Date
June 7, 2025, 10:40 a.m.
Failure - log-parser-boot - kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 15.749347] ================================================================== [ 15.750098] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 15.750292] Read of size 1 at addr ffff888103937d02 by task kunit_try_catch/269 [ 15.750586] [ 15.751111] CPU: 0 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.751198] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.751214] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.751240] Call Trace: [ 15.751259] <TASK> [ 15.751282] dump_stack_lvl+0x73/0xb0 [ 15.751323] print_report+0xd1/0x650 [ 15.751353] ? __virt_addr_valid+0x1db/0x2d0 [ 15.751376] ? kasan_stack_oob+0x2b5/0x300 [ 15.751418] ? kasan_addr_to_slab+0x11/0xa0 [ 15.751445] ? kasan_stack_oob+0x2b5/0x300 [ 15.751466] kasan_report+0x141/0x180 [ 15.751490] ? kasan_stack_oob+0x2b5/0x300 [ 15.751515] __asan_report_load1_noabort+0x18/0x20 [ 15.751536] kasan_stack_oob+0x2b5/0x300 [ 15.751585] ? __pfx_kasan_stack_oob+0x10/0x10 [ 15.751607] ? finish_task_switch.isra.0+0x153/0x700 [ 15.751709] ? __switch_to+0x5d9/0xf60 [ 15.751732] ? dequeue_task_fair+0x166/0x4e0 [ 15.751758] ? __schedule+0x10cc/0x2b30 [ 15.751781] ? __pfx_read_tsc+0x10/0x10 [ 15.751804] ? ktime_get_ts64+0x86/0x230 [ 15.751829] kunit_try_run_case+0x1a5/0x480 [ 15.751856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.751878] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.751902] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.751925] ? __kthread_parkme+0x82/0x180 [ 15.751947] ? preempt_count_sub+0x50/0x80 [ 15.751971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.751994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.752018] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.752041] kthread+0x337/0x6f0 [ 15.752059] ? trace_preempt_on+0x20/0xc0 [ 15.752083] ? __pfx_kthread+0x10/0x10 [ 15.752100] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.752121] ? calculate_sigpending+0x7b/0xa0 [ 15.752142] ? __pfx_kthread+0x10/0x10 [ 15.752161] ret_from_fork+0x41/0x80 [ 15.752181] ? __pfx_kthread+0x10/0x10 [ 15.752199] ret_from_fork_asm+0x1a/0x30 [ 15.752228] </TASK> [ 15.752241] [ 15.761743] The buggy address belongs to stack of task kunit_try_catch/269 [ 15.762214] and is located at offset 138 in frame: [ 15.762496] kasan_stack_oob+0x0/0x300 [ 15.762974] [ 15.763071] This frame has 4 objects: [ 15.763303] [48, 49) '__assertion' [ 15.763332] [64, 72) 'array' [ 15.763483] [96, 112) '__assertion' [ 15.763601] [128, 138) 'stack_array' [ 15.763815] [ 15.764104] The buggy address belongs to the physical page: [ 15.764338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103937 [ 15.765138] flags: 0x200000000000000(node=0|zone=2) [ 15.765349] raw: 0200000000000000 ffffea00040e4dc8 ffffea00040e4dc8 0000000000000000 [ 15.765521] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.766083] page dumped because: kasan: bad access detected [ 15.766265] [ 15.766335] Memory state around the buggy address: [ 15.766488] ffff888103937c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.767399] ffff888103937c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 15.767606] >ffff888103937d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.768012] ^ [ 15.768209] ffff888103937d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 15.768497] ffff888103937e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.769099] ==================================================================
Failure - log-parser-boot - oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
[ 121.855527] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 50.449276] ================================================================== [ 50.449769] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 50.449769] [ 50.450224] Use-after-free read at 0x(____ptrval____) (in kfence-#158): [ 50.451258] test_krealloc+0x6fc/0xbe0 [ 50.451895] kunit_try_run_case+0x1a5/0x480 [ 50.452111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.452566] kthread+0x337/0x6f0 [ 50.452831] ret_from_fork+0x41/0x80 [ 50.453038] ret_from_fork_asm+0x1a/0x30 [ 50.453385] [ 50.453631] kfence-#158: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 50.453631] [ 50.454321] allocated by task 357 on cpu 1 at 50.448260s (0.006054s ago): [ 50.454802] test_alloc+0x364/0x10f0 [ 50.455204] test_krealloc+0xad/0xbe0 [ 50.455579] kunit_try_run_case+0x1a5/0x480 [ 50.455938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.456339] kthread+0x337/0x6f0 [ 50.456688] ret_from_fork+0x41/0x80 [ 50.456885] ret_from_fork_asm+0x1a/0x30 [ 50.457081] [ 50.457196] freed by task 357 on cpu 1 at 50.448772s (0.008420s ago): [ 50.457828] krealloc_noprof+0x108/0x340 [ 50.458198] test_krealloc+0x226/0xbe0 [ 50.458587] kunit_try_run_case+0x1a5/0x480 [ 50.458997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.459451] kthread+0x337/0x6f0 [ 50.459822] ret_from_fork+0x41/0x80 [ 50.460208] ret_from_fork_asm+0x1a/0x30 [ 50.460530] [ 50.460830] CPU: 1 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 50.461512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.461738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.462357] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 50.365965] ================================================================== [ 50.366737] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.366737] [ 50.367208] Use-after-free read at 0x(____ptrval____) (in kfence-#157): [ 50.367479] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 50.367654] kunit_try_run_case+0x1a5/0x480 [ 50.367774] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.367902] kthread+0x337/0x6f0 [ 50.368111] ret_from_fork+0x41/0x80 [ 50.368406] ret_from_fork_asm+0x1a/0x30 [ 50.368728] [ 50.368877] kfence-#157: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 50.368877] [ 50.369082] allocated by task 355 on cpu 0 at 50.344192s (0.024887s ago): [ 50.369524] test_alloc+0x2a6/0x10f0 [ 50.369717] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 50.369961] kunit_try_run_case+0x1a5/0x480 [ 50.370074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.370238] kthread+0x337/0x6f0 [ 50.370433] ret_from_fork+0x41/0x80 [ 50.370687] ret_from_fork_asm+0x1a/0x30 [ 50.370965] [ 50.371061] freed by task 355 on cpu 0 at 50.344337s (0.026720s ago): [ 50.371242] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 50.371384] kunit_try_run_case+0x1a5/0x480 [ 50.371717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 50.372078] kthread+0x337/0x6f0 [ 50.372275] ret_from_fork+0x41/0x80 [ 50.372484] ret_from_fork_asm+0x1a/0x30 [ 50.372614] [ 50.372739] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 50.373329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 50.373439] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 50.373983] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 26.342234] ================================================================== [ 26.342834] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 26.342834] [ 26.343801] Invalid read at 0x(____ptrval____): [ 26.344412] test_invalid_access+0xf0/0x210 [ 26.344618] kunit_try_run_case+0x1a5/0x480 [ 26.345297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.345543] kthread+0x337/0x6f0 [ 26.345777] ret_from_fork+0x41/0x80 [ 26.346028] ret_from_fork_asm+0x1a/0x30 [ 26.346247] [ 26.346354] CPU: 0 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 26.346572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.346679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.346848] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 26.112632] ================================================================== [ 26.113153] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.113153] [ 26.113591] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#153): [ 26.114521] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.114994] kunit_try_run_case+0x1a5/0x480 [ 26.115198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.115719] kthread+0x337/0x6f0 [ 26.116022] ret_from_fork+0x41/0x80 [ 26.116281] ret_from_fork_asm+0x1a/0x30 [ 26.116587] [ 26.116708] kfence-#153: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 26.116708] [ 26.117464] allocated by task 345 on cpu 1 at 26.112241s (0.005216s ago): [ 26.117916] test_alloc+0x364/0x10f0 [ 26.118288] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 26.118517] kunit_try_run_case+0x1a5/0x480 [ 26.119047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.119370] kthread+0x337/0x6f0 [ 26.119554] ret_from_fork+0x41/0x80 [ 26.119758] ret_from_fork_asm+0x1a/0x30 [ 26.119959] [ 26.120096] freed by task 345 on cpu 1 at 26.112450s (0.007640s ago): [ 26.120648] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 26.121059] kunit_try_run_case+0x1a5/0x480 [ 26.121406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.122000] kthread+0x337/0x6f0 [ 26.122313] ret_from_fork+0x41/0x80 [ 26.122688] ret_from_fork_asm+0x1a/0x30 [ 26.122970] [ 26.123163] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 26.123597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.123919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.124667] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 25.904473] ================================================================== [ 25.904919] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.904919] [ 25.905242] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#151): [ 25.905616] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 25.905996] kunit_try_run_case+0x1a5/0x480 [ 25.906166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.906595] kthread+0x337/0x6f0 [ 25.906858] ret_from_fork+0x41/0x80 [ 25.907188] ret_from_fork_asm+0x1a/0x30 [ 25.907414] [ 25.907530] kfence-#151: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 25.907530] [ 25.907940] allocated by task 343 on cpu 0 at 25.904167s (0.003768s ago): [ 25.908584] test_alloc+0x364/0x10f0 [ 25.908915] test_kmalloc_aligned_oob_read+0x105/0x560 [ 25.909185] kunit_try_run_case+0x1a5/0x480 [ 25.909490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.909957] kthread+0x337/0x6f0 [ 25.910115] ret_from_fork+0x41/0x80 [ 25.910370] ret_from_fork_asm+0x1a/0x30 [ 25.910570] [ 25.910732] CPU: 0 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 25.911600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.911906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.912301] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-memory-corruption-in-test_corruption
[ 21.848436] ================================================================== [ 21.848894] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 21.848894] [ 21.849148] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#112): [ 21.849638] test_corruption+0x216/0x3e0 [ 21.849953] kunit_try_run_case+0x1a5/0x480 [ 21.850162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.850536] kthread+0x337/0x6f0 [ 21.850758] ret_from_fork+0x41/0x80 [ 21.850933] ret_from_fork_asm+0x1a/0x30 [ 21.851249] [ 21.851416] kfence-#112: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.851416] [ 21.851959] allocated by task 333 on cpu 0 at 21.848227s (0.003727s ago): [ 21.852242] test_alloc+0x2a6/0x10f0 [ 21.852422] test_corruption+0x1cb/0x3e0 [ 21.852741] kunit_try_run_case+0x1a5/0x480 [ 21.853058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.853441] kthread+0x337/0x6f0 [ 21.853770] ret_from_fork+0x41/0x80 [ 21.854066] ret_from_fork_asm+0x1a/0x30 [ 21.854258] [ 21.854373] freed by task 333 on cpu 0 at 21.848314s (0.006055s ago): [ 21.854886] test_corruption+0x216/0x3e0 [ 21.855213] kunit_try_run_case+0x1a5/0x480 [ 21.855421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.855649] kthread+0x337/0x6f0 [ 21.855813] ret_from_fork+0x41/0x80 [ 21.856004] ret_from_fork_asm+0x1a/0x30 [ 21.856306] [ 21.856584] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 21.857377] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.857669] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.857999] ================================================================== [ 21.432654] ================================================================== [ 21.433055] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 21.433055] [ 21.433291] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#108): [ 21.433848] test_corruption+0x2df/0x3e0 [ 21.434162] kunit_try_run_case+0x1a5/0x480 [ 21.434498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.434701] kthread+0x337/0x6f0 [ 21.434863] ret_from_fork+0x41/0x80 [ 21.435165] ret_from_fork_asm+0x1a/0x30 [ 21.435450] [ 21.435620] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 21.435620] [ 21.436044] allocated by task 331 on cpu 1 at 21.432239s (0.003800s ago): [ 21.436466] test_alloc+0x364/0x10f0 [ 21.436686] test_corruption+0x1cb/0x3e0 [ 21.436859] kunit_try_run_case+0x1a5/0x480 [ 21.437047] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.437450] kthread+0x337/0x6f0 [ 21.437711] ret_from_fork+0x41/0x80 [ 21.438009] ret_from_fork_asm+0x1a/0x30 [ 21.438307] [ 21.438426] freed by task 331 on cpu 1 at 21.432387s (0.006034s ago): [ 21.438692] test_corruption+0x2df/0x3e0 [ 21.438995] kunit_try_run_case+0x1a5/0x480 [ 21.439337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.439749] kthread+0x337/0x6f0 [ 21.439946] ret_from_fork+0x41/0x80 [ 21.440113] ret_from_fork_asm+0x1a/0x30 [ 21.440287] [ 21.440444] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 21.441136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.441525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.442318] ================================================================== [ 21.744430] ================================================================== [ 21.744940] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 21.744940] [ 21.745220] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#111): [ 21.746185] test_corruption+0x131/0x3e0 [ 21.746531] kunit_try_run_case+0x1a5/0x480 [ 21.746724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.746941] kthread+0x337/0x6f0 [ 21.747212] ret_from_fork+0x41/0x80 [ 21.747497] ret_from_fork_asm+0x1a/0x30 [ 21.747837] [ 21.747951] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 21.747951] [ 21.748480] allocated by task 333 on cpu 0 at 21.744212s (0.004262s ago): [ 21.748823] test_alloc+0x2a6/0x10f0 [ 21.749114] test_corruption+0xe6/0x3e0 [ 21.749405] kunit_try_run_case+0x1a5/0x480 [ 21.749700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.749983] kthread+0x337/0x6f0 [ 21.750178] ret_from_fork+0x41/0x80 [ 21.750366] ret_from_fork_asm+0x1a/0x30 [ 21.750546] [ 21.750665] freed by task 333 on cpu 0 at 21.744302s (0.006358s ago): [ 21.751113] test_corruption+0x131/0x3e0 [ 21.751448] kunit_try_run_case+0x1a5/0x480 [ 21.751815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.752029] kthread+0x337/0x6f0 [ 21.752272] ret_from_fork+0x41/0x80 [ 21.752550] ret_from_fork_asm+0x1a/0x30 [ 21.752971] [ 21.753172] CPU: 0 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 21.753768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.754144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.754488] ================================================================== [ 21.224604] ================================================================== [ 21.225061] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 21.225061] [ 21.225321] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#106): [ 21.226517] test_corruption+0x2d2/0x3e0 [ 21.226756] kunit_try_run_case+0x1a5/0x480 [ 21.226950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.227334] kthread+0x337/0x6f0 [ 21.227606] ret_from_fork+0x41/0x80 [ 21.227834] ret_from_fork_asm+0x1a/0x30 [ 21.228018] [ 21.228126] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 21.228126] [ 21.228881] allocated by task 331 on cpu 1 at 21.224206s (0.004670s ago): [ 21.229225] test_alloc+0x364/0x10f0 [ 21.229404] test_corruption+0xe6/0x3e0 [ 21.229692] kunit_try_run_case+0x1a5/0x480 [ 21.230107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.230473] kthread+0x337/0x6f0 [ 21.230703] ret_from_fork+0x41/0x80 [ 21.230899] ret_from_fork_asm+0x1a/0x30 [ 21.231087] [ 21.231251] freed by task 331 on cpu 1 at 21.224362s (0.006884s ago): [ 21.231744] test_corruption+0x2d2/0x3e0 [ 21.232032] kunit_try_run_case+0x1a5/0x480 [ 21.232268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.232610] kthread+0x337/0x6f0 [ 21.232815] ret_from_fork+0x41/0x80 [ 21.232976] ret_from_fork_asm+0x1a/0x30 [ 21.233148] [ 21.233306] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 21.233783] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.234088] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.234719] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 20.600420] ================================================================== [ 20.601016] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 20.601016] [ 20.601294] Invalid free of 0x(____ptrval____) (in kfence-#100): [ 20.601691] test_invalid_addr_free+0x1e1/0x260 [ 20.602216] kunit_try_run_case+0x1a5/0x480 [ 20.602435] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.602627] kthread+0x337/0x6f0 [ 20.602792] ret_from_fork+0x41/0x80 [ 20.602964] ret_from_fork_asm+0x1a/0x30 [ 20.603283] [ 20.603615] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.603615] [ 20.604017] allocated by task 327 on cpu 1 at 20.600204s (0.003810s ago): [ 20.604237] test_alloc+0x364/0x10f0 [ 20.604380] test_invalid_addr_free+0xdb/0x260 [ 20.604528] kunit_try_run_case+0x1a5/0x480 [ 20.604796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.605058] kthread+0x337/0x6f0 [ 20.605184] ret_from_fork+0x41/0x80 [ 20.605324] ret_from_fork_asm+0x1a/0x30 [ 20.605466] [ 20.605591] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 20.607264] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.607475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.607790] ================================================================== [ 20.704431] ================================================================== [ 20.704883] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 20.704883] [ 20.705147] Invalid free of 0x(____ptrval____) (in kfence-#101): [ 20.705468] test_invalid_addr_free+0xfb/0x260 [ 20.705800] kunit_try_run_case+0x1a5/0x480 [ 20.706141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.706317] kthread+0x337/0x6f0 [ 20.706612] ret_from_fork+0x41/0x80 [ 20.707005] ret_from_fork_asm+0x1a/0x30 [ 20.707281] [ 20.707402] kfence-#101: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.707402] [ 20.708054] allocated by task 329 on cpu 0 at 20.704251s (0.003797s ago): [ 20.708618] test_alloc+0x2a6/0x10f0 [ 20.708832] test_invalid_addr_free+0xdb/0x260 [ 20.709098] kunit_try_run_case+0x1a5/0x480 [ 20.709304] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.709528] kthread+0x337/0x6f0 [ 20.709804] ret_from_fork+0x41/0x80 [ 20.710124] ret_from_fork_asm+0x1a/0x30 [ 20.710443] [ 20.710678] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 20.711376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.711565] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.712235] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-invalid-free-in-test_double_free
[ 20.496500] ================================================================== [ 20.496975] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 20.496975] [ 20.497244] Invalid free of 0x(____ptrval____) (in kfence-#99): [ 20.497733] test_double_free+0x112/0x260 [ 20.498144] kunit_try_run_case+0x1a5/0x480 [ 20.498318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.498541] kthread+0x337/0x6f0 [ 20.498872] ret_from_fork+0x41/0x80 [ 20.499247] ret_from_fork_asm+0x1a/0x30 [ 20.499612] [ 20.499819] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.499819] [ 20.500390] allocated by task 325 on cpu 0 at 20.496211s (0.004173s ago): [ 20.500820] test_alloc+0x2a6/0x10f0 [ 20.501060] test_double_free+0xdb/0x260 [ 20.501254] kunit_try_run_case+0x1a5/0x480 [ 20.501570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.502131] kthread+0x337/0x6f0 [ 20.502449] ret_from_fork+0x41/0x80 [ 20.502806] ret_from_fork_asm+0x1a/0x30 [ 20.503068] [ 20.503285] freed by task 325 on cpu 0 at 20.496303s (0.006977s ago): [ 20.503881] test_double_free+0xfa/0x260 [ 20.504220] kunit_try_run_case+0x1a5/0x480 [ 20.504586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.504824] kthread+0x337/0x6f0 [ 20.504996] ret_from_fork+0x41/0x80 [ 20.505360] ret_from_fork_asm+0x1a/0x30 [ 20.505802] [ 20.506122] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 20.506966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.507177] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.507615] ================================================================== [ 20.392512] ================================================================== [ 20.392909] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 20.392909] [ 20.393251] Invalid free of 0x(____ptrval____) (in kfence-#98): [ 20.393404] test_double_free+0x1d3/0x260 [ 20.393648] kunit_try_run_case+0x1a5/0x480 [ 20.393942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.394240] kthread+0x337/0x6f0 [ 20.394348] ret_from_fork+0x41/0x80 [ 20.394469] ret_from_fork_asm+0x1a/0x30 [ 20.394580] [ 20.394643] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 20.394643] [ 20.395102] allocated by task 323 on cpu 0 at 20.392113s (0.002987s ago): [ 20.395266] test_alloc+0x364/0x10f0 [ 20.395612] test_double_free+0xdb/0x260 [ 20.395757] kunit_try_run_case+0x1a5/0x480 [ 20.395930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.396150] kthread+0x337/0x6f0 [ 20.396236] ret_from_fork+0x41/0x80 [ 20.396326] ret_from_fork_asm+0x1a/0x30 [ 20.396420] [ 20.396538] freed by task 323 on cpu 0 at 20.392207s (0.004328s ago): [ 20.396921] test_double_free+0x1e0/0x260 [ 20.397154] kunit_try_run_case+0x1a5/0x480 [ 20.397361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.397491] kthread+0x337/0x6f0 [ 20.397587] ret_from_fork+0x41/0x80 [ 20.397682] ret_from_fork_asm+0x1a/0x30 [ 20.397888] [ 20.398119] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 20.398547] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.398807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.399017] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 19.976403] ================================================================== [ 19.976999] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 19.976999] [ 19.977410] Use-after-free read at 0x(____ptrval____) (in kfence-#94): [ 19.977744] test_use_after_free_read+0x129/0x270 [ 19.977882] kunit_try_run_case+0x1a5/0x480 [ 19.977992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.978289] kthread+0x337/0x6f0 [ 19.978501] ret_from_fork+0x41/0x80 [ 19.978766] ret_from_fork_asm+0x1a/0x30 [ 19.979059] [ 19.979329] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.979329] [ 19.979581] allocated by task 315 on cpu 1 at 19.976143s (0.003435s ago): [ 19.980183] test_alloc+0x364/0x10f0 [ 19.980438] test_use_after_free_read+0xdc/0x270 [ 19.980809] kunit_try_run_case+0x1a5/0x480 [ 19.980949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.981067] kthread+0x337/0x6f0 [ 19.981294] ret_from_fork+0x41/0x80 [ 19.981533] ret_from_fork_asm+0x1a/0x30 [ 19.981951] [ 19.982310] freed by task 315 on cpu 1 at 19.976230s (0.005885s ago): [ 19.982670] test_use_after_free_read+0x1e7/0x270 [ 19.982938] kunit_try_run_case+0x1a5/0x480 [ 19.983170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.983424] kthread+0x337/0x6f0 [ 19.983654] ret_from_fork+0x41/0x80 [ 19.983864] ret_from_fork_asm+0x1a/0x30 [ 19.984002] [ 19.984531] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 19.984871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.985107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.985361] ================================================================== [ 20.080285] ================================================================== [ 20.080651] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 20.080651] [ 20.081051] Use-after-free read at 0x(____ptrval____) (in kfence-#95): [ 20.081182] test_use_after_free_read+0x129/0x270 [ 20.081371] kunit_try_run_case+0x1a5/0x480 [ 20.082112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.082413] kthread+0x337/0x6f0 [ 20.082547] ret_from_fork+0x41/0x80 [ 20.082774] ret_from_fork_asm+0x1a/0x30 [ 20.082946] [ 20.083424] kfence-#95: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 20.083424] [ 20.083659] allocated by task 317 on cpu 0 at 20.080116s (0.003540s ago): [ 20.084174] test_alloc+0x2a6/0x10f0 [ 20.084312] test_use_after_free_read+0xdc/0x270 [ 20.084500] kunit_try_run_case+0x1a5/0x480 [ 20.084671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.085109] kthread+0x337/0x6f0 [ 20.085251] ret_from_fork+0x41/0x80 [ 20.085462] ret_from_fork_asm+0x1a/0x30 [ 20.085729] [ 20.085826] freed by task 317 on cpu 0 at 20.080189s (0.005634s ago): [ 20.086255] test_use_after_free_read+0xfb/0x270 [ 20.086489] kunit_try_run_case+0x1a5/0x480 [ 20.086736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.086940] kthread+0x337/0x6f0 [ 20.087089] ret_from_fork+0x41/0x80 [ 20.087225] ret_from_fork_asm+0x1a/0x30 [ 20.087390] [ 20.087503] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 20.088275] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.088444] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.088680] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 19.872259] ================================================================== [ 19.872645] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.872645] [ 19.872895] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#93): [ 19.873274] test_out_of_bounds_write+0x10d/0x260 [ 19.873528] kunit_try_run_case+0x1a5/0x480 [ 19.873722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.873836] kthread+0x337/0x6f0 [ 19.873921] ret_from_fork+0x41/0x80 [ 19.874014] ret_from_fork_asm+0x1a/0x30 [ 19.874103] [ 19.874159] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.874159] [ 19.874441] allocated by task 313 on cpu 0 at 19.872184s (0.002254s ago): [ 19.874697] test_alloc+0x2a6/0x10f0 [ 19.874878] test_out_of_bounds_write+0xd4/0x260 [ 19.874984] kunit_try_run_case+0x1a5/0x480 [ 19.875209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.875525] kthread+0x337/0x6f0 [ 19.875778] ret_from_fork+0x41/0x80 [ 19.875909] ret_from_fork_asm+0x1a/0x30 [ 19.876124] [ 19.876215] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 19.876423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.876516] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.876785] ================================================================== [ 19.352340] ================================================================== [ 19.352716] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 19.352716] [ 19.352967] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#88): [ 19.353117] test_out_of_bounds_write+0x10d/0x260 [ 19.353397] kunit_try_run_case+0x1a5/0x480 [ 19.353654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.353986] kthread+0x337/0x6f0 [ 19.354185] ret_from_fork+0x41/0x80 [ 19.354312] ret_from_fork_asm+0x1a/0x30 [ 19.354525] [ 19.354621] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 19.354621] [ 19.354922] allocated by task 311 on cpu 1 at 19.352178s (0.002741s ago): [ 19.355089] test_alloc+0x364/0x10f0 [ 19.355201] test_out_of_bounds_write+0xd4/0x260 [ 19.355458] kunit_try_run_case+0x1a5/0x480 [ 19.355695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.355972] kthread+0x337/0x6f0 [ 19.356176] ret_from_fork+0x41/0x80 [ 19.356397] ret_from_fork_asm+0x1a/0x30 [ 19.356659] [ 19.356769] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 19.357052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.357144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.357331] ==================================================================
Failure - log-parser-boot - kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 18.625713] ================================================================== [ 18.626160] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.626160] [ 18.626451] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#81): [ 18.627008] test_out_of_bounds_read+0x126/0x4e0 [ 18.627305] kunit_try_run_case+0x1a5/0x480 [ 18.627538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.627681] kthread+0x337/0x6f0 [ 18.627917] ret_from_fork+0x41/0x80 [ 18.628124] ret_from_fork_asm+0x1a/0x30 [ 18.628323] [ 18.628531] kfence-#81: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.628531] [ 18.629466] allocated by task 307 on cpu 0 at 18.624168s (0.005229s ago): [ 18.630065] test_alloc+0x364/0x10f0 [ 18.630200] test_out_of_bounds_read+0xed/0x4e0 [ 18.630449] kunit_try_run_case+0x1a5/0x480 [ 18.630588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.631022] kthread+0x337/0x6f0 [ 18.631159] ret_from_fork+0x41/0x80 [ 18.631288] ret_from_fork_asm+0x1a/0x30 [ 18.631530] [ 18.631710] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.632120] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.632332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.632630] ================================================================== [ 18.832241] ================================================================== [ 18.832584] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 18.832584] [ 18.832827] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#83): [ 18.832969] test_out_of_bounds_read+0x126/0x4e0 [ 18.833202] kunit_try_run_case+0x1a5/0x480 [ 18.833415] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.833659] kthread+0x337/0x6f0 [ 18.833930] ret_from_fork+0x41/0x80 [ 18.834128] ret_from_fork_asm+0x1a/0x30 [ 18.834316] [ 18.834411] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.834411] [ 18.834992] allocated by task 309 on cpu 0 at 18.832173s (0.002808s ago): [ 18.835436] test_alloc+0x2a6/0x10f0 [ 18.835534] test_out_of_bounds_read+0xed/0x4e0 [ 18.835926] kunit_try_run_case+0x1a5/0x480 [ 18.836032] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.836141] kthread+0x337/0x6f0 [ 18.836339] ret_from_fork+0x41/0x80 [ 18.836614] ret_from_fork_asm+0x1a/0x30 [ 18.836778] [ 18.836945] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.837354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.837450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.837616] ================================================================== [ 18.728370] ================================================================== [ 18.728828] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 18.728828] [ 18.729145] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#82): [ 18.729291] test_out_of_bounds_read+0x216/0x4e0 [ 18.729519] kunit_try_run_case+0x1a5/0x480 [ 18.729865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.730145] kthread+0x337/0x6f0 [ 18.730231] ret_from_fork+0x41/0x80 [ 18.730409] ret_from_fork_asm+0x1a/0x30 [ 18.730626] [ 18.730798] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.730798] [ 18.731064] allocated by task 307 on cpu 0 at 18.728148s (0.002913s ago): [ 18.731337] test_alloc+0x364/0x10f0 [ 18.731515] test_out_of_bounds_read+0x1e2/0x4e0 [ 18.731631] kunit_try_run_case+0x1a5/0x480 [ 18.731732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.731840] kthread+0x337/0x6f0 [ 18.731934] ret_from_fork+0x41/0x80 [ 18.732173] ret_from_fork_asm+0x1a/0x30 [ 18.732413] [ 18.732577] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.732950] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.733044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.733536] ================================================================== [ 19.040270] ================================================================== [ 19.040630] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 19.040630] [ 19.040865] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#85): [ 19.041013] test_out_of_bounds_read+0x216/0x4e0 [ 19.041262] kunit_try_run_case+0x1a5/0x480 [ 19.041501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.041764] kthread+0x337/0x6f0 [ 19.041855] ret_from_fork+0x41/0x80 [ 19.041947] ret_from_fork_asm+0x1a/0x30 [ 19.042208] [ 19.042343] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.042343] [ 19.042616] allocated by task 309 on cpu 0 at 19.040199s (0.002414s ago): [ 19.042769] test_alloc+0x2a6/0x10f0 [ 19.042973] test_out_of_bounds_read+0x1e2/0x4e0 [ 19.043277] kunit_try_run_case+0x1a5/0x480 [ 19.043383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.043494] kthread+0x337/0x6f0 [ 19.043594] ret_from_fork+0x41/0x80 [ 19.043802] ret_from_fork_asm+0x1a/0x30 [ 19.044028] [ 19.044156] CPU: 0 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 19.044694] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.044820] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.044980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 18.479380] ================================================================== [ 18.479661] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 18.480094] Write of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.480239] [ 18.480315] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.480368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.480382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.480404] Call Trace: [ 18.480428] <TASK> [ 18.480448] dump_stack_lvl+0x73/0xb0 [ 18.480477] print_report+0xd1/0x650 [ 18.480502] ? __virt_addr_valid+0x1db/0x2d0 [ 18.480524] ? strncpy_from_user+0x2e/0x1d0 [ 18.480544] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.480581] ? strncpy_from_user+0x2e/0x1d0 [ 18.480605] kasan_report+0x141/0x180 [ 18.480627] ? strncpy_from_user+0x2e/0x1d0 [ 18.480652] kasan_check_range+0x10c/0x1c0 [ 18.480673] __kasan_check_write+0x18/0x20 [ 18.480736] strncpy_from_user+0x2e/0x1d0 [ 18.480757] ? __kasan_check_read+0x15/0x20 [ 18.480778] copy_user_test_oob+0x760/0x10f0 [ 18.480802] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.480823] ? finish_task_switch.isra.0+0x153/0x700 [ 18.481103] ? __switch_to+0x5d9/0xf60 [ 18.481127] ? dequeue_task_fair+0x166/0x4e0 [ 18.481151] ? __schedule+0x10cc/0x2b30 [ 18.481174] ? __pfx_read_tsc+0x10/0x10 [ 18.481194] ? ktime_get_ts64+0x86/0x230 [ 18.481219] kunit_try_run_case+0x1a5/0x480 [ 18.481243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.481266] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.481289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.481311] ? __kthread_parkme+0x82/0x180 [ 18.481332] ? preempt_count_sub+0x50/0x80 [ 18.481355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.481378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.481423] kthread+0x337/0x6f0 [ 18.481440] ? trace_preempt_on+0x20/0xc0 [ 18.481464] ? __pfx_kthread+0x10/0x10 [ 18.481482] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.481502] ? calculate_sigpending+0x7b/0xa0 [ 18.481524] ? __pfx_kthread+0x10/0x10 [ 18.481543] ret_from_fork+0x41/0x80 [ 18.481584] ? __pfx_kthread+0x10/0x10 [ 18.481606] ret_from_fork_asm+0x1a/0x30 [ 18.481636] </TASK> [ 18.481649] [ 18.490285] Allocated by task 305: [ 18.490431] kasan_save_stack+0x45/0x70 [ 18.490729] kasan_save_track+0x18/0x40 [ 18.490860] kasan_save_alloc_info+0x3b/0x50 [ 18.491102] __kasan_kmalloc+0xb7/0xc0 [ 18.491430] __kmalloc_noprof+0x1c9/0x500 [ 18.491583] kunit_kmalloc_array+0x25/0x60 [ 18.491867] copy_user_test_oob+0xab/0x10f0 [ 18.491972] kunit_try_run_case+0x1a5/0x480 [ 18.492196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.492388] kthread+0x337/0x6f0 [ 18.492524] ret_from_fork+0x41/0x80 [ 18.492672] ret_from_fork_asm+0x1a/0x30 [ 18.492838] [ 18.492915] The buggy address belongs to the object at ffff8881039f5200 [ 18.492915] which belongs to the cache kmalloc-128 of size 128 [ 18.493256] The buggy address is located 0 bytes inside of [ 18.493256] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.494214] [ 18.494308] The buggy address belongs to the physical page: [ 18.494422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.494980] flags: 0x200000000000000(node=0|zone=2) [ 18.495439] page_type: f5(slab) [ 18.495585] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.496293] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.496606] page dumped because: kasan: bad access detected [ 18.496733] [ 18.497112] Memory state around the buggy address: [ 18.497351] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.497505] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.498167] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.499036] ^ [ 18.499198] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.499342] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.499471] ================================================================== [ 18.501213] ================================================================== [ 18.501417] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 18.502132] Write of size 1 at addr ffff8881039f5278 by task kunit_try_catch/305 [ 18.502393] [ 18.502475] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.502530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.502545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.502783] Call Trace: [ 18.502814] <TASK> [ 18.502837] dump_stack_lvl+0x73/0xb0 [ 18.502873] print_report+0xd1/0x650 [ 18.502898] ? __virt_addr_valid+0x1db/0x2d0 [ 18.502932] ? strncpy_from_user+0x1a5/0x1d0 [ 18.502956] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.502979] ? strncpy_from_user+0x1a5/0x1d0 [ 18.503001] kasan_report+0x141/0x180 [ 18.503024] ? strncpy_from_user+0x1a5/0x1d0 [ 18.503050] __asan_report_store1_noabort+0x1b/0x30 [ 18.503071] strncpy_from_user+0x1a5/0x1d0 [ 18.503096] copy_user_test_oob+0x760/0x10f0 [ 18.503120] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.503152] ? finish_task_switch.isra.0+0x153/0x700 [ 18.503182] ? __switch_to+0x5d9/0xf60 [ 18.503206] ? dequeue_task_fair+0x166/0x4e0 [ 18.503235] ? __schedule+0x10cc/0x2b30 [ 18.503264] ? __pfx_read_tsc+0x10/0x10 [ 18.503287] ? ktime_get_ts64+0x86/0x230 [ 18.503316] kunit_try_run_case+0x1a5/0x480 [ 18.503344] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.503366] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.503390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.503413] ? __kthread_parkme+0x82/0x180 [ 18.503434] ? preempt_count_sub+0x50/0x80 [ 18.503459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.503482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.503505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.503528] kthread+0x337/0x6f0 [ 18.503546] ? trace_preempt_on+0x20/0xc0 [ 18.503583] ? __pfx_kthread+0x10/0x10 [ 18.503604] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.503626] ? calculate_sigpending+0x7b/0xa0 [ 18.503648] ? __pfx_kthread+0x10/0x10 [ 18.503667] ret_from_fork+0x41/0x80 [ 18.503689] ? __pfx_kthread+0x10/0x10 [ 18.503708] ret_from_fork_asm+0x1a/0x30 [ 18.503737] </TASK> [ 18.503750] [ 18.512868] Allocated by task 305: [ 18.513030] kasan_save_stack+0x45/0x70 [ 18.513191] kasan_save_track+0x18/0x40 [ 18.513336] kasan_save_alloc_info+0x3b/0x50 [ 18.513484] __kasan_kmalloc+0xb7/0xc0 [ 18.514408] __kmalloc_noprof+0x1c9/0x500 [ 18.514580] kunit_kmalloc_array+0x25/0x60 [ 18.514709] copy_user_test_oob+0xab/0x10f0 [ 18.514814] kunit_try_run_case+0x1a5/0x480 [ 18.514917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.515384] kthread+0x337/0x6f0 [ 18.515522] ret_from_fork+0x41/0x80 [ 18.515669] ret_from_fork_asm+0x1a/0x30 [ 18.515778] [ 18.515839] The buggy address belongs to the object at ffff8881039f5200 [ 18.515839] which belongs to the cache kmalloc-128 of size 128 [ 18.516296] The buggy address is located 0 bytes to the right of [ 18.516296] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.517102] [ 18.517223] The buggy address belongs to the physical page: [ 18.517350] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.517722] flags: 0x200000000000000(node=0|zone=2) [ 18.518066] page_type: f5(slab) [ 18.518305] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.518501] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.518890] page dumped because: kasan: bad access detected [ 18.519188] [ 18.519327] Memory state around the buggy address: [ 18.519504] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.519880] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.520206] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.520390] ^ [ 18.520647] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.520873] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.521327] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 18.438627] ================================================================== [ 18.439285] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 18.439729] Write of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.440189] [ 18.440305] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.440353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.440366] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.440388] Call Trace: [ 18.440403] <TASK> [ 18.440418] dump_stack_lvl+0x73/0xb0 [ 18.440445] print_report+0xd1/0x650 [ 18.440469] ? __virt_addr_valid+0x1db/0x2d0 [ 18.440491] ? copy_user_test_oob+0x557/0x10f0 [ 18.440510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.440532] ? copy_user_test_oob+0x557/0x10f0 [ 18.440552] kasan_report+0x141/0x180 [ 18.440585] ? copy_user_test_oob+0x557/0x10f0 [ 18.440611] kasan_check_range+0x10c/0x1c0 [ 18.440631] __kasan_check_write+0x18/0x20 [ 18.440652] copy_user_test_oob+0x557/0x10f0 [ 18.440674] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.440693] ? finish_task_switch.isra.0+0x153/0x700 [ 18.440716] ? __switch_to+0x5d9/0xf60 [ 18.440736] ? dequeue_task_fair+0x166/0x4e0 [ 18.440759] ? __schedule+0x10cc/0x2b30 [ 18.440781] ? __pfx_read_tsc+0x10/0x10 [ 18.440800] ? ktime_get_ts64+0x86/0x230 [ 18.440824] kunit_try_run_case+0x1a5/0x480 [ 18.440848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.440870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.440893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.440915] ? __kthread_parkme+0x82/0x180 [ 18.440937] ? preempt_count_sub+0x50/0x80 [ 18.440961] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.440985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.441007] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.441030] kthread+0x337/0x6f0 [ 18.441049] ? trace_preempt_on+0x20/0xc0 [ 18.441072] ? __pfx_kthread+0x10/0x10 [ 18.441092] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.441115] ? calculate_sigpending+0x7b/0xa0 [ 18.441138] ? __pfx_kthread+0x10/0x10 [ 18.441158] ret_from_fork+0x41/0x80 [ 18.441180] ? __pfx_kthread+0x10/0x10 [ 18.441199] ret_from_fork_asm+0x1a/0x30 [ 18.441229] </TASK> [ 18.441241] [ 18.447278] Allocated by task 305: [ 18.447373] kasan_save_stack+0x45/0x70 [ 18.447471] kasan_save_track+0x18/0x40 [ 18.447571] kasan_save_alloc_info+0x3b/0x50 [ 18.447837] __kasan_kmalloc+0xb7/0xc0 [ 18.448086] __kmalloc_noprof+0x1c9/0x500 [ 18.448407] kunit_kmalloc_array+0x25/0x60 [ 18.448670] copy_user_test_oob+0xab/0x10f0 [ 18.448906] kunit_try_run_case+0x1a5/0x480 [ 18.449126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.449457] kthread+0x337/0x6f0 [ 18.449553] ret_from_fork+0x41/0x80 [ 18.449650] ret_from_fork_asm+0x1a/0x30 [ 18.449887] [ 18.449986] The buggy address belongs to the object at ffff8881039f5200 [ 18.449986] which belongs to the cache kmalloc-128 of size 128 [ 18.450316] The buggy address is located 0 bytes inside of [ 18.450316] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.450593] [ 18.450651] The buggy address belongs to the physical page: [ 18.451025] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.451290] flags: 0x200000000000000(node=0|zone=2) [ 18.451446] page_type: f5(slab) [ 18.451636] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.451888] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.452084] page dumped because: kasan: bad access detected [ 18.452233] [ 18.452303] Memory state around the buggy address: [ 18.452431] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.452630] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.453887] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.454185] ^ [ 18.454457] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.454628] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.454760] ================================================================== [ 18.424885] ================================================================== [ 18.425261] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 18.425483] Read of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.425802] [ 18.425918] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.425965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.425980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.426001] Call Trace: [ 18.426018] <TASK> [ 18.426033] dump_stack_lvl+0x73/0xb0 [ 18.426061] print_report+0xd1/0x650 [ 18.426085] ? __virt_addr_valid+0x1db/0x2d0 [ 18.426108] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.426129] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.426151] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.426172] kasan_report+0x141/0x180 [ 18.426193] ? copy_user_test_oob+0x4aa/0x10f0 [ 18.426219] kasan_check_range+0x10c/0x1c0 [ 18.426240] __kasan_check_read+0x15/0x20 [ 18.426261] copy_user_test_oob+0x4aa/0x10f0 [ 18.426283] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.426302] ? finish_task_switch.isra.0+0x153/0x700 [ 18.426325] ? __switch_to+0x5d9/0xf60 [ 18.426346] ? dequeue_task_fair+0x166/0x4e0 [ 18.426369] ? __schedule+0x10cc/0x2b30 [ 18.426391] ? __pfx_read_tsc+0x10/0x10 [ 18.426411] ? ktime_get_ts64+0x86/0x230 [ 18.426436] kunit_try_run_case+0x1a5/0x480 [ 18.426460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.426482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.426505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.426527] ? __kthread_parkme+0x82/0x180 [ 18.426548] ? preempt_count_sub+0x50/0x80 [ 18.426583] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.426607] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.426631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.426654] kthread+0x337/0x6f0 [ 18.426695] ? trace_preempt_on+0x20/0xc0 [ 18.426721] ? __pfx_kthread+0x10/0x10 [ 18.426742] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.426763] ? calculate_sigpending+0x7b/0xa0 [ 18.426784] ? __pfx_kthread+0x10/0x10 [ 18.426803] ret_from_fork+0x41/0x80 [ 18.426826] ? __pfx_kthread+0x10/0x10 [ 18.426845] ret_from_fork_asm+0x1a/0x30 [ 18.426875] </TASK> [ 18.426888] [ 18.432003] Allocated by task 305: [ 18.432247] kasan_save_stack+0x45/0x70 [ 18.432455] kasan_save_track+0x18/0x40 [ 18.432680] kasan_save_alloc_info+0x3b/0x50 [ 18.432895] __kasan_kmalloc+0xb7/0xc0 [ 18.433188] __kmalloc_noprof+0x1c9/0x500 [ 18.433395] kunit_kmalloc_array+0x25/0x60 [ 18.433492] copy_user_test_oob+0xab/0x10f0 [ 18.433750] kunit_try_run_case+0x1a5/0x480 [ 18.433914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.434024] kthread+0x337/0x6f0 [ 18.434103] ret_from_fork+0x41/0x80 [ 18.434214] ret_from_fork_asm+0x1a/0x30 [ 18.434456] [ 18.434586] The buggy address belongs to the object at ffff8881039f5200 [ 18.434586] which belongs to the cache kmalloc-128 of size 128 [ 18.435086] The buggy address is located 0 bytes inside of [ 18.435086] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.435479] [ 18.435593] The buggy address belongs to the physical page: [ 18.435880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.436115] flags: 0x200000000000000(node=0|zone=2) [ 18.436387] page_type: f5(slab) [ 18.436480] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.436791] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.437081] page dumped because: kasan: bad access detected [ 18.437244] [ 18.437355] Memory state around the buggy address: [ 18.437463] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.437607] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.437738] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.437864] ^ [ 18.437992] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.438125] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.438248] ================================================================== [ 18.455285] ================================================================== [ 18.455448] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 18.456046] Read of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.457007] [ 18.457195] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.457344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.457447] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.457474] Call Trace: [ 18.457493] <TASK> [ 18.457690] dump_stack_lvl+0x73/0xb0 [ 18.457737] print_report+0xd1/0x650 [ 18.457764] ? __virt_addr_valid+0x1db/0x2d0 [ 18.457787] ? copy_user_test_oob+0x604/0x10f0 [ 18.457809] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.457832] ? copy_user_test_oob+0x604/0x10f0 [ 18.457853] kasan_report+0x141/0x180 [ 18.457878] ? copy_user_test_oob+0x604/0x10f0 [ 18.457903] kasan_check_range+0x10c/0x1c0 [ 18.457924] __kasan_check_read+0x15/0x20 [ 18.457946] copy_user_test_oob+0x604/0x10f0 [ 18.457970] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.457990] ? finish_task_switch.isra.0+0x153/0x700 [ 18.458014] ? __switch_to+0x5d9/0xf60 [ 18.458035] ? dequeue_task_fair+0x166/0x4e0 [ 18.458059] ? __schedule+0x10cc/0x2b30 [ 18.458082] ? __pfx_read_tsc+0x10/0x10 [ 18.458102] ? ktime_get_ts64+0x86/0x230 [ 18.458128] kunit_try_run_case+0x1a5/0x480 [ 18.458154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.458177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.458201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.458225] ? __kthread_parkme+0x82/0x180 [ 18.458248] ? preempt_count_sub+0x50/0x80 [ 18.458273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.458297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.458322] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.458346] kthread+0x337/0x6f0 [ 18.458365] ? trace_preempt_on+0x20/0xc0 [ 18.458388] ? __pfx_kthread+0x10/0x10 [ 18.458408] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.458430] ? calculate_sigpending+0x7b/0xa0 [ 18.458452] ? __pfx_kthread+0x10/0x10 [ 18.458471] ret_from_fork+0x41/0x80 [ 18.458492] ? __pfx_kthread+0x10/0x10 [ 18.458512] ret_from_fork_asm+0x1a/0x30 [ 18.458543] </TASK> [ 18.459236] [ 18.468266] Allocated by task 305: [ 18.468467] kasan_save_stack+0x45/0x70 [ 18.468761] kasan_save_track+0x18/0x40 [ 18.469175] kasan_save_alloc_info+0x3b/0x50 [ 18.469335] __kasan_kmalloc+0xb7/0xc0 [ 18.469469] __kmalloc_noprof+0x1c9/0x500 [ 18.469668] kunit_kmalloc_array+0x25/0x60 [ 18.470060] copy_user_test_oob+0xab/0x10f0 [ 18.470219] kunit_try_run_case+0x1a5/0x480 [ 18.470475] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.470937] kthread+0x337/0x6f0 [ 18.471149] ret_from_fork+0x41/0x80 [ 18.471309] ret_from_fork_asm+0x1a/0x30 [ 18.471540] [ 18.471672] The buggy address belongs to the object at ffff8881039f5200 [ 18.471672] which belongs to the cache kmalloc-128 of size 128 [ 18.472410] The buggy address is located 0 bytes inside of [ 18.472410] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.473277] [ 18.473373] The buggy address belongs to the physical page: [ 18.473556] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.473991] flags: 0x200000000000000(node=0|zone=2) [ 18.474175] page_type: f5(slab) [ 18.474434] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.474709] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.475023] page dumped because: kasan: bad access detected [ 18.475249] [ 18.475385] Memory state around the buggy address: [ 18.475670] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.476017] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.476268] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.476545] ^ [ 18.477032] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.477615] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.477998] ================================================================== [ 18.409945] ================================================================== [ 18.410259] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 18.410471] Write of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.410802] [ 18.410934] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.410987] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.411002] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.411024] Call Trace: [ 18.411041] <TASK> [ 18.411061] dump_stack_lvl+0x73/0xb0 [ 18.411090] print_report+0xd1/0x650 [ 18.411115] ? __virt_addr_valid+0x1db/0x2d0 [ 18.411146] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.411169] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.411193] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.411214] kasan_report+0x141/0x180 [ 18.411238] ? copy_user_test_oob+0x3fd/0x10f0 [ 18.411262] kasan_check_range+0x10c/0x1c0 [ 18.411285] __kasan_check_write+0x18/0x20 [ 18.411305] copy_user_test_oob+0x3fd/0x10f0 [ 18.411327] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.411347] ? finish_task_switch.isra.0+0x153/0x700 [ 18.411371] ? __switch_to+0x5d9/0xf60 [ 18.411394] ? dequeue_task_fair+0x166/0x4e0 [ 18.411420] ? __schedule+0x10cc/0x2b30 [ 18.411443] ? __pfx_read_tsc+0x10/0x10 [ 18.411465] ? ktime_get_ts64+0x86/0x230 [ 18.411491] kunit_try_run_case+0x1a5/0x480 [ 18.411517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.411540] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.411577] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.411603] ? __kthread_parkme+0x82/0x180 [ 18.411626] ? preempt_count_sub+0x50/0x80 [ 18.411652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.411676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.411700] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.411723] kthread+0x337/0x6f0 [ 18.411743] ? trace_preempt_on+0x20/0xc0 [ 18.411767] ? __pfx_kthread+0x10/0x10 [ 18.411787] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.411809] ? calculate_sigpending+0x7b/0xa0 [ 18.411831] ? __pfx_kthread+0x10/0x10 [ 18.411852] ret_from_fork+0x41/0x80 [ 18.411873] ? __pfx_kthread+0x10/0x10 [ 18.411893] ret_from_fork_asm+0x1a/0x30 [ 18.411924] </TASK> [ 18.411937] [ 18.417888] Allocated by task 305: [ 18.417974] kasan_save_stack+0x45/0x70 [ 18.418071] kasan_save_track+0x18/0x40 [ 18.418159] kasan_save_alloc_info+0x3b/0x50 [ 18.418250] __kasan_kmalloc+0xb7/0xc0 [ 18.418333] __kmalloc_noprof+0x1c9/0x500 [ 18.418420] kunit_kmalloc_array+0x25/0x60 [ 18.418576] copy_user_test_oob+0xab/0x10f0 [ 18.418808] kunit_try_run_case+0x1a5/0x480 [ 18.419084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.419438] kthread+0x337/0x6f0 [ 18.419643] ret_from_fork+0x41/0x80 [ 18.419773] ret_from_fork_asm+0x1a/0x30 [ 18.419872] [ 18.419929] The buggy address belongs to the object at ffff8881039f5200 [ 18.419929] which belongs to the cache kmalloc-128 of size 128 [ 18.420139] The buggy address is located 0 bytes inside of [ 18.420139] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.420940] [ 18.421072] The buggy address belongs to the physical page: [ 18.421275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.421421] flags: 0x200000000000000(node=0|zone=2) [ 18.421528] page_type: f5(slab) [ 18.421713] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.421996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.422365] page dumped because: kasan: bad access detected [ 18.422670] [ 18.422753] Memory state around the buggy address: [ 18.422898] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.423030] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423171] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.423312] ^ [ 18.423442] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423754] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.424104] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 18.390697] ================================================================== [ 18.391048] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 18.391336] Read of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.391614] [ 18.391739] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.391818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.391835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.391860] Call Trace: [ 18.391884] <TASK> [ 18.391905] dump_stack_lvl+0x73/0xb0 [ 18.391936] print_report+0xd1/0x650 [ 18.391962] ? __virt_addr_valid+0x1db/0x2d0 [ 18.391986] ? _copy_to_user+0x4a/0x70 [ 18.392005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.392029] ? _copy_to_user+0x4a/0x70 [ 18.392049] kasan_report+0x141/0x180 [ 18.392071] ? _copy_to_user+0x4a/0x70 [ 18.392095] kasan_check_range+0x10c/0x1c0 [ 18.392115] __kasan_check_read+0x15/0x20 [ 18.392136] _copy_to_user+0x4a/0x70 [ 18.392155] copy_user_test_oob+0x364/0x10f0 [ 18.392178] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.392198] ? finish_task_switch.isra.0+0x153/0x700 [ 18.392222] ? __switch_to+0x5d9/0xf60 [ 18.392244] ? dequeue_task_fair+0x166/0x4e0 [ 18.392269] ? __schedule+0x10cc/0x2b30 [ 18.392292] ? __pfx_read_tsc+0x10/0x10 [ 18.392313] ? ktime_get_ts64+0x86/0x230 [ 18.392339] kunit_try_run_case+0x1a5/0x480 [ 18.392363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.392385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.392409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.392432] ? __kthread_parkme+0x82/0x180 [ 18.392455] ? preempt_count_sub+0x50/0x80 [ 18.392480] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.392504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.392528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.392551] kthread+0x337/0x6f0 [ 18.392583] ? trace_preempt_on+0x20/0xc0 [ 18.392609] ? __pfx_kthread+0x10/0x10 [ 18.392629] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.392651] ? calculate_sigpending+0x7b/0xa0 [ 18.392673] ? __pfx_kthread+0x10/0x10 [ 18.392693] ret_from_fork+0x41/0x80 [ 18.392714] ? __pfx_kthread+0x10/0x10 [ 18.392733] ret_from_fork_asm+0x1a/0x30 [ 18.392764] </TASK> [ 18.392778] [ 18.398542] Allocated by task 305: [ 18.398779] kasan_save_stack+0x45/0x70 [ 18.398922] kasan_save_track+0x18/0x40 [ 18.399103] kasan_save_alloc_info+0x3b/0x50 [ 18.399285] __kasan_kmalloc+0xb7/0xc0 [ 18.399461] __kmalloc_noprof+0x1c9/0x500 [ 18.399648] kunit_kmalloc_array+0x25/0x60 [ 18.399787] copy_user_test_oob+0xab/0x10f0 [ 18.399974] kunit_try_run_case+0x1a5/0x480 [ 18.400111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.400302] kthread+0x337/0x6f0 [ 18.400467] ret_from_fork+0x41/0x80 [ 18.400614] ret_from_fork_asm+0x1a/0x30 [ 18.400885] [ 18.401000] The buggy address belongs to the object at ffff8881039f5200 [ 18.401000] which belongs to the cache kmalloc-128 of size 128 [ 18.401221] The buggy address is located 0 bytes inside of [ 18.401221] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.401524] [ 18.401662] The buggy address belongs to the physical page: [ 18.402012] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.402305] flags: 0x200000000000000(node=0|zone=2) [ 18.402515] page_type: f5(slab) [ 18.402677] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.402879] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.403021] page dumped because: kasan: bad access detected [ 18.403134] [ 18.403196] Memory state around the buggy address: [ 18.403303] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.403436] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.403572] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.403703] ^ [ 18.404138] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.404577] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.405022] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 18.372135] ================================================================== [ 18.372709] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 18.372926] Write of size 121 at addr ffff8881039f5200 by task kunit_try_catch/305 [ 18.373175] [ 18.373260] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.373322] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.373336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.373363] Call Trace: [ 18.373378] <TASK> [ 18.373403] dump_stack_lvl+0x73/0xb0 [ 18.373436] print_report+0xd1/0x650 [ 18.373465] ? __virt_addr_valid+0x1db/0x2d0 [ 18.373490] ? _copy_from_user+0x32/0x90 [ 18.373510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.373535] ? _copy_from_user+0x32/0x90 [ 18.373555] kasan_report+0x141/0x180 [ 18.373593] ? _copy_from_user+0x32/0x90 [ 18.373617] kasan_check_range+0x10c/0x1c0 [ 18.373638] __kasan_check_write+0x18/0x20 [ 18.373658] _copy_from_user+0x32/0x90 [ 18.373679] copy_user_test_oob+0x2be/0x10f0 [ 18.373701] ? __pfx_copy_user_test_oob+0x10/0x10 [ 18.373720] ? finish_task_switch.isra.0+0x153/0x700 [ 18.373747] ? __switch_to+0x5d9/0xf60 [ 18.373769] ? dequeue_task_fair+0x166/0x4e0 [ 18.373793] ? __schedule+0x10cc/0x2b30 [ 18.373818] ? __pfx_read_tsc+0x10/0x10 [ 18.373840] ? ktime_get_ts64+0x86/0x230 [ 18.373869] kunit_try_run_case+0x1a5/0x480 [ 18.373897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.373918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.373942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.373965] ? __kthread_parkme+0x82/0x180 [ 18.373988] ? preempt_count_sub+0x50/0x80 [ 18.374012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.374035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.374057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.374080] kthread+0x337/0x6f0 [ 18.374098] ? trace_preempt_on+0x20/0xc0 [ 18.374123] ? __pfx_kthread+0x10/0x10 [ 18.374141] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.374162] ? calculate_sigpending+0x7b/0xa0 [ 18.374185] ? __pfx_kthread+0x10/0x10 [ 18.374204] ret_from_fork+0x41/0x80 [ 18.374225] ? __pfx_kthread+0x10/0x10 [ 18.374243] ret_from_fork_asm+0x1a/0x30 [ 18.374275] </TASK> [ 18.374289] [ 18.380079] Allocated by task 305: [ 18.380175] kasan_save_stack+0x45/0x70 [ 18.380273] kasan_save_track+0x18/0x40 [ 18.380416] kasan_save_alloc_info+0x3b/0x50 [ 18.380671] __kasan_kmalloc+0xb7/0xc0 [ 18.380920] __kmalloc_noprof+0x1c9/0x500 [ 18.381224] kunit_kmalloc_array+0x25/0x60 [ 18.381566] copy_user_test_oob+0xab/0x10f0 [ 18.381685] kunit_try_run_case+0x1a5/0x480 [ 18.381782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.381892] kthread+0x337/0x6f0 [ 18.381972] ret_from_fork+0x41/0x80 [ 18.382059] ret_from_fork_asm+0x1a/0x30 [ 18.382152] [ 18.382267] The buggy address belongs to the object at ffff8881039f5200 [ 18.382267] which belongs to the cache kmalloc-128 of size 128 [ 18.383034] The buggy address is located 0 bytes inside of [ 18.383034] allocated 120-byte region [ffff8881039f5200, ffff8881039f5278) [ 18.383275] [ 18.383339] The buggy address belongs to the physical page: [ 18.383451] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.384033] flags: 0x200000000000000(node=0|zone=2) [ 18.384305] page_type: f5(slab) [ 18.384501] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.384902] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.385124] page dumped because: kasan: bad access detected [ 18.385230] [ 18.385284] Memory state around the buggy address: [ 18.385385] ffff8881039f5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.385512] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385650] >ffff8881039f5200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.386100] ^ [ 18.386573] ffff8881039f5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.386880] ffff8881039f5300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.387016] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 18.335983] ================================================================== [ 18.336325] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 18.336929] Write of size 8 at addr ffff8881039f5178 by task kunit_try_catch/301 [ 18.337134] [ 18.337222] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.337276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.337291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.337315] Call Trace: [ 18.337337] <TASK> [ 18.337359] dump_stack_lvl+0x73/0xb0 [ 18.337393] print_report+0xd1/0x650 [ 18.337419] ? __virt_addr_valid+0x1db/0x2d0 [ 18.337442] ? copy_to_kernel_nofault+0x99/0x260 [ 18.337463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.337487] ? copy_to_kernel_nofault+0x99/0x260 [ 18.337508] kasan_report+0x141/0x180 [ 18.337530] ? copy_to_kernel_nofault+0x99/0x260 [ 18.337555] kasan_check_range+0x10c/0x1c0 [ 18.337590] __kasan_check_write+0x18/0x20 [ 18.337612] copy_to_kernel_nofault+0x99/0x260 [ 18.337712] copy_to_kernel_nofault_oob+0x288/0x560 [ 18.337738] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.337763] ? finish_task_switch.isra.0+0x153/0x700 [ 18.337789] ? __schedule+0x10cc/0x2b30 [ 18.337813] ? trace_hardirqs_on+0x37/0xe0 [ 18.337845] ? __pfx_read_tsc+0x10/0x10 [ 18.337866] ? ktime_get_ts64+0x86/0x230 [ 18.337894] kunit_try_run_case+0x1a5/0x480 [ 18.337919] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.337941] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.337965] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.337988] ? __kthread_parkme+0x82/0x180 [ 18.338010] ? preempt_count_sub+0x50/0x80 [ 18.338034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.338058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.338080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.338103] kthread+0x337/0x6f0 [ 18.338120] ? trace_preempt_on+0x20/0xc0 [ 18.338143] ? __pfx_kthread+0x10/0x10 [ 18.338162] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.338182] ? calculate_sigpending+0x7b/0xa0 [ 18.338205] ? __pfx_kthread+0x10/0x10 [ 18.338224] ret_from_fork+0x41/0x80 [ 18.338244] ? __pfx_kthread+0x10/0x10 [ 18.338263] ret_from_fork_asm+0x1a/0x30 [ 18.338292] </TASK> [ 18.338306] [ 18.344913] Allocated by task 301: [ 18.345215] kasan_save_stack+0x45/0x70 [ 18.345484] kasan_save_track+0x18/0x40 [ 18.346066] kasan_save_alloc_info+0x3b/0x50 [ 18.346394] __kasan_kmalloc+0xb7/0xc0 [ 18.346688] __kmalloc_cache_noprof+0x189/0x420 [ 18.346884] copy_to_kernel_nofault_oob+0x12f/0x560 [ 18.347139] kunit_try_run_case+0x1a5/0x480 [ 18.347336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.347529] kthread+0x337/0x6f0 [ 18.347630] ret_from_fork+0x41/0x80 [ 18.347924] ret_from_fork_asm+0x1a/0x30 [ 18.348028] [ 18.348087] The buggy address belongs to the object at ffff8881039f5100 [ 18.348087] which belongs to the cache kmalloc-128 of size 128 [ 18.348303] The buggy address is located 0 bytes to the right of [ 18.348303] allocated 120-byte region [ffff8881039f5100, ffff8881039f5178) [ 18.348518] [ 18.348588] The buggy address belongs to the physical page: [ 18.349007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.349607] flags: 0x200000000000000(node=0|zone=2) [ 18.350034] page_type: f5(slab) [ 18.350127] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.350266] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.350400] page dumped because: kasan: bad access detected [ 18.350504] [ 18.350556] Memory state around the buggy address: [ 18.351259] ffff8881039f5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.351809] ffff8881039f5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.352366] >ffff8881039f5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.352839] ^ [ 18.353066] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.353203] ffff8881039f5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.353330] ================================================================== [ 18.319036] ================================================================== [ 18.319511] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 18.319929] Read of size 8 at addr ffff8881039f5178 by task kunit_try_catch/301 [ 18.320164] [ 18.320321] CPU: 1 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.320383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.320409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.320436] Call Trace: [ 18.320453] <TASK> [ 18.320486] dump_stack_lvl+0x73/0xb0 [ 18.320522] print_report+0xd1/0x650 [ 18.320552] ? __virt_addr_valid+0x1db/0x2d0 [ 18.320596] ? copy_to_kernel_nofault+0x225/0x260 [ 18.320621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.320645] ? copy_to_kernel_nofault+0x225/0x260 [ 18.320677] kasan_report+0x141/0x180 [ 18.320703] ? copy_to_kernel_nofault+0x225/0x260 [ 18.320728] __asan_report_load8_noabort+0x18/0x20 [ 18.320749] copy_to_kernel_nofault+0x225/0x260 [ 18.321059] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 18.321087] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 18.321111] ? finish_task_switch.isra.0+0x153/0x700 [ 18.321141] ? __schedule+0x10cc/0x2b30 [ 18.321164] ? trace_hardirqs_on+0x37/0xe0 [ 18.321198] ? __pfx_read_tsc+0x10/0x10 [ 18.321222] ? ktime_get_ts64+0x86/0x230 [ 18.321250] kunit_try_run_case+0x1a5/0x480 [ 18.321279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.321302] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.321326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.321349] ? __kthread_parkme+0x82/0x180 [ 18.321372] ? preempt_count_sub+0x50/0x80 [ 18.321396] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.321419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.321442] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.321464] kthread+0x337/0x6f0 [ 18.321482] ? trace_preempt_on+0x20/0xc0 [ 18.321503] ? __pfx_kthread+0x10/0x10 [ 18.321522] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.321543] ? calculate_sigpending+0x7b/0xa0 [ 18.321577] ? __pfx_kthread+0x10/0x10 [ 18.321599] ret_from_fork+0x41/0x80 [ 18.321634] ? __pfx_kthread+0x10/0x10 [ 18.321653] ret_from_fork_asm+0x1a/0x30 [ 18.321684] </TASK> [ 18.321698] [ 18.328091] Allocated by task 301: [ 18.328231] kasan_save_stack+0x45/0x70 [ 18.328438] kasan_save_track+0x18/0x40 [ 18.328537] kasan_save_alloc_info+0x3b/0x50 [ 18.328668] __kasan_kmalloc+0xb7/0xc0 [ 18.328876] __kmalloc_cache_noprof+0x189/0x420 [ 18.329121] copy_to_kernel_nofault_oob+0x12f/0x560 [ 18.329362] kunit_try_run_case+0x1a5/0x480 [ 18.329588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.329703] kthread+0x337/0x6f0 [ 18.329924] ret_from_fork+0x41/0x80 [ 18.330230] ret_from_fork_asm+0x1a/0x30 [ 18.330338] [ 18.330453] The buggy address belongs to the object at ffff8881039f5100 [ 18.330453] which belongs to the cache kmalloc-128 of size 128 [ 18.330884] The buggy address is located 0 bytes to the right of [ 18.330884] allocated 120-byte region [ffff8881039f5100, ffff8881039f5178) [ 18.331209] [ 18.331274] The buggy address belongs to the physical page: [ 18.331384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f5 [ 18.331536] flags: 0x200000000000000(node=0|zone=2) [ 18.331664] page_type: f5(slab) [ 18.331760] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.332017] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.332497] page dumped because: kasan: bad access detected [ 18.333167] [ 18.333288] Memory state around the buggy address: [ 18.333456] ffff8881039f5000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.333990] ffff8881039f5080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.334160] >ffff8881039f5100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 18.334291] ^ [ 18.334736] ffff8881039f5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.335193] ffff8881039f5200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.335422] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 18.142896] ================================================================== [ 18.143749] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 18.144375] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.144979] [ 18.145212] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.145314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.145344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.145393] Call Trace: [ 18.145437] <TASK> [ 18.145479] dump_stack_lvl+0x73/0xb0 [ 18.145546] print_report+0xd1/0x650 [ 18.145609] ? __virt_addr_valid+0x1db/0x2d0 [ 18.145656] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.145709] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.145763] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.145811] kasan_report+0x141/0x180 [ 18.145861] ? kasan_atomics_helper+0x4fb2/0x5450 [ 18.145931] __asan_report_load8_noabort+0x18/0x20 [ 18.145980] kasan_atomics_helper+0x4fb2/0x5450 [ 18.146030] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.146081] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.146123] ? ret_from_fork_asm+0x1a/0x30 [ 18.146165] ? kasan_atomics+0x152/0x310 [ 18.146220] kasan_atomics+0x1dc/0x310 [ 18.146264] ? __pfx_kasan_atomics+0x10/0x10 [ 18.146323] ? __pfx_read_tsc+0x10/0x10 [ 18.146365] ? ktime_get_ts64+0x86/0x230 [ 18.146425] kunit_try_run_case+0x1a5/0x480 [ 18.146492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.146538] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.146598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.146652] ? __kthread_parkme+0x82/0x180 [ 18.146718] ? preempt_count_sub+0x50/0x80 [ 18.146769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.146821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.146868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.146914] kthread+0x337/0x6f0 [ 18.146961] ? trace_preempt_on+0x20/0xc0 [ 18.147024] ? __pfx_kthread+0x10/0x10 [ 18.147066] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.147112] ? calculate_sigpending+0x7b/0xa0 [ 18.147176] ? __pfx_kthread+0x10/0x10 [ 18.147219] ret_from_fork+0x41/0x80 [ 18.147281] ? __pfx_kthread+0x10/0x10 [ 18.147324] ret_from_fork_asm+0x1a/0x30 [ 18.147397] </TASK> [ 18.147427] [ 18.156925] Allocated by task 285: [ 18.157280] kasan_save_stack+0x45/0x70 [ 18.157673] kasan_save_track+0x18/0x40 [ 18.158019] kasan_save_alloc_info+0x3b/0x50 [ 18.158470] __kasan_kmalloc+0xb7/0xc0 [ 18.158808] __kmalloc_cache_noprof+0x189/0x420 [ 18.159057] kasan_atomics+0x95/0x310 [ 18.159316] kunit_try_run_case+0x1a5/0x480 [ 18.159578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.161044] kthread+0x337/0x6f0 [ 18.161255] ret_from_fork+0x41/0x80 [ 18.161433] ret_from_fork_asm+0x1a/0x30 [ 18.162168] [ 18.162326] The buggy address belongs to the object at ffff8881033b5600 [ 18.162326] which belongs to the cache kmalloc-64 of size 64 [ 18.163473] The buggy address is located 0 bytes to the right of [ 18.163473] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.164243] [ 18.164382] The buggy address belongs to the physical page: [ 18.164606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.165492] flags: 0x200000000000000(node=0|zone=2) [ 18.165820] page_type: f5(slab) [ 18.165995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.166433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.166847] page dumped because: kasan: bad access detected [ 18.167232] [ 18.167407] Memory state around the buggy address: [ 18.167625] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168056] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.168414] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.168756] ^ [ 18.169033] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169423] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.169843] ================================================================== [ 16.980188] ================================================================== [ 16.980908] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 16.981393] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.981784] [ 16.982062] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.982156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.982183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.982226] Call Trace: [ 16.982292] <TASK> [ 16.982334] dump_stack_lvl+0x73/0xb0 [ 16.982447] print_report+0xd1/0x650 [ 16.982501] ? __virt_addr_valid+0x1db/0x2d0 [ 16.982547] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.982598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.982642] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.982743] kasan_report+0x141/0x180 [ 16.982807] ? kasan_atomics_helper+0x4a84/0x5450 [ 16.982857] __asan_report_load4_noabort+0x18/0x20 [ 16.982894] kasan_atomics_helper+0x4a84/0x5450 [ 16.982931] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.982956] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.982978] ? ret_from_fork_asm+0x1a/0x30 [ 16.983001] ? kasan_atomics+0x152/0x310 [ 16.983024] kasan_atomics+0x1dc/0x310 [ 16.983044] ? __pfx_kasan_atomics+0x10/0x10 [ 16.983065] ? __pfx_read_tsc+0x10/0x10 [ 16.983087] ? ktime_get_ts64+0x86/0x230 [ 16.983115] kunit_try_run_case+0x1a5/0x480 [ 16.983164] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.983191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.983220] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.983247] ? __kthread_parkme+0x82/0x180 [ 16.983273] ? preempt_count_sub+0x50/0x80 [ 16.983302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.983330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.983357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.983382] kthread+0x337/0x6f0 [ 16.983401] ? trace_preempt_on+0x20/0xc0 [ 16.983427] ? __pfx_kthread+0x10/0x10 [ 16.983446] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.983467] ? calculate_sigpending+0x7b/0xa0 [ 16.983492] ? __pfx_kthread+0x10/0x10 [ 16.983511] ret_from_fork+0x41/0x80 [ 16.983533] ? __pfx_kthread+0x10/0x10 [ 16.983552] ret_from_fork_asm+0x1a/0x30 [ 16.983604] </TASK> [ 16.983620] [ 16.993915] Allocated by task 285: [ 16.994322] kasan_save_stack+0x45/0x70 [ 16.994691] kasan_save_track+0x18/0x40 [ 16.995085] kasan_save_alloc_info+0x3b/0x50 [ 16.995349] __kasan_kmalloc+0xb7/0xc0 [ 16.995544] __kmalloc_cache_noprof+0x189/0x420 [ 16.995763] kasan_atomics+0x95/0x310 [ 16.995954] kunit_try_run_case+0x1a5/0x480 [ 16.996158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.996474] kthread+0x337/0x6f0 [ 16.996811] ret_from_fork+0x41/0x80 [ 16.997129] ret_from_fork_asm+0x1a/0x30 [ 16.997458] [ 16.997640] The buggy address belongs to the object at ffff8881033b5600 [ 16.997640] which belongs to the cache kmalloc-64 of size 64 [ 16.998447] The buggy address is located 0 bytes to the right of [ 16.998447] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.999598] [ 16.999826] The buggy address belongs to the physical page: [ 17.000168] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.000713] flags: 0x200000000000000(node=0|zone=2) [ 17.000972] page_type: f5(slab) [ 17.001316] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.001855] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.002246] page dumped because: kasan: bad access detected [ 17.002597] [ 17.002784] Memory state around the buggy address: [ 17.003231] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.003655] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.004076] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.004466] ^ [ 17.004872] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.005236] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.005707] ================================================================== [ 17.145568] ================================================================== [ 17.146136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 17.146453] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.146925] [ 17.147139] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.147248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.147283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.147332] Call Trace: [ 17.147378] <TASK> [ 17.147422] dump_stack_lvl+0x73/0xb0 [ 17.147493] print_report+0xd1/0x650 [ 17.147549] ? __virt_addr_valid+0x1db/0x2d0 [ 17.147616] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.147663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.147715] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.147769] kasan_report+0x141/0x180 [ 17.147826] ? kasan_atomics_helper+0x4a36/0x5450 [ 17.147889] __asan_report_load4_noabort+0x18/0x20 [ 17.147941] kasan_atomics_helper+0x4a36/0x5450 [ 17.147997] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.148046] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.148091] ? ret_from_fork_asm+0x1a/0x30 [ 17.148136] ? kasan_atomics+0x152/0x310 [ 17.148187] kasan_atomics+0x1dc/0x310 [ 17.148231] ? __pfx_kasan_atomics+0x10/0x10 [ 17.148278] ? __pfx_read_tsc+0x10/0x10 [ 17.148322] ? ktime_get_ts64+0x86/0x230 [ 17.148372] kunit_try_run_case+0x1a5/0x480 [ 17.148416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.148456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.148493] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.148531] ? __kthread_parkme+0x82/0x180 [ 17.148584] ? preempt_count_sub+0x50/0x80 [ 17.148641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.148689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.148754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.148804] kthread+0x337/0x6f0 [ 17.148843] ? trace_preempt_on+0x20/0xc0 [ 17.148894] ? __pfx_kthread+0x10/0x10 [ 17.148936] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.148982] ? calculate_sigpending+0x7b/0xa0 [ 17.149030] ? __pfx_kthread+0x10/0x10 [ 17.149073] ret_from_fork+0x41/0x80 [ 17.149118] ? __pfx_kthread+0x10/0x10 [ 17.149160] ret_from_fork_asm+0x1a/0x30 [ 17.149218] </TASK> [ 17.149252] [ 17.158947] Allocated by task 285: [ 17.159196] kasan_save_stack+0x45/0x70 [ 17.159546] kasan_save_track+0x18/0x40 [ 17.160036] kasan_save_alloc_info+0x3b/0x50 [ 17.160261] __kasan_kmalloc+0xb7/0xc0 [ 17.160447] __kmalloc_cache_noprof+0x189/0x420 [ 17.160799] kasan_atomics+0x95/0x310 [ 17.161106] kunit_try_run_case+0x1a5/0x480 [ 17.161476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.161986] kthread+0x337/0x6f0 [ 17.162308] ret_from_fork+0x41/0x80 [ 17.162634] ret_from_fork_asm+0x1a/0x30 [ 17.162926] [ 17.163047] The buggy address belongs to the object at ffff8881033b5600 [ 17.163047] which belongs to the cache kmalloc-64 of size 64 [ 17.163606] The buggy address is located 0 bytes to the right of [ 17.163606] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.164791] [ 17.164941] The buggy address belongs to the physical page: [ 17.165155] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.165738] flags: 0x200000000000000(node=0|zone=2) [ 17.166146] page_type: f5(slab) [ 17.166351] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.166717] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.167141] page dumped because: kasan: bad access detected [ 17.168278] [ 17.168396] Memory state around the buggy address: [ 17.168595] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.168839] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.169061] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.169275] ^ [ 17.169431] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.169762] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.170045] ================================================================== [ 17.064390] ================================================================== [ 17.064780] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 17.065409] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.066205] [ 17.066732] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.066799] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.066815] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.066848] Call Trace: [ 17.066886] <TASK> [ 17.066924] dump_stack_lvl+0x73/0xb0 [ 17.067010] print_report+0xd1/0x650 [ 17.067040] ? __virt_addr_valid+0x1db/0x2d0 [ 17.067067] ? kasan_atomics_helper+0xe78/0x5450 [ 17.067103] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.067138] ? kasan_atomics_helper+0xe78/0x5450 [ 17.067166] kasan_report+0x141/0x180 [ 17.067190] ? kasan_atomics_helper+0xe78/0x5450 [ 17.067218] kasan_check_range+0x10c/0x1c0 [ 17.067241] __kasan_check_write+0x18/0x20 [ 17.067263] kasan_atomics_helper+0xe78/0x5450 [ 17.067288] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.067314] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.067336] ? ret_from_fork_asm+0x1a/0x30 [ 17.067359] ? kasan_atomics+0x152/0x310 [ 17.067383] kasan_atomics+0x1dc/0x310 [ 17.067403] ? __pfx_kasan_atomics+0x10/0x10 [ 17.067424] ? __pfx_read_tsc+0x10/0x10 [ 17.067445] ? ktime_get_ts64+0x86/0x230 [ 17.067472] kunit_try_run_case+0x1a5/0x480 [ 17.067499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.067522] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.067547] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.067590] ? __kthread_parkme+0x82/0x180 [ 17.067614] ? preempt_count_sub+0x50/0x80 [ 17.067641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.067677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.067705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.067729] kthread+0x337/0x6f0 [ 17.067746] ? trace_preempt_on+0x20/0xc0 [ 17.067770] ? __pfx_kthread+0x10/0x10 [ 17.067789] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.067811] ? calculate_sigpending+0x7b/0xa0 [ 17.067834] ? __pfx_kthread+0x10/0x10 [ 17.067853] ret_from_fork+0x41/0x80 [ 17.067874] ? __pfx_kthread+0x10/0x10 [ 17.067893] ret_from_fork_asm+0x1a/0x30 [ 17.067922] </TASK> [ 17.067935] [ 17.079186] Allocated by task 285: [ 17.079349] kasan_save_stack+0x45/0x70 [ 17.079512] kasan_save_track+0x18/0x40 [ 17.081303] kasan_save_alloc_info+0x3b/0x50 [ 17.081737] __kasan_kmalloc+0xb7/0xc0 [ 17.082075] __kmalloc_cache_noprof+0x189/0x420 [ 17.082443] kasan_atomics+0x95/0x310 [ 17.082754] kunit_try_run_case+0x1a5/0x480 [ 17.083160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.083531] kthread+0x337/0x6f0 [ 17.083786] ret_from_fork+0x41/0x80 [ 17.084432] ret_from_fork_asm+0x1a/0x30 [ 17.084665] [ 17.085115] The buggy address belongs to the object at ffff8881033b5600 [ 17.085115] which belongs to the cache kmalloc-64 of size 64 [ 17.085733] The buggy address is located 0 bytes to the right of [ 17.085733] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.086423] [ 17.086616] The buggy address belongs to the physical page: [ 17.087486] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.088162] flags: 0x200000000000000(node=0|zone=2) [ 17.088448] page_type: f5(slab) [ 17.088621] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.089396] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.089741] page dumped because: kasan: bad access detected [ 17.090100] [ 17.090267] Memory state around the buggy address: [ 17.090594] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.091455] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.091822] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.092240] ^ [ 17.092755] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.092989] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.093487] ================================================================== [ 17.687688] ================================================================== [ 17.688388] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 17.689000] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.689275] [ 17.689913] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.689995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.690013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.690038] Call Trace: [ 17.690064] <TASK> [ 17.690089] dump_stack_lvl+0x73/0xb0 [ 17.690132] print_report+0xd1/0x650 [ 17.690159] ? __virt_addr_valid+0x1db/0x2d0 [ 17.690186] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.690210] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.690234] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.690259] kasan_report+0x141/0x180 [ 17.690283] ? kasan_atomics_helper+0x18b1/0x5450 [ 17.690312] kasan_check_range+0x10c/0x1c0 [ 17.690334] __kasan_check_write+0x18/0x20 [ 17.690356] kasan_atomics_helper+0x18b1/0x5450 [ 17.690380] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.690404] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.690426] ? ret_from_fork_asm+0x1a/0x30 [ 17.690449] ? kasan_atomics+0x152/0x310 [ 17.690474] kasan_atomics+0x1dc/0x310 [ 17.690494] ? __pfx_kasan_atomics+0x10/0x10 [ 17.690517] ? __pfx_read_tsc+0x10/0x10 [ 17.690539] ? ktime_get_ts64+0x86/0x230 [ 17.690588] kunit_try_run_case+0x1a5/0x480 [ 17.690619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.690643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.690684] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.690711] ? __kthread_parkme+0x82/0x180 [ 17.690736] ? preempt_count_sub+0x50/0x80 [ 17.690764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.690792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.690817] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.690843] kthread+0x337/0x6f0 [ 17.690864] ? trace_preempt_on+0x20/0xc0 [ 17.690892] ? __pfx_kthread+0x10/0x10 [ 17.690913] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.690937] ? calculate_sigpending+0x7b/0xa0 [ 17.690962] ? __pfx_kthread+0x10/0x10 [ 17.690984] ret_from_fork+0x41/0x80 [ 17.691008] ? __pfx_kthread+0x10/0x10 [ 17.691029] ret_from_fork_asm+0x1a/0x30 [ 17.691062] </TASK> [ 17.691077] [ 17.703902] Allocated by task 285: [ 17.704152] kasan_save_stack+0x45/0x70 [ 17.704395] kasan_save_track+0x18/0x40 [ 17.705809] kasan_save_alloc_info+0x3b/0x50 [ 17.707688] __kasan_kmalloc+0xb7/0xc0 [ 