251] kasan_save_alloc_info+0x3b/0x50 [ 13.015670] __kasan_kmalloc+0xb7/0xc0 [ 13.016033] __kmalloc_cache_noprof+0x18a/0x420 [ 13.016456] kmalloc_uaf2+0xc7/0x520 [ 13.016811] kunit_try_run_case+0x1a6/0x480 [ 13.017135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.017392] kthread+0x324/0x6e0 [ 13.017600] ret_from_fork+0x41/0x80 [ 13.017922] ret_from_fork_asm+0x1a/0x30 [ 13.018287] [ 13.018446] Freed by task 196: [ 13.018761] kasan_save_stack+0x45/0x70 [ 13.019142] kasan_save_track+0x18/0x40 [ 13.019492] kasan_save_free_info+0x3f/0x60 [ 13.019893] __kasan_slab_free+0x56/0x70 [ 13.020041] kfree+0x224/0x3f0 [ 13.020158] kmalloc_uaf2+0x14d/0x520 [ 13.020289] kunit_try_run_case+0x1a6/0x480 [ 13.020433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.020749] kthread+0x324/0x6e0 [ 13.021059] ret_from_fork+0x41/0x80 [ 13.021383] ret_from_fork_asm+0x1a/0x30 [ 13.021759] [ 13.021916] The buggy address belongs to the object at ffff888102a29580 [ 13.021916] which belongs to the cache kmalloc-64 of size 64 [ 13.022986] The buggy address is located 40 bytes inside of [ 13.022986] freed 64-byte region [ffff888102a29580, ffff888102a295c0) [ 13.024008] [ 13.024174] The buggy address belongs to the physical page: [ 13.024664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a29 [ 13.025311] flags: 0x200000000000000(node=0|zone=2) [ 13.025477] page_type: f5(slab) [ 13.025708] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.026374] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.027044] page dumped because: kasan: bad access detected [ 13.027423] [ 13.027492] Memory state around the buggy address: [ 13.027857] ffff888102a29480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.028476] ffff888102a29500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.028915] >ffff888102a29580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.029138] ^ [ 13.029285] ffff888102a29600: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 13.029497] ffff888102a29680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.030083] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.959533] ================================================================== [ 12.960582] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a4/0x360 [ 12.961062] Write of size 33 at addr ffff888102a29500 by task kunit_try_catch/194 [ 12.961290] [ 12.961376] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.961418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.961429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.961451] Call Trace: [ 12.961463] <TASK> [ 12.961480] dump_stack_lvl+0x73/0xb0 [ 12.961510] print_report+0xd1/0x650 [ 12.961533] ? __virt_addr_valid+0x1db/0x2d0 [ 12.961791] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.961816] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.961844] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.961867] kasan_report+0x140/0x180 [ 12.962068] ? kmalloc_uaf_memset+0x1a4/0x360 [ 12.962106] kasan_check_range+0x10c/0x1c0 [ 12.962133] __asan_memset+0x27/0x50 [ 12.962159] kmalloc_uaf_memset+0x1a4/0x360 [ 12.962182] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.962206] ? __schedule+0xce8/0x2840 [ 12.962232] ? __pfx_read_tsc+0x10/0x10 [ 12.962256] ? ktime_get_ts64+0x86/0x230 [ 12.962285] kunit_try_run_case+0x1a6/0x480 [ 12.962311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.962334] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.962360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.962385] ? __kthread_parkme+0x82/0x160 [ 12.962410] ? preempt_count_sub+0x50/0x80 [ 12.962437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.962462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.962490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.962518] kthread+0x324/0x6e0 [ 12.962541] ? trace_preempt_on+0x20/0xc0 [ 12.962592] ? __pfx_kthread+0x10/0x10 [ 12.962617] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.962641] ? calculate_sigpending+0x7b/0xa0 [ 12.962665] ? __pfx_kthread+0x10/0x10 [ 12.962690] ret_from_fork+0x41/0x80 [ 12.962711] ? __pfx_kthread+0x10/0x10 [ 12.962735] ret_from_fork_asm+0x1a/0x30 [ 12.962770] </TASK> [ 12.962781] [ 12.979264] Allocated by task 194: [ 12.979405] kasan_save_stack+0x45/0x70 [ 12.979565] kasan_save_track+0x18/0x40 [ 12.979705] kasan_save_alloc_info+0x3b/0x50 [ 12.979854] __kasan_kmalloc+0xb7/0xc0 [ 12.979987] __kmalloc_cache_noprof+0x18a/0x420 [ 12.980156] kmalloc_uaf_memset+0xaa/0x360 [ 12.980301] kunit_try_run_case+0x1a6/0x480 [ 12.980447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.980624] kthread+0x324/0x6e0 [ 12.980748] ret_from_fork+0x41/0x80 [ 12.980877] ret_from_fork_asm+0x1a/0x30 [ 12.981062] [ 12.981221] Freed by task 194: [ 12.981494] kasan_save_stack+0x45/0x70 [ 12.981873] kasan_save_track+0x18/0x40 [ 12.982229] kasan_save_free_info+0x3f/0x60 [ 12.982635] __kasan_slab_free+0x56/0x70 [ 12.983012] kfree+0x224/0x3f0 [ 12.983336] kmalloc_uaf_memset+0x12c/0x360 [ 12.983776] kunit_try_run_case+0x1a6/0x480 [ 12.984336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.984898] kthread+0x324/0x6e0 [ 12.985280] ret_from_fork+0x41/0x80 [ 12.985631] ret_from_fork_asm+0x1a/0x30 [ 12.986116] [ 12.986279] The buggy address belongs to the object at ffff888102a29500 [ 12.986279] which belongs to the cache kmalloc-64 of size 64 [ 12.987493] The buggy address is located 0 bytes inside of [ 12.987493] freed 64-byte region [ffff888102a29500, ffff888102a29540) [ 12.988652] [ 12.988817] The buggy address belongs to the physical page: [ 12.989307] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a29 [ 12.990068] flags: 0x200000000000000(node=0|zone=2) [ 12.990666] page_type: f5(slab) [ 12.990985] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.991738] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.992388] page dumped because: kasan: bad access detected [ 12.992920] [ 12.993111] Memory state around the buggy address: [ 12.993608] ffff888102a29400: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.994353] ffff888102a29480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.995060] >ffff888102a29500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.995603] ^ [ 12.995718] ffff888102a29580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.995934] ffff888102a29600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.996493] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.931521] ================================================================== [ 12.932220] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x322/0x380 [ 12.932495] Read of size 1 at addr ffff888101b5aba8 by task kunit_try_catch/192 [ 12.932775] [ 12.932934] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.932985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.932996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.933024] Call Trace: [ 12.933036] <TASK> [ 12.933050] dump_stack_lvl+0x73/0xb0 [ 12.933073] print_report+0xd1/0x650 [ 12.933093] ? __virt_addr_valid+0x1db/0x2d0 [ 12.933115] ? kmalloc_uaf+0x322/0x380 [ 12.933133] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.933157] ? kmalloc_uaf+0x322/0x380 [ 12.933176] kasan_report+0x140/0x180 [ 12.933197] ? kmalloc_uaf+0x322/0x380 [ 12.933220] __asan_report_load1_noabort+0x18/0x20 [ 12.933242] kmalloc_uaf+0x322/0x380 [ 12.933261] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.933281] ? __schedule+0xce8/0x2840 [ 12.933303] ? __pfx_read_tsc+0x10/0x10 [ 12.933324] ? ktime_get_ts64+0x86/0x230 [ 12.933349] kunit_try_run_case+0x1a6/0x480 [ 12.933371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933427] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.933450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.933473] ? __kthread_parkme+0x82/0x160 [ 12.933507] ? preempt_count_sub+0x50/0x80 [ 12.933531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.933631] kthread+0x324/0x6e0 [ 12.933662] ? trace_preempt_on+0x20/0xc0 [ 12.933685] ? __pfx_kthread+0x10/0x10 [ 12.933706] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.933727] ? calculate_sigpending+0x7b/0xa0 [ 12.933754] ? __pfx_kthread+0x10/0x10 [ 12.933776] ret_from_fork+0x41/0x80 [ 12.933794] ? __pfx_kthread+0x10/0x10 [ 12.933815] ret_from_fork_asm+0x1a/0x30 [ 12.933845] </TASK> [ 12.933855] [ 12.942701] Allocated by task 192: [ 12.943039] kasan_save_stack+0x45/0x70 [ 12.943201] kasan_save_track+0x18/0x40 [ 12.943601] kasan_save_alloc_info+0x3b/0x50 [ 12.943780] __kasan_kmalloc+0xb7/0xc0 [ 12.943976] __kmalloc_cache_noprof+0x18a/0x420 [ 12.944201] kmalloc_uaf+0xab/0x380 [ 12.944447] kunit_try_run_case+0x1a6/0x480 [ 12.944605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.944774] kthread+0x324/0x6e0 [ 12.945100] ret_from_fork+0x41/0x80 [ 12.945328] ret_from_fork_asm+0x1a/0x30 [ 12.945462] [ 12.945529] Freed by task 192: [ 12.946204] kasan_save_stack+0x45/0x70 [ 12.946396] kasan_save_track+0x18/0x40 [ 12.946594] kasan_save_free_info+0x3f/0x60 [ 12.946767] __kasan_slab_free+0x56/0x70 [ 12.946897] kfree+0x224/0x3f0 [ 12.947008] kmalloc_uaf+0x12d/0x380 [ 12.947143] kunit_try_run_case+0x1a6/0x480 [ 12.947281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.947562] kthread+0x324/0x6e0 [ 12.947900] ret_from_fork+0x41/0x80 [ 12.948087] ret_from_fork_asm+0x1a/0x30 [ 12.948283] [ 12.948378] The buggy address belongs to the object at ffff888101b5aba0 [ 12.948378] which belongs to the cache kmalloc-16 of size 16 [ 12.949367] The buggy address is located 8 bytes inside of [ 12.949367] freed 16-byte region [ffff888101b5aba0, ffff888101b5abb0) [ 12.950166] [ 12.950333] The buggy address belongs to the physical page: [ 12.950530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101b5a [ 12.951007] flags: 0x200000000000000(node=0|zone=2) [ 12.951258] page_type: f5(slab) [ 12.951423] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.951954] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.952409] page dumped because: kasan: bad access detected [ 12.952829] [ 12.952914] Memory state around the buggy address: [ 12.953083] ffff888101b5aa80: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 12.953291] ffff888101b5ab00: fa fb fc fc fa fb fc fc 00 05 fc fc fa fb fc fc [ 12.953499] >ffff888101b5ab80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.953973] ^ [ 12.954248] ffff888101b5ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.954989] ffff888101b5ac80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.955380] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 12.909382] ================================================================== [ 12.909908] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x170/0x330 [ 12.910326] Read of size 64 at addr ffff888101bdcd84 by task kunit_try_catch/190 [ 12.910584] [ 12.910727] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.910775] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.910786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.910805] Call Trace: [ 12.910827] <TASK> [ 12.910843] dump_stack_lvl+0x73/0xb0 [ 12.910867] print_report+0xd1/0x650 [ 12.910888] ? __virt_addr_valid+0x1db/0x2d0 [ 12.910911] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.910934] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.910958] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.910980] kasan_report+0x140/0x180 [ 12.911001] ? kmalloc_memmove_invalid_size+0x170/0x330 [ 12.911039] kasan_check_range+0x10c/0x1c0 [ 12.911061] __asan_memmove+0x27/0x70 [ 12.911083] kmalloc_memmove_invalid_size+0x170/0x330 [ 12.911106] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 12.911129] ? __schedule+0xce8/0x2840 [ 12.911152] ? __pfx_read_tsc+0x10/0x10 [ 12.911173] ? ktime_get_ts64+0x86/0x230 [ 12.911207] kunit_try_run_case+0x1a6/0x480 [ 12.911230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.911250] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.911283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.911307] ? __kthread_parkme+0x82/0x160 [ 12.911329] ? preempt_count_sub+0x50/0x80 [ 12.911352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.911374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.911408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.911433] kthread+0x324/0x6e0 [ 12.911463] ? trace_preempt_on+0x20/0xc0 [ 12.911485] ? __pfx_kthread+0x10/0x10 [ 12.911507] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.911528] ? calculate_sigpending+0x7b/0xa0 [ 12.911549] ? __pfx_kthread+0x10/0x10 [ 12.911570] ret_from_fork+0x41/0x80 [ 12.911588] ? __pfx_kthread+0x10/0x10 [ 12.911609] ret_from_fork_asm+0x1a/0x30 [ 12.911639] </TASK> [ 12.911649] [ 12.919238] Allocated by task 190: [ 12.919393] kasan_save_stack+0x45/0x70 [ 12.919536] kasan_save_track+0x18/0x40 [ 12.919669] kasan_save_alloc_info+0x3b/0x50 [ 12.919959] __kasan_kmalloc+0xb7/0xc0 [ 12.920301] __kmalloc_cache_noprof+0x18a/0x420 [ 12.920525] kmalloc_memmove_invalid_size+0xad/0x330 [ 12.920942] kunit_try_run_case+0x1a6/0x480 [ 12.921217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.921511] kthread+0x324/0x6e0 [ 12.921689] ret_from_fork+0x41/0x80 [ 12.921945] ret_from_fork_asm+0x1a/0x30 [ 12.922127] [ 12.922248] The buggy address belongs to the object at ffff888101bdcd80 [ 12.922248] which belongs to the cache kmalloc-64 of size 64 [ 12.922788] The buggy address is located 4 bytes inside of [ 12.922788] allocated 64-byte region [ffff888101bdcd80, ffff888101bdcdc0) [ 12.923256] [ 12.923352] The buggy address belongs to the physical page: [ 12.923607] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bdc [ 12.923876] flags: 0x200000000000000(node=0|zone=2) [ 12.924053] page_type: f5(slab) [ 12.924176] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.924405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.924757] page dumped because: kasan: bad access detected [ 12.925004] [ 12.925164] Memory state around the buggy address: [ 12.925588] ffff888101bdcc80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 12.925840] ffff888101bdcd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.926067] >ffff888101bdcd80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.926279] ^ [ 12.926467] ffff888101bdce00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.927509] ffff888101bdce80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.928098] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 12.888393] ================================================================== [ 12.888926] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x172/0x330 [ 12.889336] Read of size 18446744073709551614 at addr ffff888101bdcc04 by task kunit_try_catch/188 [ 12.889716] [ 12.889816] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.889855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.889866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.889885] Call Trace: [ 12.889897] <TASK> [ 12.889911] dump_stack_lvl+0x73/0xb0 [ 12.889936] print_report+0xd1/0x650 [ 12.889958] ? __virt_addr_valid+0x1db/0x2d0 [ 12.889980] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.890003] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.890049] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.890090] kasan_report+0x140/0x180 [ 12.890111] ? kmalloc_memmove_negative_size+0x172/0x330 [ 12.890139] kasan_check_range+0x10c/0x1c0 [ 12.890161] __asan_memmove+0x27/0x70 [ 12.890183] kmalloc_memmove_negative_size+0x172/0x330 [ 12.890206] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.890232] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 12.890259] kunit_try_run_case+0x1a6/0x480 [ 12.890282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.890303] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.890326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.890349] ? __kthread_parkme+0x82/0x160 [ 12.890371] ? preempt_count_sub+0x50/0x80 [ 12.890395] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.890417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.890442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.890467] kthread+0x324/0x6e0 [ 12.890487] ? trace_preempt_on+0x20/0xc0 [ 12.890510] ? __pfx_kthread+0x10/0x10 [ 12.890531] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.890552] ? calculate_sigpending+0x7b/0xa0 [ 12.890573] ? __pfx_kthread+0x10/0x10 [ 12.890595] ret_from_fork+0x41/0x80 [ 12.890613] ? __pfx_kthread+0x10/0x10 [ 12.890635] ret_from_fork_asm+0x1a/0x30 [ 12.890665] </TASK> [ 12.890675] [ 12.899046] Allocated by task 188: [ 12.899237] kasan_save_stack+0x45/0x70 [ 12.899427] kasan_save_track+0x18/0x40 [ 12.899585] kasan_save_alloc_info+0x3b/0x50 [ 12.899834] __kasan_kmalloc+0xb7/0xc0 [ 12.900052] __kmalloc_cache_noprof+0x18a/0x420 [ 12.900242] kmalloc_memmove_negative_size+0xad/0x330 [ 12.900474] kunit_try_run_case+0x1a6/0x480 [ 12.900665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.900841] kthread+0x324/0x6e0 [ 12.901008] ret_from_fork+0x41/0x80 [ 12.901304] ret_from_fork_asm+0x1a/0x30 [ 12.901490] [ 12.901561] The buggy address belongs to the object at ffff888101bdcc00 [ 12.901561] which belongs to the cache kmalloc-64 of size 64 [ 12.901993] The buggy address is located 4 bytes inside of [ 12.901993] 64-byte region [ffff888101bdcc00, ffff888101bdcc40) [ 12.902529] [ 12.902651] The buggy address belongs to the physical page: [ 12.902880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bdc [ 12.903185] flags: 0x200000000000000(node=0|zone=2) [ 12.903379] page_type: f5(slab) [ 12.903547] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.903883] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.904206] page dumped because: kasan: bad access detected [ 12.904406] [ 12.904497] Memory state around the buggy address: [ 12.904809] ffff888101bdcb00: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 12.905094] ffff888101bdcb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.905365] >ffff888101bdcc00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 12.905686] ^ [ 12.905805] ffff888101bdcc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.906094] ffff888101bdcd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.906302] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 12.862263] ================================================================== [ 12.862790] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x167/0x330 [ 12.863302] Write of size 16 at addr ffff888101bd1b69 by task kunit_try_catch/186 [ 12.863788] [ 12.863990] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.864045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.864057] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.864076] Call Trace: [ 12.864088] <TASK> [ 12.864103] dump_stack_lvl+0x73/0xb0 [ 12.864128] print_report+0xd1/0x650 [ 12.864149] ? __virt_addr_valid+0x1db/0x2d0 [ 12.864254] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.864334] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.864360] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.864381] kasan_report+0x140/0x180 [ 12.864402] ? kmalloc_oob_memset_16+0x167/0x330 [ 12.864427] kasan_check_range+0x10c/0x1c0 [ 12.864449] __asan_memset+0x27/0x50 [ 12.864471] kmalloc_oob_memset_16+0x167/0x330 [ 12.864492] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 12.864513] ? __schedule+0xce8/0x2840 [ 12.864535] ? __pfx_read_tsc+0x10/0x10 [ 12.864557] ? ktime_get_ts64+0x86/0x230 [ 12.864581] kunit_try_run_case+0x1a6/0x480 [ 12.864603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.864624] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.864646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.864669] ? __kthread_parkme+0x82/0x160 [ 12.864690] ? preempt_count_sub+0x50/0x80 [ 12.864714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.864736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.864761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.864786] kthread+0x324/0x6e0 [ 12.864807] ? trace_preempt_on+0x20/0xc0 [ 12.864829] ? __pfx_kthread+0x10/0x10 [ 12.864850] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.864872] ? calculate_sigpending+0x7b/0xa0 [ 12.864893] ? __pfx_kthread+0x10/0x10 [ 12.864915] ret_from_fork+0x41/0x80 [ 12.864933] ? __pfx_kthread+0x10/0x10 [ 12.864954] ret_from_fork_asm+0x1a/0x30 [ 12.864985] </TASK> [ 12.864995] [ 12.871737] Allocated by task 186: [ 12.871864] kasan_save_stack+0x45/0x70 [ 12.872003] kasan_save_track+0x18/0x40 [ 12.872144] kasan_save_alloc_info+0x3b/0x50 [ 12.872283] __kasan_kmalloc+0xb7/0xc0 [ 12.872458] __kmalloc_cache_noprof+0x18a/0x420 [ 12.872883] kmalloc_oob_memset_16+0xad/0x330 [ 12.873113] kunit_try_run_case+0x1a6/0x480 [ 12.873324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.873600] kthread+0x324/0x6e0 [ 12.874000] ret_from_fork+0x41/0x80 [ 12.874205] ret_from_fork_asm+0x1a/0x30 [ 12.874425] [ 12.874522] The buggy address belongs to the object at ffff888101bd1b00 [ 12.874522] which belongs to the cache kmalloc-128 of size 128 [ 12.875110] The buggy address is located 105 bytes inside of [ 12.875110] allocated 120-byte region [ffff888101bd1b00, ffff888101bd1b78) [ 12.875652] [ 12.875750] The buggy address belongs to the physical page: [ 12.875995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.876331] flags: 0x200000000000000(node=0|zone=2) [ 12.876513] page_type: f5(slab) [ 12.876669] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.877055] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.877270] page dumped because: kasan: bad access detected [ 12.877664] [ 12.877776] Memory state around the buggy address: [ 12.877992] ffff888101bd1a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.878315] ffff888101bd1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.878706] >ffff888101bd1b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.879278] ^ [ 12.879551] ffff888101bd1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.879781] ffff888101bd1c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.881636] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 12.833104] ================================================================== [ 12.833569] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x167/0x330 [ 12.834428] Write of size 8 at addr ffff888101bd1a71 by task kunit_try_catch/184 [ 12.835162] [ 12.835471] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.835515] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.835526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.835689] Call Trace: [ 12.835706] <TASK> [ 12.835723] dump_stack_lvl+0x73/0xb0 [ 12.835751] print_report+0xd1/0x650 [ 12.835772] ? __virt_addr_valid+0x1db/0x2d0 [ 12.835795] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.835815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.835839] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.835859] kasan_report+0x140/0x180 [ 12.835880] ? kmalloc_oob_memset_8+0x167/0x330 [ 12.835904] kasan_check_range+0x10c/0x1c0 [ 12.835926] __asan_memset+0x27/0x50 [ 12.835947] kmalloc_oob_memset_8+0x167/0x330 [ 12.835968] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 12.835988] ? __schedule+0xce8/0x2840 [ 12.836010] ? __pfx_read_tsc+0x10/0x10 [ 12.836045] ? ktime_get_ts64+0x86/0x230 [ 12.836071] kunit_try_run_case+0x1a6/0x480 [ 12.836094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836114] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.836136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.836159] ? __kthread_parkme+0x82/0x160 [ 12.836180] ? preempt_count_sub+0x50/0x80 [ 12.836204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.836226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.836251] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.836276] kthread+0x324/0x6e0 [ 12.836296] ? trace_preempt_on+0x20/0xc0 [ 12.836318] ? __pfx_kthread+0x10/0x10 [ 12.836339] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.836360] ? calculate_sigpending+0x7b/0xa0 [ 12.836381] ? __pfx_kthread+0x10/0x10 [ 12.836402] ret_from_fork+0x41/0x80 [ 12.836420] ? __pfx_kthread+0x10/0x10 [ 12.836441] ret_from_fork_asm+0x1a/0x30 [ 12.836470] </TASK> [ 12.836481] [ 12.848046] Allocated by task 184: [ 12.848173] kasan_save_stack+0x45/0x70 [ 12.848315] kasan_save_track+0x18/0x40 [ 12.848444] kasan_save_alloc_info+0x3b/0x50 [ 12.848663] __kasan_kmalloc+0xb7/0xc0 [ 12.848998] __kmalloc_cache_noprof+0x18a/0x420 [ 12.849407] kmalloc_oob_memset_8+0xad/0x330 [ 12.849805] kunit_try_run_case+0x1a6/0x480 [ 12.850237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.850746] kthread+0x324/0x6e0 [ 12.851144] ret_from_fork+0x41/0x80 [ 12.851572] ret_from_fork_asm+0x1a/0x30 [ 12.852002] [ 12.852181] The buggy address belongs to the object at ffff888101bd1a00 [ 12.852181] which belongs to the cache kmalloc-128 of size 128 [ 12.852863] The