Date
June 2, 2025, 2:11 p.m.
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 18.797047] ================================================================== [ 18.797620] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 18.797845] Read of size 1 at addr ffff888103a9fd02 by task kunit_try_catch/270 [ 18.798004] [ 18.798092] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.798167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.798182] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.798209] Call Trace: [ 18.798226] <TASK> [ 18.798252] dump_stack_lvl+0x73/0xb0 [ 18.798284] print_report+0xd1/0x650 [ 18.798311] ? __virt_addr_valid+0x1db/0x2d0 [ 18.798337] ? kasan_stack_oob+0x2b5/0x300 [ 18.798359] ? kasan_addr_to_slab+0x11/0xa0 [ 18.798383] ? kasan_stack_oob+0x2b5/0x300 [ 18.798405] kasan_report+0x141/0x180 [ 18.798430] ? kasan_stack_oob+0x2b5/0x300 [ 18.798458] __asan_report_load1_noabort+0x18/0x20 [ 18.798481] kasan_stack_oob+0x2b5/0x300 [ 18.798504] ? __pfx_kasan_stack_oob+0x10/0x10 [ 18.798526] ? finish_task_switch.isra.0+0x153/0x700 [ 18.798552] ? __switch_to+0x5d9/0xf60 [ 18.798577] ? dequeue_task_fair+0x156/0x4e0 [ 18.798604] ? __schedule+0x10cc/0x2b30 [ 18.798629] ? __pfx_read_tsc+0x10/0x10 [ 18.798650] ? ktime_get_ts64+0x86/0x230 [ 18.798679] kunit_try_run_case+0x1a5/0x480 [ 18.798707] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.798730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.798831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.798878] ? __kthread_parkme+0x82/0x180 [ 18.798915] ? preempt_count_sub+0x50/0x80 [ 18.798954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.798992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.799038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.799077] kthread+0x337/0x6f0 [ 18.799142] ? trace_preempt_on+0x20/0xc0 [ 18.799187] ? __pfx_kthread+0x10/0x10 [ 18.799224] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.799268] ? calculate_sigpending+0x7b/0xa0 [ 18.799317] ? __pfx_kthread+0x10/0x10 [ 18.799360] ret_from_fork+0x41/0x80 [ 18.799408] ? __pfx_kthread+0x10/0x10 [ 18.799451] ret_from_fork_asm+0x1a/0x30 [ 18.799523] </TASK> [ 18.799548] [ 18.809982] The buggy address belongs to stack of task kunit_try_catch/270 [ 18.810778] and is located at offset 138 in frame: [ 18.811219] kasan_stack_oob+0x0/0x300 [ 18.811858] [ 18.812144] This frame has 4 objects: [ 18.812626] [48, 49) '__assertion' [ 18.812687] [64, 72) 'array' [ 18.813014] [96, 112) '__assertion' [ 18.813357] [128, 138) 'stack_array' [ 18.813696] [ 18.814227] The buggy address belongs to the physical page: [ 18.814671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a9f [ 18.815251] flags: 0x200000000000000(node=0|zone=2) [ 18.815536] raw: 0200000000000000 ffffea00040ea7c8 ffffea00040ea7c8 0000000000000000 [ 18.815932] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.816549] page dumped because: kasan: bad access detected [ 18.816971] [ 18.817182] Memory state around the buggy address: [ 18.817551] ffff888103a9fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.817986] ffff888103a9fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 18.818387] >ffff888103a9fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.818761] ^ [ 18.818951] ffff888103a9fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 18.819265] ffff888103a9fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.819546] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 131.210862] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 54.101867] ================================================================== [ 54.102299] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 54.102299] [ 54.102561] Use-after-free read at 0x(____ptrval____) (in kfence-#172): [ 54.102711] test_krealloc+0x6fc/0xbe0 [ 54.102848] kunit_try_run_case+0x1a5/0x480 [ 54.102963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.103088] kthread+0x337/0x6f0 [ 54.103182] ret_from_fork+0x41/0x80 [ 54.103282] ret_from_fork_asm+0x1a/0x30 [ 54.103384] [ 54.103447] kfence-#172: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 54.103447] [ 54.103686] allocated by task 358 on cpu 1 at 54.100842s (0.002842s ago): [ 54.104285] test_alloc+0x364/0x10f0 [ 54.104658] test_krealloc+0xad/0xbe0 [ 54.105036] kunit_try_run_case+0x1a5/0x480 [ 54.105420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.105882] kthread+0x337/0x6f0 [ 54.106255] ret_from_fork+0x41/0x80 [ 54.106623] ret_from_fork_asm+0x1a/0x30 [ 54.107051] [ 54.107254] freed by task 358 on cpu 1 at 54.101348s (0.005901s ago): [ 54.107818] krealloc_noprof+0x108/0x340 [ 54.108213] test_krealloc+0x226/0xbe0 [ 54.108591] kunit_try_run_case+0x1a5/0x480 [ 54.108983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.109513] kthread+0x337/0x6f0 [ 54.109869] ret_from_fork+0x41/0x80 [ 54.110231] ret_from_fork_asm+0x1a/0x30 [ 54.110612] [ 54.110898] CPU: 1 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 54.111847] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.112303] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.112863] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 54.008492] ================================================================== [ 54.009038] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.009038] [ 54.009453] Use-after-free read at 0x(____ptrval____) (in kfence-#171): [ 54.010802] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 54.011526] kunit_try_run_case+0x1a5/0x480 [ 54.012046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.012352] kthread+0x337/0x6f0 [ 54.012713] ret_from_fork+0x41/0x80 [ 54.012986] ret_from_fork_asm+0x1a/0x30 [ 54.013314] [ 54.013533] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 54.013533] [ 54.014312] allocated by task 356 on cpu 1 at 53.998147s (0.016158s ago): [ 54.014719] test_alloc+0x2a6/0x10f0 [ 54.015250] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 54.016075] kunit_try_run_case+0x1a5/0x480 [ 54.016495] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.016777] kthread+0x337/0x6f0 [ 54.016979] ret_from_fork+0x41/0x80 [ 54.017201] ret_from_fork_asm+0x1a/0x30 [ 54.017416] [ 54.017545] freed by task 356 on cpu 1 at 53.998344s (0.019195s ago): [ 54.017911] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 54.018624] kunit_try_run_case+0x1a5/0x480 [ 54.019075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 54.019586] kthread+0x337/0x6f0 [ 54.019941] ret_from_fork+0x41/0x80 [ 54.020324] ret_from_fork_asm+0x1a/0x30 [ 54.020617] [ 54.020920] CPU: 1 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 54.021863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 54.022268] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 54.022802] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 30.414673] ================================================================== [ 30.415421] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 30.415421] [ 30.417210] Invalid read at 0x(____ptrval____): [ 30.417522] test_invalid_access+0xf0/0x210 [ 30.417777] kunit_try_run_case+0x1a5/0x480 [ 30.418028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.419706] kthread+0x337/0x6f0 [ 30.420019] ret_from_fork+0x41/0x80 [ 30.420220] ret_from_fork_asm+0x1a/0x30 [ 30.420536] [ 30.420780] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 30.421836] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.422492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.423135] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 30.181239] ================================================================== [ 30.181689] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.181689] [ 30.182032] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#167): [ 30.183203] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.183572] kunit_try_run_case+0x1a5/0x480 [ 30.183991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.184470] kthread+0x337/0x6f0 [ 30.184665] ret_from_fork+0x41/0x80 [ 30.185061] ret_from_fork_asm+0x1a/0x30 [ 30.185307] [ 30.185464] kfence-#167: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 30.185464] [ 30.186372] allocated by task 346 on cpu 0 at 30.180823s (0.005543s ago): [ 30.186705] test_alloc+0x364/0x10f0 [ 30.186922] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 30.187444] kunit_try_run_case+0x1a5/0x480 [ 30.187875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.188406] kthread+0x337/0x6f0 [ 30.188693] ret_from_fork+0x41/0x80 [ 30.188934] ret_from_fork_asm+0x1a/0x30 [ 30.189318] [ 30.189549] freed by task 346 on cpu 0 at 30.181054s (0.008490s ago): [ 30.190105] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 30.190540] kunit_try_run_case+0x1a5/0x480 [ 30.190773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 30.191284] kthread+0x337/0x6f0 [ 30.191554] ret_from_fork+0x41/0x80 [ 30.191784] ret_from_fork_asm+0x1a/0x30 [ 30.191996] [ 30.192283] CPU: 0 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 30.193191] Tainted: [B]=BAD_PAGE, [N]=TEST [ 30.193571] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 30.194132] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 29.975977] ================================================================== [ 29.976644] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 29.976644] [ 29.978008] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#165): [ 29.979440] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 29.980233] kunit_try_run_case+0x1a5/0x480 [ 29.980869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.981716] kthread+0x337/0x6f0 [ 29.982383] ret_from_fork+0x41/0x80 [ 29.982923] ret_from_fork_asm+0x1a/0x30 [ 29.983135] [ 29.983666] kfence-#165: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 29.983666] [ 29.984693] allocated by task 344 on cpu 1 at 29.975529s (0.009139s ago): [ 29.985247] test_alloc+0x364/0x10f0 [ 29.985606] test_kmalloc_aligned_oob_read+0x105/0x560 [ 29.985927] kunit_try_run_case+0x1a5/0x480 [ 29.986364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.986931] kthread+0x337/0x6f0 [ 29.987240] ret_from_fork+0x41/0x80 [ 29.987398] ret_from_fork_asm+0x1a/0x30 [ 29.987838] [ 29.988072] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 29.988976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.989374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.989773] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 24.773289] ================================================================== [ 24.773864] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 24.773864] [ 24.774404] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#115): [ 24.774893] test_corruption+0x2df/0x3e0 [ 24.775311] kunit_try_run_case+0x1a5/0x480 [ 24.775669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.775979] kthread+0x337/0x6f0 [ 24.776308] ret_from_fork+0x41/0x80 [ 24.776721] ret_from_fork_asm+0x1a/0x30 [ 24.777024] [ 24.777185] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.777185] [ 24.777575] allocated by task 332 on cpu 1 at 24.772885s (0.004685s ago): [ 24.778277] test_alloc+0x364/0x10f0 [ 24.778697] test_corruption+0x1cb/0x3e0 [ 24.779071] kunit_try_run_case+0x1a5/0x480 [ 24.779401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.779692] kthread+0x337/0x6f0 [ 24.780011] ret_from_fork+0x41/0x80 [ 24.780472] ret_from_fork_asm+0x1a/0x30 [ 24.780805] [ 24.780997] freed by task 332 on cpu 1 at 24.773050s (0.007942s ago): [ 24.781435] test_corruption+0x2df/0x3e0 [ 24.781661] kunit_try_run_case+0x1a5/0x480 [ 24.781894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.782393] kthread+0x337/0x6f0 [ 24.782713] ret_from_fork+0x41/0x80 [ 24.783086] ret_from_fork_asm+0x1a/0x30 [ 24.783330] [ 24.783578] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.784301] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.784560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.785039] ================================================================== [ 24.877019] ================================================================== [ 24.877484] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 24.877484] [ 24.877783] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#116): [ 24.879246] test_corruption+0x131/0x3e0 [ 24.879634] kunit_try_run_case+0x1a5/0x480 [ 24.879875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.880367] kthread+0x337/0x6f0 [ 24.880708] ret_from_fork+0x41/0x80 [ 24.881066] ret_from_fork_asm+0x1a/0x30 [ 24.881338] [ 24.881480] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.881480] [ 24.882147] allocated by task 334 on cpu 1 at 24.876819s (0.005321s ago): [ 24.882654] test_alloc+0x2a6/0x10f0 [ 24.882967] test_corruption+0xe6/0x3e0 [ 24.883408] kunit_try_run_case+0x1a5/0x480 [ 24.883872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.884177] kthread+0x337/0x6f0 [ 24.884362] ret_from_fork+0x41/0x80 [ 24.884564] ret_from_fork_asm+0x1a/0x30 [ 24.884942] [ 24.885213] freed by task 334 on cpu 1 at 24.876921s (0.008286s ago): [ 24.885777] test_corruption+0x131/0x3e0 [ 24.886158] kunit_try_run_case+0x1a5/0x480 [ 24.886462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.886730] kthread+0x337/0x6f0 [ 24.886938] ret_from_fork+0x41/0x80 [ 24.887360] ret_from_fork_asm+0x1a/0x30 [ 24.887755] [ 24.888020] CPU: 1 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.888633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.888887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.889601] ================================================================== [ 24.983764] ================================================================== [ 24.984571] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 24.984571] [ 24.986046] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#117): [ 24.987084] test_corruption+0x216/0x3e0 [ 24.987391] kunit_try_run_case+0x1a5/0x480 [ 24.987810] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.988413] kthread+0x337/0x6f0 [ 24.988658] ret_from_fork+0x41/0x80 [ 24.989018] ret_from_fork_asm+0x1a/0x30 [ 24.989285] [ 24.989501] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.989501] [ 24.989969] allocated by task 334 on cpu 0 at 24.983006s (0.006956s ago): [ 24.990370] test_alloc+0x2a6/0x10f0 [ 24.990798] test_corruption+0x1cb/0x3e0 [ 24.991206] kunit_try_run_case+0x1a5/0x480 [ 24.991793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.992216] kthread+0x337/0x6f0 [ 24.992497] ret_from_fork+0x41/0x80 [ 24.992816] ret_from_fork_asm+0x1a/0x30 [ 24.993064] [ 24.993289] freed by task 334 on cpu 0 at 24.983116s (0.010168s ago): [ 24.993675] test_corruption+0x216/0x3e0 [ 24.994095] kunit_try_run_case+0x1a5/0x480 [ 24.994433] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.994785] kthread+0x337/0x6f0 [ 24.995384] ret_from_fork+0x41/0x80 [ 24.995724] ret_from_fork_asm+0x1a/0x30 [ 24.995982] [ 24.996175] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.996724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.997101] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.997591] ================================================================== [ 24.669400] ================================================================== [ 24.669830] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 24.669830] [ 24.670060] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#114): [ 24.671391] test_corruption+0x2d2/0x3e0 [ 24.671819] kunit_try_run_case+0x1a5/0x480 [ 24.672215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.672640] kthread+0x337/0x6f0 [ 24.672853] ret_from_fork+0x41/0x80 [ 24.672989] ret_from_fork_asm+0x1a/0x30 [ 24.673398] [ 24.673650] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.673650] [ 24.674036] allocated by task 332 on cpu 1 at 24.668998s (0.005035s ago): [ 24.674591] test_alloc+0x364/0x10f0 [ 24.674940] test_corruption+0xe6/0x3e0 [ 24.675174] kunit_try_run_case+0x1a5/0x480 [ 24.675548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.675947] kthread+0x337/0x6f0 [ 24.676081] ret_from_fork+0x41/0x80 [ 24.676477] ret_from_fork_asm+0x1a/0x30 [ 24.676731] [ 24.676934] freed by task 332 on cpu 1 at 24.669124s (0.007805s ago): [ 24.677337] test_corruption+0x2d2/0x3e0 [ 24.677545] kunit_try_run_case+0x1a5/0x480 [ 24.677992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.678174] kthread+0x337/0x6f0 [ 24.678290] ret_from_fork+0x41/0x80 [ 24.678632] ret_from_fork_asm+0x1a/0x30 [ 24.678925] [ 24.679138] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.679694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.679938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.680154] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 24.462054] ================================================================== [ 24.462544] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 24.462544] [ 24.462879] Invalid free of 0x(____ptrval____) (in kfence-#112): [ 24.463116] test_invalid_addr_free+0xfb/0x260 [ 24.463473] kunit_try_run_case+0x1a5/0x480 [ 24.463838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.464275] kthread+0x337/0x6f0 [ 24.464617] ret_from_fork+0x41/0x80 [ 24.465400] ret_from_fork_asm+0x1a/0x30 [ 24.465864] [ 24.466072] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.466072] [ 24.466687] allocated by task 330 on cpu 0 at 24.461850s (0.004834s ago): [ 24.467493] test_alloc+0x2a6/0x10f0 [ 24.467725] test_invalid_addr_free+0xdb/0x260 [ 24.468001] kunit_try_run_case+0x1a5/0x480 [ 24.468454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.468723] kthread+0x337/0x6f0 [ 24.469302] ret_from_fork+0x41/0x80 [ 24.469765] ret_from_fork_asm+0x1a/0x30 [ 24.470243] [ 24.470423] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.471485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.471756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.472434] ================================================================== [ 24.357329] ================================================================== [ 24.357732] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 24.357732] [ 24.358054] Invalid free of 0x(____ptrval____) (in kfence-#111): [ 24.358640] test_invalid_addr_free+0x1e1/0x260 [ 24.359194] kunit_try_run_case+0x1a5/0x480 [ 24.359610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.360207] kthread+0x337/0x6f0 [ 24.360719] ret_from_fork+0x41/0x80 [ 24.361028] ret_from_fork_asm+0x1a/0x30 [ 24.361354] [ 24.361520] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.361520] [ 24.362144] allocated by task 328 on cpu 1 at 24.357072s (0.005065s ago): [ 24.362660] test_alloc+0x364/0x10f0 [ 24.363020] test_invalid_addr_free+0xdb/0x260 [ 24.363286] kunit_try_run_case+0x1a5/0x480 [ 24.363510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.363948] kthread+0x337/0x6f0 [ 24.364357] ret_from_fork+0x41/0x80 [ 24.364792] ret_from_fork_asm+0x1a/0x30 [ 24.365191] [ 24.365518] CPU: 1 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.366293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.366504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.367006] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 24.149333] ================================================================== [ 24.149822] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 24.149822] [ 24.150138] Invalid free of 0x(____ptrval____) (in kfence-#109): [ 24.150630] test_double_free+0x1d3/0x260 [ 24.151000] kunit_try_run_case+0x1a5/0x480 [ 24.151636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.151919] kthread+0x337/0x6f0 [ 24.152033] ret_from_fork+0x41/0x80 [ 24.152506] ret_from_fork_asm+0x1a/0x30 [ 24.152874] [ 24.153074] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.153074] [ 24.153843] allocated by task 324 on cpu 0 at 24.148820s (0.005018s ago): [ 24.154395] test_alloc+0x364/0x10f0 [ 24.154632] test_double_free+0xdb/0x260 [ 24.154910] kunit_try_run_case+0x1a5/0x480 [ 24.155153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.155397] kthread+0x337/0x6f0 [ 24.155585] ret_from_fork+0x41/0x80 [ 24.155829] ret_from_fork_asm+0x1a/0x30 [ 24.156031] [ 24.156229] freed by task 324 on cpu 0 at 24.148943s (0.007282s ago): [ 24.156771] test_double_free+0x1e0/0x260 [ 24.157166] kunit_try_run_case+0x1a5/0x480 [ 24.157531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.157992] kthread+0x337/0x6f0 [ 24.158331] ret_from_fork+0x41/0x80 [ 24.158676] ret_from_fork_asm+0x1a/0x30 [ 24.158966] [ 24.159224] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.159701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.160067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.160770] ================================================================== [ 24.253225] ================================================================== [ 24.253639] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 24.253639] [ 24.253880] Invalid free of 0x(____ptrval____) (in kfence-#110): [ 24.254026] test_double_free+0x112/0x260 [ 24.254222] kunit_try_run_case+0x1a5/0x480 [ 24.254418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.254812] kthread+0x337/0x6f0 [ 24.255096] ret_from_fork+0x41/0x80 [ 24.255304] ret_from_fork_asm+0x1a/0x30 [ 24.255516] [ 24.255673] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.255673] [ 24.256411] allocated by task 326 on cpu 1 at 24.252928s (0.003477s ago): [ 24.256964] test_alloc+0x2a6/0x10f0 [ 24.257212] test_double_free+0xdb/0x260 [ 24.257419] kunit_try_run_case+0x1a5/0x480 [ 24.257790] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.258257] kthread+0x337/0x6f0 [ 24.258553] ret_from_fork+0x41/0x80 [ 24.258905] ret_from_fork_asm+0x1a/0x30 [ 24.259193] [ 24.259353] freed by task 326 on cpu 1 at 24.253016s (0.006332s ago): [ 24.259888] test_double_free+0xfa/0x260 [ 24.260152] kunit_try_run_case+0x1a5/0x480 [ 24.260382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.260630] kthread+0x337/0x6f0 [ 24.260874] ret_from_fork+0x41/0x80 [ 24.261241] ret_from_fork_asm+0x1a/0x30 [ 24.261604] [ 24.261872] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 24.262734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.263130] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.263610] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 23.733440] ================================================================== [ 23.733935] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 23.733935] [ 23.734374] Use-after-free read at 0x(____ptrval____) (in kfence-#105): [ 23.734829] test_use_after_free_read+0x129/0x270 [ 23.735255] kunit_try_run_case+0x1a5/0x480 [ 23.735511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.736627] kthread+0x337/0x6f0 [ 23.737053] ret_from_fork+0x41/0x80 [ 23.737478] ret_from_fork_asm+0x1a/0x30 [ 23.737965] [ 23.738236] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.738236] [ 23.738872] allocated by task 316 on cpu 1 at 23.732933s (0.005933s ago): [ 23.739456] test_alloc+0x364/0x10f0 [ 23.739725] test_use_after_free_read+0xdc/0x270 [ 23.740227] kunit_try_run_case+0x1a5/0x480 [ 23.740599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.741167] kthread+0x337/0x6f0 [ 23.741547] ret_from_fork+0x41/0x80 [ 23.741876] ret_from_fork_asm+0x1a/0x30 [ 23.742282] [ 23.742796] freed by task 316 on cpu 1 at 23.733059s (0.009538s ago): [ 23.743500] test_use_after_free_read+0x1e7/0x270 [ 23.743797] kunit_try_run_case+0x1a5/0x480 [ 23.744218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.744506] kthread+0x337/0x6f0 [ 23.744873] ret_from_fork+0x41/0x80 [ 23.745290] ret_from_fork_asm+0x1a/0x30 [ 23.745649] [ 23.745932] CPU: 1 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.746662] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.746914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.747504] ================================================================== [ 23.837278] ================================================================== [ 23.837873] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 23.837873] [ 23.838507] Use-after-free read at 0x(____ptrval____) (in kfence-#106): [ 23.838824] test_use_after_free_read+0x129/0x270 [ 23.839243] kunit_try_run_case+0x1a5/0x480 [ 23.839655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.840091] kthread+0x337/0x6f0 [ 23.840294] ret_from_fork+0x41/0x80 [ 23.840663] ret_from_fork_asm+0x1a/0x30 [ 23.841029] [ 23.841268] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.841268] [ 23.841659] allocated by task 318 on cpu 0 at 23.836958s (0.004696s ago): [ 23.842025] test_alloc+0x2a6/0x10f0 [ 23.842373] test_use_after_free_read+0xdc/0x270 [ 23.842991] kunit_try_run_case+0x1a5/0x480 [ 23.843281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.843832] kthread+0x337/0x6f0 [ 23.844055] ret_from_fork+0x41/0x80 [ 23.844571] ret_from_fork_asm+0x1a/0x30 [ 23.844830] [ 23.845024] freed by task 318 on cpu 0 at 23.837062s (0.007957s ago): [ 23.845634] test_use_after_free_read+0xfb/0x270 [ 23.845964] kunit_try_run_case+0x1a5/0x480 [ 23.846265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.846650] kthread+0x337/0x6f0 [ 23.846938] ret_from_fork+0x41/0x80 [ 23.847152] ret_from_fork_asm+0x1a/0x30 [ 23.847371] [ 23.847565] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.848770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.849310] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.849952] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 23.629114] ================================================================== [ 23.629716] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 23.629716] [ 23.630229] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#104): [ 23.630736] test_out_of_bounds_write+0x10d/0x260 [ 23.630993] kunit_try_run_case+0x1a5/0x480 [ 23.631452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.631989] kthread+0x337/0x6f0 [ 23.632434] ret_from_fork+0x41/0x80 [ 23.632832] ret_from_fork_asm+0x1a/0x30 [ 23.633059] [ 23.633267] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.633267] [ 23.634009] allocated by task 314 on cpu 0 at 23.629010s (0.004994s ago): [ 23.634606] test_alloc+0x2a6/0x10f0 [ 23.634984] test_out_of_bounds_write+0xd4/0x260 [ 23.635403] kunit_try_run_case+0x1a5/0x480 [ 23.635724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.636259] kthread+0x337/0x6f0 [ 23.636466] ret_from_fork+0x41/0x80 [ 23.636866] ret_from_fork_asm+0x1a/0x30 [ 23.637253] [ 23.637573] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.638187] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.638425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.639197] ================================================================== [ 23.525106] ================================================================== [ 23.525709] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 23.525709] [ 23.526436] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#103): [ 23.526871] test_out_of_bounds_write+0x10d/0x260 [ 23.527471] kunit_try_run_case+0x1a5/0x480 [ 23.527800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.528238] kthread+0x337/0x6f0 [ 23.528589] ret_from_fork+0x41/0x80 [ 23.528915] ret_from_fork_asm+0x1a/0x30 [ 23.529199] [ 23.529385] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 23.529385] [ 23.530005] allocated by task 312 on cpu 0 at 23.524889s (0.005110s ago): [ 23.530397] test_alloc+0x364/0x10f0 [ 23.530616] test_out_of_bounds_write+0xd4/0x260 [ 23.530886] kunit_try_run_case+0x1a5/0x480 [ 23.531408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.531993] kthread+0x337/0x6f0 [ 23.532399] ret_from_fork+0x41/0x80 [ 23.532783] ret_from_fork_asm+0x1a/0x30 [ 23.533206] [ 23.533524] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.534210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.534429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.535316] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 22.590295] ================================================================== [ 22.590885] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 22.590885] [ 22.591549] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#94): [ 22.592323] test_out_of_bounds_read+0x126/0x4e0 [ 22.592906] kunit_try_run_case+0x1a5/0x480 [ 22.593687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.594228] kthread+0x337/0x6f0 [ 22.594429] ret_from_fork+0x41/0x80 [ 22.594801] ret_from_fork_asm+0x1a/0x30 [ 22.595145] [ 22.595584] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.595584] [ 22.596345] allocated by task 308 on cpu 1 at 22.588841s (0.007379s ago): [ 22.597425] test_alloc+0x364/0x10f0 [ 22.597927] test_out_of_bounds_read+0xed/0x4e0 [ 22.598403] kunit_try_run_case+0x1a5/0x480 [ 22.598710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.599031] kthread+0x337/0x6f0 [ 22.599306] ret_from_fork+0x41/0x80 [ 22.599667] ret_from_fork_asm+0x1a/0x30 [ 22.600041] [ 22.600410] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.601156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.601478] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.602153] ================================================================== [ 22.901263] ================================================================== [ 22.901811] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 22.901811] [ 22.902280] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#97): [ 22.902564] test_out_of_bounds_read+0x216/0x4e0 [ 22.902797] kunit_try_run_case+0x1a5/0x480 [ 22.904122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.905180] kthread+0x337/0x6f0 [ 22.905596] ret_from_fork+0x41/0x80 [ 22.905960] ret_from_fork_asm+0x1a/0x30 [ 22.906805] [ 22.907043] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 22.907043] [ 22.907871] allocated by task 308 on cpu 1 at 22.900926s (0.006937s ago): [ 22.908299] test_alloc+0x364/0x10f0 [ 22.908715] test_out_of_bounds_read+0x1e2/0x4e0 [ 22.909350] kunit_try_run_case+0x1a5/0x480 [ 22.909614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.909871] kthread+0x337/0x6f0 [ 22.910295] ret_from_fork+0x41/0x80 [ 22.910646] ret_from_fork_asm+0x1a/0x30 [ 22.910951] [ 22.911174] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.911815] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.912056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.912822] ================================================================== [ 23.421365] ================================================================== [ 23.422726] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 23.422726] [ 23.423997] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#102): [ 23.424627] test_out_of_bounds_read+0x216/0x4e0 [ 23.425010] kunit_try_run_case+0x1a5/0x480 [ 23.425310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.426038] kthread+0x337/0x6f0 [ 23.426421] ret_from_fork+0x41/0x80 [ 23.426733] ret_from_fork_asm+0x1a/0x30 [ 23.426973] [ 23.427446] kfence-#102: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.427446] [ 23.428130] allocated by task 310 on cpu 1 at 23.421255s (0.006868s ago): [ 23.428708] test_alloc+0x2a6/0x10f0 [ 23.429053] test_out_of_bounds_read+0x1e2/0x4e0 [ 23.429383] kunit_try_run_case+0x1a5/0x480 [ 23.429724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.430131] kthread+0x337/0x6f0 [ 23.430517] ret_from_fork+0x41/0x80 [ 23.430786] ret_from_fork_asm+0x1a/0x30 [ 23.431288] [ 23.431550] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.432197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.432996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.433560] ================================================================== [ 23.212929] ================================================================== [ 23.213493] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 23.213493] [ 23.213932] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#100): [ 23.214482] test_out_of_bounds_read+0x126/0x4e0 [ 23.214802] kunit_try_run_case+0x1a5/0x480 [ 23.215215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.215587] kthread+0x337/0x6f0 [ 23.216417] ret_from_fork+0x41/0x80 [ 23.216856] ret_from_fork_asm+0x1a/0x30 [ 23.217270] [ 23.217463] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 23.217463] [ 23.218373] allocated by task 310 on cpu 1 at 23.212828s (0.005506s ago): [ 23.219180] test_alloc+0x2a6/0x10f0 [ 23.219600] test_out_of_bounds_read+0xed/0x4e0 [ 23.220155] kunit_try_run_case+0x1a5/0x480 [ 23.220672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.221197] kthread+0x337/0x6f0 [ 23.221547] ret_from_fork+0x41/0x80 [ 23.221938] ret_from_fork_asm+0x1a/0x30 [ 23.222446] [ 23.222910] CPU: 1 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 23.223656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.223967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.224673] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 22.208479] ================================================================== [ 22.208905] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 22.209404] Write of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.209993] [ 22.210245] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.210368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.210402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.210452] Call Trace: [ 22.210499] <TASK> [ 22.210544] dump_stack_lvl+0x73/0xb0 [ 22.210649] print_report+0xd1/0x650 [ 22.210704] ? __virt_addr_valid+0x1db/0x2d0 [ 22.210768] ? strncpy_from_user+0x2e/0x1d0 [ 22.210835] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.210885] ? strncpy_from_user+0x2e/0x1d0 [ 22.210934] kasan_report+0x141/0x180 [ 22.210991] ? strncpy_from_user+0x2e/0x1d0 [ 22.211052] kasan_check_range+0x10c/0x1c0 [ 22.211132] __kasan_check_write+0x18/0x20 [ 22.211172] strncpy_from_user+0x2e/0x1d0 [ 22.211202] copy_user_test_oob+0x760/0x10f0 [ 22.211231] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.211253] ? finish_task_switch.isra.0+0x153/0x700 [ 22.211283] ? __switch_to+0x5d9/0xf60 [ 22.211307] ? dequeue_task_fair+0x166/0x4e0 [ 22.211335] ? __schedule+0x10cc/0x2b30 [ 22.211361] ? __pfx_read_tsc+0x10/0x10 [ 22.211385] ? ktime_get_ts64+0x86/0x230 [ 22.211416] kunit_try_run_case+0x1a5/0x480 [ 22.211446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.211471] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.211498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.211524] ? __kthread_parkme+0x82/0x180 [ 22.211550] ? preempt_count_sub+0x50/0x80 [ 22.211578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.211605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.211644] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.211672] kthread+0x337/0x6f0 [ 22.211693] ? trace_preempt_on+0x20/0xc0 [ 22.211721] ? __pfx_kthread+0x10/0x10 [ 22.211743] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.211794] ? calculate_sigpending+0x7b/0xa0 [ 22.211820] ? __pfx_kthread+0x10/0x10 [ 22.211842] ret_from_fork+0x41/0x80 [ 22.211867] ? __pfx_kthread+0x10/0x10 [ 22.211888] ret_from_fork_asm+0x1a/0x30 [ 22.211925] </TASK> [ 22.211942] [ 22.226289] Allocated by task 306: [ 22.226619] kasan_save_stack+0x45/0x70 [ 22.227102] kasan_save_track+0x18/0x40 [ 22.227477] kasan_save_alloc_info+0x3b/0x50 [ 22.227791] __kasan_kmalloc+0xb7/0xc0 [ 22.228321] __kmalloc_noprof+0x1c9/0x500 [ 22.228727] kunit_kmalloc_array+0x25/0x60 [ 22.229024] copy_user_test_oob+0xab/0x10f0 [ 22.229464] kunit_try_run_case+0x1a5/0x480 [ 22.230395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.230873] kthread+0x337/0x6f0 [ 22.231146] ret_from_fork+0x41/0x80 [ 22.231845] ret_from_fork_asm+0x1a/0x30 [ 22.232094] [ 22.232330] The buggy address belongs to the object at ffff888101e0b000 [ 22.232330] which belongs to the cache kmalloc-128 of size 128 [ 22.233580] The buggy address is located 0 bytes inside of [ 22.233580] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.234701] [ 22.235106] The buggy address belongs to the physical page: [ 22.235589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.236032] flags: 0x200000000000000(node=0|zone=2) [ 22.236418] page_type: f5(slab) [ 22.236670] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.237293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.238107] page dumped because: kasan: bad access detected [ 22.239015] [ 22.239433] Memory state around the buggy address: [ 22.239827] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.240556] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.241135] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.241834] ^ [ 22.242444] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.242721] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.243293] ================================================================== [ 22.244932] ================================================================== [ 22.245326] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 22.245865] Write of size 1 at addr ffff888101e0b078 by task kunit_try_catch/306 [ 22.246566] [ 22.246883] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.247015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.247050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.247135] Call Trace: [ 22.247184] <TASK> [ 22.247232] dump_stack_lvl+0x73/0xb0 [ 22.247310] print_report+0xd1/0x650 [ 22.247409] ? __virt_addr_valid+0x1db/0x2d0 [ 22.247465] ? strncpy_from_user+0x1a5/0x1d0 [ 22.247516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.247567] ? strncpy_from_user+0x1a5/0x1d0 [ 22.247608] kasan_report+0x141/0x180 [ 22.247655] ? strncpy_from_user+0x1a5/0x1d0 [ 22.247688] __asan_report_store1_noabort+0x1b/0x30 [ 22.247713] strncpy_from_user+0x1a5/0x1d0 [ 22.247741] copy_user_test_oob+0x760/0x10f0 [ 22.247794] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.247818] ? finish_task_switch.isra.0+0x153/0x700 [ 22.247847] ? __switch_to+0x5d9/0xf60 [ 22.247871] ? dequeue_task_fair+0x166/0x4e0 [ 22.247900] ? __schedule+0x10cc/0x2b30 [ 22.247927] ? __pfx_read_tsc+0x10/0x10 [ 22.247951] ? ktime_get_ts64+0x86/0x230 [ 22.247982] kunit_try_run_case+0x1a5/0x480 [ 22.248010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.248035] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.248063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.248089] ? __kthread_parkme+0x82/0x180 [ 22.248143] ? preempt_count_sub+0x50/0x80 [ 22.248178] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.248205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.248231] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.248257] kthread+0x337/0x6f0 [ 22.248278] ? trace_preempt_on+0x20/0xc0 [ 22.248306] ? __pfx_kthread+0x10/0x10 [ 22.248327] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.248352] ? calculate_sigpending+0x7b/0xa0 [ 22.248378] ? __pfx_kthread+0x10/0x10 [ 22.248400] ret_from_fork+0x41/0x80 [ 22.248424] ? __pfx_kthread+0x10/0x10 [ 22.248445] ret_from_fork_asm+0x1a/0x30 [ 22.248481] </TASK> [ 22.248499] [ 22.261023] Allocated by task 306: [ 22.261501] kasan_save_stack+0x45/0x70 [ 22.261854] kasan_save_track+0x18/0x40 [ 22.262069] kasan_save_alloc_info+0x3b/0x50 [ 22.262528] __kasan_kmalloc+0xb7/0xc0 [ 22.262965] __kmalloc_noprof+0x1c9/0x500 [ 22.263415] kunit_kmalloc_array+0x25/0x60 [ 22.263849] copy_user_test_oob+0xab/0x10f0 [ 22.264171] kunit_try_run_case+0x1a5/0x480 [ 22.264574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.265002] kthread+0x337/0x6f0 [ 22.265380] ret_from_fork+0x41/0x80 [ 22.265642] ret_from_fork_asm+0x1a/0x30 [ 22.266068] [ 22.266248] The buggy address belongs to the object at ffff888101e0b000 [ 22.266248] which belongs to the cache kmalloc-128 of size 128 [ 22.266849] The buggy address is located 0 bytes to the right of [ 22.266849] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.267884] [ 22.268129] The buggy address belongs to the physical page: [ 22.268471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.269146] flags: 0x200000000000000(node=0|zone=2) [ 22.269452] page_type: f5(slab) [ 22.269665] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.270047] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.270710] page dumped because: kasan: bad access detected [ 22.271245] [ 22.271481] Memory state around the buggy address: [ 22.271923] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.272254] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.272874] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.273350] ^ [ 22.273990] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274365] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.274965] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 22.173930] ================================================================== [ 22.174637] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 22.175270] Read of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.175692] [ 22.175918] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.176062] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.176088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.176151] Call Trace: [ 22.176211] <TASK> [ 22.176253] dump_stack_lvl+0x73/0xb0 [ 22.176325] print_report+0xd1/0x650 [ 22.176402] ? __virt_addr_valid+0x1db/0x2d0 [ 22.176471] ? copy_user_test_oob+0x604/0x10f0 [ 22.176513] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.176564] ? copy_user_test_oob+0x604/0x10f0 [ 22.176610] kasan_report+0x141/0x180 [ 22.176664] ? copy_user_test_oob+0x604/0x10f0 [ 22.176723] kasan_check_range+0x10c/0x1c0 [ 22.176790] __kasan_check_read+0x15/0x20 [ 22.176829] copy_user_test_oob+0x604/0x10f0 [ 22.176890] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.176925] ? finish_task_switch.isra.0+0x153/0x700 [ 22.176968] ? __switch_to+0x5d9/0xf60 [ 22.177000] ? dequeue_task_fair+0x166/0x4e0 [ 22.177039] ? __schedule+0x10cc/0x2b30 [ 22.177077] ? __pfx_read_tsc+0x10/0x10 [ 22.177142] ? ktime_get_ts64+0x86/0x230 [ 22.177211] kunit_try_run_case+0x1a5/0x480 [ 22.177263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.177308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.177362] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.177438] ? __kthread_parkme+0x82/0x180 [ 22.177500] ? preempt_count_sub+0x50/0x80 [ 22.177552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.177595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.177647] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.177696] kthread+0x337/0x6f0 [ 22.177742] ? trace_preempt_on+0x20/0xc0 [ 22.177817] ? __pfx_kthread+0x10/0x10 [ 22.177862] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.177902] ? calculate_sigpending+0x7b/0xa0 [ 22.177939] ? __pfx_kthread+0x10/0x10 [ 22.177971] ret_from_fork+0x41/0x80 [ 22.178005] ? __pfx_kthread+0x10/0x10 [ 22.178038] ret_from_fork_asm+0x1a/0x30 [ 22.178090] </TASK> [ 22.178162] [ 22.189482] Allocated by task 306: [ 22.189856] kasan_save_stack+0x45/0x70 [ 22.190279] kasan_save_track+0x18/0x40 [ 22.190555] kasan_save_alloc_info+0x3b/0x50 [ 22.190820] __kasan_kmalloc+0xb7/0xc0 [ 22.191183] __kmalloc_noprof+0x1c9/0x500 [ 22.191562] kunit_kmalloc_array+0x25/0x60 [ 22.191825] copy_user_test_oob+0xab/0x10f0 [ 22.192645] kunit_try_run_case+0x1a5/0x480 [ 22.194373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.194695] kthread+0x337/0x6f0 [ 22.194906] ret_from_fork+0x41/0x80 [ 22.195115] ret_from_fork_asm+0x1a/0x30 [ 22.195952] [ 22.196285] The buggy address belongs to the object at ffff888101e0b000 [ 22.196285] which belongs to the cache kmalloc-128 of size 128 [ 22.197396] The buggy address is located 0 bytes inside of [ 22.197396] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.198363] [ 22.198530] The buggy address belongs to the physical page: [ 22.198824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.199509] flags: 0x200000000000000(node=0|zone=2) [ 22.199784] page_type: f5(slab) [ 22.200001] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.200688] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.201391] page dumped because: kasan: bad access detected [ 22.201878] [ 22.202155] Memory state around the buggy address: [ 22.202578] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.203052] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.203728] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.204849] ^ [ 22.205481] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.205959] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.206568] ================================================================== [ 22.071779] ================================================================== [ 22.072315] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 22.072940] Write of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.073785] [ 22.074052] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.074211] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.074264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.074314] Call Trace: [ 22.074362] <TASK> [ 22.074409] dump_stack_lvl+0x73/0xb0 [ 22.074498] print_report+0xd1/0x650 [ 22.074557] ? __virt_addr_valid+0x1db/0x2d0 [ 22.074607] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.074648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.074681] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.074705] kasan_report+0x141/0x180 [ 22.074732] ? copy_user_test_oob+0x3fd/0x10f0 [ 22.074786] kasan_check_range+0x10c/0x1c0 [ 22.074813] __kasan_check_write+0x18/0x20 [ 22.074836] copy_user_test_oob+0x3fd/0x10f0 [ 22.074863] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.074887] ? finish_task_switch.isra.0+0x153/0x700 [ 22.074917] ? __switch_to+0x5d9/0xf60 [ 22.074940] ? dequeue_task_fair+0x166/0x4e0 [ 22.074969] ? __schedule+0x10cc/0x2b30 [ 22.074995] ? __pfx_read_tsc+0x10/0x10 [ 22.075019] ? ktime_get_ts64+0x86/0x230 [ 22.075048] kunit_try_run_case+0x1a5/0x480 [ 22.075078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.075119] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.075158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.075184] ? __kthread_parkme+0x82/0x180 [ 22.075209] ? preempt_count_sub+0x50/0x80 [ 22.075238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.075264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.075290] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.075316] kthread+0x337/0x6f0 [ 22.075336] ? trace_preempt_on+0x20/0xc0 [ 22.075365] ? __pfx_kthread+0x10/0x10 [ 22.075386] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.075411] ? calculate_sigpending+0x7b/0xa0 [ 22.075449] ? __pfx_kthread+0x10/0x10 [ 22.075483] ret_from_fork+0x41/0x80 [ 22.075523] ? __pfx_kthread+0x10/0x10 [ 22.075555] ret_from_fork_asm+0x1a/0x30 [ 22.075615] </TASK> [ 22.075656] [ 22.093009] Allocated by task 306: [ 22.093512] kasan_save_stack+0x45/0x70 [ 22.093975] kasan_save_track+0x18/0x40 [ 22.094460] kasan_save_alloc_info+0x3b/0x50 [ 22.094926] __kasan_kmalloc+0xb7/0xc0 [ 22.095338] __kmalloc_noprof+0x1c9/0x500 [ 22.095847] kunit_kmalloc_array+0x25/0x60 [ 22.096341] copy_user_test_oob+0xab/0x10f0 [ 22.096724] kunit_try_run_case+0x1a5/0x480 [ 22.096970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.097532] kthread+0x337/0x6f0 [ 22.097907] ret_from_fork+0x41/0x80 [ 22.098324] ret_from_fork_asm+0x1a/0x30 [ 22.098683] [ 22.098858] The buggy address belongs to the object at ffff888101e0b000 [ 22.098858] which belongs to the cache kmalloc-128 of size 128 [ 22.099427] The buggy address is located 0 bytes inside of [ 22.099427] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.100463] [ 22.100630] The buggy address belongs to the physical page: [ 22.100902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.101645] flags: 0x200000000000000(node=0|zone=2) [ 22.102170] page_type: f5(slab) [ 22.102548] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.103054] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.103571] page dumped because: kasan: bad access detected [ 22.104036] [ 22.104294] Memory state around the buggy address: [ 22.104673] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105165] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105810] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.106329] ^ [ 22.106775] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.107291] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.107830] ================================================================== [ 22.109383] ================================================================== [ 22.109986] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 22.110662] Read of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.110953] [ 22.111269] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.111400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.111449] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.111501] Call Trace: [ 22.111548] <TASK> [ 22.111595] dump_stack_lvl+0x73/0xb0 [ 22.111711] print_report+0xd1/0x650 [ 22.111778] ? __virt_addr_valid+0x1db/0x2d0 [ 22.111823] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.111849] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.111876] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.111900] kasan_report+0x141/0x180 [ 22.111927] ? copy_user_test_oob+0x4aa/0x10f0 [ 22.111974] kasan_check_range+0x10c/0x1c0 [ 22.112015] __kasan_check_read+0x15/0x20 [ 22.112060] copy_user_test_oob+0x4aa/0x10f0 [ 22.112153] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.112218] ? finish_task_switch.isra.0+0x153/0x700 [ 22.112272] ? __switch_to+0x5d9/0xf60 [ 22.112313] ? dequeue_task_fair+0x166/0x4e0 [ 22.112376] ? __schedule+0x10cc/0x2b30 [ 22.112442] ? __pfx_read_tsc+0x10/0x10 [ 22.112492] ? ktime_get_ts64+0x86/0x230 [ 22.112558] kunit_try_run_case+0x1a5/0x480 [ 22.112600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.112627] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.112656] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.112682] ? __kthread_parkme+0x82/0x180 [ 22.112708] ? preempt_count_sub+0x50/0x80 [ 22.112735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.112787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.112815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.112842] kthread+0x337/0x6f0 [ 22.112863] ? trace_preempt_on+0x20/0xc0 [ 22.112891] ? __pfx_kthread+0x10/0x10 [ 22.112912] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.112936] ? calculate_sigpending+0x7b/0xa0 [ 22.112962] ? __pfx_kthread+0x10/0x10 [ 22.112984] ret_from_fork+0x41/0x80 [ 22.113009] ? __pfx_kthread+0x10/0x10 [ 22.113030] ret_from_fork_asm+0x1a/0x30 [ 22.113067] </TASK> [ 22.113084] [ 22.128056] Allocated by task 306: [ 22.128306] kasan_save_stack+0x45/0x70 [ 22.128533] kasan_save_track+0x18/0x40 [ 22.128708] kasan_save_alloc_info+0x3b/0x50 [ 22.128903] __kasan_kmalloc+0xb7/0xc0 [ 22.129106] __kmalloc_noprof+0x1c9/0x500 [ 22.129326] kunit_kmalloc_array+0x25/0x60 [ 22.130229] copy_user_test_oob+0xab/0x10f0 [ 22.130683] kunit_try_run_case+0x1a5/0x480 [ 22.131406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.131999] kthread+0x337/0x6f0 [ 22.132366] ret_from_fork+0x41/0x80 [ 22.132614] ret_from_fork_asm+0x1a/0x30 [ 22.132848] [ 22.132998] The buggy address belongs to the object at ffff888101e0b000 [ 22.132998] which belongs to the cache kmalloc-128 of size 128 [ 22.134346] The buggy address is located 0 bytes inside of [ 22.134346] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.134899] [ 22.135119] The buggy address belongs to the physical page: [ 22.135608] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.136016] flags: 0x200000000000000(node=0|zone=2) [ 22.136282] page_type: f5(slab) [ 22.136585] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.137453] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.138087] page dumped because: kasan: bad access detected [ 22.138339] [ 22.138440] Memory state around the buggy address: [ 22.138638] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.139059] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.140227] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.140526] ^ [ 22.140797] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.140976] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.141204] ================================================================== [ 22.142148] ================================================================== [ 22.142493] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 22.143201] Write of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.143570] [ 22.143780] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.143895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.143926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.143972] Call Trace: [ 22.144018] <TASK> [ 22.144065] dump_stack_lvl+0x73/0xb0 [ 22.144179] print_report+0xd1/0x650 [ 22.144234] ? __virt_addr_valid+0x1db/0x2d0 [ 22.144294] ? copy_user_test_oob+0x557/0x10f0 [ 22.144345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.144395] ? copy_user_test_oob+0x557/0x10f0 [ 22.144437] kasan_report+0x141/0x180 [ 22.144480] ? copy_user_test_oob+0x557/0x10f0 [ 22.144530] kasan_check_range+0x10c/0x1c0 [ 22.144579] __kasan_check_write+0x18/0x20 [ 22.144622] copy_user_test_oob+0x557/0x10f0 [ 22.144667] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.144709] ? finish_task_switch.isra.0+0x153/0x700 [ 22.144770] ? __switch_to+0x5d9/0xf60 [ 22.144819] ? dequeue_task_fair+0x166/0x4e0 [ 22.144872] ? __schedule+0x10cc/0x2b30 [ 22.144922] ? __pfx_read_tsc+0x10/0x10 [ 22.144970] ? ktime_get_ts64+0x86/0x230 [ 22.145029] kunit_try_run_case+0x1a5/0x480 [ 22.145090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.145172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.145229] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.145284] ? __kthread_parkme+0x82/0x180 [ 22.145336] ? preempt_count_sub+0x50/0x80 [ 22.145385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.145429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.145475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.145525] kthread+0x337/0x6f0 [ 22.145568] ? trace_preempt_on+0x20/0xc0 [ 22.145625] ? __pfx_kthread+0x10/0x10 [ 22.145672] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.145724] ? calculate_sigpending+0x7b/0xa0 [ 22.145791] ? __pfx_kthread+0x10/0x10 [ 22.145832] ret_from_fork+0x41/0x80 [ 22.145882] ? __pfx_kthread+0x10/0x10 [ 22.145927] ret_from_fork_asm+0x1a/0x30 [ 22.146000] </TASK> [ 22.146023] [ 22.157609] Allocated by task 306: [ 22.158068] kasan_save_stack+0x45/0x70 [ 22.159441] kasan_save_track+0x18/0x40 [ 22.159724] kasan_save_alloc_info+0x3b/0x50 [ 22.159970] __kasan_kmalloc+0xb7/0xc0 [ 22.160641] __kmalloc_noprof+0x1c9/0x500 [ 22.160877] kunit_kmalloc_array+0x25/0x60 [ 22.161075] copy_user_test_oob+0xab/0x10f0 [ 22.161771] kunit_try_run_case+0x1a5/0x480 [ 22.162313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.162636] kthread+0x337/0x6f0 [ 22.162831] ret_from_fork+0x41/0x80 [ 22.163166] ret_from_fork_asm+0x1a/0x30 [ 22.163462] [ 22.163671] The buggy address belongs to the object at ffff888101e0b000 [ 22.163671] which belongs to the cache kmalloc-128 of size 128 [ 22.164845] The buggy address is located 0 bytes inside of [ 22.164845] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.165682] [ 22.165918] The buggy address belongs to the physical page: [ 22.166304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.166731] flags: 0x200000000000000(node=0|zone=2) [ 22.167216] page_type: f5(slab) [ 22.167432] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.168048] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.168528] page dumped because: kasan: bad access detected [ 22.168821] [ 22.169022] Memory state around the buggy address: [ 22.169472] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.169951] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.170455] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.171000] ^ [ 22.171418] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.172014] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.172527] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 22.031871] ================================================================== [ 22.032400] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 22.032887] Read of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 22.033202] [ 22.033385] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 22.033498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.033534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.033586] Call Trace: [ 22.033632] <TASK> [ 22.033691] dump_stack_lvl+0x73/0xb0 [ 22.033791] print_report+0xd1/0x650 [ 22.033849] ? __virt_addr_valid+0x1db/0x2d0 [ 22.033908] ? _copy_to_user+0x4a/0x70 [ 22.033958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.034003] ? _copy_to_user+0x4a/0x70 [ 22.034046] kasan_report+0x141/0x180 [ 22.034098] ? _copy_to_user+0x4a/0x70 [ 22.034158] kasan_check_range+0x10c/0x1c0 [ 22.034223] __kasan_check_read+0x15/0x20 [ 22.034274] _copy_to_user+0x4a/0x70 [ 22.034320] copy_user_test_oob+0x364/0x10f0 [ 22.034375] ? __pfx_copy_user_test_oob+0x10/0x10 [ 22.034418] ? finish_task_switch.isra.0+0x153/0x700 [ 22.034467] ? __switch_to+0x5d9/0xf60 [ 22.034519] ? dequeue_task_fair+0x166/0x4e0 [ 22.034593] ? __schedule+0x10cc/0x2b30 [ 22.034646] ? __pfx_read_tsc+0x10/0x10 [ 22.034678] ? ktime_get_ts64+0x86/0x230 [ 22.034709] kunit_try_run_case+0x1a5/0x480 [ 22.034738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.034788] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.034817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.034844] ? __kthread_parkme+0x82/0x180 [ 22.034869] ? preempt_count_sub+0x50/0x80 [ 22.034898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.034926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.034952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.034978] kthread+0x337/0x6f0 [ 22.035000] ? trace_preempt_on+0x20/0xc0 [ 22.035027] ? __pfx_kthread+0x10/0x10 [ 22.035050] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.035074] ? calculate_sigpending+0x7b/0xa0 [ 22.035102] ? __pfx_kthread+0x10/0x10 [ 22.035140] ret_from_fork+0x41/0x80 [ 22.035167] ? __pfx_kthread+0x10/0x10 [ 22.035189] ret_from_fork_asm+0x1a/0x30 [ 22.035226] </TASK> [ 22.035243] [ 22.048694] Allocated by task 306: [ 22.049149] kasan_save_stack+0x45/0x70 [ 22.049641] kasan_save_track+0x18/0x40 [ 22.050041] kasan_save_alloc_info+0x3b/0x50 [ 22.050374] __kasan_kmalloc+0xb7/0xc0 [ 22.050753] __kmalloc_noprof+0x1c9/0x500 [ 22.051054] kunit_kmalloc_array+0x25/0x60 [ 22.051466] copy_user_test_oob+0xab/0x10f0 [ 22.051898] kunit_try_run_case+0x1a5/0x480 [ 22.052289] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.052639] kthread+0x337/0x6f0 [ 22.053008] ret_from_fork+0x41/0x80 [ 22.053323] ret_from_fork_asm+0x1a/0x30 [ 22.053644] [ 22.053821] The buggy address belongs to the object at ffff888101e0b000 [ 22.053821] which belongs to the cache kmalloc-128 of size 128 [ 22.054704] The buggy address is located 0 bytes inside of [ 22.054704] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.055643] [ 22.055982] The buggy address belongs to the physical page: [ 22.056589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.057128] flags: 0x200000000000000(node=0|zone=2) [ 22.057589] page_type: f5(slab) [ 22.057857] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.058522] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.058970] page dumped because: kasan: bad access detected [ 22.059217] [ 22.059351] Memory state around the buggy address: [ 22.059593] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.060315] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.061312] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.062002] ^ [ 22.062567] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.063104] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.063585] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 21.994295] ================================================================== [ 21.995204] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 21.995820] Write of size 121 at addr ffff888101e0b000 by task kunit_try_catch/306 [ 21.996420] [ 21.996670] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.996837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.996878] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.996926] Call Trace: [ 21.996958] <TASK> [ 21.997007] dump_stack_lvl+0x73/0xb0 [ 21.997082] print_report+0xd1/0x650 [ 21.997133] ? __virt_addr_valid+0x1db/0x2d0 [ 21.997192] ? _copy_from_user+0x32/0x90 [ 21.997242] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.997300] ? _copy_from_user+0x32/0x90 [ 21.997350] kasan_report+0x141/0x180 [ 21.997407] ? _copy_from_user+0x32/0x90 [ 21.997470] kasan_check_range+0x10c/0x1c0 [ 21.997524] __kasan_check_write+0x18/0x20 [ 21.997574] _copy_from_user+0x32/0x90 [ 21.997614] copy_user_test_oob+0x2be/0x10f0 [ 21.997660] ? __pfx_copy_user_test_oob+0x10/0x10 [ 21.997698] ? finish_task_switch.isra.0+0x153/0x700 [ 21.997762] ? __switch_to+0x5d9/0xf60 [ 21.997811] ? dequeue_task_fair+0x166/0x4e0 [ 21.997955] ? __schedule+0x10cc/0x2b30 [ 21.998057] ? __pfx_read_tsc+0x10/0x10 [ 21.998114] ? ktime_get_ts64+0x86/0x230 [ 21.998172] kunit_try_run_case+0x1a5/0x480 [ 21.998231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.998282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.998337] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.998376] ? __kthread_parkme+0x82/0x180 [ 21.998404] ? preempt_count_sub+0x50/0x80 [ 21.998431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.998458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.998486] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.998512] kthread+0x337/0x6f0 [ 21.998533] ? trace_preempt_on+0x20/0xc0 [ 21.998561] ? __pfx_kthread+0x10/0x10 [ 21.998583] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.998607] ? calculate_sigpending+0x7b/0xa0 [ 21.998634] ? __pfx_kthread+0x10/0x10 [ 21.998656] ret_from_fork+0x41/0x80 [ 21.998680] ? __pfx_kthread+0x10/0x10 [ 21.998702] ret_from_fork_asm+0x1a/0x30 [ 21.998738] </TASK> [ 21.998779] [ 22.012151] Allocated by task 306: [ 22.012629] kasan_save_stack+0x45/0x70 [ 22.012836] kasan_save_track+0x18/0x40 [ 22.012954] kasan_save_alloc_info+0x3b/0x50 [ 22.013074] __kasan_kmalloc+0xb7/0xc0 [ 22.013290] __kmalloc_noprof+0x1c9/0x500 [ 22.014007] kunit_kmalloc_array+0x25/0x60 [ 22.014504] copy_user_test_oob+0xab/0x10f0 [ 22.014962] kunit_try_run_case+0x1a5/0x480 [ 22.015411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.015812] kthread+0x337/0x6f0 [ 22.016207] ret_from_fork+0x41/0x80 [ 22.016527] ret_from_fork_asm+0x1a/0x30 [ 22.016940] [ 22.017173] The buggy address belongs to the object at ffff888101e0b000 [ 22.017173] which belongs to the cache kmalloc-128 of size 128 [ 22.018046] The buggy address is located 0 bytes inside of [ 22.018046] allocated 120-byte region [ffff888101e0b000, ffff888101e0b078) [ 22.019058] [ 22.019245] The buggy address belongs to the physical page: [ 22.019830] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e0b [ 22.020333] flags: 0x200000000000000(node=0|zone=2) [ 22.020790] page_type: f5(slab) [ 22.020984] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.021683] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.022179] page dumped because: kasan: bad access detected [ 22.022659] [ 22.022875] Memory state around the buggy address: [ 22.023268] ffff888101e0af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.023888] ffff888101e0af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.024440] >ffff888101e0b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 22.025008] ^ [ 22.025474] ffff888101e0b080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.026053] ffff888101e0b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.026460] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 21.940775] ================================================================== [ 21.941272] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 21.941548] Write of size 8 at addr ffff888102b31b78 by task kunit_try_catch/302 [ 21.941784] [ 21.942571] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.942709] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.942741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.942805] Call Trace: [ 21.942850] <TASK> [ 21.942899] dump_stack_lvl+0x73/0xb0 [ 21.942983] print_report+0xd1/0x650 [ 21.943045] ? __virt_addr_valid+0x1db/0x2d0 [ 21.943139] ? copy_to_kernel_nofault+0x99/0x260 [ 21.943186] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.943256] ? copy_to_kernel_nofault+0x99/0x260 [ 21.943310] kasan_report+0x141/0x180 [ 21.943373] ? copy_to_kernel_nofault+0x99/0x260 [ 21.943438] kasan_check_range+0x10c/0x1c0 [ 21.943490] __kasan_check_write+0x18/0x20 [ 21.943531] copy_to_kernel_nofault+0x99/0x260 [ 21.943568] copy_to_kernel_nofault_oob+0x288/0x560 [ 21.943599] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 21.943638] ? finish_task_switch.isra.0+0x153/0x700 [ 21.943674] ? __schedule+0x10cc/0x2b30 [ 21.943701] ? trace_hardirqs_on+0x37/0xe0 [ 21.943739] ? __pfx_read_tsc+0x10/0x10 [ 21.943792] ? ktime_get_ts64+0x86/0x230 [ 21.943825] kunit_try_run_case+0x1a5/0x480 [ 21.943858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.943885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.943914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.943942] ? __kthread_parkme+0x82/0x180 [ 21.943968] ? preempt_count_sub+0x50/0x80 [ 21.943996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.944025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.944052] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.944080] kthread+0x337/0x6f0 [ 21.944103] ? trace_preempt_on+0x20/0xc0 [ 21.944146] ? __pfx_kthread+0x10/0x10 [ 21.944168] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.944192] ? calculate_sigpending+0x7b/0xa0 [ 21.944219] ? __pfx_kthread+0x10/0x10 [ 21.944241] ret_from_fork+0x41/0x80 [ 21.944276] ? __pfx_kthread+0x10/0x10 [ 21.944311] ret_from_fork_asm+0x1a/0x30 [ 21.944366] </TASK> [ 21.944392] [ 21.958346] Allocated by task 302: [ 21.958666] kasan_save_stack+0x45/0x70 [ 21.959075] kasan_save_track+0x18/0x40 [ 21.959327] kasan_save_alloc_info+0x3b/0x50 [ 21.959547] __kasan_kmalloc+0xb7/0xc0 [ 21.959901] __kmalloc_cache_noprof+0x189/0x420 [ 21.960293] copy_to_kernel_nofault_oob+0x12f/0x560 [ 21.960577] kunit_try_run_case+0x1a5/0x480 [ 21.960934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.961307] kthread+0x337/0x6f0 [ 21.961510] ret_from_fork+0x41/0x80 [ 21.961866] ret_from_fork_asm+0x1a/0x30 [ 21.962256] [ 21.962444] The buggy address belongs to the object at ffff888102b31b00 [ 21.962444] which belongs to the cache kmalloc-128 of size 128 [ 21.963061] The buggy address is located 0 bytes to the right of [ 21.963061] allocated 120-byte region [ffff888102b31b00, ffff888102b31b78) [ 21.963895] [ 21.964042] The buggy address belongs to the physical page: [ 21.964342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 21.964832] flags: 0x200000000000000(node=0|zone=2) [ 21.965261] page_type: f5(slab) [ 21.965569] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.965991] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.966306] page dumped because: kasan: bad access detected [ 21.966720] [ 21.966940] Memory state around the buggy address: [ 21.967247] ffff888102b31a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.967542] ffff888102b31a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.968155] >ffff888102b31b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.968698] ^ [ 21.969079] ffff888102b31b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.969595] ffff888102b31c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.969889] ================================================================== [ 21.906864] ================================================================== [ 21.907634] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 21.908474] Read of size 8 at addr ffff888102b31b78 by task kunit_try_catch/302 [ 21.909165] [ 21.909467] CPU: 0 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.909589] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.909623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.909685] Call Trace: [ 21.909721] <TASK> [ 21.909792] dump_stack_lvl+0x73/0xb0 [ 21.909915] print_report+0xd1/0x650 [ 21.909995] ? __virt_addr_valid+0x1db/0x2d0 [ 21.910044] ? copy_to_kernel_nofault+0x225/0x260 [ 21.910071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.910103] ? copy_to_kernel_nofault+0x225/0x260 [ 21.910160] kasan_report+0x141/0x180 [ 21.910193] ? copy_to_kernel_nofault+0x225/0x260 [ 21.910223] __asan_report_load8_noabort+0x18/0x20 [ 21.910250] copy_to_kernel_nofault+0x225/0x260 [ 21.910278] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 21.910307] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 21.910335] ? finish_task_switch.isra.0+0x153/0x700 [ 21.910367] ? __schedule+0x10cc/0x2b30 [ 21.910393] ? trace_hardirqs_on+0x37/0xe0 [ 21.910431] ? __pfx_read_tsc+0x10/0x10 [ 21.910457] ? ktime_get_ts64+0x86/0x230 [ 21.910489] kunit_try_run_case+0x1a5/0x480 [ 21.910522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.910548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.910578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.910604] ? __kthread_parkme+0x82/0x180 [ 21.910631] ? preempt_count_sub+0x50/0x80 [ 21.910660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.910688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.910715] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.910758] kthread+0x337/0x6f0 [ 21.910788] ? trace_preempt_on+0x20/0xc0 [ 21.910815] ? __pfx_kthread+0x10/0x10 [ 21.910838] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.910864] ? calculate_sigpending+0x7b/0xa0 [ 21.910891] ? __pfx_kthread+0x10/0x10 [ 21.910914] ret_from_fork+0x41/0x80 [ 21.910939] ? __pfx_kthread+0x10/0x10 [ 21.910961] ret_from_fork_asm+0x1a/0x30 [ 21.910998] </TASK> [ 21.911017] [ 21.924434] Allocated by task 302: [ 21.924891] kasan_save_stack+0x45/0x70 [ 21.925494] kasan_save_track+0x18/0x40 [ 21.926400] kasan_save_alloc_info+0x3b/0x50 [ 21.926814] __kasan_kmalloc+0xb7/0xc0 [ 21.927071] __kmalloc_cache_noprof+0x189/0x420 [ 21.927613] copy_to_kernel_nofault_oob+0x12f/0x560 [ 21.928015] kunit_try_run_case+0x1a5/0x480 [ 21.928334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.928863] kthread+0x337/0x6f0 [ 21.929133] ret_from_fork+0x41/0x80 [ 21.929757] ret_from_fork_asm+0x1a/0x30 [ 21.930074] [ 21.930373] The buggy address belongs to the object at ffff888102b31b00 [ 21.930373] which belongs to the cache kmalloc-128 of size 128 [ 21.931198] The buggy address is located 0 bytes to the right of [ 21.931198] allocated 120-byte region [ffff888102b31b00, ffff888102b31b78) [ 21.932023] [ 21.932247] The buggy address belongs to the physical page: [ 21.932580] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 21.932974] flags: 0x200000000000000(node=0|zone=2) [ 21.933219] page_type: f5(slab) [ 21.933421] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.934143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.935220] page dumped because: kasan: bad access detected [ 21.935656] [ 21.935861] Memory state around the buggy address: [ 21.936182] ffff888102b31a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.936663] ffff888102b31a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.937062] >ffff888102b31b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 21.937557] ^ [ 21.938017] ffff888102b31b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.938490] ffff888102b31c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.938893] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 19.935853] ================================================================== [ 19.936500] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 19.937008] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.937405] [ 19.937675] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.937783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.937808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.937848] Call Trace: [ 19.937887] <TASK> [ 19.937925] dump_stack_lvl+0x73/0xb0 [ 19.937983] print_report+0xd1/0x650 [ 19.938022] ? __virt_addr_valid+0x1db/0x2d0 [ 19.938062] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.938100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.938135] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.938172] kasan_report+0x141/0x180 [ 19.938208] ? kasan_atomics_helper+0x4b3a/0x5450 [ 19.938252] __asan_report_store4_noabort+0x1b/0x30 [ 19.938291] kasan_atomics_helper+0x4b3a/0x5450 [ 19.938337] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.938378] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.938415] ? trace_hardirqs_on+0x37/0xe0 [ 19.938451] ? kasan_atomics+0x152/0x310 [ 19.938488] kasan_atomics+0x1dc/0x310 [ 19.938521] ? __pfx_kasan_atomics+0x10/0x10 [ 19.938555] ? __pfx_kasan_atomics+0x10/0x10 [ 19.938593] kunit_try_run_case+0x1a5/0x480 [ 19.938635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.938672] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.938713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.938804] ? __kthread_parkme+0x82/0x180 [ 19.938853] ? preempt_count_sub+0x50/0x80 [ 19.938904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.938956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.939030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.939081] kthread+0x337/0x6f0 [ 19.939141] ? trace_preempt_on+0x20/0xc0 [ 19.939197] ? __pfx_kthread+0x10/0x10 [ 19.939249] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.939288] ? calculate_sigpending+0x7b/0xa0 [ 19.939334] ? __pfx_kthread+0x10/0x10 [ 19.939375] ret_from_fork+0x41/0x80 [ 19.939428] ? __pfx_kthread+0x10/0x10 [ 19.939476] ret_from_fork_asm+0x1a/0x30 [ 19.939555] </TASK> [ 19.939589] [ 19.953507] Allocated by task 286: [ 19.953814] kasan_save_stack+0x45/0x70 [ 19.954132] kasan_save_track+0x18/0x40 [ 19.954451] kasan_save_alloc_info+0x3b/0x50 [ 19.958147] __kasan_kmalloc+0xb7/0xc0 [ 19.959064] __kmalloc_cache_noprof+0x189/0x420 [ 19.960389] kasan_atomics+0x95/0x310 [ 19.961879] kunit_try_run_case+0x1a5/0x480 [ 19.963066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.963488] kthread+0x337/0x6f0 [ 19.963777] ret_from_fork+0x41/0x80 [ 19.964039] ret_from_fork_asm+0x1a/0x30 [ 19.964346] [ 19.964815] The buggy address belongs to the object at ffff888101e04b00 [ 19.964815] which belongs to the cache kmalloc-64 of size 64 [ 19.965770] The buggy address is located 0 bytes to the right of [ 19.965770] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.966675] [ 19.966857] The buggy address belongs to the physical page: [ 19.967095] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.967677] flags: 0x200000000000000(node=0|zone=2) [ 19.968248] page_type: f5(slab) [ 19.968610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.969072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.969617] page dumped because: kasan: bad access detected [ 19.969881] [ 19.970109] Memory state around the buggy address: [ 19.970610] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.971322] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.971798] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.972326] ^ [ 19.972570] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.973091] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.973665] ================================================================== [ 20.209804] ================================================================== [ 20.210615] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 20.211384] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.211738] [ 20.211932] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.212056] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.212091] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.212136] Call Trace: [ 20.212188] <TASK> [ 20.212231] dump_stack_lvl+0x73/0xb0 [ 20.212307] print_report+0xd1/0x650 [ 20.212354] ? __virt_addr_valid+0x1db/0x2d0 [ 20.212405] ? kasan_atomics_helper+0x992/0x5450 [ 20.212447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.212489] ? kasan_atomics_helper+0x992/0x5450 [ 20.212526] kasan_report+0x141/0x180 [ 20.212573] ? kasan_atomics_helper+0x992/0x5450 [ 20.212630] kasan_check_range+0x10c/0x1c0 [ 20.212669] __kasan_check_write+0x18/0x20 [ 20.212705] kasan_atomics_helper+0x992/0x5450 [ 20.212767] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.212819] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.212864] ? trace_hardirqs_on+0x37/0xe0 [ 20.212904] ? kasan_atomics+0x152/0x310 [ 20.213801] kasan_atomics+0x1dc/0x310 [ 20.213859] ? __pfx_kasan_atomics+0x10/0x10 [ 20.213904] ? __pfx_kasan_atomics+0x10/0x10 [ 20.213957] kunit_try_run_case+0x1a5/0x480 [ 20.214009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.214051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.214142] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.214192] ? __kthread_parkme+0x82/0x180 [ 20.214239] ? preempt_count_sub+0x50/0x80 [ 20.214292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.214341] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.214386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.214427] kthread+0x337/0x6f0 [ 20.214460] ? trace_preempt_on+0x20/0xc0 [ 20.214500] ? __pfx_kthread+0x10/0x10 [ 20.214534] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.214573] ? calculate_sigpending+0x7b/0xa0 [ 20.214617] ? __pfx_kthread+0x10/0x10 [ 20.214656] ret_from_fork+0x41/0x80 [ 20.214703] ? __pfx_kthread+0x10/0x10 [ 20.214743] ret_from_fork_asm+0x1a/0x30 [ 20.214823] </TASK> [ 20.214849] [ 20.230135] Allocated by task 286: [ 20.230668] kasan_save_stack+0x45/0x70 [ 20.231165] kasan_save_track+0x18/0x40 [ 20.231564] kasan_save_alloc_info+0x3b/0x50 [ 20.231947] __kasan_kmalloc+0xb7/0xc0 [ 20.232364] __kmalloc_cache_noprof+0x189/0x420 [ 20.232814] kasan_atomics+0x95/0x310 [ 20.233074] kunit_try_run_case+0x1a5/0x480 [ 20.233585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.234170] kthread+0x337/0x6f0 [ 20.234546] ret_from_fork+0x41/0x80 [ 20.234948] ret_from_fork_asm+0x1a/0x30 [ 20.235203] [ 20.235432] The buggy address belongs to the object at ffff888101e04b00 [ 20.235432] which belongs to the cache kmalloc-64 of size 64 [ 20.236281] The buggy address is located 0 bytes to the right of [ 20.236281] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.237166] [ 20.237399] The buggy address belongs to the physical page: [ 20.237695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.238391] flags: 0x200000000000000(node=0|zone=2) [ 20.238798] page_type: f5(slab) [ 20.239209] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.239735] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.240320] page dumped because: kasan: bad access detected [ 20.240710] [ 20.240928] Memory state around the buggy address: [ 20.241307] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.241842] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.242518] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.242879] ^ [ 20.243384] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.243810] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.244401] ================================================================== [ 21.068940] ================================================================== [ 21.069592] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 21.070260] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.070927] [ 21.071174] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.071311] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.071337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.071377] Call Trace: [ 21.071415] <TASK> [ 21.071453] dump_stack_lvl+0x73/0xb0 [ 21.071515] print_report+0xd1/0x650 [ 21.071559] ? __virt_addr_valid+0x1db/0x2d0 [ 21.071599] ? kasan_atomics_helper+0x164f/0x5450 [ 21.071648] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.071685] ? kasan_atomics_helper+0x164f/0x5450 [ 21.071720] kasan_report+0x141/0x180 [ 21.071772] ? kasan_atomics_helper+0x164f/0x5450 [ 21.071818] kasan_check_range+0x10c/0x1c0 [ 21.071854] __kasan_check_write+0x18/0x20 [ 21.071887] kasan_atomics_helper+0x164f/0x5450 [ 21.071926] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.071963] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.071999] ? trace_hardirqs_on+0x37/0xe0 [ 21.072039] ? kasan_atomics+0x152/0x310 [ 21.072088] kasan_atomics+0x1dc/0x310 [ 21.072156] ? __pfx_kasan_atomics+0x10/0x10 [ 21.072215] ? __pfx_kasan_atomics+0x10/0x10 [ 21.072268] kunit_try_run_case+0x1a5/0x480 [ 21.072324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.072401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.072471] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.072528] ? __kthread_parkme+0x82/0x180 [ 21.072579] ? preempt_count_sub+0x50/0x80 [ 21.072642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.072722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.072801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.072849] kthread+0x337/0x6f0 [ 21.072894] ? trace_preempt_on+0x20/0xc0 [ 21.072948] ? __pfx_kthread+0x10/0x10 [ 21.072995] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.073047] ? calculate_sigpending+0x7b/0xa0 [ 21.073102] ? __pfx_kthread+0x10/0x10 [ 21.073190] ret_from_fork+0x41/0x80 [ 21.073236] ? __pfx_kthread+0x10/0x10 [ 21.073277] ret_from_fork_asm+0x1a/0x30 [ 21.073381] </TASK> [ 21.073417] [ 21.085390] Allocated by task 286: [ 21.085828] kasan_save_stack+0x45/0x70 [ 21.086281] kasan_save_track+0x18/0x40 [ 21.086645] kasan_save_alloc_info+0x3b/0x50 [ 21.087068] __kasan_kmalloc+0xb7/0xc0 [ 21.087465] __kmalloc_cache_noprof+0x189/0x420 [ 21.087939] kasan_atomics+0x95/0x310 [ 21.088352] kunit_try_run_case+0x1a5/0x480 [ 21.088780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.089262] kthread+0x337/0x6f0 [ 21.089603] ret_from_fork+0x41/0x80 [ 21.089904] ret_from_fork_asm+0x1a/0x30 [ 21.090185] [ 21.090407] The buggy address belongs to the object at ffff888101e04b00 [ 21.090407] which belongs to the cache kmalloc-64 of size 64 [ 21.091319] The buggy address is located 0 bytes to the right of [ 21.091319] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.092052] [ 21.092341] The buggy address belongs to the physical page: [ 21.092759] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.093440] flags: 0x200000000000000(node=0|zone=2) [ 21.093896] page_type: f5(slab) [ 21.094247] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.094762] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.095066] page dumped because: kasan: bad access detected [ 21.095691] [ 21.095947] Memory state around the buggy address: [ 21.096406] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.096851] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.097155] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.097711] ^ [ 21.098252] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.098845] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.099342] ================================================================== [ 21.129965] ================================================================== [ 21.130798] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 21.131217] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.132021] [ 21.132283] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.132396] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.132418] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.132456] Call Trace: [ 21.132494] <TASK> [ 21.132532] dump_stack_lvl+0x73/0xb0 [ 21.132589] print_report+0xd1/0x650 [ 21.132627] ? __virt_addr_valid+0x1db/0x2d0 [ 21.132666] ? kasan_atomics_helper+0x177f/0x5450 [ 21.132701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.132742] ? kasan_atomics_helper+0x177f/0x5450 [ 21.132815] kasan_report+0x141/0x180 [ 21.132861] ? kasan_atomics_helper+0x177f/0x5450 [ 21.132941] kasan_check_range+0x10c/0x1c0 [ 21.132988] __kasan_check_write+0x18/0x20 [ 21.133032] kasan_atomics_helper+0x177f/0x5450 [ 21.133088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.133184] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.133252] ? trace_hardirqs_on+0x37/0xe0 [ 21.133303] ? kasan_atomics+0x152/0x310 [ 21.133368] kasan_atomics+0x1dc/0x310 [ 21.133418] ? __pfx_kasan_atomics+0x10/0x10 [ 21.133484] ? __pfx_kasan_atomics+0x10/0x10 [ 21.133542] kunit_try_run_case+0x1a5/0x480 [ 21.133611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.133663] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.133736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.133800] ? __kthread_parkme+0x82/0x180 [ 21.133861] ? preempt_count_sub+0x50/0x80 [ 21.133936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.133993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.134042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.134092] kthread+0x337/0x6f0 [ 21.134177] ? trace_preempt_on+0x20/0xc0 [ 21.134249] ? __pfx_kthread+0x10/0x10 [ 21.134294] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.134345] ? calculate_sigpending+0x7b/0xa0 [ 21.134402] ? __pfx_kthread+0x10/0x10 [ 21.134465] ret_from_fork+0x41/0x80 [ 21.134522] ? __pfx_kthread+0x10/0x10 [ 21.134566] ret_from_fork_asm+0x1a/0x30 [ 21.134647] </TASK> [ 21.134685] [ 21.145453] Allocated by task 286: [ 21.145876] kasan_save_stack+0x45/0x70 [ 21.146221] kasan_save_track+0x18/0x40 [ 21.146558] kasan_save_alloc_info+0x3b/0x50 [ 21.146972] __kasan_kmalloc+0xb7/0xc0 [ 21.147333] __kmalloc_cache_noprof+0x189/0x420 [ 21.147610] kasan_atomics+0x95/0x310 [ 21.147990] kunit_try_run_case+0x1a5/0x480 [ 21.148413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.148763] kthread+0x337/0x6f0 [ 21.149135] ret_from_fork+0x41/0x80 [ 21.149425] ret_from_fork_asm+0x1a/0x30 [ 21.149807] [ 21.149970] The buggy address belongs to the object at ffff888101e04b00 [ 21.149970] which belongs to the cache kmalloc-64 of size 64 [ 21.150791] The buggy address is located 0 bytes to the right of [ 21.150791] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.151567] [ 21.151812] The buggy address belongs to the physical page: [ 21.152169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.152664] flags: 0x200000000000000(node=0|zone=2) [ 21.152929] page_type: f5(slab) [ 21.153164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.153478] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.153782] page dumped because: kasan: bad access detected [ 21.154260] [ 21.154461] Memory state around the buggy address: [ 21.154892] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.155498] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.156035] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.156607] ^ [ 21.157066] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.157642] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.159167] ================================================================== [ 21.222811] ================================================================== [ 21.223169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 21.224496] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.225254] [ 21.225556] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.225723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.225770] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.225824] Call Trace: [ 21.225870] <TASK> [ 21.225917] dump_stack_lvl+0x73/0xb0 [ 21.226006] print_report+0xd1/0x650 [ 21.226062] ? __virt_addr_valid+0x1db/0x2d0 [ 21.226158] ? kasan_atomics_helper+0x194a/0x5450 [ 21.226199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.226226] ? kasan_atomics_helper+0x194a/0x5450 [ 21.226252] kasan_report+0x141/0x180 [ 21.226280] ? kasan_atomics_helper+0x194a/0x5450 [ 21.226310] kasan_check_range+0x10c/0x1c0 [ 21.226335] __kasan_check_write+0x18/0x20 [ 21.226359] kasan_atomics_helper+0x194a/0x5450 [ 21.226385] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.226411] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.226436] ? trace_hardirqs_on+0x37/0xe0 [ 21.226462] ? kasan_atomics+0x152/0x310 [ 21.226489] kasan_atomics+0x1dc/0x310 [ 21.226511] ? __pfx_kasan_atomics+0x10/0x10 [ 21.226535] ? __pfx_kasan_atomics+0x10/0x10 [ 21.226562] kunit_try_run_case+0x1a5/0x480 [ 21.226590] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.226615] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.226643] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.226668] ? __kthread_parkme+0x82/0x180 [ 21.226694] ? preempt_count_sub+0x50/0x80 [ 21.226723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.226771] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.226804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.226830] kthread+0x337/0x6f0 [ 21.226850] ? trace_preempt_on+0x20/0xc0 [ 21.226876] ? __pfx_kthread+0x10/0x10 [ 21.226898] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.226922] ? calculate_sigpending+0x7b/0xa0 [ 21.226948] ? __pfx_kthread+0x10/0x10 [ 21.226972] ret_from_fork+0x41/0x80 [ 21.226998] ? __pfx_kthread+0x10/0x10 [ 21.227021] ret_from_fork_asm+0x1a/0x30 [ 21.227057] </TASK> [ 21.227073] [ 21.239609] Allocated by task 286: [ 21.239981] kasan_save_stack+0x45/0x70 [ 21.240442] kasan_save_track+0x18/0x40 [ 21.240823] kasan_save_alloc_info+0x3b/0x50 [ 21.241235] __kasan_kmalloc+0xb7/0xc0 [ 21.241597] __kmalloc_cache_noprof+0x189/0x420 [ 21.242021] kasan_atomics+0x95/0x310 [ 21.242384] kunit_try_run_case+0x1a5/0x480 [ 21.242786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.243223] kthread+0x337/0x6f0 [ 21.243548] ret_from_fork+0x41/0x80 [ 21.243782] ret_from_fork_asm+0x1a/0x30 [ 21.244004] [ 21.244170] The buggy address belongs to the object at ffff888101e04b00 [ 21.244170] which belongs to the cache kmalloc-64 of size 64 [ 21.244667] The buggy address is located 0 bytes to the right of [ 21.244667] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.245679] [ 21.245890] The buggy address belongs to the physical page: [ 21.246377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.247009] flags: 0x200000000000000(node=0|zone=2) [ 21.247295] page_type: f5(slab) [ 21.247507] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.247867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.248473] page dumped because: kasan: bad access detected [ 21.248934] [ 21.249153] Memory state around the buggy address: [ 21.249598] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.249935] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.250257] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.250547] ^ [ 21.250785] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.251359] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.251946] ================================================================== [ 21.831703] ================================================================== [ 21.832116] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 21.834243] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.834854] [ 21.835138] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.835546] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.835575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.835615] Call Trace: [ 21.835669] <TASK> [ 21.835710] dump_stack_lvl+0x73/0xb0 [ 21.835808] print_report+0xd1/0x650 [ 21.835851] ? __virt_addr_valid+0x1db/0x2d0 [ 21.835892] ? kasan_atomics_helper+0x5115/0x5450 [ 21.835927] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.835962] ? kasan_atomics_helper+0x5115/0x5450 [ 21.835997] kasan_report+0x141/0x180 [ 21.836035] ? kasan_atomics_helper+0x5115/0x5450 [ 21.836079] __asan_report_load8_noabort+0x18/0x20 [ 21.836116] kasan_atomics_helper+0x5115/0x5450 [ 21.836155] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.836196] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.836236] ? trace_hardirqs_on+0x37/0xe0 [ 21.836277] ? kasan_atomics+0x152/0x310 [ 21.836312] kasan_atomics+0x1dc/0x310 [ 21.836335] ? __pfx_kasan_atomics+0x10/0x10 [ 21.836359] ? __pfx_kasan_atomics+0x10/0x10 [ 21.836386] kunit_try_run_case+0x1a5/0x480 [ 21.836416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.836441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.836469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.836496] ? __kthread_parkme+0x82/0x180 [ 21.836521] ? preempt_count_sub+0x50/0x80 [ 21.836551] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.836577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.836603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.836632] kthread+0x337/0x6f0 [ 21.836652] ? trace_preempt_on+0x20/0xc0 [ 21.836678] ? __pfx_kthread+0x10/0x10 [ 21.836699] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.836723] ? calculate_sigpending+0x7b/0xa0 [ 21.836775] ? __pfx_kthread+0x10/0x10 [ 21.836802] ret_from_fork+0x41/0x80 [ 21.836829] ? __pfx_kthread+0x10/0x10 [ 21.836850] ret_from_fork_asm+0x1a/0x30 [ 21.836886] </TASK> [ 21.836903] [ 21.848204] Allocated by task 286: [ 21.848679] kasan_save_stack+0x45/0x70 [ 21.849227] kasan_save_track+0x18/0x40 [ 21.849623] kasan_save_alloc_info+0x3b/0x50 [ 21.850046] __kasan_kmalloc+0xb7/0xc0 [ 21.850478] __kmalloc_cache_noprof+0x189/0x420 [ 21.850923] kasan_atomics+0x95/0x310 [ 21.851352] kunit_try_run_case+0x1a5/0x480 [ 21.851701] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.852199] kthread+0x337/0x6f0 [ 21.852576] ret_from_fork+0x41/0x80 [ 21.852856] ret_from_fork_asm+0x1a/0x30 [ 21.853288] [ 21.853498] The buggy address belongs to the object at ffff888101e04b00 [ 21.853498] which belongs to the cache kmalloc-64 of size 64 [ 21.854344] The buggy address is located 0 bytes to the right of [ 21.854344] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.855064] [ 21.855330] The buggy address belongs to the physical page: [ 21.855695] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.856383] flags: 0x200000000000000(node=0|zone=2) [ 21.856827] page_type: f5(slab) [ 21.857224] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.857755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.858324] page dumped because: kasan: bad access detected [ 21.858680] [ 21.858886] Memory state around the buggy address: [ 21.859180] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.859829] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.860478] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.860949] ^ [ 21.861372] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.861829] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.862430] ================================================================== [ 19.845945] ================================================================== [ 19.846651] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 19.847198] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.847644] [ 19.847893] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.848045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.848094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.848171] Call Trace: [ 19.848217] <TASK> [ 19.848266] dump_stack_lvl+0x73/0xb0 [ 19.848370] print_report+0xd1/0x650 [ 19.848421] ? __virt_addr_valid+0x1db/0x2d0 [ 19.848479] ? kasan_atomics_helper+0x3df/0x5450 [ 19.848527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.848578] ? kasan_atomics_helper+0x3df/0x5450 [ 19.848626] kasan_report+0x141/0x180 [ 19.848678] ? kasan_atomics_helper+0x3df/0x5450 [ 19.848733] kasan_check_range+0x10c/0x1c0 [ 19.848793] __kasan_check_read+0x15/0x20 [ 19.848840] kasan_atomics_helper+0x3df/0x5450 [ 19.848913] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.848964] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.849018] ? trace_hardirqs_on+0x37/0xe0 [ 19.849072] ? kasan_atomics+0x152/0x310 [ 19.849166] kasan_atomics+0x1dc/0x310 [ 19.849214] ? __pfx_kasan_atomics+0x10/0x10 [ 19.849262] ? __pfx_kasan_atomics+0x10/0x10 [ 19.849336] kunit_try_run_case+0x1a5/0x480 [ 19.849390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.849434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.849491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.849540] ? __kthread_parkme+0x82/0x180 [ 19.849573] ? preempt_count_sub+0x50/0x80 [ 19.849604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.849632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.849658] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.849684] kthread+0x337/0x6f0 [ 19.849705] ? trace_preempt_on+0x20/0xc0 [ 19.849731] ? __pfx_kthread+0x10/0x10 [ 19.849778] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.849809] ? calculate_sigpending+0x7b/0xa0 [ 19.849890] ? __pfx_kthread+0x10/0x10 [ 19.849915] ret_from_fork+0x41/0x80 [ 19.849943] ? __pfx_kthread+0x10/0x10 [ 19.849964] ret_from_fork_asm+0x1a/0x30 [ 19.850002] </TASK> [ 19.850019] [ 19.860968] Allocated by task 286: [ 19.861392] kasan_save_stack+0x45/0x70 [ 19.861739] kasan_save_track+0x18/0x40 [ 19.862116] kasan_save_alloc_info+0x3b/0x50 [ 19.862413] __kasan_kmalloc+0xb7/0xc0 [ 19.862721] __kmalloc_cache_noprof+0x189/0x420 [ 19.863158] kasan_atomics+0x95/0x310 [ 19.863509] kunit_try_run_case+0x1a5/0x480 [ 19.863901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.864274] kthread+0x337/0x6f0 [ 19.864598] ret_from_fork+0x41/0x80 [ 19.864887] ret_from_fork_asm+0x1a/0x30 [ 19.865257] [ 19.865465] The buggy address belongs to the object at ffff888101e04b00 [ 19.865465] which belongs to the cache kmalloc-64 of size 64 [ 19.866150] The buggy address is located 0 bytes to the right of [ 19.866150] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.866671] [ 19.866854] The buggy address belongs to the physical page: [ 19.867337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.867974] flags: 0x200000000000000(node=0|zone=2) [ 19.868419] page_type: f5(slab) [ 19.868766] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.869392] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.869907] page dumped because: kasan: bad access detected [ 19.870257] [ 19.870453] Memory state around the buggy address: [ 19.870782] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.871337] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.871865] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.872339] ^ [ 19.872688] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.873159] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.873608] ================================================================== [ 20.896035] ================================================================== [ 20.896440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 20.897153] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.897578] [ 20.897773] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.897891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.897934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.897981] Call Trace: [ 20.898044] <TASK> [ 20.898093] dump_stack_lvl+0x73/0xb0 [ 20.898171] print_report+0xd1/0x650 [ 20.898229] ? __virt_addr_valid+0x1db/0x2d0 [ 20.898287] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.898353] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.898403] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.898453] kasan_report+0x141/0x180 [ 20.898502] ? kasan_atomics_helper+0x4eae/0x5450 [ 20.898575] __asan_report_load8_noabort+0x18/0x20 [ 20.898644] kasan_atomics_helper+0x4eae/0x5450 [ 20.898698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.898766] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.898824] ? trace_hardirqs_on+0x37/0xe0 [ 20.898892] ? kasan_atomics+0x152/0x310 [ 20.898948] kasan_atomics+0x1dc/0x310 [ 20.898981] ? __pfx_kasan_atomics+0x10/0x10 [ 20.899006] ? __pfx_kasan_atomics+0x10/0x10 [ 20.899033] kunit_try_run_case+0x1a5/0x480 [ 20.899064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.899093] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.899138] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.899182] ? __kthread_parkme+0x82/0x180 [ 20.899231] ? preempt_count_sub+0x50/0x80 [ 20.899286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.899350] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.899421] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.899470] kthread+0x337/0x6f0 [ 20.899511] ? trace_preempt_on+0x20/0xc0 [ 20.899562] ? __pfx_kthread+0x10/0x10 [ 20.899619] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.899699] ? calculate_sigpending+0x7b/0xa0 [ 20.899758] ? __pfx_kthread+0x10/0x10 [ 20.899803] ret_from_fork+0x41/0x80 [ 20.899836] ? __pfx_kthread+0x10/0x10 [ 20.899859] ret_from_fork_asm+0x1a/0x30 [ 20.899914] </TASK> [ 20.899933] [ 20.913339] Allocated by task 286: [ 20.913853] kasan_save_stack+0x45/0x70 [ 20.914346] kasan_save_track+0x18/0x40 [ 20.914701] kasan_save_alloc_info+0x3b/0x50 [ 20.915200] __kasan_kmalloc+0xb7/0xc0 [ 20.915558] __kmalloc_cache_noprof+0x189/0x420 [ 20.916071] kasan_atomics+0x95/0x310 [ 20.916491] kunit_try_run_case+0x1a5/0x480 [ 20.916993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.917419] kthread+0x337/0x6f0 [ 20.917803] ret_from_fork+0x41/0x80 [ 20.918144] ret_from_fork_asm+0x1a/0x30 [ 20.918476] [ 20.918729] The buggy address belongs to the object at ffff888101e04b00 [ 20.918729] which belongs to the cache kmalloc-64 of size 64 [ 20.919600] The buggy address is located 0 bytes to the right of [ 20.919600] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.920653] [ 20.920898] The buggy address belongs to the physical page: [ 20.921381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.922033] flags: 0x200000000000000(node=0|zone=2) [ 20.922440] page_type: f5(slab) [ 20.922822] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.923349] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.924034] page dumped because: kasan: bad access detected [ 20.924518] [ 20.924872] Memory state around the buggy address: [ 20.925133] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.925862] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.926380] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.926836] ^ [ 20.927407] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.927813] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.928448] ================================================================== [ 20.176117] ================================================================== [ 20.176854] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 20.177235] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.177935] [ 20.178124] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.178230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.178262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.178311] Call Trace: [ 20.178358] <TASK> [ 20.178396] dump_stack_lvl+0x73/0xb0 [ 20.178458] print_report+0xd1/0x650 [ 20.178501] ? __virt_addr_valid+0x1db/0x2d0 [ 20.178540] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.178575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.178613] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.178648] kasan_report+0x141/0x180 [ 20.178685] ? kasan_atomics_helper+0x8f9/0x5450 [ 20.178731] kasan_check_range+0x10c/0x1c0 [ 20.178784] __kasan_check_write+0x18/0x20 [ 20.178823] kasan_atomics_helper+0x8f9/0x5450 [ 20.178861] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.178897] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.178934] ? trace_hardirqs_on+0x37/0xe0 [ 20.178971] ? kasan_atomics+0x152/0x310 [ 20.179017] kasan_atomics+0x1dc/0x310 [ 20.179060] ? __pfx_kasan_atomics+0x10/0x10 [ 20.179105] ? __pfx_kasan_atomics+0x10/0x10 [ 20.179587] kunit_try_run_case+0x1a5/0x480 [ 20.179677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.179729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.179788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.179817] ? __kthread_parkme+0x82/0x180 [ 20.179844] ? preempt_count_sub+0x50/0x80 [ 20.179875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.179902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.179928] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.179954] kthread+0x337/0x6f0 [ 20.179976] ? trace_preempt_on+0x20/0xc0 [ 20.180002] ? __pfx_kthread+0x10/0x10 [ 20.180024] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.180048] ? calculate_sigpending+0x7b/0xa0 [ 20.180074] ? __pfx_kthread+0x10/0x10 [ 20.180096] ret_from_fork+0x41/0x80 [ 20.180171] ? __pfx_kthread+0x10/0x10 [ 20.180196] ret_from_fork_asm+0x1a/0x30 [ 20.180233] </TASK> [ 20.180251] [ 20.193282] Allocated by task 286: [ 20.193687] kasan_save_stack+0x45/0x70 [ 20.194157] kasan_save_track+0x18/0x40 [ 20.194448] kasan_save_alloc_info+0x3b/0x50 [ 20.194832] __kasan_kmalloc+0xb7/0xc0 [ 20.195236] __kmalloc_cache_noprof+0x189/0x420 [ 20.195487] kasan_atomics+0x95/0x310 [ 20.195804] kunit_try_run_case+0x1a5/0x480 [ 20.196168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.196634] kthread+0x337/0x6f0 [ 20.196943] ret_from_fork+0x41/0x80 [ 20.197150] ret_from_fork_asm+0x1a/0x30 [ 20.197378] [ 20.197516] The buggy address belongs to the object at ffff888101e04b00 [ 20.197516] which belongs to the cache kmalloc-64 of size 64 [ 20.198195] The buggy address is located 0 bytes to the right of [ 20.198195] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.200160] [ 20.200888] The buggy address belongs to the physical page: [ 20.201544] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.202512] flags: 0x200000000000000(node=0|zone=2) [ 20.202828] page_type: f5(slab) [ 20.202953] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.203330] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.203957] page dumped because: kasan: bad access detected [ 20.204453] [ 20.204651] Memory state around the buggy address: [ 20.205007] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.205450] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.206727] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.207245] ^ [ 20.207672] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.208163] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.208616] ================================================================== [ 20.604381] ================================================================== [ 20.605043] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 20.605819] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.606455] [ 20.606676] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.606809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.606867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.606916] Call Trace: [ 20.606963] <TASK> [ 20.607010] dump_stack_lvl+0x73/0xb0 [ 20.607137] print_report+0xd1/0x650 [ 20.607210] ? __virt_addr_valid+0x1db/0x2d0 [ 20.607269] ? kasan_atomics_helper+0x1079/0x5450 [ 20.607319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.607369] ? kasan_atomics_helper+0x1079/0x5450 [ 20.607423] kasan_report+0x141/0x180 [ 20.607475] ? kasan_atomics_helper+0x1079/0x5450 [ 20.607530] kasan_check_range+0x10c/0x1c0 [ 20.607576] __kasan_check_write+0x18/0x20 [ 20.607637] kasan_atomics_helper+0x1079/0x5450 [ 20.607698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.607765] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.607810] ? trace_hardirqs_on+0x37/0xe0 [ 20.607840] ? kasan_atomics+0x152/0x310 [ 20.607869] kasan_atomics+0x1dc/0x310 [ 20.607892] ? __pfx_kasan_atomics+0x10/0x10 [ 20.607916] ? __pfx_kasan_atomics+0x10/0x10 [ 20.607943] kunit_try_run_case+0x1a5/0x480 [ 20.607974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.607999] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.608028] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.608054] ? __kthread_parkme+0x82/0x180 [ 20.608080] ? preempt_count_sub+0x50/0x80 [ 20.608132] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.608174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.608201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.608227] kthread+0x337/0x6f0 [ 20.608248] ? trace_preempt_on+0x20/0xc0 [ 20.608274] ? __pfx_kthread+0x10/0x10 [ 20.608295] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.608320] ? calculate_sigpending+0x7b/0xa0 [ 20.608346] ? __pfx_kthread+0x10/0x10 [ 20.608368] ret_from_fork+0x41/0x80 [ 20.608394] ? __pfx_kthread+0x10/0x10 [ 20.608418] ret_from_fork_asm+0x1a/0x30 [ 20.608454] </TASK> [ 20.608472] [ 20.621602] Allocated by task 286: [ 20.621995] kasan_save_stack+0x45/0x70 [ 20.622308] kasan_save_track+0x18/0x40 [ 20.622520] kasan_save_alloc_info+0x3b/0x50 [ 20.622743] __kasan_kmalloc+0xb7/0xc0 [ 20.623088] __kmalloc_cache_noprof+0x189/0x420 [ 20.623526] kasan_atomics+0x95/0x310 [ 20.623929] kunit_try_run_case+0x1a5/0x480 [ 20.624413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.624941] kthread+0x337/0x6f0 [ 20.625319] ret_from_fork+0x41/0x80 [ 20.625730] ret_from_fork_asm+0x1a/0x30 [ 20.626240] [ 20.626480] The buggy address belongs to the object at ffff888101e04b00 [ 20.626480] which belongs to the cache kmalloc-64 of size 64 [ 20.626953] The buggy address is located 0 bytes to the right of [ 20.626953] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.627447] [ 20.627587] The buggy address belongs to the physical page: [ 20.628025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.628734] flags: 0x200000000000000(node=0|zone=2) [ 20.629238] page_type: f5(slab) [ 20.629633] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.630266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.630574] page dumped because: kasan: bad access detected [ 20.630822] [ 20.630944] Memory state around the buggy address: [ 20.631231] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.631724] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.632323] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.632691] ^ [ 20.632941] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.633248] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.633790] ================================================================== [ 21.189157] ================================================================== [ 21.191017] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 21.192303] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.193660] [ 21.194148] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.194285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.194323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.194377] Call Trace: [ 21.194426] <TASK> [ 21.194475] dump_stack_lvl+0x73/0xb0 [ 21.194561] print_report+0xd1/0x650 [ 21.194621] ? __virt_addr_valid+0x1db/0x2d0 [ 21.194674] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.194718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.194782] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.194830] kasan_report+0x141/0x180 [ 21.194891] ? kasan_atomics_helper+0x18b1/0x5450 [ 21.194974] kasan_check_range+0x10c/0x1c0 [ 21.195022] __kasan_check_write+0x18/0x20 [ 21.195063] kasan_atomics_helper+0x18b1/0x5450 [ 21.195111] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.195171] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.195220] ? trace_hardirqs_on+0x37/0xe0 [ 21.195282] ? kasan_atomics+0x152/0x310 [ 21.195359] kasan_atomics+0x1dc/0x310 [ 21.195405] ? __pfx_kasan_atomics+0x10/0x10 [ 21.195453] ? __pfx_kasan_atomics+0x10/0x10 [ 21.195485] kunit_try_run_case+0x1a5/0x480 [ 21.195528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.195556] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.195603] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.195652] ? __kthread_parkme+0x82/0x180 [ 21.195682] ? preempt_count_sub+0x50/0x80 [ 21.195722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.195773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.195806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.195833] kthread+0x337/0x6f0 [ 21.195863] ? trace_preempt_on+0x20/0xc0 [ 21.195889] ? __pfx_kthread+0x10/0x10 [ 21.195910] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.195945] ? calculate_sigpending+0x7b/0xa0 [ 21.195971] ? __pfx_kthread+0x10/0x10 [ 21.195993] ret_from_fork+0x41/0x80 [ 21.196028] ? __pfx_kthread+0x10/0x10 [ 21.196052] ret_from_fork_asm+0x1a/0x30 [ 21.196097] </TASK> [ 21.196122] [ 21.207359] Allocated by task 286: [ 21.207810] kasan_save_stack+0x45/0x70 [ 21.208248] kasan_save_track+0x18/0x40 [ 21.208583] kasan_save_alloc_info+0x3b/0x50 [ 21.208966] __kasan_kmalloc+0xb7/0xc0 [ 21.209355] __kmalloc_cache_noprof+0x189/0x420 [ 21.209685] kasan_atomics+0x95/0x310 [ 21.209901] kunit_try_run_case+0x1a5/0x480 [ 21.210329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.210765] kthread+0x337/0x6f0 [ 21.211076] ret_from_fork+0x41/0x80 [ 21.211362] ret_from_fork_asm+0x1a/0x30 [ 21.211581] [ 21.211728] The buggy address belongs to the object at ffff888101e04b00 [ 21.211728] which belongs to the cache kmalloc-64 of size 64 [ 21.212183] The buggy address is located 0 bytes to the right of [ 21.212183] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.212659] [ 21.212854] The buggy address belongs to the physical page: [ 21.213370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.214015] flags: 0x200000000000000(node=0|zone=2) [ 21.214583] page_type: f5(slab) [ 21.214925] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.215685] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.216288] page dumped because: kasan: bad access detected [ 21.216700] [ 21.216842] Memory state around the buggy address: [ 21.217057] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.217616] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.218156] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.218864] ^ [ 21.219786] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.221040] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.221640] ================================================================== [ 20.275485] ================================================================== [ 20.276802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 20.277790] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.278422] [ 20.278659] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.278839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.278877] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.278928] Call Trace: [ 20.278975] <TASK> [ 20.279023] dump_stack_lvl+0x73/0xb0 [ 20.279178] print_report+0xd1/0x650 [ 20.279240] ? __virt_addr_valid+0x1db/0x2d0 [ 20.279297] ? kasan_atomics_helper+0xac7/0x5450 [ 20.279379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.279437] ? kasan_atomics_helper+0xac7/0x5450 [ 20.279488] kasan_report+0x141/0x180 [ 20.279534] ? kasan_atomics_helper+0xac7/0x5450 [ 20.279567] kasan_check_range+0x10c/0x1c0 [ 20.279591] __kasan_check_write+0x18/0x20 [ 20.279614] kasan_atomics_helper+0xac7/0x5450 [ 20.279661] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.279703] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.279760] ? trace_hardirqs_on+0x37/0xe0 [ 20.279811] ? kasan_atomics+0x152/0x310 [ 20.279903] kasan_atomics+0x1dc/0x310 [ 20.279950] ? __pfx_kasan_atomics+0x10/0x10 [ 20.280000] ? __pfx_kasan_atomics+0x10/0x10 [ 20.280056] kunit_try_run_case+0x1a5/0x480 [ 20.280182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.280234] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.280286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.280331] ? __kthread_parkme+0x82/0x180 [ 20.280361] ? preempt_count_sub+0x50/0x80 [ 20.280392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.280420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.280447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.280473] kthread+0x337/0x6f0 [ 20.280494] ? trace_preempt_on+0x20/0xc0 [ 20.280522] ? __pfx_kthread+0x10/0x10 [ 20.280543] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.280568] ? calculate_sigpending+0x7b/0xa0 [ 20.280593] ? __pfx_kthread+0x10/0x10 [ 20.280616] ret_from_fork+0x41/0x80 [ 20.280642] ? __pfx_kthread+0x10/0x10 [ 20.280665] ret_from_fork_asm+0x1a/0x30 [ 20.280701] </TASK> [ 20.280718] [ 20.291641] Allocated by task 286: [ 20.292141] kasan_save_stack+0x45/0x70 [ 20.292473] kasan_save_track+0x18/0x40 [ 20.292834] kasan_save_alloc_info+0x3b/0x50 [ 20.293243] __kasan_kmalloc+0xb7/0xc0 [ 20.293490] __kmalloc_cache_noprof+0x189/0x420 [ 20.293760] kasan_atomics+0x95/0x310 [ 20.294136] kunit_try_run_case+0x1a5/0x480 [ 20.294511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.294987] kthread+0x337/0x6f0 [ 20.295332] ret_from_fork+0x41/0x80 [ 20.295694] ret_from_fork_asm+0x1a/0x30 [ 20.296066] [ 20.296238] The buggy address belongs to the object at ffff888101e04b00 [ 20.296238] which belongs to the cache kmalloc-64 of size 64 [ 20.296696] The buggy address is located 0 bytes to the right of [ 20.296696] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.297710] [ 20.297952] The buggy address belongs to the physical page: [ 20.298448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.299006] flags: 0x200000000000000(node=0|zone=2) [ 20.299354] page_type: f5(slab) [ 20.299662] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.300251] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.300561] page dumped because: kasan: bad access detected [ 20.300832] [ 20.301056] Memory state around the buggy address: [ 20.301523] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.302126] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.302699] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.303086] ^ [ 20.303543] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.303902] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.304263] ================================================================== [ 19.903555] ================================================================== [ 19.904305] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 19.904909] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.905476] [ 19.905732] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.905885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.905920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.905984] Call Trace: [ 19.906043] <TASK> [ 19.906127] dump_stack_lvl+0x73/0xb0 [ 19.906215] print_report+0xd1/0x650 [ 19.906282] ? __virt_addr_valid+0x1db/0x2d0 [ 19.906347] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.906390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.906429] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.906468] kasan_report+0x141/0x180 [ 19.906517] ? kasan_atomics_helper+0x4a0/0x5450 [ 19.906567] kasan_check_range+0x10c/0x1c0 [ 19.906606] __kasan_check_write+0x18/0x20 [ 19.906652] kasan_atomics_helper+0x4a0/0x5450 [ 19.906724] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.906786] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.906855] ? trace_hardirqs_on+0x37/0xe0 [ 19.906901] ? kasan_atomics+0x152/0x310 [ 19.906949] kasan_atomics+0x1dc/0x310 [ 19.906998] ? __pfx_kasan_atomics+0x10/0x10 [ 19.907063] ? __pfx_kasan_atomics+0x10/0x10 [ 19.907147] kunit_try_run_case+0x1a5/0x480 [ 19.907208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.907258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.907317] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.907372] ? __kthread_parkme+0x82/0x180 [ 19.907411] ? preempt_count_sub+0x50/0x80 [ 19.907469] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.907527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.907584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.907654] kthread+0x337/0x6f0 [ 19.907700] ? trace_preempt_on+0x20/0xc0 [ 19.907764] ? __pfx_kthread+0x10/0x10 [ 19.907814] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.907867] ? calculate_sigpending+0x7b/0xa0 [ 19.907925] ? __pfx_kthread+0x10/0x10 [ 19.907974] ret_from_fork+0x41/0x80 [ 19.908028] ? __pfx_kthread+0x10/0x10 [ 19.908077] ret_from_fork_asm+0x1a/0x30 [ 19.908184] </TASK> [ 19.908217] [ 19.919785] Allocated by task 286: [ 19.920281] kasan_save_stack+0x45/0x70 [ 19.920640] kasan_save_track+0x18/0x40 [ 19.920988] kasan_save_alloc_info+0x3b/0x50 [ 19.921257] __kasan_kmalloc+0xb7/0xc0 [ 19.921465] __kmalloc_cache_noprof+0x189/0x420 [ 19.921699] kasan_atomics+0x95/0x310 [ 19.921912] kunit_try_run_case+0x1a5/0x480 [ 19.922164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.922532] kthread+0x337/0x6f0 [ 19.922876] ret_from_fork+0x41/0x80 [ 19.923289] ret_from_fork_asm+0x1a/0x30 [ 19.923704] [ 19.923927] The buggy address belongs to the object at ffff888101e04b00 [ 19.923927] which belongs to the cache kmalloc-64 of size 64 [ 19.926075] The buggy address is located 0 bytes to the right of [ 19.926075] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.927095] [ 19.927687] The buggy address belongs to the physical page: [ 19.928189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.928477] flags: 0x200000000000000(node=0|zone=2) [ 19.929019] page_type: f5(slab) [ 19.929521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.930270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.930576] page dumped because: kasan: bad access detected [ 19.931018] [ 19.931176] Memory state around the buggy address: [ 19.931648] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.932082] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.932755] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.933286] ^ [ 19.933624] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.934005] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.934513] ================================================================== [ 20.143152] ================================================================== [ 20.143699] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 20.144650] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.145253] [ 20.145500] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.145629] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.145666] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.145722] Call Trace: [ 20.145780] <TASK> [ 20.145830] dump_stack_lvl+0x73/0xb0 [ 20.145913] print_report+0xd1/0x650 [ 20.145971] ? __virt_addr_valid+0x1db/0x2d0 [ 20.146031] ? kasan_atomics_helper+0x860/0x5450 [ 20.146087] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.146154] ? kasan_atomics_helper+0x860/0x5450 [ 20.146212] kasan_report+0x141/0x180 [ 20.146268] ? kasan_atomics_helper+0x860/0x5450 [ 20.146335] kasan_check_range+0x10c/0x1c0 [ 20.146389] __kasan_check_write+0x18/0x20 [ 20.146429] kasan_atomics_helper+0x860/0x5450 [ 20.146475] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.146525] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.146573] ? trace_hardirqs_on+0x37/0xe0 [ 20.146621] ? kasan_atomics+0x152/0x310 [ 20.146678] kasan_atomics+0x1dc/0x310 [ 20.146721] ? __pfx_kasan_atomics+0x10/0x10 [ 20.146809] ? __pfx_kasan_atomics+0x10/0x10 [ 20.146857] kunit_try_run_case+0x1a5/0x480 [ 20.146914] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.146965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.147021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.147076] ? __kthread_parkme+0x82/0x180 [ 20.147118] ? preempt_count_sub+0x50/0x80 [ 20.147177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.147208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.147235] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.147260] kthread+0x337/0x6f0 [ 20.147282] ? trace_preempt_on+0x20/0xc0 [ 20.147307] ? __pfx_kthread+0x10/0x10 [ 20.147329] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.147353] ? calculate_sigpending+0x7b/0xa0 [ 20.147378] ? __pfx_kthread+0x10/0x10 [ 20.147400] ret_from_fork+0x41/0x80 [ 20.147425] ? __pfx_kthread+0x10/0x10 [ 20.147447] ret_from_fork_asm+0x1a/0x30 [ 20.147483] </TASK> [ 20.147500] [ 20.159420] Allocated by task 286: [ 20.159859] kasan_save_stack+0x45/0x70 [ 20.160288] kasan_save_track+0x18/0x40 [ 20.160790] kasan_save_alloc_info+0x3b/0x50 [ 20.161283] __kasan_kmalloc+0xb7/0xc0 [ 20.161770] __kmalloc_cache_noprof+0x189/0x420 [ 20.162231] kasan_atomics+0x95/0x310 [ 20.162557] kunit_try_run_case+0x1a5/0x480 [ 20.162923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.163397] kthread+0x337/0x6f0 [ 20.163779] ret_from_fork+0x41/0x80 [ 20.164125] ret_from_fork_asm+0x1a/0x30 [ 20.164419] [ 20.164658] The buggy address belongs to the object at ffff888101e04b00 [ 20.164658] which belongs to the cache kmalloc-64 of size 64 [ 20.165457] The buggy address is located 0 bytes to the right of [ 20.165457] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.166107] [ 20.166325] The buggy address belongs to the physical page: [ 20.166733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.167364] flags: 0x200000000000000(node=0|zone=2) [ 20.167685] page_type: f5(slab) [ 20.168438] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.169541] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.169883] page dumped because: kasan: bad access detected [ 20.170543] [ 20.170886] Memory state around the buggy address: [ 20.171139] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.171731] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.172177] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.172583] ^ [ 20.172999] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.173612] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.174225] ================================================================== [ 20.078488] ================================================================== [ 20.078883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 20.079528] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.079952] [ 20.080271] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.080393] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.080428] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.080474] Call Trace: [ 20.080523] <TASK> [ 20.080569] dump_stack_lvl+0x73/0xb0 [ 20.080648] print_report+0xd1/0x650 [ 20.080697] ? __virt_addr_valid+0x1db/0x2d0 [ 20.080772] ? kasan_atomics_helper+0x72f/0x5450 [ 20.080822] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.080877] ? kasan_atomics_helper+0x72f/0x5450 [ 20.080931] kasan_report+0x141/0x180 [ 20.080988] ? kasan_atomics_helper+0x72f/0x5450 [ 20.081053] kasan_check_range+0x10c/0x1c0 [ 20.081132] __kasan_check_write+0x18/0x20 [ 20.081169] kasan_atomics_helper+0x72f/0x5450 [ 20.081196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.081222] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.081248] ? trace_hardirqs_on+0x37/0xe0 [ 20.081274] ? kasan_atomics+0x152/0x310 [ 20.081301] kasan_atomics+0x1dc/0x310 [ 20.081323] ? __pfx_kasan_atomics+0x10/0x10 [ 20.081347] ? __pfx_kasan_atomics+0x10/0x10 [ 20.081374] kunit_try_run_case+0x1a5/0x480 [ 20.081405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.081430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.081459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.081484] ? __kthread_parkme+0x82/0x180 [ 20.081511] ? preempt_count_sub+0x50/0x80 [ 20.081540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.081567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.081592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.081618] kthread+0x337/0x6f0 [ 20.081639] ? trace_preempt_on+0x20/0xc0 [ 20.081665] ? __pfx_kthread+0x10/0x10 [ 20.081686] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.081710] ? calculate_sigpending+0x7b/0xa0 [ 20.081736] ? __pfx_kthread+0x10/0x10 [ 20.081783] ret_from_fork+0x41/0x80 [ 20.081811] ? __pfx_kthread+0x10/0x10 [ 20.081835] ret_from_fork_asm+0x1a/0x30 [ 20.081872] </TASK> [ 20.081888] [ 20.094588] Allocated by task 286: [ 20.095065] kasan_save_stack+0x45/0x70 [ 20.095377] kasan_save_track+0x18/0x40 [ 20.095602] kasan_save_alloc_info+0x3b/0x50 [ 20.095854] __kasan_kmalloc+0xb7/0xc0 [ 20.096071] __kmalloc_cache_noprof+0x189/0x420 [ 20.096454] kasan_atomics+0x95/0x310 [ 20.097054] kunit_try_run_case+0x1a5/0x480 [ 20.097728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.098296] kthread+0x337/0x6f0 [ 20.098651] ret_from_fork+0x41/0x80 [ 20.099040] ret_from_fork_asm+0x1a/0x30 [ 20.099460] [ 20.099713] The buggy address belongs to the object at ffff888101e04b00 [ 20.099713] which belongs to the cache kmalloc-64 of size 64 [ 20.100628] The buggy address is located 0 bytes to the right of [ 20.100628] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.101364] [ 20.101528] The buggy address belongs to the physical page: [ 20.102042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.102809] flags: 0x200000000000000(node=0|zone=2) [ 20.103167] page_type: f5(slab) [ 20.103391] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.104072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.104759] page dumped because: kasan: bad access detected [ 20.105267] [ 20.105466] Memory state around the buggy address: [ 20.106146] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.106599] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.107064] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.107455] ^ [ 20.107863] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.108384] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.108856] ================================================================== [ 19.874857] ================================================================== [ 19.875599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 19.876022] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.876419] [ 19.876617] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.876732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.876776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.876826] Call Trace: [ 19.876874] <TASK> [ 19.876922] dump_stack_lvl+0x73/0xb0 [ 19.876997] print_report+0xd1/0x650 [ 19.877055] ? __virt_addr_valid+0x1db/0x2d0 [ 19.877149] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.877207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.877264] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.877317] kasan_report+0x141/0x180 [ 19.877374] ? kasan_atomics_helper+0x4b54/0x5450 [ 19.877426] __asan_report_load4_noabort+0x18/0x20 [ 19.877470] kasan_atomics_helper+0x4b54/0x5450 [ 19.877521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.877594] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.877648] ? trace_hardirqs_on+0x37/0xe0 [ 19.877715] ? kasan_atomics+0x152/0x310 [ 19.877790] kasan_atomics+0x1dc/0x310 [ 19.877834] ? __pfx_kasan_atomics+0x10/0x10 [ 19.877879] ? __pfx_kasan_atomics+0x10/0x10 [ 19.877933] kunit_try_run_case+0x1a5/0x480 [ 19.877995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.878049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.878141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.878195] ? __kthread_parkme+0x82/0x180 [ 19.878240] ? preempt_count_sub+0x50/0x80 [ 19.878288] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.878339] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.878414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.878465] kthread+0x337/0x6f0 [ 19.878507] ? trace_preempt_on+0x20/0xc0 [ 19.878560] ? __pfx_kthread+0x10/0x10 [ 19.878604] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.878655] ? calculate_sigpending+0x7b/0xa0 [ 19.878726] ? __pfx_kthread+0x10/0x10 [ 19.878783] ret_from_fork+0x41/0x80 [ 19.878838] ? __pfx_kthread+0x10/0x10 [ 19.878881] ret_from_fork_asm+0x1a/0x30 [ 19.878955] </TASK> [ 19.879004] [ 19.890155] Allocated by task 286: [ 19.890445] kasan_save_stack+0x45/0x70 [ 19.890867] kasan_save_track+0x18/0x40 [ 19.891193] kasan_save_alloc_info+0x3b/0x50 [ 19.891531] __kasan_kmalloc+0xb7/0xc0 [ 19.891836] __kmalloc_cache_noprof+0x189/0x420 [ 19.892092] kasan_atomics+0x95/0x310 [ 19.892315] kunit_try_run_case+0x1a5/0x480 [ 19.892525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.892789] kthread+0x337/0x6f0 [ 19.892977] ret_from_fork+0x41/0x80 [ 19.893220] ret_from_fork_asm+0x1a/0x30 [ 19.893437] [ 19.893625] The buggy address belongs to the object at ffff888101e04b00 [ 19.893625] which belongs to the cache kmalloc-64 of size 64 [ 19.894653] The buggy address is located 0 bytes to the right of [ 19.894653] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.895687] [ 19.895918] The buggy address belongs to the physical page: [ 19.896423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.897070] flags: 0x200000000000000(node=0|zone=2) [ 19.897409] page_type: f5(slab) [ 19.897613] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.897939] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.898275] page dumped because: kasan: bad access detected [ 19.898516] [ 19.898645] Memory state around the buggy address: [ 19.898978] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.899616] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.900285] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.900897] ^ [ 19.901346] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.901906] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.902266] ================================================================== [ 20.830165] ================================================================== [ 20.831722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 20.832122] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.832628] [ 20.832798] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.832917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.832967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.833026] Call Trace: [ 20.833081] <TASK> [ 20.833140] dump_stack_lvl+0x73/0xb0 [ 20.833224] print_report+0xd1/0x650 [ 20.833272] ? __virt_addr_valid+0x1db/0x2d0 [ 20.833324] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.833373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.833420] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.833649] kasan_report+0x141/0x180 [ 20.833725] ? kasan_atomics_helper+0x49ce/0x5450 [ 20.833796] __asan_report_load4_noabort+0x18/0x20 [ 20.833847] kasan_atomics_helper+0x49ce/0x5450 [ 20.833902] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.833958] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.834013] ? trace_hardirqs_on+0x37/0xe0 [ 20.834064] ? kasan_atomics+0x152/0x310 [ 20.834156] kasan_atomics+0x1dc/0x310 [ 20.834205] ? __pfx_kasan_atomics+0x10/0x10 [ 20.834243] ? __pfx_kasan_atomics+0x10/0x10 [ 20.834276] kunit_try_run_case+0x1a5/0x480 [ 20.834308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.834333] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.834376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.834404] ? __kthread_parkme+0x82/0x180 [ 20.834430] ? preempt_count_sub+0x50/0x80 [ 20.834460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.834487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.834513] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.834565] kthread+0x337/0x6f0 [ 20.834602] ? trace_preempt_on+0x20/0xc0 [ 20.834635] ? __pfx_kthread+0x10/0x10 [ 20.834657] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.834681] ? calculate_sigpending+0x7b/0xa0 [ 20.834706] ? __pfx_kthread+0x10/0x10 [ 20.834728] ret_from_fork+0x41/0x80 [ 20.834774] ? __pfx_kthread+0x10/0x10 [ 20.834806] ret_from_fork_asm+0x1a/0x30 [ 20.834855] </TASK> [ 20.834872] [ 20.848989] Allocated by task 286: [ 20.849479] kasan_save_stack+0x45/0x70 [ 20.849969] kasan_save_track+0x18/0x40 [ 20.850204] kasan_save_alloc_info+0x3b/0x50 [ 20.850579] __kasan_kmalloc+0xb7/0xc0 [ 20.850954] __kmalloc_cache_noprof+0x189/0x420 [ 20.851255] kasan_atomics+0x95/0x310 [ 20.851579] kunit_try_run_case+0x1a5/0x480 [ 20.851983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.852333] kthread+0x337/0x6f0 [ 20.852556] ret_from_fork+0x41/0x80 [ 20.852954] ret_from_fork_asm+0x1a/0x30 [ 20.853260] [ 20.853470] The buggy address belongs to the object at ffff888101e04b00 [ 20.853470] which belongs to the cache kmalloc-64 of size 64 [ 20.854272] The buggy address is located 0 bytes to the right of [ 20.854272] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.855053] [ 20.855299] The buggy address belongs to the physical page: [ 20.855658] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.856050] flags: 0x200000000000000(node=0|zone=2) [ 20.856518] page_type: f5(slab) [ 20.856872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.857415] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.857876] page dumped because: kasan: bad access detected [ 20.858202] [ 20.858404] Memory state around the buggy address: [ 20.858694] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.859017] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.859597] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.860218] ^ [ 20.860644] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.861018] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.861545] ================================================================== [ 20.998359] ================================================================== [ 20.999141] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 20.999795] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.000243] [ 21.000547] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.000668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.000967] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.001024] Call Trace: [ 21.001098] <TASK> [ 21.001163] dump_stack_lvl+0x73/0xb0 [ 21.001257] print_report+0xd1/0x650 [ 21.001316] ? __virt_addr_valid+0x1db/0x2d0 [ 21.001375] ? kasan_atomics_helper+0x151d/0x5450 [ 21.001431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.001486] ? kasan_atomics_helper+0x151d/0x5450 [ 21.001543] kasan_report+0x141/0x180 [ 21.001630] ? kasan_atomics_helper+0x151d/0x5450 [ 21.001695] kasan_check_range+0x10c/0x1c0 [ 21.001758] __kasan_check_write+0x18/0x20 [ 21.001811] kasan_atomics_helper+0x151d/0x5450 [ 21.001863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.001940] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.002012] ? trace_hardirqs_on+0x37/0xe0 [ 21.002069] ? kasan_atomics+0x152/0x310 [ 21.002128] kasan_atomics+0x1dc/0x310 [ 21.002173] ? __pfx_kasan_atomics+0x10/0x10 [ 21.002207] ? __pfx_kasan_atomics+0x10/0x10 [ 21.002236] kunit_try_run_case+0x1a5/0x480 [ 21.002269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.002293] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.002321] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.002347] ? __kthread_parkme+0x82/0x180 [ 21.002372] ? preempt_count_sub+0x50/0x80 [ 21.002405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.002431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.002457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.002483] kthread+0x337/0x6f0 [ 21.002504] ? trace_preempt_on+0x20/0xc0 [ 21.002530] ? __pfx_kthread+0x10/0x10 [ 21.002551] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.002575] ? calculate_sigpending+0x7b/0xa0 [ 21.002600] ? __pfx_kthread+0x10/0x10 [ 21.002622] ret_from_fork+0x41/0x80 [ 21.002649] ? __pfx_kthread+0x10/0x10 [ 21.002670] ret_from_fork_asm+0x1a/0x30 [ 21.002708] </TASK> [ 21.002724] [ 21.015981] Allocated by task 286: [ 21.016231] kasan_save_stack+0x45/0x70 [ 21.016625] kasan_save_track+0x18/0x40 [ 21.018111] kasan_save_alloc_info+0x3b/0x50 [ 21.019019] __kasan_kmalloc+0xb7/0xc0 [ 21.020505] __kmalloc_cache_noprof+0x189/0x420 [ 21.021537] kasan_atomics+0x95/0x310 [ 21.022165] kunit_try_run_case+0x1a5/0x480 [ 21.022617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.023131] kthread+0x337/0x6f0 [ 21.023441] ret_from_fork+0x41/0x80 [ 21.023796] ret_from_fork_asm+0x1a/0x30 [ 21.024509] [ 21.024723] The buggy address belongs to the object at ffff888101e04b00 [ 21.024723] which belongs to the cache kmalloc-64 of size 64 [ 21.026401] The buggy address is located 0 bytes to the right of [ 21.026401] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.027220] [ 21.027363] The buggy address belongs to the physical page: [ 21.027604] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.027947] flags: 0x200000000000000(node=0|zone=2) [ 21.028180] page_type: f5(slab) [ 21.028419] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.029357] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.030839] page dumped because: kasan: bad access detected [ 21.031355] [ 21.031569] Memory state around the buggy address: [ 21.031955] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.032525] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.033039] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.033558] ^ [ 21.033934] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.034465] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.035129] ================================================================== [ 21.788764] ================================================================== [ 21.789876] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 21.790542] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.791181] [ 21.791438] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.791565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.791600] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.791664] Call Trace: [ 21.791714] <TASK> [ 21.791764] dump_stack_lvl+0x73/0xb0 [ 21.791847] print_report+0xd1/0x650 [ 21.791905] ? __virt_addr_valid+0x1db/0x2d0 [ 21.791962] ? kasan_atomics_helper+0x224c/0x5450 [ 21.792017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.792074] ? kasan_atomics_helper+0x224c/0x5450 [ 21.792578] kasan_report+0x141/0x180 [ 21.792647] ? kasan_atomics_helper+0x224c/0x5450 [ 21.793080] kasan_check_range+0x10c/0x1c0 [ 21.793167] __kasan_check_write+0x18/0x20 [ 21.793196] kasan_atomics_helper+0x224c/0x5450 [ 21.793224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.793254] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.793280] ? trace_hardirqs_on+0x37/0xe0 [ 21.793306] ? kasan_atomics+0x152/0x310 [ 21.793333] kasan_atomics+0x1dc/0x310 [ 21.793356] ? __pfx_kasan_atomics+0x10/0x10 [ 21.793379] ? __pfx_kasan_atomics+0x10/0x10 [ 21.793407] kunit_try_run_case+0x1a5/0x480 [ 21.793437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.793462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.793491] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.793518] ? __kthread_parkme+0x82/0x180 [ 21.793544] ? preempt_count_sub+0x50/0x80 [ 21.793573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.793601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.793626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.793653] kthread+0x337/0x6f0 [ 21.793673] ? trace_preempt_on+0x20/0xc0 [ 21.793699] ? __pfx_kthread+0x10/0x10 [ 21.793721] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.793764] ? calculate_sigpending+0x7b/0xa0 [ 21.793801] ? __pfx_kthread+0x10/0x10 [ 21.793824] ret_from_fork+0x41/0x80 [ 21.793851] ? __pfx_kthread+0x10/0x10 [ 21.793873] ret_from_fork_asm+0x1a/0x30 [ 21.793909] </TASK> [ 21.793925] [ 21.807784] Allocated by task 286: [ 21.808320] kasan_save_stack+0x45/0x70 [ 21.808815] kasan_save_track+0x18/0x40 [ 21.809262] kasan_save_alloc_info+0x3b/0x50 [ 21.809706] __kasan_kmalloc+0xb7/0xc0 [ 21.810057] __kmalloc_cache_noprof+0x189/0x420 [ 21.810456] kasan_atomics+0x95/0x310 [ 21.811510] kunit_try_run_case+0x1a5/0x480 [ 21.811856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.812569] kthread+0x337/0x6f0 [ 21.813180] ret_from_fork+0x41/0x80 [ 21.813766] ret_from_fork_asm+0x1a/0x30 [ 21.813990] [ 21.814103] The buggy address belongs to the object at ffff888101e04b00 [ 21.814103] which belongs to the cache kmalloc-64 of size 64 [ 21.816384] The buggy address is located 0 bytes to the right of [ 21.816384] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.818502] [ 21.819073] The buggy address belongs to the physical page: [ 21.820354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.821337] flags: 0x200000000000000(node=0|zone=2) [ 21.822336] page_type: f5(slab) [ 21.823357] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.824714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.825853] page dumped because: kasan: bad access detected [ 21.826292] [ 21.826422] Memory state around the buggy address: [ 21.827217] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.827640] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.828369] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.828792] ^ [ 21.829382] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.829791] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.830393] ================================================================== [ 20.044154] ================================================================== [ 20.045095] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 20.045475] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.045778] [ 20.045939] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.046007] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.046025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.046050] Call Trace: [ 20.046076] <TASK> [ 20.046104] dump_stack_lvl+0x73/0xb0 [ 20.046620] print_report+0xd1/0x650 [ 20.047010] ? __virt_addr_valid+0x1db/0x2d0 [ 20.047098] ? kasan_atomics_helper+0x697/0x5450 [ 20.047146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.047197] ? kasan_atomics_helper+0x697/0x5450 [ 20.047258] kasan_report+0x141/0x180 [ 20.047315] ? kasan_atomics_helper+0x697/0x5450 [ 20.047355] kasan_check_range+0x10c/0x1c0 [ 20.047380] __kasan_check_write+0x18/0x20 [ 20.047404] kasan_atomics_helper+0x697/0x5450 [ 20.047431] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.047458] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.047483] ? trace_hardirqs_on+0x37/0xe0 [ 20.047510] ? kasan_atomics+0x152/0x310 [ 20.047537] kasan_atomics+0x1dc/0x310 [ 20.047559] ? __pfx_kasan_atomics+0x10/0x10 [ 20.047582] ? __pfx_kasan_atomics+0x10/0x10 [ 20.047609] kunit_try_run_case+0x1a5/0x480 [ 20.047653] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.047679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.047708] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.047736] ? __kthread_parkme+0x82/0x180 [ 20.047787] ? preempt_count_sub+0x50/0x80 [ 20.047817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.047843] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.047870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.047895] kthread+0x337/0x6f0 [ 20.047916] ? trace_preempt_on+0x20/0xc0 [ 20.047942] ? __pfx_kthread+0x10/0x10 [ 20.047964] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.047988] ? calculate_sigpending+0x7b/0xa0 [ 20.048013] ? __pfx_kthread+0x10/0x10 [ 20.048035] ret_from_fork+0x41/0x80 [ 20.048061] ? __pfx_kthread+0x10/0x10 [ 20.048082] ret_from_fork_asm+0x1a/0x30 [ 20.048148] </TASK> [ 20.048168] [ 20.061704] Allocated by task 286: [ 20.062279] kasan_save_stack+0x45/0x70 [ 20.062623] kasan_save_track+0x18/0x40 [ 20.062862] kasan_save_alloc_info+0x3b/0x50 [ 20.063384] __kasan_kmalloc+0xb7/0xc0 [ 20.063853] __kmalloc_cache_noprof+0x189/0x420 [ 20.064426] kasan_atomics+0x95/0x310 [ 20.064652] kunit_try_run_case+0x1a5/0x480 [ 20.065028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.065799] kthread+0x337/0x6f0 [ 20.066043] ret_from_fork+0x41/0x80 [ 20.066491] ret_from_fork_asm+0x1a/0x30 [ 20.066944] [ 20.067246] The buggy address belongs to the object at ffff888101e04b00 [ 20.067246] which belongs to the cache kmalloc-64 of size 64 [ 20.068085] The buggy address is located 0 bytes to the right of [ 20.068085] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.068971] [ 20.069252] The buggy address belongs to the physical page: [ 20.069655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.070238] flags: 0x200000000000000(node=0|zone=2) [ 20.070725] page_type: f5(slab) [ 20.071002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.071615] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.072096] page dumped because: kasan: bad access detected [ 20.072597] [ 20.072811] Memory state around the buggy address: [ 20.073083] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.073668] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.074144] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.074730] ^ [ 20.075370] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.075941] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.076476] ================================================================== [ 20.635046] ================================================================== [ 20.636175] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 20.636672] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.636938] [ 20.637061] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.637153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.637171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.637198] Call Trace: [ 20.637225] <TASK> [ 20.637253] dump_stack_lvl+0x73/0xb0 [ 20.637291] print_report+0xd1/0x650 [ 20.637319] ? __virt_addr_valid+0x1db/0x2d0 [ 20.637347] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.637373] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.637400] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.637426] kasan_report+0x141/0x180 [ 20.637452] ? kasan_atomics_helper+0x4a1c/0x5450 [ 20.637483] __asan_report_load4_noabort+0x18/0x20 [ 20.637508] kasan_atomics_helper+0x4a1c/0x5450 [ 20.637535] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.637560] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.637585] ? trace_hardirqs_on+0x37/0xe0 [ 20.637611] ? kasan_atomics+0x152/0x310 [ 20.637639] kasan_atomics+0x1dc/0x310 [ 20.637662] ? __pfx_kasan_atomics+0x10/0x10 [ 20.637685] ? __pfx_kasan_atomics+0x10/0x10 [ 20.637712] kunit_try_run_case+0x1a5/0x480 [ 20.637741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.638008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.638064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.638129] ? __kthread_parkme+0x82/0x180 [ 20.638186] ? preempt_count_sub+0x50/0x80 [ 20.638249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.638308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.638368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.638419] kthread+0x337/0x6f0 [ 20.638459] ? trace_preempt_on+0x20/0xc0 [ 20.638897] ? __pfx_kthread+0x10/0x10 [ 20.638990] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.639050] ? calculate_sigpending+0x7b/0xa0 [ 20.639114] ? __pfx_kthread+0x10/0x10 [ 20.639165] ret_from_fork+0x41/0x80 [ 20.639227] ? __pfx_kthread+0x10/0x10 [ 20.639274] ret_from_fork_asm+0x1a/0x30 [ 20.639343] </TASK> [ 20.639365] [ 20.652302] Allocated by task 286: [ 20.652739] kasan_save_stack+0x45/0x70 [ 20.653246] kasan_save_track+0x18/0x40 [ 20.653603] kasan_save_alloc_info+0x3b/0x50 [ 20.653885] __kasan_kmalloc+0xb7/0xc0 [ 20.654279] __kmalloc_cache_noprof+0x189/0x420 [ 20.654584] kasan_atomics+0x95/0x310 [ 20.654897] kunit_try_run_case+0x1a5/0x480 [ 20.655328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.655705] kthread+0x337/0x6f0 [ 20.655918] ret_from_fork+0x41/0x80 [ 20.656146] ret_from_fork_asm+0x1a/0x30 [ 20.656547] [ 20.656761] The buggy address belongs to the object at ffff888101e04b00 [ 20.656761] which belongs to the cache kmalloc-64 of size 64 [ 20.657707] The buggy address is located 0 bytes to the right of [ 20.657707] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.658444] [ 20.658677] The buggy address belongs to the physical page: [ 20.659018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.659629] flags: 0x200000000000000(node=0|zone=2) [ 20.659931] page_type: f5(slab) [ 20.660300] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.660702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.661023] page dumped because: kasan: bad access detected [ 20.661514] [ 20.661715] Memory state around the buggy address: [ 20.662165] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.662565] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.663096] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.663539] ^ [ 20.663957] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.664407] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.664698] ================================================================== [ 21.405941] ================================================================== [ 21.406634] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 21.407147] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.407563] [ 21.407795] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.407911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.407938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.407967] Call Trace: [ 21.407994] <TASK> [ 21.408022] dump_stack_lvl+0x73/0xb0 [ 21.408076] print_report+0xd1/0x650 [ 21.408158] ? __virt_addr_valid+0x1db/0x2d0 [ 21.408205] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.408249] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.408300] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.408345] kasan_report+0x141/0x180 [ 21.408387] ? kasan_atomics_helper+0x1ce1/0x5450 [ 21.408438] kasan_check_range+0x10c/0x1c0 [ 21.408480] __kasan_check_write+0x18/0x20 [ 21.408525] kasan_atomics_helper+0x1ce1/0x5450 [ 21.408576] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.408626] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.408674] ? trace_hardirqs_on+0x37/0xe0 [ 21.408723] ? kasan_atomics+0x152/0x310 [ 21.408793] kasan_atomics+0x1dc/0x310 [ 21.408845] ? __pfx_kasan_atomics+0x10/0x10 [ 21.408886] ? __pfx_kasan_atomics+0x10/0x10 [ 21.408942] kunit_try_run_case+0x1a5/0x480 [ 21.408996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.409042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.409093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.409186] ? __kthread_parkme+0x82/0x180 [ 21.409237] ? preempt_count_sub+0x50/0x80 [ 21.409289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.409343] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.409391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.409436] kthread+0x337/0x6f0 [ 21.409475] ? trace_preempt_on+0x20/0xc0 [ 21.409525] ? __pfx_kthread+0x10/0x10 [ 21.409567] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.409618] ? calculate_sigpending+0x7b/0xa0 [ 21.409672] ? __pfx_kthread+0x10/0x10 [ 21.409721] ret_from_fork+0x41/0x80 [ 21.409785] ? __pfx_kthread+0x10/0x10 [ 21.409826] ret_from_fork_asm+0x1a/0x30 [ 21.409885] </TASK> [ 21.409914] [ 21.420096] Allocated by task 286: [ 21.420523] kasan_save_stack+0x45/0x70 [ 21.420929] kasan_save_track+0x18/0x40 [ 21.421300] kasan_save_alloc_info+0x3b/0x50 [ 21.421690] __kasan_kmalloc+0xb7/0xc0 [ 21.422033] __kmalloc_cache_noprof+0x189/0x420 [ 21.422460] kasan_atomics+0x95/0x310 [ 21.422805] kunit_try_run_case+0x1a5/0x480 [ 21.423163] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.423592] kthread+0x337/0x6f0 [ 21.423871] ret_from_fork+0x41/0x80 [ 21.424083] ret_from_fork_asm+0x1a/0x30 [ 21.424456] [ 21.424643] The buggy address belongs to the object at ffff888101e04b00 [ 21.424643] which belongs to the cache kmalloc-64 of size 64 [ 21.425335] The buggy address is located 0 bytes to the right of [ 21.425335] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.426078] [ 21.426289] The buggy address belongs to the physical page: [ 21.426629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.427170] flags: 0x200000000000000(node=0|zone=2) [ 21.427570] page_type: f5(slab) [ 21.427836] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.428343] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.428717] page dumped because: kasan: bad access detected [ 21.429145] [ 21.429277] Memory state around the buggy address: [ 21.429512] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.429809] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.430383] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.430948] ^ [ 21.431361] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.431845] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.432291] ================================================================== [ 20.376279] ================================================================== [ 20.377241] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 20.377804] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.378347] [ 20.378640] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.378778] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.378808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.378857] Call Trace: [ 20.378902] <TASK> [ 20.378949] dump_stack_lvl+0x73/0xb0 [ 20.379009] print_report+0xd1/0x650 [ 20.379039] ? __virt_addr_valid+0x1db/0x2d0 [ 20.379069] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.379093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.379187] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.379243] kasan_report+0x141/0x180 [ 20.379296] ? kasan_atomics_helper+0x4a84/0x5450 [ 20.379361] __asan_report_load4_noabort+0x18/0x20 [ 20.379415] kasan_atomics_helper+0x4a84/0x5450 [ 20.379473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.379524] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.379573] ? trace_hardirqs_on+0x37/0xe0 [ 20.379632] ? kasan_atomics+0x152/0x310 [ 20.379732] kasan_atomics+0x1dc/0x310 [ 20.379790] ? __pfx_kasan_atomics+0x10/0x10 [ 20.379841] ? __pfx_kasan_atomics+0x10/0x10 [ 20.379898] kunit_try_run_case+0x1a5/0x480 [ 20.379997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.380047] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.380103] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.380185] ? __kthread_parkme+0x82/0x180 [ 20.380241] ? preempt_count_sub+0x50/0x80 [ 20.380303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.380354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.380406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.380493] kthread+0x337/0x6f0 [ 20.380537] ? trace_preempt_on+0x20/0xc0 [ 20.380590] ? __pfx_kthread+0x10/0x10 [ 20.380633] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.380675] ? calculate_sigpending+0x7b/0xa0 [ 20.380709] ? __pfx_kthread+0x10/0x10 [ 20.380731] ret_from_fork+0x41/0x80 [ 20.380782] ? __pfx_kthread+0x10/0x10 [ 20.380807] ret_from_fork_asm+0x1a/0x30 [ 20.380845] </TASK> [ 20.380862] [ 20.393699] Allocated by task 286: [ 20.394302] kasan_save_stack+0x45/0x70 [ 20.394878] kasan_save_track+0x18/0x40 [ 20.395240] kasan_save_alloc_info+0x3b/0x50 [ 20.395580] __kasan_kmalloc+0xb7/0xc0 [ 20.396023] __kmalloc_cache_noprof+0x189/0x420 [ 20.396494] kasan_atomics+0x95/0x310 [ 20.396884] kunit_try_run_case+0x1a5/0x480 [ 20.397324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.397838] kthread+0x337/0x6f0 [ 20.398115] ret_from_fork+0x41/0x80 [ 20.398459] ret_from_fork_asm+0x1a/0x30 [ 20.398689] [ 20.398836] The buggy address belongs to the object at ffff888101e04b00 [ 20.398836] which belongs to the cache kmalloc-64 of size 64 [ 20.399949] The buggy address is located 0 bytes to the right of [ 20.399949] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.400858] [ 20.401012] The buggy address belongs to the physical page: [ 20.401270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.401616] flags: 0x200000000000000(node=0|zone=2) [ 20.402167] page_type: f5(slab) [ 20.402602] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.403337] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.403983] page dumped because: kasan: bad access detected [ 20.404457] [ 20.404708] Memory state around the buggy address: [ 20.405111] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.405628] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.405947] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.406247] ^ [ 20.406764] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.407532] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.408179] ================================================================== [ 19.814426] ================================================================== [ 19.815080] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 19.815679] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.816001] [ 19.816179] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.816296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.816331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.816371] Call Trace: [ 19.816412] <TASK> [ 19.816458] dump_stack_lvl+0x73/0xb0 [ 19.816529] print_report+0xd1/0x650 [ 19.816588] ? __virt_addr_valid+0x1db/0x2d0 [ 19.816645] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.816699] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.816798] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.816844] kasan_report+0x141/0x180 [ 19.816890] ? kasan_atomics_helper+0x4b6e/0x5450 [ 19.816949] __asan_report_store4_noabort+0x1b/0x30 [ 19.816994] kasan_atomics_helper+0x4b6e/0x5450 [ 19.817045] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.817098] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.817189] ? trace_hardirqs_on+0x37/0xe0 [ 19.817247] ? kasan_atomics+0x152/0x310 [ 19.817291] kasan_atomics+0x1dc/0x310 [ 19.817324] ? __pfx_kasan_atomics+0x10/0x10 [ 19.817357] ? __pfx_kasan_atomics+0x10/0x10 [ 19.817396] kunit_try_run_case+0x1a5/0x480 [ 19.817438] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817474] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.817514] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.817552] ? __kthread_parkme+0x82/0x180 [ 19.817588] ? preempt_count_sub+0x50/0x80 [ 19.817631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.817668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.817705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.817740] kthread+0x337/0x6f0 [ 19.817786] ? trace_preempt_on+0x20/0xc0 [ 19.817824] ? __pfx_kthread+0x10/0x10 [ 19.817855] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.817891] ? calculate_sigpending+0x7b/0xa0 [ 19.817930] ? __pfx_kthread+0x10/0x10 [ 19.817963] ret_from_fork+0x41/0x80 [ 19.818001] ? __pfx_kthread+0x10/0x10 [ 19.818034] ret_from_fork_asm+0x1a/0x30 [ 19.818090] </TASK> [ 19.818146] [ 19.829480] Allocated by task 286: [ 19.829807] kasan_save_stack+0x45/0x70 [ 19.830300] kasan_save_track+0x18/0x40 [ 19.830671] kasan_save_alloc_info+0x3b/0x50 [ 19.831068] __kasan_kmalloc+0xb7/0xc0 [ 19.832968] __kmalloc_cache_noprof+0x189/0x420 [ 19.833770] kasan_atomics+0x95/0x310 [ 19.834094] kunit_try_run_case+0x1a5/0x480 [ 19.834532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.834902] kthread+0x337/0x6f0 [ 19.835280] ret_from_fork+0x41/0x80 [ 19.835684] ret_from_fork_asm+0x1a/0x30 [ 19.835965] [ 19.836206] The buggy address belongs to the object at ffff888101e04b00 [ 19.836206] which belongs to the cache kmalloc-64 of size 64 [ 19.837006] The buggy address is located 0 bytes to the right of [ 19.837006] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.837713] [ 19.837996] The buggy address belongs to the physical page: [ 19.838261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.838880] flags: 0x200000000000000(node=0|zone=2) [ 19.839353] page_type: f5(slab) [ 19.839713] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.840246] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.840680] page dumped because: kasan: bad access detected [ 19.840998] [ 19.841232] Memory state around the buggy address: [ 19.841624] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.842231] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.842648] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.843020] ^ [ 19.843427] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.843800] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.844384] ================================================================== [ 20.793974] ================================================================== [ 20.795497] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 20.796343] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.797300] [ 20.797559] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.797682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.797703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.797730] Call Trace: [ 20.797775] <TASK> [ 20.797805] dump_stack_lvl+0x73/0xb0 [ 20.797876] print_report+0xd1/0x650 [ 20.797921] ? __virt_addr_valid+0x1db/0x2d0 [ 20.797975] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.798022] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.798070] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.798117] kasan_report+0x141/0x180 [ 20.798169] ? kasan_atomics_helper+0x12e6/0x5450 [ 20.798249] kasan_check_range+0x10c/0x1c0 [ 20.798280] __kasan_check_write+0x18/0x20 [ 20.798304] kasan_atomics_helper+0x12e6/0x5450 [ 20.798332] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.798357] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.798383] ? trace_hardirqs_on+0x37/0xe0 [ 20.798410] ? kasan_atomics+0x152/0x310 [ 20.798438] kasan_atomics+0x1dc/0x310 [ 20.798461] ? __pfx_kasan_atomics+0x10/0x10 [ 20.798485] ? __pfx_kasan_atomics+0x10/0x10 [ 20.798513] kunit_try_run_case+0x1a5/0x480 [ 20.798542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.798567] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.798595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.798621] ? __kthread_parkme+0x82/0x180 [ 20.798647] ? preempt_count_sub+0x50/0x80 [ 20.798676] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.798704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.798729] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.798778] kthread+0x337/0x6f0 [ 20.798803] ? trace_preempt_on+0x20/0xc0 [ 20.798828] ? __pfx_kthread+0x10/0x10 [ 20.798850] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.798874] ? calculate_sigpending+0x7b/0xa0 [ 20.798899] ? __pfx_kthread+0x10/0x10 [ 20.798922] ret_from_fork+0x41/0x80 [ 20.798949] ? __pfx_kthread+0x10/0x10 [ 20.799245] ret_from_fork_asm+0x1a/0x30 [ 20.799300] </TASK> [ 20.799320] [ 20.814176] Allocated by task 286: [ 20.814756] kasan_save_stack+0x45/0x70 [ 20.815054] kasan_save_track+0x18/0x40 [ 20.815250] kasan_save_alloc_info+0x3b/0x50 [ 20.815656] __kasan_kmalloc+0xb7/0xc0 [ 20.815937] __kmalloc_cache_noprof+0x189/0x420 [ 20.816229] kasan_atomics+0x95/0x310 [ 20.816783] kunit_try_run_case+0x1a5/0x480 [ 20.817534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.817968] kthread+0x337/0x6f0 [ 20.818408] ret_from_fork+0x41/0x80 [ 20.818673] ret_from_fork_asm+0x1a/0x30 [ 20.818930] [ 20.819139] The buggy address belongs to the object at ffff888101e04b00 [ 20.819139] which belongs to the cache kmalloc-64 of size 64 [ 20.819883] The buggy address is located 0 bytes to the right of [ 20.819883] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.820856] [ 20.821075] The buggy address belongs to the physical page: [ 20.821687] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.822385] flags: 0x200000000000000(node=0|zone=2) [ 20.822963] page_type: f5(slab) [ 20.823332] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.823915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.824523] page dumped because: kasan: bad access detected [ 20.824792] [ 20.824998] Memory state around the buggy address: [ 20.825483] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.826048] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.826944] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.827251] ^ [ 20.827485] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.827776] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.828825] ================================================================== [ 21.530520] ================================================================== [ 21.531037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 21.531546] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.532043] [ 21.532265] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.532387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.532420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.532468] Call Trace: [ 21.532539] <TASK> [ 21.532585] dump_stack_lvl+0x73/0xb0 [ 21.532672] print_report+0xd1/0x650 [ 21.532723] ? __virt_addr_valid+0x1db/0x2d0 [ 21.532791] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.532861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.532927] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.532994] kasan_report+0x141/0x180 [ 21.533063] ? kasan_atomics_helper+0x1f43/0x5450 [ 21.533153] kasan_check_range+0x10c/0x1c0 [ 21.533205] __kasan_check_write+0x18/0x20 [ 21.533250] kasan_atomics_helper+0x1f43/0x5450 [ 21.533307] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.533364] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.533418] ? trace_hardirqs_on+0x37/0xe0 [ 21.533471] ? kasan_atomics+0x152/0x310 [ 21.533527] kasan_atomics+0x1dc/0x310 [ 21.533575] ? __pfx_kasan_atomics+0x10/0x10 [ 21.533627] ? __pfx_kasan_atomics+0x10/0x10 [ 21.533686] kunit_try_run_case+0x1a5/0x480 [ 21.533758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.533805] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.533859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.533935] ? __kthread_parkme+0x82/0x180 [ 21.533984] ? preempt_count_sub+0x50/0x80 [ 21.534043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.534127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.534206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.534260] kthread+0x337/0x6f0 [ 21.534304] ? trace_preempt_on+0x20/0xc0 [ 21.534360] ? __pfx_kthread+0x10/0x10 [ 21.534401] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.534440] ? calculate_sigpending+0x7b/0xa0 [ 21.534475] ? __pfx_kthread+0x10/0x10 [ 21.534498] ret_from_fork+0x41/0x80 [ 21.534526] ? __pfx_kthread+0x10/0x10 [ 21.534548] ret_from_fork_asm+0x1a/0x30 [ 21.534584] </TASK> [ 21.534601] [ 21.547050] Allocated by task 286: [ 21.547423] kasan_save_stack+0x45/0x70 [ 21.548501] kasan_save_track+0x18/0x40 [ 21.549634] kasan_save_alloc_info+0x3b/0x50 [ 21.549895] __kasan_kmalloc+0xb7/0xc0 [ 21.550082] __kmalloc_cache_noprof+0x189/0x420 [ 21.550278] kasan_atomics+0x95/0x310 [ 21.550450] kunit_try_run_case+0x1a5/0x480 [ 21.550632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.552942] kthread+0x337/0x6f0 [ 21.553660] ret_from_fork+0x41/0x80 [ 21.554600] ret_from_fork_asm+0x1a/0x30 [ 21.556288] [ 21.556879] The buggy address belongs to the object at ffff888101e04b00 [ 21.556879] which belongs to the cache kmalloc-64 of size 64 [ 21.559349] The buggy address is located 0 bytes to the right of [ 21.559349] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.560946] [ 21.561194] The buggy address belongs to the physical page: [ 21.561702] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.562109] flags: 0x200000000000000(node=0|zone=2) [ 21.562807] page_type: f5(slab) [ 21.563340] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.563792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.564184] page dumped because: kasan: bad access detected [ 21.564512] [ 21.565169] Memory state around the buggy address: [ 21.565532] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.566094] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.566484] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.566866] ^ [ 21.567158] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.567641] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.568091] ================================================================== [ 19.752543] ================================================================== [ 19.752981] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 19.753503] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.754134] [ 19.754366] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.754520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.754547] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.754591] Call Trace: [ 19.754635] <TASK> [ 19.754678] dump_stack_lvl+0x73/0xb0 [ 19.754763] print_report+0xd1/0x650 [ 19.754820] ? __virt_addr_valid+0x1db/0x2d0 [ 19.754878] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.754930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.754980] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.755032] kasan_report+0x141/0x180 [ 19.755080] ? kasan_atomics_helper+0x4ba2/0x5450 [ 19.755181] __asan_report_store4_noabort+0x1b/0x30 [ 19.755230] kasan_atomics_helper+0x4ba2/0x5450 [ 19.755269] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.755307] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.755343] ? trace_hardirqs_on+0x37/0xe0 [ 19.755378] ? kasan_atomics+0x152/0x310 [ 19.755419] kasan_atomics+0x1dc/0x310 [ 19.755456] ? __pfx_kasan_atomics+0x10/0x10 [ 19.755496] ? __pfx_kasan_atomics+0x10/0x10 [ 19.755542] kunit_try_run_case+0x1a5/0x480 [ 19.755658] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.755704] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.755793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.755868] ? __kthread_parkme+0x82/0x180 [ 19.755920] ? preempt_count_sub+0x50/0x80 [ 19.755987] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.756038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.756089] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.756175] kthread+0x337/0x6f0 [ 19.756242] ? trace_preempt_on+0x20/0xc0 [ 19.756296] ? __pfx_kthread+0x10/0x10 [ 19.756341] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.756390] ? calculate_sigpending+0x7b/0xa0 [ 19.756432] ? __pfx_kthread+0x10/0x10 [ 19.756482] ret_from_fork+0x41/0x80 [ 19.756520] ? __pfx_kthread+0x10/0x10 [ 19.756550] ret_from_fork_asm+0x1a/0x30 [ 19.756599] </TASK> [ 19.756621] [ 19.770908] Allocated by task 286: [ 19.771384] kasan_save_stack+0x45/0x70 [ 19.771828] kasan_save_track+0x18/0x40 [ 19.772195] kasan_save_alloc_info+0x3b/0x50 [ 19.772433] __kasan_kmalloc+0xb7/0xc0 [ 19.772803] __kmalloc_cache_noprof+0x189/0x420 [ 19.773083] kasan_atomics+0x95/0x310 [ 19.773394] kunit_try_run_case+0x1a5/0x480 [ 19.773617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.774129] kthread+0x337/0x6f0 [ 19.774454] ret_from_fork+0x41/0x80 [ 19.774823] ret_from_fork_asm+0x1a/0x30 [ 19.775131] [ 19.775287] The buggy address belongs to the object at ffff888101e04b00 [ 19.775287] which belongs to the cache kmalloc-64 of size 64 [ 19.775733] The buggy address is located 0 bytes to the right of [ 19.775733] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.776714] [ 19.776929] The buggy address belongs to the physical page: [ 19.777305] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.777637] flags: 0x200000000000000(node=0|zone=2) [ 19.778077] page_type: f5(slab) [ 19.778422] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.779039] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.779492] page dumped because: kasan: bad access detected [ 19.779809] [ 19.779938] Memory state around the buggy address: [ 19.780370] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.780956] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.781385] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.781672] ^ [ 19.782085] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.782700] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.783204] ================================================================== [ 20.508998] ================================================================== [ 20.509601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 20.509952] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.510602] [ 20.510833] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.510956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.510990] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.511037] Call Trace: [ 20.511085] <TASK> [ 20.511167] dump_stack_lvl+0x73/0xb0 [ 20.511241] print_report+0xd1/0x650 [ 20.511291] ? __virt_addr_valid+0x1db/0x2d0 [ 20.511345] ? kasan_atomics_helper+0xf10/0x5450 [ 20.511386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.511439] ? kasan_atomics_helper+0xf10/0x5450 [ 20.511486] kasan_report+0x141/0x180 [ 20.511540] ? kasan_atomics_helper+0xf10/0x5450 [ 20.511601] kasan_check_range+0x10c/0x1c0 [ 20.511660] __kasan_check_write+0x18/0x20 [ 20.511706] kasan_atomics_helper+0xf10/0x5450 [ 20.511770] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.511824] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.511874] ? trace_hardirqs_on+0x37/0xe0 [ 20.511928] ? kasan_atomics+0x152/0x310 [ 20.511988] kasan_atomics+0x1dc/0x310 [ 20.512033] ? __pfx_kasan_atomics+0x10/0x10 [ 20.512059] ? __pfx_kasan_atomics+0x10/0x10 [ 20.512087] kunit_try_run_case+0x1a5/0x480 [ 20.512165] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.512195] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.512224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.512251] ? __kthread_parkme+0x82/0x180 [ 20.512278] ? preempt_count_sub+0x50/0x80 [ 20.512308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.512335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.512362] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.512387] kthread+0x337/0x6f0 [ 20.512409] ? trace_preempt_on+0x20/0xc0 [ 20.512436] ? __pfx_kthread+0x10/0x10 [ 20.512457] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.512482] ? calculate_sigpending+0x7b/0xa0 [ 20.512507] ? __pfx_kthread+0x10/0x10 [ 20.512529] ret_from_fork+0x41/0x80 [ 20.512554] ? __pfx_kthread+0x10/0x10 [ 20.512577] ret_from_fork_asm+0x1a/0x30 [ 20.512613] </TASK> [ 20.512629] [ 20.524924] Allocated by task 286: [ 20.525301] kasan_save_stack+0x45/0x70 [ 20.525712] kasan_save_track+0x18/0x40 [ 20.526041] kasan_save_alloc_info+0x3b/0x50 [ 20.526299] __kasan_kmalloc+0xb7/0xc0 [ 20.526509] __kmalloc_cache_noprof+0x189/0x420 [ 20.526802] kasan_atomics+0x95/0x310 [ 20.527209] kunit_try_run_case+0x1a5/0x480 [ 20.527604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.528070] kthread+0x337/0x6f0 [ 20.528409] ret_from_fork+0x41/0x80 [ 20.528783] ret_from_fork_asm+0x1a/0x30 [ 20.529144] [ 20.529325] The buggy address belongs to the object at ffff888101e04b00 [ 20.529325] which belongs to the cache kmalloc-64 of size 64 [ 20.529931] The buggy address is located 0 bytes to the right of [ 20.529931] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.530850] [ 20.531055] The buggy address belongs to the physical page: [ 20.531522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.531994] flags: 0x200000000000000(node=0|zone=2) [ 20.532489] page_type: f5(slab) [ 20.532825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.533337] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.533677] page dumped because: kasan: bad access detected [ 20.534221] [ 20.534432] Memory state around the buggy address: [ 20.534881] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.535495] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.535820] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.536081] ^ [ 20.536600] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.536924] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.537866] ================================================================== [ 20.665999] ================================================================== [ 