Date
June 17, 2025, 3:40 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 23.325748] ================================================================== [ 23.327598] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.328189] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.328830] [ 23.329091] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.329194] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.329225] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.329274] Call Trace: [ 23.330481] <TASK> [ 23.330536] dump_stack_lvl+0x73/0xb0 [ 23.331935] print_report+0xd1/0x650 [ 23.332149] ? __virt_addr_valid+0x1db/0x2d0 [ 23.332223] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.332370] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.332453] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.332520] kasan_report+0x141/0x180 [ 23.332575] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.332640] kasan_check_range+0x10c/0x1c0 [ 23.332688] __kasan_check_write+0x18/0x20 [ 23.332737] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 23.332794] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.332881] kasan_bitops_generic+0x121/0x1c0 [ 23.332935] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.333550] ? __pfx_read_tsc+0x10/0x10 [ 23.333617] ? ktime_get_ts64+0x86/0x230 [ 23.333693] kunit_try_run_case+0x1a5/0x480 [ 23.333768] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.333841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.333910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.333993] ? __kthread_parkme+0x82/0x180 [ 23.334061] ? preempt_count_sub+0x50/0x80 [ 23.334134] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.334211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.334283] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.334382] kthread+0x337/0x6f0 [ 23.334448] ? trace_preempt_on+0x20/0xc0 [ 23.334522] ? __pfx_kthread+0x10/0x10 [ 23.334581] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.334651] ? calculate_sigpending+0x7b/0xa0 [ 23.334723] ? __pfx_kthread+0x10/0x10 [ 23.334786] ret_from_fork+0x41/0x80 [ 23.334849] ? __pfx_kthread+0x10/0x10 [ 23.334902] ret_from_fork_asm+0x1a/0x30 [ 23.334984] </TASK> [ 23.335015] [ 23.356809] Allocated by task 281: [ 23.357267] kasan_save_stack+0x45/0x70 [ 23.357964] kasan_save_track+0x18/0x40 [ 23.358480] kasan_save_alloc_info+0x3b/0x50 [ 23.358811] __kasan_kmalloc+0xb7/0xc0 [ 23.359177] __kmalloc_cache_noprof+0x189/0x420 [ 23.359785] kasan_bitops_generic+0x92/0x1c0 [ 23.360572] kunit_try_run_case+0x1a5/0x480 [ 23.361045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.361605] kthread+0x337/0x6f0 [ 23.361954] ret_from_fork+0x41/0x80 [ 23.362572] ret_from_fork_asm+0x1a/0x30 [ 23.362924] [ 23.363869] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.363869] which belongs to the cache kmalloc-16 of size 16 [ 23.365634] The buggy address is located 8 bytes inside of [ 23.365634] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.366487] [ 23.366717] The buggy address belongs to the physical page: [ 23.367156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.368697] flags: 0x200000000000000(node=0|zone=2) [ 23.369032] page_type: f5(slab) [ 23.369728] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.370868] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.371674] page dumped because: kasan: bad access detected [ 23.372838] [ 23.373019] Memory state around the buggy address: [ 23.373745] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.374764] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.375663] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.376246] ^ [ 23.376759] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.377549] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.378793] ================================================================== [ 23.227363] ================================================================== [ 23.229253] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 23.230020] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.230596] [ 23.230880] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.231018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.231060] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.231122] Call Trace: [ 23.231166] <TASK> [ 23.231221] dump_stack_lvl+0x73/0xb0 [ 23.231424] print_report+0xd1/0x650 [ 23.231512] ? __virt_addr_valid+0x1db/0x2d0 [ 23.231585] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 23.231663] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.231743] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 23.231824] kasan_report+0x141/0x180 [ 23.231961] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 23.232045] kasan_check_range+0x10c/0x1c0 [ 23.232120] __kasan_check_write+0x18/0x20 [ 23.232194] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 23.232333] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.232437] kasan_bitops_generic+0x121/0x1c0 [ 23.232509] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.232585] ? __pfx_read_tsc+0x10/0x10 [ 23.232659] ? ktime_get_ts64+0x86/0x230 [ 23.232719] kunit_try_run_case+0x1a5/0x480 [ 23.232761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.232796] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.232833] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.232867] ? __kthread_parkme+0x82/0x180 [ 23.232900] ? preempt_count_sub+0x50/0x80 [ 23.232935] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.233005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.233090] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.233135] kthread+0x337/0x6f0 [ 23.233163] ? trace_preempt_on+0x20/0xc0 [ 23.233202] ? __pfx_kthread+0x10/0x10 [ 23.233228] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.233261] ? calculate_sigpending+0x7b/0xa0 [ 23.233321] ? __pfx_kthread+0x10/0x10 [ 23.233351] ret_from_fork+0x41/0x80 [ 23.233387] ? __pfx_kthread+0x10/0x10 [ 23.233416] ret_from_fork_asm+0x1a/0x30 [ 23.233460] </TASK> [ 23.233476] [ 23.252153] Allocated by task 281: [ 23.252675] kasan_save_stack+0x45/0x70 [ 23.253387] kasan_save_track+0x18/0x40 [ 23.253835] kasan_save_alloc_info+0x3b/0x50 [ 23.254540] __kasan_kmalloc+0xb7/0xc0 [ 23.254872] __kmalloc_cache_noprof+0x189/0x420 [ 23.255406] kasan_bitops_generic+0x92/0x1c0 [ 23.255964] kunit_try_run_case+0x1a5/0x480 [ 23.256894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.257547] kthread+0x337/0x6f0 [ 23.257834] ret_from_fork+0x41/0x80 [ 23.258230] ret_from_fork_asm+0x1a/0x30 [ 23.258727] [ 23.259087] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.259087] which belongs to the cache kmalloc-16 of size 16 [ 23.260469] The buggy address is located 8 bytes inside of [ 23.260469] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.261224] [ 23.261627] The buggy address belongs to the physical page: [ 23.262344] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.263334] flags: 0x200000000000000(node=0|zone=2) [ 23.263717] page_type: f5(slab) [ 23.264030] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.264777] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.265814] page dumped because: kasan: bad access detected [ 23.266181] [ 23.266378] Memory state around the buggy address: [ 23.266939] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.267745] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.268876] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.269765] ^ [ 23.270485] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.271248] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.271704] ================================================================== [ 23.175890] ================================================================== [ 23.177492] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 23.178198] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.179681] [ 23.180370] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.180444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.180463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.180491] Call Trace: [ 23.180515] <TASK> [ 23.180540] dump_stack_lvl+0x73/0xb0 [ 23.180580] print_report+0xd1/0x650 [ 23.180616] ? __virt_addr_valid+0x1db/0x2d0 [ 23.180649] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 23.180686] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.180719] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 23.180753] kasan_report+0x141/0x180 [ 23.180786] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 23.180826] kasan_check_range+0x10c/0x1c0 [ 23.180855] __kasan_check_write+0x18/0x20 [ 23.180884] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 23.180918] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.180963] kasan_bitops_generic+0x121/0x1c0 [ 23.180993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.181024] ? __pfx_read_tsc+0x10/0x10 [ 23.181056] ? ktime_get_ts64+0x86/0x230 [ 23.181093] kunit_try_run_case+0x1a5/0x480 [ 23.181130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.181163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.181197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.181230] ? __kthread_parkme+0x82/0x180 [ 23.181262] ? preempt_count_sub+0x50/0x80 [ 23.181429] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.181483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.181521] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.181558] kthread+0x337/0x6f0 [ 23.181583] ? trace_preempt_on+0x20/0xc0 [ 23.181619] ? __pfx_kthread+0x10/0x10 [ 23.181645] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.181677] ? calculate_sigpending+0x7b/0xa0 [ 23.181707] ? __pfx_kthread+0x10/0x10 [ 23.181733] ret_from_fork+0x41/0x80 [ 23.181766] ? __pfx_kthread+0x10/0x10 [ 23.181792] ret_from_fork_asm+0x1a/0x30 [ 23.181836] </TASK> [ 23.181853] [ 23.204964] Allocated by task 281: [ 23.205780] kasan_save_stack+0x45/0x70 [ 23.206401] kasan_save_track+0x18/0x40 [ 23.206948] kasan_save_alloc_info+0x3b/0x50 [ 23.207686] __kasan_kmalloc+0xb7/0xc0 [ 23.208609] __kmalloc_cache_noprof+0x189/0x420 [ 23.209028] kasan_bitops_generic+0x92/0x1c0 [ 23.210034] kunit_try_run_case+0x1a5/0x480 [ 23.210514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.210939] kthread+0x337/0x6f0 [ 23.211591] ret_from_fork+0x41/0x80 [ 23.211915] ret_from_fork_asm+0x1a/0x30 [ 23.212748] [ 23.213055] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.213055] which belongs to the cache kmalloc-16 of size 16 [ 23.214236] The buggy address is located 8 bytes inside of [ 23.214236] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.215487] [ 23.215723] The buggy address belongs to the physical page: [ 23.216242] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.217314] flags: 0x200000000000000(node=0|zone=2) [ 23.217660] page_type: f5(slab) [ 23.218254] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.219180] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.219726] page dumped because: kasan: bad access detected [ 23.220801] [ 23.221029] Memory state around the buggy address: [ 23.221609] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.222151] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.222887] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.223579] ^ [ 23.224549] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.225442] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.226015] ================================================================== [ 23.273687] ================================================================== [ 23.274428] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.275311] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.276439] [ 23.276694] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.276870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.276911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.277253] Call Trace: [ 23.277329] <TASK> [ 23.277384] dump_stack_lvl+0x73/0xb0 [ 23.277472] print_report+0xd1/0x650 [ 23.277662] ? __virt_addr_valid+0x1db/0x2d0 [ 23.277829] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.277930] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.278032] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.278214] kasan_report+0x141/0x180 [ 23.278257] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.278338] kasan_check_range+0x10c/0x1c0 [ 23.278414] __kasan_check_write+0x18/0x20 [ 23.278489] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 23.278569] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.278689] kasan_bitops_generic+0x121/0x1c0 [ 23.278792] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.278867] ? __pfx_read_tsc+0x10/0x10 [ 23.278939] ? ktime_get_ts64+0x86/0x230 [ 23.279020] kunit_try_run_case+0x1a5/0x480 [ 23.279112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.279156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.279195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.279231] ? __kthread_parkme+0x82/0x180 [ 23.279264] ? preempt_count_sub+0x50/0x80 [ 23.279326] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.279367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.279402] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.279437] kthread+0x337/0x6f0 [ 23.279461] ? trace_preempt_on+0x20/0xc0 [ 23.279496] ? __pfx_kthread+0x10/0x10 [ 23.279521] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.279553] ? calculate_sigpending+0x7b/0xa0 [ 23.279583] ? __pfx_kthread+0x10/0x10 [ 23.279607] ret_from_fork+0x41/0x80 [ 23.279639] ? __pfx_kthread+0x10/0x10 [ 23.279664] ret_from_fork_asm+0x1a/0x30 [ 23.279708] </TASK> [ 23.279725] [ 23.302174] Allocated by task 281: [ 23.302589] kasan_save_stack+0x45/0x70 [ 23.303330] kasan_save_track+0x18/0x40 [ 23.303862] kasan_save_alloc_info+0x3b/0x50 [ 23.304709] __kasan_kmalloc+0xb7/0xc0 [ 23.305052] __kmalloc_cache_noprof+0x189/0x420 [ 23.305566] kasan_bitops_generic+0x92/0x1c0 [ 23.306015] kunit_try_run_case+0x1a5/0x480 [ 23.306574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.307393] kthread+0x337/0x6f0 [ 23.307934] ret_from_fork+0x41/0x80 [ 23.308718] ret_from_fork_asm+0x1a/0x30 [ 23.309432] [ 23.309620] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.309620] which belongs to the cache kmalloc-16 of size 16 [ 23.310923] The buggy address is located 8 bytes inside of [ 23.310923] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.312674] [ 23.312994] The buggy address belongs to the physical page: [ 23.313618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.314407] flags: 0x200000000000000(node=0|zone=2) [ 23.314871] page_type: f5(slab) [ 23.315336] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.316101] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.317505] page dumped because: kasan: bad access detected [ 23.318667] [ 23.319124] Memory state around the buggy address: [ 23.319574] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.319825] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.320611] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.322171] ^ [ 23.322727] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.323626] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.324838] ================================================================== [ 23.426489] ================================================================== [ 