buggy address is located 113 bytes inside of [ 12.852863] allocated 120-byte region [ffff888101bd1a00, ffff888101bd1a78) [ 12.853223] [ 12.853295] The buggy address belongs to the physical page: [ 12.853460] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101bd1 [ 12.854035] flags: 0x200000000000000(node=0|zone=2) [ 12.854462] page_type: f5(slab) [ 12.854793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.855519] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.856286] page dumped because: kasan: bad access detected [ 12.856849] [ 12.857028] Memory state around the buggy address: [ 12.857463] ffff888101bd1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.858223] ffff888101bd1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.858696] >ffff888101bd1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.858905] ^ [ 12.859122] ffff888101bd1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.859329] ffff888101bd1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.859535] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 12.800402] ================================================================== [ 12.800988] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x167/0x330 [ 12.801346] Write of size 4 at addr ffff888102a2c175 by task kunit_try_catch/182 [ 12.802122] [ 12.802387] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.802437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.802449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.802470] Call Trace: [ 12.802483] <TASK> [ 12.802500] dump_stack_lvl+0x73/0xb0 [ 12.802533] print_report+0xd1/0x650 [ 12.802557] ? __virt_addr_valid+0x1db/0x2d0 [ 12.802583] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.802606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.802634] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.802658] kasan_report+0x140/0x180 [ 12.802683] ? kmalloc_oob_memset_4+0x167/0x330 [ 12.802710] kasan_check_range+0x10c/0x1c0 [ 12.802735] __asan_memset+0x27/0x50 [ 12.802761] kmalloc_oob_memset_4+0x167/0x330 [ 12.802784] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 12.802809] ? __schedule+0xce8/0x2840 [ 12.802836] ? __pfx_read_tsc+0x10/0x10 [ 12.802860] ? ktime_get_ts64+0x86/0x230 [ 12.802889] kunit_try_run_case+0x1a6/0x480 [ 12.802915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.802938] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.802964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.802989] ? __kthread_parkme+0x82/0x160 [ 12.803014] ? preempt_count_sub+0x50/0x80 [ 12.803054] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.803081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.803109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.803137] kthread+0x324/0x6e0 [ 12.803160] ? trace_preempt_on+0x20/0xc0 [ 12.803187] ? __pfx_kthread+0x10/0x10 [ 12.803212] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.803237] ? calculate_sigpending+0x7b/0xa0 [ 12.803261] ? __pfx_kthread+0x10/0x10 [ 12.803286] ret_from_fork+0x41/0x80 [ 12.803306] ? __pfx_kthread+0x10/0x10 [ 12.803330] ret_from_fork_asm+0x1a/0x30 [ 12.803365] </TASK> [ 12.803374] [ 12.814035] Allocated by task 182: [ 12.814390] kasan_save_stack+0x45/0x70 [ 12.814725] kasan_save_track+0x18/0x40 [ 12.815079] kasan_save_alloc_info+0x3b/0x50 [ 12.815393] __kasan_kmalloc+0xb7/0xc0 [ 12.815617] __kmalloc_cache_noprof+0x18a/0x420 [ 12.815911] kmalloc_oob_memset_4+0xad/0x330 [ 12.816103] kunit_try_run_case+0x1a6/0x480 [ 12.816317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.816557] kthread+0x324/0x6e0 [ 12.816747] ret_from_fork+0x41/0x80 [ 12.816902] ret_from_fork_asm+0x1a/0x30 [ 12.817543] [ 12.817669] The buggy address belongs to the object at ffff888102a2c100 [ 12.817669] which belongs to the cache kmalloc-128 of size 128 [ 12.818760] The buggy address is located 117 bytes inside of [ 12.818760] allocated 120-byte region [ffff888102a2c100, ffff888102a2c178) [ 12.819738] [ 12.819854] The buggy address belongs to the physical page: [ 12.820120] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 12.820455] flags: 0x200000000000000(node=0|zone=2) [ 12.821147] page_type: f5(slab) [ 12.821523] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.822216] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.822447] page dumped because: kasan: bad access detected [ 12.822932] [ 12.823243] Memory state around the buggy address: [ 12.823882] ffff888102a2c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.824951] ffff888102a2c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.825479] >ffff888102a2c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.826055] ^ [ 12.826813] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.827370] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.827720] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 12.766947] ================================================================== [ 12.767472] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x167/0x330 [ 12.767719] Write of size 2 at addr ffff888102a2c077 by task kunit_try_catch/180 [ 12.767942] [ 12.768034] CPU: 0 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.768071] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.768082] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.768101] Call Trace: [ 12.768114] <TASK> [ 12.768128] dump_stack_lvl+0x73/0xb0 [ 12.768155] print_report+0xd1/0x650 [ 12.768179] ? __virt_addr_valid+0x1db/0x2d0 [ 12.768205] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.768228] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.768255] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.768279] kasan_report+0x140/0x180 [ 12.768302] ? kmalloc_oob_memset_2+0x167/0x330 [ 12.768330] kasan_check_range+0x10c/0x1c0 [ 12.768355] __asan_memset+0x27/0x50 [ 12.768380] kmalloc_oob_memset_2+0x167/0x330 [ 12.768404] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 12.768428] ? __schedule+0xce8/0x2840 [ 12.768454] ? __pfx_read_tsc+0x10/0x10 [ 12.768477] ? ktime_get_ts64+0x86/0x230 [ 12.768506] kunit_try_run_case+0x1a6/0x480 [ 12.768531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.768554] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.768580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.768606] ? __kthread_parkme+0x82/0x160 [ 12.768630] ? preempt_count_sub+0x50/0x80 [ 12.768657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.768682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.768710] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.768738] kthread+0x324/0x6e0 [ 12.768761] ? trace_preempt_on+0x20/0xc0 [ 12.768786] ? __pfx_kthread+0x10/0x10 [ 12.768810] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.768834] ? calculate_sigpending+0x7b/0xa0 [ 12.768858] ? __pfx_kthread+0x10/0x10 [ 12.768883] ret_from_fork+0x41/0x80 [ 12.768904] ? __pfx_kthread+0x10/0x10 [ 12.768929] ret_from_fork_asm+0x1a/0x30 [ 12.768962] </TASK> [ 12.768972] [ 12.781860] Allocated by task 180: [ 12.782334] kasan_save_stack+0x45/0x70 [ 12.782757] kasan_save_track+0x18/0x40 [ 12.783388] kasan_save_alloc_info+0x3b/0x50 [ 12.783547] __kasan_kmalloc+0xb7/0xc0 [ 12.784088] __kmalloc_cache_noprof+0x18a/0x420 [ 12.784614] kmalloc_oob_memset_2+0xad/0x330 [ 12.785013] kunit_try_run_case+0x1a6/0x480 [ 12.785178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.785355] kthread+0x324/0x6e0 [ 12.785476] ret_from_fork+0x41/0x80 [ 12.786038] ret_from_fork_asm+0x1a/0x30 [ 12.786495] [ 12.786666] The buggy address belongs to the object at ffff888102a2c000 [ 12.786666] which belongs to the cache kmalloc-128 of size 128 [ 12.787976] The buggy address is located 119 bytes inside of [ 12.787976] allocated 120-byte region [ffff888102a2c000, ffff888102a2c078) [ 12.789221] [ 12.789299] The buggy address belongs to the physical page: [ 12.789474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 12.790292] flags: 0x200000000000000(node=0|zone=2) [ 12.790780] page_type: f5(slab) [ 12.791143] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.791872] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.792241] page dumped because: kasan: bad access detected [ 12.792413] [ 12.792483] Memory state around the buggy address: [ 