17.708269] __kmalloc_cache_noprof+0x189/0x420 [ 17.708752] kasan_atomics+0x95/0x310 [ 17.709517] kunit_try_run_case+0x1a5/0x480 [ 17.710139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.711119] kthread+0x337/0x6f0 [ 17.711506] ret_from_fork+0x41/0x80 [ 17.712575] ret_from_fork_asm+0x1a/0x30 [ 17.713178] [ 17.713295] The buggy address belongs to the object at ffff8881033b5600 [ 17.713295] which belongs to the cache kmalloc-64 of size 64 [ 17.715064] The buggy address is located 0 bytes to the right of [ 17.715064] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.716807] [ 17.717156] The buggy address belongs to the physical page: [ 17.717655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.718190] flags: 0x200000000000000(node=0|zone=2) [ 17.718477] page_type: f5(slab) [ 17.719163] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.719511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.720193] page dumped because: kasan: bad access detected [ 17.720861] [ 17.720986] Memory state around the buggy address: [ 17.721466] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.721912] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.722583] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.723198] ^ [ 17.723513] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.723984] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.724370] ================================================================== [ 17.094442] ================================================================== [ 17.094865] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 17.095436] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.096068] [ 17.096290] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.096395] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.096431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.096467] Call Trace: [ 17.096505] <TASK> [ 17.096542] dump_stack_lvl+0x73/0xb0 [ 17.096620] print_report+0xd1/0x650 [ 17.096678] ? __virt_addr_valid+0x1db/0x2d0 [ 17.096728] ? kasan_atomics_helper+0xf10/0x5450 [ 17.096776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.096826] ? kasan_atomics_helper+0xf10/0x5450 [ 17.096874] kasan_report+0x141/0x180 [ 17.096915] ? kasan_atomics_helper+0xf10/0x5450 [ 17.096967] kasan_check_range+0x10c/0x1c0 [ 17.097012] __kasan_check_write+0x18/0x20 [ 17.097056] kasan_atomics_helper+0xf10/0x5450 [ 17.097108] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.097182] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.097246] ? ret_from_fork_asm+0x1a/0x30 [ 17.097299] ? kasan_atomics+0x152/0x310 [ 17.097353] kasan_atomics+0x1dc/0x310 [ 17.097398] ? __pfx_kasan_atomics+0x10/0x10 [ 17.097446] ? __pfx_read_tsc+0x10/0x10 [ 17.097491] ? ktime_get_ts64+0x86/0x230 [ 17.097539] kunit_try_run_case+0x1a5/0x480 [ 17.097600] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.097643] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.097728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.097790] ? __kthread_parkme+0x82/0x180 [ 17.097835] ? preempt_count_sub+0x50/0x80 [ 17.097886] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.097948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.098011] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.098055] kthread+0x337/0x6f0 [ 17.098088] ? trace_preempt_on+0x20/0xc0 [ 17.098117] ? __pfx_kthread+0x10/0x10 [ 17.098136] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.098158] ? calculate_sigpending+0x7b/0xa0 [ 17.098182] ? __pfx_kthread+0x10/0x10 [ 17.098201] ret_from_fork+0x41/0x80 [ 17.098223] ? __pfx_kthread+0x10/0x10 [ 17.098242] ret_from_fork_asm+0x1a/0x30 [ 17.098271] </TASK> [ 17.098286] [ 17.107468] Allocated by task 285: [ 17.107795] kasan_save_stack+0x45/0x70 [ 17.108149] kasan_save_track+0x18/0x40 [ 17.108475] kasan_save_alloc_info+0x3b/0x50 [ 17.108848] __kasan_kmalloc+0xb7/0xc0 [ 17.109159] __kmalloc_cache_noprof+0x189/0x420 [ 17.109510] kasan_atomics+0x95/0x310 [ 17.109852] kunit_try_run_case+0x1a5/0x480 [ 17.110180] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.110505] kthread+0x337/0x6f0 [ 17.110815] ret_from_fork+0x41/0x80 [ 17.111020] ret_from_fork_asm+0x1a/0x30 [ 17.111328] [ 17.111539] The buggy address belongs to the object at ffff8881033b5600 [ 17.111539] which belongs to the cache kmalloc-64 of size 64 [ 17.112247] The buggy address is located 0 bytes to the right of [ 17.112247] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.112903] [ 17.113088] The buggy address belongs to the physical page: [ 17.113390] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.113897] flags: 0x200000000000000(node=0|zone=2) [ 17.114219] page_type: f5(slab) [ 17.114493] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.114789] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.115052] page dumped because: kasan: bad access detected [ 17.115270] [ 17.115385] Memory state around the buggy address: [ 17.115771] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.116289] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.116814] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.117311] ^ [ 17.117680] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.118172] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.118747] ================================================================== [ 16.511384] ================================================================== [ 16.511776] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 16.512687] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.513046] [ 16.513301] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.513479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.513737] Call Trace: [ 16.513764] <TASK> [ 16.513788] dump_stack_lvl+0x73/0xb0 [ 16.513830] print_report+0xd1/0x650 [ 16.513858] ? __virt_addr_valid+0x1db/0x2d0 [ 16.513884] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.513909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.513934] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.513960] kasan_report+0x141/0x180 [ 16.513985] ? kasan_atomics_helper+0x4a0/0x5450 [ 16.514014] kasan_check_range+0x10c/0x1c0 [ 16.514038] __kasan_check_write+0x18/0x20 [ 16.514062] kasan_atomics_helper+0x4a0/0x5450 [ 16.514088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.514114] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.514139] ? ret_from_fork_asm+0x1a/0x30 [ 16.514164] ? kasan_atomics+0x152/0x310 [ 16.514190] kasan_atomics+0x1dc/0x310 [ 16.514212] ? __pfx_kasan_atomics+0x10/0x10 [ 16.514235] ? __pfx_read_tsc+0x10/0x10 [ 16.514259] ? ktime_get_ts64+0x86/0x230 [ 16.514289] kunit_try_run_case+0x1a5/0x480 [ 16.514318] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.514344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.514371] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.514398] ? __kthread_parkme+0x82/0x180 [ 16.514423] ? preempt_count_sub+0x50/0x80 [ 16.514451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.514479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.514505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.514532] kthread+0x337/0x6f0 [ 16.514552] ? trace_preempt_on+0x20/0xc0 [ 16.514732] ? __pfx_kthread+0x10/0x10 [ 16.514765] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.514796] ? calculate_sigpending+0x7b/0xa0 [ 16.514828] ? __pfx_kthread+0x10/0x10 [ 16.514851] ret_from_fork+0x41/0x80 [ 16.514885] ? __pfx_kthread+0x10/0x10 [ 16.514906] ret_from_fork_asm+0x1a/0x30 [ 16.514942] </TASK> [ 16.514958] [ 16.526289] Allocated by task 285: [ 16.526446] kasan_save_stack+0x45/0x70 [ 16.527341] kasan_save_track+0x18/0x40 [ 16.527511] kasan_save_alloc_info+0x3b/0x50 [ 16.527675] __kasan_kmalloc+0xb7/0xc0 [ 16.528000] __kmalloc_cache_noprof+0x189/0x420 [ 16.528317] kasan_atomics+0x95/0x310 [ 16.529147] kunit_try_run_case+0x1a5/0x480 [ 16.529376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.529603] kthread+0x337/0x6f0 [ 16.530338] ret_from_fork+0x41/0x80 [ 16.531318] ret_from_fork_asm+0x1a/0x30 [ 16.531538] [ 16.532008] The buggy address belongs to the object at ffff8881033b5600 [ 16.532008] which belongs to the cache kmalloc-64 of size 64 [ 16.532574] The buggy address is located 0 bytes to the right of [ 16.532574] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.533328] [ 16.533432] The buggy address belongs to the physical page: [ 16.534128] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.535396] flags: 0x200000000000000(node=0|zone=2) [ 16.535846] page_type: f5(slab) [ 16.536072] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.536395] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.536601] page dumped because: kasan: bad access detected [ 16.537195] [ 16.537299] Memory state around the buggy address: [ 16.537465] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.538197] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.538482] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.538755] ^ [ 16.539816] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.540800] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.541114] ================================================================== [ 17.783249] ================================================================== [ 17.784000] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 17.784306] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.784704] [ 17.784919] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.785017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.785050] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.785098] Call Trace: [ 17.785145] <TASK> [ 17.785187] dump_stack_lvl+0x73/0xb0 [ 17.785254] print_report+0xd1/0x650 [ 17.785306] ? __virt_addr_valid+0x1db/0x2d0 [ 17.785357] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.785406] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.785458] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.785509] kasan_report+0x141/0x180 [ 17.785572] ? kasan_atomics_helper+0x1a7f/0x5450 [ 17.785633] kasan_check_range+0x10c/0x1c0 [ 17.785682] __kasan_check_write+0x18/0x20 [ 17.785731] kasan_atomics_helper+0x1a7f/0x5450 [ 17.785781] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.785829] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.785869] ? ret_from_fork_asm+0x1a/0x30 [ 17.785906] ? kasan_atomics+0x152/0x310 [ 17.785947] kasan_atomics+0x1dc/0x310 [ 17.785978] ? __pfx_kasan_atomics+0x10/0x10 [ 17.786013] ? __pfx_read_tsc+0x10/0x10 [ 17.786049] ? ktime_get_ts64+0x86/0x230 [ 17.786095] kunit_try_run_case+0x1a5/0x480 [ 17.786151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.786194] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.786259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.786309] ? __kthread_parkme+0x82/0x180 [ 17.786355] ? preempt_count_sub+0x50/0x80 [ 17.786408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.786460] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.786510] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.786569] kthread+0x337/0x6f0 [ 17.786611] ? trace_preempt_on+0x20/0xc0 [ 17.786660] ? __pfx_kthread+0x10/0x10 [ 17.786699] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.786744] ? calculate_sigpending+0x7b/0xa0 [ 17.786793] ? __pfx_kthread+0x10/0x10 [ 17.786830] ret_from_fork+0x41/0x80 [ 17.786889] ? __pfx_kthread+0x10/0x10 [ 17.786930] ret_from_fork_asm+0x1a/0x30 [ 17.786996] </TASK> [ 17.787026] [ 17.797286] Allocated by task 285: [ 17.797625] kasan_save_stack+0x45/0x70 [ 17.798001] kasan_save_track+0x18/0x40 [ 17.798277] kasan_save_alloc_info+0x3b/0x50 [ 17.798467] __kasan_kmalloc+0xb7/0xc0 [ 17.798649] __kmalloc_cache_noprof+0x189/0x420 [ 17.798842] kasan_atomics+0x95/0x310 [ 17.799015] kunit_try_run_case+0x1a5/0x480 [ 17.799231] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.799659] kthread+0x337/0x6f0 [ 17.799939] ret_from_fork+0x41/0x80 [ 17.800240] ret_from_fork_asm+0x1a/0x30 [ 17.800556] [ 17.800731] The buggy address belongs to the object at ffff8881033b5600 [ 17.800731] which belongs to the cache kmalloc-64 of size 64 [ 17.801512] The buggy address is located 0 bytes to the right of [ 17.801512] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.802471] [ 17.802588] The buggy address belongs to the physical page: [ 17.803145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.803487] flags: 0x200000000000000(node=0|zone=2) [ 17.803763] page_type: f5(slab) [ 17.804059] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.804624] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.805001] page dumped because: kasan: bad access detected [ 17.805217] [ 17.805327] Memory state around the buggy address: [ 17.805526] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.805996] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.806507] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.807206] ^ [ 17.807529] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.807956] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.808323] ================================================================== [ 17.866126] ================================================================== [ 17.866484] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 17.867770] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.868013] [ 17.868142] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.868226] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.868250] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.868286] Call Trace: [ 17.868324] <TASK> [ 17.868359] dump_stack_lvl+0x73/0xb0 [ 17.868416] print_report+0xd1/0x650 [ 17.868454] ? __virt_addr_valid+0x1db/0x2d0 [ 17.868489] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.868523] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.868553] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.868603] kasan_report+0x141/0x180 [ 17.868627] ? kasan_atomics_helper+0x4f30/0x5450 [ 17.868653] __asan_report_load8_noabort+0x18/0x20 [ 17.868675] kasan_atomics_helper+0x4f30/0x5450 [ 17.868698] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.868721] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.868742] ? ret_from_fork_asm+0x1a/0x30 [ 17.868764] ? kasan_atomics+0x152/0x310 [ 17.868787] kasan_atomics+0x1dc/0x310 [ 17.868806] ? __pfx_kasan_atomics+0x10/0x10 [ 17.868827] ? __pfx_read_tsc+0x10/0x10 [ 17.868847] ? ktime_get_ts64+0x86/0x230 [ 17.868874] kunit_try_run_case+0x1a5/0x480 [ 17.868900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.868922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.868947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.868970] ? __kthread_parkme+0x82/0x180 [ 17.868992] ? preempt_count_sub+0x50/0x80 [ 17.869017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.869042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.869066] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.869088] kthread+0x337/0x6f0 [ 17.869106] ? trace_preempt_on+0x20/0xc0 [ 17.869130] ? __pfx_kthread+0x10/0x10 [ 17.869149] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.869170] ? calculate_sigpending+0x7b/0xa0 [ 17.869193] ? __pfx_kthread+0x10/0x10 [ 17.869214] ret_from_fork+0x41/0x80 [ 17.869234] ? __pfx_kthread+0x10/0x10 [ 17.869253] ret_from_fork_asm+0x1a/0x30 [ 17.869281] </TASK> [ 17.869295] [ 17.881584] Allocated by task 285: [ 17.882016] kasan_save_stack+0x45/0x70 [ 17.882260] kasan_save_track+0x18/0x40 [ 17.882542] kasan_save_alloc_info+0x3b/0x50 [ 17.882799] __kasan_kmalloc+0xb7/0xc0 [ 17.883362] __kmalloc_cache_noprof+0x189/0x420 [ 17.883590] kasan_atomics+0x95/0x310 [ 17.884049] kunit_try_run_case+0x1a5/0x480 [ 17.884514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.884859] kthread+0x337/0x6f0 [ 17.885016] ret_from_fork+0x41/0x80 [ 17.885300] ret_from_fork_asm+0x1a/0x30 [ 17.885519] [ 17.885688] The buggy address belongs to the object at ffff8881033b5600 [ 17.885688] which belongs to the cache kmalloc-64 of size 64 [ 17.886377] The buggy address is located 0 bytes to the right of [ 17.886377] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.887729] [ 17.888023] The buggy address belongs to the physical page: [ 17.888209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.888444] flags: 0x200000000000000(node=0|zone=2) [ 17.888645] page_type: f5(slab) [ 17.889522] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.889782] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.890534] page dumped because: kasan: bad access detected [ 17.890939] [ 17.891075] Memory state around the buggy address: [ 17.891346] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.891792] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.892439] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.893066] ^ [ 17.893243] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.893439] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.894310] ================================================================== [ 17.726208] ================================================================== [ 17.727002] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 17.727513] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.728352] [ 17.728521] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.728631] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.728659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.728701] Call Trace: [ 17.728742] <TASK> [ 17.728784] dump_stack_lvl+0x73/0xb0 [ 17.728851] print_report+0xd1/0x650 [ 17.728900] ? __virt_addr_valid+0x1db/0x2d0 [ 17.728945] ? kasan_atomics_helper+0x194a/0x5450 [ 17.728987] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.729035] ? kasan_atomics_helper+0x194a/0x5450 [ 17.729074] kasan_report+0x141/0x180 [ 17.729100] ? kasan_atomics_helper+0x194a/0x5450 [ 17.729127] kasan_check_range+0x10c/0x1c0 [ 17.729148] __kasan_check_write+0x18/0x20 [ 17.729169] kasan_atomics_helper+0x194a/0x5450 [ 17.729201] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.729239] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.729264] ? ret_from_fork_asm+0x1a/0x30 [ 17.729288] ? kasan_atomics+0x152/0x310 [ 17.729312] kasan_atomics+0x1dc/0x310 [ 17.729332] ? __pfx_kasan_atomics+0x10/0x10 [ 17.729354] ? __pfx_read_tsc+0x10/0x10 [ 17.729377] ? ktime_get_ts64+0x86/0x230 [ 17.729405] kunit_try_run_case+0x1a5/0x480 [ 17.729432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.729456] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.729483] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.729507] ? __kthread_parkme+0x82/0x180 [ 17.729530] ? preempt_count_sub+0x50/0x80 [ 17.729556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.729602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.729627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.729654] kthread+0x337/0x6f0 [ 17.729684] ? trace_preempt_on+0x20/0xc0 [ 17.729712] ? __pfx_kthread+0x10/0x10 [ 17.729731] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.729754] ? calculate_sigpending+0x7b/0xa0 [ 17.729777] ? __pfx_kthread+0x10/0x10 [ 17.729796] ret_from_fork+0x41/0x80 [ 17.729818] ? __pfx_kthread+0x10/0x10 [ 17.729837] ret_from_fork_asm+0x1a/0x30 [ 17.729867] </TASK> [ 17.729881] [ 17.743892] Allocated by task 285: [ 17.744134] kasan_save_stack+0x45/0x70 [ 17.744343] kasan_save_track+0x18/0x40 [ 17.744523] kasan_save_alloc_info+0x3b/0x50 [ 17.745410] __kasan_kmalloc+0xb7/0xc0 [ 17.745600] __kmalloc_cache_noprof+0x189/0x420 [ 17.746107] kasan_atomics+0x95/0x310 [ 17.746388] kunit_try_run_case+0x1a5/0x480 [ 17.746896] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.747203] kthread+0x337/0x6f0 [ 17.747491] ret_from_fork+0x41/0x80 [ 17.747756] ret_from_fork_asm+0x1a/0x30 [ 17.748300] [ 17.748398] The buggy address belongs to the object at ffff8881033b5600 [ 17.748398] which belongs to the cache kmalloc-64 of size 64 [ 17.749147] The buggy address is located 0 bytes to the right of [ 17.749147] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.750064] [ 17.750233] The buggy address belongs to the physical page: [ 17.750527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.751541] flags: 0x200000000000000(node=0|zone=2) [ 17.751852] page_type: f5(slab) [ 17.752030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.752582] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.753259] page dumped because: kasan: bad access detected [ 17.753798] [ 17.753929] Memory state around the buggy address: [ 17.754450] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.754771] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.755375] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.755960] ^ [ 17.756327] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.756626] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.757235] ================================================================== [ 17.949194] ================================================================== [ 17.950431] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 17.951012] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.951548] [ 17.952509] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.952636] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.952663] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.952894] Call Trace: [ 17.952940] <TASK> [ 17.952989] dump_stack_lvl+0x73/0xb0 [ 17.953037] print_report+0xd1/0x650 [ 17.953064] ? __virt_addr_valid+0x1db/0x2d0 [ 17.953090] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.953113] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.953137] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.953159] kasan_report+0x141/0x180 [ 17.953182] ? kasan_atomics_helper+0x1e12/0x5450 [ 17.953208] kasan_check_range+0x10c/0x1c0 [ 17.953229] __kasan_check_write+0x18/0x20 [ 17.953250] kasan_atomics_helper+0x1e12/0x5450 [ 17.953273] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.953297] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.953319] ? ret_from_fork_asm+0x1a/0x30 [ 17.953341] ? kasan_atomics+0x152/0x310 [ 17.953364] kasan_atomics+0x1dc/0x310 [ 17.953383] ? __pfx_kasan_atomics+0x10/0x10 [ 17.953404] ? __pfx_read_tsc+0x10/0x10 [ 17.953425] ? ktime_get_ts64+0x86/0x230 [ 17.953451] kunit_try_run_case+0x1a5/0x480 [ 17.953476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.953499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.953524] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.953547] ? __kthread_parkme+0x82/0x180 [ 17.953591] ? preempt_count_sub+0x50/0x80 [ 17.953620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.953645] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.953681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.953711] kthread+0x337/0x6f0 [ 17.953730] ? trace_preempt_on+0x20/0xc0 [ 17.953756] ? __pfx_kthread+0x10/0x10 [ 17.953775] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.953797] ? calculate_sigpending+0x7b/0xa0 [ 17.953820] ? __pfx_kthread+0x10/0x10 [ 17.953839] ret_from_fork+0x41/0x80 [ 17.953861] ? __pfx_kthread+0x10/0x10 [ 17.953879] ret_from_fork_asm+0x1a/0x30 [ 17.953908] </TASK> [ 17.953922] [ 17.964388] Allocated by task 285: [ 17.964576] kasan_save_stack+0x45/0x70 [ 17.964757] kasan_save_track+0x18/0x40 [ 17.964933] kasan_save_alloc_info+0x3b/0x50 [ 17.965267] __kasan_kmalloc+0xb7/0xc0 [ 17.965577] __kmalloc_cache_noprof+0x189/0x420 [ 17.965922] kasan_atomics+0x95/0x310 [ 17.966126] kunit_try_run_case+0x1a5/0x480 [ 17.966287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.966467] kthread+0x337/0x6f0 [ 17.966664] ret_from_fork+0x41/0x80 [ 17.967106] ret_from_fork_asm+0x1a/0x30 [ 17.967337] [ 17.967460] The buggy address belongs to the object at ffff8881033b5600 [ 17.967460] which belongs to the cache kmalloc-64 of size 64 [ 17.967926] The buggy address is located 0 bytes to the right of [ 17.967926] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.970468] [ 17.970618] The buggy address belongs to the physical page: [ 17.970995] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.971281] flags: 0x200000000000000(node=0|zone=2) [ 17.971495] page_type: f5(slab) [ 17.972166] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.972749] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.973040] page dumped because: kasan: bad access detected [ 17.974267] [ 17.974486] Memory state around the buggy address: [ 17.975432] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.975753] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.976208] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.976992] ^ [ 17.977282] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.977512] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.978126] ================================================================== [ 18.011469] ================================================================== [ 18.012114] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 18.012580] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.013277] [ 18.013444] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.013519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.013541] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.013584] Call Trace: [ 18.013622] <TASK> [ 18.013656] dump_stack_lvl+0x73/0xb0 [ 18.013716] print_report+0xd1/0x650 [ 18.013759] ? __virt_addr_valid+0x1db/0x2d0 [ 18.013801] ? kasan_atomics_helper+0x1f43/0x5450 [ 18.013846] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.013894] ? kasan_atomics_helper+0x1f43/0x5450 [ 18.013935] kasan_report+0x141/0x180 [ 18.013997] ? kasan_atomics_helper+0x1f43/0x5450 [ 18.014044] kasan_check_range+0x10c/0x1c0 [ 18.014085] __kasan_check_write+0x18/0x20 [ 18.014127] kasan_atomics_helper+0x1f43/0x5450 [ 18.014177] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.014224] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.014270] ? ret_from_fork_asm+0x1a/0x30 [ 18.014318] ? kasan_atomics+0x152/0x310 [ 18.014367] kasan_atomics+0x1dc/0x310 [ 18.014412] ? __pfx_kasan_atomics+0x10/0x10 [ 18.014458] ? __pfx_read_tsc+0x10/0x10 [ 18.014500] ? ktime_get_ts64+0x86/0x230 [ 18.014544] kunit_try_run_case+0x1a5/0x480 [ 18.014599] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.014642] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.014686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.014750] ? __kthread_parkme+0x82/0x180 [ 18.014797] ? preempt_count_sub+0x50/0x80 [ 18.014853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.014902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.014951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.015016] kthread+0x337/0x6f0 [ 18.015060] ? trace_preempt_on+0x20/0xc0 [ 18.015110] ? __pfx_kthread+0x10/0x10 [ 18.015155] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.015202] ? calculate_sigpending+0x7b/0xa0 [ 18.015251] ? __pfx_kthread+0x10/0x10 [ 18.015297] ret_from_fork+0x41/0x80 [ 18.015339] ? __pfx_kthread+0x10/0x10 [ 18.015376] ret_from_fork_asm+0x1a/0x30 [ 18.015440] </TASK> [ 18.015471] [ 18.025405] Allocated by task 285: [ 18.025632] kasan_save_stack+0x45/0x70 [ 18.025835] kasan_save_track+0x18/0x40 [ 18.025976] kasan_save_alloc_info+0x3b/0x50 [ 18.026124] __kasan_kmalloc+0xb7/0xc0 [ 18.026267] __kmalloc_cache_noprof+0x189/0x420 [ 18.026418] kasan_atomics+0x95/0x310 [ 18.026551] kunit_try_run_case+0x1a5/0x480 [ 18.028259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.028808] kthread+0x337/0x6f0 [ 18.029014] ret_from_fork+0x41/0x80 [ 18.029195] ret_from_fork_asm+0x1a/0x30 [ 18.029380] [ 18.029494] The buggy address belongs to the object at ffff8881033b5600 [ 18.029494] which belongs to the cache kmalloc-64 of size 64 [ 18.030610] The buggy address is located 0 bytes to the right of [ 18.030610] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.031157] [ 18.031700] The buggy address belongs to the physical page: [ 18.031895] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.032131] flags: 0x200000000000000(node=0|zone=2) [ 18.032303] page_type: f5(slab) [ 18.032435] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.033202] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.033637] page dumped because: kasan: bad access detected [ 18.034069] [ 18.034289] Memory state around the buggy address: [ 18.034683] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.035216] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.035516] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.036006] ^ [ 18.036211] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.036721] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.037015] ================================================================== [ 18.061652] ================================================================== [ 18.062349] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 18.063027] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.063580] [ 18.063833] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.063943] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.063976] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.064028] Call Trace: [ 18.064074] <TASK> [ 18.064117] dump_stack_lvl+0x73/0xb0 [ 18.064188] print_report+0xd1/0x650 [ 18.064242] ? __virt_addr_valid+0x1db/0x2d0 [ 18.064294] ? kasan_atomics_helper+0x2006/0x5450 [ 18.064345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.064395] ? kasan_atomics_helper+0x2006/0x5450 [ 18.064443] kasan_report+0x141/0x180 [ 18.064494] ? kasan_atomics_helper+0x2006/0x5450 [ 18.064552] kasan_check_range+0x10c/0x1c0 [ 18.065336] __kasan_check_write+0x18/0x20 [ 18.066077] kasan_atomics_helper+0x2006/0x5450 [ 18.066174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.066230] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.066283] ? ret_from_fork_asm+0x1a/0x30 [ 18.066331] ? kasan_atomics+0x152/0x310 [ 18.066385] kasan_atomics+0x1dc/0x310 [ 18.066430] ? __pfx_kasan_atomics+0x10/0x10 [ 18.066480] ? __pfx_read_tsc+0x10/0x10 [ 18.066523] ? ktime_get_ts64+0x86/0x230 [ 18.066589] kunit_try_run_case+0x1a5/0x480 [ 18.066647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.066689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.066740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.066780] ? __kthread_parkme+0x82/0x180 [ 18.066807] ? preempt_count_sub+0x50/0x80 [ 18.066834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.066859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.066883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.066907] kthread+0x337/0x6f0 [ 18.066925] ? trace_preempt_on+0x20/0xc0 [ 18.066950] ? __pfx_kthread+0x10/0x10 [ 18.066969] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.066991] ? calculate_sigpending+0x7b/0xa0 [ 18.067014] ? __pfx_kthread+0x10/0x10 [ 18.067034] ret_from_fork+0x41/0x80 [ 18.067056] ? __pfx_kthread+0x10/0x10 [ 18.067076] ret_from_fork_asm+0x1a/0x30 [ 18.067106] </TASK> [ 18.067121] [ 18.076550] Allocated by task 285: [ 18.076840] kasan_save_stack+0x45/0x70 [ 18.077054] kasan_save_track+0x18/0x40 [ 18.077237] kasan_save_alloc_info+0x3b/0x50 [ 18.077429] __kasan_kmalloc+0xb7/0xc0 [ 18.077704] __kmalloc_cache_noprof+0x189/0x420 [ 18.078040] kasan_atomics+0x95/0x310 [ 18.078336] kunit_try_run_case+0x1a5/0x480 [ 18.078816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.079238] kthread+0x337/0x6f0 [ 18.079489] ret_from_fork+0x41/0x80 [ 18.079689] ret_from_fork_asm+0x1a/0x30 [ 18.079995] [ 18.080169] The buggy address belongs to the object at ffff8881033b5600 [ 18.080169] which belongs to the cache kmalloc-64 of size 64 [ 18.080897] The buggy address is located 0 bytes to the right of [ 18.080897] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.081446] [ 18.081605] The buggy address belongs to the physical page: [ 18.082148] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.082436] flags: 0x200000000000000(node=0|zone=2) [ 18.082792] page_type: f5(slab) [ 18.083067] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.083589] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.084177] page dumped because: kasan: bad access detected [ 18.084611] [ 18.084738] Memory state around the buggy address: [ 18.084994] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.085453] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.085863] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.086199] ^ [ 18.086500] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.086975] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.087265] ================================================================== [ 16.638902] ================================================================== [ 16.639487] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 16.640044] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.640362] [ 16.641764] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.642717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.642756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.642803] Call Trace: [ 16.642845] <TASK> [ 16.642881] dump_stack_lvl+0x73/0xb0 [ 16.642949] print_report+0xd1/0x650 [ 16.643000] ? __virt_addr_valid+0x1db/0x2d0 [ 16.643042] ? kasan_atomics_helper+0x697/0x5450 [ 16.643085] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.643138] ? kasan_atomics_helper+0x697/0x5450 [ 16.643188] kasan_report+0x141/0x180 [ 16.643236] ? kasan_atomics_helper+0x697/0x5450 [ 16.643288] kasan_check_range+0x10c/0x1c0 [ 16.643328] __kasan_check_write+0x18/0x20 [ 16.643370] kasan_atomics_helper+0x697/0x5450 [ 16.643417] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.643465] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.643507] ? ret_from_fork_asm+0x1a/0x30 [ 16.643552] ? kasan_atomics+0x152/0x310 [ 16.644133] kasan_atomics+0x1dc/0x310 [ 16.644226] ? __pfx_kasan_atomics+0x10/0x10 [ 16.644273] ? __pfx_read_tsc+0x10/0x10 [ 16.644308] ? ktime_get_ts64+0x86/0x230 [ 16.644349] kunit_try_run_case+0x1a5/0x480 [ 16.644392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.644431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.644480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.644520] ? __kthread_parkme+0x82/0x180 [ 16.644552] ? preempt_count_sub+0x50/0x80 [ 16.644607] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.644652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.644692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.644735] kthread+0x337/0x6f0 [ 16.644769] ? trace_preempt_on+0x20/0xc0 [ 16.644811] ? __pfx_kthread+0x10/0x10 [ 16.644846] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.644885] ? calculate_sigpending+0x7b/0xa0 [ 16.644927] ? __pfx_kthread+0x10/0x10 [ 16.644961] ret_from_fork+0x41/0x80 [ 16.644999] ? __pfx_kthread+0x10/0x10 [ 16.645034] ret_from_fork_asm+0x1a/0x30 [ 16.645090] </TASK> [ 16.645114] [ 16.665102] Allocated by task 285: [ 16.665499] kasan_save_stack+0x45/0x70 [ 16.665905] kasan_save_track+0x18/0x40 [ 16.666300] kasan_save_alloc_info+0x3b/0x50 [ 16.666528] __kasan_kmalloc+0xb7/0xc0 [ 16.666851] __kmalloc_cache_noprof+0x189/0x420 [ 16.667139] kasan_atomics+0x95/0x310 [ 16.667524] kunit_try_run_case+0x1a5/0x480 [ 16.667849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.668433] kthread+0x337/0x6f0 [ 16.668682] ret_from_fork+0x41/0x80 [ 16.668870] ret_from_fork_asm+0x1a/0x30 [ 16.669210] [ 16.669752] The buggy address belongs to the object at ffff8881033b5600 [ 16.669752] which belongs to the cache kmalloc-64 of size 64 [ 16.670327] The buggy address is located 0 bytes to the right of [ 16.670327] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.672023] [ 16.672172] The buggy address belongs to the physical page: [ 16.672404] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.673236] flags: 0x200000000000000(node=0|zone=2) [ 16.673498] page_type: f5(slab) [ 16.673663] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.674492] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.674982] page dumped because: kasan: bad access detected [ 16.675183] [ 16.675278] Memory state around the buggy address: [ 16.675450] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.676308] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.676752] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.677930] ^ [ 16.678256] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.678695] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.679385] ================================================================== [ 17.658810] ================================================================== [ 17.659172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 17.659789] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.660172] [ 17.660759] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.660846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.660875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.660918] Call Trace: [ 17.660979] <TASK> [ 17.661005] dump_stack_lvl+0x73/0xb0 [ 17.661057] print_report+0xd1/0x650 [ 17.661086] ? __virt_addr_valid+0x1db/0x2d0 [ 17.661125] ? kasan_atomics_helper+0x1818/0x5450 [ 17.661153] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.661178] ? kasan_atomics_helper+0x1818/0x5450 [ 17.661201] kasan_report+0x141/0x180 [ 17.661225] ? kasan_atomics_helper+0x1818/0x5450 [ 17.661252] kasan_check_range+0x10c/0x1c0 [ 17.661274] __kasan_check_write+0x18/0x20 [ 17.661295] kasan_atomics_helper+0x1818/0x5450 [ 17.661319] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.661343] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.661366] ? ret_from_fork_asm+0x1a/0x30 [ 17.661390] ? kasan_atomics+0x152/0x310 [ 17.661413] kasan_atomics+0x1dc/0x310 [ 17.661434] ? __pfx_kasan_atomics+0x10/0x10 [ 17.661456] ? __pfx_read_tsc+0x10/0x10 [ 17.661477] ? ktime_get_ts64+0x86/0x230 [ 17.661504] kunit_try_run_case+0x1a5/0x480 [ 17.661532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.661571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.661615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.661657] ? __kthread_parkme+0x82/0x180 [ 17.661700] ? preempt_count_sub+0x50/0x80 [ 17.661753] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.661788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.661814] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.661840] kthread+0x337/0x6f0 [ 17.661860] ? trace_preempt_on+0x20/0xc0 [ 17.661886] ? __pfx_kthread+0x10/0x10 [ 17.661907] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.661930] ? calculate_sigpending+0x7b/0xa0 [ 17.661954] ? __pfx_kthread+0x10/0x10 [ 17.661974] ret_from_fork+0x41/0x80 [ 17.661997] ? __pfx_kthread+0x10/0x10 [ 17.662017] ret_from_fork_asm+0x1a/0x30 [ 17.662048] </TASK> [ 17.662064] [ 17.673733] Allocated by task 285: [ 17.674052] kasan_save_stack+0x45/0x70 [ 17.674289] kasan_save_track+0x18/0x40 [ 17.674434] kasan_save_alloc_info+0x3b/0x50 [ 17.674603] __kasan_kmalloc+0xb7/0xc0 [ 17.674757] __kmalloc_cache_noprof+0x189/0x420 [ 17.674953] kasan_atomics+0x95/0x310 [ 17.675142] kunit_try_run_case+0x1a5/0x480 [ 17.675501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.676017] kthread+0x337/0x6f0 [ 17.676309] ret_from_fork+0x41/0x80 [ 17.676633] ret_from_fork_asm+0x1a/0x30 [ 17.677163] [ 17.677695] The buggy address belongs to the object at ffff8881033b5600 [ 17.677695] which belongs to the cache kmalloc-64 of size 64 [ 17.679194] The buggy address is located 0 bytes to the right of [ 17.679194] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.679921] [ 17.680036] The buggy address belongs to the physical page: [ 17.680215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.680460] flags: 0x200000000000000(node=0|zone=2) [ 17.681449] page_type: f5(slab) [ 17.681687] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.681923] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.682633] page dumped because: kasan: bad access detected [ 17.683074] [ 17.683411] Memory state around the buggy address: [ 17.684010] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.684367] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.684605] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.685139] ^ [ 17.685331] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.685543] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.685769] ================================================================== [ 16.436875] ================================================================== [ 16.437201] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 16.437370] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.437672] [ 16.437895] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.437953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.437968] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.438221] Call Trace: [ 16.438250] <TASK> [ 16.438274] dump_stack_lvl+0x73/0xb0 [ 16.438310] print_report+0xd1/0x650 [ 16.438336] ? __virt_addr_valid+0x1db/0x2d0 [ 16.438361] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.438384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.438408] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.438431] kasan_report+0x141/0x180 [ 16.438455] ? kasan_atomics_helper+0x4b6e/0x5450 [ 16.438482] __asan_report_store4_noabort+0x1b/0x30 [ 16.438504] kasan_atomics_helper+0x4b6e/0x5450 [ 16.438528] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.438553] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.438596] ? ret_from_fork_asm+0x1a/0x30 [ 16.438621] ? kasan_atomics+0x152/0x310 [ 16.438646] kasan_atomics+0x1dc/0x310 [ 16.438668] ? __pfx_kasan_atomics+0x10/0x10 [ 16.438691] ? __pfx_read_tsc+0x10/0x10 [ 16.438712] ? ktime_get_ts64+0x86/0x230 [ 16.438741] kunit_try_run_case+0x1a5/0x480 [ 16.438768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.438792] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.438818] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.438843] ? __kthread_parkme+0x82/0x180 [ 16.438868] ? preempt_count_sub+0x50/0x80 [ 16.438895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.438921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.438946] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.438971] kthread+0x337/0x6f0 [ 16.438990] ? trace_preempt_on+0x20/0xc0 [ 16.439016] ? __pfx_kthread+0x10/0x10 [ 16.439036] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.439059] ? calculate_sigpending+0x7b/0xa0 [ 16.439084] ? __pfx_kthread+0x10/0x10 [ 16.439105] ret_from_fork+0x41/0x80 [ 16.439128] ? __pfx_kthread+0x10/0x10 [ 16.439159] ret_from_fork_asm+0x1a/0x30 [ 16.439194] </TASK> [ 16.439218] [ 16.447795] Allocated by task 285: [ 16.447964] kasan_save_stack+0x45/0x70 [ 16.448112] kasan_save_track+0x18/0x40 [ 16.448245] kasan_save_alloc_info+0x3b/0x50 [ 16.448377] __kasan_kmalloc+0xb7/0xc0 [ 16.448508] __kmalloc_cache_noprof+0x189/0x420 [ 16.449700] kasan_atomics+0x95/0x310 [ 16.449829] kunit_try_run_case+0x1a5/0x480 [ 16.450028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.450336] kthread+0x337/0x6f0 [ 16.450463] ret_from_fork+0x41/0x80 [ 16.450607] ret_from_fork_asm+0x1a/0x30 [ 16.451257] [ 16.451358] The buggy address belongs to the object at ffff8881033b5600 [ 16.451358] which belongs to the cache kmalloc-64 of size 64 [ 16.451757] The buggy address is located 0 bytes to the right of [ 16.451757] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.453172] [ 16.453268] The buggy address belongs to the physical page: [ 16.453423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.453660] flags: 0x200000000000000(node=0|zone=2) [ 16.453952] page_type: f5(slab) [ 16.454053] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.454772] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.454986] page dumped because: kasan: bad access detected [ 16.455165] [ 16.455249] Memory state around the buggy address: [ 16.455411] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.455630] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.456763] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.457190] ^ [ 16.457382] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.457632] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.457870] ================================================================== [ 16.484996] ================================================================== [ 16.485536] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 16.485938] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.486580] [ 16.486800] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.486867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.486884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.486911] Call Trace: [ 16.486937] <TASK> [ 16.487107] dump_stack_lvl+0x73/0xb0 [ 16.487166] print_report+0xd1/0x650 [ 16.487198] ? __virt_addr_valid+0x1db/0x2d0 [ 16.487228] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.487255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.487281] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.487306] kasan_report+0x141/0x180 [ 16.487333] ? kasan_atomics_helper+0x4b54/0x5450 [ 16.487364] __asan_report_load4_noabort+0x18/0x20 [ 16.487387] kasan_atomics_helper+0x4b54/0x5450 [ 16.487412] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.487437] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.487461] ? ret_from_fork_asm+0x1a/0x30 [ 16.487484] ? kasan_atomics+0x152/0x310 [ 16.487509] kasan_atomics+0x1dc/0x310 [ 16.487530] ? __pfx_kasan_atomics+0x10/0x10 [ 16.487553] ? __pfx_read_tsc+0x10/0x10 [ 16.487590] ? ktime_get_ts64+0x86/0x230 [ 16.487620] kunit_try_run_case+0x1a5/0x480 [ 16.487649] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.487673] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.487699] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.487723] ? __kthread_parkme+0x82/0x180 [ 16.487746] ? preempt_count_sub+0x50/0x80 [ 16.487773] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.487798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.487822] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.487847] kthread+0x337/0x6f0 [ 16.487866] ? trace_preempt_on+0x20/0xc0 [ 16.487892] ? __pfx_kthread+0x10/0x10 [ 16.487912] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.487935] ? calculate_sigpending+0x7b/0xa0 [ 16.487959] ? __pfx_kthread+0x10/0x10 [ 16.487979] ret_from_fork+0x41/0x80 [ 16.488002] ? __pfx_kthread+0x10/0x10 [ 16.488021] ret_from_fork_asm+0x1a/0x30 [ 16.488056] </TASK> [ 16.488071] [ 16.497986] Allocated by task 285: [ 16.498125] kasan_save_stack+0x45/0x70 [ 16.498611] kasan_save_track+0x18/0x40 [ 16.499045] kasan_save_alloc_info+0x3b/0x50 [ 16.499336] __kasan_kmalloc+0xb7/0xc0 [ 16.499599] __kmalloc_cache_noprof+0x189/0x420 [ 16.500541] kasan_atomics+0x95/0x310 [ 16.500957] kunit_try_run_case+0x1a5/0x480 [ 16.501260] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.501389] kthread+0x337/0x6f0 [ 16.501996] ret_from_fork+0x41/0x80 [ 16.502144] ret_from_fork_asm+0x1a/0x30 [ 16.502264] [ 16.502345] The buggy address belongs to the object at ffff8881033b5600 [ 16.502345] which belongs to the cache kmalloc-64 of size 64 [ 16.504026] The buggy address is located 0 bytes to the right of [ 16.504026] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.504340] [ 16.504443] The buggy address belongs to the physical page: [ 16.504709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.505374] flags: 0x200000000000000(node=0|zone=2) [ 16.505577] page_type: f5(slab) [ 16.505860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.506397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.507038] page dumped because: kasan: bad access detected [ 16.507183] [ 16.507319] Memory state around the buggy address: [ 16.507649] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.508120] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.508874] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.509288] ^ [ 16.509701] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.509968] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.510554] ================================================================== [ 17.006616] ================================================================== [ 17.007606] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 17.008179] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.008720] [ 17.008964] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.009117] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.009148] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.009194] Call Trace: [ 17.009238] <TASK> [ 17.009276] dump_stack_lvl+0x73/0xb0 [ 17.009346] print_report+0xd1/0x650 [ 17.009399] ? __virt_addr_valid+0x1db/0x2d0 [ 17.009447] ? kasan_atomics_helper+0xd47/0x5450 [ 17.009496] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.009546] ? kasan_atomics_helper+0xd47/0x5450 [ 17.009599] kasan_report+0x141/0x180 [ 17.009643] ? kasan_atomics_helper+0xd47/0x5450 [ 17.009687] kasan_check_range+0x10c/0x1c0 [ 17.009727] __kasan_check_write+0x18/0x20 [ 17.009766] kasan_atomics_helper+0xd47/0x5450 [ 17.009841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.009925] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.009975] ? ret_from_fork_asm+0x1a/0x30 [ 17.010060] ? kasan_atomics+0x152/0x310 [ 17.010119] kasan_atomics+0x1dc/0x310 [ 17.010161] ? __pfx_kasan_atomics+0x10/0x10 [ 17.010209] ? __pfx_read_tsc+0x10/0x10 [ 17.010248] ? ktime_get_ts64+0x86/0x230 [ 17.010301] kunit_try_run_case+0x1a5/0x480 [ 17.010380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.010441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.010494] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.010545] ? __kthread_parkme+0x82/0x180 [ 17.010603] ? preempt_count_sub+0x50/0x80 [ 17.010657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.010724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.010771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.010842] kthread+0x337/0x6f0 [ 17.010892] ? trace_preempt_on+0x20/0xc0 [ 17.010943] ? __pfx_kthread+0x10/0x10 [ 17.010985] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.011032] ? calculate_sigpending+0x7b/0xa0 [ 17.011076] ? __pfx_kthread+0x10/0x10 [ 17.011118] ret_from_fork+0x41/0x80 [ 17.011171] ? __pfx_kthread+0x10/0x10 [ 17.011199] ret_from_fork_asm+0x1a/0x30 [ 17.011230] </TASK> [ 17.011247] [ 17.021801] Allocated by task 285: [ 17.022018] kasan_save_stack+0x45/0x70 [ 17.022379] kasan_save_track+0x18/0x40 [ 17.022594] kasan_save_alloc_info+0x3b/0x50 [ 17.022941] __kasan_kmalloc+0xb7/0xc0 [ 17.023247] __kmalloc_cache_noprof+0x189/0x420 [ 17.023521] kasan_atomics+0x95/0x310 [ 17.023746] kunit_try_run_case+0x1a5/0x480 [ 17.024188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.024617] kthread+0x337/0x6f0 [ 17.024851] ret_from_fork+0x41/0x80 [ 17.025034] ret_from_fork_asm+0x1a/0x30 [ 17.025219] [ 17.025330] The buggy address belongs to the object at ffff8881033b5600 [ 17.025330] which belongs to the cache kmalloc-64 of size 64 [ 17.025878] The buggy address is located 0 bytes to the right of [ 17.025878] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.026692] [ 17.026938] The buggy address belongs to the physical page: [ 17.027412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.028131] flags: 0x200000000000000(node=0|zone=2) [ 17.028422] page_type: f5(slab) [ 17.028727] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.029197] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.029668] page dumped because: kasan: bad access detected [ 17.029989] [ 17.030108] Memory state around the buggy address: [ 17.030468] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.030727] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.030976] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.031233] ^ [ 17.031434] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032005] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.032547] ================================================================== [ 18.259807] ================================================================== [ 18.260505] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 18.261211] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.261439] [ 18.261554] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.261618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.261635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.261664] Call Trace: [ 18.261878] <TASK> [ 18.261922] dump_stack_lvl+0x73/0xb0 [ 18.261987] print_report+0xd1/0x650 [ 18.262016] ? __virt_addr_valid+0x1db/0x2d0 [ 18.262041] ? kasan_atomics_helper+0x5115/0x5450 [ 18.262064] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.262089] ? kasan_atomics_helper+0x5115/0x5450 [ 18.262114] kasan_report+0x141/0x180 [ 18.262138] ? kasan_atomics_helper+0x5115/0x5450 [ 18.262166] __asan_report_load8_noabort+0x18/0x20 [ 18.262189] kasan_atomics_helper+0x5115/0x5450 [ 18.262215] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.262238] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.262261] ? ret_from_fork_asm+0x1a/0x30 [ 18.262284] ? kasan_atomics+0x152/0x310 [ 18.262307] kasan_atomics+0x1dc/0x310 [ 18.262328] ? __pfx_kasan_atomics+0x10/0x10 [ 18.262350] ? __pfx_read_tsc+0x10/0x10 [ 18.262373] ? ktime_get_ts64+0x86/0x230 [ 18.262401] kunit_try_run_case+0x1a5/0x480 [ 18.262428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.262453] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.262478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.262503] ? __kthread_parkme+0x82/0x180 [ 18.262527] ? preempt_count_sub+0x50/0x80 [ 18.262554] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.262613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.262660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.262701] kthread+0x337/0x6f0 [ 18.262738] ? trace_preempt_on+0x20/0xc0 [ 18.262786] ? __pfx_kthread+0x10/0x10 [ 18.262862] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.262900] ? calculate_sigpending+0x7b/0xa0 [ 18.262944] ? __pfx_kthread+0x10/0x10 [ 18.262985] ret_from_fork+0x41/0x80 [ 18.263033] ? __pfx_kthread+0x10/0x10 [ 18.263077] ret_from_fork_asm+0x1a/0x30 [ 18.263143] </TASK> [ 18.263174] [ 18.275082] Allocated by task 285: [ 18.275285] kasan_save_stack+0x45/0x70 [ 18.275441] kasan_save_track+0x18/0x40 [ 18.275589] kasan_save_alloc_info+0x3b/0x50 [ 18.275751] __kasan_kmalloc+0xb7/0xc0 [ 18.275925] __kmalloc_cache_noprof+0x189/0x420 [ 18.276286] kasan_atomics+0x95/0x310 [ 18.276590] kunit_try_run_case+0x1a5/0x480 [ 18.276993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.277217] kthread+0x337/0x6f0 [ 18.277390] ret_from_fork+0x41/0x80 [ 18.277575] ret_from_fork_asm+0x1a/0x30 [ 18.277878] [ 18.278060] The buggy address belongs to the object at ffff8881033b5600 [ 18.278060] which belongs to the cache kmalloc-64 of size 64 [ 18.279779] The buggy address is located 0 bytes to the right of [ 18.279779] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.280230] [ 18.280498] The buggy address belongs to the physical page: [ 18.280690] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.281492] flags: 0x200000000000000(node=0|zone=2) [ 18.281922] page_type: f5(slab) [ 18.282308] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.282648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.283226] page dumped because: kasan: bad access detected [ 18.283748] [ 18.283911] Memory state around the buggy address: [ 18.284316] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.284743] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.285327] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.285769] ^ [ 18.286213] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.286534] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.287239] ================================================================== [ 16.715929] ================================================================== [ 16.717206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 16.717724] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.718639] [ 16.719178] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.719270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.719296] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.719339] Call Trace: [ 16.719601] <TASK> [ 16.719647] dump_stack_lvl+0x73/0xb0 [ 16.719706] print_report+0xd1/0x650 [ 16.719736] ? __virt_addr_valid+0x1db/0x2d0 [ 16.719760] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.719784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.719808] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.719831] kasan_report+0x141/0x180 [ 16.719855] ? kasan_atomics_helper+0x7c7/0x5450 [ 16.719883] kasan_check_range+0x10c/0x1c0 [ 16.719903] __kasan_check_write+0x18/0x20 [ 16.719925] kasan_atomics_helper+0x7c7/0x5450 [ 16.719950] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.719973] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.719996] ? ret_from_fork_asm+0x1a/0x30 [ 16.720019] ? kasan_atomics+0x152/0x310 [ 16.720043] kasan_atomics+0x1dc/0x310 [ 16.720063] ? __pfx_kasan_atomics+0x10/0x10 [ 16.720085] ? __pfx_read_tsc+0x10/0x10 [ 16.720107] ? ktime_get_ts64+0x86/0x230 [ 16.720133] kunit_try_run_case+0x1a5/0x480 [ 16.720160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.720183] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.720208] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.720232] ? __kthread_parkme+0x82/0x180 [ 16.720256] ? preempt_count_sub+0x50/0x80 [ 16.720282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.720307] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.720331] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.720355] kthread+0x337/0x6f0 [ 16.720373] ? trace_preempt_on+0x20/0xc0 [ 16.720399] ? __pfx_kthread+0x10/0x10 [ 16.720418] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.720440] ? calculate_sigpending+0x7b/0xa0 [ 16.720463] ? __pfx_kthread+0x10/0x10 [ 16.720483] ret_from_fork+0x41/0x80 [ 16.720506] ? __pfx_kthread+0x10/0x10 [ 16.720525] ret_from_fork_asm+0x1a/0x30 [ 16.720556] </TASK> [ 16.720588] [ 16.732006] Allocated by task 285: [ 16.732191] kasan_save_stack+0x45/0x70 [ 16.732368] kasan_save_track+0x18/0x40 [ 16.732518] kasan_save_alloc_info+0x3b/0x50 [ 16.734062] __kasan_kmalloc+0xb7/0xc0 [ 16.734266] __kmalloc_cache_noprof+0x189/0x420 [ 16.734434] kasan_atomics+0x95/0x310 [ 16.734586] kunit_try_run_case+0x1a5/0x480 [ 16.735392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.735635] kthread+0x337/0x6f0 [ 16.735999] ret_from_fork+0x41/0x80 [ 16.736733] ret_from_fork_asm+0x1a/0x30 [ 16.737234] [ 16.737339] The buggy address belongs to the object at ffff8881033b5600 [ 16.737339] which belongs to the cache kmalloc-64 of size 64 [ 16.738980] The buggy address is located 0 bytes to the right of [ 16.738980] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.739536] [ 16.739870] The buggy address belongs to the physical page: [ 16.740143] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.740641] flags: 0x200000000000000(node=0|zone=2) [ 16.741416] page_type: f5(slab) [ 16.741725] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.742345] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.743255] page dumped because: kasan: bad access detected [ 16.743491] [ 16.743607] Memory state around the buggy address: [ 16.744105] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.744354] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.744603] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.745150] ^ [ 16.745346] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.745587] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.747496] ================================================================== [ 16.611402] ================================================================== [ 16.611811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 16.612259] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.612848] [ 16.613097] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.613228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.613258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.613302] Call Trace: [ 16.613344] <TASK> [ 16.613386] dump_stack_lvl+0x73/0xb0 [ 16.613447] print_report+0xd1/0x650 [ 16.613499] ? __virt_addr_valid+0x1db/0x2d0 [ 16.613543] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.613644] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.613697] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.613734] kasan_report+0x141/0x180 [ 16.613779] ? kasan_atomics_helper+0x5fe/0x5450 [ 16.613837] kasan_check_range+0x10c/0x1c0 [ 16.613883] __kasan_check_write+0x18/0x20 [ 16.613921] kasan_atomics_helper+0x5fe/0x5450 [ 16.613962] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.613993] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.614017] ? ret_from_fork_asm+0x1a/0x30 [ 16.614040] ? kasan_atomics+0x152/0x310 [ 16.614064] kasan_atomics+0x1dc/0x310 [ 16.614084] ? __pfx_kasan_atomics+0x10/0x10 [ 16.614106] ? __pfx_read_tsc+0x10/0x10 [ 16.614127] ? ktime_get_ts64+0x86/0x230 [ 16.614156] kunit_try_run_case+0x1a5/0x480 [ 16.614183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.614206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.614232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.614257] ? __kthread_parkme+0x82/0x180 [ 16.614282] ? preempt_count_sub+0x50/0x80 [ 16.614308] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.614333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.614356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.614380] kthread+0x337/0x6f0 [ 16.614399] ? trace_preempt_on+0x20/0xc0 [ 16.614424] ? __pfx_kthread+0x10/0x10 [ 16.614443] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.614465] ? calculate_sigpending+0x7b/0xa0 [ 16.614488] ? __pfx_kthread+0x10/0x10 [ 16.614508] ret_from_fork+0x41/0x80 [ 16.614530] ? __pfx_kthread+0x10/0x10 [ 16.614548] ret_from_fork_asm+0x1a/0x30 [ 16.614604] </TASK> [ 16.614630] [ 16.626170] Allocated by task 285: [ 16.626369] kasan_save_stack+0x45/0x70 [ 16.626773] kasan_save_track+0x18/0x40 [ 16.627093] kasan_save_alloc_info+0x3b/0x50 [ 16.627463] __kasan_kmalloc+0xb7/0xc0 [ 16.627859] __kmalloc_cache_noprof+0x189/0x420 [ 16.628266] kasan_atomics+0x95/0x310 [ 16.628552] kunit_try_run_case+0x1a5/0x480 [ 16.628967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.629378] kthread+0x337/0x6f0 [ 16.629702] ret_from_fork+0x41/0x80 [ 16.629951] ret_from_fork_asm+0x1a/0x30 [ 16.630115] [ 16.630323] The buggy address belongs to the object at ffff8881033b5600 [ 16.630323] which belongs to the cache kmalloc-64 of size 64 [ 16.631236] The buggy address is located 0 bytes to the right of [ 16.631236] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.632315] [ 16.632476] The buggy address belongs to the physical page: [ 16.632944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.633254] flags: 0x200000000000000(node=0|zone=2) [ 16.633547] page_type: f5(slab) [ 16.633738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.634167] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.634499] page dumped because: kasan: bad access detected [ 16.634859] [ 16.634960] Memory state around the buggy address: [ 16.635216] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.635727] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.636158] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.636518] ^ [ 16.636781] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.637391] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.638199] ================================================================== [ 16.877521] ================================================================== [ 16.878299] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 16.879242] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.880014] [ 16.880623] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.880855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.880898] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.880942] Call Trace: [ 16.880987] <TASK> [ 16.881183] dump_stack_lvl+0x73/0xb0 [ 16.881235] print_report+0xd1/0x650 [ 16.881264] ? __virt_addr_valid+0x1db/0x2d0 [ 16.881296] ? kasan_atomics_helper+0xac7/0x5450 [ 16.881331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.881367] ? kasan_atomics_helper+0xac7/0x5450 [ 16.881390] kasan_report+0x141/0x180 [ 16.881415] ? kasan_atomics_helper+0xac7/0x5450 [ 16.881441] kasan_check_range+0x10c/0x1c0 [ 16.881463] __kasan_check_write+0x18/0x20 [ 16.881484] kasan_atomics_helper+0xac7/0x5450 [ 16.881508] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.881532] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.881555] ? ret_from_fork_asm+0x1a/0x30 [ 16.881605] ? kasan_atomics+0x152/0x310 [ 16.881648] kasan_atomics+0x1dc/0x310 [ 16.881682] ? __pfx_kasan_atomics+0x10/0x10 [ 16.881707] ? __pfx_read_tsc+0x10/0x10 [ 16.881729] ? ktime_get_ts64+0x86/0x230 [ 16.881757] kunit_try_run_case+0x1a5/0x480 [ 16.881786] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.881809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.881835] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.881860] ? __kthread_parkme+0x82/0x180 [ 16.881884] ? preempt_count_sub+0x50/0x80 [ 16.881911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.881937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.881962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.881986] kthread+0x337/0x6f0 [ 16.882005] ? trace_preempt_on+0x20/0xc0 [ 16.882031] ? __pfx_kthread+0x10/0x10 [ 16.882051] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.882075] ? calculate_sigpending+0x7b/0xa0 [ 16.882098] ? __pfx_kthread+0x10/0x10 [ 16.882117] ret_from_fork+0x41/0x80 [ 16.882140] ? __pfx_kthread+0x10/0x10 [ 16.882159] ret_from_fork_asm+0x1a/0x30 [ 16.882189] </TASK> [ 16.882205] [ 16.897283] Allocated by task 285: [ 16.897522] kasan_save_stack+0x45/0x70 [ 16.898210] kasan_save_track+0x18/0x40 [ 16.898605] kasan_save_alloc_info+0x3b/0x50 [ 16.899554] __kasan_kmalloc+0xb7/0xc0 [ 16.900002] __kmalloc_cache_noprof+0x189/0x420 [ 16.900370] kasan_atomics+0x95/0x310 [ 16.900554] kunit_try_run_case+0x1a5/0x480 [ 16.901207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.901668] kthread+0x337/0x6f0 [ 16.901997] ret_from_fork+0x41/0x80 [ 16.902419] ret_from_fork_asm+0x1a/0x30 [ 16.903772] [ 16.904029] The buggy address belongs to the object at ffff8881033b5600 [ 16.904029] which belongs to the cache kmalloc-64 of size 64 [ 16.904984] The buggy address is located 0 bytes to the right of [ 16.904984] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.905804] [ 16.906861] The buggy address belongs to the physical page: [ 16.907193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.907652] flags: 0x200000000000000(node=0|zone=2) [ 16.907835] page_type: f5(slab) [ 16.907978] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.908216] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.908442] page dumped because: kasan: bad access detected [ 16.909148] [ 16.909833] Memory state around the buggy address: [ 16.910197] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.913534] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.914518] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.915608] ^ [ 16.916246] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916481] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.916753] ================================================================== [ 17.758440] ================================================================== [ 17.759248] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 17.759764] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.760657] [ 17.761107] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.761197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.761219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.761245] Call Trace: [ 17.761270] <TASK> [ 17.761296] dump_stack_lvl+0x73/0xb0 [ 17.761346] print_report+0xd1/0x650 [ 17.761373] ? __virt_addr_valid+0x1db/0x2d0 [ 17.761399] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.761422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.761446] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.761468] kasan_report+0x141/0x180 [ 17.761492] ? kasan_atomics_helper+0x19e3/0x5450 [ 17.761518] kasan_check_range+0x10c/0x1c0 [ 17.761539] __kasan_check_write+0x18/0x20 [ 17.761578] kasan_atomics_helper+0x19e3/0x5450 [ 17.761619] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.761660] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.761700] ? ret_from_fork_asm+0x1a/0x30 [ 17.761741] ? kasan_atomics+0x152/0x310 [ 17.761781] kasan_atomics+0x1dc/0x310 [ 17.761803] ? __pfx_kasan_atomics+0x10/0x10 [ 17.761824] ? __pfx_read_tsc+0x10/0x10 [ 17.761846] ? ktime_get_ts64+0x86/0x230 [ 17.761874] kunit_try_run_case+0x1a5/0x480 [ 17.761901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.761924] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.761951] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.761974] ? __kthread_parkme+0x82/0x180 [ 17.761997] ? preempt_count_sub+0x50/0x80 [ 17.762023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.762048] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.762071] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.762095] kthread+0x337/0x6f0 [ 17.762112] ? trace_preempt_on+0x20/0xc0 [ 17.762138] ? __pfx_kthread+0x10/0x10 [ 17.762157] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.762179] ? calculate_sigpending+0x7b/0xa0 [ 17.762201] ? __pfx_kthread+0x10/0x10 [ 17.762221] ret_from_fork+0x41/0x80 [ 17.762242] ? __pfx_kthread+0x10/0x10 [ 17.762261] ret_from_fork_asm+0x1a/0x30 [ 17.762290] </TASK> [ 17.762303] [ 17.771648] Allocated by task 285: [ 17.771857] kasan_save_stack+0x45/0x70 [ 17.772186] kasan_save_track+0x18/0x40 [ 17.772374] kasan_save_alloc_info+0x3b/0x50 [ 17.772577] __kasan_kmalloc+0xb7/0xc0 [ 17.772855] __kmalloc_cache_noprof+0x189/0x420 [ 17.773258] kasan_atomics+0x95/0x310 [ 17.773578] kunit_try_run_case+0x1a5/0x480 [ 17.773929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.774241] kthread+0x337/0x6f0 [ 17.774397] ret_from_fork+0x41/0x80 [ 17.774694] ret_from_fork_asm+0x1a/0x30 [ 17.775030] [ 17.775211] The buggy address belongs to the object at ffff8881033b5600 [ 17.775211] which belongs to the cache kmalloc-64 of size 64 [ 17.775987] The buggy address is located 0 bytes to the right of [ 17.775987] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.776600] [ 17.776803] The buggy address belongs to the physical page: [ 17.777169] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.777616] flags: 0x200000000000000(node=0|zone=2) [ 17.777909] page_type: f5(slab) [ 17.778128] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.778576] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.778927] page dumped because: kasan: bad access detected [ 17.779323] [ 17.779493] Memory state around the buggy address: [ 17.779708] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.780213] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.780627] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.781117] ^ [ 17.781415] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.781908] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.782272] ================================================================== [ 18.170980] ================================================================== [ 18.171324] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 18.171948] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.172355] [ 18.172576] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.172701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.172732] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.172779] Call Trace: [ 18.172822] <TASK> [ 18.172864] dump_stack_lvl+0x73/0xb0 [ 18.172954] print_report+0xd1/0x650 [ 18.172999] ? __virt_addr_valid+0x1db/0x2d0 [ 18.173048] ? kasan_atomics_helper+0x218a/0x5450 [ 18.173097] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.173147] ? kasan_atomics_helper+0x218a/0x5450 [ 18.173195] kasan_report+0x141/0x180 [ 18.173245] ? kasan_atomics_helper+0x218a/0x5450 [ 18.173305] kasan_check_range+0x10c/0x1c0 [ 18.173351] __kasan_check_write+0x18/0x20 [ 18.173395] kasan_atomics_helper+0x218a/0x5450 [ 18.173450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.173492] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.173529] ? ret_from_fork_asm+0x1a/0x30 [ 18.173582] ? kasan_atomics+0x152/0x310 [ 18.173629] kasan_atomics+0x1dc/0x310 [ 18.173703] ? __pfx_kasan_atomics+0x10/0x10 [ 18.173743] ? __pfx_read_tsc+0x10/0x10 [ 18.173798] ? ktime_get_ts64+0x86/0x230 [ 18.173849] kunit_try_run_case+0x1a5/0x480 [ 18.173898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.173942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.173993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.174025] ? __kthread_parkme+0x82/0x180 [ 18.174049] ? preempt_count_sub+0x50/0x80 [ 18.174075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.174099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.174122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.174146] kthread+0x337/0x6f0 [ 18.174164] ? trace_preempt_on+0x20/0xc0 [ 18.174188] ? __pfx_kthread+0x10/0x10 [ 18.174207] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.174228] ? calculate_sigpending+0x7b/0xa0 [ 18.174251] ? __pfx_kthread+0x10/0x10 [ 18.174270] ret_from_fork+0x41/0x80 [ 18.174291] ? __pfx_kthread+0x10/0x10 [ 18.174309] ret_from_fork_asm+0x1a/0x30 [ 18.174337] </TASK> [ 18.174351] [ 18.185017] Allocated by task 285: [ 18.185161] kasan_save_stack+0x45/0x70 [ 18.185339] kasan_save_track+0x18/0x40 [ 18.185722] kasan_save_alloc_info+0x3b/0x50 [ 18.186090] __kasan_kmalloc+0xb7/0xc0 [ 18.186454] __kmalloc_cache_noprof+0x189/0x420 [ 18.186920] kasan_atomics+0x95/0x310 [ 18.187275] kunit_try_run_case+0x1a5/0x480 [ 18.187713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.188191] kthread+0x337/0x6f0 [ 18.188502] ret_from_fork+0x41/0x80 [ 18.188865] ret_from_fork_asm+0x1a/0x30 [ 18.189225] [ 18.189428] The buggy address belongs to the object at ffff8881033b5600 [ 18.189428] which belongs to the cache kmalloc-64 of size 64 [ 18.190168] The buggy address is located 0 bytes to the right of [ 18.190168] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.190849] [ 18.191061] The buggy address belongs to the physical page: [ 18.191324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.191834] flags: 0x200000000000000(node=0|zone=2) [ 18.192217] page_type: f5(slab) [ 18.192513] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.192978] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.193380] page dumped because: kasan: bad access detected [ 18.193628] [ 18.193769] Memory state around the buggy address: [ 18.194133] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.194626] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.195037] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.195507] ^ [ 18.195806] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196252] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.196754] ================================================================== [ 17.600392] ================================================================== [ 17.600923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 17.601967] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.602217] [ 17.602327] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.602384] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.602399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.602423] Call Trace: [ 17.602450] <TASK> [ 17.602473] dump_stack_lvl+0x73/0xb0 [ 17.602510] print_report+0xd1/0x650 [ 17.602536] ? __virt_addr_valid+0x1db/0x2d0 [ 17.602575] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.602602] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.602626] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.602653] kasan_report+0x141/0x180 [ 17.602690] ? kasan_atomics_helper+0x16e7/0x5450 [ 17.602717] kasan_check_range+0x10c/0x1c0 [ 17.602739] __kasan_check_write+0x18/0x20 [ 17.602760] kasan_atomics_helper+0x16e7/0x5450 [ 17.602783] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.602807] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.602830] ? ret_from_fork_asm+0x1a/0x30 [ 17.602853] ? kasan_atomics+0x152/0x310 [ 17.602877] kasan_atomics+0x1dc/0x310 [ 17.602897] ? __pfx_kasan_atomics+0x10/0x10 [ 17.602919] ? __pfx_read_tsc+0x10/0x10 [ 17.602941] ? ktime_get_ts64+0x86/0x230 [ 17.602969] kunit_try_run_case+0x1a5/0x480 [ 17.602997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.603021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.603048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.603072] ? __kthread_parkme+0x82/0x180 [ 17.603096] ? preempt_count_sub+0x50/0x80 [ 17.603124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.603175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.603211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.603236] kthread+0x337/0x6f0 [ 17.603256] ? trace_preempt_on+0x20/0xc0 [ 17.603282] ? __pfx_kthread+0x10/0x10 [ 17.603301] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.603324] ? calculate_sigpending+0x7b/0xa0 [ 17.603347] ? __pfx_kthread+0x10/0x10 [ 17.603367] ret_from_fork+0x41/0x80 [ 17.603389] ? __pfx_kthread+0x10/0x10 [ 17.603409] ret_from_fork_asm+0x1a/0x30 [ 17.603439] </TASK> [ 17.603453] [ 17.615305] Allocated by task 285: [ 17.615471] kasan_save_stack+0x45/0x70 [ 17.615680] kasan_save_track+0x18/0x40 [ 17.615824] kasan_save_alloc_info+0x3b/0x50 [ 17.615981] __kasan_kmalloc+0xb7/0xc0 [ 17.616123] __kmalloc_cache_noprof+0x189/0x420 [ 17.616282] kasan_atomics+0x95/0x310 [ 17.616424] kunit_try_run_case+0x1a5/0x480 [ 17.617220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.617742] kthread+0x337/0x6f0 [ 17.617925] ret_from_fork+0x41/0x80 [ 17.618592] ret_from_fork_asm+0x1a/0x30 [ 17.619111] [ 17.619251] The buggy address belongs to the object at ffff8881033b5600 [ 17.619251] which belongs to the cache kmalloc-64 of size 64 [ 17.619618] The buggy address is located 0 bytes to the right of [ 17.619618] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.620338] [ 17.620472] The buggy address belongs to the physical page: [ 17.621115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.621596] flags: 0x200000000000000(node=0|zone=2) [ 17.622000] page_type: f5(slab) [ 17.622269] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.622664] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.623169] page dumped because: kasan: bad access detected [ 17.623839] [ 17.624083] Memory state around the buggy address: [ 17.624435] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.625181] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.625643] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.626130] ^ [ 17.626490] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.627178] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.627467] ================================================================== [ 17.119936] ================================================================== [ 17.120529] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 17.121174] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.121663] [ 17.121815] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.121911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.121950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.122006] Call Trace: [ 17.122049] <TASK> [ 17.122088] dump_stack_lvl+0x73/0xb0 [ 17.122154] print_report+0xd1/0x650 [ 17.122210] ? __virt_addr_valid+0x1db/0x2d0 [ 17.122272] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.122319] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.122366] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.122419] kasan_report+0x141/0x180 [ 17.122470] ? kasan_atomics_helper+0xfa9/0x5450 [ 17.122542] kasan_check_range+0x10c/0x1c0 [ 17.122599] __kasan_check_write+0x18/0x20 [ 17.122652] kasan_atomics_helper+0xfa9/0x5450 [ 17.122717] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.122769] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.122812] ? ret_from_fork_asm+0x1a/0x30 [ 17.122858] ? kasan_atomics+0x152/0x310 [ 17.122915] kasan_atomics+0x1dc/0x310 [ 17.122976] ? __pfx_kasan_atomics+0x10/0x10 [ 17.123024] ? __pfx_read_tsc+0x10/0x10 [ 17.123083] ? ktime_get_ts64+0x86/0x230 [ 17.123159] kunit_try_run_case+0x1a5/0x480 [ 17.123235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.123285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.123338] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.123400] ? __kthread_parkme+0x82/0x180 [ 17.123461] ? preempt_count_sub+0x50/0x80 [ 17.123518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.123589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.123655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.123709] kthread+0x337/0x6f0 [ 17.123751] ? trace_preempt_on+0x20/0xc0 [ 17.123806] ? __pfx_kthread+0x10/0x10 [ 17.123849] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.123913] ? calculate_sigpending+0x7b/0xa0 [ 17.123956] ? __pfx_kthread+0x10/0x10 [ 17.123990] ret_from_fork+0x41/0x80 [ 17.124029] ? __pfx_kthread+0x10/0x10 [ 17.124069] ret_from_fork_asm+0x1a/0x30 [ 17.124131] </TASK> [ 17.124159] [ 17.133808] Allocated by task 285: [ 17.133995] kasan_save_stack+0x45/0x70 [ 17.134345] kasan_save_track+0x18/0x40 [ 17.134675] kasan_save_alloc_info+0x3b/0x50 [ 17.135024] __kasan_kmalloc+0xb7/0xc0 [ 17.135351] __kmalloc_cache_noprof+0x189/0x420 [ 17.135720] kasan_atomics+0x95/0x310 [ 17.136032] kunit_try_run_case+0x1a5/0x480 [ 17.136373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.136791] kthread+0x337/0x6f0 [ 17.137071] ret_from_fork+0x41/0x80 [ 17.137358] ret_from_fork_asm+0x1a/0x30 [ 17.137592] [ 17.137780] The buggy address belongs to the object at ffff8881033b5600 [ 17.137780] which belongs to the cache kmalloc-64 of size 64 [ 17.138360] The buggy address is located 0 bytes to the right of [ 17.138360] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.139055] [ 17.139234] The buggy address belongs to the physical page: [ 17.139569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.140326] flags: 0x200000000000000(node=0|zone=2) [ 17.140643] page_type: f5(slab) [ 17.140857] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.141128] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.141382] page dumped because: kasan: bad access detected [ 17.141593] [ 17.141746] Memory state around the buggy address: [ 17.142150] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.142661] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.143164] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.143464] ^ [ 17.144001] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144268] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.144508] ================================================================== [ 16.781527] ================================================================== [ 16.782193] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 16.782504] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.783166] [ 16.783376] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.783485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.783512] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.783551] Call Trace: [ 16.783640] <TASK> [ 16.783702] dump_stack_lvl+0x73/0xb0 [ 16.783776] print_report+0xd1/0x650 [ 16.783832] ? __virt_addr_valid+0x1db/0x2d0 [ 16.783882] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.783923] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.783968] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.784045] kasan_report+0x141/0x180 [ 16.784107] ? kasan_atomics_helper+0x8f9/0x5450 [ 16.784188] kasan_check_range+0x10c/0x1c0 [ 16.784254] __kasan_check_write+0x18/0x20 [ 16.784293] kasan_atomics_helper+0x8f9/0x5450 [ 16.784340] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.784388] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.784436] ? ret_from_fork_asm+0x1a/0x30 [ 16.784485] ? kasan_atomics+0x152/0x310 [ 16.784532] kasan_atomics+0x1dc/0x310 [ 16.784584] ? __pfx_kasan_atomics+0x10/0x10 [ 16.784675] ? __pfx_read_tsc+0x10/0x10 [ 16.784717] ? ktime_get_ts64+0x86/0x230 [ 16.784781] kunit_try_run_case+0x1a5/0x480 [ 16.784831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.784874] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.784914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.784953] ? __kthread_parkme+0x82/0x180 [ 16.785000] ? preempt_count_sub+0x50/0x80 [ 16.785049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.785101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.785149] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.785197] kthread+0x337/0x6f0 [ 16.785237] ? trace_preempt_on+0x20/0xc0 [ 16.785286] ? __pfx_kthread+0x10/0x10 [ 16.785324] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.785368] ? calculate_sigpending+0x7b/0xa0 [ 16.785418] ? __pfx_kthread+0x10/0x10 [ 16.785459] ret_from_fork+0x41/0x80 [ 16.785500] ? __pfx_kthread+0x10/0x10 [ 16.785527] ret_from_fork_asm+0x1a/0x30 [ 16.785577] </TASK> [ 16.785597] [ 16.796044] Allocated by task 285: [ 16.796256] kasan_save_stack+0x45/0x70 [ 16.796486] kasan_save_track+0x18/0x40 [ 16.797436] kasan_save_alloc_info+0x3b/0x50 [ 16.798032] __kasan_kmalloc+0xb7/0xc0 [ 16.798386] __kmalloc_cache_noprof+0x189/0x420 [ 16.798801] kasan_atomics+0x95/0x310 [ 16.799148] kunit_try_run_case+0x1a5/0x480 [ 16.799525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.800260] kthread+0x337/0x6f0 [ 16.801109] ret_from_fork+0x41/0x80 [ 16.801410] ret_from_fork_asm+0x1a/0x30 [ 16.801811] [ 16.801943] The buggy address belongs to the object at ffff8881033b5600 [ 16.801943] which belongs to the cache kmalloc-64 of size 64 [ 16.802366] The buggy address is located 0 bytes to the right of [ 16.802366] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.803366] [ 16.803865] The buggy address belongs to the physical page: [ 16.804304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.805330] flags: 0x200000000000000(node=0|zone=2) [ 16.806000] page_type: f5(slab) [ 16.806321] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.807166] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.807936] page dumped because: kasan: bad access detected [ 16.808395] [ 16.808578] Memory state around the buggy address: [ 16.809384] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.810020] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.810287] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.811254] ^ [ 16.811521] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.811966] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.812430] ================================================================== [ 17.207507] ================================================================== [ 17.208152] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 17.208596] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.209052] [ 17.209269] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.209369] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.209398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.209443] Call Trace: [ 17.209486] <TASK> [ 17.209527] dump_stack_lvl+0x73/0xb0 [ 17.209624] print_report+0xd1/0x650 [ 17.209695] ? __virt_addr_valid+0x1db/0x2d0 [ 17.209742] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.209788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.209836] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.209873] kasan_report+0x141/0x180 [ 17.209915] ? kasan_atomics_helper+0x4a1c/0x5450 [ 17.209983] __asan_report_load4_noabort+0x18/0x20 [ 17.210027] kasan_atomics_helper+0x4a1c/0x5450 [ 17.210071] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.210113] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.210167] ? ret_from_fork_asm+0x1a/0x30 [ 17.210204] ? kasan_atomics+0x152/0x310 [ 17.210247] kasan_atomics+0x1dc/0x310 [ 17.210285] ? __pfx_kasan_atomics+0x10/0x10 [ 17.210326] ? __pfx_read_tsc+0x10/0x10 [ 17.210367] ? ktime_get_ts64+0x86/0x230 [ 17.210410] kunit_try_run_case+0x1a5/0x480 [ 17.210440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.210463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.210489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.210512] ? __kthread_parkme+0x82/0x180 [ 17.210535] ? preempt_count_sub+0x50/0x80 [ 17.210571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.210599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.210623] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.210646] kthread+0x337/0x6f0 [ 17.210688] ? trace_preempt_on+0x20/0xc0 [ 17.210716] ? __pfx_kthread+0x10/0x10 [ 17.210734] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.210756] ? calculate_sigpending+0x7b/0xa0 [ 17.210780] ? __pfx_kthread+0x10/0x10 [ 17.210799] ret_from_fork+0x41/0x80 [ 17.210820] ? __pfx_kthread+0x10/0x10 [ 17.210840] ret_from_fork_asm+0x1a/0x30 [ 17.210869] </TASK> [ 17.210884] [ 17.222342] Allocated by task 285: [ 17.222672] kasan_save_stack+0x45/0x70 [ 17.223444] kasan_save_track+0x18/0x40 [ 17.223964] kasan_save_alloc_info+0x3b/0x50 [ 17.224190] __kasan_kmalloc+0xb7/0xc0 [ 17.224343] __kmalloc_cache_noprof+0x189/0x420 [ 17.224501] kasan_atomics+0x95/0x310 [ 17.224686] kunit_try_run_case+0x1a5/0x480 [ 17.224850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.225023] kthread+0x337/0x6f0 [ 17.225157] ret_from_fork+0x41/0x80 [ 17.225292] ret_from_fork_asm+0x1a/0x30 [ 17.225432] [ 17.225514] The buggy address belongs to the object at ffff8881033b5600 [ 17.225514] which belongs to the cache kmalloc-64 of size 64 [ 17.227028] The buggy address is located 0 bytes to the right of [ 17.227028] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.228387] [ 17.228573] The buggy address belongs to the physical page: [ 17.228770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.229337] flags: 0x200000000000000(node=0|zone=2) [ 