23.427336] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.428174] Read of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.429238] [ 23.429482] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.429601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.429636] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.429694] Call Trace: [ 23.429744] <TASK> [ 23.429794] dump_stack_lvl+0x73/0xb0 [ 23.429838] print_report+0xd1/0x650 [ 23.429875] ? __virt_addr_valid+0x1db/0x2d0 [ 23.429910] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.429972] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.430054] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.430977] kasan_report+0x141/0x180 [ 23.431075] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.431171] __asan_report_load8_noabort+0x18/0x20 [ 23.431245] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 23.431345] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.431447] kasan_bitops_generic+0x121/0x1c0 [ 23.431517] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.431587] ? __pfx_read_tsc+0x10/0x10 [ 23.431658] ? ktime_get_ts64+0x86/0x230 [ 23.431736] kunit_try_run_case+0x1a5/0x480 [ 23.431818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.431902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.431987] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.432108] ? __kthread_parkme+0x82/0x180 [ 23.432147] ? preempt_count_sub+0x50/0x80 [ 23.432187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.432226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.432264] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.432324] kthread+0x337/0x6f0 [ 23.432357] ? trace_preempt_on+0x20/0xc0 [ 23.432396] ? __pfx_kthread+0x10/0x10 [ 23.432423] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.432455] ? calculate_sigpending+0x7b/0xa0 [ 23.432489] ? __pfx_kthread+0x10/0x10 [ 23.432518] ret_from_fork+0x41/0x80 [ 23.432552] ? __pfx_kthread+0x10/0x10 [ 23.432580] ret_from_fork_asm+0x1a/0x30 [ 23.432627] </TASK> [ 23.432642] [ 23.455375] Allocated by task 281: [ 23.455823] kasan_save_stack+0x45/0x70 [ 23.456432] kasan_save_track+0x18/0x40 [ 23.456853] kasan_save_alloc_info+0x3b/0x50 [ 23.457237] __kasan_kmalloc+0xb7/0xc0 [ 23.457612] __kmalloc_cache_noprof+0x189/0x420 [ 23.458018] kasan_bitops_generic+0x92/0x1c0 [ 23.458553] kunit_try_run_case+0x1a5/0x480 [ 23.458993] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.459428] kthread+0x337/0x6f0 [ 23.459936] ret_from_fork+0x41/0x80 [ 23.460510] ret_from_fork_asm+0x1a/0x30 [ 23.460918] [ 23.461493] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.461493] which belongs to the cache kmalloc-16 of size 16 [ 23.462479] The buggy address is located 8 bytes inside of [ 23.462479] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.463937] [ 23.464254] The buggy address belongs to the physical page: [ 23.464884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.465721] flags: 0x200000000000000(node=0|zone=2) [ 23.466338] page_type: f5(slab) [ 23.466735] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.467660] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.468191] page dumped because: kasan: bad access detected [ 23.468818] [ 23.469338] Memory state around the buggy address: [ 23.470162] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.470705] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.471564] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.472354] ^ [ 23.472931] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.473538] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.474283] ================================================================== [ 23.379856] ================================================================== [ 23.380539] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.381370] Read of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.382127] [ 23.382381] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.382527] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.382569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.382686] Call Trace: [ 23.382738] <TASK> [ 23.382789] dump_stack_lvl+0x73/0xb0 [ 23.382868] print_report+0xd1/0x650 [ 23.382981] ? __virt_addr_valid+0x1db/0x2d0 [ 23.383106] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.383246] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.383349] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.383493] kasan_report+0x141/0x180 [ 23.383576] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.383669] kasan_check_range+0x10c/0x1c0 [ 23.383732] __kasan_check_read+0x15/0x20 [ 23.383767] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 23.383804] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.383868] kasan_bitops_generic+0x121/0x1c0 [ 23.384000] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.384125] ? __pfx_read_tsc+0x10/0x10 [ 23.384251] ? ktime_get_ts64+0x86/0x230 [ 23.384359] kunit_try_run_case+0x1a5/0x480 [ 23.384450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.384520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.384653] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.384726] ? __kthread_parkme+0x82/0x180 [ 23.384765] ? preempt_count_sub+0x50/0x80 [ 23.384802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.384838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.384873] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.384908] kthread+0x337/0x6f0 [ 23.384934] ? trace_preempt_on+0x20/0xc0 [ 23.385026] ? __pfx_kthread+0x10/0x10 [ 23.385099] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.385173] ? calculate_sigpending+0x7b/0xa0 [ 23.385247] ? __pfx_kthread+0x10/0x10 [ 23.385331] ret_from_fork+0x41/0x80 [ 23.385427] ? __pfx_kthread+0x10/0x10 [ 23.385535] ret_from_fork_asm+0x1a/0x30 [ 23.385587] </TASK> [ 23.385603] [ 23.404015] Allocated by task 281: [ 23.404481] kasan_save_stack+0x45/0x70 [ 23.404917] kasan_save_track+0x18/0x40 [ 23.405685] kasan_save_alloc_info+0x3b/0x50 [ 23.406492] __kasan_kmalloc+0xb7/0xc0 [ 23.406868] __kmalloc_cache_noprof+0x189/0x420 [ 23.407815] kasan_bitops_generic+0x92/0x1c0 [ 23.408702] kunit_try_run_case+0x1a5/0x480 [ 23.410362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.411011] kthread+0x337/0x6f0 [ 23.411397] ret_from_fork+0x41/0x80 [ 23.411912] ret_from_fork_asm+0x1a/0x30 [ 23.412795] [ 23.413188] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.413188] which belongs to the cache kmalloc-16 of size 16 [ 23.414752] The buggy address is located 8 bytes inside of [ 23.414752] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.416205] [ 23.416464] The buggy address belongs to the physical page: [ 23.416969] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.417667] flags: 0x200000000000000(node=0|zone=2) [ 23.418155] page_type: f5(slab) [ 23.418598] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.419338] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.420212] page dumped because: kasan: bad access detected [ 23.420815] [ 23.421162] Memory state around the buggy address: [ 23.421680] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.422310] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.422911] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.423562] ^ [ 23.424186] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.424757] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.425415] ================================================================== [ 23.080864] ================================================================== [ 23.081866] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 23.082855] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.083720] [ 23.084334] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.084450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.084490] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.084546] Call Trace: [ 23.084603] <TASK> [ 23.084659] dump_stack_lvl+0x73/0xb0 [ 23.084751] print_report+0xd1/0x650 [ 23.084834] ? __virt_addr_valid+0x1db/0x2d0 [ 23.084910] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 23.085462] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.085547] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 23.085629] kasan_report+0x141/0x180 [ 23.085708] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 23.085790] kasan_check_range+0x10c/0x1c0 [ 23.085827] __kasan_check_write+0x18/0x20 [ 23.085861] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 23.085901] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.085973] kasan_bitops_generic+0x121/0x1c0 [ 23.086043] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.086104] ? __pfx_read_tsc+0x10/0x10 [ 23.086140] ? ktime_get_ts64+0x86/0x230 [ 23.086181] kunit_try_run_case+0x1a5/0x480 [ 23.086222] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.086257] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.086323] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.086421] ? __kthread_parkme+0x82/0x180 [ 23.086498] ? preempt_count_sub+0x50/0x80 [ 23.086559] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.086599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.086636] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.086672] kthread+0x337/0x6f0 [ 23.086698] ? trace_preempt_on+0x20/0xc0 [ 23.086736] ? __pfx_kthread+0x10/0x10 [ 23.086763] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.086796] ? calculate_sigpending+0x7b/0xa0 [ 23.086830] ? __pfx_kthread+0x10/0x10 [ 23.086858] ret_from_fork+0x41/0x80 [ 23.086893] ? __pfx_kthread+0x10/0x10 [ 23.086922] ret_from_fork_asm+0x1a/0x30 [ 23.087018] </TASK> [ 23.087063] [ 23.107476] Allocated by task 281: [ 23.107769] kasan_save_stack+0x45/0x70 [ 23.108602] kasan_save_track+0x18/0x40 [ 23.108893] kasan_save_alloc_info+0x3b/0x50 [ 23.109519] __kasan_kmalloc+0xb7/0xc0 [ 23.109922] __kmalloc_cache_noprof+0x189/0x420 [ 23.110500] kasan_bitops_generic+0x92/0x1c0 [ 23.110948] kunit_try_run_case+0x1a5/0x480 [ 23.112095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.112564] kthread+0x337/0x6f0 [ 23.112908] ret_from_fork+0x41/0x80 [ 23.113392] ret_from_fork_asm+0x1a/0x30 [ 23.113841] [ 23.114182] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.114182] which belongs to the cache kmalloc-16 of size 16 [ 23.115332] The buggy address is located 8 bytes inside of [ 23.115332] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.116189] [ 23.116599] The buggy address belongs to the physical page: [ 23.117304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.117900] flags: 0x200000000000000(node=0|zone=2) [ 23.118370] page_type: f5(slab) [ 23.118876] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.119976] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.120802] page dumped because: kasan: bad access detected [ 23.121624] [ 23.121872] Memory state around the buggy address: [ 23.122443] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.123096] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.124494] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.125097] ^ [ 23.125594] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.126221] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.126849] ================================================================== [ 23.128597] ================================================================== [ 23.129122] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 23.129695] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.130506] [ 23.130961] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.131376] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.131413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.131476] Call Trace: [ 23.131527] <TASK> [ 23.131577] dump_stack_lvl+0x73/0xb0 [ 23.131664] print_report+0xd1/0x650 [ 23.131746] ? __virt_addr_valid+0x1db/0x2d0 [ 23.131820] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 23.131907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.132088] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 23.132176] kasan_report+0x141/0x180 [ 23.132261] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 23.132370] kasan_check_range+0x10c/0x1c0 [ 23.132446] __kasan_check_write+0x18/0x20 [ 23.132521] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 23.132602] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.132707] kasan_bitops_generic+0x121/0x1c0 [ 23.132783] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.132833] ? __pfx_read_tsc+0x10/0x10 [ 23.132909] ? ktime_get_ts64+0x86/0x230 [ 23.133091] kunit_try_run_case+0x1a5/0x480 [ 23.133188] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.133264] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.133367] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.133447] ? __kthread_parkme+0x82/0x180 [ 23.133525] ? preempt_count_sub+0x50/0x80 [ 23.133615] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.133695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.133763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.133805] kthread+0x337/0x6f0 [ 23.133833] ? trace_preempt_on+0x20/0xc0 [ 23.133873] ? __pfx_kthread+0x10/0x10 [ 23.133901] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.133935] ? calculate_sigpending+0x7b/0xa0 [ 23.134079] ? __pfx_kthread+0x10/0x10 [ 23.134115] ret_from_fork+0x41/0x80 [ 23.134151] ? __pfx_kthread+0x10/0x10 [ 23.134182] ret_from_fork_asm+0x1a/0x30 [ 23.134229] </TASK> [ 23.134245] [ 23.152083] Allocated by task 281: [ 23.152451] kasan_save_stack+0x45/0x70 [ 23.153804] kasan_save_track+0x18/0x40 [ 23.154580] kasan_save_alloc_info+0x3b/0x50 [ 23.155106] __kasan_kmalloc+0xb7/0xc0 [ 23.155543] __kmalloc_cache_noprof+0x189/0x420 [ 23.155963] kasan_bitops_generic+0x92/0x1c0 [ 23.156782] kunit_try_run_case+0x1a5/0x480 [ 23.157397] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.157873] kthread+0x337/0x6f0 [ 23.158551] ret_from_fork+0x41/0x80 [ 23.158957] ret_from_fork_asm+0x1a/0x30 [ 23.159333] [ 23.159523] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.159523] which belongs to the cache kmalloc-16 of size 16 [ 23.161273] The buggy address is located 8 bytes inside of [ 23.161273] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.162499] [ 23.162687] The buggy address belongs to the physical page: [ 23.163076] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.163761] flags: 0x200000000000000(node=0|zone=2) [ 23.164752] page_type: f5(slab) [ 23.165283] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.165817] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.166607] page dumped because: kasan: bad access detected [ 23.167229] [ 23.168099] Memory state around the buggy address: [ 23.168543] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.169133] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.171377] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.172257] ^ [ 23.172722] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.173569] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.174885] ================================================================== [ 23.022753] ================================================================== [ 23.023755] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 23.024666] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 