20.666700] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 20.667349] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.667857] [ 20.668152] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.668285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.668320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.668384] Call Trace: [ 20.668431] <TASK> [ 20.668478] dump_stack_lvl+0x73/0xb0 [ 20.668564] print_report+0xd1/0x650 [ 20.668636] ? __virt_addr_valid+0x1db/0x2d0 [ 20.668695] ? kasan_atomics_helper+0x1148/0x5450 [ 20.668743] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.668807] ? kasan_atomics_helper+0x1148/0x5450 [ 20.668867] kasan_report+0x141/0x180 [ 20.668936] ? kasan_atomics_helper+0x1148/0x5450 [ 20.668994] kasan_check_range+0x10c/0x1c0 [ 20.669030] __kasan_check_write+0x18/0x20 [ 20.669054] kasan_atomics_helper+0x1148/0x5450 [ 20.669080] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.669126] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.669171] ? trace_hardirqs_on+0x37/0xe0 [ 20.669216] ? kasan_atomics+0x152/0x310 [ 20.669261] kasan_atomics+0x1dc/0x310 [ 20.669298] ? __pfx_kasan_atomics+0x10/0x10 [ 20.669342] ? __pfx_kasan_atomics+0x10/0x10 [ 20.669395] kunit_try_run_case+0x1a5/0x480 [ 20.669460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.669523] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.669582] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.669634] ? __kthread_parkme+0x82/0x180 [ 20.669685] ? preempt_count_sub+0x50/0x80 [ 20.669755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.669811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.669868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.669917] kthread+0x337/0x6f0 [ 20.669957] ? trace_preempt_on+0x20/0xc0 [ 20.670012] ? __pfx_kthread+0x10/0x10 [ 20.670058] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.670108] ? calculate_sigpending+0x7b/0xa0 [ 20.670152] ? __pfx_kthread+0x10/0x10 [ 20.670201] ret_from_fork+0x41/0x80 [ 20.670252] ? __pfx_kthread+0x10/0x10 [ 20.670316] ret_from_fork_asm+0x1a/0x30 [ 20.670397] </TASK> [ 20.670431] [ 20.682935] Allocated by task 286: [ 20.683476] kasan_save_stack+0x45/0x70 [ 20.683837] kasan_save_track+0x18/0x40 [ 20.684189] kasan_save_alloc_info+0x3b/0x50 [ 20.684466] __kasan_kmalloc+0xb7/0xc0 [ 20.684679] __kmalloc_cache_noprof+0x189/0x420 [ 20.685162] kasan_atomics+0x95/0x310 [ 20.685659] kunit_try_run_case+0x1a5/0x480 [ 20.686033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.686536] kthread+0x337/0x6f0 [ 20.686741] ret_from_fork+0x41/0x80 [ 20.686965] ret_from_fork_asm+0x1a/0x30 [ 20.687178] [ 20.687312] The buggy address belongs to the object at ffff888101e04b00 [ 20.687312] which belongs to the cache kmalloc-64 of size 64 [ 20.687920] The buggy address is located 0 bytes to the right of [ 20.687920] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.688886] [ 20.689170] The buggy address belongs to the physical page: [ 20.689636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.689993] flags: 0x200000000000000(node=0|zone=2) [ 20.690488] page_type: f5(slab) [ 20.690802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.691347] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.691812] page dumped because: kasan: bad access detected [ 20.692110] [ 20.692297] Memory state around the buggy address: [ 20.692659] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.693155] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.693493] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.693796] ^ [ 20.694151] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.694794] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.695495] ================================================================== [ 20.245975] ================================================================== [ 20.246724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 20.247267] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.247720] [ 20.248000] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.248166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.248203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.248256] Call Trace: [ 20.248304] <TASK> [ 20.248359] dump_stack_lvl+0x73/0xb0 [ 20.248453] print_report+0xd1/0x650 [ 20.248509] ? __virt_addr_valid+0x1db/0x2d0 [ 20.248570] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.248621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.248680] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.248737] kasan_report+0x141/0x180 [ 20.248799] ? kasan_atomics_helper+0xa2b/0x5450 [ 20.248853] kasan_check_range+0x10c/0x1c0 [ 20.248880] __kasan_check_write+0x18/0x20 [ 20.248904] kasan_atomics_helper+0xa2b/0x5450 [ 20.248931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.248958] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.248984] ? trace_hardirqs_on+0x37/0xe0 [ 20.249011] ? kasan_atomics+0x152/0x310 [ 20.249038] kasan_atomics+0x1dc/0x310 [ 20.249061] ? __pfx_kasan_atomics+0x10/0x10 [ 20.249085] ? __pfx_kasan_atomics+0x10/0x10 [ 20.249165] kunit_try_run_case+0x1a5/0x480 [ 20.249202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.249228] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.249257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.249283] ? __kthread_parkme+0x82/0x180 [ 20.249310] ? preempt_count_sub+0x50/0x80 [ 20.249340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.249367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.249393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.249419] kthread+0x337/0x6f0 [ 20.249440] ? trace_preempt_on+0x20/0xc0 [ 20.249466] ? __pfx_kthread+0x10/0x10 [ 20.249489] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.249513] ? calculate_sigpending+0x7b/0xa0 [ 20.249539] ? __pfx_kthread+0x10/0x10 [ 20.249561] ret_from_fork+0x41/0x80 [ 20.249586] ? __pfx_kthread+0x10/0x10 [ 20.249609] ret_from_fork_asm+0x1a/0x30 [ 20.249646] </TASK> [ 20.249663] [ 20.260998] Allocated by task 286: [ 20.261482] kasan_save_stack+0x45/0x70 [ 20.261926] kasan_save_track+0x18/0x40 [ 20.262309] kasan_save_alloc_info+0x3b/0x50 [ 20.262702] __kasan_kmalloc+0xb7/0xc0 [ 20.263049] __kmalloc_cache_noprof+0x189/0x420 [ 20.263492] kasan_atomics+0x95/0x310 [ 20.263878] kunit_try_run_case+0x1a5/0x480 [ 20.264179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.264627] kthread+0x337/0x6f0 [ 20.264965] ret_from_fork+0x41/0x80 [ 20.265278] ret_from_fork_asm+0x1a/0x30 [ 20.265632] [ 20.265830] The buggy address belongs to the object at ffff888101e04b00 [ 20.265830] which belongs to the cache kmalloc-64 of size 64 [ 20.266585] The buggy address is located 0 bytes to the right of [ 20.266585] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.267489] [ 20.267679] The buggy address belongs to the physical page: [ 20.267920] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.268576] flags: 0x200000000000000(node=0|zone=2) [ 20.269043] page_type: f5(slab) [ 20.269305] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.269662] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.270285] page dumped because: kasan: bad access detected [ 20.270584] [ 20.270808] Memory state around the buggy address: [ 20.271192] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.271533] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.271938] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.272535] ^ [ 20.272836] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.273165] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.273716] ================================================================== [ 21.160401] ================================================================== [ 21.160783] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 21.161175] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.161881] [ 21.162104] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.162227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.162256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.162317] Call Trace: [ 21.162363] <TASK> [ 21.162407] dump_stack_lvl+0x73/0xb0 [ 21.162463] print_report+0xd1/0x650 [ 21.162501] ? __virt_addr_valid+0x1db/0x2d0 [ 21.162539] ? kasan_atomics_helper+0x1818/0x5450 [ 21.162575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.162611] ? kasan_atomics_helper+0x1818/0x5450 [ 21.162646] kasan_report+0x141/0x180 [ 21.162683] ? kasan_atomics_helper+0x1818/0x5450 [ 21.162731] kasan_check_range+0x10c/0x1c0 [ 21.162793] __kasan_check_write+0x18/0x20 [ 21.162839] kasan_atomics_helper+0x1818/0x5450 [ 21.162887] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.162948] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.163013] ? trace_hardirqs_on+0x37/0xe0 [ 21.163061] ? kasan_atomics+0x152/0x310 [ 21.163112] kasan_atomics+0x1dc/0x310 [ 21.163181] ? __pfx_kasan_atomics+0x10/0x10 [ 21.163236] ? __pfx_kasan_atomics+0x10/0x10 [ 21.163308] kunit_try_run_case+0x1a5/0x480 [ 21.163372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.163422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.163487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.163539] ? __kthread_parkme+0x82/0x180 [ 21.163610] ? preempt_count_sub+0x50/0x80 [ 21.163675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.163722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.163789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.163842] kthread+0x337/0x6f0 [ 21.163895] ? trace_preempt_on+0x20/0xc0 [ 21.163964] ? __pfx_kthread+0x10/0x10 [ 21.164010] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.164058] ? calculate_sigpending+0x7b/0xa0 [ 21.164110] ? __pfx_kthread+0x10/0x10 [ 21.164177] ret_from_fork+0x41/0x80 [ 21.164247] ? __pfx_kthread+0x10/0x10 [ 21.164296] ret_from_fork_asm+0x1a/0x30 [ 21.164372] </TASK> [ 21.164414] [ 21.175616] Allocated by task 286: [ 21.176083] kasan_save_stack+0x45/0x70 [ 21.176437] kasan_save_track+0x18/0x40 [ 21.176779] kasan_save_alloc_info+0x3b/0x50 [ 21.177167] __kasan_kmalloc+0xb7/0xc0 [ 21.177416] __kmalloc_cache_noprof+0x189/0x420 [ 21.177819] kasan_atomics+0x95/0x310 [ 21.178194] kunit_try_run_case+0x1a5/0x480 [ 21.178416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.178891] kthread+0x337/0x6f0 [ 21.179073] ret_from_fork+0x41/0x80 [ 21.179444] ret_from_fork_asm+0x1a/0x30 [ 21.179853] [ 21.180050] The buggy address belongs to the object at ffff888101e04b00 [ 21.180050] which belongs to the cache kmalloc-64 of size 64 [ 21.180742] The buggy address is located 0 bytes to the right of [ 21.180742] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.181571] [ 21.181722] The buggy address belongs to the physical page: [ 21.182230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.182594] flags: 0x200000000000000(node=0|zone=2) [ 21.182954] page_type: f5(slab) [ 21.183331] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.183940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.184470] page dumped because: kasan: bad access detected [ 21.184980] [ 21.185211] Memory state around the buggy address: [ 21.185486] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.185796] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.186077] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.186356] ^ [ 21.186587] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.187005] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.187562] ================================================================== [ 21.635616] ================================================================== [ 21.636757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 21.637331] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.637686] [ 21.637928] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.638054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.638086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.638167] Call Trace: [ 21.638214] <TASK> [ 21.638257] dump_stack_lvl+0x73/0xb0 [ 21.638336] print_report+0xd1/0x650 [ 21.638388] ? __virt_addr_valid+0x1db/0x2d0 [ 21.638437] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.638483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.638529] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.638581] kasan_report+0x141/0x180 [ 21.638636] ? kasan_atomics_helper+0x4f98/0x5450 [ 21.638698] __asan_report_load8_noabort+0x18/0x20 [ 21.638758] kasan_atomics_helper+0x4f98/0x5450 [ 21.638816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.638869] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.638914] ? trace_hardirqs_on+0x37/0xe0 [ 21.638955] ? kasan_atomics+0x152/0x310 [ 21.638985] kasan_atomics+0x1dc/0x310 [ 21.639009] ? __pfx_kasan_atomics+0x10/0x10 [ 21.639034] ? __pfx_kasan_atomics+0x10/0x10 [ 21.639062] kunit_try_run_case+0x1a5/0x480 [ 21.639093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.639149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.639183] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.639210] ? __kthread_parkme+0x82/0x180 [ 21.639237] ? preempt_count_sub+0x50/0x80 [ 21.639267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.639295] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.639322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.639347] kthread+0x337/0x6f0 [ 21.639368] ? trace_preempt_on+0x20/0xc0 [ 21.639393] ? __pfx_kthread+0x10/0x10 [ 21.639414] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.639439] ? calculate_sigpending+0x7b/0xa0 [ 21.639464] ? __pfx_kthread+0x10/0x10 [ 21.639488] ret_from_fork+0x41/0x80 [ 21.639513] ? __pfx_kthread+0x10/0x10 [ 21.639535] ret_from_fork_asm+0x1a/0x30 [ 21.639572] </TASK> [ 21.639588] [ 21.652892] Allocated by task 286: [ 21.653296] kasan_save_stack+0x45/0x70 [ 21.653640] kasan_save_track+0x18/0x40 [ 21.654380] kasan_save_alloc_info+0x3b/0x50 [ 21.654633] __kasan_kmalloc+0xb7/0xc0 [ 21.655071] __kmalloc_cache_noprof+0x189/0x420 [ 21.655511] kasan_atomics+0x95/0x310 [ 21.655832] kunit_try_run_case+0x1a5/0x480 [ 21.656055] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.656310] kthread+0x337/0x6f0 [ 21.656624] ret_from_fork+0x41/0x80 [ 21.657043] ret_from_fork_asm+0x1a/0x30 [ 21.657563] [ 21.657768] The buggy address belongs to the object at ffff888101e04b00 [ 21.657768] which belongs to the cache kmalloc-64 of size 64 [ 21.658357] The buggy address is located 0 bytes to the right of [ 21.658357] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.659672] [ 21.659846] The buggy address belongs to the physical page: [ 21.660094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.660890] flags: 0x200000000000000(node=0|zone=2) [ 21.661189] page_type: f5(slab) [ 21.661560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.662043] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.662699] page dumped because: kasan: bad access detected [ 21.663081] [ 21.663219] Memory state around the buggy address: [ 21.663742] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.664250] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.664920] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.665728] ^ [ 21.666017] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666334] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.666830] ================================================================== [ 20.409572] ================================================================== [ 20.410055] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 20.411051] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.411825] [ 20.412084] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.412204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.412237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.412284] Call Trace: [ 20.412330] <TASK> [ 20.412378] dump_stack_lvl+0x73/0xb0 [ 20.412459] print_report+0xd1/0x650 [ 20.412504] ? __virt_addr_valid+0x1db/0x2d0 [ 20.412534] ? kasan_atomics_helper+0xd47/0x5450 [ 20.412575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.412602] ? kasan_atomics_helper+0xd47/0x5450 [ 20.412627] kasan_report+0x141/0x180 [ 20.412653] ? kasan_atomics_helper+0xd47/0x5450 [ 20.412683] kasan_check_range+0x10c/0x1c0 [ 20.412708] __kasan_check_write+0x18/0x20 [ 20.412731] kasan_atomics_helper+0xd47/0x5450 [ 20.412782] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.412809] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.412834] ? trace_hardirqs_on+0x37/0xe0 [ 20.412861] ? kasan_atomics+0x152/0x310 [ 20.412887] kasan_atomics+0x1dc/0x310 [ 20.412910] ? __pfx_kasan_atomics+0x10/0x10 [ 20.412933] ? __pfx_kasan_atomics+0x10/0x10 [ 20.412961] kunit_try_run_case+0x1a5/0x480 [ 20.412990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.413015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.413043] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.413069] ? __kthread_parkme+0x82/0x180 [ 20.413095] ? preempt_count_sub+0x50/0x80 [ 20.413158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.413189] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.413217] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.413242] kthread+0x337/0x6f0 [ 20.413264] ? trace_preempt_on+0x20/0xc0 [ 20.413290] ? __pfx_kthread+0x10/0x10 [ 20.413311] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.413335] ? calculate_sigpending+0x7b/0xa0 [ 20.413361] ? __pfx_kthread+0x10/0x10 [ 20.413383] ret_from_fork+0x41/0x80 [ 20.413410] ? __pfx_kthread+0x10/0x10 [ 20.413432] ret_from_fork_asm+0x1a/0x30 [ 20.413467] </TASK> [ 20.413483] [ 20.425936] Allocated by task 286: [ 20.426387] kasan_save_stack+0x45/0x70 [ 20.426638] kasan_save_track+0x18/0x40 [ 20.426879] kasan_save_alloc_info+0x3b/0x50 [ 20.428231] __kasan_kmalloc+0xb7/0xc0 [ 20.428649] __kmalloc_cache_noprof+0x189/0x420 [ 20.428913] kasan_atomics+0x95/0x310 [ 20.429155] kunit_try_run_case+0x1a5/0x480 [ 20.429328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.429502] kthread+0x337/0x6f0 [ 20.429601] ret_from_fork+0x41/0x80 [ 20.429705] ret_from_fork_asm+0x1a/0x30 [ 20.430547] [ 20.430797] The buggy address belongs to the object at ffff888101e04b00 [ 20.430797] which belongs to the cache kmalloc-64 of size 64 [ 20.432031] The buggy address is located 0 bytes to the right of [ 20.432031] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.432523] [ 20.432668] The buggy address belongs to the physical page: [ 20.432965] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.433553] flags: 0x200000000000000(node=0|zone=2) [ 20.433949] page_type: f5(slab) [ 20.434335] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.434793] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.435436] page dumped because: kasan: bad access detected [ 20.435872] [ 20.436077] Memory state around the buggy address: [ 20.436519] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.437020] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.437656] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.438131] ^ [ 20.438489] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.438838] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.439452] ================================================================== [ 21.569468] ================================================================== [ 21.569966] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 21.570316] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.570953] [ 21.572123] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.572258] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.572291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.572336] Call Trace: [ 21.572380] <TASK> [ 21.572425] dump_stack_lvl+0x73/0xb0 [ 21.572511] print_report+0xd1/0x650 [ 21.572569] ? __virt_addr_valid+0x1db/0x2d0 [ 21.572623] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.572667] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.572714] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.572778] kasan_report+0x141/0x180 [ 21.572837] ? kasan_atomics_helper+0x4f71/0x5450 [ 21.572892] __asan_report_load8_noabort+0x18/0x20 [ 21.572919] kasan_atomics_helper+0x4f71/0x5450 [ 21.572945] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.572971] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.572997] ? trace_hardirqs_on+0x37/0xe0 [ 21.573023] ? kasan_atomics+0x152/0x310 [ 21.573050] kasan_atomics+0x1dc/0x310 [ 21.573073] ? __pfx_kasan_atomics+0x10/0x10 [ 21.573097] ? __pfx_kasan_atomics+0x10/0x10 [ 21.573167] kunit_try_run_case+0x1a5/0x480 [ 21.573202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.573226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.573255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.573281] ? __kthread_parkme+0x82/0x180 [ 21.573307] ? preempt_count_sub+0x50/0x80 [ 21.573336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.573363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.573389] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.573415] kthread+0x337/0x6f0 [ 21.573436] ? trace_preempt_on+0x20/0xc0 [ 21.573461] ? __pfx_kthread+0x10/0x10 [ 21.573482] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.573506] ? calculate_sigpending+0x7b/0xa0 [ 21.573532] ? __pfx_kthread+0x10/0x10 [ 21.573554] ret_from_fork+0x41/0x80 [ 21.573581] ? __pfx_kthread+0x10/0x10 [ 21.573602] ret_from_fork_asm+0x1a/0x30 [ 21.573639] </TASK> [ 21.573656] [ 21.587325] Allocated by task 286: [ 21.587759] kasan_save_stack+0x45/0x70 [ 21.588169] kasan_save_track+0x18/0x40 [ 21.588521] kasan_save_alloc_info+0x3b/0x50 [ 21.588908] __kasan_kmalloc+0xb7/0xc0 [ 21.589376] __kmalloc_cache_noprof+0x189/0x420 [ 21.589611] kasan_atomics+0x95/0x310 [ 21.590317] kunit_try_run_case+0x1a5/0x480 [ 21.591801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.592253] kthread+0x337/0x6f0 [ 21.592517] ret_from_fork+0x41/0x80 [ 21.592788] ret_from_fork_asm+0x1a/0x30 [ 21.593048] [ 21.593672] The buggy address belongs to the object at ffff888101e04b00 [ 21.593672] which belongs to the cache kmalloc-64 of size 64 [ 21.594486] The buggy address is located 0 bytes to the right of [ 21.594486] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.595178] [ 21.595391] The buggy address belongs to the physical page: [ 21.595785] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.596171] flags: 0x200000000000000(node=0|zone=2) [ 21.596674] page_type: f5(slab) [ 21.596927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.597289] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.597890] page dumped because: kasan: bad access detected [ 21.598338] [ 21.598482] Memory state around the buggy address: [ 21.598718] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.599290] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.599915] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.600253] ^ [ 21.600944] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.601818] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.602113] ================================================================== [ 21.284425] ================================================================== [ 21.285368] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 21.285708] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.286400] [ 21.286667] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.286797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.286825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.286865] Call Trace: [ 21.286904] <TASK> [ 21.286942] dump_stack_lvl+0x73/0xb0 [ 21.287005] print_report+0xd1/0x650 [ 21.287046] ? __virt_addr_valid+0x1db/0x2d0 [ 21.287088] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.287160] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.287204] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.287249] kasan_report+0x141/0x180 [ 21.287297] ? kasan_atomics_helper+0x1a7f/0x5450 [ 21.287352] kasan_check_range+0x10c/0x1c0 [ 21.287395] __kasan_check_write+0x18/0x20 [ 21.287435] kasan_atomics_helper+0x1a7f/0x5450 [ 21.287483] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.287529] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.287571] ? trace_hardirqs_on+0x37/0xe0 [ 21.287612] ? kasan_atomics+0x152/0x310 [ 21.287671] kasan_atomics+0x1dc/0x310 [ 21.287707] ? __pfx_kasan_atomics+0x10/0x10 [ 21.287762] ? __pfx_kasan_atomics+0x10/0x10 [ 21.287811] kunit_try_run_case+0x1a5/0x480 [ 21.287861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.287908] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.287960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.288017] ? __kthread_parkme+0x82/0x180 [ 21.288070] ? preempt_count_sub+0x50/0x80 [ 21.288164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.288224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.288282] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.288338] kthread+0x337/0x6f0 [ 21.288383] ? trace_preempt_on+0x20/0xc0 [ 21.288440] ? __pfx_kthread+0x10/0x10 [ 21.288481] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.288521] ? calculate_sigpending+0x7b/0xa0 [ 21.288563] ? __pfx_kthread+0x10/0x10 [ 21.288595] ret_from_fork+0x41/0x80 [ 21.288638] ? __pfx_kthread+0x10/0x10 [ 21.288671] ret_from_fork_asm+0x1a/0x30 [ 21.288732] </TASK> [ 21.288782] [ 21.304145] Allocated by task 286: [ 21.304524] kasan_save_stack+0x45/0x70 [ 21.304984] kasan_save_track+0x18/0x40 [ 21.305295] kasan_save_alloc_info+0x3b/0x50 [ 21.305561] __kasan_kmalloc+0xb7/0xc0 [ 21.305895] __kmalloc_cache_noprof+0x189/0x420 [ 21.306345] kasan_atomics+0x95/0x310 [ 21.306689] kunit_try_run_case+0x1a5/0x480 [ 21.307088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.307508] kthread+0x337/0x6f0 [ 21.307795] ret_from_fork+0x41/0x80 [ 21.308000] ret_from_fork_asm+0x1a/0x30 [ 21.308377] [ 21.308570] The buggy address belongs to the object at ffff888101e04b00 [ 21.308570] which belongs to the cache kmalloc-64 of size 64 [ 21.309138] The buggy address is located 0 bytes to the right of [ 21.309138] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.309612] [ 21.309758] The buggy address belongs to the physical page: [ 21.310171] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.310730] flags: 0x200000000000000(node=0|zone=2) [ 21.311151] page_type: f5(slab) [ 21.311459] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.312065] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.312644] page dumped because: kasan: bad access detected [ 21.313067] [ 21.313286] Memory state around the buggy address: [ 21.313662] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.313971] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.314299] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.314586] ^ [ 21.314879] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.315421] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.315935] ================================================================== [ 21.253562] ================================================================== [ 21.254307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 21.254872] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.255225] [ 21.255402] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.255525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.255557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.255612] Call Trace: [ 21.255669] <TASK> [ 21.255755] dump_stack_lvl+0x73/0xb0 [ 21.255827] print_report+0xd1/0x650 [ 21.255881] ? __virt_addr_valid+0x1db/0x2d0 [ 21.255937] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.255990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.256046] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.256146] kasan_report+0x141/0x180 [ 21.256197] ? kasan_atomics_helper+0x19e3/0x5450 [ 21.256258] kasan_check_range+0x10c/0x1c0 [ 21.256309] __kasan_check_write+0x18/0x20 [ 21.256354] kasan_atomics_helper+0x19e3/0x5450 [ 21.256410] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.256456] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.256529] ? trace_hardirqs_on+0x37/0xe0 [ 21.256578] ? kasan_atomics+0x152/0x310 [ 21.256634] kasan_atomics+0x1dc/0x310 [ 21.256685] ? __pfx_kasan_atomics+0x10/0x10 [ 21.256734] ? __pfx_kasan_atomics+0x10/0x10 [ 21.256805] kunit_try_run_case+0x1a5/0x480 [ 21.256867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.256921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.256980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.257038] ? __kthread_parkme+0x82/0x180 [ 21.257090] ? preempt_count_sub+0x50/0x80 [ 21.257151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.257185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.257212] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.257238] kthread+0x337/0x6f0 [ 21.257259] ? trace_preempt_on+0x20/0xc0 [ 21.257284] ? __pfx_kthread+0x10/0x10 [ 21.257305] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.257330] ? calculate_sigpending+0x7b/0xa0 [ 21.257355] ? __pfx_kthread+0x10/0x10 [ 21.257377] ret_from_fork+0x41/0x80 [ 21.257404] ? __pfx_kthread+0x10/0x10 [ 21.257426] ret_from_fork_asm+0x1a/0x30 [ 21.257464] </TASK> [ 21.257482] [ 21.269594] Allocated by task 286: [ 21.270025] kasan_save_stack+0x45/0x70 [ 21.270482] kasan_save_track+0x18/0x40 [ 21.270835] kasan_save_alloc_info+0x3b/0x50 [ 21.271210] __kasan_kmalloc+0xb7/0xc0 [ 21.272099] __kmalloc_cache_noprof+0x189/0x420 [ 21.272464] kasan_atomics+0x95/0x310 [ 21.272677] kunit_try_run_case+0x1a5/0x480 [ 21.272997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.273569] kthread+0x337/0x6f0 [ 21.273881] ret_from_fork+0x41/0x80 [ 21.274262] ret_from_fork_asm+0x1a/0x30 [ 21.274528] [ 21.274771] The buggy address belongs to the object at ffff888101e04b00 [ 21.274771] which belongs to the cache kmalloc-64 of size 64 [ 21.275561] The buggy address is located 0 bytes to the right of [ 21.275561] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.276279] [ 21.276493] The buggy address belongs to the physical page: [ 21.276803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.277142] flags: 0x200000000000000(node=0|zone=2) [ 21.277642] page_type: f5(slab) [ 21.278092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.278801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.279392] page dumped because: kasan: bad access detected [ 21.279759] [ 21.279875] Memory state around the buggy address: [ 21.280065] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.280654] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.281254] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.281886] ^ [ 21.282333] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.282785] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.283068] ================================================================== [ 21.603976] ================================================================== [ 21.604435] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 21.604817] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.605397] [ 21.605625] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.605759] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.605790] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.605834] Call Trace: [ 21.605880] <TASK> [ 21.605925] dump_stack_lvl+0x73/0xb0 [ 21.606004] print_report+0xd1/0x650 [ 21.606062] ? __virt_addr_valid+0x1db/0x2d0 [ 21.606114] ? kasan_atomics_helper+0x2006/0x5450 [ 21.606165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.606210] ? kasan_atomics_helper+0x2006/0x5450 [ 21.606254] kasan_report+0x141/0x180 [ 21.606305] ? kasan_atomics_helper+0x2006/0x5450 [ 21.606362] kasan_check_range+0x10c/0x1c0 [ 21.606413] __kasan_check_write+0x18/0x20 [ 21.606457] kasan_atomics_helper+0x2006/0x5450 [ 21.606504] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.606547] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.606592] ? trace_hardirqs_on+0x37/0xe0 [ 21.606640] ? kasan_atomics+0x152/0x310 [ 21.606697] kasan_atomics+0x1dc/0x310 [ 21.606791] ? __pfx_kasan_atomics+0x10/0x10 [ 21.606837] ? __pfx_kasan_atomics+0x10/0x10 [ 21.606866] kunit_try_run_case+0x1a5/0x480 [ 21.606897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.606923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.606952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.606979] ? __kthread_parkme+0x82/0x180 [ 21.607005] ? preempt_count_sub+0x50/0x80 [ 21.607034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.607060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.607085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.607139] kthread+0x337/0x6f0 [ 21.607169] ? trace_preempt_on+0x20/0xc0 [ 21.607194] ? __pfx_kthread+0x10/0x10 [ 21.607217] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.607242] ? calculate_sigpending+0x7b/0xa0 [ 21.607268] ? __pfx_kthread+0x10/0x10 [ 21.607289] ret_from_fork+0x41/0x80 [ 21.607317] ? __pfx_kthread+0x10/0x10 [ 21.607338] ret_from_fork_asm+0x1a/0x30 [ 21.607376] </TASK> [ 21.607393] [ 21.619760] Allocated by task 286: [ 21.620302] kasan_save_stack+0x45/0x70 [ 21.620858] kasan_save_track+0x18/0x40 [ 21.621322] kasan_save_alloc_info+0x3b/0x50 [ 21.621710] __kasan_kmalloc+0xb7/0xc0 [ 21.621940] __kmalloc_cache_noprof+0x189/0x420 [ 21.622324] kasan_atomics+0x95/0x310 [ 21.622855] kunit_try_run_case+0x1a5/0x480 [ 21.623297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.623826] kthread+0x337/0x6f0 [ 21.624254] ret_from_fork+0x41/0x80 [ 21.624570] ret_from_fork_asm+0x1a/0x30 [ 21.625035] [ 21.625238] The buggy address belongs to the object at ffff888101e04b00 [ 21.625238] which belongs to the cache kmalloc-64 of size 64 [ 21.626243] The buggy address is located 0 bytes to the right of [ 21.626243] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.627182] [ 21.627409] The buggy address belongs to the physical page: [ 21.627817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.628565] flags: 0x200000000000000(node=0|zone=2) [ 21.628922] page_type: f5(slab) [ 21.629337] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.630016] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.630684] page dumped because: kasan: bad access detected [ 21.631004] [ 21.631152] Memory state around the buggy address: [ 21.631765] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.632569] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.633091] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.633431] ^ [ 21.633651] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.634112] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.634490] ================================================================== [ 21.759496] ================================================================== [ 21.760073] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 21.760728] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.761037] [ 21.761295] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.761423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.761453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.761504] Call Trace: [ 21.761559] <TASK> [ 21.761605] dump_stack_lvl+0x73/0xb0 [ 21.761693] print_report+0xd1/0x650 [ 21.761758] ? __virt_addr_valid+0x1db/0x2d0 [ 21.761823] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.761890] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.761944] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.761995] kasan_report+0x141/0x180 [ 21.762046] ? kasan_atomics_helper+0x4fa5/0x5450 [ 21.762153] __asan_report_load8_noabort+0x18/0x20 [ 21.762207] kasan_atomics_helper+0x4fa5/0x5450 [ 21.762262] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.762323] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.762392] ? trace_hardirqs_on+0x37/0xe0 [ 21.762447] ? kasan_atomics+0x152/0x310 [ 21.762509] kasan_atomics+0x1dc/0x310 [ 21.762555] ? __pfx_kasan_atomics+0x10/0x10 [ 21.762602] ? __pfx_kasan_atomics+0x10/0x10 [ 21.762661] kunit_try_run_case+0x1a5/0x480 [ 21.762721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.762778] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.762834] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.762886] ? __kthread_parkme+0x82/0x180 [ 21.762947] ? preempt_count_sub+0x50/0x80 [ 21.763026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.763086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.763178] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.763237] kthread+0x337/0x6f0 [ 21.763285] ? trace_preempt_on+0x20/0xc0 [ 21.763342] ? __pfx_kthread+0x10/0x10 [ 21.763390] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.763436] ? calculate_sigpending+0x7b/0xa0 [ 21.763479] ? __pfx_kthread+0x10/0x10 [ 21.763520] ret_from_fork+0x41/0x80 [ 21.763564] ? __pfx_kthread+0x10/0x10 [ 21.763607] ret_from_fork_asm+0x1a/0x30 [ 21.763694] </TASK> [ 21.763724] [ 21.775968] Allocated by task 286: [ 21.776330] kasan_save_stack+0x45/0x70 [ 21.776614] kasan_save_track+0x18/0x40 [ 21.777044] kasan_save_alloc_info+0x3b/0x50 [ 21.777489] __kasan_kmalloc+0xb7/0xc0 [ 21.777936] __kmalloc_cache_noprof+0x189/0x420 [ 21.778461] kasan_atomics+0x95/0x310 [ 21.778829] kunit_try_run_case+0x1a5/0x480 [ 21.779126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.779422] kthread+0x337/0x6f0 [ 21.779711] ret_from_fork+0x41/0x80 [ 21.779956] ret_from_fork_asm+0x1a/0x30 [ 21.780224] [ 21.780411] The buggy address belongs to the object at ffff888101e04b00 [ 21.780411] which belongs to the cache kmalloc-64 of size 64 [ 21.781068] The buggy address is located 0 bytes to the right of [ 21.781068] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.781792] [ 21.781982] The buggy address belongs to the physical page: [ 21.782364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.782806] flags: 0x200000000000000(node=0|zone=2) [ 21.783161] page_type: f5(slab) [ 21.783461] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.783884] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.784338] page dumped because: kasan: bad access detected [ 21.784653] [ 21.784853] Memory state around the buggy address: [ 21.785165] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.785564] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.785945] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.786402] ^ [ 21.786645] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.787135] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.787575] ================================================================== [ 20.007997] ================================================================== [ 20.008535] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 20.008954] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.010178] [ 20.010452] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.010626] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.010675] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.010726] Call Trace: [ 20.010782] <TASK> [ 20.010836] dump_stack_lvl+0x73/0xb0 [ 20.010919] print_report+0xd1/0x650 [ 20.010966] ? __virt_addr_valid+0x1db/0x2d0 [ 20.011000] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.011026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.011051] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.011077] kasan_report+0x141/0x180 [ 20.011119] ? kasan_atomics_helper+0x5fe/0x5450 [ 20.011187] kasan_check_range+0x10c/0x1c0 [ 20.011213] __kasan_check_write+0x18/0x20 [ 20.011236] kasan_atomics_helper+0x5fe/0x5450 [ 20.011264] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.011289] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.011314] ? trace_hardirqs_on+0x37/0xe0 [ 20.011339] ? kasan_atomics+0x152/0x310 [ 20.011367] kasan_atomics+0x1dc/0x310 [ 20.011390] ? __pfx_kasan_atomics+0x10/0x10 [ 20.011414] ? __pfx_kasan_atomics+0x10/0x10 [ 20.011441] kunit_try_run_case+0x1a5/0x480 [ 20.011471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.011496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.011524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.011550] ? __kthread_parkme+0x82/0x180 [ 20.011575] ? preempt_count_sub+0x50/0x80 [ 20.011604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.011649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.011731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.011829] kthread+0x337/0x6f0 [ 20.011862] ? trace_preempt_on+0x20/0xc0 [ 20.011891] ? __pfx_kthread+0x10/0x10 [ 20.011915] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.011939] ? calculate_sigpending+0x7b/0xa0 [ 20.011965] ? __pfx_kthread+0x10/0x10 [ 20.011986] ret_from_fork+0x41/0x80 [ 20.012015] ? __pfx_kthread+0x10/0x10 [ 20.012037] ret_from_fork_asm+0x1a/0x30 [ 20.012073] </TASK> [ 20.012089] [ 20.027976] Allocated by task 286: [ 20.028605] kasan_save_stack+0x45/0x70 [ 20.028958] kasan_save_track+0x18/0x40 [ 20.029182] kasan_save_alloc_info+0x3b/0x50 [ 20.029577] __kasan_kmalloc+0xb7/0xc0 [ 20.029913] __kmalloc_cache_noprof+0x189/0x420 [ 20.030356] kasan_atomics+0x95/0x310 [ 20.030897] kunit_try_run_case+0x1a5/0x480 [ 20.031506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.031862] kthread+0x337/0x6f0 [ 20.032116] ret_from_fork+0x41/0x80 [ 20.032722] ret_from_fork_asm+0x1a/0x30 [ 20.032954] [ 20.033147] The buggy address belongs to the object at ffff888101e04b00 [ 20.033147] which belongs to the cache kmalloc-64 of size 64 [ 20.033886] The buggy address is located 0 bytes to the right of [ 20.033886] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.034690] [ 20.035215] The buggy address belongs to the physical page: [ 20.035692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.036307] flags: 0x200000000000000(node=0|zone=2) [ 20.036586] page_type: f5(slab) [ 20.036803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.037472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.037908] page dumped because: kasan: bad access detected [ 20.038221] [ 20.038447] Memory state around the buggy address: [ 20.038921] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.039312] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.039714] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.040111] ^ [ 20.040409] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.041594] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.042183] ================================================================== [ 21.667837] ================================================================== [ 21.668416] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 21.668999] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.669305] [ 21.669569] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.669663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.669687] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.669726] Call Trace: [ 21.669780] <TASK> [ 21.669821] dump_stack_lvl+0x73/0xb0 [ 21.669889] print_report+0xd1/0x650 [ 21.669941] ? __virt_addr_valid+0x1db/0x2d0 [ 21.669990] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.670032] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.670083] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.670162] kasan_report+0x141/0x180 [ 21.670216] ? kasan_atomics_helper+0x20c8/0x5450 [ 21.670271] kasan_check_range+0x10c/0x1c0 [ 21.670317] __kasan_check_write+0x18/0x20 [ 21.670363] kasan_atomics_helper+0x20c8/0x5450 [ 21.670422] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.670476] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.670523] ? trace_hardirqs_on+0x37/0xe0 [ 21.670571] ? kasan_atomics+0x152/0x310 [ 21.670629] kasan_atomics+0x1dc/0x310 [ 21.670678] ? __pfx_kasan_atomics+0x10/0x10 [ 21.670728] ? __pfx_kasan_atomics+0x10/0x10 [ 21.670795] kunit_try_run_case+0x1a5/0x480 [ 21.670847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.670893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.670946] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.670994] ? __kthread_parkme+0x82/0x180 [ 21.671044] ? preempt_count_sub+0x50/0x80 [ 21.671097] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.671143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.671195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.671252] kthread+0x337/0x6f0 [ 21.671298] ? trace_preempt_on+0x20/0xc0 [ 21.671355] ? __pfx_kthread+0x10/0x10 [ 21.671400] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.671448] ? calculate_sigpending+0x7b/0xa0 [ 21.671495] ? __pfx_kthread+0x10/0x10 [ 21.671534] ret_from_fork+0x41/0x80 [ 21.671578] ? __pfx_kthread+0x10/0x10 [ 21.671616] ret_from_fork_asm+0x1a/0x30 [ 21.671707] </TASK> [ 21.671737] [ 21.682004] Allocated by task 286: [ 21.682291] kasan_save_stack+0x45/0x70 [ 21.682562] kasan_save_track+0x18/0x40 [ 21.682916] kasan_save_alloc_info+0x3b/0x50 [ 21.683308] __kasan_kmalloc+0xb7/0xc0 [ 21.683657] __kmalloc_cache_noprof+0x189/0x420 [ 21.684088] kasan_atomics+0x95/0x310 [ 21.684439] kunit_try_run_case+0x1a5/0x480 [ 21.684837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.685411] kthread+0x337/0x6f0 [ 21.685729] ret_from_fork+0x41/0x80 [ 21.686097] ret_from_fork_asm+0x1a/0x30 [ 21.686340] [ 21.686524] The buggy address belongs to the object at ffff888101e04b00 [ 21.686524] which belongs to the cache kmalloc-64 of size 64 [ 21.687085] The buggy address is located 0 bytes to the right of [ 21.687085] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.687737] [ 21.687951] The buggy address belongs to the physical page: [ 21.688488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.688883] flags: 0x200000000000000(node=0|zone=2) [ 21.689370] page_type: f5(slab) [ 21.689679] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.690025] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.690626] page dumped because: kasan: bad access detected [ 21.691022] [ 21.691189] Memory state around the buggy address: [ 21.691575] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.691988] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.692499] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.692806] ^ [ 21.693242] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.693651] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.693997] ================================================================== [ 20.110141] ================================================================== [ 20.110672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 20.111183] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.111698] [ 20.111893] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.112012] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.112045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.112090] Call Trace: [ 20.112173] <TASK> [ 20.112221] dump_stack_lvl+0x73/0xb0 [ 20.112301] print_report+0xd1/0x650 [ 20.112361] ? __virt_addr_valid+0x1db/0x2d0 [ 20.112408] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.112455] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.112504] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.112548] kasan_report+0x141/0x180 [ 20.112600] ? kasan_atomics_helper+0x7c7/0x5450 [ 20.112663] kasan_check_range+0x10c/0x1c0 [ 20.112708] __kasan_check_write+0x18/0x20 [ 20.112763] kasan_atomics_helper+0x7c7/0x5450 [ 20.112819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.112871] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.112917] ? trace_hardirqs_on+0x37/0xe0 [ 20.112970] ? kasan_atomics+0x152/0x310 [ 20.113026] kasan_atomics+0x1dc/0x310 [ 20.113077] ? __pfx_kasan_atomics+0x10/0x10 [ 20.113153] ? __pfx_kasan_atomics+0x10/0x10 [ 20.113207] kunit_try_run_case+0x1a5/0x480 [ 20.113267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.113316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.113374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.113430] ? __kthread_parkme+0x82/0x180 [ 20.113481] ? preempt_count_sub+0x50/0x80 [ 20.113539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.113577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.113604] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.113631] kthread+0x337/0x6f0 [ 20.113651] ? trace_preempt_on+0x20/0xc0 [ 20.113677] ? __pfx_kthread+0x10/0x10 [ 20.113698] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.113722] ? calculate_sigpending+0x7b/0xa0 [ 20.113770] ? __pfx_kthread+0x10/0x10 [ 20.113800] ret_from_fork+0x41/0x80 [ 20.113828] ? __pfx_kthread+0x10/0x10 [ 20.113850] ret_from_fork_asm+0x1a/0x30 [ 20.113887] </TASK> [ 20.113904] [ 20.126395] Allocated by task 286: [ 20.127774] kasan_save_stack+0x45/0x70 [ 20.128253] kasan_save_track+0x18/0x40 [ 20.128570] kasan_save_alloc_info+0x3b/0x50 [ 20.129206] __kasan_kmalloc+0xb7/0xc0 [ 20.129523] __kmalloc_cache_noprof+0x189/0x420 [ 20.130232] kasan_atomics+0x95/0x310 [ 20.130466] kunit_try_run_case+0x1a5/0x480 [ 20.130649] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.131159] kthread+0x337/0x6f0 [ 20.131495] ret_from_fork+0x41/0x80 [ 20.131770] ret_from_fork_asm+0x1a/0x30 [ 20.132055] [ 20.132665] The buggy address belongs to the object at ffff888101e04b00 [ 20.132665] which belongs to the cache kmalloc-64 of size 64 [ 20.133453] The buggy address is located 0 bytes to the right of [ 20.133453] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.134414] [ 20.134554] The buggy address belongs to the physical page: [ 20.135234] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.135787] flags: 0x200000000000000(node=0|zone=2) [ 20.136314] page_type: f5(slab) [ 20.136648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.136999] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.137518] page dumped because: kasan: bad access detected [ 20.137741] [ 20.137967] Memory state around the buggy address: [ 20.138922] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.139284] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.140023] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.140630] ^ [ 20.141024] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.141486] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.141948] ================================================================== [ 21.346620] ================================================================== [ 21.347029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 21.347447] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.348024] [ 21.348258] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.348366] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.348392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.348434] Call Trace: [ 21.348479] <TASK> [ 21.348524] dump_stack_lvl+0x73/0xb0 [ 21.348589] print_report+0xd1/0x650 [ 21.348634] ? __virt_addr_valid+0x1db/0x2d0 [ 21.348686] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.348737] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.348803] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.348859] kasan_report+0x141/0x180 [ 21.348914] ? kasan_atomics_helper+0x1c18/0x5450 [ 21.348980] kasan_check_range+0x10c/0x1c0 [ 21.349035] __kasan_check_write+0x18/0x20 [ 21.349085] kasan_atomics_helper+0x1c18/0x5450 [ 21.349176] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.349234] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.349280] ? trace_hardirqs_on+0x37/0xe0 [ 21.349323] ? kasan_atomics+0x152/0x310 [ 21.349370] kasan_atomics+0x1dc/0x310 [ 21.349412] ? __pfx_kasan_atomics+0x10/0x10 [ 21.349456] ? __pfx_kasan_atomics+0x10/0x10 [ 21.349511] kunit_try_run_case+0x1a5/0x480 [ 21.349572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.349626] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.349683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.349740] ? __kthread_parkme+0x82/0x180 [ 21.349808] ? preempt_count_sub+0x50/0x80 [ 21.349871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.349928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.349985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.350041] kthread+0x337/0x6f0 [ 21.350085] ? trace_preempt_on+0x20/0xc0 [ 21.350175] ? __pfx_kthread+0x10/0x10 [ 21.350224] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.350268] ? calculate_sigpending+0x7b/0xa0 [ 21.350314] ? __pfx_kthread+0x10/0x10 [ 21.350351] ret_from_fork+0x41/0x80 [ 21.350393] ? __pfx_kthread+0x10/0x10 [ 21.350437] ret_from_fork_asm+0x1a/0x30 [ 21.350502] </TASK> [ 21.350530] [ 21.362937] Allocated by task 286: [ 21.363349] kasan_save_stack+0x45/0x70 [ 21.363763] kasan_save_track+0x18/0x40 [ 21.364134] kasan_save_alloc_info+0x3b/0x50 [ 21.364375] __kasan_kmalloc+0xb7/0xc0 [ 21.364695] __kmalloc_cache_noprof+0x189/0x420 [ 21.365067] kasan_atomics+0x95/0x310 [ 21.365402] kunit_try_run_case+0x1a5/0x480 [ 21.365773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.366016] kthread+0x337/0x6f0 [ 21.366364] ret_from_fork+0x41/0x80 [ 21.366700] ret_from_fork_asm+0x1a/0x30 [ 21.366949] [ 21.367083] The buggy address belongs to the object at ffff888101e04b00 [ 21.367083] which belongs to the cache kmalloc-64 of size 64 [ 21.367567] The buggy address is located 0 bytes to the right of [ 21.367567] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.368369] [ 21.368581] The buggy address belongs to the physical page: [ 21.369043] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.369663] flags: 0x200000000000000(node=0|zone=2) [ 21.370097] page_type: f5(slab) [ 21.370409] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.370927] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.371321] page dumped because: kasan: bad access detected [ 21.371565] [ 21.371704] Memory state around the buggy address: [ 21.372147] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.372663] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.373237] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.373512] ^ [ 21.373757] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.374271] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.374822] ================================================================== [ 21.375979] ================================================================== [ 21.376743] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 21.377297] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.377786] [ 21.377987] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.378086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.378142] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.378180] Call Trace: [ 21.378219] <TASK> [ 21.378255] dump_stack_lvl+0x73/0xb0 [ 21.378317] print_report+0xd1/0x650 [ 21.378370] ? __virt_addr_valid+0x1db/0x2d0 [ 21.378419] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.378461] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.378505] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.378553] kasan_report+0x141/0x180 [ 21.378606] ? kasan_atomics_helper+0x4f30/0x5450 [ 21.378665] __asan_report_load8_noabort+0x18/0x20 [ 21.378712] kasan_atomics_helper+0x4f30/0x5450 [ 21.378782] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.378839] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.378892] ? trace_hardirqs_on+0x37/0xe0 [ 21.378943] ? kasan_atomics+0x152/0x310 [ 21.378992] kasan_atomics+0x1dc/0x310 [ 21.379029] ? __pfx_kasan_atomics+0x10/0x10 [ 21.379070] ? __pfx_kasan_atomics+0x10/0x10 [ 21.379134] kunit_try_run_case+0x1a5/0x480 [ 21.379195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.379248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.379305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.379361] ? __kthread_parkme+0x82/0x180 [ 21.379416] ? preempt_count_sub+0x50/0x80 [ 21.379477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.379535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.379591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.379655] kthread+0x337/0x6f0 [ 21.379703] ? trace_preempt_on+0x20/0xc0 [ 21.379767] ? __pfx_kthread+0x10/0x10 [ 21.379817] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.379861] ? calculate_sigpending+0x7b/0xa0 [ 21.379903] ? __pfx_kthread+0x10/0x10 [ 21.379944] ret_from_fork+0x41/0x80 [ 21.379992] ? __pfx_kthread+0x10/0x10 [ 21.380035] ret_from_fork_asm+0x1a/0x30 [ 21.380113] </TASK> [ 21.380148] [ 21.391952] Allocated by task 286: [ 21.392374] kasan_save_stack+0x45/0x70 [ 21.392807] kasan_save_track+0x18/0x40 [ 21.393875] kasan_save_alloc_info+0x3b/0x50 [ 21.394303] __kasan_kmalloc+0xb7/0xc0 [ 21.394656] __kmalloc_cache_noprof+0x189/0x420 [ 21.394894] kasan_atomics+0x95/0x310 [ 21.395220] kunit_try_run_case+0x1a5/0x480 [ 21.395561] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.395852] kthread+0x337/0x6f0 [ 21.396053] ret_from_fork+0x41/0x80 [ 21.396397] ret_from_fork_asm+0x1a/0x30 [ 21.396727] [ 21.396918] The buggy address belongs to the object at ffff888101e04b00 [ 21.396918] which belongs to the cache kmalloc-64 of size 64 [ 21.397822] The buggy address is located 0 bytes to the right of [ 21.397822] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.398392] [ 21.398586] The buggy address belongs to the physical page: [ 21.399042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.399584] flags: 0x200000000000000(node=0|zone=2) [ 21.399991] page_type: f5(slab) [ 21.400234] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.400555] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.401089] page dumped because: kasan: bad access detected [ 21.401547] [ 21.401716] Memory state around the buggy address: [ 21.402157] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.402560] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.402863] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.403432] ^ [ 21.403857] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.404284] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.404574] ================================================================== [ 20.570856] ================================================================== [ 20.571360] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 20.572381] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.572987] [ 20.573209] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.573307] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.573331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.573369] Call Trace: [ 20.573408] <TASK> [ 20.573447] dump_stack_lvl+0x73/0xb0 [ 20.573518] print_report+0xd1/0x650 [ 20.573562] ? __virt_addr_valid+0x1db/0x2d0 [ 20.573606] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.573843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.574007] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.574066] kasan_report+0x141/0x180 [ 20.574143] ? kasan_atomics_helper+0x4a36/0x5450 [ 20.574209] __asan_report_load4_noabort+0x18/0x20 [ 20.574258] kasan_atomics_helper+0x4a36/0x5450 [ 20.574497] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.574531] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.574559] ? trace_hardirqs_on+0x37/0xe0 [ 20.574586] ? kasan_atomics+0x152/0x310 [ 20.574615] kasan_atomics+0x1dc/0x310 [ 20.574640] ? __pfx_kasan_atomics+0x10/0x10 [ 20.574663] ? __pfx_kasan_atomics+0x10/0x10 [ 20.574691] kunit_try_run_case+0x1a5/0x480 [ 20.574721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.574769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.574805] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.574832] ? __kthread_parkme+0x82/0x180 [ 20.574859] ? preempt_count_sub+0x50/0x80 [ 20.574890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.574917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.574944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.574970] kthread+0x337/0x6f0 [ 20.574991] ? trace_preempt_on+0x20/0xc0 [ 20.575017] ? __pfx_kthread+0x10/0x10 [ 20.575039] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.575064] ? calculate_sigpending+0x7b/0xa0 [ 20.575090] ? __pfx_kthread+0x10/0x10 [ 20.575153] ret_from_fork+0x41/0x80 [ 20.575185] ? __pfx_kthread+0x10/0x10 [ 20.575208] ret_from_fork_asm+0x1a/0x30 [ 20.575244] </TASK> [ 20.575262] [ 20.589727] Allocated by task 286: [ 20.590154] kasan_save_stack+0x45/0x70 [ 20.590424] kasan_save_track+0x18/0x40 [ 20.590783] kasan_save_alloc_info+0x3b/0x50 [ 20.591547] __kasan_kmalloc+0xb7/0xc0 [ 20.591899] __kmalloc_cache_noprof+0x189/0x420 [ 20.592401] kasan_atomics+0x95/0x310 [ 20.592605] kunit_try_run_case+0x1a5/0x480 [ 20.592809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.593022] kthread+0x337/0x6f0 [ 20.593191] ret_from_fork+0x41/0x80 [ 20.593358] ret_from_fork_asm+0x1a/0x30 [ 20.593535] [ 20.593643] The buggy address belongs to the object at ffff888101e04b00 [ 20.593643] which belongs to the cache kmalloc-64 of size 64 [ 20.594438] The buggy address is located 0 bytes to the right of [ 20.594438] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.595021] [ 20.595280] The buggy address belongs to the physical page: [ 20.595824] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.596577] flags: 0x200000000000000(node=0|zone=2) [ 20.597142] page_type: f5(slab) [ 20.597546] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.598231] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.598508] page dumped because: kasan: bad access detected [ 20.599129] [ 20.599326] Memory state around the buggy address: [ 20.599871] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.600571] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.601020] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.601476] ^ [ 20.601902] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.602357] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.602897] ================================================================== [ 21.433685] ================================================================== [ 21.434163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 21.434539] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.434957] [ 21.435229] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.435352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.435386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.435432] Call Trace: [ 21.435473] <TASK> [ 21.435518] dump_stack_lvl+0x73/0xb0 [ 21.435595] print_report+0xd1/0x650 [ 21.435663] ? __virt_addr_valid+0x1db/0x2d0 [ 21.435724] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.435791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.435845] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.435902] kasan_report+0x141/0x180 [ 21.435959] ? kasan_atomics_helper+0x1d7a/0x5450 [ 21.436026] kasan_check_range+0x10c/0x1c0 [ 21.436079] __kasan_check_write+0x18/0x20 [ 21.436164] kasan_atomics_helper+0x1d7a/0x5450 [ 21.436224] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.436281] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.436336] ? trace_hardirqs_on+0x37/0xe0 [ 21.436374] ? kasan_atomics+0x152/0x310 [ 21.436415] kasan_atomics+0x1dc/0x310 [ 21.436447] ? __pfx_kasan_atomics+0x10/0x10 [ 21.436480] ? __pfx_kasan_atomics+0x10/0x10 [ 21.436519] kunit_try_run_case+0x1a5/0x480 [ 21.436562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436597] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.436634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.436669] ? __kthread_parkme+0x82/0x180 [ 21.436704] ? preempt_count_sub+0x50/0x80 [ 21.436755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.436834] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.436870] kthread+0x337/0x6f0 [ 21.436899] ? trace_preempt_on+0x20/0xc0 [ 21.436936] ? __pfx_kthread+0x10/0x10 [ 21.436965] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.436999] ? calculate_sigpending+0x7b/0xa0 [ 21.437033] ? __pfx_kthread+0x10/0x10 [ 21.437063] ret_from_fork+0x41/0x80 [ 21.437126] ? __pfx_kthread+0x10/0x10 [ 21.437167] ret_from_fork_asm+0x1a/0x30 [ 21.437250] </TASK> [ 21.437278] [ 21.449060] Allocated by task 286: [ 21.449522] kasan_save_stack+0x45/0x70 [ 21.449940] kasan_save_track+0x18/0x40 [ 21.450374] kasan_save_alloc_info+0x3b/0x50 [ 21.450780] __kasan_kmalloc+0xb7/0xc0 [ 21.451189] __kmalloc_cache_noprof+0x189/0x420 [ 21.451633] kasan_atomics+0x95/0x310 [ 21.451981] kunit_try_run_case+0x1a5/0x480 [ 21.452424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.452774] kthread+0x337/0x6f0 [ 21.452952] ret_from_fork+0x41/0x80 [ 21.453204] ret_from_fork_asm+0x1a/0x30 [ 21.453579] [ 21.453798] The buggy address belongs to the object at ffff888101e04b00 [ 21.453798] which belongs to the cache kmalloc-64 of size 64 [ 21.454816] The buggy address is located 0 bytes to the right of [ 21.454816] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.455955] [ 21.456214] The buggy address belongs to the physical page: [ 21.456677] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.457372] flags: 0x200000000000000(node=0|zone=2) [ 21.457837] page_type: f5(slab) [ 21.458072] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.458508] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.458924] page dumped because: kasan: bad access detected [ 21.459279] [ 21.459467] Memory state around the buggy address: [ 21.459761] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.460276] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.460723] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.461214] ^ [ 21.461590] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.461980] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.462525] ================================================================== [ 21.499586] ================================================================== [ 21.500038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 21.500386] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.501037] [ 21.501508] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.501638] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.501673] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.501725] Call Trace: [ 21.501783] <TASK> [ 21.501835] dump_stack_lvl+0x73/0xb0 [ 21.501909] print_report+0xd1/0x650 [ 21.501959] ? __virt_addr_valid+0x1db/0x2d0 [ 21.502015] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.502067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.502146] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.502191] kasan_report+0x141/0x180 [ 21.502237] ? kasan_atomics_helper+0x1eaa/0x5450 [ 21.502301] kasan_check_range+0x10c/0x1c0 [ 21.502354] __kasan_check_write+0x18/0x20 [ 21.502406] kasan_atomics_helper+0x1eaa/0x5450 [ 21.502463] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.502517] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.502568] ? trace_hardirqs_on+0x37/0xe0 [ 21.502614] ? kasan_atomics+0x152/0x310 [ 21.502692] kasan_atomics+0x1dc/0x310 [ 21.502738] ? __pfx_kasan_atomics+0x10/0x10 [ 21.502799] ? __pfx_kasan_atomics+0x10/0x10 [ 21.502856] kunit_try_run_case+0x1a5/0x480 [ 21.502915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.502990] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.503049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.503098] ? __kthread_parkme+0x82/0x180 [ 21.503188] ? preempt_count_sub+0x50/0x80 [ 21.503230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.503259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.503287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.503313] kthread+0x337/0x6f0 [ 21.503334] ? trace_preempt_on+0x20/0xc0 [ 21.503360] ? __pfx_kthread+0x10/0x10 [ 21.503382] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.503406] ? calculate_sigpending+0x7b/0xa0 [ 21.503431] ? __pfx_kthread+0x10/0x10 [ 21.503453] ret_from_fork+0x41/0x80 [ 21.503479] ? __pfx_kthread+0x10/0x10 [ 21.503501] ret_from_fork_asm+0x1a/0x30 [ 21.503536] </TASK> [ 21.503552] [ 21.516013] Allocated by task 286: [ 21.516391] kasan_save_stack+0x45/0x70 [ 21.516704] kasan_save_track+0x18/0x40 [ 21.517079] kasan_save_alloc_info+0x3b/0x50 [ 21.517500] __kasan_kmalloc+0xb7/0xc0 [ 21.517867] __kmalloc_cache_noprof+0x189/0x420 [ 21.518305] kasan_atomics+0x95/0x310 [ 21.518662] kunit_try_run_case+0x1a5/0x480 [ 21.518999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.519357] kthread+0x337/0x6f0 [ 21.519636] ret_from_fork+0x41/0x80 [ 21.520006] ret_from_fork_asm+0x1a/0x30 [ 21.520413] [ 21.520561] The buggy address belongs to the object at ffff888101e04b00 [ 21.520561] which belongs to the cache kmalloc-64 of size 64 [ 21.521481] The buggy address is located 0 bytes to the right of [ 21.521481] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.522082] [ 21.522311] The buggy address belongs to the physical page: [ 21.522795] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.523443] flags: 0x200000000000000(node=0|zone=2) [ 21.523770] page_type: f5(slab) [ 21.524140] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.524739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.525326] page dumped because: kasan: bad access detected [ 21.525722] [ 21.525923] Memory state around the buggy address: [ 21.526350] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.526885] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.527335] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.527857] ^ [ 21.528247] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.528812] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.529287] ================================================================== [ 20.305723] ================================================================== [ 20.306415] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 20.308789] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.309654] [ 20.310044] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.310318] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.310338] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.310367] Call Trace: [ 20.310394] <TASK> [ 20.310421] dump_stack_lvl+0x73/0xb0 [ 20.310475] print_report+0xd1/0x650 [ 20.310504] ? __virt_addr_valid+0x1db/0x2d0 [ 20.310531] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.310557] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.310582] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.310607] kasan_report+0x141/0x180 [ 20.310632] ? kasan_atomics_helper+0xb6a/0x5450 [ 20.310662] kasan_check_range+0x10c/0x1c0 [ 20.310685] __kasan_check_write+0x18/0x20 [ 20.310708] kasan_atomics_helper+0xb6a/0x5450 [ 20.310733] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.310782] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.310810] ? trace_hardirqs_on+0x37/0xe0 [ 20.310836] ? kasan_atomics+0x152/0x310 [ 20.310863] kasan_atomics+0x1dc/0x310 [ 20.310887] ? __pfx_kasan_atomics+0x10/0x10 [ 20.310911] ? __pfx_kasan_atomics+0x10/0x10 [ 20.310939] kunit_try_run_case+0x1a5/0x480 [ 20.310969] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.310993] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.311021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.311048] ? __kthread_parkme+0x82/0x180 [ 20.311074] ? preempt_count_sub+0x50/0x80 [ 20.311107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.311157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.311184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.311210] kthread+0x337/0x6f0 [ 20.311231] ? trace_preempt_on+0x20/0xc0 [ 20.311256] ? __pfx_kthread+0x10/0x10 [ 20.311277] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.311302] ? calculate_sigpending+0x7b/0xa0 [ 20.311328] ? __pfx_kthread+0x10/0x10 [ 20.311351] ret_from_fork+0x41/0x80 [ 20.311378] ? __pfx_kthread+0x10/0x10 [ 20.311400] ret_from_fork_asm+0x1a/0x30 [ 20.311437] </TASK> [ 20.311453] [ 20.325921] Allocated by task 286: [ 20.326920] kasan_save_stack+0x45/0x70 [ 20.327287] kasan_save_track+0x18/0x40 [ 20.327565] kasan_save_alloc_info+0x3b/0x50 [ 20.327895] __kasan_kmalloc+0xb7/0xc0 [ 20.328583] __kmalloc_cache_noprof+0x189/0x420 [ 20.328878] kasan_atomics+0x95/0x310 [ 20.329061] kunit_try_run_case+0x1a5/0x480 [ 20.329684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.329951] kthread+0x337/0x6f0 [ 20.330521] ret_from_fork+0x41/0x80 [ 20.331263] ret_from_fork_asm+0x1a/0x30 [ 20.331597] [ 20.331726] The buggy address belongs to the object at ffff888101e04b00 [ 20.331726] which belongs to the cache kmalloc-64 of size 64 [ 20.332839] The buggy address is located 0 bytes to the right of [ 20.332839] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.333621] [ 20.333983] The buggy address belongs to the physical page: [ 20.334421] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.335673] flags: 0x200000000000000(node=0|zone=2) [ 20.336019] page_type: f5(slab) [ 20.336207] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.336928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.337440] page dumped because: kasan: bad access detected [ 20.337646] [ 20.337739] Memory state around the buggy address: [ 20.337966] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.339049] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.339642] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.340021] ^ [ 20.340704] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.340987] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.341572] ================================================================== [ 20.697071] ================================================================== [ 20.698974] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 20.699848] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.701329] [ 20.701516] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.701593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.701619] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.701661] Call Trace: [ 20.701705] <TASK> [ 20.701761] dump_stack_lvl+0x73/0xb0 [ 20.701841] print_report+0xd1/0x650 [ 20.701886] ? __virt_addr_valid+0x1db/0x2d0 [ 20.701934] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.701983] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.702034] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.702082] kasan_report+0x141/0x180 [ 20.702126] ? kasan_atomics_helper+0x4a02/0x5450 [ 20.702170] __asan_report_load4_noabort+0x18/0x20 [ 20.702195] kasan_atomics_helper+0x4a02/0x5450 [ 20.702222] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.702249] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.702275] ? trace_hardirqs_on+0x37/0xe0 [ 20.702301] ? kasan_atomics+0x152/0x310 [ 20.702329] kasan_atomics+0x1dc/0x310 [ 20.702351] ? __pfx_kasan_atomics+0x10/0x10 [ 20.702375] ? __pfx_kasan_atomics+0x10/0x10 [ 20.702403] kunit_try_run_case+0x1a5/0x480 [ 20.702432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.702456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.702485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.702510] ? __kthread_parkme+0x82/0x180 [ 20.702536] ? preempt_count_sub+0x50/0x80 [ 20.702566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.702593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.702618] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.702645] kthread+0x337/0x6f0 [ 20.702665] ? trace_preempt_on+0x20/0xc0 [ 20.702692] ? __pfx_kthread+0x10/0x10 [ 20.702714] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.702739] ? calculate_sigpending+0x7b/0xa0 [ 20.702792] ? __pfx_kthread+0x10/0x10 [ 20.702815] ret_from_fork+0x41/0x80 [ 20.702842] ? __pfx_kthread+0x10/0x10 [ 20.702864] ret_from_fork_asm+0x1a/0x30 [ 20.702901] </TASK> [ 20.702918] [ 20.713315] Allocated by task 286: [ 20.713599] kasan_save_stack+0x45/0x70 [ 20.713999] kasan_save_track+0x18/0x40 [ 20.714302] kasan_save_alloc_info+0x3b/0x50 [ 20.714583] __kasan_kmalloc+0xb7/0xc0 [ 20.714867] __kmalloc_cache_noprof+0x189/0x420 [ 20.715096] kasan_atomics+0x95/0x310 [ 20.715293] kunit_try_run_case+0x1a5/0x480 [ 20.715513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.715934] kthread+0x337/0x6f0 [ 20.716240] ret_from_fork+0x41/0x80 [ 20.716709] ret_from_fork_asm+0x1a/0x30 [ 20.717086] [ 20.717289] The buggy address belongs to the object at ffff888101e04b00 [ 20.717289] which belongs to the cache kmalloc-64 of size 64 [ 20.717934] The buggy address is located 0 bytes to the right of [ 20.717934] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.718386] [ 20.718559] The buggy address belongs to the physical page: [ 20.718991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.719762] flags: 0x200000000000000(node=0|zone=2) [ 20.720014] page_type: f5(slab) [ 20.720229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.720816] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.721309] page dumped because: kasan: bad access detected [ 20.721543] [ 20.721671] Memory state around the buggy address: [ 20.721922] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.722439] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.723209] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.723602] ^ [ 20.723888] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.724165] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.724449] ================================================================== [ 20.539285] ================================================================== [ 20.539825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 20.540273] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.540860] [ 20.541115] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.541233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.541275] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.541322] Call Trace: [ 20.541380] <TASK> [ 20.541427] dump_stack_lvl+0x73/0xb0 [ 20.541508] print_report+0xd1/0x650 [ 20.541565] ? __virt_addr_valid+0x1db/0x2d0 [ 20.541624] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.541694] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.541756] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.541809] kasan_report+0x141/0x180 [ 20.541862] ? kasan_atomics_helper+0xfa9/0x5450 [ 20.541932] kasan_check_range+0x10c/0x1c0 [ 20.542000] __kasan_check_write+0x18/0x20 [ 20.542051] kasan_atomics_helper+0xfa9/0x5450 [ 20.542105] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.542161] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.542215] ? trace_hardirqs_on+0x37/0xe0 [ 20.542269] ? kasan_atomics+0x152/0x310 [ 20.542326] kasan_atomics+0x1dc/0x310 [ 20.542367] ? __pfx_kasan_atomics+0x10/0x10 [ 20.542406] ? __pfx_kasan_atomics+0x10/0x10 [ 20.542462] kunit_try_run_case+0x1a5/0x480 [ 20.542515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.542575] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.542652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.542701] ? __kthread_parkme+0x82/0x180 [ 20.542765] ? preempt_count_sub+0x50/0x80 [ 20.542832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.542905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.542958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.543006] kthread+0x337/0x6f0 [ 20.543035] ? trace_preempt_on+0x20/0xc0 [ 20.543062] ? __pfx_kthread+0x10/0x10 [ 20.543084] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.543116] ? calculate_sigpending+0x7b/0xa0 [ 20.543181] ? __pfx_kthread+0x10/0x10 [ 20.543205] ret_from_fork+0x41/0x80 [ 20.543234] ? __pfx_kthread+0x10/0x10 [ 20.543256] ret_from_fork_asm+0x1a/0x30 [ 20.543292] </TASK> [ 20.543310] [ 20.554043] Allocated by task 286: [ 20.554456] kasan_save_stack+0x45/0x70 [ 20.554912] kasan_save_track+0x18/0x40 [ 20.555299] kasan_save_alloc_info+0x3b/0x50 [ 20.555546] __kasan_kmalloc+0xb7/0xc0 [ 20.555948] __kmalloc_cache_noprof+0x189/0x420 [ 20.556374] kasan_atomics+0x95/0x310 [ 20.556648] kunit_try_run_case+0x1a5/0x480 [ 20.556888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.557141] kthread+0x337/0x6f0 [ 20.557362] ret_from_fork+0x41/0x80 [ 20.557543] ret_from_fork_asm+0x1a/0x30 [ 20.557949] [ 20.558173] The buggy address belongs to the object at ffff888101e04b00 [ 20.558173] which belongs to the cache kmalloc-64 of size 64 [ 20.558699] The buggy address is located 0 bytes to the right of [ 20.558699] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.560040] [ 20.560245] The buggy address belongs to the physical page: [ 20.560778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.561243] flags: 0x200000000000000(node=0|zone=2) [ 20.561589] page_type: f5(slab) [ 20.561812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.562115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.562738] page dumped because: kasan: bad access detected [ 20.563397] [ 20.563592] Memory state around the buggy address: [ 20.564029] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.564385] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.564682] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.565304] ^ [ 20.565713] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.567098] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.568886] ================================================================== [ 20.862879] ================================================================== [ 20.863372] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 20.864073] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.865068] [ 20.865336] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.865456] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.865489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.865535] Call Trace: [ 20.865577] <TASK> [ 20.865621] dump_stack_lvl+0x73/0xb0 [ 20.865701] print_report+0xd1/0x650 [ 20.865769] ? __virt_addr_valid+0x1db/0x2d0 [ 20.865824] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.865871] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.865917] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.865967] kasan_report+0x141/0x180 [ 20.866020] ? kasan_atomics_helper+0x13b5/0x5450 [ 20.866084] kasan_check_range+0x10c/0x1c0 [ 20.866167] __kasan_check_read+0x15/0x20 [ 20.866209] kasan_atomics_helper+0x13b5/0x5450 [ 20.866264] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.866320] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.866367] ? trace_hardirqs_on+0x37/0xe0 [ 20.866412] ? kasan_atomics+0x152/0x310 [ 20.866466] kasan_atomics+0x1dc/0x310 [ 20.866510] ? __pfx_kasan_atomics+0x10/0x10 [ 20.866549] ? __pfx_kasan_atomics+0x10/0x10 [ 20.866599] kunit_try_run_case+0x1a5/0x480 [ 20.866654] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.866703] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.866765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.866813] ? __kthread_parkme+0x82/0x180 [ 20.866864] ? preempt_count_sub+0x50/0x80 [ 20.866922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.866980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.867033] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.867069] kthread+0x337/0x6f0 [ 20.867090] ? trace_preempt_on+0x20/0xc0 [ 20.867174] ? __pfx_kthread+0x10/0x10 [ 20.867202] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.867228] ? calculate_sigpending+0x7b/0xa0 [ 20.867254] ? __pfx_kthread+0x10/0x10 [ 20.867277] ret_from_fork+0x41/0x80 [ 20.867304] ? __pfx_kthread+0x10/0x10 [ 20.867326] ret_from_fork_asm+0x1a/0x30 [ 20.867364] </TASK> [ 20.867381] [ 20.881304] Allocated by task 286: [ 20.881713] kasan_save_stack+0x45/0x70 [ 20.882085] kasan_save_track+0x18/0x40 [ 20.882330] kasan_save_alloc_info+0x3b/0x50 [ 20.882730] __kasan_kmalloc+0xb7/0xc0 [ 20.883094] __kmalloc_cache_noprof+0x189/0x420 [ 20.883403] kasan_atomics+0x95/0x310 [ 20.883630] kunit_try_run_case+0x1a5/0x480 [ 20.884034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.884549] kthread+0x337/0x6f0 [ 20.884834] ret_from_fork+0x41/0x80 [ 20.885125] ret_from_fork_asm+0x1a/0x30 [ 20.885568] [ 20.885714] The buggy address belongs to the object at ffff888101e04b00 [ 20.885714] which belongs to the cache kmalloc-64 of size 64 [ 20.886520] The buggy address is located 0 bytes to the right of [ 20.886520] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.887511] [ 20.887725] The buggy address belongs to the physical page: [ 20.888007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.888668] flags: 0x200000000000000(node=0|zone=2) [ 20.888951] page_type: f5(slab) [ 20.889322] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.889696] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.890065] page dumped because: kasan: bad access detected [ 20.890575] [ 20.890798] Memory state around the buggy address: [ 20.891259] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.891728] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.892308] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.892789] ^ [ 20.893036] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.893696] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.894328] ================================================================== [ 21.100646] ================================================================== [ 21.101470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 21.102222] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.102847] [ 21.103033] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.103185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.103221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.103271] Call Trace: [ 21.103322] <TASK> [ 21.103366] dump_stack_lvl+0x73/0xb0 [ 21.103442] print_report+0xd1/0x650 [ 21.103500] ? __virt_addr_valid+0x1db/0x2d0 [ 21.103552] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.103609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.103684] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.103740] kasan_report+0x141/0x180 [ 21.103808] ? kasan_atomics_helper+0x16e7/0x5450 [ 21.103877] kasan_check_range+0x10c/0x1c0 [ 21.103932] __kasan_check_write+0x18/0x20 [ 21.103982] kasan_atomics_helper+0x16e7/0x5450 [ 21.104035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.104080] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.104162] ? trace_hardirqs_on+0x37/0xe0 [ 21.104218] ? kasan_atomics+0x152/0x310 [ 21.104284] kasan_atomics+0x1dc/0x310 [ 21.104349] ? __pfx_kasan_atomics+0x10/0x10 [ 21.104404] ? __pfx_kasan_atomics+0x10/0x10 [ 21.104476] kunit_try_run_case+0x1a5/0x480 [ 21.104539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.104592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.104641] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.104693] ? __kthread_parkme+0x82/0x180 [ 21.104760] ? preempt_count_sub+0x50/0x80 [ 21.104835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.104890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.104943] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.105003] kthread+0x337/0x6f0 [ 21.105049] ? trace_preempt_on+0x20/0xc0 [ 21.105144] ? __pfx_kthread+0x10/0x10 [ 21.105188] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.105238] ? calculate_sigpending+0x7b/0xa0 [ 21.105289] ? __pfx_kthread+0x10/0x10 [ 21.105337] ret_from_fork+0x41/0x80 [ 21.105389] ? __pfx_kthread+0x10/0x10 [ 21.105429] ret_from_fork_asm+0x1a/0x30 [ 21.105529] </TASK> [ 21.105567] [ 21.116128] Allocated by task 286: [ 21.116555] kasan_save_stack+0x45/0x70 [ 21.117020] kasan_save_track+0x18/0x40 [ 21.117410] kasan_save_alloc_info+0x3b/0x50 [ 21.117850] __kasan_kmalloc+0xb7/0xc0 [ 21.118259] __kmalloc_cache_noprof+0x189/0x420 [ 21.118587] kasan_atomics+0x95/0x310 [ 21.118916] kunit_try_run_case+0x1a5/0x480 [ 21.119173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.119632] kthread+0x337/0x6f0 [ 21.119957] ret_from_fork+0x41/0x80 [ 21.120336] ret_from_fork_asm+0x1a/0x30 [ 21.120611] [ 21.120817] The buggy address belongs to the object at ffff888101e04b00 [ 21.120817] which belongs to the cache kmalloc-64 of size 64 [ 21.121605] The buggy address is located 0 bytes to the right of [ 21.121605] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.122333] [ 21.122561] The buggy address belongs to the physical page: [ 21.122910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.123370] flags: 0x200000000000000(node=0|zone=2) [ 21.123619] page_type: f5(slab) [ 21.123860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.124529] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.125149] page dumped because: kasan: bad access detected [ 21.125558] [ 21.125716] Memory state around the buggy address: [ 21.126184] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.126637] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.127026] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.127346] ^ [ 21.127577] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128015] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.128607] ================================================================== [ 21.464142] ================================================================== [ 21.464799] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 21.465415] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.466587] [ 21.466778] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.466866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.466894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.466942] Call Trace: [ 21.467013] <TASK> [ 21.467070] dump_stack_lvl+0x73/0xb0 [ 21.467173] print_report+0xd1/0x650 [ 21.467220] ? __virt_addr_valid+0x1db/0x2d0 [ 21.467269] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.467310] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.467338] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.467364] kasan_report+0x141/0x180 [ 21.467392] ? kasan_atomics_helper+0x1e12/0x5450 [ 21.467422] kasan_check_range+0x10c/0x1c0 [ 21.467446] __kasan_check_write+0x18/0x20 [ 21.467469] kasan_atomics_helper+0x1e12/0x5450 [ 21.467495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.467522] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.467547] ? trace_hardirqs_on+0x37/0xe0 [ 21.467573] ? kasan_atomics+0x152/0x310 [ 21.467600] kasan_atomics+0x1dc/0x310 [ 21.467634] ? __pfx_kasan_atomics+0x10/0x10 [ 21.467667] ? __pfx_kasan_atomics+0x10/0x10 [ 21.467694] kunit_try_run_case+0x1a5/0x480 [ 21.467725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.467773] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.467806] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.467833] ? __kthread_parkme+0x82/0x180 [ 21.467859] ? preempt_count_sub+0x50/0x80 [ 21.467889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.467916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.467942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.467968] kthread+0x337/0x6f0 [ 21.467988] ? trace_preempt_on+0x20/0xc0 [ 21.468014] ? __pfx_kthread+0x10/0x10 [ 21.468035] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.468059] ? calculate_sigpending+0x7b/0xa0 [ 21.468084] ? __pfx_kthread+0x10/0x10 [ 21.468114] ret_from_fork+0x41/0x80 [ 21.468150] ? __pfx_kthread+0x10/0x10 [ 21.468173] ret_from_fork_asm+0x1a/0x30 [ 21.468210] </TASK> [ 21.468227] [ 21.482824] Allocated by task 286: [ 21.483500] kasan_save_stack+0x45/0x70 [ 21.484000] kasan_save_track+0x18/0x40 [ 21.484344] kasan_save_alloc_info+0x3b/0x50 [ 21.484676] __kasan_kmalloc+0xb7/0xc0 [ 21.485032] __kmalloc_cache_noprof+0x189/0x420 [ 21.485464] kasan_atomics+0x95/0x310 [ 21.485790] kunit_try_run_case+0x1a5/0x480 [ 21.486198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.486477] kthread+0x337/0x6f0 [ 21.486896] ret_from_fork+0x41/0x80 [ 21.487504] ret_from_fork_asm+0x1a/0x30 [ 21.487825] [ 21.488559] The buggy address belongs to the object at ffff888101e04b00 [ 21.488559] which belongs to the cache kmalloc-64 of size 64 [ 21.489078] The buggy address is located 0 bytes to the right of [ 21.489078] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.490300] [ 21.490438] The buggy address belongs to the physical page: [ 21.490636] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.491002] flags: 0x200000000000000(node=0|zone=2) [ 21.491996] page_type: f5(slab) [ 21.492203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.492786] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.493630] page dumped because: kasan: bad access detected [ 21.493909] [ 21.494025] Memory state around the buggy address: [ 21.494846] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.495394] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.495885] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.496462] ^ [ 21.497014] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.497525] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.498061] ================================================================== [ 21.730672] ================================================================== [ 21.731239] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 21.731805] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.732131] [ 21.732391] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.732534] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.732569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.732620] Call Trace: [ 21.732665] <TASK> [ 21.732707] dump_stack_lvl+0x73/0xb0 [ 21.732792] print_report+0xd1/0x650 [ 21.732853] ? __virt_addr_valid+0x1db/0x2d0 [ 21.732923] ? kasan_atomics_helper+0x218a/0x5450 [ 21.732978] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.733030] ? kasan_atomics_helper+0x218a/0x5450 [ 21.733082] kasan_report+0x141/0x180 [ 21.733180] ? kasan_atomics_helper+0x218a/0x5450 [ 21.733258] kasan_check_range+0x10c/0x1c0 [ 21.733310] __kasan_check_write+0x18/0x20 [ 21.733366] kasan_atomics_helper+0x218a/0x5450 [ 21.733436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.733492] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.733535] ? trace_hardirqs_on+0x37/0xe0 [ 21.733566] ? kasan_atomics+0x152/0x310 [ 21.733594] kasan_atomics+0x1dc/0x310 [ 21.733617] ? __pfx_kasan_atomics+0x10/0x10 [ 21.733641] ? __pfx_kasan_atomics+0x10/0x10 [ 21.733682] kunit_try_run_case+0x1a5/0x480 [ 21.733728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.733786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.733840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.733902] ? __kthread_parkme+0x82/0x180 [ 21.733973] ? preempt_count_sub+0x50/0x80 [ 21.734029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.734084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.734168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.734228] kthread+0x337/0x6f0 [ 21.734284] ? trace_preempt_on+0x20/0xc0 [ 21.734339] ? __pfx_kthread+0x10/0x10 [ 21.734369] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.734395] ? calculate_sigpending+0x7b/0xa0 [ 21.734420] ? __pfx_kthread+0x10/0x10 [ 21.734443] ret_from_fork+0x41/0x80 [ 21.734471] ? __pfx_kthread+0x10/0x10 [ 21.734492] ret_from_fork_asm+0x1a/0x30 [ 21.734530] </TASK> [ 21.734547] [ 21.745569] Allocated by task 286: [ 21.745972] kasan_save_stack+0x45/0x70 [ 21.746421] kasan_save_track+0x18/0x40 [ 21.746765] kasan_save_alloc_info+0x3b/0x50 [ 21.747148] __kasan_kmalloc+0xb7/0xc0 [ 21.747526] __kmalloc_cache_noprof+0x189/0x420 [ 21.747900] kasan_atomics+0x95/0x310 [ 21.748294] kunit_try_run_case+0x1a5/0x480 [ 21.748583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.748977] kthread+0x337/0x6f0 [ 21.749305] ret_from_fork+0x41/0x80 [ 21.749665] ret_from_fork_asm+0x1a/0x30 [ 21.749910] [ 21.750160] The buggy address belongs to the object at ffff888101e04b00 [ 21.750160] which belongs to the cache kmalloc-64 of size 64 [ 21.750735] The buggy address is located 0 bytes to the right of [ 21.750735] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.751234] [ 21.751371] The buggy address belongs to the physical page: [ 21.751606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.752224] flags: 0x200000000000000(node=0|zone=2) [ 21.752678] page_type: f5(slab) [ 21.753021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.753659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.754272] page dumped because: kasan: bad access detected [ 21.754712] [ 21.754918] Memory state around the buggy address: [ 21.755181] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.755468] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.756056] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.756665] ^ [ 21.757141] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.757592] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.758034] ================================================================== [ 21.318068] ================================================================== [ 21.318754] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 21.319354] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.319838] [ 21.320067] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.320201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.320231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.320272] Call Trace: [ 21.320312] <TASK> [ 21.320352] dump_stack_lvl+0x73/0xb0 [ 21.320428] print_report+0xd1/0x650 [ 21.320477] ? __virt_addr_valid+0x1db/0x2d0 [ 21.320527] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.320608] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.320649] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.320687] kasan_report+0x141/0x180 [ 21.320728] ? kasan_atomics_helper+0x1b22/0x5450 [ 21.320788] kasan_check_range+0x10c/0x1c0 [ 21.320821] __kasan_check_write+0x18/0x20 [ 21.320855] kasan_atomics_helper+0x1b22/0x5450 [ 21.320893] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.320927] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.320961] ? trace_hardirqs_on+0x37/0xe0 [ 21.320996] ? kasan_atomics+0x152/0x310 [ 21.321035] kasan_atomics+0x1dc/0x310 [ 21.321067] ? __pfx_kasan_atomics+0x10/0x10 [ 21.321100] ? __pfx_kasan_atomics+0x10/0x10 [ 21.321172] kunit_try_run_case+0x1a5/0x480 [ 21.321243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.321291] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.321347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.321400] ? __kthread_parkme+0x82/0x180 [ 21.321444] ? preempt_count_sub+0x50/0x80 [ 21.321493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.321542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.321590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.321635] kthread+0x337/0x6f0 [ 21.321669] ? trace_preempt_on+0x20/0xc0 [ 21.321710] ? __pfx_kthread+0x10/0x10 [ 21.321763] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.321809] ? calculate_sigpending+0x7b/0xa0 [ 21.321860] ? __pfx_kthread+0x10/0x10 [ 21.321904] ret_from_fork+0x41/0x80 [ 21.321956] ? __pfx_kthread+0x10/0x10 [ 21.322000] ret_from_fork_asm+0x1a/0x30 [ 21.322066] </TASK> [ 21.322096] [ 21.333280] Allocated by task 286: [ 21.333563] kasan_save_stack+0x45/0x70 [ 21.333908] kasan_save_track+0x18/0x40 [ 21.334292] kasan_save_alloc_info+0x3b/0x50 [ 21.334680] __kasan_kmalloc+0xb7/0xc0 [ 21.335047] __kmalloc_cache_noprof+0x189/0x420 [ 21.335460] kasan_atomics+0x95/0x310 [ 21.335792] kunit_try_run_case+0x1a5/0x480 [ 21.336126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.336535] kthread+0x337/0x6f0 [ 21.336795] ret_from_fork+0x41/0x80 [ 21.337171] ret_from_fork_asm+0x1a/0x30 [ 21.337437] [ 21.337619] The buggy address belongs to the object at ffff888101e04b00 [ 21.337619] which belongs to the cache kmalloc-64 of size 64 [ 21.338342] The buggy address is located 0 bytes to the right of [ 21.338342] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.338846] [ 21.339040] The buggy address belongs to the physical page: [ 21.339513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.340164] flags: 0x200000000000000(node=0|zone=2) [ 21.340492] page_type: f5(slab) [ 21.340812] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.341290] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.341690] page dumped because: kasan: bad access detected [ 21.342072] [ 21.342252] Memory state around the buggy address: [ 21.342555] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.342973] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.343436] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.343737] ^ [ 21.344173] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.344754] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.345162] ================================================================== [ 19.717724] ================================================================== [ 19.718729] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 19.719112] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.719553] [ 19.719821] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.719934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.719965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.720013] Call Trace: [ 19.720045] <TASK> [ 19.720090] dump_stack_lvl+0x73/0xb0 [ 19.720160] print_report+0xd1/0x650 [ 19.720207] ? __virt_addr_valid+0x1db/0x2d0 [ 19.720261] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.720304] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.720345] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.720387] kasan_report+0x141/0x180 [ 19.720427] ? kasan_atomics_helper+0x4bbc/0x5450 [ 19.720480] __asan_report_load4_noabort+0x18/0x20 [ 19.720526] kasan_atomics_helper+0x4bbc/0x5450 [ 19.720573] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.720619] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.720663] ? trace_hardirqs_on+0x37/0xe0 [ 19.720715] ? kasan_atomics+0x152/0x310 [ 19.720784] kasan_atomics+0x1dc/0x310 [ 19.720832] ? __pfx_kasan_atomics+0x10/0x10 [ 19.720880] ? __pfx_kasan_atomics+0x10/0x10 [ 19.720928] kunit_try_run_case+0x1a5/0x480 [ 19.720983] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.721028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.721075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.721118] ? __kthread_parkme+0x82/0x180 [ 19.721174] ? preempt_count_sub+0x50/0x80 [ 19.721222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.721271] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.721323] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.721361] kthread+0x337/0x6f0 [ 19.721383] ? trace_preempt_on+0x20/0xc0 [ 19.721408] ? __pfx_kthread+0x10/0x10 [ 19.721429] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.721452] ? calculate_sigpending+0x7b/0xa0 [ 19.721478] ? __pfx_kthread+0x10/0x10 [ 19.721499] ret_from_fork+0x41/0x80 [ 19.721525] ? __pfx_kthread+0x10/0x10 [ 19.721545] ret_from_fork_asm+0x1a/0x30 [ 19.721581] </TASK> [ 19.721598] [ 19.736519] Allocated by task 286: [ 19.736940] kasan_save_stack+0x45/0x70 [ 19.737351] kasan_save_track+0x18/0x40 [ 19.737819] kasan_save_alloc_info+0x3b/0x50 [ 19.738265] __kasan_kmalloc+0xb7/0xc0 [ 19.738857] __kmalloc_cache_noprof+0x189/0x420 [ 19.739440] kasan_atomics+0x95/0x310 [ 19.740030] kunit_try_run_case+0x1a5/0x480 [ 19.740600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.741097] kthread+0x337/0x6f0 [ 19.741622] ret_from_fork+0x41/0x80 [ 19.741922] ret_from_fork_asm+0x1a/0x30 [ 19.742430] [ 19.742802] The buggy address belongs to the object at ffff888101e04b00 [ 19.742802] which belongs to the cache kmalloc-64 of size 64 [ 19.743691] The buggy address is located 0 bytes to the right of [ 19.743691] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.744349] [ 19.744501] The buggy address belongs to the physical page: [ 19.744718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.745432] flags: 0x200000000000000(node=0|zone=2) [ 19.745705] page_type: f5(slab) [ 19.746079] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.746739] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.747254] page dumped because: kasan: bad access detected [ 19.747611] [ 19.747828] Memory state around the buggy address: [ 19.748231] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.748728] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.749285] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.749801] ^ [ 19.750183] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.750689] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.751066] ================================================================== [ 19.975509] ================================================================== [ 19.975972] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 19.976613] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.977099] [ 19.977280] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.977440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.977492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.977571] Call Trace: [ 19.977634] <TASK> [ 19.977684] dump_stack_lvl+0x73/0xb0 [ 19.977777] print_report+0xd1/0x650 [ 19.977834] ? __virt_addr_valid+0x1db/0x2d0 [ 19.977890] ? kasan_atomics_helper+0x565/0x5450 [ 19.977939] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.978039] ? kasan_atomics_helper+0x565/0x5450 [ 19.978098] kasan_report+0x141/0x180 [ 19.978146] ? kasan_atomics_helper+0x565/0x5450 [ 19.978199] kasan_check_range+0x10c/0x1c0 [ 19.978229] __kasan_check_write+0x18/0x20 [ 19.978253] kasan_atomics_helper+0x565/0x5450 [ 19.978279] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.978305] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.978331] ? trace_hardirqs_on+0x37/0xe0 [ 19.978358] ? kasan_atomics+0x152/0x310 [ 19.978384] kasan_atomics+0x1dc/0x310 [ 19.978407] ? __pfx_kasan_atomics+0x10/0x10 [ 19.978430] ? __pfx_kasan_atomics+0x10/0x10 [ 19.978458] kunit_try_run_case+0x1a5/0x480 [ 19.978488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.978513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.978541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.978567] ? __kthread_parkme+0x82/0x180 [ 19.978591] ? preempt_count_sub+0x50/0x80 [ 19.978620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.978647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.978673] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.978701] kthread+0x337/0x6f0 [ 19.978721] ? trace_preempt_on+0x20/0xc0 [ 19.978765] ? __pfx_kthread+0x10/0x10 [ 19.978795] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.978820] ? calculate_sigpending+0x7b/0xa0 [ 19.978846] ? __pfx_kthread+0x10/0x10 [ 19.978868] ret_from_fork+0x41/0x80 [ 19.978896] ? __pfx_kthread+0x10/0x10 [ 19.978917] ret_from_fork_asm+0x1a/0x30 [ 19.978954] </TASK> [ 19.978971] [ 19.991868] Allocated by task 286: [ 19.992415] kasan_save_stack+0x45/0x70 [ 19.992693] kasan_save_track+0x18/0x40 [ 19.994395] kasan_save_alloc_info+0x3b/0x50 [ 19.995059] __kasan_kmalloc+0xb7/0xc0 [ 19.995268] __kmalloc_cache_noprof+0x189/0x420 [ 19.995682] kasan_atomics+0x95/0x310 [ 19.995945] kunit_try_run_case+0x1a5/0x480 [ 19.996309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.996593] kthread+0x337/0x6f0 [ 19.996996] ret_from_fork+0x41/0x80 [ 19.997243] ret_from_fork_asm+0x1a/0x30 [ 19.997666] [ 19.997873] The buggy address belongs to the object at ffff888101e04b00 [ 19.997873] which belongs to the cache kmalloc-64 of size 64 [ 19.998451] The buggy address is located 0 bytes to the right of [ 19.998451] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.999558] [ 19.999719] The buggy address belongs to the physical page: [ 19.999971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.000706] flags: 0x200000000000000(node=0|zone=2) [ 20.001219] page_type: f5(slab) [ 20.001610] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.002173] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.002781] page dumped because: kasan: bad access detected [ 20.003034] [ 20.003187] Memory state around the buggy address: [ 20.003589] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.004259] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.004585] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.005164] ^ [ 20.005598] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.006161] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.006648] ================================================================== [ 20.929656] ================================================================== [ 20.930320] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 20.930917] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.931552] [ 20.931882] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.932001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.932036] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.932091] Call Trace: [ 20.932152] <TASK> [ 20.932199] dump_stack_lvl+0x73/0xb0 [ 20.932337] print_report+0xd1/0x650 [ 20.932441] ? __virt_addr_valid+0x1db/0x2d0 [ 20.932537] ? kasan_atomics_helper+0x1467/0x5450 [ 20.932589] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.932658] ? kasan_atomics_helper+0x1467/0x5450 [ 20.932714] kasan_report+0x141/0x180 [ 20.932782] ? kasan_atomics_helper+0x1467/0x5450 [ 20.932852] kasan_check_range+0x10c/0x1c0 [ 20.932901] __kasan_check_write+0x18/0x20 [ 20.932931] kasan_atomics_helper+0x1467/0x5450 [ 20.932960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.932987] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.933013] ? trace_hardirqs_on+0x37/0xe0 [ 20.933045] ? kasan_atomics+0x152/0x310 [ 20.933089] kasan_atomics+0x1dc/0x310 [ 20.933168] ? __pfx_kasan_atomics+0x10/0x10 [ 20.933214] ? __pfx_kasan_atomics+0x10/0x10 [ 20.933272] kunit_try_run_case+0x1a5/0x480 [ 20.933331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.933373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.933435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.933501] ? __kthread_parkme+0x82/0x180 [ 20.933555] ? preempt_count_sub+0x50/0x80 [ 20.933619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.933665] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.933695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.933720] kthread+0x337/0x6f0 [ 20.933742] ? trace_preempt_on+0x20/0xc0 [ 20.933796] ? __pfx_kthread+0x10/0x10 [ 20.933819] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.933844] ? calculate_sigpending+0x7b/0xa0 [ 20.933871] ? __pfx_kthread+0x10/0x10 [ 20.933894] ret_from_fork+0x41/0x80 [ 20.933921] ? __pfx_kthread+0x10/0x10 [ 20.933943] ret_from_fork_asm+0x1a/0x30 [ 20.933980] </TASK> [ 20.933996] [ 20.948307] Allocated by task 286: [ 20.948642] kasan_save_stack+0x45/0x70 [ 20.948970] kasan_save_track+0x18/0x40 [ 20.949784] kasan_save_alloc_info+0x3b/0x50 [ 20.950110] __kasan_kmalloc+0xb7/0xc0 [ 20.950386] __kmalloc_cache_noprof+0x189/0x420 [ 20.950918] kasan_atomics+0x95/0x310 [ 20.951465] kunit_try_run_case+0x1a5/0x480 [ 20.951821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.952437] kthread+0x337/0x6f0 [ 20.952792] ret_from_fork+0x41/0x80 [ 20.953096] ret_from_fork_asm+0x1a/0x30 [ 20.953372] [ 20.953537] The buggy address belongs to the object at ffff888101e04b00 [ 20.953537] which belongs to the cache kmalloc-64 of size 64 [ 20.954781] The buggy address is located 0 bytes to the right of [ 20.954781] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.956027] [ 20.956299] The buggy address belongs to the physical page: [ 20.956523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.957488] flags: 0x200000000000000(node=0|zone=2) [ 20.957795] page_type: f5(slab) [ 20.958011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.958857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.959578] page dumped because: kasan: bad access detected [ 20.959923] [ 20.960122] Memory state around the buggy address: [ 20.960509] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.961470] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.961935] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.962767] ^ [ 20.963139] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.963665] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.964399] ================================================================== [ 20.965817] ================================================================== [ 20.966140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 20.966426] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.966628] [ 20.966722] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.966807] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.966825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.966853] Call Trace: [ 20.966879] <TASK> [ 20.966906] dump_stack_lvl+0x73/0xb0 [ 20.966942] print_report+0xd1/0x650 [ 20.966968] ? __virt_addr_valid+0x1db/0x2d0 [ 20.966996] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.967021] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.967047] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.967072] kasan_report+0x141/0x180 [ 20.967097] ? kasan_atomics_helper+0x50d4/0x5450 [ 20.967126] __asan_report_store8_noabort+0x1b/0x30 [ 20.967150] kasan_atomics_helper+0x50d4/0x5450 [ 20.967177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.967203] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.967229] ? trace_hardirqs_on+0x37/0xe0 [ 20.967255] ? kasan_atomics+0x152/0x310 [ 20.967282] kasan_atomics+0x1dc/0x310 [ 20.967304] ? __pfx_kasan_atomics+0x10/0x10 [ 20.967328] ? __pfx_kasan_atomics+0x10/0x10 [ 20.967354] kunit_try_run_case+0x1a5/0x480 [ 20.967384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.967409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.967438] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.967463] ? __kthread_parkme+0x82/0x180 [ 20.967488] ? preempt_count_sub+0x50/0x80 [ 20.967517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.967545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.967570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.967598] kthread+0x337/0x6f0 [ 20.967618] ? trace_preempt_on+0x20/0xc0 [ 20.967665] ? __pfx_kthread+0x10/0x10 [ 20.967688] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.967711] ? calculate_sigpending+0x7b/0xa0 [ 20.967737] ? __pfx_kthread+0x10/0x10 [ 20.967851] ret_from_fork+0x41/0x80 [ 20.967897] ? __pfx_kthread+0x10/0x10 [ 20.967938] ret_from_fork_asm+0x1a/0x30 [ 20.968008] </TASK> [ 20.968036] [ 20.983289] Allocated by task 286: [ 20.983607] kasan_save_stack+0x45/0x70 [ 20.984066] kasan_save_track+0x18/0x40 [ 20.984573] kasan_save_alloc_info+0x3b/0x50 [ 20.984887] __kasan_kmalloc+0xb7/0xc0 [ 20.985355] __kmalloc_cache_noprof+0x189/0x420 [ 20.986058] kasan_atomics+0x95/0x310 [ 20.986309] kunit_try_run_case+0x1a5/0x480 [ 20.986638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.987088] kthread+0x337/0x6f0 [ 20.987382] ret_from_fork+0x41/0x80 [ 20.987740] ret_from_fork_asm+0x1a/0x30 [ 20.987985] [ 20.988290] The buggy address belongs to the object at ffff888101e04b00 [ 20.988290] which belongs to the cache kmalloc-64 of size 64 [ 20.989401] The buggy address is located 0 bytes to the right of [ 20.989401] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.990135] [ 20.990610] The buggy address belongs to the physical page: [ 20.991165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.991926] flags: 0x200000000000000(node=0|zone=2) [ 20.992393] page_type: f5(slab) [ 20.992679] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.993166] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.993358] page dumped because: kasan: bad access detected [ 20.993493] [ 20.993559] Memory state around the buggy address: [ 20.993686] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.994285] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.994975] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.995683] ^ [ 20.996189] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.996502] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.997103] ================================================================== [ 20.343494] ================================================================== [ 20.344420] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 20.345112] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.345690] [ 20.345917] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.346028] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.346062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.346106] Call Trace: [ 20.346149] <TASK> [ 20.346193] dump_stack_lvl+0x73/0xb0 [ 20.346264] print_report+0xd1/0x650 [ 20.346318] ? __virt_addr_valid+0x1db/0x2d0 [ 20.346373] ? kasan_atomics_helper+0xc70/0x5450 [ 20.346420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.346500] ? kasan_atomics_helper+0xc70/0x5450 [ 20.346550] kasan_report+0x141/0x180 [ 20.346602] ? kasan_atomics_helper+0xc70/0x5450 [ 20.346659] kasan_check_range+0x10c/0x1c0 [ 20.346703] __kasan_check_write+0x18/0x20 [ 20.346762] kasan_atomics_helper+0xc70/0x5450 [ 20.346813] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.346866] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.346917] ? trace_hardirqs_on+0x37/0xe0 [ 20.346963] ? kasan_atomics+0x152/0x310 [ 20.347008] kasan_atomics+0x1dc/0x310 [ 20.347054] ? __pfx_kasan_atomics+0x10/0x10 [ 20.347097] ? __pfx_kasan_atomics+0x10/0x10 [ 20.347146] kunit_try_run_case+0x1a5/0x480 [ 20.347206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.347259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.347304] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.347332] ? __kthread_parkme+0x82/0x180 [ 20.347359] ? preempt_count_sub+0x50/0x80 [ 20.347390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.347416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.347442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.347468] kthread+0x337/0x6f0 [ 20.347488] ? trace_preempt_on+0x20/0xc0 [ 20.347515] ? __pfx_kthread+0x10/0x10 [ 20.347537] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.347562] ? calculate_sigpending+0x7b/0xa0 [ 20.347588] ? __pfx_kthread+0x10/0x10 [ 20.347610] ret_from_fork+0x41/0x80 [ 20.347651] ? __pfx_kthread+0x10/0x10 [ 20.347675] ret_from_fork_asm+0x1a/0x30 [ 20.347713] </TASK> [ 20.347731] [ 20.361115] Allocated by task 286: [ 20.361358] kasan_save_stack+0x45/0x70 [ 20.361557] kasan_save_track+0x18/0x40 [ 20.361721] kasan_save_alloc_info+0x3b/0x50 [ 20.361905] __kasan_kmalloc+0xb7/0xc0 [ 20.362213] __kmalloc_cache_noprof+0x189/0x420 [ 20.362762] kasan_atomics+0x95/0x310 [ 20.363697] kunit_try_run_case+0x1a5/0x480 [ 20.363936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.364434] kthread+0x337/0x6f0 [ 20.365327] ret_from_fork+0x41/0x80 [ 20.365622] ret_from_fork_asm+0x1a/0x30 [ 20.365847] [ 20.366059] The buggy address belongs to the object at ffff888101e04b00 [ 20.366059] which belongs to the cache kmalloc-64 of size 64 [ 20.366810] The buggy address is located 0 bytes to the right of [ 20.366810] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.367542] [ 20.367716] The buggy address belongs to the physical page: [ 20.368053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.368425] flags: 0x200000000000000(node=0|zone=2) [ 20.368730] page_type: f5(slab) [ 20.369208] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.369902] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.370606] page dumped because: kasan: bad access detected [ 20.370879] [ 20.371079] Memory state around the buggy address: [ 20.371636] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.372327] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.372836] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.373442] ^ [ 20.373689] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.374368] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.375001] ================================================================== [ 19.785529] ================================================================== [ 19.786267] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 19.786895] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 19.787234] [ 19.787503] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.787599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.787631] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.787669] Call Trace: [ 19.787702] <TASK> [ 19.787739] dump_stack_lvl+0x73/0xb0 [ 19.787809] print_report+0xd1/0x650 [ 19.787847] ? __virt_addr_valid+0x1db/0x2d0 [ 19.787886] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.787921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.787956] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.787992] kasan_report+0x141/0x180 [ 19.788025] ? kasan_atomics_helper+0x4b88/0x5450 [ 19.788067] __asan_report_load4_noabort+0x18/0x20 [ 19.788132] kasan_atomics_helper+0x4b88/0x5450 [ 19.788194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 19.788239] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.788281] ? trace_hardirqs_on+0x37/0xe0 [ 19.788322] ? kasan_atomics+0x152/0x310 [ 19.788376] kasan_atomics+0x1dc/0x310 [ 19.788419] ? __pfx_kasan_atomics+0x10/0x10 [ 19.788463] ? __pfx_kasan_atomics+0x10/0x10 [ 19.788517] kunit_try_run_case+0x1a5/0x480 [ 19.788596] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.788638] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.788683] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.788729] ? __kthread_parkme+0x82/0x180 [ 19.788788] ? preempt_count_sub+0x50/0x80 [ 19.789162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.789233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.789332] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.789391] kthread+0x337/0x6f0 [ 19.789438] ? trace_preempt_on+0x20/0xc0 [ 19.789494] ? __pfx_kthread+0x10/0x10 [ 19.789530] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.789556] ? calculate_sigpending+0x7b/0xa0 [ 19.789583] ? __pfx_kthread+0x10/0x10 [ 19.789605] ret_from_fork+0x41/0x80 [ 19.789633] ? __pfx_kthread+0x10/0x10 [ 19.789655] ret_from_fork_asm+0x1a/0x30 [ 19.789693] </TASK> [ 19.789710] [ 19.799396] Allocated by task 286: [ 19.799612] kasan_save_stack+0x45/0x70 [ 19.800932] kasan_save_track+0x18/0x40 [ 19.801343] kasan_save_alloc_info+0x3b/0x50 [ 19.801726] __kasan_kmalloc+0xb7/0xc0 [ 19.802097] __kmalloc_cache_noprof+0x189/0x420 [ 19.802411] kasan_atomics+0x95/0x310 [ 19.802619] kunit_try_run_case+0x1a5/0x480 [ 19.802959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.803490] kthread+0x337/0x6f0 [ 19.803842] ret_from_fork+0x41/0x80 [ 19.804224] ret_from_fork_asm+0x1a/0x30 [ 19.804474] [ 19.804614] The buggy address belongs to the object at ffff888101e04b00 [ 19.804614] which belongs to the cache kmalloc-64 of size 64 [ 19.805076] The buggy address is located 0 bytes to the right of [ 19.805076] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 19.805653] [ 19.805855] The buggy address belongs to the physical page: [ 19.806357] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 19.807013] flags: 0x200000000000000(node=0|zone=2) [ 19.807473] page_type: f5(slab) [ 19.807820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.808482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.808887] page dumped because: kasan: bad access detected [ 19.809159] [ 19.809336] Memory state around the buggy address: [ 19.809769] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.810340] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.810867] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 19.811193] ^ [ 19.811429] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.811732] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.812321] ================================================================== [ 20.759559] ================================================================== [ 20.761778] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 20.763072] Read of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.763531] [ 20.763725] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.763858] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.763890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.763937] Call Trace: [ 20.763983] <TASK> [ 20.764031] dump_stack_lvl+0x73/0xb0 [ 20.764115] print_report+0xd1/0x650 [ 20.764184] ? __virt_addr_valid+0x1db/0x2d0 [ 20.764237] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.764284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.764333] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.764386] kasan_report+0x141/0x180 [ 20.764444] ? kasan_atomics_helper+0x49e8/0x5450 [ 20.764509] __asan_report_load4_noabort+0x18/0x20 [ 20.764562] kasan_atomics_helper+0x49e8/0x5450 [ 20.764610] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.764652] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.764698] ? trace_hardirqs_on+0x37/0xe0 [ 20.764773] ? kasan_atomics+0x152/0x310 [ 20.764827] kasan_atomics+0x1dc/0x310 [ 20.764876] ? __pfx_kasan_atomics+0x10/0x10 [ 20.764919] ? __pfx_kasan_atomics+0x10/0x10 [ 20.764977] kunit_try_run_case+0x1a5/0x480 [ 20.765040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.765090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.765139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.765187] ? __kthread_parkme+0x82/0x180 [ 20.765230] ? preempt_count_sub+0x50/0x80 [ 20.765279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.765329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.765378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.765421] kthread+0x337/0x6f0 [ 20.765455] ? trace_preempt_on+0x20/0xc0 [ 20.765505] ? __pfx_kthread+0x10/0x10 [ 20.765546] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.765597] ? calculate_sigpending+0x7b/0xa0 [ 20.765646] ? __pfx_kthread+0x10/0x10 [ 20.765692] ret_from_fork+0x41/0x80 [ 20.765783] ? __pfx_kthread+0x10/0x10 [ 20.765833] ret_from_fork_asm+0x1a/0x30 [ 20.765908] </TASK> [ 20.765942] [ 20.779994] Allocated by task 286: [ 20.780497] kasan_save_stack+0x45/0x70 [ 20.781368] kasan_save_track+0x18/0x40 [ 20.781574] kasan_save_alloc_info+0x3b/0x50 [ 20.781765] __kasan_kmalloc+0xb7/0xc0 [ 20.781984] __kmalloc_cache_noprof+0x189/0x420 [ 20.782915] kasan_atomics+0x95/0x310 [ 20.783173] kunit_try_run_case+0x1a5/0x480 [ 20.783440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.783707] kthread+0x337/0x6f0 [ 20.784015] ret_from_fork+0x41/0x80 [ 20.784235] ret_from_fork_asm+0x1a/0x30 [ 20.784561] [ 20.784742] The buggy address belongs to the object at ffff888101e04b00 [ 20.784742] which belongs to the cache kmalloc-64 of size 64 [ 20.785392] The buggy address is located 0 bytes to the right of [ 20.785392] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.786317] [ 20.786509] The buggy address belongs to the physical page: [ 20.786859] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.787376] flags: 0x200000000000000(node=0|zone=2) [ 20.787816] page_type: f5(slab) [ 20.788019] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.788649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.789085] page dumped because: kasan: bad access detected [ 20.789538] [ 20.789723] Memory state around the buggy address: [ 20.790168] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.790501] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.790944] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.791327] ^ [ 20.791709] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.792226] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.792631] ================================================================== [ 20.474412] ================================================================== [ 20.475010] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 20.475422] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.476081] [ 20.476394] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.476521] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.476575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.476627] Call Trace: [ 20.476673] <TASK> [ 20.476719] dump_stack_lvl+0x73/0xb0 [ 20.476809] print_report+0xd1/0x650 [ 20.476886] ? __virt_addr_valid+0x1db/0x2d0 [ 20.476942] ? kasan_atomics_helper+0xe78/0x5450 [ 20.476994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.477040] ? kasan_atomics_helper+0xe78/0x5450 [ 20.477069] kasan_report+0x141/0x180 [ 20.477096] ? kasan_atomics_helper+0xe78/0x5450 [ 20.477160] kasan_check_range+0x10c/0x1c0 [ 20.477204] __kasan_check_write+0x18/0x20 [ 20.477240] kasan_atomics_helper+0xe78/0x5450 [ 20.477267] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.477293] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.477318] ? trace_hardirqs_on+0x37/0xe0 [ 20.477344] ? kasan_atomics+0x152/0x310 [ 20.477372] kasan_atomics+0x1dc/0x310 [ 20.477394] ? __pfx_kasan_atomics+0x10/0x10 [ 20.477418] ? __pfx_kasan_atomics+0x10/0x10 [ 20.477445] kunit_try_run_case+0x1a5/0x480 [ 20.477474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.477499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.477527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.477553] ? __kthread_parkme+0x82/0x180 [ 20.477579] ? preempt_count_sub+0x50/0x80 [ 20.477607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.477635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.477661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.477687] kthread+0x337/0x6f0 [ 20.477708] ? trace_preempt_on+0x20/0xc0 [ 20.477734] ? __pfx_kthread+0x10/0x10 [ 20.477778] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.477805] ? calculate_sigpending+0x7b/0xa0 [ 20.477830] ? __pfx_kthread+0x10/0x10 [ 20.477852] ret_from_fork+0x41/0x80 [ 20.477880] ? __pfx_kthread+0x10/0x10 [ 20.477902] ret_from_fork_asm+0x1a/0x30 [ 20.477939] </TASK> [ 20.477957] [ 20.491914] Allocated by task 286: [ 20.492400] kasan_save_stack+0x45/0x70 [ 20.493413] kasan_save_track+0x18/0x40 [ 20.493863] kasan_save_alloc_info+0x3b/0x50 [ 20.494343] __kasan_kmalloc+0xb7/0xc0 [ 20.494728] __kmalloc_cache_noprof+0x189/0x420 [ 20.495278] kasan_atomics+0x95/0x310 [ 20.495728] kunit_try_run_case+0x1a5/0x480 [ 20.496223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.496738] kthread+0x337/0x6f0 [ 20.497179] ret_from_fork+0x41/0x80 [ 20.497643] ret_from_fork_asm+0x1a/0x30 [ 20.498070] [ 20.498319] The buggy address belongs to the object at ffff888101e04b00 [ 20.498319] which belongs to the cache kmalloc-64 of size 64 [ 20.499433] The buggy address is located 0 bytes to the right of [ 20.499433] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.500210] [ 20.500449] The buggy address belongs to the physical page: [ 20.500991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.501557] flags: 0x200000000000000(node=0|zone=2) [ 20.501910] page_type: f5(slab) [ 20.502330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.502833] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.503276] page dumped because: kasan: bad access detected [ 20.503550] [ 20.503731] Memory state around the buggy address: [ 20.504228] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.504787] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.505322] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.505765] ^ [ 20.506257] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.506682] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.507135] ================================================================== [ 21.036549] ================================================================== [ 21.037219] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 21.037756] Write of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.038080] [ 21.038259] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.038372] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.038401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.038449] Call Trace: [ 21.038495] <TASK> [ 21.038541] dump_stack_lvl+0x73/0xb0 [ 21.038614] print_report+0xd1/0x650 [ 21.038665] ? __virt_addr_valid+0x1db/0x2d0 [ 21.038717] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.038784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.038837] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.038885] kasan_report+0x141/0x180 [ 21.038937] ? kasan_atomics_helper+0x15b6/0x5450 [ 21.038993] kasan_check_range+0x10c/0x1c0 [ 21.039040] __kasan_check_write+0x18/0x20 [ 21.039088] kasan_atomics_helper+0x15b6/0x5450 [ 21.039145] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.039194] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.039240] ? trace_hardirqs_on+0x37/0xe0 [ 21.039290] ? kasan_atomics+0x152/0x310 [ 21.039341] kasan_atomics+0x1dc/0x310 [ 21.039384] ? __pfx_kasan_atomics+0x10/0x10 [ 21.039429] ? __pfx_kasan_atomics+0x10/0x10 [ 21.039487] kunit_try_run_case+0x1a5/0x480 [ 21.039544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.039594] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.039662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.039711] ? __kthread_parkme+0x82/0x180 [ 21.039804] ? preempt_count_sub+0x50/0x80 [ 21.039865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.039906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.039935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.039961] kthread+0x337/0x6f0 [ 21.039984] ? trace_preempt_on+0x20/0xc0 [ 21.040011] ? __pfx_kthread+0x10/0x10 [ 21.040033] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.040057] ? calculate_sigpending+0x7b/0xa0 [ 21.040083] ? __pfx_kthread+0x10/0x10 [ 21.040126] ret_from_fork+0x41/0x80 [ 21.040168] ? __pfx_kthread+0x10/0x10 [ 21.040191] ret_from_fork_asm+0x1a/0x30 [ 21.040230] </TASK> [ 21.040247] [ 21.053977] Allocated by task 286: [ 21.054357] kasan_save_stack+0x45/0x70 [ 21.054843] kasan_save_track+0x18/0x40 [ 21.055181] kasan_save_alloc_info+0x3b/0x50 [ 21.055587] __kasan_kmalloc+0xb7/0xc0 [ 21.055944] __kmalloc_cache_noprof+0x189/0x420 [ 21.056223] kasan_atomics+0x95/0x310 [ 21.056650] kunit_try_run_case+0x1a5/0x480 [ 21.057079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.057616] kthread+0x337/0x6f0 [ 21.058003] ret_from_fork+0x41/0x80 [ 21.058260] ret_from_fork_asm+0x1a/0x30 [ 21.058687] [ 21.058913] The buggy address belongs to the object at ffff888101e04b00 [ 21.058913] which belongs to the cache kmalloc-64 of size 64 [ 21.059666] The buggy address is located 0 bytes to the right of [ 21.059666] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.060732] [ 21.060893] The buggy address belongs to the physical page: [ 21.061211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.061854] flags: 0x200000000000000(node=0|zone=2) [ 21.062108] page_type: f5(slab) [ 21.062318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.062610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.063325] page dumped because: kasan: bad access detected [ 21.063888] [ 21.064085] Memory state around the buggy address: [ 21.064563] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.065169] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.065456] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.066067] ^ [ 21.066508] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.067091] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.067504] ================================================================== [ 21.695437] ================================================================== [ 21.695837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 21.696606] Read of size 8 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 21.698615] [ 21.699075] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 21.699232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.699262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.699309] Call Trace: [ 21.699355] <TASK> [ 21.699400] dump_stack_lvl+0x73/0xb0 [ 21.699487] print_report+0xd1/0x650 [ 21.699547] ? __virt_addr_valid+0x1db/0x2d0 [ 21.699607] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.699674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.699732] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.699798] kasan_report+0x141/0x180 [ 21.699853] ? kasan_atomics_helper+0x4fb2/0x5450 [ 21.699922] __asan_report_load8_noabort+0x18/0x20 [ 21.699975] kasan_atomics_helper+0x4fb2/0x5450 [ 21.700031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.700080] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.700219] ? trace_hardirqs_on+0x37/0xe0 [ 21.700293] ? kasan_atomics+0x152/0x310 [ 21.700358] kasan_atomics+0x1dc/0x310 [ 21.700410] ? __pfx_kasan_atomics+0x10/0x10 [ 21.700462] ? __pfx_kasan_atomics+0x10/0x10 [ 21.700524] kunit_try_run_case+0x1a5/0x480 [ 21.700581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.700634] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.700691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.700758] ? __kthread_parkme+0x82/0x180 [ 21.700816] ? preempt_count_sub+0x50/0x80 [ 21.700879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.700938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.700996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.701050] kthread+0x337/0x6f0 [ 21.701096] ? trace_preempt_on+0x20/0xc0 [ 21.701182] ? __pfx_kthread+0x10/0x10 [ 21.701231] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.701278] ? calculate_sigpending+0x7b/0xa0 [ 21.701324] ? __pfx_kthread+0x10/0x10 [ 21.701372] ret_from_fork+0x41/0x80 [ 21.701425] ? __pfx_kthread+0x10/0x10 [ 21.701473] ret_from_fork_asm+0x1a/0x30 [ 21.701551] </TASK> [ 21.701587] [ 21.715974] Allocated by task 286: [ 21.716408] kasan_save_stack+0x45/0x70 [ 21.716650] kasan_save_track+0x18/0x40 [ 21.717369] kasan_save_alloc_info+0x3b/0x50 [ 21.717789] __kasan_kmalloc+0xb7/0xc0 [ 21.717974] __kmalloc_cache_noprof+0x189/0x420 [ 21.718345] kasan_atomics+0x95/0x310 [ 21.718691] kunit_try_run_case+0x1a5/0x480 [ 21.718930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.719419] kthread+0x337/0x6f0 [ 21.719774] ret_from_fork+0x41/0x80 [ 21.719979] ret_from_fork_asm+0x1a/0x30 [ 21.720393] [ 21.720570] The buggy address belongs to the object at ffff888101e04b00 [ 21.720570] which belongs to the cache kmalloc-64 of size 64 [ 21.721394] The buggy address is located 0 bytes to the right of [ 21.721394] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 21.722285] [ 21.722426] The buggy address belongs to the physical page: [ 21.722902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 21.723427] flags: 0x200000000000000(node=0|zone=2) [ 21.723859] page_type: f5(slab) [ 21.724249] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.724659] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.725521] page dumped because: kasan: bad access detected [ 21.725815] [ 21.726032] Memory state around the buggy address: [ 21.726415] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.726892] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.727287] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.727741] ^ [ 21.728139] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.728640] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.729131] ================================================================== [ 20.441531] ================================================================== [ 20.442082] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 20.442657] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.442935] [ 20.443125] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.443240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.443273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.443325] Call Trace: [ 20.443373] <TASK> [ 20.443421] dump_stack_lvl+0x73/0xb0 [ 20.443491] print_report+0xd1/0x650 [ 20.443541] ? __virt_addr_valid+0x1db/0x2d0 [ 20.443586] ? kasan_atomics_helper+0xde0/0x5450 [ 20.443639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.443693] ? kasan_atomics_helper+0xde0/0x5450 [ 20.443736] kasan_report+0x141/0x180 [ 20.443802] ? kasan_atomics_helper+0xde0/0x5450 [ 20.443865] kasan_check_range+0x10c/0x1c0 [ 20.443919] __kasan_check_write+0x18/0x20 [ 20.443971] kasan_atomics_helper+0xde0/0x5450 [ 20.444031] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.444084] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.444169] ? trace_hardirqs_on+0x37/0xe0 [ 20.444221] ? kasan_atomics+0x152/0x310 [ 20.444272] kasan_atomics+0x1dc/0x310 [ 20.444314] ? __pfx_kasan_atomics+0x10/0x10 [ 20.444359] ? __pfx_kasan_atomics+0x10/0x10 [ 20.444415] kunit_try_run_case+0x1a5/0x480 [ 20.444464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.444498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.444536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.444572] ? __kthread_parkme+0x82/0x180 [ 20.444607] ? preempt_count_sub+0x50/0x80 [ 20.444647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.444684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.444721] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.444775] kthread+0x337/0x6f0 [ 20.444807] ? trace_preempt_on+0x20/0xc0 [ 20.444847] ? __pfx_kthread+0x10/0x10 [ 20.444878] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.444912] ? calculate_sigpending+0x7b/0xa0 [ 20.444948] ? __pfx_kthread+0x10/0x10 [ 20.444983] ret_from_fork+0x41/0x80 [ 20.445022] ? __pfx_kthread+0x10/0x10 [ 20.445061] ret_from_fork_asm+0x1a/0x30 [ 20.445158] </TASK> [ 20.445191] [ 20.456980] Allocated by task 286: [ 20.457441] kasan_save_stack+0x45/0x70 [ 20.457903] kasan_save_track+0x18/0x40 [ 20.458265] kasan_save_alloc_info+0x3b/0x50 [ 20.458575] __kasan_kmalloc+0xb7/0xc0 [ 20.458853] __kmalloc_cache_noprof+0x189/0x420 [ 20.459273] kasan_atomics+0x95/0x310 [ 20.459555] kunit_try_run_case+0x1a5/0x480 [ 20.459871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.460319] kthread+0x337/0x6f0 [ 20.460527] ret_from_fork+0x41/0x80 [ 20.460772] ret_from_fork_asm+0x1a/0x30 [ 20.461173] [ 20.461391] The buggy address belongs to the object at ffff888101e04b00 [ 20.461391] which belongs to the cache kmalloc-64 of size 64 [ 20.463479] The buggy address is located 0 bytes to the right of [ 20.463479] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.464278] [ 20.465087] The buggy address belongs to the physical page: [ 20.465705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.466191] flags: 0x200000000000000(node=0|zone=2) [ 20.466477] page_type: f5(slab) [ 20.466815] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.467260] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.468024] page dumped because: kasan: bad access detected [ 20.468609] [ 20.468826] Memory state around the buggy address: [ 20.469491] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.469948] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.470582] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.471150] ^ [ 20.471780] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.472207] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.472772] ================================================================== [ 20.726118] ================================================================== [ 20.727331] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 20.728004] Write of size 4 at addr ffff888101e04b30 by task kunit_try_catch/286 [ 20.728808] [ 20.729047] CPU: 1 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 20.729164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.729197] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.729246] Call Trace: [ 20.729294] <TASK> [ 20.729343] dump_stack_lvl+0x73/0xb0 [ 20.729419] print_report+0xd1/0x650 [ 20.729472] ? __virt_addr_valid+0x1db/0x2d0 [ 20.729526] ? kasan_atomics_helper+0x1217/0x5450 [ 20.729580] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.729635] ? kasan_atomics_helper+0x1217/0x5450 [ 20.729691] kasan_report+0x141/0x180 [ 20.729738] ? kasan_atomics_helper+0x1217/0x5450 [ 20.729807] kasan_check_range+0x10c/0x1c0 [ 20.729845] __kasan_check_write+0x18/0x20 [ 20.729886] kasan_atomics_helper+0x1217/0x5450 [ 20.729936] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 20.729987] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.730039] ? trace_hardirqs_on+0x37/0xe0 [ 20.730092] ? kasan_atomics+0x152/0x310 [ 20.730149] kasan_atomics+0x1dc/0x310 [ 20.730199] ? __pfx_kasan_atomics+0x10/0x10 [ 20.730236] ? __pfx_kasan_atomics+0x10/0x10 [ 20.730284] kunit_try_run_case+0x1a5/0x480 [ 20.730346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.730396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.730457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.730507] ? __kthread_parkme+0x82/0x180 [ 20.730561] ? preempt_count_sub+0x50/0x80 [ 20.730621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.730676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.730733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.730803] kthread+0x337/0x6f0 [ 20.730848] ? trace_preempt_on+0x20/0xc0 [ 20.730904] ? __pfx_kthread+0x10/0x10 [ 20.730952] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.731005] ? calculate_sigpending+0x7b/0xa0 [ 20.731059] ? __pfx_kthread+0x10/0x10 [ 20.731109] ret_from_fork+0x41/0x80 [ 20.731162] ? __pfx_kthread+0x10/0x10 [ 20.731212] ret_from_fork_asm+0x1a/0x30 [ 20.731288] </TASK> [ 20.731321] [ 20.741937] Allocated by task 286: [ 20.742325] kasan_save_stack+0x45/0x70 [ 20.742602] kasan_save_track+0x18/0x40 [ 20.742830] kasan_save_alloc_info+0x3b/0x50 [ 20.743053] __kasan_kmalloc+0xb7/0xc0 [ 20.743257] __kmalloc_cache_noprof+0x189/0x420 [ 20.743482] kasan_atomics+0x95/0x310 [ 20.743800] kunit_try_run_case+0x1a5/0x480 [ 20.744138] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.744545] kthread+0x337/0x6f0 [ 20.744857] ret_from_fork+0x41/0x80 [ 20.745181] ret_from_fork_asm+0x1a/0x30 [ 20.748564] [ 20.748818] The buggy address belongs to the object at ffff888101e04b00 [ 20.748818] which belongs to the cache kmalloc-64 of size 64 [ 20.749269] The buggy address is located 0 bytes to the right of [ 20.749269] allocated 48-byte region [ffff888101e04b00, ffff888101e04b30) [ 20.749698] [ 20.749925] The buggy address belongs to the physical page: [ 20.750163] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e04 [ 20.750487] flags: 0x200000000000000(node=0|zone=2) [ 20.750732] page_type: f5(slab) [ 20.750941] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 20.754876] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 20.755650] page dumped because: kasan: bad access detected [ 20.756188] [ 20.756388] Memory state around the buggy address: [ 20.756828] ffff888101e04a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.757083] ffff888101e04a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 20.757354] >ffff888101e04b00: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 20.757614] ^ [ 20.757897] ffff888101e04b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.758194] ffff888101e04c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.758471] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 19.672835] ================================================================== [ 19.673543] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.673958] Read of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.674609] [ 19.675147] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.675269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.675300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.675348] Call Trace: [ 19.675391] <TASK> [ 19.675433] dump_stack_lvl+0x73/0xb0 [ 19.675507] print_report+0xd1/0x650 [ 19.675555] ? __virt_addr_valid+0x1db/0x2d0 [ 19.675605] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.675663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.675708] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.675768] kasan_report+0x141/0x180 [ 19.675819] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.675874] __asan_report_load8_noabort+0x18/0x20 [ 19.675919] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 19.675968] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.676016] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.676065] ? trace_hardirqs_on+0x37/0xe0 [ 19.676150] ? kasan_bitops_generic+0x92/0x1c0 [ 19.676192] kasan_bitops_generic+0x121/0x1c0 [ 19.676217] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.676241] ? __pfx_read_tsc+0x10/0x10 [ 19.676266] ? ktime_get_ts64+0x86/0x230 [ 19.676296] kunit_try_run_case+0x1a5/0x480 [ 19.676324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.676347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.676374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.676399] ? __kthread_parkme+0x82/0x180 [ 19.676425] ? preempt_count_sub+0x50/0x80 [ 19.676453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.676479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.676504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.676528] kthread+0x337/0x6f0 [ 19.676548] ? trace_preempt_on+0x20/0xc0 [ 19.676573] ? __pfx_kthread+0x10/0x10 [ 19.676593] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.676616] ? calculate_sigpending+0x7b/0xa0 [ 19.676640] ? __pfx_kthread+0x10/0x10 [ 19.676661] ret_from_fork+0x41/0x80 [ 19.676685] ? __pfx_kthread+0x10/0x10 [ 19.676705] ret_from_fork_asm+0x1a/0x30 [ 19.676740] </TASK> [ 19.676779] [ 19.686355] Allocated by task 282: [ 19.686733] kasan_save_stack+0x45/0x70 [ 19.688928] kasan_save_track+0x18/0x40 [ 19.689798] kasan_save_alloc_info+0x3b/0x50 [ 19.690192] __kasan_kmalloc+0xb7/0xc0 [ 19.690511] __kmalloc_cache_noprof+0x189/0x420 [ 19.690912] kasan_bitops_generic+0x92/0x1c0 [ 19.691309] kunit_try_run_case+0x1a5/0x480 [ 19.691687] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.691932] kthread+0x337/0x6f0 [ 19.692131] ret_from_fork+0x41/0x80 [ 19.692322] ret_from_fork_asm+0x1a/0x30 [ 19.692513] [ 19.692629] The buggy address belongs to the object at ffff888101d9a440 [ 19.692629] which belongs to the cache kmalloc-16 of size 16 [ 19.693188] The buggy address is located 8 bytes inside of [ 19.693188] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.693600] [ 19.693805] The buggy address belongs to the physical page: [ 19.694284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.694719] flags: 0x200000000000000(node=0|zone=2) [ 19.694962] page_type: f5(slab) [ 19.696139] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.696742] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.697928] page dumped because: kasan: bad access detected [ 19.698197] [ 19.698291] Memory state around the buggy address: [ 19.698489] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.698738] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.699308] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.699820] ^ [ 19.700293] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.700831] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.701281] ================================================================== [ 19.546217] ================================================================== [ 19.547289] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.548187] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.548915] [ 19.549080] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.549171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.549187] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.549212] Call Trace: [ 19.549238] <TASK> [ 19.549264] dump_stack_lvl+0x73/0xb0 [ 19.549309] print_report+0xd1/0x650 [ 19.549337] ? __virt_addr_valid+0x1db/0x2d0 [ 19.549363] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.549390] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.549415] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.549440] kasan_report+0x141/0x180 [ 19.549464] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.549495] kasan_check_range+0x10c/0x1c0 [ 19.549517] __kasan_check_write+0x18/0x20 [ 19.549539] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 19.549564] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.549591] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.549614] ? trace_hardirqs_on+0x37/0xe0 [ 19.549638] ? kasan_bitops_generic+0x92/0x1c0 [ 19.549665] kasan_bitops_generic+0x121/0x1c0 [ 19.549687] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.549711] ? __pfx_read_tsc+0x10/0x10 [ 19.549733] ? ktime_get_ts64+0x86/0x230 [ 19.549791] kunit_try_run_case+0x1a5/0x480 [ 19.549842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.549884] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.549929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.549974] ? __kthread_parkme+0x82/0x180 [ 19.550023] ? preempt_count_sub+0x50/0x80 [ 19.550078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.550129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.550172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.550226] kthread+0x337/0x6f0 [ 19.550279] ? trace_preempt_on+0x20/0xc0 [ 19.550328] ? __pfx_kthread+0x10/0x10 [ 19.550372] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.550417] ? calculate_sigpending+0x7b/0xa0 [ 19.550466] ? __pfx_kthread+0x10/0x10 [ 19.550512] ret_from_fork+0x41/0x80 [ 19.550561] ? __pfx_kthread+0x10/0x10 [ 19.550597] ret_from_fork_asm+0x1a/0x30 [ 19.550657] </TASK> [ 19.550676] [ 19.564205] Allocated by task 282: [ 19.564530] kasan_save_stack+0x45/0x70 [ 19.564817] kasan_save_track+0x18/0x40 [ 19.565025] kasan_save_alloc_info+0x3b/0x50 [ 19.565236] __kasan_kmalloc+0xb7/0xc0 [ 19.565437] __kmalloc_cache_noprof+0x189/0x420 [ 19.565787] kasan_bitops_generic+0x92/0x1c0 [ 19.566216] kunit_try_run_case+0x1a5/0x480 [ 19.566611] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.567077] kthread+0x337/0x6f0 [ 19.567403] ret_from_fork+0x41/0x80 [ 19.567775] ret_from_fork_asm+0x1a/0x30 [ 19.568173] [ 19.568368] The buggy address belongs to the object at ffff888101d9a440 [ 19.568368] which belongs to the cache kmalloc-16 of size 16 [ 19.569011] The buggy address is located 8 bytes inside of [ 19.569011] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.569486] [ 19.569630] The buggy address belongs to the physical page: [ 19.570131] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.570780] flags: 0x200000000000000(node=0|zone=2) [ 19.571269] page_type: f5(slab) [ 19.571614] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.572245] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.572857] page dumped because: kasan: bad access detected [ 19.573275] [ 19.573465] Memory state around the buggy address: [ 19.573785] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.574162] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.574452] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.575047] ^ [ 19.575547] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.576082] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.576555] ================================================================== [ 19.512488] ================================================================== [ 19.512941] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.513678] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.514269] [ 19.514534] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.514651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.514682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.514727] Call Trace: [ 19.514786] <TASK> [ 19.514845] dump_stack_lvl+0x73/0xb0 [ 19.514929] print_report+0xd1/0x650 [ 19.514998] ? __virt_addr_valid+0x1db/0x2d0 [ 19.515056] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.515146] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.515188] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.515220] kasan_report+0x141/0x180 [ 19.515246] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.515303] kasan_check_range+0x10c/0x1c0 [ 19.515342] __kasan_check_write+0x18/0x20 [ 19.515381] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 19.515431] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.515521] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.515569] ? trace_hardirqs_on+0x37/0xe0 [ 19.515613] ? kasan_bitops_generic+0x92/0x1c0 [ 19.515671] kasan_bitops_generic+0x121/0x1c0 [ 19.515760] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.515813] ? __pfx_read_tsc+0x10/0x10 [ 19.515862] ? ktime_get_ts64+0x86/0x230 [ 19.515925] kunit_try_run_case+0x1a5/0x480 [ 19.515972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.515998] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.516024] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.516049] ? __kthread_parkme+0x82/0x180 [ 19.516073] ? preempt_count_sub+0x50/0x80 [ 19.516119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.516165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.516192] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.516217] kthread+0x337/0x6f0 [ 19.516237] ? trace_preempt_on+0x20/0xc0 [ 19.516263] ? __pfx_kthread+0x10/0x10 [ 19.516284] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.516307] ? calculate_sigpending+0x7b/0xa0 [ 19.516333] ? __pfx_kthread+0x10/0x10 [ 19.516354] ret_from_fork+0x41/0x80 [ 19.516378] ? __pfx_kthread+0x10/0x10 [ 19.516398] ret_from_fork_asm+0x1a/0x30 [ 19.516433] </TASK> [ 19.516451] [ 19.531159] Allocated by task 282: [ 19.531475] kasan_save_stack+0x45/0x70 [ 19.531703] kasan_save_track+0x18/0x40 [ 19.532000] kasan_save_alloc_info+0x3b/0x50 [ 19.532295] __kasan_kmalloc+0xb7/0xc0 [ 19.532609] __kmalloc_cache_noprof+0x189/0x420 [ 19.533032] kasan_bitops_generic+0x92/0x1c0 [ 19.533417] kunit_try_run_case+0x1a5/0x480 [ 19.533973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.534470] kthread+0x337/0x6f0 [ 19.534785] ret_from_fork+0x41/0x80 [ 19.535084] ret_from_fork_asm+0x1a/0x30 [ 19.535504] [ 19.535713] The buggy address belongs to the object at ffff888101d9a440 [ 19.535713] which belongs to the cache kmalloc-16 of size 16 [ 19.536202] The buggy address is located 8 bytes inside of [ 19.536202] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.537192] [ 19.537576] The buggy address belongs to the physical page: [ 19.537989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.538841] flags: 0x200000000000000(node=0|zone=2) [ 19.539178] page_type: f5(slab) [ 19.539391] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.539998] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.540475] page dumped because: kasan: bad access detected [ 19.540860] [ 19.540986] Memory state around the buggy address: [ 19.541210] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.541958] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.542766] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.543092] ^ [ 19.543912] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544373] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.544973] ================================================================== [ 19.477768] ================================================================== [ 19.478632] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.479121] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.479703] [ 19.480150] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.480503] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.480522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.480546] Call Trace: [ 19.480571] <TASK> [ 19.480597] dump_stack_lvl+0x73/0xb0 [ 19.480644] print_report+0xd1/0x650 [ 19.480670] ? __virt_addr_valid+0x1db/0x2d0 [ 19.480698] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.480724] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.480769] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.480800] kasan_report+0x141/0x180 [ 19.480825] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.480856] kasan_check_range+0x10c/0x1c0 [ 19.480879] __kasan_check_write+0x18/0x20 [ 19.480901] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 19.480927] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.480954] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.480977] ? trace_hardirqs_on+0x37/0xe0 [ 19.481003] ? kasan_bitops_generic+0x92/0x1c0 [ 19.481028] kasan_bitops_generic+0x121/0x1c0 [ 19.481051] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.481075] ? __pfx_read_tsc+0x10/0x10 [ 19.481098] ? ktime_get_ts64+0x86/0x230 [ 19.481144] kunit_try_run_case+0x1a5/0x480 [ 19.481175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.481199] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.481225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.481249] ? __kthread_parkme+0x82/0x180 [ 19.481274] ? preempt_count_sub+0x50/0x80 [ 19.481301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.481327] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.481351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.481376] kthread+0x337/0x6f0 [ 19.481394] ? trace_preempt_on+0x20/0xc0 [ 19.481418] ? __pfx_kthread+0x10/0x10 [ 19.481438] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.481461] ? calculate_sigpending+0x7b/0xa0 [ 19.481485] ? __pfx_kthread+0x10/0x10 [ 19.481506] ret_from_fork+0x41/0x80 [ 19.481528] ? __pfx_kthread+0x10/0x10 [ 19.481548] ret_from_fork_asm+0x1a/0x30 [ 19.481582] </TASK> [ 19.481597] [ 19.497016] Allocated by task 282: [ 19.497498] kasan_save_stack+0x45/0x70 [ 19.497718] kasan_save_track+0x18/0x40 [ 19.497900] kasan_save_alloc_info+0x3b/0x50 [ 19.498522] __kasan_kmalloc+0xb7/0xc0 [ 19.498781] __kmalloc_cache_noprof+0x189/0x420 [ 19.498969] kasan_bitops_generic+0x92/0x1c0 [ 19.499668] kunit_try_run_case+0x1a5/0x480 [ 19.499951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.500723] kthread+0x337/0x6f0 [ 19.500932] ret_from_fork+0x41/0x80 [ 19.501484] ret_from_fork_asm+0x1a/0x30 [ 19.501680] [ 19.502151] The buggy address belongs to the object at ffff888101d9a440 [ 19.502151] which belongs to the cache kmalloc-16 of size 16 [ 19.503051] The buggy address is located 8 bytes inside of [ 19.503051] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.503710] [ 19.503873] The buggy address belongs to the physical page: [ 19.504080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.505555] flags: 0x200000000000000(node=0|zone=2) [ 19.505872] page_type: f5(slab) [ 19.506343] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.506758] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.507312] page dumped because: kasan: bad access detected [ 19.507636] [ 19.507841] Memory state around the buggy address: [ 19.508219] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.508674] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.509126] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.509553] ^ [ 19.510030] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.510548] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.511076] ================================================================== [ 19.444722] ================================================================== [ 19.445095] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.445389] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.445948] [ 19.446217] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.446375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.446405] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.446454] Call Trace: [ 19.446499] <TASK> [ 19.446543] dump_stack_lvl+0x73/0xb0 [ 19.446620] print_report+0xd1/0x650 [ 19.446675] ? __virt_addr_valid+0x1db/0x2d0 [ 19.446728] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.446798] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.446853] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.446905] kasan_report+0x141/0x180 [ 19.446943] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.446988] kasan_check_range+0x10c/0x1c0 [ 19.447022] __kasan_check_write+0x18/0x20 [ 19.447054] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 19.447094] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.447138] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.447176] ? trace_hardirqs_on+0x37/0xe0 [ 19.447218] ? kasan_bitops_generic+0x92/0x1c0 [ 19.447269] kasan_bitops_generic+0x121/0x1c0 [ 19.447310] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.447407] ? __pfx_read_tsc+0x10/0x10 [ 19.447471] ? ktime_get_ts64+0x86/0x230 [ 19.447529] kunit_try_run_case+0x1a5/0x480 [ 19.447588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.447648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.447725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.447793] ? __kthread_parkme+0x82/0x180 [ 19.447840] ? preempt_count_sub+0x50/0x80 [ 19.447892] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.447946] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.447991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.448036] kthread+0x337/0x6f0 [ 19.448076] ? trace_preempt_on+0x20/0xc0 [ 19.448142] ? __pfx_kthread+0x10/0x10 [ 19.448187] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.448239] ? calculate_sigpending+0x7b/0xa0 [ 19.448291] ? __pfx_kthread+0x10/0x10 [ 19.448329] ret_from_fork+0x41/0x80 [ 19.448355] ? __pfx_kthread+0x10/0x10 [ 19.448377] ret_from_fork_asm+0x1a/0x30 [ 19.448414] </TASK> [ 19.448431] [ 19.462249] Allocated by task 282: [ 19.462577] kasan_save_stack+0x45/0x70 [ 19.462938] kasan_save_track+0x18/0x40 [ 19.463353] kasan_save_alloc_info+0x3b/0x50 [ 19.463607] __kasan_kmalloc+0xb7/0xc0 [ 19.463972] __kmalloc_cache_noprof+0x189/0x420 [ 19.464204] kasan_bitops_generic+0x92/0x1c0 [ 19.464599] kunit_try_run_case+0x1a5/0x480 [ 19.465194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.465566] kthread+0x337/0x6f0 [ 19.465776] ret_from_fork+0x41/0x80 [ 19.466134] ret_from_fork_asm+0x1a/0x30 [ 19.466531] [ 19.466768] The buggy address belongs to the object at ffff888101d9a440 [ 19.466768] which belongs to the cache kmalloc-16 of size 16 [ 19.467331] The buggy address is located 8 bytes inside of [ 19.467331] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.468365] [ 19.468506] The buggy address belongs to the physical page: [ 19.469044] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.469511] flags: 0x200000000000000(node=0|zone=2) [ 19.469775] page_type: f5(slab) [ 19.470095] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.470868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.471342] page dumped because: kasan: bad access detected [ 19.471732] [ 19.471951] Memory state around the buggy address: [ 19.472396] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.472672] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.473228] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.473783] ^ [ 19.474171] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.474595] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.475822] ================================================================== [ 19.401997] ================================================================== [ 19.402531] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.403383] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.403654] [ 19.403887] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.403995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.404026] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.404074] Call Trace: [ 19.404150] <TASK> [ 19.404201] dump_stack_lvl+0x73/0xb0 [ 19.404274] print_report+0xd1/0x650 [ 19.404329] ? __virt_addr_valid+0x1db/0x2d0 [ 19.404378] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.404431] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.404484] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.404539] kasan_report+0x141/0x180 [ 19.404587] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.404656] kasan_check_range+0x10c/0x1c0 [ 19.404704] __kasan_check_write+0x18/0x20 [ 19.404762] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 19.404812] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.404861] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.404913] ? trace_hardirqs_on+0x37/0xe0 [ 19.404963] ? kasan_bitops_generic+0x92/0x1c0 [ 19.405012] kasan_bitops_generic+0x121/0x1c0 [ 19.405060] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.405142] ? __pfx_read_tsc+0x10/0x10 [ 19.405195] ? ktime_get_ts64+0x86/0x230 [ 19.405258] kunit_try_run_case+0x1a5/0x480 [ 19.405315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.405389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.405440] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.405488] ? __kthread_parkme+0x82/0x180 [ 19.405527] ? preempt_count_sub+0x50/0x80 [ 19.405575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.405626] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.405674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.405758] kthread+0x337/0x6f0 [ 19.405800] ? trace_preempt_on+0x20/0xc0 [ 19.405860] ? __pfx_kthread+0x10/0x10 [ 19.405902] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.405946] ? calculate_sigpending+0x7b/0xa0 [ 19.405992] ? __pfx_kthread+0x10/0x10 [ 19.406037] ret_from_fork+0x41/0x80 [ 19.406086] ? __pfx_kthread+0x10/0x10 [ 19.406168] ret_from_fork_asm+0x1a/0x30 [ 19.406244] </TASK> [ 19.406276] [ 19.428143] Allocated by task 282: [ 19.428494] kasan_save_stack+0x45/0x70 [ 19.428862] kasan_save_track+0x18/0x40 [ 19.429769] kasan_save_alloc_info+0x3b/0x50 [ 19.430091] __kasan_kmalloc+0xb7/0xc0 [ 19.430310] __kmalloc_cache_noprof+0x189/0x420 [ 19.430820] kasan_bitops_generic+0x92/0x1c0 [ 19.431062] kunit_try_run_case+0x1a5/0x480 [ 19.431863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.432444] kthread+0x337/0x6f0 [ 19.432725] ret_from_fork+0x41/0x80 [ 19.433310] ret_from_fork_asm+0x1a/0x30 [ 19.433522] [ 19.433668] The buggy address belongs to the object at ffff888101d9a440 [ 19.433668] which belongs to the cache kmalloc-16 of size 16 [ 19.434806] The buggy address is located 8 bytes inside of [ 19.434806] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.435845] [ 19.436035] The buggy address belongs to the physical page: [ 19.436623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.437071] flags: 0x200000000000000(node=0|zone=2) [ 19.437481] page_type: f5(slab) [ 19.437675] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.438429] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.438906] page dumped because: kasan: bad access detected [ 19.439724] [ 19.439963] Memory state around the buggy address: [ 19.440522] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.441092] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.441581] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.441909] ^ [ 19.442072] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.442665] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.443221] ================================================================== [ 19.640072] ================================================================== [ 19.640863] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.641928] Read of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.642396] [ 19.642646] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.642798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.642831] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.642882] Call Trace: [ 19.642925] <TASK> [ 19.642970] dump_stack_lvl+0x73/0xb0 [ 19.643044] print_report+0xd1/0x650 [ 19.643097] ? __virt_addr_valid+0x1db/0x2d0 [ 19.643147] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.643202] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.643254] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.643295] kasan_report+0x141/0x180 [ 19.643322] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.643353] kasan_check_range+0x10c/0x1c0 [ 19.643376] __kasan_check_read+0x15/0x20 [ 19.643397] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 19.643423] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.643449] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.643473] ? trace_hardirqs_on+0x37/0xe0 [ 19.643498] ? kasan_bitops_generic+0x92/0x1c0 [ 19.643525] kasan_bitops_generic+0x121/0x1c0 [ 19.643547] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.643571] ? __pfx_read_tsc+0x10/0x10 [ 19.643594] ? ktime_get_ts64+0x86/0x230 [ 19.643632] kunit_try_run_case+0x1a5/0x480 [ 19.643668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.643692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.643719] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.643744] ? __kthread_parkme+0x82/0x180 [ 19.644348] ? preempt_count_sub+0x50/0x80 [ 19.644418] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.644472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.644546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.644597] kthread+0x337/0x6f0 [ 19.644648] ? trace_preempt_on+0x20/0xc0 [ 19.644710] ? __pfx_kthread+0x10/0x10 [ 19.644767] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.644827] ? calculate_sigpending+0x7b/0xa0 [ 19.644872] ? __pfx_kthread+0x10/0x10 [ 19.644916] ret_from_fork+0x41/0x80 [ 19.644975] ? __pfx_kthread+0x10/0x10 [ 19.645021] ret_from_fork_asm+0x1a/0x30 [ 19.645097] </TASK> [ 19.645515] [ 19.657987] Allocated by task 282: [ 19.658560] kasan_save_stack+0x45/0x70 [ 19.658863] kasan_save_track+0x18/0x40 [ 19.659293] kasan_save_alloc_info+0x3b/0x50 [ 19.659545] __kasan_kmalloc+0xb7/0xc0 [ 19.659769] __kmalloc_cache_noprof+0x189/0x420 [ 19.660025] kasan_bitops_generic+0x92/0x1c0 [ 19.660407] kunit_try_run_case+0x1a5/0x480 [ 19.660799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.661251] kthread+0x337/0x6f0 [ 19.661567] ret_from_fork+0x41/0x80 [ 19.662050] ret_from_fork_asm+0x1a/0x30 [ 19.662444] [ 19.662668] The buggy address belongs to the object at ffff888101d9a440 [ 19.662668] which belongs to the cache kmalloc-16 of size 16 [ 19.663681] The buggy address is located 8 bytes inside of [ 19.663681] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.664763] [ 19.664982] The buggy address belongs to the physical page: [ 19.665536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.666113] flags: 0x200000000000000(node=0|zone=2) [ 19.666566] page_type: f5(slab) [ 19.666895] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.667585] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.667928] page dumped because: kasan: bad access detected [ 19.668684] [ 19.668858] Memory state around the buggy address: [ 19.669362] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.669653] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.669989] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.670299] ^ [ 19.670780] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671076] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.671466] ================================================================== [ 19.578130] ================================================================== [ 19.578674] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.579343] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.579650] [ 19.579891] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.579988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.580010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.580045] Call Trace: [ 19.580082] <TASK> [ 19.580145] dump_stack_lvl+0x73/0xb0 [ 19.580229] print_report+0xd1/0x650 [ 19.580277] ? __virt_addr_valid+0x1db/0x2d0 [ 19.580331] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.580385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.580439] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.580492] kasan_report+0x141/0x180 [ 19.580546] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.580614] kasan_check_range+0x10c/0x1c0 [ 19.580663] __kasan_check_write+0x18/0x20 [ 19.580706] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 19.580779] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.580833] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.580875] ? trace_hardirqs_on+0x37/0xe0 [ 19.581216] ? kasan_bitops_generic+0x92/0x1c0 [ 19.581287] kasan_bitops_generic+0x121/0x1c0 [ 19.581341] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.581389] ? __pfx_read_tsc+0x10/0x10 [ 19.581436] ? ktime_get_ts64+0x86/0x230 [ 19.581690] kunit_try_run_case+0x1a5/0x480 [ 19.581742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.581791] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.581830] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.581866] ? __kthread_parkme+0x82/0x180 [ 19.581900] ? preempt_count_sub+0x50/0x80 [ 19.581943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.581983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.582024] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.582070] kthread+0x337/0x6f0 [ 19.582108] ? trace_preempt_on+0x20/0xc0 [ 19.582207] ? __pfx_kthread+0x10/0x10 [ 19.582251] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.582297] ? calculate_sigpending+0x7b/0xa0 [ 19.582346] ? __pfx_kthread+0x10/0x10 [ 19.582387] ret_from_fork+0x41/0x80 [ 19.582433] ? __pfx_kthread+0x10/0x10 [ 19.582473] ret_from_fork_asm+0x1a/0x30 [ 19.582569] </TASK> [ 19.582599] [ 19.594242] Allocated by task 282: [ 19.594650] kasan_save_stack+0x45/0x70 [ 19.595009] kasan_save_track+0x18/0x40 [ 19.595486] kasan_save_alloc_info+0x3b/0x50 [ 19.595811] __kasan_kmalloc+0xb7/0xc0 [ 19.596092] __kmalloc_cache_noprof+0x189/0x420 [ 19.596405] kasan_bitops_generic+0x92/0x1c0 [ 19.596622] kunit_try_run_case+0x1a5/0x480 [ 19.596854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.597100] kthread+0x337/0x6f0 [ 19.597287] ret_from_fork+0x41/0x80 [ 19.597480] ret_from_fork_asm+0x1a/0x30 [ 19.597853] [ 19.598107] The buggy address belongs to the object at ffff888101d9a440 [ 19.598107] which belongs to the cache kmalloc-16 of size 16 [ 19.599009] The buggy address is located 8 bytes inside of [ 19.599009] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.600278] [ 19.600473] The buggy address belongs to the physical page: [ 19.600802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.601126] flags: 0x200000000000000(node=0|zone=2) [ 19.601373] page_type: f5(slab) [ 19.601613] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.602220] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.602852] page dumped because: kasan: bad access detected [ 19.603291] [ 19.603546] Memory state around the buggy address: [ 19.603974] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.604709] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.605092] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.605482] ^ [ 19.605734] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.606029] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.606314] ================================================================== [ 19.608476] ================================================================== [ 19.609146] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.610162] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.610757] [ 19.611023] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.611160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.611193] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.611242] Call Trace: [ 19.611287] <TASK> [ 19.611334] dump_stack_lvl+0x73/0xb0 [ 19.611405] print_report+0xd1/0x650 [ 19.611461] ? __virt_addr_valid+0x1db/0x2d0 [ 19.611515] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.611570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.611640] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.611698] kasan_report+0x141/0x180 [ 19.612233] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.612343] kasan_check_range+0x10c/0x1c0 [ 19.612403] __kasan_check_write+0x18/0x20 [ 19.612450] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 19.612505] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 19.612566] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.612616] ? trace_hardirqs_on+0x37/0xe0 [ 19.612669] ? kasan_bitops_generic+0x92/0x1c0 [ 19.612726] kasan_bitops_generic+0x121/0x1c0 [ 19.612787] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.612840] ? __pfx_read_tsc+0x10/0x10 [ 19.612887] ? ktime_get_ts64+0x86/0x230 [ 19.612946] kunit_try_run_case+0x1a5/0x480 [ 