12.793004] ffff888102a2bf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.793699] ffff888102a2bf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.794508] >ffff888102a2c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.795014] ^ [ 12.795250] ffff888102a2c080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.795465] ffff888102a2c100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.795971] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 12.290148] ================================================================== [ 12.290726] BUG: KASAN: use-after-free in page_alloc_uaf+0x358/0x3d0 [ 12.291053] Read of size 1 at addr ffff888102c30000 by task kunit_try_catch/162 [ 12.291346] [ 12.291436] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.291476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.291486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.291506] Call Trace: [ 12.291518] <TASK> [ 12.291533] dump_stack_lvl+0x73/0xb0 [ 12.291559] print_report+0xd1/0x650 [ 12.291580] ? __virt_addr_valid+0x1db/0x2d0 [ 12.291602] ? page_alloc_uaf+0x358/0x3d0 [ 12.291623] ? kasan_addr_to_slab+0x11/0xa0 [ 12.291641] ? page_alloc_uaf+0x358/0x3d0 [ 12.291662] kasan_report+0x140/0x180 [ 12.291685] ? page_alloc_uaf+0x358/0x3d0 [ 12.291709] __asan_report_load1_noabort+0x18/0x20 [ 12.291734] page_alloc_uaf+0x358/0x3d0 [ 12.291754] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.291777] ? __pfx_page_alloc_uaf+0x10/0x10 [ 12.291801] kunit_try_run_case+0x1a6/0x480 [ 12.291824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291845] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.291870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.291892] ? __kthread_parkme+0x82/0x160 [ 12.291914] ? preempt_count_sub+0x50/0x80 [ 12.291938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.291962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.291987] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.292012] kthread+0x324/0x6e0 [ 12.292045] ? trace_preempt_on+0x20/0xc0 [ 12.292069] ? __pfx_kthread+0x10/0x10 [ 12.292090] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.292111] ? calculate_sigpending+0x7b/0xa0 [ 12.292132] ? __pfx_kthread+0x10/0x10 [ 12.292153] ret_from_fork+0x41/0x80 [ 12.292172] ? __pfx_kthread+0x10/0x10 [ 12.292194] ret_from_fork_asm+0x1a/0x30 [ 12.292225] </TASK> [ 12.292235] [ 12.298662] The buggy address belongs to the physical page: [ 12.298917] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c30 [ 12.299539] flags: 0x200000000000000(node=0|zone=2) [ 12.299754] page_type: f0(buddy) [ 12.299877] raw: 0200000000000000 ffff88817fffb4a0 ffff88817fffb4a0 0000000000000000 [ 12.300149] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 12.300482] page dumped because: kasan: bad access detected [ 12.300873] [ 12.300964] Memory state around the buggy address: [ 12.301186] ffff888102c2ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.301408] ffff888102c2ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.301854] >ffff888102c30000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.302137] ^ [ 12.302290] ffff888102c30080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.302625] ffff888102c30100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.302881] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 12.265870] ================================================================== [ 12.266407] BUG: KASAN: invalid-free in kfree+0x276/0x3f0 [ 12.266836] Free of addr ffff888102ac4001 by task kunit_try_catch/158 [ 12.267119] [ 12.267239] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.267276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.267289] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.267308] Call Trace: [ 12.267319] <TASK> [ 12.267332] dump_stack_lvl+0x73/0xb0 [ 12.267370] print_report+0xd1/0x650 [ 12.267394] ? __virt_addr_valid+0x1db/0x2d0 [ 12.267419] ? kasan_addr_to_slab+0x11/0xa0 [ 12.267452] ? kfree+0x276/0x3f0 [ 12.267475] kasan_report_invalid_free+0xfc/0x120 [ 12.267501] ? kfree+0x276/0x3f0 [ 12.267527] ? kfree+0x276/0x3f0 [ 12.267558] __kasan_kfree_large+0x86/0xd0 [ 12.267646] free_large_kmalloc+0x3b/0xd0 [ 12.267674] kfree+0x276/0x3f0 [ 12.267701] kmalloc_large_invalid_free+0x121/0x2b0 [ 12.267725] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 12.267759] ? __schedule+0xce8/0x2840 [ 12.267785] ? __pfx_read_tsc+0x10/0x10 [ 12.267809] ? ktime_get_ts64+0x86/0x230 [ 12.267846] kunit_try_run_case+0x1a6/0x480 [ 12.267872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.267895] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.267929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.267955] ? __kthread_parkme+0x82/0x160 [ 12.267979] ? preempt_count_sub+0x50/0x80 [ 12.268027] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.268052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.268081] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.268109] kthread+0x324/0x6e0 [ 12.268132] ? trace_preempt_on+0x20/0xc0 [ 12.268158] ? __pfx_kthread+0x10/0x10 [ 12.268183] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.268208] ? calculate_sigpending+0x7b/0xa0 [ 12.268232] ? __pfx_kthread+0x10/0x10 [ 12.268257] ret_from_fork+0x41/0x80 [ 12.268278] ? __pfx_kthread+0x10/0x10 [ 12.268302] ret_from_fork_asm+0x1a/0x30 [ 12.268336] </TASK> [ 12.268347] [ 12.276206] The buggy address belongs to the physical page: [ 12.276490] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 12.276891] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.277272] flags: 0x200000000000040(head|node=0|zone=2) [ 12.277528] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.278158] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.278486] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.279115] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.279434] head: 0200000000000002 ffffea00040ab101 ffffffffffffffff 0000000000000000 [ 12.279820] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.280160] page dumped because: kasan: bad access detected [ 12.280397] [ 12.280469] Memory state around the buggy address: [ 12.280626] ffff888102ac3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.281034] ffff888102ac3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.281325] >ffff888102ac4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.281848] ^ [ 12.281987] ffff888102ac4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.282218] ffff888102ac4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.282575] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 12.245549] ================================================================== [ 12.246465] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f3/0x340 [ 12.246743] Read of size 1 at addr ffff888102ac4000 by task kunit_try_catch/156 [ 12.247197] [ 12.247310] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.247477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.247492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.247513] Call Trace: [ 12.247523] <TASK> [ 12.247547] dump_stack_lvl+0x73/0xb0 [ 12.247576] print_report+0xd1/0x650 [ 12.247600] ? __virt_addr_valid+0x1db/0x2d0 [ 12.247681] ? kmalloc_large_uaf+0x2f3/0x340 [ 12.247705] ? kasan_addr_to_slab+0x11/0xa0 [ 12.247727] ? kmalloc_large_uaf+0x2f3/0x340 [ 12.247749] kasan_report+0x140/0x180 [ 12.247774] ? kmalloc_large_uaf+0x2f3/0x340 [ 12.247801] __asan_report_load1_noabort+0x18/0x20 [ 12.247827] kmalloc_large_uaf+0x2f3/0x340 [ 12.247859] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 12.247882] ? __schedule+0xce8/0x2840 [ 12.247908] ? __pfx_read_tsc+0x10/0x10 [ 12.247942] ? ktime_get_ts64+0x86/0x230 [ 12.247970] kunit_try_run_case+0x1a6/0x480 [ 12.247995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.248027] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.248053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.248079] ? __kthread_parkme+0x82/0x160 [ 12.248102] ? preempt_count_sub+0x50/0x80 [ 12.248129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.248153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.248181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.248209] kthread+0x324/0x6e0 [ 12.248232] ? trace_preempt_on+0x20/0xc0 [ 12.248257] ? __pfx_kthread+0x10/0x10 [ 