23.025183] [ 23.026138] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.026270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.026328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.026389] Call Trace: [ 23.026431] <TASK> [ 23.026469] dump_stack_lvl+0x73/0xb0 [ 23.026511] print_report+0xd1/0x650 [ 23.026550] ? __virt_addr_valid+0x1db/0x2d0 [ 23.026585] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 23.026621] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.026658] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 23.026695] kasan_report+0x141/0x180 [ 23.026730] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 23.026774] kasan_check_range+0x10c/0x1c0 [ 23.026805] __kasan_check_write+0x18/0x20 [ 23.026835] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 23.026871] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 23.026917] kasan_bitops_generic+0x121/0x1c0 [ 23.026958] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 23.027037] ? __pfx_read_tsc+0x10/0x10 [ 23.027148] ? ktime_get_ts64+0x86/0x230 [ 23.027203] kunit_try_run_case+0x1a5/0x480 [ 23.027244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.027279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.027345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.027383] ? __kthread_parkme+0x82/0x180 [ 23.027418] ? preempt_count_sub+0x50/0x80 [ 23.027456] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.027493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.027528] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.027564] kthread+0x337/0x6f0 [ 23.027590] ? trace_preempt_on+0x20/0xc0 [ 23.027627] ? __pfx_kthread+0x10/0x10 [ 23.027654] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.027687] ? calculate_sigpending+0x7b/0xa0 [ 23.027720] ? __pfx_kthread+0x10/0x10 [ 23.027748] ret_from_fork+0x41/0x80 [ 23.027781] ? __pfx_kthread+0x10/0x10 [ 23.027808] ret_from_fork_asm+0x1a/0x30 [ 23.027853] </TASK> [ 23.027870] [ 23.052146] Allocated by task 281: [ 23.052585] kasan_save_stack+0x45/0x70 [ 23.052974] kasan_save_track+0x18/0x40 [ 23.054602] kasan_save_alloc_info+0x3b/0x50 [ 23.054952] __kasan_kmalloc+0xb7/0xc0 [ 23.055635] __kmalloc_cache_noprof+0x189/0x420 [ 23.056008] kasan_bitops_generic+0x92/0x1c0 [ 23.056819] kunit_try_run_case+0x1a5/0x480 [ 23.057587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.058011] kthread+0x337/0x6f0 [ 23.058814] ret_from_fork+0x41/0x80 [ 23.059779] ret_from_fork_asm+0x1a/0x30 [ 23.060177] [ 23.061487] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.061487] which belongs to the cache kmalloc-16 of size 16 [ 23.062654] The buggy address is located 8 bytes inside of [ 23.062654] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.063806] [ 23.063969] The buggy address belongs to the physical page: [ 23.064261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.066707] flags: 0x200000000000000(node=0|zone=2) [ 23.067631] page_type: f5(slab) [ 23.067913] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.070959] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.071659] page dumped because: kasan: bad access detected [ 23.072086] [ 23.072230] Memory state around the buggy address: [ 23.074532] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.074917] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.076567] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.077541] ^ [ 23.077998] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.078881] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.079600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 22.753681] ================================================================== [ 22.754657] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.755604] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.756896] [ 22.757609] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.757736] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.757776] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.757999] Call Trace: [ 22.758062] <TASK> [ 22.758116] dump_stack_lvl+0x73/0xb0 [ 22.758194] print_report+0xd1/0x650 [ 22.758235] ? __virt_addr_valid+0x1db/0x2d0 [ 22.758271] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.758370] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758405] kasan_report+0x141/0x180 [ 22.758441] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758485] kasan_check_range+0x10c/0x1c0 [ 22.758516] __kasan_check_write+0x18/0x20 [ 22.758547] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 22.758582] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.758617] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.758654] ? trace_hardirqs_on+0x37/0xe0 [ 22.758691] ? kasan_bitops_generic+0x92/0x1c0 [ 22.758727] kasan_bitops_generic+0x116/0x1c0 [ 22.758757] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.758790] ? __pfx_read_tsc+0x10/0x10 [ 22.758822] ? ktime_get_ts64+0x86/0x230 [ 22.758864] kunit_try_run_case+0x1a5/0x480 [ 22.758906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.758942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.759017] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.759104] ? __kthread_parkme+0x82/0x180 [ 22.759157] ? preempt_count_sub+0x50/0x80 [ 22.759196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.759235] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.759270] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.759329] kthread+0x337/0x6f0 [ 22.759359] ? trace_preempt_on+0x20/0xc0 [ 22.759394] ? __pfx_kthread+0x10/0x10 [ 22.759421] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.759453] ? calculate_sigpending+0x7b/0xa0 [ 22.759488] ? __pfx_kthread+0x10/0x10 [ 22.759516] ret_from_fork+0x41/0x80 [ 22.759550] ? __pfx_kthread+0x10/0x10 [ 22.759577] ret_from_fork_asm+0x1a/0x30 [ 22.759623] </TASK> [ 22.759640] [ 22.781822] Allocated by task 281: [ 22.782782] kasan_save_stack+0x45/0x70 [ 22.783546] kasan_save_track+0x18/0x40 [ 22.784206] kasan_save_alloc_info+0x3b/0x50 [ 22.785470] __kasan_kmalloc+0xb7/0xc0 [ 22.786594] __kmalloc_cache_noprof+0x189/0x420 [ 22.787184] kasan_bitops_generic+0x92/0x1c0 [ 22.787497] kunit_try_run_case+0x1a5/0x480 [ 22.787780] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.788135] kthread+0x337/0x6f0 [ 22.791556] ret_from_fork+0x41/0x80 [ 22.791954] ret_from_fork_asm+0x1a/0x30 [ 22.792527] [ 22.792750] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.792750] which belongs to the cache kmalloc-16 of size 16 [ 22.796139] The buggy address is located 8 bytes inside of [ 22.796139] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.796761] [ 22.796910] The buggy address belongs to the physical page: [ 22.797209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.797840] flags: 0x200000000000000(node=0|zone=2) [ 22.798209] page_type: f5(slab) [ 22.799358] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.800043] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.800725] page dumped because: kasan: bad access detected [ 22.801417] [ 22.801705] Memory state around the buggy address: [ 22.801979] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.802377] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.802750] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.803114] ^ [ 22.803564] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804020] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.804498] ================================================================== [ 22.643899] ================================================================== [ 22.645527] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.647020] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.647614] [ 22.647891] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.647988] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.648008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.648049] Call Trace: [ 22.648359] <TASK> [ 22.648418] dump_stack_lvl+0x73/0xb0 [ 22.648503] print_report+0xd1/0x650 [ 22.648579] ? __virt_addr_valid+0x1db/0x2d0 [ 22.648625] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648660] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.648697] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648730] kasan_report+0x141/0x180 [ 22.648766] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648807] kasan_check_range+0x10c/0x1c0 [ 22.648837] __kasan_check_write+0x18/0x20 [ 22.648866] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 22.648898] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.648930] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.649025] ? trace_hardirqs_on+0x37/0xe0 [ 22.649110] ? kasan_bitops_generic+0x92/0x1c0 [ 22.649179] kasan_bitops_generic+0x116/0x1c0 [ 22.649214] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.649250] ? __pfx_read_tsc+0x10/0x10 [ 22.649282] ? ktime_get_ts64+0x86/0x230 [ 22.649353] kunit_try_run_case+0x1a5/0x480 [ 22.649393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.649427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.649465] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.649501] ? __kthread_parkme+0x82/0x180 [ 22.649534] ? preempt_count_sub+0x50/0x80 [ 22.649569] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.649604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.649637] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.649670] kthread+0x337/0x6f0 [ 22.649695] ? trace_preempt_on+0x20/0xc0 [ 22.649727] ? __pfx_kthread+0x10/0x10 [ 22.649753] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.649782] ? calculate_sigpending+0x7b/0xa0 [ 22.649814] ? __pfx_kthread+0x10/0x10 [ 22.649843] ret_from_fork+0x41/0x80 [ 22.649875] ? __pfx_kthread+0x10/0x10 [ 22.649901] ret_from_fork_asm+0x1a/0x30 [ 22.649945] </TASK> [ 22.649980] [ 22.675541] Allocated by task 281: [ 22.676090] kasan_save_stack+0x45/0x70 [ 22.676602] kasan_save_track+0x18/0x40 [ 22.677409] kasan_save_alloc_info+0x3b/0x50 [ 22.677753] __kasan_kmalloc+0xb7/0xc0 [ 22.678691] __kmalloc_cache_noprof+0x189/0x420 [ 22.679038] kasan_bitops_generic+0x92/0x1c0 [ 22.679734] kunit_try_run_case+0x1a5/0x480 [ 22.680703] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.681243] kthread+0x337/0x6f0 [ 22.681963] ret_from_fork+0x41/0x80 [ 22.682627] ret_from_fork_asm+0x1a/0x30 [ 22.683015] [ 22.683222] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.683222] which belongs to the cache kmalloc-16 of size 16 [ 22.684135] The buggy address is located 8 bytes inside of [ 22.684135] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.686064] [ 22.686286] The buggy address belongs to the physical page: [ 22.686758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.688253] flags: 0x200000000000000(node=0|zone=2) [ 22.688626] page_type: f5(slab) [ 22.689394] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.690235] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.690969] page dumped because: kasan: bad access detected [ 22.692185] [ 22.692369] Memory state around the buggy address: [ 22.692686] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.693666] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.694540] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.695664] ^ [ 22.696038] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.696703] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.697732] ================================================================== [ 22.860507] ================================================================== [ 22.861276] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.862796] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.863939] [ 22.864593] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.864730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.864810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.864848] Call Trace: [ 22.864881] <TASK> [ 22.864929] dump_stack_lvl+0x73/0xb0 [ 22.865016] print_report+0xd1/0x650 [ 22.865097] ? __virt_addr_valid+0x1db/0x2d0 [ 22.865138] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865172] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.865208] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865241] kasan_report+0x141/0x180 [ 22.865275] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865368] kasan_check_range+0x10c/0x1c0 [ 22.865441] __kasan_check_write+0x18/0x20 [ 22.865501] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 22.865537] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.865573] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.865607] ? trace_hardirqs_on+0x37/0xe0 [ 22.865644] ? kasan_bitops_generic+0x92/0x1c0 [ 22.865680] kasan_bitops_generic+0x116/0x1c0 [ 22.865711] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.865744] ? __pfx_read_tsc+0x10/0x10 [ 22.865776] ? ktime_get_ts64+0x86/0x230 [ 22.865816] kunit_try_run_case+0x1a5/0x480 [ 22.865854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.865888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.865926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.866082] ? __kthread_parkme+0x82/0x180 [ 22.866131] ? preempt_count_sub+0x50/0x80 [ 22.866171] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.866208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.866244] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.866283] kthread+0x337/0x6f0 [ 22.866336] ? trace_preempt_on+0x20/0xc0 [ 22.866375] ? __pfx_kthread+0x10/0x10 [ 22.866401] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.866436] ? calculate_sigpending+0x7b/0xa0 [ 22.866470] ? __pfx_kthread+0x10/0x10 [ 22.866497] ret_from_fork+0x41/0x80 [ 22.866531] ? __pfx_kthread+0x10/0x10 [ 22.866559] ret_from_fork_asm+0x1a/0x30 [ 22.866604] </TASK> [ 22.866619] [ 22.890869] Allocated by task 281: [ 22.891838] kasan_save_stack+0x45/0x70 [ 22.892821] kasan_save_track+0x18/0x40 [ 22.893476] kasan_save_alloc_info+0x3b/0x50 [ 22.894027] __kasan_kmalloc+0xb7/0xc0 [ 22.894721] __kmalloc_cache_noprof+0x189/0x420 [ 22.895440] kasan_bitops_generic+0x92/0x1c0 [ 22.895789] kunit_try_run_case+0x1a5/0x480 [ 22.896487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.897420] kthread+0x337/0x6f0 [ 22.897857] ret_from_fork+0x41/0x80 [ 22.898481] ret_from_fork_asm+0x1a/0x30 [ 22.899077] [ 22.899281] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.899281] which belongs to the cache kmalloc-16 of size 16 [ 22.900568] The buggy address is located 8 bytes inside of [ 22.900568] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.901621] [ 22.901856] The buggy address belongs to the physical page: [ 22.903248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.903950] flags: 0x200000000000000(node=0|zone=2) [ 22.904509] page_type: f5(slab) [ 22.904833] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.905799] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.906762] page dumped because: kasan: bad access detected [ 22.907177] [ 22.907396] Memory state around the buggy address: [ 22.907841] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.908544] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.909198] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.909755] ^ [ 22.910311] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.910936] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.911493] ================================================================== [ 