17.229687] page_type: f5(slab) [ 17.229905] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.230201] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.230501] page dumped because: kasan: bad access detected [ 17.230765] [ 17.230905] Memory state around the buggy address: [ 17.231143] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.231648] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.231939] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.232404] ^ [ 17.232740] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.233185] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.233444] ================================================================== [ 17.344765] ================================================================== [ 17.345837] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 17.346101] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.346316] [ 17.346423] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.346482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.346498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.346522] Call Trace: [ 17.346549] <TASK> [ 17.346592] dump_stack_lvl+0x73/0xb0 [ 17.346644] print_report+0xd1/0x650 [ 17.346721] ? __virt_addr_valid+0x1db/0x2d0 [ 17.346767] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.346810] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.346858] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.346907] kasan_report+0x141/0x180 [ 17.346957] ? kasan_atomics_helper+0x12e6/0x5450 [ 17.347016] kasan_check_range+0x10c/0x1c0 [ 17.347065] __kasan_check_write+0x18/0x20 [ 17.347107] kasan_atomics_helper+0x12e6/0x5450 [ 17.347185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.347232] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.347280] ? ret_from_fork_asm+0x1a/0x30 [ 17.347331] ? kasan_atomics+0x152/0x310 [ 17.347385] kasan_atomics+0x1dc/0x310 [ 17.347432] ? __pfx_kasan_atomics+0x10/0x10 [ 17.347479] ? __pfx_read_tsc+0x10/0x10 [ 17.347526] ? ktime_get_ts64+0x86/0x230 [ 17.347595] kunit_try_run_case+0x1a5/0x480 [ 17.347684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.347739] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.347784] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.347829] ? __kthread_parkme+0x82/0x180 [ 17.347877] ? preempt_count_sub+0x50/0x80 [ 17.347930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.347981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.348026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.348089] kthread+0x337/0x6f0 [ 17.348128] ? trace_preempt_on+0x20/0xc0 [ 17.348176] ? __pfx_kthread+0x10/0x10 [ 17.348217] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.348263] ? calculate_sigpending+0x7b/0xa0 [ 17.348297] ? __pfx_kthread+0x10/0x10 [ 17.348317] ret_from_fork+0x41/0x80 [ 17.348340] ? __pfx_kthread+0x10/0x10 [ 17.348359] ret_from_fork_asm+0x1a/0x30 [ 17.348390] </TASK> [ 17.348405] [ 17.358007] Allocated by task 285: [ 17.358225] kasan_save_stack+0x45/0x70 [ 17.358450] kasan_save_track+0x18/0x40 [ 17.358803] kasan_save_alloc_info+0x3b/0x50 [ 17.359169] __kasan_kmalloc+0xb7/0xc0 [ 17.359478] __kmalloc_cache_noprof+0x189/0x420 [ 17.359809] kasan_atomics+0x95/0x310 [ 17.359993] kunit_try_run_case+0x1a5/0x480 [ 17.360193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.360412] kthread+0x337/0x6f0 [ 17.360676] ret_from_fork+0x41/0x80 [ 17.360991] ret_from_fork_asm+0x1a/0x30 [ 17.361327] [ 17.361502] The buggy address belongs to the object at ffff8881033b5600 [ 17.361502] which belongs to the cache kmalloc-64 of size 64 [ 17.362286] The buggy address is located 0 bytes to the right of [ 17.362286] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.362788] [ 17.362919] The buggy address belongs to the physical page: [ 17.363139] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.363761] flags: 0x200000000000000(node=0|zone=2) [ 17.364156] page_type: f5(slab) [ 17.364440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.364992] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.365452] page dumped because: kasan: bad access detected [ 17.365864] [ 17.366052] Memory state around the buggy address: [ 17.366370] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.366950] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.367249] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.367698] ^ [ 17.368021] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.368300] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.369477] ================================================================== [ 17.370567] ================================================================== [ 17.371180] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 17.371459] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.372625] [ 17.373069] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.373171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.373199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.373226] Call Trace: [ 17.373253] <TASK> [ 17.373277] dump_stack_lvl+0x73/0xb0 [ 17.373317] print_report+0xd1/0x650 [ 17.373344] ? __virt_addr_valid+0x1db/0x2d0 [ 17.373369] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.373394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.373418] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.373443] kasan_report+0x141/0x180 [ 17.373467] ? kasan_atomics_helper+0x49ce/0x5450 [ 17.373495] __asan_report_load4_noabort+0x18/0x20 [ 17.373518] kasan_atomics_helper+0x49ce/0x5450 [ 17.373544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.373587] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.373613] ? ret_from_fork_asm+0x1a/0x30 [ 17.373638] ? kasan_atomics+0x152/0x310 [ 17.373673] kasan_atomics+0x1dc/0x310 [ 17.373701] ? __pfx_kasan_atomics+0x10/0x10 [ 17.373724] ? __pfx_read_tsc+0x10/0x10 [ 17.373746] ? ktime_get_ts64+0x86/0x230 [ 17.373774] kunit_try_run_case+0x1a5/0x480 [ 17.373803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.373829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.373856] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.373880] ? __kthread_parkme+0x82/0x180 [ 17.373905] ? preempt_count_sub+0x50/0x80 [ 17.373932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.373958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.373983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.374008] kthread+0x337/0x6f0 [ 17.374027] ? trace_preempt_on+0x20/0xc0 [ 17.374053] ? __pfx_kthread+0x10/0x10 [ 17.374072] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.374094] ? calculate_sigpending+0x7b/0xa0 [ 17.374118] ? __pfx_kthread+0x10/0x10 [ 17.374138] ret_from_fork+0x41/0x80 [ 17.374161] ? __pfx_kthread+0x10/0x10 [ 17.374181] ret_from_fork_asm+0x1a/0x30 [ 17.374211] </TASK> [ 17.374226] [ 17.387318] Allocated by task 285: [ 17.387589] kasan_save_stack+0x45/0x70 [ 17.388653] kasan_save_track+0x18/0x40 [ 17.388899] kasan_save_alloc_info+0x3b/0x50 [ 17.389059] __kasan_kmalloc+0xb7/0xc0 [ 17.389435] __kmalloc_cache_noprof+0x189/0x420 [ 17.390053] kasan_atomics+0x95/0x310 [ 17.390232] kunit_try_run_case+0x1a5/0x480 [ 17.390799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.391141] kthread+0x337/0x6f0 [ 17.391594] ret_from_fork+0x41/0x80 [ 17.391761] ret_from_fork_asm+0x1a/0x30 [ 17.392443] [ 17.392628] The buggy address belongs to the object at ffff8881033b5600 [ 17.392628] which belongs to the cache kmalloc-64 of size 64 [ 17.393239] The buggy address is located 0 bytes to the right of [ 17.393239] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.393974] [ 17.394167] The buggy address belongs to the physical page: [ 17.394537] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.395223] flags: 0x200000000000000(node=0|zone=2) [ 17.395477] page_type: f5(slab) [ 17.396264] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.396598] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.397131] page dumped because: kasan: bad access detected [ 17.397329] [ 17.397472] Memory state around the buggy address: [ 17.398235] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.398482] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.399258] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.400184] ^ [ 17.400445] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.400906] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.401426] ================================================================== [ 16.415418] ================================================================== [ 16.415751] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 16.416377] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.416555] [ 16.416853] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.417045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.417063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.417209] Call Trace: [ 16.417231] <TASK> [ 16.417254] dump_stack_lvl+0x73/0xb0 [ 16.417293] print_report+0xd1/0x650 [ 16.417320] ? __virt_addr_valid+0x1db/0x2d0 [ 16.417343] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.417366] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.417390] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.417413] kasan_report+0x141/0x180 [ 16.417437] ? kasan_atomics_helper+0x4b88/0x5450 [ 16.417464] __asan_report_load4_noabort+0x18/0x20 [ 16.417487] kasan_atomics_helper+0x4b88/0x5450 [ 16.417511] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.417534] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.417555] ? ret_from_fork_asm+0x1a/0x30 [ 16.417622] ? kasan_atomics+0x152/0x310 [ 16.417668] kasan_atomics+0x1dc/0x310 [ 16.417707] ? __pfx_kasan_atomics+0x10/0x10 [ 16.417730] ? __pfx_read_tsc+0x10/0x10 [ 16.417753] ? ktime_get_ts64+0x86/0x230 [ 16.417929] kunit_try_run_case+0x1a5/0x480 [ 16.417962] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.418007] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.418036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.418063] ? __kthread_parkme+0x82/0x180 [ 16.418088] ? preempt_count_sub+0x50/0x80 [ 16.418117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.418145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.418170] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.418197] kthread+0x337/0x6f0 [ 16.418217] ? trace_preempt_on+0x20/0xc0 [ 16.418244] ? __pfx_kthread+0x10/0x10 [ 16.418265] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.418288] ? calculate_sigpending+0x7b/0xa0 [ 16.418313] ? __pfx_kthread+0x10/0x10 [ 16.418334] ret_from_fork+0x41/0x80 [ 16.418358] ? __pfx_kthread+0x10/0x10 [ 16.418378] ret_from_fork_asm+0x1a/0x30 [ 16.418412] </TASK> [ 16.418429] [ 16.426724] Allocated by task 285: [ 16.426919] kasan_save_stack+0x45/0x70 [ 16.427188] kasan_save_track+0x18/0x40 [ 16.427295] kasan_save_alloc_info+0x3b/0x50 [ 16.427391] __kasan_kmalloc+0xb7/0xc0 [ 16.427481] __kmalloc_cache_noprof+0x189/0x420 [ 16.427883] kasan_atomics+0x95/0x310 [ 16.428146] kunit_try_run_case+0x1a5/0x480 [ 16.428424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.428758] kthread+0x337/0x6f0 [ 16.428887] ret_from_fork+0x41/0x80 [ 16.428979] ret_from_fork_asm+0x1a/0x30 [ 16.429240] [ 16.429360] The buggy address belongs to the object at ffff8881033b5600 [ 16.429360] which belongs to the cache kmalloc-64 of size 64 [ 16.430143] The buggy address is located 0 bytes to the right of [ 16.430143] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.430717] [ 16.430836] The buggy address belongs to the physical page: [ 16.431203] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.431595] flags: 0x200000000000000(node=0|zone=2) [ 16.431839] page_type: f5(slab) [ 16.432068] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.432456] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.432679] page dumped because: kasan: bad access detected [ 16.433024] [ 16.433149] Memory state around the buggy address: [ 16.433449] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.433988] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.434342] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.434553] ^ [ 16.434891] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435171] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.435440] ================================================================== [ 17.403024] ================================================================== [ 17.403307] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 17.403541] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.404664] [ 17.405161] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.405375] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.405401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.405439] Call Trace: [ 17.405468] <TASK> [ 17.405493] dump_stack_lvl+0x73/0xb0 [ 17.405535] print_report+0xd1/0x650 [ 17.405579] ? __virt_addr_valid+0x1db/0x2d0 [ 17.405607] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.405632] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.405660] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.405710] kasan_report+0x141/0x180 [ 17.405736] ? kasan_atomics_helper+0x13b5/0x5450 [ 17.405763] kasan_check_range+0x10c/0x1c0 [ 17.405785] __kasan_check_read+0x15/0x20 [ 17.405806] kasan_atomics_helper+0x13b5/0x5450 [ 17.405830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.405853] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.405876] ? ret_from_fork_asm+0x1a/0x30 [ 17.405900] ? kasan_atomics+0x152/0x310 [ 17.405924] kasan_atomics+0x1dc/0x310 [ 17.405944] ? __pfx_kasan_atomics+0x10/0x10 [ 17.405966] ? __pfx_read_tsc+0x10/0x10 [ 17.405988] ? ktime_get_ts64+0x86/0x230 [ 17.406016] kunit_try_run_case+0x1a5/0x480 [ 17.406043] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406067] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.406093] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.406117] ? __kthread_parkme+0x82/0x180 [ 17.406140] ? preempt_count_sub+0x50/0x80 [ 17.406167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.406192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.406215] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.406240] kthread+0x337/0x6f0 [ 17.406259] ? trace_preempt_on+0x20/0xc0 [ 17.406284] ? __pfx_kthread+0x10/0x10 [ 17.406302] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.406325] ? calculate_sigpending+0x7b/0xa0 [ 17.406347] ? __pfx_kthread+0x10/0x10 [ 17.406366] ret_from_fork+0x41/0x80 [ 17.406388] ? __pfx_kthread+0x10/0x10 [ 17.406407] ret_from_fork_asm+0x1a/0x30 [ 17.406436] </TASK> [ 17.406449] [ 17.418063] Allocated by task 285: [ 17.418403] kasan_save_stack+0x45/0x70 [ 17.418817] kasan_save_track+0x18/0x40 [ 17.419150] kasan_save_alloc_info+0x3b/0x50 [ 17.419436] __kasan_kmalloc+0xb7/0xc0 [ 17.419831] __kmalloc_cache_noprof+0x189/0x420 [ 17.420035] kasan_atomics+0x95/0x310 [ 17.420366] kunit_try_run_case+0x1a5/0x480 [ 17.420688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.420972] kthread+0x337/0x6f0 [ 17.421147] ret_from_fork+0x41/0x80 [ 17.421330] ret_from_fork_asm+0x1a/0x30 [ 17.421650] [ 17.421832] The buggy address belongs to the object at ffff8881033b5600 [ 17.421832] which belongs to the cache kmalloc-64 of size 64 [ 17.422695] The buggy address is located 0 bytes to the right of [ 17.422695] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.423518] [ 17.423724] The buggy address belongs to the physical page: [ 17.424236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.424646] flags: 0x200000000000000(node=0|zone=2) [ 17.425068] page_type: f5(slab) [ 17.425377] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.425742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.426192] page dumped because: kasan: bad access detected [ 17.426510] [ 17.426706] Memory state around the buggy address: [ 17.426925] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.427210] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.427517] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.428025] ^ [ 17.428465] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.428998] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.429478] ================================================================== [ 16.680770] ================================================================== [ 16.681181] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 16.681438] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.681682] [ 16.681826] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.681928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.681954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.681993] Call Trace: [ 16.682032] <TASK> [ 16.682068] dump_stack_lvl+0x73/0xb0 [ 16.682126] print_report+0xd1/0x650 [ 16.682168] ? __virt_addr_valid+0x1db/0x2d0 [ 16.682206] ? kasan_atomics_helper+0x72f/0x5450 [ 16.682243] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.682280] ? kasan_atomics_helper+0x72f/0x5450 [ 16.682319] kasan_report+0x141/0x180 [ 16.682365] ? kasan_atomics_helper+0x72f/0x5450 [ 16.682417] kasan_check_range+0x10c/0x1c0 [ 16.682460] __kasan_check_write+0x18/0x20 [ 16.682490] kasan_atomics_helper+0x72f/0x5450 [ 16.682516] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.682542] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.682969] ? ret_from_fork_asm+0x1a/0x30 [ 16.683034] ? kasan_atomics+0x152/0x310 [ 16.683587] kasan_atomics+0x1dc/0x310 [ 16.683631] ? __pfx_kasan_atomics+0x10/0x10 [ 16.683692] ? __pfx_read_tsc+0x10/0x10 [ 16.683717] ? ktime_get_ts64+0x86/0x230 [ 16.683746] kunit_try_run_case+0x1a5/0x480 [ 16.683775] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.683799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.683826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.683852] ? __kthread_parkme+0x82/0x180 [ 16.683875] ? preempt_count_sub+0x50/0x80 [ 16.683902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.683928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.683953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.683977] kthread+0x337/0x6f0 [ 16.683998] ? trace_preempt_on+0x20/0xc0 [ 16.684024] ? __pfx_kthread+0x10/0x10 [ 16.684044] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.684066] ? calculate_sigpending+0x7b/0xa0 [ 16.684090] ? __pfx_kthread+0x10/0x10 [ 16.684109] ret_from_fork+0x41/0x80 [ 16.684132] ? __pfx_kthread+0x10/0x10 [ 16.684152] ret_from_fork_asm+0x1a/0x30 [ 16.684183] </TASK> [ 16.684199] [ 16.698016] Allocated by task 285: [ 16.699032] kasan_save_stack+0x45/0x70 [ 16.699332] kasan_save_track+0x18/0x40 [ 16.699682] kasan_save_alloc_info+0x3b/0x50 [ 16.699990] __kasan_kmalloc+0xb7/0xc0 [ 16.700229] __kmalloc_cache_noprof+0x189/0x420 [ 16.701422] kasan_atomics+0x95/0x310 [ 16.701764] kunit_try_run_case+0x1a5/0x480 [ 16.702023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.702584] kthread+0x337/0x6f0 [ 16.703205] ret_from_fork+0x41/0x80 [ 16.703502] ret_from_fork_asm+0x1a/0x30 [ 16.703716] [ 16.704197] The buggy address belongs to the object at ffff8881033b5600 [ 16.704197] which belongs to the cache kmalloc-64 of size 64 [ 16.705159] The buggy address is located 0 bytes to the right of [ 16.705159] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.705682] [ 16.706401] The buggy address belongs to the physical page: [ 16.706640] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.707878] flags: 0x200000000000000(node=0|zone=2) [ 16.708164] page_type: f5(slab) [ 16.708338] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.709234] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.710054] page dumped because: kasan: bad access detected [ 16.710788] [ 16.710980] Memory state around the buggy address: [ 16.711592] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.712083] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.712419] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.713246] ^ [ 16.713473] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714280] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.714608] ================================================================== [ 18.088551] ================================================================== [ 18.089041] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 18.089476] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.090001] [ 18.090157] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.090262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.090298] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.090349] Call Trace: [ 18.090395] <TASK> [ 18.090440] dump_stack_lvl+0x73/0xb0 [ 18.090511] print_report+0xd1/0x650 [ 18.090584] ? __virt_addr_valid+0x1db/0x2d0 [ 18.090642] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.090697] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.090754] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.090808] kasan_report+0x141/0x180 [ 18.090865] ? kasan_atomics_helper+0x4f98/0x5450 [ 18.090930] __asan_report_load8_noabort+0x18/0x20 [ 18.090984] kasan_atomics_helper+0x4f98/0x5450 [ 18.091041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.091097] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.091163] ? ret_from_fork_asm+0x1a/0x30 [ 18.091218] ? kasan_atomics+0x152/0x310 [ 18.091278] kasan_atomics+0x1dc/0x310 [ 18.091327] ? __pfx_kasan_atomics+0x10/0x10 [ 18.091382] ? __pfx_read_tsc+0x10/0x10 [ 18.091428] ? ktime_get_ts64+0x86/0x230 [ 18.091488] kunit_try_run_case+0x1a5/0x480 [ 18.091548] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.091603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.091642] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.091678] ? __kthread_parkme+0x82/0x180 [ 18.091714] ? preempt_count_sub+0x50/0x80 [ 18.091756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.091793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.091831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.091866] kthread+0x337/0x6f0 [ 18.091894] ? trace_preempt_on+0x20/0xc0 [ 18.091931] ? __pfx_kthread+0x10/0x10 [ 18.091961] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.091995] ? calculate_sigpending+0x7b/0xa0 [ 18.092030] ? __pfx_kthread+0x10/0x10 [ 18.092061] ret_from_fork+0x41/0x80 [ 18.092096] ? __pfx_kthread+0x10/0x10 [ 18.092273] ret_from_fork_asm+0x1a/0x30 [ 18.092333] </TASK> [ 18.092360] [ 18.102815] Allocated by task 285: [ 18.103026] kasan_save_stack+0x45/0x70 [ 18.103346] kasan_save_track+0x18/0x40 [ 18.103638] kasan_save_alloc_info+0x3b/0x50 [ 18.103910] __kasan_kmalloc+0xb7/0xc0 [ 18.104184] __kmalloc_cache_noprof+0x189/0x420 [ 18.104508] kasan_atomics+0x95/0x310 [ 18.104927] kunit_try_run_case+0x1a5/0x480 [ 18.105166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.105421] kthread+0x337/0x6f0 [ 18.105586] ret_from_fork+0x41/0x80 [ 18.105800] ret_from_fork_asm+0x1a/0x30 [ 18.106060] [ 18.106167] The buggy address belongs to the object at ffff8881033b5600 [ 18.106167] which belongs to the cache kmalloc-64 of size 64 [ 18.106538] The buggy address is located 0 bytes to the right of [ 18.106538] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.107583] [ 18.107795] The buggy address belongs to the physical page: [ 18.108215] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.108827] flags: 0x200000000000000(node=0|zone=2) [ 18.109070] page_type: f5(slab) [ 18.109309] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.109942] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.110326] page dumped because: kasan: bad access detected [ 18.110637] [ 18.110875] Memory state around the buggy address: [ 18.111197] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.111631] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.112082] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.112542] ^ [ 18.112842] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113508] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.113834] ================================================================== [ 17.895280] ================================================================== [ 17.895726] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 17.896898] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.897323] [ 17.897685] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.897770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.897788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.897813] Call Trace: [ 17.897838] <TASK> [ 17.897861] dump_stack_lvl+0x73/0xb0 [ 17.897897] print_report+0xd1/0x650 [ 17.897923] ? __virt_addr_valid+0x1db/0x2d0 [ 17.897947] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.897969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.897994] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.898017] kasan_report+0x141/0x180 [ 17.898040] ? kasan_atomics_helper+0x1ce1/0x5450 [ 17.898066] kasan_check_range+0x10c/0x1c0 [ 17.898086] __kasan_check_write+0x18/0x20 [ 17.898105] kasan_atomics_helper+0x1ce1/0x5450 [ 17.898128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.898151] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.898172] ? ret_from_fork_asm+0x1a/0x30 [ 17.898194] ? kasan_atomics+0x152/0x310 [ 17.898217] kasan_atomics+0x1dc/0x310 [ 17.898236] ? __pfx_kasan_atomics+0x10/0x10 [ 17.898257] ? __pfx_read_tsc+0x10/0x10 [ 17.898278] ? ktime_get_ts64+0x86/0x230 [ 17.898304] kunit_try_run_case+0x1a5/0x480 [ 17.898330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.898352] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.898377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.898399] ? __kthread_parkme+0x82/0x180 [ 17.898422] ? preempt_count_sub+0x50/0x80 [ 17.898448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.898473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.898495] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.898518] kthread+0x337/0x6f0 [ 17.898536] ? trace_preempt_on+0x20/0xc0 [ 17.898581] ? __pfx_kthread+0x10/0x10 [ 17.898604] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.898627] ? calculate_sigpending+0x7b/0xa0 [ 17.898651] ? __pfx_kthread+0x10/0x10 [ 17.898683] ret_from_fork+0x41/0x80 [ 17.898707] ? __pfx_kthread+0x10/0x10 [ 17.898726] ret_from_fork_asm+0x1a/0x30 [ 17.898755] </TASK> [ 17.898769] [ 17.911649] Allocated by task 285: [ 17.912063] kasan_save_stack+0x45/0x70 [ 17.912529] kasan_save_track+0x18/0x40 [ 17.912722] kasan_save_alloc_info+0x3b/0x50 [ 17.913231] __kasan_kmalloc+0xb7/0xc0 [ 17.913763] __kmalloc_cache_noprof+0x189/0x420 [ 17.914065] kasan_atomics+0x95/0x310 [ 17.914453] kunit_try_run_case+0x1a5/0x480 [ 17.914915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.915248] kthread+0x337/0x6f0 [ 17.915644] ret_from_fork+0x41/0x80 [ 17.915879] ret_from_fork_asm+0x1a/0x30 [ 17.916055] [ 17.916171] The buggy address belongs to the object at ffff8881033b5600 [ 17.916171] which belongs to the cache kmalloc-64 of size 64 [ 17.916583] The buggy address is located 0 bytes to the right of [ 17.916583] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.917485] [ 17.917723] The buggy address belongs to the physical page: [ 17.918166] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.918590] flags: 0x200000000000000(node=0|zone=2) [ 17.918900] page_type: f5(slab) [ 17.919111] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.919545] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.919993] page dumped because: kasan: bad access detected [ 17.920332] [ 17.920506] Memory state around the buggy address: [ 17.920802] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.921206] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.921548] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.922067] ^ [ 17.922269] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.922765] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.923194] ================================================================== [ 18.037813] ================================================================== [ 18.038226] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 18.038507] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.038987] [ 18.039188] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.039299] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.039332] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.039381] Call Trace: [ 18.039426] <TASK> [ 18.039465] dump_stack_lvl+0x73/0xb0 [ 18.039525] print_report+0xd1/0x650 [ 18.039585] ? __virt_addr_valid+0x1db/0x2d0 [ 18.039628] ? kasan_atomics_helper+0x4f71/0x5450 [ 18.039666] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.039734] ? kasan_atomics_helper+0x4f71/0x5450 [ 18.039780] kasan_report+0x141/0x180 [ 18.039819] ? kasan_atomics_helper+0x4f71/0x5450 [ 18.039869] __asan_report_load8_noabort+0x18/0x20 [ 18.039912] kasan_atomics_helper+0x4f71/0x5450 [ 18.039958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.040006] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.040047] ? ret_from_fork_asm+0x1a/0x30 [ 18.040088] ? kasan_atomics+0x152/0x310 [ 18.040132] kasan_atomics+0x1dc/0x310 [ 18.040173] ? __pfx_kasan_atomics+0x10/0x10 [ 18.040220] ? __pfx_read_tsc+0x10/0x10 [ 18.040264] ? ktime_get_ts64+0x86/0x230 [ 18.040318] kunit_try_run_case+0x1a5/0x480 [ 18.040375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.040424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.040468] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.040514] ? __kthread_parkme+0x82/0x180 [ 18.040555] ? preempt_count_sub+0x50/0x80 [ 18.040624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.040668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.040709] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.040756] kthread+0x337/0x6f0 [ 18.040791] ? trace_preempt_on+0x20/0xc0 [ 18.040833] ? __pfx_kthread+0x10/0x10 [ 18.040868] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.040909] ? calculate_sigpending+0x7b/0xa0 [ 18.040954] ? __pfx_kthread+0x10/0x10 [ 18.040995] ret_from_fork+0x41/0x80 [ 18.041038] ? __pfx_kthread+0x10/0x10 [ 18.041064] ret_from_fork_asm+0x1a/0x30 [ 18.041096] </TASK> [ 18.041111] [ 18.050583] Allocated by task 285: [ 18.050879] kasan_save_stack+0x45/0x70 [ 18.051191] kasan_save_track+0x18/0x40 [ 18.051491] kasan_save_alloc_info+0x3b/0x50 [ 18.051888] __kasan_kmalloc+0xb7/0xc0 [ 18.052120] __kmalloc_cache_noprof+0x189/0x420 [ 18.052326] kasan_atomics+0x95/0x310 [ 18.052606] kunit_try_run_case+0x1a5/0x480 [ 18.052945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.053178] kthread+0x337/0x6f0 [ 18.053444] ret_from_fork+0x41/0x80 [ 18.053696] ret_from_fork_asm+0x1a/0x30 [ 18.053885] [ 18.054015] The buggy address belongs to the object at ffff8881033b5600 [ 18.054015] which belongs to the cache kmalloc-64 of size 64 [ 18.054588] The buggy address is located 0 bytes to the right of [ 18.054588] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.054993] [ 18.055116] The buggy address belongs to the physical page: [ 18.055352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.055704] flags: 0x200000000000000(node=0|zone=2) [ 18.056083] page_type: f5(slab) [ 18.056440] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.057093] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.057583] page dumped because: kasan: bad access detected [ 18.058062] [ 18.058173] Memory state around the buggy address: [ 18.058374] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.058677] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.059128] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.059657] ^ [ 18.059976] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060239] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.060492] ================================================================== [ 17.462824] ================================================================== [ 17.463191] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 17.463691] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.463925] [ 17.464077] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.464678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.464723] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.464751] Call Trace: [ 17.464777] <TASK> [ 17.464801] dump_stack_lvl+0x73/0xb0 [ 17.464842] print_report+0xd1/0x650 [ 17.464867] ? __virt_addr_valid+0x1db/0x2d0 [ 17.464891] ? kasan_atomics_helper+0x1467/0x5450 [ 17.464915] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.464939] ? kasan_atomics_helper+0x1467/0x5450 [ 17.464961] kasan_report+0x141/0x180 [ 17.464985] ? kasan_atomics_helper+0x1467/0x5450 [ 17.465011] kasan_check_range+0x10c/0x1c0 [ 17.465033] __kasan_check_write+0x18/0x20 [ 17.465054] kasan_atomics_helper+0x1467/0x5450 [ 17.465078] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.465101] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.465123] ? ret_from_fork_asm+0x1a/0x30 [ 17.465145] ? kasan_atomics+0x152/0x310 [ 17.465168] kasan_atomics+0x1dc/0x310 [ 17.465188] ? __pfx_kasan_atomics+0x10/0x10 [ 17.465209] ? __pfx_read_tsc+0x10/0x10 [ 17.465230] ? ktime_get_ts64+0x86/0x230 [ 17.465257] kunit_try_run_case+0x1a5/0x480 [ 17.465283] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.465306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.465330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.465354] ? __kthread_parkme+0x82/0x180 [ 17.465377] ? preempt_count_sub+0x50/0x80 [ 17.465403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.465427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.465451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.465474] kthread+0x337/0x6f0 [ 17.465492] ? trace_preempt_on+0x20/0xc0 [ 17.465517] ? __pfx_kthread+0x10/0x10 [ 17.465536] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.465569] ? calculate_sigpending+0x7b/0xa0 [ 17.465598] ? __pfx_kthread+0x10/0x10 [ 17.465618] ret_from_fork+0x41/0x80 [ 17.465640] ? __pfx_kthread+0x10/0x10 [ 17.465667] ret_from_fork_asm+0x1a/0x30 [ 17.465705] </TASK> [ 17.465719] [ 17.476310] Allocated by task 285: [ 17.476547] kasan_save_stack+0x45/0x70 [ 17.477018] kasan_save_track+0x18/0x40 [ 17.477397] kasan_save_alloc_info+0x3b/0x50 [ 17.477823] __kasan_kmalloc+0xb7/0xc0 [ 17.478174] __kmalloc_cache_noprof+0x189/0x420 [ 17.478590] kasan_atomics+0x95/0x310 [ 17.478972] kunit_try_run_case+0x1a5/0x480 [ 17.479396] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.479812] kthread+0x337/0x6f0 [ 17.479974] ret_from_fork+0x41/0x80 [ 17.480299] ret_from_fork_asm+0x1a/0x30 [ 17.480589] [ 17.480796] The buggy address belongs to the object at ffff8881033b5600 [ 17.480796] which belongs to the cache kmalloc-64 of size 64 [ 17.481476] The buggy address is located 0 bytes to the right of [ 17.481476] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.482089] [ 17.482303] The buggy address belongs to the physical page: [ 17.482765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.483259] flags: 0x200000000000000(node=0|zone=2) [ 17.483505] page_type: f5(slab) [ 17.483854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.484261] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.484740] page dumped because: kasan: bad access detected [ 17.485103] [ 17.485276] Memory state around the buggy address: [ 17.485586] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.486143] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.486465] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.486897] ^ [ 17.487317] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.487820] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.488246] ================================================================== [ 17.924225] ================================================================== [ 17.925035] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 17.925610] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.926138] [ 17.926358] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.926457] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.926483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.926525] Call Trace: [ 17.926578] <TASK> [ 17.926617] dump_stack_lvl+0x73/0xb0 [ 17.926713] print_report+0xd1/0x650 [ 17.926763] ? __virt_addr_valid+0x1db/0x2d0 [ 17.926808] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.926848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.926894] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.926937] kasan_report+0x141/0x180 [ 17.926987] ? kasan_atomics_helper+0x1d7a/0x5450 [ 17.927032] kasan_check_range+0x10c/0x1c0 [ 17.927056] __kasan_check_write+0x18/0x20 [ 17.927078] kasan_atomics_helper+0x1d7a/0x5450 [ 17.927102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.927127] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.927177] ? ret_from_fork_asm+0x1a/0x30 [ 17.927218] ? kasan_atomics+0x152/0x310 [ 17.927268] kasan_atomics+0x1dc/0x310 [ 17.927313] ? __pfx_kasan_atomics+0x10/0x10 [ 17.927351] ? __pfx_read_tsc+0x10/0x10 [ 17.927390] ? ktime_get_ts64+0x86/0x230 [ 17.927442] kunit_try_run_case+0x1a5/0x480 [ 17.927491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.927535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.927593] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.927638] ? __kthread_parkme+0x82/0x180 [ 17.927720] ? preempt_count_sub+0x50/0x80 [ 17.927770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.927815] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.927845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.927870] kthread+0x337/0x6f0 [ 17.927890] ? trace_preempt_on+0x20/0xc0 [ 17.927917] ? __pfx_kthread+0x10/0x10 [ 17.927937] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.927961] ? calculate_sigpending+0x7b/0xa0 [ 17.927984] ? __pfx_kthread+0x10/0x10 [ 17.928004] ret_from_fork+0x41/0x80 [ 17.928027] ? __pfx_kthread+0x10/0x10 [ 17.928046] ret_from_fork_asm+0x1a/0x30 [ 17.928078] </TASK> [ 17.928093] [ 17.937292] Allocated by task 285: [ 17.937606] kasan_save_stack+0x45/0x70 [ 17.937974] kasan_save_track+0x18/0x40 [ 17.938228] kasan_save_alloc_info+0x3b/0x50 [ 17.938443] __kasan_kmalloc+0xb7/0xc0 [ 17.938633] __kmalloc_cache_noprof+0x189/0x420 [ 17.938858] kasan_atomics+0x95/0x310 [ 17.939126] kunit_try_run_case+0x1a5/0x480 [ 17.939487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.939929] kthread+0x337/0x6f0 [ 17.940216] ret_from_fork+0x41/0x80 [ 17.940486] ret_from_fork_asm+0x1a/0x30 [ 17.940807] [ 17.940974] The buggy address belongs to the object at ffff8881033b5600 [ 17.940974] which belongs to the cache kmalloc-64 of size 64 [ 17.941393] The buggy address is located 0 bytes to the right of [ 17.941393] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.942180] [ 17.942358] The buggy address belongs to the physical page: [ 17.942796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.943258] flags: 0x200000000000000(node=0|zone=2) [ 17.943567] page_type: f5(slab) [ 17.943841] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.944201] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.944570] page dumped because: kasan: bad access detected [ 17.944813] [ 17.944930] Memory state around the buggy address: [ 17.945195] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.945710] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.946245] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.946865] ^ [ 17.947085] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.947355] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.947989] ================================================================== [ 16.843435] ================================================================== [ 16.844190] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 16.845299] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.846071] [ 16.846273] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.846387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.846419] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.846469] Call Trace: [ 16.846522] <TASK> [ 16.846576] dump_stack_lvl+0x73/0xb0 [ 16.846887] print_report+0xd1/0x650 [ 16.846954] ? __virt_addr_valid+0x1db/0x2d0 [ 16.846991] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.847018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.847046] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.847072] kasan_report+0x141/0x180 [ 16.847098] ? kasan_atomics_helper+0xa2b/0x5450 [ 16.847128] kasan_check_range+0x10c/0x1c0 [ 16.847170] __kasan_check_write+0x18/0x20 [ 16.847194] kasan_atomics_helper+0xa2b/0x5450 [ 16.847221] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.847247] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.847272] ? ret_from_fork_asm+0x1a/0x30 [ 16.847297] ? kasan_atomics+0x152/0x310 [ 16.847324] kasan_atomics+0x1dc/0x310 [ 16.847346] ? __pfx_kasan_atomics+0x10/0x10 [ 16.847371] ? __pfx_read_tsc+0x10/0x10 [ 16.847395] ? ktime_get_ts64+0x86/0x230 [ 16.847427] kunit_try_run_case+0x1a5/0x480 [ 16.847456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.847482] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.847510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.847537] ? __kthread_parkme+0x82/0x180 [ 16.847582] ? preempt_count_sub+0x50/0x80 [ 16.847636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.847680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.847711] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.847739] kthread+0x337/0x6f0 [ 16.847761] ? trace_preempt_on+0x20/0xc0 [ 16.847789] ? __pfx_kthread+0x10/0x10 [ 16.847811] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.847835] ? calculate_sigpending+0x7b/0xa0 [ 16.847861] ? __pfx_kthread+0x10/0x10 [ 16.847882] ret_from_fork+0x41/0x80 [ 16.847906] ? __pfx_kthread+0x10/0x10 [ 16.847927] ret_from_fork_asm+0x1a/0x30 [ 16.847960] </TASK> [ 16.847976] [ 16.861526] Allocated by task 285: [ 16.862381] kasan_save_stack+0x45/0x70 [ 16.863029] kasan_save_track+0x18/0x40 [ 16.863338] kasan_save_alloc_info+0x3b/0x50 [ 16.863770] __kasan_kmalloc+0xb7/0xc0 [ 16.863960] __kmalloc_cache_noprof+0x189/0x420 [ 16.864159] kasan_atomics+0x95/0x310 [ 16.864328] kunit_try_run_case+0x1a5/0x480 [ 16.864516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.864929] kthread+0x337/0x6f0 [ 16.865227] ret_from_fork+0x41/0x80 [ 16.865639] ret_from_fork_asm+0x1a/0x30 [ 16.866497] [ 16.866811] The buggy address belongs to the object at ffff8881033b5600 [ 16.866811] which belongs to the cache kmalloc-64 of size 64 [ 16.867768] The buggy address is located 0 bytes to the right of [ 16.867768] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.868494] [ 16.868639] The buggy address belongs to the physical page: [ 16.869041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.869454] flags: 0x200000000000000(node=0|zone=2) [ 16.870040] page_type: f5(slab) [ 16.870894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.871758] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.872086] page dumped because: kasan: bad access detected [ 16.872380] [ 16.872548] Memory state around the buggy address: [ 16.873058] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.873518] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.874052] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.874486] ^ [ 16.874996] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876078] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.876601] ================================================================== [ 16.578022] ================================================================== [ 16.578583] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 16.579006] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.580493] [ 16.580790] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.580891] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.580918] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.580956] Call Trace: [ 16.580997] <TASK> [ 16.581032] dump_stack_lvl+0x73/0xb0 [ 16.581094] print_report+0xd1/0x650 [ 16.581142] ? __virt_addr_valid+0x1db/0x2d0 [ 16.581186] ? kasan_atomics_helper+0x565/0x5450 [ 16.581386] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.581417] ? kasan_atomics_helper+0x565/0x5450 [ 16.581442] kasan_report+0x141/0x180 [ 16.581468] ? kasan_atomics_helper+0x565/0x5450 [ 16.581495] kasan_check_range+0x10c/0x1c0 [ 16.581518] __kasan_check_write+0x18/0x20 [ 16.581539] kasan_atomics_helper+0x565/0x5450 [ 16.581586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.581634] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.581673] ? ret_from_fork_asm+0x1a/0x30 [ 16.581710] ? kasan_atomics+0x152/0x310 [ 16.581747] kasan_atomics+0x1dc/0x310 [ 16.581784] ? __pfx_kasan_atomics+0x10/0x10 [ 16.581815] ? __pfx_read_tsc+0x10/0x10 [ 16.581839] ? ktime_get_ts64+0x86/0x230 [ 16.581869] kunit_try_run_case+0x1a5/0x480 [ 16.581897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.581921] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.581947] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.581972] ? __kthread_parkme+0x82/0x180 [ 16.581998] ? preempt_count_sub+0x50/0x80 [ 16.582025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.582050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.582076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.582100] kthread+0x337/0x6f0 [ 16.582119] ? trace_preempt_on+0x20/0xc0 [ 16.582145] ? __pfx_kthread+0x10/0x10 [ 16.582165] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.582188] ? calculate_sigpending+0x7b/0xa0 [ 16.582212] ? __pfx_kthread+0x10/0x10 [ 16.582232] ret_from_fork+0x41/0x80 [ 16.582254] ? __pfx_kthread+0x10/0x10 [ 16.582274] ret_from_fork_asm+0x1a/0x30 [ 16.582306] </TASK> [ 16.582321] [ 16.597310] Allocated by task 285: [ 16.597635] kasan_save_stack+0x45/0x70 [ 16.597961] kasan_save_track+0x18/0x40 [ 16.598144] kasan_save_alloc_info+0x3b/0x50 [ 16.598894] __kasan_kmalloc+0xb7/0xc0 [ 16.599099] __kmalloc_cache_noprof+0x189/0x420 [ 16.599293] kasan_atomics+0x95/0x310 [ 16.599434] kunit_try_run_case+0x1a5/0x480 [ 16.599596] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.600667] kthread+0x337/0x6f0 [ 16.601218] ret_from_fork+0x41/0x80 [ 16.601379] ret_from_fork_asm+0x1a/0x30 [ 16.601876] [ 16.602057] The buggy address belongs to the object at ffff8881033b5600 [ 16.602057] which belongs to the cache kmalloc-64 of size 64 [ 16.603352] The buggy address is located 0 bytes to the right of [ 16.603352] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.604067] [ 16.604164] The buggy address belongs to the physical page: [ 16.604332] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.604576] flags: 0x200000000000000(node=0|zone=2) [ 16.605061] page_type: f5(slab) [ 16.605211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.605421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.605672] page dumped because: kasan: bad access detected [ 16.605845] [ 16.605925] Memory state around the buggy address: [ 16.606080] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.606279] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.606480] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.608462] ^ [ 16.608663] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.608944] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609823] ================================================================== [ 16.952801] ================================================================== [ 16.953348] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 16.954674] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.955199] [ 16.955427] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.955512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.955533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.955586] Call Trace: [ 16.955620] <TASK> [ 16.955654] dump_stack_lvl+0x73/0xb0 [ 16.955718] print_report+0xd1/0x650 [ 16.955766] ? __virt_addr_valid+0x1db/0x2d0 [ 16.955815] ? kasan_atomics_helper+0xc70/0x5450 [ 16.955862] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.955911] ? kasan_atomics_helper+0xc70/0x5450 [ 16.955952] kasan_report+0x141/0x180 [ 16.955978] ? kasan_atomics_helper+0xc70/0x5450 [ 16.956004] kasan_check_range+0x10c/0x1c0 [ 16.956026] __kasan_check_write+0x18/0x20 [ 16.956046] kasan_atomics_helper+0xc70/0x5450 [ 16.956070] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.956093] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.956116] ? ret_from_fork_asm+0x1a/0x30 [ 16.956138] ? kasan_atomics+0x152/0x310 [ 16.956161] kasan_atomics+0x1dc/0x310 [ 16.956181] ? __pfx_kasan_atomics+0x10/0x10 [ 16.956203] ? __pfx_read_tsc+0x10/0x10 [ 16.956224] ? ktime_get_ts64+0x86/0x230 [ 16.956251] kunit_try_run_case+0x1a5/0x480 [ 16.956278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.956301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.956326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.956349] ? __kthread_parkme+0x82/0x180 [ 16.956372] ? preempt_count_sub+0x50/0x80 [ 16.956398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.956422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.956445] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.956469] kthread+0x337/0x6f0 [ 16.956486] ? trace_preempt_on+0x20/0xc0 [ 16.956511] ? __pfx_kthread+0x10/0x10 [ 16.956530] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.956551] ? calculate_sigpending+0x7b/0xa0 [ 16.956608] ? __pfx_kthread+0x10/0x10 [ 16.956629] ret_from_fork+0x41/0x80 [ 16.956665] ? __pfx_kthread+0x10/0x10 [ 16.956710] ret_from_fork_asm+0x1a/0x30 [ 16.956742] </TASK> [ 16.956756] [ 16.966291] Allocated by task 285: [ 16.966629] kasan_save_stack+0x45/0x70 [ 16.967074] kasan_save_track+0x18/0x40 [ 16.967417] kasan_save_alloc_info+0x3b/0x50 [ 16.967744] __kasan_kmalloc+0xb7/0xc0 [ 16.968013] __kmalloc_cache_noprof+0x189/0x420 [ 16.968205] kasan_atomics+0x95/0x310 [ 16.968378] kunit_try_run_case+0x1a5/0x480 [ 16.968605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.969054] kthread+0x337/0x6f0 [ 16.969318] ret_from_fork+0x41/0x80 [ 16.969608] ret_from_fork_asm+0x1a/0x30 [ 16.969943] [ 16.970109] The buggy address belongs to the object at ffff8881033b5600 [ 16.970109] which belongs to the cache kmalloc-64 of size 64 [ 16.970643] The buggy address is located 0 bytes to the right of [ 16.970643] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.971417] [ 16.971626] The buggy address belongs to the physical page: [ 16.971926] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.972266] flags: 0x200000000000000(node=0|zone=2) [ 16.972654] page_type: f5(slab) [ 16.972972] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.973322] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.974536] page dumped because: kasan: bad access detected [ 16.975027] [ 16.975206] Memory state around the buggy address: [ 16.975577] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.976620] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.976965] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.977441] ^ [ 16.977678] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.977990] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.978277] ================================================================== [ 17.287841] ================================================================== [ 17.288423] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 17.288872] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.289499] [ 17.289751] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.289833] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.289854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.289889] Call Trace: [ 17.289927] <TASK> [ 17.289970] dump_stack_lvl+0x73/0xb0 [ 17.290028] print_report+0xd1/0x650 [ 17.290065] ? __virt_addr_valid+0x1db/0x2d0 [ 17.290098] ? kasan_atomics_helper+0x1217/0x5450 [ 17.290132] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.290168] ? kasan_atomics_helper+0x1217/0x5450 [ 17.290205] kasan_report+0x141/0x180 [ 17.290244] ? kasan_atomics_helper+0x1217/0x5450 [ 17.290293] kasan_check_range+0x10c/0x1c0 [ 17.290336] __kasan_check_write+0x18/0x20 [ 17.290423] kasan_atomics_helper+0x1217/0x5450 [ 17.290469] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.290512] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.290556] ? ret_from_fork_asm+0x1a/0x30 [ 17.290632] ? kasan_atomics+0x152/0x310 [ 17.290737] kasan_atomics+0x1dc/0x310 [ 17.290784] ? __pfx_kasan_atomics+0x10/0x10 [ 17.290829] ? __pfx_read_tsc+0x10/0x10 [ 17.290897] ? ktime_get_ts64+0x86/0x230 [ 17.290952] kunit_try_run_case+0x1a5/0x480 [ 17.291006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.291053] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.291139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.291192] ? __kthread_parkme+0x82/0x180 [ 17.291241] ? preempt_count_sub+0x50/0x80 [ 17.291275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.291303] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.291330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.291356] kthread+0x337/0x6f0 [ 17.291380] ? trace_preempt_on+0x20/0xc0 [ 17.291423] ? __pfx_kthread+0x10/0x10 [ 17.291458] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.291501] ? calculate_sigpending+0x7b/0xa0 [ 17.291595] ? __pfx_kthread+0x10/0x10 [ 17.291635] ret_from_fork+0x41/0x80 [ 17.291710] ? __pfx_kthread+0x10/0x10 [ 17.291752] ret_from_fork_asm+0x1a/0x30 [ 17.291843] </TASK> [ 17.291874] [ 17.302842] Allocated by task 285: [ 17.303071] kasan_save_stack+0x45/0x70 [ 17.303514] kasan_save_track+0x18/0x40 [ 17.303841] kasan_save_alloc_info+0x3b/0x50 [ 17.304137] __kasan_kmalloc+0xb7/0xc0 [ 17.304465] __kmalloc_cache_noprof+0x189/0x420 [ 17.305309] kasan_atomics+0x95/0x310 [ 17.305568] kunit_try_run_case+0x1a5/0x480 [ 17.305840] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.307158] kthread+0x337/0x6f0 [ 17.307379] ret_from_fork+0x41/0x80 [ 17.307648] ret_from_fork_asm+0x1a/0x30 [ 17.308255] [ 17.308379] The buggy address belongs to the object at ffff8881033b5600 [ 17.308379] which belongs to the cache kmalloc-64 of size 64 [ 17.309595] The buggy address is located 0 bytes to the right of [ 17.309595] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.310204] [ 17.310384] The buggy address belongs to the physical page: [ 17.310773] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.311082] flags: 0x200000000000000(node=0|zone=2) [ 17.311455] page_type: f5(slab) [ 17.311823] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.312312] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.312680] page dumped because: kasan: bad access detected [ 17.313107] [ 17.313310] Memory state around the buggy address: [ 17.313556] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.313989] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.314377] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.314754] ^ [ 17.315049] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.315555] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.316231] ================================================================== [ 18.197969] ================================================================== [ 18.198301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 18.198593] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.199307] [ 18.199549] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.199647] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.199693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.199726] Call Trace: [ 18.199764] <TASK> [ 18.199798] dump_stack_lvl+0x73/0xb0 [ 18.199849] print_report+0xd1/0x650 [ 18.199887] ? __virt_addr_valid+0x1db/0x2d0 [ 18.199921] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.199953] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.199987] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.200020] kasan_report+0x141/0x180 [ 18.200055] ? kasan_atomics_helper+0x4fa5/0x5450 [ 18.200095] __asan_report_load8_noabort+0x18/0x20 [ 18.200131] kasan_atomics_helper+0x4fa5/0x5450 [ 18.200175] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.200219] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.200262] ? ret_from_fork_asm+0x1a/0x30 [ 18.200306] ? kasan_atomics+0x152/0x310 [ 18.200376] kasan_atomics+0x1dc/0x310 [ 18.200414] ? __pfx_kasan_atomics+0x10/0x10 [ 18.200453] ? __pfx_read_tsc+0x10/0x10 [ 18.200495] ? ktime_get_ts64+0x86/0x230 [ 18.200552] kunit_try_run_case+0x1a5/0x480 [ 18.200641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.200715] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.200770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.200819] ? __kthread_parkme+0x82/0x180 [ 18.200867] ? preempt_count_sub+0x50/0x80 [ 18.200926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.200979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.201031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.201078] kthread+0x337/0x6f0 [ 18.201109] ? trace_preempt_on+0x20/0xc0 [ 18.201151] ? __pfx_kthread+0x10/0x10 [ 18.201189] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.201229] ? calculate_sigpending+0x7b/0xa0 [ 18.201274] ? __pfx_kthread+0x10/0x10 [ 18.201311] ret_from_fork+0x41/0x80 [ 18.201348] ? __pfx_kthread+0x10/0x10 [ 18.201408] ret_from_fork_asm+0x1a/0x30 [ 18.201466] </TASK> [ 18.201493] [ 18.211082] Allocated by task 285: [ 18.212213] kasan_save_stack+0x45/0x70 [ 18.212413] kasan_save_track+0x18/0x40 [ 18.212987] kasan_save_alloc_info+0x3b/0x50 [ 18.213639] __kasan_kmalloc+0xb7/0xc0 [ 18.213908] __kmalloc_cache_noprof+0x189/0x420 [ 18.214075] kasan_atomics+0x95/0x310 [ 18.214212] kunit_try_run_case+0x1a5/0x480 [ 18.214371] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.214547] kthread+0x337/0x6f0 [ 18.214703] ret_from_fork+0x41/0x80 [ 18.214876] ret_from_fork_asm+0x1a/0x30 [ 18.215182] [ 18.215359] The buggy address belongs to the object at ffff8881033b5600 [ 18.215359] which belongs to the cache kmalloc-64 of size 64 [ 18.216474] The buggy address is located 0 bytes to the right of [ 18.216474] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.217151] [ 18.217279] The buggy address belongs to the physical page: [ 18.217494] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.218267] flags: 0x200000000000000(node=0|zone=2) [ 18.218663] page_type: f5(slab) [ 18.218959] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.219331] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.219612] page dumped because: kasan: bad access detected [ 18.219822] [ 18.219928] Memory state around the buggy address: [ 18.220280] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.220905] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.221424] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.222780] ^ [ 18.223043] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.223323] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.224157] ================================================================== [ 17.234796] ================================================================== [ 17.235398] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 17.236288] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.236519] [ 17.236678] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.236740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.236756] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.236780] Call Trace: [ 17.236805] <TASK> [ 17.236828] dump_stack_lvl+0x73/0xb0 [ 17.236864] print_report+0xd1/0x650 [ 17.236890] ? __virt_addr_valid+0x1db/0x2d0 [ 17.236914] ? kasan_atomics_helper+0x1148/0x5450 [ 17.236937] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.236960] ? kasan_atomics_helper+0x1148/0x5450 [ 17.236983] kasan_report+0x141/0x180 [ 17.237006] ? kasan_atomics_helper+0x1148/0x5450 [ 17.237032] kasan_check_range+0x10c/0x1c0 [ 17.237052] __kasan_check_write+0x18/0x20 [ 17.237073] kasan_atomics_helper+0x1148/0x5450 [ 17.237097] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.237120] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.237142] ? ret_from_fork_asm+0x1a/0x30 [ 17.237165] ? kasan_atomics+0x152/0x310 [ 17.237188] kasan_atomics+0x1dc/0x310 [ 17.237208] ? __pfx_kasan_atomics+0x10/0x10 [ 17.237229] ? __pfx_read_tsc+0x10/0x10 [ 17.237249] ? ktime_get_ts64+0x86/0x230 [ 17.237276] kunit_try_run_case+0x1a5/0x480 [ 17.237302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.237325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.237349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.237373] ? __kthread_parkme+0x82/0x180 [ 17.237396] ? preempt_count_sub+0x50/0x80 [ 17.237423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.237447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.237471] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.237494] kthread+0x337/0x6f0 [ 17.237512] ? trace_preempt_on+0x20/0xc0 [ 17.237537] ? __pfx_kthread+0x10/0x10 [ 17.237555] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.237601] ? calculate_sigpending+0x7b/0xa0 [ 17.237640] ? __pfx_kthread+0x10/0x10 [ 17.237677] ret_from_fork+0x41/0x80 [ 17.237720] ? __pfx_kthread+0x10/0x10 [ 17.237785] ret_from_fork_asm+0x1a/0x30 [ 17.237841] </TASK> [ 17.237867] [ 17.247769] Allocated by task 285: [ 17.247972] kasan_save_stack+0x45/0x70 [ 17.248152] kasan_save_track+0x18/0x40 [ 17.248296] kasan_save_alloc_info+0x3b/0x50 [ 17.248450] __kasan_kmalloc+0xb7/0xc0 [ 17.249584] __kmalloc_cache_noprof+0x189/0x420 [ 17.250097] kasan_atomics+0x95/0x310 [ 17.250294] kunit_try_run_case+0x1a5/0x480 [ 17.250488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.250751] kthread+0x337/0x6f0 [ 17.251618] ret_from_fork+0x41/0x80 [ 17.252272] ret_from_fork_asm+0x1a/0x30 [ 17.252592] [ 17.252901] The buggy address belongs to the object at ffff8881033b5600 [ 17.252901] which belongs to the cache kmalloc-64 of size 64 [ 17.253276] The buggy address is located 0 bytes to the right of [ 17.253276] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.253651] [ 17.253750] The buggy address belongs to the physical page: [ 17.253921] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.254157] flags: 0x200000000000000(node=0|zone=2) [ 17.254324] page_type: f5(slab) [ 17.254457] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.255692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.255984] page dumped because: kasan: bad access detected [ 17.256196] [ 17.256639] Memory state around the buggy address: [ 17.257234] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.257716] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.257939] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.258144] ^ [ 17.258300] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.258502] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.258809] ================================================================== [ 17.982957] ================================================================== [ 17.983393] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 17.983802] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.984174] [ 17.984305] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.984361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.984376] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.984400] Call Trace: [ 17.984424] <TASK> [ 17.984446] dump_stack_lvl+0x73/0xb0 [ 17.984477] print_report+0xd1/0x650 [ 17.984502] ? __virt_addr_valid+0x1db/0x2d0 [ 17.984525] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.984547] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.985010] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.985060] kasan_report+0x141/0x180 [ 17.985335] ? kasan_atomics_helper+0x1eaa/0x5450 [ 17.985393] kasan_check_range+0x10c/0x1c0 [ 17.985428] __kasan_check_write+0x18/0x20 [ 17.985459] kasan_atomics_helper+0x1eaa/0x5450 [ 17.985495] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.985573] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.985623] ? ret_from_fork_asm+0x1a/0x30 [ 17.985656] ? kasan_atomics+0x152/0x310 [ 17.986066] kasan_atomics+0x1dc/0x310 [ 17.986091] ? __pfx_kasan_atomics+0x10/0x10 [ 17.986114] ? __pfx_read_tsc+0x10/0x10 [ 17.986138] ? ktime_get_ts64+0x86/0x230 [ 17.986166] kunit_try_run_case+0x1a5/0x480 [ 17.986194] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.986218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.986245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.986269] ? __kthread_parkme+0x82/0x180 [ 17.986294] ? preempt_count_sub+0x50/0x80 [ 17.986321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.986345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.986369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.986392] kthread+0x337/0x6f0 [ 17.986411] ? trace_preempt_on+0x20/0xc0 [ 17.986435] ? __pfx_kthread+0x10/0x10 [ 17.986454] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.986476] ? calculate_sigpending+0x7b/0xa0 [ 17.986499] ? __pfx_kthread+0x10/0x10 [ 17.986519] ret_from_fork+0x41/0x80 [ 17.986540] ? __pfx_kthread+0x10/0x10 [ 17.986577] ret_from_fork_asm+0x1a/0x30 [ 17.986612] </TASK> [ 17.986628] [ 17.998261] Allocated by task 285: [ 17.998641] kasan_save_stack+0x45/0x70 [ 17.999428] kasan_save_track+0x18/0x40 [ 17.999948] kasan_save_alloc_info+0x3b/0x50 [ 18.000134] __kasan_kmalloc+0xb7/0xc0 [ 18.000435] __kmalloc_cache_noprof+0x189/0x420 [ 18.000794] kasan_atomics+0x95/0x310 [ 18.001109] kunit_try_run_case+0x1a5/0x480 [ 18.001351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.001698] kthread+0x337/0x6f0 [ 18.002061] ret_from_fork+0x41/0x80 [ 18.002343] ret_from_fork_asm+0x1a/0x30 [ 18.002663] [ 18.002779] The buggy address belongs to the object at ffff8881033b5600 [ 18.002779] which belongs to the cache kmalloc-64 of size 64 [ 18.003518] The buggy address is located 0 bytes to the right of [ 18.003518] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.004579] [ 18.004723] The buggy address belongs to the physical page: [ 18.004937] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.005490] flags: 0x200000000000000(node=0|zone=2) [ 18.005968] page_type: f5(slab) [ 18.006200] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.006719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.007038] page dumped because: kasan: bad access detected [ 18.007384] [ 18.007499] Memory state around the buggy address: [ 18.007845] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.008430] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.008816] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.009494] ^ [ 18.009750] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.010097] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.010590] ================================================================== [ 16.458336] ================================================================== [ 16.458515] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 16.459590] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.460002] [ 16.460095] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.460156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.460172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.460198] Call Trace: [ 16.460224] <TASK> [ 16.460313] dump_stack_lvl+0x73/0xb0 [ 16.460413] print_report+0xd1/0x650 [ 16.460447] ? __virt_addr_valid+0x1db/0x2d0 [ 16.460473] ? kasan_atomics_helper+0x3df/0x5450 [ 16.460498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.460675] ? kasan_atomics_helper+0x3df/0x5450 [ 16.460709] kasan_report+0x141/0x180 [ 16.460735] ? kasan_atomics_helper+0x3df/0x5450 [ 16.460763] kasan_check_range+0x10c/0x1c0 [ 16.460786] __kasan_check_read+0x15/0x20 [ 16.460808] kasan_atomics_helper+0x3df/0x5450 [ 16.460833] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.460858] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.460881] ? ret_from_fork_asm+0x1a/0x30 [ 16.460905] ? kasan_atomics+0x152/0x310 [ 16.460931] kasan_atomics+0x1dc/0x310 [ 16.460952] ? __pfx_kasan_atomics+0x10/0x10 [ 16.460975] ? __pfx_read_tsc+0x10/0x10 [ 16.460998] ? ktime_get_ts64+0x86/0x230 [ 16.461027] kunit_try_run_case+0x1a5/0x480 [ 16.461053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.461079] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.461106] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.461131] ? __kthread_parkme+0x82/0x180 [ 16.461155] ? preempt_count_sub+0x50/0x80 [ 16.461183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.461208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.461234] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.461260] kthread+0x337/0x6f0 [ 16.461280] ? trace_preempt_on+0x20/0xc0 [ 16.461307] ? __pfx_kthread+0x10/0x10 [ 16.461328] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.461352] ? calculate_sigpending+0x7b/0xa0 [ 16.461376] ? __pfx_kthread+0x10/0x10 [ 16.461397] ret_from_fork+0x41/0x80 [ 16.461420] ? __pfx_kthread+0x10/0x10 [ 16.461440] ret_from_fork_asm+0x1a/0x30 [ 16.461472] </TASK> [ 16.461487] [ 16.473159] Allocated by task 285: [ 16.473386] kasan_save_stack+0x45/0x70 [ 16.473521] kasan_save_track+0x18/0x40 [ 16.474019] kasan_save_alloc_info+0x3b/0x50 [ 16.474210] __kasan_kmalloc+0xb7/0xc0 [ 16.474618] __kmalloc_cache_noprof+0x189/0x420 [ 16.474966] kasan_atomics+0x95/0x310 [ 16.475170] kunit_try_run_case+0x1a5/0x480 [ 16.475468] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.475774] kthread+0x337/0x6f0 [ 16.475930] ret_from_fork+0x41/0x80 [ 16.476105] ret_from_fork_asm+0x1a/0x30 [ 16.476258] [ 16.476333] The buggy address belongs to the object at ffff8881033b5600 [ 16.476333] which belongs to the cache kmalloc-64 of size 64 [ 16.476783] The buggy address is located 0 bytes to the right of [ 16.476783] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.477219] [ 16.477354] The buggy address belongs to the physical page: [ 16.478440] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.478975] flags: 0x200000000000000(node=0|zone=2) [ 16.479384] page_type: f5(slab) [ 16.479648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.480259] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.480543] page dumped because: kasan: bad access detected [ 16.480680] [ 16.480744] Memory state around the buggy address: [ 16.480858] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.481003] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.481301] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.482741] ^ [ 16.482985] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.483160] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.484135] ================================================================== [ 18.225059] ================================================================== [ 18.225510] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 18.226528] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.227527] [ 18.227773] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.228094] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.228123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.228151] Call Trace: [ 18.228179] <TASK> [ 18.228206] dump_stack_lvl+0x73/0xb0 [ 18.228248] print_report+0xd1/0x650 [ 18.228277] ? __virt_addr_valid+0x1db/0x2d0 [ 18.228302] ? kasan_atomics_helper+0x224c/0x5450 [ 18.228327] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.228354] ? kasan_atomics_helper+0x224c/0x5450 [ 18.228379] kasan_report+0x141/0x180 [ 18.228404] ? kasan_atomics_helper+0x224c/0x5450 [ 18.228433] kasan_check_range+0x10c/0x1c0 [ 18.228456] __kasan_check_write+0x18/0x20 [ 18.228480] kasan_atomics_helper+0x224c/0x5450 [ 18.228506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.228531] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.228553] ? ret_from_fork_asm+0x1a/0x30 [ 18.228599] ? kasan_atomics+0x152/0x310 [ 18.228624] kasan_atomics+0x1dc/0x310 [ 18.228645] ? __pfx_kasan_atomics+0x10/0x10 [ 18.228675] ? __pfx_read_tsc+0x10/0x10 [ 18.228704] ? ktime_get_ts64+0x86/0x230 [ 18.228732] kunit_try_run_case+0x1a5/0x480 [ 18.228759] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.228783] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.228808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.228831] ? __kthread_parkme+0x82/0x180 [ 18.228855] ? preempt_count_sub+0x50/0x80 [ 18.228881] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.228906] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.228931] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.228955] kthread+0x337/0x6f0 [ 18.228973] ? trace_preempt_on+0x20/0xc0 [ 18.228998] ? __pfx_kthread+0x10/0x10 [ 18.229017] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.229038] ? calculate_sigpending+0x7b/0xa0 [ 18.229062] ? __pfx_kthread+0x10/0x10 [ 18.229082] ret_from_fork+0x41/0x80 [ 18.229104] ? __pfx_kthread+0x10/0x10 [ 18.229123] ret_from_fork_asm+0x1a/0x30 [ 18.229152] </TASK> [ 18.229167] [ 18.243787] Allocated by task 285: [ 18.246094] kasan_save_stack+0x45/0x70 [ 18.246288] kasan_save_track+0x18/0x40 [ 18.246591] kasan_save_alloc_info+0x3b/0x50 [ 18.247751] __kasan_kmalloc+0xb7/0xc0 [ 18.248016] __kmalloc_cache_noprof+0x189/0x420 [ 18.248198] kasan_atomics+0x95/0x310 [ 18.248713] kunit_try_run_case+0x1a5/0x480 [ 18.249188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.249430] kthread+0x337/0x6f0 [ 18.249581] ret_from_fork+0x41/0x80 [ 18.250093] ret_from_fork_asm+0x1a/0x30 [ 18.250573] [ 18.250682] The buggy address belongs to the object at ffff8881033b5600 [ 18.250682] which belongs to the cache kmalloc-64 of size 64 [ 18.251442] The buggy address is located 0 bytes to the right of [ 18.251442] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.252154] [ 18.252389] The buggy address belongs to the physical page: [ 18.252864] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.253413] flags: 0x200000000000000(node=0|zone=2) [ 18.253951] page_type: f5(slab) [ 18.254444] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.254704] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.255226] page dumped because: kasan: bad access detected [ 18.255578] [ 18.255901] Memory state around the buggy address: [ 18.256136] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.256343] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.256545] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.257204] ^ [ 18.257419] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.258107] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.258516] ================================================================== [ 16.389460] ================================================================== [ 16.390055] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 16.391253] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.391516] [ 16.391673] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.391733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.391748] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.391772] Call Trace: [ 16.391796] <TASK> [ 16.391818] dump_stack_lvl+0x73/0xb0 [ 16.391852] print_report+0xd1/0x650 [ 16.391880] ? __virt_addr_valid+0x1db/0x2d0 [ 16.391906] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.391931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.391954] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.391977] kasan_report+0x141/0x180 [ 16.392000] ? kasan_atomics_helper+0x4ba2/0x5450 [ 16.392027] __asan_report_store4_noabort+0x1b/0x30 [ 16.392049] kasan_atomics_helper+0x4ba2/0x5450 [ 16.392073] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.392096] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.392117] ? ret_from_fork_asm+0x1a/0x30 [ 16.392139] ? kasan_atomics+0x152/0x310 [ 16.392163] kasan_atomics+0x1dc/0x310 [ 16.392183] ? __pfx_kasan_atomics+0x10/0x10 [ 16.392204] ? __pfx_read_tsc+0x10/0x10 [ 16.392223] ? ktime_get_ts64+0x86/0x230 [ 16.392250] kunit_try_run_case+0x1a5/0x480 [ 16.392276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.392299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.392325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.392348] ? __kthread_parkme+0x82/0x180 [ 16.392372] ? preempt_count_sub+0x50/0x80 [ 16.392399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.392425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.392451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.392477] kthread+0x337/0x6f0 [ 16.392496] ? trace_preempt_on+0x20/0xc0 [ 16.392522] ? __pfx_kthread+0x10/0x10 [ 16.392542] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.393302] ? calculate_sigpending+0x7b/0xa0 [ 16.393338] ? __pfx_kthread+0x10/0x10 [ 16.393361] ret_from_fork+0x41/0x80 [ 16.393385] ? __pfx_kthread+0x10/0x10 [ 16.393406] ret_from_fork_asm+0x1a/0x30 [ 16.393437] </TASK> [ 16.393452] [ 16.404485] Allocated by task 285: [ 16.404903] kasan_save_stack+0x45/0x70 [ 16.405323] kasan_save_track+0x18/0x40 [ 16.405476] kasan_save_alloc_info+0x3b/0x50 [ 16.405706] __kasan_kmalloc+0xb7/0xc0 [ 16.406057] __kmalloc_cache_noprof+0x189/0x420 [ 16.406329] kasan_atomics+0x95/0x310 [ 16.406570] kunit_try_run_case+0x1a5/0x480 [ 16.406729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.406887] kthread+0x337/0x6f0 [ 16.406995] ret_from_fork+0x41/0x80 [ 16.407278] ret_from_fork_asm+0x1a/0x30 [ 16.407716] [ 16.408187] The buggy address belongs to the object at ffff8881033b5600 [ 16.408187] which belongs to the cache kmalloc-64 of size 64 [ 16.408832] The buggy address is located 0 bytes to the right of [ 16.408832] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.409469] [ 16.409609] The buggy address belongs to the physical page: [ 16.409872] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.410254] flags: 0x200000000000000(node=0|zone=2) [ 16.410740] page_type: f5(slab) [ 16.410904] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.411292] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.411887] page dumped because: kasan: bad access detected [ 16.412163] [ 16.412245] Memory state around the buggy address: [ 16.412553] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.412859] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.413216] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.413554] ^ [ 16.413750] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414160] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.414466] ================================================================== [ 16.919006] ================================================================== [ 16.919670] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 16.920481] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.921174] [ 16.921664] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.921941] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.921971] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.922157] Call Trace: [ 16.922192] <TASK> [ 16.922226] dump_stack_lvl+0x73/0xb0 [ 16.922272] print_report+0xd1/0x650 [ 16.922300] ? __virt_addr_valid+0x1db/0x2d0 [ 16.922326] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.922350] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.922374] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.922397] kasan_report+0x141/0x180 [ 16.922421] ? kasan_atomics_helper+0xb6a/0x5450 [ 16.922448] kasan_check_range+0x10c/0x1c0 [ 16.922470] __kasan_check_write+0x18/0x20 [ 16.922491] kasan_atomics_helper+0xb6a/0x5450 [ 16.922515] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.922540] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.922580] ? ret_from_fork_asm+0x1a/0x30 [ 16.922615] ? kasan_atomics+0x152/0x310 [ 16.922654] kasan_atomics+0x1dc/0x310 [ 16.922690] ? __pfx_kasan_atomics+0x10/0x10 [ 16.922725] ? __pfx_read_tsc+0x10/0x10 [ 16.922788] ? ktime_get_ts64+0x86/0x230 [ 16.922833] kunit_try_run_case+0x1a5/0x480 [ 16.922879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.922917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.922958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.922996] ? __kthread_parkme+0x82/0x180 [ 16.923032] ? preempt_count_sub+0x50/0x80 [ 16.923075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.923104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.923141] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.923173] kthread+0x337/0x6f0 [ 16.923193] ? trace_preempt_on+0x20/0xc0 [ 16.923222] ? __pfx_kthread+0x10/0x10 [ 16.923244] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.923267] ? calculate_sigpending+0x7b/0xa0 [ 16.923293] ? __pfx_kthread+0x10/0x10 [ 16.923315] ret_from_fork+0x41/0x80 [ 16.923339] ? __pfx_kthread+0x10/0x10 [ 16.923358] ret_from_fork_asm+0x1a/0x30 [ 16.923390] </TASK> [ 16.923404] [ 16.937736] Allocated by task 285: [ 16.938125] kasan_save_stack+0x45/0x70 [ 16.938523] kasan_save_track+0x18/0x40 [ 16.938776] kasan_save_alloc_info+0x3b/0x50 [ 16.938978] __kasan_kmalloc+0xb7/0xc0 [ 16.939259] __kmalloc_cache_noprof+0x189/0x420 [ 16.939636] kasan_atomics+0x95/0x310 [ 16.940040] kunit_try_run_case+0x1a5/0x480 [ 16.940366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.940898] kthread+0x337/0x6f0 [ 16.941066] ret_from_fork+0x41/0x80 [ 16.941240] ret_from_fork_asm+0x1a/0x30 [ 16.941607] [ 16.941802] The buggy address belongs to the object at ffff8881033b5600 [ 16.941802] which belongs to the cache kmalloc-64 of size 64 [ 16.942580] The buggy address is located 0 bytes to the right of [ 16.942580] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.943522] [ 16.943803] The buggy address belongs to the physical page: [ 16.944275] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.944716] flags: 0x200000000000000(node=0|zone=2) [ 16.944884] page_type: f5(slab) [ 16.945022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.945632] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.946161] page dumped because: kasan: bad access detected [ 16.946515] [ 16.946644] Memory state around the buggy address: [ 16.946848] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.948049] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.948953] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.949425] ^ [ 16.949630] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.950101] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.951054] ================================================================== [ 17.489242] ================================================================== [ 17.490196] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 17.490660] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.491186] [ 17.491440] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.491548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.491594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.491641] Call Trace: [ 17.491698] <TASK> [ 17.491752] dump_stack_lvl+0x73/0xb0 [ 17.491825] print_report+0xd1/0x650 [ 17.491881] ? __virt_addr_valid+0x1db/0x2d0 [ 17.491927] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.491988] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.492059] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.492105] kasan_report+0x141/0x180 [ 17.492135] ? kasan_atomics_helper+0x50d4/0x5450 [ 17.492165] __asan_report_store8_noabort+0x1b/0x30 [ 17.492189] kasan_atomics_helper+0x50d4/0x5450 [ 17.492216] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.492253] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.492289] ? ret_from_fork_asm+0x1a/0x30 [ 17.492331] ? kasan_atomics+0x152/0x310 [ 17.492375] kasan_atomics+0x1dc/0x310 [ 17.492425] ? __pfx_kasan_atomics+0x10/0x10 [ 17.492480] ? __pfx_read_tsc+0x10/0x10 [ 17.492525] ? ktime_get_ts64+0x86/0x230 [ 17.492583] kunit_try_run_case+0x1a5/0x480 [ 17.492636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.492676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.492730] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.492790] ? __kthread_parkme+0x82/0x180 [ 17.492836] ? preempt_count_sub+0x50/0x80 [ 17.492884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.492921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.492947] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.492972] kthread+0x337/0x6f0 [ 17.492991] ? trace_preempt_on+0x20/0xc0 [ 17.493018] ? __pfx_kthread+0x10/0x10 [ 17.493037] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.493059] ? calculate_sigpending+0x7b/0xa0 [ 17.493083] ? __pfx_kthread+0x10/0x10 [ 17.493104] ret_from_fork+0x41/0x80 [ 17.493125] ? __pfx_kthread+0x10/0x10 [ 17.493145] ret_from_fork_asm+0x1a/0x30 [ 17.493176] </TASK> [ 17.493191] [ 17.502765] Allocated by task 285: [ 17.503090] kasan_save_stack+0x45/0x70 [ 17.503482] kasan_save_track+0x18/0x40 [ 17.503828] kasan_save_alloc_info+0x3b/0x50 [ 17.504029] __kasan_kmalloc+0xb7/0xc0 [ 17.504377] __kmalloc_cache_noprof+0x189/0x420 [ 17.504782] kasan_atomics+0x95/0x310 [ 17.505007] kunit_try_run_case+0x1a5/0x480 [ 17.505322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.505540] kthread+0x337/0x6f0 [ 17.505821] ret_from_fork+0x41/0x80 [ 17.506193] ret_from_fork_asm+0x1a/0x30 [ 17.506440] [ 17.506553] The buggy address belongs to the object at ffff8881033b5600 [ 17.506553] which belongs to the cache kmalloc-64 of size 64 [ 17.507361] The buggy address is located 0 bytes to the right of [ 17.507361] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.508301] [ 17.508504] The buggy address belongs to the physical page: [ 17.508811] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.509264] flags: 0x200000000000000(node=0|zone=2) [ 17.509616] page_type: f5(slab) [ 17.509921] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.510279] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.510676] page dumped because: kasan: bad access detected [ 17.511016] [ 17.511226] Memory state around the buggy address: [ 17.511507] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.512179] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.512528] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.513049] ^ [ 17.513295] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.513729] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.514048] ================================================================== [ 17.317141] ================================================================== [ 17.318047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 17.318491] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.319129] [ 17.319373] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.319473] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.319501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.319547] Call Trace: [ 17.319605] <TASK> [ 17.319656] dump_stack_lvl+0x73/0xb0 [ 17.319736] print_report+0xd1/0x650 [ 17.319793] ? __virt_addr_valid+0x1db/0x2d0 [ 17.319842] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.319893] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.319938] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.319979] kasan_report+0x141/0x180 [ 17.320025] ? kasan_atomics_helper+0x49e8/0x5450 [ 17.320085] __asan_report_load4_noabort+0x18/0x20 [ 17.320131] kasan_atomics_helper+0x49e8/0x5450 [ 17.320196] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.320238] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.320262] ? ret_from_fork_asm+0x1a/0x30 [ 17.320286] ? kasan_atomics+0x152/0x310 [ 17.320311] kasan_atomics+0x1dc/0x310 [ 17.320332] ? __pfx_kasan_atomics+0x10/0x10 [ 17.320355] ? __pfx_read_tsc+0x10/0x10 [ 17.320392] ? ktime_get_ts64+0x86/0x230 [ 17.320431] kunit_try_run_case+0x1a5/0x480 [ 17.320460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.320510] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.320533] ? __kthread_parkme+0x82/0x180 [ 17.320570] ? preempt_count_sub+0x50/0x80 [ 17.320604] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.320706] kthread+0x337/0x6f0 [ 17.320727] ? trace_preempt_on+0x20/0xc0 [ 17.320753] ? __pfx_kthread+0x10/0x10 [ 17.320773] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.320795] ? calculate_sigpending+0x7b/0xa0 [ 17.320819] ? __pfx_kthread+0x10/0x10 [ 17.320838] ret_from_fork+0x41/0x80 [ 17.320860] ? __pfx_kthread+0x10/0x10 [ 17.320880] ret_from_fork_asm+0x1a/0x30 [ 17.320909] </TASK> [ 17.320923] [ 17.330188] Allocated by task 285: [ 17.330517] kasan_save_stack+0x45/0x70 [ 17.330867] kasan_save_track+0x18/0x40 [ 17.331278] kasan_save_alloc_info+0x3b/0x50 [ 17.331617] __kasan_kmalloc+0xb7/0xc0 [ 17.331961] __kmalloc_cache_noprof+0x189/0x420 [ 17.332330] kasan_atomics+0x95/0x310 [ 17.332649] kunit_try_run_case+0x1a5/0x480 [ 17.332863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.333081] kthread+0x337/0x6f0 [ 17.333247] ret_from_fork+0x41/0x80 [ 17.333425] ret_from_fork_asm+0x1a/0x30 [ 17.333754] [ 17.333947] The buggy address belongs to the object at ffff8881033b5600 [ 17.333947] which belongs to the cache kmalloc-64 of size 64 [ 17.334789] The buggy address is located 0 bytes to the right of [ 17.334789] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.335640] [ 17.335866] The buggy address belongs to the physical page: [ 17.336236] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.336644] flags: 0x200000000000000(node=0|zone=2) [ 17.336926] page_type: f5(slab) [ 17.337239] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.337533] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.338119] page dumped because: kasan: bad access detected [ 17.338548] [ 17.338750] Memory state around the buggy address: [ 17.338995] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.339285] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.339860] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.340398] ^ [ 17.342452] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.343109] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.343736] ================================================================== [ 17.034123] ================================================================== [ 17.034833] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 17.035393] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.036072] [ 