12.248282] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.248306] ? calculate_sigpending+0x7b/0xa0 [ 12.248329] ? __pfx_kthread+0x10/0x10 [ 12.248354] ret_from_fork+0x41/0x80 [ 12.248375] ? __pfx_kthread+0x10/0x10 [ 12.248399] ret_from_fork_asm+0x1a/0x30 [ 12.248432] </TASK> [ 12.248443] [ 12.256045] The buggy address belongs to the physical page: [ 12.256277] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ac4 [ 12.256810] flags: 0x200000000000000(node=0|zone=2) [ 12.257074] raw: 0200000000000000 ffffea00040ab208 ffff88815b03ef40 0000000000000000 [ 12.257394] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 12.257848] page dumped because: kasan: bad access detected [ 12.258292] [ 12.258395] Memory state around the buggy address: [ 12.258553] ffff888102ac3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.258969] ffff888102ac3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.259270] >ffff888102ac4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.259551] ^ [ 12.259795] ffff888102ac4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.260113] ffff888102ac4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.260415] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.226882] ================================================================== [ 12.227365] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2eb/0x340 [ 12.227754] Write of size 1 at addr ffff88810288200a by task kunit_try_catch/154 [ 12.228385] [ 12.228524] CPU: 1 UID: 0 PID: 154 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.228563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.228586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.228605] Call Trace: [ 12.228616] <TASK> [ 12.228630] dump_stack_lvl+0x73/0xb0 [ 12.228710] print_report+0xd1/0x650 [ 12.228751] ? __virt_addr_valid+0x1db/0x2d0 [ 12.228774] ? kmalloc_large_oob_right+0x2eb/0x340 [ 12.228794] ? kasan_addr_to_slab+0x11/0xa0 [ 12.228825] ? kmalloc_large_oob_right+0x2eb/0x340 [ 12.228846] kasan_report+0x140/0x180 [ 12.228867] ? kmalloc_large_oob_right+0x2eb/0x340 [ 12.228903] __asan_report_store1_noabort+0x1b/0x30 [ 12.228926] kmalloc_large_oob_right+0x2eb/0x340 [ 12.228947] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.228969] ? __schedule+0xce8/0x2840 [ 12.228991] ? __pfx_read_tsc+0x10/0x10 [ 12.229011] ? ktime_get_ts64+0x86/0x230 [ 12.229046] kunit_try_run_case+0x1a6/0x480 [ 12.229069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.229089] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.229111] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.229134] ? __kthread_parkme+0x82/0x160 [ 12.229155] ? preempt_count_sub+0x50/0x80 [ 12.229179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.229201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.229226] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.229251] kthread+0x324/0x6e0 [ 12.229271] ? trace_preempt_on+0x20/0xc0 [ 12.229293] ? __pfx_kthread+0x10/0x10 [ 12.229314] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.229335] ? calculate_sigpending+0x7b/0xa0 [ 12.229355] ? __pfx_kthread+0x10/0x10 [ 12.229377] ret_from_fork+0x41/0x80 [ 12.229395] ? __pfx_kthread+0x10/0x10 [ 12.229416] ret_from_fork_asm+0x1a/0x30 [ 12.229446] </TASK> [ 12.229456] [ 12.237366] The buggy address belongs to the physical page: [ 12.237614] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102880 [ 12.238047] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.238370] flags: 0x200000000000040(head|node=0|zone=2) [ 12.238696] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.239063] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.239394] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.239775] head: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.240131] head: 0200000000000002 ffffea00040a2001 ffffffffffffffff 0000000000000000 [ 12.240503] head: 0000000000000004 0000000000000000 00000000ffffffff 0000000000000000 [ 12.240747] page dumped because: kasan: bad access detected [ 12.241202] [ 12.241301] Memory state around the buggy address: [ 12.241553] ffff888102881f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.242036] ffff888102881f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.242446] >ffff888102882000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.242772] ^ [ 12.242897] ffff888102882080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.243128] ffff888102882100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.243442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.197208] ================================================================== [ 12.197836] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x318/0x370 [ 12.198136] Write of size 1 at addr ffff888102bc1f00 by task kunit_try_catch/152 [ 12.198430] [ 12.198540] CPU: 1 UID: 0 PID: 152 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.198580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.198591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.198610] Call Trace: [ 12.198623] <TASK> [ 12.198638] dump_stack_lvl+0x73/0xb0 [ 12.198664] print_report+0xd1/0x650 [ 12.198734] ? __virt_addr_valid+0x1db/0x2d0 [ 12.198758] ? kmalloc_big_oob_right+0x318/0x370 [ 12.198779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.198816] ? kmalloc_big_oob_right+0x318/0x370 [ 12.198837] kasan_report+0x140/0x180 [ 12.198858] ? kmalloc_big_oob_right+0x318/0x370 [ 12.198883] __asan_report_store1_noabort+0x1b/0x30 [ 12.198906] kmalloc_big_oob_right+0x318/0x370 [ 12.198927] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.198948] ? __schedule+0xce8/0x2840 [ 12.198971] ? __pfx_read_tsc+0x10/0x10 [ 12.198993] ? ktime_get_ts64+0x86/0x230 [ 12.199026] kunit_try_run_case+0x1a6/0x480 [ 12.199059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199079] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.199102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.199137] ? __kthread_parkme+0x82/0x160 [ 12.199158] ? preempt_count_sub+0x50/0x80 [ 12.199182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.199214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.199240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.199265] kthread+0x324/0x6e0 [ 12.199285] ? trace_preempt_on+0x20/0xc0 [ 12.199308] ? __pfx_kthread+0x10/0x10 [ 12.199329] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.199350] ? calculate_sigpending+0x7b/0xa0 [ 12.199372] ? __pfx_kthread+0x10/0x10 [ 12.199393] ret_from_fork+0x41/0x80 [ 12.199411] ? __pfx_kthread+0x10/0x10 [ 12.199432] ret_from_fork_asm+0x1a/0x30 [ 12.199462] </TASK> [ 12.199472] [ 12.207132] Allocated by task 152: [ 12.207831] kasan_save_stack+0x45/0x70 [ 12.208795] kasan_save_track+0x18/0x40 [ 12.208993] kasan_save_alloc_info+0x3b/0x50 [ 12.209431] __kasan_kmalloc+0xb7/0xc0 [ 12.209945] __kmalloc_cache_noprof+0x18a/0x420 [ 12.210463] kmalloc_big_oob_right+0xaa/0x370 [ 12.210927] kunit_try_run_case+0x1a6/0x480 [ 12.211369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.211551] kthread+0x324/0x6e0 [ 12.211971] ret_from_fork+0x41/0x80 [ 12.212406] ret_from_fork_asm+0x1a/0x30 [ 12.212915] [ 12.213253] The buggy address belongs to the object at ffff888102bc0000 [ 12.213253] which belongs to the cache kmalloc-8k of size 8192 [ 12.214381] The buggy address is located 0 bytes to the right of [ 12.214381] allocated 7936-byte region [ffff888102bc0000, ffff888102bc1f00) [ 12.215250] [ 12.215421] The buggy address belongs to the physical page: [ 12.216051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bc0 [ 12.216293] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.216508] flags: 0x200000000000040(head|node=0|zone=2) [ 12.216695] page_type: f5(slab) [ 12.216894] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.217534] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.217917] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.218244] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.218559] head: 0200000000000003 ffffea00040af001 ffffffffffffffff 0000000000000000 [ 12.218868] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 12.219184] page dumped because: kasan: bad access detected [ 12.219416] [ 12.219494] Memory state around the buggy address: [ 