22.590701] ================================================================== [ 22.591840] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.593801] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.595269] [ 22.595575] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.595764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.595810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.595872] Call Trace: [ 22.595931] <TASK> [ 22.595985] dump_stack_lvl+0x73/0xb0 [ 22.596082] print_report+0xd1/0x650 [ 22.596271] ? __virt_addr_valid+0x1db/0x2d0 [ 22.596346] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.596418] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596452] kasan_report+0x141/0x180 [ 22.596486] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596524] kasan_check_range+0x10c/0x1c0 [ 22.596555] __kasan_check_write+0x18/0x20 [ 22.596585] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 22.596619] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.596654] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.596686] ? trace_hardirqs_on+0x37/0xe0 [ 22.596723] ? kasan_bitops_generic+0x92/0x1c0 [ 22.596759] kasan_bitops_generic+0x116/0x1c0 [ 22.596787] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.596820] ? __pfx_read_tsc+0x10/0x10 [ 22.596851] ? ktime_get_ts64+0x86/0x230 [ 22.596891] kunit_try_run_case+0x1a5/0x480 [ 22.596929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.597074] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.597123] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.597161] ? __kthread_parkme+0x82/0x180 [ 22.597197] ? preempt_count_sub+0x50/0x80 [ 22.597235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.597273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.597335] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.597373] kthread+0x337/0x6f0 [ 22.597401] ? trace_preempt_on+0x20/0xc0 [ 22.597436] ? __pfx_kthread+0x10/0x10 [ 22.597462] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.597495] ? calculate_sigpending+0x7b/0xa0 [ 22.597528] ? __pfx_kthread+0x10/0x10 [ 22.597555] ret_from_fork+0x41/0x80 [ 22.597589] ? __pfx_kthread+0x10/0x10 [ 22.597616] ret_from_fork_asm+0x1a/0x30 [ 22.597662] </TASK> [ 22.597678] [ 22.619137] Allocated by task 281: [ 22.619613] kasan_save_stack+0x45/0x70 [ 22.619969] kasan_save_track+0x18/0x40 [ 22.620278] kasan_save_alloc_info+0x3b/0x50 [ 22.621931] __kasan_kmalloc+0xb7/0xc0 [ 22.623228] __kmalloc_cache_noprof+0x189/0x420 [ 22.623668] kasan_bitops_generic+0x92/0x1c0 [ 22.624020] kunit_try_run_case+0x1a5/0x480 [ 22.624839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.625488] kthread+0x337/0x6f0 [ 22.625928] ret_from_fork+0x41/0x80 [ 22.626427] ret_from_fork_asm+0x1a/0x30 [ 22.626907] [ 22.627335] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.627335] which belongs to the cache kmalloc-16 of size 16 [ 22.628388] The buggy address is located 8 bytes inside of [ 22.628388] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.629430] [ 22.630175] The buggy address belongs to the physical page: [ 22.630614] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.632092] flags: 0x200000000000000(node=0|zone=2) [ 22.632541] page_type: f5(slab) [ 22.633235] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.634509] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.635570] page dumped because: kasan: bad access detected [ 22.635998] [ 22.636237] Memory state around the buggy address: [ 22.636623] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.638417] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.639271] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.639860] ^ [ 22.640765] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.641517] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.642757] ================================================================== [ 22.967233] ================================================================== [ 22.968475] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.969497] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.970326] [ 22.970594] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.970944] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.971087] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.971146] Call Trace: [ 22.971197] <TASK> [ 22.971285] dump_stack_lvl+0x73/0xb0 [ 22.971422] print_report+0xd1/0x650 [ 22.971500] ? __virt_addr_valid+0x1db/0x2d0 [ 22.971577] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971676] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.971782] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971852] kasan_report+0x141/0x180 [ 22.971914] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.971972] kasan_check_range+0x10c/0x1c0 [ 22.972097] __kasan_check_write+0x18/0x20 [ 22.972169] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 22.972237] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.972329] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.972403] ? trace_hardirqs_on+0x37/0xe0 [ 22.972450] ? kasan_bitops_generic+0x92/0x1c0 [ 22.972488] kasan_bitops_generic+0x116/0x1c0 [ 22.972519] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.972554] ? __pfx_read_tsc+0x10/0x10 [ 22.972587] ? ktime_get_ts64+0x86/0x230 [ 22.972627] kunit_try_run_case+0x1a5/0x480 [ 22.972666] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.972739] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.972776] ? __kthread_parkme+0x82/0x180 [ 22.972812] ? preempt_count_sub+0x50/0x80 [ 22.972850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.972886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.972922] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.972957] kthread+0x337/0x6f0 [ 22.972982] ? trace_preempt_on+0x20/0xc0 [ 22.973017] ? __pfx_kthread+0x10/0x10 [ 22.973044] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.973077] ? calculate_sigpending+0x7b/0xa0 [ 22.973111] ? __pfx_kthread+0x10/0x10 [ 22.973138] ret_from_fork+0x41/0x80 [ 22.973172] ? __pfx_kthread+0x10/0x10 [ 22.973200] ret_from_fork_asm+0x1a/0x30 [ 22.973246] </TASK> [ 22.973263] [ 22.996603] Allocated by task 281: [ 22.996992] kasan_save_stack+0x45/0x70 [ 22.998433] kasan_save_track+0x18/0x40 [ 22.998814] kasan_save_alloc_info+0x3b/0x50 [ 22.999514] __kasan_kmalloc+0xb7/0xc0 [ 23.000362] __kmalloc_cache_noprof+0x189/0x420 [ 23.000743] kasan_bitops_generic+0x92/0x1c0 [ 23.001666] kunit_try_run_case+0x1a5/0x480 [ 23.002226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.002591] kthread+0x337/0x6f0 [ 23.002972] ret_from_fork+0x41/0x80 [ 23.003423] ret_from_fork_asm+0x1a/0x30 [ 23.003829] [ 23.004167] The buggy address belongs to the object at ffff8881026cd0c0 [ 23.004167] which belongs to the cache kmalloc-16 of size 16 [ 23.005340] The buggy address is located 8 bytes inside of [ 23.005340] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 23.007095] [ 23.007771] The buggy address belongs to the physical page: [ 23.008382] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 23.009537] flags: 0x200000000000000(node=0|zone=2) [ 23.009911] page_type: f5(slab) [ 23.011023] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 23.012227] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 23.012954] page dumped because: kasan: bad access detected [ 23.013927] [ 23.014178] Memory state around the buggy address: [ 23.014610] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.015699] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 23.016461] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 23.017544] ^ [ 23.017982] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.019053] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.020441] ================================================================== [ 22.913249] ================================================================== [ 22.913735] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.914727] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.915382] [ 22.916466] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.916600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.916645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.916701] Call Trace: [ 22.916752] <TASK> [ 22.916807] dump_stack_lvl+0x73/0xb0 [ 22.916894] print_report+0xd1/0x650 [ 22.917171] ? __virt_addr_valid+0x1db/0x2d0 [ 22.917254] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.917440] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917518] kasan_report+0x141/0x180 [ 22.917595] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917686] kasan_check_range+0x10c/0x1c0 [ 22.917763] __kasan_check_write+0x18/0x20 [ 22.917833] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 22.917907] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.918103] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.918186] ? trace_hardirqs_on+0x37/0xe0 [ 22.918260] ? kasan_bitops_generic+0x92/0x1c0 [ 22.918365] kasan_bitops_generic+0x116/0x1c0 [ 22.918422] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.918459] ? __pfx_read_tsc+0x10/0x10 [ 22.918493] ? ktime_get_ts64+0x86/0x230 [ 22.918531] kunit_try_run_case+0x1a5/0x480 [ 22.918572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.918606] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.918646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.918680] ? __kthread_parkme+0x82/0x180 [ 22.918713] ? preempt_count_sub+0x50/0x80 [ 22.918751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.918786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.918820] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.918856] kthread+0x337/0x6f0 [ 22.918880] ? trace_preempt_on+0x20/0xc0 [ 22.918915] ? __pfx_kthread+0x10/0x10 [ 22.918941] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.919027] ? calculate_sigpending+0x7b/0xa0 [ 22.919110] ? __pfx_kthread+0x10/0x10 [ 22.919204] ret_from_fork+0x41/0x80 [ 22.919248] ? __pfx_kthread+0x10/0x10 [ 22.919279] ret_from_fork_asm+0x1a/0x30 [ 22.919354] </TASK> [ 22.919373] [ 22.944119] Allocated by task 281: [ 22.944500] kasan_save_stack+0x45/0x70 [ 22.944882] kasan_save_track+0x18/0x40 [ 22.945235] kasan_save_alloc_info+0x3b/0x50 [ 22.946142] __kasan_kmalloc+0xb7/0xc0 [ 22.946551] __kmalloc_cache_noprof+0x189/0x420 [ 22.947445] kasan_bitops_generic+0x92/0x1c0 [ 22.948202] kunit_try_run_case+0x1a5/0x480 [ 22.948641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.949347] kthread+0x337/0x6f0 [ 22.949806] ret_from_fork+0x41/0x80 [ 22.950467] ret_from_fork_asm+0x1a/0x30 [ 22.950928] [ 22.951629] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.951629] which belongs to the cache kmalloc-16 of size 16 [ 22.952832] The buggy address is located 8 bytes inside of [ 22.952832] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.954258] [ 22.954474] The buggy address belongs to the physical page: [ 22.955366] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.956498] flags: 0x200000000000000(node=0|zone=2) [ 22.957272] page_type: f5(slab) [ 22.957737] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.958598] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.959564] page dumped because: kasan: bad access detected [ 22.960278] [ 22.960667] Memory state around the buggy address: [ 22.961263] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.961930] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.962736] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.963433] ^ [ 22.963933] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965218] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.965874] ================================================================== [ 22.699602] ================================================================== [ 22.700560] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.701238] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.701829] [ 22.702112] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.702245] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.703064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.703155] Call Trace: [ 22.703209] <TASK> [ 22.703257] dump_stack_lvl+0x73/0xb0 [ 22.703360] print_report+0xd1/0x650 [ 22.703435] ? __virt_addr_valid+0x1db/0x2d0 [ 22.703511] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703556] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.703592] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703629] kasan_report+0x141/0x180 [ 22.703665] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703706] kasan_check_range+0x10c/0x1c0 [ 22.703736] __kasan_check_write+0x18/0x20 [ 22.703767] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 22.703802] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.703840] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.703894] ? trace_hardirqs_on+0x37/0xe0 [ 22.703935] ? kasan_bitops_generic+0x92/0x1c0 [ 22.704023] kasan_bitops_generic+0x116/0x1c0 [ 22.704104] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.704193] ? __pfx_read_tsc+0x10/0x10 [ 22.704230] ? ktime_get_ts64+0x86/0x230 [ 22.704269] kunit_try_run_case+0x1a5/0x480 [ 22.704340] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.704375] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.704413] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.704451] ? __kthread_parkme+0x82/0x180 [ 22.704485] ? preempt_count_sub+0x50/0x80 [ 22.704522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.704559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.704595] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.704630] kthread+0x337/0x6f0 [ 22.704656] ? trace_preempt_on+0x20/0xc0 [ 22.704691] ? __pfx_kthread+0x10/0x10 [ 22.704719] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.704751] ? calculate_sigpending+0x7b/0xa0 [ 22.704786] ? __pfx_kthread+0x10/0x10 [ 22.704812] ret_from_fork+0x41/0x80 [ 22.704846] ? __pfx_kthread+0x10/0x10 [ 22.704873] ret_from_fork_asm+0x1a/0x30 [ 22.704918] </TASK> [ 22.704934] [ 22.728128] Allocated by task 281: [ 22.728437] kasan_save_stack+0x45/0x70 [ 22.729038] kasan_save_track+0x18/0x40 [ 22.729691] kasan_save_alloc_info+0x3b/0x50 [ 22.730062] __kasan_kmalloc+0xb7/0xc0 [ 22.730496] __kmalloc_cache_noprof+0x189/0x420 [ 22.730882] kasan_bitops_generic+0x92/0x1c0 [ 22.731275] kunit_try_run_case+0x1a5/0x480 [ 22.732994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.733460] kthread+0x337/0x6f0 [ 22.734279] ret_from_fork+0x41/0x80 [ 22.735039] ret_from_fork_asm+0x1a/0x30 [ 22.735812] [ 22.736209] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.736209] which belongs to the cache kmalloc-16 of size 16 [ 22.738528] The buggy address is located 8 bytes inside of [ 22.738528] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.740118] [ 22.740434] The buggy address belongs to the physical page: [ 22.740792] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.741719] flags: 0x200000000000000(node=0|zone=2) [ 22.742667] page_type: f5(slab) [ 22.743460] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.744283] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.745410] page dumped because: kasan: bad access detected [ 22.745914] [ 22.746645] Memory state around the buggy address: [ 