17.036340] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.036445] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.036477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.036526] Call Trace: [ 17.036579] <TASK> [ 17.036624] dump_stack_lvl+0x73/0xb0 [ 17.036691] print_report+0xd1/0x650 [ 17.036745] ? __virt_addr_valid+0x1db/0x2d0 [ 17.036795] ? kasan_atomics_helper+0xde0/0x5450 [ 17.036843] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.036895] ? kasan_atomics_helper+0xde0/0x5450 [ 17.036944] kasan_report+0x141/0x180 [ 17.036996] ? kasan_atomics_helper+0xde0/0x5450 [ 17.037056] kasan_check_range+0x10c/0x1c0 [ 17.037103] __kasan_check_write+0x18/0x20 [ 17.037162] kasan_atomics_helper+0xde0/0x5450 [ 17.037205] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.037249] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.037291] ? ret_from_fork_asm+0x1a/0x30 [ 17.037375] ? kasan_atomics+0x152/0x310 [ 17.037458] kasan_atomics+0x1dc/0x310 [ 17.037515] ? __pfx_kasan_atomics+0x10/0x10 [ 17.037572] ? __pfx_read_tsc+0x10/0x10 [ 17.037612] ? ktime_get_ts64+0x86/0x230 [ 17.037665] kunit_try_run_case+0x1a5/0x480 [ 17.037715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.037762] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.037808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.037883] ? __kthread_parkme+0x82/0x180 [ 17.037941] ? preempt_count_sub+0x50/0x80 [ 17.038000] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.038051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.038103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.038147] kthread+0x337/0x6f0 [ 17.038167] ? trace_preempt_on+0x20/0xc0 [ 17.038193] ? __pfx_kthread+0x10/0x10 [ 17.038213] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.038234] ? calculate_sigpending+0x7b/0xa0 [ 17.038257] ? __pfx_kthread+0x10/0x10 [ 17.038276] ret_from_fork+0x41/0x80 [ 17.038300] ? __pfx_kthread+0x10/0x10 [ 17.038318] ret_from_fork_asm+0x1a/0x30 [ 17.038347] </TASK> [ 17.038361] [ 17.049551] Allocated by task 285: [ 17.049742] kasan_save_stack+0x45/0x70 [ 17.050050] kasan_save_track+0x18/0x40 [ 17.050326] kasan_save_alloc_info+0x3b/0x50 [ 17.050642] __kasan_kmalloc+0xb7/0xc0 [ 17.050931] __kmalloc_cache_noprof+0x189/0x420 [ 17.051198] kasan_atomics+0x95/0x310 [ 17.051452] kunit_try_run_case+0x1a5/0x480 [ 17.052874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.053192] kthread+0x337/0x6f0 [ 17.053339] ret_from_fork+0x41/0x80 [ 17.053838] ret_from_fork_asm+0x1a/0x30 [ 17.054172] [ 17.054270] The buggy address belongs to the object at ffff8881033b5600 [ 17.054270] which belongs to the cache kmalloc-64 of size 64 [ 17.055457] The buggy address is located 0 bytes to the right of [ 17.055457] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.056268] [ 17.056614] The buggy address belongs to the physical page: [ 17.057061] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.057681] flags: 0x200000000000000(node=0|zone=2) [ 17.058124] page_type: f5(slab) [ 17.058356] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.058714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.059010] page dumped because: kasan: bad access detected [ 17.059281] [ 17.059447] Memory state around the buggy address: [ 17.060287] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.060568] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.060808] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.061250] ^ [ 17.061804] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.062225] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.062459] ================================================================== [ 17.517909] ================================================================== [ 17.518358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 17.519534] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.520596] [ 17.520973] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.521080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.521107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.521164] Call Trace: [ 17.521190] <TASK> [ 17.521218] dump_stack_lvl+0x73/0xb0 [ 17.521263] print_report+0xd1/0x650 [ 17.521295] ? __virt_addr_valid+0x1db/0x2d0 [ 17.521335] ? kasan_atomics_helper+0x151d/0x5450 [ 17.521364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.521388] ? kasan_atomics_helper+0x151d/0x5450 [ 17.521413] kasan_report+0x141/0x180 [ 17.521438] ? kasan_atomics_helper+0x151d/0x5450 [ 17.521465] kasan_check_range+0x10c/0x1c0 [ 17.521487] __kasan_check_write+0x18/0x20 [ 17.521508] kasan_atomics_helper+0x151d/0x5450 [ 17.521532] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.521556] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.521610] ? ret_from_fork_asm+0x1a/0x30 [ 17.521678] ? kasan_atomics+0x152/0x310 [ 17.521731] kasan_atomics+0x1dc/0x310 [ 17.521759] ? __pfx_kasan_atomics+0x10/0x10 [ 17.521783] ? __pfx_read_tsc+0x10/0x10 [ 17.521807] ? ktime_get_ts64+0x86/0x230 [ 17.521836] kunit_try_run_case+0x1a5/0x480 [ 17.521865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.521889] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.521914] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.521938] ? __kthread_parkme+0x82/0x180 [ 17.521962] ? preempt_count_sub+0x50/0x80 [ 17.521988] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.522012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.522036] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.522060] kthread+0x337/0x6f0 [ 17.522078] ? trace_preempt_on+0x20/0xc0 [ 17.522103] ? __pfx_kthread+0x10/0x10 [ 17.522122] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.522144] ? calculate_sigpending+0x7b/0xa0 [ 17.522167] ? __pfx_kthread+0x10/0x10 [ 17.522185] ret_from_fork+0x41/0x80 [ 17.522208] ? __pfx_kthread+0x10/0x10 [ 17.522226] ret_from_fork_asm+0x1a/0x30 [ 17.522256] </TASK> [ 17.522270] [ 17.531871] Allocated by task 285: [ 17.532180] kasan_save_stack+0x45/0x70 [ 17.532508] kasan_save_track+0x18/0x40 [ 17.532763] kasan_save_alloc_info+0x3b/0x50 [ 17.532963] __kasan_kmalloc+0xb7/0xc0 [ 17.533141] __kmalloc_cache_noprof+0x189/0x420 [ 17.533342] kasan_atomics+0x95/0x310 [ 17.533520] kunit_try_run_case+0x1a5/0x480 [ 17.533892] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.534306] kthread+0x337/0x6f0 [ 17.534628] ret_from_fork+0x41/0x80 [ 17.534955] ret_from_fork_asm+0x1a/0x30 [ 17.535286] [ 17.535466] The buggy address belongs to the object at ffff8881033b5600 [ 17.535466] which belongs to the cache kmalloc-64 of size 64 [ 17.536284] The buggy address is located 0 bytes to the right of [ 17.536284] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.536949] [ 17.537072] The buggy address belongs to the physical page: [ 17.537470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.538054] flags: 0x200000000000000(node=0|zone=2) [ 17.538267] page_type: f5(slab) [ 17.538595] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.538958] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.539254] page dumped because: kasan: bad access detected [ 17.539472] [ 17.539589] Memory state around the buggy address: [ 17.539977] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.540481] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.541015] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.541519] ^ [ 17.541880] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.542222] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.542686] ================================================================== [ 17.172620] ================================================================== [ 17.172947] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 17.173323] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.175154] [ 17.177646] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.178287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.178324] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.178373] Call Trace: [ 17.178420] <TASK> [ 17.178460] dump_stack_lvl+0x73/0xb0 [ 17.178534] print_report+0xd1/0x650 [ 17.178599] ? __virt_addr_valid+0x1db/0x2d0 [ 17.178648] ? kasan_atomics_helper+0x1079/0x5450 [ 17.178701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.178753] ? kasan_atomics_helper+0x1079/0x5450 [ 17.178805] kasan_report+0x141/0x180 [ 17.178857] ? kasan_atomics_helper+0x1079/0x5450 [ 17.178909] kasan_check_range+0x10c/0x1c0 [ 17.178950] __kasan_check_write+0x18/0x20 [ 17.178986] kasan_atomics_helper+0x1079/0x5450 [ 17.179025] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.179067] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.179111] ? ret_from_fork_asm+0x1a/0x30 [ 17.179166] ? kasan_atomics+0x152/0x310 [ 17.179219] kasan_atomics+0x1dc/0x310 [ 17.179264] ? __pfx_kasan_atomics+0x10/0x10 [ 17.179311] ? __pfx_read_tsc+0x10/0x10 [ 17.179357] ? ktime_get_ts64+0x86/0x230 [ 17.179410] kunit_try_run_case+0x1a5/0x480 [ 17.179465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.179511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.180639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.180725] ? __kthread_parkme+0x82/0x180 [ 17.180765] ? preempt_count_sub+0x50/0x80 [ 17.180809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.180882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.180921] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.180957] kthread+0x337/0x6f0 [ 17.180985] ? trace_preempt_on+0x20/0xc0 [ 17.181022] ? __pfx_kthread+0x10/0x10 [ 17.181053] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.181114] ? calculate_sigpending+0x7b/0xa0 [ 17.181155] ? __pfx_kthread+0x10/0x10 [ 17.181188] ret_from_fork+0x41/0x80 [ 17.181223] ? __pfx_kthread+0x10/0x10 [ 17.181254] ret_from_fork_asm+0x1a/0x30 [ 17.181310] </TASK> [ 17.181336] [ 17.194125] Allocated by task 285: [ 17.194463] kasan_save_stack+0x45/0x70 [ 17.194921] kasan_save_track+0x18/0x40 [ 17.195209] kasan_save_alloc_info+0x3b/0x50 [ 17.195586] __kasan_kmalloc+0xb7/0xc0 [ 17.195888] __kmalloc_cache_noprof+0x189/0x420 [ 17.196189] kasan_atomics+0x95/0x310 [ 17.196423] kunit_try_run_case+0x1a5/0x480 [ 17.196806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.197119] kthread+0x337/0x6f0 [ 17.197396] ret_from_fork+0x41/0x80 [ 17.197587] ret_from_fork_asm+0x1a/0x30 [ 17.197805] [ 17.197921] The buggy address belongs to the object at ffff8881033b5600 [ 17.197921] which belongs to the cache kmalloc-64 of size 64 [ 17.198612] The buggy address is located 0 bytes to the right of [ 17.198612] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.199543] [ 17.199805] The buggy address belongs to the physical page: [ 17.200218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.200829] flags: 0x200000000000000(node=0|zone=2) [ 17.201225] page_type: f5(slab) [ 17.201488] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.201842] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.202383] page dumped because: kasan: bad access detected [ 17.202847] [ 17.203024] Memory state around the buggy address: [ 17.203410] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.203817] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.204297] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.204743] ^ [ 17.205085] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.205527] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.205965] ================================================================== [ 17.430292] ================================================================== [ 17.431708] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 17.432812] Read of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.433074] [ 17.433209] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.433300] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.433325] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.433360] Call Trace: [ 17.433397] <TASK> [ 17.433433] dump_stack_lvl+0x73/0xb0 [ 17.433495] print_report+0xd1/0x650 [ 17.433543] ? __virt_addr_valid+0x1db/0x2d0 [ 17.433609] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.433646] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.433683] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.433712] kasan_report+0x141/0x180 [ 17.433736] ? kasan_atomics_helper+0x4eae/0x5450 [ 17.433763] __asan_report_load8_noabort+0x18/0x20 [ 17.433797] kasan_atomics_helper+0x4eae/0x5450 [ 17.433830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.433853] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.433877] ? ret_from_fork_asm+0x1a/0x30 [ 17.433900] ? kasan_atomics+0x152/0x310 [ 17.433924] kasan_atomics+0x1dc/0x310 [ 17.433944] ? __pfx_kasan_atomics+0x10/0x10 [ 17.433965] ? __pfx_read_tsc+0x10/0x10 [ 17.433987] ? ktime_get_ts64+0x86/0x230 [ 17.434014] kunit_try_run_case+0x1a5/0x480 [ 17.434041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.434064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.434089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.434112] ? __kthread_parkme+0x82/0x180 [ 17.434135] ? preempt_count_sub+0x50/0x80 [ 17.434162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.434187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.434211] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.434234] kthread+0x337/0x6f0 [ 17.434252] ? trace_preempt_on+0x20/0xc0 [ 17.434277] ? __pfx_kthread+0x10/0x10 [ 17.434295] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.434316] ? calculate_sigpending+0x7b/0xa0 [ 17.434339] ? __pfx_kthread+0x10/0x10 [ 17.434358] ret_from_fork+0x41/0x80 [ 17.434380] ? __pfx_kthread+0x10/0x10 [ 17.434398] ret_from_fork_asm+0x1a/0x30 [ 17.434428] </TASK> [ 17.434442] [ 17.448547] Allocated by task 285: [ 17.449423] kasan_save_stack+0x45/0x70 [ 17.449977] kasan_save_track+0x18/0x40 [ 17.450285] kasan_save_alloc_info+0x3b/0x50 [ 17.450451] __kasan_kmalloc+0xb7/0xc0 [ 17.450748] __kmalloc_cache_noprof+0x189/0x420 [ 17.451073] kasan_atomics+0x95/0x310 [ 17.451263] kunit_try_run_case+0x1a5/0x480 [ 17.451646] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.452022] kthread+0x337/0x6f0 [ 17.452317] ret_from_fork+0x41/0x80 [ 17.452516] ret_from_fork_asm+0x1a/0x30 [ 17.452929] [ 17.453049] The buggy address belongs to the object at ffff8881033b5600 [ 17.453049] which belongs to the cache kmalloc-64 of size 64 [ 17.453610] The buggy address is located 0 bytes to the right of [ 17.453610] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.454319] [ 17.454442] The buggy address belongs to the physical page: [ 17.454881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.455281] flags: 0x200000000000000(node=0|zone=2) [ 17.455596] page_type: f5(slab) [ 17.455949] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.456435] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.457038] page dumped because: kasan: bad access detected [ 17.457258] [ 17.457373] Memory state around the buggy address: [ 17.457761] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.458498] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.458786] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.459143] ^ [ 17.459585] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.460066] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.460539] ================================================================== [ 17.544072] ================================================================== [ 17.544456] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 17.545013] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.545330] [ 17.545567] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.545704] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.545734] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.545779] Call Trace: [ 17.545823] <TASK> [ 17.545857] dump_stack_lvl+0x73/0xb0 [ 17.545916] print_report+0xd1/0x650 [ 17.545962] ? __virt_addr_valid+0x1db/0x2d0 [ 17.546025] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.546071] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.546117] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.546161] kasan_report+0x141/0x180 [ 17.546210] ? kasan_atomics_helper+0x15b6/0x5450 [ 17.546266] kasan_check_range+0x10c/0x1c0 [ 17.546313] __kasan_check_write+0x18/0x20 [ 17.546357] kasan_atomics_helper+0x15b6/0x5450 [ 17.546408] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.546458] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.546506] ? ret_from_fork_asm+0x1a/0x30 [ 17.546552] ? kasan_atomics+0x152/0x310 [ 17.546606] kasan_atomics+0x1dc/0x310 [ 17.546645] ? __pfx_kasan_atomics+0x10/0x10 [ 17.546714] ? __pfx_read_tsc+0x10/0x10 [ 17.546759] ? ktime_get_ts64+0x86/0x230 [ 17.546812] kunit_try_run_case+0x1a5/0x480 [ 17.546860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.546904] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.546954] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.547002] ? __kthread_parkme+0x82/0x180 [ 17.547048] ? preempt_count_sub+0x50/0x80 [ 17.547092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.547147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.547198] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.547247] kthread+0x337/0x6f0 [ 17.547288] ? trace_preempt_on+0x20/0xc0 [ 17.547343] ? __pfx_kthread+0x10/0x10 [ 17.547387] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.547433] ? calculate_sigpending+0x7b/0xa0 [ 17.547482] ? __pfx_kthread+0x10/0x10 [ 17.547524] ret_from_fork+0x41/0x80 [ 17.547581] ? __pfx_kthread+0x10/0x10 [ 17.547624] ret_from_fork_asm+0x1a/0x30 [ 17.547689] </TASK> [ 17.547715] [ 17.558590] Allocated by task 285: [ 17.559204] kasan_save_stack+0x45/0x70 [ 17.559429] kasan_save_track+0x18/0x40 [ 17.559588] kasan_save_alloc_info+0x3b/0x50 [ 17.560162] __kasan_kmalloc+0xb7/0xc0 [ 17.560572] __kmalloc_cache_noprof+0x189/0x420 [ 17.561126] kasan_atomics+0x95/0x310 [ 17.561320] kunit_try_run_case+0x1a5/0x480 [ 17.561624] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.561995] kthread+0x337/0x6f0 [ 17.562298] ret_from_fork+0x41/0x80 [ 17.562514] ret_from_fork_asm+0x1a/0x30 [ 17.562924] [ 17.563061] The buggy address belongs to the object at ffff8881033b5600 [ 17.563061] which belongs to the cache kmalloc-64 of size 64 [ 17.563789] The buggy address is located 0 bytes to the right of [ 17.563789] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.564565] [ 17.564756] The buggy address belongs to the physical page: [ 17.565059] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.565569] flags: 0x200000000000000(node=0|zone=2) [ 17.565975] page_type: f5(slab) [ 17.566271] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.566895] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.567153] page dumped because: kasan: bad access detected [ 17.567327] [ 17.567408] Memory state around the buggy address: [ 17.567576] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.567813] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.568044] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.568247] ^ [ 17.568402] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.569536] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.570644] ================================================================== [ 17.840007] ================================================================== [ 17.840462] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 17.841113] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.841411] [ 17.841649] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.841764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.841804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.841861] Call Trace: [ 17.841908] <TASK> [ 17.841947] dump_stack_lvl+0x73/0xb0 [ 17.842011] print_report+0xd1/0x650 [ 17.842069] ? __virt_addr_valid+0x1db/0x2d0 [ 17.842132] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.842176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.842221] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.842273] kasan_report+0x141/0x180 [ 17.842335] ? kasan_atomics_helper+0x1c18/0x5450 [ 17.842385] kasan_check_range+0x10c/0x1c0 [ 17.842410] __kasan_check_write+0x18/0x20 [ 17.842432] kasan_atomics_helper+0x1c18/0x5450 [ 17.842457] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.842481] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.842504] ? ret_from_fork_asm+0x1a/0x30 [ 17.842539] ? kasan_atomics+0x152/0x310 [ 17.842591] kasan_atomics+0x1dc/0x310 [ 17.842633] ? __pfx_kasan_atomics+0x10/0x10 [ 17.842672] ? __pfx_read_tsc+0x10/0x10 [ 17.842716] ? ktime_get_ts64+0x86/0x230 [ 17.842771] kunit_try_run_case+0x1a5/0x480 [ 17.842839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.842886] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.842937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.842981] ? __kthread_parkme+0x82/0x180 [ 17.843034] ? preempt_count_sub+0x50/0x80 [ 17.843102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.843162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.843196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.843223] kthread+0x337/0x6f0 [ 17.843244] ? trace_preempt_on+0x20/0xc0 [ 17.843272] ? __pfx_kthread+0x10/0x10 [ 17.843294] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.843316] ? calculate_sigpending+0x7b/0xa0 [ 17.843339] ? __pfx_kthread+0x10/0x10 [ 17.843359] ret_from_fork+0x41/0x80 [ 17.843380] ? __pfx_kthread+0x10/0x10 [ 17.843400] ret_from_fork_asm+0x1a/0x30 [ 17.843430] </TASK> [ 17.843444] [ 17.852992] Allocated by task 285: [ 17.853223] kasan_save_stack+0x45/0x70 [ 17.853430] kasan_save_track+0x18/0x40 [ 17.853657] kasan_save_alloc_info+0x3b/0x50 [ 17.853994] __kasan_kmalloc+0xb7/0xc0 [ 17.854406] __kmalloc_cache_noprof+0x189/0x420 [ 17.854793] kasan_atomics+0x95/0x310 [ 17.855089] kunit_try_run_case+0x1a5/0x480 [ 17.855321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.855538] kthread+0x337/0x6f0 [ 17.855701] ret_from_fork+0x41/0x80 [ 17.855874] ret_from_fork_asm+0x1a/0x30 [ 17.856054] [ 17.856163] The buggy address belongs to the object at ffff8881033b5600 [ 17.856163] which belongs to the cache kmalloc-64 of size 64 [ 17.857124] The buggy address is located 0 bytes to the right of [ 17.857124] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.858081] [ 17.858259] The buggy address belongs to the physical page: [ 17.858664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.859054] flags: 0x200000000000000(node=0|zone=2) [ 17.859388] page_type: f5(slab) [ 17.859710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.859987] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.860251] page dumped because: kasan: bad access detected [ 17.860452] [ 17.860570] Memory state around the buggy address: [ 17.860904] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.861501] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.862184] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.862708] ^ [ 17.862955] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.863217] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.863457] ================================================================== [ 17.629300] ================================================================== [ 17.629862] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 17.630052] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.630190] [ 17.630271] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.630326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.630341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.630366] Call Trace: [ 17.630393] <TASK> [ 17.630417] dump_stack_lvl+0x73/0xb0 [ 17.630450] print_report+0xd1/0x650 [ 17.630476] ? __virt_addr_valid+0x1db/0x2d0 [ 17.630499] ? kasan_atomics_helper+0x177f/0x5450 [ 17.630522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.630545] ? kasan_atomics_helper+0x177f/0x5450 [ 17.630583] kasan_report+0x141/0x180 [ 17.630609] ? kasan_atomics_helper+0x177f/0x5450 [ 17.630638] kasan_check_range+0x10c/0x1c0 [ 17.630667] __kasan_check_write+0x18/0x20 [ 17.630696] kasan_atomics_helper+0x177f/0x5450 [ 17.630722] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.630747] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.630770] ? ret_from_fork_asm+0x1a/0x30 [ 17.630794] ? kasan_atomics+0x152/0x310 [ 17.630819] kasan_atomics+0x1dc/0x310 [ 17.630840] ? __pfx_kasan_atomics+0x10/0x10 [ 17.630863] ? __pfx_read_tsc+0x10/0x10 [ 17.630885] ? ktime_get_ts64+0x86/0x230 [ 17.630914] kunit_try_run_case+0x1a5/0x480 [ 17.630942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.630966] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.630993] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.631017] ? __kthread_parkme+0x82/0x180 [ 17.631042] ? preempt_count_sub+0x50/0x80 [ 17.631069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.631096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.631120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.631160] kthread+0x337/0x6f0 [ 17.631183] ? trace_preempt_on+0x20/0xc0 [ 17.631212] ? __pfx_kthread+0x10/0x10 [ 17.631233] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.631257] ? calculate_sigpending+0x7b/0xa0 [ 17.631283] ? __pfx_kthread+0x10/0x10 [ 17.631304] ret_from_fork+0x41/0x80 [ 17.631327] ? __pfx_kthread+0x10/0x10 [ 17.631347] ret_from_fork_asm+0x1a/0x30 [ 17.631379] </TASK> [ 17.631394] [ 17.644598] Allocated by task 285: [ 17.644934] kasan_save_stack+0x45/0x70 [ 17.645128] kasan_save_track+0x18/0x40 [ 17.645276] kasan_save_alloc_info+0x3b/0x50 [ 17.645433] __kasan_kmalloc+0xb7/0xc0 [ 17.645583] __kmalloc_cache_noprof+0x189/0x420 [ 17.646189] kasan_atomics+0x95/0x310 [ 17.646406] kunit_try_run_case+0x1a5/0x480 [ 17.646628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.647265] kthread+0x337/0x6f0 [ 17.647488] ret_from_fork+0x41/0x80 [ 17.648023] ret_from_fork_asm+0x1a/0x30 [ 17.648371] [ 17.648485] The buggy address belongs to the object at ffff8881033b5600 [ 17.648485] which belongs to the cache kmalloc-64 of size 64 [ 17.649302] The buggy address is located 0 bytes to the right of [ 17.649302] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.649733] [ 17.649863] The buggy address belongs to the physical page: [ 17.650297] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.650983] flags: 0x200000000000000(node=0|zone=2) [ 17.651264] page_type: f5(slab) [ 17.651543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.652314] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.652998] page dumped because: kasan: bad access detected [ 17.653368] [ 17.653476] Memory state around the buggy address: [ 17.653694] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.654225] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.654858] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.655516] ^ [ 17.655923] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.656219] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.657115] ================================================================== [ 18.115266] ================================================================== [ 18.115977] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 18.116588] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 18.117157] [ 18.117401] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 18.117504] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.117536] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.117594] Call Trace: [ 18.117640] <TASK> [ 18.117683] dump_stack_lvl+0x73/0xb0 [ 18.117753] print_report+0xd1/0x650 [ 18.117806] ? __virt_addr_valid+0x1db/0x2d0 [ 18.117856] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.117904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.117954] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.118009] kasan_report+0x141/0x180 [ 18.118053] ? kasan_atomics_helper+0x20c8/0x5450 [ 18.118104] kasan_check_range+0x10c/0x1c0 [ 18.118153] __kasan_check_write+0x18/0x20 [ 18.118199] kasan_atomics_helper+0x20c8/0x5450 [ 18.118266] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 18.118315] ? __kmalloc_cache_noprof+0x189/0x420 [ 18.118367] ? ret_from_fork_asm+0x1a/0x30 [ 18.118425] ? kasan_atomics+0x152/0x310 [ 18.118478] kasan_atomics+0x1dc/0x310 [ 18.118523] ? __pfx_kasan_atomics+0x10/0x10 [ 18.118583] ? __pfx_read_tsc+0x10/0x10 [ 18.118632] ? ktime_get_ts64+0x86/0x230 [ 18.118685] kunit_try_run_case+0x1a5/0x480 [ 18.118740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.118779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.118829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.118879] ? __kthread_parkme+0x82/0x180 [ 18.118939] ? preempt_count_sub+0x50/0x80 [ 18.119011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.119067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.119124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.119183] kthread+0x337/0x6f0 [ 18.119228] ? trace_preempt_on+0x20/0xc0 [ 18.119286] ? __pfx_kthread+0x10/0x10 [ 18.119331] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.119379] ? calculate_sigpending+0x7b/0xa0 [ 18.119429] ? __pfx_kthread+0x10/0x10 [ 18.119472] ret_from_fork+0x41/0x80 [ 18.119520] ? __pfx_kthread+0x10/0x10 [ 18.119574] ret_from_fork_asm+0x1a/0x30 [ 18.119642] </TASK> [ 18.119671] [ 18.130403] Allocated by task 285: [ 18.130688] kasan_save_stack+0x45/0x70 [ 18.131083] kasan_save_track+0x18/0x40 [ 18.131441] kasan_save_alloc_info+0x3b/0x50 [ 18.131801] __kasan_kmalloc+0xb7/0xc0 [ 18.132091] __kmalloc_cache_noprof+0x189/0x420 [ 18.132315] kasan_atomics+0x95/0x310 [ 18.132645] kunit_try_run_case+0x1a5/0x480 [ 18.132985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.133270] kthread+0x337/0x6f0 [ 18.133580] ret_from_fork+0x41/0x80 [ 18.133865] ret_from_fork_asm+0x1a/0x30 [ 18.134098] [ 18.134289] The buggy address belongs to the object at ffff8881033b5600 [ 18.134289] which belongs to the cache kmalloc-64 of size 64 [ 18.134910] The buggy address is located 0 bytes to the right of [ 18.134910] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 18.135331] [ 18.135457] The buggy address belongs to the physical page: [ 18.135870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 18.136424] flags: 0x200000000000000(node=0|zone=2) [ 18.136880] page_type: f5(slab) [ 18.137179] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 18.137697] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 18.138223] page dumped because: kasan: bad access detected [ 18.138629] [ 18.138800] Memory state around the buggy address: [ 18.139052] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.139497] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 18.139910] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 18.140177] ^ [ 18.140380] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.140749] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.141280] ================================================================== [ 16.748270] ================================================================== [ 16.748855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 16.750293] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.750598] [ 16.751255] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.751338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.751365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.751407] Call Trace: [ 16.751450] <TASK> [ 16.751491] dump_stack_lvl+0x73/0xb0 [ 16.751712] print_report+0xd1/0x650 [ 16.751762] ? __virt_addr_valid+0x1db/0x2d0 [ 16.751792] ? kasan_atomics_helper+0x860/0x5450 [ 16.751819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.751846] ? kasan_atomics_helper+0x860/0x5450 [ 16.751872] kasan_report+0x141/0x180 [ 16.751898] ? kasan_atomics_helper+0x860/0x5450 [ 16.751928] kasan_check_range+0x10c/0x1c0 [ 16.751954] __kasan_check_write+0x18/0x20 [ 16.751977] kasan_atomics_helper+0x860/0x5450 [ 16.752004] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.752029] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.752054] ? ret_from_fork_asm+0x1a/0x30 [ 16.752080] ? kasan_atomics+0x152/0x310 [ 16.752105] kasan_atomics+0x1dc/0x310 [ 16.752128] ? __pfx_kasan_atomics+0x10/0x10 [ 16.752151] ? __pfx_read_tsc+0x10/0x10 [ 16.752175] ? ktime_get_ts64+0x86/0x230 [ 16.752203] kunit_try_run_case+0x1a5/0x480 [ 16.752231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.752256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.752282] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.752307] ? __kthread_parkme+0x82/0x180 [ 16.752330] ? preempt_count_sub+0x50/0x80 [ 16.752358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.752383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.752407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.752432] kthread+0x337/0x6f0 [ 16.752451] ? trace_preempt_on+0x20/0xc0 [ 16.752476] ? __pfx_kthread+0x10/0x10 [ 16.752497] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.752519] ? calculate_sigpending+0x7b/0xa0 [ 16.752542] ? __pfx_kthread+0x10/0x10 [ 16.752691] ret_from_fork+0x41/0x80 [ 16.752723] ? __pfx_kthread+0x10/0x10 [ 16.752744] ret_from_fork_asm+0x1a/0x30 [ 16.752774] </TASK> [ 16.752790] [ 16.767505] Allocated by task 285: [ 16.767936] kasan_save_stack+0x45/0x70 [ 16.768359] kasan_save_track+0x18/0x40 [ 16.768709] kasan_save_alloc_info+0x3b/0x50 [ 16.769107] __kasan_kmalloc+0xb7/0xc0 [ 16.769387] __kmalloc_cache_noprof+0x189/0x420 [ 16.769659] kasan_atomics+0x95/0x310 [ 16.770001] kunit_try_run_case+0x1a5/0x480 [ 16.770409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.771079] kthread+0x337/0x6f0 [ 16.771474] ret_from_fork+0x41/0x80 [ 16.771864] ret_from_fork_asm+0x1a/0x30 [ 16.772091] [ 16.772245] The buggy address belongs to the object at ffff8881033b5600 [ 16.772245] which belongs to the cache kmalloc-64 of size 64 [ 16.773156] The buggy address is located 0 bytes to the right of [ 16.773156] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.773862] [ 16.774048] The buggy address belongs to the physical page: [ 16.774419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.774928] flags: 0x200000000000000(node=0|zone=2) [ 16.775313] page_type: f5(slab) [ 16.775578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.776229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.776977] page dumped because: kasan: bad access detected [ 16.777365] [ 16.777621] Memory state around the buggy address: [ 16.777971] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.778531] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.779034] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.779414] ^ [ 16.779754] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780181] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.780434] ================================================================== [ 17.259414] ================================================================== [ 17.261108] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 17.261641] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.262882] [ 17.263034] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.263096] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.263111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.263156] Call Trace: [ 17.263199] <TASK> [ 17.263242] dump_stack_lvl+0x73/0xb0 [ 17.263458] print_report+0xd1/0x650 [ 17.263499] ? __virt_addr_valid+0x1db/0x2d0 [ 17.263527] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.263552] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.263600] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.263627] kasan_report+0x141/0x180 [ 17.263659] ? kasan_atomics_helper+0x4a02/0x5450 [ 17.263716] __asan_report_load4_noabort+0x18/0x20 [ 17.263743] kasan_atomics_helper+0x4a02/0x5450 [ 17.263771] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.263797] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.263823] ? ret_from_fork_asm+0x1a/0x30 [ 17.263848] ? kasan_atomics+0x152/0x310 [ 17.263874] kasan_atomics+0x1dc/0x310 [ 17.263897] ? __pfx_kasan_atomics+0x10/0x10 [ 17.263921] ? __pfx_read_tsc+0x10/0x10 [ 17.263945] ? ktime_get_ts64+0x86/0x230 [ 17.263975] kunit_try_run_case+0x1a5/0x480 [ 17.264001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.264025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.264049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.264072] ? __kthread_parkme+0x82/0x180 [ 17.264095] ? preempt_count_sub+0x50/0x80 [ 17.264121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.264146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.264169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.264193] kthread+0x337/0x6f0 [ 17.264211] ? trace_preempt_on+0x20/0xc0 [ 17.264236] ? __pfx_kthread+0x10/0x10 [ 17.264254] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.264276] ? calculate_sigpending+0x7b/0xa0 [ 17.264298] ? __pfx_kthread+0x10/0x10 [ 17.264317] ret_from_fork+0x41/0x80 [ 17.264340] ? __pfx_kthread+0x10/0x10 [ 17.264359] ret_from_fork_asm+0x1a/0x30 [ 17.264388] </TASK> [ 17.264401] [ 17.275067] Allocated by task 285: [ 17.275411] kasan_save_stack+0x45/0x70 [ 17.276063] kasan_save_track+0x18/0x40 [ 17.276303] kasan_save_alloc_info+0x3b/0x50 [ 17.276565] __kasan_kmalloc+0xb7/0xc0 [ 17.276801] __kmalloc_cache_noprof+0x189/0x420 [ 17.277144] kasan_atomics+0x95/0x310 [ 17.277425] kunit_try_run_case+0x1a5/0x480 [ 17.277845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.278136] kthread+0x337/0x6f0 [ 17.278305] ret_from_fork+0x41/0x80 [ 17.278591] ret_from_fork_asm+0x1a/0x30 [ 17.279006] [ 17.279235] The buggy address belongs to the object at ffff8881033b5600 [ 17.279235] which belongs to the cache kmalloc-64 of size 64 [ 17.280048] The buggy address is located 0 bytes to the right of [ 17.280048] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.280779] [ 17.280989] The buggy address belongs to the physical page: [ 17.281321] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.281834] flags: 0x200000000000000(node=0|zone=2) [ 17.282106] page_type: f5(slab) [ 17.282401] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.282905] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.283356] page dumped because: kasan: bad access detected [ 17.283623] [ 17.283784] Memory state around the buggy address: [ 17.284091] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.284367] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.284708] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.285048] ^ [ 17.285253] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.285500] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.286039] ================================================================== [ 17.571604] ================================================================== [ 17.572122] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 17.572713] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.573197] [ 17.573431] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.573588] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.573616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.573657] Call Trace: [ 17.573720] <TASK> [ 17.573784] dump_stack_lvl+0x73/0xb0 [ 17.573871] print_report+0xd1/0x650 [ 17.573935] ? __virt_addr_valid+0x1db/0x2d0 [ 17.573985] ? kasan_atomics_helper+0x164f/0x5450 [ 17.574033] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.574083] ? kasan_atomics_helper+0x164f/0x5450 [ 17.574128] kasan_report+0x141/0x180 [ 17.574185] ? kasan_atomics_helper+0x164f/0x5450 [ 17.574258] kasan_check_range+0x10c/0x1c0 [ 17.574319] __kasan_check_write+0x18/0x20 [ 17.574356] kasan_atomics_helper+0x164f/0x5450 [ 17.574427] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.574494] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.574550] ? ret_from_fork_asm+0x1a/0x30 [ 17.574612] ? kasan_atomics+0x152/0x310 [ 17.574671] kasan_atomics+0x1dc/0x310 [ 17.574728] ? __pfx_kasan_atomics+0x10/0x10 [ 17.574775] ? __pfx_read_tsc+0x10/0x10 [ 17.574827] ? ktime_get_ts64+0x86/0x230 [ 17.574894] kunit_try_run_case+0x1a5/0x480 [ 17.574966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.575015] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.575067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.575093] ? __kthread_parkme+0x82/0x180 [ 17.575118] ? preempt_count_sub+0x50/0x80 [ 17.575161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.575188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.575213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.575239] kthread+0x337/0x6f0 [ 17.575257] ? trace_preempt_on+0x20/0xc0 [ 17.575283] ? __pfx_kthread+0x10/0x10 [ 17.575302] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.575325] ? calculate_sigpending+0x7b/0xa0 [ 17.575349] ? __pfx_kthread+0x10/0x10 [ 17.575368] ret_from_fork+0x41/0x80 [ 17.575390] ? __pfx_kthread+0x10/0x10 [ 17.575409] ret_from_fork_asm+0x1a/0x30 [ 17.575440] </TASK> [ 17.575455] [ 17.586642] Allocated by task 285: [ 17.587313] kasan_save_stack+0x45/0x70 [ 17.587519] kasan_save_track+0x18/0x40 [ 17.588128] kasan_save_alloc_info+0x3b/0x50 [ 17.588592] __kasan_kmalloc+0xb7/0xc0 [ 17.589076] __kmalloc_cache_noprof+0x189/0x420 [ 17.589505] kasan_atomics+0x95/0x310 [ 17.589773] kunit_try_run_case+0x1a5/0x480 [ 17.590079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.590376] kthread+0x337/0x6f0 [ 17.590645] ret_from_fork+0x41/0x80 [ 17.590963] ret_from_fork_asm+0x1a/0x30 [ 17.591323] [ 17.591455] The buggy address belongs to the object at ffff8881033b5600 [ 17.591455] which belongs to the cache kmalloc-64 of size 64 [ 17.592080] The buggy address is located 0 bytes to the right of [ 17.592080] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.592686] [ 17.592869] The buggy address belongs to the physical page: [ 17.593412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.593853] flags: 0x200000000000000(node=0|zone=2) [ 17.594080] page_type: f5(slab) [ 17.594368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.594748] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.595294] page dumped because: kasan: bad access detected [ 17.595953] [ 17.596049] Memory state around the buggy address: [ 17.596218] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.596438] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.597469] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.597834] ^ [ 17.598190] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598779] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.599221] ================================================================== [ 16.813208] ================================================================== [ 16.813811] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 16.815282] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.816355] [ 16.816519] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.816611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.816847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.816897] Call Trace: [ 16.816954] <TASK> [ 16.817002] dump_stack_lvl+0x73/0xb0 [ 16.817069] print_report+0xd1/0x650 [ 16.817101] ? __virt_addr_valid+0x1db/0x2d0 [ 16.817129] ? kasan_atomics_helper+0x992/0x5450 [ 16.817155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.817182] ? kasan_atomics_helper+0x992/0x5450 [ 16.817208] kasan_report+0x141/0x180 [ 16.817234] ? kasan_atomics_helper+0x992/0x5450 [ 16.817263] kasan_check_range+0x10c/0x1c0 [ 16.817287] __kasan_check_write+0x18/0x20 [ 16.817310] kasan_atomics_helper+0x992/0x5450 [ 16.817336] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.817362] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.817387] ? ret_from_fork_asm+0x1a/0x30 [ 16.817412] ? kasan_atomics+0x152/0x310 [ 16.817438] kasan_atomics+0x1dc/0x310 [ 16.817462] ? __pfx_kasan_atomics+0x10/0x10 [ 16.817484] ? __pfx_read_tsc+0x10/0x10 [ 16.817506] ? ktime_get_ts64+0x86/0x230 [ 16.817534] kunit_try_run_case+0x1a5/0x480 [ 16.817574] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.817604] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.817645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.817684] ? __kthread_parkme+0x82/0x180 [ 16.817721] ? preempt_count_sub+0x50/0x80 [ 16.817765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.817804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.817844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.817881] kthread+0x337/0x6f0 [ 16.817911] ? trace_preempt_on+0x20/0xc0 [ 16.817950] ? __pfx_kthread+0x10/0x10 [ 16.817982] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.818020] ? calculate_sigpending+0x7b/0xa0 [ 16.818057] ? __pfx_kthread+0x10/0x10 [ 16.818087] ret_from_fork+0x41/0x80 [ 16.818114] ? __pfx_kthread+0x10/0x10 [ 16.818134] ret_from_fork_asm+0x1a/0x30 [ 16.818167] </TASK> [ 16.818182] [ 16.828645] Allocated by task 285: [ 16.828991] kasan_save_stack+0x45/0x70 [ 16.829211] kasan_save_track+0x18/0x40 [ 16.829491] kasan_save_alloc_info+0x3b/0x50 [ 16.829812] __kasan_kmalloc+0xb7/0xc0 [ 16.830044] __kmalloc_cache_noprof+0x189/0x420 [ 16.830247] kasan_atomics+0x95/0x310 [ 16.830425] kunit_try_run_case+0x1a5/0x480 [ 16.830756] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.831271] kthread+0x337/0x6f0 [ 16.831616] ret_from_fork+0x41/0x80 [ 16.832033] ret_from_fork_asm+0x1a/0x30 [ 16.832237] [ 16.832352] The buggy address belongs to the object at ffff8881033b5600 [ 16.832352] which belongs to the cache kmalloc-64 of size 64 [ 16.832807] The buggy address is located 0 bytes to the right of [ 16.832807] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.833217] [ 16.833331] The buggy address belongs to the physical page: [ 16.833731] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.834626] flags: 0x200000000000000(node=0|zone=2) [ 16.835029] page_type: f5(slab) [ 16.835318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.835861] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.836390] page dumped because: kasan: bad access detected [ 16.837492] [ 16.837834] Memory state around the buggy address: [ 16.838201] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.838947] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.839252] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.839496] ^ [ 16.840474] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.841597] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.842334] ================================================================== [ 16.368973] ================================================================== [ 16.369470] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 16.370270] Read of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.370817] [ 16.370922] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.370981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.370995] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.371018] Call Trace: [ 16.371034] <TASK> [ 16.371054] dump_stack_lvl+0x73/0xb0 [ 16.371090] print_report+0xd1/0x650 [ 16.371118] ? __virt_addr_valid+0x1db/0x2d0 [ 16.371154] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.371180] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.371308] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.371338] kasan_report+0x141/0x180 [ 16.371366] ? kasan_atomics_helper+0x4bbc/0x5450 [ 16.371392] __asan_report_load4_noabort+0x18/0x20 [ 16.371413] kasan_atomics_helper+0x4bbc/0x5450 [ 16.371436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.371459] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.371480] ? ret_from_fork_asm+0x1a/0x30 [ 16.371503] ? kasan_atomics+0x152/0x310 [ 16.371525] kasan_atomics+0x1dc/0x310 [ 16.371544] ? __pfx_kasan_atomics+0x10/0x10 [ 16.371580] ? __pfx_read_tsc+0x10/0x10 [ 16.371615] ? ktime_get_ts64+0x86/0x230 [ 16.371646] kunit_try_run_case+0x1a5/0x480 [ 16.371703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371726] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.371751] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.371775] ? __kthread_parkme+0x82/0x180 [ 16.371799] ? preempt_count_sub+0x50/0x80 [ 16.371825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.371848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.371871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.371894] kthread+0x337/0x6f0 [ 16.371910] ? trace_preempt_on+0x20/0xc0 [ 16.371936] ? __pfx_kthread+0x10/0x10 [ 16.371954] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.371975] ? calculate_sigpending+0x7b/0xa0 [ 16.371996] ? __pfx_kthread+0x10/0x10 [ 16.372015] ret_from_fork+0x41/0x80 [ 16.372034] ? __pfx_kthread+0x10/0x10 [ 16.372052] ret_from_fork_asm+0x1a/0x30 [ 16.372080] </TASK> [ 16.372093] [ 16.381181] Allocated by task 285: [ 16.381292] kasan_save_stack+0x45/0x70 [ 16.381405] kasan_save_track+0x18/0x40 [ 16.381492] kasan_save_alloc_info+0x3b/0x50 [ 16.381606] __kasan_kmalloc+0xb7/0xc0 [ 16.381695] __kmalloc_cache_noprof+0x189/0x420 [ 16.381790] kasan_atomics+0x95/0x310 [ 16.381872] kunit_try_run_case+0x1a5/0x480 [ 16.381965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.382072] kthread+0x337/0x6f0 [ 16.382147] ret_from_fork+0x41/0x80 [ 16.382236] ret_from_fork_asm+0x1a/0x30 [ 16.382324] [ 16.382376] The buggy address belongs to the object at ffff8881033b5600 [ 16.382376] which belongs to the cache kmalloc-64 of size 64 [ 16.382852] The buggy address is located 0 bytes to the right of [ 16.382852] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.383178] [ 16.383242] The buggy address belongs to the physical page: [ 16.384504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.385081] flags: 0x200000000000000(node=0|zone=2) [ 16.385837] page_type: f5(slab) [ 16.386024] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.386254] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.386390] page dumped because: kasan: bad access detected [ 16.386496] [ 16.386545] Memory state around the buggy address: [ 16.387106] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.387442] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.387759] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.388224] ^ [ 16.388334] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388466] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.388749] ================================================================== [ 16.542173] ================================================================== [ 16.542970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 16.543602] Write of size 4 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 16.544175] [ 16.544446] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.544599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.544634] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.544692] Call Trace: [ 16.544734] <TASK> [ 16.544775] dump_stack_lvl+0x73/0xb0 [ 16.544848] print_report+0xd1/0x650 [ 16.544928] ? __virt_addr_valid+0x1db/0x2d0 [ 16.545144] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.545224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.545273] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.545302] kasan_report+0x141/0x180 [ 16.545330] ? kasan_atomics_helper+0x4b3a/0x5450 [ 16.545359] __asan_report_store4_noabort+0x1b/0x30 [ 16.545381] kasan_atomics_helper+0x4b3a/0x5450 [ 16.545412] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.545451] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.545481] ? ret_from_fork_asm+0x1a/0x30 [ 16.545506] ? kasan_atomics+0x152/0x310 [ 16.545531] kasan_atomics+0x1dc/0x310 [ 16.545552] ? __pfx_kasan_atomics+0x10/0x10 [ 16.545596] ? __pfx_read_tsc+0x10/0x10 [ 16.545634] ? ktime_get_ts64+0x86/0x230 [ 16.545680] kunit_try_run_case+0x1a5/0x480 [ 16.545724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.545764] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.545795] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.545821] ? __kthread_parkme+0x82/0x180 [ 16.545847] ? preempt_count_sub+0x50/0x80 [ 16.545875] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.545901] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.545927] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.545952] kthread+0x337/0x6f0 [ 16.545970] ? trace_preempt_on+0x20/0xc0 [ 16.545998] ? __pfx_kthread+0x10/0x10 [ 16.546019] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.546042] ? calculate_sigpending+0x7b/0xa0 [ 16.546066] ? __pfx_kthread+0x10/0x10 [ 16.546085] ret_from_fork+0x41/0x80 [ 16.546108] ? __pfx_kthread+0x10/0x10 [ 16.546129] ret_from_fork_asm+0x1a/0x30 [ 16.546160] </TASK> [ 16.546177] [ 16.560178] Allocated by task 285: [ 16.560789] kasan_save_stack+0x45/0x70 [ 16.561635] kasan_save_track+0x18/0x40 [ 16.562298] kasan_save_alloc_info+0x3b/0x50 [ 16.562555] __kasan_kmalloc+0xb7/0xc0 [ 16.562826] __kmalloc_cache_noprof+0x189/0x420 [ 16.563218] kasan_atomics+0x95/0x310 [ 16.563810] kunit_try_run_case+0x1a5/0x480 [ 16.564188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.564510] kthread+0x337/0x6f0 [ 16.564981] ret_from_fork+0x41/0x80 [ 16.565331] ret_from_fork_asm+0x1a/0x30 [ 16.566095] [ 16.566294] The buggy address belongs to the object at ffff8881033b5600 [ 16.566294] which belongs to the cache kmalloc-64 of size 64 [ 16.567232] The buggy address is located 0 bytes to the right of [ 16.567232] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 16.568227] [ 16.568457] The buggy address belongs to the physical page: [ 16.569301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 16.569897] flags: 0x200000000000000(node=0|zone=2) [ 16.570299] page_type: f5(slab) [ 16.570521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.571012] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.571787] page dumped because: kasan: bad access detected [ 16.572429] [ 16.573051] Memory state around the buggy address: [ 16.573462] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.573953] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.574263] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.574885] ^ [ 16.575515] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.576046] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.577185] ================================================================== [ 17.812092] ================================================================== [ 17.812690] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 17.813302] Write of size 8 at addr ffff8881033b5630 by task kunit_try_catch/285 [ 17.813856] [ 17.814083] CPU: 0 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 17.814210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.814246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.814291] Call Trace: [ 17.814347] <TASK> [ 17.814385] dump_stack_lvl+0x73/0xb0 [ 17.814448] print_report+0xd1/0x650 [ 17.814502] ? __virt_addr_valid+0x1db/0x2d0 [ 17.814573] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.814617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.814661] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.814712] kasan_report+0x141/0x180 [ 17.814765] ? kasan_atomics_helper+0x1b22/0x5450 [ 17.814834] kasan_check_range+0x10c/0x1c0 [ 17.814875] __kasan_check_write+0x18/0x20 [ 17.814903] kasan_atomics_helper+0x1b22/0x5450 [ 17.814928] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 17.814952] ? __kmalloc_cache_noprof+0x189/0x420 [ 17.814974] ? ret_from_fork_asm+0x1a/0x30 [ 17.814997] ? kasan_atomics+0x152/0x310 [ 17.815027] kasan_atomics+0x1dc/0x310 [ 17.815063] ? __pfx_kasan_atomics+0x10/0x10 [ 17.815099] ? __pfx_read_tsc+0x10/0x10 [ 17.815141] ? ktime_get_ts64+0x86/0x230 [ 17.815193] kunit_try_run_case+0x1a5/0x480 [ 17.815246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.815299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.815363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.815410] ? __kthread_parkme+0x82/0x180 [ 17.815456] ? preempt_count_sub+0x50/0x80 [ 17.815510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.815575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.815626] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.815666] kthread+0x337/0x6f0 [ 17.815723] ? trace_preempt_on+0x20/0xc0 [ 17.815776] ? __pfx_kthread+0x10/0x10 [ 17.815818] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.815876] ? calculate_sigpending+0x7b/0xa0 [ 17.815923] ? __pfx_kthread+0x10/0x10 [ 17.815966] ret_from_fork+0x41/0x80 [ 17.816010] ? __pfx_kthread+0x10/0x10 [ 17.816050] ret_from_fork_asm+0x1a/0x30 [ 17.816111] </TASK> [ 17.816143] [ 17.826687] Allocated by task 285: [ 17.826937] kasan_save_stack+0x45/0x70 [ 17.827331] kasan_save_track+0x18/0x40 [ 17.827662] kasan_save_alloc_info+0x3b/0x50 [ 17.827996] __kasan_kmalloc+0xb7/0xc0 [ 17.828324] __kmalloc_cache_noprof+0x189/0x420 [ 17.828601] kasan_atomics+0x95/0x310 [ 17.828881] kunit_try_run_case+0x1a5/0x480 [ 17.829142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.829453] kthread+0x337/0x6f0 [ 17.829780] ret_from_fork+0x41/0x80 [ 17.830015] ret_from_fork_asm+0x1a/0x30 [ 17.830365] [ 17.830495] The buggy address belongs to the object at ffff8881033b5600 [ 17.830495] which belongs to the cache kmalloc-64 of size 64 [ 17.831328] The buggy address is located 0 bytes to the right of [ 17.831328] allocated 48-byte region [ffff8881033b5600, ffff8881033b5630) [ 17.832229] [ 17.832362] The buggy address belongs to the physical page: [ 17.832600] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b5 [ 17.833191] flags: 0x200000000000000(node=0|zone=2) [ 17.833661] page_type: f5(slab) [ 17.833977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.834547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.835171] page dumped because: kasan: bad access detected [ 17.835617] [ 17.835829] Memory state around the buggy address: [ 17.836227] ffff8881033b5500: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.836631] ffff8881033b5580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.837194] >ffff8881033b5600: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.837517] ^ [ 17.837717] ffff8881033b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.838045] ffff8881033b5700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.838442] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 16.183407] ================================================================== [ 16.184158] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.184597] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.184904] [ 16.184987] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.185042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.185056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.185079] Call Trace: [ 16.185102] <TASK> [ 16.185121] dump_stack_lvl+0x73/0xb0 [ 16.185152] print_report+0xd1/0x650 [ 16.185176] ? __virt_addr_valid+0x1db/0x2d0 [ 16.185199] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.185221] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.185245] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.185268] kasan_report+0x141/0x180 [ 16.185291] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.185318] kasan_check_range+0x10c/0x1c0 [ 16.185338] __kasan_check_write+0x18/0x20 [ 16.185357] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 16.185381] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.185406] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.185427] ? trace_hardirqs_on+0x37/0xe0 [ 16.185451] ? kasan_bitops_generic+0x92/0x1c0 [ 16.185474] kasan_bitops_generic+0x121/0x1c0 [ 16.185493] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.185514] ? __pfx_read_tsc+0x10/0x10 [ 16.185534] ? ktime_get_ts64+0x86/0x230 [ 16.185576] kunit_try_run_case+0x1a5/0x480 [ 16.185896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185922] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.185964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.185988] ? __kthread_parkme+0x82/0x180 [ 16.186010] ? preempt_count_sub+0x50/0x80 [ 16.186036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.186059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.186083] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.186106] kthread+0x337/0x6f0 [ 16.186123] ? trace_preempt_on+0x20/0xc0 [ 16.186145] ? __pfx_kthread+0x10/0x10 [ 16.186163] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.186184] ? calculate_sigpending+0x7b/0xa0 [ 16.186205] ? __pfx_kthread+0x10/0x10 [ 16.186224] ret_from_fork+0x41/0x80 [ 16.186245] ? __pfx_kthread+0x10/0x10 [ 16.186262] ret_from_fork_asm+0x1a/0x30 [ 16.186293] </TASK> [ 16.186306] [ 16.194385] Allocated by task 281: [ 16.194489] kasan_save_stack+0x45/0x70 [ 16.194611] kasan_save_track+0x18/0x40 [ 16.194862] kasan_save_alloc_info+0x3b/0x50 [ 16.195090] __kasan_kmalloc+0xb7/0xc0 [ 16.195418] __kmalloc_cache_noprof+0x189/0x420 [ 16.195744] kasan_bitops_generic+0x92/0x1c0 [ 16.196151] kunit_try_run_case+0x1a5/0x480 [ 16.196272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.196487] kthread+0x337/0x6f0 [ 16.196831] ret_from_fork+0x41/0x80 [ 16.196927] ret_from_fork_asm+0x1a/0x30 [ 16.197020] [ 16.197073] The buggy address belongs to the object at ffff888102497640 [ 16.197073] which belongs to the cache kmalloc-16 of size 16 [ 16.197272] The buggy address is located 8 bytes inside of [ 16.197272] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.197890] [ 16.198026] The buggy address belongs to the physical page: [ 16.198391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.198813] flags: 0x200000000000000(node=0|zone=2) [ 16.199258] page_type: f5(slab) [ 16.199360] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.199515] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.200203] page dumped because: kasan: bad access detected [ 16.200718] [ 16.200960] Memory state around the buggy address: [ 16.201199] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.201465] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.201682] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.202103] ^ [ 16.202369] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.202583] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.202936] ================================================================== [ 16.302865] ================================================================== [ 16.303408] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.303608] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.303750] [ 16.303833] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.304179] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.304210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.304236] Call Trace: [ 16.304261] <TASK> [ 16.304283] dump_stack_lvl+0x73/0xb0 [ 16.304348] print_report+0xd1/0x650 [ 16.304384] ? __virt_addr_valid+0x1db/0x2d0 [ 16.304409] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.304433] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.304456] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.304481] kasan_report+0x141/0x180 [ 16.304506] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.304535] kasan_check_range+0x10c/0x1c0 [ 16.304556] __kasan_check_write+0x18/0x20 [ 16.304593] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 16.304701] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.304734] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.304758] ? trace_hardirqs_on+0x37/0xe0 [ 16.304783] ? kasan_bitops_generic+0x92/0x1c0 [ 16.304807] kasan_bitops_generic+0x121/0x1c0 [ 16.304828] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.304850] ? __pfx_read_tsc+0x10/0x10 [ 16.304871] ? ktime_get_ts64+0x86/0x230 [ 16.304898] kunit_try_run_case+0x1a5/0x480 [ 16.304925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.304949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.304975] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.304998] ? __kthread_parkme+0x82/0x180 [ 16.305021] ? preempt_count_sub+0x50/0x80 [ 16.305074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.305103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.305128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.305151] kthread+0x337/0x6f0 [ 16.305169] ? trace_preempt_on+0x20/0xc0 [ 16.305192] ? __pfx_kthread+0x10/0x10 [ 16.305229] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.305252] ? calculate_sigpending+0x7b/0xa0 [ 16.305274] ? __pfx_kthread+0x10/0x10 [ 16.305294] ret_from_fork+0x41/0x80 [ 16.305315] ? __pfx_kthread+0x10/0x10 [ 16.305333] ret_from_fork_asm+0x1a/0x30 [ 16.305366] </TASK> [ 16.305381] [ 16.312976] Allocated by task 281: [ 16.313312] kasan_save_stack+0x45/0x70 [ 16.313636] kasan_save_track+0x18/0x40 [ 16.313899] kasan_save_alloc_info+0x3b/0x50 [ 16.314237] __kasan_kmalloc+0xb7/0xc0 [ 16.314333] __kmalloc_cache_noprof+0x189/0x420 [ 16.314436] kasan_bitops_generic+0x92/0x1c0 [ 16.314531] kunit_try_run_case+0x1a5/0x480 [ 16.315250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.315824] kthread+0x337/0x6f0 [ 16.316106] ret_from_fork+0x41/0x80 [ 16.316359] ret_from_fork_asm+0x1a/0x30 [ 16.316532] [ 16.316605] The buggy address belongs to the object at ffff888102497640 [ 16.316605] which belongs to the cache kmalloc-16 of size 16 [ 16.317134] The buggy address is located 8 bytes inside of [ 16.317134] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.317342] [ 16.317400] The buggy address belongs to the physical page: [ 16.317510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.318259] flags: 0x200000000000000(node=0|zone=2) [ 16.318582] page_type: f5(slab) [ 16.318812] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.319548] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.319843] page dumped because: kasan: bad access detected [ 16.319960] [ 16.320015] Memory state around the buggy address: [ 16.320124] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.320664] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.321086] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.321944] ^ [ 16.322142] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.322462] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.323049] ================================================================== [ 16.158250] ================================================================== [ 16.159112] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.159390] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.159605] [ 16.159686] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.159743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159757] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159782] Call Trace: [ 16.159807] <TASK> [ 16.159828] dump_stack_lvl+0x73/0xb0 [ 16.159861] print_report+0xd1/0x650 [ 16.159885] ? __virt_addr_valid+0x1db/0x2d0 [ 16.159909] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.159933] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.159955] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.159980] kasan_report+0x141/0x180 [ 16.160003] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.160032] kasan_check_range+0x10c/0x1c0 [ 16.160054] __kasan_check_write+0x18/0x20 [ 16.160075] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 16.160102] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.160128] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.160151] ? trace_hardirqs_on+0x37/0xe0 [ 16.160178] ? kasan_bitops_generic+0x92/0x1c0 [ 16.160204] kasan_bitops_generic+0x121/0x1c0 [ 16.160226] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.160249] ? __pfx_read_tsc+0x10/0x10 [ 16.160271] ? ktime_get_ts64+0x86/0x230 [ 16.160299] kunit_try_run_case+0x1a5/0x480 [ 16.160327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.160376] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.160400] ? __kthread_parkme+0x82/0x180 [ 16.160424] ? preempt_count_sub+0x50/0x80 [ 16.160453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.160504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.160530] kthread+0x337/0x6f0 [ 16.160549] ? trace_preempt_on+0x20/0xc0 [ 16.161331] ? __pfx_kthread+0x10/0x10 [ 16.161357] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.161384] ? calculate_sigpending+0x7b/0xa0 [ 16.161409] ? __pfx_kthread+0x10/0x10 [ 16.161430] ret_from_fork+0x41/0x80 [ 16.161456] ? __pfx_kthread+0x10/0x10 [ 16.161477] ret_from_fork_asm+0x1a/0x30 [ 16.161512] </TASK> [ 16.161527] [ 16.170455] Allocated by task 281: [ 16.170593] kasan_save_stack+0x45/0x70 [ 16.172328] kasan_save_track+0x18/0x40 [ 16.172473] kasan_save_alloc_info+0x3b/0x50 [ 16.173195] __kasan_kmalloc+0xb7/0xc0 [ 16.173418] __kmalloc_cache_noprof+0x189/0x420 [ 16.173549] kasan_bitops_generic+0x92/0x1c0 [ 16.174096] kunit_try_run_case+0x1a5/0x480 [ 16.174220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.174624] kthread+0x337/0x6f0 [ 16.174759] ret_from_fork+0x41/0x80 [ 16.174933] ret_from_fork_asm+0x1a/0x30 [ 16.175218] [ 16.175358] The buggy address belongs to the object at ffff888102497640 [ 16.175358] which belongs to the cache kmalloc-16 of size 16 [ 16.175859] The buggy address is located 8 bytes inside of [ 16.175859] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.176575] [ 16.176654] The buggy address belongs to the physical page: [ 16.177647] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.177921] flags: 0x200000000000000(node=0|zone=2) [ 16.178075] page_type: f5(slab) [ 16.178199] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.178407] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.178639] page dumped because: kasan: bad access detected [ 16.179418] [ 16.179506] Memory state around the buggy address: [ 16.179856] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.180592] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.181071] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.181367] ^ [ 16.181952] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.182192] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.182521] ================================================================== [ 16.227052] ================================================================== [ 16.227593] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.228168] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.228444] [ 16.228828] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.228889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.228904] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.228928] Call Trace: [ 16.228951] <TASK> [ 16.228972] dump_stack_lvl+0x73/0xb0 [ 16.229006] print_report+0xd1/0x650 [ 16.229032] ? __virt_addr_valid+0x1db/0x2d0 [ 16.229054] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.229077] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.229100] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.229124] kasan_report+0x141/0x180 [ 16.229146] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.229174] kasan_check_range+0x10c/0x1c0 [ 16.229196] __kasan_check_write+0x18/0x20 [ 16.229227] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 16.229251] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.229276] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.229297] ? trace_hardirqs_on+0x37/0xe0 [ 16.229321] ? kasan_bitops_generic+0x92/0x1c0 [ 16.229344] kasan_bitops_generic+0x121/0x1c0 [ 16.229363] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.229385] ? __pfx_read_tsc+0x10/0x10 [ 16.229405] ? ktime_get_ts64+0x86/0x230 [ 16.229431] kunit_try_run_case+0x1a5/0x480 [ 16.229455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.229478] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.229502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.229526] ? __kthread_parkme+0x82/0x180 [ 16.229548] ? preempt_count_sub+0x50/0x80 [ 16.229593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.229618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.229642] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.229666] kthread+0x337/0x6f0 [ 16.229684] ? trace_preempt_on+0x20/0xc0 [ 16.229706] ? __pfx_kthread+0x10/0x10 [ 16.229725] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.229746] ? calculate_sigpending+0x7b/0xa0 [ 16.229769] ? __pfx_kthread+0x10/0x10 [ 16.229787] ret_from_fork+0x41/0x80 [ 16.229810] ? __pfx_kthread+0x10/0x10 [ 16.229828] ret_from_fork_asm+0x1a/0x30 [ 16.229859] </TASK> [ 16.229872] [ 16.240592] Allocated by task 281: [ 16.241218] kasan_save_stack+0x45/0x70 [ 16.241371] kasan_save_track+0x18/0x40 [ 16.241465] kasan_save_alloc_info+0x3b/0x50 [ 16.242031] __kasan_kmalloc+0xb7/0xc0 [ 16.242321] __kmalloc_cache_noprof+0x189/0x420 [ 16.242697] kasan_bitops_generic+0x92/0x1c0 [ 16.242916] kunit_try_run_case+0x1a5/0x480 [ 16.243238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.243381] kthread+0x337/0x6f0 [ 16.243661] ret_from_fork+0x41/0x80 [ 16.243837] ret_from_fork_asm+0x1a/0x30 [ 16.243935] [ 16.244040] The buggy address belongs to the object at ffff888102497640 [ 16.244040] which belongs to the cache kmalloc-16 of size 16 [ 16.244401] The buggy address is located 8 bytes inside of [ 16.244401] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.245611] [ 16.245845] The buggy address belongs to the physical page: [ 16.246106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.246307] flags: 0x200000000000000(node=0|zone=2) [ 16.246421] page_type: f5(slab) [ 16.246541] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.247028] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.247626] page dumped because: kasan: bad access detected [ 16.247734] [ 16.248174] Memory state around the buggy address: [ 16.248360] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.249378] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.249763] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.249957] ^ [ 16.250253] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.250514] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.250938] ================================================================== [ 16.276060] ================================================================== [ 16.276321] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.276596] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.278933] [ 16.279056] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.279118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.279143] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.279169] Call Trace: [ 16.279193] <TASK> [ 16.279224] dump_stack_lvl+0x73/0xb0 [ 16.279267] print_report+0xd1/0x650 [ 16.279294] ? __virt_addr_valid+0x1db/0x2d0 [ 16.279319] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.279344] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.279367] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.279392] kasan_report+0x141/0x180 [ 16.279414] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.279442] kasan_check_range+0x10c/0x1c0 [ 16.279462] __kasan_check_write+0x18/0x20 [ 16.279482] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 16.279508] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.279536] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.279576] ? trace_hardirqs_on+0x37/0xe0 [ 16.279607] ? kasan_bitops_generic+0x92/0x1c0 [ 16.279634] kasan_bitops_generic+0x121/0x1c0 [ 16.279657] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.279681] ? __pfx_read_tsc+0x10/0x10 [ 16.279704] ? ktime_get_ts64+0x86/0x230 [ 16.279733] kunit_try_run_case+0x1a5/0x480 [ 16.279761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.279785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.279811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.279837] ? __kthread_parkme+0x82/0x180 [ 16.279861] ? preempt_count_sub+0x50/0x80 [ 16.279889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.279916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.279941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.279966] kthread+0x337/0x6f0 [ 16.279985] ? trace_preempt_on+0x20/0xc0 [ 16.280010] ? __pfx_kthread+0x10/0x10 [ 16.280030] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.280053] ? calculate_sigpending+0x7b/0xa0 [ 16.280077] ? __pfx_kthread+0x10/0x10 [ 16.280098] ret_from_fork+0x41/0x80 [ 16.280120] ? __pfx_kthread+0x10/0x10 [ 16.280140] ret_from_fork_asm+0x1a/0x30 [ 16.280175] </TASK> [ 16.280188] [ 16.290016] Allocated by task 281: [ 16.290126] kasan_save_stack+0x45/0x70 [ 16.290396] kasan_save_track+0x18/0x40 [ 16.290662] kasan_save_alloc_info+0x3b/0x50 [ 16.290872] __kasan_kmalloc+0xb7/0xc0 [ 16.291191] __kmalloc_cache_noprof+0x189/0x420 [ 16.291822] kasan_bitops_generic+0x92/0x1c0 [ 16.292264] kunit_try_run_case+0x1a5/0x480 [ 16.292437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.294369] kthread+0x337/0x6f0 [ 16.294587] ret_from_fork+0x41/0x80 [ 16.294916] ret_from_fork_asm+0x1a/0x30 [ 16.295102] [ 16.295212] The buggy address belongs to the object at ffff888102497640 [ 16.295212] which belongs to the cache kmalloc-16 of size 16 [ 16.296131] The buggy address is located 8 bytes inside of [ 16.296131] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.296910] [ 16.297146] The buggy address belongs to the physical page: [ 16.297284] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.297894] flags: 0x200000000000000(node=0|zone=2) [ 16.298235] page_type: f5(slab) [ 16.298345] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.298814] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.299284] page dumped because: kasan: bad access detected [ 16.300041] [ 16.300256] Memory state around the buggy address: [ 16.300551] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.300754] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.301151] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.301550] ^ [ 16.301832] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.302204] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.302421] ================================================================== [ 16.323495] ================================================================== [ 16.324079] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.324582] Read of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.325012] [ 16.325137] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.325212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.325226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.325250] Call Trace: [ 16.325274] <TASK> [ 16.325309] dump_stack_lvl+0x73/0xb0 [ 16.325344] print_report+0xd1/0x650 [ 16.325370] ? __virt_addr_valid+0x1db/0x2d0 [ 16.325393] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.325416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.325439] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.325463] kasan_report+0x141/0x180 [ 16.325503] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.325535] kasan_check_range+0x10c/0x1c0 [ 16.325555] __kasan_check_read+0x15/0x20 [ 16.325681] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 16.325710] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.325736] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.325759] ? trace_hardirqs_on+0x37/0xe0 [ 16.325783] ? kasan_bitops_generic+0x92/0x1c0 [ 16.325807] kasan_bitops_generic+0x121/0x1c0 [ 16.325827] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.325849] ? __pfx_read_tsc+0x10/0x10 [ 16.325886] ? ktime_get_ts64+0x86/0x230 [ 16.325915] kunit_try_run_case+0x1a5/0x480 [ 16.325942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.325965] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.325990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.326013] ? __kthread_parkme+0x82/0x180 [ 16.326036] ? preempt_count_sub+0x50/0x80 [ 16.326064] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.326089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.326112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.326135] kthread+0x337/0x6f0 [ 16.326153] ? trace_preempt_on+0x20/0xc0 [ 16.326176] ? __pfx_kthread+0x10/0x10 [ 16.326195] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.326216] ? calculate_sigpending+0x7b/0xa0 [ 16.326238] ? __pfx_kthread+0x10/0x10 [ 16.326256] ret_from_fork+0x41/0x80 [ 16.326278] ? __pfx_kthread+0x10/0x10 [ 16.326296] ret_from_fork_asm+0x1a/0x30 [ 16.326328] </TASK> [ 16.326341] [ 16.333777] Allocated by task 281: [ 16.333966] kasan_save_stack+0x45/0x70 [ 16.334172] kasan_save_track+0x18/0x40 [ 16.334373] kasan_save_alloc_info+0x3b/0x50 [ 16.334566] __kasan_kmalloc+0xb7/0xc0 [ 16.335053] __kmalloc_cache_noprof+0x189/0x420 [ 16.335234] kasan_bitops_generic+0x92/0x1c0 [ 16.335464] kunit_try_run_case+0x1a5/0x480 [ 16.335595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.336005] kthread+0x337/0x6f0 [ 16.336091] ret_from_fork+0x41/0x80 [ 16.336236] ret_from_fork_asm+0x1a/0x30 [ 16.336476] [ 16.336595] The buggy address belongs to the object at ffff888102497640 [ 16.336595] which belongs to the cache kmalloc-16 of size 16 [ 16.337039] The buggy address is located 8 bytes inside of [ 16.337039] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.337238] [ 16.337356] The buggy address belongs to the physical page: [ 16.337734] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.338031] flags: 0x200000000000000(node=0|zone=2) [ 16.338229] page_type: f5(slab) [ 16.338318] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.338459] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.338978] page dumped because: kasan: bad access detected [ 16.339333] [ 16.339447] Memory state around the buggy address: [ 16.339758] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.340025] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.340288] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.340413] ^ [ 16.340517] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.340991] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.341390] ================================================================== [ 16.341951] ================================================================== [ 16.342225] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.342532] Read of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.343042] [ 16.343146] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.343209] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.343224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.343250] Call Trace: [ 16.343274] <TASK> [ 16.343295] dump_stack_lvl+0x73/0xb0 [ 16.343344] print_report+0xd1/0x650 [ 16.343369] ? __virt_addr_valid+0x1db/0x2d0 [ 16.343399] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.343446] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343470] kasan_report+0x141/0x180 [ 16.343494] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343522] __asan_report_load8_noabort+0x18/0x20 [ 16.343543] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 16.343579] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.343743] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.343767] ? trace_hardirqs_on+0x37/0xe0 [ 16.343792] ? kasan_bitops_generic+0x92/0x1c0 [ 16.343816] kasan_bitops_generic+0x121/0x1c0 [ 16.343836] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.343858] ? __pfx_read_tsc+0x10/0x10 [ 16.343897] ? ktime_get_ts64+0x86/0x230 [ 16.343925] kunit_try_run_case+0x1a5/0x480 [ 16.343959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.343983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.344007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.344031] ? __kthread_parkme+0x82/0x180 [ 16.344053] ? preempt_count_sub+0x50/0x80 [ 16.344078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.344103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.344127] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.344167] kthread+0x337/0x6f0 [ 16.344187] ? trace_preempt_on+0x20/0xc0 [ 16.344211] ? __pfx_kthread+0x10/0x10 [ 16.344230] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.344250] ? calculate_sigpending+0x7b/0xa0 [ 16.344271] ? __pfx_kthread+0x10/0x10 [ 16.344308] ret_from_fork+0x41/0x80 [ 16.344330] ? __pfx_kthread+0x10/0x10 [ 16.344348] ret_from_fork_asm+0x1a/0x30 [ 16.344380] </TASK> [ 16.344392] [ 16.351190] Allocated by task 281: [ 16.351434] kasan_save_stack+0x45/0x70 [ 16.352743] kasan_save_track+0x18/0x40 [ 16.353027] kasan_save_alloc_info+0x3b/0x50 [ 16.353302] __kasan_kmalloc+0xb7/0xc0 [ 16.353427] __kmalloc_cache_noprof+0x189/0x420 [ 16.353578] kasan_bitops_generic+0x92/0x1c0 [ 16.354082] kunit_try_run_case+0x1a5/0x480 [ 16.354202] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.354357] kthread+0x337/0x6f0 [ 16.354462] ret_from_fork+0x41/0x80 [ 16.354581] ret_from_fork_asm+0x1a/0x30 [ 16.355184] [ 16.355274] The buggy address belongs to the object at ffff888102497640 [ 16.355274] which belongs to the cache kmalloc-16 of size 16 [ 16.355585] The buggy address is located 8 bytes inside of [ 16.355585] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.355784] [ 16.355840] The buggy address belongs to the physical page: [ 16.355945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.356602] flags: 0x200000000000000(node=0|zone=2) [ 16.357004] page_type: f5(slab) [ 16.357156] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.357480] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.357624] page dumped because: kasan: bad access detected [ 16.357966] [ 16.358068] Memory state around the buggy address: [ 16.358329] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.358645] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.359260] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.359423] ^ [ 16.359533] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.359698] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.360163] ================================================================== [ 16.251805] ================================================================== [ 16.252615] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.252863] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.253052] [ 16.253151] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.253205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.253219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.253241] Call Trace: [ 16.253265] <TASK> [ 16.253286] dump_stack_lvl+0x73/0xb0 [ 16.253316] print_report+0xd1/0x650 [ 16.253339] ? __virt_addr_valid+0x1db/0x2d0 [ 16.253361] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.253385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.253408] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.253431] kasan_report+0x141/0x180 [ 16.253452] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.253479] kasan_check_range+0x10c/0x1c0 [ 16.253499] __kasan_check_write+0x18/0x20 [ 16.253518] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 16.253541] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.253577] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.253601] ? trace_hardirqs_on+0x37/0xe0 [ 16.253624] ? kasan_bitops_generic+0x92/0x1c0 [ 16.253648] kasan_bitops_generic+0x121/0x1c0 [ 16.253669] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.253690] ? __pfx_read_tsc+0x10/0x10 [ 16.253710] ? ktime_get_ts64+0x86/0x230 [ 16.254924] kunit_try_run_case+0x1a5/0x480 [ 16.254960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.254984] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.255010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.255032] ? __kthread_parkme+0x82/0x180 [ 16.255055] ? preempt_count_sub+0x50/0x80 [ 16.255080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.255105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.255128] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.255162] kthread+0x337/0x6f0 [ 16.255180] ? trace_preempt_on+0x20/0xc0 [ 16.255204] ? __pfx_kthread+0x10/0x10 [ 16.255223] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.255247] ? calculate_sigpending+0x7b/0xa0 [ 16.255271] ? __pfx_kthread+0x10/0x10 [ 16.255292] ret_from_fork+0x41/0x80 [ 16.255315] ? __pfx_kthread+0x10/0x10 [ 16.255335] ret_from_fork_asm+0x1a/0x30 [ 16.255370] </TASK> [ 16.255384] [ 16.266229] Allocated by task 281: [ 16.266356] kasan_save_stack+0x45/0x70 [ 16.266497] kasan_save_track+0x18/0x40 [ 16.266639] kasan_save_alloc_info+0x3b/0x50 [ 16.268206] __kasan_kmalloc+0xb7/0xc0 [ 16.268328] __kmalloc_cache_noprof+0x189/0x420 [ 16.268774] kasan_bitops_generic+0x92/0x1c0 [ 16.268968] kunit_try_run_case+0x1a5/0x480 [ 16.269165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269397] kthread+0x337/0x6f0 [ 16.269535] ret_from_fork+0x41/0x80 [ 16.270085] ret_from_fork_asm+0x1a/0x30 [ 16.270244] [ 16.270301] The buggy address belongs to the object at ffff888102497640 [ 16.270301] which belongs to the cache kmalloc-16 of size 16 [ 16.271189] The buggy address is located 8 bytes inside of [ 16.271189] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.271423] [ 16.271483] The buggy address belongs to the physical page: [ 16.271621] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.272621] flags: 0x200000000000000(node=0|zone=2) [ 16.272737] page_type: f5(slab) [ 16.272824] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.273062] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.273391] page dumped because: kasan: bad access detected [ 16.273523] [ 16.273634] Memory state around the buggy address: [ 16.274235] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.274498] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.274898] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.275079] ^ [ 16.275235] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275409] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.275590] ================================================================== [ 16.203593] ================================================================== [ 16.204186] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.204585] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.204978] [ 16.205064] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.205121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.205136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.205159] Call Trace: [ 16.205184] <TASK> [ 16.205203] dump_stack_lvl+0x73/0xb0 [ 16.205258] print_report+0xd1/0x650 [ 16.205289] ? __virt_addr_valid+0x1db/0x2d0 [ 16.205312] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.205336] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.205358] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.205381] kasan_report+0x141/0x180 [ 16.205404] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.205432] kasan_check_range+0x10c/0x1c0 [ 16.205451] __kasan_check_write+0x18/0x20 [ 16.205470] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 16.205494] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 16.205517] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.205539] ? trace_hardirqs_on+0x37/0xe0 [ 16.205573] ? kasan_bitops_generic+0x92/0x1c0 [ 16.205600] kasan_bitops_generic+0x121/0x1c0 [ 16.205620] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.205642] ? __pfx_read_tsc+0x10/0x10 [ 16.205661] ? ktime_get_ts64+0x86/0x230 [ 16.205687] kunit_try_run_case+0x1a5/0x480 [ 16.205712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.205734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.205771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.205793] ? __kthread_parkme+0x82/0x180 [ 16.205815] ? preempt_count_sub+0x50/0x80 [ 16.205841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.205864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.205887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.205910] kthread+0x337/0x6f0 [ 16.205927] ? trace_preempt_on+0x20/0xc0 [ 16.205949] ? __pfx_kthread+0x10/0x10 [ 16.205967] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.205987] ? calculate_sigpending+0x7b/0xa0 [ 16.206009] ? __pfx_kthread+0x10/0x10 [ 16.206026] ret_from_fork+0x41/0x80 [ 16.206047] ? __pfx_kthread+0x10/0x10 [ 16.206141] ret_from_fork_asm+0x1a/0x30 [ 16.206179] </TASK> [ 16.206192] [ 16.214200] Allocated by task 281: [ 16.214460] kasan_save_stack+0x45/0x70 [ 16.214614] kasan_save_track+0x18/0x40 [ 16.215342] kasan_save_alloc_info+0x3b/0x50 [ 16.215550] __kasan_kmalloc+0xb7/0xc0 [ 16.215800] __kmalloc_cache_noprof+0x189/0x420 [ 16.215902] kasan_bitops_generic+0x92/0x1c0 [ 16.215998] kunit_try_run_case+0x1a5/0x480 [ 16.216094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.216202] kthread+0x337/0x6f0 [ 16.216281] ret_from_fork+0x41/0x80 [ 16.216451] ret_from_fork_asm+0x1a/0x30 [ 16.217298] [ 16.217446] The buggy address belongs to the object at ffff888102497640 [ 16.217446] which belongs to the cache kmalloc-16 of size 16 [ 16.219577] The buggy address is located 8 bytes inside of [ 16.219577] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.220395] [ 16.220800] The buggy address belongs to the physical page: [ 16.221070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.221273] flags: 0x200000000000000(node=0|zone=2) [ 16.221408] page_type: f5(slab) [ 16.221522] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.222548] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.222971] page dumped because: kasan: bad access detected [ 16.223294] [ 16.223405] Memory state around the buggy address: [ 16.223606] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.223960] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.224851] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.225012] ^ [ 16.225280] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.225548] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226366] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 16.086590] ================================================================== [ 16.086933] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.087419] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.087890] [ 16.088081] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.088153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.088169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.088204] Call Trace: [ 16.088231] <TASK> [ 16.088253] dump_stack_lvl+0x73/0xb0 [ 16.088301] print_report+0xd1/0x650 [ 16.088338] ? __virt_addr_valid+0x1db/0x2d0 [ 16.088365] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.088389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.088426] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.088449] kasan_report+0x141/0x180 [ 16.088474] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.088500] kasan_check_range+0x10c/0x1c0 [ 16.088521] __kasan_check_write+0x18/0x20 [ 16.088541] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 16.088580] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.088617] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.088764] ? trace_hardirqs_on+0x37/0xe0 [ 16.088799] ? kasan_bitops_generic+0x92/0x1c0 [ 16.088826] kasan_bitops_generic+0x116/0x1c0 [ 16.088850] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.088872] ? __pfx_read_tsc+0x10/0x10 [ 16.088895] ? ktime_get_ts64+0x86/0x230 [ 16.088922] kunit_try_run_case+0x1a5/0x480 [ 16.088948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.088970] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.088996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.089020] ? __kthread_parkme+0x82/0x180 [ 16.089041] ? preempt_count_sub+0x50/0x80 [ 16.089067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.089092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.089114] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.089137] kthread+0x337/0x6f0 [ 16.089155] ? trace_preempt_on+0x20/0xc0 [ 16.089177] ? __pfx_kthread+0x10/0x10 [ 16.089199] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.089228] ? calculate_sigpending+0x7b/0xa0 [ 16.089250] ? __pfx_kthread+0x10/0x10 [ 16.089269] ret_from_fork+0x41/0x80 [ 16.089289] ? __pfx_kthread+0x10/0x10 [ 16.089308] ret_from_fork_asm+0x1a/0x30 [ 16.089339] </TASK> [ 16.089352] [ 16.096445] Allocated by task 281: [ 16.096567] kasan_save_stack+0x45/0x70 [ 16.096858] kasan_save_track+0x18/0x40 [ 16.097064] kasan_save_alloc_info+0x3b/0x50 [ 16.097319] __kasan_kmalloc+0xb7/0xc0 [ 16.097540] __kmalloc_cache_noprof+0x189/0x420 [ 16.098160] kasan_bitops_generic+0x92/0x1c0 [ 16.098415] kunit_try_run_case+0x1a5/0x480 [ 16.098575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.098844] kthread+0x337/0x6f0 [ 16.099024] ret_from_fork+0x41/0x80 [ 16.099213] ret_from_fork_asm+0x1a/0x30 [ 16.099396] [ 16.099518] The buggy address belongs to the object at ffff888102497640 [ 16.099518] which belongs to the cache kmalloc-16 of size 16 [ 16.100111] The buggy address is located 8 bytes inside of [ 16.100111] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.100533] [ 16.100626] The buggy address belongs to the physical page: [ 16.100796] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.100949] flags: 0x200000000000000(node=0|zone=2) [ 16.101064] page_type: f5(slab) [ 16.101157] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.101300] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.101436] page dumped because: kasan: bad access detected [ 16.102163] [ 16.102306] Memory state around the buggy address: [ 16.103260] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.103648] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.103956] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.104087] ^ [ 16.104199] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.104330] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.104950] ================================================================== [ 16.061789] ================================================================== [ 16.062789] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.063275] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.063786] [ 16.063917] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.063984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.064000] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.064268] Call Trace: [ 16.064303] <TASK> [ 16.064327] dump_stack_lvl+0x73/0xb0 [ 16.064370] print_report+0xd1/0x650 [ 16.064399] ? __virt_addr_valid+0x1db/0x2d0 [ 16.064424] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.064449] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.064474] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.064496] kasan_report+0x141/0x180 [ 16.064520] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.064547] kasan_check_range+0x10c/0x1c0 [ 16.064592] __kasan_check_write+0x18/0x20 [ 16.064615] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 16.064918] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.064947] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.064971] ? trace_hardirqs_on+0x37/0xe0 [ 16.064997] ? kasan_bitops_generic+0x92/0x1c0 [ 16.065022] kasan_bitops_generic+0x116/0x1c0 [ 16.065043] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.065065] ? __pfx_read_tsc+0x10/0x10 [ 16.065087] ? ktime_get_ts64+0x86/0x230 [ 16.065115] kunit_try_run_case+0x1a5/0x480 [ 16.065141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.065165] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.065190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.065213] ? __kthread_parkme+0x82/0x180 [ 16.065236] ? preempt_count_sub+0x50/0x80 [ 16.065263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.065288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.065312] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.065335] kthread+0x337/0x6f0 [ 16.065353] ? trace_preempt_on+0x20/0xc0 [ 16.065377] ? __pfx_kthread+0x10/0x10 [ 16.065396] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.065417] ? calculate_sigpending+0x7b/0xa0 [ 16.065439] ? __pfx_kthread+0x10/0x10 [ 16.065458] ret_from_fork+0x41/0x80 [ 16.065479] ? __pfx_kthread+0x10/0x10 [ 16.065499] ret_from_fork_asm+0x1a/0x30 [ 16.065530] </TASK> [ 16.065544] [ 16.076245] Allocated by task 281: [ 16.076525] kasan_save_stack+0x45/0x70 [ 16.076894] kasan_save_track+0x18/0x40 [ 16.077083] kasan_save_alloc_info+0x3b/0x50 [ 16.077408] __kasan_kmalloc+0xb7/0xc0 [ 16.077578] __kmalloc_cache_noprof+0x189/0x420 [ 16.078064] kasan_bitops_generic+0x92/0x1c0 [ 16.078280] kunit_try_run_case+0x1a5/0x480 [ 16.078409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.078851] kthread+0x337/0x6f0 [ 16.079052] ret_from_fork+0x41/0x80 [ 16.079295] ret_from_fork_asm+0x1a/0x30 [ 16.079534] [ 16.079773] The buggy address belongs to the object at ffff888102497640 [ 16.079773] which belongs to the cache kmalloc-16 of size 16 [ 16.080248] The buggy address is located 8 bytes inside of [ 16.080248] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.080930] [ 16.081004] The buggy address belongs to the physical page: [ 16.081123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.081592] flags: 0x200000000000000(node=0|zone=2) [ 16.082101] page_type: f5(slab) [ 16.082209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.082719] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.083089] page dumped because: kasan: bad access detected [ 16.083333] [ 16.083479] Memory state around the buggy address: [ 16.083854] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.084157] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.084491] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.084898] ^ [ 16.085036] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085344] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.085957] ================================================================== [ 16.105919] ================================================================== [ 16.106611] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.107138] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.107347] [ 16.107455] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.107513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.107527] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.107551] Call Trace: [ 16.107591] <TASK> [ 16.107613] dump_stack_lvl+0x73/0xb0 [ 16.107647] print_report+0xd1/0x650 [ 16.107672] ? __virt_addr_valid+0x1db/0x2d0 [ 16.107836] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.107864] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.107889] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.107912] kasan_report+0x141/0x180 [ 16.107937] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.107963] kasan_check_range+0x10c/0x1c0 [ 16.107985] __kasan_check_write+0x18/0x20 [ 16.108005] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 16.108028] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.108053] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.108076] ? trace_hardirqs_on+0x37/0xe0 [ 16.108101] ? kasan_bitops_generic+0x92/0x1c0 [ 16.108125] kasan_bitops_generic+0x116/0x1c0 [ 16.108146] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.108169] ? __pfx_read_tsc+0x10/0x10 [ 16.108191] ? ktime_get_ts64+0x86/0x230 [ 16.108217] kunit_try_run_case+0x1a5/0x480 [ 16.108242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.108289] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.108312] ? __kthread_parkme+0x82/0x180 [ 16.108334] ? preempt_count_sub+0x50/0x80 [ 16.108359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.108384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.108407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.108431] kthread+0x337/0x6f0 [ 16.108448] ? trace_preempt_on+0x20/0xc0 [ 16.108471] ? __pfx_kthread+0x10/0x10 [ 16.108489] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.108510] ? calculate_sigpending+0x7b/0xa0 [ 16.108532] ? __pfx_kthread+0x10/0x10 [ 16.108550] ret_from_fork+0x41/0x80 [ 16.108587] ? __pfx_kthread+0x10/0x10 [ 16.108607] ret_from_fork_asm+0x1a/0x30 [ 16.108782] </TASK> [ 16.108924] [ 16.119043] Allocated by task 281: [ 16.119322] kasan_save_stack+0x45/0x70 [ 16.119511] kasan_save_track+0x18/0x40 [ 16.119623] kasan_save_alloc_info+0x3b/0x50 [ 16.119722] __kasan_kmalloc+0xb7/0xc0 [ 16.119814] __kmalloc_cache_noprof+0x189/0x420 [ 16.122430] kasan_bitops_generic+0x92/0x1c0 [ 16.122589] kunit_try_run_case+0x1a5/0x480 [ 16.122852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.122981] kthread+0x337/0x6f0 [ 16.123064] ret_from_fork+0x41/0x80 [ 16.123169] ret_from_fork_asm+0x1a/0x30 [ 16.123928] [ 16.124002] The buggy address belongs to the object at ffff888102497640 [ 16.124002] which belongs to the cache kmalloc-16 of size 16 [ 16.125855] The buggy address is located 8 bytes inside of [ 16.125855] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.126367] [ 16.126466] The buggy address belongs to the physical page: [ 16.126625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.126775] flags: 0x200000000000000(node=0|zone=2) [ 16.126884] page_type: f5(slab) [ 16.127652] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.127830] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.127970] page dumped because: kasan: bad access detected [ 16.128079] [ 16.128131] Memory state around the buggy address: [ 16.128233] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.128364] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.128493] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.130275] ^ [ 16.130509] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.130951] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.131146] ================================================================== [ 16.033239] ================================================================== [ 16.033835] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.034280] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.034762] [ 16.035424] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.035495] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.035511] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.035535] Call Trace: [ 16.035570] <TASK> [ 16.035595] dump_stack_lvl+0x73/0xb0 [ 16.035936] print_report+0xd1/0x650 [ 16.035967] ? __virt_addr_valid+0x1db/0x2d0 [ 16.035994] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.036017] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.036041] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.036064] kasan_report+0x141/0x180 [ 16.036088] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.036115] kasan_check_range+0x10c/0x1c0 [ 16.036136] __kasan_check_write+0x18/0x20 [ 16.036157] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 16.036179] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.036203] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.036225] ? trace_hardirqs_on+0x37/0xe0 [ 16.036250] ? kasan_bitops_generic+0x92/0x1c0 [ 16.036275] kasan_bitops_generic+0x116/0x1c0 [ 16.036296] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.036317] ? __pfx_read_tsc+0x10/0x10 [ 16.036353] ? ktime_get_ts64+0x86/0x230 [ 16.036382] kunit_try_run_case+0x1a5/0x480 [ 16.036409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.036456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.036479] ? __kthread_parkme+0x82/0x180 [ 16.036501] ? preempt_count_sub+0x50/0x80 [ 16.036528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.036551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.036594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.036617] kthread+0x337/0x6f0 [ 16.036644] ? trace_preempt_on+0x20/0xc0 [ 16.036667] ? __pfx_kthread+0x10/0x10 [ 16.036684] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.036705] ? calculate_sigpending+0x7b/0xa0 [ 16.036728] ? __pfx_kthread+0x10/0x10 [ 16.036746] ret_from_fork+0x41/0x80 [ 16.036766] ? __pfx_kthread+0x10/0x10 [ 16.036784] ret_from_fork_asm+0x1a/0x30 [ 16.036815] </TASK> [ 16.036829] [ 16.048360] Allocated by task 281: [ 16.048628] kasan_save_stack+0x45/0x70 [ 16.049550] kasan_save_track+0x18/0x40 [ 16.049713] kasan_save_alloc_info+0x3b/0x50 [ 16.050023] __kasan_kmalloc+0xb7/0xc0 [ 16.050123] __kmalloc_cache_noprof+0x189/0x420 [ 16.050399] kasan_bitops_generic+0x92/0x1c0 [ 16.050607] kunit_try_run_case+0x1a5/0x480 [ 16.051317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.051523] kthread+0x337/0x6f0 [ 16.051966] ret_from_fork+0x41/0x80 [ 16.052491] ret_from_fork_asm+0x1a/0x30 [ 16.052981] [ 16.053281] The buggy address belongs to the object at ffff888102497640 [ 16.053281] which belongs to the cache kmalloc-16 of size 16 [ 16.053729] The buggy address is located 8 bytes inside of [ 16.053729] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.054447] [ 16.054549] The buggy address belongs to the physical page: [ 16.054758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.055544] flags: 0x200000000000000(node=0|zone=2) [ 16.055860] page_type: f5(slab) [ 16.056255] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.056749] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.057014] page dumped because: kasan: bad access detected [ 16.057773] [ 16.058085] Memory state around the buggy address: [ 16.058311] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.058884] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.059385] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.059822] ^ [ 16.060167] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.060476] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.061001] ================================================================== [ 16.006918] ================================================================== [ 16.007090] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.007353] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.008615] [ 16.009074] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.009137] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.009151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.009175] Call Trace: [ 16.009191] <TASK> [ 16.009220] dump_stack_lvl+0x73/0xb0 [ 16.009260] print_report+0xd1/0x650 [ 16.009285] ? __virt_addr_valid+0x1db/0x2d0 [ 16.009308] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.009330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.009353] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.009375] kasan_report+0x141/0x180 [ 16.009398] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.009424] kasan_check_range+0x10c/0x1c0 [ 16.009444] __kasan_check_write+0x18/0x20 [ 16.009465] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 16.009487] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.009510] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.009532] ? trace_hardirqs_on+0x37/0xe0 [ 16.009556] ? kasan_bitops_generic+0x92/0x1c0 [ 16.009602] kasan_bitops_generic+0x116/0x1c0 [ 16.009803] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.009832] ? __pfx_read_tsc+0x10/0x10 [ 16.009855] ? ktime_get_ts64+0x86/0x230 [ 16.009881] kunit_try_run_case+0x1a5/0x480 [ 16.009909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.009931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.009956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.009980] ? __kthread_parkme+0x82/0x180 [ 16.010003] ? preempt_count_sub+0x50/0x80 [ 16.010029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.010053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.010076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.010098] kthread+0x337/0x6f0 [ 16.010116] ? trace_preempt_on+0x20/0xc0 [ 16.010139] ? __pfx_kthread+0x10/0x10 [ 16.010157] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.010177] ? calculate_sigpending+0x7b/0xa0 [ 16.010199] ? __pfx_kthread+0x10/0x10 [ 16.010217] ret_from_fork+0x41/0x80 [ 16.010238] ? __pfx_kthread+0x10/0x10 [ 16.010256] ret_from_fork_asm+0x1a/0x30 [ 16.010288] </TASK> [ 16.010301] [ 16.020810] Allocated by task 281: [ 16.021029] kasan_save_stack+0x45/0x70 [ 16.021185] kasan_save_track+0x18/0x40 [ 16.021410] kasan_save_alloc_info+0x3b/0x50 [ 16.022401] __kasan_kmalloc+0xb7/0xc0 [ 16.022545] __kmalloc_cache_noprof+0x189/0x420 [ 16.022719] kasan_bitops_generic+0x92/0x1c0 [ 16.023296] kunit_try_run_case+0x1a5/0x480 [ 16.023452] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.023926] kthread+0x337/0x6f0 [ 16.024057] ret_from_fork+0x41/0x80 [ 16.024172] ret_from_fork_asm+0x1a/0x30 [ 16.024299] [ 16.024374] The buggy address belongs to the object at ffff888102497640 [ 16.024374] which belongs to the cache kmalloc-16 of size 16 [ 16.025407] The buggy address is located 8 bytes inside of [ 16.025407] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.026425] [ 16.026541] The buggy address belongs to the physical page: [ 16.026764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.027121] flags: 0x200000000000000(node=0|zone=2) [ 16.027609] page_type: f5(slab) [ 16.028190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.028375] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.028817] page dumped because: kasan: bad access detected [ 16.029161] [ 16.029233] Memory state around the buggy address: [ 16.029724] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.029907] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.030176] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.030418] ^ [ 16.031038] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.031223] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.032287] ================================================================== [ 15.960214] ================================================================== [ 15.960529] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.960741] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 15.960886] [ 15.961746] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.961826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.961842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.961869] Call Trace: [ 15.961884] <TASK> [ 15.961907] dump_stack_lvl+0x73/0xb0 [ 15.961953] print_report+0xd1/0x650 [ 15.962012] ? __virt_addr_valid+0x1db/0x2d0 [ 15.962040] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.962155] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.962203] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.962231] kasan_report+0x141/0x180 [ 15.962256] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.962297] kasan_check_range+0x10c/0x1c0 [ 15.962320] __kasan_check_write+0x18/0x20 [ 15.962341] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 15.962365] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.962389] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.962413] ? trace_hardirqs_on+0x37/0xe0 [ 15.962440] ? kasan_bitops_generic+0x92/0x1c0 [ 15.962465] kasan_bitops_generic+0x116/0x1c0 [ 15.962488] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.962512] ? __pfx_read_tsc+0x10/0x10 [ 15.962536] ? ktime_get_ts64+0x86/0x230 [ 15.962585] kunit_try_run_case+0x1a5/0x480 [ 15.962619] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.962645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.962674] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.962699] ? __kthread_parkme+0x82/0x180 [ 15.962726] ? preempt_count_sub+0x50/0x80 [ 15.962758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.962786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.962811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.962837] kthread+0x337/0x6f0 [ 15.962856] ? trace_preempt_on+0x20/0xc0 [ 15.962881] ? __pfx_kthread+0x10/0x10 [ 15.962901] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.962923] ? calculate_sigpending+0x7b/0xa0 [ 15.962949] ? __pfx_kthread+0x10/0x10 [ 15.962968] ret_from_fork+0x41/0x80 [ 15.962993] ? __pfx_kthread+0x10/0x10 [ 15.963012] ret_from_fork_asm+0x1a/0x30 [ 15.963047] </TASK> [ 15.963062] [ 15.970400] Allocated by task 281: [ 15.970673] kasan_save_stack+0x45/0x70 [ 15.971162] kasan_save_track+0x18/0x40 [ 15.971572] kasan_save_alloc_info+0x3b/0x50 [ 15.971899] __kasan_kmalloc+0xb7/0xc0 [ 15.972006] __kmalloc_cache_noprof+0x189/0x420 [ 15.972109] kasan_bitops_generic+0x92/0x1c0 [ 15.972204] kunit_try_run_case+0x1a5/0x480 [ 15.972477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.973051] kthread+0x337/0x6f0 [ 15.973306] ret_from_fork+0x41/0x80 [ 15.973468] ret_from_fork_asm+0x1a/0x30 [ 15.973649] [ 15.973807] The buggy address belongs to the object at ffff888102497640 [ 15.973807] which belongs to the cache kmalloc-16 of size 16 [ 15.974269] The buggy address is located 8 bytes inside of [ 15.974269] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 15.974485] [ 15.974546] The buggy address belongs to the physical page: [ 15.974910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 15.975434] flags: 0x200000000000000(node=0|zone=2) [ 15.975706] page_type: f5(slab) [ 15.975804] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.976289] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.976859] page dumped because: kasan: bad access detected [ 15.977021] [ 15.977078] Memory state around the buggy address: [ 15.977185] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 15.977328] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 15.977547] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 15.978062] ^ [ 15.978455] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.979041] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.979222] ================================================================== [ 16.131944] ================================================================== [ 16.132280] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.132898] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 16.133140] [ 16.133299] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 16.133373] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.133387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.133411] Call Trace: [ 16.133435] <TASK> [ 16.133457] dump_stack_lvl+0x73/0xb0 [ 16.133491] print_report+0xd1/0x650 [ 16.133537] ? __virt_addr_valid+0x1db/0x2d0 [ 16.133576] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.133951] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.134002] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.134026] kasan_report+0x141/0x180 [ 16.134051] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.134077] kasan_check_range+0x10c/0x1c0 [ 16.134098] __kasan_check_write+0x18/0x20 [ 16.134117] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 16.134138] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 16.134161] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.134182] ? trace_hardirqs_on+0x37/0xe0 [ 16.134207] ? kasan_bitops_generic+0x92/0x1c0 [ 16.134230] kasan_bitops_generic+0x116/0x1c0 [ 16.134250] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 16.134290] ? __pfx_read_tsc+0x10/0x10 [ 16.134312] ? ktime_get_ts64+0x86/0x230 [ 16.134342] kunit_try_run_case+0x1a5/0x480 [ 16.134369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.134391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.134427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.134450] ? __kthread_parkme+0x82/0x180 [ 16.134472] ? preempt_count_sub+0x50/0x80 [ 16.134497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.134522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.134545] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.134580] kthread+0x337/0x6f0 [ 16.134616] ? trace_preempt_on+0x20/0xc0 [ 16.134750] ? __pfx_kthread+0x10/0x10 [ 16.134781] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.134808] ? calculate_sigpending+0x7b/0xa0 [ 16.134830] ? __pfx_kthread+0x10/0x10 [ 16.134848] ret_from_fork+0x41/0x80 [ 16.134877] ? __pfx_kthread+0x10/0x10 [ 16.134900] ret_from_fork_asm+0x1a/0x30 [ 16.134931] </TASK> [ 16.134944] [ 16.145090] Allocated by task 281: [ 16.145331] kasan_save_stack+0x45/0x70 [ 16.145592] kasan_save_track+0x18/0x40 [ 16.146326] kasan_save_alloc_info+0x3b/0x50 [ 16.146490] __kasan_kmalloc+0xb7/0xc0 [ 16.146918] __kmalloc_cache_noprof+0x189/0x420 [ 16.147041] kasan_bitops_generic+0x92/0x1c0 [ 16.148031] kunit_try_run_case+0x1a5/0x480 [ 16.148257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.148426] kthread+0x337/0x6f0 [ 16.148777] ret_from_fork+0x41/0x80 [ 16.148939] ret_from_fork_asm+0x1a/0x30 [ 16.149448] [ 16.149535] The buggy address belongs to the object at ffff888102497640 [ 16.149535] which belongs to the cache kmalloc-16 of size 16 [ 16.150493] The buggy address is located 8 bytes inside of [ 16.150493] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.151038] [ 16.151180] The buggy address belongs to the physical page: [ 16.151569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.152141] flags: 0x200000000000000(node=0|zone=2) [ 16.152592] page_type: f5(slab) [ 16.152923] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.153221] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.153693] page dumped because: kasan: bad access detected [ 16.153928] [ 16.154046] Memory state around the buggy address: [ 16.154438] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.155161] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.155459] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.155873] ^ [ 16.156058] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156517] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.157381] ================================================================== [ 15.980089] ================================================================== [ 15.980802] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.981323] Write of size 8 at addr ffff888102497648 by task kunit_try_catch/281 [ 15.981952] [ 15.982050] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.982109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.982124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.982150] Call Trace: [ 15.982166] <TASK> [ 15.982187] dump_stack_lvl+0x73/0xb0 [ 15.982222] print_report+0xd1/0x650 [ 15.982247] ? __virt_addr_valid+0x1db/0x2d0 [ 15.982271] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.982294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.982319] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.982342] kasan_report+0x141/0x180 [ 15.982365] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.982392] kasan_check_range+0x10c/0x1c0 [ 15.982413] __kasan_check_write+0x18/0x20 [ 15.982434] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 15.982457] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 15.982481] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.982503] ? trace_hardirqs_on+0x37/0xe0 [ 15.982527] ? kasan_bitops_generic+0x92/0x1c0 [ 15.982551] kasan_bitops_generic+0x116/0x1c0 [ 15.982586] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 15.982610] ? __pfx_read_tsc+0x10/0x10 [ 15.982654] ? ktime_get_ts64+0x86/0x230 [ 15.982682] kunit_try_run_case+0x1a5/0x480 [ 15.982722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.982747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.982774] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.982800] ? __kthread_parkme+0x82/0x180 [ 15.982824] ? preempt_count_sub+0x50/0x80 [ 15.982853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.982880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.982904] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.982931] kthread+0x337/0x6f0 [ 15.982950] ? trace_preempt_on+0x20/0xc0 [ 15.982975] ? __pfx_kthread+0x10/0x10 [ 15.982995] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.983017] ? calculate_sigpending+0x7b/0xa0 [ 15.983042] ? __pfx_kthread+0x10/0x10 [ 15.983112] ret_from_fork+0x41/0x80 [ 15.983151] ? __pfx_kthread+0x10/0x10 [ 15.983174] ret_from_fork_asm+0x1a/0x30 [ 15.983209] </TASK> [ 15.983225] [ 15.995552] Allocated by task 281: [ 15.995963] kasan_save_stack+0x45/0x70 [ 15.996177] kasan_save_track+0x18/0x40 [ 15.996279] kasan_save_alloc_info+0x3b/0x50 [ 15.996555] __kasan_kmalloc+0xb7/0xc0 [ 15.997190] __kmalloc_cache_noprof+0x189/0x420 [ 15.997386] kasan_bitops_generic+0x92/0x1c0 [ 15.997842] kunit_try_run_case+0x1a5/0x480 [ 15.998097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.998341] kthread+0x337/0x6f0 [ 15.998586] ret_from_fork+0x41/0x80 [ 15.999237] ret_from_fork_asm+0x1a/0x30 [ 15.999458] [ 15.999544] The buggy address belongs to the object at ffff888102497640 [ 15.999544] which belongs to the cache kmalloc-16 of size 16 [ 16.000162] The buggy address is located 8 bytes inside of [ 16.000162] allocated 9-byte region [ffff888102497640, ffff888102497649) [ 16.000468] [ 16.000555] The buggy address belongs to the physical page: [ 16.001188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 16.001728] flags: 0x200000000000000(node=0|zone=2) [ 16.002034] page_type: f5(slab) [ 16.002240] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 16.002449] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 16.003216] page dumped because: kasan: bad access detected [ 16.003413] [ 16.003468] Memory state around the buggy address: [ 16.003628] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 16.003961] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 16.004308] >ffff888102497600: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 16.004518] ^ [ 16.004762] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.006101] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.006282] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 15.932918] ================================================================== [ 15.933138] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 15.933551] Read of size 1 at addr ffff8881039f3390 by task kunit_try_catch/279 [ 15.933851] [ 15.933936] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.933992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.934007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.934072] Call Trace: [ 15.934099] <TASK> [ 15.934121] dump_stack_lvl+0x73/0xb0 [ 15.934150] print_report+0xd1/0x650 [ 15.934175] ? __virt_addr_valid+0x1db/0x2d0 [ 15.934197] ? strnlen+0x73/0x80 [ 15.934215] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.934238] ? strnlen+0x73/0x80 [ 15.934256] kasan_report+0x141/0x180 [ 15.934281] ? strnlen+0x73/0x80 [ 15.934303] __asan_report_load1_noabort+0x18/0x20 [ 15.934324] strnlen+0x73/0x80 [ 15.934343] kasan_strings+0x615/0xe80 [ 15.934433] ? trace_hardirqs_on+0x37/0xe0 [ 15.934482] ? __pfx_kasan_strings+0x10/0x10 [ 15.934504] ? finish_task_switch.isra.0+0x153/0x700 [ 15.934528] ? __switch_to+0x5d9/0xf60 [ 15.934548] ? dequeue_task_fair+0x166/0x4e0 [ 15.934582] ? __schedule+0x10cc/0x2b30 [ 15.934606] ? __pfx_read_tsc+0x10/0x10 [ 15.934625] ? ktime_get_ts64+0x86/0x230 [ 15.934696] kunit_try_run_case+0x1a5/0x480 [ 15.934725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.934747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.934771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.934795] ? __kthread_parkme+0x82/0x180 [ 15.934817] ? preempt_count_sub+0x50/0x80 [ 15.934842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.934867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.934891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.934915] kthread+0x337/0x6f0 [ 15.934933] ? trace_preempt_on+0x20/0xc0 [ 15.934957] ? __pfx_kthread+0x10/0x10 [ 15.934998] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.935022] ? calculate_sigpending+0x7b/0xa0 [ 15.935045] ? __pfx_kthread+0x10/0x10 [ 15.935065] ret_from_fork+0x41/0x80 [ 15.935086] ? __pfx_kthread+0x10/0x10 [ 15.935106] ret_from_fork_asm+0x1a/0x30 [ 15.935144] </TASK> [ 15.935162] [ 15.943347] Allocated by task 279: [ 15.943464] kasan_save_stack+0x45/0x70 [ 15.943783] kasan_save_track+0x18/0x40 [ 15.944164] kasan_save_alloc_info+0x3b/0x50 [ 15.944384] __kasan_kmalloc+0xb7/0xc0 [ 15.944478] __kmalloc_cache_noprof+0x189/0x420 [ 15.944703] kasan_strings+0xc0/0xe80 [ 15.944981] kunit_try_run_case+0x1a5/0x480 [ 15.945240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.945440] kthread+0x337/0x6f0 [ 15.945696] ret_from_fork+0x41/0x80 [ 15.945813] ret_from_fork_asm+0x1a/0x30 [ 15.945912] [ 15.945969] Freed by task 279: [ 15.946050] kasan_save_stack+0x45/0x70 [ 15.946147] kasan_save_track+0x18/0x40 [ 15.946237] kasan_save_free_info+0x3f/0x60 [ 15.946484] __kasan_slab_free+0x56/0x70 [ 15.946758] kfree+0x222/0x3f0 [ 15.947182] kasan_strings+0x2aa/0xe80 [ 15.947466] kunit_try_run_case+0x1a5/0x480 [ 15.948100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.948416] kthread+0x337/0x6f0 [ 15.948500] ret_from_fork+0x41/0x80 [ 15.948598] ret_from_fork_asm+0x1a/0x30 [ 15.948690] [ 15.948744] The buggy address belongs to the object at ffff8881039f3380 [ 15.948744] which belongs to the cache kmalloc-32 of size 32 [ 15.949412] The buggy address is located 16 bytes inside of [ 15.949412] freed 32-byte region [ffff8881039f3380, ffff8881039f33a0) [ 15.949979] [ 15.950037] The buggy address belongs to the physical page: [ 15.950145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.950443] flags: 0x200000000000000(node=0|zone=2) [ 15.950772] page_type: f5(slab) [ 15.950997] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.951473] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.951711] page dumped because: kasan: bad access detected [ 15.951909] [ 15.952002] Memory state around the buggy address: [ 15.952186] ffff8881039f3280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.952325] ffff8881039f3300: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.952454] >ffff8881039f3380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.952587] ^ [ 15.952671] ffff8881039f3400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.953055] ffff8881039f3480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.953435] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strlen
[ 15.908353] ================================================================== [ 15.908915] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 15.909278] Read of size 1 at addr ffff8881039f3390 by task kunit_try_catch/279 [ 15.909825] [ 15.909925] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.909990] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.910005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.910030] Call Trace: [ 15.910056] <TASK> [ 15.910080] dump_stack_lvl+0x73/0xb0 [ 15.910115] print_report+0xd1/0x650 [ 15.910141] ? __virt_addr_valid+0x1db/0x2d0 [ 15.910165] ? strlen+0x8f/0xb0 [ 15.910183] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.910208] ? strlen+0x8f/0xb0 [ 15.910227] kasan_report+0x141/0x180 [ 15.910251] ? strlen+0x8f/0xb0 [ 15.910274] __asan_report_load1_noabort+0x18/0x20 [ 15.910296] strlen+0x8f/0xb0 [ 15.910316] kasan_strings+0x57b/0xe80 [ 15.910338] ? trace_hardirqs_on+0x37/0xe0 [ 15.910363] ? __pfx_kasan_strings+0x10/0x10 [ 15.910386] ? finish_task_switch.isra.0+0x153/0x700 [ 15.910410] ? __switch_to+0x5d9/0xf60 [ 15.910431] ? dequeue_task_fair+0x166/0x4e0 [ 15.910456] ? __schedule+0x10cc/0x2b30 [ 15.910479] ? __pfx_read_tsc+0x10/0x10 [ 15.910499] ? ktime_get_ts64+0x86/0x230 [ 15.910526] kunit_try_run_case+0x1a5/0x480 [ 15.910556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.910600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.910627] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.910650] ? __kthread_parkme+0x82/0x180 [ 15.910673] ? preempt_count_sub+0x50/0x80 [ 15.910698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.910722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.910747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.910770] kthread+0x337/0x6f0 [ 15.910788] ? trace_preempt_on+0x20/0xc0 [ 15.910812] ? __pfx_kthread+0x10/0x10 [ 15.910832] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.910854] ? calculate_sigpending+0x7b/0xa0 [ 15.910877] ? __pfx_kthread+0x10/0x10 [ 15.910897] ret_from_fork+0x41/0x80 [ 15.910918] ? __pfx_kthread+0x10/0x10 [ 15.910938] ret_from_fork_asm+0x1a/0x30 [ 15.910970] </TASK> [ 15.910983] [ 15.920429] Allocated by task 279: [ 15.920705] kasan_save_stack+0x45/0x70 [ 15.920951] kasan_save_track+0x18/0x40 [ 15.921266] kasan_save_alloc_info+0x3b/0x50 [ 15.921578] __kasan_kmalloc+0xb7/0xc0 [ 15.922146] __kmalloc_cache_noprof+0x189/0x420 [ 15.922551] kasan_strings+0xc0/0xe80 [ 15.922796] kunit_try_run_case+0x1a5/0x480 [ 15.923049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.923340] kthread+0x337/0x6f0 [ 15.923536] ret_from_fork+0x41/0x80 [ 15.923872] ret_from_fork_asm+0x1a/0x30 [ 15.924156] [ 15.924255] Freed by task 279: [ 15.924420] kasan_save_stack+0x45/0x70 [ 15.924649] kasan_save_track+0x18/0x40 [ 15.924928] kasan_save_free_info+0x3f/0x60 [ 15.925048] __kasan_slab_free+0x56/0x70 [ 15.925255] kfree+0x222/0x3f0 [ 15.925473] kasan_strings+0x2aa/0xe80 [ 15.925675] kunit_try_run_case+0x1a5/0x480 [ 15.925884] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.926070] kthread+0x337/0x6f0 [ 15.926295] ret_from_fork+0x41/0x80 [ 15.926446] ret_from_fork_asm+0x1a/0x30 [ 15.926668] [ 15.926869] The buggy address belongs to the object at ffff8881039f3380 [ 15.926869] which belongs to the cache kmalloc-32 of size 32 [ 15.927206] The buggy address is located 16 bytes inside of [ 15.927206] freed 32-byte region [ffff8881039f3380, ffff8881039f33a0) [ 15.927635] [ 15.928118] The buggy address belongs to the physical page: [ 15.928252] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.928406] flags: 0x200000000000000(node=0|zone=2) [ 15.928519] page_type: f5(slab) [ 15.928874] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.929423] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.929757] page dumped because: kasan: bad access detected [ 15.929970] [ 15.930109] Memory state around the buggy address: [ 15.930311] ffff8881039f3280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.930445] ffff8881039f3300: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.931024] >ffff8881039f3380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.931288] ^ [ 15.931452] ffff8881039f3400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.931637] ffff8881039f3480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.932039] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 15.878361] ================================================================== [ 15.878709] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 15.879026] Read of size 1 at addr ffff8881039f3390 by task kunit_try_catch/279 [ 15.879659] [ 15.879803] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.879877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.879894] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.879918] Call Trace: [ 15.879943] <TASK> [ 15.879965] dump_stack_lvl+0x73/0xb0 [ 15.879999] print_report+0xd1/0x650 [ 15.880023] ? __virt_addr_valid+0x1db/0x2d0 [ 15.880045] ? kasan_strings+0xcbc/0xe80 [ 15.880066] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.880088] ? kasan_strings+0xcbc/0xe80 [ 15.880108] kasan_report+0x141/0x180 [ 15.880130] ? kasan_strings+0xcbc/0xe80 [ 15.880155] __asan_report_load1_noabort+0x18/0x20 [ 15.880176] kasan_strings+0xcbc/0xe80 [ 15.880196] ? trace_hardirqs_on+0x37/0xe0 [ 15.880218] ? __pfx_kasan_strings+0x10/0x10 [ 15.880238] ? finish_task_switch.isra.0+0x153/0x700 [ 15.880261] ? __switch_to+0x5d9/0xf60 [ 15.880280] ? dequeue_task_fair+0x166/0x4e0 [ 15.880304] ? __schedule+0x10cc/0x2b30 [ 15.880325] ? __pfx_read_tsc+0x10/0x10 [ 15.880345] ? ktime_get_ts64+0x86/0x230 [ 15.880368] kunit_try_run_case+0x1a5/0x480 [ 15.880392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880412] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.880435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.880457] ? __kthread_parkme+0x82/0x180 [ 15.880479] ? preempt_count_sub+0x50/0x80 [ 15.880502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.880524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.880547] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.880587] kthread+0x337/0x6f0 [ 15.880606] ? trace_preempt_on+0x20/0xc0 [ 15.880628] ? __pfx_kthread+0x10/0x10 [ 15.880650] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.880671] ? calculate_sigpending+0x7b/0xa0 [ 15.880693] ? __pfx_kthread+0x10/0x10 [ 15.880712] ret_from_fork+0x41/0x80 [ 15.880731] ? __pfx_kthread+0x10/0x10 [ 15.880751] ret_from_fork_asm+0x1a/0x30 [ 15.880781] </TASK> [ 15.880793] [ 15.891917] Allocated by task 279: [ 15.892099] kasan_save_stack+0x45/0x70 [ 15.892222] kasan_save_track+0x18/0x40 [ 15.892766] kasan_save_alloc_info+0x3b/0x50 [ 15.893041] __kasan_kmalloc+0xb7/0xc0 [ 15.893151] __kmalloc_cache_noprof+0x189/0x420 [ 15.893460] kasan_strings+0xc0/0xe80 [ 15.893877] kunit_try_run_case+0x1a5/0x480 [ 15.893987] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.894101] kthread+0x337/0x6f0 [ 15.894182] ret_from_fork+0x41/0x80 [ 15.894271] ret_from_fork_asm+0x1a/0x30 [ 15.894361] [ 15.894414] Freed by task 279: [ 15.894490] kasan_save_stack+0x45/0x70 [ 15.894593] kasan_save_track+0x18/0x40 [ 15.894775] kasan_save_free_info+0x3f/0x60 [ 15.894974] __kasan_slab_free+0x56/0x70 [ 15.896177] kfree+0x222/0x3f0 [ 15.896459] kasan_strings+0x2aa/0xe80 [ 15.896810] kunit_try_run_case+0x1a5/0x480 [ 15.897050] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.897300] kthread+0x337/0x6f0 [ 15.897448] ret_from_fork+0x41/0x80 [ 15.897637] ret_from_fork_asm+0x1a/0x30 [ 15.898204] [ 15.898288] The buggy address belongs to the object at ffff8881039f3380 [ 15.898288] which belongs to the cache kmalloc-32 of size 32 [ 15.899073] The buggy address is located 16 bytes inside of [ 15.899073] freed 32-byte region [ffff8881039f3380, ffff8881039f33a0) [ 15.899798] [ 15.899886] The buggy address belongs to the physical page: [ 15.900263] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.900609] flags: 0x200000000000000(node=0|zone=2) [ 15.900837] page_type: f5(slab) [ 15.901160] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.901387] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.902334] page dumped because: kasan: bad access detected [ 15.902551] [ 15.903070] Memory state around the buggy address: [ 15.903263] ffff8881039f3280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.903475] ffff8881039f3300: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.904202] >ffff8881039f3380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.904490] ^ [ 15.904604] ffff8881039f3400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.905929] ffff8881039f3480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.906227] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 15.849503] ================================================================== [ 15.850229] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 15.850428] Read of size 1 at addr ffff8881039f3390 by task kunit_try_catch/279 [ 15.851378] [ 15.851653] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.851822] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.851838] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.851861] Call Trace: [ 15.851878] <TASK> [ 15.851900] dump_stack_lvl+0x73/0xb0 [ 15.851936] print_report+0xd1/0x650 [ 15.851963] ? __virt_addr_valid+0x1db/0x2d0 [ 15.851986] ? strcmp+0xb0/0xc0 [ 15.852004] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.852027] ? strcmp+0xb0/0xc0 [ 15.852045] kasan_report+0x141/0x180 [ 15.852068] ? strcmp+0xb0/0xc0 [ 15.852090] __asan_report_load1_noabort+0x18/0x20 [ 15.852110] strcmp+0xb0/0xc0 [ 15.852129] kasan_strings+0x431/0xe80 [ 15.852150] ? trace_hardirqs_on+0x37/0xe0 [ 15.852172] ? __pfx_kasan_strings+0x10/0x10 [ 15.852192] ? finish_task_switch.isra.0+0x153/0x700 [ 15.852217] ? __switch_to+0x5d9/0xf60 [ 15.852238] ? dequeue_task_fair+0x166/0x4e0 [ 15.852262] ? __schedule+0x10cc/0x2b30 [ 15.852284] ? __pfx_read_tsc+0x10/0x10 [ 15.852304] ? ktime_get_ts64+0x86/0x230 [ 15.852329] kunit_try_run_case+0x1a5/0x480 [ 15.852353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.852396] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.852418] ? __kthread_parkme+0x82/0x180 [ 15.852439] ? preempt_count_sub+0x50/0x80 [ 15.852462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.852483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.852505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.852527] kthread+0x337/0x6f0 [ 15.852543] ? trace_preempt_on+0x20/0xc0 [ 15.852583] ? __pfx_kthread+0x10/0x10 [ 15.852603] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.852623] ? calculate_sigpending+0x7b/0xa0 [ 15.852645] ? __pfx_kthread+0x10/0x10 [ 15.852663] ret_from_fork+0x41/0x80 [ 15.852684] ? __pfx_kthread+0x10/0x10 [ 15.852701] ret_from_fork_asm+0x1a/0x30 [ 15.852730] </TASK> [ 15.852742] [ 15.860411] Allocated by task 279: [ 15.860526] kasan_save_stack+0x45/0x70 [ 15.860649] kasan_save_track+0x18/0x40 [ 15.860741] kasan_save_alloc_info+0x3b/0x50 [ 15.860833] __kasan_kmalloc+0xb7/0xc0 [ 15.860917] __kmalloc_cache_noprof+0x189/0x420 [ 15.861015] kasan_strings+0xc0/0xe80 [ 15.861099] kunit_try_run_case+0x1a5/0x480 [ 15.861190] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.861294] kthread+0x337/0x6f0 [ 15.861370] ret_from_fork+0x41/0x80 [ 15.861453] ret_from_fork_asm+0x1a/0x30 [ 15.861540] [ 15.861762] Freed by task 279: [ 15.861842] kasan_save_stack+0x45/0x70 [ 15.861934] kasan_save_track+0x18/0x40 [ 15.862020] kasan_save_free_info+0x3f/0x60 [ 15.862111] __kasan_slab_free+0x56/0x70 [ 15.863637] kfree+0x222/0x3f0 [ 15.865351] kasan_strings+0x2aa/0xe80 [ 15.865755] kunit_try_run_case+0x1a5/0x480 [ 15.866356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.866690] kthread+0x337/0x6f0 [ 15.866996] ret_from_fork+0x41/0x80 [ 15.867357] ret_from_fork_asm+0x1a/0x30 [ 15.868005] [ 15.869520] The buggy address belongs to the object at ffff8881039f3380 [ 15.869520] which belongs to the cache kmalloc-32 of size 32 [ 15.870451] The buggy address is located 16 bytes inside of [ 15.870451] freed 32-byte region [ffff8881039f3380, ffff8881039f33a0) [ 15.871098] [ 15.871352] The buggy address belongs to the physical page: [ 15.871755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f3 [ 15.871969] flags: 0x200000000000000(node=0|zone=2) [ 15.872384] page_type: f5(slab) [ 15.872509] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.872901] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.873581] page dumped because: kasan: bad access detected [ 15.873897] [ 15.874125] Memory state around the buggy address: [ 15.874335] ffff8881039f3280: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.874739] ffff8881039f3300: 00 00 00 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.875622] >ffff8881039f3380: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.875833] ^ [ 15.876098] ffff8881039f3400: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.876387] ffff8881039f3480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 15.877089] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 15.822977] ================================================================== [ 15.823373] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 15.823591] Read of size 1 at addr ffff8881033b4718 by task kunit_try_catch/277 [ 15.824296] [ 15.824668] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.824752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.824768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.824792] Call Trace: [ 15.824809] <TASK> [ 15.824830] dump_stack_lvl+0x73/0xb0 [ 15.824871] print_report+0xd1/0x650 [ 15.824900] ? __virt_addr_valid+0x1db/0x2d0 [ 15.824923] ? memcmp+0x1b4/0x1d0 [ 15.824941] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.824966] ? memcmp+0x1b4/0x1d0 [ 15.824983] kasan_report+0x141/0x180 [ 15.825005] ? memcmp+0x1b4/0x1d0 [ 15.825027] __asan_report_load1_noabort+0x18/0x20 [ 15.825048] memcmp+0x1b4/0x1d0 [ 15.825067] kasan_memcmp+0x18f/0x390 [ 15.825087] ? trace_hardirqs_on+0x37/0xe0 [ 15.825113] ? __pfx_kasan_memcmp+0x10/0x10 [ 15.825133] ? finish_task_switch.isra.0+0x153/0x700 [ 15.825158] ? __switch_to+0x5d9/0xf60 [ 15.825179] ? dequeue_task_fair+0x166/0x4e0 [ 15.825206] ? __pfx_read_tsc+0x10/0x10 [ 15.825226] ? ktime_get_ts64+0x86/0x230 [ 15.825251] kunit_try_run_case+0x1a5/0x480 [ 15.825277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825300] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.825323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.825345] ? __kthread_parkme+0x82/0x180 [ 15.825367] ? preempt_count_sub+0x50/0x80 [ 15.825391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.825414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.825437] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.825459] kthread+0x337/0x6f0 [ 15.825475] ? trace_preempt_on+0x20/0xc0 [ 15.825498] ? __pfx_kthread+0x10/0x10 [ 15.825515] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.825535] ? calculate_sigpending+0x7b/0xa0 [ 15.825573] ? __pfx_kthread+0x10/0x10 [ 15.825595] ret_from_fork+0x41/0x80 [ 15.825617] ? __pfx_kthread+0x10/0x10 [ 15.825635] ret_from_fork_asm+0x1a/0x30 [ 15.825665] </TASK> [ 15.825678] [ 15.833161] Allocated by task 277: [ 15.833386] kasan_save_stack+0x45/0x70 [ 15.833495] kasan_save_track+0x18/0x40 [ 15.833596] kasan_save_alloc_info+0x3b/0x50 [ 15.833692] __kasan_kmalloc+0xb7/0xc0 [ 15.833777] __kmalloc_cache_noprof+0x189/0x420 [ 15.834183] kasan_memcmp+0xb7/0x390 [ 15.834477] kunit_try_run_case+0x1a5/0x480 [ 15.834918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.835297] kthread+0x337/0x6f0 [ 15.835437] ret_from_fork+0x41/0x80 [ 15.835533] ret_from_fork_asm+0x1a/0x30 [ 15.835641] [ 15.836006] The buggy address belongs to the object at ffff8881033b4700 [ 15.836006] which belongs to the cache kmalloc-32 of size 32 [ 15.836995] The buggy address is located 0 bytes to the right of [ 15.836995] allocated 24-byte region [ffff8881033b4700, ffff8881033b4718) [ 15.837366] [ 15.837448] The buggy address belongs to the physical page: [ 15.838042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b4 [ 15.838389] flags: 0x200000000000000(node=0|zone=2) [ 15.838502] page_type: f5(slab) [ 15.838607] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 15.838869] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 15.839487] page dumped because: kasan: bad access detected [ 15.839944] [ 15.840000] Memory state around the buggy address: [ 15.840107] ffff8881033b4600: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 15.840513] ffff8881033b4680: 00 00 00 04 fc fc fc fc 00 00 07 fc fc fc fc fc [ 15.840838] >ffff8881033b4700: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.840968] ^ [ 15.841059] ffff8881033b4780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.841923] ffff8881033b4800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.842129] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 15.795992] ================================================================== [ 15.796398] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 15.796852] Read of size 1 at addr ffff888103a47c4a by task kunit_try_catch/273 [ 15.797241] [ 15.797322] CPU: 1 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.797379] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.797392] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.797416] Call Trace: [ 15.797433] <TASK> [ 15.797453] dump_stack_lvl+0x73/0xb0 [ 15.797497] print_report+0xd1/0x650 [ 15.797523] ? __virt_addr_valid+0x1db/0x2d0 [ 15.797547] ? kasan_alloca_oob_right+0x329/0x390 [ 15.797590] ? kasan_addr_to_slab+0x11/0xa0 [ 15.797612] ? kasan_alloca_oob_right+0x329/0x390 [ 15.797694] kasan_report+0x141/0x180 [ 15.797728] ? kasan_alloca_oob_right+0x329/0x390 [ 15.797755] __asan_report_load1_noabort+0x18/0x20 [ 15.797776] kasan_alloca_oob_right+0x329/0x390 [ 15.797799] ? finish_task_switch.isra.0+0x153/0x700 [ 15.797838] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 15.797860] ? trace_hardirqs_on+0x37/0xe0 [ 15.797884] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 15.797921] ? __schedule+0x10cc/0x2b30 [ 15.797942] ? __pfx_read_tsc+0x10/0x10 [ 15.797975] ? ktime_get_ts64+0x86/0x230 [ 15.798003] kunit_try_run_case+0x1a5/0x480 [ 15.798037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.798061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.798083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.798104] ? __kthread_parkme+0x82/0x180 [ 15.798126] ? preempt_count_sub+0x50/0x80 [ 15.798147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.798169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.798191] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.798212] kthread+0x337/0x6f0 [ 15.798230] ? trace_preempt_on+0x20/0xc0 [ 15.798250] ? __pfx_kthread+0x10/0x10 [ 15.798268] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.798287] ? calculate_sigpending+0x7b/0xa0 [ 15.798308] ? __pfx_kthread+0x10/0x10 [ 15.798325] ret_from_fork+0x41/0x80 [ 15.798345] ? __pfx_kthread+0x10/0x10 [ 15.798362] ret_from_fork_asm+0x1a/0x30 [ 15.798391] </TASK> [ 15.798403] [ 15.805228] The buggy address belongs to stack of task kunit_try_catch/273 [ 15.805732] [ 15.805860] The buggy address belongs to the physical page: [ 15.806040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a47 [ 15.806349] flags: 0x200000000000000(node=0|zone=2) [ 15.806605] raw: 0200000000000000 ffffea00040e91c8 ffffea00040e91c8 0000000000000000 [ 15.807046] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.807372] page dumped because: kasan: bad access detected [ 15.807725] [ 15.807858] Memory state around the buggy address: [ 15.808063] ffff888103a47b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.808204] ffff888103a47b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.808331] >ffff888103a47c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.808451] ^ [ 15.808557] ffff888103a47c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.808723] ffff888103a47d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.809348] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 15.775315] ================================================================== [ 15.775816] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 15.776541] Read of size 1 at addr ffff888103a37c3f by task kunit_try_catch/271 [ 15.777050] [ 15.777283] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.777436] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.777454] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.777479] Call Trace: [ 15.777497] <TASK> [ 15.777518] dump_stack_lvl+0x73/0xb0 [ 15.777555] print_report+0xd1/0x650 [ 15.777593] ? __virt_addr_valid+0x1db/0x2d0 [ 15.777645] ? kasan_alloca_oob_left+0x320/0x380 [ 15.777694] ? kasan_addr_to_slab+0x11/0xa0 [ 15.777717] ? kasan_alloca_oob_left+0x320/0x380 [ 15.777740] kasan_report+0x141/0x180 [ 15.777764] ? kasan_alloca_oob_left+0x320/0x380 [ 15.777792] __asan_report_load1_noabort+0x18/0x20 [ 15.777813] kasan_alloca_oob_left+0x320/0x380 [ 15.777838] ? finish_task_switch.isra.0+0x153/0x700 [ 15.777866] ? rt_mutex_adjust_prio_chain+0x19ae/0x20e0 [ 15.777889] ? trace_hardirqs_on+0x37/0xe0 [ 15.777917] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 15.777943] ? __schedule+0x10cc/0x2b30 [ 15.777965] ? __pfx_read_tsc+0x10/0x10 [ 15.777987] ? ktime_get_ts64+0x86/0x230 [ 15.778014] kunit_try_run_case+0x1a5/0x480 [ 15.778042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.778088] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.778112] ? __kthread_parkme+0x82/0x180 [ 15.778135] ? preempt_count_sub+0x50/0x80 [ 15.778159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.778184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.778208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.778231] kthread+0x337/0x6f0 [ 15.778248] ? trace_preempt_on+0x20/0xc0 [ 15.778271] ? __pfx_kthread+0x10/0x10 [ 15.778289] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.778310] ? calculate_sigpending+0x7b/0xa0 [ 15.778333] ? __pfx_kthread+0x10/0x10 [ 15.778350] ret_from_fork+0x41/0x80 [ 15.778372] ? __pfx_kthread+0x10/0x10 [ 15.778389] ret_from_fork_asm+0x1a/0x30 [ 15.778421] </TASK> [ 15.778434] [ 15.786458] The buggy address belongs to stack of task kunit_try_catch/271 [ 15.787445] [ 15.787712] The buggy address belongs to the physical page: [ 15.787956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a37 [ 15.788369] flags: 0x200000000000000(node=0|zone=2) [ 15.788534] raw: 0200000000000000 ffffea00040e8dc8 ffffea00040e8dc8 0000000000000000 [ 15.788697] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 15.789693] page dumped because: kasan: bad access detected [ 15.789956] [ 15.790042] Memory state around the buggy address: [ 15.790149] ffff888103a37b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.790607] ffff888103a37b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.791372] >ffff888103a37c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 15.791537] ^ [ 15.792262] ffff888103a37c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 15.792525] ffff888103a37d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 15.792979] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 15.724177] ================================================================== [ 15.724502] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 15.724701] Read of size 1 at addr ffffffff9be422ad by task kunit_try_catch/265 [ 15.725227] [ 15.725393] CPU: 1 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.725462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.725476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.725500] Call Trace: [ 15.725517] <TASK> [ 15.725538] dump_stack_lvl+0x73/0xb0 [ 15.725583] print_report+0xd1/0x650 [ 15.725905] ? __virt_addr_valid+0x1db/0x2d0 [ 15.725937] ? kasan_global_oob_right+0x286/0x2d0 [ 15.725961] ? kasan_addr_to_slab+0x11/0xa0 [ 15.725983] ? kasan_global_oob_right+0x286/0x2d0 [ 15.726007] kasan_report+0x141/0x180 [ 15.726030] ? kasan_global_oob_right+0x286/0x2d0 [ 15.726057] __asan_report_load1_noabort+0x18/0x20 [ 15.726078] kasan_global_oob_right+0x286/0x2d0 [ 15.726100] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 15.726125] ? __schedule+0x10cc/0x2b30 [ 15.726148] ? __pfx_read_tsc+0x10/0x10 [ 15.726169] ? ktime_get_ts64+0x86/0x230 [ 15.726198] kunit_try_run_case+0x1a5/0x480 [ 15.726224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.726246] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.726271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.726292] ? __kthread_parkme+0x82/0x180 [ 15.726314] ? preempt_count_sub+0x50/0x80 [ 15.726339] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.726360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.726382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.726404] kthread+0x337/0x6f0 [ 15.726421] ? trace_preempt_on+0x20/0xc0 [ 15.726445] ? __pfx_kthread+0x10/0x10 [ 15.726463] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.726483] ? calculate_sigpending+0x7b/0xa0 [ 15.726506] ? __pfx_kthread+0x10/0x10 [ 15.726524] ret_from_fork+0x41/0x80 [ 15.726544] ? __pfx_kthread+0x10/0x10 [ 15.726641] ret_from_fork_asm+0x1a/0x30 [ 15.726689] </TASK> [ 15.726703] [ 15.734962] The buggy address belongs to the variable: [ 15.735251] global_array+0xd/0x40 [ 15.735475] [ 15.735602] The buggy address belongs to the physical page: [ 15.736143] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x42a42 [ 15.736533] flags: 0x100000000002000(reserved|node=0|zone=1) [ 15.736834] raw: 0100000000002000 ffffea00010a9088 ffffea00010a9088 0000000000000000 [ 15.737195] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.737556] page dumped because: kasan: bad access detected [ 15.737699] [ 15.737975] Memory state around the buggy address: [ 15.738140] ffffffff9be42180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.738337] ffffffff9be42200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.738521] >ffffffff9be42280: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 15.739602] ^ [ 15.739768] ffffffff9be42300: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 15.740185] ffffffff9be42380: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 15.740393] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 15.668478] ================================================================== [ 15.668931] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.669113] Free of addr ffff8881033b1a01 by task kunit_try_catch/261 [ 15.669831] [ 15.670092] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.670152] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.670166] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.670190] Call Trace: [ 15.670207] <TASK> [ 15.670229] dump_stack_lvl+0x73/0xb0 [ 15.670265] print_report+0xd1/0x650 [ 15.670291] ? __virt_addr_valid+0x1db/0x2d0 [ 15.670316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.670339] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.670364] kasan_report_invalid_free+0x10a/0x130 [ 15.670389] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.670415] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.670439] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.670463] check_slab_allocation+0x11f/0x130 [ 15.670485] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.670508] mempool_free+0x2ec/0x380 [ 15.670533] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.670576] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.670604] ? update_load_avg+0x1be/0x21b0 [ 15.670627] ? dequeue_entities+0x27e/0x1740 [ 15.670650] ? finish_task_switch.isra.0+0x153/0x700 [ 15.670677] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.670701] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 15.670725] ? dequeue_task_fair+0x166/0x4e0 [ 15.670746] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.670765] ? __pfx_mempool_kfree+0x10/0x10 [ 15.670786] ? __pfx_read_tsc+0x10/0x10 [ 15.670808] ? ktime_get_ts64+0x86/0x230 [ 15.670836] kunit_try_run_case+0x1a5/0x480 [ 15.670863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.670885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.670911] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.670934] ? __kthread_parkme+0x82/0x180 [ 15.670957] ? preempt_count_sub+0x50/0x80 [ 15.670982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.671008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.671030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.671053] kthread+0x337/0x6f0 [ 15.671070] ? trace_preempt_on+0x20/0xc0 [ 15.671095] ? __pfx_kthread+0x10/0x10 [ 15.671113] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.671147] ? calculate_sigpending+0x7b/0xa0 [ 15.671174] ? __pfx_kthread+0x10/0x10 [ 15.671194] ret_from_fork+0x41/0x80 [ 15.671218] ? __pfx_kthread+0x10/0x10 [ 15.671238] ret_from_fork_asm+0x1a/0x30 [ 15.671272] </TASK> [ 15.671287] [ 15.681678] Allocated by task 261: [ 15.682306] kasan_save_stack+0x45/0x70 [ 15.682475] kasan_save_track+0x18/0x40 [ 15.682813] kasan_save_alloc_info+0x3b/0x50 [ 15.682995] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.683197] remove_element+0x11e/0x190 [ 15.683337] mempool_alloc_preallocated+0x4d/0x90 [ 15.683475] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 15.684139] mempool_kmalloc_invalid_free+0xed/0x140 [ 15.684826] kunit_try_run_case+0x1a5/0x480 [ 15.685002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.685372] kthread+0x337/0x6f0 [ 15.685518] ret_from_fork+0x41/0x80 [ 15.685633] ret_from_fork_asm+0x1a/0x30 [ 15.685870] [ 15.686011] The buggy address belongs to the object at ffff8881033b1a00 [ 15.686011] which belongs to the cache kmalloc-128 of size 128 [ 15.686372] The buggy address is located 1 bytes inside of [ 15.686372] 128-byte region [ffff8881033b1a00, ffff8881033b1a80) [ 15.687449] [ 15.687798] The buggy address belongs to the physical page: [ 15.688063] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b1 [ 15.688312] flags: 0x200000000000000(node=0|zone=2) [ 15.688605] page_type: f5(slab) [ 15.689067] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.689335] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.689737] page dumped because: kasan: bad access detected [ 15.689901] [ 15.690153] Memory state around the buggy address: [ 15.690418] ffff8881033b1900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.690650] ffff8881033b1980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.690891] >ffff8881033b1a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.691433] ^ [ 15.691754] ffff8881033b1a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.692082] ffff8881033b1b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.692459] ================================================================== [ 15.698104] ================================================================== [ 15.698613] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.698904] Free of addr ffff8881029d8001 by task kunit_try_catch/263 [ 15.699333] [ 15.699479] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.699536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.699550] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.699584] Call Trace: [ 15.699601] <TASK> [ 15.699623] dump_stack_lvl+0x73/0xb0 [ 15.699654] print_report+0xd1/0x650 [ 15.699678] ? __virt_addr_valid+0x1db/0x2d0 [ 15.699701] ? kasan_addr_to_slab+0x11/0xa0 [ 15.699721] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.699746] kasan_report_invalid_free+0x10a/0x130 [ 15.699770] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.700226] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.700256] __kasan_mempool_poison_object+0x102/0x1d0 [ 15.700283] mempool_free+0x2ec/0x380 [ 15.700310] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 15.700335] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 15.700360] ? update_load_avg+0x1be/0x21b0 [ 15.700380] ? dequeue_entities+0x27e/0x1740 [ 15.700403] ? finish_task_switch.isra.0+0x153/0x700 [ 15.700432] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 15.700457] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 15.700480] ? dequeue_task_fair+0x166/0x4e0 [ 15.700503] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.700522] ? __pfx_mempool_kfree+0x10/0x10 [ 15.700543] ? __pfx_read_tsc+0x10/0x10 [ 15.700583] ? ktime_get_ts64+0x86/0x230 [ 15.700610] kunit_try_run_case+0x1a5/0x480 [ 15.700635] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.700658] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.700682] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.700757] ? __kthread_parkme+0x82/0x180 [ 15.700781] ? preempt_count_sub+0x50/0x80 [ 15.700805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.700828] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.700851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.700874] kthread+0x337/0x6f0 [ 15.700892] ? trace_preempt_on+0x20/0xc0 [ 15.700917] ? __pfx_kthread+0x10/0x10 [ 15.700935] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.700955] ? calculate_sigpending+0x7b/0xa0 [ 15.700978] ? __pfx_kthread+0x10/0x10 [ 15.700995] ret_from_fork+0x41/0x80 [ 15.701015] ? __pfx_kthread+0x10/0x10 [ 15.701032] ret_from_fork_asm+0x1a/0x30 [ 15.701061] </TASK> [ 15.701074] [ 15.711181] The buggy address belongs to the physical page: [ 15.711355] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d8 [ 15.711798] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.712023] flags: 0x200000000000040(head|node=0|zone=2) [ 15.712434] page_type: f8(unknown) [ 15.712554] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.712917] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.713277] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.713424] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.714047] head: 0200000000000002 ffffea00040a7601 00000000ffffffff 00000000ffffffff [ 15.714807] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.715012] page dumped because: kasan: bad access detected [ 15.715177] [ 15.715252] Memory state around the buggy address: [ 15.715381] ffff8881029d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.715589] ffff8881029d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.715726] >ffff8881029d8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.715851] ^ [ 15.716347] ffff8881029d8080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.717442] ffff8881029d8100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.717939] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 15.643108] ================================================================== [ 15.643597] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.644206] Free of addr ffff888103988000 by task kunit_try_catch/259 [ 15.644498] [ 15.644647] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.644718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.644733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.644757] Call Trace: [ 15.644773] <TASK> [ 15.644794] dump_stack_lvl+0x73/0xb0 [ 15.644850] print_report+0xd1/0x650 [ 15.644879] ? __virt_addr_valid+0x1db/0x2d0 [ 15.644913] ? kasan_addr_to_slab+0x11/0xa0 [ 15.644934] ? mempool_double_free_helper+0x184/0x370 [ 15.644959] kasan_report_invalid_free+0x10a/0x130 [ 15.644984] ? mempool_double_free_helper+0x184/0x370 [ 15.645010] ? mempool_double_free_helper+0x184/0x370 [ 15.645033] __kasan_mempool_poison_pages+0x115/0x130 [ 15.645057] mempool_free+0x290/0x380 [ 15.645082] mempool_double_free_helper+0x184/0x370 [ 15.645107] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.645130] ? update_load_avg+0x1be/0x21b0 [ 15.645151] ? dequeue_entities+0x27e/0x1740 [ 15.645175] ? finish_task_switch.isra.0+0x153/0x700 [ 15.645202] mempool_page_alloc_double_free+0xe8/0x140 [ 15.645224] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 15.645245] ? dequeue_task_fair+0x166/0x4e0 [ 15.645266] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.645286] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.645308] ? __pfx_read_tsc+0x10/0x10 [ 15.645329] ? ktime_get_ts64+0x86/0x230 [ 15.645357] kunit_try_run_case+0x1a5/0x480 [ 15.645383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.645404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.645428] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.645450] ? __kthread_parkme+0x82/0x180 [ 15.645472] ? preempt_count_sub+0x50/0x80 [ 15.645496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.645520] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.645542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.645576] kthread+0x337/0x6f0 [ 15.645596] ? trace_preempt_on+0x20/0xc0 [ 15.645630] ? __pfx_kthread+0x10/0x10 [ 15.645648] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.645669] ? calculate_sigpending+0x7b/0xa0 [ 15.645691] ? __pfx_kthread+0x10/0x10 [ 15.645709] ret_from_fork+0x41/0x80 [ 15.645731] ? __pfx_kthread+0x10/0x10 [ 15.645749] ret_from_fork_asm+0x1a/0x30 [ 15.645781] </TASK> [ 15.646072] [ 15.654242] The buggy address belongs to the physical page: [ 15.654585] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103988 [ 15.656201] flags: 0x200000000000000(node=0|zone=2) [ 15.656427] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.656934] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.657227] page dumped because: kasan: bad access detected [ 15.657483] [ 15.657615] Memory state around the buggy address: [ 15.658517] ffff888103987f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.658938] ffff888103987f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.659244] >ffff888103988000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.659786] ^ [ 15.659947] ffff888103988080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.660284] ffff888103988100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.660584] ================================================================== [ 15.617496] ================================================================== [ 15.617992] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.618181] Free of addr ffff8881029d8000 by task kunit_try_catch/257 [ 15.618310] [ 15.618393] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.618447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.618460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.618483] Call Trace: [ 15.618498] <TASK> [ 15.618517] dump_stack_lvl+0x73/0xb0 [ 15.618547] print_report+0xd1/0x650 [ 15.618589] ? __virt_addr_valid+0x1db/0x2d0 [ 15.618613] ? kasan_addr_to_slab+0x11/0xa0 [ 15.618634] ? mempool_double_free_helper+0x184/0x370 [ 15.618656] kasan_report_invalid_free+0x10a/0x130 [ 15.618679] ? mempool_double_free_helper+0x184/0x370 [ 15.618704] ? mempool_double_free_helper+0x184/0x370 [ 15.618725] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 15.618747] mempool_free+0x2ec/0x380 [ 15.618770] mempool_double_free_helper+0x184/0x370 [ 15.618791] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.618814] ? dequeue_entities+0x852/0x1740 [ 15.618838] ? finish_task_switch.isra.0+0x153/0x700 [ 15.618873] mempool_kmalloc_large_double_free+0xed/0x140 [ 15.618895] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 15.618917] ? dequeue_task_fair+0x166/0x4e0 [ 15.618937] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.618955] ? __pfx_mempool_kfree+0x10/0x10 [ 15.618977] ? __pfx_read_tsc+0x10/0x10 [ 15.618997] ? ktime_get_ts64+0x86/0x230 [ 15.619024] kunit_try_run_case+0x1a5/0x480 [ 15.619049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.619097] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.619120] ? __kthread_parkme+0x82/0x180 [ 15.619159] ? preempt_count_sub+0x50/0x80 [ 15.619200] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.619230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.619256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.619280] kthread+0x337/0x6f0 [ 15.619299] ? trace_preempt_on+0x20/0xc0 [ 15.619324] ? __pfx_kthread+0x10/0x10 [ 15.619343] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.619364] ? calculate_sigpending+0x7b/0xa0 [ 15.619387] ? __pfx_kthread+0x10/0x10 [ 15.619406] ret_from_fork+0x41/0x80 [ 15.619428] ? __pfx_kthread+0x10/0x10 [ 15.619446] ret_from_fork_asm+0x1a/0x30 [ 15.619477] </TASK> [ 15.619490] [ 15.628527] The buggy address belongs to the physical page: [ 15.629378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d8 [ 15.630116] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.630337] flags: 0x200000000000040(head|node=0|zone=2) [ 15.630521] page_type: f8(unknown) [ 15.631375] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.631741] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.631963] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.632178] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.632371] head: 0200000000000002 ffffea00040a7601 00000000ffffffff 00000000ffffffff [ 15.632582] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.633047] page dumped because: kasan: bad access detected [ 15.633208] [ 15.633279] Memory state around the buggy address: [ 15.633439] ffff8881029d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.633665] ffff8881029d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.633866] >ffff8881029d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.634054] ^ [ 15.634168] ffff8881029d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.634361] ffff8881029d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.635580] ================================================================== [ 15.589148] ================================================================== [ 15.589946] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 15.590473] Free of addr ffff8881033b1600 by task kunit_try_catch/255 [ 15.590893] [ 15.591051] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.591118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.591155] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.591183] Call Trace: [ 15.591200] <TASK> [ 15.591221] dump_stack_lvl+0x73/0xb0 [ 15.591261] print_report+0xd1/0x650 [ 15.591289] ? __virt_addr_valid+0x1db/0x2d0 [ 15.591316] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.591341] ? mempool_double_free_helper+0x184/0x370 [ 15.591368] kasan_report_invalid_free+0x10a/0x130 [ 15.591395] ? mempool_double_free_helper+0x184/0x370 [ 15.591446] ? mempool_double_free_helper+0x184/0x370 [ 15.591474] ? mempool_double_free_helper+0x184/0x370 [ 15.591499] check_slab_allocation+0x101/0x130 [ 15.591523] __kasan_mempool_poison_object+0x91/0x1d0 [ 15.591548] mempool_free+0x2ec/0x380 [ 15.591587] mempool_double_free_helper+0x184/0x370 [ 15.591728] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 15.591775] ? dequeue_entities+0x852/0x1740 [ 15.591805] ? finish_task_switch.isra.0+0x153/0x700 [ 15.591834] mempool_kmalloc_double_free+0xed/0x140 [ 15.591860] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 15.591885] ? dequeue_task_fair+0x166/0x4e0 [ 15.591907] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.591928] ? __pfx_mempool_kfree+0x10/0x10 [ 15.591949] ? irqentry_exit+0x2a/0x60 [ 15.591972] ? __pfx_read_tsc+0x10/0x10 [ 15.591994] ? ktime_get_ts64+0x86/0x230 [ 15.592022] kunit_try_run_case+0x1a5/0x480 [ 15.592049] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.592073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.592098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.592127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.592151] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.592174] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.592198] kthread+0x337/0x6f0 [ 15.592218] ? trace_preempt_on+0x20/0xc0 [ 15.592244] ? __pfx_kthread+0x10/0x10 [ 15.592263] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.592286] ? calculate_sigpending+0x7b/0xa0 [ 15.592310] ? __pfx_kthread+0x10/0x10 [ 15.592330] ret_from_fork+0x41/0x80 [ 15.592351] ? __pfx_kthread+0x10/0x10 [ 15.592369] ret_from_fork_asm+0x1a/0x30 [ 15.592401] </TASK> [ 15.592414] [ 15.600135] Allocated by task 255: [ 15.600334] kasan_save_stack+0x45/0x70 [ 15.600547] kasan_save_track+0x18/0x40 [ 15.600915] kasan_save_alloc_info+0x3b/0x50 [ 15.601151] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.601398] remove_element+0x11e/0x190 [ 15.601713] mempool_alloc_preallocated+0x4d/0x90 [ 15.601851] mempool_double_free_helper+0x8a/0x370 [ 15.601966] mempool_kmalloc_double_free+0xed/0x140 [ 15.602076] kunit_try_run_case+0x1a5/0x480 [ 15.602178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.602294] kthread+0x337/0x6f0 [ 15.602380] ret_from_fork+0x41/0x80 [ 15.602473] ret_from_fork_asm+0x1a/0x30 [ 15.602814] [ 15.602929] Freed by task 255: [ 15.603092] kasan_save_stack+0x45/0x70 [ 15.603328] kasan_save_track+0x18/0x40 [ 15.603520] kasan_save_free_info+0x3f/0x60 [ 15.603866] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.604114] mempool_free+0x2ec/0x380 [ 15.604297] mempool_double_free_helper+0x109/0x370 [ 15.604573] mempool_kmalloc_double_free+0xed/0x140 [ 15.604904] kunit_try_run_case+0x1a5/0x480 [ 15.605106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.605353] kthread+0x337/0x6f0 [ 15.605516] ret_from_fork+0x41/0x80 [ 15.605848] ret_from_fork_asm+0x1a/0x30 [ 15.606082] [ 15.606210] The buggy address belongs to the object at ffff8881033b1600 [ 15.606210] which belongs to the cache kmalloc-128 of size 128 [ 15.607142] The buggy address is located 0 bytes inside of [ 15.607142] 128-byte region [ffff8881033b1600, ffff8881033b1680) [ 15.607945] [ 15.608049] The buggy address belongs to the physical page: [ 15.608210] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b1 [ 15.608371] flags: 0x200000000000000(node=0|zone=2) [ 15.608487] page_type: f5(slab) [ 15.608596] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.609005] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.609344] page dumped because: kasan: bad access detected [ 15.609668] [ 15.609731] Memory state around the buggy address: [ 15.609842] ffff8881033b1500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.609983] ffff8881033b1580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610120] >ffff8881033b1600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.610253] ^ [ 15.610333] ffff8881033b1680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.610464] ffff8881033b1700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.610721] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 15.487893] ================================================================== [ 15.488372] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.488853] Read of size 1 at addr ffff8881029d8000 by task kunit_try_catch/249 [ 15.489073] [ 15.489278] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.489338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.489352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.489377] Call Trace: [ 15.489395] <TASK> [ 15.489418] dump_stack_lvl+0x73/0xb0 [ 15.489452] print_report+0xd1/0x650 [ 15.489477] ? __virt_addr_valid+0x1db/0x2d0 [ 15.489503] ? mempool_uaf_helper+0x392/0x400 [ 15.489524] ? kasan_addr_to_slab+0x11/0xa0 [ 15.489546] ? mempool_uaf_helper+0x392/0x400 [ 15.489579] kasan_report+0x141/0x180 [ 15.489603] ? mempool_uaf_helper+0x392/0x400 [ 15.489629] __asan_report_load1_noabort+0x18/0x20 [ 15.489650] mempool_uaf_helper+0x392/0x400 [ 15.489964] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.489991] ? dequeue_entities+0x852/0x1740 [ 15.490018] ? irqentry_exit+0x2a/0x60 [ 15.490044] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 15.490069] mempool_kmalloc_large_uaf+0xef/0x140 [ 15.490305] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.490334] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.490359] ? __pfx_mempool_kfree+0x10/0x10 [ 15.490380] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.490406] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 15.490431] kunit_try_run_case+0x1a5/0x480 [ 15.490460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490481] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.490505] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.490527] ? __kthread_parkme+0x82/0x180 [ 15.490550] ? preempt_count_sub+0x50/0x80 [ 15.490594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.490617] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.490640] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.490663] kthread+0x337/0x6f0 [ 15.490681] ? trace_preempt_on+0x20/0xc0 [ 15.490708] ? __pfx_kthread+0x10/0x10 [ 15.490727] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.490749] ? calculate_sigpending+0x7b/0xa0 [ 15.490775] ? __pfx_kthread+0x10/0x10 [ 15.490795] ret_from_fork+0x41/0x80 [ 15.490820] ? __pfx_kthread+0x10/0x10 [ 15.490840] ret_from_fork_asm+0x1a/0x30 [ 15.490875] </TASK> [ 15.490890] [ 15.501168] The buggy address belongs to the physical page: [ 15.501468] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d8 [ 15.501672] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.501997] flags: 0x200000000000040(head|node=0|zone=2) [ 15.502231] page_type: f8(unknown) [ 15.502379] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.502861] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.503009] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.503437] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.503856] head: 0200000000000002 ffffea00040a7601 00000000ffffffff 00000000ffffffff [ 15.504214] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.504364] page dumped because: kasan: bad access detected [ 15.505014] [ 15.505237] Memory state around the buggy address: [ 15.505395] ffff8881029d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.505586] ffff8881029d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.505727] >ffff8881029d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.506454] ^ [ 15.506605] ffff8881029d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.506755] ffff8881029d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.507049] ================================================================== [ 15.558354] ================================================================== [ 15.559006] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.559368] Read of size 1 at addr ffff888103984000 by task kunit_try_catch/253 [ 15.559879] [ 15.560093] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.560197] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.560226] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.560273] Call