19.612999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.613039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.613073] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.613097] ? __kthread_parkme+0x82/0x180 [ 19.613156] ? preempt_count_sub+0x50/0x80 [ 19.613189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.613216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.613240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.613265] kthread+0x337/0x6f0 [ 19.613285] ? trace_preempt_on+0x20/0xc0 [ 19.613310] ? __pfx_kthread+0x10/0x10 [ 19.613329] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.613352] ? calculate_sigpending+0x7b/0xa0 [ 19.613377] ? __pfx_kthread+0x10/0x10 [ 19.613398] ret_from_fork+0x41/0x80 [ 19.613420] ? __pfx_kthread+0x10/0x10 [ 19.613441] ret_from_fork_asm+0x1a/0x30 [ 19.613476] </TASK> [ 19.613492] [ 19.625938] Allocated by task 282: [ 19.626307] kasan_save_stack+0x45/0x70 [ 19.626718] kasan_save_track+0x18/0x40 [ 19.627160] kasan_save_alloc_info+0x3b/0x50 [ 19.627649] __kasan_kmalloc+0xb7/0xc0 [ 19.628038] __kmalloc_cache_noprof+0x189/0x420 [ 19.628475] kasan_bitops_generic+0x92/0x1c0 [ 19.628701] kunit_try_run_case+0x1a5/0x480 [ 19.629097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.629545] kthread+0x337/0x6f0 [ 19.629883] ret_from_fork+0x41/0x80 [ 19.630165] ret_from_fork_asm+0x1a/0x30 [ 19.630485] [ 19.630701] The buggy address belongs to the object at ffff888101d9a440 [ 19.630701] which belongs to the cache kmalloc-16 of size 16 [ 19.631525] The buggy address is located 8 bytes inside of [ 19.631525] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.632319] [ 19.632464] The buggy address belongs to the physical page: [ 19.632706] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.633032] flags: 0x200000000000000(node=0|zone=2) [ 19.633607] page_type: f5(slab) [ 19.633987] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.634578] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.635284] page dumped because: kasan: bad access detected [ 19.635868] [ 19.636061] Memory state around the buggy address: [ 19.636355] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.636650] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.636952] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.637234] ^ [ 19.637555] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638162] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.638778] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 19.178598] ================================================================== [ 19.179139] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.179780] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.180386] [ 19.180575] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.180678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.180703] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.180744] Call Trace: [ 19.180792] <TASK> [ 19.180833] dump_stack_lvl+0x73/0xb0 [ 19.180887] print_report+0xd1/0x650 [ 19.180915] ? __virt_addr_valid+0x1db/0x2d0 [ 19.180943] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.180969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.181006] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181045] kasan_report+0x141/0x180 [ 19.181086] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181179] kasan_check_range+0x10c/0x1c0 [ 19.181232] __kasan_check_write+0x18/0x20 [ 19.181271] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 19.181337] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.181388] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.181432] ? trace_hardirqs_on+0x37/0xe0 [ 19.181483] ? kasan_bitops_generic+0x92/0x1c0 [ 19.181546] kasan_bitops_generic+0x116/0x1c0 [ 19.181592] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.181658] ? __pfx_read_tsc+0x10/0x10 [ 19.181700] ? ktime_get_ts64+0x86/0x230 [ 19.181762] kunit_try_run_case+0x1a5/0x480 [ 19.181817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.181865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.181925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.181991] ? __kthread_parkme+0x82/0x180 [ 19.182040] ? preempt_count_sub+0x50/0x80 [ 19.182098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.182192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.182261] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.182309] kthread+0x337/0x6f0 [ 19.182350] ? trace_preempt_on+0x20/0xc0 [ 19.182407] ? __pfx_kthread+0x10/0x10 [ 19.182453] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.182517] ? calculate_sigpending+0x7b/0xa0 [ 19.182560] ? __pfx_kthread+0x10/0x10 [ 19.182585] ret_from_fork+0x41/0x80 [ 19.182611] ? __pfx_kthread+0x10/0x10 [ 19.182631] ret_from_fork_asm+0x1a/0x30 [ 19.182668] </TASK> [ 19.182685] [ 19.194882] Allocated by task 282: [ 19.195261] kasan_save_stack+0x45/0x70 [ 19.195726] kasan_save_track+0x18/0x40 [ 19.195999] kasan_save_alloc_info+0x3b/0x50 [ 19.196427] __kasan_kmalloc+0xb7/0xc0 [ 19.196713] __kmalloc_cache_noprof+0x189/0x420 [ 19.196952] kasan_bitops_generic+0x92/0x1c0 [ 19.197228] kunit_try_run_case+0x1a5/0x480 [ 19.197633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.198084] kthread+0x337/0x6f0 [ 19.198395] ret_from_fork+0x41/0x80 [ 19.198703] ret_from_fork_asm+0x1a/0x30 [ 19.199099] [ 19.199313] The buggy address belongs to the object at ffff888101d9a440 [ 19.199313] which belongs to the cache kmalloc-16 of size 16 [ 19.199848] The buggy address is located 8 bytes inside of [ 19.199848] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.200796] [ 19.200993] The buggy address belongs to the physical page: [ 19.201354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.201817] flags: 0x200000000000000(node=0|zone=2) [ 19.202320] page_type: f5(slab) [ 19.202643] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.203048] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.203558] page dumped because: kasan: bad access detected [ 19.203940] [ 19.204158] Memory state around the buggy address: [ 19.204472] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.206825] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.207331] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.207959] ^ [ 19.208820] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209346] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.209962] ================================================================== [ 19.138517] ================================================================== [ 19.139174] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.140156] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.140522] [ 19.140781] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.140895] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.140928] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.140980] Call Trace: [ 19.141013] <TASK> [ 19.141056] dump_stack_lvl+0x73/0xb0 [ 19.141473] print_report+0xd1/0x650 [ 19.141506] ? __virt_addr_valid+0x1db/0x2d0 [ 19.141537] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141562] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.141587] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141613] kasan_report+0x141/0x180 [ 19.141638] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141668] kasan_check_range+0x10c/0x1c0 [ 19.141691] __kasan_check_write+0x18/0x20 [ 19.141713] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 19.141737] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.141784] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.141812] ? trace_hardirqs_on+0x37/0xe0 [ 19.141837] ? kasan_bitops_generic+0x92/0x1c0 [ 19.141864] kasan_bitops_generic+0x116/0x1c0 [ 19.141886] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.141910] ? __pfx_read_tsc+0x10/0x10 [ 19.141934] ? ktime_get_ts64+0x86/0x230 [ 19.141963] kunit_try_run_case+0x1a5/0x480 [ 19.141992] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.142014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.142041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.142066] ? __kthread_parkme+0x82/0x180 [ 19.142089] ? preempt_count_sub+0x50/0x80 [ 19.142143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.142172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.142197] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.142222] kthread+0x337/0x6f0 [ 19.142241] ? trace_preempt_on+0x20/0xc0 [ 19.142266] ? __pfx_kthread+0x10/0x10 [ 19.142286] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.142310] ? calculate_sigpending+0x7b/0xa0 [ 19.142335] ? __pfx_kthread+0x10/0x10 [ 19.142355] ret_from_fork+0x41/0x80 [ 19.142380] ? __pfx_kthread+0x10/0x10 [ 19.142400] ret_from_fork_asm+0x1a/0x30 [ 19.142436] </TASK> [ 19.142451] [ 19.162677] Allocated by task 282: [ 19.163097] kasan_save_stack+0x45/0x70 [ 19.163423] kasan_save_track+0x18/0x40 [ 19.163839] kasan_save_alloc_info+0x3b/0x50 [ 19.164321] __kasan_kmalloc+0xb7/0xc0 [ 19.164688] __kmalloc_cache_noprof+0x189/0x420 [ 19.165160] kasan_bitops_generic+0x92/0x1c0 [ 19.165545] kunit_try_run_case+0x1a5/0x480 [ 19.166039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.166561] kthread+0x337/0x6f0 [ 19.166821] ret_from_fork+0x41/0x80 [ 19.167164] ret_from_fork_asm+0x1a/0x30 [ 19.167469] [ 19.167677] The buggy address belongs to the object at ffff888101d9a440 [ 19.167677] which belongs to the cache kmalloc-16 of size 16 [ 19.168510] The buggy address is located 8 bytes inside of [ 19.168510] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.169642] [ 19.169937] The buggy address belongs to the physical page: [ 19.170491] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.170881] flags: 0x200000000000000(node=0|zone=2) [ 19.171189] page_type: f5(slab) [ 19.171421] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.172083] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.172431] page dumped because: kasan: bad access detected [ 19.172792] [ 19.172971] Memory state around the buggy address: [ 19.173443] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.173905] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.174411] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.174906] ^ [ 19.175355] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.175766] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.176256] ================================================================== [ 19.309732] ================================================================== [ 19.310169] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.310532] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.312296] [ 19.312568] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.312690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.312717] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.312772] Call Trace: [ 19.312812] <TASK> [ 19.312846] dump_stack_lvl+0x73/0xb0 [ 19.312914] print_report+0xd1/0x650 [ 19.312952] ? __virt_addr_valid+0x1db/0x2d0 [ 19.312990] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313026] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.313063] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313100] kasan_report+0x141/0x180 [ 19.313139] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313237] kasan_check_range+0x10c/0x1c0 [ 19.313291] __kasan_check_write+0x18/0x20 [ 19.313338] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 19.313391] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.313440] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.313490] ? trace_hardirqs_on+0x37/0xe0 [ 19.313543] ? kasan_bitops_generic+0x92/0x1c0 [ 19.313598] kasan_bitops_generic+0x116/0x1c0 [ 19.313636] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.313662] ? __pfx_read_tsc+0x10/0x10 [ 19.313687] ? ktime_get_ts64+0x86/0x230 [ 19.313715] kunit_try_run_case+0x1a5/0x480 [ 19.313744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.313799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.313827] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.313853] ? __kthread_parkme+0x82/0x180 [ 19.313878] ? preempt_count_sub+0x50/0x80 [ 19.313905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.313931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.313956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.313980] kthread+0x337/0x6f0 [ 19.313999] ? trace_preempt_on+0x20/0xc0 [ 19.314023] ? __pfx_kthread+0x10/0x10 [ 19.314043] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.314065] ? calculate_sigpending+0x7b/0xa0 [ 19.314089] ? __pfx_kthread+0x10/0x10 [ 19.314147] ret_from_fork+0x41/0x80 [ 19.314178] ? __pfx_kthread+0x10/0x10 [ 19.314199] ret_from_fork_asm+0x1a/0x30 [ 19.314236] </TASK> [ 19.314251] [ 19.328691] Allocated by task 282: [ 19.329058] kasan_save_stack+0x45/0x70 [ 19.329446] kasan_save_track+0x18/0x40 [ 19.329802] kasan_save_alloc_info+0x3b/0x50 [ 19.330314] __kasan_kmalloc+0xb7/0xc0 [ 19.330714] __kmalloc_cache_noprof+0x189/0x420 [ 19.331172] kasan_bitops_generic+0x92/0x1c0 [ 19.331678] kunit_try_run_case+0x1a5/0x480 [ 19.332162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.332616] kthread+0x337/0x6f0 [ 19.332920] ret_from_fork+0x41/0x80 [ 19.333237] ret_from_fork_asm+0x1a/0x30 [ 19.333566] [ 19.333816] The buggy address belongs to the object at ffff888101d9a440 [ 19.333816] which belongs to the cache kmalloc-16 of size 16 [ 19.334611] The buggy address is located 8 bytes inside of [ 19.334611] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.335322] [ 19.335596] The buggy address belongs to the physical page: [ 19.336085] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.336450] flags: 0x200000000000000(node=0|zone=2) [ 19.336875] page_type: f5(slab) [ 19.337226] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.337629] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.338299] page dumped because: kasan: bad access detected [ 19.338566] [ 19.338781] Memory state around the buggy address: [ 19.339135] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.339734] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.340076] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.340664] ^ [ 19.341074] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.341489] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.342031] ================================================================== [ 19.372816] ================================================================== [ 19.373542] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.374260] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.374856] [ 19.375083] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.375243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.375271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.375325] Call Trace: [ 19.375380] <TASK> [ 19.375426] dump_stack_lvl+0x73/0xb0 [ 19.375501] print_report+0xd1/0x650 [ 19.375561] ? __virt_addr_valid+0x1db/0x2d0 [ 19.375638] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375690] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.375738] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375800] kasan_report+0x141/0x180 [ 19.375860] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.375939] kasan_check_range+0x10c/0x1c0 [ 19.375984] __kasan_check_write+0x18/0x20 [ 19.376031] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 19.376084] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.376178] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.376226] ? trace_hardirqs_on+0x37/0xe0 [ 19.376277] ? kasan_bitops_generic+0x92/0x1c0 [ 19.376340] kasan_bitops_generic+0x116/0x1c0 [ 19.376406] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.376453] ? __pfx_read_tsc+0x10/0x10 [ 19.376496] ? ktime_get_ts64+0x86/0x230 [ 19.376553] kunit_try_run_case+0x1a5/0x480 [ 19.376615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.376677] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.376733] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.376793] ? __kthread_parkme+0x82/0x180 [ 19.376852] ? preempt_count_sub+0x50/0x80 [ 19.376926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.376982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.377036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.377090] kthread+0x337/0x6f0 [ 19.377177] ? trace_preempt_on+0x20/0xc0 [ 19.377240] ? __pfx_kthread+0x10/0x10 [ 19.377299] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.377327] ? calculate_sigpending+0x7b/0xa0 [ 19.377354] ? __pfx_kthread+0x10/0x10 [ 19.377390] ret_from_fork+0x41/0x80 [ 19.377435] ? __pfx_kthread+0x10/0x10 [ 19.377467] ret_from_fork_asm+0x1a/0x30 [ 19.377529] </TASK> [ 19.377555] [ 19.388377] Allocated by task 282: [ 19.388773] kasan_save_stack+0x45/0x70 [ 19.389192] kasan_save_track+0x18/0x40 [ 19.389515] kasan_save_alloc_info+0x3b/0x50 [ 19.389809] __kasan_kmalloc+0xb7/0xc0 [ 19.390016] __kmalloc_cache_noprof+0x189/0x420 [ 19.390282] kasan_bitops_generic+0x92/0x1c0 [ 19.390672] kunit_try_run_case+0x1a5/0x480 [ 19.391078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.391541] kthread+0x337/0x6f0 [ 19.391888] ret_from_fork+0x41/0x80 [ 19.392277] ret_from_fork_asm+0x1a/0x30 [ 19.392577] [ 19.392710] The buggy address belongs to the object at ffff888101d9a440 [ 19.392710] which belongs to the cache kmalloc-16 of size 16 [ 19.393193] The buggy address is located 8 bytes inside of [ 19.393193] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.393621] [ 19.393763] The buggy address belongs to the physical page: [ 19.394248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.394897] flags: 0x200000000000000(node=0|zone=2) [ 19.395359] page_type: f5(slab) [ 19.395711] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.396357] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.396980] page dumped because: kasan: bad access detected [ 19.397461] [ 19.397671] Memory state around the buggy address: [ 19.397972] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.398427] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.398877] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.399365] ^ [ 19.399635] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.400161] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.400728] ================================================================== [ 19.243555] ================================================================== [ 19.244068] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.244728] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.246237] [ 19.246526] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.246639] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.246669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.246714] Call Trace: [ 19.246768] <TASK> [ 19.246814] dump_stack_lvl+0x73/0xb0 [ 19.246899] print_report+0xd1/0x650 [ 19.246956] ? __virt_addr_valid+0x1db/0x2d0 [ 19.247013] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247066] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.247550] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247646] kasan_report+0x141/0x180 [ 19.247692] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247739] kasan_check_range+0x10c/0x1c0 [ 19.247789] __kasan_check_write+0x18/0x20 [ 19.247822] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 19.247858] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.247896] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.247932] ? trace_hardirqs_on+0x37/0xe0 [ 19.247968] ? kasan_bitops_generic+0x92/0x1c0 [ 19.248010] kasan_bitops_generic+0x116/0x1c0 [ 19.248047] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.248086] ? __pfx_read_tsc+0x10/0x10 [ 19.248124] ? ktime_get_ts64+0x86/0x230 [ 19.248170] kunit_try_run_case+0x1a5/0x480 [ 19.248207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248232] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.248260] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.248285] ? __kthread_parkme+0x82/0x180 [ 19.248309] ? preempt_count_sub+0x50/0x80 [ 19.248337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.248363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.248388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.248412] kthread+0x337/0x6f0 [ 19.248431] ? trace_preempt_on+0x20/0xc0 [ 19.248455] ? __pfx_kthread+0x10/0x10 [ 19.248476] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.248498] ? calculate_sigpending+0x7b/0xa0 [ 19.248523] ? __pfx_kthread+0x10/0x10 [ 19.248543] ret_from_fork+0x41/0x80 [ 19.248566] ? __pfx_kthread+0x10/0x10 [ 19.248585] ret_from_fork_asm+0x1a/0x30 [ 19.248622] </TASK> [ 19.248637] [ 19.262894] Allocated by task 282: [ 19.263486] kasan_save_stack+0x45/0x70 [ 19.263945] kasan_save_track+0x18/0x40 [ 19.264413] kasan_save_alloc_info+0x3b/0x50 [ 19.264909] __kasan_kmalloc+0xb7/0xc0 [ 19.265293] __kmalloc_cache_noprof+0x189/0x420 [ 19.265529] kasan_bitops_generic+0x92/0x1c0 [ 19.265695] kunit_try_run_case+0x1a5/0x480 [ 19.265944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.266862] kthread+0x337/0x6f0 [ 19.267461] ret_from_fork+0x41/0x80 [ 19.267695] ret_from_fork_asm+0x1a/0x30 [ 19.267909] [ 19.268028] The buggy address belongs to the object at ffff888101d9a440 [ 19.268028] which belongs to the cache kmalloc-16 of size 16 [ 19.269449] The buggy address is located 8 bytes inside of [ 19.269449] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.270486] [ 19.270642] The buggy address belongs to the physical page: [ 19.271093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.271914] flags: 0x200000000000000(node=0|zone=2) [ 19.272418] page_type: f5(slab) [ 19.272608] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.272930] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.274063] page dumped because: kasan: bad access detected [ 19.274384] [ 19.274504] Memory state around the buggy address: [ 19.274823] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.275643] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.276459] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.276825] ^ [ 19.277286] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278234] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.278600] ================================================================== [ 19.343645] ================================================================== [ 19.344418] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.344957] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.345496] [ 19.345693] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.345840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.345867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.345920] Call Trace: [ 19.345971] <TASK> [ 19.346007] dump_stack_lvl+0x73/0xb0 [ 19.346066] print_report+0xd1/0x650 [ 19.346139] ? __virt_addr_valid+0x1db/0x2d0 [ 19.346191] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346239] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.346290] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346337] kasan_report+0x141/0x180 [ 19.346384] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346448] kasan_check_range+0x10c/0x1c0 [ 19.346495] __kasan_check_write+0x18/0x20 [ 19.346543] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 19.346596] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.346652] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.346688] ? trace_hardirqs_on+0x37/0xe0 [ 19.346768] ? kasan_bitops_generic+0x92/0x1c0 [ 19.346811] kasan_bitops_generic+0x116/0x1c0 [ 19.346844] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.346879] ? __pfx_read_tsc+0x10/0x10 [ 19.346914] ? ktime_get_ts64+0x86/0x230 [ 19.346960] kunit_try_run_case+0x1a5/0x480 [ 19.347012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.347054] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.347141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.347197] ? __kthread_parkme+0x82/0x180 [ 19.347249] ? preempt_count_sub+0x50/0x80 [ 19.347309] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.347365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.347417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.347468] kthread+0x337/0x6f0 [ 19.347509] ? trace_preempt_on+0x20/0xc0 [ 19.347562] ? __pfx_kthread+0x10/0x10 [ 19.347598] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.347650] ? calculate_sigpending+0x7b/0xa0 [ 19.347688] ? __pfx_kthread+0x10/0x10 [ 19.347711] ret_from_fork+0x41/0x80 [ 19.347735] ? __pfx_kthread+0x10/0x10 [ 19.347782] ret_from_fork_asm+0x1a/0x30 [ 19.347821] </TASK> [ 19.347837] [ 19.359367] Allocated by task 282: [ 19.359781] kasan_save_stack+0x45/0x70 [ 19.360156] kasan_save_track+0x18/0x40 [ 19.360370] kasan_save_alloc_info+0x3b/0x50 [ 19.360702] __kasan_kmalloc+0xb7/0xc0 [ 19.361071] __kmalloc_cache_noprof+0x189/0x420 [ 19.361505] kasan_bitops_generic+0x92/0x1c0 [ 19.361887] kunit_try_run_case+0x1a5/0x480 [ 19.362211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.362610] kthread+0x337/0x6f0 [ 19.362938] ret_from_fork+0x41/0x80 [ 19.363324] ret_from_fork_asm+0x1a/0x30 [ 19.363587] [ 19.363733] The buggy address belongs to the object at ffff888101d9a440 [ 19.363733] which belongs to the cache kmalloc-16 of size 16 [ 19.364231] The buggy address is located 8 bytes inside of [ 19.364231] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.364655] [ 19.364813] The buggy address belongs to the physical page: [ 19.365372] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.366064] flags: 0x200000000000000(node=0|zone=2) [ 19.366518] page_type: f5(slab) [ 19.366841] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.367488] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.368151] page dumped because: kasan: bad access detected [ 19.368503] [ 19.368711] Memory state around the buggy address: [ 19.369012] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.369525] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.369969] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.370417] ^ [ 19.370862] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371314] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371599] ================================================================== [ 19.211716] ================================================================== [ 19.212483] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.213304] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.213995] [ 19.214293] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.214408] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.214438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.214482] Call Trace: [ 19.214532] <TASK> [ 19.214590] dump_stack_lvl+0x73/0xb0 [ 19.214664] print_report+0xd1/0x650 [ 19.214716] ? __virt_addr_valid+0x1db/0x2d0 [ 19.214775] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.214833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.214902] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.214948] kasan_report+0x141/0x180 [ 19.214994] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.215054] kasan_check_range+0x10c/0x1c0 [ 19.215140] __kasan_check_write+0x18/0x20 [ 19.215205] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 19.215253] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.215291] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.215319] ? trace_hardirqs_on+0x37/0xe0 [ 19.215345] ? kasan_bitops_generic+0x92/0x1c0 [ 19.215372] kasan_bitops_generic+0x116/0x1c0 [ 19.215397] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.215435] ? __pfx_read_tsc+0x10/0x10 [ 19.215473] ? ktime_get_ts64+0x86/0x230 [ 19.215506] kunit_try_run_case+0x1a5/0x480 [ 19.215535] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.215558] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.215585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.215610] ? __kthread_parkme+0x82/0x180 [ 19.215654] ? preempt_count_sub+0x50/0x80 [ 19.215683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.215710] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.215734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.215782] kthread+0x337/0x6f0 [ 19.215805] ? trace_preempt_on+0x20/0xc0 [ 19.215829] ? __pfx_kthread+0x10/0x10 [ 19.215849] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.215872] ? calculate_sigpending+0x7b/0xa0 [ 19.215896] ? __pfx_kthread+0x10/0x10 [ 19.215917] ret_from_fork+0x41/0x80 [ 19.215940] ? __pfx_kthread+0x10/0x10 [ 19.215961] ret_from_fork_asm+0x1a/0x30 [ 19.215997] </TASK> [ 19.216012] [ 19.230573] Allocated by task 282: [ 19.230859] kasan_save_stack+0x45/0x70 [ 19.231294] kasan_save_track+0x18/0x40 [ 19.231562] kasan_save_alloc_info+0x3b/0x50 [ 19.231800] __kasan_kmalloc+0xb7/0xc0 [ 19.232136] __kmalloc_cache_noprof+0x189/0x420 [ 19.232529] kasan_bitops_generic+0x92/0x1c0 [ 19.232933] kunit_try_run_case+0x1a5/0x480 [ 19.233329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.233571] kthread+0x337/0x6f0 [ 19.233763] ret_from_fork+0x41/0x80 [ 19.233958] ret_from_fork_asm+0x1a/0x30 [ 19.234246] [ 19.234381] The buggy address belongs to the object at ffff888101d9a440 [ 19.234381] which belongs to the cache kmalloc-16 of size 16 [ 19.235088] The buggy address is located 8 bytes inside of [ 19.235088] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.235783] [ 19.235918] The buggy address belongs to the physical page: [ 19.236397] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.236844] flags: 0x200000000000000(node=0|zone=2) [ 19.237243] page_type: f5(slab) [ 19.237453] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.238021] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.238382] page dumped because: kasan: bad access detected [ 19.238769] [ 19.238950] Memory state around the buggy address: [ 19.239387] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.239788] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.240240] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.240760] ^ [ 19.241130] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241531] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.241890] ================================================================== [ 19.280698] ================================================================== [ 19.281454] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.282132] Write of size 8 at addr ffff888101d9a448 by task kunit_try_catch/282 [ 19.282797] [ 19.282995] CPU: 1 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.283083] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.283100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.283139] Call Trace: [ 19.283165] <TASK> [ 19.283191] dump_stack_lvl+0x73/0xb0 [ 19.283237] print_report+0xd1/0x650 [ 19.283263] ? __virt_addr_valid+0x1db/0x2d0 [ 19.283289] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283314] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.283339] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283363] kasan_report+0x141/0x180 [ 19.283388] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283417] kasan_check_range+0x10c/0x1c0 [ 19.283440] __kasan_check_write+0x18/0x20 [ 19.283462] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 19.283486] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 19.283511] ? __kmalloc_cache_noprof+0x189/0x420 [ 19.283535] ? trace_hardirqs_on+0x37/0xe0 [ 19.283561] ? kasan_bitops_generic+0x92/0x1c0 [ 19.283587] kasan_bitops_generic+0x116/0x1c0 [ 19.283609] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 19.283647] ? __pfx_read_tsc+0x10/0x10 [ 19.283673] ? ktime_get_ts64+0x86/0x230 [ 19.283701] kunit_try_run_case+0x1a5/0x480 [ 19.283730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.283765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.283795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.283820] ? __kthread_parkme+0x82/0x180 [ 19.283844] ? preempt_count_sub+0x50/0x80 [ 19.283872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.283897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.283922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.283946] kthread+0x337/0x6f0 [ 19.283965] ? trace_preempt_on+0x20/0xc0 [ 19.283990] ? __pfx_kthread+0x10/0x10 [ 19.284010] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.284032] ? calculate_sigpending+0x7b/0xa0 [ 19.284056] ? __pfx_kthread+0x10/0x10 [ 19.284077] ret_from_fork+0x41/0x80 [ 19.284103] ? __pfx_kthread+0x10/0x10 [ 19.284140] ret_from_fork_asm+0x1a/0x30 [ 19.284196] </TASK> [ 19.284219] [ 19.296436] Allocated by task 282: [ 19.296852] kasan_save_stack+0x45/0x70 [ 19.297248] kasan_save_track+0x18/0x40 [ 19.297558] kasan_save_alloc_info+0x3b/0x50 [ 19.297778] __kasan_kmalloc+0xb7/0xc0 [ 19.298055] __kmalloc_cache_noprof+0x189/0x420 [ 19.298463] kasan_bitops_generic+0x92/0x1c0 [ 19.298840] kunit_try_run_case+0x1a5/0x480 [ 19.299085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.299365] kthread+0x337/0x6f0 [ 19.299551] ret_from_fork+0x41/0x80 [ 19.299906] ret_from_fork_asm+0x1a/0x30 [ 19.300291] [ 19.300491] The buggy address belongs to the object at ffff888101d9a440 [ 19.300491] which belongs to the cache kmalloc-16 of size 16 [ 19.301171] The buggy address is located 8 bytes inside of [ 19.301171] allocated 9-byte region [ffff888101d9a440, ffff888101d9a449) [ 19.302031] [ 19.302233] The buggy address belongs to the physical page: [ 19.302577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 19.303151] flags: 0x200000000000000(node=0|zone=2) [ 19.303453] page_type: f5(slab) [ 19.303705] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.304177] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.304480] page dumped because: kasan: bad access detected [ 19.304776] [ 19.304957] Memory state around the buggy address: [ 19.305403] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 19.305953] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.306527] >ffff888101d9a400: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 19.306817] ^ [ 19.307298] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.307722] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.308191] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 19.097606] ================================================================== [ 19.098046] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 19.098454] Read of size 1 at addr ffff888101e064d0 by task kunit_try_catch/280 [ 19.099045] [ 19.099279] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.099470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.099501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.099564] Call Trace: [ 19.099602] <TASK> [ 19.099666] dump_stack_lvl+0x73/0xb0 [ 19.099736] print_report+0xd1/0x650 [ 19.099798] ? __virt_addr_valid+0x1db/0x2d0 [ 19.099854] ? strnlen+0x73/0x80 [ 19.099935] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.100012] ? strnlen+0x73/0x80 [ 19.100067] kasan_report+0x141/0x180 [ 19.100121] ? strnlen+0x73/0x80 [ 19.100277] __asan_report_load1_noabort+0x18/0x20 [ 19.100312] strnlen+0x73/0x80 [ 19.100336] kasan_strings+0x615/0xe80 [ 19.100358] ? trace_hardirqs_on+0x37/0xe0 [ 19.100386] ? __pfx_kasan_strings+0x10/0x10 [ 19.100409] ? finish_task_switch.isra.0+0x153/0x700 [ 19.100434] ? __switch_to+0x5d9/0xf60 [ 19.100457] ? dequeue_task_fair+0x166/0x4e0 [ 19.100484] ? __schedule+0x10cc/0x2b30 [ 19.100509] ? __pfx_read_tsc+0x10/0x10 [ 19.100530] ? ktime_get_ts64+0x86/0x230 [ 19.100559] kunit_try_run_case+0x1a5/0x480 [ 19.100586] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.100609] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.100635] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.100660] ? __kthread_parkme+0x82/0x180 [ 19.100683] ? preempt_count_sub+0x50/0x80 [ 19.100710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.100735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.100786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.100813] kthread+0x337/0x6f0 [ 19.100834] ? trace_preempt_on+0x20/0xc0 [ 19.100858] ? __pfx_kthread+0x10/0x10 [ 19.100879] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.100903] ? calculate_sigpending+0x7b/0xa0 [ 19.100927] ? __pfx_kthread+0x10/0x10 [ 19.100948] ret_from_fork+0x41/0x80 [ 19.100971] ? __pfx_kthread+0x10/0x10 [ 19.100992] ret_from_fork_asm+0x1a/0x30 [ 19.101028] </TASK> [ 19.101043] [ 19.114393] Allocated by task 280: [ 19.114856] kasan_save_stack+0x45/0x70 [ 19.115311] kasan_save_track+0x18/0x40 [ 19.115716] kasan_save_alloc_info+0x3b/0x50 [ 19.116015] __kasan_kmalloc+0xb7/0xc0 [ 19.116317] __kmalloc_cache_noprof+0x189/0x420 [ 19.116561] kasan_strings+0xc0/0xe80 [ 19.116772] kunit_try_run_case+0x1a5/0x480 [ 19.117011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.117510] kthread+0x337/0x6f0 [ 19.117877] ret_from_fork+0x41/0x80 [ 19.118251] ret_from_fork_asm+0x1a/0x30 [ 19.118630] [ 19.118824] Freed by task 280: [ 19.119166] kasan_save_stack+0x45/0x70 [ 19.119464] kasan_save_track+0x18/0x40 [ 19.119762] kasan_save_free_info+0x3f/0x60 [ 19.120151] __kasan_slab_free+0x56/0x70 [ 19.120510] kfree+0x222/0x3f0 [ 19.120720] kasan_strings+0x2aa/0xe80 [ 19.120921] kunit_try_run_case+0x1a5/0x480 [ 19.121173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.121425] kthread+0x337/0x6f0 [ 19.121710] ret_from_fork+0x41/0x80 [ 19.122050] ret_from_fork_asm+0x1a/0x30 [ 19.122460] [ 19.122661] The buggy address belongs to the object at ffff888101e064c0 [ 19.122661] which belongs to the cache kmalloc-32 of size 32 [ 19.123655] The buggy address is located 16 bytes inside of [ 19.123655] freed 32-byte region [ffff888101e064c0, ffff888101e064e0) [ 19.124554] [ 19.124741] The buggy address belongs to the physical page: [ 19.125166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e06 [ 19.125632] flags: 0x200000000000000(node=0|zone=2) [ 19.126061] page_type: f5(slab) [ 19.126422] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.127009] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.127420] page dumped because: kasan: bad access detected [ 19.127670] [ 19.127823] Memory state around the buggy address: [ 19.128268] ffff888101e06380: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.128828] ffff888101e06400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.129415] >ffff888101e06480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.129904] ^ [ 19.130226] ffff888101e06500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.130519] ffff888101e06580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.131088] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 19.056811] ================================================================== [ 19.057421] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 19.057762] Read of size 1 at addr ffff888101e064d0 by task kunit_try_catch/280 [ 19.058447] [ 19.058675] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.058787] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.058815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.058861] Call Trace: [ 19.058899] <TASK> [ 19.058941] dump_stack_lvl+0x73/0xb0 [ 19.059098] print_report+0xd1/0x650 [ 19.059217] ? __virt_addr_valid+0x1db/0x2d0 [ 19.059288] ? strlen+0x8f/0xb0 [ 19.059332] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.059389] ? strlen+0x8f/0xb0 [ 19.059434] kasan_report+0x141/0x180 [ 19.059481] ? strlen+0x8f/0xb0 [ 19.059527] __asan_report_load1_noabort+0x18/0x20 [ 19.059572] strlen+0x8f/0xb0 [ 19.059607] kasan_strings+0x57b/0xe80 [ 19.059653] ? trace_hardirqs_on+0x37/0xe0 [ 19.059684] ? __pfx_kasan_strings+0x10/0x10 [ 19.059708] ? finish_task_switch.isra.0+0x153/0x700 [ 19.059742] ? __switch_to+0x5d9/0xf60 [ 19.059798] ? dequeue_task_fair+0x166/0x4e0 [ 19.059848] ? __schedule+0x10cc/0x2b30 [ 19.059896] ? __pfx_read_tsc+0x10/0x10 [ 19.059935] ? ktime_get_ts64+0x86/0x230 [ 19.060048] kunit_try_run_case+0x1a5/0x480 [ 19.060159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.060223] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.060279] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.060331] ? __kthread_parkme+0x82/0x180 [ 19.060380] ? preempt_count_sub+0x50/0x80 [ 19.060419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.060446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.060472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.060497] kthread+0x337/0x6f0 [ 19.060516] ? trace_preempt_on+0x20/0xc0 [ 19.060542] ? __pfx_kthread+0x10/0x10 [ 19.060562] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.060585] ? calculate_sigpending+0x7b/0xa0 [ 19.060610] ? __pfx_kthread+0x10/0x10 [ 19.060631] ret_from_fork+0x41/0x80 [ 19.060655] ? __pfx_kthread+0x10/0x10 [ 19.060674] ret_from_fork_asm+0x1a/0x30 [ 19.060710] </TASK> [ 19.060726] [ 19.075559] Allocated by task 280: [ 19.076065] kasan_save_stack+0x45/0x70 [ 19.076440] kasan_save_track+0x18/0x40 [ 19.076647] kasan_save_alloc_info+0x3b/0x50 [ 19.076868] __kasan_kmalloc+0xb7/0xc0 [ 19.077076] __kmalloc_cache_noprof+0x189/0x420 [ 19.077789] kasan_strings+0xc0/0xe80 [ 19.078364] kunit_try_run_case+0x1a5/0x480 [ 19.078669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.079099] kthread+0x337/0x6f0 [ 19.079679] ret_from_fork+0x41/0x80 [ 19.080013] ret_from_fork_asm+0x1a/0x30 [ 19.080562] [ 19.080761] Freed by task 280: [ 19.081095] kasan_save_stack+0x45/0x70 [ 19.081541] kasan_save_track+0x18/0x40 [ 19.081820] kasan_save_free_info+0x3f/0x60 [ 19.082069] __kasan_slab_free+0x56/0x70 [ 19.082475] kfree+0x222/0x3f0 [ 19.082669] kasan_strings+0x2aa/0xe80 [ 19.083051] kunit_try_run_case+0x1a5/0x480 [ 19.083480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.083740] kthread+0x337/0x6f0 [ 19.084339] ret_from_fork+0x41/0x80 [ 19.084876] ret_from_fork_asm+0x1a/0x30 [ 19.085421] [ 19.085552] The buggy address belongs to the object at ffff888101e064c0 [ 19.085552] which belongs to the cache kmalloc-32 of size 32 [ 19.086323] The buggy address is located 16 bytes inside of [ 19.086323] freed 32-byte region [ffff888101e064c0, ffff888101e064e0) [ 19.087514] [ 19.087663] The buggy address belongs to the physical page: [ 19.088492] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e06 [ 19.089250] flags: 0x200000000000000(node=0|zone=2) [ 19.089625] page_type: f5(slab) [ 19.090141] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.090587] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.091245] page dumped because: kasan: bad access detected [ 19.091858] [ 19.091979] Memory state around the buggy address: [ 19.092307] ffff888101e06380: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.092954] ffff888101e06400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.093532] >ffff888101e06480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.094077] ^ [ 19.094381] ffff888101e06500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.094867] ffff888101e06580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.095195] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 19.017677] ================================================================== [ 19.018310] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 19.019985] Read of size 1 at addr ffff888101e064d0 by task kunit_try_catch/280 [ 19.021075] [ 19.021433] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 19.021728] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.021775] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.021814] Call Trace: [ 19.021851] <TASK> [ 19.021888] dump_stack_lvl+0x73/0xb0 [ 19.021959] print_report+0xd1/0x650 [ 19.022000] ? __virt_addr_valid+0x1db/0x2d0 [ 19.022041] ? kasan_strings+0xcbc/0xe80 [ 19.022075] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.022111] ? kasan_strings+0xcbc/0xe80 [ 19.022210] kasan_report+0x141/0x180 [ 19.022272] ? kasan_strings+0xcbc/0xe80 [ 19.022331] __asan_report_load1_noabort+0x18/0x20 [ 19.022396] kasan_strings+0xcbc/0xe80 [ 19.022435] ? trace_hardirqs_on+0x37/0xe0 [ 19.022474] ? __pfx_kasan_strings+0x10/0x10 [ 19.022508] ? finish_task_switch.isra.0+0x153/0x700 [ 19.022545] ? __switch_to+0x5d9/0xf60 [ 19.022577] ? dequeue_task_fair+0x166/0x4e0 [ 19.022616] ? __schedule+0x10cc/0x2b30 [ 19.022652] ? __pfx_read_tsc+0x10/0x10 [ 19.022685] ? ktime_get_ts64+0x86/0x230 [ 19.022726] kunit_try_run_case+0x1a5/0x480 [ 19.022786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.022822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.022850] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.022874] ? __kthread_parkme+0x82/0x180 [ 19.022899] ? preempt_count_sub+0x50/0x80 [ 19.022924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.022950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.022975] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.023003] kthread+0x337/0x6f0 [ 19.023023] ? trace_preempt_on+0x20/0xc0 [ 19.023050] ? __pfx_kthread+0x10/0x10 [ 19.023070] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.023094] ? calculate_sigpending+0x7b/0xa0 [ 19.023128] ? __pfx_kthread+0x10/0x10 [ 19.023175] ret_from_fork+0x41/0x80 [ 19.023201] ? __pfx_kthread+0x10/0x10 [ 19.023221] ret_from_fork_asm+0x1a/0x30 [ 19.023257] </TASK> [ 19.023272] [ 19.035920] Allocated by task 280: [ 19.036512] kasan_save_stack+0x45/0x70 [ 19.036967] kasan_save_track+0x18/0x40 [ 19.037413] kasan_save_alloc_info+0x3b/0x50 [ 19.037640] __kasan_kmalloc+0xb7/0xc0 [ 19.037854] __kmalloc_cache_noprof+0x189/0x420 [ 19.038318] kasan_strings+0xc0/0xe80 [ 19.038694] kunit_try_run_case+0x1a5/0x480 [ 19.039174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.039605] kthread+0x337/0x6f0 [ 19.039939] ret_from_fork+0x41/0x80 [ 19.040310] ret_from_fork_asm+0x1a/0x30 [ 19.040534] [ 19.040664] Freed by task 280: [ 19.040942] kasan_save_stack+0x45/0x70 [ 19.041391] kasan_save_track+0x18/0x40 [ 19.041861] kasan_save_free_info+0x3f/0x60 [ 19.042307] __kasan_slab_free+0x56/0x70 [ 19.042670] kfree+0x222/0x3f0 [ 19.042921] kasan_strings+0x2aa/0xe80 [ 19.043161] kunit_try_run_case+0x1a5/0x480 [ 19.043387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.043902] kthread+0x337/0x6f0 [ 19.044350] ret_from_fork+0x41/0x80 [ 19.044788] ret_from_fork_asm+0x1a/0x30 [ 19.045183] [ 19.045376] The buggy address belongs to the object at ffff888101e064c0 [ 19.045376] which belongs to the cache kmalloc-32 of size 32 [ 19.046250] The buggy address is located 16 bytes inside of [ 19.046250] freed 32-byte region [ffff888101e064c0, ffff888101e064e0) [ 19.046958] [ 19.047132] The buggy address belongs to the physical page: [ 19.047516] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e06 [ 19.048347] flags: 0x200000000000000(node=0|zone=2) [ 19.048807] page_type: f5(slab) [ 19.049146] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.049461] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.050099] page dumped because: kasan: bad access detected [ 19.050633] [ 19.050855] Memory state around the buggy address: [ 19.051188] ffff888101e06380: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.051478] ffff888101e06400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.052067] >ffff888101e06480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.052712] ^ [ 19.053191] ffff888101e06500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.053487] ffff888101e06580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.054078] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 18.978161] ================================================================== [ 18.979338] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 18.980309] Read of size 1 at addr ffff888101e064d0 by task kunit_try_catch/280 [ 18.980652] [ 18.980829] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.980939] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.980965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.981008] Call Trace: [ 18.981034] <TASK> [ 18.981074] dump_stack_lvl+0x73/0xb0 [ 18.981141] print_report+0xd1/0x650 [ 18.981191] ? __virt_addr_valid+0x1db/0x2d0 [ 18.981242] ? strcmp+0xb0/0xc0 [ 18.981277] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.981328] ? strcmp+0xb0/0xc0 [ 18.981368] kasan_report+0x141/0x180 [ 18.981419] ? strcmp+0xb0/0xc0 [ 18.981465] __asan_report_load1_noabort+0x18/0x20 [ 18.981508] strcmp+0xb0/0xc0 [ 18.981550] kasan_strings+0x431/0xe80 [ 18.981587] ? trace_hardirqs_on+0x37/0xe0 [ 18.981634] ? __pfx_kasan_strings+0x10/0x10 [ 18.981674] ? finish_task_switch.isra.0+0x153/0x700 [ 18.981720] ? __switch_to+0x5d9/0xf60 [ 18.981780] ? dequeue_task_fair+0x166/0x4e0 [ 18.981836] ? __schedule+0x10cc/0x2b30 [ 18.981890] ? __pfx_read_tsc+0x10/0x10 [ 18.981936] ? ktime_get_ts64+0x86/0x230 [ 18.981992] kunit_try_run_case+0x1a5/0x480 [ 18.982039] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.982064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.982091] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.982126] ? __kthread_parkme+0x82/0x180 [ 18.982160] ? preempt_count_sub+0x50/0x80 [ 18.982187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.982212] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.982237] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.982261] kthread+0x337/0x6f0 [ 18.982281] ? trace_preempt_on+0x20/0xc0 [ 18.982305] ? __pfx_kthread+0x10/0x10 [ 18.982326] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.982349] ? calculate_sigpending+0x7b/0xa0 [ 18.982373] ? __pfx_kthread+0x10/0x10 [ 18.982394] ret_from_fork+0x41/0x80 [ 18.982417] ? __pfx_kthread+0x10/0x10 [ 18.982438] ret_from_fork_asm+0x1a/0x30 [ 18.982472] </TASK> [ 18.982488] [ 18.997023] Allocated by task 280: [ 18.997670] kasan_save_stack+0x45/0x70 [ 18.997953] kasan_save_track+0x18/0x40 [ 18.998464] kasan_save_alloc_info+0x3b/0x50 [ 18.998815] __kasan_kmalloc+0xb7/0xc0 [ 18.999032] __kmalloc_cache_noprof+0x189/0x420 [ 18.999755] kasan_strings+0xc0/0xe80 [ 19.000104] kunit_try_run_case+0x1a5/0x480 [ 19.000606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.000839] kthread+0x337/0x6f0 [ 19.001041] ret_from_fork+0x41/0x80 [ 19.001696] ret_from_fork_asm+0x1a/0x30 [ 19.002050] [ 19.002362] Freed by task 280: [ 19.002560] kasan_save_stack+0x45/0x70 [ 19.002731] kasan_save_track+0x18/0x40 [ 19.002912] kasan_save_free_info+0x3f/0x60 [ 19.003113] __kasan_slab_free+0x56/0x70 [ 19.003676] kfree+0x222/0x3f0 [ 19.004028] kasan_strings+0x2aa/0xe80 [ 19.004847] kunit_try_run_case+0x1a5/0x480 [ 19.005403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.005693] kthread+0x337/0x6f0 [ 19.005882] ret_from_fork+0x41/0x80 [ 19.006111] ret_from_fork_asm+0x1a/0x30 [ 19.006694] [ 19.006831] The buggy address belongs to the object at ffff888101e064c0 [ 19.006831] which belongs to the cache kmalloc-32 of size 32 [ 19.007910] The buggy address is located 16 bytes inside of [ 19.007910] freed 32-byte region [ffff888101e064c0, ffff888101e064e0) [ 19.008948] [ 19.009262] The buggy address belongs to the physical page: [ 19.009708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e06 [ 19.010230] flags: 0x200000000000000(node=0|zone=2) [ 19.010675] page_type: f5(slab) [ 19.010891] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 19.011436] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 19.012047] page dumped because: kasan: bad access detected [ 19.012659] [ 19.012964] Memory state around the buggy address: [ 19.013570] ffff888101e06380: 00 00 00 04 fc fc fc fc fa fb fb fb fc fc fc fc [ 19.014197] ffff888101e06400: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.014920] >ffff888101e06480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.015388] ^ [ 19.015860] ffff888101e06500: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 19.016108] ffff888101e06580: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 19.016524] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 18.929026] ================================================================== [ 18.929642] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 18.930204] Read of size 1 at addr ffff888101e06418 by task kunit_try_catch/278 [ 18.930761] [ 18.931878] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.932037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.932071] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.932118] Call Trace: [ 18.932146] <TASK> [ 18.932175] dump_stack_lvl+0x73/0xb0 [ 18.932268] print_report+0xd1/0x650 [ 18.932319] ? __virt_addr_valid+0x1db/0x2d0 [ 18.932361] ? memcmp+0x1b4/0x1d0 [ 18.932383] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.932409] ? memcmp+0x1b4/0x1d0 [ 18.932429] kasan_report+0x141/0x180 [ 18.932454] ? memcmp+0x1b4/0x1d0 [ 18.932479] __asan_report_load1_noabort+0x18/0x20 [ 18.932503] memcmp+0x1b4/0x1d0 [ 18.932525] kasan_memcmp+0x18f/0x390 [ 18.932548] ? trace_hardirqs_on+0x37/0xe0 [ 18.932576] ? __pfx_kasan_memcmp+0x10/0x10 [ 18.932598] ? finish_task_switch.isra.0+0x153/0x700 [ 18.932626] ? __switch_to+0x5d9/0xf60 [ 18.932649] ? dequeue_task_fair+0x166/0x4e0 [ 18.932679] ? __pfx_read_tsc+0x10/0x10 [ 18.932702] ? ktime_get_ts64+0x86/0x230 [ 18.932731] kunit_try_run_case+0x1a5/0x480 [ 18.932799] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.932828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.932855] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.932881] ? __kthread_parkme+0x82/0x180 [ 18.932906] ? preempt_count_sub+0x50/0x80 [ 18.932933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.932957] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.932982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.933007] kthread+0x337/0x6f0 [ 18.933026] ? trace_preempt_on+0x20/0xc0 [ 18.933051] ? __pfx_kthread+0x10/0x10 [ 18.933070] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.933093] ? calculate_sigpending+0x7b/0xa0 [ 18.933145] ? __pfx_kthread+0x10/0x10 [ 18.933167] ret_from_fork+0x41/0x80 [ 18.933199] ? __pfx_kthread+0x10/0x10 [ 18.933250] ret_from_fork_asm+0x1a/0x30 [ 18.933304] </TASK> [ 18.933327] [ 18.947191] Allocated by task 278: [ 18.947598] kasan_save_stack+0x45/0x70 [ 18.948957] kasan_save_track+0x18/0x40 [ 18.949655] kasan_save_alloc_info+0x3b/0x50 [ 18.950072] __kasan_kmalloc+0xb7/0xc0 [ 18.950617] __kmalloc_cache_noprof+0x189/0x420 [ 18.951049] kasan_memcmp+0xb7/0x390 [ 18.951533] kunit_try_run_case+0x1a5/0x480 [ 18.951948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.953046] kthread+0x337/0x6f0 [ 18.953375] ret_from_fork+0x41/0x80 [ 18.954004] ret_from_fork_asm+0x1a/0x30 [ 18.954600] [ 18.954818] The buggy address belongs to the object at ffff888101e06400 [ 18.954818] which belongs to the cache kmalloc-32 of size 32 [ 18.955693] The buggy address is located 0 bytes to the right of [ 18.955693] allocated 24-byte region [ffff888101e06400, ffff888101e06418) [ 18.956734] [ 18.956865] The buggy address belongs to the physical page: [ 18.957073] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e06 [ 18.958267] flags: 0x200000000000000(node=0|zone=2) [ 18.958503] page_type: f5(slab) [ 18.958812] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.959444] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.959776] page dumped because: kasan: bad access detected [ 18.960011] [ 18.960170] Memory state around the buggy address: [ 18.960682] ffff888101e06300: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.962197] ffff888101e06380: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.962744] >ffff888101e06400: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.963114] ^ [ 18.963488] ffff888101e06480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.964844] ffff888101e06500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.965266] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 18.875125] ================================================================== [ 18.875788] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 18.876443] Read of size 1 at addr ffff888103a9fc4a by task kunit_try_catch/274 [ 18.876905] [ 18.877060] CPU: 0 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.877214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.877241] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.877283] Call Trace: [ 18.877314] <TASK> [ 18.877354] dump_stack_lvl+0x73/0xb0 [ 18.877457] print_report+0xd1/0x650 [ 18.877513] ? __virt_addr_valid+0x1db/0x2d0 [ 18.877576] ? kasan_alloca_oob_right+0x329/0x390 [ 18.877617] ? kasan_addr_to_slab+0x11/0xa0 [ 18.877653] ? kasan_alloca_oob_right+0x329/0x390 [ 18.877692] kasan_report+0x141/0x180 [ 18.877734] ? kasan_alloca_oob_right+0x329/0x390 [ 18.877826] __asan_report_load1_noabort+0x18/0x20 [ 18.877886] kasan_alloca_oob_right+0x329/0x390 [ 18.877934] ? finish_task_switch.isra.0+0x153/0x700 [ 18.877980] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 18.878025] ? trace_hardirqs_on+0x37/0xe0 [ 18.878077] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 18.878169] ? __schedule+0x10cc/0x2b30 [ 18.878241] ? __pfx_read_tsc+0x10/0x10 [ 18.878282] ? ktime_get_ts64+0x86/0x230 [ 18.878332] kunit_try_run_case+0x1a5/0x480 [ 18.878380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.878422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.878472] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.878548] ? __kthread_parkme+0x82/0x180 [ 18.878598] ? preempt_count_sub+0x50/0x80 [ 18.878657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.878700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.878759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.878812] kthread+0x337/0x6f0 [ 18.878850] ? trace_preempt_on+0x20/0xc0 [ 18.878899] ? __pfx_kthread+0x10/0x10 [ 18.878936] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.878974] ? calculate_sigpending+0x7b/0xa0 [ 18.879022] ? __pfx_kthread+0x10/0x10 [ 18.879064] ret_from_fork+0x41/0x80 [ 18.879147] ? __pfx_kthread+0x10/0x10 [ 18.879609] ret_from_fork_asm+0x1a/0x30 [ 18.879700] </TASK> [ 18.879719] [ 18.900983] The buggy address belongs to stack of task kunit_try_catch/274 [ 18.902252] [ 18.902846] The buggy address belongs to the physical page: [ 18.903856] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a9f [ 18.904659] flags: 0x200000000000000(node=0|zone=2) [ 18.905512] raw: 0200000000000000 ffffea00040ea7c8 ffffea00040ea7c8 0000000000000000 [ 18.906016] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.906680] page dumped because: kasan: bad access detected [ 18.907313] [ 18.907934] Memory state around the buggy address: [ 18.908384] ffff888103a9fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.908685] ffff888103a9fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.908966] >ffff888103a9fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.909217] ^ [ 18.910408] ffff888103a9fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 18.910977] ffff888103a9fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.911546] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 18.828705] ================================================================== [ 18.829679] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 18.830319] Read of size 1 at addr ffff888103a4fc3f by task kunit_try_catch/272 [ 18.830921] [ 18.831171] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.831279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.831308] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.831354] Call Trace: [ 18.831385] <TASK> [ 18.831427] dump_stack_lvl+0x73/0xb0 [ 18.831499] print_report+0xd1/0x650 [ 18.831550] ? __virt_addr_valid+0x1db/0x2d0 [ 18.831600] ? kasan_alloca_oob_left+0x320/0x380 [ 18.831677] ? kasan_addr_to_slab+0x11/0xa0 [ 18.831725] ? kasan_alloca_oob_left+0x320/0x380 [ 18.831782] kasan_report+0x141/0x180 [ 18.831824] ? kasan_alloca_oob_left+0x320/0x380 [ 18.831875] __asan_report_load1_noabort+0x18/0x20 [ 18.831912] kasan_alloca_oob_left+0x320/0x380 [ 18.831960] ? finish_task_switch.isra.0+0x153/0x700 [ 18.832013] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 18.832066] ? trace_hardirqs_on+0x37/0xe0 [ 18.832119] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 18.832162] ? __schedule+0x10cc/0x2b30 [ 18.832212] ? __pfx_read_tsc+0x10/0x10 [ 18.832256] ? ktime_get_ts64+0x86/0x230 [ 18.832315] kunit_try_run_case+0x1a5/0x480 [ 18.832374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.832418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.832461] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.832489] ? __kthread_parkme+0x82/0x180 [ 18.832514] ? preempt_count_sub+0x50/0x80 [ 18.832542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.832567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.832593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.832618] kthread+0x337/0x6f0 [ 18.832638] ? trace_preempt_on+0x20/0xc0 [ 18.832662] ? __pfx_kthread+0x10/0x10 [ 18.832682] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.832705] ? calculate_sigpending+0x7b/0xa0 [ 18.832730] ? __pfx_kthread+0x10/0x10 [ 18.832776] ret_from_fork+0x41/0x80 [ 18.832803] ? __pfx_kthread+0x10/0x10 [ 18.832823] ret_from_fork_asm+0x1a/0x30 [ 18.832858] </TASK> [ 18.832873] [ 18.859666] The buggy address belongs to stack of task kunit_try_catch/272 [ 18.860364] [ 18.860527] The buggy address belongs to the physical page: [ 18.861354] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a4f [ 18.861976] flags: 0x200000000000000(node=0|zone=2) [ 18.862572] raw: 0200000000000000 ffffea00040e93c8 ffffea00040e93c8 0000000000000000 [ 18.862975] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.863421] page dumped because: kasan: bad access detected [ 18.863905] [ 18.864030] Memory state around the buggy address: [ 18.864488] ffff888103a4fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.865222] ffff888103a4fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.865641] >ffff888103a4fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 18.866159] ^ [ 18.866643] ffff888103a4fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 18.867126] ffff888103a4fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 18.867655] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 18.760488] ================================================================== [ 18.761178] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 18.762410] Read of size 1 at addr ffffffff946422ad by task kunit_try_catch/266 [ 18.763047] [ 18.763378] CPU: 1 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.763495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.763523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.763571] Call Trace: [ 18.763600] <TASK> [ 18.763667] dump_stack_lvl+0x73/0xb0 [ 18.763917] print_report+0xd1/0x650 [ 18.764010] ? __virt_addr_valid+0x1db/0x2d0 [ 18.764062] ? kasan_global_oob_right+0x286/0x2d0 [ 18.764181] ? kasan_addr_to_slab+0x11/0xa0 [ 18.764280] ? kasan_global_oob_right+0x286/0x2d0 [ 18.764339] kasan_report+0x141/0x180 [ 18.764391] ? kasan_global_oob_right+0x286/0x2d0 [ 18.764450] __asan_report_load1_noabort+0x18/0x20 [ 18.764502] kasan_global_oob_right+0x286/0x2d0 [ 18.764554] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 18.764612] ? __schedule+0x10cc/0x2b30 [ 18.764666] ? __pfx_read_tsc+0x10/0x10 [ 18.764714] ? ktime_get_ts64+0x86/0x230 [ 18.764787] kunit_try_run_case+0x1a5/0x480 [ 18.764847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.764897] ? irqentry_exit+0x2a/0x60 [ 18.764949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.764996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.765031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.765055] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.765080] kthread+0x337/0x6f0 [ 18.765125] ? trace_preempt_on+0x20/0xc0 [ 18.765159] ? __pfx_kthread+0x10/0x10 [ 18.765191] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.765220] ? calculate_sigpending+0x7b/0xa0 [ 18.765246] ? __pfx_kthread+0x10/0x10 [ 18.765267] ret_from_fork+0x41/0x80 [ 18.765290] ? __pfx_kthread+0x10/0x10 [ 18.765311] ret_from_fork_asm+0x1a/0x30 [ 18.765345] </TASK> [ 18.765360] [ 18.777356] The buggy address belongs to the variable: [ 18.777672] global_array+0xd/0x40 [ 18.778490] [ 18.778780] The buggy address belongs to the physical page: [ 18.779449] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4ac42 [ 18.780172] flags: 0x100000000002000(reserved|node=0|zone=1) [ 18.780857] raw: 0100000000002000 ffffea00012b1088 ffffea00012b1088 0000000000000000 [ 18.781627] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.782193] page dumped because: kasan: bad access detected [ 18.782802] [ 18.783005] Memory state around the buggy address: [ 18.783304] ffffffff94642180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.783600] ffffffff94642200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.784109] >ffffffff94642280: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 18.784587] ^ [ 18.785310] ffffffff94642300: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 18.785965] ffffffff94642380: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 18.786624] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 18.676974] ================================================================== [ 18.678166] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.679071] Free of addr ffff888101de5d01 by task kunit_try_catch/262 [ 18.679599] [ 18.680114] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.680505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.680559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.680606] Call Trace: [ 18.680636] <TASK> [ 18.680674] dump_stack_lvl+0x73/0xb0 [ 18.680744] print_report+0xd1/0x650 [ 18.680803] ? __virt_addr_valid+0x1db/0x2d0 [ 18.680853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.680903] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.680963] kasan_report_invalid_free+0x10a/0x130 [ 18.681020] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.681082] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.681131] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.681187] check_slab_allocation+0x11f/0x130 [ 18.681230] __kasan_mempool_poison_object+0x91/0x1d0 [ 18.681273] mempool_free+0x2ec/0x380 [ 18.681322] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.681371] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 18.681402] ? update_load_avg+0x1be/0x21b0 [ 18.681425] ? update_load_avg+0x1be/0x21b0 [ 18.681446] ? update_curr+0x80/0x810 [ 18.681467] ? irqentry_exit+0x2a/0x60 [ 18.681493] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.681522] mempool_kmalloc_invalid_free+0xed/0x140 [ 18.681548] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.681578] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.681599] ? __pfx_mempool_kfree+0x10/0x10 [ 18.681623] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.681651] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 18.681681] kunit_try_run_case+0x1a5/0x480 [ 18.681709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.681732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.681785] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.681812] ? __kthread_parkme+0x82/0x180 [ 18.681837] ? preempt_count_sub+0x50/0x80 [ 18.681865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.681890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.681914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.681938] kthread+0x337/0x6f0 [ 18.681957] ? trace_preempt_on+0x20/0xc0 [ 18.681984] ? __pfx_kthread+0x10/0x10 [ 18.682004] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.682026] ? calculate_sigpending+0x7b/0xa0 [ 18.682050] ? __pfx_kthread+0x10/0x10 [ 18.682070] ret_from_fork+0x41/0x80 [ 18.682095] ? __pfx_kthread+0x10/0x10 [ 18.682142] ret_from_fork_asm+0x1a/0x30 [ 18.682183] </TASK> [ 18.682213] [ 18.697184] Allocated by task 262: [ 18.697772] kasan_save_stack+0x45/0x70 [ 18.698211] kasan_save_track+0x18/0x40 [ 18.698867] kasan_save_alloc_info+0x3b/0x50 [ 18.699882] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.700155] remove_element+0x11e/0x190 [ 18.700360] mempool_alloc_preallocated+0x4d/0x90 [ 18.700727] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 18.701017] mempool_kmalloc_invalid_free+0xed/0x140 [ 18.701392] kunit_try_run_case+0x1a5/0x480 [ 18.701685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.702553] kthread+0x337/0x6f0 [ 18.702889] ret_from_fork+0x41/0x80 [ 18.703333] ret_from_fork_asm+0x1a/0x30 [ 18.703701] [ 18.703881] The buggy address belongs to the object at ffff888101de5d00 [ 18.703881] which belongs to the cache kmalloc-128 of size 128 [ 18.704714] The buggy address is located 1 bytes inside of [ 18.704714] 128-byte region [ffff888101de5d00, ffff888101de5d80) [ 18.705499] [ 18.705699] The buggy address belongs to the physical page: [ 18.706135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 18.706515] flags: 0x200000000000000(node=0|zone=2) [ 18.706941] page_type: f5(slab) [ 18.707255] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.707719] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.708617] page dumped because: kasan: bad access detected [ 18.709070] [ 18.709425] Memory state around the buggy address: [ 18.709826] ffff888101de5c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.710187] ffff888101de5c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.710826] >ffff888101de5d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.711566] ^ [ 18.711860] ffff888101de5d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.712289] ffff888101de5e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.712890] ================================================================== [ 18.719686] ================================================================== [ 18.720990] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.721521] Free of addr ffff888102a98001 by task kunit_try_catch/264 [ 18.722039] [ 18.722228] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.722346] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.722377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.722430] Call Trace: [ 18.722458] <TASK> [ 18.722520] dump_stack_lvl+0x73/0xb0 [ 18.722588] print_report+0xd1/0x650 [ 18.722637] ? __virt_addr_valid+0x1db/0x2d0 [ 18.722692] ? kasan_addr_to_slab+0x11/0xa0 [ 18.722741] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.722814] kasan_report_invalid_free+0x10a/0x130 [ 18.722864] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.722925] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.722980] __kasan_mempool_poison_object+0x102/0x1d0 [ 18.723037] mempool_free+0x2ec/0x380 [ 18.723101] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 18.723154] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 18.723211] ? dequeue_entities+0x852/0x1740 [ 18.723259] ? finish_task_switch.isra.0+0x153/0x700 [ 18.723310] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 18.723355] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 18.723407] ? dequeue_task_fair+0x166/0x4e0 [ 18.723454] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.723494] ? __pfx_mempool_kfree+0x10/0x10 [ 18.723545] ? __pfx_read_tsc+0x10/0x10 [ 18.723586] ? ktime_get_ts64+0x86/0x230 [ 18.723669] kunit_try_run_case+0x1a5/0x480 [ 18.723724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.723780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.723838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.723892] ? __kthread_parkme+0x82/0x180 [ 18.723945] ? preempt_count_sub+0x50/0x80 [ 18.723990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.724028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.724066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.724152] kthread+0x337/0x6f0 [ 18.724188] ? trace_preempt_on+0x20/0xc0 [ 18.724232] ? __pfx_kthread+0x10/0x10 [ 18.724261] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.724293] ? calculate_sigpending+0x7b/0xa0 [ 18.724328] ? __pfx_kthread+0x10/0x10 [ 18.724359] ret_from_fork+0x41/0x80 [ 18.724396] ? __pfx_kthread+0x10/0x10 [ 18.724428] ret_from_fork_asm+0x1a/0x30 [ 18.724485] </TASK> [ 18.724508] [ 18.741383] The buggy address belongs to the physical page: [ 18.742041] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a98 [ 18.742583] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.743342] flags: 0x200000000000040(head|node=0|zone=2) [ 18.743957] page_type: f8(unknown) [ 18.744206] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.745229] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.746095] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.746711] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.747434] head: 0200000000000002 ffffea00040aa601 00000000ffffffff 00000000ffffffff [ 18.747852] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.748358] page dumped because: kasan: bad access detected [ 18.748731] [ 18.748948] Memory state around the buggy address: [ 18.749892] ffff888102a97f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.750801] ffff888102a97f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.751613] >ffff888102a98000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.752099] ^ [ 18.752324] ffff888102a98080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.753104] ffff888102a98100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.753704] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 18.591286] ================================================================== [ 18.591898] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.592235] Free of addr ffff888103a18000 by task kunit_try_catch/258 [ 18.593294] [ 18.594134] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.594281] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.594309] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.594350] Call Trace: [ 18.594376] <TASK> [ 18.594414] dump_stack_lvl+0x73/0xb0 [ 18.594498] print_report+0xd1/0x650 [ 18.594549] ? __virt_addr_valid+0x1db/0x2d0 [ 18.594602] ? kasan_addr_to_slab+0x11/0xa0 [ 18.594626] ? mempool_double_free_helper+0x184/0x370 [ 18.594655] kasan_report_invalid_free+0x10a/0x130 [ 18.594682] ? mempool_double_free_helper+0x184/0x370 [ 18.594711] ? mempool_double_free_helper+0x184/0x370 [ 18.594736] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 18.594789] mempool_free+0x2ec/0x380 [ 18.594818] mempool_double_free_helper+0x184/0x370 [ 18.594845] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.594871] ? dequeue_entities+0x852/0x1740 [ 18.594899] ? finish_task_switch.isra.0+0x153/0x700 [ 18.594930] mempool_kmalloc_large_double_free+0xed/0x140 [ 18.594956] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 18.594983] ? dequeue_task_fair+0x166/0x4e0 [ 18.595006] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.595028] ? __pfx_mempool_kfree+0x10/0x10 [ 18.595053] ? __pfx_read_tsc+0x10/0x10 [ 18.595075] ? ktime_get_ts64+0x86/0x230 [ 18.595108] kunit_try_run_case+0x1a5/0x480 [ 18.595151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.595175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.595217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.595257] ? __kthread_parkme+0x82/0x180 [ 18.595295] ? preempt_count_sub+0x50/0x80 [ 18.595336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.595371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.595407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.595446] kthread+0x337/0x6f0 [ 18.595475] ? trace_preempt_on+0x20/0xc0 [ 18.595514] ? __pfx_kthread+0x10/0x10 [ 18.595543] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.595576] ? calculate_sigpending+0x7b/0xa0 [ 18.595613] ? __pfx_kthread+0x10/0x10 [ 18.595662] ret_from_fork+0x41/0x80 [ 18.595693] ? __pfx_kthread+0x10/0x10 [ 18.595714] ret_from_fork_asm+0x1a/0x30 [ 18.595761] </TASK> [ 18.595779] [ 18.612722] The buggy address belongs to the physical page: [ 18.613798] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a18 [ 18.614652] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.615062] flags: 0x200000000000040(head|node=0|zone=2) [ 18.616074] page_type: f8(unknown) [ 18.616429] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.617023] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.617365] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.617643] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.617913] head: 0200000000000002 ffffea00040e8601 00000000ffffffff 00000000ffffffff [ 18.618165] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.618396] page dumped because: kasan: bad access detected [ 18.618586] [ 18.618685] Memory state around the buggy address: [ 18.619976] ffff888103a17f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.620949] ffff888103a17f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.621723] >ffff888103a18000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.622455] ^ [ 18.622807] ffff888103a18080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.624061] ffff888103a18100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.624580] ================================================================== [ 18.638076] ================================================================== [ 18.639244] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.639960] Free of addr ffff888103a1c000 by task kunit_try_catch/260 [ 18.640720] [ 18.641049] CPU: 1 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.641335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.641413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.641479] Call Trace: [ 18.641513] <TASK> [ 18.641554] dump_stack_lvl+0x73/0xb0 [ 18.641666] print_report+0xd1/0x650 [ 18.641740] ? __virt_addr_valid+0x1db/0x2d0 [ 18.641808] ? kasan_addr_to_slab+0x11/0xa0 [ 18.641840] ? mempool_double_free_helper+0x184/0x370 [ 18.641869] kasan_report_invalid_free+0x10a/0x130 [ 18.641897] ? mempool_double_free_helper+0x184/0x370 [ 18.641927] ? mempool_double_free_helper+0x184/0x370 [ 18.641961] __kasan_mempool_poison_pages+0x115/0x130 [ 18.642005] mempool_free+0x290/0x380 [ 18.642037] mempool_double_free_helper+0x184/0x370 [ 18.642063] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.642089] ? update_load_avg+0x1be/0x21b0 [ 18.642139] ? dequeue_entities+0x852/0x1740 [ 18.642167] ? finish_task_switch.isra.0+0x153/0x700 [ 18.642370] mempool_page_alloc_double_free+0xe8/0x140 [ 18.642400] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 18.642423] ? dequeue_task_fair+0x166/0x4e0 [ 18.642450] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 18.642472] ? __pfx_mempool_free_pages+0x10/0x10 [ 18.642496] ? __pfx_read_tsc+0x10/0x10 [ 18.642520] ? ktime_get_ts64+0x86/0x230 [ 18.642547] kunit_try_run_case+0x1a5/0x480 [ 18.642575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.642598] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.642623] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.642647] ? __kthread_parkme+0x82/0x180 [ 18.642671] ? preempt_count_sub+0x50/0x80 [ 18.642697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.642721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.642759] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.642795] kthread+0x337/0x6f0 [ 18.642815] ? trace_preempt_on+0x20/0xc0 [ 18.642842] ? __pfx_kthread+0x10/0x10 [ 18.642862] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.642885] ? calculate_sigpending+0x7b/0xa0 [ 18.642909] ? __pfx_kthread+0x10/0x10 [ 18.642930] ret_from_fork+0x41/0x80 [ 18.642952] ? __pfx_kthread+0x10/0x10 [ 18.642973] ret_from_fork_asm+0x1a/0x30 [ 18.643007] </TASK> [ 18.643023] [ 18.661582] The buggy address belongs to the physical page: [ 18.662368] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a1c [ 18.662883] flags: 0x200000000000000(node=0|zone=2) [ 18.663807] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.664640] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.664960] page dumped because: kasan: bad access detected [ 18.665689] [ 18.666071] Memory state around the buggy address: [ 18.666701] ffff888103a1bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.667120] ffff888103a1bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.667912] >ffff888103a1c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.668462] ^ [ 18.668992] ffff888103a1c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.669741] ffff888103a1c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.670346] ================================================================== [ 18.540363] ================================================================== [ 18.541172] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 18.541780] Free of addr ffff888102b31800 by task kunit_try_catch/256 [ 18.542214] [ 18.542396] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.542509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.542534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.542580] Call Trace: [ 18.542609] <TASK> [ 18.542652] dump_stack_lvl+0x73/0xb0 [ 18.542725] print_report+0xd1/0x650 [ 18.542829] ? __virt_addr_valid+0x1db/0x2d0 [ 18.542887] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.542934] ? mempool_double_free_helper+0x184/0x370 [ 18.542981] kasan_report_invalid_free+0x10a/0x130 [ 18.543031] ? mempool_double_free_helper+0x184/0x370 [ 18.543085] ? mempool_double_free_helper+0x184/0x370 [ 18.543165] ? mempool_double_free_helper+0x184/0x370 [ 18.543205] check_slab_allocation+0x101/0x130 [ 18.543245] __kasan_mempool_poison_object+0x91/0x1d0 [ 18.543287] mempool_free+0x2ec/0x380 [ 18.543328] ? __wake_up+0x49/0x60 [ 18.543371] mempool_double_free_helper+0x184/0x370 [ 18.543416] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 18.543457] ? update_load_avg+0x1be/0x21b0 [ 18.543495] ? dequeue_entities+0x27e/0x1740 [ 18.543547] ? finish_task_switch.isra.0+0x153/0x700 [ 18.543605] mempool_kmalloc_double_free+0xed/0x140 [ 18.543716] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 18.543776] ? dequeue_task_fair+0x166/0x4e0 [ 18.543824] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.543864] ? __pfx_mempool_kfree+0x10/0x10 [ 18.543913] ? __pfx_read_tsc+0x10/0x10 [ 18.543964] ? ktime_get_ts64+0x86/0x230 [ 18.544022] kunit_try_run_case+0x1a5/0x480 [ 18.544073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.544155] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.544238] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.544288] ? __kthread_parkme+0x82/0x180 [ 18.544330] ? preempt_count_sub+0x50/0x80 [ 18.544374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.544413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.544440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.544467] kthread+0x337/0x6f0 [ 18.544487] ? trace_preempt_on+0x20/0xc0 [ 18.544515] ? __pfx_kthread+0x10/0x10 [ 18.544536] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.544560] ? calculate_sigpending+0x7b/0xa0 [ 18.544585] ? __pfx_kthread+0x10/0x10 [ 18.544605] ret_from_fork+0x41/0x80 [ 18.544631] ? __pfx_kthread+0x10/0x10 [ 18.544651] ret_from_fork_asm+0x1a/0x30 [ 18.544689] </TASK> [ 18.544706] [ 18.561528] Allocated by task 256: [ 18.561825] kasan_save_stack+0x45/0x70 [ 18.563117] kasan_save_track+0x18/0x40 [ 18.563532] kasan_save_alloc_info+0x3b/0x50 [ 18.563981] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.564406] remove_element+0x11e/0x190 [ 18.564731] mempool_alloc_preallocated+0x4d/0x90 [ 18.565003] mempool_double_free_helper+0x8a/0x370 [ 18.565405] mempool_kmalloc_double_free+0xed/0x140 [ 18.565639] kunit_try_run_case+0x1a5/0x480 [ 18.566395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.566737] kthread+0x337/0x6f0 [ 18.567062] ret_from_fork+0x41/0x80 [ 18.567493] ret_from_fork_asm+0x1a/0x30 [ 18.567838] [ 18.568016] Freed by task 256: [ 18.568401] kasan_save_stack+0x45/0x70 [ 18.568774] kasan_save_track+0x18/0x40 [ 18.569122] kasan_save_free_info+0x3f/0x60 [ 18.570386] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.570684] mempool_free+0x2ec/0x380 [ 18.571276] mempool_double_free_helper+0x109/0x370 [ 18.571667] mempool_kmalloc_double_free+0xed/0x140 [ 18.571969] kunit_try_run_case+0x1a5/0x480 [ 18.572404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.572855] kthread+0x337/0x6f0 [ 18.573090] ret_from_fork+0x41/0x80 [ 18.573589] ret_from_fork_asm+0x1a/0x30 [ 18.573877] [ 18.574049] The buggy address belongs to the object at ffff888102b31800 [ 18.574049] which belongs to the cache kmalloc-128 of size 128 [ 18.575512] The buggy address is located 0 bytes inside of [ 18.575512] 128-byte region [ffff888102b31800, ffff888102b31880) [ 18.576367] [ 18.576528] The buggy address belongs to the physical page: [ 18.576802] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 18.577356] flags: 0x200000000000000(node=0|zone=2) [ 18.577652] page_type: f5(slab) [ 18.578158] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.578742] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.579143] page dumped because: kasan: bad access detected [ 18.579742] [ 18.579941] Memory state around the buggy address: [ 18.580378] ffff888102b31700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.580818] ffff888102b31780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.582354] >ffff888102b31800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.582617] ^ [ 18.582846] ffff888102b31880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.583556] ffff888102b31900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.583936] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 18.401137] ================================================================== [ 18.401988] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.402554] Read of size 1 at addr ffff888102a98000 by task kunit_try_catch/250 [ 18.403521] [ 18.403713] CPU: 0 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.403825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.403852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.403896] Call Trace: [ 18.403924] <TASK> [ 18.403964] dump_stack_lvl+0x73/0xb0 [ 18.404036] print_report+0xd1/0x650 [ 18.404082] ? __virt_addr_valid+0x1db/0x2d0 [ 18.404129] ? mempool_uaf_helper+0x392/0x400 [ 18.404167] ? kasan_addr_to_slab+0x11/0xa0 [ 18.404207] ? mempool_uaf_helper+0x392/0x400 [ 18.404254] kasan_report+0x141/0x180 [ 18.404343] ? mempool_uaf_helper+0x392/0x400 [ 18.404470] __asan_report_load1_noabort+0x18/0x20 [ 18.404533] mempool_uaf_helper+0x392/0x400 [ 18.404588] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.404641] ? dequeue_entities+0x852/0x1740 [ 18.405045] ? finish_task_switch.isra.0+0x153/0x700 [ 18.405147] mempool_kmalloc_large_uaf+0xef/0x140 [ 18.405198] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 18.405241] ? dequeue_task_fair+0x166/0x4e0 [ 18.405311] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.405357] ? __pfx_mempool_kfree+0x10/0x10 [ 18.405398] ? __pfx_read_tsc+0x10/0x10 [ 18.405424] ? ktime_get_ts64+0x86/0x230 [ 18.405457] kunit_try_run_case+0x1a5/0x480 [ 18.405488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.405513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.405542] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.405569] ? __kthread_parkme+0x82/0x180 [ 18.405596] ? preempt_count_sub+0x50/0x80 [ 18.405624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.405652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.405678] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.405704] kthread+0x337/0x6f0 [ 18.405724] ? trace_preempt_on+0x20/0xc0 [ 18.405776] ? __pfx_kthread+0x10/0x10 [ 18.405800] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.405825] ? calculate_sigpending+0x7b/0xa0 [ 18.405852] ? __pfx_kthread+0x10/0x10 [ 18.405873] ret_from_fork+0x41/0x80 [ 18.405900] ? __pfx_kthread+0x10/0x10 [ 18.405921] ret_from_fork_asm+0x1a/0x30 [ 18.405959] </TASK> [ 18.405974] [ 18.421666] The buggy address belongs to the physical page: [ 18.422134] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a98 [ 18.422961] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.423640] flags: 0x200000000000040(head|node=0|zone=2) [ 18.423987] page_type: f8(unknown) [ 18.424346] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.425510] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.425979] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.426803] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.427330] head: 0200000000000002 ffffea00040aa601 00000000ffffffff 00000000ffffffff [ 18.427775] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.428475] page dumped because: kasan: bad access detected [ 18.428807] [ 18.428996] Memory state around the buggy address: [ 18.429426] ffff888102a97f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.430192] ffff888102a97f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.430510] >ffff888102a98000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.431125] ^ [ 18.431340] ffff888102a98080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.432724] ffff888102a98100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.433003] ================================================================== [ 18.505715] ================================================================== [ 18.506500] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.507381] Read of size 1 at addr ffff888103a18000 by task kunit_try_catch/254 [ 18.508663] [ 18.509055] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.509345] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509371] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.509401] Call Trace: [ 18.509423] <TASK> [ 18.509451] dump_stack_lvl+0x73/0xb0 [ 18.509505] print_report+0xd1/0x650 [ 18.509533] ? __virt_addr_valid+0x1db/0x2d0 [ 18.509560] ? mempool_uaf_helper+0x392/0x400 [ 18.509585] ? kasan_addr_to_slab+0x11/0xa0 [ 18.509608] ? mempool_uaf_helper+0x392/0x400 [ 18.509632] kasan_report+0x141/0x180 [ 18.509657] ? mempool_uaf_helper+0x392/0x400 [ 