22.747016] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.747714] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.748563] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.749658] ^ [ 22.750082] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.750830] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.751829] ================================================================== [ 22.805539] ================================================================== [ 22.806136] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.806954] Write of size 8 at addr ffff8881026cd0c8 by task kunit_try_catch/281 [ 22.809038] [ 22.809411] CPU: 0 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.809543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.809583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.809642] Call Trace: [ 22.809696] <TASK> [ 22.809747] dump_stack_lvl+0x73/0xb0 [ 22.809833] print_report+0xd1/0x650 [ 22.809918] ? __virt_addr_valid+0x1db/0x2d0 [ 22.810050] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810131] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.810211] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810284] kasan_report+0x141/0x180 [ 22.810380] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810474] kasan_check_range+0x10c/0x1c0 [ 22.810543] __kasan_check_write+0x18/0x20 [ 22.810612] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 22.810686] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 22.810761] ? __kmalloc_cache_noprof+0x189/0x420 [ 22.810832] ? trace_hardirqs_on+0x37/0xe0 [ 22.810902] ? kasan_bitops_generic+0x92/0x1c0 [ 22.810979] kasan_bitops_generic+0x116/0x1c0 [ 22.811045] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 22.811120] ? __pfx_read_tsc+0x10/0x10 [ 22.811188] ? ktime_get_ts64+0x86/0x230 [ 22.811269] kunit_try_run_case+0x1a5/0x480 [ 22.811686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.811763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.811900] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.811987] ? __kthread_parkme+0x82/0x180 [ 22.812068] ? preempt_count_sub+0x50/0x80 [ 22.812150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.812232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.812320] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.812399] kthread+0x337/0x6f0 [ 22.812467] ? trace_preempt_on+0x20/0xc0 [ 22.812542] ? __pfx_kthread+0x10/0x10 [ 22.812608] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.812837] ? calculate_sigpending+0x7b/0xa0 [ 22.812913] ? __pfx_kthread+0x10/0x10 [ 22.813084] ret_from_fork+0x41/0x80 [ 22.813168] ? __pfx_kthread+0x10/0x10 [ 22.813233] ret_from_fork_asm+0x1a/0x30 [ 22.813363] </TASK> [ 22.813404] [ 22.838073] Allocated by task 281: [ 22.838372] kasan_save_stack+0x45/0x70 [ 22.838834] kasan_save_track+0x18/0x40 [ 22.839252] kasan_save_alloc_info+0x3b/0x50 [ 22.840325] __kasan_kmalloc+0xb7/0xc0 [ 22.840884] __kmalloc_cache_noprof+0x189/0x420 [ 22.841525] kasan_bitops_generic+0x92/0x1c0 [ 22.842107] kunit_try_run_case+0x1a5/0x480 [ 22.843004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.843592] kthread+0x337/0x6f0 [ 22.843955] ret_from_fork+0x41/0x80 [ 22.844827] ret_from_fork_asm+0x1a/0x30 [ 22.845355] [ 22.845529] The buggy address belongs to the object at ffff8881026cd0c0 [ 22.845529] which belongs to the cache kmalloc-16 of size 16 [ 22.847586] The buggy address is located 8 bytes inside of [ 22.847586] allocated 9-byte region [ffff8881026cd0c0, ffff8881026cd0c9) [ 22.848947] [ 22.849474] The buggy address belongs to the physical page: [ 22.849900] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 22.850838] flags: 0x200000000000000(node=0|zone=2) [ 22.851316] page_type: f5(slab) [ 22.851692] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 22.853196] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 22.853680] page dumped because: kasan: bad access detected [ 22.854173] [ 22.854417] Memory state around the buggy address: [ 22.854837] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.855825] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 22.856934] >ffff8881026cd080: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 22.857517] ^ [ 22.857730] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.858281] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.859236] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 22.525506] ================================================================== [ 22.526243] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 22.526879] Read of size 1 at addr ffff888102ef0050 by task kunit_try_catch/279 [ 22.528674] [ 22.528901] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.530668] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.530714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.531198] Call Trace: [ 22.531248] <TASK> [ 22.531323] dump_stack_lvl+0x73/0xb0 [ 22.531392] print_report+0xd1/0x650 [ 22.531455] ? __virt_addr_valid+0x1db/0x2d0 [ 22.531509] ? strnlen+0x73/0x80 [ 22.531555] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.531611] ? strnlen+0x73/0x80 [ 22.531658] kasan_report+0x141/0x180 [ 22.531711] ? strnlen+0x73/0x80 [ 22.531767] __asan_report_load1_noabort+0x18/0x20 [ 22.531818] strnlen+0x73/0x80 [ 22.532391] kasan_strings+0x615/0xe80 [ 22.532464] ? trace_hardirqs_on+0x37/0xe0 [ 22.532568] ? __pfx_kasan_strings+0x10/0x10 [ 22.532625] ? finish_task_switch.isra.0+0x153/0x700 [ 22.532678] ? __switch_to+0x5d9/0xf60 [ 22.532725] ? dequeue_task_fair+0x166/0x4e0 [ 22.532781] ? __schedule+0x10cc/0x2b60 [ 22.532834] ? __pfx_read_tsc+0x10/0x10 [ 22.532883] ? ktime_get_ts64+0x86/0x230 [ 22.532953] kunit_try_run_case+0x1a5/0x480 [ 22.533023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.533080] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.533137] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.533193] ? __kthread_parkme+0x82/0x180 [ 22.533245] ? preempt_count_sub+0x50/0x80 [ 22.533328] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.533388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.533446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.533502] kthread+0x337/0x6f0 [ 22.533555] ? trace_preempt_on+0x20/0xc0 [ 22.533615] ? __pfx_kthread+0x10/0x10 [ 22.533658] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.533709] ? calculate_sigpending+0x7b/0xa0 [ 22.533760] ? __pfx_kthread+0x10/0x10 [ 22.533805] ret_from_fork+0x41/0x80 [ 22.533856] ? __pfx_kthread+0x10/0x10 [ 22.534340] ret_from_fork_asm+0x1a/0x30 [ 22.534450] </TASK> [ 22.534491] [ 22.554940] Allocated by task 279: [ 22.555589] kasan_save_stack+0x45/0x70 [ 22.556149] kasan_save_track+0x18/0x40 [ 22.556560] kasan_save_alloc_info+0x3b/0x50 [ 22.557185] __kasan_kmalloc+0xb7/0xc0 [ 22.557598] __kmalloc_cache_noprof+0x189/0x420 [ 22.558546] kasan_strings+0xc0/0xe80 [ 22.558929] kunit_try_run_case+0x1a5/0x480 [ 22.559619] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.560389] kthread+0x337/0x6f0 [ 22.560794] ret_from_fork+0x41/0x80 [ 22.561420] ret_from_fork_asm+0x1a/0x30 [ 22.561737] [ 22.562453] Freed by task 279: [ 22.562824] kasan_save_stack+0x45/0x70 [ 22.563593] kasan_save_track+0x18/0x40 [ 22.563982] kasan_save_free_info+0x3f/0x60 [ 22.564334] __kasan_slab_free+0x56/0x70 [ 22.564656] kfree+0x222/0x3f0 [ 22.564925] kasan_strings+0x2aa/0xe80 [ 22.565218] kunit_try_run_case+0x1a5/0x480 [ 22.566358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.566750] kthread+0x337/0x6f0 [ 22.567794] ret_from_fork+0x41/0x80 [ 22.568270] ret_from_fork_asm+0x1a/0x30 [ 22.568818] [ 22.569443] The buggy address belongs to the object at ffff888102ef0040 [ 22.569443] which belongs to the cache kmalloc-32 of size 32 [ 22.571200] The buggy address is located 16 bytes inside of [ 22.571200] freed 32-byte region [ffff888102ef0040, ffff888102ef0060) [ 22.572742] [ 22.573001] The buggy address belongs to the physical page: [ 22.573799] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef0 [ 22.575350] flags: 0x200000000000000(node=0|zone=2) [ 22.575823] page_type: f5(slab) [ 22.576147] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.576812] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.577462] page dumped because: kasan: bad access detected [ 22.578090] [ 22.578591] Memory state around the buggy address: [ 22.579658] ffff888102eeff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.580406] ffff888102eeff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.581036] >ffff888102ef0000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.581735] ^ [ 22.582216] ffff888102ef0080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.583036] ffff888102ef0100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.584513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 22.468507] ================================================================== [ 22.469160] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 22.470722] Read of size 1 at addr ffff888102ef0050 by task kunit_try_catch/279 [ 22.471537] [ 22.471823] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.472019] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.472086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.472148] Call Trace: [ 22.472200] <TASK> [ 22.472250] dump_stack_lvl+0x73/0xb0 [ 22.472371] print_report+0xd1/0x650 [ 22.472453] ? __virt_addr_valid+0x1db/0x2d0 [ 22.472511] ? strlen+0x8f/0xb0 [ 22.472542] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.472580] ? strlen+0x8f/0xb0 [ 22.472607] kasan_report+0x141/0x180 [ 22.472643] ? strlen+0x8f/0xb0 [ 22.472699] __asan_report_load1_noabort+0x18/0x20 [ 22.472737] strlen+0x8f/0xb0 [ 22.472778] kasan_strings+0x57b/0xe80 [ 22.472818] ? trace_hardirqs_on+0x37/0xe0 [ 22.472867] ? __pfx_kasan_strings+0x10/0x10 [ 22.472910] ? finish_task_switch.isra.0+0x153/0x700 [ 22.472953] ? __switch_to+0x5d9/0xf60 [ 22.472997] ? dequeue_task_fair+0x166/0x4e0 [ 22.473041] ? __schedule+0x10cc/0x2b60 [ 22.473587] ? __pfx_read_tsc+0x10/0x10 [ 22.473662] ? ktime_get_ts64+0x86/0x230 [ 22.473744] kunit_try_run_case+0x1a5/0x480 [ 22.473809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.473848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.473887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.473924] ? __kthread_parkme+0x82/0x180 [ 22.474214] ? preempt_count_sub+0x50/0x80 [ 22.474267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.474336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.474375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.474415] kthread+0x337/0x6f0 [ 22.474443] ? trace_preempt_on+0x20/0xc0 [ 22.474478] ? __pfx_kthread+0x10/0x10 [ 22.474507] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.474540] ? calculate_sigpending+0x7b/0xa0 [ 22.474575] ? __pfx_kthread+0x10/0x10 [ 22.474604] ret_from_fork+0x41/0x80 [ 22.474638] ? __pfx_kthread+0x10/0x10 [ 22.474668] ret_from_fork_asm+0x1a/0x30 [ 22.474714] </TASK> [ 22.474732] [ 22.494486] Allocated by task 279: [ 22.494915] kasan_save_stack+0x45/0x70 [ 22.495608] kasan_save_track+0x18/0x40 [ 22.496222] kasan_save_alloc_info+0x3b/0x50 [ 22.496710] __kasan_kmalloc+0xb7/0xc0 [ 22.497317] __kmalloc_cache_noprof+0x189/0x420 [ 22.497856] kasan_strings+0xc0/0xe80 [ 22.498672] kunit_try_run_case+0x1a5/0x480 [ 22.499277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.499798] kthread+0x337/0x6f0 [ 22.500264] ret_from_fork+0x41/0x80 [ 22.500597] ret_from_fork_asm+0x1a/0x30 [ 22.501220] [ 22.501512] Freed by task 279: [ 22.501932] kasan_save_stack+0x45/0x70 [ 22.503358] kasan_save_track+0x18/0x40 [ 22.503770] kasan_save_free_info+0x3f/0x60 [ 22.504493] __kasan_slab_free+0x56/0x70 [ 22.504900] kfree+0x222/0x3f0 [ 22.505472] kasan_strings+0x2aa/0xe80 [ 22.505876] kunit_try_run_case+0x1a5/0x480 [ 22.506865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.507584] kthread+0x337/0x6f0 [ 22.508160] ret_from_fork+0x41/0x80 [ 22.508575] ret_from_fork_asm+0x1a/0x30 [ 22.509147] [ 22.509434] The buggy address belongs to the object at ffff888102ef0040 [ 22.509434] which belongs to the cache kmalloc-32 of size 32 [ 22.510630] The buggy address is located 16 bytes inside of [ 22.510630] freed 32-byte region [ffff888102ef0040, ffff888102ef0060) [ 22.511841] [ 22.512302] The buggy address belongs to the physical page: [ 22.512631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef0 [ 22.513588] flags: 0x200000000000000(node=0|zone=2) [ 22.514429] page_type: f5(slab) [ 22.514838] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.515661] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.516342] page dumped because: kasan: bad access detected [ 22.516837] [ 22.517307] Memory state around the buggy address: [ 22.517803] ffff888102eeff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.518793] ffff888102eeff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.519539] >ffff888102ef0000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.520328] ^ [ 22.520880] ffff888102ef0080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.521440] ffff888102ef0100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.521835] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 22.414877] ================================================================== [ 22.415360] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 22.416643] Read of size 1 at addr ffff888102ef0050 by task kunit_try_catch/279 [ 22.417551] [ 22.417788] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.417967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.418126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.418192] Call Trace: [ 22.418281] <TASK> [ 22.418359] dump_stack_lvl+0x73/0xb0 [ 22.418452] print_report+0xd1/0x650 [ 22.418537] ? __virt_addr_valid+0x1db/0x2d0 [ 22.418650] ? kasan_strings+0xcbc/0xe80 [ 22.418721] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.418794] ? kasan_strings+0xcbc/0xe80 [ 22.418866] kasan_report+0x141/0x180 [ 22.418943] ? kasan_strings+0xcbc/0xe80 [ 22.419166] __asan_report_load1_noabort+0x18/0x20 [ 22.419248] kasan_strings+0xcbc/0xe80 [ 22.419338] ? trace_hardirqs_on+0x37/0xe0 [ 22.419423] ? __pfx_kasan_strings+0x10/0x10 [ 22.419466] ? finish_task_switch.isra.0+0x153/0x700 [ 22.419505] ? __switch_to+0x5d9/0xf60 [ 22.419538] ? dequeue_task_fair+0x166/0x4e0 [ 22.419577] ? __schedule+0x10cc/0x2b60 [ 22.419614] ? __pfx_read_tsc+0x10/0x10 [ 22.419646] ? ktime_get_ts64+0x86/0x230 [ 22.419685] kunit_try_run_case+0x1a5/0x480 [ 22.419725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.419763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.419802] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.419839] ? __kthread_parkme+0x82/0x180 [ 22.419872] ? preempt_count_sub+0x50/0x80 [ 22.419929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.420270] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.420347] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.420388] kthread+0x337/0x6f0 [ 22.420417] ? trace_preempt_on+0x20/0xc0 [ 22.420454] ? __pfx_kthread+0x10/0x10 [ 22.420482] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.420517] ? calculate_sigpending+0x7b/0xa0 [ 22.420553] ? __pfx_kthread+0x10/0x10 [ 22.420581] ret_from_fork+0x41/0x80 [ 22.420616] ? __pfx_kthread+0x10/0x10 [ 22.420644] ret_from_fork_asm+0x1a/0x30 [ 22.420690] </TASK> [ 22.420709] [ 22.439046] Allocated by task 279: [ 22.439554] kasan_save_stack+0x45/0x70 [ 