Trace: [ 15.560305] <TASK> [ 15.560345] dump_stack_lvl+0x73/0xb0 [ 15.560406] print_report+0xd1/0x650 [ 15.560447] ? __virt_addr_valid+0x1db/0x2d0 [ 15.560493] ? mempool_uaf_helper+0x392/0x400 [ 15.560529] ? kasan_addr_to_slab+0x11/0xa0 [ 15.561010] ? mempool_uaf_helper+0x392/0x400 [ 15.561078] kasan_report+0x141/0x180 [ 15.561119] ? mempool_uaf_helper+0x392/0x400 [ 15.561170] __asan_report_load1_noabort+0x18/0x20 [ 15.561210] mempool_uaf_helper+0x392/0x400 [ 15.561249] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.561285] ? dequeue_entities+0x852/0x1740 [ 15.561331] ? finish_task_switch.isra.0+0x153/0x700 [ 15.561377] mempool_page_alloc_uaf+0xed/0x140 [ 15.561420] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 15.561459] ? dequeue_task_fair+0x166/0x4e0 [ 15.561500] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 15.561545] ? __pfx_mempool_free_pages+0x10/0x10 [ 15.561954] ? __pfx_read_tsc+0x10/0x10 [ 15.562013] ? ktime_get_ts64+0x86/0x230 [ 15.562045] kunit_try_run_case+0x1a5/0x480 [ 15.562077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562101] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.562128] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.562152] ? __kthread_parkme+0x82/0x180 [ 15.562176] ? preempt_count_sub+0x50/0x80 [ 15.562203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.562228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.562252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.562275] kthread+0x337/0x6f0 [ 15.562294] ? trace_preempt_on+0x20/0xc0 [ 15.562319] ? __pfx_kthread+0x10/0x10 [ 15.562337] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.562360] ? calculate_sigpending+0x7b/0xa0 [ 15.562385] ? __pfx_kthread+0x10/0x10 [ 15.562407] ret_from_fork+0x41/0x80 [ 15.562429] ? __pfx_kthread+0x10/0x10 [ 15.562449] ret_from_fork_asm+0x1a/0x30 [ 15.562483] </TASK> [ 15.562498] [ 15.576914] The buggy address belongs to the physical page: [ 15.577511] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103984 [ 15.578311] flags: 0x200000000000000(node=0|zone=2) [ 15.579174] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 15.579586] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 15.579993] page dumped because: kasan: bad access detected [ 15.580402] [ 15.580544] Memory state around the buggy address: [ 15.580880] ffff888103983f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.581246] ffff888103983f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.581450] >ffff888103984000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.582018] ^ [ 15.582158] ffff888103984080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.582445] ffff888103984100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 15.583213] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 15.449049] ================================================================== [ 15.449547] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.449760] Read of size 1 at addr ffff8881033b1200 by task kunit_try_catch/247 [ 15.450595] [ 15.451010] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.451082] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.451098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.451125] Call Trace: [ 15.451164] <TASK> [ 15.451188] dump_stack_lvl+0x73/0xb0 [ 15.451233] print_report+0xd1/0x650 [ 15.451263] ? __virt_addr_valid+0x1db/0x2d0 [ 15.451292] ? mempool_uaf_helper+0x392/0x400 [ 15.451319] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.451344] ? mempool_uaf_helper+0x392/0x400 [ 15.451370] kasan_report+0x141/0x180 [ 15.451395] ? mempool_uaf_helper+0x392/0x400 [ 15.451424] __asan_report_load1_noabort+0x18/0x20 [ 15.451447] mempool_uaf_helper+0x392/0x400 [ 15.451472] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.451498] ? dequeue_entities+0x852/0x1740 [ 15.451528] ? finish_task_switch.isra.0+0x153/0x700 [ 15.451578] mempool_kmalloc_uaf+0xef/0x140 [ 15.451609] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 15.451635] ? dequeue_task_fair+0x166/0x4e0 [ 15.451659] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.451684] ? __pfx_mempool_kfree+0x10/0x10 [ 15.451709] ? __pfx_read_tsc+0x10/0x10 [ 15.451732] ? ktime_get_ts64+0x86/0x230 [ 15.451762] kunit_try_run_case+0x1a5/0x480 [ 15.451793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451819] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.451847] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.451872] ? __kthread_parkme+0x82/0x180 [ 15.451898] ? preempt_count_sub+0x50/0x80 [ 15.451925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.451953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.451978] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.452004] kthread+0x337/0x6f0 [ 15.452023] ? trace_preempt_on+0x20/0xc0 [ 15.452050] ? __pfx_kthread+0x10/0x10 [ 15.452070] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.452094] ? calculate_sigpending+0x7b/0xa0 [ 15.452120] ? __pfx_kthread+0x10/0x10 [ 15.452141] ret_from_fork+0x41/0x80 [ 15.452165] ? __pfx_kthread+0x10/0x10 [ 15.452185] ret_from_fork_asm+0x1a/0x30 [ 15.452218] </TASK> [ 15.452234] [ 15.464203] Allocated by task 247: [ 15.464405] kasan_save_stack+0x45/0x70 [ 15.465132] kasan_save_track+0x18/0x40 [ 15.465309] kasan_save_alloc_info+0x3b/0x50 [ 15.465872] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.466258] remove_element+0x11e/0x190 [ 15.466422] mempool_alloc_preallocated+0x4d/0x90 [ 15.466887] mempool_uaf_helper+0x96/0x400 [ 15.467089] mempool_kmalloc_uaf+0xef/0x140 [ 15.467221] kunit_try_run_case+0x1a5/0x480 [ 15.467548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.468072] kthread+0x337/0x6f0 [ 15.468270] ret_from_fork+0x41/0x80 [ 15.468382] ret_from_fork_asm+0x1a/0x30 [ 15.468696] [ 15.468860] Freed by task 247: [ 15.469017] kasan_save_stack+0x45/0x70 [ 15.469186] kasan_save_track+0x18/0x40 [ 15.469382] kasan_save_free_info+0x3f/0x60 [ 15.470157] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.470452] mempool_free+0x2ec/0x380 [ 15.470587] mempool_uaf_helper+0x11a/0x400 [ 15.471046] mempool_kmalloc_uaf+0xef/0x140 [ 15.471290] kunit_try_run_case+0x1a5/0x480 [ 15.471529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.472068] kthread+0x337/0x6f0 [ 15.472240] ret_from_fork+0x41/0x80 [ 15.472372] ret_from_fork_asm+0x1a/0x30 [ 15.472910] [ 15.473028] The buggy address belongs to the object at ffff8881033b1200 [ 15.473028] which belongs to the cache kmalloc-128 of size 128 [ 15.473576] The buggy address is located 0 bytes inside of [ 15.473576] freed 128-byte region [ffff8881033b1200, ffff8881033b1280) [ 15.474751] [ 15.474874] The buggy address belongs to the physical page: [ 15.475079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b1 [ 15.475688] flags: 0x200000000000000(node=0|zone=2) [ 15.476021] page_type: f5(slab) [ 15.476215] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.476813] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.477087] page dumped because: kasan: bad access detected [ 15.477255] [ 15.477394] Memory state around the buggy address: [ 15.477616] ffff8881033b1100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.477760] ffff8881033b1180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.478415] >ffff8881033b1200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.479201] ^ [ 15.479431] ffff8881033b1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.480217] ffff8881033b1300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.480455] ================================================================== [ 15.511953] ================================================================== [ 15.512344] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 15.513121] Read of size 1 at addr ffff8881033b3240 by task kunit_try_catch/251 [ 15.513531] [ 15.513651] CPU: 0 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.514036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.514049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.514073] Call Trace: [ 15.514090] <TASK> [ 15.514111] dump_stack_lvl+0x73/0xb0 [ 15.514150] print_report+0xd1/0x650 [ 15.514176] ? __virt_addr_valid+0x1db/0x2d0 [ 15.514200] ? mempool_uaf_helper+0x392/0x400 [ 15.514224] ? kasan_complete_mode_report_info+0x64/0x200 [ 15.514247] ? mempool_uaf_helper+0x392/0x400 [ 15.514269] kasan_report+0x141/0x180 [ 15.514292] ? mempool_uaf_helper+0x392/0x400 [ 15.514319] __asan_report_load1_noabort+0x18/0x20 [ 15.514338] mempool_uaf_helper+0x392/0x400 [ 15.514361] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 15.514383] ? update_load_avg+0x1be/0x21b0 [ 15.514409] ? finish_task_switch.isra.0+0x153/0x700 [ 15.514436] mempool_slab_uaf+0xea/0x140 [ 15.514457] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 15.514476] ? dequeue_task_fair+0x156/0x4e0 [ 15.514499] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.514521] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.514543] ? __pfx_read_tsc+0x10/0x10 [ 15.514583] ? ktime_get_ts64+0x86/0x230 [ 15.514615] kunit_try_run_case+0x1a5/0x480 [ 15.514644] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514667] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.514693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.514717] ? __kthread_parkme+0x82/0x180 [ 15.514741] ? preempt_count_sub+0x50/0x80 [ 15.514765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.514788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.514812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.514834] kthread+0x337/0x6f0 [ 15.514852] ? trace_preempt_on+0x20/0xc0 [ 15.514878] ? __pfx_kthread+0x10/0x10 [ 15.514896] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.514917] ? calculate_sigpending+0x7b/0xa0 [ 15.514940] ? __pfx_kthread+0x10/0x10 [ 15.514958] ret_from_fork+0x41/0x80 [ 15.514980] ? __pfx_kthread+0x10/0x10 [ 15.514998] ret_from_fork_asm+0x1a/0x30 [ 15.515027] </TASK> [ 15.515041] [ 15.529902] Allocated by task 251: [ 15.530103] kasan_save_stack+0x45/0x70 [ 15.530291] kasan_save_track+0x18/0x40 [ 15.530453] kasan_save_alloc_info+0x3b/0x50 [ 15.531704] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.531948] remove_element+0x11e/0x190 [ 15.532135] mempool_alloc_preallocated+0x4d/0x90 [ 15.532361] mempool_uaf_helper+0x96/0x400 [ 15.532581] mempool_slab_uaf+0xea/0x140 [ 15.532744] kunit_try_run_case+0x1a5/0x480 [ 15.532864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.532983] kthread+0x337/0x6f0 [ 15.533067] ret_from_fork+0x41/0x80 [ 15.533161] ret_from_fork_asm+0x1a/0x30 [ 15.533257] [ 15.533314] Freed by task 251: [ 15.533397] kasan_save_stack+0x45/0x70 [ 15.533498] kasan_save_track+0x18/0x40 [ 15.533615] kasan_save_free_info+0x3f/0x60 [ 15.533729] __kasan_mempool_poison_object+0x131/0x1d0 [ 15.533850] mempool_free+0x2ec/0x380 [ 15.533943] mempool_uaf_helper+0x11a/0x400 [ 15.534045] mempool_slab_uaf+0xea/0x140 [ 15.534138] kunit_try_run_case+0x1a5/0x480 [ 15.534240] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534356] kthread+0x337/0x6f0 [ 15.534439] ret_from_fork+0x41/0x80 [ 15.534529] ret_from_fork_asm+0x1a/0x30 [ 15.535073] [ 15.535292] The buggy address belongs to the object at ffff8881033b3240 [ 15.535292] which belongs to the cache test_cache of size 123 [ 15.536808] The buggy address is located 0 bytes inside of [ 15.536808] freed 123-byte region [ffff8881033b3240, ffff8881033b32bb) [ 15.538099] [ 15.538318] The buggy address belongs to the physical page: [ 15.538977] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033b3 [ 15.540184] flags: 0x200000000000000(node=0|zone=2) [ 15.540619] page_type: f5(slab) [ 15.541074] raw: 0200000000000000 ffff8881033a93c0 dead000000000122 0000000000000000 [ 15.541340] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.542052] page dumped because: kasan: bad access detected [ 15.542373] [ 15.542516] Memory state around the buggy address: [ 15.543110] ffff8881033b3100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.543529] ffff8881033b3180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.544406] >ffff8881033b3200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 15.544896] ^ [ 15.545256] ffff8881033b3280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.545795] ffff8881033b3300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.546030] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 15.409864] ================================================================== [ 15.410294] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.411181] Read of size 1 at addr ffff8881039f02bb by task kunit_try_catch/245 [ 15.411348] [ 15.411597] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.411741] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.411834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.411862] Call Trace: [ 15.411879] <TASK> [ 15.411977] dump_stack_lvl+0x73/0xb0 [ 15.412019] print_report+0xd1/0x650 [ 15.412045] ? __virt_addr_valid+0x1db/0x2d0 [ 15.412071] ? mempool_oob_right_helper+0x318/0x380 [ 15.412093] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.412114] ? mempool_oob_right_helper+0x318/0x380 [ 15.412137] kasan_report+0x141/0x180 [ 15.412158] ? mempool_oob_right_helper+0x318/0x380 [ 15.412573] __asan_report_load1_noabort+0x18/0x20 [ 15.412612] mempool_oob_right_helper+0x318/0x380 [ 15.412641] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.412667] ? finish_task_switch.isra.0+0x153/0x700 [ 15.412698] mempool_slab_oob_right+0xed/0x140 [ 15.412719] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 15.412739] ? dequeue_task_fair+0x166/0x4e0 [ 15.412776] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 15.412799] ? __pfx_mempool_free_slab+0x10/0x10 [ 15.412819] ? __pfx_read_tsc+0x10/0x10 [ 15.412839] ? ktime_get_ts64+0x86/0x230 [ 15.412866] kunit_try_run_case+0x1a5/0x480 [ 15.412893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.412914] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.412939] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.412961] ? __kthread_parkme+0x82/0x180 [ 15.412983] ? preempt_count_sub+0x50/0x80 [ 15.413006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.413027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.413048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.413069] kthread+0x337/0x6f0 [ 15.413086] ? trace_preempt_on+0x20/0xc0 [ 15.413111] ? __pfx_kthread+0x10/0x10 [ 15.413128] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.413148] ? calculate_sigpending+0x7b/0xa0 [ 15.413171] ? __pfx_kthread+0x10/0x10 [ 15.413190] ret_from_fork+0x41/0x80 [ 15.413210] ? __pfx_kthread+0x10/0x10 [ 15.413228] ret_from_fork_asm+0x1a/0x30 [ 15.413259] </TASK> [ 15.413273] [ 15.425071] Allocated by task 245: [ 15.425659] kasan_save_stack+0x45/0x70 [ 15.425915] kasan_save_track+0x18/0x40 [ 15.426659] kasan_save_alloc_info+0x3b/0x50 [ 15.427144] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 15.427290] remove_element+0x11e/0x190 [ 15.427987] mempool_alloc_preallocated+0x4d/0x90 [ 15.428121] mempool_oob_right_helper+0x8a/0x380 [ 15.428289] mempool_slab_oob_right+0xed/0x140 [ 15.428577] kunit_try_run_case+0x1a5/0x480 [ 15.428882] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.429254] kthread+0x337/0x6f0 [ 15.429755] ret_from_fork+0x41/0x80 [ 15.430097] ret_from_fork_asm+0x1a/0x30 [ 15.430426] [ 15.430498] The buggy address belongs to the object at ffff8881039f0240 [ 15.430498] which belongs to the cache test_cache of size 123 [ 15.431528] The buggy address is located 0 bytes to the right of [ 15.431528] allocated 123-byte region [ffff8881039f0240, ffff8881039f02bb) [ 15.432336] [ 15.432457] The buggy address belongs to the physical page: [ 15.432632] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f0 [ 15.433680] flags: 0x200000000000000(node=0|zone=2) [ 15.434016] page_type: f5(slab) [ 15.434144] raw: 0200000000000000 ffff888101c8f8c0 dead000000000122 0000000000000000 [ 15.434512] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 15.434766] page dumped because: kasan: bad access detected [ 15.435059] [ 15.435148] Memory state around the buggy address: [ 15.435383] ffff8881039f0180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.436169] ffff8881039f0200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 15.436431] >ffff8881039f0280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 15.437037] ^ [ 15.437343] ffff8881039f0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.437884] ffff8881039f0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.438535] ================================================================== [ 15.383445] ================================================================== [ 15.384150] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.384383] Read of size 1 at addr ffff888103986001 by task kunit_try_catch/243 [ 15.384826] [ 15.384946] CPU: 0 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.385025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.385039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.385063] Call Trace: [ 15.385079] <TASK> [ 15.385100] dump_stack_lvl+0x73/0xb0 [ 15.385131] print_report+0xd1/0x650 [ 15.385157] ? __virt_addr_valid+0x1db/0x2d0 [ 15.385181] ? mempool_oob_right_helper+0x318/0x380 [ 15.385206] ? kasan_addr_to_slab+0x11/0xa0 [ 15.385227] ? mempool_oob_right_helper+0x318/0x380 [ 15.385536] kasan_report+0x141/0x180 [ 15.385619] ? mempool_oob_right_helper+0x318/0x380 [ 15.385669] __asan_report_load1_noabort+0x18/0x20 [ 15.385704] mempool_oob_right_helper+0x318/0x380 [ 15.385730] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.385755] ? dequeue_entities+0x852/0x1740 [ 15.385783] ? finish_task_switch.isra.0+0x153/0x700 [ 15.385811] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 15.385837] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 15.385862] ? dequeue_task_fair+0x166/0x4e0 [ 15.385885] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.385907] ? __pfx_mempool_kfree+0x10/0x10 [ 15.385929] ? __pfx_read_tsc+0x10/0x10 [ 15.385950] ? ktime_get_ts64+0x86/0x230 [ 15.385976] kunit_try_run_case+0x1a5/0x480 [ 15.386003] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.386026] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.386053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.386076] ? __kthread_parkme+0x82/0x180 [ 15.386099] ? preempt_count_sub+0x50/0x80 [ 15.386124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.386149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.386172] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.386195] kthread+0x337/0x6f0 [ 15.386212] ? trace_preempt_on+0x20/0xc0 [ 15.386237] ? __pfx_kthread+0x10/0x10 [ 15.386256] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.386277] ? calculate_sigpending+0x7b/0xa0 [ 15.386300] ? __pfx_kthread+0x10/0x10 [ 15.386319] ret_from_fork+0x41/0x80 [ 15.386341] ? __pfx_kthread+0x10/0x10 [ 15.386360] ret_from_fork_asm+0x1a/0x30 [ 15.386390] </TASK> [ 15.386402] [ 15.395564] The buggy address belongs to the physical page: [ 15.395908] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103984 [ 15.396265] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 15.396565] flags: 0x200000000000040(head|node=0|zone=2) [ 15.397079] page_type: f8(unknown) [ 15.397236] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.397492] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.397943] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 15.398266] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 15.398551] head: 0200000000000002 ffffea00040e6101 00000000ffffffff 00000000ffffffff [ 15.398858] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 15.399217] page dumped because: kasan: bad access detected [ 15.399430] [ 15.399568] Memory state around the buggy address: [ 15.399848] ffff888103985f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.400232] ffff888103985f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 15.400820] >ffff888103986000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.401006] ^ [ 15.401214] ffff888103986080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.401364] ffff888103986100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 15.401769] ================================================================== [ 15.350074] ================================================================== [ 15.350565] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 15.351664] Read of size 1 at addr ffff888103391e73 by task kunit_try_catch/241 [ 15.352004] [ 15.352357] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 15.352711] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.352736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.352765] Call Trace: [ 15.352782] <TASK> [ 15.352806] dump_stack_lvl+0x73/0xb0 [ 15.352851] print_report+0xd1/0x650 [ 15.352877] ? __virt_addr_valid+0x1db/0x2d0 [ 15.352904] ? mempool_oob_right_helper+0x318/0x380 [ 15.352929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.352953] ? mempool_oob_right_helper+0x318/0x380 [ 15.352978] kasan_report+0x141/0x180 [ 15.353002] ? mempool_oob_right_helper+0x318/0x380 [ 15.353031] __asan_report_load1_noabort+0x18/0x20 [ 15.353052] mempool_oob_right_helper+0x318/0x380 [ 15.353078] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 15.353103] ? dequeue_entities+0x852/0x1740 [ 15.353132] ? finish_task_switch.isra.0+0x153/0x700 [ 15.353160] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.353185] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 15.353210] ? dequeue_task_fair+0x166/0x4e0 [ 15.353233] ? __pfx_mempool_kmalloc+0x10/0x10 [ 15.353257] ? __pfx_mempool_kfree+0x10/0x10 [ 15.353280] ? __pfx_read_tsc+0x10/0x10 [ 15.353302] ? ktime_get_ts64+0x86/0x230 [ 15.353329] kunit_try_run_case+0x1a5/0x480 [ 15.353356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.353379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.353405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.353428] ? __kthread_parkme+0x82/0x180 [ 15.353452] ? preempt_count_sub+0x50/0x80 [ 15.353477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.353503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.353527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.353552] kthread+0x337/0x6f0 [ 15.353593] ? trace_preempt_on+0x20/0xc0 [ 15.353619] ? __pfx_kthread+0x10/0x10 [ 15.353637] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.353658] ? calculate_sigpending+0x7b/0xa0 [ 15.353681] ? __pfx_kthread+0x10/0x10 [ 15.353700] ret_from_fork+0x41/0x80 [ 15.353721] ? __pfx_kthread+0x10/0x10 [ 15.353739] ret_from_fork_asm+0x1a/0x30 [ 15.353770] </TASK> [ 15.353783] [ 15.364414] Allocated by task 241: [ 15.364593] kasan_save_stack+0x45/0x70 [ 15.364715] kasan_save_track+0x18/0x40 [ 15.364810] kasan_save_alloc_info+0x3b/0x50 [ 15.364908] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 15.365599] remove_element+0x11e/0x190 [ 15.365877] mempool_alloc_preallocated+0x4d/0x90 [ 15.366294] mempool_oob_right_helper+0x8a/0x380 [ 15.366807] mempool_kmalloc_oob_right+0xf2/0x150 [ 15.366957] kunit_try_run_case+0x1a5/0x480 [ 15.367369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.367506] kthread+0x337/0x6f0 [ 15.367754] ret_from_fork+0x41/0x80 [ 15.367891] ret_from_fork_asm+0x1a/0x30 [ 15.368178] [ 15.368236] The buggy address belongs to the object at ffff888103391e00 [ 15.368236] which belongs to the cache kmalloc-128 of size 128 [ 15.369396] The buggy address is located 0 bytes to the right of [ 15.369396] allocated 115-byte region [ffff888103391e00, ffff888103391e73) [ 15.370554] [ 15.370911] The buggy address belongs to the physical page: [ 15.371054] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 15.371480] flags: 0x200000000000000(node=0|zone=2) [ 15.371635] page_type: f5(slab) [ 15.371968] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.372218] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.372516] page dumped because: kasan: bad access detected [ 15.373153] [ 15.373232] Memory state around the buggy address: [ 15.373507] ffff888103391d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.373808] ffff888103391d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.374180] >ffff888103391e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.375212] ^ [ 15.375470] ffff888103391e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.375766] ffff888103391f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.376146] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 14.778990] ================================================================== [ 14.780036] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 14.780248] Read of size 1 at addr ffff888101c8f640 by task kunit_try_catch/235 [ 14.780479] [ 14.780654] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.780717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.780733] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.780758] Call Trace: [ 14.780837] <TASK> [ 14.780862] dump_stack_lvl+0x73/0xb0 [ 14.780898] print_report+0xd1/0x650 [ 14.780922] ? __virt_addr_valid+0x1db/0x2d0 [ 14.780949] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.780971] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.780994] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.781018] kasan_report+0x141/0x180 [ 14.781041] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.781067] ? kmem_cache_double_destroy+0x1bf/0x380 [ 14.781090] __kasan_check_byte+0x3d/0x50 [ 14.781113] kmem_cache_destroy+0x25/0x1d0 [ 14.781229] kmem_cache_double_destroy+0x1bf/0x380 [ 14.781286] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 14.781312] ? finish_task_switch.isra.0+0x153/0x700 [ 14.781345] ? __switch_to+0x5d9/0xf60 [ 14.781371] ? dequeue_task_fair+0x166/0x4e0 [ 14.781401] ? __pfx_read_tsc+0x10/0x10 [ 14.781425] ? ktime_get_ts64+0x86/0x230 [ 14.781456] kunit_try_run_case+0x1a5/0x480 [ 14.781486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.781508] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.781535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.781571] ? __kthread_parkme+0x82/0x180 [ 14.781608] ? preempt_count_sub+0x50/0x80 [ 14.781636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.781661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.781686] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.781712] kthread+0x337/0x6f0 [ 14.781731] ? trace_preempt_on+0x20/0xc0 [ 14.781757] ? __pfx_kthread+0x10/0x10 [ 14.781831] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.781859] ? calculate_sigpending+0x7b/0xa0 [ 14.781886] ? __pfx_kthread+0x10/0x10 [ 14.781908] ret_from_fork+0x41/0x80 [ 14.781933] ? __pfx_kthread+0x10/0x10 [ 14.781952] ret_from_fork_asm+0x1a/0x30 [ 14.781986] </TASK> [ 14.781999] [ 14.790888] Allocated by task 235: [ 14.791343] kasan_save_stack+0x45/0x70 [ 14.791487] kasan_save_track+0x18/0x40 [ 14.792081] kasan_save_alloc_info+0x3b/0x50 [ 14.792280] __kasan_slab_alloc+0x91/0xa0 [ 14.792397] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.792514] __kmem_cache_create_args+0x169/0x240 [ 14.792678] kmem_cache_double_destroy+0xd5/0x380 [ 14.792800] kunit_try_run_case+0x1a5/0x480 [ 14.792928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.793058] kthread+0x337/0x6f0 [ 14.793167] ret_from_fork+0x41/0x80 [ 14.793275] ret_from_fork_asm+0x1a/0x30 [ 14.793380] [ 14.793438] Freed by task 235: [ 14.793543] kasan_save_stack+0x45/0x70 [ 14.794676] kasan_save_track+0x18/0x40 [ 14.794917] kasan_save_free_info+0x3f/0x60 [ 14.795047] __kasan_slab_free+0x56/0x70 [ 14.795210] kmem_cache_free+0x249/0x420 [ 14.795484] slab_kmem_cache_release+0x2e/0x40 [ 14.796114] kmem_cache_release+0x16/0x20 [ 14.796442] kobject_put+0x181/0x450 [ 14.796705] sysfs_slab_release+0x16/0x20 [ 14.796803] kmem_cache_destroy+0xf0/0x1d0 [ 14.796896] kmem_cache_double_destroy+0x14e/0x380 [ 14.796997] kunit_try_run_case+0x1a5/0x480 [ 14.797446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797575] kthread+0x337/0x6f0 [ 14.797859] ret_from_fork+0x41/0x80 [ 14.798064] ret_from_fork_asm+0x1a/0x30 [ 14.798170] [ 14.798235] The buggy address belongs to the object at ffff888101c8f640 [ 14.798235] which belongs to the cache kmem_cache of size 208 [ 14.798492] The buggy address is located 0 bytes inside of [ 14.798492] freed 208-byte region [ffff888101c8f640, ffff888101c8f710) [ 14.799022] [ 14.799247] The buggy address belongs to the physical page: [ 14.800018] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101c8f [ 14.800464] flags: 0x200000000000000(node=0|zone=2) [ 14.800594] page_type: f5(slab) [ 14.801095] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 14.801254] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 14.801508] page dumped because: kasan: bad access detected [ 14.801972] [ 14.802206] Memory state around the buggy address: [ 14.802379] ffff888101c8f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.802575] ffff888101c8f580: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 14.803072] >ffff888101c8f600: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 14.803249] ^ [ 14.803414] ffff888101c8f680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.803617] ffff888101c8f700: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.804071] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 14.722289] ================================================================== [ 14.723116] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.723362] Read of size 1 at addr ffff8881033ad000 by task kunit_try_catch/233 [ 14.723842] [ 14.724000] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.724063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.724077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.724100] Call Trace: [ 14.724117] <TASK> [ 14.724139] dump_stack_lvl+0x73/0xb0 [ 14.724174] print_report+0xd1/0x650 [ 14.724199] ? __virt_addr_valid+0x1db/0x2d0 [ 14.724225] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.724245] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.724268] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.724288] kasan_report+0x141/0x180 [ 14.724312] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.724336] __asan_report_load1_noabort+0x18/0x20 [ 14.724702] kmem_cache_rcu_uaf+0x3e3/0x510 [ 14.724730] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 14.724751] ? finish_task_switch.isra.0+0x153/0x700 [ 14.724780] ? __switch_to+0x5d9/0xf60 [ 14.724804] ? dequeue_task_fair+0x166/0x4e0 [ 14.724832] ? __pfx_read_tsc+0x10/0x10 [ 14.724871] ? ktime_get_ts64+0x86/0x230 [ 14.724896] ? irqentry_exit+0x2a/0x60 [ 14.724923] kunit_try_run_case+0x1a5/0x480 [ 14.724952] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.724975] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.725001] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.725025] ? __kthread_parkme+0x82/0x180 [ 14.725049] ? preempt_count_sub+0x50/0x80 [ 14.725074] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.725099] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.725124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.725147] kthread+0x337/0x6f0 [ 14.725164] ? trace_preempt_on+0x20/0xc0 [ 14.725190] ? __pfx_kthread+0x10/0x10 [ 14.725210] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.725231] ? calculate_sigpending+0x7b/0xa0 [ 14.725255] ? __pfx_kthread+0x10/0x10 [ 14.725274] ret_from_fork+0x41/0x80 [ 14.725297] ? __pfx_kthread+0x10/0x10 [ 14.725316] ret_from_fork_asm+0x1a/0x30 [ 14.725348] </TASK> [ 14.725362] [ 14.733208] Allocated by task 233: [ 14.733484] kasan_save_stack+0x45/0x70 [ 14.733935] kasan_save_track+0x18/0x40 [ 14.734141] kasan_save_alloc_info+0x3b/0x50 [ 14.734329] __kasan_slab_alloc+0x91/0xa0 [ 14.734493] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.734742] kmem_cache_rcu_uaf+0x155/0x510 [ 14.735004] kunit_try_run_case+0x1a5/0x480 [ 14.735277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.735471] kthread+0x337/0x6f0 [ 14.735739] ret_from_fork+0x41/0x80 [ 14.735850] ret_from_fork_asm+0x1a/0x30 [ 14.735962] [ 14.736020] Freed by task 0: [ 14.736236] kasan_save_stack+0x45/0x70 [ 14.736513] kasan_save_track+0x18/0x40 [ 14.736862] kasan_save_free_info+0x3f/0x60 [ 14.736979] __kasan_slab_free+0x56/0x70 [ 14.737237] slab_free_after_rcu_debug+0xe4/0x310 [ 14.737524] rcu_core+0x66c/0x1c30 [ 14.737979] rcu_core_si+0x12/0x20 [ 14.738221] handle_softirqs+0x209/0x730 [ 14.738340] __irq_exit_rcu+0xc9/0x110 [ 14.738585] irq_exit_rcu+0x12/0x20 [ 14.738973] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.739195] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.739423] [ 14.739556] Last potentially related work creation: [ 14.739797] kasan_save_stack+0x45/0x70 [ 14.739916] kasan_record_aux_stack+0xb2/0xc0 [ 14.740035] kmem_cache_free+0x131/0x420 [ 14.740325] kmem_cache_rcu_uaf+0x194/0x510 [ 14.740740] kunit_try_run_case+0x1a5/0x480 [ 14.740982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.741182] kthread+0x337/0x6f0 [ 14.741340] ret_from_fork+0x41/0x80 [ 14.741510] ret_from_fork_asm+0x1a/0x30 [ 14.742101] [ 14.742259] The buggy address belongs to the object at ffff8881033ad000 [ 14.742259] which belongs to the cache test_cache of size 200 [ 14.743037] The buggy address is located 0 bytes inside of [ 14.743037] freed 200-byte region [ffff8881033ad000, ffff8881033ad0c8) [ 14.743829] [ 14.743902] The buggy address belongs to the physical page: [ 14.744300] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ad [ 14.744683] flags: 0x200000000000000(node=0|zone=2) [ 14.744968] page_type: f5(slab) [ 14.745199] raw: 0200000000000000 ffff8881033a9140 dead000000000122 0000000000000000 [ 14.745577] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.746145] page dumped because: kasan: bad access detected [ 14.746464] [ 14.746555] Memory state around the buggy address: [ 14.746809] ffff8881033acf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747075] ffff8881033acf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.747267] >ffff8881033ad000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.747731] ^ [ 14.747899] ffff8881033ad080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.748204] ffff8881033ad100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.748543] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 14.642444] ================================================================== [ 14.643084] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 14.643674] Free of addr ffff8881039e8001 by task kunit_try_catch/231 [ 14.643957] [ 14.644104] CPU: 1 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.644334] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.644361] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.644407] Call Trace: [ 14.644437] <TASK> [ 14.644473] dump_stack_lvl+0x73/0xb0 [ 14.644534] print_report+0xd1/0x650 [ 14.644591] ? __virt_addr_valid+0x1db/0x2d0 [ 14.644636] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.644677] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.644721] kasan_report_invalid_free+0x10a/0x130 [ 14.644771] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.644818] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.644863] check_slab_allocation+0x11f/0x130 [ 14.644909] __kasan_slab_pre_free+0x28/0x40 [ 14.644952] kmem_cache_free+0xed/0x420 [ 14.644991] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.645024] ? kmem_cache_invalid_free+0x1d8/0x460 [ 14.645062] kmem_cache_invalid_free+0x1d8/0x460 [ 14.645100] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 14.645135] ? finish_task_switch.isra.0+0x153/0x700 [ 14.645176] ? __switch_to+0x5d9/0xf60 [ 14.645211] ? dequeue_task_fair+0x166/0x4e0 [ 14.645260] ? __pfx_read_tsc+0x10/0x10 [ 14.645299] ? ktime_get_ts64+0x86/0x230 [ 14.645343] kunit_try_run_case+0x1a5/0x480 [ 14.645393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.645470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.645512] ? __kthread_parkme+0x82/0x180 [ 14.645566] ? preempt_count_sub+0x50/0x80 [ 14.645618] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.645652] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.645689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.645716] kthread+0x337/0x6f0 [ 14.645734] ? trace_preempt_on+0x20/0xc0 [ 14.645760] ? __pfx_kthread+0x10/0x10 [ 14.645777] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.645798] ? calculate_sigpending+0x7b/0xa0 [ 14.645821] ? __pfx_kthread+0x10/0x10 [ 14.645839] ret_from_fork+0x41/0x80 [ 14.645860] ? __pfx_kthread+0x10/0x10 [ 14.645878] ret_from_fork_asm+0x1a/0x30 [ 14.645907] </TASK> [ 14.645921] [ 14.659101] Allocated by task 231: [ 14.659296] kasan_save_stack+0x45/0x70 [ 14.659475] kasan_save_track+0x18/0x40 [ 14.659639] kasan_save_alloc_info+0x3b/0x50 [ 14.659821] __kasan_slab_alloc+0x91/0xa0 [ 14.660016] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.660228] kmem_cache_invalid_free+0x157/0x460 [ 14.660429] kunit_try_run_case+0x1a5/0x480 [ 14.662085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.662454] kthread+0x337/0x6f0 [ 14.662969] ret_from_fork+0x41/0x80 [ 14.663475] ret_from_fork_asm+0x1a/0x30 [ 14.664076] [ 14.664190] The buggy address belongs to the object at ffff8881039e8000 [ 14.664190] which belongs to the cache test_cache of size 200 [ 14.664524] The buggy address is located 1 bytes inside of [ 14.664524] 200-byte region [ffff8881039e8000, ffff8881039e80c8) [ 14.665707] [ 14.665927] The buggy address belongs to the physical page: [ 14.667245] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e8 [ 14.667600] flags: 0x200000000000000(node=0|zone=2) [ 14.667984] page_type: f5(slab) [ 14.668266] raw: 0200000000000000 ffff888101c8f500 dead000000000122 0000000000000000 [ 14.668505] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.669533] page dumped because: kasan: bad access detected [ 14.670240] [ 14.670408] Memory state around the buggy address: [ 14.671276] ffff8881039e7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.671674] ffff8881039e7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 14.672546] >ffff8881039e8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.673323] ^ [ 14.673967] ffff8881039e8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.674311] ffff8881039e8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.675111] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 14.594658] ================================================================== [ 14.596062] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 14.597243] Free of addr ffff8881033ac000 by task kunit_try_catch/229 [ 14.598031] [ 14.598191] CPU: 0 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.598285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.598305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.598340] Call Trace: [ 14.598364] <TASK> [ 14.598397] dump_stack_lvl+0x73/0xb0 [ 14.598452] print_report+0xd1/0x650 [ 14.598479] ? __virt_addr_valid+0x1db/0x2d0 [ 14.598503] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.598527] ? kmem_cache_double_free+0x1e5/0x480 [ 14.598549] kasan_report_invalid_free+0x10a/0x130 [ 14.598601] ? kmem_cache_double_free+0x1e5/0x480 [ 14.598638] ? kmem_cache_double_free+0x1e5/0x480 [ 14.598673] check_slab_allocation+0x101/0x130 [ 14.598708] __kasan_slab_pre_free+0x28/0x40 [ 14.598743] kmem_cache_free+0xed/0x420 [ 14.598779] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.598812] ? kmem_cache_double_free+0x1e5/0x480 [ 14.598849] kmem_cache_double_free+0x1e5/0x480 [ 14.598882] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 14.598917] ? finish_task_switch.isra.0+0x153/0x700 [ 14.598960] ? __switch_to+0x5d9/0xf60 [ 14.598997] ? dequeue_task_fair+0x166/0x4e0 [ 14.599082] ? __pfx_read_tsc+0x10/0x10 [ 14.599117] ? ktime_get_ts64+0x86/0x230 [ 14.599180] kunit_try_run_case+0x1a5/0x480 [ 14.599234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.599326] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.599367] ? __kthread_parkme+0x82/0x180 [ 14.599446] ? preempt_count_sub+0x50/0x80 [ 14.599513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.599552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.599594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.599626] kthread+0x337/0x6f0 [ 14.599654] ? trace_preempt_on+0x20/0xc0 [ 14.599690] ? __pfx_kthread+0x10/0x10 [ 14.599716] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.599749] ? calculate_sigpending+0x7b/0xa0 [ 14.599782] ? __pfx_kthread+0x10/0x10 [ 14.599812] ret_from_fork+0x41/0x80 [ 14.599845] ? __pfx_kthread+0x10/0x10 [ 14.599870] ret_from_fork_asm+0x1a/0x30 [ 14.599901] </TASK> [ 14.599915] [ 14.610226] Allocated by task 229: [ 14.610512] kasan_save_stack+0x45/0x70 [ 14.611036] kasan_save_track+0x18/0x40 [ 14.611364] kasan_save_alloc_info+0x3b/0x50 [ 14.611777] __kasan_slab_alloc+0x91/0xa0 [ 14.612156] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.612547] kmem_cache_double_free+0x14f/0x480 [ 14.613027] kunit_try_run_case+0x1a5/0x480 [ 14.613391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.613895] kthread+0x337/0x6f0 [ 14.614377] ret_from_fork+0x41/0x80 [ 14.614748] ret_from_fork_asm+0x1a/0x30 [ 14.615183] [ 14.615342] Freed by task 229: [ 14.615637] kasan_save_stack+0x45/0x70 [ 14.616004] kasan_save_track+0x18/0x40 [ 14.616186] kasan_save_free_info+0x3f/0x60 [ 14.616364] __kasan_slab_free+0x56/0x70 [ 14.616576] kmem_cache_free+0x249/0x420 [ 14.616788] kmem_cache_double_free+0x16a/0x480 [ 14.616999] kunit_try_run_case+0x1a5/0x480 [ 14.617209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.617429] kthread+0x337/0x6f0 [ 14.617698] ret_from_fork+0x41/0x80 [ 14.618142] ret_from_fork_asm+0x1a/0x30 [ 14.618593] [ 14.618808] The buggy address belongs to the object at ffff8881033ac000 [ 14.618808] which belongs to the cache test_cache of size 200 [ 14.619855] The buggy address is located 0 bytes inside of [ 14.619855] 200-byte region [ffff8881033ac000, ffff8881033ac0c8) [ 14.620771] [ 14.620983] The buggy address belongs to the physical page: [ 14.621521] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033ac [ 14.622244] flags: 0x200000000000000(node=0|zone=2) [ 14.622828] page_type: f5(slab) [ 14.623193] raw: 0200000000000000 ffff8881033a9000 dead000000000122 0000000000000000 [ 14.623863] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.624976] page dumped because: kasan: bad access detected [ 14.625323] [ 14.625425] Memory state around the buggy address: [ 14.626083] ffff8881033abf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.626537] ffff8881033abf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.627000] >ffff8881033ac000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.627465] ^ [ 14.627744] ffff8881033ac080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 14.628526] ffff8881033ac100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.629369] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 14.533799] ================================================================== [ 14.534362] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 14.535320] Read of size 1 at addr ffff8881033a80c8 by task kunit_try_catch/227 [ 14.535916] [ 14.536089] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.536496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.536514] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.536539] Call Trace: [ 14.536575] <TASK> [ 14.536779] dump_stack_lvl+0x73/0xb0 [ 14.536834] print_report+0xd1/0x650 [ 14.536864] ? __virt_addr_valid+0x1db/0x2d0 [ 14.536889] ? kmem_cache_oob+0x402/0x530 [ 14.536909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.536932] ? kmem_cache_oob+0x402/0x530 [ 14.536952] kasan_report+0x141/0x180 [ 14.536975] ? kmem_cache_oob+0x402/0x530 [ 14.536999] __asan_report_load1_noabort+0x18/0x20 [ 14.537020] kmem_cache_oob+0x402/0x530 [ 14.537038] ? trace_hardirqs_on+0x37/0xe0 [ 14.537066] ? __pfx_kmem_cache_oob+0x10/0x10 [ 14.537085] ? finish_task_switch.isra.0+0x153/0x700 [ 14.537112] ? __switch_to+0x5d9/0xf60 [ 14.537134] ? dequeue_task_fair+0x166/0x4e0 [ 14.537162] ? __pfx_read_tsc+0x10/0x10 [ 14.537182] ? ktime_get_ts64+0x86/0x230 [ 14.537209] kunit_try_run_case+0x1a5/0x480 [ 14.537235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.537257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.537281] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.537304] ? __kthread_parkme+0x82/0x180 [ 14.537327] ? preempt_count_sub+0x50/0x80 [ 14.537351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.537375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.537399] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.537422] kthread+0x337/0x6f0 [ 14.537439] ? trace_preempt_on+0x20/0xc0 [ 14.537462] ? __pfx_kthread+0x10/0x10 [ 14.537480] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.537500] ? calculate_sigpending+0x7b/0xa0 [ 14.537523] ? __pfx_kthread+0x10/0x10 [ 14.537542] ret_from_fork+0x41/0x80 [ 14.537575] ? __pfx_kthread+0x10/0x10 [ 14.537597] ret_from_fork_asm+0x1a/0x30 [ 14.537628] </TASK> [ 14.537642] [ 14.548287] Allocated by task 227: [ 14.550998] kasan_save_stack+0x45/0x70 [ 14.551419] kasan_save_track+0x18/0x40 [ 14.552162] kasan_save_alloc_info+0x3b/0x50 [ 14.552398] __kasan_slab_alloc+0x91/0xa0 [ 14.552555] kmem_cache_alloc_noprof+0x123/0x3f0 [ 14.552816] kmem_cache_oob+0x157/0x530 [ 14.552981] kunit_try_run_case+0x1a5/0x480 [ 14.553159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.553353] kthread+0x337/0x6f0 [ 14.553501] ret_from_fork+0x41/0x80 [ 14.553680] ret_from_fork_asm+0x1a/0x30 [ 14.553848] [ 14.553945] The buggy address belongs to the object at ffff8881033a8000 [ 14.553945] which belongs to the cache test_cache of size 200 [ 14.554356] The buggy address is located 0 bytes to the right of [ 14.554356] allocated 200-byte region [ffff8881033a8000, ffff8881033a80c8) [ 14.555084] [ 14.555219] The buggy address belongs to the physical page: [ 14.555722] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033a8 [ 14.556242] flags: 0x200000000000000(node=0|zone=2) [ 14.556476] page_type: f5(slab) [ 14.556701] raw: 0200000000000000 ffff88810159ddc0 dead000000000122 0000000000000000 [ 14.556991] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 14.557231] page dumped because: kasan: bad access detected [ 14.557409] [ 14.557492] Memory state around the buggy address: [ 14.557717] ffff8881033a7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.558596] ffff8881033a8000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 14.559203] >ffff8881033a8080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 14.559485] ^ [ 14.559959] ffff8881033a8100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560446] ffff8881033a8180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560958] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 14.472116] ================================================================== [ 14.472746] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 14.473273] Read of size 8 at addr ffff888102d9fd00 by task kunit_try_catch/220 [ 14.473732] [ 14.473892] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.473996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.474023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.474065] Call Trace: [ 14.474099] <TASK> [ 14.474135] dump_stack_lvl+0x73/0xb0 [ 14.474185] print_report+0xd1/0x650 [ 14.474222] ? __virt_addr_valid+0x1db/0x2d0 [ 14.474248] ? workqueue_uaf+0x4d6/0x560 [ 14.474270] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.474294] ? workqueue_uaf+0x4d6/0x560 [ 14.474332] kasan_report+0x141/0x180 [ 14.474375] ? workqueue_uaf+0x4d6/0x560 [ 14.474429] __asan_report_load8_noabort+0x18/0x20 [ 14.474467] workqueue_uaf+0x4d6/0x560 [ 14.474512] ? __pfx_workqueue_uaf+0x10/0x10 [ 14.475516] ? __pfx_workqueue_uaf+0x10/0x10 [ 14.475740] kunit_try_run_case+0x1a5/0x480 [ 14.475781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475807] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.475833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.475857] ? __kthread_parkme+0x82/0x180 [ 14.475882] ? preempt_count_sub+0x50/0x80 [ 14.475911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.475936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.475960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.475984] kthread+0x337/0x6f0 [ 14.476003] ? trace_preempt_on+0x20/0xc0 [ 14.476029] ? __pfx_kthread+0x10/0x10 [ 14.476049] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.476071] ? calculate_sigpending+0x7b/0xa0 [ 14.476095] ? __pfx_kthread+0x10/0x10 [ 14.476115] ret_from_fork+0x41/0x80 [ 14.476138] ? __pfx_kthread+0x10/0x10 [ 14.476158] ret_from_fork_asm+0x1a/0x30 [ 14.476190] </TASK> [ 14.476205] [ 14.490413] Allocated by task 220: [ 14.491103] kasan_save_stack+0x45/0x70 [ 14.491342] kasan_save_track+0x18/0x40 [ 14.491970] kasan_save_alloc_info+0x3b/0x50 [ 14.492289] __kasan_kmalloc+0xb7/0xc0 [ 14.493101] __kmalloc_cache_noprof+0x189/0x420 [ 14.493346] workqueue_uaf+0x152/0x560 [ 14.493497] kunit_try_run_case+0x1a5/0x480 [ 14.493904] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.494314] kthread+0x337/0x6f0 [ 14.495407] ret_from_fork+0x41/0x80 [ 14.495727] ret_from_fork_asm+0x1a/0x30 [ 14.495917] [ 14.496084] Freed by task 24: [ 14.496320] kasan_save_stack+0x45/0x70 [ 14.497152] kasan_save_track+0x18/0x40 [ 14.497379] kasan_save_free_info+0x3f/0x60 [ 14.497591] __kasan_slab_free+0x56/0x70 [ 14.498342] kfree+0x222/0x3f0 [ 14.498785] workqueue_uaf_work+0x12/0x20 [ 14.499080] process_one_work+0x5ee/0xf60 [ 14.499274] worker_thread+0x758/0x1220 [ 14.499573] kthread+0x337/0x6f0 [ 14.500486] ret_from_fork+0x41/0x80 [ 14.500844] ret_from_fork_asm+0x1a/0x30 [ 14.501140] [ 14.501282] Last potentially related work creation: [ 14.501524] kasan_save_stack+0x45/0x70 [ 14.502246] kasan_record_aux_stack+0xb2/0xc0 [ 14.502423] __queue_work+0x626/0xeb0 [ 14.503022] queue_work_on+0xb6/0xc0 [ 14.503217] workqueue_uaf+0x26d/0x560 [ 14.503907] kunit_try_run_case+0x1a5/0x480 [ 14.504158] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.504333] kthread+0x337/0x6f0 [ 14.504577] ret_from_fork+0x41/0x80 [ 14.505456] ret_from_fork_asm+0x1a/0x30 [ 14.505868] [ 14.506366] The buggy address belongs to the object at ffff888102d9fd00 [ 14.506366] which belongs to the cache kmalloc-32 of size 32 [ 14.506988] The buggy address is located 0 bytes inside of [ 14.506988] freed 32-byte region [ffff888102d9fd00, ffff888102d9fd20) [ 14.508173] [ 14.508314] The buggy address belongs to the physical page: [ 14.508504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d9f [ 14.509114] flags: 0x200000000000000(node=0|zone=2) [ 14.509510] page_type: f5(slab) [ 14.510492] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.511254] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.511920] page dumped because: kasan: bad access detected [ 14.512343] [ 14.512515] Memory state around the buggy address: [ 14.513158] ffff888102d9fc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.513419] ffff888102d9fc80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.513970] >ffff888102d9fd00: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 14.514425] ^ [ 14.515510] ffff888102d9fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516256] ffff888102d9fe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.516526] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 14.420835] ================================================================== [ 14.421398] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 14.421867] Read of size 4 at addr ffff888102d9fc40 by task swapper/1/0 [ 14.422097] [ 14.422396] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.422494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.422510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.422533] Call Trace: [ 14.422595] <IRQ> [ 14.422632] dump_stack_lvl+0x73/0xb0 [ 14.422693] print_report+0xd1/0x650 [ 14.422735] ? __virt_addr_valid+0x1db/0x2d0 [ 14.422805] ? rcu_uaf_reclaim+0x50/0x60 [ 14.422839] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.422878] ? rcu_uaf_reclaim+0x50/0x60 [ 14.422916] kasan_report+0x141/0x180 [ 14.422960] ? rcu_uaf_reclaim+0x50/0x60 [ 14.423001] __asan_report_load4_noabort+0x18/0x20 [ 14.423040] rcu_uaf_reclaim+0x50/0x60 [ 14.423099] rcu_core+0x66c/0x1c30 [ 14.423157] ? enqueue_hrtimer+0xfe/0x210 [ 14.423207] ? __pfx_rcu_core+0x10/0x10 [ 14.423254] ? ktime_get+0x6b/0x150 [ 14.423299] ? handle_softirqs+0x18e/0x730 [ 14.423349] rcu_core_si+0x12/0x20 [ 14.423407] handle_softirqs+0x209/0x730 [ 14.423447] ? hrtimer_interrupt+0x2fe/0x780 [ 14.423489] ? __pfx_handle_softirqs+0x10/0x10 [ 14.423539] __irq_exit_rcu+0xc9/0x110 [ 14.423579] irq_exit_rcu+0x12/0x20 [ 14.423599] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.423633] </IRQ> [ 14.423689] <TASK> [ 14.423708] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.423896] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 14.424296] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 2d 28 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 14.424420] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010206 [ 14.424538] RAX: ffff8881bf393000 RBX: ffff8881008353c0 RCX: ffffffff99807015 [ 14.424599] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 00000000000103f4 [ 14.424644] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 14.424722] R10: ffff88815b130813 R11: 000000000001ec00 R12: 0000000000000001 [ 14.424772] R13: ffffed1020106a78 R14: ffffffff9b59bc10 R15: 0000000000000000 [ 14.424838] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 14.424905] ? default_idle+0xd/0x20 [ 14.424925] arch_cpu_idle+0xd/0x20 [ 14.424944] default_idle_call+0x48/0x80 [ 14.424963] do_idle+0x379/0x4f0 [ 14.424989] ? __pfx_do_idle+0x10/0x10 [ 14.425008] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 14.425032] ? complete+0x15b/0x1d0 [ 14.425056] cpu_startup_entry+0x5c/0x70 [ 14.425076] start_secondary+0x211/0x290 [ 14.425097] ? __pfx_start_secondary+0x10/0x10 [ 14.425121] common_startup_64+0x13e/0x148 [ 14.425153] </TASK> [ 14.425166] [ 14.439237] Allocated by task 218: [ 14.440396] kasan_save_stack+0x45/0x70 [ 14.440681] kasan_save_track+0x18/0x40 [ 14.440840] kasan_save_alloc_info+0x3b/0x50 [ 14.441117] __kasan_kmalloc+0xb7/0xc0 [ 14.441405] __kmalloc_cache_noprof+0x189/0x420 [ 14.442117] rcu_uaf+0xb0/0x330 [ 14.442273] kunit_try_run_case+0x1a5/0x480 [ 14.442524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.443271] kthread+0x337/0x6f0 [ 14.443605] ret_from_fork+0x41/0x80 [ 14.444087] ret_from_fork_asm+0x1a/0x30 [ 14.444257] [ 14.444364] Freed by task 0: [ 14.444600] kasan_save_stack+0x45/0x70 [ 14.445183] kasan_save_track+0x18/0x40 [ 14.445353] kasan_save_free_info+0x3f/0x60 [ 14.445684] __kasan_slab_free+0x56/0x70 [ 14.445986] kfree+0x222/0x3f0 [ 14.446233] rcu_uaf_reclaim+0x1f/0x60 [ 14.446486] rcu_core+0x66c/0x1c30 [ 14.447165] rcu_core_si+0x12/0x20 [ 14.447346] handle_softirqs+0x209/0x730 [ 14.447834] __irq_exit_rcu+0xc9/0x110 [ 14.448066] irq_exit_rcu+0x12/0x20 [ 14.448329] sysvec_apic_timer_interrupt+0x81/0x90 [ 14.448665] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 14.448938] [ 14.449163] Last potentially related work creation: [ 14.449404] kasan_save_stack+0x45/0x70 [ 14.450191] kasan_record_aux_stack+0xb2/0xc0 [ 14.450366] __call_rcu_common.constprop.0+0x72/0x9c0 [ 14.450697] call_rcu+0x12/0x20 [ 14.451224] rcu_uaf+0x168/0x330 [ 14.451580] kunit_try_run_case+0x1a5/0x480 [ 14.451991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.452341] kthread+0x337/0x6f0 [ 14.452585] ret_from_fork+0x41/0x80 [ 14.453099] ret_from_fork_asm+0x1a/0x30 [ 14.453306] [ 14.453459] The buggy address belongs to the object at ffff888102d9fc40 [ 14.453459] which belongs to the cache kmalloc-32 of size 32 [ 14.454380] The buggy address is located 0 bytes inside of [ 14.454380] freed 32-byte region [ffff888102d9fc40, ffff888102d9fc60) [ 14.455164] [ 14.455502] The buggy address belongs to the physical page: [ 14.456090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d9f [ 14.456922] flags: 0x200000000000000(node=0|zone=2) [ 14.457280] page_type: f5(slab) [ 14.457492] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.458057] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.458220] page dumped because: kasan: bad access detected [ 14.458330] [ 14.458386] Memory state around the buggy address: [ 14.458495] ffff888102d9fb00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.458665] ffff888102d9fb80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.459219] >ffff888102d9fc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.459718] ^ [ 14.460100] ffff888102d9fc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.461439] ffff888102d9fd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.461791] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 14.372255] ================================================================== [ 14.372669] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 14.372979] Read of size 1 at addr ffff888102d90f78 by task kunit_try_catch/216 [ 14.373457] [ 14.374052] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.374154] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.374176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.374198] Call Trace: [ 14.374215] <TASK> [ 14.374235] dump_stack_lvl+0x73/0xb0 [ 14.374271] print_report+0xd1/0x650 [ 14.374294] ? __virt_addr_valid+0x1db/0x2d0 [ 14.374326] ? ksize_uaf+0x5e4/0x6c0 [ 14.374358] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.374398] ? ksize_uaf+0x5e4/0x6c0 [ 14.374436] kasan_report+0x141/0x180 [ 14.374479] ? ksize_uaf+0x5e4/0x6c0 [ 14.374526] __asan_report_load1_noabort+0x18/0x20 [ 14.374621] ksize_uaf+0x5e4/0x6c0 [ 14.374659] ? __pfx_ksize_uaf+0x10/0x10 [ 14.374705] ? __schedule+0x10cc/0x2b30 [ 14.374740] ? __pfx_read_tsc+0x10/0x10 [ 14.374792] ? ktime_get_ts64+0x86/0x230 [ 14.374839] kunit_try_run_case+0x1a5/0x480 [ 14.374880] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.374920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.374966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.375010] ? __kthread_parkme+0x82/0x180 [ 14.375054] ? preempt_count_sub+0x50/0x80 [ 14.375109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.375169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.375222] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.375269] kthread+0x337/0x6f0 [ 14.375302] ? trace_preempt_on+0x20/0xc0 [ 14.375331] ? __pfx_kthread+0x10/0x10 [ 14.375349] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.375369] ? calculate_sigpending+0x7b/0xa0 [ 14.375389] ? __pfx_kthread+0x10/0x10 [ 14.375407] ret_from_fork+0x41/0x80 [ 14.375426] ? __pfx_kthread+0x10/0x10 [ 14.375444] ret_from_fork_asm+0x1a/0x30 [ 14.375471] </TASK> [ 14.375485] [ 14.386514] Allocated by task 216: [ 14.387065] kasan_save_stack+0x45/0x70 [ 14.387472] kasan_save_track+0x18/0x40 [ 14.388000] kasan_save_alloc_info+0x3b/0x50 [ 14.388389] __kasan_kmalloc+0xb7/0xc0 [ 14.388635] __kmalloc_cache_noprof+0x189/0x420 [ 14.389017] ksize_uaf+0xaa/0x6c0 [ 14.389188] kunit_try_run_case+0x1a5/0x480 [ 14.389381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.389603] kthread+0x337/0x6f0 [ 14.389763] ret_from_fork+0x41/0x80 [ 14.389937] ret_from_fork_asm+0x1a/0x30 [ 14.390228] [ 14.390963] Freed by task 216: [ 14.391321] kasan_save_stack+0x45/0x70 [ 14.391910] kasan_save_track+0x18/0x40 [ 14.392273] kasan_save_free_info+0x3f/0x60 [ 14.392603] __kasan_slab_free+0x56/0x70 [ 14.393067] kfree+0x222/0x3f0 [ 14.393352] ksize_uaf+0x12c/0x6c0 [ 14.393783] kunit_try_run_case+0x1a5/0x480 [ 14.394129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.394442] kthread+0x337/0x6f0 [ 14.394832] ret_from_fork+0x41/0x80 [ 14.395174] ret_from_fork_asm+0x1a/0x30 [ 14.395962] [ 14.396318] The buggy address belongs to the object at ffff888102d90f00 [ 14.396318] which belongs to the cache kmalloc-128 of size 128 [ 14.397307] The buggy address is located 120 bytes inside of [ 14.397307] freed 128-byte region [ffff888102d90f00, ffff888102d90f80) [ 14.398053] [ 14.398351] The buggy address belongs to the physical page: [ 14.398661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 14.398961] flags: 0x200000000000000(node=0|zone=2) [ 14.399190] page_type: f5(slab) [ 14.399462] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.400446] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.401930] page dumped because: kasan: bad access detected [ 14.402344] [ 14.402498] Memory state around the buggy address: [ 14.403191] ffff888102d90e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.403624] ffff888102d90e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.404234] >ffff888102d90f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.404527] ^ [ 14.405582] ffff888102d90f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406301] ffff888102d91000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.406849] ================================================================== [ 14.301035] ================================================================== [ 14.301480] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 14.302529] Read of size 1 at addr ffff888102d90f00 by task kunit_try_catch/216 [ 14.302951] [ 14.303370] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.303490] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.303517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.303590] Call Trace: [ 14.303620] <TASK> [ 14.304088] dump_stack_lvl+0x73/0xb0 [ 14.304139] print_report+0xd1/0x650 [ 14.304165] ? __virt_addr_valid+0x1db/0x2d0 [ 14.304187] ? ksize_uaf+0x19d/0x6c0 [ 14.304206] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.304226] ? ksize_uaf+0x19d/0x6c0 [ 14.304246] kasan_report+0x141/0x180 [ 14.304267] ? ksize_uaf+0x19d/0x6c0 [ 14.304288] ? ksize_uaf+0x19d/0x6c0 [ 14.304307] __kasan_check_byte+0x3d/0x50 [ 14.304328] ksize+0x20/0x60 [ 14.304349] ksize_uaf+0x19d/0x6c0 [ 14.304369] ? __pfx_ksize_uaf+0x10/0x10 [ 14.304388] ? __schedule+0x10cc/0x2b30 [ 14.304409] ? __pfx_read_tsc+0x10/0x10 [ 14.304429] ? ktime_get_ts64+0x86/0x230 [ 14.304453] kunit_try_run_case+0x1a5/0x480 [ 14.304477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304498] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.304520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.304540] ? __kthread_parkme+0x82/0x180 [ 14.304584] ? preempt_count_sub+0x50/0x80 [ 14.304624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.304659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.304696] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.304718] kthread+0x337/0x6f0 [ 14.304734] ? trace_preempt_on+0x20/0xc0 [ 14.304757] ? __pfx_kthread+0x10/0x10 [ 14.304774] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.304793] ? calculate_sigpending+0x7b/0xa0 [ 14.304814] ? __pfx_kthread+0x10/0x10 [ 14.304831] ret_from_fork+0x41/0x80 [ 14.304850] ? __pfx_kthread+0x10/0x10 [ 14.304867] ret_from_fork_asm+0x1a/0x30 [ 14.304895] </TASK> [ 14.304909] [ 14.318502] Allocated by task 216: [ 14.319094] kasan_save_stack+0x45/0x70 [ 14.319362] kasan_save_track+0x18/0x40 [ 14.319626] kasan_save_alloc_info+0x3b/0x50 [ 14.320285] __kasan_kmalloc+0xb7/0xc0 [ 14.320464] __kmalloc_cache_noprof+0x189/0x420 [ 14.320967] ksize_uaf+0xaa/0x6c0 [ 14.321135] kunit_try_run_case+0x1a5/0x480 [ 14.321311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.321510] kthread+0x337/0x6f0 [ 14.321808] ret_from_fork+0x41/0x80 [ 14.322110] ret_from_fork_asm+0x1a/0x30 [ 14.322861] [ 14.322992] Freed by task 216: [ 14.323186] kasan_save_stack+0x45/0x70 [ 14.323427] kasan_save_track+0x18/0x40 [ 14.323620] kasan_save_free_info+0x3f/0x60 [ 14.323775] __kasan_slab_free+0x56/0x70 [ 14.323935] kfree+0x222/0x3f0 [ 14.324063] ksize_uaf+0x12c/0x6c0 [ 14.324195] kunit_try_run_case+0x1a5/0x480 [ 14.324338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.324508] kthread+0x337/0x6f0 [ 14.325152] ret_from_fork+0x41/0x80 [ 14.325368] ret_from_fork_asm+0x1a/0x30 [ 14.325853] [ 14.325978] The buggy address belongs to the object at ffff888102d90f00 [ 14.325978] which belongs to the cache kmalloc-128 of size 128 [ 14.326369] The buggy address is located 0 bytes inside of [ 14.326369] freed 128-byte region [ffff888102d90f00, ffff888102d90f80) [ 14.327173] [ 14.327357] The buggy address belongs to the physical page: [ 14.327842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 14.328201] flags: 0x200000000000000(node=0|zone=2) [ 14.328415] page_type: f5(slab) [ 14.328591] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.329600] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.330279] page dumped because: kasan: bad access detected [ 14.330799] [ 14.330988] Memory state around the buggy address: [ 14.331273] ffff888102d90e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.331958] ffff888102d90e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.332343] >ffff888102d90f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.333146] ^ [ 14.333441] ffff888102d90f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.334070] ffff888102d91000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.334333] ================================================================== [ 14.335854] ================================================================== [ 14.336272] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 14.337147] Read of size 1 at addr ffff888102d90f00 by task kunit_try_catch/216 [ 14.337531] [ 14.338028] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.338131] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.338157] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.338195] Call Trace: [ 14.338233] <TASK> [ 14.338270] dump_stack_lvl+0x73/0xb0 [ 14.338333] print_report+0xd1/0x650 [ 14.338376] ? __virt_addr_valid+0x1db/0x2d0 [ 14.338418] ? ksize_uaf+0x5fe/0x6c0 [ 14.338455] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.338490] ? ksize_uaf+0x5fe/0x6c0 [ 14.338523] kasan_report+0x141/0x180 [ 14.338573] ? ksize_uaf+0x5fe/0x6c0 [ 14.338796] __asan_report_load1_noabort+0x18/0x20 [ 14.338854] ksize_uaf+0x5fe/0x6c0 [ 14.338893] ? __pfx_ksize_uaf+0x10/0x10 [ 14.338932] ? __schedule+0x10cc/0x2b30 [ 14.338972] ? __pfx_read_tsc+0x10/0x10 [ 14.339008] ? ktime_get_ts64+0x86/0x230 [ 14.339057] kunit_try_run_case+0x1a5/0x480 [ 14.339099] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.339148] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.339197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.339245] ? __kthread_parkme+0x82/0x180 [ 14.339288] ? preempt_count_sub+0x50/0x80 [ 14.339336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.339385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.339431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.339478] kthread+0x337/0x6f0 [ 14.339513] ? trace_preempt_on+0x20/0xc0 [ 14.339556] ? __pfx_kthread+0x10/0x10 [ 14.339772] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.339834] ? calculate_sigpending+0x7b/0xa0 [ 14.339885] ? __pfx_kthread+0x10/0x10 [ 14.339929] ret_from_fork+0x41/0x80 [ 14.339975] ? __pfx_kthread+0x10/0x10 [ 14.340005] ret_from_fork_asm+0x1a/0x30 [ 14.340039] </TASK> [ 14.340055] [ 14.350821] Allocated by task 216: [ 14.351104] kasan_save_stack+0x45/0x70 [ 14.351444] kasan_save_track+0x18/0x40 [ 14.351907] kasan_save_alloc_info+0x3b/0x50 [ 14.352235] __kasan_kmalloc+0xb7/0xc0 [ 14.352534] __kmalloc_cache_noprof+0x189/0x420 [ 14.353276] ksize_uaf+0xaa/0x6c0 [ 14.353586] kunit_try_run_case+0x1a5/0x480 [ 14.354061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.354289] kthread+0x337/0x6f0 [ 14.354545] ret_from_fork+0x41/0x80 [ 14.354997] ret_from_fork_asm+0x1a/0x30 [ 14.355264] [ 14.355392] Freed by task 216: [ 14.355828] kasan_save_stack+0x45/0x70 [ 14.356069] kasan_save_track+0x18/0x40 [ 14.356355] kasan_save_free_info+0x3f/0x60 [ 14.356584] __kasan_slab_free+0x56/0x70 [ 14.357240] kfree+0x222/0x3f0 [ 14.357512] ksize_uaf+0x12c/0x6c0 [ 14.358035] kunit_try_run_case+0x1a5/0x480 [ 14.358369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.358767] kthread+0x337/0x6f0 [ 14.359079] ret_from_fork+0x41/0x80 [ 14.359309] ret_from_fork_asm+0x1a/0x30 [ 14.359496] [ 14.359843] The buggy address belongs to the object at ffff888102d90f00 [ 14.359843] which belongs to the cache kmalloc-128 of size 128 [ 14.360985] The buggy address is located 0 bytes inside of [ 14.360985] freed 128-byte region [ffff888102d90f00, ffff888102d90f80) [ 14.361812] [ 14.362014] The buggy address belongs to the physical page: [ 14.362293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 14.362970] flags: 0x200000000000000(node=0|zone=2) [ 14.363326] page_type: f5(slab) [ 14.363567] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.364300] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.365125] page dumped because: kasan: bad access detected [ 14.365381] [ 14.365553] Memory state around the buggy address: [ 14.366162] ffff888102d90e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.366585] ffff888102d90e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.367264] >ffff888102d90f00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.367873] ^ [ 14.368091] ffff888102d90f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.368422] ffff888102d91000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.369272] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 14.208934] ================================================================== [ 14.209382] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 14.209980] Read of size 1 at addr ffff888103391b73 by task kunit_try_catch/214 [ 14.210322] [ 14.210570] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.210668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.210695] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.210738] Call Trace: [ 14.210767] <TASK> [ 14.210802] dump_stack_lvl+0x73/0xb0 [ 14.210887] print_report+0xd1/0x650 [ 14.210941] ? __virt_addr_valid+0x1db/0x2d0 [ 14.210978] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.211019] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.211060] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.211106] kasan_report+0x141/0x180 [ 14.211166] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 14.211224] __asan_report_load1_noabort+0x18/0x20 [ 14.211264] ksize_unpoisons_memory+0x81c/0x9b0 [ 14.211314] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.211378] ? finish_task_switch.isra.0+0x153/0x700 [ 14.211427] ? __switch_to+0x5d9/0xf60 [ 14.211465] ? dequeue_task_fair+0x156/0x4e0 [ 14.211512] ? __schedule+0x10cc/0x2b30 [ 14.211568] ? __pfx_read_tsc+0x10/0x10 [ 14.211626] ? ktime_get_ts64+0x86/0x230 [ 14.211679] kunit_try_run_case+0x1a5/0x480 [ 14.211733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.211832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.211862] ? __kthread_parkme+0x82/0x180 [ 14.211886] ? preempt_count_sub+0x50/0x80 [ 14.211911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.211934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.211958] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.211980] kthread+0x337/0x6f0 [ 14.211998] ? trace_preempt_on+0x20/0xc0 [ 14.212022] ? __pfx_kthread+0x10/0x10 [ 14.212040] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.212060] ? calculate_sigpending+0x7b/0xa0 [ 14.212082] ? __pfx_kthread+0x10/0x10 [ 14.212100] ret_from_fork+0x41/0x80 [ 14.212120] ? __pfx_kthread+0x10/0x10 [ 14.212138] ret_from_fork_asm+0x1a/0x30 [ 14.212167] </TASK> [ 14.212180] [ 14.220878] Allocated by task 214: [ 14.221196] kasan_save_stack+0x45/0x70 [ 14.221537] kasan_save_track+0x18/0x40 [ 14.221944] kasan_save_alloc_info+0x3b/0x50 [ 14.222209] __kasan_kmalloc+0xb7/0xc0 [ 14.222507] __kmalloc_cache_noprof+0x189/0x420 [ 14.222717] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.222917] kunit_try_run_case+0x1a5/0x480 [ 14.223153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.223580] kthread+0x337/0x6f0 [ 14.223888] ret_from_fork+0x41/0x80 [ 14.224208] ret_from_fork_asm+0x1a/0x30 [ 14.224527] [ 14.224711] The buggy address belongs to the object at ffff888103391b00 [ 14.224711] which belongs to the cache kmalloc-128 of size 128 [ 14.225409] The buggy address is located 0 bytes to the right of [ 14.225409] allocated 115-byte region [ffff888103391b00, ffff888103391b73) [ 14.225973] [ 14.226203] The buggy address belongs to the physical page: [ 14.226569] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 14.227083] flags: 0x200000000000000(node=0|zone=2) [ 14.227447] page_type: f5(slab) [ 14.227659] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.228102] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.228370] page dumped because: kasan: bad access detected [ 14.228804] [ 14.228955] Memory state around the buggy address: [ 14.229313] ffff888103391a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.229714] ffff888103391a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.230050] >ffff888103391b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.230420] ^ [ 14.231002] ffff888103391b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.231271] ffff888103391c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.231731] ================================================================== [ 14.261548] ================================================================== [ 14.262155] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.262733] Read of size 1 at addr ffff888103391b7f by task kunit_try_catch/214 [ 14.263256] [ 14.263458] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.263551] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.263610] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.263653] Call Trace: [ 14.263704] <TASK> [ 14.263751] dump_stack_lvl+0x73/0xb0 [ 14.263825] print_report+0xd1/0x650 [ 14.263884] ? __virt_addr_valid+0x1db/0x2d0 [ 14.263939] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.263995] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.264042] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.264099] kasan_report+0x141/0x180 [ 14.264154] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.264212] __asan_report_load1_noabort+0x18/0x20 [ 14.264249] ksize_unpoisons_memory+0x7b6/0x9b0 [ 14.264288] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.264327] ? finish_task_switch.isra.0+0x153/0x700 [ 14.264366] ? __switch_to+0x5d9/0xf60 [ 14.264405] ? dequeue_task_fair+0x156/0x4e0 [ 14.264455] ? __schedule+0x10cc/0x2b30 [ 14.264501] ? __pfx_read_tsc+0x10/0x10 [ 14.264543] ? ktime_get_ts64+0x86/0x230 [ 14.264609] kunit_try_run_case+0x1a5/0x480 [ 14.264659] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.264702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.264747] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.264794] ? __kthread_parkme+0x82/0x180 [ 14.264840] ? preempt_count_sub+0x50/0x80 [ 14.264891] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.264941] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.264988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.265033] kthread+0x337/0x6f0 [ 14.265070] ? trace_preempt_on+0x20/0xc0 [ 14.265117] ? __pfx_kthread+0x10/0x10 [ 14.265155] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.265197] ? calculate_sigpending+0x7b/0xa0 [ 14.265241] ? __pfx_kthread+0x10/0x10 [ 14.265279] ret_from_fork+0x41/0x80 [ 14.265319] ? __pfx_kthread+0x10/0x10 [ 14.265356] ret_from_fork_asm+0x1a/0x30 [ 14.265416] </TASK> [ 14.265442] [ 14.274417] Allocated by task 214: [ 14.274736] kasan_save_stack+0x45/0x70 [ 14.275093] kasan_save_track+0x18/0x40 [ 14.275432] kasan_save_alloc_info+0x3b/0x50 [ 14.275793] __kasan_kmalloc+0xb7/0xc0 [ 14.276121] __kmalloc_cache_noprof+0x189/0x420 [ 14.276474] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.276911] kunit_try_run_case+0x1a5/0x480 [ 14.277257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.277655] kthread+0x337/0x6f0 [ 14.277919] ret_from_fork+0x41/0x80 [ 14.278149] ret_from_fork_asm+0x1a/0x30 [ 14.278456] [ 14.278597] The buggy address belongs to the object at ffff888103391b00 [ 14.278597] which belongs to the cache kmalloc-128 of size 128 [ 14.279168] The buggy address is located 12 bytes to the right of [ 14.279168] allocated 115-byte region [ffff888103391b00, ffff888103391b73) [ 14.279596] [ 14.279802] The buggy address belongs to the physical page: [ 14.280385] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 14.281035] flags: 0x200000000000000(node=0|zone=2) [ 14.281409] page_type: f5(slab) [ 14.281692] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.282010] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.282261] page dumped because: kasan: bad access detected [ 14.282459] [ 14.282571] Memory state around the buggy address: [ 14.282939] ffff888103391a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.283484] ffff888103391a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.284041] >ffff888103391b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.284518] ^ [ 14.285118] ffff888103391b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.285373] ffff888103391c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.285658] ================================================================== [ 14.233796] ================================================================== [ 14.234140] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.235456] Read of size 1 at addr ffff888103391b78 by task kunit_try_catch/214 [ 14.236177] [ 14.236410] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.236508] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.236533] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.236590] Call Trace: [ 14.236630] <TASK> [ 14.236668] dump_stack_lvl+0x73/0xb0 [ 14.236733] print_report+0xd1/0x650 [ 14.236781] ? __virt_addr_valid+0x1db/0x2d0 [ 14.236827] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.236875] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.236922] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.236970] kasan_report+0x141/0x180 [ 14.237015] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.237070] __asan_report_load1_noabort+0x18/0x20 [ 14.237112] ksize_unpoisons_memory+0x7e9/0x9b0 [ 14.237160] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 14.237206] ? finish_task_switch.isra.0+0x153/0x700 [ 14.237251] ? __switch_to+0x5d9/0xf60 [ 14.237292] ? dequeue_task_fair+0x156/0x4e0 [ 14.237340] ? __schedule+0x10cc/0x2b30 [ 14.237385] ? __pfx_read_tsc+0x10/0x10 [ 14.237425] ? ktime_get_ts64+0x86/0x230 [ 14.237475] kunit_try_run_case+0x1a5/0x480 [ 14.237521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.237621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.237667] ? __kthread_parkme+0x82/0x180 [ 14.237706] ? preempt_count_sub+0x50/0x80 [ 14.237765] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.237806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.237844] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.237882] kthread+0x337/0x6f0 [ 14.237914] ? trace_preempt_on+0x20/0xc0 [ 14.237973] ? __pfx_kthread+0x10/0x10 [ 14.238019] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.238067] ? calculate_sigpending+0x7b/0xa0 [ 14.238103] ? __pfx_kthread+0x10/0x10 [ 14.238276] ret_from_fork+0x41/0x80 [ 14.238326] ? __pfx_kthread+0x10/0x10 [ 14.238363] ret_from_fork_asm+0x1a/0x30 [ 14.238417] </TASK> [ 14.238465] [ 14.249037] Allocated by task 214: [ 14.249256] kasan_save_stack+0x45/0x70 [ 14.249617] kasan_save_track+0x18/0x40 [ 14.249926] kasan_save_alloc_info+0x3b/0x50 [ 14.250130] __kasan_kmalloc+0xb7/0xc0 [ 14.250429] __kmalloc_cache_noprof+0x189/0x420 [ 14.250749] ksize_unpoisons_memory+0xc7/0x9b0 [ 14.250992] kunit_try_run_case+0x1a5/0x480 [ 14.251336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.251754] kthread+0x337/0x6f0 [ 14.251990] ret_from_fork+0x41/0x80 [ 14.252214] ret_from_fork_asm+0x1a/0x30 [ 14.252462] [ 14.252635] The buggy address belongs to the object at ffff888103391b00 [ 14.252635] which belongs to the cache kmalloc-128 of size 128 [ 14.253231] The buggy address is located 5 bytes to the right of [ 14.253231] allocated 115-byte region [ffff888103391b00, ffff888103391b73) [ 14.253930] [ 14.254080] The buggy address belongs to the physical page: [ 14.254378] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 14.254793] flags: 0x200000000000000(node=0|zone=2) [ 14.255050] page_type: f5(slab) [ 14.255266] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 14.255600] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 14.256122] page dumped because: kasan: bad access detected [ 14.256528] [ 14.256691] Memory state around the buggy address: [ 14.257057] ffff888103391a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.257580] ffff888103391a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.258248] >ffff888103391b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 14.258674] ^ [ 14.259011] ffff888103391b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259314] ffff888103391c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.259556] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-double-free-in-kfree_sensitive