12.219716] ffff888102bc1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.220005] ffff888102bc1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.221004] >ffff888102bc1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.221485] ^ [ 12.221620] ffff888102bc1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.222058] ffff888102bc2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.222456] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.146559] ================================================================== [ 12.147486] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4ca/0x530 [ 12.148392] Write of size 1 at addr ffff888102a1ee78 by task kunit_try_catch/150 [ 12.149025] [ 12.149267] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.149306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.149317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.149336] Call Trace: [ 12.149347] <TASK> [ 12.149361] dump_stack_lvl+0x73/0xb0 [ 12.149389] print_report+0xd1/0x650 [ 12.149412] ? __virt_addr_valid+0x1db/0x2d0 [ 12.149436] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 12.149462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.149489] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 12.149516] kasan_report+0x140/0x180 [ 12.149539] ? kmalloc_track_caller_oob_right+0x4ca/0x530 [ 12.149570] __asan_report_store1_noabort+0x1b/0x30 [ 12.149596] kmalloc_track_caller_oob_right+0x4ca/0x530 [ 12.149622] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.149649] ? __schedule+0xce8/0x2840 [ 12.149674] ? __pfx_read_tsc+0x10/0x10 [ 12.149698] ? ktime_get_ts64+0x86/0x230 [ 12.149725] kunit_try_run_case+0x1a6/0x480 [ 12.149756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.149779] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.149804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.149829] ? __kthread_parkme+0x82/0x160 [ 12.149854] ? preempt_count_sub+0x50/0x80 [ 12.149881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.149905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.149933] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.149961] kthread+0x324/0x6e0 [ 12.149984] ? trace_preempt_on+0x20/0xc0 [ 12.150009] ? __pfx_kthread+0x10/0x10 [ 12.150044] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.150068] ? calculate_sigpending+0x7b/0xa0 [ 12.150091] ? __pfx_kthread+0x10/0x10 [ 12.150116] ret_from_fork+0x41/0x80 [ 12.150136] ? __pfx_kthread+0x10/0x10 [ 12.150161] ret_from_fork_asm+0x1a/0x30 [ 12.150194] </TASK> [ 12.150203] [ 12.162319] Allocated by task 150: [ 12.162465] kasan_save_stack+0x45/0x70 [ 12.162676] kasan_save_track+0x18/0x40 [ 12.163050] kasan_save_alloc_info+0x3b/0x50 [ 12.163447] __kasan_kmalloc+0xb7/0xc0 [ 12.163886] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 12.164412] kmalloc_track_caller_oob_right+0x9a/0x530 [ 12.164750] kunit_try_run_case+0x1a6/0x480 [ 12.165148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.165329] kthread+0x324/0x6e0 [ 12.165454] ret_from_fork+0x41/0x80 [ 12.165740] ret_from_fork_asm+0x1a/0x30 [ 12.166116] [ 12.166284] The buggy address belongs to the object at ffff888102a1ee00 [ 12.166284] which belongs to the cache kmalloc-128 of size 128 [ 12.167502] The buggy address is located 0 bytes to the right of [ 12.167502] allocated 120-byte region [ffff888102a1ee00, ffff888102a1ee78) [ 12.168302] [ 12.168381] The buggy address belongs to the physical page: [ 12.168552] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1e [ 12.168846] flags: 0x200000000000000(node=0|zone=2) [ 12.169045] page_type: f5(slab) [ 12.169167] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.169507] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.170070] page dumped because: kasan: bad access detected [ 12.170260] [ 12.170332] Memory state around the buggy address: [ 12.170559] ffff888102a1ed00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.170914] ffff888102a1ed80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.171198] >ffff888102a1ee00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.171511] ^ [ 12.171887] ffff888102a1ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.172182] ffff888102a1ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.172462] ================================================================== [ 12.173151] ================================================================== [ 12.173499] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b3/0x530 [ 12.174265] Write of size 1 at addr ffff888102a1ef78 by task kunit_try_catch/150 [ 12.174586] [ 12.174715] CPU: 0 UID: 0 PID: 150 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.174756] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.174767] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.174787] Call Trace: [ 12.174799] <TASK> [ 12.174815] dump_stack_lvl+0x73/0xb0 [ 12.174842] print_report+0xd1/0x650 [ 12.174865] ? __virt_addr_valid+0x1db/0x2d0 [ 12.174890] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 12.174915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.174943] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 12.174969] kasan_report+0x140/0x180 [ 12.174993] ? kmalloc_track_caller_oob_right+0x4b3/0x530 [ 12.175039] __asan_report_store1_noabort+0x1b/0x30 [ 12.175065] kmalloc_track_caller_oob_right+0x4b3/0x530 [ 12.175091] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.175118] ? __schedule+0xce8/0x2840 [ 12.175143] ? __pfx_read_tsc+0x10/0x10 [ 12.175167] ? ktime_get_ts64+0x86/0x230 [ 12.175195] kunit_try_run_case+0x1a6/0x480 [ 12.175219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.175243] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.175268] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.175294] ? __kthread_parkme+0x82/0x160 [ 12.175318] ? preempt_count_sub+0x50/0x80 [ 12.175344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.175369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.175396] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.175425] kthread+0x324/0x6e0 [ 12.175448] ? trace_preempt_on+0x20/0xc0 [ 12.175473] ? __pfx_kthread+0x10/0x10 [ 12.175497] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.175521] ? calculate_sigpending+0x7b/0xa0 [ 12.175545] ? __pfx_kthread+0x10/0x10 [ 12.175635] ret_from_fork+0x41/0x80 [ 12.175663] ? __pfx_kthread+0x10/0x10 [ 12.175689] ret_from_fork_asm+0x1a/0x30 [ 12.175722] </TASK> [ 12.175732] [ 12.182835] Allocated by task 150: [ 12.183005] kasan_save_stack+0x45/0x70 [ 12.183179] kasan_save_track+0x18/0x40 [ 12.183374] kasan_save_alloc_info+0x3b/0x50 [ 12.183566] __kasan_kmalloc+0xb7/0xc0 [ 12.183747] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 12.183989] kmalloc_track_caller_oob_right+0x19b/0x530 [ 12.184401] kunit_try_run_case+0x1a6/0x480 [ 12.184556] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.184753] kthread+0x324/0x6e0 [ 12.184925] ret_from_fork+0x41/0x80 [ 12.185141] ret_from_fork_asm+0x1a/0x30 [ 12.185538] [ 12.185701] The buggy address belongs to the object at ffff888102a1ef00 [ 12.185701] which belongs to the cache kmalloc-128 of size 128 [ 12.186182] The buggy address is located 0 bytes to the right of [ 12.186182] allocated 120-byte region [ffff888102a1ef00, ffff888102a1ef78) [ 12.186866] [ 12.186974] The buggy address belongs to the physical page: [ 12.187210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1e [ 12.187519] flags: 0x200000000000000(node=0|zone=2) [ 12.188126] page_type: f5(slab) [ 12.188296] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.188667] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.188970] page dumped because: kasan: bad access detected [ 12.189207] [ 12.189300] Memory state around the buggy address: [ 12.189502] ffff888102a1ee00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.190938] ffff888102a1ee80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.191268] >ffff888102a1ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.192151] ^ [ 12.192656] ffff888102a1ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.192944] ffff888102a1f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.193230] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.121361] ================================================================== [ 12.121836] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x36b/0x3d0 [ 12.122907] Read of size 1 at addr ffff888102bd1000 by task kunit_try_catch/148 [ 12.123767] [ 12.124127] CPU: 1 UID: 0 PID: 148 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.124174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.124186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.124205] Call Trace: [ 12.124218] <TASK> [ 12.124235] dump_stack_lvl+0x73/0xb0 [ 12.124261] print_report+0xd1/0x650 [ 12.124281] ? __virt_addr_valid+0x1db/0x2d0 [ 12.124303] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 12.124324] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.124348] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 12.124370] kasan_report+0x140/0x180 [ 12.124391] ? kmalloc_node_oob_right+0x36b/0x3d0 [ 12.124417] __asan_report_load1_noabort+0x18/0x20 [ 12.124439] kmalloc_node_oob_right+0x36b/0x3d0 [ 12.124462] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.124486] ? __schedule+0xce8/0x2840 [ 12.124509] ? __pfx_read_tsc+0x10/0x10 [ 12.124530] ? ktime_get_ts64+0x86/0x230 [ 12.124556] kunit_try_run_case+0x1a6/0x480 [ 12.124578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.124599] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.124621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.124643] ? __kthread_parkme+0x82/0x160 [ 12.124704] ? preempt_count_sub+0x50/0x80 [ 12.124730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.124752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.124777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.124803] kthread+0x324/0x6e0 [ 12.124823] ? trace_preempt_on+0x20/0xc0 [ 12.124845] ? __pfx_kthread+0x10/0x10 [ 12.124866] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.124887] ? calculate_sigpending+0x7b/0xa0 [ 12.124908] ? __pfx_kthread+0x10/0x10 [ 12.124930] ret_from_fork+0x41/0x80 [ 12.124947] ? __pfx_kthread+0x10/0x10 [ 12.124968] ret_from_fork_asm+0x1a/0x30 [ 12.124998] </TASK> [ 12.125009] [ 12.133151] Allocated by task 148: [ 12.133374] kasan_save_stack+0x45/0x70 [ 12.133613] kasan_save_track+0x18/0x40 [ 12.133887] kasan_save_alloc_info+0x3b/0x50 [ 12.134116] __kasan_kmalloc+0xb7/0xc0 [ 12.134293] __kmalloc_cache_node_noprof+0x189/0x420 [ 12.134489] kmalloc_node_oob_right+0xac/0x3d0 [ 12.134810] kunit_try_run_case+0x1a6/0x480 [ 12.135057] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.135314] kthread+0x324/0x6e0 [ 12.135538] ret_from_fork+0x41/0x80 [ 12.135784] ret_from_fork_asm+0x1a/0x30 [ 12.136014] [ 12.136100] The buggy address belongs to the object at ffff888102bd0000 [ 12.136100] which belongs to the cache kmalloc-4k of size 4096 [ 12.136704] The buggy address is located 0 bytes to the right of [ 12.136704] allocated 4096-byte region [ffff888102bd0000, ffff888102bd1000) [ 12.137107] [ 12.137220] The buggy address belongs to the physical page: [ 12.137654] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bd0 [ 12.138279] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.138709] flags: 0x200000000000040(head|node=0|zone=2) [ 12.139121] page_type: f5(slab) [ 12.139298] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.139577] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.139926] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.140273] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.140568] head: 0200000000000003 ffffea00040af401 ffffffffffffffff 0000000000000000 [ 12.140840] head: 0000000000000008 0000000000000000 00000000ffffffff 0000000000000000 [ 12.141198] page dumped because: kasan: bad access detected [ 12.141364] [ 12.141456] Memory state around the buggy address: [ 12.141755] ffff888102bd0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.142048] ffff888102bd0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.142433] >ffff888102bd1000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.142688] ^ [ 12.142951] ffff888102bd1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143319] ffff888102bd1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.143810] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.079344] ================================================================== [ 12.080658] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x363/0x3c0 [ 12.081750] Read of size 1 at addr ffff8881025d035f by task kunit_try_catch/146 [ 12.082873] [ 12.083070] CPU: 0 UID: 0 PID: 146 Comm: kunit_try_catch Tainted: G B N 6.14.10-rc1 #1 [ 12.083114] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.083127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.083149] Call Trace: [ 12.083162] <TASK> [ 12.083180] dump_stack_lvl+0x73/0xb0 [ 12.083211] print_report+0xd1/0x650 [ 12.083235] ? __virt_addr_valid+0x1db/0x2d0 [ 12.083261] ? kmalloc_oob_left+0x363/0x3c0 [ 12.083283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.083310] ? kmalloc_oob_left+0x363/0x3c0 [ 12.083333] kasan_report+0x140/0x180 [ 12.083357] ? kmalloc_oob_left+0x363/0x3c0 [ 12.083384] __asan_report_load1_noabort+0x18/0x20 [ 12.083409] kmalloc_oob_left+0x363/0x3c0 [ 12.083549] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.083574] ? __schedule+0xce8/0x2840 [ 12.083601] ? __pfx_read_tsc+0x10/0x10 [ 12.083626] ? ktime_get_ts64+0x86/0x230 [ 12.083656] kunit_try_run_case+0x1a6/0x480 [ 12.083682] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.083705] ? _raw_spin_lock_irqsave+0xa2/0x110 [ 12.083731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.083756] ? __kthread_parkme+0x82/0x160 [ 12.083781] ? preempt_count_sub+0x50/0x80 [ 12.083808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.083832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.083860] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.083888] kthread+0x324/0x6e0 [ 12.083911] ? trace_preempt_on+0x20/0xc0 [ 12.083937] ? __pfx_kthread+0x10/0x10 [ 12.083961] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.083985] ? calculate_sigpending+0x7b/0xa0 [ 12.084009] ? __pfx_kthread+0x10/0x10 [ 12.084043] ret_from_fork+0x41/0x80 [ 12.084064] ? __pfx_kthread+0x10/0x10 [ 12.084089] ret_from_fork_asm+0x1a/0x30 [ 12.084122] </TASK> [ 12.084133] [ 12.098537] Allocated by task 1: [ 12.098857] kasan_save_stack+0x45/0x70 [ 12.099194] kasan_save_track+0x18/0x40 [ 12.099338] kasan_save_alloc_info+0x3b/0x50 [ 12.099490] __kasan_kmalloc+0xb7/0xc0 [ 12.099880] __kmalloc_node_track_caller_noprof+0x1cc/0x510 [ 12.100387] kstrdup+0x3e/0xa0 [ 12.100679] kstrdup_const+0x2c/0x40 [ 12.101320] __kernfs_new_node+0xa8/0x6d0 [ 12.102686] kernfs_new_node+0x128/0x230 [ 12.103085] __kernfs_create_file+0x2d/0x290 [ 12.103531] sysfs_add_bin_file_mode_ns+0x13f/0x4f0 [ 12.103884] sysfs_create_bin_file+0x151/0x200 [ 12.104323] pci_create_attr+0x1e2/0x460 [ 12.104479] pci_create_resource_files+0x74/0x110 [ 12.104739] pci_sysfs_init+0x32/0x90 [ 12.105368] do_one_initcall+0xd9/0x370 [ 12.105740] kernel_init_freeable+0x425/0x6f0 [ 12.106340] kernel_init+0x23/0x1e0 [ 12.106478] ret_from_fork+0x41/0x80 [ 12.106928] ret_from_fork_asm+0x1a/0x30 [ 12.107315] [ 12.107479] The buggy address belongs to the object at ffff8881025d0340 [ 12.107479] which belongs to the cache kmalloc-16 of size 16 [ 12.108835] The buggy address is located 21 bytes to the right of [ 12.108835] allocated 10-byte region [ffff8881025d0340, ffff8881025d034a) [ 12.109503] [ 12.109599] The buggy address belongs to the physical page: [ 12.110340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025d0 [ 12.111230] flags: 0x200000000000000(node=0|zone=2) [ 12.111402] page_type: f5(slab) [ 12.111526] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.112467] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.113216] page dumped because: kasan: bad access detected [ 12.113776] [ 12.113959] Memory state around the buggy address: [ 12.114349] ffff8881025d0200: 00 05 fc fc 00 05 fc fc 00 02 fc fc 00 03 fc fc [ 12.114609] ffff8881025d0280: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.115261] >ffff8881025d0300: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 07 fc fc [ 12.116086] ^ [ 12.116650] ffff8881025d0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.116870] ffff8881025d0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.117092] ==================================================================