22.439966] kasan_save_track+0x18/0x40 [ 22.440589] kasan_save_alloc_info+0x3b/0x50 [ 22.441819] __kasan_kmalloc+0xb7/0xc0 [ 22.442272] __kmalloc_cache_noprof+0x189/0x420 [ 22.442687] kasan_strings+0xc0/0xe80 [ 22.442993] kunit_try_run_case+0x1a5/0x480 [ 22.443375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.443789] kthread+0x337/0x6f0 [ 22.445706] ret_from_fork+0x41/0x80 [ 22.446041] ret_from_fork_asm+0x1a/0x30 [ 22.446391] [ 22.446576] Freed by task 279: [ 22.446838] kasan_save_stack+0x45/0x70 [ 22.447384] kasan_save_track+0x18/0x40 [ 22.448005] kasan_save_free_info+0x3f/0x60 [ 22.448646] __kasan_slab_free+0x56/0x70 [ 22.449687] kfree+0x222/0x3f0 [ 22.450174] kasan_strings+0x2aa/0xe80 [ 22.450755] kunit_try_run_case+0x1a5/0x480 [ 22.451347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.451945] kthread+0x337/0x6f0 [ 22.452440] ret_from_fork+0x41/0x80 [ 22.452846] ret_from_fork_asm+0x1a/0x30 [ 22.453829] [ 22.454252] The buggy address belongs to the object at ffff888102ef0040 [ 22.454252] which belongs to the cache kmalloc-32 of size 32 [ 22.455402] The buggy address is located 16 bytes inside of [ 22.455402] freed 32-byte region [ffff888102ef0040, ffff888102ef0060) [ 22.456719] [ 22.456969] The buggy address belongs to the physical page: [ 22.457996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef0 [ 22.458529] flags: 0x200000000000000(node=0|zone=2) [ 22.459002] page_type: f5(slab) [ 22.459569] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.460226] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.460979] page dumped because: kasan: bad access detected [ 22.461918] [ 22.462166] Memory state around the buggy address: [ 22.462661] ffff888102eeff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.463436] ffff888102eeff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.464121] >ffff888102ef0000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.464777] ^ [ 22.465270] ffff888102ef0080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.465990] ffff888102ef0100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.467033] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 22.356087] ================================================================== [ 22.357645] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 22.358681] Read of size 1 at addr ffff888102ef0050 by task kunit_try_catch/279 [ 22.359850] [ 22.360099] CPU: 1 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.360566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.360638] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.360705] Call Trace: [ 22.360745] <TASK> [ 22.360829] dump_stack_lvl+0x73/0xb0 [ 22.360961] print_report+0xd1/0x650 [ 22.361066] ? __virt_addr_valid+0x1db/0x2d0 [ 22.361145] ? strcmp+0xb0/0xc0 [ 22.361208] ? kasan_complete_mode_report_info+0x64/0x200 [ 22.361281] ? strcmp+0xb0/0xc0 [ 22.361365] kasan_report+0x141/0x180 [ 22.361440] ? strcmp+0xb0/0xc0 [ 22.361631] __asan_report_load1_noabort+0x18/0x20 [ 22.361672] strcmp+0xb0/0xc0 [ 22.361704] kasan_strings+0x431/0xe80 [ 22.361741] ? trace_hardirqs_on+0x37/0xe0 [ 22.361780] ? __pfx_kasan_strings+0x10/0x10 [ 22.361813] ? finish_task_switch.isra.0+0x153/0x700 [ 22.361850] ? __switch_to+0x5d9/0xf60 [ 22.361881] ? dequeue_task_fair+0x166/0x4e0 [ 22.361918] ? __schedule+0x10cc/0x2b60 [ 22.362015] ? __pfx_read_tsc+0x10/0x10 [ 22.362097] ? ktime_get_ts64+0x86/0x230 [ 22.362169] kunit_try_run_case+0x1a5/0x480 [ 22.362215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.362250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.362311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.362353] ? __kthread_parkme+0x82/0x180 [ 22.362390] ? preempt_count_sub+0x50/0x80 [ 22.362426] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.362464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.362500] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.362537] kthread+0x337/0x6f0 [ 22.362563] ? trace_preempt_on+0x20/0xc0 [ 22.362599] ? __pfx_kthread+0x10/0x10 [ 22.362630] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.362664] ? calculate_sigpending+0x7b/0xa0 [ 22.362700] ? __pfx_kthread+0x10/0x10 [ 22.362728] ret_from_fork+0x41/0x80 [ 22.362764] ? __pfx_kthread+0x10/0x10 [ 22.362792] ret_from_fork_asm+0x1a/0x30 [ 22.362840] </TASK> [ 22.362855] [ 22.385844] Allocated by task 279: [ 22.386820] kasan_save_stack+0x45/0x70 [ 22.387429] kasan_save_track+0x18/0x40 [ 22.387871] kasan_save_alloc_info+0x3b/0x50 [ 22.388522] __kasan_kmalloc+0xb7/0xc0 [ 22.388936] __kmalloc_cache_noprof+0x189/0x420 [ 22.389488] kasan_strings+0xc0/0xe80 [ 22.389894] kunit_try_run_case+0x1a5/0x480 [ 22.391038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.391459] kthread+0x337/0x6f0 [ 22.392115] ret_from_fork+0x41/0x80 [ 22.392574] ret_from_fork_asm+0x1a/0x30 [ 22.393019] [ 22.393374] Freed by task 279: [ 22.393761] kasan_save_stack+0x45/0x70 [ 22.394223] kasan_save_track+0x18/0x40 [ 22.395088] kasan_save_free_info+0x3f/0x60 [ 22.395819] __kasan_slab_free+0x56/0x70 [ 22.396154] kfree+0x222/0x3f0 [ 22.396534] kasan_strings+0x2aa/0xe80 [ 22.396938] kunit_try_run_case+0x1a5/0x480 [ 22.397618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.398005] kthread+0x337/0x6f0 [ 22.398411] ret_from_fork+0x41/0x80 [ 22.399369] ret_from_fork_asm+0x1a/0x30 [ 22.399812] [ 22.400086] The buggy address belongs to the object at ffff888102ef0040 [ 22.400086] which belongs to the cache kmalloc-32 of size 32 [ 22.401031] The buggy address is located 16 bytes inside of [ 22.401031] freed 32-byte region [ffff888102ef0040, ffff888102ef0060) [ 22.402078] [ 22.402273] The buggy address belongs to the physical page: [ 22.402985] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef0 [ 22.404472] flags: 0x200000000000000(node=0|zone=2) [ 22.405212] page_type: f5(slab) [ 22.405567] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.406339] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.406942] page dumped because: kasan: bad access detected [ 22.407830] [ 22.408102] Memory state around the buggy address: [ 22.408543] ffff888102eeff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.409565] ffff888102eeff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.410464] >ffff888102ef0000: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.410991] ^ [ 22.411562] ffff888102ef0080: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.412854] ffff888102ef0100: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 22.413727] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 22.296759] ================================================================== [ 22.297904] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 22.298698] Read of size 1 at addr ffff8881030b3dd8 by task kunit_try_catch/277 [ 22.300040] [ 22.300689] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.300829] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.300872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.300910] Call Trace: [ 22.300931] <TASK> [ 22.300956] dump_stack_lvl+0x73/0xb0 [ 22.300998] print_report+0xd1/0x650 [ 22.301345] ? __virt_addr_valid+0x1db/0x2d0 [ 22.301432] ? memcmp+0x1b4/0x1d0 [ 22.301501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.301559] ? memcmp+0x1b4/0x1d0 [ 22.301591] kasan_report+0x141/0x180 [ 22.301628] ? memcmp+0x1b4/0x1d0 [ 22.301661] __asan_report_load1_noabort+0x18/0x20 [ 22.301693] memcmp+0x1b4/0x1d0 [ 22.301723] kasan_memcmp+0x18f/0x390 [ 22.301756] ? trace_hardirqs_on+0x37/0xe0 [ 22.301794] ? __pfx_kasan_memcmp+0x10/0x10 [ 22.301823] ? finish_task_switch.isra.0+0x153/0x700 [ 22.301858] ? __switch_to+0x5d9/0xf60 [ 22.301887] ? dequeue_task_fair+0x166/0x4e0 [ 22.301925] ? __pfx_read_tsc+0x10/0x10 [ 22.301955] ? ktime_get_ts64+0x86/0x230 [ 22.301993] kunit_try_run_case+0x1a5/0x480 [ 22.302049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.302120] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.302160] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.302196] ? __kthread_parkme+0x82/0x180 [ 22.302229] ? preempt_count_sub+0x50/0x80 [ 22.302265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.302323] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.302364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.302399] kthread+0x337/0x6f0 [ 22.302422] ? trace_preempt_on+0x20/0xc0 [ 22.302455] ? __pfx_kthread+0x10/0x10 [ 22.302480] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.302512] ? calculate_sigpending+0x7b/0xa0 [ 22.302546] ? __pfx_kthread+0x10/0x10 [ 22.302570] ret_from_fork+0x41/0x80 [ 22.302602] ? __pfx_kthread+0x10/0x10 [ 22.302626] ret_from_fork_asm+0x1a/0x30 [ 22.302671] </TASK> [ 22.302686] [ 22.323032] Allocated by task 277: [ 22.323849] kasan_save_stack+0x45/0x70 [ 22.324488] kasan_save_track+0x18/0x40 [ 22.324904] kasan_save_alloc_info+0x3b/0x50 [ 22.325588] __kasan_kmalloc+0xb7/0xc0 [ 22.325939] __kmalloc_cache_noprof+0x189/0x420 [ 22.326707] kasan_memcmp+0xb7/0x390 [ 22.326978] kunit_try_run_case+0x1a5/0x480 [ 22.327622] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.328447] kthread+0x337/0x6f0 [ 22.328751] ret_from_fork+0x41/0x80 [ 22.329270] ret_from_fork_asm+0x1a/0x30 [ 22.329714] [ 22.329928] The buggy address belongs to the object at ffff8881030b3dc0 [ 22.329928] which belongs to the cache kmalloc-32 of size 32 [ 22.331234] The buggy address is located 0 bytes to the right of [ 22.331234] allocated 24-byte region [ffff8881030b3dc0, ffff8881030b3dd8) [ 22.332670] [ 22.332857] The buggy address belongs to the physical page: [ 22.333577] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030b3 [ 22.334105] flags: 0x200000000000000(node=0|zone=2) [ 22.334889] page_type: f5(slab) [ 22.335272] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 22.336119] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 22.336755] page dumped because: kasan: bad access detected [ 22.337141] [ 22.337781] Memory state around the buggy address: [ 22.338388] ffff8881030b3c80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 22.338997] ffff8881030b3d00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.339592] >ffff8881030b3d80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 22.340048] ^ [ 22.341246] ffff8881030b3e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.341809] ffff8881030b3e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.342933] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 19.971396] ================================================================== [ 19.972212] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.973686] Read of size 1 at addr ffff888103096778 by task kunit_try_catch/214 [ 19.974378] [ 19.974687] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.974855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.974892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.974944] Call Trace: [ 19.974994] <TASK> [ 19.975042] dump_stack_lvl+0x73/0xb0 [ 19.975128] print_report+0xd1/0x650 [ 19.975270] ? __virt_addr_valid+0x1db/0x2d0 [ 19.975373] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.975447] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.975521] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.975583] kasan_report+0x141/0x180 [ 19.975618] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.975663] __asan_report_load1_noabort+0x18/0x20 [ 19.975694] ksize_unpoisons_memory+0x7e9/0x9b0 [ 19.975732] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 19.975765] ? finish_task_switch.isra.0+0x153/0x700 [ 19.975799] ? __switch_to+0x5d9/0xf60 [ 19.975827] ? dequeue_task_fair+0x166/0x4e0 [ 19.975860] ? __schedule+0x10cc/0x2b60 [ 19.975922] ? __pfx_read_tsc+0x10/0x10 [ 19.975954] ? ktime_get_ts64+0x86/0x230 [ 19.975991] kunit_try_run_case+0x1a5/0x480 [ 19.976026] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.976087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.976125] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.976159] ? __kthread_parkme+0x82/0x180 [ 19.976190] ? preempt_count_sub+0x50/0x80 [ 19.976224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.976259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.976315] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.976351] kthread+0x337/0x6f0 [ 19.976376] ? trace_preempt_on+0x20/0xc0 [ 19.976411] ? __pfx_kthread+0x10/0x10 [ 19.976437] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.976468] ? calculate_sigpending+0x7b/0xa0 [ 19.976499] ? __pfx_kthread+0x10/0x10 [ 19.976526] ret_from_fork+0x41/0x80 [ 19.976557] ? __pfx_kthread+0x10/0x10 [ 19.976582] ret_from_fork_asm+0x1a/0x30 [ 19.976626] </TASK> [ 19.976642] [ 19.993972] Allocated by task 214: [ 19.994530] kasan_save_stack+0x45/0x70 [ 19.994999] kasan_save_track+0x18/0x40 [ 19.995593] kasan_save_alloc_info+0x3b/0x50 [ 19.996162] __kasan_kmalloc+0xb7/0xc0 [ 19.996670] __kmalloc_cache_noprof+0x189/0x420 [ 19.997158] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.997744] kunit_try_run_case+0x1a5/0x480 [ 19.998275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.998673] kthread+0x337/0x6f0 [ 19.998951] ret_from_fork+0x41/0x80 [ 19.999440] ret_from_fork_asm+0x1a/0x30 [ 20.000050] [ 20.000376] The buggy address belongs to the object at ffff888103096700 [ 20.000376] which belongs to the cache kmalloc-128 of size 128 [ 20.001661] The buggy address is located 5 bytes to the right of [ 20.001661] allocated 115-byte region [ffff888103096700, ffff888103096773) [ 20.002889] [ 20.003102] The buggy address belongs to the physical page: [ 20.003747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 20.004568] flags: 0x200000000000000(node=0|zone=2) [ 20.004926] page_type: f5(slab) [ 20.005265] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.006125] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.006896] page dumped because: kasan: bad access detected [ 20.007573] [ 20.007856] Memory state around the buggy address: [ 20.008480] ffff888103096600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.008917] ffff888103096680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.009822] >ffff888103096700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.010604] ^ [ 20.011349] ffff888103096780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.011793] ffff888103096800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.012914] ================================================================== [ 19.926180] ================================================================== [ 19.927130] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 19.927963] Read of size 1 at addr ffff888103096773 by task kunit_try_catch/214 [ 19.928586] [ 19.928836] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.929011] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.929052] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.929128] Call Trace: [ 19.929171] <TASK> [ 19.929218] dump_stack_lvl+0x73/0xb0 [ 19.929313] print_report+0xd1/0x650 [ 19.929391] ? __virt_addr_valid+0x1db/0x2d0 [ 19.929466] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.929537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.929607] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.929681] kasan_report+0x141/0x180 [ 19.929754] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 19.929840] __asan_report_load1_noabort+0x18/0x20 [ 