[ 14.165422] ================================================================== [ 14.166107] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 14.167181] Free of addr ffff888102497620 by task kunit_try_catch/212 [ 14.168362] [ 14.168796] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.168918] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.168942] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.168976] Call Trace: [ 14.169005] <TASK> [ 14.169041] dump_stack_lvl+0x73/0xb0 [ 14.169105] print_report+0xd1/0x650 [ 14.169155] ? __virt_addr_valid+0x1db/0x2d0 [ 14.169192] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.169216] ? kfree_sensitive+0x2e/0x90 [ 14.169241] kasan_report_invalid_free+0x10a/0x130 [ 14.169266] ? kfree_sensitive+0x2e/0x90 [ 14.169288] ? kfree_sensitive+0x2e/0x90 [ 14.169309] check_slab_allocation+0x101/0x130 [ 14.169332] __kasan_slab_pre_free+0x28/0x40 [ 14.169353] kfree+0xf0/0x3f0 [ 14.169374] ? kfree_sensitive+0x2e/0x90 [ 14.169397] kfree_sensitive+0x2e/0x90 [ 14.169418] kmalloc_double_kzfree+0x19c/0x350 [ 14.169442] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 14.169467] ? __schedule+0x10cc/0x2b30 [ 14.169489] ? __pfx_read_tsc+0x10/0x10 [ 14.169510] ? ktime_get_ts64+0x86/0x230 [ 14.169536] kunit_try_run_case+0x1a5/0x480 [ 14.169585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.169620] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.169657] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.169691] ? __kthread_parkme+0x82/0x180 [ 14.169725] ? preempt_count_sub+0x50/0x80 [ 14.169764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.169801] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.169836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.169869] kthread+0x337/0x6f0 [ 14.169896] ? trace_preempt_on+0x20/0xc0 [ 14.169929] ? __pfx_kthread+0x10/0x10 [ 14.169956] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.169987] ? calculate_sigpending+0x7b/0xa0 [ 14.170020] ? __pfx_kthread+0x10/0x10 [ 14.170047] ret_from_fork+0x41/0x80 [ 14.170079] ? __pfx_kthread+0x10/0x10 [ 14.170106] ret_from_fork_asm+0x1a/0x30 [ 14.170140] </TASK> [ 14.170153] [ 14.183035] Allocated by task 212: [ 14.183821] kasan_save_stack+0x45/0x70 [ 14.184186] kasan_save_track+0x18/0x40 [ 14.184368] kasan_save_alloc_info+0x3b/0x50 [ 14.184706] __kasan_kmalloc+0xb7/0xc0 [ 14.185309] __kmalloc_cache_noprof+0x189/0x420 [ 14.186011] kmalloc_double_kzfree+0xa9/0x350 [ 14.186320] kunit_try_run_case+0x1a5/0x480 [ 14.186517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.186984] kthread+0x337/0x6f0 [ 14.187278] ret_from_fork+0x41/0x80 [ 14.187812] ret_from_fork_asm+0x1a/0x30 [ 14.188026] [ 14.188374] Freed by task 212: [ 14.188697] kasan_save_stack+0x45/0x70 [ 14.189020] kasan_save_track+0x18/0x40 [ 14.189438] kasan_save_free_info+0x3f/0x60 [ 14.189686] __kasan_slab_free+0x56/0x70 [ 14.189953] kfree+0x222/0x3f0 [ 14.190613] kfree_sensitive+0x67/0x90 [ 14.190994] kmalloc_double_kzfree+0x12b/0x350 [ 14.191618] kunit_try_run_case+0x1a5/0x480 [ 14.192085] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.192443] kthread+0x337/0x6f0 [ 14.192969] ret_from_fork+0x41/0x80 [ 14.193263] ret_from_fork_asm+0x1a/0x30 [ 14.193597] [ 14.193780] The buggy address belongs to the object at ffff888102497620 [ 14.193780] which belongs to the cache kmalloc-16 of size 16 [ 14.195181] The buggy address is located 0 bytes inside of [ 14.195181] 16-byte region [ffff888102497620, ffff888102497630) [ 14.195687] [ 14.196014] The buggy address belongs to the physical page: [ 14.196434] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 14.197019] flags: 0x200000000000000(node=0|zone=2) [ 14.197354] page_type: f5(slab) [ 14.197532] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.197977] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.198631] page dumped because: kasan: bad access detected [ 14.199060] [ 14.199244] Memory state around the buggy address: [ 14.199941] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 14.200507] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.200772] >ffff888102497600: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 14.201272] ^ [ 14.201585] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.202502] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.202928] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 14.127419] ================================================================== [ 14.128153] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 14.129102] Read of size 1 at addr ffff888102497620 by task kunit_try_catch/212 [ 14.129970] [ 14.130087] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.130156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.130171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.130196] Call Trace: [ 14.130212] <TASK> [ 14.130235] dump_stack_lvl+0x73/0xb0 [ 14.130280] print_report+0xd1/0x650 [ 14.130308] ? __virt_addr_valid+0x1db/0x2d0 [ 14.130333] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.130358] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.130383] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.130408] kasan_report+0x141/0x180 [ 14.130432] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.130461] ? kmalloc_double_kzfree+0x19c/0x350 [ 14.130486] __kasan_check_byte+0x3d/0x50 [ 14.130510] kfree_sensitive+0x22/0x90 [ 14.130537] kmalloc_double_kzfree+0x19c/0x350 [ 14.130589] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 14.130619] ? __schedule+0x10cc/0x2b30 [ 14.130643] ? __pfx_read_tsc+0x10/0x10 [ 14.130666] ? ktime_get_ts64+0x86/0x230 [ 14.130696] kunit_try_run_case+0x1a5/0x480 [ 14.130725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.130749] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.130776] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.130800] ? __kthread_parkme+0x82/0x180 [ 14.130825] ? preempt_count_sub+0x50/0x80 [ 14.130855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.130881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.130905] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.130929] kthread+0x337/0x6f0 [ 14.130948] ? trace_preempt_on+0x20/0xc0 [ 14.130974] ? __pfx_kthread+0x10/0x10 [ 14.130994] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.131016] ? calculate_sigpending+0x7b/0xa0 [ 14.131040] ? __pfx_kthread+0x10/0x10 [ 14.131060] ret_from_fork+0x41/0x80 [ 14.131082] ? __pfx_kthread+0x10/0x10 [ 14.131101] ret_from_fork_asm+0x1a/0x30 [ 14.131145] </TASK> [ 14.131163] [ 14.143859] Allocated by task 212: [ 14.144315] kasan_save_stack+0x45/0x70 [ 14.145068] kasan_save_track+0x18/0x40 [ 14.146063] kasan_save_alloc_info+0x3b/0x50 [ 14.146266] __kasan_kmalloc+0xb7/0xc0 [ 14.146833] __kmalloc_cache_noprof+0x189/0x420 [ 14.147127] kmalloc_double_kzfree+0xa9/0x350 [ 14.147499] kunit_try_run_case+0x1a5/0x480 [ 14.147932] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.148296] kthread+0x337/0x6f0 [ 14.148543] ret_from_fork+0x41/0x80 [ 14.148940] ret_from_fork_asm+0x1a/0x30 [ 14.149277] [ 14.149493] Freed by task 212: [ 14.149880] kasan_save_stack+0x45/0x70 [ 14.150427] kasan_save_track+0x18/0x40 [ 14.150839] kasan_save_free_info+0x3f/0x60 [ 14.151122] __kasan_slab_free+0x56/0x70 [ 14.151607] kfree+0x222/0x3f0 [ 14.151983] kfree_sensitive+0x67/0x90 [ 14.152206] kmalloc_double_kzfree+0x12b/0x350 [ 14.152484] kunit_try_run_case+0x1a5/0x480 [ 14.153002] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.153301] kthread+0x337/0x6f0 [ 14.153822] ret_from_fork+0x41/0x80 [ 14.154185] ret_from_fork_asm+0x1a/0x30 [ 14.154509] [ 14.154863] The buggy address belongs to the object at ffff888102497620 [ 14.154863] which belongs to the cache kmalloc-16 of size 16 [ 14.155580] The buggy address is located 0 bytes inside of [ 14.155580] freed 16-byte region [ffff888102497620, ffff888102497630) [ 14.156378] [ 14.156577] The buggy address belongs to the physical page: [ 14.157020] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 14.157932] flags: 0x200000000000000(node=0|zone=2) [ 14.158232] page_type: f5(slab) [ 14.158527] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.158939] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.159480] page dumped because: kasan: bad access detected [ 14.160214] [ 14.160390] Memory state around the buggy address: [ 14.160825] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 14.161223] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 14.161484] >ffff888102497600: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 14.162263] ^ [ 14.162833] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.163398] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.164130] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 14.078594] ================================================================== [ 14.079266] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 14.080141] Read of size 1 at addr ffff8881033a21a8 by task kunit_try_catch/208 [ 14.080784] [ 14.081046] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.081512] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.081534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.081576] Call Trace: [ 14.081597] <TASK> [ 14.081706] dump_stack_lvl+0x73/0xb0 [ 14.081757] print_report+0xd1/0x650 [ 14.081785] ? __virt_addr_valid+0x1db/0x2d0 [ 14.081810] ? kmalloc_uaf2+0x4a8/0x520 [ 14.081832] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.081854] ? kmalloc_uaf2+0x4a8/0x520 [ 14.081875] kasan_report+0x141/0x180 [ 14.081898] ? kmalloc_uaf2+0x4a8/0x520 [ 14.081923] __asan_report_load1_noabort+0x18/0x20 [ 14.081944] kmalloc_uaf2+0x4a8/0x520 [ 14.081966] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 14.081987] ? finish_task_switch.isra.0+0x153/0x700 [ 14.082014] ? __switch_to+0x5d9/0xf60 [ 14.082037] ? dequeue_task_fair+0x166/0x4e0 [ 14.082062] ? __schedule+0x10cc/0x2b30 [ 14.082085] ? __pfx_read_tsc+0x10/0x10 [ 14.082107] ? ktime_get_ts64+0x86/0x230 [ 14.082135] kunit_try_run_case+0x1a5/0x480 [ 14.082162] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.082209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.082232] ? __kthread_parkme+0x82/0x180 [ 14.082256] ? preempt_count_sub+0x50/0x80 [ 14.082281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082330] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.082354] kthread+0x337/0x6f0 [ 14.082372] ? trace_preempt_on+0x20/0xc0 [ 14.082399] ? __pfx_kthread+0x10/0x10 [ 14.082419] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.082441] ? calculate_sigpending+0x7b/0xa0 [ 14.082466] ? __pfx_kthread+0x10/0x10 [ 14.082486] ret_from_fork+0x41/0x80 [ 14.082509] ? __pfx_kthread+0x10/0x10 [ 14.082528] ret_from_fork_asm+0x1a/0x30 [ 14.082570] </TASK> [ 14.082589] [ 14.097241] Allocated by task 208: [ 14.097485] kasan_save_stack+0x45/0x70 [ 14.097796] kasan_save_track+0x18/0x40 [ 14.097961] kasan_save_alloc_info+0x3b/0x50 [ 14.098122] __kasan_kmalloc+0xb7/0xc0 [ 14.098278] __kmalloc_cache_noprof+0x189/0x420 [ 14.098453] kmalloc_uaf2+0xc6/0x520 [ 14.099849] kunit_try_run_case+0x1a5/0x480 [ 14.101322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.101863] kthread+0x337/0x6f0 [ 14.102053] ret_from_fork+0x41/0x80 [ 14.102200] ret_from_fork_asm+0x1a/0x30 [ 14.102348] [ 14.102439] Freed by task 208: [ 14.102574] kasan_save_stack+0x45/0x70 [ 14.103763] kasan_save_track+0x18/0x40 [ 14.104127] kasan_save_free_info+0x3f/0x60 [ 14.104343] __kasan_slab_free+0x56/0x70 [ 14.104500] kfree+0x222/0x3f0 [ 14.105042] kmalloc_uaf2+0x14c/0x520 [ 14.105593] kunit_try_run_case+0x1a5/0x480 [ 14.106317] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.106884] kthread+0x337/0x6f0 [ 14.107001] ret_from_fork+0x41/0x80 [ 14.107098] ret_from_fork_asm+0x1a/0x30 [ 14.107210] [ 14.107274] The buggy address belongs to the object at ffff8881033a2180 [ 14.107274] which belongs to the cache kmalloc-64 of size 64 [ 14.107502] The buggy address is located 40 bytes inside of [ 14.107502] freed 64-byte region [ffff8881033a2180, ffff8881033a21c0) [ 14.108350] [ 14.108591] The buggy address belongs to the physical page: [ 14.109067] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1033a2 [ 14.110162] flags: 0x200000000000000(node=0|zone=2) [ 14.110386] page_type: f5(slab) [ 14.110534] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.110792] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.111547] page dumped because: kasan: bad access detected [ 14.112536] [ 14.112721] Memory state around the buggy address: [ 14.113003] ffff8881033a2080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.113316] ffff8881033a2100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.113471] >ffff8881033a2180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.113905] ^ [ 14.114785] ffff8881033a2200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 14.115336] ffff8881033a2280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.115881] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 14.038978] ================================================================== [ 14.039421] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 14.040189] Write of size 33 at addr ffff888102da2000 by task kunit_try_catch/206 [ 14.040427] [ 14.040537] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 14.040621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.040641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.040674] Call Trace: [ 14.040698] <TASK> [ 14.040728] dump_stack_lvl+0x73/0xb0 [ 14.040772] print_report+0xd1/0x650 [ 14.040796] ? __virt_addr_valid+0x1db/0x2d0 [ 14.040817] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.040838] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.040858] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.040878] kasan_report+0x141/0x180 [ 14.040899] ? kmalloc_uaf_memset+0x1a3/0x360 [ 14.040923] kasan_check_range+0x10c/0x1c0 [ 14.040941] __asan_memset+0x27/0x50 [ 14.040961] kmalloc_uaf_memset+0x1a3/0x360 [ 14.040980] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 14.041001] ? __schedule+0x10cc/0x2b30 [ 14.041021] ? __pfx_read_tsc+0x10/0x10 [ 14.041040] ? ktime_get_ts64+0x86/0x230 [ 14.041065] kunit_try_run_case+0x1a5/0x480 [ 14.041088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.041130] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.041151] ? __kthread_parkme+0x82/0x180 [ 14.041172] ? preempt_count_sub+0x50/0x80 [ 14.041195] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.041217] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.041238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.041258] kthread+0x337/0x6f0 [ 14.041275] ? trace_preempt_on+0x20/0xc0 [ 14.041297] ? __pfx_kthread+0x10/0x10 [ 14.041314] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.041333] ? calculate_sigpending+0x7b/0xa0 [ 14.041353] ? __pfx_kthread+0x10/0x10 [ 14.041371] ret_from_fork+0x41/0x80 [ 14.041390] ? __pfx_kthread+0x10/0x10 [ 14.041407] ret_from_fork_asm+0x1a/0x30 [ 14.041436] </TASK> [ 14.041448] [ 14.053021] Allocated by task 206: [ 14.053326] kasan_save_stack+0x45/0x70 [ 14.053714] kasan_save_track+0x18/0x40 [ 14.054141] kasan_save_alloc_info+0x3b/0x50 [ 14.054444] __kasan_kmalloc+0xb7/0xc0 [ 14.054893] __kmalloc_cache_noprof+0x189/0x420 [ 14.055266] kmalloc_uaf_memset+0xa9/0x360 [ 14.055490] kunit_try_run_case+0x1a5/0x480 [ 14.055753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.056136] kthread+0x337/0x6f0 [ 14.056293] ret_from_fork+0x41/0x80 [ 14.057094] ret_from_fork_asm+0x1a/0x30 [ 14.057485] [ 14.057846] Freed by task 206: [ 14.058021] kasan_save_stack+0x45/0x70 [ 14.058353] kasan_save_track+0x18/0x40 [ 14.058783] kasan_save_free_info+0x3f/0x60 [ 14.059056] __kasan_slab_free+0x56/0x70 [ 14.059414] kfree+0x222/0x3f0 [ 14.059873] kmalloc_uaf_memset+0x12b/0x360 [ 14.060105] kunit_try_run_case+0x1a5/0x480 [ 14.060441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.060979] kthread+0x337/0x6f0 [ 14.061214] ret_from_fork+0x41/0x80 [ 14.061534] ret_from_fork_asm+0x1a/0x30 [ 14.062319] [ 14.062486] The buggy address belongs to the object at ffff888102da2000 [ 14.062486] which belongs to the cache kmalloc-64 of size 64 [ 14.063309] The buggy address is located 0 bytes inside of [ 14.063309] freed 64-byte region [ffff888102da2000, ffff888102da2040) [ 14.064176] [ 14.064378] The buggy address belongs to the physical page: [ 14.064891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102da2 [ 14.065177] flags: 0x200000000000000(node=0|zone=2) [ 14.065590] page_type: f5(slab) [ 14.066034] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.066359] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.067154] page dumped because: kasan: bad access detected [ 14.067473] [ 14.067596] Memory state around the buggy address: [ 14.068584] ffff888102da1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.069186] ffff888102da1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.069791] >ffff888102da2000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.070322] ^ [ 14.070611] ffff888102da2080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.071123] ffff888102da2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.071609] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 13.992320] ================================================================== [ 13.993104] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 13.993286] Read of size 1 at addr ffff8881026ac908 by task kunit_try_catch/204 [ 13.993420] [ 13.993499] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.993554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.993592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.993626] Call Trace: [ 13.993649] <TASK> [ 13.993683] dump_stack_lvl+0x73/0xb0 [ 13.993729] print_report+0xd1/0x650 [ 13.993777] ? __virt_addr_valid+0x1db/0x2d0 [ 13.993816] ? kmalloc_uaf+0x320/0x380 [ 13.993847] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.993882] ? kmalloc_uaf+0x320/0x380 [ 13.993913] kasan_report+0x141/0x180 [ 13.993947] ? kmalloc_uaf+0x320/0x380 [ 13.993983] __asan_report_load1_noabort+0x18/0x20 [ 13.994015] kmalloc_uaf+0x320/0x380 [ 13.994049] ? __pfx_kmalloc_uaf+0x10/0x10 [ 13.994087] ? __schedule+0x10cc/0x2b30 [ 13.994126] ? __pfx_read_tsc+0x10/0x10 [ 13.994165] ? ktime_get_ts64+0x86/0x230 [ 13.994215] kunit_try_run_case+0x1a5/0x480 [ 13.994265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.994354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.994416] ? __kthread_parkme+0x82/0x180 [ 13.994454] ? preempt_count_sub+0x50/0x80 [ 13.994501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.994543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.994601] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.994645] kthread+0x337/0x6f0 [ 13.994681] ? trace_preempt_on+0x20/0xc0 [ 13.994731] ? __pfx_kthread+0x10/0x10 [ 13.994770] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.994808] ? calculate_sigpending+0x7b/0xa0 [ 13.994854] ? __pfx_kthread+0x10/0x10 [ 13.994886] ret_from_fork+0x41/0x80 [ 13.994928] ? __pfx_kthread+0x10/0x10 [ 13.994957] ret_from_fork_asm+0x1a/0x30 [ 13.995012] </TASK> [ 13.995036] [ 14.008115] Allocated by task 204: [ 14.008304] kasan_save_stack+0x45/0x70 [ 14.008475] kasan_save_track+0x18/0x40 [ 14.009293] kasan_save_alloc_info+0x3b/0x50 [ 14.009518] __kasan_kmalloc+0xb7/0xc0 [ 14.009745] __kmalloc_cache_noprof+0x189/0x420 [ 14.010314] kmalloc_uaf+0xaa/0x380 [ 14.011299] kunit_try_run_case+0x1a5/0x480 [ 14.011500] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.011775] kthread+0x337/0x6f0 [ 14.011979] ret_from_fork+0x41/0x80 [ 14.012267] ret_from_fork_asm+0x1a/0x30 [ 14.012500] [ 14.012664] Freed by task 204: [ 14.012887] kasan_save_stack+0x45/0x70 [ 14.013197] kasan_save_track+0x18/0x40 [ 14.013419] kasan_save_free_info+0x3f/0x60 [ 14.014326] __kasan_slab_free+0x56/0x70 [ 14.014511] kfree+0x222/0x3f0 [ 14.015127] kmalloc_uaf+0x12c/0x380 [ 14.015296] kunit_try_run_case+0x1a5/0x480 [ 14.015947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.016432] kthread+0x337/0x6f0 [ 14.016604] ret_from_fork+0x41/0x80 [ 14.017225] ret_from_fork_asm+0x1a/0x30 [ 14.017397] [ 14.017908] The buggy address belongs to the object at ffff8881026ac900 [ 14.017908] which belongs to the cache kmalloc-16 of size 16 [ 14.018231] The buggy address is located 8 bytes inside of [ 14.018231] freed 16-byte region [ffff8881026ac900, ffff8881026ac910) [ 14.019144] [ 14.019239] The buggy address belongs to the physical page: [ 14.019423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ac [ 14.020661] flags: 0x200000000000000(node=0|zone=2) [ 14.020973] page_type: f5(slab) [ 14.021122] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.021518] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.022024] page dumped because: kasan: bad access detected [ 14.022318] [ 14.022446] Memory state around the buggy address: [ 14.023275] ffff8881026ac800: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 14.024899] ffff8881026ac880: fa fb fc fc fa fb fc fc 00 04 fc fc fa fb fc fc [ 14.025454] >ffff8881026ac900: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.027087] ^ [ 14.027286] ffff8881026ac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.027526] ffff8881026aca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.027767] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 13.958444] ================================================================== [ 13.958951] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.959514] Read of size 64 at addr ffff888102d9ae84 by task kunit_try_catch/202 [ 13.959941] [ 13.960165] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.960256] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.960272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.960295] Call Trace: [ 13.960311] <TASK> [ 13.960333] dump_stack_lvl+0x73/0xb0 [ 13.960368] print_report+0xd1/0x650 [ 13.960393] ? __virt_addr_valid+0x1db/0x2d0 [ 13.960413] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.960435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.960456] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.960479] kasan_report+0x141/0x180 [ 13.960499] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.960527] kasan_check_range+0x10c/0x1c0 [ 13.960545] __asan_memmove+0x27/0x70 [ 13.960588] kmalloc_memmove_invalid_size+0x16f/0x330 [ 13.960624] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 13.960663] ? __schedule+0x10cc/0x2b30 [ 13.960702] ? __pfx_read_tsc+0x10/0x10 [ 13.960737] ? ktime_get_ts64+0x86/0x230 [ 13.960783] kunit_try_run_case+0x1a5/0x480 [ 13.960831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.960899] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.960937] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.960974] ? __kthread_parkme+0x82/0x180 [ 13.961013] ? preempt_count_sub+0x50/0x80 [ 13.961061] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.961107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.961153] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.961192] kthread+0x337/0x6f0 [ 13.961221] ? trace_preempt_on+0x20/0xc0 [ 13.961263] ? __pfx_kthread+0x10/0x10 [ 13.961297] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.961352] ? calculate_sigpending+0x7b/0xa0 [ 13.961393] ? __pfx_kthread+0x10/0x10 [ 13.961435] ret_from_fork+0x41/0x80 [ 13.961469] ? __pfx_kthread+0x10/0x10 [ 13.961498] ret_from_fork_asm+0x1a/0x30 [ 13.961551] </TASK> [ 13.961587] [ 13.973038] Allocated by task 202: [ 13.973375] kasan_save_stack+0x45/0x70 [ 13.973645] kasan_save_track+0x18/0x40 [ 13.973937] kasan_save_alloc_info+0x3b/0x50 [ 13.974259] __kasan_kmalloc+0xb7/0xc0 [ 13.974509] __kmalloc_cache_noprof+0x189/0x420 [ 13.975097] kmalloc_memmove_invalid_size+0xac/0x330 [ 13.975660] kunit_try_run_case+0x1a5/0x480 [ 13.976128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.976618] kthread+0x337/0x6f0 [ 13.976930] ret_from_fork+0x41/0x80 [ 13.977418] ret_from_fork_asm+0x1a/0x30 [ 13.977846] [ 13.977963] The buggy address belongs to the object at ffff888102d9ae80 [ 13.977963] which belongs to the cache kmalloc-64 of size 64 [ 13.978986] The buggy address is located 4 bytes inside of [ 13.978986] allocated 64-byte region [ffff888102d9ae80, ffff888102d9aec0) [ 13.979606] [ 13.979960] The buggy address belongs to the physical page: [ 13.980162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d9a [ 13.980396] flags: 0x200000000000000(node=0|zone=2) [ 13.980575] page_type: f5(slab) [ 13.980730] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.980991] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.982093] page dumped because: kasan: bad access detected [ 13.982363] [ 13.982457] Memory state around the buggy address: [ 13.983066] ffff888102d9ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.983326] ffff888102d9ae00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.983533] >ffff888102d9ae80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.984433] ^ [ 13.984803] ffff888102d9af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.985277] ffff888102d9af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.985581] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 13.921249] ================================================================== [ 13.921735] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 13.922482] Read of size 18446744073709551614 at addr ffff888102d9ae04 by task kunit_try_catch/200 [ 13.923811] [ 13.924059] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.924159] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.924206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.924245] Call Trace: [ 13.924273] <TASK> [ 13.924305] dump_stack_lvl+0x73/0xb0 [ 13.924365] print_report+0xd1/0x650 [ 13.924392] ? __virt_addr_valid+0x1db/0x2d0 [ 13.924415] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.924438] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.924458] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.924519] kasan_report+0x141/0x180 [ 13.924571] ? kmalloc_memmove_negative_size+0x171/0x330 [ 13.924619] kasan_check_range+0x10c/0x1c0 [ 13.924764] __asan_memmove+0x27/0x70 [ 13.924786] kmalloc_memmove_negative_size+0x171/0x330 [ 13.924809] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 13.924832] ? __schedule+0x10cc/0x2b30 [ 13.924853] ? __pfx_read_tsc+0x10/0x10 [ 13.924873] ? ktime_get_ts64+0x86/0x230 [ 13.924897] kunit_try_run_case+0x1a5/0x480 [ 13.924921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.924942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.924964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.924984] ? __kthread_parkme+0x82/0x180 [ 13.925005] ? preempt_count_sub+0x50/0x80 [ 13.925029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.925051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.925072] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.925092] kthread+0x337/0x6f0 [ 13.925108] ? trace_preempt_on+0x20/0xc0 [ 13.925130] ? __pfx_kthread+0x10/0x10 [ 13.925147] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.925166] ? calculate_sigpending+0x7b/0xa0 [ 13.925186] ? __pfx_kthread+0x10/0x10 [ 13.925203] ret_from_fork+0x41/0x80 [ 13.925222] ? __pfx_kthread+0x10/0x10 [ 13.925239] ret_from_fork_asm+0x1a/0x30 [ 13.925267] </TASK> [ 13.925279] [ 13.938308] Allocated by task 200: [ 13.938490] kasan_save_stack+0x45/0x70 [ 13.939509] kasan_save_track+0x18/0x40 [ 13.940532] kasan_save_alloc_info+0x3b/0x50 [ 13.940978] __kasan_kmalloc+0xb7/0xc0 [ 13.941132] __kmalloc_cache_noprof+0x189/0x420 [ 13.941368] kmalloc_memmove_negative_size+0xac/0x330 [ 13.941749] kunit_try_run_case+0x1a5/0x480 [ 13.942020] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.942474] kthread+0x337/0x6f0 [ 13.942844] ret_from_fork+0x41/0x80 [ 13.943161] ret_from_fork_asm+0x1a/0x30 [ 13.943495] [ 13.943659] The buggy address belongs to the object at ffff888102d9ae00 [ 13.943659] which belongs to the cache kmalloc-64 of size 64 [ 13.944345] The buggy address is located 4 bytes inside of [ 13.944345] 64-byte region [ffff888102d9ae00, ffff888102d9ae40) [ 13.945214] [ 13.945387] The buggy address belongs to the physical page: [ 13.945838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d9a [ 13.946143] flags: 0x200000000000000(node=0|zone=2) [ 13.946518] page_type: f5(slab) [ 13.947021] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.947755] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.948270] page dumped because: kasan: bad access detected [ 13.949138] [ 13.949327] Memory state around the buggy address: [ 13.949791] ffff888102d9ad00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.950206] ffff888102d9ad80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.950521] >ffff888102d9ae00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 13.951146] ^ [ 13.951454] ffff888102d9ae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.952021] ffff888102d9af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.952403] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 13.887458] ================================================================== [ 13.888432] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 13.888875] Write of size 16 at addr ffff888102d90e69 by task kunit_try_catch/198 [ 13.889961] [ 13.890157] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.890269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.890286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.890309] Call Trace: [ 13.890334] <TASK> [ 13.890355] dump_stack_lvl+0x73/0xb0 [ 13.890408] print_report+0xd1/0x650 [ 13.890441] ? __virt_addr_valid+0x1db/0x2d0 [ 13.890464] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.890486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.890508] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.890529] kasan_report+0x141/0x180 [ 13.890551] ? kmalloc_oob_memset_16+0x166/0x330 [ 13.890597] kasan_check_range+0x10c/0x1c0 [ 13.890631] __asan_memset+0x27/0x50 [ 13.890658] kmalloc_oob_memset_16+0x166/0x330 [ 13.890689] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 13.890712] ? __schedule+0x10cc/0x2b30 [ 13.890734] ? __pfx_read_tsc+0x10/0x10 [ 13.890755] ? ktime_get_ts64+0x86/0x230 [ 13.890780] kunit_try_run_case+0x1a5/0x480 [ 13.890807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.890853] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.890875] ? __kthread_parkme+0x82/0x180 [ 13.890899] ? preempt_count_sub+0x50/0x80 [ 13.890926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.890949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.890973] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.890995] kthread+0x337/0x6f0 [ 13.891013] ? trace_preempt_on+0x20/0xc0 [ 13.891038] ? __pfx_kthread+0x10/0x10 [ 13.891057] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.891078] ? calculate_sigpending+0x7b/0xa0 [ 13.891100] ? __pfx_kthread+0x10/0x10 [ 13.891119] ret_from_fork+0x41/0x80 [ 13.891153] ? __pfx_kthread+0x10/0x10 [ 13.891174] ret_from_fork_asm+0x1a/0x30 [ 13.891206] </TASK> [ 13.891220] [ 13.902116] Allocated by task 198: [ 13.902501] kasan_save_stack+0x45/0x70 [ 13.903026] kasan_save_track+0x18/0x40 [ 13.903295] kasan_save_alloc_info+0x3b/0x50 [ 13.903459] __kasan_kmalloc+0xb7/0xc0 [ 13.904876] __kmalloc_cache_noprof+0x189/0x420 [ 13.905260] kmalloc_oob_memset_16+0xac/0x330 [ 13.905429] kunit_try_run_case+0x1a5/0x480 [ 13.905999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.906295] kthread+0x337/0x6f0 [ 13.906955] ret_from_fork+0x41/0x80 [ 13.907153] ret_from_fork_asm+0x1a/0x30 [ 13.907308] [ 13.907393] The buggy address belongs to the object at ffff888102d90e00 [ 13.907393] which belongs to the cache kmalloc-128 of size 128 [ 13.908532] The buggy address is located 105 bytes inside of [ 13.908532] allocated 120-byte region [ffff888102d90e00, ffff888102d90e78) [ 13.909493] [ 13.909739] The buggy address belongs to the physical page: [ 13.909973] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 13.910674] flags: 0x200000000000000(node=0|zone=2) [ 13.910874] page_type: f5(slab) [ 13.911021] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.911274] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.911504] page dumped because: kasan: bad access detected [ 13.911690] [ 13.911775] Memory state around the buggy address: [ 13.911941] ffff888102d90d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.912154] ffff888102d90d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.912367] >ffff888102d90e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.913423] ^ [ 13.913938] ffff888102d90e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.914201] ffff888102d90f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.914445] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 13.857119] ================================================================== [ 13.857617] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 13.858263] Write of size 8 at addr ffff888103391a71 by task kunit_try_catch/196 [ 13.858574] [ 13.858827] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.858962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.859005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.859050] Call Trace: [ 13.859079] <TASK> [ 13.859115] dump_stack_lvl+0x73/0xb0 [ 13.859221] print_report+0xd1/0x650 [ 13.859293] ? __virt_addr_valid+0x1db/0x2d0 [ 13.859343] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.859389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.859466] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.859526] kasan_report+0x141/0x180 [ 13.859593] ? kmalloc_oob_memset_8+0x166/0x330 [ 13.859642] kasan_check_range+0x10c/0x1c0 [ 13.859679] __asan_memset+0x27/0x50 [ 13.859720] kmalloc_oob_memset_8+0x166/0x330 [ 13.859765] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 13.859846] ? __schedule+0x10cc/0x2b30 [ 13.859932] ? __pfx_read_tsc+0x10/0x10 [ 13.859992] ? ktime_get_ts64+0x86/0x230 [ 13.860049] kunit_try_run_case+0x1a5/0x480 [ 13.860098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.860133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.860171] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.860195] ? __kthread_parkme+0x82/0x180 [ 13.860217] ? preempt_count_sub+0x50/0x80 [ 13.860243] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.860266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.860288] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.860309] kthread+0x337/0x6f0 [ 13.860325] ? trace_preempt_on+0x20/0xc0 [ 13.860349] ? __pfx_kthread+0x10/0x10 [ 13.860367] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.860386] ? calculate_sigpending+0x7b/0xa0 [ 13.860407] ? __pfx_kthread+0x10/0x10 [ 13.860424] ret_from_fork+0x41/0x80 [ 13.860444] ? __pfx_kthread+0x10/0x10 [ 13.860461] ret_from_fork_asm+0x1a/0x30 [ 13.860490] </TASK> [ 13.860503] [ 13.869106] Allocated by task 196: [ 13.869449] kasan_save_stack+0x45/0x70 [ 13.869792] kasan_save_track+0x18/0x40 [ 13.870097] kasan_save_alloc_info+0x3b/0x50 [ 13.870480] __kasan_kmalloc+0xb7/0xc0 [ 13.870880] __kmalloc_cache_noprof+0x189/0x420 [ 13.871265] kmalloc_oob_memset_8+0xac/0x330 [ 13.871645] kunit_try_run_case+0x1a5/0x480 [ 13.871885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.872109] kthread+0x337/0x6f0 [ 13.872274] ret_from_fork+0x41/0x80 [ 13.872442] ret_from_fork_asm+0x1a/0x30 [ 13.872644] [ 13.872755] The buggy address belongs to the object at ffff888103391a00 [ 13.872755] which belongs to the cache kmalloc-128 of size 128 [ 13.873173] The buggy address is located 113 bytes inside of [ 13.873173] allocated 120-byte region [ffff888103391a00, ffff888103391a78) [ 13.874100] [ 13.874273] The buggy address belongs to the physical page: [ 13.874673] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 13.875317] flags: 0x200000000000000(node=0|zone=2) [ 13.875695] page_type: f5(slab) [ 13.875988] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.876366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.876964] page dumped because: kasan: bad access detected [ 13.877261] [ 13.877424] Memory state around the buggy address: [ 13.877841] ffff888103391900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.878190] ffff888103391980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.878643] >ffff888103391a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.878995] ^ [ 13.879268] ffff888103391a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.879527] ffff888103391b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.879785] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 13.819284] ================================================================== [ 13.819718] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 13.820232] Write of size 4 at addr ffff888103391975 by task kunit_try_catch/194 [ 13.821065] [ 13.821232] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.821338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.821360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.821395] Call Trace: [ 13.821419] <TASK> [ 13.821448] dump_stack_lvl+0x73/0xb0 [ 13.821506] print_report+0xd1/0x650 [ 13.821544] ? __virt_addr_valid+0x1db/0x2d0 [ 13.821596] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.821984] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.822064] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.822117] kasan_report+0x141/0x180 [ 13.822163] ? kmalloc_oob_memset_4+0x166/0x330 [ 13.822214] kasan_check_range+0x10c/0x1c0 [ 13.822249] __asan_memset+0x27/0x50 [ 13.822288] kmalloc_oob_memset_4+0x166/0x330 [ 13.822331] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 13.822372] ? __schedule+0x10cc/0x2b30 [ 13.822406] ? __pfx_read_tsc+0x10/0x10 [ 13.822433] ? ktime_get_ts64+0x86/0x230 [ 13.822460] kunit_try_run_case+0x1a5/0x480 [ 13.822486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.822530] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.822552] ? __kthread_parkme+0x82/0x180 [ 13.822597] ? preempt_count_sub+0x50/0x80 [ 13.822737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.822763] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.822786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.822807] kthread+0x337/0x6f0 [ 13.822824] ? trace_preempt_on+0x20/0xc0 [ 13.822848] ? __pfx_kthread+0x10/0x10 [ 13.822866] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.822886] ? calculate_sigpending+0x7b/0xa0 [ 13.822908] ? __pfx_kthread+0x10/0x10 [ 13.822925] ret_from_fork+0x41/0x80 [ 13.822946] ? __pfx_kthread+0x10/0x10 [ 13.822964] ret_from_fork_asm+0x1a/0x30 [ 13.822992] </TASK> [ 13.823006] [ 13.834418] Allocated by task 194: [ 13.834783] kasan_save_stack+0x45/0x70 [ 13.835055] kasan_save_track+0x18/0x40 [ 13.836287] kasan_save_alloc_info+0x3b/0x50 [ 13.836514] __kasan_kmalloc+0xb7/0xc0 [ 13.836661] __kmalloc_cache_noprof+0x189/0x420 [ 13.837475] kmalloc_oob_memset_4+0xac/0x330 [ 13.837751] kunit_try_run_case+0x1a5/0x480 [ 13.838250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.838530] kthread+0x337/0x6f0 [ 13.838684] ret_from_fork+0x41/0x80 [ 13.839364] ret_from_fork_asm+0x1a/0x30 [ 13.839619] [ 13.840013] The buggy address belongs to the object at ffff888103391900 [ 13.840013] which belongs to the cache kmalloc-128 of size 128 [ 13.841032] The buggy address is located 117 bytes inside of [ 13.841032] allocated 120-byte region [ffff888103391900, ffff888103391978) [ 13.841619] [ 13.842624] The buggy address belongs to the physical page: [ 13.842985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103391 [ 13.843506] flags: 0x200000000000000(node=0|zone=2) [ 13.843978] page_type: f5(slab) [ 13.844450] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.845121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.845466] page dumped because: kasan: bad access detected [ 13.845872] [ 13.845984] Memory state around the buggy address: [ 13.846344] ffff888103391800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.846650] ffff888103391880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.847594] >ffff888103391900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.848499] ^ [ 13.849174] ffff888103391980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.849786] ffff888103391a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.850273] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 13.781589] ================================================================== [ 13.782160] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 13.783197] Write of size 2 at addr ffff888102d90d77 by task kunit_try_catch/192 [ 13.783664] [ 13.783829] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.784576] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.784593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.784699] Call Trace: [ 13.784719] <TASK> [ 13.784740] dump_stack_lvl+0x73/0xb0 [ 13.784781] print_report+0xd1/0x650 [ 13.784804] ? __virt_addr_valid+0x1db/0x2d0 [ 13.784828] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.784848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.784868] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.784888] kasan_report+0x141/0x180 [ 13.784908] ? kmalloc_oob_memset_2+0x166/0x330 [ 13.784932] kasan_check_range+0x10c/0x1c0 [ 13.784951] __asan_memset+0x27/0x50 [ 13.784969] kmalloc_oob_memset_2+0x166/0x330 [ 13.784989] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 13.785010] ? __schedule+0x10cc/0x2b30 [ 13.785031] ? __pfx_read_tsc+0x10/0x10 [ 13.785050] ? ktime_get_ts64+0x86/0x230 [ 13.785075] kunit_try_run_case+0x1a5/0x480 [ 13.785098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785118] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.785139] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.785159] ? __kthread_parkme+0x82/0x180 [ 13.785180] ? preempt_count_sub+0x50/0x80 [ 13.785204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.785225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.785245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.785265] kthread+0x337/0x6f0 [ 13.785281] ? trace_preempt_on+0x20/0xc0 [ 13.785304] ? __pfx_kthread+0x10/0x10 [ 13.785321] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.785340] ? calculate_sigpending+0x7b/0xa0 [ 13.785361] ? __pfx_kthread+0x10/0x10 [ 13.785378] ret_from_fork+0x41/0x80 [ 13.785397] ? __pfx_kthread+0x10/0x10 [ 13.785415] ret_from_fork_asm+0x1a/0x30 [ 13.785443] </TASK> [ 13.785455] [ 13.796438] Allocated by task 192: [ 13.796954] kasan_save_stack+0x45/0x70 [ 13.797291] kasan_save_track+0x18/0x40 [ 13.798427] kasan_save_alloc_info+0x3b/0x50 [ 13.798636] __kasan_kmalloc+0xb7/0xc0 [ 13.799181] __kmalloc_cache_noprof+0x189/0x420 [ 13.799357] kmalloc_oob_memset_2+0xac/0x330 [ 13.800120] kunit_try_run_case+0x1a5/0x480 [ 13.800487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.800678] kthread+0x337/0x6f0 [ 13.800981] ret_from_fork+0x41/0x80 [ 13.801520] ret_from_fork_asm+0x1a/0x30 [ 13.801988] [ 13.802182] The buggy address belongs to the object at ffff888102d90d00 [ 13.802182] which belongs to the cache kmalloc-128 of size 128 [ 13.803064] The buggy address is located 119 bytes inside of [ 13.803064] allocated 120-byte region [ffff888102d90d00, ffff888102d90d78) [ 13.804198] [ 13.804323] The buggy address belongs to the physical page: [ 13.805281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 13.805784] flags: 0x200000000000000(node=0|zone=2) [ 13.806227] page_type: f5(slab) [ 13.806385] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.807326] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.807604] page dumped because: kasan: bad access detected [ 13.808248] [ 13.808538] Memory state around the buggy address: [ 13.809117] ffff888102d90c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.809476] ffff888102d90c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.810340] >ffff888102d90d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.810605] ^ [ 13.811241] ffff888102d90d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.811686] ffff888102d90e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.812500] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 13.739990] ================================================================== [ 13.740936] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 13.741362] Write of size 128 at addr ffff888102d90c00 by task kunit_try_catch/190 [ 13.742007] [ 13.742155] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.742798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.742834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.742871] Call Trace: [ 13.742890] <TASK> [ 13.742912] dump_stack_lvl+0x73/0xb0 [ 13.742954] print_report+0xd1/0x650 [ 13.742979] ? __virt_addr_valid+0x1db/0x2d0 [ 13.743003] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.743025] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.743046] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.743067] kasan_report+0x141/0x180 [ 13.743089] ? kmalloc_oob_in_memset+0x15f/0x320 [ 13.743116] kasan_check_range+0x10c/0x1c0 [ 13.743151] __asan_memset+0x27/0x50 [ 13.743176] kmalloc_oob_in_memset+0x15f/0x320 [ 13.743200] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 13.743226] ? __schedule+0x10cc/0x2b30 [ 13.743249] ? __pfx_read_tsc+0x10/0x10 [ 13.743272] ? ktime_get_ts64+0x86/0x230 [ 13.743300] kunit_try_run_case+0x1a5/0x480 [ 13.743328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743350] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.743374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.743396] ? __kthread_parkme+0x82/0x180 [ 13.743418] ? preempt_count_sub+0x50/0x80 [ 13.743444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.743467] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.743488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.743510] kthread+0x337/0x6f0 [ 13.743527] ? trace_preempt_on+0x20/0xc0 [ 13.743552] ? __pfx_kthread+0x10/0x10 [ 13.743595] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.743628] ? calculate_sigpending+0x7b/0xa0 [ 13.743663] ? __pfx_kthread+0x10/0x10 [ 13.743692] ret_from_fork+0x41/0x80 [ 13.743723] ? __pfx_kthread+0x10/0x10 [ 13.743751] ret_from_fork_asm+0x1a/0x30 [ 13.743797] </TASK> [ 13.743819] [ 13.758206] Allocated by task 190: [ 13.758472] kasan_save_stack+0x45/0x70 [ 13.759088] kasan_save_track+0x18/0x40 [ 13.759379] kasan_save_alloc_info+0x3b/0x50 [ 13.759620] __kasan_kmalloc+0xb7/0xc0 [ 13.759767] __kmalloc_cache_noprof+0x189/0x420 [ 13.759935] kmalloc_oob_in_memset+0xac/0x320 [ 13.760100] kunit_try_run_case+0x1a5/0x480 [ 13.762023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.762227] kthread+0x337/0x6f0 [ 13.762363] ret_from_fork+0x41/0x80 [ 13.762499] ret_from_fork_asm+0x1a/0x30 [ 13.762654] [ 13.763631] The buggy address belongs to the object at ffff888102d90c00 [ 13.763631] which belongs to the cache kmalloc-128 of size 128 [ 13.764349] The buggy address is located 0 bytes inside of [ 13.764349] allocated 120-byte region [ffff888102d90c00, ffff888102d90c78) [ 13.764884] [ 13.764990] The buggy address belongs to the physical page: [ 13.765213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 13.767155] flags: 0x200000000000000(node=0|zone=2) [ 13.767354] page_type: f5(slab) [ 13.768320] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.768672] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.768891] page dumped because: kasan: bad access detected [ 13.769067] [ 13.769143] Memory state around the buggy address: [ 13.770941] ffff888102d90b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.771227] ffff888102d90b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.771627] >ffff888102d90c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 13.771955] ^ [ 13.774234] ffff888102d90c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775113] ffff888102d90d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.775502] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 13.701485] ================================================================== [ 13.701929] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 13.702117] Read of size 16 at addr ffff888102497600 by task kunit_try_catch/188 [ 13.702268] [ 13.702355] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.702418] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.702433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.702457] Call Trace: [ 13.702474] <TASK> [ 13.702496] dump_stack_lvl+0x73/0xb0 [ 13.702530] print_report+0xd1/0x650 [ 13.702575] ? __virt_addr_valid+0x1db/0x2d0 [ 13.702617] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.702653] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.703173] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.703214] kasan_report+0x141/0x180 [ 13.703243] ? kmalloc_uaf_16+0x47b/0x4c0 [ 13.703295] __asan_report_load16_noabort+0x18/0x20 [ 13.703336] kmalloc_uaf_16+0x47b/0x4c0 [ 13.703382] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 13.703427] ? __schedule+0x10cc/0x2b30 [ 13.703477] ? __pfx_read_tsc+0x10/0x10 [ 13.703521] ? ktime_get_ts64+0x86/0x230 [ 13.703587] kunit_try_run_case+0x1a5/0x480 [ 13.703632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.703664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.704230] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.704259] ? __kthread_parkme+0x82/0x180 [ 13.704287] ? preempt_count_sub+0x50/0x80 [ 13.704317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.704344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.704370] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.704395] kthread+0x337/0x6f0 [ 13.704415] ? trace_preempt_on+0x20/0xc0 [ 13.704442] ? __pfx_kthread+0x10/0x10 [ 13.704461] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.704484] ? calculate_sigpending+0x7b/0xa0 [ 13.704509] ? __pfx_kthread+0x10/0x10 [ 13.704530] ret_from_fork+0x41/0x80 [ 13.704553] ? __pfx_kthread+0x10/0x10 [ 13.704600] ret_from_fork_asm+0x1a/0x30 [ 13.704633] </TASK> [ 13.704651] [ 13.715781] Allocated by task 188: [ 13.716033] kasan_save_stack+0x45/0x70 [ 13.716477] kasan_save_track+0x18/0x40 [ 13.716909] kasan_save_alloc_info+0x3b/0x50 [ 13.717135] __kasan_kmalloc+0xb7/0xc0 [ 13.717518] __kmalloc_cache_noprof+0x189/0x420 [ 13.717935] kmalloc_uaf_16+0x15b/0x4c0 [ 13.718322] kunit_try_run_case+0x1a5/0x480 [ 13.718742] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.718991] kthread+0x337/0x6f0 [ 13.719177] ret_from_fork+0x41/0x80 [ 13.719374] ret_from_fork_asm+0x1a/0x30 [ 13.719584] [ 13.719892] Freed by task 188: [ 13.720203] kasan_save_stack+0x45/0x70 [ 13.720543] kasan_save_track+0x18/0x40 [ 13.720952] kasan_save_free_info+0x3f/0x60 [ 13.721303] __kasan_slab_free+0x56/0x70 [ 13.721788] kfree+0x222/0x3f0 [ 13.722143] kmalloc_uaf_16+0x1d6/0x4c0 [ 13.722485] kunit_try_run_case+0x1a5/0x480 [ 13.722881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.723420] kthread+0x337/0x6f0 [ 13.723752] ret_from_fork+0x41/0x80 [ 13.723954] ret_from_fork_asm+0x1a/0x30 [ 13.724148] [ 13.724264] The buggy address belongs to the object at ffff888102497600 [ 13.724264] which belongs to the cache kmalloc-16 of size 16 [ 13.725461] The buggy address is located 0 bytes inside of [ 13.725461] freed 16-byte region [ffff888102497600, ffff888102497610) [ 13.726412] [ 13.726707] The buggy address belongs to the physical page: [ 13.727176] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 13.727722] flags: 0x200000000000000(node=0|zone=2) [ 13.727971] page_type: f5(slab) [ 13.728273] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.728963] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.729535] page dumped because: kasan: bad access detected [ 13.730049] [ 13.730232] Memory state around the buggy address: [ 13.730489] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 13.731119] ffff888102497580: 00 05 fc fc fa fb fc fc fa fb fc fc 00 00 fc fc [ 13.731574] >ffff888102497600: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.732139] ^ [ 13.732528] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.733008] ffff888102497700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.733458] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 13.662142] ================================================================== [ 13.662699] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 13.663400] Write of size 16 at addr ffff8881024975a0 by task kunit_try_catch/186 [ 13.663682] [ 13.663940] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.664049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.664382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.664424] Call Trace: [ 13.664449] <TASK> [ 13.664483] dump_stack_lvl+0x73/0xb0 [ 13.664545] print_report+0xd1/0x650 [ 13.664599] ? __virt_addr_valid+0x1db/0x2d0 [ 13.664648] ? kmalloc_oob_16+0x452/0x4a0 [ 13.664682] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.664718] ? kmalloc_oob_16+0x452/0x4a0 [ 13.664752] kasan_report+0x141/0x180 [ 13.664786] ? kmalloc_oob_16+0x452/0x4a0 [ 13.664823] __asan_report_store16_noabort+0x1b/0x30 [ 13.664858] kmalloc_oob_16+0x452/0x4a0 [ 13.664892] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 13.664928] ? __schedule+0x10cc/0x2b30 [ 13.664970] ? __pfx_read_tsc+0x10/0x10 [ 13.665005] ? ktime_get_ts64+0x86/0x230 [ 13.665039] kunit_try_run_case+0x1a5/0x480 [ 13.665066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.665087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.665110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.665132] ? __kthread_parkme+0x82/0x180 [ 13.665163] ? preempt_count_sub+0x50/0x80 [ 13.665202] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.665241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.665281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.665322] kthread+0x337/0x6f0 [ 13.665355] ? trace_preempt_on+0x20/0xc0 [ 13.665396] ? __pfx_kthread+0x10/0x10 [ 13.665425] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.665493] ? calculate_sigpending+0x7b/0xa0 [ 13.665528] ? __pfx_kthread+0x10/0x10 [ 13.665572] ret_from_fork+0x41/0x80 [ 13.665611] ? __pfx_kthread+0x10/0x10 [ 13.665645] ret_from_fork_asm+0x1a/0x30 [ 13.665705] </TASK> [ 13.665732] [ 13.678064] Allocated by task 186: [ 13.678405] kasan_save_stack+0x45/0x70 [ 13.679362] kasan_save_track+0x18/0x40 [ 13.679724] kasan_save_alloc_info+0x3b/0x50 [ 13.679975] __kasan_kmalloc+0xb7/0xc0 [ 13.680510] __kmalloc_cache_noprof+0x189/0x420 [ 13.681058] kmalloc_oob_16+0xa8/0x4a0 [ 13.681432] kunit_try_run_case+0x1a5/0x480 [ 13.682003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.682428] kthread+0x337/0x6f0 [ 13.682855] ret_from_fork+0x41/0x80 [ 13.683230] ret_from_fork_asm+0x1a/0x30 [ 13.684094] [ 13.684313] The buggy address belongs to the object at ffff8881024975a0 [ 13.684313] which belongs to the cache kmalloc-16 of size 16 [ 13.685207] The buggy address is located 0 bytes inside of [ 13.685207] allocated 13-byte region [ffff8881024975a0, ffff8881024975ad) [ 13.686062] [ 13.686266] The buggy address belongs to the physical page: [ 13.686925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102497 [ 13.687320] flags: 0x200000000000000(node=0|zone=2) [ 13.687866] page_type: f5(slab) [ 13.688190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.689371] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.690030] page dumped because: kasan: bad access detected [ 13.690392] [ 13.690593] Memory state around the buggy address: [ 13.691032] ffff888102497480: fa fb fc fc 00 03 fc fc 00 03 fc fc fa fb fc fc [ 13.692072] ffff888102497500: 00 01 fc fc 00 01 fc fc fa fb fc fc fa fb fc fc [ 13.692472] >ffff888102497580: 00 05 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 13.692910] ^ [ 13.693185] ffff888102497600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.693686] ffff888102497680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.694616] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 13.613897] ================================================================== [ 13.614318] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 13.614954] Read of size 1 at addr ffff888100aaf400 by task kunit_try_catch/184 [ 13.615467] [ 13.615726] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.615855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.615882] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.615921] Call Trace: [ 13.615967] <TASK> [ 13.616010] dump_stack_lvl+0x73/0xb0 [ 13.616079] print_report+0xd1/0x650 [ 13.616128] ? __virt_addr_valid+0x1db/0x2d0 [ 13.616174] ? krealloc_uaf+0x53c/0x5e0 [ 13.616217] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.616262] ? krealloc_uaf+0x53c/0x5e0 [ 13.616340] kasan_report+0x141/0x180 [ 13.616385] ? krealloc_uaf+0x53c/0x5e0 [ 13.616431] __asan_report_load1_noabort+0x18/0x20 [ 13.616470] krealloc_uaf+0x53c/0x5e0 [ 13.616510] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.616547] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.616612] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.616660] kunit_try_run_case+0x1a5/0x480 [ 13.616702] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.616741] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.616781] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.616821] ? __kthread_parkme+0x82/0x180 [ 13.616859] ? preempt_count_sub+0x50/0x80 [ 13.616905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.616945] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.616985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.617025] kthread+0x337/0x6f0 [ 13.617058] ? trace_preempt_on+0x20/0xc0 [ 13.617099] ? __pfx_kthread+0x10/0x10 [ 13.617133] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.617169] ? calculate_sigpending+0x7b/0xa0 [ 13.617208] ? __pfx_kthread+0x10/0x10 [ 13.617242] ret_from_fork+0x41/0x80 [ 13.617280] ? __pfx_kthread+0x10/0x10 [ 13.617314] ret_from_fork_asm+0x1a/0x30 [ 13.617371] </TASK> [ 13.617394] [ 13.631311] Allocated by task 184: [ 13.632482] kasan_save_stack+0x45/0x70 [ 13.633026] kasan_save_track+0x18/0x40 [ 13.633378] kasan_save_alloc_info+0x3b/0x50 [ 13.634067] __kasan_kmalloc+0xb7/0xc0 [ 13.634289] __kmalloc_cache_noprof+0x189/0x420 [ 13.635202] krealloc_uaf+0xbb/0x5e0 [ 13.635477] kunit_try_run_case+0x1a5/0x480 [ 13.635676] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.637359] kthread+0x337/0x6f0 [ 13.637740] ret_from_fork+0x41/0x80 [ 13.638382] ret_from_fork_asm+0x1a/0x30 [ 13.638765] [ 13.638943] Freed by task 184: [ 13.640086] kasan_save_stack+0x45/0x70 [ 13.640436] kasan_save_track+0x18/0x40 [ 13.640691] kasan_save_free_info+0x3f/0x60 [ 13.640933] __kasan_slab_free+0x56/0x70 [ 13.641166] kfree+0x222/0x3f0 [ 13.641363] krealloc_uaf+0x13d/0x5e0 [ 13.641590] kunit_try_run_case+0x1a5/0x480 [ 13.641842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.642133] kthread+0x337/0x6f0 [ 13.642334] ret_from_fork+0x41/0x80 [ 13.643436] ret_from_fork_asm+0x1a/0x30 [ 13.643832] [ 13.643952] The buggy address belongs to the object at ffff888100aaf400 [ 13.643952] which belongs to the cache kmalloc-256 of size 256 [ 13.644899] The buggy address is located 0 bytes inside of [ 13.644899] freed 256-byte region [ffff888100aaf400, ffff888100aaf500) [ 13.645922] [ 13.646120] The buggy address belongs to the physical page: [ 13.646612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 13.647035] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.647624] flags: 0x200000000000040(head|node=0|zone=2) [ 13.648044] page_type: f5(slab) [ 13.648333] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.648747] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.649040] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.649553] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.650048] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 13.650731] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.651152] page dumped because: kasan: bad access detected [ 13.651620] [ 13.651817] Memory state around the buggy address: [ 13.652150] ffff888100aaf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.652611] ffff888100aaf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.653081] >ffff888100aaf400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.653544] ^ [ 13.653759] ffff888100aaf480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.654272] ffff888100aaf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.654647] ================================================================== [ 13.563237] ================================================================== [ 13.564268] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 13.564853] Read of size 1 at addr ffff888100aaf400 by task kunit_try_catch/184 [ 13.565395] [ 13.565919] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.565983] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.566001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.566033] Call Trace: [ 13.566057] <TASK> [ 13.566089] dump_stack_lvl+0x73/0xb0 [ 13.566147] print_report+0xd1/0x650 [ 13.566207] ? __virt_addr_valid+0x1db/0x2d0 [ 13.566230] ? krealloc_uaf+0x1b8/0x5e0 [ 13.566250] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.566279] ? krealloc_uaf+0x1b8/0x5e0 [ 13.566298] kasan_report+0x141/0x180 [ 13.566318] ? krealloc_uaf+0x1b8/0x5e0 [ 13.566352] ? krealloc_uaf+0x1b8/0x5e0 [ 13.566380] __kasan_check_byte+0x3d/0x50 [ 13.566400] krealloc_noprof+0x3f/0x340 [ 13.566420] krealloc_uaf+0x1b8/0x5e0 [ 13.566439] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.566459] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.566484] ? __pfx_krealloc_uaf+0x10/0x10 [ 13.566507] kunit_try_run_case+0x1a5/0x480 [ 13.566529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.566548] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.566592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.566624] ? __kthread_parkme+0x82/0x180 [ 13.566659] ? preempt_count_sub+0x50/0x80 [ 13.566706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.566745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.566783] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.566804] kthread+0x337/0x6f0 [ 13.566821] ? trace_preempt_on+0x20/0xc0 [ 13.566845] ? __pfx_kthread+0x10/0x10 [ 13.566861] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.566880] ? calculate_sigpending+0x7b/0xa0 [ 13.566900] ? __pfx_kthread+0x10/0x10 [ 13.566916] ret_from_fork+0x41/0x80 [ 13.566936] ? __pfx_kthread+0x10/0x10 [ 13.566953] ret_from_fork_asm+0x1a/0x30 [ 13.566980] </TASK> [ 13.566993] [ 13.585626] Allocated by task 184: [ 13.585990] kasan_save_stack+0x45/0x70 [ 13.586268] kasan_save_track+0x18/0x40 [ 13.586500] kasan_save_alloc_info+0x3b/0x50 [ 13.587481] __kasan_kmalloc+0xb7/0xc0 [ 13.588109] __kmalloc_cache_noprof+0x189/0x420 [ 13.588345] krealloc_uaf+0xbb/0x5e0 [ 13.588531] kunit_try_run_case+0x1a5/0x480 [ 13.589482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.591948] kthread+0x337/0x6f0 [ 13.592220] ret_from_fork+0x41/0x80 [ 13.592475] ret_from_fork_asm+0x1a/0x30 [ 13.593361] [ 13.593905] Freed by task 184: [ 13.594449] kasan_save_stack+0x45/0x70 [ 13.595112] kasan_save_track+0x18/0x40 [ 13.595792] kasan_save_free_info+0x3f/0x60 [ 13.596294] __kasan_slab_free+0x56/0x70 [ 13.596582] kfree+0x222/0x3f0 [ 13.597737] krealloc_uaf+0x13d/0x5e0 [ 13.597962] kunit_try_run_case+0x1a5/0x480 [ 13.598167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.598405] kthread+0x337/0x6f0 [ 13.598585] ret_from_fork+0x41/0x80 [ 13.598763] ret_from_fork_asm+0x1a/0x30 [ 13.598995] [ 13.599119] The buggy address belongs to the object at ffff888100aaf400 [ 13.599119] which belongs to the cache kmalloc-256 of size 256 [ 13.599735] The buggy address is located 0 bytes inside of [ 13.599735] freed 256-byte region [ffff888100aaf400, ffff888100aaf500) [ 13.600707] [ 13.600828] The buggy address belongs to the physical page: [ 13.601699] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 13.602197] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.602626] flags: 0x200000000000040(head|node=0|zone=2) [ 13.603156] page_type: f5(slab) [ 13.603552] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.604994] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.605403] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.606470] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.606755] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 13.607314] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.607600] page dumped because: kasan: bad access detected [ 13.607968] [ 13.608167] Memory state around the buggy address: [ 13.608506] ffff888100aaf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609129] ffff888100aaf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.609798] >ffff888100aaf400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.610395] ^ [ 13.610858] ffff888100aaf480: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.611238] ffff888100aaf500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.611980] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 13.414064] ================================================================== [ 13.415101] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.415541] Write of size 1 at addr ffff8881029be0c9 by task kunit_try_catch/182 [ 13.415905] [ 13.416050] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.416148] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.416178] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.416209] Call Trace: [ 13.416226] <TASK> [ 13.416248] dump_stack_lvl+0x73/0xb0 [ 13.416283] print_report+0xd1/0x650 [ 13.416309] ? __virt_addr_valid+0x1db/0x2d0 [ 13.416334] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.416369] ? kasan_addr_to_slab+0x11/0xa0 [ 13.416554] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.416955] kasan_report+0x141/0x180 [ 13.417035] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.417095] __asan_report_store1_noabort+0x1b/0x30 [ 13.417135] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.417168] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.417191] ? finish_task_switch.isra.0+0x153/0x700 [ 13.417216] ? __switch_to+0x5d9/0xf60 [ 13.417237] ? dequeue_task_fair+0x166/0x4e0 [ 13.417259] ? __schedule+0x10cc/0x2b30 [ 13.417281] ? __pfx_read_tsc+0x10/0x10 [ 13.417304] krealloc_large_less_oob+0x1c/0x30 [ 13.417325] kunit_try_run_case+0x1a5/0x480 [ 13.417348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.417368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.417390] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.417411] ? __kthread_parkme+0x82/0x180 [ 13.417432] ? preempt_count_sub+0x50/0x80 [ 13.417455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.417476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.417497] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.417518] kthread+0x337/0x6f0 [ 13.417534] ? trace_preempt_on+0x20/0xc0 [ 13.417576] ? __pfx_kthread+0x10/0x10 [ 13.417602] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.417662] ? calculate_sigpending+0x7b/0xa0 [ 13.417709] ? __pfx_kthread+0x10/0x10 [ 13.417742] ret_from_fork+0x41/0x80 [ 13.417767] ? __pfx_kthread+0x10/0x10 [ 13.417784] ret_from_fork_asm+0x1a/0x30 [ 13.417813] </TASK> [ 13.417827] [ 13.431444] The buggy address belongs to the physical page: [ 13.432250] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.432714] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.433253] flags: 0x200000000000040(head|node=0|zone=2) [ 13.433449] page_type: f8(unknown) [ 13.433616] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.434456] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.434990] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.435439] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.435719] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.435941] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.436156] page dumped because: kasan: bad access detected [ 13.436320] [ 13.436403] Memory state around the buggy address: [ 13.436570] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.436774] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.436980] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.437177] ^ [ 13.437347] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.437554] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.437829] ================================================================== [ 13.438383] ================================================================== [ 13.440388] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.440675] Write of size 1 at addr ffff8881029be0d0 by task kunit_try_catch/182 [ 13.440890] [ 13.440993] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.441045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.441058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.441080] Call Trace: [ 13.441094] <TASK> [ 13.441113] dump_stack_lvl+0x73/0xb0 [ 13.441143] print_report+0xd1/0x650 [ 13.441167] ? __virt_addr_valid+0x1db/0x2d0 [ 13.441189] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.441210] ? kasan_addr_to_slab+0x11/0xa0 [ 13.441230] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.441252] kasan_report+0x141/0x180 [ 13.441273] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.441299] __asan_report_store1_noabort+0x1b/0x30 [ 13.441318] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.441342] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.441364] ? finish_task_switch.isra.0+0x153/0x700 [ 13.441387] ? __switch_to+0x5d9/0xf60 [ 13.441407] ? dequeue_task_fair+0x166/0x4e0 [ 13.441429] ? __schedule+0x10cc/0x2b30 [ 13.441451] ? __pfx_read_tsc+0x10/0x10 [ 13.441473] krealloc_large_less_oob+0x1c/0x30 [ 13.441495] kunit_try_run_case+0x1a5/0x480 [ 13.441520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.441541] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.441580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.441604] ? __kthread_parkme+0x82/0x180 [ 13.441625] ? preempt_count_sub+0x50/0x80 [ 13.441648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.441669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.441690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.441712] kthread+0x337/0x6f0 [ 13.441729] ? trace_preempt_on+0x20/0xc0 [ 13.441751] ? __pfx_kthread+0x10/0x10 [ 13.441769] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.441789] ? calculate_sigpending+0x7b/0xa0 [ 13.441810] ? __pfx_kthread+0x10/0x10 [ 13.441828] ret_from_fork+0x41/0x80 [ 13.441847] ? __pfx_kthread+0x10/0x10 [ 13.441864] ret_from_fork_asm+0x1a/0x30 [ 13.441891] </TASK> [ 13.441903] [ 13.455448] The buggy address belongs to the physical page: [ 13.456536] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.457175] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.457408] flags: 0x200000000000040(head|node=0|zone=2) [ 13.458003] page_type: f8(unknown) [ 13.458168] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.458388] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.459435] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.459806] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.460157] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.460696] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.461532] page dumped because: kasan: bad access detected [ 13.462035] [ 13.462286] Memory state around the buggy address: [ 13.462582] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.463577] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.464048] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.464476] ^ [ 13.464830] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.465269] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.465652] ================================================================== [ 13.529199] ================================================================== [ 13.529543] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.530472] Write of size 1 at addr ffff8881029be0eb by task kunit_try_catch/182 [ 13.531100] [ 13.531284] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.531370] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.531395] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.531433] Call Trace: [ 13.531507] <TASK> [ 13.531568] dump_stack_lvl+0x73/0xb0 [ 13.531638] print_report+0xd1/0x650 [ 13.531787] ? __virt_addr_valid+0x1db/0x2d0 [ 13.531935] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.531994] ? kasan_addr_to_slab+0x11/0xa0 [ 13.532044] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.532097] kasan_report+0x141/0x180 [ 13.532136] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.532165] __asan_report_store1_noabort+0x1b/0x30 [ 13.532187] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.532213] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.532237] ? finish_task_switch.isra.0+0x153/0x700 [ 13.532263] ? __switch_to+0x5d9/0xf60 [ 13.532284] ? dequeue_task_fair+0x166/0x4e0 [ 13.532308] ? __schedule+0x10cc/0x2b30 [ 13.532331] ? __pfx_read_tsc+0x10/0x10 [ 13.532356] krealloc_large_less_oob+0x1c/0x30 [ 13.532379] kunit_try_run_case+0x1a5/0x480 [ 13.532405] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.532450] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.532473] ? __kthread_parkme+0x82/0x180 [ 13.532496] ? preempt_count_sub+0x50/0x80 [ 13.532520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.532542] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.532588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.532623] kthread+0x337/0x6f0 [ 13.532656] ? trace_preempt_on+0x20/0xc0 [ 13.532691] ? __pfx_kthread+0x10/0x10 [ 13.532718] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.532747] ? calculate_sigpending+0x7b/0xa0 [ 13.532778] ? __pfx_kthread+0x10/0x10 [ 13.532806] ret_from_fork+0x41/0x80 [ 13.532836] ? __pfx_kthread+0x10/0x10 [ 13.532863] ret_from_fork_asm+0x1a/0x30 [ 13.532907] </TASK> [ 13.532926] [ 13.545943] The buggy address belongs to the physical page: [ 13.546419] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.547178] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.547610] flags: 0x200000000000040(head|node=0|zone=2) [ 13.548184] page_type: f8(unknown) [ 13.548418] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.549322] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.549682] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.550579] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.550958] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.551533] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.552299] page dumped because: kasan: bad access detected [ 13.552596] [ 13.552979] Memory state around the buggy address: [ 13.553215] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.553733] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.554028] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.554493] ^ [ 13.555610] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.556542] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.557186] ================================================================== [ 13.161550] ================================================================== [ 13.162313] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 13.162593] Write of size 1 at addr ffff8881003412c9 by task kunit_try_catch/178 [ 13.162890] [ 13.163041] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.163104] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.163119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.163154] Call Trace: [ 13.163181] <TASK> [ 13.163218] dump_stack_lvl+0x73/0xb0 [ 13.163284] print_report+0xd1/0x650 [ 13.163331] ? __virt_addr_valid+0x1db/0x2d0 [ 13.163376] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.163417] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.163461] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.163508] kasan_report+0x141/0x180 [ 13.163552] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 13.164284] __asan_report_store1_noabort+0x1b/0x30 [ 13.164328] krealloc_less_oob_helper+0xd70/0x11d0 [ 13.164357] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.164382] ? finish_task_switch.isra.0+0x153/0x700 [ 13.164410] ? __switch_to+0x5d9/0xf60 [ 13.164433] ? dequeue_task_fair+0x166/0x4e0 [ 13.164458] ? __schedule+0x10cc/0x2b30 [ 13.164480] ? __pfx_read_tsc+0x10/0x10 [ 13.164504] krealloc_less_oob+0x1c/0x30 [ 13.164525] kunit_try_run_case+0x1a5/0x480 [ 13.164552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164587] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.164620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.164667] ? __kthread_parkme+0x82/0x180 [ 13.164697] ? preempt_count_sub+0x50/0x80 [ 13.164720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.164743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.164765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.164786] kthread+0x337/0x6f0 [ 13.164803] ? trace_preempt_on+0x20/0xc0 [ 13.164827] ? __pfx_kthread+0x10/0x10 [ 13.164845] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.164865] ? calculate_sigpending+0x7b/0xa0 [ 13.164887] ? __pfx_kthread+0x10/0x10 [ 13.164904] ret_from_fork+0x41/0x80 [ 13.164924] ? __pfx_kthread+0x10/0x10 [ 13.164941] ret_from_fork_asm+0x1a/0x30 [ 13.164970] </TASK> [ 13.164983] [ 13.177739] Allocated by task 178: [ 13.178009] kasan_save_stack+0x45/0x70 [ 13.178269] kasan_save_track+0x18/0x40 [ 13.178516] kasan_save_alloc_info+0x3b/0x50 [ 13.179826] __kasan_krealloc+0x190/0x1f0 [ 13.180246] krealloc_noprof+0xf3/0x340 [ 13.180536] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.181394] krealloc_less_oob+0x1c/0x30 [ 13.181973] kunit_try_run_case+0x1a5/0x480 [ 13.182276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.182464] kthread+0x337/0x6f0 [ 13.182721] ret_from_fork+0x41/0x80 [ 13.183503] ret_from_fork_asm+0x1a/0x30 [ 13.184079] [ 13.184195] The buggy address belongs to the object at ffff888100341200 [ 13.184195] which belongs to the cache kmalloc-256 of size 256 [ 13.185097] The buggy address is located 0 bytes to the right of [ 13.185097] allocated 201-byte region [ffff888100341200, ffff8881003412c9) [ 13.185989] [ 13.186182] The buggy address belongs to the physical page: [ 13.186589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.186891] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.187195] flags: 0x200000000000040(head|node=0|zone=2) [ 13.187401] page_type: f5(slab) [ 13.187534] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.187940] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.188162] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.188380] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.189859] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.190117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.190336] page dumped because: kasan: bad access detected [ 13.190505] [ 13.190606] Memory state around the buggy address: [ 13.190796] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.191053] ffff888100341200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.192354] >ffff888100341280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.193142] ^ [ 13.193408] ffff888100341300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.193857] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.194431] ================================================================== [ 13.494428] ================================================================== [ 13.495068] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.495520] Write of size 1 at addr ffff8881029be0ea by task kunit_try_catch/182 [ 13.496115] [ 13.496335] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.496450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.496477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.496517] Call Trace: [ 13.496553] <TASK> [ 13.496596] dump_stack_lvl+0x73/0xb0 [ 13.497193] print_report+0xd1/0x650 [ 13.498148] ? __virt_addr_valid+0x1db/0x2d0 [ 13.498237] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.498723] ? kasan_addr_to_slab+0x11/0xa0 [ 13.498763] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.498801] kasan_report+0x141/0x180 [ 13.498841] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.498886] __asan_report_store1_noabort+0x1b/0x30 [ 13.498918] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.498955] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.498990] ? finish_task_switch.isra.0+0x153/0x700 [ 13.499025] ? __switch_to+0x5d9/0xf60 [ 13.499053] ? dequeue_task_fair+0x166/0x4e0 [ 13.499089] ? __schedule+0x10cc/0x2b30 [ 13.499140] ? __pfx_read_tsc+0x10/0x10 [ 13.499187] krealloc_large_less_oob+0x1c/0x30 [ 13.499229] kunit_try_run_case+0x1a5/0x480 [ 13.499275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.499310] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.499343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.499377] ? __kthread_parkme+0x82/0x180 [ 13.499410] ? preempt_count_sub+0x50/0x80 [ 13.499627] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.499677] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.499722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.499763] kthread+0x337/0x6f0 [ 13.499797] ? trace_preempt_on+0x20/0xc0 [ 13.499841] ? __pfx_kthread+0x10/0x10 [ 13.499876] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.499915] ? calculate_sigpending+0x7b/0xa0 [ 13.499955] ? __pfx_kthread+0x10/0x10 [ 13.499992] ret_from_fork+0x41/0x80 [ 13.500031] ? __pfx_kthread+0x10/0x10 [ 13.500064] ret_from_fork_asm+0x1a/0x30 [ 13.500117] </TASK> [ 13.500141] [ 13.518284] The buggy address belongs to the physical page: [ 13.518483] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.519983] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.520234] flags: 0x200000000000040(head|node=0|zone=2) [ 13.520418] page_type: f8(unknown) [ 13.520554] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.521123] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.521363] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.521586] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.522241] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.523213] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.523781] page dumped because: kasan: bad access detected [ 13.524004] [ 13.524386] Memory state around the buggy address: [ 13.524926] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.525916] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.526158] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.526768] ^ [ 13.527311] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.527624] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.528251] ================================================================== [ 13.270268] ================================================================== [ 13.270510] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 13.270795] Write of size 1 at addr ffff8881003412ea by task kunit_try_catch/178 [ 13.271316] [ 13.271446] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.271507] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.271521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.271546] Call Trace: [ 13.271582] <TASK> [ 13.271611] dump_stack_lvl+0x73/0xb0 [ 13.271669] print_report+0xd1/0x650 [ 13.271708] ? __virt_addr_valid+0x1db/0x2d0 [ 13.271747] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.271777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.271802] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.271828] kasan_report+0x141/0x180 [ 13.271852] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 13.271883] __asan_report_store1_noabort+0x1b/0x30 [ 13.271905] krealloc_less_oob_helper+0xe90/0x11d0 [ 13.271933] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.271957] ? finish_task_switch.isra.0+0x153/0x700 [ 13.271981] ? __switch_to+0x5d9/0xf60 [ 13.272001] ? dequeue_task_fair+0x166/0x4e0 [ 13.272025] ? __schedule+0x10cc/0x2b30 [ 13.272047] ? __pfx_read_tsc+0x10/0x10 [ 13.272071] krealloc_less_oob+0x1c/0x30 [ 13.272093] kunit_try_run_case+0x1a5/0x480 [ 13.272118] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.272139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.272163] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.272184] ? __kthread_parkme+0x82/0x180 [ 13.272206] ? preempt_count_sub+0x50/0x80 [ 13.272230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.272252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.272273] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.272295] kthread+0x337/0x6f0 [ 13.272312] ? trace_preempt_on+0x20/0xc0 [ 13.272335] ? __pfx_kthread+0x10/0x10 [ 13.272353] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.272373] ? calculate_sigpending+0x7b/0xa0 [ 13.272394] ? __pfx_kthread+0x10/0x10 [ 13.272412] ret_from_fork+0x41/0x80 [ 13.272433] ? __pfx_kthread+0x10/0x10 [ 13.272450] ret_from_fork_asm+0x1a/0x30 [ 13.272480] </TASK> [ 13.272493] [ 13.289260] Allocated by task 178: [ 13.289534] kasan_save_stack+0x45/0x70 [ 13.289837] kasan_save_track+0x18/0x40 [ 13.290110] kasan_save_alloc_info+0x3b/0x50 [ 13.290444] __kasan_krealloc+0x190/0x1f0 [ 13.290886] krealloc_noprof+0xf3/0x340 [ 13.291127] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.291363] krealloc_less_oob+0x1c/0x30 [ 13.291593] kunit_try_run_case+0x1a5/0x480 [ 13.292070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.292671] kthread+0x337/0x6f0 [ 13.293014] ret_from_fork+0x41/0x80 [ 13.293321] ret_from_fork_asm+0x1a/0x30 [ 13.293521] [ 13.293982] The buggy address belongs to the object at ffff888100341200 [ 13.293982] which belongs to the cache kmalloc-256 of size 256 [ 13.295107] The buggy address is located 33 bytes to the right of [ 13.295107] allocated 201-byte region [ffff888100341200, ffff8881003412c9) [ 13.295711] [ 13.295843] The buggy address belongs to the physical page: [ 13.296430] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.297073] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.297340] flags: 0x200000000000040(head|node=0|zone=2) [ 13.297898] page_type: f5(slab) [ 13.298284] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.299231] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.299539] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.300101] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.301401] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.301799] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.302228] page dumped because: kasan: bad access detected [ 13.302515] [ 13.302686] Memory state around the buggy address: [ 13.303059] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.303340] ffff888100341200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.303904] >ffff888100341280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.304318] ^ [ 13.305636] ffff888100341300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.305910] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.306475] ================================================================== [ 13.230329] ================================================================== [ 13.230827] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.231434] Write of size 1 at addr ffff8881003412da by task kunit_try_catch/178 [ 13.232524] [ 13.233532] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.234073] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.234112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.234151] Call Trace: [ 13.234190] <TASK> [ 13.234224] dump_stack_lvl+0x73/0xb0 [ 13.234284] print_report+0xd1/0x650 [ 13.234325] ? __virt_addr_valid+0x1db/0x2d0 [ 13.234363] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.234403] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.234442] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.234482] kasan_report+0x141/0x180 [ 13.234520] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.235044] __asan_report_store1_noabort+0x1b/0x30 [ 13.235148] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.235204] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.235248] ? finish_task_switch.isra.0+0x153/0x700 [ 13.235291] ? __switch_to+0x5d9/0xf60 [ 13.235326] ? dequeue_task_fair+0x166/0x4e0 [ 13.235362] ? __schedule+0x10cc/0x2b30 [ 13.235397] ? __pfx_read_tsc+0x10/0x10 [ 13.235432] krealloc_less_oob+0x1c/0x30 [ 13.235466] kunit_try_run_case+0x1a5/0x480 [ 13.235507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.235604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.235643] ? __kthread_parkme+0x82/0x180 [ 13.235683] ? preempt_count_sub+0x50/0x80 [ 13.235721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.235757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.235790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.235824] kthread+0x337/0x6f0 [ 13.235850] ? trace_preempt_on+0x20/0xc0 [ 13.235884] ? __pfx_kthread+0x10/0x10 [ 13.235915] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.235937] ? calculate_sigpending+0x7b/0xa0 [ 13.235959] ? __pfx_kthread+0x10/0x10 [ 13.235978] ret_from_fork+0x41/0x80 [ 13.235999] ? __pfx_kthread+0x10/0x10 [ 13.236017] ret_from_fork_asm+0x1a/0x30 [ 13.236049] </TASK> [ 13.236063] [ 13.253176] Allocated by task 178: [ 13.253530] kasan_save_stack+0x45/0x70 [ 13.253725] kasan_save_track+0x18/0x40 [ 13.254498] kasan_save_alloc_info+0x3b/0x50 [ 13.254831] __kasan_krealloc+0x190/0x1f0 [ 13.255004] krealloc_noprof+0xf3/0x340 [ 13.255163] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.255290] krealloc_less_oob+0x1c/0x30 [ 13.255385] kunit_try_run_case+0x1a5/0x480 [ 13.255482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.255628] kthread+0x337/0x6f0 [ 13.255771] ret_from_fork+0x41/0x80 [ 13.255911] ret_from_fork_asm+0x1a/0x30 [ 13.256167] [ 13.256353] The buggy address belongs to the object at ffff888100341200 [ 13.256353] which belongs to the cache kmalloc-256 of size 256 [ 13.257355] The buggy address is located 17 bytes to the right of [ 13.257355] allocated 201-byte region [ffff888100341200, ffff8881003412c9) [ 13.258418] [ 13.258629] The buggy address belongs to the physical page: [ 13.259119] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.259821] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.260355] flags: 0x200000000000040(head|node=0|zone=2) [ 13.260900] page_type: f5(slab) [ 13.261177] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.261911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.262509] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.263105] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.263697] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.264163] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.264458] page dumped because: kasan: bad access detected [ 13.265190] [ 13.265313] Memory state around the buggy address: [ 13.265739] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.266283] ffff888100341200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.266986] >ffff888100341280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.267567] ^ [ 13.268155] ffff888100341300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.268539] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.269620] ================================================================== [ 13.195115] ================================================================== [ 13.195308] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 13.195477] Write of size 1 at addr ffff8881003412d0 by task kunit_try_catch/178 [ 13.195768] [ 13.197236] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.197391] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.197420] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.197454] Call Trace: [ 13.197492] <TASK> [ 13.197526] dump_stack_lvl+0x73/0xb0 [ 13.197597] print_report+0xd1/0x650 [ 13.198025] ? __virt_addr_valid+0x1db/0x2d0 [ 13.198052] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.198076] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.198097] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.198120] kasan_report+0x141/0x180 [ 13.198141] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 13.198168] __asan_report_store1_noabort+0x1b/0x30 [ 13.198187] krealloc_less_oob_helper+0xe23/0x11d0 [ 13.198212] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.198235] ? finish_task_switch.isra.0+0x153/0x700 [ 13.198258] ? __switch_to+0x5d9/0xf60 [ 13.198277] ? dequeue_task_fair+0x166/0x4e0 [ 13.198300] ? __schedule+0x10cc/0x2b30 [ 13.198322] ? __pfx_read_tsc+0x10/0x10 [ 13.198344] krealloc_less_oob+0x1c/0x30 [ 13.198365] kunit_try_run_case+0x1a5/0x480 [ 13.198388] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.198408] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.198431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.198452] ? __kthread_parkme+0x82/0x180 [ 13.198473] ? preempt_count_sub+0x50/0x80 [ 13.198497] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.198518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.198539] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.198581] kthread+0x337/0x6f0 [ 13.198606] ? trace_preempt_on+0x20/0xc0 [ 13.198671] ? __pfx_kthread+0x10/0x10 [ 13.198700] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.198733] ? calculate_sigpending+0x7b/0xa0 [ 13.198761] ? __pfx_kthread+0x10/0x10 [ 13.198779] ret_from_fork+0x41/0x80 [ 13.198800] ? __pfx_kthread+0x10/0x10 [ 13.198817] ret_from_fork_asm+0x1a/0x30 [ 13.198847] </TASK> [ 13.198861] [ 13.210076] Allocated by task 178: [ 13.210739] kasan_save_stack+0x45/0x70 [ 13.211336] kasan_save_track+0x18/0x40 [ 13.212011] kasan_save_alloc_info+0x3b/0x50 [ 13.212427] __kasan_krealloc+0x190/0x1f0 [ 13.212960] krealloc_noprof+0xf3/0x340 [ 13.213262] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.213625] krealloc_less_oob+0x1c/0x30 [ 13.214076] kunit_try_run_case+0x1a5/0x480 [ 13.214375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.214919] kthread+0x337/0x6f0 [ 13.215546] ret_from_fork+0x41/0x80 [ 13.215974] ret_from_fork_asm+0x1a/0x30 [ 13.216167] [ 13.216249] The buggy address belongs to the object at ffff888100341200 [ 13.216249] which belongs to the cache kmalloc-256 of size 256 [ 13.216600] The buggy address is located 7 bytes to the right of [ 13.216600] allocated 201-byte region [ffff888100341200, ffff8881003412c9) [ 13.217966] [ 13.218266] The buggy address belongs to the physical page: [ 13.219051] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.219742] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.220117] flags: 0x200000000000040(head|node=0|zone=2) [ 13.220396] page_type: f5(slab) [ 13.220681] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.221515] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.222198] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.222439] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.223449] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.224085] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.224606] page dumped because: kasan: bad access detected [ 13.224828] [ 13.224987] Memory state around the buggy address: [ 13.225251] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.225536] ffff888100341200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.226618] >ffff888100341280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.227447] ^ [ 13.228061] ffff888100341300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.228586] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.229008] ================================================================== [ 13.467549] ================================================================== [ 13.468017] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 13.468502] Write of size 1 at addr ffff8881029be0da by task kunit_try_catch/182 [ 13.469249] [ 13.469847] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.469911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.469924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.469946] Call Trace: [ 13.469964] <TASK> [ 13.469984] dump_stack_lvl+0x73/0xb0 [ 13.470021] print_report+0xd1/0x650 [ 13.470044] ? __virt_addr_valid+0x1db/0x2d0 [ 13.470065] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.470086] ? kasan_addr_to_slab+0x11/0xa0 [ 13.470106] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.470127] kasan_report+0x141/0x180 [ 13.470148] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 13.470174] __asan_report_store1_noabort+0x1b/0x30 [ 13.470193] krealloc_less_oob_helper+0xec6/0x11d0 [ 13.470216] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.470238] ? finish_task_switch.isra.0+0x153/0x700 [ 13.470260] ? __switch_to+0x5d9/0xf60 [ 13.470279] ? dequeue_task_fair+0x166/0x4e0 [ 13.470301] ? __schedule+0x10cc/0x2b30 [ 13.470322] ? __pfx_read_tsc+0x10/0x10 [ 13.470343] krealloc_large_less_oob+0x1c/0x30 [ 13.470364] kunit_try_run_case+0x1a5/0x480 [ 13.470386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.470406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.470426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.470446] ? __kthread_parkme+0x82/0x180 [ 13.470466] ? preempt_count_sub+0x50/0x80 [ 13.470488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.470508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.470529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.470549] kthread+0x337/0x6f0 [ 13.470589] ? trace_preempt_on+0x20/0xc0 [ 13.470625] ? __pfx_kthread+0x10/0x10 [ 13.470656] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.470692] ? calculate_sigpending+0x7b/0xa0 [ 13.470727] ? __pfx_kthread+0x10/0x10 [ 13.471193] ret_from_fork+0x41/0x80 [ 13.471224] ? __pfx_kthread+0x10/0x10 [ 13.471243] ret_from_fork_asm+0x1a/0x30 [ 13.471274] </TASK> [ 13.471287] [ 13.482835] The buggy address belongs to the physical page: [ 13.483285] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.484375] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.485039] flags: 0x200000000000040(head|node=0|zone=2) [ 13.485502] page_type: f8(unknown) [ 13.485934] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.486779] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.487229] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.487749] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.488089] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.488425] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.489226] page dumped because: kasan: bad access detected [ 13.489583] [ 13.489931] Memory state around the buggy address: [ 13.490278] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.490941] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.491333] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 