18.509687] __asan_report_load1_noabort+0x18/0x20 [ 18.509711] mempool_uaf_helper+0x392/0x400 [ 18.509736] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.509799] ? finish_task_switch.isra.0+0x153/0x700 [ 18.509860] mempool_page_alloc_uaf+0xed/0x140 [ 18.509909] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 18.509957] ? dequeue_task_fair+0x156/0x4e0 [ 18.510012] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 18.510065] ? __pfx_mempool_free_pages+0x10/0x10 [ 18.510114] ? __pfx_read_tsc+0x10/0x10 [ 18.510157] ? ktime_get_ts64+0x86/0x230 [ 18.510221] kunit_try_run_case+0x1a5/0x480 [ 18.510269] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.510350] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.510376] ? __kthread_parkme+0x82/0x180 [ 18.510401] ? preempt_count_sub+0x50/0x80 [ 18.510428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.510479] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.510503] kthread+0x337/0x6f0 [ 18.510522] ? trace_preempt_on+0x20/0xc0 [ 18.510548] ? __pfx_kthread+0x10/0x10 [ 18.510569] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.510591] ? calculate_sigpending+0x7b/0xa0 [ 18.510619] ? __pfx_kthread+0x10/0x10 [ 18.510639] ret_from_fork+0x41/0x80 [ 18.510662] ? __pfx_kthread+0x10/0x10 [ 18.510682] ret_from_fork_asm+0x1a/0x30 [ 18.510718] </TASK> [ 18.510732] [ 18.525316] The buggy address belongs to the physical page: [ 18.526140] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a18 [ 18.527611] flags: 0x200000000000000(node=0|zone=2) [ 18.527962] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 18.528664] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 18.529332] page dumped because: kasan: bad access detected [ 18.529711] [ 18.529853] Memory state around the buggy address: [ 18.530879] ffff888103a17f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.531229] ffff888103a17f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.531723] >ffff888103a18000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.532140] ^ [ 18.532451] ffff888103a18080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.532848] ffff888103a18100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.533618] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 18.441506] ================================================================== [ 18.442151] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.442880] Read of size 1 at addr ffff888102b41240 by task kunit_try_catch/252 [ 18.443927] [ 18.444351] CPU: 0 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.444460] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.444486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.444515] Call Trace: [ 18.444535] <TASK> [ 18.444561] dump_stack_lvl+0x73/0xb0 [ 18.444610] print_report+0xd1/0x650 [ 18.444640] ? __virt_addr_valid+0x1db/0x2d0 [ 18.444666] ? mempool_uaf_helper+0x392/0x400 [ 18.444692] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.444719] ? mempool_uaf_helper+0x392/0x400 [ 18.444744] kasan_report+0x141/0x180 [ 18.444789] ? mempool_uaf_helper+0x392/0x400 [ 18.444821] __asan_report_load1_noabort+0x18/0x20 [ 18.444845] mempool_uaf_helper+0x392/0x400 [ 18.444872] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.444903] ? finish_task_switch.isra.0+0x153/0x700 [ 18.444938] mempool_slab_uaf+0xea/0x140 [ 18.444961] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 18.444983] ? dequeue_task_fair+0x166/0x4e0 [ 18.445010] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 18.445036] ? __pfx_mempool_free_slab+0x10/0x10 [ 18.445062] ? __pfx_read_tsc+0x10/0x10 [ 18.445086] ? ktime_get_ts64+0x86/0x230 [ 18.445156] kunit_try_run_case+0x1a5/0x480 [ 18.445223] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.445272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.445318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.445347] ? __kthread_parkme+0x82/0x180 [ 18.445374] ? preempt_count_sub+0x50/0x80 [ 18.445403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.445430] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.445457] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.445483] kthread+0x337/0x6f0 [ 18.445503] ? trace_preempt_on+0x20/0xc0 [ 18.445531] ? __pfx_kthread+0x10/0x10 [ 18.445552] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.445576] ? calculate_sigpending+0x7b/0xa0 [ 18.445603] ? __pfx_kthread+0x10/0x10 [ 18.445624] ret_from_fork+0x41/0x80 [ 18.445650] ? __pfx_kthread+0x10/0x10 [ 18.445671] ret_from_fork_asm+0x1a/0x30 [ 18.445709] </TASK> [ 18.445723] [ 18.457321] Allocated by task 252: [ 18.457808] kasan_save_stack+0x45/0x70 [ 18.458274] kasan_save_track+0x18/0x40 [ 18.458670] kasan_save_alloc_info+0x3b/0x50 [ 18.459088] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 18.459615] remove_element+0x11e/0x190 [ 18.459996] mempool_alloc_preallocated+0x4d/0x90 [ 18.460414] mempool_uaf_helper+0x96/0x400 [ 18.460716] mempool_slab_uaf+0xea/0x140 [ 18.461064] kunit_try_run_case+0x1a5/0x480 [ 18.461338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.461696] kthread+0x337/0x6f0 [ 18.462097] ret_from_fork+0x41/0x80 [ 18.462440] ret_from_fork_asm+0x1a/0x30 [ 18.462901] [ 18.463046] Freed by task 252: [ 18.463443] kasan_save_stack+0x45/0x70 [ 18.463686] kasan_save_track+0x18/0x40 [ 18.464041] kasan_save_free_info+0x3f/0x60 [ 18.464522] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.465051] mempool_free+0x2ec/0x380 [ 18.465355] mempool_uaf_helper+0x11a/0x400 [ 18.465789] mempool_slab_uaf+0xea/0x140 [ 18.466221] kunit_try_run_case+0x1a5/0x480 [ 18.466457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.466699] kthread+0x337/0x6f0 [ 18.467014] ret_from_fork+0x41/0x80 [ 18.467388] ret_from_fork_asm+0x1a/0x30 [ 18.467844] [ 18.468083] The buggy address belongs to the object at ffff888102b41240 [ 18.468083] which belongs to the cache test_cache of size 123 [ 18.469066] The buggy address is located 0 bytes inside of [ 18.469066] freed 123-byte region [ffff888102b41240, ffff888102b412bb) [ 18.469820] [ 18.469950] The buggy address belongs to the physical page: [ 18.470221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b41 [ 18.470551] flags: 0x200000000000000(node=0|zone=2) [ 18.470807] page_type: f5(slab) [ 18.471008] raw: 0200000000000000 ffff888102b3b280 dead000000000122 0000000000000000 [ 18.471685] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.472344] page dumped because: kasan: bad access detected [ 18.472801] [ 18.472984] Memory state around the buggy address: [ 18.473532] ffff888102b41100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.474236] ffff888102b41180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.474888] >ffff888102b41200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.475490] ^ [ 18.475876] ffff888102b41280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.476452] ffff888102b41300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.476762] ================================================================== [ 18.349315] ================================================================== [ 18.350340] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 18.350701] Read of size 1 at addr ffff888102b31400 by task kunit_try_catch/248 [ 18.352684] [ 18.353408] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.353549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.353576] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.353623] Call Trace: [ 18.353664] <TASK> [ 18.353713] dump_stack_lvl+0x73/0xb0 [ 18.353837] print_report+0xd1/0x650 [ 18.353885] ? __virt_addr_valid+0x1db/0x2d0 [ 18.353938] ? mempool_uaf_helper+0x392/0x400 [ 18.353983] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.354028] ? mempool_uaf_helper+0x392/0x400 [ 18.354073] kasan_report+0x141/0x180 [ 18.354338] ? mempool_uaf_helper+0x392/0x400 [ 18.354403] __asan_report_load1_noabort+0x18/0x20 [ 18.354512] mempool_uaf_helper+0x392/0x400 [ 18.354563] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 18.354610] ? dequeue_entities+0x852/0x1740 [ 18.354667] ? finish_task_switch.isra.0+0x153/0x700 [ 18.354722] mempool_kmalloc_uaf+0xef/0x140 [ 18.354794] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 18.354841] ? dequeue_task_fair+0x166/0x4e0 [ 18.354883] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.354936] ? __pfx_mempool_kfree+0x10/0x10 [ 18.354977] ? __pfx_read_tsc+0x10/0x10 [ 18.355037] ? ktime_get_ts64+0x86/0x230 [ 18.355097] kunit_try_run_case+0x1a5/0x480 [ 18.355179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.355220] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.355264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.355304] ? __kthread_parkme+0x82/0x180 [ 18.355341] ? preempt_count_sub+0x50/0x80 [ 18.355385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.355428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.355468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.355509] kthread+0x337/0x6f0 [ 18.355538] ? trace_preempt_on+0x20/0xc0 [ 18.355579] ? __pfx_kthread+0x10/0x10 [ 18.355612] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.355662] ? calculate_sigpending+0x7b/0xa0 [ 18.355705] ? __pfx_kthread+0x10/0x10 [ 18.355742] ret_from_fork+0x41/0x80 [ 18.355821] ? __pfx_kthread+0x10/0x10 [ 18.355861] ret_from_fork_asm+0x1a/0x30 [ 18.355929] </TASK> [ 18.355956] [ 18.371613] Allocated by task 248: [ 18.372151] kasan_save_stack+0x45/0x70 [ 18.372570] kasan_save_track+0x18/0x40 [ 18.372936] kasan_save_alloc_info+0x3b/0x50 [ 18.373366] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.374019] remove_element+0x11e/0x190 [ 18.374443] mempool_alloc_preallocated+0x4d/0x90 [ 18.374757] mempool_uaf_helper+0x96/0x400 [ 18.375073] mempool_kmalloc_uaf+0xef/0x140 [ 18.375736] kunit_try_run_case+0x1a5/0x480 [ 18.376128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.376812] kthread+0x337/0x6f0 [ 18.377051] ret_from_fork+0x41/0x80 [ 18.377590] ret_from_fork_asm+0x1a/0x30 [ 18.377954] [ 18.378081] Freed by task 248: [ 18.378649] kasan_save_stack+0x45/0x70 [ 18.378993] kasan_save_track+0x18/0x40 [ 18.379654] kasan_save_free_info+0x3f/0x60 [ 18.379906] __kasan_mempool_poison_object+0x131/0x1d0 [ 18.380118] mempool_free+0x2ec/0x380 [ 18.380476] mempool_uaf_helper+0x11a/0x400 [ 18.380876] mempool_kmalloc_uaf+0xef/0x140 [ 18.381575] kunit_try_run_case+0x1a5/0x480 [ 18.381830] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.382048] kthread+0x337/0x6f0 [ 18.382626] ret_from_fork+0x41/0x80 [ 18.382811] ret_from_fork_asm+0x1a/0x30 [ 18.383480] [ 18.383608] The buggy address belongs to the object at ffff888102b31400 [ 18.383608] which belongs to the cache kmalloc-128 of size 128 [ 18.384765] The buggy address is located 0 bytes inside of [ 18.384765] freed 128-byte region [ffff888102b31400, ffff888102b31480) [ 18.385336] [ 18.385935] The buggy address belongs to the physical page: [ 18.386676] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 18.387344] flags: 0x200000000000000(node=0|zone=2) [ 18.387740] page_type: f5(slab) [ 18.387939] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.388487] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.389321] page dumped because: kasan: bad access detected [ 18.389670] [ 18.389782] Memory state around the buggy address: [ 18.390040] ffff888102b31300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.390889] ffff888102b31380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.391480] >ffff888102b31400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.391786] ^ [ 18.392079] ffff888102b31480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.392929] ffff888102b31500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.393633] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 18.254206] ================================================================== [ 18.254778] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.255238] Read of size 1 at addr ffff888101de5973 by task kunit_try_catch/242 [ 18.255610] [ 18.255922] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.255992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.256008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.256035] Call Trace: [ 18.256054] <TASK> [ 18.256082] dump_stack_lvl+0x73/0xb0 [ 18.256119] print_report+0xd1/0x650 [ 18.256146] ? __virt_addr_valid+0x1db/0x2d0 [ 18.256174] ? mempool_oob_right_helper+0x318/0x380 [ 18.256199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.256223] ? mempool_oob_right_helper+0x318/0x380 [ 18.256249] kasan_report+0x141/0x180 [ 18.256274] ? mempool_oob_right_helper+0x318/0x380 [ 18.256305] __asan_report_load1_noabort+0x18/0x20 [ 18.256328] mempool_oob_right_helper+0x318/0x380 [ 18.256356] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.256382] ? dequeue_entities+0x852/0x1740 [ 18.256412] ? finish_task_switch.isra.0+0x153/0x700 [ 18.256442] mempool_kmalloc_oob_right+0xf2/0x150 [ 18.256468] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 18.256494] ? dequeue_task_fair+0x166/0x4e0 [ 18.256518] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.256570] ? __pfx_mempool_kfree+0x10/0x10 [ 18.256596] ? __pfx_read_tsc+0x10/0x10 [ 18.256620] ? ktime_get_ts64+0x86/0x230 [ 18.256650] kunit_try_run_case+0x1a5/0x480 [ 18.256679] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.256702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.256729] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.256774] ? __kthread_parkme+0x82/0x180 [ 18.256803] ? preempt_count_sub+0x50/0x80 [ 18.256830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.256855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.256880] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.256913] kthread+0x337/0x6f0 [ 18.256937] ? trace_preempt_on+0x20/0xc0 [ 18.256964] ? __pfx_kthread+0x10/0x10 [ 18.256985] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.257009] ? calculate_sigpending+0x7b/0xa0 [ 18.257034] ? __pfx_kthread+0x10/0x10 [ 18.257055] ret_from_fork+0x41/0x80 [ 18.257078] ? __pfx_kthread+0x10/0x10 [ 18.257098] ret_from_fork_asm+0x1a/0x30 [ 18.257135] </TASK> [ 18.257150] [ 18.266046] Allocated by task 242: [ 18.266400] kasan_save_stack+0x45/0x70 [ 18.266663] kasan_save_track+0x18/0x40 [ 18.266816] kasan_save_alloc_info+0x3b/0x50 [ 18.266992] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 18.267287] remove_element+0x11e/0x190 [ 18.267536] mempool_alloc_preallocated+0x4d/0x90 [ 18.267801] mempool_oob_right_helper+0x8a/0x380 [ 18.268076] mempool_kmalloc_oob_right+0xf2/0x150 [ 18.268356] kunit_try_run_case+0x1a5/0x480 [ 18.268618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.268901] kthread+0x337/0x6f0 [ 18.269176] ret_from_fork+0x41/0x80 [ 18.269403] ret_from_fork_asm+0x1a/0x30 [ 18.269631] [ 18.269779] The buggy address belongs to the object at ffff888101de5900 [ 18.269779] which belongs to the cache kmalloc-128 of size 128 [ 18.270351] The buggy address is located 0 bytes to the right of [ 18.270351] allocated 115-byte region [ffff888101de5900, ffff888101de5973) [ 18.270885] [ 18.271052] The buggy address belongs to the physical page: [ 18.271337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 18.271558] flags: 0x200000000000000(node=0|zone=2) [ 18.271806] page_type: f5(slab) [ 18.272084] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.272418] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.272789] page dumped because: kasan: bad access detected [ 18.273055] [ 18.273230] Memory state around the buggy address: [ 18.273416] ffff888101de5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.273725] ffff888101de5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274068] >ffff888101de5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.274397] ^ [ 18.274689] ffff888101de5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.274989] ffff888101de5a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 18.275370] ================================================================== [ 18.282041] ================================================================== [ 18.282730] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.283155] Read of size 1 at addr ffff888102a9a001 by task kunit_try_catch/244 [ 18.283586] [ 18.283807] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.283890] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.283908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.283939] Call Trace: [ 18.283958] <TASK> [ 18.283986] dump_stack_lvl+0x73/0xb0 [ 18.284028] print_report+0xd1/0x650 [ 18.284056] ? __virt_addr_valid+0x1db/0x2d0 [ 18.284087] ? mempool_oob_right_helper+0x318/0x380 [ 18.284115] ? kasan_addr_to_slab+0x11/0xa0 [ 18.284141] ? mempool_oob_right_helper+0x318/0x380 [ 18.284169] kasan_report+0x141/0x180 [ 18.284198] ? mempool_oob_right_helper+0x318/0x380 [ 18.284233] __asan_report_load1_noabort+0x18/0x20 [ 18.284259] mempool_oob_right_helper+0x318/0x380 [ 18.284291] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.284320] ? dequeue_entities+0x852/0x1740 [ 18.284352] ? finish_task_switch.isra.0+0x153/0x700 [ 18.284387] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 18.284416] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 18.284445] ? dequeue_task_fair+0x166/0x4e0 [ 18.284473] ? __pfx_mempool_kmalloc+0x10/0x10 [ 18.284500] ? __pfx_mempool_kfree+0x10/0x10 [ 18.284527] ? __pfx_read_tsc+0x10/0x10 [ 18.284551] ? ktime_get_ts64+0x86/0x230 [ 18.284584] kunit_try_run_case+0x1a5/0x480 [ 18.284615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.284641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.284672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.284700] ? __kthread_parkme+0x82/0x180 [ 18.284727] ? preempt_count_sub+0x50/0x80 [ 18.284960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.285065] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.285098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.285134] kthread+0x337/0x6f0 [ 18.285155] ? trace_preempt_on+0x20/0xc0 [ 18.285187] ? __pfx_kthread+0x10/0x10 [ 18.285412] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.285445] ? calculate_sigpending+0x7b/0xa0 [ 18.285475] ? __pfx_kthread+0x10/0x10 [ 18.285498] ret_from_fork+0x41/0x80 [ 18.285524] ? __pfx_kthread+0x10/0x10 [ 18.285547] ret_from_fork_asm+0x1a/0x30 [ 18.285587] </TASK> [ 18.285605] [ 18.294523] The buggy address belongs to the physical page: [ 18.294930] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a98 [ 18.295568] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.295772] flags: 0x200000000000040(head|node=0|zone=2) [ 18.296096] page_type: f8(unknown) [ 18.296470] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.296990] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.297266] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.297705] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.297950] head: 0200000000000002 ffffea00040aa601 00000000ffffffff 00000000ffffffff [ 18.298147] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.298688] page dumped because: kasan: bad access detected [ 18.299068] [ 18.299134] Memory state around the buggy address: [ 18.299491] ffff888102a99f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.299856] ffff888102a99f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.300432] >ffff888102a9a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.300665] ^ [ 18.300905] ffff888102a9a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.301363] ffff888102a9a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.301718] ================================================================== [ 18.309228] ================================================================== [ 18.309928] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 18.310212] Read of size 1 at addr ffff888102b402bb by task kunit_try_catch/246 [ 18.310673] [ 18.310856] CPU: 0 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 18.310924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.310939] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.310967] Call Trace: [ 18.310982] <TASK> [ 18.311006] dump_stack_lvl+0x73/0xb0 [ 18.311043] print_report+0xd1/0x650 [ 18.311069] ? __virt_addr_valid+0x1db/0x2d0 [ 18.311096] ? mempool_oob_right_helper+0x318/0x380 [ 18.311122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.311148] ? mempool_oob_right_helper+0x318/0x380 [ 18.311176] kasan_report+0x141/0x180 [ 18.311201] ? mempool_oob_right_helper+0x318/0x380 [ 18.311235] __asan_report_load1_noabort+0x18/0x20 [ 18.311259] mempool_oob_right_helper+0x318/0x380 [ 18.311287] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 18.311319] ? finish_task_switch.isra.0+0x153/0x700 [ 18.311352] mempool_slab_oob_right+0xed/0x140 [ 18.311377] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 18.311398] ? dequeue_task_fair+0x166/0x4e0 [ 18.311425] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 18.311450] ? __pfx_mempool_free_slab+0x10/0x10 [ 18.311476] ? __pfx_read_tsc+0x10/0x10 [ 18.311499] ? ktime_get_ts64+0x86/0x230 [ 18.311530] kunit_try_run_case+0x1a5/0x480 [ 18.311560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.311583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.311611] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.311679] ? __kthread_parkme+0x82/0x180 [ 18.311706] ? preempt_count_sub+0x50/0x80 [ 18.311736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.311904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.311934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.311961] kthread+0x337/0x6f0 [ 18.311981] ? trace_preempt_on+0x20/0xc0 [ 18.312011] ? __pfx_kthread+0x10/0x10 [ 18.312032] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.312058] ? calculate_sigpending+0x7b/0xa0 [ 18.312085] ? __pfx_kthread+0x10/0x10 [ 18.312128] ret_from_fork+0x41/0x80 [ 18.312157] ? __pfx_kthread+0x10/0x10 [ 18.312193] ret_from_fork_asm+0x1a/0x30 [ 18.312580] </TASK> [ 18.312609] [ 18.322725] Allocated by task 246: [ 18.323053] kasan_save_stack+0x45/0x70 [ 18.323503] kasan_save_track+0x18/0x40 [ 18.323723] kasan_save_alloc_info+0x3b/0x50 [ 18.323906] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 18.324052] remove_element+0x11e/0x190 [ 18.324171] mempool_alloc_preallocated+0x4d/0x90 [ 18.324346] mempool_oob_right_helper+0x8a/0x380 [ 18.324711] mempool_slab_oob_right+0xed/0x140 [ 18.325933] kunit_try_run_case+0x1a5/0x480 [ 18.326399] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.326844] kthread+0x337/0x6f0 [ 18.327257] ret_from_fork+0x41/0x80 [ 18.327495] ret_from_fork_asm+0x1a/0x30 [ 18.327848] [ 18.327995] The buggy address belongs to the object at ffff888102b40240 [ 18.327995] which belongs to the cache test_cache of size 123 [ 18.328668] The buggy address is located 0 bytes to the right of [ 18.328668] allocated 123-byte region [ffff888102b40240, ffff888102b402bb) [ 18.329701] [ 18.329995] The buggy address belongs to the physical page: [ 18.330263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b40 [ 18.330800] flags: 0x200000000000000(node=0|zone=2) [ 18.331241] page_type: f5(slab) [ 18.331470] raw: 0200000000000000 ffff888102b3b140 dead000000000122 0000000000000000 [ 18.332041] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 18.332581] page dumped because: kasan: bad access detected [ 18.332861] [ 18.333022] Memory state around the buggy address: [ 18.333921] ffff888102b40180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.334266] ffff888102b40200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 18.334513] >ffff888102b40280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 18.334742] ^ [ 18.334935] ffff888102b40300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.335147] ffff888102b40380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.335364] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 17.653517] ================================================================== [ 17.654045] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 17.654366] Read of size 1 at addr ffff88810150cdc0 by task kunit_try_catch/236 [ 17.654889] [ 17.655135] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.655795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.655841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.655903] Call Trace: [ 17.655930] <TASK> [ 17.655977] dump_stack_lvl+0x73/0xb0 [ 17.656056] print_report+0xd1/0x650 [ 17.656099] ? __virt_addr_valid+0x1db/0x2d0 [ 17.656164] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.656215] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.656259] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.656300] kasan_report+0x141/0x180 [ 17.656345] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.656396] ? kmem_cache_double_destroy+0x1bf/0x380 [ 17.656438] __kasan_check_byte+0x3d/0x50 [ 17.656489] kmem_cache_destroy+0x25/0x1d0 [ 17.656550] kmem_cache_double_destroy+0x1bf/0x380 [ 17.656599] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 17.656646] ? finish_task_switch.isra.0+0x153/0x700 [ 17.656697] ? __switch_to+0x5d9/0xf60 [ 17.656733] ? dequeue_task_fair+0x166/0x4e0 [ 17.656801] ? __pfx_read_tsc+0x10/0x10 [ 17.656841] ? ktime_get_ts64+0x86/0x230 [ 17.656897] kunit_try_run_case+0x1a5/0x480 [ 17.656947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.656985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.657036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.657089] ? __kthread_parkme+0x82/0x180 [ 17.657134] ? preempt_count_sub+0x50/0x80 [ 17.657184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.657233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.657284] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.657327] kthread+0x337/0x6f0 [ 17.657364] ? trace_preempt_on+0x20/0xc0 [ 17.657419] ? __pfx_kthread+0x10/0x10 [ 17.657458] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.657495] ? calculate_sigpending+0x7b/0xa0 [ 17.657534] ? __pfx_kthread+0x10/0x10 [ 17.657563] ret_from_fork+0x41/0x80 [ 17.657599] ? __pfx_kthread+0x10/0x10 [ 17.657627] ret_from_fork_asm+0x1a/0x30 [ 17.657682] </TASK> [ 17.657707] [ 17.673262] Allocated by task 236: [ 17.673937] kasan_save_stack+0x45/0x70 [ 17.674556] kasan_save_track+0x18/0x40 [ 17.674767] kasan_save_alloc_info+0x3b/0x50 [ 17.675454] __kasan_slab_alloc+0x91/0xa0 [ 17.676135] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.676726] __kmem_cache_create_args+0x169/0x240 [ 17.677756] kmem_cache_double_destroy+0xd5/0x380 [ 17.678065] kunit_try_run_case+0x1a5/0x480 [ 17.678634] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.678969] kthread+0x337/0x6f0 [ 17.679204] ret_from_fork+0x41/0x80 [ 17.679721] ret_from_fork_asm+0x1a/0x30 [ 17.680528] [ 17.680723] Freed by task 236: [ 17.681025] kasan_save_stack+0x45/0x70 [ 17.681701] kasan_save_track+0x18/0x40 [ 17.681988] kasan_save_free_info+0x3f/0x60 [ 17.682359] __kasan_slab_free+0x56/0x70 [ 17.682602] kmem_cache_free+0x249/0x420 [ 17.682947] slab_kmem_cache_release+0x2e/0x40 [ 17.683212] kmem_cache_release+0x16/0x20 [ 17.683422] kobject_put+0x181/0x450 [ 17.683996] sysfs_slab_release+0x16/0x20 [ 17.684549] kmem_cache_destroy+0xf0/0x1d0 [ 17.685022] kmem_cache_double_destroy+0x14e/0x380 [ 17.685984] kunit_try_run_case+0x1a5/0x480 [ 17.686529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.687091] kthread+0x337/0x6f0 [ 17.687364] ret_from_fork+0x41/0x80 [ 17.687857] ret_from_fork_asm+0x1a/0x30 [ 17.688185] [ 17.688315] The buggy address belongs to the object at ffff88810150cdc0 [ 17.688315] which belongs to the cache kmem_cache of size 208 [ 17.689163] The buggy address is located 0 bytes inside of [ 17.689163] freed 208-byte region [ffff88810150cdc0, ffff88810150ce90) [ 17.691030] [ 17.691213] The buggy address belongs to the physical page: [ 17.691450] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10150c [ 17.691831] flags: 0x200000000000000(node=0|zone=2) [ 17.692077] page_type: f5(slab) [ 17.692811] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 17.693624] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 17.694172] page dumped because: kasan: bad access detected [ 17.694416] [ 17.694607] Memory state around the buggy address: [ 17.695034] ffff88810150cc80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.695488] ffff88810150cd00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 17.696202] >ffff88810150cd80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 17.697170] ^ [ 17.697591] ffff88810150ce00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.698009] ffff88810150ce80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.698493] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 17.587739] ================================================================== [ 17.588391] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.588868] Read of size 1 at addr ffff888101e00000 by task kunit_try_catch/234 [ 17.589109] [ 17.589294] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.589359] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.589373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.589399] Call Trace: [ 17.589416] <TASK> [ 17.589443] dump_stack_lvl+0x73/0xb0 [ 17.589479] print_report+0xd1/0x650 [ 17.589504] ? __virt_addr_valid+0x1db/0x2d0 [ 17.589531] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.589552] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.589897] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.589925] kasan_report+0x141/0x180 [ 17.589952] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.589981] __asan_report_load1_noabort+0x18/0x20 [ 17.590004] kmem_cache_rcu_uaf+0x3e3/0x510 [ 17.590026] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 17.590048] ? finish_task_switch.isra.0+0x153/0x700 [ 17.590078] ? __switch_to+0x5d9/0xf60 [ 17.590102] ? dequeue_task_fair+0x156/0x4e0 [ 17.590161] ? __pfx_read_tsc+0x10/0x10 [ 17.590184] ? ktime_get_ts64+0x86/0x230 [ 17.590215] kunit_try_run_case+0x1a5/0x480 [ 17.590244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.590268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.590295] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.590320] ? __kthread_parkme+0x82/0x180 [ 17.590346] ? preempt_count_sub+0x50/0x80 [ 17.590380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.590405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.590430] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.590454] kthread+0x337/0x6f0 [ 17.590474] ? trace_preempt_on+0x20/0xc0 [ 17.590501] ? __pfx_kthread+0x10/0x10 [ 17.590521] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.590557] ? calculate_sigpending+0x7b/0xa0 [ 17.590583] ? __pfx_kthread+0x10/0x10 [ 17.590603] ret_from_fork+0x41/0x80 [ 17.590626] ? __pfx_kthread+0x10/0x10 [ 17.590648] ret_from_fork_asm+0x1a/0x30 [ 17.590683] </TASK> [ 17.590698] [ 17.599927] Allocated by task 234: [ 17.600282] kasan_save_stack+0x45/0x70 [ 17.600651] kasan_save_track+0x18/0x40 [ 17.601031] kasan_save_alloc_info+0x3b/0x50 [ 17.601326] __kasan_slab_alloc+0x91/0xa0 [ 17.601449] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.601579] kmem_cache_rcu_uaf+0x155/0x510 [ 17.601695] kunit_try_run_case+0x1a5/0x480 [ 17.601828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.602067] kthread+0x337/0x6f0 [ 17.602325] ret_from_fork+0x41/0x80 [ 17.602536] ret_from_fork_asm+0x1a/0x30 [ 17.602866] [ 17.602999] Freed by task 0: [ 17.603280] kasan_save_stack+0x45/0x70 [ 17.603447] kasan_save_track+0x18/0x40 [ 17.603690] kasan_save_free_info+0x3f/0x60 [ 17.603838] __kasan_slab_free+0x56/0x70 [ 17.604129] slab_free_after_rcu_debug+0xe4/0x310 [ 17.604493] rcu_core+0x66c/0x1c30 [ 17.604687] rcu_core_si+0x12/0x20 [ 17.604836] handle_softirqs+0x209/0x730 [ 17.605457] __irq_exit_rcu+0xc9/0x110 [ 17.605862] irq_exit_rcu+0x12/0x20 [ 17.606218] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.606376] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.606802] [ 17.606994] Last potentially related work creation: [ 17.607320] kasan_save_stack+0x45/0x70 [ 17.607656] kasan_record_aux_stack+0xb2/0xc0 [ 17.607976] kmem_cache_free+0x131/0x420 [ 17.608293] kmem_cache_rcu_uaf+0x194/0x510 [ 17.608463] kunit_try_run_case+0x1a5/0x480 [ 17.608766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.609178] kthread+0x337/0x6f0 [ 17.609526] ret_from_fork+0x41/0x80 [ 17.609883] ret_from_fork_asm+0x1a/0x30 [ 17.610316] [ 17.610525] The buggy address belongs to the object at ffff888101e00000 [ 17.610525] which belongs to the cache test_cache of size 200 [ 17.611373] The buggy address is located 0 bytes inside of [ 17.611373] freed 200-byte region [ffff888101e00000, ffff888101e000c8) [ 17.612067] [ 17.612336] The buggy address belongs to the physical page: [ 17.612691] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101e00 [ 17.613545] flags: 0x200000000000000(node=0|zone=2) [ 17.613861] page_type: f5(slab) [ 17.614185] raw: 0200000000000000 ffff88810166da00 dead000000000122 0000000000000000 [ 17.614494] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.615732] page dumped because: kasan: bad access detected [ 17.616416] [ 17.616543] Memory state around the buggy address: [ 17.617369] ffff888101dfff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.617784] ffff888101dfff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.618275] >ffff888101e00000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.618779] ^ [ 17.619338] ffff888101e00080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.619669] ffff888101e00100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.620424] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 17.515600] ================================================================== [ 17.516252] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 17.516459] Free of addr ffff888102b38001 by task kunit_try_catch/232 [ 17.516790] [ 17.516965] CPU: 0 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.517032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.517047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.517075] Call Trace: [ 17.517094] <TASK> [ 17.517120] dump_stack_lvl+0x73/0xb0 [ 17.517160] print_report+0xd1/0x650 [ 17.517188] ? __virt_addr_valid+0x1db/0x2d0 [ 17.517219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.517246] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517271] kasan_report_invalid_free+0x10a/0x130 [ 17.517298] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517324] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517347] check_slab_allocation+0x11f/0x130 [ 17.517372] __kasan_slab_pre_free+0x28/0x40 [ 17.517396] kmem_cache_free+0xed/0x420 [ 17.517421] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.517445] ? kmem_cache_invalid_free+0x1d8/0x460 [ 17.517550] kmem_cache_invalid_free+0x1d8/0x460 [ 17.517679] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 17.517706] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.517745] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 17.517790] kunit_try_run_case+0x1a5/0x480 [ 17.517824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.517850] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.517879] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.517906] ? __kthread_parkme+0x82/0x180 [ 17.517934] ? preempt_count_sub+0x50/0x80 [ 17.517966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.517994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.518023] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.518053] kthread+0x337/0x6f0 [ 17.518074] ? trace_preempt_on+0x20/0xc0 [ 17.518117] ? __pfx_kthread+0x10/0x10 [ 17.518199] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.518245] ? calculate_sigpending+0x7b/0xa0 [ 17.518283] ? __pfx_kthread+0x10/0x10 [ 17.518311] ret_from_fork+0x41/0x80 [ 17.518342] ? __pfx_kthread+0x10/0x10 [ 17.518368] ret_from_fork_asm+0x1a/0x30 [ 17.518410] </TASK> [ 17.518429] [ 17.529881] Allocated by task 232: [ 17.530567] kasan_save_stack+0x45/0x70 [ 17.530979] kasan_save_track+0x18/0x40 [ 17.531298] kasan_save_alloc_info+0x3b/0x50 [ 17.532055] __kasan_slab_alloc+0x91/0xa0 [ 17.532534] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.532911] kmem_cache_invalid_free+0x157/0x460 [ 17.533068] kunit_try_run_case+0x1a5/0x480 [ 17.533483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.533756] kthread+0x337/0x6f0 [ 17.534076] ret_from_fork+0x41/0x80 [ 17.534335] ret_from_fork_asm+0x1a/0x30 [ 17.534474] [ 17.534621] The buggy address belongs to the object at ffff888102b38000 [ 17.534621] which belongs to the cache test_cache of size 200 [ 17.535277] The buggy address is located 1 bytes inside of [ 17.535277] 200-byte region [ffff888102b38000, ffff888102b380c8) [ 17.535942] [ 17.536266] The buggy address belongs to the physical page: [ 17.536746] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b38 [ 17.537120] flags: 0x200000000000000(node=0|zone=2) [ 17.537619] page_type: f5(slab) [ 17.537785] raw: 0200000000000000 ffff88810150cc80 dead000000000122 0000000000000000 [ 17.538322] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.538593] page dumped because: kasan: bad access detected [ 17.539037] [ 17.539339] Memory state around the buggy address: [ 17.539684] ffff888102b37f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.540231] ffff888102b37f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.540536] >ffff888102b38000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.540976] ^ [ 17.541167] ffff888102b38080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.541497] ffff888102b38100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.541977] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 17.474722] ================================================================== [ 17.475428] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 17.475684] Free of addr ffff888101dfe000 by task kunit_try_catch/230 [ 17.475846] [ 17.475940] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.476003] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.476018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.476043] Call Trace: [ 17.476059] <TASK> [ 17.476083] dump_stack_lvl+0x73/0xb0 [ 17.476129] print_report+0xd1/0x650 [ 17.476156] ? __virt_addr_valid+0x1db/0x2d0 [ 17.476185] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.476209] ? kmem_cache_double_free+0x1e5/0x480 [ 17.476232] kasan_report_invalid_free+0x10a/0x130 [ 17.476259] ? kmem_cache_double_free+0x1e5/0x480 [ 17.476284] ? kmem_cache_double_free+0x1e5/0x480 [ 17.476306] check_slab_allocation+0x101/0x130 [ 17.476330] __kasan_slab_pre_free+0x28/0x40 [ 17.476353] kmem_cache_free+0xed/0x420 [ 17.476377] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.476400] ? kmem_cache_double_free+0x1e5/0x480 [ 17.476425] kmem_cache_double_free+0x1e5/0x480 [ 17.476447] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 17.476469] ? finish_task_switch.isra.0+0x153/0x700 [ 17.476496] ? __switch_to+0x5d9/0xf60 [ 17.476518] ? dequeue_task_fair+0x166/0x4e0 [ 17.476547] ? __pfx_read_tsc+0x10/0x10 [ 17.476570] ? ktime_get_ts64+0x86/0x230 [ 17.476598] kunit_try_run_case+0x1a5/0x480 [ 17.476625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.476648] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.476673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.476697] ? __kthread_parkme+0x82/0x180 [ 17.476721] ? preempt_count_sub+0x50/0x80 [ 17.476759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.476789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.476814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.476839] kthread+0x337/0x6f0 [ 17.476858] ? trace_preempt_on+0x20/0xc0 [ 17.476885] ? __pfx_kthread+0x10/0x10 [ 17.476905] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.476928] ? calculate_sigpending+0x7b/0xa0 [ 17.476952] ? __pfx_kthread+0x10/0x10 [ 17.476973] ret_from_fork+0x41/0x80 [ 17.477000] ? __pfx_kthread+0x10/0x10 [ 17.477144] ret_from_fork_asm+0x1a/0x30 [ 17.477232] </TASK> [ 17.477254] [ 17.485528] Allocated by task 230: [ 17.485832] kasan_save_stack+0x45/0x70 [ 17.486137] kasan_save_track+0x18/0x40 [ 17.486428] kasan_save_alloc_info+0x3b/0x50 [ 17.487286] __kasan_slab_alloc+0x91/0xa0 [ 17.487967] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.488989] kmem_cache_double_free+0x14f/0x480 [ 17.489695] kunit_try_run_case+0x1a5/0x480 [ 17.489860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.490243] kthread+0x337/0x6f0 [ 17.490772] ret_from_fork+0x41/0x80 [ 17.491068] ret_from_fork_asm+0x1a/0x30 [ 17.491297] [ 17.491370] Freed by task 230: [ 17.491757] kasan_save_stack+0x45/0x70 [ 17.492002] kasan_save_track+0x18/0x40 [ 17.492291] kasan_save_free_info+0x3f/0x60 [ 17.492567] __kasan_slab_free+0x56/0x70 [ 17.492797] kmem_cache_free+0x249/0x420 [ 17.493061] kmem_cache_double_free+0x16a/0x480 [ 17.493467] kunit_try_run_case+0x1a5/0x480 [ 17.493757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.494006] kthread+0x337/0x6f0 [ 17.494687] ret_from_fork+0x41/0x80 [ 17.494929] ret_from_fork_asm+0x1a/0x30 [ 17.495138] [ 17.495240] The buggy address belongs to the object at ffff888101dfe000 [ 17.495240] which belongs to the cache test_cache of size 200 [ 17.495721] The buggy address is located 0 bytes inside of [ 17.495721] 200-byte region [ffff888101dfe000, ffff888101dfe0c8) [ 17.496400] [ 17.496555] The buggy address belongs to the physical page: [ 17.496778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101dfe [ 17.497262] flags: 0x200000000000000(node=0|zone=2) [ 17.497548] page_type: f5(slab) [ 17.497792] raw: 0200000000000000 ffff88810166d8c0 dead000000000122 0000000000000000 [ 17.498359] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.499041] page dumped because: kasan: bad access detected [ 17.499444] [ 17.499542] Memory state around the buggy address: [ 17.499697] ffff888101dfdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500083] ffff888101dfdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.500401] >ffff888101dfe000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.500868] ^ [ 17.501138] ffff888101dfe080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 17.501622] ffff888101dfe100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.501851] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 17.429585] ================================================================== [ 17.430080] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 17.430286] Read of size 1 at addr ffff888101dfa0c8 by task kunit_try_catch/228 [ 17.430790] [ 17.431213] CPU: 1 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.431279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.431294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.431379] Call Trace: [ 17.431396] <TASK> [ 17.431422] dump_stack_lvl+0x73/0xb0 [ 17.431460] print_report+0xd1/0x650 [ 17.431486] ? __virt_addr_valid+0x1db/0x2d0 [ 17.431514] ? kmem_cache_oob+0x402/0x530 [ 17.431534] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.431559] ? kmem_cache_oob+0x402/0x530 [ 17.431580] kasan_report+0x141/0x180 [ 17.431604] ? kmem_cache_oob+0x402/0x530 [ 17.431647] __asan_report_load1_noabort+0x18/0x20 [ 17.431677] kmem_cache_oob+0x402/0x530 [ 17.431697] ? trace_hardirqs_on+0x37/0xe0 [ 17.431724] ? __pfx_kmem_cache_oob+0x10/0x10 [ 17.431756] ? finish_task_switch.isra.0+0x153/0x700 [ 17.431787] ? __switch_to+0x5d9/0xf60 [ 17.431810] ? dequeue_task_fair+0x156/0x4e0 [ 17.431840] ? __pfx_read_tsc+0x10/0x10 [ 17.431863] ? ktime_get_ts64+0x86/0x230 [ 17.431892] kunit_try_run_case+0x1a5/0x480 [ 17.431920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.431942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.431969] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.431993] ? __kthread_parkme+0x82/0x180 [ 17.432017] ? preempt_count_sub+0x50/0x80 [ 17.432043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.432068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.432092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.432115] kthread+0x337/0x6f0 [ 17.432134] ? trace_preempt_on+0x20/0xc0 [ 17.432158] ? __pfx_kthread+0x10/0x10 [ 17.432178] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.432201] ? calculate_sigpending+0x7b/0xa0 [ 17.432225] ? __pfx_kthread+0x10/0x10 [ 17.432246] ret_from_fork+0x41/0x80 [ 17.432323] ? __pfx_kthread+0x10/0x10 [ 17.432346] ret_from_fork_asm+0x1a/0x30 [ 17.432380] </TASK> [ 17.432396] [ 17.443076] Allocated by task 228: [ 17.443392] kasan_save_stack+0x45/0x70 [ 17.443848] kasan_save_track+0x18/0x40 [ 17.444015] kasan_save_alloc_info+0x3b/0x50 [ 17.444597] __kasan_slab_alloc+0x91/0xa0 [ 17.444815] kmem_cache_alloc_noprof+0x123/0x3f0 [ 17.445467] kmem_cache_oob+0x157/0x530 [ 17.445814] kunit_try_run_case+0x1a5/0x480 [ 17.446031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.446530] kthread+0x337/0x6f0 [ 17.446682] ret_from_fork+0x41/0x80 [ 17.446881] ret_from_fork_asm+0x1a/0x30 [ 17.447087] [ 17.447270] The buggy address belongs to the object at ffff888101dfa000 [ 17.447270] which belongs to the cache test_cache of size 200 [ 17.447765] The buggy address is located 0 bytes to the right of [ 17.447765] allocated 200-byte region [ffff888101dfa000, ffff888101dfa0c8) [ 17.448316] [ 17.448457] The buggy address belongs to the physical page: [ 17.448627] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101dfa [ 17.449474] flags: 0x200000000000000(node=0|zone=2) [ 17.449723] page_type: f5(slab) [ 17.449969] raw: 0200000000000000 ffff88810166d780 dead000000000122 0000000000000000 [ 17.450487] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 17.450727] page dumped because: kasan: bad access detected [ 17.451100] [ 17.451316] Memory state around the buggy address: [ 17.451575] ffff888101df9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.451953] ffff888101dfa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.452516] >ffff888101dfa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 17.452687] ^ [ 17.453073] ffff888101dfa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.453514] ffff888101dfa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.453815] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 17.384357] ================================================================== [ 17.385225] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 17.386121] Read of size 8 at addr ffff888102b360c0 by task kunit_try_catch/221 [ 17.386358] [ 17.386817] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.386889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.386904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.386931] Call Trace: [ 17.386950] <TASK> [ 17.386975] dump_stack_lvl+0x73/0xb0 [ 17.387094] print_report+0xd1/0x650 [ 17.387273] ? __virt_addr_valid+0x1db/0x2d0 [ 17.387313] ? workqueue_uaf+0x4d6/0x560 [ 17.387341] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.387368] ? workqueue_uaf+0x4d6/0x560 [ 17.387396] kasan_report+0x141/0x180 [ 17.387423] ? workqueue_uaf+0x4d6/0x560 [ 17.387454] __asan_report_load8_noabort+0x18/0x20 [ 17.387478] workqueue_uaf+0x4d6/0x560 [ 17.387504] ? __pfx_workqueue_uaf+0x10/0x10 [ 17.387531] ? __schedule+0x10cc/0x2b30 [ 17.387558] ? __pfx_read_tsc+0x10/0x10 [ 17.387581] ? ktime_get_ts64+0x86/0x230 [ 17.387612] kunit_try_run_case+0x1a5/0x480 [ 17.387703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.387729] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.387781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.387810] ? __kthread_parkme+0x82/0x180 [ 17.387837] ? preempt_count_sub+0x50/0x80 [ 17.387868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.387897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.387924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.387950] kthread+0x337/0x6f0 [ 17.387969] ? trace_preempt_on+0x20/0xc0 [ 17.387998] ? __pfx_kthread+0x10/0x10 [ 17.388019] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.388044] ? calculate_sigpending+0x7b/0xa0 [ 17.388069] ? __pfx_kthread+0x10/0x10 [ 17.388091] ret_from_fork+0x41/0x80 [ 17.388143] ? __pfx_kthread+0x10/0x10 [ 17.388167] ret_from_fork_asm+0x1a/0x30 [ 17.388562] </TASK> [ 17.388580] [ 17.397614] Allocated by task 221: [ 17.398268] kasan_save_stack+0x45/0x70 [ 17.398611] kasan_save_track+0x18/0x40 [ 17.398909] kasan_save_alloc_info+0x3b/0x50 [ 17.399254] __kasan_kmalloc+0xb7/0xc0 [ 17.399378] __kmalloc_cache_noprof+0x189/0x420 [ 17.399743] workqueue_uaf+0x152/0x560 [ 17.400064] kunit_try_run_case+0x1a5/0x480 [ 17.400536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.400890] kthread+0x337/0x6f0 [ 17.401087] ret_from_fork+0x41/0x80 [ 17.401428] ret_from_fork_asm+0x1a/0x30 [ 17.401702] [ 17.401818] Freed by task 91: [ 17.401951] kasan_save_stack+0x45/0x70 [ 17.402320] kasan_save_track+0x18/0x40 [ 17.402618] kasan_save_free_info+0x3f/0x60 [ 17.402914] __kasan_slab_free+0x56/0x70 [ 17.403128] kfree+0x222/0x3f0 [ 17.403419] workqueue_uaf_work+0x12/0x20 [ 17.403556] process_one_work+0x5ee/0xf60 [ 17.403858] worker_thread+0x758/0x1220 [ 17.404059] kthread+0x337/0x6f0 [ 17.404634] ret_from_fork+0x41/0x80 [ 17.404864] ret_from_fork_asm+0x1a/0x30 [ 17.405042] [ 17.405181] Last potentially related work creation: [ 17.405329] kasan_save_stack+0x45/0x70 [ 17.405680] kasan_record_aux_stack+0xb2/0xc0 [ 17.405948] __queue_work+0x626/0xeb0 [ 17.406149] queue_work_on+0xb6/0xc0 [ 17.406478] workqueue_uaf+0x26d/0x560 [ 17.406619] kunit_try_run_case+0x1a5/0x480 [ 17.406885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.407097] kthread+0x337/0x6f0 [ 17.407374] ret_from_fork+0x41/0x80 [ 17.407579] ret_from_fork_asm+0x1a/0x30 [ 17.407774] [ 17.407844] The buggy address belongs to the object at ffff888102b360c0 [ 17.407844] which belongs to the cache kmalloc-32 of size 32 [ 17.408778] The buggy address is located 0 bytes inside of [ 17.408778] freed 32-byte region [ffff888102b360c0, ffff888102b360e0) [ 17.409260] [ 17.409419] The buggy address belongs to the physical page: [ 17.409629] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b36 [ 17.410126] flags: 0x200000000000000(node=0|zone=2) [ 17.410511] page_type: f5(slab) [ 17.410682] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 17.411026] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.411425] page dumped because: kasan: bad access detected [ 17.411704] [ 17.411845] Memory state around the buggy address: [ 17.411984] ffff888102b35f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.412607] ffff888102b36000: 00 00 03 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.412874] >ffff888102b36080: 00 00 00 07 fc fc fc fc fa fb fb fb fc fc fc fc [ 17.413312] ^ [ 17.413605] ffff888102b36100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.413998] ffff888102b36180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.414289] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 17.335511] ================================================================== [ 17.336237] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 17.336455] Read of size 4 at addr ffff888102b2ef40 by task swapper/0/0 [ 17.336939] [ 17.337126] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.337192] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.337208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.337236] Call Trace: [ 17.337274] <IRQ> [ 17.337299] dump_stack_lvl+0x73/0xb0 [ 17.337337] print_report+0xd1/0x650 [ 17.337364] ? __virt_addr_valid+0x1db/0x2d0 [ 17.337393] ? rcu_uaf_reclaim+0x50/0x60 [ 17.337416] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.337441] ? rcu_uaf_reclaim+0x50/0x60 [ 17.337465] kasan_report+0x141/0x180 [ 17.337491] ? rcu_uaf_reclaim+0x50/0x60 [ 17.337520] __asan_report_load4_noabort+0x18/0x20 [ 17.337543] rcu_uaf_reclaim+0x50/0x60 [ 17.337567] rcu_core+0x66c/0x1c30 [ 17.337596] ? enqueue_hrtimer+0xfe/0x210 [ 17.337624] ? __pfx_rcu_core+0x10/0x10 [ 17.337649] ? ktime_get+0x6b/0x150 [ 17.337673] ? handle_softirqs+0x18e/0x730 [ 17.337703] rcu_core_si+0x12/0x20 [ 17.337727] handle_softirqs+0x209/0x730 [ 17.337779] ? hrtimer_interrupt+0x2fe/0x780 [ 17.337807] ? __pfx_handle_softirqs+0x10/0x10 [ 17.337838] __irq_exit_rcu+0xc9/0x110 [ 17.337863] irq_exit_rcu+0x12/0x20 [ 17.337882] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.337911] </IRQ> [ 17.337944] <TASK> [ 17.337958] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.338075] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 17.338532] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 2d 28 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 17.338709] RSP: 0000:ffffffff93207dd8 EFLAGS: 00010212 [ 17.338868] RAX: ffff8881c6a93000 RBX: ffffffff9321ca80 RCX: ffffffff92007015 [ 17.338925] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 000000000000609c [ 17.338978] RBP: ffffffff93207de0 R08: 0000000000000001 R09: ffffed102b606102 [ 17.339029] R10: ffff88815b030813 R11: 0000000000042400 R12: 0000000000000000 [ 17.339083] R13: fffffbfff2643950 R14: ffffffff93d9bc10 R15: 0000000000000000 [ 17.339286] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 17.339396] ? default_idle+0xd/0x20 [ 17.339426] arch_cpu_idle+0xd/0x20 [ 17.339450] default_idle_call+0x48/0x80 [ 17.339475] do_idle+0x379/0x4f0 [ 17.339506] ? __pfx_do_idle+0x10/0x10 [ 17.339534] ? rest_init+0x10b/0x140 [ 17.339560] cpu_startup_entry+0x5c/0x70 [ 17.339587] rest_init+0x11a/0x140 [ 17.339610] ? acpi_subsystem_init+0x5d/0x150 [ 17.339686] start_kernel+0x32b/0x410 [ 17.339715] x86_64_start_reservations+0x1c/0x30 [ 17.339742] x86_64_start_kernel+0xcf/0xe0 [ 17.339786] common_startup_64+0x13e/0x148 [ 17.339830] </TASK> [ 17.339849] [ 17.355098] Allocated by task 219: [ 17.355491] kasan_save_stack+0x45/0x70 [ 17.355818] kasan_save_track+0x18/0x40 [ 17.356250] kasan_save_alloc_info+0x3b/0x50 [ 17.356794] __kasan_kmalloc+0xb7/0xc0 [ 17.357051] __kmalloc_cache_noprof+0x189/0x420 [ 17.357591] rcu_uaf+0xb0/0x330 [ 17.357969] kunit_try_run_case+0x1a5/0x480 [ 17.358359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.358567] kthread+0x337/0x6f0 [ 17.358792] ret_from_fork+0x41/0x80 [ 17.359237] ret_from_fork_asm+0x1a/0x30 [ 17.359495] [ 17.359906] Freed by task 0: [ 17.360228] kasan_save_stack+0x45/0x70 [ 17.360390] kasan_save_track+0x18/0x40 [ 17.360712] kasan_save_free_info+0x3f/0x60 [ 17.361002] __kasan_slab_free+0x56/0x70 [ 17.361202] kfree+0x222/0x3f0 [ 17.361457] rcu_uaf_reclaim+0x1f/0x60 [ 17.361582] rcu_core+0x66c/0x1c30 [ 17.361904] rcu_core_si+0x12/0x20 [ 17.362505] handle_softirqs+0x209/0x730 [ 17.362729] __irq_exit_rcu+0xc9/0x110 [ 17.363000] irq_exit_rcu+0x12/0x20 [ 17.363408] sysvec_apic_timer_interrupt+0x81/0x90 [ 17.363658] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 17.364050] [ 17.364393] Last potentially related work creation: [ 17.364701] kasan_save_stack+0x45/0x70 [ 17.365019] kasan_record_aux_stack+0xb2/0xc0 [ 17.365460] __call_rcu_common.constprop.0+0x72/0x9c0 [ 17.365852] call_rcu+0x12/0x20 [ 17.365992] rcu_uaf+0x168/0x330 [ 17.366468] kunit_try_run_case+0x1a5/0x480 [ 17.366705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.366993] kthread+0x337/0x6f0 [ 17.367391] ret_from_fork+0x41/0x80 [ 17.367714] ret_from_fork_asm+0x1a/0x30 [ 17.367973] [ 17.368170] The buggy address belongs to the object at ffff888102b2ef40 [ 17.368170] which belongs to the cache kmalloc-32 of size 32 [ 17.368818] The buggy address is located 0 bytes inside of [ 17.368818] freed 32-byte region [ffff888102b2ef40, ffff888102b2ef60) [ 17.369507] [ 17.369612] The buggy address belongs to the physical page: [ 17.369905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2e [ 17.370455] flags: 0x200000000000000(node=0|zone=2) [ 17.370768] page_type: f5(slab) [ 17.371006] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 17.371344] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 17.371669] page dumped because: kasan: bad access detected [ 17.372033] [ 17.372163] Memory state around the buggy address: [ 17.372392] ffff888102b2ee00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 17.373262] ffff888102b2ee80: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 17.373536] >ffff888102b2ef00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 17.373984] ^ [ 17.374487] ffff888102b2ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.374937] ffff888102b2f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.375520] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 17.189849] ================================================================== [ 17.190530] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 17.191102] Read of size 1 at addr ffff888102b31100 by task kunit_try_catch/217 [ 17.191570] [ 17.191757] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.191860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.191882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.191925] Call Trace: [ 17.191955] <TASK> [ 17.191996] dump_stack_lvl+0x73/0xb0 [ 17.192063] print_report+0xd1/0x650 [ 17.192116] ? __virt_addr_valid+0x1db/0x2d0 [ 17.192173] ? ksize_uaf+0x19d/0x6c0 [ 17.192221] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.192260] ? ksize_uaf+0x19d/0x6c0 [ 17.192298] kasan_report+0x141/0x180 [ 17.192341] ? ksize_uaf+0x19d/0x6c0 [ 17.192390] ? ksize_uaf+0x19d/0x6c0 [ 17.192430] __kasan_check_byte+0x3d/0x50 [ 17.192480] ksize+0x20/0x60 [ 17.192519] ksize_uaf+0x19d/0x6c0 [ 17.192555] ? __pfx_ksize_uaf+0x10/0x10 [ 17.192591] ? __schedule+0x10cc/0x2b30 [ 17.192627] ? __pfx_read_tsc+0x10/0x10 [ 17.192664] ? ktime_get_ts64+0x86/0x230 [ 17.192742] kunit_try_run_case+0x1a5/0x480 [ 17.192802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.192844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.192896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.192940] ? __kthread_parkme+0x82/0x180 [ 17.192981] ? preempt_count_sub+0x50/0x80 [ 17.193025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.193066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.193108] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.193152] kthread+0x337/0x6f0 [ 17.193190] ? trace_preempt_on+0x20/0xc0 [ 17.193240] ? __pfx_kthread+0x10/0x10 [ 17.193281] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.193325] ? calculate_sigpending+0x7b/0xa0 [ 17.193366] ? __pfx_kthread+0x10/0x10 [ 17.193415] ret_from_fork+0x41/0x80 [ 17.193455] ? __pfx_kthread+0x10/0x10 [ 17.193492] ret_from_fork_asm+0x1a/0x30 [ 17.193549] </TASK> [ 17.193572] [ 17.205769] Allocated by task 217: [ 17.206172] kasan_save_stack+0x45/0x70 [ 17.206570] kasan_save_track+0x18/0x40 [ 17.207817] kasan_save_alloc_info+0x3b/0x50 [ 17.208245] __kasan_kmalloc+0xb7/0xc0 [ 17.208581] __kmalloc_cache_noprof+0x189/0x420 [ 17.208851] ksize_uaf+0xaa/0x6c0 [ 17.209049] kunit_try_run_case+0x1a5/0x480 [ 17.209421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.210091] kthread+0x337/0x6f0 [ 17.210586] ret_from_fork+0x41/0x80 [ 17.210936] ret_from_fork_asm+0x1a/0x30 [ 17.211594] [ 17.211810] Freed by task 217: [ 17.212111] kasan_save_stack+0x45/0x70 [ 17.212550] kasan_save_track+0x18/0x40 [ 17.212923] kasan_save_free_info+0x3f/0x60 [ 17.213386] __kasan_slab_free+0x56/0x70 [ 17.213770] kfree+0x222/0x3f0 [ 17.214069] ksize_uaf+0x12c/0x6c0 [ 17.214546] kunit_try_run_case+0x1a5/0x480 [ 17.214804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.215154] kthread+0x337/0x6f0 [ 17.215790] ret_from_fork+0x41/0x80 [ 17.216141] ret_from_fork_asm+0x1a/0x30 [ 17.216515] [ 17.216712] The buggy address belongs to the object at ffff888102b31100 [ 17.216712] which belongs to the cache kmalloc-128 of size 128 [ 17.217597] The buggy address is located 0 bytes inside of [ 17.217597] freed 128-byte region [ffff888102b31100, ffff888102b31180) [ 17.218343] [ 17.218484] The buggy address belongs to the physical page: [ 17.219093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 17.219919] flags: 0x200000000000000(node=0|zone=2) [ 17.221031] page_type: f5(slab) [ 17.221498] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.221798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.222315] page dumped because: kasan: bad access detected [ 17.222609] [ 17.222729] Memory state around the buggy address: [ 17.223221] ffff888102b31000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.223773] ffff888102b31080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.224546] >ffff888102b31100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.224855] ^ [ 17.225167] ffff888102b31180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.225828] ffff888102b31200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.226103] ================================================================== [ 17.270784] ================================================================== [ 17.271134] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 17.271480] Read of size 1 at addr ffff888102b31178 by task kunit_try_catch/217 [ 17.271790] [ 17.272097] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.272254] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.272286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.272335] Call Trace: [ 17.272378] <TASK> [ 17.272419] dump_stack_lvl+0x73/0xb0 [ 17.272494] print_report+0xd1/0x650 [ 17.272550] ? __virt_addr_valid+0x1db/0x2d0 [ 17.272604] ? ksize_uaf+0x5e4/0x6c0 [ 17.272651] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.272701] ? ksize_uaf+0x5e4/0x6c0 [ 17.272760] kasan_report+0x141/0x180 [ 17.272815] ? ksize_uaf+0x5e4/0x6c0 [ 17.272872] __asan_report_load1_noabort+0x18/0x20 [ 17.272911] ksize_uaf+0x5e4/0x6c0 [ 17.272953] ? __pfx_ksize_uaf+0x10/0x10 [ 17.272999] ? __schedule+0x10cc/0x2b30 [ 17.273044] ? __pfx_read_tsc+0x10/0x10 [ 17.273125] ? ktime_get_ts64+0x86/0x230 [ 17.273189] kunit_try_run_case+0x1a5/0x480 [ 17.273237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.273273] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.273312] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.273350] ? __kthread_parkme+0x82/0x180 [ 17.273389] ? preempt_count_sub+0x50/0x80 [ 17.273432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.273472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.273510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.273549] kthread+0x337/0x6f0 [ 17.273578] ? trace_preempt_on+0x20/0xc0 [ 17.273623] ? __pfx_kthread+0x10/0x10 [ 17.273656] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.273692] ? calculate_sigpending+0x7b/0xa0 [ 17.273902] ? __pfx_kthread+0x10/0x10 [ 17.273950] ret_from_fork+0x41/0x80 [ 17.273998] ? __pfx_kthread+0x10/0x10 [ 17.274036] ret_from_fork_asm+0x1a/0x30 [ 17.274104] </TASK> [ 17.274238] [ 17.287886] Allocated by task 217: [ 17.288526] kasan_save_stack+0x45/0x70 [ 17.288961] kasan_save_track+0x18/0x40 [ 17.289409] kasan_save_alloc_info+0x3b/0x50 [ 17.289638] __kasan_kmalloc+0xb7/0xc0 [ 17.289985] __kmalloc_cache_noprof+0x189/0x420 [ 17.291087] ksize_uaf+0xaa/0x6c0 [ 17.291321] kunit_try_run_case+0x1a5/0x480 [ 17.291581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.292021] kthread+0x337/0x6f0 [ 17.292254] ret_from_fork+0x41/0x80 [ 17.292504] ret_from_fork_asm+0x1a/0x30 [ 17.292729] [ 17.293386] Freed by task 217: [ 17.293675] kasan_save_stack+0x45/0x70 [ 17.293962] kasan_save_track+0x18/0x40 [ 17.295041] kasan_save_free_info+0x3f/0x60 [ 17.295441] __kasan_slab_free+0x56/0x70 [ 17.295691] kfree+0x222/0x3f0 [ 17.296089] ksize_uaf+0x12c/0x6c0 [ 17.296671] kunit_try_run_case+0x1a5/0x480 [ 17.297075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.297505] kthread+0x337/0x6f0 [ 17.297846] ret_from_fork+0x41/0x80 [ 17.298160] ret_from_fork_asm+0x1a/0x30 [ 17.298439] [ 17.298574] The buggy address belongs to the object at ffff888102b31100 [ 17.298574] which belongs to the cache kmalloc-128 of size 128 [ 17.299191] The buggy address is located 120 bytes inside of [ 17.299191] freed 128-byte region [ffff888102b31100, ffff888102b31180) [ 17.301186] [ 17.301323] The buggy address belongs to the physical page: [ 17.301643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 17.302077] flags: 0x200000000000000(node=0|zone=2) [ 17.302744] page_type: f5(slab) [ 17.303034] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.303499] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.304176] page dumped because: kasan: bad access detected [ 17.305294] [ 17.305426] Memory state around the buggy address: [ 17.305648] ffff888102b31000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.306239] ffff888102b31080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.306812] >ffff888102b31100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.307969] ^ [ 17.308624] ffff888102b31180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.308874] ffff888102b31200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.309108] ================================================================== [ 17.228926] ================================================================== [ 17.229472] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 17.229802] Read of size 1 at addr ffff888102b31100 by task kunit_try_catch/217 [ 17.230507] [ 17.231189] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.231481] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.231511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.231560] Call Trace: [ 17.231599] <TASK> [ 17.231643] dump_stack_lvl+0x73/0xb0 [ 17.231713] print_report+0xd1/0x650 [ 17.231765] ? __virt_addr_valid+0x1db/0x2d0 [ 17.231805] ? ksize_uaf+0x5fe/0x6c0 [ 17.231838] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.231875] ? ksize_uaf+0x5fe/0x6c0 [ 17.231911] kasan_report+0x141/0x180 [ 17.231946] ? ksize_uaf+0x5fe/0x6c0 [ 17.231990] __asan_report_load1_noabort+0x18/0x20 [ 17.232026] ksize_uaf+0x5fe/0x6c0 [ 17.232061] ? __pfx_ksize_uaf+0x10/0x10 [ 17.232103] ? __schedule+0x10cc/0x2b30 [ 17.232148] ? __pfx_read_tsc+0x10/0x10 [ 17.232192] ? ktime_get_ts64+0x86/0x230 [ 17.232246] kunit_try_run_case+0x1a5/0x480 [ 17.232290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.232328] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.232373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.232400] ? __kthread_parkme+0x82/0x180 [ 17.232426] ? preempt_count_sub+0x50/0x80 [ 17.232455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.232481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.232507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.232532] kthread+0x337/0x6f0 [ 17.232552] ? trace_preempt_on+0x20/0xc0 [ 17.232579] ? __pfx_kthread+0x10/0x10 [ 17.232600] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.232623] ? calculate_sigpending+0x7b/0xa0 [ 17.232648] ? __pfx_kthread+0x10/0x10 [ 17.232668] ret_from_fork+0x41/0x80 [ 17.232692] ? __pfx_kthread+0x10/0x10 [ 17.232712] ret_from_fork_asm+0x1a/0x30 [ 17.232770] </TASK> [ 17.232793] [ 17.246789] Allocated by task 217: [ 17.247190] kasan_save_stack+0x45/0x70 [ 17.247457] kasan_save_track+0x18/0x40 [ 17.247790] kasan_save_alloc_info+0x3b/0x50 [ 17.248109] __kasan_kmalloc+0xb7/0xc0 [ 17.248481] __kmalloc_cache_noprof+0x189/0x420 [ 17.249236] ksize_uaf+0xaa/0x6c0 [ 17.249449] kunit_try_run_case+0x1a5/0x480 [ 17.250147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.250655] kthread+0x337/0x6f0 [ 17.251468] ret_from_fork+0x41/0x80 [ 17.251742] ret_from_fork_asm+0x1a/0x30 [ 17.251971] [ 17.252096] Freed by task 217: [ 17.252692] kasan_save_stack+0x45/0x70 [ 17.252942] kasan_save_track+0x18/0x40 [ 17.253263] kasan_save_free_info+0x3f/0x60 [ 17.254072] __kasan_slab_free+0x56/0x70 [ 17.254837] kfree+0x222/0x3f0 [ 17.255327] ksize_uaf+0x12c/0x6c0 [ 17.255598] kunit_try_run_case+0x1a5/0x480 [ 17.256195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.256444] kthread+0x337/0x6f0 [ 17.256789] ret_from_fork+0x41/0x80 [ 17.257162] ret_from_fork_asm+0x1a/0x30 [ 17.257502] [ 17.257604] The buggy address belongs to the object at ffff888102b31100 [ 17.257604] which belongs to the cache kmalloc-128 of size 128 [ 17.258549] The buggy address is located 0 bytes inside of [ 17.258549] freed 128-byte region [ffff888102b31100, ffff888102b31180) [ 17.259494] [ 17.259715] The buggy address belongs to the physical page: [ 17.260572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 17.261471] flags: 0x200000000000000(node=0|zone=2) [ 17.262316] page_type: f5(slab) [ 17.262655] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.263402] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.264026] page dumped because: kasan: bad access detected [ 17.264583] [ 17.264787] Memory state around the buggy address: [ 17.265168] ffff888102b31000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.266395] ffff888102b31080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.266793] >ffff888102b31100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.267549] ^ [ 17.267785] ffff888102b31180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.268260] ffff888102b31200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.268679] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.125145] ================================================================== [ 17.125773] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126066] Read of size 1 at addr ffff888101de5678 by task kunit_try_catch/215 [ 17.126280] [ 17.126412] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.126498] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.126518] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.126551] Call Trace: [ 17.126586] <TASK> [ 17.126619] dump_stack_lvl+0x73/0xb0 [ 17.126673] print_report+0xd1/0x650 [ 17.126709] ? __virt_addr_valid+0x1db/0x2d0 [ 17.126746] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.126878] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.126924] kasan_report+0x141/0x180 [ 17.126970] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.127026] __asan_report_load1_noabort+0x18/0x20 [ 17.127070] ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.127135] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.127185] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.127252] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.127307] kunit_try_run_case+0x1a5/0x480 [ 17.127354] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.127407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.127469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.127515] ? __kthread_parkme+0x82/0x180 [ 17.127564] ? preempt_count_sub+0x50/0x80 [ 17.127618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.127670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.127713] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.127774] kthread+0x337/0x6f0 [ 17.127815] ? trace_preempt_on+0x20/0xc0 [ 17.127870] ? __pfx_kthread+0x10/0x10 [ 17.127914] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.127960] ? calculate_sigpending+0x7b/0xa0 [ 17.128000] ? __pfx_kthread+0x10/0x10 [ 17.128035] ret_from_fork+0x41/0x80 [ 17.128079] ? __pfx_kthread+0x10/0x10 [ 17.128116] ret_from_fork_asm+0x1a/0x30 [ 17.128179] </TASK> [ 17.128207] [ 17.140717] Allocated by task 215: [ 17.141499] kasan_save_stack+0x45/0x70 [ 17.141956] kasan_save_track+0x18/0x40 [ 17.142314] kasan_save_alloc_info+0x3b/0x50 [ 17.142773] __kasan_kmalloc+0xb7/0xc0 [ 17.142984] __kmalloc_cache_noprof+0x189/0x420 [ 17.143364] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.143669] kunit_try_run_case+0x1a5/0x480 [ 17.144054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.144446] kthread+0x337/0x6f0 [ 17.144822] ret_from_fork+0x41/0x80 [ 17.145239] ret_from_fork_asm+0x1a/0x30 [ 17.145571] [ 17.145729] The buggy address belongs to the object at ffff888101de5600 [ 17.145729] which belongs to the cache kmalloc-128 of size 128 [ 17.146375] The buggy address is located 5 bytes to the right of [ 17.146375] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.147208] [ 17.147411] The buggy address belongs to the physical page: [ 17.147779] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.148397] flags: 0x200000000000000(node=0|zone=2) [ 17.148824] page_type: f5(slab) [ 17.149201] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.149696] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.150130] page dumped because: kasan: bad access detected [ 17.150547] [ 17.150735] Memory state around the buggy address: [ 17.151046] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.151602] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.152192] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.152597] ^ [ 17.153075] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.153558] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.154055] ================================================================== [ 17.155672] ================================================================== [ 17.156557] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.157181] Read of size 1 at addr ffff888101de567f by task kunit_try_catch/215 [ 17.158026] [ 17.158320] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.158621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.158683] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.158743] Call Trace: [ 17.158801] <TASK> [ 17.158848] dump_stack_lvl+0x73/0xb0 [ 17.158928] print_report+0xd1/0x650 [ 17.158963] ? __virt_addr_valid+0x1db/0x2d0 [ 17.158991] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159016] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.159039] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159064] kasan_report+0x141/0x180 [ 17.159088] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159129] __asan_report_load1_noabort+0x18/0x20 [ 17.159184] ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.159211] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.159236] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.159268] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.159297] kunit_try_run_case+0x1a5/0x480 [ 17.159326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159348] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.159375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.159399] ? __kthread_parkme+0x82/0x180 [ 17.159423] ? preempt_count_sub+0x50/0x80 [ 17.159450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.159498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.159522] kthread+0x337/0x6f0 [ 17.159541] ? trace_preempt_on+0x20/0xc0 [ 17.159566] ? __pfx_kthread+0x10/0x10 [ 17.159586] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.159608] ? calculate_sigpending+0x7b/0xa0 [ 17.159644] ? __pfx_kthread+0x10/0x10 [ 17.159666] ret_from_fork+0x41/0x80 [ 17.159691] ? __pfx_kthread+0x10/0x10 [ 17.159710] ret_from_fork_asm+0x1a/0x30 [ 17.159745] </TASK> [ 17.159782] [ 17.170468] Allocated by task 215: [ 17.170760] kasan_save_stack+0x45/0x70 [ 17.171007] kasan_save_track+0x18/0x40 [ 17.171234] kasan_save_alloc_info+0x3b/0x50 [ 17.171778] __kasan_kmalloc+0xb7/0xc0 [ 17.172133] __kmalloc_cache_noprof+0x189/0x420 [ 17.172531] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.172987] kunit_try_run_case+0x1a5/0x480 [ 17.173525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.173817] kthread+0x337/0x6f0 [ 17.174015] ret_from_fork+0x41/0x80 [ 17.174205] ret_from_fork_asm+0x1a/0x30 [ 17.174564] [ 17.174726] The buggy address belongs to the object at ffff888101de5600 [ 17.174726] which belongs to the cache kmalloc-128 of size 128 [ 17.175190] The buggy address is located 12 bytes to the right of [ 17.175190] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.176154] [ 17.176352] The buggy address belongs to the physical page: [ 17.176643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.177154] flags: 0x200000000000000(node=0|zone=2) [ 17.177527] page_type: f5(slab) [ 17.177862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.178206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.178632] page dumped because: kasan: bad access detected [ 17.179072] [ 17.179298] Memory state around the buggy address: [ 17.179600] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.180055] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.180573] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.181013] ^ [ 17.181391] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.181941] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.182355] ================================================================== [ 17.092927] ================================================================== [ 17.093584] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 17.094155] Read of size 1 at addr ffff888101de5673 by task kunit_try_catch/215 [ 17.094657] [ 17.095227] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.095351] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.095372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.095398] Call Trace: [ 17.095415] <TASK> [ 17.095439] dump_stack_lvl+0x73/0xb0 [ 17.095482] print_report+0xd1/0x650 [ 17.095508] ? __virt_addr_valid+0x1db/0x2d0 [ 17.095535] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.095584] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095609] kasan_report+0x141/0x180 [ 17.095652] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095684] __asan_report_load1_noabort+0x18/0x20 [ 17.095707] ksize_unpoisons_memory+0x81c/0x9b0 [ 17.095732] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.095781] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.095834] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.095887] kunit_try_run_case+0x1a5/0x480 [ 17.095938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.095978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.096019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.096058] ? __kthread_parkme+0x82/0x180 [ 17.096102] ? preempt_count_sub+0x50/0x80 [ 17.096146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.096193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.096240] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.096285] kthread+0x337/0x6f0 [ 17.096322] ? trace_preempt_on+0x20/0xc0 [ 17.096372] ? __pfx_kthread+0x10/0x10 [ 17.096408] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.096448] ? calculate_sigpending+0x7b/0xa0 [ 17.096489] ? __pfx_kthread+0x10/0x10 [ 17.096524] ret_from_fork+0x41/0x80 [ 17.096570] ? __pfx_kthread+0x10/0x10 [ 17.096612] ret_from_fork_asm+0x1a/0x30 [ 17.096674] </TASK> [ 17.096702] [ 17.109108] Allocated by task 215: [ 17.109697] kasan_save_stack+0x45/0x70 [ 17.110157] kasan_save_track+0x18/0x40 [ 17.110490] kasan_save_alloc_info+0x3b/0x50 [ 17.110867] __kasan_kmalloc+0xb7/0xc0 [ 17.111405] __kmalloc_cache_noprof+0x189/0x420 [ 17.111729] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.112282] kunit_try_run_case+0x1a5/0x480 [ 17.112624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.112867] kthread+0x337/0x6f0 [ 17.113174] ret_from_fork+0x41/0x80 [ 17.113508] ret_from_fork_asm+0x1a/0x30 [ 17.113727] [ 17.113923] The buggy address belongs to the object at ffff888101de5600 [ 17.113923] which belongs to the cache kmalloc-128 of size 128 [ 17.114829] The buggy address is located 0 bytes to the right of [ 17.114829] allocated 115-byte region [ffff888101de5600, ffff888101de5673) [ 17.115501] [ 17.115635] The buggy address belongs to the physical page: [ 17.116086] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 17.117082] flags: 0x200000000000000(node=0|zone=2) [ 17.117593] page_type: f5(slab) [ 17.117809] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.118310] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.119019] page dumped because: kasan: bad access detected [ 17.119257] [ 17.119439] Memory state around the buggy address: [ 17.120009] ffff888101de5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.120947] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.121389] >ffff888101de5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.121706] ^ [ 17.122259] ffff888101de5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.122884] ffff888101de5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.123618] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.033812] ================================================================== [ 17.034467] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 17.035005] Free of addr ffff888101d9a420 by task kunit_try_catch/213 [ 17.035447] [ 17.035638] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 17.035763] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.035792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.035833] Call Trace: [ 17.035860] <TASK> [ 17.035897] dump_stack_lvl+0x73/0xb0 [ 17.035972] print_report+0xd1/0x650 [ 17.036027] ? __virt_addr_valid+0x1db/0x2d0 [ 17.036083] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.036132] ? kfree_sensitive+0x2e/0x90 [ 17.036178] kasan_report_invalid_free+0x10a/0x130 [ 17.036229] ? kfree_sensitive+0x2e/0x90 [ 17.036278] ? kfree_sensitive+0x2e/0x90 [ 17.036318] check_slab_allocation+0x101/0x130 [ 17.036360] __kasan_slab_pre_free+0x28/0x40 [ 17.036404] kfree+0xf0/0x3f0 [ 17.036448] ? kfree_sensitive+0x2e/0x90 [ 17.036510] kfree_sensitive+0x2e/0x90 [ 17.036563] kmalloc_double_kzfree+0x19c/0x350 [ 17.036603] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 17.036641] ? __schedule+0x10cc/0x2b30 [ 17.036677] ? __pfx_read_tsc+0x10/0x10 [ 17.036710] ? ktime_get_ts64+0x86/0x230 [ 17.036760] kunit_try_run_case+0x1a5/0x480 [ 17.036801] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.036836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.036869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.036899] ? __kthread_parkme+0x82/0x180 [ 17.036937] ? preempt_count_sub+0x50/0x80 [ 17.036965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.036990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.037015] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.037038] kthread+0x337/0x6f0 [ 17.037057] ? trace_preempt_on+0x20/0xc0 [ 17.037084] ? __pfx_kthread+0x10/0x10 [ 17.037106] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.037140] ? calculate_sigpending+0x7b/0xa0 [ 17.037172] ? __pfx_kthread+0x10/0x10 [ 17.037200] ret_from_fork+0x41/0x80 [ 17.037234] ? __pfx_kthread+0x10/0x10 [ 17.037262] ret_from_fork_asm+0x1a/0x30 [ 17.037317] </TASK> [ 17.037339] [ 17.065877] Allocated by task 213: [ 17.066438] kasan_save_stack+0x45/0x70 [ 17.066916] kasan_save_track+0x18/0x40 [ 17.067343] kasan_save_alloc_info+0x3b/0x50 [ 17.067763] __kasan_kmalloc+0xb7/0xc0 [ 17.068089] __kmalloc_cache_noprof+0x189/0x420 [ 17.068333] kmalloc_double_kzfree+0xa9/0x350 [ 17.068539] kunit_try_run_case+0x1a5/0x480 [ 17.069005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.069562] kthread+0x337/0x6f0 [ 17.069900] ret_from_fork+0x41/0x80 [ 17.070330] ret_from_fork_asm+0x1a/0x30 [ 17.070640] [ 17.070810] Freed by task 213: [ 17.070959] kasan_save_stack+0x45/0x70 [ 17.071169] kasan_save_track+0x18/0x40 [ 17.071532] kasan_save_free_info+0x3f/0x60 [ 17.071975] __kasan_slab_free+0x56/0x70 [ 17.072389] kfree+0x222/0x3f0 [ 17.072720] kfree_sensitive+0x67/0x90 [ 17.073078] kmalloc_double_kzfree+0x12b/0x350 [ 17.073850] kunit_try_run_case+0x1a5/0x480 [ 17.074281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.074676] kthread+0x337/0x6f0 [ 17.074992] ret_from_fork+0x41/0x80 [ 17.075347] ret_from_fork_asm+0x1a/0x30 [ 17.075719] [ 17.075940] The buggy address belongs to the object at ffff888101d9a420 [ 17.075940] which belongs to the cache kmalloc-16 of size 16 [ 17.076694] The buggy address is located 0 bytes inside of [ 17.076694] 16-byte region [ffff888101d9a420, ffff888101d9a430) [ 17.077066] [ 17.077417] The buggy address belongs to the physical page: [ 17.077908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 17.078673] flags: 0x200000000000000(node=0|zone=2) [ 17.079277] page_type: f5(slab) [ 17.079598] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.080472] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.081165] page dumped because: kasan: bad access detected [ 17.081351] [ 17.081547] Memory state around the buggy address: [ 17.081957] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 17.082572] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.083045] >ffff888101d9a400: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.084048] ^ [ 17.084851] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.085402] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.085728] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 16.989891] ================================================================== [ 16.991087] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 16.991819] Read of size 1 at addr ffff888101d9a420 by task kunit_try_catch/213 [ 16.993295] [ 16.993555] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.993952] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.993974] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.994002] Call Trace: [ 16.994020] <TASK> [ 16.994044] dump_stack_lvl+0x73/0xb0 [ 16.994096] print_report+0xd1/0x650 [ 16.994153] ? __virt_addr_valid+0x1db/0x2d0 [ 16.994187] ? kmalloc_double_kzfree+0x19c/0x350 [ 16.994265] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.994307] ? kmalloc_double_kzfree+0x19c/0x350 [ 16.994346] kasan_report+0x141/0x180 [ 16.994382] ? kmalloc_double_kzfree+0x19c/0x350 [ 16.994423] ? kmalloc_double_kzfree+0x19c/0x350 [ 16.994462] __kasan_check_byte+0x3d/0x50 [ 16.994487] kfree_sensitive+0x22/0x90 [ 16.994514] kmalloc_double_kzfree+0x19c/0x350 [ 16.994538] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 16.994564] ? __schedule+0x10cc/0x2b30 [ 16.994589] ? __pfx_read_tsc+0x10/0x10 [ 16.994612] ? ktime_get_ts64+0x86/0x230 [ 16.994641] kunit_try_run_case+0x1a5/0x480 [ 16.994668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.994690] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.994715] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.994739] ? __kthread_parkme+0x82/0x180 [ 16.994787] ? preempt_count_sub+0x50/0x80 [ 16.994816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.994841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.994866] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.994890] kthread+0x337/0x6f0 [ 16.994908] ? trace_preempt_on+0x20/0xc0 [ 16.994934] ? __pfx_kthread+0x10/0x10 [ 16.994954] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.994976] ? calculate_sigpending+0x7b/0xa0 [ 16.995000] ? __pfx_kthread+0x10/0x10 [ 16.995020] ret_from_fork+0x41/0x80 [ 16.995043] ? __pfx_kthread+0x10/0x10 [ 16.995063] ret_from_fork_asm+0x1a/0x30 [ 16.995098] </TASK> [ 16.995118] [ 17.010046] Allocated by task 213: [ 17.010684] kasan_save_stack+0x45/0x70 [ 17.011138] kasan_save_track+0x18/0x40 [ 17.011761] kasan_save_alloc_info+0x3b/0x50 [ 17.012137] __kasan_kmalloc+0xb7/0xc0 [ 17.012686] __kmalloc_cache_noprof+0x189/0x420 [ 17.013028] kmalloc_double_kzfree+0xa9/0x350 [ 17.013726] kunit_try_run_case+0x1a5/0x480 [ 17.014323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.014730] kthread+0x337/0x6f0 [ 17.015086] ret_from_fork+0x41/0x80 [ 17.015567] ret_from_fork_asm+0x1a/0x30 [ 17.015967] [ 17.016080] Freed by task 213: [ 17.016590] kasan_save_stack+0x45/0x70 [ 17.016984] kasan_save_track+0x18/0x40 [ 17.017649] kasan_save_free_info+0x3f/0x60 [ 17.017885] __kasan_slab_free+0x56/0x70 [ 17.018327] kfree+0x222/0x3f0 [ 17.018788] kfree_sensitive+0x67/0x90 [ 17.019357] kmalloc_double_kzfree+0x12b/0x350 [ 17.019689] kunit_try_run_case+0x1a5/0x480 [ 17.020084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.020567] kthread+0x337/0x6f0 [ 17.020895] ret_from_fork+0x41/0x80 [ 17.021467] ret_from_fork_asm+0x1a/0x30 [ 17.021897] [ 17.022037] The buggy address belongs to the object at ffff888101d9a420 [ 17.022037] which belongs to the cache kmalloc-16 of size 16 [ 17.023004] The buggy address is located 0 bytes inside of [ 17.023004] freed 16-byte region [ffff888101d9a420, ffff888101d9a430) [ 17.023793] [ 17.024000] The buggy address belongs to the physical page: [ 17.024666] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 17.025077] flags: 0x200000000000000(node=0|zone=2) [ 17.025907] page_type: f5(slab) [ 17.026209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.026853] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.027493] page dumped because: kasan: bad access detected [ 17.027799] [ 17.027992] Memory state around the buggy address: [ 17.028607] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 17.028967] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.029826] >ffff888101d9a400: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 17.030325] ^ [ 17.030553] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031075] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.031510] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 16.942965] ================================================================== [ 16.943716] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 16.944122] Read of size 1 at addr ffff888102b2bfa8 by task kunit_try_catch/209 [ 16.944720] [ 16.944967] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.945081] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.945110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.945155] Call Trace: [ 16.945186] <TASK> [ 16.945449] dump_stack_lvl+0x73/0xb0 [ 16.945547] print_report+0xd1/0x650 [ 16.945604] ? __virt_addr_valid+0x1db/0x2d0 [ 16.945661] ? kmalloc_uaf2+0x4a8/0x520 [ 16.945710] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.945776] ? kmalloc_uaf2+0x4a8/0x520 [ 16.945827] kasan_report+0x141/0x180 [ 16.945880] ? kmalloc_uaf2+0x4a8/0x520 [ 16.945933] __asan_report_load1_noabort+0x18/0x20 [ 16.945970] kmalloc_uaf2+0x4a8/0x520 [ 