19.929960] ksize_unpoisons_memory+0x81c/0x9b0 [ 19.930090] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 19.930168] ? finish_task_switch.isra.0+0x153/0x700 [ 19.930232] ? __switch_to+0x5d9/0xf60 [ 19.930268] ? dequeue_task_fair+0x166/0x4e0 [ 19.930332] ? __schedule+0x10cc/0x2b60 [ 19.930371] ? __pfx_read_tsc+0x10/0x10 [ 19.930403] ? ktime_get_ts64+0x86/0x230 [ 19.930443] kunit_try_run_case+0x1a5/0x480 [ 19.930483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.930518] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.930555] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.930591] ? __kthread_parkme+0x82/0x180 [ 19.930625] ? preempt_count_sub+0x50/0x80 [ 19.930660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.930695] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.930730] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.930763] kthread+0x337/0x6f0 [ 19.930788] ? trace_preempt_on+0x20/0xc0 [ 19.930824] ? __pfx_kthread+0x10/0x10 [ 19.930851] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.930882] ? calculate_sigpending+0x7b/0xa0 [ 19.930916] ? __pfx_kthread+0x10/0x10 [ 19.930943] ret_from_fork+0x41/0x80 [ 19.930975] ? __pfx_kthread+0x10/0x10 [ 19.931002] ret_from_fork_asm+0x1a/0x30 [ 19.931085] </TASK> [ 19.931109] [ 19.950042] Allocated by task 214: [ 19.951478] kasan_save_stack+0x45/0x70 [ 19.952102] kasan_save_track+0x18/0x40 [ 19.952535] kasan_save_alloc_info+0x3b/0x50 [ 19.953259] __kasan_kmalloc+0xb7/0xc0 [ 19.953864] __kmalloc_cache_noprof+0x189/0x420 [ 19.954447] ksize_unpoisons_memory+0xc7/0x9b0 [ 19.954883] kunit_try_run_case+0x1a5/0x480 [ 19.955498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.956002] kthread+0x337/0x6f0 [ 19.956382] ret_from_fork+0x41/0x80 [ 19.956775] ret_from_fork_asm+0x1a/0x30 [ 19.957212] [ 19.957570] The buggy address belongs to the object at ffff888103096700 [ 19.957570] which belongs to the cache kmalloc-128 of size 128 [ 19.958653] The buggy address is located 0 bytes to the right of [ 19.958653] allocated 115-byte region [ffff888103096700, ffff888103096773) [ 19.959597] [ 19.959834] The buggy address belongs to the physical page: [ 19.960530] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 19.961068] flags: 0x200000000000000(node=0|zone=2) [ 19.961645] page_type: f5(slab) [ 19.962042] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.962749] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.963454] page dumped because: kasan: bad access detected [ 19.963905] [ 19.964109] Memory state around the buggy address: [ 19.964562] ffff888103096600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.965178] ffff888103096680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.965954] >ffff888103096700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.966535] ^ [ 19.967142] ffff888103096780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.967990] ffff888103096800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.968601] ================================================================== [ 20.016856] ================================================================== [ 20.017653] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 20.019001] Read of size 1 at addr ffff88810309677f by task kunit_try_catch/214 [ 20.019990] [ 20.020233] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.020698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.020721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.020751] Call Trace: [ 20.020773] <TASK> [ 20.020799] dump_stack_lvl+0x73/0xb0 [ 20.020847] print_report+0xd1/0x650 [ 20.020885] ? __virt_addr_valid+0x1db/0x2d0 [ 20.020919] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 20.020955] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.020989] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 20.021026] kasan_report+0x141/0x180 [ 20.021087] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 20.021132] __asan_report_load1_noabort+0x18/0x20 [ 20.021164] ksize_unpoisons_memory+0x7b6/0x9b0 [ 20.021201] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 20.021236] ? finish_task_switch.isra.0+0x153/0x700 [ 20.021273] ? __switch_to+0x5d9/0xf60 [ 20.021333] ? dequeue_task_fair+0x166/0x4e0 [ 20.021368] ? __schedule+0x10cc/0x2b60 [ 20.021404] ? __pfx_read_tsc+0x10/0x10 [ 20.021436] ? ktime_get_ts64+0x86/0x230 [ 20.021473] kunit_try_run_case+0x1a5/0x480 [ 20.021512] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.021546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.021583] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.021618] ? __kthread_parkme+0x82/0x180 [ 20.021650] ? preempt_count_sub+0x50/0x80 [ 20.021686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.021721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.021754] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.021788] kthread+0x337/0x6f0 [ 20.021813] ? trace_preempt_on+0x20/0xc0 [ 20.021849] ? __pfx_kthread+0x10/0x10 [ 20.021876] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.021909] ? calculate_sigpending+0x7b/0xa0 [ 20.021942] ? __pfx_kthread+0x10/0x10 [ 20.021969] ret_from_fork+0x41/0x80 [ 20.022001] ? __pfx_kthread+0x10/0x10 [ 20.022028] ret_from_fork_asm+0x1a/0x30 [ 20.022101] </TASK> [ 20.022119] [ 20.037150] Allocated by task 214: [ 20.037654] kasan_save_stack+0x45/0x70 [ 20.038205] kasan_save_track+0x18/0x40 [ 20.038645] kasan_save_alloc_info+0x3b/0x50 [ 20.039215] __kasan_kmalloc+0xb7/0xc0 [ 20.039651] __kmalloc_cache_noprof+0x189/0x420 [ 20.040249] ksize_unpoisons_memory+0xc7/0x9b0 [ 20.040757] kunit_try_run_case+0x1a5/0x480 [ 20.041135] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.041715] kthread+0x337/0x6f0 [ 20.042134] ret_from_fork+0x41/0x80 [ 20.042576] ret_from_fork_asm+0x1a/0x30 [ 20.042957] [ 20.043269] The buggy address belongs to the object at ffff888103096700 [ 20.043269] which belongs to the cache kmalloc-128 of size 128 [ 20.044321] The buggy address is located 12 bytes to the right of [ 20.044321] allocated 115-byte region [ffff888103096700, ffff888103096773) [ 20.045354] [ 20.045614] The buggy address belongs to the physical page: [ 20.046154] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 20.046821] flags: 0x200000000000000(node=0|zone=2) [ 20.047428] page_type: f5(slab) [ 20.047784] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.048470] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.049001] page dumped because: kasan: bad access detected [ 20.049483] [ 20.049750] Memory state around the buggy address: [ 20.050315] ffff888103096600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.050958] ffff888103096680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.051660] >ffff888103096700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 20.052231] ^ [ 20.052854] ffff888103096780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.053589] ffff888103096800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.054197] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 19.857546] ================================================================== [ 19.858225] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 19.858765] Free of addr ffff8881026cd0a0 by task kunit_try_catch/212 [ 19.859840] [ 19.860282] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.860447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.860506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.860582] Call Trace: [ 19.860633] <TASK> [ 19.860708] dump_stack_lvl+0x73/0xb0 [ 19.862522] print_report+0xd1/0x650 [ 19.862655] ? __virt_addr_valid+0x1db/0x2d0 [ 19.863386] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.863472] ? kfree_sensitive+0x2e/0x90 [ 19.863543] kasan_report_invalid_free+0x10a/0x130 [ 19.863621] ? kfree_sensitive+0x2e/0x90 [ 19.863698] ? kfree_sensitive+0x2e/0x90 [ 19.863765] check_slab_allocation+0x101/0x130 [ 19.863837] __kasan_slab_pre_free+0x28/0x40 [ 19.863927] kfree+0xf0/0x3f0 [ 19.865528] ? kfree_sensitive+0x2e/0x90 [ 19.865591] kfree_sensitive+0x2e/0x90 [ 19.865643] kmalloc_double_kzfree+0x19c/0x350 [ 19.865699] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 19.865756] ? __schedule+0x10cc/0x2b60 [ 19.865811] ? __pfx_read_tsc+0x10/0x10 [ 19.865860] ? ktime_get_ts64+0x86/0x230 [ 19.865921] kunit_try_run_case+0x1a5/0x480 [ 19.866121] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.866177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.866235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.866365] ? __kthread_parkme+0x82/0x180 [ 19.866443] ? preempt_count_sub+0x50/0x80 [ 19.866508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.866565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.866631] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.866700] kthread+0x337/0x6f0 [ 19.866747] ? trace_preempt_on+0x20/0xc0 [ 19.866816] ? __pfx_kthread+0x10/0x10 [ 19.866871] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.866934] ? calculate_sigpending+0x7b/0xa0 [ 19.867142] ? __pfx_kthread+0x10/0x10 [ 19.867194] ret_from_fork+0x41/0x80 [ 19.867258] ? __pfx_kthread+0x10/0x10 [ 19.867332] ret_from_fork_asm+0x1a/0x30 [ 19.867408] </TASK> [ 19.867434] [ 19.886432] Allocated by task 212: [ 19.887222] kasan_save_stack+0x45/0x70 [ 19.887708] kasan_save_track+0x18/0x40 [ 19.888825] kasan_save_alloc_info+0x3b/0x50 [ 19.889196] __kasan_kmalloc+0xb7/0xc0 [ 19.889518] __kmalloc_cache_noprof+0x189/0x420 [ 19.889854] kmalloc_double_kzfree+0xa9/0x350 [ 19.890270] kunit_try_run_case+0x1a5/0x480 [ 19.891643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.892512] kthread+0x337/0x6f0 [ 19.892885] ret_from_fork+0x41/0x80 [ 19.893537] ret_from_fork_asm+0x1a/0x30 [ 19.894795] [ 19.895227] Freed by task 212: [ 19.895761] kasan_save_stack+0x45/0x70 [ 19.896458] kasan_save_track+0x18/0x40 [ 19.896855] kasan_save_free_info+0x3f/0x60 [ 19.897523] __kasan_slab_free+0x56/0x70 [ 19.897907] kfree+0x222/0x3f0 [ 19.898496] kfree_sensitive+0x67/0x90 [ 19.898910] kmalloc_double_kzfree+0x12b/0x350 [ 19.900425] kunit_try_run_case+0x1a5/0x480 [ 19.900891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.901676] kthread+0x337/0x6f0 [ 19.902211] ret_from_fork+0x41/0x80 [ 19.902559] ret_from_fork_asm+0x1a/0x30 [ 19.903248] [ 19.903512] The buggy address belongs to the object at ffff8881026cd0a0 [ 19.903512] which belongs to the cache kmalloc-16 of size 16 [ 19.905450] The buggy address is located 0 bytes inside of [ 19.905450] 16-byte region [ffff8881026cd0a0, ffff8881026cd0b0) [ 19.906437] [ 19.906540] The buggy address belongs to the physical page: [ 19.906733] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 19.907204] flags: 0x200000000000000(node=0|zone=2) [ 19.908820] page_type: f5(slab) [ 19.910063] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.910817] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.911865] page dumped because: kasan: bad access detected [ 19.912510] [ 19.913005] Memory state around the buggy address: [ 19.914007] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.914690] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.915238] >ffff8881026cd080: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.915850] ^ [ 19.917132] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.917803] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.918622] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 19.803606] ================================================================== [ 19.805460] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 19.806040] Read of size 1 at addr ffff8881026cd0a0 by task kunit_try_catch/212 [ 19.806601] [ 19.806876] CPU: 0 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.807008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.807047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.807102] Call Trace: [ 19.807125] <TASK> [ 19.807152] dump_stack_lvl+0x73/0xb0 [ 19.807193] print_report+0xd1/0x650 [ 19.807228] ? __virt_addr_valid+0x1db/0x2d0 [ 19.807770] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.807821] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.807859] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.807906] kasan_report+0x141/0x180 [ 19.807956] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.808081] ? kmalloc_double_kzfree+0x19c/0x350 [ 19.808141] __kasan_check_byte+0x3d/0x50 [ 19.808178] kfree_sensitive+0x22/0x90 [ 19.808214] kmalloc_double_kzfree+0x19c/0x350 [ 19.808249] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 19.808308] ? __schedule+0x10cc/0x2b60 [ 19.808350] ? __pfx_read_tsc+0x10/0x10 [ 19.808381] ? ktime_get_ts64+0x86/0x230 [ 19.808419] kunit_try_run_case+0x1a5/0x480 [ 19.808455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.808487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.808523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.808557] ? __kthread_parkme+0x82/0x180 [ 19.808589] ? preempt_count_sub+0x50/0x80 [ 19.808625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.808659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.808690] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.808722] kthread+0x337/0x6f0 [ 19.808745] ? trace_preempt_on+0x20/0xc0 [ 19.808779] ? __pfx_kthread+0x10/0x10 [ 19.808803] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.808832] ? calculate_sigpending+0x7b/0xa0 [ 19.808863] ? __pfx_kthread+0x10/0x10 [ 19.808887] ret_from_fork+0x41/0x80 [ 19.808918] ? __pfx_kthread+0x10/0x10 [ 19.808944] ret_from_fork_asm+0x1a/0x30 [ 19.809045] </TASK> [ 19.809081] [ 19.830024] Allocated by task 212: [ 19.830413] kasan_save_stack+0x45/0x70 [ 19.830872] kasan_save_track+0x18/0x40 [ 19.832111] kasan_save_alloc_info+0x3b/0x50 [ 19.832555] __kasan_kmalloc+0xb7/0xc0 [ 19.833220] __kmalloc_cache_noprof+0x189/0x420 [ 19.833604] kmalloc_double_kzfree+0xa9/0x350 [ 19.834072] kunit_try_run_case+0x1a5/0x480 [ 19.834671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.835414] kthread+0x337/0x6f0 [ 19.835741] ret_from_fork+0x41/0x80 [ 19.836372] ret_from_fork_asm+0x1a/0x30 [ 19.837097] [ 19.837822] Freed by task 212: [ 19.838636] kasan_save_stack+0x45/0x70 [ 19.839020] kasan_save_track+0x18/0x40 [ 19.839438] kasan_save_free_info+0x3f/0x60 [ 19.840068] __kasan_slab_free+0x56/0x70 [ 19.840518] kfree+0x222/0x3f0 [ 19.840884] kfree_sensitive+0x67/0x90 [ 19.841833] kmalloc_double_kzfree+0x12b/0x350 [ 19.842274] kunit_try_run_case+0x1a5/0x480 [ 19.842758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.843408] kthread+0x337/0x6f0 [ 19.843744] ret_from_fork+0x41/0x80 [ 19.844350] ret_from_fork_asm+0x1a/0x30 [ 19.844761] [ 19.845099] The buggy address belongs to the object at ffff8881026cd0a0 [ 19.845099] which belongs to the cache kmalloc-16 of size 16 [ 19.846045] The buggy address is located 0 bytes inside of [ 19.846045] freed 16-byte region [ffff8881026cd0a0, ffff8881026cd0b0) [ 19.847434] [ 19.848049] The buggy address belongs to the physical page: [ 19.848875] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 19.849626] flags: 0x200000000000000(node=0|zone=2) [ 19.850121] page_type: f5(slab) [ 19.850614] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.851123] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.851661] page dumped because: kasan: bad access detected [ 19.852164] [ 19.852355] Memory state around the buggy address: [ 