13.492036] ^ [ 13.492310] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.493201] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.493526] ================================================================== [ 13.307309] ================================================================== [ 13.307879] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 13.308539] Write of size 1 at addr ffff8881003412eb by task kunit_try_catch/178 [ 13.309423] [ 13.309651] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.309740] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.309764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.309802] Call Trace: [ 13.309841] <TASK> [ 13.309880] dump_stack_lvl+0x73/0xb0 [ 13.309943] print_report+0xd1/0x650 [ 13.309990] ? __virt_addr_valid+0x1db/0x2d0 [ 13.310035] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310079] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.310294] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310347] kasan_report+0x141/0x180 [ 13.310396] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310458] __asan_report_store1_noabort+0x1b/0x30 [ 13.310501] krealloc_less_oob_helper+0xd47/0x11d0 [ 13.310546] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 13.310595] ? finish_task_switch.isra.0+0x153/0x700 [ 13.310688] ? __switch_to+0x5d9/0xf60 [ 13.310740] ? dequeue_task_fair+0x166/0x4e0 [ 13.310769] ? __schedule+0x10cc/0x2b30 [ 13.310793] ? __pfx_read_tsc+0x10/0x10 [ 13.310817] krealloc_less_oob+0x1c/0x30 [ 13.310841] kunit_try_run_case+0x1a5/0x480 [ 13.310866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.310888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.310912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.310935] ? __kthread_parkme+0x82/0x180 [ 13.310957] ? preempt_count_sub+0x50/0x80 [ 13.310982] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.311005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.311027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.311049] kthread+0x337/0x6f0 [ 13.311067] ? trace_preempt_on+0x20/0xc0 [ 13.311090] ? __pfx_kthread+0x10/0x10 [ 13.311108] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.311129] ? calculate_sigpending+0x7b/0xa0 [ 13.311165] ? __pfx_kthread+0x10/0x10 [ 13.311184] ret_from_fork+0x41/0x80 [ 13.311206] ? __pfx_kthread+0x10/0x10 [ 13.311225] ret_from_fork_asm+0x1a/0x30 [ 13.311258] </TASK> [ 13.311272] [ 13.324157] Allocated by task 178: [ 13.324310] kasan_save_stack+0x45/0x70 [ 13.324469] kasan_save_track+0x18/0x40 [ 13.324978] kasan_save_alloc_info+0x3b/0x50 [ 13.325968] __kasan_krealloc+0x190/0x1f0 [ 13.326232] krealloc_noprof+0xf3/0x340 [ 13.326532] krealloc_less_oob_helper+0x1aa/0x11d0 [ 13.326813] krealloc_less_oob+0x1c/0x30 [ 13.328050] kunit_try_run_case+0x1a5/0x480 [ 13.328356] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.329090] kthread+0x337/0x6f0 [ 13.329379] ret_from_fork+0x41/0x80 [ 13.329769] ret_from_fork_asm+0x1a/0x30 [ 13.329995] [ 13.330179] The buggy address belongs to the object at ffff888100341200 [ 13.330179] which belongs to the cache kmalloc-256 of size 256 [ 13.331194] The buggy address is located 34 bytes to the right of [ 13.331194] allocated 201-byte region [ffff888100341200, ffff8881003412c9) [ 13.331992] [ 13.332204] The buggy address belongs to the physical page: [ 13.332693] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100340 [ 13.333237] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.333787] flags: 0x200000000000040(head|node=0|zone=2) [ 13.334339] page_type: f5(slab) [ 13.334515] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.335038] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.336242] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.337041] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.337352] head: 0200000000000001 ffffea000400d001 00000000ffffffff 00000000ffffffff [ 13.337932] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.338578] page dumped because: kasan: bad access detected [ 13.339067] [ 13.339296] Memory state around the buggy address: [ 13.339511] ffff888100341180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.340404] ffff888100341200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.340992] >ffff888100341280: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 13.341641] ^ [ 13.342234] ffff888100341300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.342477] ffff888100341380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.343140] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 13.098392] ================================================================== [ 13.099080] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.099304] Write of size 1 at addr ffff888100aaf2eb by task kunit_try_catch/176 [ 13.099443] [ 13.099524] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.099597] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.099611] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.099634] Call Trace: [ 13.099649] <TASK> [ 13.099680] dump_stack_lvl+0x73/0xb0 [ 13.099712] print_report+0xd1/0x650 [ 13.099736] ? __virt_addr_valid+0x1db/0x2d0 [ 13.099758] ? krealloc_more_oob_helper+0x821/0x930 [ 13.099777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.099799] ? krealloc_more_oob_helper+0x821/0x930 [ 13.099818] kasan_report+0x141/0x180 [ 13.099840] ? krealloc_more_oob_helper+0x821/0x930 [ 13.099863] __asan_report_store1_noabort+0x1b/0x30 [ 13.099883] krealloc_more_oob_helper+0x821/0x930 [ 13.099901] ? __schedule+0x10cc/0x2b30 [ 13.099923] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.099943] ? finish_task_switch.isra.0+0x153/0x700 [ 13.099967] ? __switch_to+0x5d9/0xf60 [ 13.099988] ? dequeue_task_fair+0x166/0x4e0 [ 13.100011] ? __schedule+0x10cc/0x2b30 [ 13.100031] ? __pfx_read_tsc+0x10/0x10 [ 13.100053] krealloc_more_oob+0x1c/0x30 [ 13.100071] kunit_try_run_case+0x1a5/0x480 [ 13.100094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.100114] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.100136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.100157] ? __kthread_parkme+0x82/0x180 [ 13.100178] ? preempt_count_sub+0x50/0x80 [ 13.100201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.100222] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.100244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.100265] kthread+0x337/0x6f0 [ 13.100282] ? trace_preempt_on+0x20/0xc0 [ 13.100305] ? __pfx_kthread+0x10/0x10 [ 13.100322] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.100342] ? calculate_sigpending+0x7b/0xa0 [ 13.100363] ? __pfx_kthread+0x10/0x10 [ 13.100381] ret_from_fork+0x41/0x80 [ 13.100401] ? __pfx_kthread+0x10/0x10 [ 13.100418] ret_from_fork_asm+0x1a/0x30 [ 13.100446] </TASK> [ 13.100458] [ 13.111458] Allocated by task 176: [ 13.111804] kasan_save_stack+0x45/0x70 [ 13.112165] kasan_save_track+0x18/0x40 [ 13.112453] kasan_save_alloc_info+0x3b/0x50 [ 13.112784] __kasan_krealloc+0x190/0x1f0 [ 13.113027] krealloc_noprof+0xf3/0x340 [ 13.113280] krealloc_more_oob_helper+0x1a9/0x930 [ 13.113592] krealloc_more_oob+0x1c/0x30 [ 13.113905] kunit_try_run_case+0x1a5/0x480 [ 13.114146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.114425] kthread+0x337/0x6f0 [ 13.114729] ret_from_fork+0x41/0x80 [ 13.114967] ret_from_fork_asm+0x1a/0x30 [ 13.115180] [ 13.115337] The buggy address belongs to the object at ffff888100aaf200 [ 13.115337] which belongs to the cache kmalloc-256 of size 256 [ 13.116007] The buggy address is located 0 bytes to the right of [ 13.116007] allocated 235-byte region [ffff888100aaf200, ffff888100aaf2eb) [ 13.116681] [ 13.116857] The buggy address belongs to the physical page: [ 13.117181] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 13.117601] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.118036] flags: 0x200000000000040(head|node=0|zone=2) [ 13.118453] page_type: f5(slab) [ 13.118729] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.119256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.119622] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.120120] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.120509] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 13.121033] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.121396] page dumped because: kasan: bad access detected [ 13.121760] [ 13.121868] Memory state around the buggy address: [ 13.122066] ffff888100aaf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.122315] ffff888100aaf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.122573] >ffff888100aaf280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.123075] ^ [ 13.123580] ffff888100aaf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.124088] ffff888100aaf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.124583] ================================================================== [ 13.349283] ================================================================== [ 13.350155] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 13.350552] Write of size 1 at addr ffff8881029be0eb by task kunit_try_catch/180 [ 13.351609] [ 13.352054] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.352119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.352132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.352162] Call Trace: [ 13.352187] <TASK> [ 13.352218] dump_stack_lvl+0x73/0xb0 [ 13.352278] print_report+0xd1/0x650 [ 13.352344] ? __virt_addr_valid+0x1db/0x2d0 [ 13.352376] ? krealloc_more_oob_helper+0x821/0x930 [ 13.352395] ? kasan_addr_to_slab+0x11/0xa0 [ 13.352423] ? krealloc_more_oob_helper+0x821/0x930 [ 13.352456] kasan_report+0x141/0x180 [ 13.352480] ? krealloc_more_oob_helper+0x821/0x930 [ 13.352503] __asan_report_store1_noabort+0x1b/0x30 [ 13.352523] krealloc_more_oob_helper+0x821/0x930 [ 13.352541] ? __schedule+0x10cc/0x2b30 [ 13.352584] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.352616] ? finish_task_switch.isra.0+0x153/0x700 [ 13.352658] ? __switch_to+0x5d9/0xf60 [ 13.352693] ? dequeue_task_fair+0x166/0x4e0 [ 13.352740] ? __schedule+0x10cc/0x2b30 [ 13.352775] ? __pfx_read_tsc+0x10/0x10 [ 13.352801] krealloc_large_more_oob+0x1c/0x30 [ 13.352821] kunit_try_run_case+0x1a5/0x480 [ 13.352846] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.352867] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.352891] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.352912] ? __kthread_parkme+0x82/0x180 [ 13.352934] ? preempt_count_sub+0x50/0x80 [ 13.352958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.352980] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.353001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.353022] kthread+0x337/0x6f0 [ 13.353039] ? trace_preempt_on+0x20/0xc0 [ 13.353063] ? __pfx_kthread+0x10/0x10 [ 13.353080] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.353100] ? calculate_sigpending+0x7b/0xa0 [ 13.353122] ? __pfx_kthread+0x10/0x10 [ 13.353140] ret_from_fork+0x41/0x80 [ 13.353159] ? __pfx_kthread+0x10/0x10 [ 13.353177] ret_from_fork_asm+0x1a/0x30 [ 13.353206] </TASK> [ 13.353219] [ 13.367932] The buggy address belongs to the physical page: [ 13.368683] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.369337] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.370081] flags: 0x200000000000040(head|node=0|zone=2) [ 13.370549] page_type: f8(unknown) [ 13.370748] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.371265] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.372098] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.372679] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.373402] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.373953] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.374401] page dumped because: kasan: bad access detected [ 13.374784] [ 13.374889] Memory state around the buggy address: [ 13.375206] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.375636] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.375966] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.376393] ^ [ 13.377671] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.378117] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.378340] ================================================================== [ 13.378951] ================================================================== [ 13.379219] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.379497] Write of size 1 at addr ffff8881029be0f0 by task kunit_try_catch/180 [ 13.381193] [ 13.381384] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.382401] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.382425] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.382448] Call Trace: [ 13.382466] <TASK> [ 13.382486] dump_stack_lvl+0x73/0xb0 [ 13.382525] print_report+0xd1/0x650 [ 13.382548] ? __virt_addr_valid+0x1db/0x2d0 [ 13.382596] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.382625] ? kasan_addr_to_slab+0x11/0xa0 [ 13.382657] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.382686] kasan_report+0x141/0x180 [ 13.382717] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.382752] __asan_report_store1_noabort+0x1b/0x30 [ 13.382784] krealloc_more_oob_helper+0x7eb/0x930 [ 13.382810] ? __schedule+0x10cc/0x2b30 [ 13.382832] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.382851] ? finish_task_switch.isra.0+0x153/0x700 [ 13.382875] ? __switch_to+0x5d9/0xf60 [ 13.382895] ? dequeue_task_fair+0x166/0x4e0 [ 13.382917] ? __schedule+0x10cc/0x2b30 [ 13.382937] ? __pfx_read_tsc+0x10/0x10 [ 13.382959] krealloc_large_more_oob+0x1c/0x30 [ 13.382977] kunit_try_run_case+0x1a5/0x480 [ 13.383001] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.383021] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.383042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.383063] ? __kthread_parkme+0x82/0x180 [ 13.383084] ? preempt_count_sub+0x50/0x80 [ 13.383106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.383128] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.383161] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.383185] kthread+0x337/0x6f0 [ 13.383204] ? trace_preempt_on+0x20/0xc0 [ 13.383229] ? __pfx_kthread+0x10/0x10 [ 13.383249] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.383270] ? calculate_sigpending+0x7b/0xa0 [ 13.383294] ? __pfx_kthread+0x10/0x10 [ 13.383312] ret_from_fork+0x41/0x80 [ 13.383332] ? __pfx_kthread+0x10/0x10 [ 13.383349] ret_from_fork_asm+0x1a/0x30 [ 13.383379] </TASK> [ 13.383392] [ 13.397308] The buggy address belongs to the physical page: [ 13.398238] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029bc [ 13.399047] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.399483] flags: 0x200000000000040(head|node=0|zone=2) [ 13.400074] page_type: f8(unknown) [ 13.400234] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.400447] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.401500] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.402051] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.402796] head: 0200000000000002 ffffea00040a6f01 00000000ffffffff 00000000ffffffff [ 13.403083] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.403598] page dumped because: kasan: bad access detected [ 13.404225] [ 13.404399] Memory state around the buggy address: [ 13.405223] ffff8881029bdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.405571] ffff8881029be000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.406468] >ffff8881029be080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 13.406957] ^ [ 13.407196] ffff8881029be100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.408056] ffff8881029be180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.408743] ================================================================== [ 13.127459] ================================================================== [ 13.128032] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 13.128458] Write of size 1 at addr ffff888100aaf2f0 by task kunit_try_catch/176 [ 13.129083] [ 13.129271] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.129360] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.129382] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.129419] Call Trace: [ 13.129448] <TASK> [ 13.129486] dump_stack_lvl+0x73/0xb0 [ 13.129543] print_report+0xd1/0x650 [ 13.129595] ? __virt_addr_valid+0x1db/0x2d0 [ 13.130597] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.130639] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.130707] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.130744] kasan_report+0x141/0x180 [ 13.130789] ? krealloc_more_oob_helper+0x7eb/0x930 [ 13.130837] __asan_report_store1_noabort+0x1b/0x30 [ 13.130879] krealloc_more_oob_helper+0x7eb/0x930 [ 13.130913] ? __schedule+0x10cc/0x2b30 [ 13.130952] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 13.130986] ? finish_task_switch.isra.0+0x153/0x700 [ 13.131031] ? __switch_to+0x5d9/0xf60 [ 13.131067] ? dequeue_task_fair+0x166/0x4e0 [ 13.131108] ? __schedule+0x10cc/0x2b30 [ 13.131161] ? __pfx_read_tsc+0x10/0x10 [ 13.131207] krealloc_more_oob+0x1c/0x30 [ 13.131247] kunit_try_run_case+0x1a5/0x480 [ 13.131300] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.131340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.131378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.131418] ? __kthread_parkme+0x82/0x180 [ 13.131457] ? preempt_count_sub+0x50/0x80 [ 13.131502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.131543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.131597] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.131636] kthread+0x337/0x6f0 [ 13.131696] ? trace_preempt_on+0x20/0xc0 [ 13.131742] ? __pfx_kthread+0x10/0x10 [ 13.131778] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.131819] ? calculate_sigpending+0x7b/0xa0 [ 13.131862] ? __pfx_kthread+0x10/0x10 [ 13.131891] ret_from_fork+0x41/0x80 [ 13.131915] ? __pfx_kthread+0x10/0x10 [ 13.131932] ret_from_fork_asm+0x1a/0x30 [ 13.131961] </TASK> [ 13.131975] [ 13.142177] Allocated by task 176: [ 13.142480] kasan_save_stack+0x45/0x70 [ 13.142852] kasan_save_track+0x18/0x40 [ 13.143148] kasan_save_alloc_info+0x3b/0x50 [ 13.143345] __kasan_krealloc+0x190/0x1f0 [ 13.143549] krealloc_noprof+0xf3/0x340 [ 13.143895] krealloc_more_oob_helper+0x1a9/0x930 [ 13.144268] krealloc_more_oob+0x1c/0x30 [ 13.144532] kunit_try_run_case+0x1a5/0x480 [ 13.144905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.145169] kthread+0x337/0x6f0 [ 13.145398] ret_from_fork+0x41/0x80 [ 13.145723] ret_from_fork_asm+0x1a/0x30 [ 13.145947] [ 13.146095] The buggy address belongs to the object at ffff888100aaf200 [ 13.146095] which belongs to the cache kmalloc-256 of size 256 [ 13.146624] The buggy address is located 5 bytes to the right of [ 13.146624] allocated 235-byte region [ffff888100aaf200, ffff888100aaf2eb) [ 13.147228] [ 13.147414] The buggy address belongs to the physical page: [ 13.147680] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aae [ 13.147989] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.148332] flags: 0x200000000000040(head|node=0|zone=2) [ 13.148785] page_type: f5(slab) [ 13.149064] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.149589] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.150140] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 13.150478] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.150884] head: 0200000000000001 ffffea000402ab81 00000000ffffffff 00000000ffffffff [ 13.151255] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 13.151788] page dumped because: kasan: bad access detected [ 13.152133] [ 13.152289] Memory state around the buggy address: [ 13.152477] ffff888100aaf180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.152918] ffff888100aaf200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.153280] >ffff888100aaf280: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 13.153676] ^ [ 13.153927] ffff888100aaf300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.154159] ffff888100aaf380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.154394] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 13.068434] ================================================================== [ 13.069049] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 13.069890] Read of size 1 at addr ffff888103910000 by task kunit_try_catch/174 [ 13.070217] [ 13.070356] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.070446] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.070469] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.070505] Call Trace: [ 13.070533] <TASK> [ 13.070582] dump_stack_lvl+0x73/0xb0 [ 13.070643] print_report+0xd1/0x650 [ 13.070689] ? __virt_addr_valid+0x1db/0x2d0 [ 13.070734] ? page_alloc_uaf+0x356/0x3d0 [ 13.070768] ? kasan_addr_to_slab+0x11/0xa0 [ 13.070800] ? page_alloc_uaf+0x356/0x3d0 [ 13.071248] kasan_report+0x141/0x180 [ 13.071280] ? page_alloc_uaf+0x356/0x3d0 [ 13.071305] __asan_report_load1_noabort+0x18/0x20 [ 13.071326] page_alloc_uaf+0x356/0x3d0 [ 13.071345] ? __pfx_page_alloc_uaf+0x10/0x10 [ 13.071364] ? __schedule+0x10cc/0x2b30 [ 13.071386] ? __pfx_read_tsc+0x10/0x10 [ 13.071405] ? ktime_get_ts64+0x86/0x230 [ 13.071432] kunit_try_run_case+0x1a5/0x480 [ 13.071456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.071498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.071519] ? __kthread_parkme+0x82/0x180 [ 13.071540] ? preempt_count_sub+0x50/0x80 [ 13.071589] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071662] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.071694] kthread+0x337/0x6f0 [ 13.071721] ? trace_preempt_on+0x20/0xc0 [ 13.071773] ? __pfx_kthread+0x10/0x10 [ 13.071797] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.071817] ? calculate_sigpending+0x7b/0xa0 [ 13.071837] ? __pfx_kthread+0x10/0x10 [ 13.071855] ret_from_fork+0x41/0x80 [ 13.071875] ? __pfx_kthread+0x10/0x10 [ 13.071891] ret_from_fork_asm+0x1a/0x30 [ 13.071919] </TASK> [ 13.071932] [ 13.083045] The buggy address belongs to the physical page: [ 13.083533] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 13.084164] flags: 0x200000000000000(node=0|zone=2) [ 13.084441] page_type: f0(buddy) [ 13.084801] raw: 0200000000000000 ffff88817fffb3e0 ffff88817fffb3e0 0000000000000000 [ 13.086019] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 13.087026] page dumped because: kasan: bad access detected [ 13.087290] [ 13.087397] Memory state around the buggy address: [ 13.087730] ffff88810390ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.088571] ffff88810390ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.089738] >ffff888103910000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.090032] ^ [ 13.090496] ffff888103910080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.091281] ffff888103910100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.091908] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-invalid-free-in-kfree
[ 13.033950] ================================================================== [ 13.034500] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 13.035095] Free of addr ffff888102274001 by task kunit_try_catch/170 [ 13.035432] [ 13.036138] CPU: 0 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.036240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.036266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.036304] Call Trace: [ 13.036331] <TASK> [ 13.036366] dump_stack_lvl+0x73/0xb0 [ 13.036425] print_report+0xd1/0x650 [ 13.036465] ? __virt_addr_valid+0x1db/0x2d0 [ 13.036501] ? kasan_addr_to_slab+0x11/0xa0 [ 13.036535] ? kfree+0x274/0x3f0 [ 13.036582] kasan_report_invalid_free+0x10a/0x130 [ 13.036625] ? kfree+0x274/0x3f0 [ 13.036662] ? kfree+0x274/0x3f0 [ 13.036691] __kasan_kfree_large+0x86/0xd0 [ 13.036729] free_large_kmalloc+0x4b/0x110 [ 13.036767] kfree+0x274/0x3f0 [ 13.036806] ? kmalloc_large_invalid_free+0x8f/0x2b0 [ 13.036856] kmalloc_large_invalid_free+0x120/0x2b0 [ 13.036902] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 13.036938] ? __schedule+0x10cc/0x2b30 [ 13.036971] ? __pfx_read_tsc+0x10/0x10 [ 13.037004] ? ktime_get_ts64+0x86/0x230 [ 13.037044] kunit_try_run_case+0x1a5/0x480 [ 13.037077] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.037123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.037145] ? __kthread_parkme+0x82/0x180 [ 13.037168] ? preempt_count_sub+0x50/0x80 [ 13.037193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.037216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.037238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.037260] kthread+0x337/0x6f0 [ 13.037277] ? trace_preempt_on+0x20/0xc0 [ 13.037301] ? __pfx_kthread+0x10/0x10 [ 13.037318] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.037339] ? calculate_sigpending+0x7b/0xa0 [ 13.037360] ? __pfx_kthread+0x10/0x10 [ 13.037378] ret_from_fork+0x41/0x80 [ 13.037399] ? __pfx_kthread+0x10/0x10 [ 13.037416] ret_from_fork_asm+0x1a/0x30 [ 13.037445] </TASK> [ 13.037459] [ 13.047114] The buggy address belongs to the physical page: [ 13.048028] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102274 [ 13.048657] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.049154] flags: 0x200000000000040(head|node=0|zone=2) [ 13.049468] page_type: f8(unknown) [ 13.049719] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.050127] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.050400] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.051107] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.052081] head: 0200000000000002 ffffea0004089d01 00000000ffffffff 00000000ffffffff [ 13.052600] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.053186] page dumped because: kasan: bad access detected [ 13.053415] [ 13.053750] Memory state around the buggy address: [ 13.053979] ffff888102273f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.054350] ffff888102273f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.054603] >ffff888102274000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.054848] ^ [ 13.055312] ffff888102274080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.056018] ffff888102274100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.056527] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 13.003330] ================================================================== [ 13.004393] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 13.004863] Read of size 1 at addr ffff888102274000 by task kunit_try_catch/168 [ 13.005132] [ 13.005244] CPU: 0 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 13.005304] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.005317] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.005341] Call Trace: [ 13.005358] <TASK> [ 13.005379] dump_stack_lvl+0x73/0xb0 [ 13.005417] print_report+0xd1/0x650 [ 13.005442] ? __virt_addr_valid+0x1db/0x2d0 [ 13.005465] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.005486] ? kasan_addr_to_slab+0x11/0xa0 [ 13.005507] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.005528] kasan_report+0x141/0x180 [ 13.005550] ? kmalloc_large_uaf+0x2f1/0x340 [ 13.005603] __asan_report_load1_noabort+0x18/0x20 [ 13.005635] kmalloc_large_uaf+0x2f1/0x340 [ 13.005667] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 13.005700] ? __schedule+0x10cc/0x2b30 [ 13.006312] ? __pfx_read_tsc+0x10/0x10 [ 13.006368] ? ktime_get_ts64+0x86/0x230 [ 13.006479] kunit_try_run_case+0x1a5/0x480 [ 13.006536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.006592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.006638] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.006676] ? __kthread_parkme+0x82/0x180 [ 13.006713] ? preempt_count_sub+0x50/0x80 [ 13.006756] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.006793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.006828] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.006862] kthread+0x337/0x6f0 [ 13.006890] ? trace_preempt_on+0x20/0xc0 [ 13.006930] ? __pfx_kthread+0x10/0x10 [ 13.006958] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.006990] ? calculate_sigpending+0x7b/0xa0 [ 13.007025] ? __pfx_kthread+0x10/0x10 [ 13.007056] ret_from_fork+0x41/0x80 [ 13.007092] ? __pfx_kthread+0x10/0x10 [ 13.007121] ret_from_fork_asm+0x1a/0x30 [ 13.007180] </TASK> [ 13.007197] [ 13.019975] The buggy address belongs to the physical page: [ 13.020971] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102274 [ 13.021352] flags: 0x200000000000000(node=0|zone=2) [ 13.022035] raw: 0200000000000000 ffffea0004089e08 ffff88815b039a80 0000000000000000 [ 13.022467] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.023460] page dumped because: kasan: bad access detected [ 13.023713] [ 13.023885] Memory state around the buggy address: [ 13.024259] ffff888102273f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.024542] ffff888102273f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.025427] >ffff888102274000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.026416] ^ [ 13.026594] ffff888102274080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.026840] ffff888102274100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.027548] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 12.964055] ================================================================== [ 12.964625] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 12.965372] Write of size 1 at addr ffff88810227600a by task kunit_try_catch/166 [ 12.966172] [ 12.966313] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.966376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.966390] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.966413] Call Trace: [ 12.966431] <TASK> [ 12.966454] dump_stack_lvl+0x73/0xb0 [ 12.966499] print_report+0xd1/0x650 [ 12.966526] ? __virt_addr_valid+0x1db/0x2d0 [ 12.966550] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.966603] ? kasan_addr_to_slab+0x11/0xa0 [ 12.966640] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.966681] kasan_report+0x141/0x180 [ 12.966721] ? kmalloc_large_oob_right+0x2e9/0x330 [ 12.966767] __asan_report_store1_noabort+0x1b/0x30 [ 12.966805] kmalloc_large_oob_right+0x2e9/0x330 [ 12.966850] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.966899] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 12.966952] kunit_try_run_case+0x1a5/0x480 [ 12.967347] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.967375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.967402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.967424] ? __kthread_parkme+0x82/0x180 [ 12.967448] ? preempt_count_sub+0x50/0x80 [ 12.967476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.967501] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.967523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.967546] kthread+0x337/0x6f0 [ 12.967578] ? trace_preempt_on+0x20/0xc0 [ 12.967610] ? __pfx_kthread+0x10/0x10 [ 12.967640] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.967674] ? calculate_sigpending+0x7b/0xa0 [ 12.967709] ? __pfx_kthread+0x10/0x10 [ 12.967737] ret_from_fork+0x41/0x80 [ 12.967772] ? __pfx_kthread+0x10/0x10 [ 12.967800] ret_from_fork_asm+0x1a/0x30 [ 12.967842] </TASK> [ 12.967856] [ 12.985471] The buggy address belongs to the physical page: [ 12.986967] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102274 [ 12.987337] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.987922] flags: 0x200000000000040(head|node=0|zone=2) [ 12.988391] page_type: f8(unknown) [ 12.988605] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.989335] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.989857] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.990397] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.991055] head: 0200000000000002 ffffea0004089d01 00000000ffffffff 00000000ffffffff [ 12.991439] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.992457] page dumped because: kasan: bad access detected [ 12.992773] [ 12.993292] Memory state around the buggy address: [ 12.993523] ffff888102275f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.994022] ffff888102275f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.994994] >ffff888102276000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.995514] ^ [ 12.995756] ffff888102276080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.996077] ffff888102276100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.996381] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 12.930033] ================================================================== [ 12.930539] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 12.931253] Write of size 1 at addr ffff8881027cdf00 by task kunit_try_catch/164 [ 12.932250] [ 12.932474] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.932572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.932887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.932929] Call Trace: [ 12.932952] <TASK> [ 12.932983] dump_stack_lvl+0x73/0xb0 [ 12.933038] print_report+0xd1/0x650 [ 12.933072] ? __virt_addr_valid+0x1db/0x2d0 [ 12.933104] ? kmalloc_big_oob_right+0x316/0x370 [ 12.933135] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.933167] ? kmalloc_big_oob_right+0x316/0x370 [ 12.933205] kasan_report+0x141/0x180 [ 12.933246] ? kmalloc_big_oob_right+0x316/0x370 [ 12.933298] __asan_report_store1_noabort+0x1b/0x30 [ 12.933338] kmalloc_big_oob_right+0x316/0x370 [ 12.933381] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.933431] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 12.933474] kunit_try_run_case+0x1a5/0x480 [ 12.933515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933539] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.933586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.933614] ? __kthread_parkme+0x82/0x180 [ 12.933637] ? preempt_count_sub+0x50/0x80 [ 12.933673] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.933702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.933724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.933745] kthread+0x337/0x6f0 [ 12.933762] ? trace_preempt_on+0x20/0xc0 [ 12.933786] ? __pfx_kthread+0x10/0x10 [ 12.933804] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.933824] ? calculate_sigpending+0x7b/0xa0 [ 12.933845] ? __pfx_kthread+0x10/0x10 [ 12.933863] ret_from_fork+0x41/0x80 [ 12.933884] ? __pfx_kthread+0x10/0x10 [ 12.933902] ret_from_fork_asm+0x1a/0x30 [ 12.933931] </TASK> [ 12.933946] [ 12.943330] Allocated by task 164: [ 12.943570] kasan_save_stack+0x45/0x70 [ 12.943820] kasan_save_track+0x18/0x40 [ 12.944022] kasan_save_alloc_info+0x3b/0x50 [ 12.944364] __kasan_kmalloc+0xb7/0xc0 [ 12.944693] __kmalloc_cache_noprof+0x189/0x420 [ 12.945039] kmalloc_big_oob_right+0xa9/0x370 [ 12.945354] kunit_try_run_case+0x1a5/0x480 [ 12.945703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.946088] kthread+0x337/0x6f0 [ 12.946316] ret_from_fork+0x41/0x80 [ 12.946625] ret_from_fork_asm+0x1a/0x30 [ 12.946835] [ 12.946998] The buggy address belongs to the object at ffff8881027cc000 [ 12.946998] which belongs to the cache kmalloc-8k of size 8192 [ 12.947506] The buggy address is located 0 bytes to the right of [ 12.947506] allocated 7936-byte region [ffff8881027cc000, ffff8881027cdf00) [ 12.948386] [ 12.948507] The buggy address belongs to the physical page: [ 12.949033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1027c8 [ 12.949451] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.949753] flags: 0x200000000000040(head|node=0|zone=2) [ 12.950010] page_type: f5(slab) [ 12.950202] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.950797] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.951356] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 12.951952] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 12.952466] head: 0200000000000003 ffffea000409f201 00000000ffffffff 00000000ffffffff [ 12.953011] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.953326] page dumped because: kasan: bad access detected [ 12.953525] [ 12.953677] Memory state around the buggy address: [ 12.954032] ffff8881027cde00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.954462] ffff8881027cde80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.954902] >ffff8881027cdf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.955323] ^ [ 12.955523] ffff8881027cdf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.955837] ffff8881027ce000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.956249] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 12.895891] ================================================================== [ 12.896671] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.897227] Write of size 1 at addr ffff888102d90b78 by task kunit_try_catch/162 [ 12.897921] [ 12.898072] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.898163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.898189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.898229] Call Trace: [ 12.898255] <TASK> [ 12.898290] dump_stack_lvl+0x73/0xb0 [ 12.898350] print_report+0xd1/0x650 [ 12.898379] ? __virt_addr_valid+0x1db/0x2d0 [ 12.898402] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.898422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.898443] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.898462] kasan_report+0x141/0x180 [ 12.898483] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.898519] __asan_report_store1_noabort+0x1b/0x30 [ 12.898548] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 12.898592] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.899020] ? __schedule+0x10cc/0x2b30 [ 12.899045] ? __pfx_read_tsc+0x10/0x10 [ 12.899065] ? ktime_get_ts64+0x86/0x230 [ 12.899092] kunit_try_run_case+0x1a5/0x480 [ 12.899119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.899180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.899203] ? __kthread_parkme+0x82/0x180 [ 12.899225] ? preempt_count_sub+0x50/0x80 [ 12.899251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.899273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.899295] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.899315] kthread+0x337/0x6f0 [ 12.899331] ? trace_preempt_on+0x20/0xc0 [ 12.899354] ? __pfx_kthread+0x10/0x10 [ 12.899371] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.899391] ? calculate_sigpending+0x7b/0xa0 [ 12.899412] ? __pfx_kthread+0x10/0x10 [ 12.899429] ret_from_fork+0x41/0x80 [ 12.899448] ? __pfx_kthread+0x10/0x10 [ 12.899465] ret_from_fork_asm+0x1a/0x30 [ 12.899494] </TASK> [ 12.899508] [ 12.911820] Allocated by task 162: [ 12.912133] kasan_save_stack+0x45/0x70 [ 12.912383] kasan_save_track+0x18/0x40 [ 12.912608] kasan_save_alloc_info+0x3b/0x50 [ 12.912851] __kasan_kmalloc+0xb7/0xc0 [ 12.913092] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.913353] kmalloc_track_caller_oob_right+0x19a/0x520 [ 12.914491] kunit_try_run_case+0x1a5/0x480 [ 12.914664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.914779] kthread+0x337/0x6f0 [ 12.914860] ret_from_fork+0x41/0x80 [ 12.914947] ret_from_fork_asm+0x1a/0x30 [ 12.915038] [ 12.915094] The buggy address belongs to the object at ffff888102d90b00 [ 12.915094] which belongs to the cache kmalloc-128 of size 128 [ 12.915324] The buggy address is located 0 bytes to the right of [ 12.915324] allocated 120-byte region [ffff888102d90b00, ffff888102d90b78) [ 12.915541] [ 12.915690] The buggy address belongs to the physical page: [ 12.916094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 12.916566] flags: 0x200000000000000(node=0|zone=2) [ 12.916775] page_type: f5(slab) [ 12.917096] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.917625] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.918188] page dumped because: kasan: bad access detected [ 12.918721] [ 12.918947] Memory state around the buggy address: [ 12.919334] ffff888102d90a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.919629] ffff888102d90a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920306] >ffff888102d90b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.920928] ^ [ 12.921604] ffff888102d90b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.922301] ffff888102d90c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.922917] ================================================================== [ 12.861207] ================================================================== [ 12.861756] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.862339] Write of size 1 at addr ffff888102d90a78 by task kunit_try_catch/162 [ 12.863187] [ 12.863435] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.863577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.863745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.863793] Call Trace: [ 12.863817] <TASK> [ 12.863849] dump_stack_lvl+0x73/0xb0 [ 12.863913] print_report+0xd1/0x650 [ 12.864355] ? __virt_addr_valid+0x1db/0x2d0 [ 12.864401] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.864424] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.864447] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.864468] kasan_report+0x141/0x180 [ 12.864490] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.864515] __asan_report_store1_noabort+0x1b/0x30 [ 12.864536] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 12.864556] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 12.864616] ? __schedule+0x10cc/0x2b30 [ 12.864676] ? __pfx_read_tsc+0x10/0x10 [ 12.864706] ? ktime_get_ts64+0x86/0x230 [ 12.864743] kunit_try_run_case+0x1a5/0x480 [ 12.864784] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.864809] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.864832] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.864854] ? __kthread_parkme+0x82/0x180 [ 12.864876] ? preempt_count_sub+0x50/0x80 [ 12.864902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.864925] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.864948] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.864969] kthread+0x337/0x6f0 [ 12.864986] ? trace_preempt_on+0x20/0xc0 [ 12.865010] ? __pfx_kthread+0x10/0x10 [ 12.865027] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.865047] ? calculate_sigpending+0x7b/0xa0 [ 12.865067] ? __pfx_kthread+0x10/0x10 [ 12.865085] ret_from_fork+0x41/0x80 [ 12.865104] ? __pfx_kthread+0x10/0x10 [ 12.865122] ret_from_fork_asm+0x1a/0x30 [ 12.865150] </TASK> [ 12.865164] [ 12.878353] Allocated by task 162: [ 12.878635] kasan_save_stack+0x45/0x70 [ 12.878923] kasan_save_track+0x18/0x40 [ 12.879250] kasan_save_alloc_info+0x3b/0x50 [ 12.879531] __kasan_kmalloc+0xb7/0xc0 [ 12.880024] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.880471] kmalloc_track_caller_oob_right+0x99/0x520 [ 12.880949] kunit_try_run_case+0x1a5/0x480 [ 12.881488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.882080] kthread+0x337/0x6f0 [ 12.882411] ret_from_fork+0x41/0x80 [ 12.882902] ret_from_fork_asm+0x1a/0x30 [ 12.883083] [ 12.883186] The buggy address belongs to the object at ffff888102d90a00 [ 12.883186] which belongs to the cache kmalloc-128 of size 128 [ 12.883532] The buggy address is located 0 bytes to the right of [ 12.883532] allocated 120-byte region [ffff888102d90a00, ffff888102d90a78) [ 12.884904] [ 12.885791] The buggy address belongs to the physical page: [ 12.886010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 12.886823] flags: 0x200000000000000(node=0|zone=2) [ 12.887211] page_type: f5(slab) [ 12.887443] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.888462] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.889236] page dumped because: kasan: bad access detected [ 12.889541] [ 12.889685] Memory state around the buggy address: [ 12.890538] ffff888102d90900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.890953] ffff888102d90980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.891423] >ffff888102d90a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 12.892283] ^ [ 12.893043] ffff888102d90a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893289] ffff888102d90b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.893509] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 12.819393] ================================================================== [ 12.820449] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 12.821312] Read of size 1 at addr ffff8881025db000 by task kunit_try_catch/160 [ 12.822341] [ 12.822624] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.822735] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.822761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.822857] Call Trace: [ 12.822887] <TASK> [ 12.822927] dump_stack_lvl+0x73/0xb0 [ 12.823002] print_report+0xd1/0x650 [ 12.823037] ? __virt_addr_valid+0x1db/0x2d0 [ 12.823063] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.823084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.823107] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.823127] kasan_report+0x141/0x180 [ 12.823163] ? kmalloc_node_oob_right+0x369/0x3c0 [ 12.823188] __asan_report_load1_noabort+0x18/0x20 [ 12.823210] kmalloc_node_oob_right+0x369/0x3c0 [ 12.823232] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 12.823255] ? __schedule+0x10cc/0x2b30 [ 12.823279] ? __pfx_read_tsc+0x10/0x10 [ 12.823302] ? ktime_get_ts64+0x86/0x230 [ 12.823332] kunit_try_run_case+0x1a5/0x480 [ 12.823361] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.823384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.823410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.823434] ? __kthread_parkme+0x82/0x180 [ 12.823459] ? preempt_count_sub+0x50/0x80 [ 12.823485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.823508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.823531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.823554] kthread+0x337/0x6f0 [ 12.823604] ? trace_preempt_on+0x20/0xc0 [ 12.823644] ? __pfx_kthread+0x10/0x10 [ 12.823675] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.823709] ? calculate_sigpending+0x7b/0xa0 [ 12.823745] ? __pfx_kthread+0x10/0x10 [ 12.823774] ret_from_fork+0x41/0x80 [ 12.823811] ? __pfx_kthread+0x10/0x10 [ 12.823832] ret_from_fork_asm+0x1a/0x30 [ 12.823865] </TASK> [ 12.823880] [ 12.835591] Allocated by task 160: [ 12.836027] kasan_save_stack+0x45/0x70 [ 12.836391] kasan_save_track+0x18/0x40 [ 12.836659] kasan_save_alloc_info+0x3b/0x50 [ 12.837161] __kasan_kmalloc+0xb7/0xc0 [ 12.837621] __kmalloc_cache_node_noprof+0x188/0x420 [ 12.838078] kmalloc_node_oob_right+0xab/0x3c0 [ 12.838280] kunit_try_run_case+0x1a5/0x480 [ 12.838493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.838722] kthread+0x337/0x6f0 [ 12.838895] ret_from_fork+0x41/0x80 [ 12.839146] ret_from_fork_asm+0x1a/0x30 [ 12.839639] [ 12.840222] The buggy address belongs to the object at ffff8881025da000 [ 12.840222] which belongs to the cache kmalloc-4k of size 4096 [ 12.841240] The buggy address is located 0 bytes to the right of [ 12.841240] allocated 4096-byte region [ffff8881025da000, ffff8881025db000) [ 12.842895] [ 12.843031] The buggy address belongs to the physical page: [ 12.843925] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025d8 [ 12.844607] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.845241] flags: 0x200000000000040(head|node=0|zone=2) [ 12.845922] page_type: f5(slab) [ 12.846101] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.846643] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.847015] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 12.847375] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 12.847687] head: 0200000000000003 ffffea0004097601 00000000ffffffff 00000000ffffffff [ 12.848611] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 12.849246] page dumped because: kasan: bad access detected [ 12.849586] [ 12.849815] Memory state around the buggy address: [ 12.850694] ffff8881025daf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.851165] ffff8881025daf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.851879] >ffff8881025db000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.852538] ^ [ 12.852816] ffff8881025db080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.853553] ffff8881025db100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.854121] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 12.788335] ================================================================== [ 12.788818] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 12.789356] Read of size 1 at addr ffff8881026ac8df by task kunit_try_catch/158 [ 12.789592] [ 12.789723] CPU: 1 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.789804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.789825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.789861] Call Trace: [ 12.789886] <TASK> [ 12.789917] dump_stack_lvl+0x73/0xb0 [ 12.789966] print_report+0xd1/0x650 [ 12.790005] ? __virt_addr_valid+0x1db/0x2d0 [ 12.790042] ? kmalloc_oob_left+0x361/0x3c0 [ 12.790078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.790117] ? kmalloc_oob_left+0x361/0x3c0 [ 12.790156] kasan_report+0x141/0x180 [ 12.790188] ? kmalloc_oob_left+0x361/0x3c0 [ 12.790232] __asan_report_load1_noabort+0x18/0x20 [ 12.790272] kmalloc_oob_left+0x361/0x3c0 [ 12.790309] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.790348] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 12.790387] kunit_try_run_case+0x1a5/0x480 [ 12.790427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.790463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.790507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.790545] ? __kthread_parkme+0x82/0x180 [ 12.790645] ? preempt_count_sub+0x50/0x80 [ 12.790690] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.790730] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.790771] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.790811] kthread+0x337/0x6f0 [ 12.790842] ? trace_preempt_on+0x20/0xc0 [ 12.790887] ? __pfx_kthread+0x10/0x10 [ 12.790919] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.790958] ? calculate_sigpending+0x7b/0xa0 [ 12.790997] ? __pfx_kthread+0x10/0x10 [ 12.791030] ret_from_fork+0x41/0x80 [ 12.791069] ? __pfx_kthread+0x10/0x10 [ 12.791100] ret_from_fork_asm+0x1a/0x30 [ 12.791168] </TASK> [ 12.791196] [ 12.799673] Allocated by task 45: [ 12.800015] kasan_save_stack+0x45/0x70 [ 12.800379] kasan_save_track+0x18/0x40 [ 12.800570] kasan_save_alloc_info+0x3b/0x50 [ 12.800860] __kasan_kmalloc+0xb7/0xc0 [ 12.801275] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 12.801720] kvasprintf+0xc5/0x150 [ 12.801975] __kthread_create_on_node+0x18b/0x3a0 [ 12.802304] kthread_create_on_node+0xab/0xe0 [ 12.802492] create_worker+0x3e5/0x7b0 [ 12.802657] worker_thread+0x992/0x1220 [ 12.802842] kthread+0x337/0x6f0 [ 12.803159] ret_from_fork+0x41/0x80 [ 12.803475] ret_from_fork_asm+0x1a/0x30 [ 12.803769] [ 12.804000] The buggy address belongs to the object at ffff8881026ac8c0 [ 12.804000] which belongs to the cache kmalloc-16 of size 16 [ 12.804534] The buggy address is located 19 bytes to the right of [ 12.804534] allocated 12-byte region [ffff8881026ac8c0, ffff8881026ac8cc) [ 12.805050] [ 12.805321] The buggy address belongs to the physical page: [ 12.805586] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026ac [ 12.806051] flags: 0x200000000000000(node=0|zone=2) [ 12.806441] page_type: f5(slab) [ 12.806716] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.807239] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.807834] page dumped because: kasan: bad access detected [ 12.808041] [ 12.808162] Memory state around the buggy address: [ 12.808399] ffff8881026ac780: fa fb fc fc 00 02 fc fc 00 05 fc fc 00 02 fc fc [ 12.808671] ffff8881026ac800: 00 02 fc fc 00 02 fc fc 00 02 fc fc fa fb fc fc [ 12.809144] >ffff8881026ac880: fa fb fc fc fa fb fc fc 00 04 fc fc 00 07 fc fc [ 12.809514] ^ [ 12.809740] ffff8881026ac900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810392] ffff8881026ac980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.810991] ==================================================================
Failure - log-parser-boot - kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 12.681535] ================================================================== [ 12.682366] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 12.684019] Write of size 1 at addr ffff888102d90973 by task kunit_try_catch/156 [ 12.684293] [ 12.686083] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.686484] Tainted: [N]=TEST [ 12.686526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.687510] Call Trace: [ 12.687679] <TASK> [ 12.687911] dump_stack_lvl+0x73/0xb0 [ 12.688033] print_report+0xd1/0x650 [ 12.688070] ? __virt_addr_valid+0x1db/0x2d0 [ 12.688098] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.688122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.688145] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.688167] kasan_report+0x141/0x180 [ 12.688190] ? kmalloc_oob_right+0x6f0/0x7f0 [ 12.688217] __asan_report_store1_noabort+0x1b/0x30 [ 12.688238] kmalloc_oob_right+0x6f0/0x7f0 [ 12.688262] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.688285] ? __schedule+0x10cc/0x2b30 [ 12.688308] ? __pfx_read_tsc+0x10/0x10 [ 12.688330] ? ktime_get_ts64+0x86/0x230 [ 12.688358] kunit_try_run_case+0x1a5/0x480 [ 12.688384] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.688407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.688431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.688454] ? __kthread_parkme+0x82/0x180 [ 12.688477] ? preempt_count_sub+0x50/0x80 [ 12.688504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.688527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.688549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.688595] kthread+0x337/0x6f0 [ 12.688624] ? trace_preempt_on+0x20/0xc0 [ 12.688668] ? __pfx_kthread+0x10/0x10 [ 12.688700] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.688738] ? calculate_sigpending+0x7b/0xa0 [ 12.688773] ? __pfx_kthread+0x10/0x10 [ 12.688793] ret_from_fork+0x41/0x80 [ 12.688816] ? __pfx_kthread+0x10/0x10 [ 12.688835] ret_from_fork_asm+0x1a/0x30 [ 12.688901] </TASK> [ 12.688987] [ 12.703985] Allocated by task 156: [ 12.705332] kasan_save_stack+0x45/0x70 [ 12.705710] kasan_save_track+0x18/0x40 [ 12.705894] kasan_save_alloc_info+0x3b/0x50 [ 12.706080] __kasan_kmalloc+0xb7/0xc0 [ 12.706249] __kmalloc_cache_noprof+0x189/0x420 [ 12.706436] kmalloc_oob_right+0xa9/0x7f0 [ 12.707295] kunit_try_run_case+0x1a5/0x480 [ 12.708985] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.709583] kthread+0x337/0x6f0 [ 12.710690] ret_from_fork+0x41/0x80 [ 12.710904] ret_from_fork_asm+0x1a/0x30 [ 12.711465] [ 12.711693] The buggy address belongs to the object at ffff888102d90900 [ 12.711693] which belongs to the cache kmalloc-128 of size 128 [ 12.712223] The buggy address is located 0 bytes to the right of [ 12.712223] allocated 115-byte region [ffff888102d90900, ffff888102d90973) [ 12.714262] [ 12.714971] The buggy address belongs to the physical page: [ 12.716899] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 12.717823] flags: 0x200000000000000(node=0|zone=2) [ 12.719497] page_type: f5(slab) [ 12.721066] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.721409] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.722363] page dumped because: kasan: bad access detected [ 12.722861] [ 12.723011] Memory state around the buggy address: [ 12.724122] ffff888102d90800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.724512] ffff888102d90880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.725286] >ffff888102d90900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.726014] ^ [ 12.726536] ffff888102d90980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.727021] ffff888102d90a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.727415] ================================================================== [ 12.755877] ================================================================== [ 12.756692] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 12.757337] Read of size 1 at addr ffff888102d90980 by task kunit_try_catch/156 [ 12.758009] [ 12.758213] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.758354] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.758383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.758426] Call Trace: [ 12.758469] <TASK> [ 12.758505] dump_stack_lvl+0x73/0xb0 [ 12.758582] print_report+0xd1/0x650 [ 12.758633] ? __virt_addr_valid+0x1db/0x2d0 [ 12.758680] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.758725] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.758773] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.758819] kasan_report+0x141/0x180 [ 12.758866] ? kmalloc_oob_right+0x68a/0x7f0 [ 12.758923] __asan_report_load1_noabort+0x18/0x20 [ 12.758968] kmalloc_oob_right+0x68a/0x7f0 [ 12.759008] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.759044] ? __schedule+0x10cc/0x2b30 [ 12.759083] ? __pfx_read_tsc+0x10/0x10 [ 12.759120] ? ktime_get_ts64+0x86/0x230 [ 12.759223] kunit_try_run_case+0x1a5/0x480 [ 12.759292] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.759336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.759403] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.759447] ? __kthread_parkme+0x82/0x180 [ 12.759505] ? preempt_count_sub+0x50/0x80 [ 12.759550] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.759602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.759646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.759687] kthread+0x337/0x6f0 [ 12.759722] ? trace_preempt_on+0x20/0xc0 [ 12.759767] ? __pfx_kthread+0x10/0x10 [ 12.759797] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.759830] ? calculate_sigpending+0x7b/0xa0 [ 12.759863] ? __pfx_kthread+0x10/0x10 [ 12.759899] ret_from_fork+0x41/0x80 [ 12.759940] ? __pfx_kthread+0x10/0x10 [ 12.759979] ret_from_fork_asm+0x1a/0x30 [ 12.760042] </TASK> [ 12.760066] [ 12.770754] Allocated by task 156: [ 12.771031] kasan_save_stack+0x45/0x70 [ 12.771439] kasan_save_track+0x18/0x40 [ 12.771928] kasan_save_alloc_info+0x3b/0x50 [ 12.772196] __kasan_kmalloc+0xb7/0xc0 [ 12.772508] __kmalloc_cache_noprof+0x189/0x420 [ 12.772893] kmalloc_oob_right+0xa9/0x7f0 [ 12.773254] kunit_try_run_case+0x1a5/0x480 [ 12.773445] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.773779] kthread+0x337/0x6f0 [ 12.774025] ret_from_fork+0x41/0x80 [ 12.774325] ret_from_fork_asm+0x1a/0x30 [ 12.774535] [ 12.774779] The buggy address belongs to the object at ffff888102d90900 [ 12.774779] which belongs to the cache kmalloc-128 of size 128 [ 12.775377] The buggy address is located 13 bytes to the right of [ 12.775377] allocated 115-byte region [ffff888102d90900, ffff888102d90973) [ 12.775792] [ 12.775907] The buggy address belongs to the physical page: [ 12.776211] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 12.776821] flags: 0x200000000000000(node=0|zone=2) [ 12.777187] page_type: f5(slab) [ 12.777471] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.778198] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.778522] page dumped because: kasan: bad access detected [ 12.779310] [ 12.779615] Memory state around the buggy address: [ 12.780024] ffff888102d90880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.780245] ffff888102d90900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.780455] >ffff888102d90980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.781032] ^ [ 12.781294] ffff888102d90a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.781521] ffff888102d90a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.782170] ================================================================== [ 12.730931] ================================================================== [ 12.731325] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 12.731756] Write of size 1 at addr ffff888102d90978 by task kunit_try_catch/156 [ 12.732079] [ 12.732346] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 12.732876] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.732900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.732934] Call Trace: [ 12.732954] <TASK> [ 12.732987] dump_stack_lvl+0x73/0xb0 [ 12.733044] print_report+0xd1/0x650 [ 12.733080] ? __virt_addr_valid+0x1db/0x2d0 [ 12.733114] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.733148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.733175] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.733196] kasan_report+0x141/0x180 [ 12.733218] ? kmalloc_oob_right+0x6bd/0x7f0 [ 12.733243] __asan_report_store1_noabort+0x1b/0x30 [ 12.733263] kmalloc_oob_right+0x6bd/0x7f0 [ 12.733285] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 12.733306] ? __schedule+0x10cc/0x2b30 [ 12.733328] ? __pfx_read_tsc+0x10/0x10 [ 12.733348] ? ktime_get_ts64+0x86/0x230 [ 12.733373] kunit_try_run_case+0x1a5/0x480 [ 12.733397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.733418] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.733439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.733460] ? __kthread_parkme+0x82/0x180 [ 12.733481] ? preempt_count_sub+0x50/0x80 [ 12.733506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.733527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.733548] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.733597] kthread+0x337/0x6f0 [ 12.733616] ? trace_preempt_on+0x20/0xc0 [ 12.733640] ? __pfx_kthread+0x10/0x10 [ 12.733665] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.734211] ? calculate_sigpending+0x7b/0xa0 [ 12.734241] ? __pfx_kthread+0x10/0x10 [ 12.734262] ret_from_fork+0x41/0x80 [ 12.734284] ? __pfx_kthread+0x10/0x10 [ 12.734301] ret_from_fork_asm+0x1a/0x30 [ 12.734331] </TASK> [ 12.734345] [ 12.744664] Allocated by task 156: [ 12.744848] kasan_save_stack+0x45/0x70 [ 12.745025] kasan_save_track+0x18/0x40 [ 12.745179] kasan_save_alloc_info+0x3b/0x50 [ 12.745338] __kasan_kmalloc+0xb7/0xc0 [ 12.745479] __kmalloc_cache_noprof+0x189/0x420 [ 12.745651] kmalloc_oob_right+0xa9/0x7f0 [ 12.745817] kunit_try_run_case+0x1a5/0x480 [ 12.746011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.746338] kthread+0x337/0x6f0 [ 12.746709] ret_from_fork+0x41/0x80 [ 12.747043] ret_from_fork_asm+0x1a/0x30 [ 12.747447] [ 12.747659] The buggy address belongs to the object at ffff888102d90900 [ 12.747659] which belongs to the cache kmalloc-128 of size 128 [ 12.748375] The buggy address is located 5 bytes to the right of [ 12.748375] allocated 115-byte region [ffff888102d90900, ffff888102d90973) [ 12.748798] [ 12.748916] The buggy address belongs to the physical page: [ 12.749369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d90 [ 12.749952] flags: 0x200000000000000(node=0|zone=2) [ 12.750347] page_type: f5(slab) [ 12.750699] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.751422] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.751882] page dumped because: kasan: bad access detected [ 12.752107] [ 12.752220] Memory state around the buggy address: [ 12.752416] ffff888102d90800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.752763] ffff888102d90880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.753373] >ffff888102d90900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.753925] ^ [ 12.754228] ffff888102d90980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.754493] ffff888102d90a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.754750] ==================================================================
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 160.698663] WARNING: CPU: 0 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 160.699098] Modules linked in: [ 160.700216] CPU: 0 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 160.700816] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 160.701039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 160.701521] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 160.701966] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 160.703099] RSP: 0000:ffff8881076afc78 EFLAGS: 00010286 [ 160.703432] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 160.703872] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99e239b4 [ 160.704153] RBP: ffff8881076afca0 R08: 0000000000000000 R09: ffffed1020fd7aa0 [ 160.704446] R10: ffff888107ebd507 R11: 0000000000000000 R12: ffffffff99e239a0 [ 160.705056] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881076afd38 [ 160.705301] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 160.705540] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.706508] CR2: ffffffffffffffff CR3: 00000000416ba000 CR4: 00000000000006f0 [ 160.706968] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 160.707270] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 160.707718] Call Trace: [ 160.707884] <TASK> [ 160.708130] drm_test_rect_calc_vscale+0x108/0x270 [ 160.709044] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 160.710084] ? __schedule+0x10cc/0x2b30 [ 160.710310] ? __pfx_read_tsc+0x10/0x10 [ 160.710433] ? ktime_get_ts64+0x86/0x230 [ 160.710569] kunit_try_run_case+0x1a5/0x480 [ 160.711104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.711295] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 160.711594] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 160.711903] ? __kthread_parkme+0x82/0x180 [ 160.712119] ? preempt_count_sub+0x50/0x80 [ 160.712376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.712586] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 160.712862] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 160.713646] kthread+0x337/0x6f0 [ 160.713819] ? trace_preempt_on+0x20/0xc0 [ 160.714049] ? __pfx_kthread+0x10/0x10 [ 160.714289] ? _raw_spin_unlock_irq+0x47/0x80 [ 160.714489] ? calculate_sigpending+0x7b/0xa0 [ 160.714761] ? __pfx_kthread+0x10/0x10 [ 160.715064] ret_from_fork+0x41/0x80 [ 160.715337] ? __pfx_kthread+0x10/0x10 [ 160.716091] ret_from_fork_asm+0x1a/0x30 [ 160.716281] </TASK> [ 160.716420] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 160.676580] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 160.677238] Modules linked in: [ 160.677528] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 160.678008] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 160.678500] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 160.679199] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 160.679596] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 160.680844] RSP: 0000:ffff88810654fc78 EFLAGS: 00010286 [ 160.681536] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 160.682289] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff99e2397c [ 160.682668] RBP: ffff88810654fca0 R08: 0000000000000000 R09: ffffed10203630e0 [ 160.683141] R10: ffff888101b18707 R11: 0000000000000000 R12: ffffffff99e23968 [ 160.683302] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810654fd38 [ 160.683445] FS: 0000000000000000(0000) GS:ffff8881bf393000(0000) knlGS:0000000000000000 [ 160.683623] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.683754] CR2: 00007ffff7ffe000 CR3: 00000000416ba000 CR4: 00000000000006f0 [ 160.684094] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30883 [ 160.684355] DR3: ffffffff9be30885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 160.684500] Call Trace: [ 160.685294] <TASK> [ 160.685488] drm_test_rect_calc_vscale+0x108/0x270 [ 160.685703] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 160.686177] ? __schedule+0x10cc/0x2b30 [ 160.686483] ? __pfx_read_tsc+0x10/0x10 [ 160.686904] ? ktime_get_ts64+0x86/0x230 [ 160.687294] kunit_try_run_case+0x1a5/0x480 [ 160.687470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.687938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 160.688223] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 160.688366] ? __kthread_parkme+0x82/0x180 [ 160.688834] ? preempt_count_sub+0x50/0x80 [ 160.689008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.689266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 160.689504] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 160.689829] kthread+0x337/0x6f0 [ 160.690081] ? trace_preempt_on+0x20/0xc0 [ 160.690293] ? __pfx_kthread+0x10/0x10 [ 160.690521] ? _raw_spin_unlock_irq+0x47/0x80 [ 160.690712] ? calculate_sigpending+0x7b/0xa0 [ 160.691026] ? __pfx_kthread+0x10/0x10 [ 160.691283] ret_from_fork+0x41/0x80 [ 160.691534] ? __pfx_kthread+0x10/0x10 [ 160.691782] ret_from_fork_asm+0x1a/0x30 [ 160.692180] </TASK> [ 160.692306] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 160.619384] WARNING: CPU: 1 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 160.620077] Modules linked in: [ 160.620311] CPU: 1 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 160.620775] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 160.621080] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 160.621462] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 160.622147] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db 8f 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 160.623081] RSP: 0000:ffff888103497c78 EFLAGS: 00010286 [ 160.623337] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 160.623559] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99e23980 [ 160.623803] RBP: ffff888103497ca0 R08: 0000000000000000 R09: ffffed1020363060 [ 160.624079] R10: ffff888101b18307 R11: 0000000000000000 R12: ffffffff99e23968 [ 160.624357] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103497d38 [ 160.624753] FS: 0000000000000000(0000) GS:ffff8881bf393000(0000) knlGS:0000000000000000 [ 160.625077] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.625204] CR2: 00007ffff7ffe000 CR3: 00000000416ba000 CR4: 00000000000006f0 [ 160.625531] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30883 [ 160.626021] DR3: ffffffff9be30885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 160.626168] Call Trace: [ 160.626349] <TASK> [ 160.626515] drm_test_rect_calc_hscale+0x108/0x270 [ 160.626885] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 160.627022] ? __schedule+0x10cc/0x2b30 [ 160.627279] ? __pfx_read_tsc+0x10/0x10 [ 160.627577] ? ktime_get_ts64+0x86/0x230 [ 160.627851] kunit_try_run_case+0x1a5/0x480 [ 160.628147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.628448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 160.629179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 160.629593] ? __kthread_parkme+0x82/0x180 [ 160.629931] ? preempt_count_sub+0x50/0x80 [ 160.630235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.630470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 160.631193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 160.631534] kthread+0x337/0x6f0 [ 160.632135] ? trace_preempt_on+0x20/0xc0 [ 160.632409] ? __pfx_kthread+0x10/0x10 [ 160.632878] ? _raw_spin_unlock_irq+0x47/0x80 [ 160.633031] ? calculate_sigpending+0x7b/0xa0 [ 160.633152] ? __pfx_kthread+0x10/0x10 [ 160.633256] ret_from_fork+0x41/0x80 [ 160.633506] ? __pfx_kthread+0x10/0x10 [ 160.633970] ret_from_fork_asm+0x1a/0x30 [ 160.634314] </TASK> [ 160.634572] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 160.640449] WARNING: CPU: 0 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 160.641184] Modules linked in: [ 160.641469] CPU: 0 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 160.642356] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 160.642594] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 160.643044] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 160.643409] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 db 8f 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 160.644426] RSP: 0000:ffff888103497c78 EFLAGS: 00010286 [ 160.644907] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 160.645128] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff99e239b8 [ 160.645494] RBP: ffff888103497ca0 R08: 0000000000000000 R09: ffffed1020fd71a0 [ 160.646180] R10: ffff888107eb8d07 R11: 0000000000000000 R12: ffffffff99e239a0 [ 160.646968] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888103497d38 [ 160.647268] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 160.647616] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 160.648111] CR2: ffffffffffffffff CR3: 00000000416ba000 CR4: 00000000000006f0 [ 160.648421] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 160.648607] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 160.649086] Call Trace: [ 160.649304] <TASK> [ 160.649399] drm_test_rect_calc_hscale+0x108/0x270 [ 160.649745] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 160.649878] ? __schedule+0x10cc/0x2b30 [ 160.650163] ? __pfx_read_tsc+0x10/0x10 [ 160.650516] ? ktime_get_ts64+0x86/0x230 [ 160.650881] kunit_try_run_case+0x1a5/0x480 [ 160.651331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.651485] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 160.651997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 160.652135] ? __kthread_parkme+0x82/0x180 [ 160.652428] ? preempt_count_sub+0x50/0x80 [ 160.652737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 160.652992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 160.653292] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 160.653571] kthread+0x337/0x6f0 [ 160.654190] ? trace_preempt_on+0x20/0xc0 [ 160.654530] ? __pfx_kthread+0x10/0x10 [ 160.654883] ? _raw_spin_unlock_irq+0x47/0x80 [ 160.655063] ? calculate_sigpending+0x7b/0xa0 [ 160.655273] ? __pfx_kthread+0x10/0x10 [ 160.655544] ret_from_fork+0x41/0x80 [ 160.656428] ? __pfx_kthread+0x10/0x10 [ 160.656716] ret_from_fork_asm+0x1a/0x30 [ 160.657002] </TASK> [ 160.657164] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 159.371341] WARNING: CPU: 0 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 159.371609] Modules linked in: [ 159.371750] CPU: 0 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 159.372580] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 159.372958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.373414] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 159.373792] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 159.374128] RSP: 0000:ffff888107aafb30 EFLAGS: 00010246 [ 159.374278] RAX: dffffc0000000000 RBX: ffff888107aafc28 RCX: 0000000000000000 [ 159.374412] RDX: 1ffff11020f55f8e RSI: ffff888107aafc28 RDI: ffff888107aafc70 [ 159.374542] RBP: ffff888107aafb70 R08: ffff888107d9d000 R09: ffffffff99dca5a0 [ 159.375292] R10: 0000000000000003 R11: 000000007644faed R12: ffff888107d9d000 [ 159.375642] R13: ffff88810031fae8 R14: ffff888107aafba8 R15: 0000000000000000 [ 159.376259] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 159.376522] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.376887] CR2: ffffffffffffffff CR3: 00000000416ba000 CR4: 00000000000006f0 [ 159.377063] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 159.377337] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.377598] Call Trace: [ 159.377797] <TASK> [ 159.378231] ? add_dr+0xc1/0x1d0 [ 159.378481] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 159.378851] ? add_dr+0x148/0x1d0 [ 159.379081] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 159.379248] ? __drmm_add_action+0x1a4/0x280 [ 159.379521] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 159.379830] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 159.380046] ? __drmm_add_action_or_reset+0x22/0x50 [ 159.380452] ? __schedule+0x10cc/0x2b30 [ 159.381062] ? __pfx_read_tsc+0x10/0x10 [ 159.381343] ? ktime_get_ts64+0x86/0x230 [ 159.381500] kunit_try_run_case+0x1a5/0x480 [ 159.381835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.382160] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.382470] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.383004] ? __kthread_parkme+0x82/0x180 [ 159.383345] ? preempt_count_sub+0x50/0x80 [ 159.383720] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.383940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.384214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.384475] kthread+0x337/0x6f0 [ 159.384701] ? trace_preempt_on+0x20/0xc0 [ 159.384846] ? __pfx_kthread+0x10/0x10 [ 159.385068] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.385242] ? calculate_sigpending+0x7b/0xa0 [ 159.385386] ? __pfx_kthread+0x10/0x10 [ 159.385485] ret_from_fork+0x41/0x80 [ 159.385981] ? __pfx_kthread+0x10/0x10 [ 159.386217] ret_from_fork_asm+0x1a/0x30 [ 159.386416] </TASK> [ 159.386505] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 159.331891] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 159.332062] WARNING: CPU: 0 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 159.332980] Modules linked in: [ 159.333495] CPU: 0 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 159.334191] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 159.334379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 159.334779] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 159.335306] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 6b 80 84 00 48 c7 c1 a0 55 dc 99 4c 89 fa 48 c7 c7 00 56 dc 99 48 89 c6 e8 12 d8 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 159.335931] RSP: 0000:ffff88810762fb68 EFLAGS: 00010282 [ 159.336103] RAX: 0000000000000000 RBX: ffff88810762fc40 RCX: 1ffffffff3564b3c [ 159.336236] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 159.336362] RBP: ffff88810762fb90 R08: 0000000000000000 R09: fffffbfff3564b3c [ 159.336861] R10: 0000000000000003 R11: 0000000000038278 R12: ffff88810762fc18 [ 159.337315] R13: ffff8881079b7000 R14: ffff888107d9b000 R15: ffff8881073c0000 [ 159.337581] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 159.338230] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 159.338464] CR2: ffffffffffffffff CR3: 00000000416ba000 CR4: 00000000000006f0 [ 159.339007] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 159.339378] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 159.339674] Call Trace: [ 159.340036] <TASK> [ 159.340225] drm_test_framebuffer_free+0x1ab/0x610 [ 159.340390] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 159.340504] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 159.341072] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 159.341270] ? __drmm_add_action_or_reset+0x22/0x50 [ 159.341405] ? __schedule+0x10cc/0x2b30 [ 159.341513] ? __pfx_read_tsc+0x10/0x10 [ 159.342001] ? ktime_get_ts64+0x86/0x230 [ 159.342286] kunit_try_run_case+0x1a5/0x480 [ 159.342407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.342728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 159.343234] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 159.343381] ? __kthread_parkme+0x82/0x180 [ 159.343604] ? preempt_count_sub+0x50/0x80 [ 159.344031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 159.344214] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 159.344492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 159.344768] kthread+0x337/0x6f0 [ 159.344937] ? trace_preempt_on+0x20/0xc0 [ 159.345223] ? __pfx_kthread+0x10/0x10 [ 159.345360] ? _raw_spin_unlock_irq+0x47/0x80 [ 159.345482] ? calculate_sigpending+0x7b/0xa0 [ 159.345783] ? __pfx_kthread+0x10/0x10 [ 159.346103] ret_from_fork+0x41/0x80 [ 159.346280] ? __pfx_kthread+0x10/0x10 [ 159.346421] ret_from_fork_asm+0x1a/0x30 [ 159.346694] </TASK> [ 159.346843] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 157.229194] WARNING: CPU: 0 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 157.230011] Modules linked in: [ 157.230350] CPU: 0 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 157.230829] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 157.230964] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 157.231163] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 157.231573] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 52 ce 21 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 40 ce 21 02 48 89 df e8 d8 [ 157.232712] RSP: 0000:ffff888106defc90 EFLAGS: 00010246 [ 157.233079] RAX: dffffc0000000000 RBX: ffff888104b94000 RCX: 0000000000000000 [ 157.233457] RDX: 1ffff11020972832 RSI: ffffffff96ff1698 RDI: ffff888104b94190 [ 157.233951] RBP: ffff888106defca0 R08: 1ffff11020063f69 R09: ffffed1020dbdf65 [ 157.234169] R10: 0000000000000003 R11: ffffffff965807d8 R12: 0000000000000000 [ 157.234523] R13: ffff888106defd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 157.234917] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 157.235310] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.235767] CR2: ffffffffffffffff CR3: 00000000416ba000 CR4: 00000000000006f0 [ 157.236199] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 157.236856] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 157.237569] Call Trace: [ 157.238097] <TASK> [ 157.238299] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 157.238740] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 157.239018] ? __schedule+0x10cc/0x2b30 [ 157.239186] ? __pfx_read_tsc+0x10/0x10 [ 157.239436] ? ktime_get_ts64+0x86/0x230 [ 157.239677] kunit_try_run_case+0x1a5/0x480 [ 157.240408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 157.240982] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 157.241251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 157.241410] ? __kthread_parkme+0x82/0x180 [ 157.241738] ? preempt_count_sub+0x50/0x80 [ 157.242282] ? __pfx_kunit_try_run_case+0x10/0x10 [ 157.242447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 157.242616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 157.243041] kthread+0x337/0x6f0 [ 157.243195] ? trace_preempt_on+0x20/0xc0 [ 157.243320] ? __pfx_kthread+0x10/0x10 [ 157.243422] ? _raw_spin_unlock_irq+0x47/0x80 [ 157.243572] ? calculate_sigpending+0x7b/0xa0 [ 157.244233] ? __pfx_kthread+0x10/0x10 [ 157.244508] ret_from_fork+0x41/0x80 [ 157.245103] ? __pfx_kthread+0x10/0x10 [ 157.245324] ret_from_fork_asm+0x1a/0x30 [ 157.245464] </TASK> [ 157.245588] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 157.336350] WARNING: CPU: 1 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 157.336921] Modules linked in: [ 157.337076] CPU: 1 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 157.338464] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 157.339218] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 157.339433] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 157.339758] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d e9 52 ce 21 02 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 40 ce 21 02 48 89 df e8 d8 [ 157.340649] RSP: 0000:ffff888106fefc90 EFLAGS: 00010246 [ 157.340910] RAX: dffffc0000000000 RBX: ffff8881048ea000 RCX: 0000000000000000 [ 157.341168] RDX: 1ffff1102091d432 RSI: ffffffff96ff1698 RDI: ffff8881048ea190 [ 157.341684] RBP: ffff888106fefca0 R08: 1ffff11020063f69 R09: ffffed1020dfdf65 [ 157.341999] R10: 0000000000000003 R11: ffffffff965807d8 R12: 0000000000000000 [ 157.342294] R13: ffff888106fefd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 157.342672] FS: 0000000000000000(0000) GS:ffff8881bf393000(0000) knlGS:0000000000000000 [ 157.343008] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 157.343250] CR2: 00007ffff7ffe000 CR3: 00000000416ba000 CR4: 00000000000006f0 [ 157.343556] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30883 [ 157.343946] DR3: ffffffff9be30885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 157.344222] Call Trace: [ 157.344433] <TASK> [ 157.344571] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 157.344905] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 157.345323] ? __schedule+0x10cc/0x2b30 [ 157.345510] ? __pfx_read_tsc+0x10/0x10 [ 157.345867] ? ktime_get_ts64+0x86/0x230 [ 157.346074] kunit_try_run_case+0x1a5/0x480 [ 157.346313] ? __pfx_kunit_try_run_case+0x10/0x10 [ 157.346833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 157.347055] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 157.347309] ? __kthread_parkme+0x82/0x180 [ 157.347469] ? preempt_count_sub+0x50/0x80 [ 157.347868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 157.348110] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 157.348311] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 157.348712] kthread+0x337/0x6f0 [ 157.348914] ? trace_preempt_on+0x20/0xc0 [ 157.349087] ? __pfx_kthread+0x10/0x10 [ 157.349211] ? _raw_spin_unlock_irq+0x47/0x80 [ 157.349465] ? calculate_sigpending+0x7b/0xa0 [ 157.349693] ? __pfx_kthread+0x10/0x10 [ 157.349815] ret_from_fork+0x41/0x80 [ 157.350860] ? __pfx_kthread+0x10/0x10 [ 157.351029] ret_from_fork_asm+0x1a/0x30 [ 157.351167] </TASK> [ 157.351255] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 122.691651] WARNING: CPU: 1 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 122.693544] Modules linked in: [ 122.693978] CPU: 1 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 122.694590] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 122.695442] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 122.695914] RIP: 0010:intlog10+0x2a/0x40 [ 122.696068] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 122.696366] RSP: 0000:ffff888105427cb0 EFLAGS: 00010246 [ 122.696504] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020a84fb4 [ 122.696913] RDX: 1ffffffff3392510 RSI: 1ffff11020a84fb3 RDI: 0000000000000000 [ 122.698173] RBP: ffff888105427d60 R08: 0000000000000000 R09: ffffed10208e7e60 [ 122.698838] R10: ffff88810473f307 R11: 0000000000000000 R12: 1ffff11020a84f97 [ 122.699220] R13: ffffffff99c92880 R14: 0000000000000000 R15: ffff888105427d38 [ 122.699547] FS: 0000000000000000(0000) GS:ffff8881bf393000(0000) knlGS:0000000000000000 [ 122.699946] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.700350] CR2: dffffc0000000000 CR3: 00000000416ba000 CR4: 00000000000006f0 [ 122.700925] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30883 [ 122.701171] DR3: ffffffff9be30885 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 122.701401] Call Trace: [ 122.701526] <TASK> [ 122.703335] ? intlog10_test+0xf2/0x220 [ 122.703601] ? __pfx_intlog10_test+0x10/0x10 [ 122.703804] ? __schedule+0x10cc/0x2b30 [ 122.703990] ? __pfx_read_tsc+0x10/0x10 [ 122.704174] ? ktime_get_ts64+0x86/0x230 [ 122.704362] kunit_try_run_case+0x1a5/0x480 [ 122.707011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 122.707391] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 122.707618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 122.707832] ? __kthread_parkme+0x82/0x180 [ 122.709148] ? preempt_count_sub+0x50/0x80 [ 122.709381] ? __pfx_kunit_try_run_case+0x10/0x10 [ 122.709609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 122.709835] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 122.710064] kthread+0x337/0x6f0 [ 122.710226] ? trace_preempt_on+0x20/0xc0 [ 122.710416] ? __pfx_kthread+0x10/0x10 [ 122.711940] ? _raw_spin_unlock_irq+0x47/0x80 [ 122.713188] ? calculate_sigpending+0x7b/0xa0 [ 122.714276] ? __pfx_kthread+0x10/0x10 [ 122.715200] ret_from_fork+0x41/0x80 [ 122.716112] ? __pfx_kthread+0x10/0x10 [ 122.716490] ret_from_fork_asm+0x1a/0x30 [ 122.717305] </TASK> [ 122.717409] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot - exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 122.631252] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 122.632447] Modules linked in: [ 122.633159] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.2-rc1 #1 PREEMPT(voluntary) [ 122.634473] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 122.635224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 122.635983] RIP: 0010:intlog2+0xdf/0x110 [ 122.636284] Code: c9 99 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 92 1b 81 02 90 <0f> 0b 90 31 c0 e9 87 1b 81 02 89 45 e4 e8 2f d7 56 ff 8b 45 e4 eb [ 122.637325] RSP: 0000:ffff8881051b7cb0 EFLAGS: 00010246 [ 122.637766] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020a36fb4 [ 122.638168] RDX: 1ffffffff3392564 RSI: 1ffff11020a36fb3 RDI: 0000000000000000 [ 122.638425] RBP: ffff8881051b7d60 R08: 0000000000000000 R09: ffffed102031ba60 [ 122.638912] R10: ffff8881018dd307 R11: 0000000000000000 R12: 1ffff11020a36f97 [ 122.639445] R13: ffffffff99c92b20 R14: 0000000000000000 R15: ffff8881051b7d38 [ 122.640321] FS: 0000000000000000(0000) GS:ffff8881bf293000(0000) knlGS:0000000000000000 [ 122.641073] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 122.641511] CR2: ffff88815a93c000 CR3: 00000000416ba000 CR4: 00000000000006f0 [ 122.642098] DR0: ffffffff9be30880 DR1: ffffffff9be30881 DR2: ffffffff9be30882 [ 122.642564] DR3: ffffffff9be30883 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 122.643385] Call Trace: [ 122.643601] <TASK> [ 122.644269] ? intlog2_test+0xf2/0x220 [ 122.644494] ? __pfx_intlog2_test+0x10/0x10 [ 122.644870] ? __schedule+0x10cc/0x2b30 [ 122.645299] ? __pfx_read_tsc+0x10/0x10 [ 122.645724] ? ktime_get_ts64+0x86/0x230 [ 122.645990] kunit_try_run_case+0x1a5/0x480 [ 122.646365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 122.646723] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 122.647446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 122.648000] ? __kthread_parkme+0x82/0x180 [ 122.648430] ? preempt_count_sub+0x50/0x80 [ 122.649407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 122.650070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 122.650408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 122.650734] kthread+0x337/0x6f0 [ 122.651273] ? trace_preempt_on+0x20/0xc0 [ 122.651698] ? __pfx_kthread+0x10/0x10 [ 122.652112] ? _raw_spin_unlock_irq+0x47/0x80 [ 122.652470] ? calculate_sigpending+0x7b/0xa0 [ 122.652789] ? __pfx_kthread+0x10/0x10 [ 122.653249] ret_from_fork+0x41/0x80 [ 122.653797] ? __pfx_kthread+0x10/0x10 [ 122.654040] ret_from_fork_asm+0x1a/0x30 [ 122.654421] </TASK> [ 122.655356] ---[ end trace 0000000000000000 ]---