16.946008] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 16.946043] ? finish_task_switch.isra.0+0x153/0x700 [ 16.946089] ? __switch_to+0x5d9/0xf60 [ 16.946166] ? dequeue_task_fair+0x166/0x4e0 [ 16.946452] ? __schedule+0x10cc/0x2b30 [ 16.946503] ? __pfx_read_tsc+0x10/0x10 [ 16.946551] ? ktime_get_ts64+0x86/0x230 [ 16.946609] kunit_try_run_case+0x1a5/0x480 [ 16.946667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.946707] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.946736] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.946787] ? __kthread_parkme+0x82/0x180 [ 16.946814] ? preempt_count_sub+0x50/0x80 [ 16.946845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.946872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.946898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.946924] kthread+0x337/0x6f0 [ 16.946943] ? trace_preempt_on+0x20/0xc0 [ 16.946971] ? __pfx_kthread+0x10/0x10 [ 16.946991] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.947014] ? calculate_sigpending+0x7b/0xa0 [ 16.947039] ? __pfx_kthread+0x10/0x10 [ 16.947059] ret_from_fork+0x41/0x80 [ 16.947083] ? __pfx_kthread+0x10/0x10 [ 16.947118] ret_from_fork_asm+0x1a/0x30 [ 16.947169] </TASK> [ 16.947192] [ 16.959928] Allocated by task 209: [ 16.960450] kasan_save_stack+0x45/0x70 [ 16.960812] kasan_save_track+0x18/0x40 [ 16.961080] kasan_save_alloc_info+0x3b/0x50 [ 16.961354] __kasan_kmalloc+0xb7/0xc0 [ 16.961559] __kmalloc_cache_noprof+0x189/0x420 [ 16.961930] kmalloc_uaf2+0xc6/0x520 [ 16.962325] kunit_try_run_case+0x1a5/0x480 [ 16.962707] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.963224] kthread+0x337/0x6f0 [ 16.963441] ret_from_fork+0x41/0x80 [ 16.963731] ret_from_fork_asm+0x1a/0x30 [ 16.964135] [ 16.964394] Freed by task 209: [ 16.964529] kasan_save_stack+0x45/0x70 [ 16.964888] kasan_save_track+0x18/0x40 [ 16.965131] kasan_save_free_info+0x3f/0x60 [ 16.965543] __kasan_slab_free+0x56/0x70 [ 16.965786] kfree+0x222/0x3f0 [ 16.966062] kmalloc_uaf2+0x14c/0x520 [ 16.966521] kunit_try_run_case+0x1a5/0x480 [ 16.966829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.967263] kthread+0x337/0x6f0 [ 16.967448] ret_from_fork+0x41/0x80 [ 16.967663] ret_from_fork_asm+0x1a/0x30 [ 16.967882] [ 16.968010] The buggy address belongs to the object at ffff888102b2bf80 [ 16.968010] which belongs to the cache kmalloc-64 of size 64 [ 16.969137] The buggy address is located 40 bytes inside of [ 16.969137] freed 64-byte region [ffff888102b2bf80, ffff888102b2bfc0) [ 16.970005] [ 16.970259] The buggy address belongs to the physical page: [ 16.970534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2b [ 16.970866] flags: 0x200000000000000(node=0|zone=2) [ 16.971139] page_type: f5(slab) [ 16.971424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.972029] raw: 0000000000000000 0000000000200020 00000000f5000000 0000000000000000 [ 16.972678] page dumped because: kasan: bad access detected [ 16.973253] [ 16.973433] Memory state around the buggy address: [ 16.973693] ffff888102b2be80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.974177] ffff888102b2bf00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.974633] >ffff888102b2bf80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.974928] ^ [ 16.975165] ffff888102b2c000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.975878] ffff888102b2c080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.976433] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 16.900364] ================================================================== [ 16.901058] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 16.901623] Write of size 33 at addr ffff888101df5100 by task kunit_try_catch/207 [ 16.903141] [ 16.903430] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.903504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.903527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.903568] Call Trace: [ 16.903596] <TASK> [ 16.903646] dump_stack_lvl+0x73/0xb0 [ 16.903789] print_report+0xd1/0x650 [ 16.903867] ? __virt_addr_valid+0x1db/0x2d0 [ 16.903931] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.903981] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.904023] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.904060] kasan_report+0x141/0x180 [ 16.904086] ? kmalloc_uaf_memset+0x1a3/0x360 [ 16.904161] kasan_check_range+0x10c/0x1c0 [ 16.904192] __asan_memset+0x27/0x50 [ 16.904242] kmalloc_uaf_memset+0x1a3/0x360 [ 16.904278] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 16.904323] ? __schedule+0x10cc/0x2b30 [ 16.904353] ? __pfx_read_tsc+0x10/0x10 [ 16.904376] ? ktime_get_ts64+0x86/0x230 [ 16.904407] kunit_try_run_case+0x1a5/0x480 [ 16.904435] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.904458] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.904484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.904508] ? __kthread_parkme+0x82/0x180 [ 16.904532] ? preempt_count_sub+0x50/0x80 [ 16.904560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.904585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.904609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.904632] kthread+0x337/0x6f0 [ 16.904651] ? trace_preempt_on+0x20/0xc0 [ 16.904678] ? __pfx_kthread+0x10/0x10 [ 16.904697] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.904719] ? calculate_sigpending+0x7b/0xa0 [ 16.904743] ? __pfx_kthread+0x10/0x10 [ 16.904787] ret_from_fork+0x41/0x80 [ 16.904811] ? __pfx_kthread+0x10/0x10 [ 16.904831] ret_from_fork_asm+0x1a/0x30 [ 16.904866] </TASK> [ 16.904882] [ 16.916727] Allocated by task 207: [ 16.917199] kasan_save_stack+0x45/0x70 [ 16.917676] kasan_save_track+0x18/0x40 [ 16.917974] kasan_save_alloc_info+0x3b/0x50 [ 16.918339] __kasan_kmalloc+0xb7/0xc0 [ 16.918708] __kmalloc_cache_noprof+0x189/0x420 [ 16.919063] kmalloc_uaf_memset+0xa9/0x360 [ 16.919607] kunit_try_run_case+0x1a5/0x480 [ 16.920050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.920598] kthread+0x337/0x6f0 [ 16.920982] ret_from_fork+0x41/0x80 [ 16.921377] ret_from_fork_asm+0x1a/0x30 [ 16.921693] [ 16.921905] Freed by task 207: [ 16.922217] kasan_save_stack+0x45/0x70 [ 16.922634] kasan_save_track+0x18/0x40 [ 16.923037] kasan_save_free_info+0x3f/0x60 [ 16.923359] __kasan_slab_free+0x56/0x70 [ 16.923827] kfree+0x222/0x3f0 [ 16.924085] kmalloc_uaf_memset+0x12b/0x360 [ 16.924480] kunit_try_run_case+0x1a5/0x480 [ 16.924858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.925292] kthread+0x337/0x6f0 [ 16.925652] ret_from_fork+0x41/0x80 [ 16.925968] ret_from_fork_asm+0x1a/0x30 [ 16.926546] [ 16.926758] The buggy address belongs to the object at ffff888101df5100 [ 16.926758] which belongs to the cache kmalloc-64 of size 64 [ 16.927826] The buggy address is located 0 bytes inside of [ 16.927826] freed 64-byte region [ffff888101df5100, ffff888101df5140) [ 16.928180] [ 16.928278] The buggy address belongs to the physical page: [ 16.928532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101df5 [ 16.929256] flags: 0x200000000000000(node=0|zone=2) [ 16.929716] page_type: f5(slab) [ 16.930205] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.930898] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.931721] page dumped because: kasan: bad access detected [ 16.932255] [ 16.932516] Memory state around the buggy address: [ 16.932963] ffff888101df5000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.933806] ffff888101df5080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.934040] >ffff888101df5100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.934566] ^ [ 16.934920] ffff888101df5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.935593] ffff888101df5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.936089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 16.851584] ================================================================== [ 16.852816] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 16.853475] Read of size 1 at addr ffff888101d9a408 by task kunit_try_catch/205 [ 16.853823] [ 16.854097] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.854230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.854254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.854292] Call Trace: [ 16.854318] <TASK> [ 16.854353] dump_stack_lvl+0x73/0xb0 [ 16.854420] print_report+0xd1/0x650 [ 16.854470] ? __virt_addr_valid+0x1db/0x2d0 [ 16.854509] ? kmalloc_uaf+0x320/0x380 [ 16.854541] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.854583] ? kmalloc_uaf+0x320/0x380 [ 16.854625] kasan_report+0x141/0x180 [ 16.854673] ? kmalloc_uaf+0x320/0x380 [ 16.854719] __asan_report_load1_noabort+0x18/0x20 [ 16.854770] kmalloc_uaf+0x320/0x380 [ 16.854806] ? __pfx_kmalloc_uaf+0x10/0x10 [ 16.854843] ? __schedule+0x10cc/0x2b30 [ 16.854881] ? __pfx_read_tsc+0x10/0x10 [ 16.854923] ? ktime_get_ts64+0x86/0x230 [ 16.854976] kunit_try_run_case+0x1a5/0x480 [ 16.855023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.855068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.855146] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.855217] ? __kthread_parkme+0x82/0x180 [ 16.855264] ? preempt_count_sub+0x50/0x80 [ 16.855317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.855364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.855413] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.855460] kthread+0x337/0x6f0 [ 16.855504] ? trace_preempt_on+0x20/0xc0 [ 16.855554] ? __pfx_kthread+0x10/0x10 [ 16.855612] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.855670] ? calculate_sigpending+0x7b/0xa0 [ 16.855713] ? __pfx_kthread+0x10/0x10 [ 16.855767] ret_from_fork+0x41/0x80 [ 16.855811] ? __pfx_kthread+0x10/0x10 [ 16.855845] ret_from_fork_asm+0x1a/0x30 [ 16.855911] </TASK> [ 16.855938] [ 16.870392] Allocated by task 205: [ 16.870848] kasan_save_stack+0x45/0x70 [ 16.871510] kasan_save_track+0x18/0x40 [ 16.872134] kasan_save_alloc_info+0x3b/0x50 [ 16.872389] __kasan_kmalloc+0xb7/0xc0 [ 16.872825] __kmalloc_cache_noprof+0x189/0x420 [ 16.873139] kmalloc_uaf+0xaa/0x380 [ 16.873416] kunit_try_run_case+0x1a5/0x480 [ 16.874039] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874618] kthread+0x337/0x6f0 [ 16.874928] ret_from_fork+0x41/0x80 [ 16.875079] ret_from_fork_asm+0x1a/0x30 [ 16.876301] [ 16.876548] Freed by task 205: [ 16.877165] kasan_save_stack+0x45/0x70 [ 16.877601] kasan_save_track+0x18/0x40 [ 16.877797] kasan_save_free_info+0x3f/0x60 [ 16.877952] __kasan_slab_free+0x56/0x70 [ 16.878099] kfree+0x222/0x3f0 [ 16.878992] kmalloc_uaf+0x12c/0x380 [ 16.879649] kunit_try_run_case+0x1a5/0x480 [ 16.880001] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.880570] kthread+0x337/0x6f0 [ 16.880859] ret_from_fork+0x41/0x80 [ 16.881214] ret_from_fork_asm+0x1a/0x30 [ 16.881439] [ 16.881626] The buggy address belongs to the object at ffff888101d9a400 [ 16.881626] which belongs to the cache kmalloc-16 of size 16 [ 16.882450] The buggy address is located 8 bytes inside of [ 16.882450] freed 16-byte region [ffff888101d9a400, ffff888101d9a410) [ 16.883147] [ 16.883351] The buggy address belongs to the physical page: [ 16.883718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 16.884669] flags: 0x200000000000000(node=0|zone=2) [ 16.885429] page_type: f5(slab) [ 16.885657] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.886792] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.887609] page dumped because: kasan: bad access detected [ 16.887975] [ 16.888166] Memory state around the buggy address: [ 16.888572] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.889066] ffff888101d9a380: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.889780] >ffff888101d9a400: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.890401] ^ [ 16.890921] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.891376] ffff888101d9a500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.892497] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 16.809225] ================================================================== [ 16.810272] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.810700] Read of size 64 at addr ffff888102b2bd84 by task kunit_try_catch/203 [ 16.811047] [ 16.811219] CPU: 0 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.811334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.811362] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.811395] Call Trace: [ 16.811415] <TASK> [ 16.811441] dump_stack_lvl+0x73/0xb0 [ 16.811482] print_report+0xd1/0x650 [ 16.811516] ? __virt_addr_valid+0x1db/0x2d0 [ 16.811557] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.811660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.811702] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.811743] kasan_report+0x141/0x180 [ 16.811798] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.811848] kasan_check_range+0x10c/0x1c0 [ 16.811882] __asan_memmove+0x27/0x70 [ 16.811914] kmalloc_memmove_invalid_size+0x16f/0x330 [ 16.811953] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 16.811993] ? __schedule+0x10cc/0x2b30 [ 16.812028] ? __pfx_read_tsc+0x10/0x10 [ 16.812062] ? ktime_get_ts64+0x86/0x230 [ 16.812115] kunit_try_run_case+0x1a5/0x480 [ 16.812161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812196] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.812237] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.812274] ? __kthread_parkme+0x82/0x180 [ 16.812309] ? preempt_count_sub+0x50/0x80 [ 16.812351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.812391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.812432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.812474] kthread+0x337/0x6f0 [ 16.812505] ? trace_preempt_on+0x20/0xc0 [ 16.812554] ? __pfx_kthread+0x10/0x10 [ 16.812596] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.812643] ? calculate_sigpending+0x7b/0xa0 [ 16.812693] ? __pfx_kthread+0x10/0x10 [ 16.812736] ret_from_fork+0x41/0x80 [ 16.812800] ? __pfx_kthread+0x10/0x10 [ 16.812845] ret_from_fork_asm+0x1a/0x30 [ 16.812916] </TASK> [ 16.812944] [ 16.828076] Allocated by task 203: [ 16.828327] kasan_save_stack+0x45/0x70 [ 16.828623] kasan_save_track+0x18/0x40 [ 16.829301] kasan_save_alloc_info+0x3b/0x50 [ 16.829993] __kasan_kmalloc+0xb7/0xc0 [ 16.830553] __kmalloc_cache_noprof+0x189/0x420 [ 16.830908] kmalloc_memmove_invalid_size+0xac/0x330 [ 16.831294] kunit_try_run_case+0x1a5/0x480 [ 16.831781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.832071] kthread+0x337/0x6f0 [ 16.832903] ret_from_fork+0x41/0x80 [ 16.833096] ret_from_fork_asm+0x1a/0x30 [ 16.833250] [ 16.833343] The buggy address belongs to the object at ffff888102b2bd80 [ 16.833343] which belongs to the cache kmalloc-64 of size 64 [ 16.835318] The buggy address is located 4 bytes inside of [ 16.835318] allocated 64-byte region [ffff888102b2bd80, ffff888102b2bdc0) [ 16.836287] [ 16.836544] The buggy address belongs to the physical page: [ 16.837166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b2b [ 16.838000] flags: 0x200000000000000(node=0|zone=2) [ 16.838574] page_type: f5(slab) [ 16.838925] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.839230] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.839561] page dumped because: kasan: bad access detected [ 16.840042] [ 16.840280] Memory state around the buggy address: [ 16.840921] ffff888102b2bc80: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 16.841482] ffff888102b2bd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.842207] >ffff888102b2bd80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.842863] ^ [ 16.843501] ffff888102b2be00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.843808] ffff888102b2be80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.844897] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 16.759929] ================================================================== [ 16.760654] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 16.761458] Read of size 18446744073709551614 at addr ffff888101deef84 by task kunit_try_catch/201 [ 16.763076] [ 16.763585] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.763721] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.763761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.763954] Call Trace: [ 16.763996] <TASK> [ 16.764038] dump_stack_lvl+0x73/0xb0 [ 16.764151] print_report+0xd1/0x650 [ 16.764216] ? __virt_addr_valid+0x1db/0x2d0 [ 16.764263] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.764305] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.764340] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.764426] kasan_report+0x141/0x180 [ 16.764464] ? kmalloc_memmove_negative_size+0x171/0x330 [ 16.764536] kasan_check_range+0x10c/0x1c0 [ 16.764563] __asan_memmove+0x27/0x70 [ 16.764587] kmalloc_memmove_negative_size+0x171/0x330 [ 16.764613] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 16.764640] ? __schedule+0x10cc/0x2b30 [ 16.764665] ? __pfx_read_tsc+0x10/0x10 [ 16.764688] ? ktime_get_ts64+0x86/0x230 [ 16.764718] kunit_try_run_case+0x1a5/0x480 [ 16.764746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.764795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.764822] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.764846] ? __kthread_parkme+0x82/0x180 [ 16.764870] ? preempt_count_sub+0x50/0x80 [ 16.764899] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.764924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.764948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.764972] kthread+0x337/0x6f0 [ 16.764991] ? trace_preempt_on+0x20/0xc0 [ 16.765018] ? __pfx_kthread+0x10/0x10 [ 16.765037] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.765059] ? calculate_sigpending+0x7b/0xa0 [ 16.765084] ? __pfx_kthread+0x10/0x10 [ 16.765117] ret_from_fork+0x41/0x80 [ 16.765158] ? __pfx_kthread+0x10/0x10 [ 16.765180] ret_from_fork_asm+0x1a/0x30 [ 16.765238] </TASK> [ 16.765262] [ 16.785005] Allocated by task 201: [ 16.786130] kasan_save_stack+0x45/0x70 [ 16.787178] kasan_save_track+0x18/0x40 [ 16.788185] kasan_save_alloc_info+0x3b/0x50 [ 16.788921] __kasan_kmalloc+0xb7/0xc0 [ 16.789918] __kmalloc_cache_noprof+0x189/0x420 [ 16.790205] kmalloc_memmove_negative_size+0xac/0x330 [ 16.790659] kunit_try_run_case+0x1a5/0x480 [ 16.791099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.791342] kthread+0x337/0x6f0 [ 16.791715] ret_from_fork+0x41/0x80 [ 16.792147] ret_from_fork_asm+0x1a/0x30 [ 16.792470] [ 16.792642] The buggy address belongs to the object at ffff888101deef80 [ 16.792642] which belongs to the cache kmalloc-64 of size 64 [ 16.793504] The buggy address is located 4 bytes inside of [ 16.793504] 64-byte region [ffff888101deef80, ffff888101deefc0) [ 16.794216] [ 16.794477] The buggy address belongs to the physical page: [ 16.795032] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101dee [ 16.795585] flags: 0x200000000000000(node=0|zone=2) [ 16.796025] page_type: f5(slab) [ 16.796378] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.796825] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.797286] page dumped because: kasan: bad access detected [ 16.797845] [ 16.797944] Memory state around the buggy address: [ 16.798103] ffff888101deee80: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 16.798314] ffff888101deef00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.798510] >ffff888101deef80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 16.798968] ^ [ 16.799326] ffff888101def000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.799805] ffff888101def080: fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.800264] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 16.723189] ================================================================== [ 16.723884] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 16.724590] Write of size 16 at addr ffff888102b31069 by task kunit_try_catch/199 [ 16.724934] [ 16.725168] CPU: 0 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.725275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.725305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.725352] Call Trace: [ 16.725383] <TASK> [ 16.725423] dump_stack_lvl+0x73/0xb0 [ 16.725472] print_report+0xd1/0x650 [ 16.725501] ? __virt_addr_valid+0x1db/0x2d0 [ 16.725528] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.725554] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.725589] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.725628] kasan_report+0x141/0x180 [ 16.725656] ? kmalloc_oob_memset_16+0x166/0x330 [ 16.725687] kasan_check_range+0x10c/0x1c0 [ 16.725710] __asan_memset+0x27/0x50 [ 16.725733] kmalloc_oob_memset_16+0x166/0x330 [ 16.725785] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 16.725829] ? __schedule+0x10cc/0x2b30 [ 16.725869] ? __pfx_read_tsc+0x10/0x10 [ 16.725905] ? ktime_get_ts64+0x86/0x230 [ 16.725954] kunit_try_run_case+0x1a5/0x480 [ 16.726004] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.726052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.726104] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.726149] ? __kthread_parkme+0x82/0x180 [ 16.726186] ? preempt_count_sub+0x50/0x80 [ 16.726235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.726284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.726334] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.726384] kthread+0x337/0x6f0 [ 16.726426] ? trace_preempt_on+0x20/0xc0 [ 16.726481] ? __pfx_kthread+0x10/0x10 [ 16.726524] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.726567] ? calculate_sigpending+0x7b/0xa0 [ 16.726615] ? __pfx_kthread+0x10/0x10 [ 16.726659] ret_from_fork+0x41/0x80 [ 16.726708] ? __pfx_kthread+0x10/0x10 [ 16.726757] ret_from_fork_asm+0x1a/0x30 [ 16.726800] </TASK> [ 16.726816] [ 16.737680] Allocated by task 199: [ 16.738122] kasan_save_stack+0x45/0x70 [ 16.738537] kasan_save_track+0x18/0x40 [ 16.738995] kasan_save_alloc_info+0x3b/0x50 [ 16.739458] __kasan_kmalloc+0xb7/0xc0 [ 16.739832] __kmalloc_cache_noprof+0x189/0x420 [ 16.740201] kmalloc_oob_memset_16+0xac/0x330 [ 16.740615] kunit_try_run_case+0x1a5/0x480 [ 16.740941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.741437] kthread+0x337/0x6f0 [ 16.741723] ret_from_fork+0x41/0x80 [ 16.742089] ret_from_fork_asm+0x1a/0x30 [ 16.742507] [ 16.742745] The buggy address belongs to the object at ffff888102b31000 [ 16.742745] which belongs to the cache kmalloc-128 of size 128 [ 16.743614] The buggy address is located 105 bytes inside of [ 16.743614] allocated 120-byte region [ffff888102b31000, ffff888102b31078) [ 16.744455] [ 16.744602] The buggy address belongs to the physical page: [ 16.744838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b31 [ 16.745290] flags: 0x200000000000000(node=0|zone=2) [ 16.745836] page_type: f5(slab) [ 16.746299] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.746921] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.747591] page dumped because: kasan: bad access detected [ 16.747984] [ 16.748207] Memory state around the buggy address: [ 16.748622] ffff888102b30f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.748993] ffff888102b30f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.749557] >ffff888102b31000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.749856] ^ [ 16.750340] ffff888102b31080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.750955] ffff888102b31100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.751526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 16.680981] ================================================================== [ 16.682194] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 16.682652] Write of size 8 at addr ffff888102b25f71 by task kunit_try_catch/197 [ 16.683049] [ 16.683388] CPU: 0 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.683505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.683536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.683586] Call Trace: [ 16.683619] <TASK> [ 16.683671] dump_stack_lvl+0x73/0xb0 [ 16.683744] print_report+0xd1/0x650 [ 16.683819] ? __virt_addr_valid+0x1db/0x2d0 [ 16.683885] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.683937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.683980] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.684014] kasan_report+0x141/0x180 [ 16.684041] ? kmalloc_oob_memset_8+0x166/0x330 [ 16.684071] kasan_check_range+0x10c/0x1c0 [ 16.684094] __asan_memset+0x27/0x50 [ 16.684128] kmalloc_oob_memset_8+0x166/0x330 [ 16.684215] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 16.684267] ? __schedule+0x10cc/0x2b30 [ 16.684316] ? __pfx_read_tsc+0x10/0x10 [ 16.684360] ? ktime_get_ts64+0x86/0x230 [ 16.684421] kunit_try_run_case+0x1a5/0x480 [ 16.684473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.684513] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.684589] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.684656] ? __kthread_parkme+0x82/0x180 [ 16.684711] ? preempt_count_sub+0x50/0x80 [ 16.684786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.684836] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.684877] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.684915] kthread+0x337/0x6f0 [ 16.684948] ? trace_preempt_on+0x20/0xc0 [ 16.684978] ? __pfx_kthread+0x10/0x10 [ 16.684998] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.685022] ? calculate_sigpending+0x7b/0xa0 [ 16.685048] ? __pfx_kthread+0x10/0x10 [ 16.685068] ret_from_fork+0x41/0x80 [ 16.685092] ? __pfx_kthread+0x10/0x10 [ 16.685160] ret_from_fork_asm+0x1a/0x30 [ 16.685279] </TASK> [ 16.685300] [ 16.699369] Allocated by task 197: [ 16.700675] kasan_save_stack+0x45/0x70 [ 16.701466] kasan_save_track+0x18/0x40 [ 16.701720] kasan_save_alloc_info+0x3b/0x50 [ 16.701917] __kasan_kmalloc+0xb7/0xc0 [ 16.702621] __kmalloc_cache_noprof+0x189/0x420 [ 16.703026] kmalloc_oob_memset_8+0xac/0x330 [ 16.703560] kunit_try_run_case+0x1a5/0x480 [ 16.703784] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.704006] kthread+0x337/0x6f0 [ 16.704545] ret_from_fork+0x41/0x80 [ 16.704961] ret_from_fork_asm+0x1a/0x30 [ 16.705533] [ 16.705737] The buggy address belongs to the object at ffff888102b25f00 [ 16.705737] which belongs to the cache kmalloc-128 of size 128 [ 16.706579] The buggy address is located 113 bytes inside of [ 16.706579] allocated 120-byte region [ffff888102b25f00, ffff888102b25f78) [ 16.707512] [ 16.707777] The buggy address belongs to the physical page: [ 16.708408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 16.709261] flags: 0x200000000000000(node=0|zone=2) [ 16.709717] page_type: f5(slab) [ 16.710062] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.710830] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.711064] page dumped because: kasan: bad access detected [ 16.711309] [ 16.711477] Memory state around the buggy address: [ 16.712418] ffff888102b25e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.713731] ffff888102b25e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714124] >ffff888102b25f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.715015] ^ [ 16.715248] ffff888102b25f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.715458] ffff888102b26000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.716581] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 16.638073] ================================================================== [ 16.639180] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 16.639816] Write of size 4 at addr ffff888101de5575 by task kunit_try_catch/195 [ 16.640604] [ 16.640847] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.640954] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.640977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.641019] Call Trace: [ 16.641044] <TASK> [ 16.641084] dump_stack_lvl+0x73/0xb0 [ 16.641194] print_report+0xd1/0x650 [ 16.641246] ? __virt_addr_valid+0x1db/0x2d0 [ 16.641300] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.641344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.641387] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.641436] kasan_report+0x141/0x180 [ 16.641486] ? kmalloc_oob_memset_4+0x166/0x330 [ 16.641548] kasan_check_range+0x10c/0x1c0 [ 16.641587] __asan_memset+0x27/0x50 [ 16.641882] kmalloc_oob_memset_4+0x166/0x330 [ 16.641940] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 16.641993] ? __schedule+0x10cc/0x2b30 [ 16.642046] ? __pfx_read_tsc+0x10/0x10 [ 16.642094] ? ktime_get_ts64+0x86/0x230 [ 16.642166] kunit_try_run_case+0x1a5/0x480 [ 16.642226] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.642272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.642313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.642349] ? __kthread_parkme+0x82/0x180 [ 16.642381] ? preempt_count_sub+0x50/0x80 [ 16.642421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.642457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.642491] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.642523] kthread+0x337/0x6f0 [ 16.642550] ? trace_preempt_on+0x20/0xc0 [ 16.642586] ? __pfx_kthread+0x10/0x10 [ 16.642614] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.642647] ? calculate_sigpending+0x7b/0xa0 [ 16.642681] ? __pfx_kthread+0x10/0x10 [ 16.642709] ret_from_fork+0x41/0x80 [ 16.642742] ? __pfx_kthread+0x10/0x10 [ 16.642791] ret_from_fork_asm+0x1a/0x30 [ 16.642838] </TASK> [ 16.642854] [ 16.656896] Allocated by task 195: [ 16.657730] kasan_save_stack+0x45/0x70 [ 16.658235] kasan_save_track+0x18/0x40 [ 16.658625] kasan_save_alloc_info+0x3b/0x50 [ 16.658996] __kasan_kmalloc+0xb7/0xc0 [ 16.659255] __kmalloc_cache_noprof+0x189/0x420 [ 16.659569] kmalloc_oob_memset_4+0xac/0x330 [ 16.660012] kunit_try_run_case+0x1a5/0x480 [ 16.661064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.661524] kthread+0x337/0x6f0 [ 16.661928] ret_from_fork+0x41/0x80 [ 16.662303] ret_from_fork_asm+0x1a/0x30 [ 16.662800] [ 16.662992] The buggy address belongs to the object at ffff888101de5500 [ 16.662992] which belongs to the cache kmalloc-128 of size 128 [ 16.664024] The buggy address is located 117 bytes inside of [ 16.664024] allocated 120-byte region [ffff888101de5500, ffff888101de5578) [ 16.665203] [ 16.665968] The buggy address belongs to the physical page: [ 16.666493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 16.667092] flags: 0x200000000000000(node=0|zone=2) [ 16.667800] page_type: f5(slab) [ 16.668275] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.668712] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.669096] page dumped because: kasan: bad access detected [ 16.670166] [ 16.670651] Memory state around the buggy address: [ 16.671099] ffff888101de5400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.671740] ffff888101de5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.672134] >ffff888101de5500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.672635] ^ [ 16.673098] ffff888101de5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.673578] ffff888101de5600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.674408] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 16.603427] ================================================================== [ 16.604067] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 16.604865] Write of size 2 at addr ffff888102b25e77 by task kunit_try_catch/193 [ 16.605396] [ 16.605565] CPU: 0 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.605859] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.605904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.605957] Call Trace: [ 16.605992] <TASK> [ 16.606032] dump_stack_lvl+0x73/0xb0 [ 16.606123] print_report+0xd1/0x650 [ 16.606176] ? __virt_addr_valid+0x1db/0x2d0 [ 16.606233] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.606280] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.606324] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.606366] kasan_report+0x141/0x180 [ 16.606407] ? kmalloc_oob_memset_2+0x166/0x330 [ 16.606463] kasan_check_range+0x10c/0x1c0 [ 16.606509] __asan_memset+0x27/0x50 [ 16.606557] kmalloc_oob_memset_2+0x166/0x330 [ 16.606609] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 16.606676] ? __schedule+0x10cc/0x2b30 [ 16.606714] ? __pfx_read_tsc+0x10/0x10 [ 16.606740] ? ktime_get_ts64+0x86/0x230 [ 16.606805] kunit_try_run_case+0x1a5/0x480 [ 16.606837] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.606861] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.606889] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.606915] ? __kthread_parkme+0x82/0x180 [ 16.606941] ? preempt_count_sub+0x50/0x80 [ 16.606970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.606996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607022] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.607046] kthread+0x337/0x6f0 [ 16.607066] ? trace_preempt_on+0x20/0xc0 [ 16.607094] ? __pfx_kthread+0x10/0x10 [ 16.607141] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.607169] ? calculate_sigpending+0x7b/0xa0 [ 16.607195] ? __pfx_kthread+0x10/0x10 [ 16.607216] ret_from_fork+0x41/0x80 [ 16.607240] ? __pfx_kthread+0x10/0x10 [ 16.607260] ret_from_fork_asm+0x1a/0x30 [ 16.607297] </TASK> [ 16.607312] [ 16.616680] Allocated by task 193: [ 16.616974] kasan_save_stack+0x45/0x70 [ 16.617347] kasan_save_track+0x18/0x40 [ 16.617709] kasan_save_alloc_info+0x3b/0x50 [ 16.618079] __kasan_kmalloc+0xb7/0xc0 [ 16.618439] __kmalloc_cache_noprof+0x189/0x420 [ 16.618849] kmalloc_oob_memset_2+0xac/0x330 [ 16.619230] kunit_try_run_case+0x1a5/0x480 [ 16.619551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.619932] kthread+0x337/0x6f0 [ 16.620136] ret_from_fork+0x41/0x80 [ 16.620472] ret_from_fork_asm+0x1a/0x30 [ 16.620832] [ 16.621011] The buggy address belongs to the object at ffff888102b25e00 [ 16.621011] which belongs to the cache kmalloc-128 of size 128 [ 16.621535] The buggy address is located 119 bytes inside of [ 16.621535] allocated 120-byte region [ffff888102b25e00, ffff888102b25e78) [ 16.621994] [ 16.622128] The buggy address belongs to the physical page: [ 16.622368] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 16.622927] flags: 0x200000000000000(node=0|zone=2) [ 16.623376] page_type: f5(slab) [ 16.623825] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.624531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.625150] page dumped because: kasan: bad access detected [ 16.625587] [ 16.625778] Memory state around the buggy address: [ 16.626195] ffff888102b25d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.626593] ffff888102b25d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.627003] >ffff888102b25e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.627688] ^ [ 16.628135] ffff888102b25e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628447] ffff888102b25f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.628717] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 16.567147] ================================================================== [ 16.567787] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 16.568724] Write of size 128 at addr ffff888102b25d00 by task kunit_try_catch/191 [ 16.569219] [ 16.569781] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.569884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.569900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.569927] Call Trace: [ 16.569946] <TASK> [ 16.569973] dump_stack_lvl+0x73/0xb0 [ 16.570023] print_report+0xd1/0x650 [ 16.570050] ? __virt_addr_valid+0x1db/0x2d0 [ 16.570075] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.570115] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.570160] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.570188] kasan_report+0x141/0x180 [ 16.570214] ? kmalloc_oob_in_memset+0x15f/0x320 [ 16.570245] kasan_check_range+0x10c/0x1c0 [ 16.570268] __asan_memset+0x27/0x50 [ 16.570291] kmalloc_oob_in_memset+0x15f/0x320 [ 16.570317] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 16.570343] ? __schedule+0x10cc/0x2b30 [ 16.570368] ? __pfx_read_tsc+0x10/0x10 [ 16.570391] ? ktime_get_ts64+0x86/0x230 [ 16.570421] kunit_try_run_case+0x1a5/0x480 [ 16.570450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.570475] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.570501] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.570527] ? __kthread_parkme+0x82/0x180 [ 16.570552] ? preempt_count_sub+0x50/0x80 [ 16.570581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.570607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.570632] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.570657] kthread+0x337/0x6f0 [ 16.570677] ? trace_preempt_on+0x20/0xc0 [ 16.570704] ? __pfx_kthread+0x10/0x10 [ 16.570724] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.570764] ? calculate_sigpending+0x7b/0xa0 [ 16.570795] ? __pfx_kthread+0x10/0x10 [ 16.570817] ret_from_fork+0x41/0x80 [ 16.570841] ? __pfx_kthread+0x10/0x10 [ 16.570861] ret_from_fork_asm+0x1a/0x30 [ 16.570897] </TASK> [ 16.570911] [ 16.581702] Allocated by task 191: [ 16.582081] kasan_save_stack+0x45/0x70 [ 16.582560] kasan_save_track+0x18/0x40 [ 16.582806] kasan_save_alloc_info+0x3b/0x50 [ 16.583237] __kasan_kmalloc+0xb7/0xc0 [ 16.583444] __kmalloc_cache_noprof+0x189/0x420 [ 16.583882] kmalloc_oob_in_memset+0xac/0x320 [ 16.584191] kunit_try_run_case+0x1a5/0x480 [ 16.584595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585029] kthread+0x337/0x6f0 [ 16.585392] ret_from_fork+0x41/0x80 [ 16.585728] ret_from_fork_asm+0x1a/0x30 [ 16.585982] [ 16.586223] The buggy address belongs to the object at ffff888102b25d00 [ 16.586223] which belongs to the cache kmalloc-128 of size 128 [ 16.586837] The buggy address is located 0 bytes inside of [ 16.586837] allocated 120-byte region [ffff888102b25d00, ffff888102b25d78) [ 16.587697] [ 16.587923] The buggy address belongs to the physical page: [ 16.588351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 16.588775] flags: 0x200000000000000(node=0|zone=2) [ 16.589161] page_type: f5(slab) [ 16.589375] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.590035] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.590460] page dumped because: kasan: bad access detected [ 16.590936] [ 16.591155] Memory state around the buggy address: [ 16.591514] ffff888102b25c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.591986] ffff888102b25c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.592305] >ffff888102b25d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.592873] ^ [ 16.593845] ffff888102b25d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.594345] ffff888102b25e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.594728] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 16.527893] ================================================================== [ 16.529066] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 16.529716] Read of size 16 at addr ffff888102327aa0 by task kunit_try_catch/189 [ 16.530775] [ 16.530978] CPU: 0 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.531095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.531161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.531222] Call Trace: [ 16.531256] <TASK> [ 16.531302] dump_stack_lvl+0x73/0xb0 [ 16.531392] print_report+0xd1/0x650 [ 16.531438] ? __virt_addr_valid+0x1db/0x2d0 [ 16.531479] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.531503] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.531529] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.531553] kasan_report+0x141/0x180 [ 16.531579] ? kmalloc_uaf_16+0x47b/0x4c0 [ 16.531608] __asan_report_load16_noabort+0x18/0x20 [ 16.531645] kmalloc_uaf_16+0x47b/0x4c0 [ 16.531672] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 16.531697] ? __schedule+0x10cc/0x2b30 [ 16.531723] ? __pfx_read_tsc+0x10/0x10 [ 16.531759] ? ktime_get_ts64+0x86/0x230 [ 16.531798] kunit_try_run_case+0x1a5/0x480 [ 16.531830] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531855] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.531882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.531907] ? __kthread_parkme+0x82/0x180 [ 16.531933] ? preempt_count_sub+0x50/0x80 [ 16.531963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531989] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.532014] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.532039] kthread+0x337/0x6f0 [ 16.532058] ? trace_preempt_on+0x20/0xc0 [ 16.532086] ? __pfx_kthread+0x10/0x10 [ 16.532155] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.532183] ? calculate_sigpending+0x7b/0xa0 [ 16.532209] ? __pfx_kthread+0x10/0x10 [ 16.532230] ret_from_fork+0x41/0x80 [ 16.532254] ? __pfx_kthread+0x10/0x10 [ 16.532273] ret_from_fork_asm+0x1a/0x30 [ 16.532309] </TASK> [ 16.532324] [ 16.543688] Allocated by task 189: [ 16.544034] kasan_save_stack+0x45/0x70 [ 16.544439] kasan_save_track+0x18/0x40 [ 16.544770] kasan_save_alloc_info+0x3b/0x50 [ 16.545138] __kasan_kmalloc+0xb7/0xc0 [ 16.545457] __kmalloc_cache_noprof+0x189/0x420 [ 16.545794] kmalloc_uaf_16+0x15b/0x4c0 [ 16.546003] kunit_try_run_case+0x1a5/0x480 [ 16.546355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.546848] kthread+0x337/0x6f0 [ 16.547066] ret_from_fork+0x41/0x80 [ 16.547461] ret_from_fork_asm+0x1a/0x30 [ 16.547696] [ 16.547901] Freed by task 189: [ 16.548210] kasan_save_stack+0x45/0x70 [ 16.548477] kasan_save_track+0x18/0x40 [ 16.548684] kasan_save_free_info+0x3f/0x60 [ 16.549069] __kasan_slab_free+0x56/0x70 [ 16.549483] kfree+0x222/0x3f0 [ 16.549711] kmalloc_uaf_16+0x1d6/0x4c0 [ 16.550042] kunit_try_run_case+0x1a5/0x480 [ 16.550471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.550865] kthread+0x337/0x6f0 [ 16.551207] ret_from_fork+0x41/0x80 [ 16.551450] ret_from_fork_asm+0x1a/0x30 [ 16.551770] [ 16.551973] The buggy address belongs to the object at ffff888102327aa0 [ 16.551973] which belongs to the cache kmalloc-16 of size 16 [ 16.552599] The buggy address is located 0 bytes inside of [ 16.552599] freed 16-byte region [ffff888102327aa0, ffff888102327ab0) [ 16.553296] [ 16.553492] The buggy address belongs to the physical page: [ 16.553970] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102327 [ 16.554506] flags: 0x200000000000000(node=0|zone=2) [ 16.554868] page_type: f5(slab) [ 16.555233] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.555720] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.556208] page dumped because: kasan: bad access detected [ 16.556561] [ 16.556784] Memory state around the buggy address: [ 16.557058] ffff888102327980: 00 05 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 16.557494] ffff888102327a00: 00 02 fc fc fa fb fc fc fa fb fc fc 00 04 fc fc [ 16.557796] >ffff888102327a80: 00 00 fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 16.558075] ^ [ 16.558489] ffff888102327b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559051] ffff888102327b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.559655] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 16.484086] ================================================================== [ 16.484725] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 16.485507] Write of size 16 at addr ffff888101d9a3c0 by task kunit_try_catch/187 [ 16.486013] [ 16.486915] CPU: 1 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.487002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.487019] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.487045] Call Trace: [ 16.487063] <TASK> [ 16.487089] dump_stack_lvl+0x73/0xb0 [ 16.487180] print_report+0xd1/0x650 [ 16.487209] ? __virt_addr_valid+0x1db/0x2d0 [ 16.487237] ? kmalloc_oob_16+0x452/0x4a0 [ 16.487260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.487283] ? kmalloc_oob_16+0x452/0x4a0 [ 16.487306] kasan_report+0x141/0x180 [ 16.487330] ? kmalloc_oob_16+0x452/0x4a0 [ 16.487358] __asan_report_store16_noabort+0x1b/0x30 [ 16.487380] kmalloc_oob_16+0x452/0x4a0 [ 16.487403] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 16.487427] ? __schedule+0x10cc/0x2b30 [ 16.487451] ? __pfx_read_tsc+0x10/0x10 [ 16.487473] ? ktime_get_ts64+0x86/0x230 [ 16.487503] kunit_try_run_case+0x1a5/0x480 [ 16.487530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.487552] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.487578] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.487602] ? __kthread_parkme+0x82/0x180 [ 16.487640] ? preempt_count_sub+0x50/0x80 [ 16.487674] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.487700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.487724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.487765] kthread+0x337/0x6f0 [ 16.487789] ? trace_preempt_on+0x20/0xc0 [ 16.487817] ? __pfx_kthread+0x10/0x10 [ 16.487836] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.487858] ? calculate_sigpending+0x7b/0xa0 [ 16.487883] ? __pfx_kthread+0x10/0x10 [ 16.487902] ret_from_fork+0x41/0x80 [ 16.487925] ? __pfx_kthread+0x10/0x10 [ 16.487945] ret_from_fork_asm+0x1a/0x30 [ 16.487979] </TASK> [ 16.487993] [ 16.498202] Allocated by task 187: [ 16.498530] kasan_save_stack+0x45/0x70 [ 16.499008] kasan_save_track+0x18/0x40 [ 16.499394] kasan_save_alloc_info+0x3b/0x50 [ 16.499739] __kasan_kmalloc+0xb7/0xc0 [ 16.500087] __kmalloc_cache_noprof+0x189/0x420 [ 16.500535] kmalloc_oob_16+0xa8/0x4a0 [ 16.500866] kunit_try_run_case+0x1a5/0x480 [ 16.501257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501720] kthread+0x337/0x6f0 [ 16.501989] ret_from_fork+0x41/0x80 [ 16.502364] ret_from_fork_asm+0x1a/0x30 [ 16.502688] [ 16.502904] The buggy address belongs to the object at ffff888101d9a3c0 [ 16.502904] which belongs to the cache kmalloc-16 of size 16 [ 16.503707] The buggy address is located 0 bytes inside of [ 16.503707] allocated 13-byte region [ffff888101d9a3c0, ffff888101d9a3cd) [ 16.504470] [ 16.504674] The buggy address belongs to the physical page: [ 16.504976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 16.505636] flags: 0x200000000000000(node=0|zone=2) [ 16.506093] page_type: f5(slab) [ 16.506462] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.506865] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.507214] page dumped because: kasan: bad access detected [ 16.507685] [ 16.507860] Memory state around the buggy address: [ 16.508331] ffff888101d9a280: fa fb fc fc 00 03 fc fc 00 03 fc fc fa fb fc fc [ 16.508916] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.509508] >ffff888101d9a380: 00 05 fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 16.510002] ^ [ 16.512008] ffff888101d9a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.512804] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.514004] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.397708] ================================================================== [ 16.398764] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 16.399460] Read of size 1 at addr ffff88810099d600 by task kunit_try_catch/185 [ 16.400105] [ 16.400901] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.401035] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.401066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.401113] Call Trace: [ 16.401143] <TASK> [ 16.401187] dump_stack_lvl+0x73/0xb0 [ 16.401263] print_report+0xd1/0x650 [ 16.401305] ? __virt_addr_valid+0x1db/0x2d0 [ 16.401341] ? krealloc_uaf+0x1b8/0x5e0 [ 16.401364] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.401389] ? krealloc_uaf+0x1b8/0x5e0 [ 16.401412] kasan_report+0x141/0x180 [ 16.401436] ? krealloc_uaf+0x1b8/0x5e0 [ 16.401461] ? krealloc_uaf+0x1b8/0x5e0 [ 16.401484] __kasan_check_byte+0x3d/0x50 [ 16.401508] krealloc_noprof+0x3f/0x340 [ 16.401533] krealloc_uaf+0x1b8/0x5e0 [ 16.401556] ? __pfx_krealloc_uaf+0x10/0x10 [ 16.401579] ? finish_task_switch.isra.0+0x153/0x700 [ 16.401606] ? __switch_to+0x5d9/0xf60 [ 16.401628] ? dequeue_task_fair+0x166/0x4e0 [ 16.401654] ? __schedule+0x10cc/0x2b30 [ 16.401678] ? __pfx_read_tsc+0x10/0x10 [ 16.401702] ? ktime_get_ts64+0x86/0x230 [ 16.401725] ? irqentry_exit+0x2a/0x60 [ 16.401777] kunit_try_run_case+0x1a5/0x480 [ 16.401809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.401858] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.401882] ? __kthread_parkme+0x82/0x180 [ 16.401906] ? preempt_count_sub+0x50/0x80 [ 16.401932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.401956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.401980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.402004] kthread+0x337/0x6f0 [ 16.402023] ? trace_preempt_on+0x20/0xc0 [ 16.402050] ? __pfx_kthread+0x10/0x10 [ 16.402069] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.402092] ? calculate_sigpending+0x7b/0xa0 [ 16.402149] ? __pfx_kthread+0x10/0x10 [ 16.402173] ret_from_fork+0x41/0x80 [ 16.402208] ? __pfx_kthread+0x10/0x10 [ 16.402242] ret_from_fork_asm+0x1a/0x30 [ 16.402292] </TASK> [ 16.402308] [ 16.415369] Allocated by task 185: [ 16.415663] kasan_save_stack+0x45/0x70 [ 16.416041] kasan_save_track+0x18/0x40 [ 16.416349] kasan_save_alloc_info+0x3b/0x50 [ 16.416722] __kasan_kmalloc+0xb7/0xc0 [ 16.418306] __kmalloc_cache_noprof+0x189/0x420 [ 16.418733] krealloc_uaf+0xbb/0x5e0 [ 16.419079] kunit_try_run_case+0x1a5/0x480 [ 16.419367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.419653] kthread+0x337/0x6f0 [ 16.419968] ret_from_fork+0x41/0x80 [ 16.420324] ret_from_fork_asm+0x1a/0x30 [ 16.420584] [ 16.420895] Freed by task 185: [ 16.421285] kasan_save_stack+0x45/0x70 [ 16.421503] kasan_save_track+0x18/0x40 [ 16.421817] kasan_save_free_info+0x3f/0x60 [ 16.422185] __kasan_slab_free+0x56/0x70 [ 16.422429] kfree+0x222/0x3f0 [ 16.422630] krealloc_uaf+0x13d/0x5e0 [ 16.423046] kunit_try_run_case+0x1a5/0x480 [ 16.423412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.423654] kthread+0x337/0x6f0 [ 16.423985] ret_from_fork+0x41/0x80 [ 16.424881] ret_from_fork_asm+0x1a/0x30 [ 16.425368] [ 16.425484] The buggy address belongs to the object at ffff88810099d600 [ 16.425484] which belongs to the cache kmalloc-256 of size 256 [ 16.425979] The buggy address is located 0 bytes inside of [ 16.425979] freed 256-byte region [ffff88810099d600, ffff88810099d700) [ 16.426829] [ 16.427009] The buggy address belongs to the physical page: [ 16.427192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.427436] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.429051] flags: 0x200000000000040(head|node=0|zone=2) [ 16.429636] page_type: f5(slab) [ 16.429858] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.430352] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.430805] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.431254] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.432027] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.432518] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.433420] page dumped because: kasan: bad access detected [ 16.433884] [ 16.433961] Memory state around the buggy address: [ 16.434083] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435036] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435743] >ffff88810099d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.436243] ^ [ 16.436413] ffff88810099d680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.437313] ffff88810099d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.438282] ================================================================== [ 16.439550] ================================================================== [ 16.440177] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 16.441044] Read of size 1 at addr ffff88810099d600 by task kunit_try_catch/185 [ 16.441699] [ 16.441937] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.442055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.442083] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.442140] Call Trace: [ 16.442172] <TASK> [ 16.442260] dump_stack_lvl+0x73/0xb0 [ 16.442342] print_report+0xd1/0x650 [ 16.442393] ? __virt_addr_valid+0x1db/0x2d0 [ 16.442444] ? krealloc_uaf+0x53c/0x5e0 [ 16.442514] ? kasan_complete_mode_report_info+0x64/0x200 [ 16.442564] ? krealloc_uaf+0x53c/0x5e0 [ 16.442610] kasan_report+0x141/0x180 [ 16.442660] ? krealloc_uaf+0x53c/0x5e0 [ 16.442723] __asan_report_load1_noabort+0x18/0x20 [ 16.442774] krealloc_uaf+0x53c/0x5e0 [ 16.442818] ? __pfx_krealloc_uaf+0x10/0x10 [ 16.442861] ? finish_task_switch.isra.0+0x153/0x700 [ 16.442910] ? __switch_to+0x5d9/0xf60 [ 16.442954] ? dequeue_task_fair+0x166/0x4e0 [ 16.443006] ? __schedule+0x10cc/0x2b30 [ 16.443056] ? __pfx_read_tsc+0x10/0x10 [ 16.443133] ? ktime_get_ts64+0x86/0x230 [ 16.443180] ? irqentry_exit+0x2a/0x60 [ 16.443234] kunit_try_run_case+0x1a5/0x480 [ 16.443290] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.443338] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.443386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.443454] ? __kthread_parkme+0x82/0x180 [ 16.443500] ? preempt_count_sub+0x50/0x80 [ 16.443549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.443600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.443661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.443713] kthread+0x337/0x6f0 [ 16.443767] ? trace_preempt_on+0x20/0xc0 [ 16.443823] ? __pfx_kthread+0x10/0x10 [ 16.443862] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.443908] ? calculate_sigpending+0x7b/0xa0 [ 16.443957] ? __pfx_kthread+0x10/0x10 [ 16.444001] ret_from_fork+0x41/0x80 [ 16.444048] ? __pfx_kthread+0x10/0x10 [ 16.444091] ret_from_fork_asm+0x1a/0x30 [ 16.444161] </TASK> [ 16.444179] [ 16.455889] Allocated by task 185: [ 16.456240] kasan_save_stack+0x45/0x70 [ 16.456669] kasan_save_track+0x18/0x40 [ 16.457014] kasan_save_alloc_info+0x3b/0x50 [ 16.457430] __kasan_kmalloc+0xb7/0xc0 [ 16.457791] __kmalloc_cache_noprof+0x189/0x420 [ 16.458235] krealloc_uaf+0xbb/0x5e0 [ 16.458595] kunit_try_run_case+0x1a5/0x480 [ 16.458935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.459224] kthread+0x337/0x6f0 [ 16.459413] ret_from_fork+0x41/0x80 [ 16.459663] ret_from_fork_asm+0x1a/0x30 [ 16.460059] [ 16.460280] Freed by task 185: [ 16.460608] kasan_save_stack+0x45/0x70 [ 16.460971] kasan_save_track+0x18/0x40 [ 16.461363] kasan_save_free_info+0x3f/0x60 [ 16.461765] __kasan_slab_free+0x56/0x70 [ 16.462155] kfree+0x222/0x3f0 [ 16.462487] krealloc_uaf+0x13d/0x5e0 [ 16.462745] kunit_try_run_case+0x1a5/0x480 [ 16.463038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.463444] kthread+0x337/0x6f0 [ 16.463651] ret_from_fork+0x41/0x80 [ 16.463865] ret_from_fork_asm+0x1a/0x30 [ 16.464214] [ 16.464392] The buggy address belongs to the object at ffff88810099d600 [ 16.464392] which belongs to the cache kmalloc-256 of size 256 [ 16.465366] The buggy address is located 0 bytes inside of [ 16.465366] freed 256-byte region [ffff88810099d600, ffff88810099d700) [ 16.466329] [ 16.466481] The buggy address belongs to the physical page: [ 16.466823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.467363] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.467735] flags: 0x200000000000040(head|node=0|zone=2) [ 16.468033] page_type: f5(slab) [ 16.468314] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.468930] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.469536] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.470185] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.470815] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.471353] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.471948] page dumped because: kasan: bad access detected [ 16.472438] [ 16.472587] Memory state around the buggy address: [ 16.472996] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.473482] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.473995] >ffff88810099d600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.474465] ^ [ 16.474766] ffff88810099d680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.475267] ffff88810099d700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475724] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.005103] ================================================================== [ 16.005508] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.006379] Write of size 1 at addr ffff88810099d4d0 by task kunit_try_catch/179 [ 16.007299] [ 16.007945] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.008054] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.008078] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.008384] Call Trace: [ 16.008453] <TASK> [ 16.008558] dump_stack_lvl+0x73/0xb0 [ 16.008626] print_report+0xd1/0x650 [ 16.008655] ? __virt_addr_valid+0x1db/0x2d0 [ 16.008682] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.008708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.008732] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.008782] kasan_report+0x141/0x180 [ 16.008809] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.008840] __asan_report_store1_noabort+0x1b/0x30 [ 16.008862] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.008886] ? __perf_event_task_sched_in+0x151/0x360 [ 16.008915] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.008940] ? finish_task_switch.isra.0+0x153/0x700 [ 16.008966] ? __switch_to+0x5d9/0xf60 [ 16.008988] ? dequeue_task_fair+0x166/0x4e0 [ 16.009015] ? __schedule+0x10cc/0x2b30 [ 16.009038] ? __pfx_read_tsc+0x10/0x10 [ 16.009064] krealloc_less_oob+0x1c/0x30 [ 16.009088] kunit_try_run_case+0x1a5/0x480 [ 16.009152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.009179] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.009221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.009260] ? __kthread_parkme+0x82/0x180 [ 16.009297] ? preempt_count_sub+0x50/0x80 [ 16.009336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.009360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.009385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.009418] kthread+0x337/0x6f0 [ 16.009443] ? trace_preempt_on+0x20/0xc0 [ 16.009469] ? __pfx_kthread+0x10/0x10 [ 16.009488] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.009510] ? calculate_sigpending+0x7b/0xa0 [ 16.009533] ? __pfx_kthread+0x10/0x10 [ 16.009552] ret_from_fork+0x41/0x80 [ 16.009574] ? __pfx_kthread+0x10/0x10 [ 16.009594] ret_from_fork_asm+0x1a/0x30 [ 16.009628] </TASK> [ 16.009642] [ 16.024439] Allocated by task 179: [ 16.024954] kasan_save_stack+0x45/0x70 [ 16.025238] kasan_save_track+0x18/0x40 [ 16.025439] kasan_save_alloc_info+0x3b/0x50 [ 16.025670] __kasan_krealloc+0x190/0x1f0 [ 16.026599] krealloc_noprof+0xf3/0x340 [ 16.027211] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.027845] krealloc_less_oob+0x1c/0x30 [ 16.028682] kunit_try_run_case+0x1a5/0x480 [ 16.029229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.029977] kthread+0x337/0x6f0 [ 16.030219] ret_from_fork+0x41/0x80 [ 16.030620] ret_from_fork_asm+0x1a/0x30 [ 16.031150] [ 16.031339] The buggy address belongs to the object at ffff88810099d400 [ 16.031339] which belongs to the cache kmalloc-256 of size 256 [ 16.032083] The buggy address is located 7 bytes to the right of [ 16.032083] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.032685] [ 16.033843] The buggy address belongs to the physical page: [ 16.034109] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.034796] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.035684] flags: 0x200000000000040(head|node=0|zone=2) [ 16.036001] page_type: f5(slab) [ 16.036580] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.037231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.037513] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.038600] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.038865] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.039094] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.040298] page dumped because: kasan: bad access detected [ 16.040793] [ 16.040914] Memory state around the buggy address: [ 16.041610] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.042370] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.042858] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.043306] ^ [ 16.043494] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.044692] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.045411] ================================================================== [ 16.357513] ================================================================== [ 16.358119] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.358529] Write of size 1 at addr ffff888103a020eb by task kunit_try_catch/183 [ 16.358852] [ 16.359028] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.359139] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.359163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.359203] Call Trace: [ 16.359245] <TASK> [ 16.359283] dump_stack_lvl+0x73/0xb0 [ 16.359349] print_report+0xd1/0x650 [ 16.359396] ? __virt_addr_valid+0x1db/0x2d0 [ 16.359444] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.359494] ? kasan_addr_to_slab+0x11/0xa0 [ 16.359536] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.359573] kasan_report+0x141/0x180 [ 16.359608] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.359665] __asan_report_store1_noabort+0x1b/0x30 [ 16.359696] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.359735] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.359786] ? finish_task_switch.isra.0+0x153/0x700 [ 16.359825] ? __switch_to+0x5d9/0xf60 [ 16.359858] ? dequeue_task_fair+0x166/0x4e0 [ 16.359894] ? __schedule+0x10cc/0x2b30 [ 16.359926] ? __pfx_read_tsc+0x10/0x10 [ 16.359962] krealloc_large_less_oob+0x1c/0x30 [ 16.359998] kunit_try_run_case+0x1a5/0x480 [ 16.360035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.360067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.360102] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.360136] ? __kthread_parkme+0x82/0x180 [ 16.360170] ? preempt_count_sub+0x50/0x80 [ 16.360205] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.360237] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.360269] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.360301] kthread+0x337/0x6f0 [ 16.360326] ? trace_preempt_on+0x20/0xc0 [ 16.360362] ? __pfx_kthread+0x10/0x10 [ 16.360390] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.360421] ? calculate_sigpending+0x7b/0xa0 [ 16.360456] ? __pfx_kthread+0x10/0x10 [ 16.360630] ret_from_fork+0x41/0x80 [ 16.360682] ? __pfx_kthread+0x10/0x10 [ 16.360721] ret_from_fork_asm+0x1a/0x30 [ 16.360800] </TASK> [ 16.360827] [ 16.371982] The buggy address belongs to the physical page: [ 16.372667] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.373082] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.373379] flags: 0x200000000000040(head|node=0|zone=2) [ 16.373640] page_type: f8(unknown) [ 16.373907] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.374598] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.375180] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.375780] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.376441] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.376821] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.377134] page dumped because: kasan: bad access detected [ 16.377565] [ 16.377736] Memory state around the buggy address: [ 16.378140] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.378615] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.379007] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.379677] ^ [ 16.380090] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.380452] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.380736] ================================================================== [ 16.089626] ================================================================== [ 16.090433] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.091655] Write of size 1 at addr ffff88810099d4ea by task kunit_try_catch/179 [ 16.092224] [ 16.092417] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.092566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.092598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.092673] Call Trace: [ 16.092874] <TASK> [ 16.092918] dump_stack_lvl+0x73/0xb0 [ 16.092993] print_report+0xd1/0x650 [ 16.093032] ? __virt_addr_valid+0x1db/0x2d0 [ 16.093070] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.093105] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.093155] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.093191] kasan_report+0x141/0x180 [ 16.093225] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.093268] __asan_report_store1_noabort+0x1b/0x30 [ 16.093300] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.093333] ? __perf_event_task_sched_in+0x151/0x360 [ 16.093374] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.093413] ? finish_task_switch.isra.0+0x153/0x700 [ 16.093450] ? __switch_to+0x5d9/0xf60 [ 16.093485] ? dequeue_task_fair+0x166/0x4e0 [ 16.093525] ? __schedule+0x10cc/0x2b30 [ 16.093560] ? __pfx_read_tsc+0x10/0x10 [ 16.093597] krealloc_less_oob+0x1c/0x30 [ 16.093635] kunit_try_run_case+0x1a5/0x480 [ 16.093675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.093716] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.093776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.093819] ? __kthread_parkme+0x82/0x180 [ 16.093861] ? preempt_count_sub+0x50/0x80 [ 16.094089] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.094169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094229] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.094271] kthread+0x337/0x6f0 [ 16.094305] ? trace_preempt_on+0x20/0xc0 [ 16.094341] ? __pfx_kthread+0x10/0x10 [ 16.094362] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.094386] ? calculate_sigpending+0x7b/0xa0 [ 16.094410] ? __pfx_kthread+0x10/0x10 [ 16.094430] ret_from_fork+0x41/0x80 [ 16.094454] ? __pfx_kthread+0x10/0x10 [ 16.094474] ret_from_fork_asm+0x1a/0x30 [ 16.094508] </TASK> [ 16.094523] [ 16.109135] Allocated by task 179: [ 16.109596] kasan_save_stack+0x45/0x70 [ 16.109894] kasan_save_track+0x18/0x40 [ 16.110091] kasan_save_alloc_info+0x3b/0x50 [ 16.110549] __kasan_krealloc+0x190/0x1f0 [ 16.110891] krealloc_noprof+0xf3/0x340 [ 16.111216] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.111679] krealloc_less_oob+0x1c/0x30 [ 16.112084] kunit_try_run_case+0x1a5/0x480 [ 16.112538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.112994] kthread+0x337/0x6f0 [ 16.113390] ret_from_fork+0x41/0x80 [ 16.113891] ret_from_fork_asm+0x1a/0x30 [ 16.114359] [ 16.114601] The buggy address belongs to the object at ffff88810099d400 [ 16.114601] which belongs to the cache kmalloc-256 of size 256 [ 16.114956] The buggy address is located 33 bytes to the right of [ 16.114956] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.115775] [ 16.116025] The buggy address belongs to the physical page: [ 16.116529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.117252] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.118030] flags: 0x200000000000040(head|node=0|zone=2) [ 16.118612] page_type: f5(slab) [ 16.119018] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.119707] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.120235] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.120659] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.121286] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.121985] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.122780] page dumped because: kasan: bad access detected [ 16.123141] [ 16.123416] Memory state around the buggy address: [ 16.123880] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124605] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.124848] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.125089] ^ [ 16.125712] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.126391] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127064] ================================================================== [ 16.128282] ================================================================== [ 16.128979] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.130458] Write of size 1 at addr ffff88810099d4eb by task kunit_try_catch/179 [ 16.131055] [ 16.131239] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.131348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.131373] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.131410] Call Trace: [ 16.131452] <TASK> [ 16.131490] dump_stack_lvl+0x73/0xb0 [ 16.131546] print_report+0xd1/0x650 [ 16.131576] ? __virt_addr_valid+0x1db/0x2d0 [ 16.131603] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.131645] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.131678] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.131703] kasan_report+0x141/0x180 [ 16.131728] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.131787] __asan_report_store1_noabort+0x1b/0x30 [ 16.131825] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.131867] ? __perf_event_task_sched_in+0x151/0x360 [ 16.131918] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.131961] ? finish_task_switch.isra.0+0x153/0x700 [ 16.132003] ? __switch_to+0x5d9/0xf60 [ 16.132044] ? dequeue_task_fair+0x166/0x4e0 [ 16.132088] ? __schedule+0x10cc/0x2b30 [ 16.132131] ? __pfx_read_tsc+0x10/0x10 [ 16.132180] krealloc_less_oob+0x1c/0x30 [ 16.132227] kunit_try_run_case+0x1a5/0x480 [ 16.132428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.132470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.132523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.132559] ? __kthread_parkme+0x82/0x180 [ 16.132585] ? preempt_count_sub+0x50/0x80 [ 16.132627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.132666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.132691] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.132715] kthread+0x337/0x6f0 [ 16.132734] ? trace_preempt_on+0x20/0xc0 [ 16.132777] ? __pfx_kthread+0x10/0x10 [ 16.132799] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.132821] ? calculate_sigpending+0x7b/0xa0 [ 16.132845] ? __pfx_kthread+0x10/0x10 [ 16.132866] ret_from_fork+0x41/0x80 [ 16.132889] ? __pfx_kthread+0x10/0x10 [ 16.132909] ret_from_fork_asm+0x1a/0x30 [ 16.132944] </TASK> [ 16.132960] [ 16.146876] Allocated by task 179: [ 16.147267] kasan_save_stack+0x45/0x70 [ 16.147554] kasan_save_track+0x18/0x40 [ 16.148366] kasan_save_alloc_info+0x3b/0x50 [ 16.148790] __kasan_krealloc+0x190/0x1f0 [ 16.150130] krealloc_noprof+0xf3/0x340 [ 16.150606] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.150901] krealloc_less_oob+0x1c/0x30 [ 16.151677] kunit_try_run_case+0x1a5/0x480 [ 16.151897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.152460] kthread+0x337/0x6f0 [ 16.152668] ret_from_fork+0x41/0x80 [ 16.153005] ret_from_fork_asm+0x1a/0x30 [ 16.154041] [ 16.154181] The buggy address belongs to the object at ffff88810099d400 [ 16.154181] which belongs to the cache kmalloc-256 of size 256 [ 16.154834] The buggy address is located 34 bytes to the right of [ 16.154834] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.155491] [ 16.155671] The buggy address belongs to the physical page: [ 16.156363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.156960] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.158581] flags: 0x200000000000040(head|node=0|zone=2) [ 16.158756] page_type: f5(slab) [ 16.158870] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.159026] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.159550] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.160202] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.161065] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.161671] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.162277] page dumped because: kasan: bad access detected [ 16.162877] [ 16.163029] Memory state around the buggy address: [ 16.163277] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.163495] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.163788] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.164049] ^ [ 16.164642] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.165601] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.166089] ================================================================== [ 15.959787] ================================================================== [ 15.960792] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 15.961169] Write of size 1 at addr ffff88810099d4c9 by task kunit_try_catch/179 [ 15.961578] [ 15.961822] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.961933] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.961957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.961996] Call Trace: [ 15.962026] <TASK> [ 15.962063] dump_stack_lvl+0x73/0xb0 [ 15.962152] print_report+0xd1/0x650 [ 15.962227] ? __virt_addr_valid+0x1db/0x2d0 [ 15.962279] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 15.962332] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.962383] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 15.962437] kasan_report+0x141/0x180 [ 15.962485] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 15.962680] __asan_report_store1_noabort+0x1b/0x30 [ 15.962727] krealloc_less_oob_helper+0xd70/0x11d0 [ 15.962857] ? __perf_event_task_sched_in+0x151/0x360 [ 15.962924] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 15.962976] ? finish_task_switch.isra.0+0x153/0x700 [ 15.963021] ? __switch_to+0x5d9/0xf60 [ 15.963062] ? dequeue_task_fair+0x166/0x4e0 [ 15.963113] ? __schedule+0x10cc/0x2b30 [ 15.963157] ? __pfx_read_tsc+0x10/0x10 [ 15.963243] krealloc_less_oob+0x1c/0x30 [ 15.963309] kunit_try_run_case+0x1a5/0x480 [ 15.963362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.963446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.963486] ? __kthread_parkme+0x82/0x180 [ 15.963520] ? preempt_count_sub+0x50/0x80 [ 15.963558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.963594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.963686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.963758] kthread+0x337/0x6f0 [ 15.963802] ? trace_preempt_on+0x20/0xc0 [ 15.963857] ? __pfx_kthread+0x10/0x10 [ 15.963902] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.963945] ? calculate_sigpending+0x7b/0xa0 [ 15.963974] ? __pfx_kthread+0x10/0x10 [ 15.963995] ret_from_fork+0x41/0x80 [ 15.964021] ? __pfx_kthread+0x10/0x10 [ 15.964042] ret_from_fork_asm+0x1a/0x30 [ 15.964079] </TASK> [ 15.964095] [ 15.977743] Allocated by task 179: [ 15.978276] kasan_save_stack+0x45/0x70 [ 15.978961] kasan_save_track+0x18/0x40 [ 15.979554] kasan_save_alloc_info+0x3b/0x50 [ 15.979767] __kasan_krealloc+0x190/0x1f0 [ 15.980170] krealloc_noprof+0xf3/0x340 [ 15.981224] krealloc_less_oob_helper+0x1aa/0x11d0 [ 15.981866] krealloc_less_oob+0x1c/0x30 [ 15.982194] kunit_try_run_case+0x1a5/0x480 [ 15.982827] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.983374] kthread+0x337/0x6f0 [ 15.983720] ret_from_fork+0x41/0x80 [ 15.983912] ret_from_fork_asm+0x1a/0x30 [ 15.984315] [ 15.984512] The buggy address belongs to the object at ffff88810099d400 [ 15.984512] which belongs to the cache kmalloc-256 of size 256 [ 15.986829] The buggy address is located 0 bytes to the right of [ 15.986829] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 15.990507] [ 15.990784] The buggy address belongs to the physical page: [ 15.991717] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 15.992070] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.992338] flags: 0x200000000000040(head|node=0|zone=2) [ 15.992559] page_type: f5(slab) [ 15.992733] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.996598] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.997600] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.997864] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.998085] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 15.998651] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.999102] page dumped because: kasan: bad access detected [ 15.999438] [ 15.999568] Memory state around the buggy address: [ 16.001045] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.001650] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.001887] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.002148] ^ [ 16.002718] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.003416] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.004137] ================================================================== [ 16.046455] ================================================================== [ 16.046811] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.048119] Write of size 1 at addr ffff88810099d4da by task kunit_try_catch/179 [ 16.048985] [ 16.049425] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.049547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.049577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.049631] Call Trace: [ 16.049689] <TASK> [ 16.049733] dump_stack_lvl+0x73/0xb0 [ 16.049829] print_report+0xd1/0x650 [ 16.049886] ? __virt_addr_valid+0x1db/0x2d0 [ 16.049953] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.050008] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.050050] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.050077] kasan_report+0x141/0x180 [ 16.050117] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.050196] __asan_report_store1_noabort+0x1b/0x30 [ 16.050234] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.050695] ? __perf_event_task_sched_in+0x151/0x360 [ 16.050734] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.050792] ? finish_task_switch.isra.0+0x153/0x700 [ 16.050829] ? __switch_to+0x5d9/0xf60 [ 16.050857] ? dequeue_task_fair+0x166/0x4e0 [ 16.050884] ? __schedule+0x10cc/0x2b30 [ 16.050908] ? __pfx_read_tsc+0x10/0x10 [ 16.050935] krealloc_less_oob+0x1c/0x30 [ 16.050958] kunit_try_run_case+0x1a5/0x480 [ 16.050985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.051008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.051033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.051057] ? __kthread_parkme+0x82/0x180 [ 16.051080] ? preempt_count_sub+0x50/0x80 [ 16.051105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.051144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.051170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.051206] kthread+0x337/0x6f0 [ 16.051236] ? trace_preempt_on+0x20/0xc0 [ 16.051277] ? __pfx_kthread+0x10/0x10 [ 16.051309] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.051340] ? calculate_sigpending+0x7b/0xa0 [ 16.051364] ? __pfx_kthread+0x10/0x10 [ 16.051385] ret_from_fork+0x41/0x80 [ 16.051408] ? __pfx_kthread+0x10/0x10 [ 16.051428] ret_from_fork_asm+0x1a/0x30 [ 16.051464] </TASK> [ 16.051480] [ 16.067829] Allocated by task 179: [ 16.068856] kasan_save_stack+0x45/0x70 [ 16.069435] kasan_save_track+0x18/0x40 [ 16.069991] kasan_save_alloc_info+0x3b/0x50 [ 16.070492] __kasan_krealloc+0x190/0x1f0 [ 16.070858] krealloc_noprof+0xf3/0x340 [ 16.071200] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.071514] krealloc_less_oob+0x1c/0x30 [ 16.072026] kunit_try_run_case+0x1a5/0x480 [ 16.073024] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.073500] kthread+0x337/0x6f0 [ 16.073716] ret_from_fork+0x41/0x80 [ 16.073969] ret_from_fork_asm+0x1a/0x30 [ 16.074598] [ 16.074758] The buggy address belongs to the object at ffff88810099d400 [ 16.074758] which belongs to the cache kmalloc-256 of size 256 [ 16.075788] The buggy address is located 17 bytes to the right of [ 16.075788] allocated 201-byte region [ffff88810099d400, ffff88810099d4c9) [ 16.077080] [ 16.077293] The buggy address belongs to the physical page: [ 16.077638] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10099c [ 16.078489] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.078927] flags: 0x200000000000040(head|node=0|zone=2) [ 16.079356] page_type: f5(slab) [ 16.079652] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.080111] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.080452] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.081829] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.082260] head: 0200000000000001 ffffea0004026701 00000000ffffffff 00000000ffffffff [ 16.082765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.083140] page dumped because: kasan: bad access detected [ 16.083501] [ 16.083695] Memory state around the buggy address: [ 16.084784] ffff88810099d380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085719] ffff88810099d400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.086138] >ffff88810099d480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.086680] ^ [ 16.087000] ffff88810099d500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.087601] ffff88810099d580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.088759] ================================================================== [ 16.307761] ================================================================== [ 16.308384] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.310061] Write of size 1 at addr ffff888103a020da by task kunit_try_catch/183 [ 16.310952] [ 16.311225] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.311335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.311363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.311406] Call Trace: [ 16.311444] <TASK> [ 16.311482] dump_stack_lvl+0x73/0xb0 [ 16.311556] print_report+0xd1/0x650 [ 16.311599] ? __virt_addr_valid+0x1db/0x2d0 [ 16.311660] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.311709] ? kasan_addr_to_slab+0x11/0xa0 [ 16.311737] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.311788] kasan_report+0x141/0x180 [ 16.311814] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.311845] __asan_report_store1_noabort+0x1b/0x30 [ 16.311868] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.311896] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.311922] ? finish_task_switch.isra.0+0x153/0x700 [ 16.311948] ? __switch_to+0x5d9/0xf60 [ 16.311971] ? dequeue_task_fair+0x166/0x4e0 [ 16.311997] ? __schedule+0x10cc/0x2b30 [ 16.312020] ? __pfx_read_tsc+0x10/0x10 [ 16.312046] krealloc_large_less_oob+0x1c/0x30 [ 16.312071] kunit_try_run_case+0x1a5/0x480 [ 16.312098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.312165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.312189] ? __kthread_parkme+0x82/0x180 [ 16.312213] ? preempt_count_sub+0x50/0x80 [ 16.312239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.312287] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.312311] kthread+0x337/0x6f0 [ 16.312330] ? trace_preempt_on+0x20/0xc0 [ 16.312357] ? __pfx_kthread+0x10/0x10 [ 16.312377] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.312399] ? calculate_sigpending+0x7b/0xa0 [ 16.312422] ? __pfx_kthread+0x10/0x10 [ 16.312442] ret_from_fork+0x41/0x80 [ 16.312464] ? __pfx_kthread+0x10/0x10 [ 16.312484] ret_from_fork_asm+0x1a/0x30 [ 16.312519] </TASK> [ 16.312534] [ 16.323096] The buggy address belongs to the physical page: [ 16.323620] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.324083] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.324631] flags: 0x200000000000040(head|node=0|zone=2) [ 16.325194] page_type: f8(unknown) [ 16.325444] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.325812] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.326338] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.326756] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.327481] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.327815] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.328276] page dumped because: kasan: bad access detected [ 16.328506] [ 16.328628] Memory state around the buggy address: [ 16.328863] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.329150] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.329429] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.330005] ^ [ 16.330441] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.331123] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.331903] ================================================================== [ 16.245898] ================================================================== [ 16.246458] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 16.247723] Write of size 1 at addr ffff888103a020c9 by task kunit_try_catch/183 [ 16.249276] [ 16.249472] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.249585] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.249610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.249653] Call Trace: [ 16.249685] <TASK> [ 16.249725] dump_stack_lvl+0x73/0xb0 [ 16.249820] print_report+0xd1/0x650 [ 16.249862] ? __virt_addr_valid+0x1db/0x2d0 [ 16.249909] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.249954] ? kasan_addr_to_slab+0x11/0xa0 [ 16.249993] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.250038] kasan_report+0x141/0x180 [ 16.250079] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.250141] __asan_report_store1_noabort+0x1b/0x30 [ 16.250177] krealloc_less_oob_helper+0xd70/0x11d0 [ 16.250217] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.250266] ? finish_task_switch.isra.0+0x153/0x700 [ 16.250318] ? __switch_to+0x5d9/0xf60 [ 16.250357] ? dequeue_task_fair+0x166/0x4e0 [ 16.250396] ? __schedule+0x10cc/0x2b30 [ 16.250435] ? __pfx_read_tsc+0x10/0x10 [ 16.250484] krealloc_large_less_oob+0x1c/0x30 [ 16.250527] kunit_try_run_case+0x1a5/0x480 [ 16.250576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.250618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.250664] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.250707] ? __kthread_parkme+0x82/0x180 [ 16.251579] ? preempt_count_sub+0x50/0x80 [ 16.251688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.251735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.251795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.251833] kthread+0x337/0x6f0 [ 16.251865] ? trace_preempt_on+0x20/0xc0 [ 16.251906] ? __pfx_kthread+0x10/0x10 [ 16.251942] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.251984] ? calculate_sigpending+0x7b/0xa0 [ 16.252027] ? __pfx_kthread+0x10/0x10 [ 16.252064] ret_from_fork+0x41/0x80 [ 16.252144] ? __pfx_kthread+0x10/0x10 [ 16.252183] ret_from_fork_asm+0x1a/0x30 [ 16.252246] </TASK> [ 16.252272] [ 16.271854] The buggy address belongs to the physical page: [ 16.272456] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.273074] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.273472] flags: 0x200000000000040(head|node=0|zone=2) [ 16.273796] page_type: f8(unknown) [ 16.274119] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.274512] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.275126] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.275466] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.275795] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.276536] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.277170] page dumped because: kasan: bad access detected [ 16.277479] [ 16.277608] Memory state around the buggy address: [ 16.278061] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.278720] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.279163] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.279619] ^ [ 16.280233] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.280822] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.281236] ================================================================== [ 16.282688] ================================================================== [ 16.283062] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.283405] Write of size 1 at addr ffff888103a020d0 by task kunit_try_catch/183 [ 16.284116] [ 16.285180] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.285285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.285307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.285345] Call Trace: [ 16.285579] <TASK> [ 16.285618] dump_stack_lvl+0x73/0xb0 [ 16.285703] print_report+0xd1/0x650 [ 16.285760] ? __virt_addr_valid+0x1db/0x2d0 [ 16.285806] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.285844] ? kasan_addr_to_slab+0x11/0xa0 [ 16.285884] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.285931] kasan_report+0x141/0x180 [ 16.285969] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.286027] __asan_report_store1_noabort+0x1b/0x30 [ 16.286076] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.286173] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.286224] ? finish_task_switch.isra.0+0x153/0x700 [ 16.286259] ? __switch_to+0x5d9/0xf60 [ 16.286282] ? dequeue_task_fair+0x166/0x4e0 [ 16.286309] ? __schedule+0x10cc/0x2b30 [ 16.286333] ? __pfx_read_tsc+0x10/0x10 [ 16.286359] krealloc_large_less_oob+0x1c/0x30 [ 16.286384] kunit_try_run_case+0x1a5/0x480 [ 16.286411] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.286459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.286483] ? __kthread_parkme+0x82/0x180 [ 16.286507] ? preempt_count_sub+0x50/0x80 [ 16.286532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.286580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.286604] kthread+0x337/0x6f0 [ 16.286623] ? trace_preempt_on+0x20/0xc0 [ 16.286648] ? __pfx_kthread+0x10/0x10 [ 16.286668] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.286690] ? calculate_sigpending+0x7b/0xa0 [ 16.286713] ? __pfx_kthread+0x10/0x10 [ 16.286733] ret_from_fork+0x41/0x80 [ 16.286781] ? __pfx_kthread+0x10/0x10 [ 16.286804] ret_from_fork_asm+0x1a/0x30 [ 16.286839] </TASK> [ 16.286854] [ 16.296920] The buggy address belongs to the physical page: [ 16.297450] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.297893] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.298330] flags: 0x200000000000040(head|node=0|zone=2) [ 16.298601] page_type: f8(unknown) [ 16.298821] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.299310] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.299912] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.300525] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.300867] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.301238] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.301802] page dumped because: kasan: bad access detected [ 16.302250] [ 16.302435] Memory state around the buggy address: [ 16.302833] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.303203] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.303488] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.303776] ^ [ 16.304028] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.304564] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.305152] ================================================================== [ 16.333180] ================================================================== [ 16.333532] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.333817] Write of size 1 at addr ffff888103a020ea by task kunit_try_catch/183 [ 16.334032] [ 16.334160] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.334249] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.334272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.334309] Call Trace: [ 16.334347] <TASK> [ 16.334383] dump_stack_lvl+0x73/0xb0 [ 16.334442] print_report+0xd1/0x650 [ 16.334488] ? __virt_addr_valid+0x1db/0x2d0 [ 16.334537] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.334589] ? kasan_addr_to_slab+0x11/0xa0 [ 16.334636] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.334689] kasan_report+0x141/0x180 [ 16.334741] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.334822] __asan_report_store1_noabort+0x1b/0x30 [ 16.334875] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.334934] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.334986] ? finish_task_switch.isra.0+0x153/0x700 [ 16.335036] ? __switch_to+0x5d9/0xf60 [ 16.335081] ? dequeue_task_fair+0x166/0x4e0 [ 16.335134] ? __schedule+0x10cc/0x2b30 [ 16.335182] ? __pfx_read_tsc+0x10/0x10 [ 16.335234] krealloc_large_less_oob+0x1c/0x30 [ 16.335274] kunit_try_run_case+0x1a5/0x480 [ 16.335328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.335375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.335428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.335479] ? __kthread_parkme+0x82/0x180 [ 16.335521] ? preempt_count_sub+0x50/0x80 [ 16.335564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.335609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.335664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.335704] kthread+0x337/0x6f0 [ 16.335739] ? trace_preempt_on+0x20/0xc0 [ 16.335801] ? __pfx_kthread+0x10/0x10 [ 16.335843] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.335890] ? calculate_sigpending+0x7b/0xa0 [ 16.335940] ? __pfx_kthread+0x10/0x10 [ 16.335984] ret_from_fork+0x41/0x80 [ 16.336032] ? __pfx_kthread+0x10/0x10 [ 16.336074] ret_from_fork_asm+0x1a/0x30 [ 16.336148] </TASK> [ 16.336178] [ 16.347290] The buggy address belongs to the physical page: [ 16.347851] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.348633] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.348952] flags: 0x200000000000040(head|node=0|zone=2) [ 16.349413] page_type: f8(unknown) [ 16.349766] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.350402] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.350726] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.351040] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.351850] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.352561] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.352952] page dumped because: kasan: bad access detected [ 16.353310] [ 16.353484] Memory state around the buggy address: [ 16.353869] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.354396] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.354839] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.355164] ^ [ 16.355572] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.356072] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.356475] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.173557] ================================================================== [ 16.174268] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.175044] Write of size 1 at addr ffff888103a020eb by task kunit_try_catch/181 [ 16.175410] [ 16.175575] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.175690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.175777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.175817] Call Trace: [ 16.175844] <TASK> [ 16.175880] dump_stack_lvl+0x73/0xb0 [ 16.175947] print_report+0xd1/0x650 [ 16.175996] ? __virt_addr_valid+0x1db/0x2d0 [ 16.176044] ? krealloc_more_oob_helper+0x821/0x930 [ 16.176077] ? kasan_addr_to_slab+0x11/0xa0 [ 16.176118] ? krealloc_more_oob_helper+0x821/0x930 [ 16.176153] kasan_report+0x141/0x180 [ 16.176192] ? krealloc_more_oob_helper+0x821/0x930 [ 16.176237] __asan_report_store1_noabort+0x1b/0x30 [ 16.176280] krealloc_more_oob_helper+0x821/0x930 [ 16.176313] ? __schedule+0x10cc/0x2b30 [ 16.176362] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.176408] ? finish_task_switch.isra.0+0x153/0x700 [ 16.176462] ? __switch_to+0x5d9/0xf60 [ 16.176895] ? dequeue_task_fair+0x166/0x4e0 [ 16.177256] ? __schedule+0x10cc/0x2b30 [ 16.177328] ? __pfx_read_tsc+0x10/0x10 [ 16.177371] krealloc_large_more_oob+0x1c/0x30 [ 16.177408] kunit_try_run_case+0x1a5/0x480 [ 16.177450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.177484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.177522] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.177558] ? __kthread_parkme+0x82/0x180 [ 16.177593] ? preempt_count_sub+0x50/0x80 [ 16.177634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.177670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.177705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.177740] kthread+0x337/0x6f0 [ 16.177786] ? trace_preempt_on+0x20/0xc0 [ 16.177828] ? __pfx_kthread+0x10/0x10 [ 16.177858] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.177895] ? calculate_sigpending+0x7b/0xa0 [ 16.177938] ? __pfx_kthread+0x10/0x10 [ 16.177979] ret_from_fork+0x41/0x80 [ 16.178026] ? __pfx_kthread+0x10/0x10 [ 16.178068] ret_from_fork_asm+0x1a/0x30 [ 16.178258] </TASK> [ 16.178290] [ 16.194588] The buggy address belongs to the physical page: [ 16.195322] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.195828] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.196728] flags: 0x200000000000040(head|node=0|zone=2) [ 16.196983] page_type: f8(unknown) [ 16.197108] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.197715] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.199133] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.199861] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.200421] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.201064] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.201800] page dumped because: kasan: bad access detected [ 16.202070] [ 16.202759] Memory state around the buggy address: [ 16.203352] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.203980] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.204679] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.204867] ^ [ 16.205012] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.205217] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.205533] ================================================================== [ 15.886718] ================================================================== [ 15.887321] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 15.888026] Write of size 1 at addr ffff8881003570eb by task kunit_try_catch/177 [ 15.889034] [ 15.889174] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.889362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.889390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.889465] Call Trace: [ 15.889500] <TASK> [ 15.889552] dump_stack_lvl+0x73/0xb0 [ 15.889635] print_report+0xd1/0x650 [ 15.889691] ? __virt_addr_valid+0x1db/0x2d0 [ 15.889741] ? krealloc_more_oob_helper+0x821/0x930 [ 15.889800] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.889850] ? krealloc_more_oob_helper+0x821/0x930 [ 15.889900] kasan_report+0x141/0x180 [ 15.889953] ? krealloc_more_oob_helper+0x821/0x930 [ 15.890004] __asan_report_store1_noabort+0x1b/0x30 [ 15.890042] krealloc_more_oob_helper+0x821/0x930 [ 15.890076] ? trace_hardirqs_on+0x37/0xe0 [ 15.890125] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 15.890174] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.890210] ? __pfx_krealloc_more_oob+0x10/0x10 [ 15.890237] krealloc_more_oob+0x1c/0x30 [ 15.890257] kunit_try_run_case+0x1a5/0x480 [ 15.890287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.890311] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.890338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.890363] ? __kthread_parkme+0x82/0x180 [ 15.890388] ? preempt_count_sub+0x50/0x80 [ 15.890417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.890443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.890468] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.890493] kthread+0x337/0x6f0 [ 15.890513] ? trace_preempt_on+0x20/0xc0 [ 15.890537] ? __pfx_kthread+0x10/0x10 [ 15.890557] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.890581] ? calculate_sigpending+0x7b/0xa0 [ 15.890605] ? __pfx_kthread+0x10/0x10 [ 15.890626] ret_from_fork+0x41/0x80 [ 15.890651] ? __pfx_kthread+0x10/0x10 [ 15.890671] ret_from_fork_asm+0x1a/0x30 [ 15.890706] </TASK> [ 15.890722] [ 15.901448] Allocated by task 177: [ 15.901911] kasan_save_stack+0x45/0x70 [ 15.902353] kasan_save_track+0x18/0x40 [ 15.902706] kasan_save_alloc_info+0x3b/0x50 [ 15.903062] __kasan_krealloc+0x190/0x1f0 [ 15.903467] krealloc_noprof+0xf3/0x340 [ 15.903807] krealloc_more_oob_helper+0x1a9/0x930 [ 15.904142] krealloc_more_oob+0x1c/0x30 [ 15.904503] kunit_try_run_case+0x1a5/0x480 [ 15.904837] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.905280] kthread+0x337/0x6f0 [ 15.905619] ret_from_fork+0x41/0x80 [ 15.905823] ret_from_fork_asm+0x1a/0x30 [ 15.906243] [ 15.906437] The buggy address belongs to the object at ffff888100357000 [ 15.906437] which belongs to the cache kmalloc-256 of size 256 [ 15.907198] The buggy address is located 0 bytes to the right of [ 15.907198] allocated 235-byte region [ffff888100357000, ffff8881003570eb) [ 15.907869] [ 15.908032] The buggy address belongs to the physical page: [ 15.908540] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356 [ 15.908987] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.909517] flags: 0x200000000000040(head|node=0|zone=2) [ 15.909892] page_type: f5(slab) [ 15.910240] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.910647] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.911285] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.911688] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.912006] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff [ 15.912480] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.913098] page dumped because: kasan: bad access detected [ 15.913554] [ 15.913730] Memory state around the buggy address: [ 15.914172] ffff888100356f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.914701] ffff888100357000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.915247] >ffff888100357080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.915719] ^ [ 15.916220] ffff888100357100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.916705] ffff888100357180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.917097] ================================================================== [ 15.918838] ================================================================== [ 15.919372] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 15.921393] Write of size 1 at addr ffff8881003570f0 by task kunit_try_catch/177 [ 15.922064] [ 15.922376] CPU: 0 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.922513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.922541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.922587] Call Trace: [ 15.922629] <TASK> [ 15.922674] dump_stack_lvl+0x73/0xb0 [ 15.922771] print_report+0xd1/0x650 [ 15.922807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.922835] ? krealloc_more_oob_helper+0x7eb/0x930 [ 15.922858] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.922884] ? krealloc_more_oob_helper+0x7eb/0x930 [ 15.922907] kasan_report+0x141/0x180 [ 15.922932] ? krealloc_more_oob_helper+0x7eb/0x930 [ 15.922960] __asan_report_store1_noabort+0x1b/0x30 [ 15.922984] krealloc_more_oob_helper+0x7eb/0x930 [ 15.923005] ? trace_hardirqs_on+0x37/0xe0 [ 15.923032] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 15.923054] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.923087] ? __pfx_krealloc_more_oob+0x10/0x10 [ 15.923122] krealloc_more_oob+0x1c/0x30 [ 15.923171] kunit_try_run_case+0x1a5/0x480 [ 15.923202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.923252] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.923278] ? __kthread_parkme+0x82/0x180 [ 15.923303] ? preempt_count_sub+0x50/0x80 [ 15.923332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.923357] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.923406] kthread+0x337/0x6f0 [ 15.923425] ? trace_preempt_on+0x20/0xc0 [ 15.923450] ? __pfx_kthread+0x10/0x10 [ 15.923470] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.923493] ? calculate_sigpending+0x7b/0xa0 [ 15.923517] ? __pfx_kthread+0x10/0x10 [ 15.923537] ret_from_fork+0x41/0x80 [ 15.923562] ? __pfx_kthread+0x10/0x10 [ 15.923582] ret_from_fork_asm+0x1a/0x30 [ 15.923616] </TASK> [ 15.923642] [ 15.934881] Allocated by task 177: [ 15.936164] kasan_save_stack+0x45/0x70 [ 15.936593] kasan_save_track+0x18/0x40 [ 15.936802] kasan_save_alloc_info+0x3b/0x50 [ 15.937045] __kasan_krealloc+0x190/0x1f0 [ 15.937767] krealloc_noprof+0xf3/0x340 [ 15.938326] krealloc_more_oob_helper+0x1a9/0x930 [ 15.938593] krealloc_more_oob+0x1c/0x30 [ 15.938780] kunit_try_run_case+0x1a5/0x480 [ 15.938976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.939401] kthread+0x337/0x6f0 [ 15.939792] ret_from_fork+0x41/0x80 [ 15.939985] ret_from_fork_asm+0x1a/0x30 [ 15.940412] [ 15.940727] The buggy address belongs to the object at ffff888100357000 [ 15.940727] which belongs to the cache kmalloc-256 of size 256 [ 15.941817] The buggy address is located 5 bytes to the right of [ 15.941817] allocated 235-byte region [ffff888100357000, ffff8881003570eb) [ 15.942951] [ 15.943134] The buggy address belongs to the physical page: [ 15.943366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100356 [ 15.943931] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.944349] flags: 0x200000000000040(head|node=0|zone=2) [ 15.944730] page_type: f5(slab) [ 15.945049] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.945490] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.945922] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 15.946691] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.947479] head: 0200000000000001 ffffea000400d581 00000000ffffffff 00000000ffffffff [ 15.947832] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 15.948341] page dumped because: kasan: bad access detected [ 15.949012] [ 15.949220] Memory state around the buggy address: [ 15.949739] ffff888100356f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.950203] ffff888100357000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.950809] >ffff888100357080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 15.951612] ^ [ 15.952035] ffff888100357100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.952388] ffff888100357180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.952898] ================================================================== [ 16.207799] ================================================================== [ 16.208681] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 16.209533] Write of size 1 at addr ffff888103a020f0 by task kunit_try_catch/181 [ 16.209898] [ 16.210073] CPU: 1 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 16.210201] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.210231] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.210278] Call Trace: [ 16.210767] <TASK> [ 16.210836] dump_stack_lvl+0x73/0xb0 [ 16.210917] print_report+0xd1/0x650 [ 16.210947] ? __virt_addr_valid+0x1db/0x2d0 [ 16.210975] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.210997] ? kasan_addr_to_slab+0x11/0xa0 [ 16.211019] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.211041] kasan_report+0x141/0x180 [ 16.211065] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.211093] __asan_report_store1_noabort+0x1b/0x30 [ 16.211124] krealloc_more_oob_helper+0x7eb/0x930 [ 16.211175] ? __schedule+0x10cc/0x2b30 [ 16.211219] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.211254] ? finish_task_switch.isra.0+0x153/0x700 [ 16.211294] ? __switch_to+0x5d9/0xf60 [ 16.211329] ? dequeue_task_fair+0x166/0x4e0 [ 16.211358] ? __schedule+0x10cc/0x2b30 [ 16.211381] ? __pfx_read_tsc+0x10/0x10 [ 16.211407] krealloc_large_more_oob+0x1c/0x30 [ 16.211428] kunit_try_run_case+0x1a5/0x480 [ 16.211455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.211478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.211503] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.211528] ? __kthread_parkme+0x82/0x180 [ 16.211551] ? preempt_count_sub+0x50/0x80 [ 16.211577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.211601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.211638] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.211665] kthread+0x337/0x6f0 [ 16.211685] ? trace_preempt_on+0x20/0xc0 [ 16.211711] ? __pfx_kthread+0x10/0x10 [ 16.211731] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.211774] ? calculate_sigpending+0x7b/0xa0 [ 16.211801] ? __pfx_kthread+0x10/0x10 [ 16.211822] ret_from_fork+0x41/0x80 [ 16.211844] ? __pfx_kthread+0x10/0x10 [ 16.211864] ret_from_fork_asm+0x1a/0x30 [ 16.211899] </TASK> [ 16.211914] [ 16.226971] The buggy address belongs to the physical page: [ 16.228004] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 16.229446] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.230026] flags: 0x200000000000040(head|node=0|zone=2) [ 16.230452] page_type: f8(unknown) [ 16.230996] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.231470] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.232561] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.232964] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.233193] head: 0200000000000002 ffffea00040e8001 00000000ffffffff 00000000ffffffff [ 16.233593] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.234218] page dumped because: kasan: bad access detected [ 16.234768] [ 16.234916] Memory state around the buggy address: [ 16.235637] ffff888103a01f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.236419] ffff888103a02000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.237490] >ffff888103a02080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.237667] ^ [ 16.238196] ffff888103a02100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.238501] ffff888103a02180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.239077] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 15.851458] ================================================================== [ 15.852341] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 15.853117] Read of size 1 at addr ffff888103a00000 by task kunit_try_catch/175 [ 15.854342] [ 15.854535] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.854650] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.854677] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.854718] Call Trace: [ 15.854744] <TASK> [ 15.854796] dump_stack_lvl+0x73/0xb0 [ 15.854859] print_report+0xd1/0x650 [ 15.854904] ? __virt_addr_valid+0x1db/0x2d0 [ 15.854947] ? page_alloc_uaf+0x356/0x3d0 [ 15.854983] ? kasan_addr_to_slab+0x11/0xa0 [ 15.855062] ? page_alloc_uaf+0x356/0x3d0 [ 15.855103] kasan_report+0x141/0x180 [ 15.855149] ? page_alloc_uaf+0x356/0x3d0 [ 15.855471] __asan_report_load1_noabort+0x18/0x20 [ 15.855537] page_alloc_uaf+0x356/0x3d0 [ 15.855572] ? __pfx_page_alloc_uaf+0x10/0x10 [ 15.855604] ? __schedule+0x10cc/0x2b30 [ 15.855655] ? __pfx_read_tsc+0x10/0x10 [ 15.855689] ? ktime_get_ts64+0x86/0x230 [ 15.855733] kunit_try_run_case+0x1a5/0x480 [ 15.855792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.855827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.855868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.855945] ? __kthread_parkme+0x82/0x180 [ 15.855991] ? preempt_count_sub+0x50/0x80 [ 15.856022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.856049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.856075] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.856100] kthread+0x337/0x6f0 [ 15.856147] ? trace_preempt_on+0x20/0xc0 [ 15.856181] ? __pfx_kthread+0x10/0x10 [ 15.856217] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.856253] ? calculate_sigpending+0x7b/0xa0 [ 15.856294] ? __pfx_kthread+0x10/0x10 [ 15.856319] ret_from_fork+0x41/0x80 [ 15.856344] ? __pfx_kthread+0x10/0x10 [ 15.856364] ret_from_fork_asm+0x1a/0x30 [ 15.856399] </TASK> [ 15.856414] [ 15.870979] The buggy address belongs to the physical page: [ 15.871893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a00 [ 15.872581] flags: 0x200000000000000(node=0|zone=2) [ 15.873109] page_type: f0(buddy) [ 15.873452] raw: 0200000000000000 ffff88817fffb548 ffff88817fffb548 0000000000000000 [ 15.874164] raw: 0000000000000000 0000000000000009 00000000f0000000 0000000000000000 [ 15.874595] page dumped because: kasan: bad access detected [ 15.874983] [ 15.875101] Memory state around the buggy address: [ 15.875273] ffff8881039fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.876003] ffff8881039fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.876956] >ffff888103a00000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.877489] ^ [ 15.878246] ffff888103a00080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.878807] ffff888103a00100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.879037] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 15.809006] ================================================================== [ 15.810151] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 15.810970] Free of addr ffff8881025a4001 by task kunit_try_catch/171 [ 15.811700] [ 15.812008] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.812152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.812203] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.812254] Call Trace: [ 15.812290] <TASK> [ 15.812334] dump_stack_lvl+0x73/0xb0 [ 15.812416] print_report+0xd1/0x650 [ 15.812468] ? __virt_addr_valid+0x1db/0x2d0 [ 15.812525] ? kasan_addr_to_slab+0x11/0xa0 [ 15.812571] ? kfree+0x274/0x3f0 [ 15.812608] kasan_report_invalid_free+0x10a/0x130 [ 15.812654] ? kfree+0x274/0x3f0 [ 15.812698] ? kfree+0x274/0x3f0 [ 15.812735] __kasan_kfree_large+0x86/0xd0 [ 15.812798] free_large_kmalloc+0x4b/0x110 [ 15.812846] kfree+0x274/0x3f0 [ 15.812896] kmalloc_large_invalid_free+0x120/0x2b0 [ 15.812959] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 15.813027] ? __schedule+0x10cc/0x2b30 [ 15.813071] ? __pfx_read_tsc+0x10/0x10 [ 15.813106] ? ktime_get_ts64+0x86/0x230 [ 15.813159] kunit_try_run_case+0x1a5/0x480 [ 15.813203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813235] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.813273] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.813309] ? __kthread_parkme+0x82/0x180 [ 15.813347] ? preempt_count_sub+0x50/0x80 [ 15.813391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.813426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.813459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.813492] kthread+0x337/0x6f0 [ 15.813518] ? trace_preempt_on+0x20/0xc0 [ 15.813557] ? __pfx_kthread+0x10/0x10 [ 15.813587] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.813622] ? calculate_sigpending+0x7b/0xa0 [ 15.813656] ? __pfx_kthread+0x10/0x10 [ 15.813687] ret_from_fork+0x41/0x80 [ 15.813722] ? __pfx_kthread+0x10/0x10 [ 15.813771] ret_from_fork_asm+0x1a/0x30 [ 15.813825] </TASK> [ 15.813849] [ 15.828009] The buggy address belongs to the physical page: [ 15.828351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025a4 [ 15.829172] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.830517] flags: 0x200000000000040(head|node=0|zone=2) [ 15.830770] page_type: f8(unknown) [ 15.831150] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.831896] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.832845] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.833189] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.833591] head: 0200000000000002 ffffea0004096901 00000000ffffffff 00000000ffffffff [ 15.834042] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.834600] page dumped because: kasan: bad access detected [ 15.835515] [ 15.835802] Memory state around the buggy address: [ 15.836112] ffff8881025a3f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837261] ffff8881025a3f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.837589] >ffff8881025a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.838035] ^ [ 15.838336] ffff8881025a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.839081] ffff8881025a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.839847] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 15.780711] ================================================================== [ 15.781323] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 15.781846] Read of size 1 at addr ffff888102a80000 by task kunit_try_catch/169 [ 15.782667] [ 15.782939] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.783042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.783065] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.783105] Call Trace: [ 15.783127] <TASK> [ 15.783163] dump_stack_lvl+0x73/0xb0 [ 15.783208] print_report+0xd1/0x650 [ 15.783235] ? __virt_addr_valid+0x1db/0x2d0 [ 15.783260] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.783284] ? kasan_addr_to_slab+0x11/0xa0 [ 15.783308] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.783332] kasan_report+0x141/0x180 [ 15.783357] ? kmalloc_large_uaf+0x2f1/0x340 [ 15.783387] __asan_report_load1_noabort+0x18/0x20 [ 15.783410] kmalloc_large_uaf+0x2f1/0x340 [ 15.783433] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 15.783460] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 15.783489] kunit_try_run_case+0x1a5/0x480 [ 15.783517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.783567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.783592] ? __kthread_parkme+0x82/0x180 [ 15.783617] ? preempt_count_sub+0x50/0x80 [ 15.783664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.783691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.783741] kthread+0x337/0x6f0 [ 15.783789] ? trace_preempt_on+0x20/0xc0 [ 15.783836] ? __pfx_kthread+0x10/0x10 [ 15.783871] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.783908] ? calculate_sigpending+0x7b/0xa0 [ 15.783959] ? __pfx_kthread+0x10/0x10 [ 15.783994] ret_from_fork+0x41/0x80 [ 15.784055] ? __pfx_kthread+0x10/0x10 [ 15.784096] ret_from_fork_asm+0x1a/0x30 [ 15.784192] </TASK> [ 15.784227] [ 15.795369] The buggy address belongs to the physical page: [ 15.795914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a80 [ 15.796297] flags: 0x200000000000000(node=0|zone=2) [ 15.796588] raw: 0200000000000000 ffffea00040aa108 ffff88815b039a80 0000000000000000 [ 15.796915] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.797558] page dumped because: kasan: bad access detected [ 15.798018] [ 15.798263] Memory state around the buggy address: [ 15.798707] ffff888102a7ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.799278] ffff888102a7ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.799802] >ffff888102a80000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.800349] ^ [ 15.800690] ffff888102a80080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.801189] ffff888102a80100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.801593] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 15.743424] ================================================================== [ 15.743946] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 15.744553] Write of size 1 at addr ffff888102a8200a by task kunit_try_catch/167 [ 15.745087] [ 15.745302] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.745405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.745432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.745480] Call Trace: [ 15.745510] <TASK> [ 15.745547] dump_stack_lvl+0x73/0xb0 [ 15.745876] print_report+0xd1/0x650 [ 15.745929] ? __virt_addr_valid+0x1db/0x2d0 [ 15.745982] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.746034] ? kasan_addr_to_slab+0x11/0xa0 [ 15.746076] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.746120] kasan_report+0x141/0x180 [ 15.746163] ? kmalloc_large_oob_right+0x2e9/0x330 [ 15.746217] __asan_report_store1_noabort+0x1b/0x30 [ 15.746254] kmalloc_large_oob_right+0x2e9/0x330 [ 15.746294] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 15.746332] ? __schedule+0x10cc/0x2b30 [ 15.746368] ? __pfx_read_tsc+0x10/0x10 [ 15.746402] ? ktime_get_ts64+0x86/0x230 [ 15.746445] kunit_try_run_case+0x1a5/0x480 [ 15.746483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.746516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.746682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.746722] ? __kthread_parkme+0x82/0x180 [ 15.746776] ? preempt_count_sub+0x50/0x80 [ 15.746821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.746862] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.746905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.746946] kthread+0x337/0x6f0 [ 15.746976] ? trace_preempt_on+0x20/0xc0 [ 15.747017] ? __pfx_kthread+0x10/0x10 [ 15.747050] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.747092] ? calculate_sigpending+0x7b/0xa0 [ 15.747136] ? __pfx_kthread+0x10/0x10 [ 15.747170] ret_from_fork+0x41/0x80 [ 15.747209] ? __pfx_kthread+0x10/0x10 [ 15.747250] ret_from_fork_asm+0x1a/0x30 [ 15.747306] </TASK> [ 15.747328] [ 15.761740] The buggy address belongs to the physical page: [ 15.762543] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a80 [ 15.763455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.763989] flags: 0x200000000000040(head|node=0|zone=2) [ 15.764459] page_type: f8(unknown) [ 15.764806] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.765703] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.766295] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.766733] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.766981] head: 0200000000000002 ffffea00040aa001 00000000ffffffff 00000000ffffffff [ 15.767893] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.768797] page dumped because: kasan: bad access detected [ 15.769101] [ 15.769223] Memory state around the buggy address: [ 15.769712] ffff888102a81f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.770789] ffff888102a81f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.771210] >ffff888102a82000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.771674] ^ [ 15.771941] ffff888102a82080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.772268] ffff888102a82100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.772742] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 15.699655] ================================================================== [ 15.700323] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 15.701047] Write of size 1 at addr ffff8881039c1f00 by task kunit_try_catch/165 [ 15.701427] [ 15.701965] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.702554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.702573] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.702600] Call Trace: [ 15.702618] <TASK> [ 15.702643] dump_stack_lvl+0x73/0xb0 [ 15.702692] print_report+0xd1/0x650 [ 15.702718] ? __virt_addr_valid+0x1db/0x2d0 [ 15.702745] ? kmalloc_big_oob_right+0x316/0x370 [ 15.702796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.702820] ? kmalloc_big_oob_right+0x316/0x370 [ 15.702845] kasan_report+0x141/0x180 [ 15.702870] ? kmalloc_big_oob_right+0x316/0x370 [ 15.702899] __asan_report_store1_noabort+0x1b/0x30 [ 15.702922] kmalloc_big_oob_right+0x316/0x370 [ 15.702947] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 15.702974] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 15.703003] kunit_try_run_case+0x1a5/0x480 [ 15.703032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.703055] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.703081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.703110] ? __kthread_parkme+0x82/0x180 [ 15.703169] ? preempt_count_sub+0x50/0x80 [ 15.703199] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.703225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.703249] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.703272] kthread+0x337/0x6f0 [ 15.703291] ? trace_preempt_on+0x20/0xc0 [ 15.703318] ? __pfx_kthread+0x10/0x10 [ 15.703338] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.703360] ? calculate_sigpending+0x7b/0xa0 [ 15.703385] ? __pfx_kthread+0x10/0x10 [ 15.703405] ret_from_fork+0x41/0x80 [ 15.703430] ? __pfx_kthread+0x10/0x10 [ 15.703449] ret_from_fork_asm+0x1a/0x30 [ 15.703483] </TASK> [ 15.703498] [ 15.715517] Allocated by task 165: [ 15.715989] kasan_save_stack+0x45/0x70 [ 15.716519] kasan_save_track+0x18/0x40 [ 15.716912] kasan_save_alloc_info+0x3b/0x50 [ 15.717528] __kasan_kmalloc+0xb7/0xc0 [ 15.717951] __kmalloc_cache_noprof+0x189/0x420 [ 15.718490] kmalloc_big_oob_right+0xa9/0x370 [ 15.718804] kunit_try_run_case+0x1a5/0x480 [ 15.719011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.719250] kthread+0x337/0x6f0 [ 15.719398] ret_from_fork+0x41/0x80 [ 15.719558] ret_from_fork_asm+0x1a/0x30 [ 15.719746] [ 15.719870] The buggy address belongs to the object at ffff8881039c0000 [ 15.719870] which belongs to the cache kmalloc-8k of size 8192 [ 15.720274] The buggy address is located 0 bytes to the right of [ 15.720274] allocated 7936-byte region [ffff8881039c0000, ffff8881039c1f00) [ 15.720670] [ 15.721964] The buggy address belongs to the physical page: [ 15.722840] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039c0 [ 15.723991] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.724951] flags: 0x200000000000040(head|node=0|zone=2) [ 15.725799] page_type: f5(slab) [ 15.726408] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 15.727941] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.728979] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 15.730071] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 15.731395] head: 0200000000000003 ffffea00040e7001 00000000ffffffff 00000000ffffffff [ 15.732032] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.732397] page dumped because: kasan: bad access detected [ 15.732594] [ 15.732687] Memory state around the buggy address: [ 15.733569] ffff8881039c1e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.734525] ffff8881039c1e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.735022] >ffff8881039c1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.735561] ^ [ 15.735930] ffff8881039c1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736423] ffff8881039c2000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.736915] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 15.657813] ================================================================== [ 15.658292] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.658602] Write of size 1 at addr ffff888101de5478 by task kunit_try_catch/163 [ 15.658789] [ 15.658882] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.658946] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.658960] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.658984] Call Trace: [ 15.659002] <TASK> [ 15.659026] dump_stack_lvl+0x73/0xb0 [ 15.659060] print_report+0xd1/0x650 [ 15.659084] ? __virt_addr_valid+0x1db/0x2d0 [ 15.659114] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.659149] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.659187] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.659228] kasan_report+0x141/0x180 [ 15.659274] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.659331] __asan_report_store1_noabort+0x1b/0x30 [ 15.659378] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 15.659426] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 15.659848] ? __pfx_read_tsc+0x10/0x10 [ 15.659959] ? ktime_get_ts64+0x86/0x230 [ 15.660017] kunit_try_run_case+0x1a5/0x480 [ 15.660067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.660107] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.660198] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.660250] ? __kthread_parkme+0x82/0x180 [ 15.660303] ? preempt_count_sub+0x50/0x80 [ 15.660361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.660412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.660465] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.660515] kthread+0x337/0x6f0 [ 15.660555] ? trace_preempt_on+0x20/0xc0 [ 15.660612] ? __pfx_kthread+0x10/0x10 [ 15.660646] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.660681] ? calculate_sigpending+0x7b/0xa0 [ 15.660716] ? __pfx_kthread+0x10/0x10 [ 15.660745] ret_from_fork+0x41/0x80 [ 15.660794] ? __pfx_kthread+0x10/0x10 [ 15.660823] ret_from_fork_asm+0x1a/0x30 [ 15.660876] </TASK> [ 15.660900] [ 15.675675] Allocated by task 163: [ 15.676096] kasan_save_stack+0x45/0x70 [ 15.676509] kasan_save_track+0x18/0x40 [ 15.677818] kasan_save_alloc_info+0x3b/0x50 [ 15.678688] __kasan_kmalloc+0xb7/0xc0 [ 15.678958] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.679176] kmalloc_track_caller_oob_right+0x19a/0x520 [ 15.679594] kunit_try_run_case+0x1a5/0x480 [ 15.680172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.680936] kthread+0x337/0x6f0 [ 15.681275] ret_from_fork+0x41/0x80 [ 15.681596] ret_from_fork_asm+0x1a/0x30 [ 15.682045] [ 15.682900] The buggy address belongs to the object at ffff888101de5400 [ 15.682900] which belongs to the cache kmalloc-128 of size 128 [ 15.683575] The buggy address is located 0 bytes to the right of [ 15.683575] allocated 120-byte region [ffff888101de5400, ffff888101de5478) [ 15.684681] [ 15.684822] The buggy address belongs to the physical page: [ 15.685125] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 15.685956] flags: 0x200000000000000(node=0|zone=2) [ 15.686447] page_type: f5(slab) [ 15.687048] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.687494] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.688872] page dumped because: kasan: bad access detected [ 15.689386] [ 15.689466] Memory state around the buggy address: [ 15.689589] ffff888101de5300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.689739] ffff888101de5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.689907] >ffff888101de5400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.690049] ^ [ 15.690308] ffff888101de5480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.690950] ffff888101de5500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.691808] ================================================================== [ 15.620683] ================================================================== [ 15.621314] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.622288] Write of size 1 at addr ffff888101de5378 by task kunit_try_catch/163 [ 15.622803] [ 15.623054] CPU: 1 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.623577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.623617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.623674] Call Trace: [ 15.623703] <TASK> [ 15.623744] dump_stack_lvl+0x73/0xb0 [ 15.623837] print_report+0xd1/0x650 [ 15.623886] ? __virt_addr_valid+0x1db/0x2d0 [ 15.623939] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.623981] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.624029] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.624073] kasan_report+0x141/0x180 [ 15.624115] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.624162] __asan_report_store1_noabort+0x1b/0x30 [ 15.624216] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 15.624270] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 15.624327] ? __pfx_read_tsc+0x10/0x10 [ 15.624375] ? ktime_get_ts64+0x86/0x230 [ 15.624437] kunit_try_run_case+0x1a5/0x480 [ 15.624483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624519] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.624557] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.624589] ? __kthread_parkme+0x82/0x180 [ 15.624623] ? preempt_count_sub+0x50/0x80 [ 15.624668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.624706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.624731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.624779] kthread+0x337/0x6f0 [ 15.624801] ? trace_preempt_on+0x20/0xc0 [ 15.624829] ? __pfx_kthread+0x10/0x10 [ 15.624849] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.624871] ? calculate_sigpending+0x7b/0xa0 [ 15.624896] ? __pfx_kthread+0x10/0x10 [ 15.624916] ret_from_fork+0x41/0x80 [ 15.624939] ? __pfx_kthread+0x10/0x10 [ 15.624959] ret_from_fork_asm+0x1a/0x30 [ 15.624993] </TASK> [ 15.625009] [ 15.638971] Allocated by task 163: [ 15.639348] kasan_save_stack+0x45/0x70 [ 15.639831] kasan_save_track+0x18/0x40 [ 15.640404] kasan_save_alloc_info+0x3b/0x50 [ 15.640819] __kasan_kmalloc+0xb7/0xc0 [ 15.641476] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.642006] kmalloc_track_caller_oob_right+0x99/0x520 [ 15.642271] kunit_try_run_case+0x1a5/0x480 [ 15.642670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.643258] kthread+0x337/0x6f0 [ 15.643574] ret_from_fork+0x41/0x80 [ 15.644094] ret_from_fork_asm+0x1a/0x30 [ 15.644305] [ 15.644711] The buggy address belongs to the object at ffff888101de5300 [ 15.644711] which belongs to the cache kmalloc-128 of size 128 [ 15.646085] The buggy address is located 0 bytes to the right of [ 15.646085] allocated 120-byte region [ffff888101de5300, ffff888101de5378) [ 15.646966] [ 15.647775] The buggy address belongs to the physical page: [ 15.648140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101de5 [ 15.648873] flags: 0x200000000000000(node=0|zone=2) [ 15.649321] page_type: f5(slab) [ 15.649517] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.650415] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.650741] page dumped because: kasan: bad access detected [ 15.651200] [ 15.651384] Memory state around the buggy address: [ 15.651659] ffff888101de5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.652236] ffff888101de5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.653034] >ffff888101de5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.653573] ^ [ 15.653971] ffff888101de5380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.654717] ffff888101de5400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.655421] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.578046] ================================================================== [ 15.578634] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 15.579443] Read of size 1 at addr ffff888102a4f000 by task kunit_try_catch/161 [ 15.579784] [ 15.579964] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.580072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.580099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.580153] Call Trace: [ 15.580179] <TASK> [ 15.580215] dump_stack_lvl+0x73/0xb0 [ 15.580283] print_report+0xd1/0x650 [ 15.580330] ? __virt_addr_valid+0x1db/0x2d0 [ 15.580376] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.580420] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.580469] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.580515] kasan_report+0x141/0x180 [ 15.580557] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.580601] __asan_report_load1_noabort+0x18/0x20 [ 15.580639] kmalloc_node_oob_right+0x369/0x3c0 [ 15.580678] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 15.580717] ? __schedule+0x10cc/0x2b30 [ 15.580779] ? __pfx_read_tsc+0x10/0x10 [ 15.580822] ? ktime_get_ts64+0x86/0x230 [ 15.580881] kunit_try_run_case+0x1a5/0x480 [ 15.580936] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.580976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.581019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.581064] ? __kthread_parkme+0x82/0x180 [ 15.581106] ? preempt_count_sub+0x50/0x80 [ 15.581160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.581213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.581265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.581317] kthread+0x337/0x6f0 [ 15.581357] ? trace_preempt_on+0x20/0xc0 [ 15.581410] ? __pfx_kthread+0x10/0x10 [ 15.581453] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.581501] ? calculate_sigpending+0x7b/0xa0 [ 15.581554] ? __pfx_kthread+0x10/0x10 [ 15.581625] ret_from_fork+0x41/0x80 [ 15.581668] ? __pfx_kthread+0x10/0x10 [ 15.581704] ret_from_fork_asm+0x1a/0x30 [ 15.581765] </TASK> [ 15.581787] [ 15.594521] Allocated by task 161: [ 15.594935] kasan_save_stack+0x45/0x70 [ 15.595578] kasan_save_track+0x18/0x40 [ 15.595830] kasan_save_alloc_info+0x3b/0x50 [ 15.596049] __kasan_kmalloc+0xb7/0xc0 [ 15.596561] __kmalloc_cache_node_noprof+0x188/0x420 [ 15.597043] kmalloc_node_oob_right+0xab/0x3c0 [ 15.598105] kunit_try_run_case+0x1a5/0x480 [ 15.598601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.599288] kthread+0x337/0x6f0 [ 15.599545] ret_from_fork+0x41/0x80 [ 15.600050] ret_from_fork_asm+0x1a/0x30 [ 15.600295] [ 15.600693] The buggy address belongs to the object at ffff888102a4e000 [ 15.600693] which belongs to the cache kmalloc-4k of size 4096 [ 15.602111] The buggy address is located 0 bytes to the right of [ 15.602111] allocated 4096-byte region [ffff888102a4e000, ffff888102a4f000) [ 15.603204] [ 15.603382] The buggy address belongs to the physical page: [ 15.603887] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a48 [ 15.604565] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.604964] flags: 0x200000000000040(head|node=0|zone=2) [ 15.605614] page_type: f5(slab) [ 15.606048] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 15.606685] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.607383] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 15.607768] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 15.608654] head: 0200000000000003 ffffea00040a9201 00000000ffffffff 00000000ffffffff [ 15.608906] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 15.609475] page dumped because: kasan: bad access detected [ 15.609954] [ 15.610148] Memory state around the buggy address: [ 15.610440] ffff888102a4ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.610733] ffff888102a4ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.611675] >ffff888102a4f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.612413] ^ [ 15.612731] ffff888102a4f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613711] ffff888102a4f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.613953] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.531819] ================================================================== [ 15.532492] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 15.533161] Read of size 1 at addr ffff888101d9a39f by task kunit_try_catch/159 [ 15.534007] [ 15.534355] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.534465] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.534737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.534803] Call Trace: [ 15.534847] <TASK> [ 15.534892] dump_stack_lvl+0x73/0xb0 [ 15.534980] print_report+0xd1/0x650 [ 15.535054] ? __virt_addr_valid+0x1db/0x2d0 [ 15.535141] ? kmalloc_oob_left+0x361/0x3c0 [ 15.535207] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.535257] ? kmalloc_oob_left+0x361/0x3c0 [ 15.535452] kasan_report+0x141/0x180 [ 15.535523] ? kmalloc_oob_left+0x361/0x3c0 [ 15.535571] __asan_report_load1_noabort+0x18/0x20 [ 15.535605] kmalloc_oob_left+0x361/0x3c0 [ 15.535658] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 15.535694] ? __schedule+0x10cc/0x2b30 [ 15.535732] ? __pfx_read_tsc+0x10/0x10 [ 15.535781] ? ktime_get_ts64+0x86/0x230 [ 15.535826] kunit_try_run_case+0x1a5/0x480 [ 15.535866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.535898] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.535934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.535968] ? __kthread_parkme+0x82/0x180 [ 15.536002] ? preempt_count_sub+0x50/0x80 [ 15.536042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.536081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.536120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.536171] kthread+0x337/0x6f0 [ 15.536200] ? trace_preempt_on+0x20/0xc0 [ 15.536243] ? __pfx_kthread+0x10/0x10 [ 15.536274] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.536312] ? calculate_sigpending+0x7b/0xa0 [ 15.536342] ? __pfx_kthread+0x10/0x10 [ 15.536363] ret_from_fork+0x41/0x80 [ 15.536387] ? __pfx_kthread+0x10/0x10 [ 15.536406] ret_from_fork_asm+0x1a/0x30 [ 15.536441] </TASK> [ 15.536458] [ 15.549330] Allocated by task 1: [ 15.549575] kasan_save_stack+0x45/0x70 [ 15.549976] kasan_save_track+0x18/0x40 [ 15.550625] kasan_save_alloc_info+0x3b/0x50 [ 15.551085] __kasan_kmalloc+0xb7/0xc0 [ 15.551477] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.552151] kvasprintf+0xc5/0x150 [ 15.552505] __kthread_create_on_node+0x18b/0x3a0 [ 15.552982] kthread_create_on_node+0xab/0xe0 [ 15.553711] create_worker+0x3e5/0x7b0 [ 15.554321] alloc_unbound_pwq+0x8ea/0xdb0 [ 15.554546] apply_wqattrs_prepare+0x332/0xd20 [ 15.554946] apply_workqueue_attrs_locked+0x4d/0xa0 [ 15.555371] alloc_workqueue+0xcc7/0x1ad0 [ 15.556389] latency_fsnotify_init+0x1b/0x50 [ 15.556873] do_one_initcall+0xd8/0x370 [ 15.557142] kernel_init_freeable+0x420/0x6f0 [ 15.557808] kernel_init+0x23/0x1e0 [ 15.558424] ret_from_fork+0x41/0x80 [ 15.558643] ret_from_fork_asm+0x1a/0x30 [ 15.559034] [ 15.559210] The buggy address belongs to the object at ffff888101d9a380 [ 15.559210] which belongs to the cache kmalloc-16 of size 16 [ 15.559797] The buggy address is located 18 bytes to the right of [ 15.559797] allocated 13-byte region [ffff888101d9a380, ffff888101d9a38d) [ 15.561441] [ 15.561850] The buggy address belongs to the physical page: [ 15.562101] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101d9a [ 15.562937] flags: 0x200000000000000(node=0|zone=2) [ 15.563213] page_type: f5(slab) [ 15.563569] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.564667] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.565063] page dumped because: kasan: bad access detected [ 15.565493] [ 15.565825] Memory state around the buggy address: [ 15.566125] ffff888101d9a280: fa fb fc fc 00 03 fc fc 00 03 fc fc fa fb fc fc [ 15.567428] ffff888101d9a300: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 15.567941] >ffff888101d9a380: 00 05 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 15.568921] ^ [ 15.569169] ffff888101d9a400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.569566] ffff888101d9a480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.570442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.495443] ================================================================== [ 15.495813] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 15.496327] Read of size 1 at addr ffff888102b25c80 by task kunit_try_catch/157 [ 15.496894] [ 15.497206] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.497350] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.497377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.497421] Call Trace: [ 15.497463] <TASK> [ 15.497537] dump_stack_lvl+0x73/0xb0 [ 15.497634] print_report+0xd1/0x650 [ 15.497684] ? __virt_addr_valid+0x1db/0x2d0 [ 15.497734] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.497796] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.497848] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.497898] kasan_report+0x141/0x180 [ 15.497951] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.498010] __asan_report_load1_noabort+0x18/0x20 [ 15.498050] kmalloc_oob_right+0x68a/0x7f0 [ 15.498091] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.498148] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.498182] kunit_try_run_case+0x1a5/0x480 [ 15.498212] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498237] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.498264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.498290] ? __kthread_parkme+0x82/0x180 [ 15.498315] ? preempt_count_sub+0x50/0x80 [ 15.498343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.498369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.498393] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.498418] kthread+0x337/0x6f0 [ 15.498438] ? trace_preempt_on+0x20/0xc0 [ 15.498464] ? __pfx_kthread+0x10/0x10 [ 15.498484] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.498508] ? calculate_sigpending+0x7b/0xa0 [ 15.498533] ? __pfx_kthread+0x10/0x10 [ 15.498554] ret_from_fork+0x41/0x80 [ 15.498578] ? __pfx_kthread+0x10/0x10 [ 15.498598] ret_from_fork_asm+0x1a/0x30 [ 15.498634] </TASK> [ 15.498648] [ 15.510356] Allocated by task 157: [ 15.510707] kasan_save_stack+0x45/0x70 [ 15.511294] kasan_save_track+0x18/0x40 [ 15.511663] kasan_save_alloc_info+0x3b/0x50 [ 15.512156] __kasan_kmalloc+0xb7/0xc0 [ 15.512438] __kmalloc_cache_noprof+0x189/0x420 [ 15.512702] kmalloc_oob_right+0xa9/0x7f0 [ 15.513211] kunit_try_run_case+0x1a5/0x480 [ 15.513632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.514178] kthread+0x337/0x6f0 [ 15.514470] ret_from_fork+0x41/0x80 [ 15.514884] ret_from_fork_asm+0x1a/0x30 [ 15.515262] [ 15.515513] The buggy address belongs to the object at ffff888102b25c00 [ 15.515513] which belongs to the cache kmalloc-128 of size 128 [ 15.516403] The buggy address is located 13 bytes to the right of [ 15.516403] allocated 115-byte region [ffff888102b25c00, ffff888102b25c73) [ 15.517290] [ 15.517502] The buggy address belongs to the physical page: [ 15.517978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 15.518512] flags: 0x200000000000000(node=0|zone=2) [ 15.519044] page_type: f5(slab) [ 15.519483] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.520011] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.520622] page dumped because: kasan: bad access detected [ 15.520914] [ 15.521173] Memory state around the buggy address: [ 15.521574] ffff888102b25b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.521971] ffff888102b25c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.522665] >ffff888102b25c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.523074] ^ [ 15.523435] ffff888102b25d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.524060] ffff888102b25d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.524607] ================================================================== [ 15.460658] ================================================================== [ 15.462465] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 15.464239] Write of size 1 at addr ffff888102b25c78 by task kunit_try_catch/157 [ 15.465386] [ 15.466213] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.466399] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.466429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.466473] Call Trace: [ 15.466515] <TASK> [ 15.466556] dump_stack_lvl+0x73/0xb0 [ 15.466634] print_report+0xd1/0x650 [ 15.466682] ? __virt_addr_valid+0x1db/0x2d0 [ 15.466728] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.466784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.466832] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.466877] kasan_report+0x141/0x180 [ 15.466924] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.466973] __asan_report_store1_noabort+0x1b/0x30 [ 15.467008] kmalloc_oob_right+0x6bd/0x7f0 [ 15.467044] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.467089] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.467177] kunit_try_run_case+0x1a5/0x480 [ 15.467228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.467269] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.467313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.467356] ? __kthread_parkme+0x82/0x180 [ 15.467398] ? preempt_count_sub+0x50/0x80 [ 15.467444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.467484] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.467520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.467556] kthread+0x337/0x6f0 [ 15.467587] ? trace_preempt_on+0x20/0xc0 [ 15.467635] ? __pfx_kthread+0x10/0x10 [ 15.467669] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.467706] ? calculate_sigpending+0x7b/0xa0 [ 15.467744] ? __pfx_kthread+0x10/0x10 [ 15.467799] ret_from_fork+0x41/0x80 [ 15.467837] ? __pfx_kthread+0x10/0x10 [ 15.467870] ret_from_fork_asm+0x1a/0x30 [ 15.467929] </TASK> [ 15.467950] [ 15.479339] Allocated by task 157: [ 15.479885] kasan_save_stack+0x45/0x70 [ 15.480401] kasan_save_track+0x18/0x40 [ 15.480828] kasan_save_alloc_info+0x3b/0x50 [ 15.481245] __kasan_kmalloc+0xb7/0xc0 [ 15.481702] __kmalloc_cache_noprof+0x189/0x420 [ 15.482145] kmalloc_oob_right+0xa9/0x7f0 [ 15.482389] kunit_try_run_case+0x1a5/0x480 [ 15.482861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483385] kthread+0x337/0x6f0 [ 15.483579] ret_from_fork+0x41/0x80 [ 15.483794] ret_from_fork_asm+0x1a/0x30 [ 15.484379] [ 15.484571] The buggy address belongs to the object at ffff888102b25c00 [ 15.484571] which belongs to the cache kmalloc-128 of size 128 [ 15.485634] The buggy address is located 5 bytes to the right of [ 15.485634] allocated 115-byte region [ffff888102b25c00, ffff888102b25c73) [ 15.486369] [ 15.486508] The buggy address belongs to the physical page: [ 15.486934] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 15.487776] flags: 0x200000000000000(node=0|zone=2) [ 15.488294] page_type: f5(slab) [ 15.488619] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.489040] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.489391] page dumped because: kasan: bad access detected [ 15.489844] [ 15.490031] Memory state around the buggy address: [ 15.490455] ffff888102b25b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.490884] ffff888102b25b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.491426] >ffff888102b25c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.491820] ^ [ 15.492320] ffff888102b25c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.492612] ffff888102b25d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.493262] ================================================================== [ 15.417595] ================================================================== [ 15.419032] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 15.420075] Write of size 1 at addr ffff888102b25c73 by task kunit_try_catch/157 [ 15.420737] [ 15.422576] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 15.422993] Tainted: [N]=TEST [ 15.423038] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.423337] Call Trace: [ 15.423429] <TASK> [ 15.423614] dump_stack_lvl+0x73/0xb0 [ 15.423766] print_report+0xd1/0x650 [ 15.423807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.423836] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.423861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.423886] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.423911] kasan_report+0x141/0x180 [ 15.423936] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.423966] __asan_report_store1_noabort+0x1b/0x30 [ 15.423989] kmalloc_oob_right+0x6f0/0x7f0 [ 15.424015] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.424042] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.424072] kunit_try_run_case+0x1a5/0x480 [ 15.424101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424142] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.424171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.424197] ? __kthread_parkme+0x82/0x180 [ 15.424222] ? preempt_count_sub+0x50/0x80 [ 15.424253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.424279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.424305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.424330] kthread+0x337/0x6f0 [ 15.424349] ? trace_preempt_on+0x20/0xc0 [ 15.424377] ? __pfx_kthread+0x10/0x10 [ 15.424397] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.424421] ? calculate_sigpending+0x7b/0xa0 [ 15.424446] ? __pfx_kthread+0x10/0x10 [ 15.424467] ret_from_fork+0x41/0x80 [ 15.424492] ? __pfx_kthread+0x10/0x10 [ 15.424513] ret_from_fork_asm+0x1a/0x30 [ 15.424575] </TASK> [ 15.424657] [ 15.436738] Allocated by task 157: [ 15.437444] kasan_save_stack+0x45/0x70 [ 15.437820] kasan_save_track+0x18/0x40 [ 15.438227] kasan_save_alloc_info+0x3b/0x50 [ 15.438639] __kasan_kmalloc+0xb7/0xc0 [ 15.439002] __kmalloc_cache_noprof+0x189/0x420 [ 15.439443] kmalloc_oob_right+0xa9/0x7f0 [ 15.439813] kunit_try_run_case+0x1a5/0x480 [ 15.440081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440484] kthread+0x337/0x6f0 [ 15.440680] ret_from_fork+0x41/0x80 [ 15.440902] ret_from_fork_asm+0x1a/0x30 [ 15.441266] [ 15.441583] The buggy address belongs to the object at ffff888102b25c00 [ 15.441583] which belongs to the cache kmalloc-128 of size 128 [ 15.442788] The buggy address is located 0 bytes to the right of [ 15.442788] allocated 115-byte region [ffff888102b25c00, ffff888102b25c73) [ 15.443936] [ 15.444355] The buggy address belongs to the physical page: [ 15.445235] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b25 [ 15.446301] flags: 0x200000000000000(node=0|zone=2) [ 15.447327] page_type: f5(slab) [ 15.448395] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.448890] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.449571] page dumped because: kasan: bad access detected [ 15.449945] [ 15.450148] Memory state around the buggy address: [ 15.451339] ffff888102b25b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.451864] ffff888102b25b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.452547] >ffff888102b25c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.452947] ^ [ 15.453692] ffff888102b25c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.454596] ffff888102b25d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.454982] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 174.767848] WARNING: CPU: 0 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 174.769510] Modules linked in: [ 174.769807] CPU: 0 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 174.770807] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.771164] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.772397] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 174.772696] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.774089] RSP: 0000:ffff888107da7c78 EFLAGS: 00010286 [ 174.774618] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 174.775064] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9262397c [ 174.776062] RBP: ffff888107da7ca0 R08: 0000000000000000 R09: ffffed1020f599c0 [ 174.776764] R10: ffff888107acce07 R11: 0000000000000000 R12: ffffffff92623968 [ 174.777688] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107da7d38 [ 174.779265] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 174.780312] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.780735] CR2: ffffffffffffffff CR3: 00000000498ba000 CR4: 00000000000006f0 [ 174.781185] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 174.781993] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.782909] Call Trace: [ 174.783192] <TASK> [ 174.783704] drm_test_rect_calc_vscale+0x108/0x270 [ 174.784087] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 174.785060] ? __schedule+0x10cc/0x2b30 [ 174.785428] ? __pfx_read_tsc+0x10/0x10 [ 174.786139] ? ktime_get_ts64+0x86/0x230 [ 174.786868] kunit_try_run_case+0x1a5/0x480 [ 174.787253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.787719] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.788646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.789084] ? __kthread_parkme+0x82/0x180 [ 174.789707] ? preempt_count_sub+0x50/0x80 [ 174.790063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.791120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.791704] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.792144] kthread+0x337/0x6f0 [ 174.792339] ? trace_preempt_on+0x20/0xc0 [ 174.792926] ? __pfx_kthread+0x10/0x10 [ 174.793294] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.794301] ? calculate_sigpending+0x7b/0xa0 [ 174.794793] ? __pfx_kthread+0x10/0x10 [ 174.795085] ret_from_fork+0x41/0x80 [ 174.795776] ? __pfx_kthread+0x10/0x10 [ 174.796119] ret_from_fork_asm+0x1a/0x30 [ 174.797127] </TASK> [ 174.797367] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 174.804011] WARNING: CPU: 1 PID: 2743 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 174.805581] Modules linked in: [ 174.805844] CPU: 1 UID: 0 PID: 2743 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 174.806704] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.808075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.808752] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 174.809705] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.811642] RSP: 0000:ffff888107d37c78 EFLAGS: 00010286 [ 174.812382] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 174.812740] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff926239b4 [ 174.813163] RBP: ffff888107d37ca0 R08: 0000000000000000 R09: ffffed1020f7b400 [ 174.814402] R10: ffff888107bda007 R11: 0000000000000000 R12: ffffffff926239a0 [ 174.814737] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107d37d38 [ 174.815168] FS: 0000000000000000(0000) GS:ffff8881c6b93000(0000) knlGS:0000000000000000 [ 174.816535] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.816726] CR2: 00007ffff7ffe000 CR3: 00000000498ba000 CR4: 00000000000006f0 [ 174.817745] DR0: ffffffff94630884 DR1: ffffffff94630889 DR2: ffffffff9463088a [ 174.818272] DR3: ffffffff9463088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.818761] Call Trace: [ 174.818954] <TASK> [ 174.819233] drm_test_rect_calc_vscale+0x108/0x270 [ 174.820511] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 174.820833] ? __schedule+0x10cc/0x2b30 [ 174.821220] ? __pfx_read_tsc+0x10/0x10 [ 174.821996] ? ktime_get_ts64+0x86/0x230 [ 174.822350] kunit_try_run_case+0x1a5/0x480 [ 174.822760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.823042] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.823353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.824500] ? __kthread_parkme+0x82/0x180 [ 174.824750] ? preempt_count_sub+0x50/0x80 [ 174.825139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.825909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.826340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.827183] kthread+0x337/0x6f0 [ 174.828073] ? trace_preempt_on+0x20/0xc0 [ 174.828363] ? __pfx_kthread+0x10/0x10 [ 174.828977] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.829915] ? calculate_sigpending+0x7b/0xa0 [ 174.830340] ? __pfx_kthread+0x10/0x10 [ 174.830630] ret_from_fork+0x41/0x80 [ 174.830942] ? __pfx_kthread+0x10/0x10 [ 174.831994] ret_from_fork_asm+0x1a/0x30 [ 174.832503] </TASK> [ 174.832650] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 174.711580] WARNING: CPU: 0 PID: 2731 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 174.711957] Modules linked in: [ 174.712374] CPU: 0 UID: 0 PID: 2731 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 174.713395] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.713910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.714890] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 174.715545] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b 90 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.716437] RSP: 0000:ffff888107cb7c78 EFLAGS: 00010286 [ 174.716991] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 174.717787] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff926239b8 [ 174.718573] RBP: ffff888107cb7ca0 R08: 0000000000000000 R09: ffffed1020f59920 [ 174.719372] R10: ffff888107acc907 R11: 0000000000000000 R12: ffffffff926239a0 [ 174.719851] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107cb7d38 [ 174.721337] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 174.721782] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.722593] CR2: ffffffffffffffff CR3: 00000000498ba000 CR4: 00000000000006f0 [ 174.723734] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 174.724341] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.724580] Call Trace: [ 174.724737] <TASK> [ 174.724950] drm_test_rect_calc_hscale+0x108/0x270 [ 174.726518] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 174.726961] ? __schedule+0x10cc/0x2b30 [ 174.727677] ? __pfx_read_tsc+0x10/0x10 [ 174.728723] ? ktime_get_ts64+0x86/0x230 [ 174.729159] kunit_try_run_case+0x1a5/0x480 [ 174.729743] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.730019] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.730381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.730987] ? __kthread_parkme+0x82/0x180 [ 174.731642] ? preempt_count_sub+0x50/0x80 [ 174.732093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.733099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.733609] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.733886] kthread+0x337/0x6f0 [ 174.734182] ? trace_preempt_on+0x20/0xc0 [ 174.735409] ? __pfx_kthread+0x10/0x10 [ 174.735638] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.735868] ? calculate_sigpending+0x7b/0xa0 [ 174.736420] ? __pfx_kthread+0x10/0x10 [ 174.736813] ret_from_fork+0x41/0x80 [ 174.738096] ? __pfx_kthread+0x10/0x10 [ 174.738694] ret_from_fork_asm+0x1a/0x30 [ 174.739394] </TASK> [ 174.739651] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 174.673306] WARNING: CPU: 0 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 174.674075] Modules linked in: [ 174.674526] CPU: 0 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 174.676084] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 174.676549] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 174.677916] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 174.678368] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 9b 90 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 174.679645] RSP: 0000:ffff888107ba7c78 EFLAGS: 00010286 [ 174.680629] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 174.681840] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff92623980 [ 174.682375] RBP: ffff888107ba7ca0 R08: 0000000000000000 R09: ffffed1020f598e0 [ 174.682758] R10: ffff888107acc707 R11: 0000000000000000 R12: ffffffff92623968 [ 174.683314] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888107ba7d38 [ 174.684345] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 174.684850] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 174.686125] CR2: ffffffffffffffff CR3: 00000000498ba000 CR4: 00000000000006f0 [ 174.686596] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 174.687059] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 174.688606] Call Trace: [ 174.688812] <TASK> [ 174.689093] drm_test_rect_calc_hscale+0x108/0x270 [ 174.690147] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 174.690910] ? __schedule+0x10cc/0x2b30 [ 174.691899] ? __pfx_read_tsc+0x10/0x10 [ 174.692208] ? ktime_get_ts64+0x86/0x230 [ 174.693104] kunit_try_run_case+0x1a5/0x480 [ 174.694105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.694748] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 174.695077] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 174.695837] ? __kthread_parkme+0x82/0x180 [ 174.696656] ? preempt_count_sub+0x50/0x80 [ 174.696975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 174.697360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 174.698785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 174.699185] kthread+0x337/0x6f0 [ 174.699436] ? trace_preempt_on+0x20/0xc0 [ 174.699851] ? __pfx_kthread+0x10/0x10 [ 174.700115] ? _raw_spin_unlock_irq+0x47/0x80 [ 174.700512] ? calculate_sigpending+0x7b/0xa0 [ 174.701299] ? __pfx_kthread+0x10/0x10 [ 174.702179] ret_from_fork+0x41/0x80 [ 174.702833] ? __pfx_kthread+0x10/0x10 [ 174.703442] ret_from_fork_asm+0x1a/0x30 [ 174.703699] </TASK> [ 174.703887] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 173.204231] WARNING: CPU: 0 PID: 2527 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 173.205591] Modules linked in: [ 173.206006] CPU: 0 UID: 0 PID: 2527 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 173.207129] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 173.207884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 173.208784] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 173.209442] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 173.211396] RSP: 0000:ffff888107607b30 EFLAGS: 00010246 [ 173.211919] RAX: dffffc0000000000 RBX: ffff888107607c28 RCX: 0000000000000000 [ 173.212848] RDX: 1ffff11020ec0f8e RSI: ffff888107607c28 RDI: ffff888107607c70 [ 173.213424] RBP: ffff888107607b70 R08: ffff888107546000 R09: ffffffff925ca5a0 [ 173.213793] R10: 0000000000000003 R11: 00000000c5f97e4e R12: ffff888107546000 [ 173.214805] R13: ffff88810031fae8 R14: ffff888107607ba8 R15: 0000000000000000 [ 173.215341] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 173.215791] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.216777] CR2: ffffffffffffffff CR3: 00000000498ba000 CR4: 00000000000006f0 [ 173.217420] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 173.217726] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 173.218006] Call Trace: [ 173.219115] <TASK> [ 173.219504] ? add_dr+0xc1/0x1d0 [ 173.219876] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 173.220737] ? add_dr+0x148/0x1d0 [ 173.221068] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 173.222022] ? __drmm_add_action+0x1a4/0x280 [ 173.223162] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.223627] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.224498] ? __drmm_add_action_or_reset+0x22/0x50 [ 173.224913] ? __schedule+0x10cc/0x2b30 [ 173.225818] ? __pfx_read_tsc+0x10/0x10 [ 173.226106] ? ktime_get_ts64+0x86/0x230 [ 173.226316] kunit_try_run_case+0x1a5/0x480 [ 173.226732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.227015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 173.227395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 173.227872] ? __kthread_parkme+0x82/0x180 [ 173.228370] ? preempt_count_sub+0x50/0x80 [ 173.228734] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.229998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 173.230672] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 173.231347] kthread+0x337/0x6f0 [ 173.231680] ? trace_preempt_on+0x20/0xc0 [ 173.231963] ? __pfx_kthread+0x10/0x10 [ 173.232590] ? _raw_spin_unlock_irq+0x47/0x80 [ 173.232876] ? calculate_sigpending+0x7b/0xa0 [ 173.233420] ? __pfx_kthread+0x10/0x10 [ 173.233682] ret_from_fork+0x41/0x80 [ 173.234089] ? __pfx_kthread+0x10/0x10 [ 173.234736] ret_from_fork_asm+0x1a/0x30 [ 173.235111] </TASK> [ 173.235428] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 173.143218] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 173.143479] WARNING: CPU: 0 PID: 2523 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 173.145362] Modules linked in: [ 173.145754] CPU: 0 UID: 0 PID: 2523 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 173.146302] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 173.147004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 173.147908] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 173.148741] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 80 84 00 48 c7 c1 a0 55 5c 92 4c 89 fa 48 c7 c7 00 56 5c 92 48 89 c6 e8 12 d8 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 173.149946] RSP: 0000:ffff888104377b68 EFLAGS: 00010282 [ 173.150216] RAX: 0000000000000000 RBX: ffff888104377c40 RCX: 1ffffffff2664b3c [ 173.151234] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 173.151941] RBP: ffff888104377b90 R08: 0000000000000000 R09: fffffbfff2664b3c [ 173.152731] R10: 0000000000000003 R11: 0000000000037580 R12: ffff888104377c18 [ 173.153199] R13: ffff888106d64800 R14: ffff888107544000 R15: ffff888107002c80 [ 173.154059] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 173.154761] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 173.155291] CR2: ffffffffffffffff CR3: 00000000498ba000 CR4: 00000000000006f0 [ 173.156057] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 173.156549] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 173.157710] Call Trace: [ 173.157942] <TASK> [ 173.158567] drm_test_framebuffer_free+0x1ab/0x610 [ 173.159076] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 173.159614] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.159988] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 173.160589] ? __drmm_add_action_or_reset+0x22/0x50 [ 173.160960] ? __schedule+0x10cc/0x2b30 [ 173.161619] ? __pfx_read_tsc+0x10/0x10 [ 173.161966] ? ktime_get_ts64+0x86/0x230 [ 173.162936] kunit_try_run_case+0x1a5/0x480 [ 173.163736] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.163923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 173.164539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 173.164797] ? __kthread_parkme+0x82/0x180 [ 173.164931] ? preempt_count_sub+0x50/0x80 [ 173.165730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 173.166831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 173.167200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 173.168133] kthread+0x337/0x6f0 [ 173.168699] ? trace_preempt_on+0x20/0xc0 [ 173.168975] ? __pfx_kthread+0x10/0x10 [ 173.169364] ? _raw_spin_unlock_irq+0x47/0x80 [ 173.170769] ? calculate_sigpending+0x7b/0xa0 [ 173.171115] ? __pfx_kthread+0x10/0x10 [ 173.171592] ret_from_fork+0x41/0x80 [ 173.172618] ? __pfx_kthread+0x10/0x10 [ 173.172862] ret_from_fork_asm+0x1a/0x30 [ 173.173640] </TASK> [ 173.173866] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 170.589022] WARNING: CPU: 1 PID: 1961 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 170.590001] Modules linked in: [ 170.590832] CPU: 1 UID: 0 PID: 1961 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 170.591441] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 170.591983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 170.592508] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 170.593105] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 12 cf 21 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 00 cf 21 02 48 89 df e8 d8 [ 170.594262] RSP: 0000:ffff888105defc90 EFLAGS: 00010246 [ 170.594652] RAX: dffffc0000000000 RBX: ffff888106576000 RCX: 0000000000000000 [ 170.595151] RDX: 1ffff11020caec32 RSI: ffffffff8f7f15d8 RDI: ffff888106576190 [ 170.595582] RBP: ffff888105defca0 R08: 1ffff11020063f69 R09: ffffed1020bbdf65 [ 170.596305] R10: 0000000000000003 R11: ffffffff8ed80718 R12: 0000000000000000 [ 170.598070] R13: ffff888105defd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 170.598994] FS: 0000000000000000(0000) GS:ffff8881c6b93000(0000) knlGS:0000000000000000 [ 170.599568] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.599852] CR2: 00007ffff7ffe000 CR3: 00000000498ba000 CR4: 00000000000006f0 [ 170.600351] DR0: ffffffff94630884 DR1: ffffffff94630889 DR2: ffffffff9463088a [ 170.600800] DR3: ffffffff9463088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 170.601239] Call Trace: [ 170.601429] <TASK> [ 170.601588] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 170.602098] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 170.602512] ? __schedule+0x10cc/0x2b30 [ 170.603654] ? __pfx_read_tsc+0x10/0x10 [ 170.603903] ? ktime_get_ts64+0x86/0x230 [ 170.604479] kunit_try_run_case+0x1a5/0x480 [ 170.605816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 170.606140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 170.607356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 170.607678] ? __kthread_parkme+0x82/0x180 [ 170.607882] ? preempt_count_sub+0x50/0x80 [ 170.608730] ? __pfx_kunit_try_run_case+0x10/0x10 [ 170.609437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 170.609939] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 170.610946] kthread+0x337/0x6f0 [ 170.611279] ? trace_preempt_on+0x20/0xc0 [ 170.611483] ? __pfx_kthread+0x10/0x10 [ 170.611678] ? _raw_spin_unlock_irq+0x47/0x80 [ 170.612704] ? calculate_sigpending+0x7b/0xa0 [ 170.613090] ? __pfx_kthread+0x10/0x10 [ 170.613678] ret_from_fork+0x41/0x80 [ 170.614021] ? __pfx_kthread+0x10/0x10 [ 170.614796] ret_from_fork_asm+0x1a/0x30 [ 170.615088] </TASK> [ 170.615701] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 170.458592] WARNING: CPU: 1 PID: 1953 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 170.459679] Modules linked in: [ 170.459949] CPU: 1 UID: 0 PID: 1953 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 170.460358] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 170.461034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 170.461918] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 170.462554] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 12 cf 21 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 00 cf 21 02 48 89 df e8 d8 [ 170.463433] RSP: 0000:ffff888106437c90 EFLAGS: 00010246 [ 170.463998] RAX: dffffc0000000000 RBX: ffff8881065b4000 RCX: 0000000000000000 [ 170.464775] RDX: 1ffff11020cb6832 RSI: ffffffff8f7f15d8 RDI: ffff8881065b4190 [ 170.465418] RBP: ffff888106437ca0 R08: 1ffff11020063f69 R09: ffffed1020c86f65 [ 170.465870] R10: 0000000000000003 R11: ffffffff8ed80718 R12: 0000000000000000 [ 170.466398] R13: ffff888106437d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 170.466906] FS: 0000000000000000(0000) GS:ffff8881c6b93000(0000) knlGS:0000000000000000 [ 170.467493] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 170.467884] CR2: 00007ffff7ffe000 CR3: 00000000498ba000 CR4: 00000000000006f0 [ 170.468512] DR0: ffffffff94630884 DR1: ffffffff94630889 DR2: ffffffff9463088a [ 170.468881] DR3: ffffffff9463088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 170.469356] Call Trace: [ 170.469636] <TASK> [ 170.470184] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 170.470885] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 170.471675] ? __schedule+0x10cc/0x2b30 [ 170.472004] ? __pfx_read_tsc+0x10/0x10 [ 170.472500] ? ktime_get_ts64+0x86/0x230 [ 170.472877] kunit_try_run_case+0x1a5/0x480 [ 170.473368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 170.473807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 170.474158] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 170.474721] ? __kthread_parkme+0x82/0x180 [ 170.475137] ? preempt_count_sub+0x50/0x80 [ 170.475593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 170.475997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 170.476591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 170.477147] kthread+0x337/0x6f0 [ 170.477620] ? trace_preempt_on+0x20/0xc0 [ 170.477999] ? __pfx_kthread+0x10/0x10 [ 170.478510] ? _raw_spin_unlock_irq+0x47/0x80 [ 170.478798] ? calculate_sigpending+0x7b/0xa0 [ 170.479151] ? __pfx_kthread+0x10/0x10 [ 170.479347] ret_from_fork+0x41/0x80 [ 170.479571] ? __pfx_kthread+0x10/0x10 [ 170.479931] ret_from_fork_asm+0x1a/0x30 [ 170.480326] </TASK> [ 170.480580] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 132.156446] WARNING: CPU: 1 PID: 677 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 132.158180] Modules linked in: [ 132.158510] CPU: 1 UID: 0 PID: 677 Comm: kunit_try_catch Tainted: G B D W N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 132.160042] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 132.160550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 132.161755] RIP: 0010:intlog10+0x2a/0x40 [ 132.162034] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 132.163722] RSP: 0000:ffff888101c5fcb0 EFLAGS: 00010246 [ 132.164008] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff1102038bfb4 [ 132.164501] RDX: 1ffffffff2492510 RSI: 1ffff1102038bfb3 RDI: 0000000000000000 [ 132.165711] RBP: ffff888101c5fd60 R08: 0000000000000000 R09: ffffed10209dbd40 [ 132.166072] R10: ffff888104edea07 R11: 0000000000000000 R12: 1ffff1102038bf97 [ 132.166580] R13: ffffffff92492880 R14: 0000000000000000 R15: ffff888101c5fd38 [ 132.167267] FS: 0000000000000000(0000) GS:ffff8881c6b93000(0000) knlGS:0000000000000000 [ 132.168040] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.168465] CR2: dffffc0000000000 CR3: 00000000498ba000 CR4: 00000000000006f0 [ 132.169517] DR0: ffffffff94630884 DR1: ffffffff94630889 DR2: ffffffff9463088a [ 132.169853] DR3: ffffffff9463088b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 132.171001] Call Trace: [ 132.171251] <TASK> [ 132.171984] ? intlog10_test+0xf2/0x220 [ 132.172677] ? __pfx_intlog10_test+0x10/0x10 [ 132.173001] ? __pfx_intlog10_test+0x10/0x10 [ 132.173973] kunit_try_run_case+0x1a5/0x480 [ 132.174526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 132.175098] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 132.175497] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 132.175783] ? __kthread_parkme+0x82/0x180 [ 132.176047] ? preempt_count_sub+0x50/0x80 [ 132.177074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 132.177383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 132.177588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 132.178955] kthread+0x337/0x6f0 [ 132.179303] ? trace_preempt_on+0x20/0xc0 [ 132.179612] ? __pfx_kthread+0x10/0x10 [ 132.179880] ? _raw_spin_unlock_irq+0x47/0x80 [ 132.180228] ? calculate_sigpending+0x7b/0xa0 [ 132.181478] ? __pfx_kthread+0x10/0x10 [ 132.181719] ret_from_fork+0x41/0x80 [ 132.181932] ? __pfx_kthread+0x10/0x10 [ 132.182760] ret_from_fork_asm+0x1a/0x30 [ 132.183230] </TASK> [ 132.183723] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 132.077363] WARNING: CPU: 0 PID: 659 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 132.078951] Modules linked in: [ 132.080009] CPU: 0 UID: 0 PID: 659 Comm: kunit_try_catch Tainted: G B D N 6.15.1-rc1 #1 PREEMPT(voluntary) [ 132.080834] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 132.081157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 132.081929] RIP: 0010:intlog2+0xdf/0x110 [ 132.082482] Code: 49 92 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 52 1c 81 02 90 <0f> 0b 90 31 c0 e9 47 1c 81 02 89 45 e4 e8 2f d7 56 ff 8b 45 e4 eb [ 132.083757] RSP: 0000:ffff888104e4fcb0 EFLAGS: 00010246 [ 132.084160] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110209c9fb4 [ 132.084837] RDX: 1ffffffff2492564 RSI: 1ffff110209c9fb3 RDI: 0000000000000000 [ 132.085334] RBP: ffff888104e4fd60 R08: 0000000000000000 R09: ffffed102014ca40 [ 132.085998] R10: ffff888100a65207 R11: 0000000000000000 R12: 1ffff110209c9f97 [ 132.086669] R13: ffffffff92492b20 R14: 0000000000000000 R15: ffff888104e4fd38 [ 132.087125] FS: 0000000000000000(0000) GS:ffff8881c6a93000(0000) knlGS:0000000000000000 [ 132.087741] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 132.088223] CR2: ffff88815a80000a CR3: 00000000498ba000 CR4: 00000000000006f0 [ 132.088821] DR0: ffffffff94630880 DR1: ffffffff94630881 DR2: ffffffff94630883 [ 132.089306] DR3: ffffffff94630885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 132.089859] Call Trace: [ 132.090122] <TASK> [ 132.090646] ? intlog2_test+0xf2/0x220 [ 132.091093] ? __pfx_intlog2_test+0x10/0x10 [ 132.091702] ? __schedule+0x10cc/0x2b30 [ 132.092092] ? __pfx_read_tsc+0x10/0x10 [ 132.093095] ? ktime_get_ts64+0x86/0x230 [ 132.093609] kunit_try_run_case+0x1a5/0x480 [ 132.093933] ? __pfx_kunit_try_run_case+0x10/0x10 [ 132.094227] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 132.094811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 132.095093] ? __kthread_parkme+0x82/0x180 [ 132.095609] ? preempt_count_sub+0x50/0x80 [ 132.096020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 132.096464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 132.096948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 132.097719] kthread+0x337/0x6f0 [ 132.098073] ? trace_preempt_on+0x20/0xc0 [ 132.098645] ? __pfx_kthread+0x10/0x10 [ 132.098909] ? _raw_spin_unlock_irq+0x47/0x80 [ 132.099273] ? calculate_sigpending+0x7b/0xa0 [ 132.099997] ? __pfx_kthread+0x10/0x10 [ 132.100355] ret_from_fork+0x41/0x80 [ 132.100865] ? __pfx_kthread+0x10/0x10 [ 132.101103] ret_from_fork_asm+0x1a/0x30 [ 132.101808] </TASK> [ 132.102128] ---[ end trace 0000000000000000 ]---