19.852666] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.853050] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.853538] >ffff8881026cd080: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 19.854161] ^ [ 19.854677] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.855076] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.855600] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 19.737506] ================================================================== [ 19.738899] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 19.739668] Read of size 1 at addr ffff8881030a1ba8 by task kunit_try_catch/208 [ 19.741316] [ 19.741883] CPU: 0 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.741999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.742039] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.742099] Call Trace: [ 19.742144] <TASK> [ 19.742216] dump_stack_lvl+0x73/0xb0 [ 19.742318] print_report+0xd1/0x650 [ 19.742549] ? __virt_addr_valid+0x1db/0x2d0 [ 19.742590] ? kmalloc_uaf2+0x4a8/0x520 [ 19.742622] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.742657] ? kmalloc_uaf2+0x4a8/0x520 [ 19.742690] kasan_report+0x141/0x180 [ 19.742726] ? kmalloc_uaf2+0x4a8/0x520 [ 19.742764] __asan_report_load1_noabort+0x18/0x20 [ 19.742796] kmalloc_uaf2+0x4a8/0x520 [ 19.742830] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 19.742860] ? finish_task_switch.isra.0+0x153/0x700 [ 19.742897] ? __switch_to+0x5d9/0xf60 [ 19.742929] ? dequeue_task_fair+0x166/0x4e0 [ 19.743082] ? __schedule+0x10cc/0x2b60 [ 19.743128] ? __pfx_read_tsc+0x10/0x10 [ 19.743164] ? ktime_get_ts64+0x86/0x230 [ 19.743204] kunit_try_run_case+0x1a5/0x480 [ 19.743245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.743279] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.743344] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.743382] ? __kthread_parkme+0x82/0x180 [ 19.743417] ? preempt_count_sub+0x50/0x80 [ 19.743453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.743490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.743524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.743560] kthread+0x337/0x6f0 [ 19.743586] ? trace_preempt_on+0x20/0xc0 [ 19.743623] ? __pfx_kthread+0x10/0x10 [ 19.743650] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.743682] ? calculate_sigpending+0x7b/0xa0 [ 19.743715] ? __pfx_kthread+0x10/0x10 [ 19.743742] ret_from_fork+0x41/0x80 [ 19.743774] ? __pfx_kthread+0x10/0x10 [ 19.743800] ret_from_fork_asm+0x1a/0x30 [ 19.743847] </TASK> [ 19.743863] [ 19.764765] Allocated by task 208: [ 19.765795] kasan_save_stack+0x45/0x70 [ 19.766629] kasan_save_track+0x18/0x40 [ 19.766960] kasan_save_alloc_info+0x3b/0x50 [ 19.767809] __kasan_kmalloc+0xb7/0xc0 [ 19.768158] __kmalloc_cache_noprof+0x189/0x420 [ 19.769087] kmalloc_uaf2+0xc6/0x520 [ 19.769651] kunit_try_run_case+0x1a5/0x480 [ 19.770442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.770861] kthread+0x337/0x6f0 [ 19.771503] ret_from_fork+0x41/0x80 [ 19.771892] ret_from_fork_asm+0x1a/0x30 [ 19.772431] [ 19.772646] Freed by task 208: [ 19.773137] kasan_save_stack+0x45/0x70 [ 19.773627] kasan_save_track+0x18/0x40 [ 19.774100] kasan_save_free_info+0x3f/0x60 [ 19.774596] __kasan_slab_free+0x56/0x70 [ 19.775395] kfree+0x222/0x3f0 [ 19.775797] kmalloc_uaf2+0x14c/0x520 [ 19.776175] kunit_try_run_case+0x1a5/0x480 [ 19.776618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.777134] kthread+0x337/0x6f0 [ 19.777730] ret_from_fork+0x41/0x80 [ 19.778321] ret_from_fork_asm+0x1a/0x30 [ 19.778774] [ 19.779191] The buggy address belongs to the object at ffff8881030a1b80 [ 19.779191] which belongs to the cache kmalloc-64 of size 64 [ 19.780355] The buggy address is located 40 bytes inside of [ 19.780355] freed 64-byte region [ffff8881030a1b80, ffff8881030a1bc0) [ 19.781565] [ 19.781851] The buggy address belongs to the physical page: [ 19.782535] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030a1 [ 19.783406] flags: 0x200000000000000(node=0|zone=2) [ 19.783863] page_type: f5(slab) [ 19.784455] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.785174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.785898] page dumped because: kasan: bad access detected [ 19.786725] [ 19.787127] Memory state around the buggy address: [ 19.787574] ffff8881030a1a80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.788427] ffff8881030a1b00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.789229] >ffff8881030a1b80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.789868] ^ [ 19.790484] ffff8881030a1c00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 19.791281] ffff8881030a1c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.792112] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 19.673446] ================================================================== [ 19.674197] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 19.674892] Write of size 33 at addr ffff888102eda680 by task kunit_try_catch/206 [ 19.676633] [ 19.677556] CPU: 1 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.677633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.677653] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.677685] Call Trace: [ 19.677708] <TASK> [ 19.677732] dump_stack_lvl+0x73/0xb0 [ 19.677779] print_report+0xd1/0x650 [ 19.677816] ? __virt_addr_valid+0x1db/0x2d0 [ 19.677850] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.677883] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.677916] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.677968] kasan_report+0x141/0x180 [ 19.678051] ? kmalloc_uaf_memset+0x1a3/0x360 [ 19.678124] kasan_check_range+0x10c/0x1c0 [ 19.678156] __asan_memset+0x27/0x50 [ 19.678186] kmalloc_uaf_memset+0x1a3/0x360 [ 19.678218] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 19.678251] ? __schedule+0x10cc/0x2b60 [ 19.678310] ? __pfx_read_tsc+0x10/0x10 [ 19.678350] ? ktime_get_ts64+0x86/0x230 [ 19.678390] kunit_try_run_case+0x1a5/0x480 [ 19.678431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.678463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.678499] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.678532] ? __kthread_parkme+0x82/0x180 [ 19.678565] ? preempt_count_sub+0x50/0x80 [ 19.678602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.678636] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.678668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.678701] kthread+0x337/0x6f0 [ 19.678724] ? trace_preempt_on+0x20/0xc0 [ 19.678760] ? __pfx_kthread+0x10/0x10 [ 19.678785] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.678815] ? calculate_sigpending+0x7b/0xa0 [ 19.678847] ? __pfx_kthread+0x10/0x10 [ 19.678872] ret_from_fork+0x41/0x80 [ 19.678902] ? __pfx_kthread+0x10/0x10 [ 19.678927] ret_from_fork_asm+0x1a/0x30 [ 19.679018] </TASK> [ 19.679059] [ 19.700351] Allocated by task 206: [ 19.701697] kasan_save_stack+0x45/0x70 [ 19.702075] kasan_save_track+0x18/0x40 [ 19.702511] kasan_save_alloc_info+0x3b/0x50 [ 19.702883] __kasan_kmalloc+0xb7/0xc0 [ 19.703665] __kmalloc_cache_noprof+0x189/0x420 [ 19.704043] kmalloc_uaf_memset+0xa9/0x360 [ 19.704923] kunit_try_run_case+0x1a5/0x480 [ 19.705410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.706695] kthread+0x337/0x6f0 [ 19.707531] ret_from_fork+0x41/0x80 [ 19.707952] ret_from_fork_asm+0x1a/0x30 [ 19.708376] [ 19.708720] Freed by task 206: [ 19.709633] kasan_save_stack+0x45/0x70 [ 19.710231] kasan_save_track+0x18/0x40 [ 19.710619] kasan_save_free_info+0x3f/0x60 [ 19.711141] __kasan_slab_free+0x56/0x70 [ 19.711652] kfree+0x222/0x3f0 [ 19.712120] kmalloc_uaf_memset+0x12b/0x360 [ 19.712876] kunit_try_run_case+0x1a5/0x480 [ 19.713333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.714502] kthread+0x337/0x6f0 [ 19.714871] ret_from_fork+0x41/0x80 [ 19.715379] ret_from_fork_asm+0x1a/0x30 [ 19.715925] [ 19.716362] The buggy address belongs to the object at ffff888102eda680 [ 19.716362] which belongs to the cache kmalloc-64 of size 64 [ 19.717545] The buggy address is located 0 bytes inside of [ 19.717545] freed 64-byte region [ffff888102eda680, ffff888102eda6c0) [ 19.719339] [ 19.719626] The buggy address belongs to the physical page: [ 19.720177] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102eda [ 19.720753] flags: 0x200000000000000(node=0|zone=2) [ 19.721389] page_type: f5(slab) [ 19.721799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.723104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.723702] page dumped because: kasan: bad access detected [ 19.724206] [ 19.724432] Memory state around the buggy address: [ 19.724849] ffff888102eda580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.725760] ffff888102eda600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.726394] >ffff888102eda680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.727048] ^ [ 19.728475] ffff888102eda700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.729338] ffff888102eda780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.729940] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 19.611524] ================================================================== [ 19.612461] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 19.613004] Read of size 1 at addr ffff8881026cd088 by task kunit_try_catch/204 [ 19.613665] [ 19.613883] CPU: 0 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.614004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.614112] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.614195] Call Trace: [ 19.614234] <TASK> [ 19.614282] dump_stack_lvl+0x73/0xb0 [ 19.614821] print_report+0xd1/0x650 [ 19.614861] ? __virt_addr_valid+0x1db/0x2d0 [ 19.614895] ? kmalloc_uaf+0x320/0x380 [ 19.614925] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.615355] ? kmalloc_uaf+0x320/0x380 [ 19.615512] kasan_report+0x141/0x180 [ 19.615559] ? kmalloc_uaf+0x320/0x380 [ 19.615621] __asan_report_load1_noabort+0x18/0x20 [ 19.615687] kmalloc_uaf+0x320/0x380 [ 19.615722] ? __pfx_kmalloc_uaf+0x10/0x10 [ 19.615754] ? __schedule+0x10cc/0x2b60 [ 19.615788] ? __pfx_read_tsc+0x10/0x10 [ 19.615819] ? ktime_get_ts64+0x86/0x230 [ 19.615856] kunit_try_run_case+0x1a5/0x480 [ 19.615904] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.615936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.616010] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.616146] ? __kthread_parkme+0x82/0x180 [ 19.616195] ? preempt_count_sub+0x50/0x80 [ 19.616232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.616267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.616326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.616362] kthread+0x337/0x6f0 [ 19.616385] ? trace_preempt_on+0x20/0xc0 [ 19.616421] ? __pfx_kthread+0x10/0x10 [ 19.616445] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.616475] ? calculate_sigpending+0x7b/0xa0 [ 19.616506] ? __pfx_kthread+0x10/0x10 [ 19.616530] ret_from_fork+0x41/0x80 [ 19.616561] ? __pfx_kthread+0x10/0x10 [ 19.616586] ret_from_fork_asm+0x1a/0x30 [ 19.616630] </TASK> [ 19.616645] [ 19.635576] Allocated by task 204: [ 19.636097] kasan_save_stack+0x45/0x70 [ 19.636566] kasan_save_track+0x18/0x40 [ 19.637084] kasan_save_alloc_info+0x3b/0x50 [ 19.638154] __kasan_kmalloc+0xb7/0xc0 [ 19.638689] __kmalloc_cache_noprof+0x189/0x420 [ 19.639671] kmalloc_uaf+0xaa/0x380 [ 19.640308] kunit_try_run_case+0x1a5/0x480 [ 19.640829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.641211] kthread+0x337/0x6f0 [ 19.642095] ret_from_fork+0x41/0x80 [ 19.642829] ret_from_fork_asm+0x1a/0x30 [ 19.643490] [ 19.643677] Freed by task 204: [ 19.644480] kasan_save_stack+0x45/0x70 [ 19.644964] kasan_save_track+0x18/0x40 [ 19.645634] kasan_save_free_info+0x3f/0x60 [ 19.646008] __kasan_slab_free+0x56/0x70 [ 19.647246] kfree+0x222/0x3f0 [ 19.647537] kmalloc_uaf+0x12c/0x380 [ 19.647980] kunit_try_run_case+0x1a5/0x480 [ 19.648587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.649369] kthread+0x337/0x6f0 [ 19.649788] ret_from_fork+0x41/0x80 [ 19.650860] ret_from_fork_asm+0x1a/0x30 [ 19.651541] [ 19.651916] The buggy address belongs to the object at ffff8881026cd080 [ 19.651916] which belongs to the cache kmalloc-16 of size 16 [ 19.653331] The buggy address is located 8 bytes inside of [ 19.653331] freed 16-byte region [ffff8881026cd080, ffff8881026cd090) [ 19.654687] [ 19.654789] The buggy address belongs to the physical page: [ 19.655340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 19.656183] flags: 0x200000000000000(node=0|zone=2) [ 19.656645] page_type: f5(slab) [ 19.657032] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.658485] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.659129] page dumped because: kasan: bad access detected [ 19.660021] [ 19.660553] Memory state around the buggy address: [ 19.660896] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.661873] ffff8881026cd000: fa fb fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 19.663114] >ffff8881026cd080: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.663924] ^ [ 19.664525] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.665103] ffff8881026cd180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.666640] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 19.550427] ================================================================== [ 19.552285] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.552653] Read of size 64 at addr ffff8881030a1a84 by task kunit_try_catch/202 [ 19.552899] [ 19.553092] CPU: 0 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.553221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.553259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.553336] Call Trace: [ 19.553385] <TASK> [ 19.553439] dump_stack_lvl+0x73/0xb0 [ 19.553524] print_report+0xd1/0x650 [ 19.553598] ? __virt_addr_valid+0x1db/0x2d0 [ 19.553726] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.553816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.553929] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.554637] kasan_report+0x141/0x180 [ 19.554684] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.554732] kasan_check_range+0x10c/0x1c0 [ 19.554766] __asan_memmove+0x27/0x70 [ 19.554799] kmalloc_memmove_invalid_size+0x16f/0x330 [ 19.554838] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 19.554877] ? __schedule+0x10cc/0x2b60 [ 19.554912] ? __pfx_read_tsc+0x10/0x10 [ 19.554944] ? ktime_get_ts64+0x86/0x230 [ 19.555029] kunit_try_run_case+0x1a5/0x480 [ 19.555177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.555251] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.555347] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.555393] ? __kthread_parkme+0x82/0x180 [ 19.555429] ? preempt_count_sub+0x50/0x80 [ 19.555468] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.555506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.555540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.555575] kthread+0x337/0x6f0 [ 19.555600] ? trace_preempt_on+0x20/0xc0 [ 19.555639] ? __pfx_kthread+0x10/0x10 [ 19.555666] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.555698] ? calculate_sigpending+0x7b/0xa0 [ 19.555730] ? __pfx_kthread+0x10/0x10 [ 19.555757] ret_from_fork+0x41/0x80 [ 19.555791] ? __pfx_kthread+0x10/0x10 [ 19.555817] ret_from_fork_asm+0x1a/0x30 [ 19.555863] </TASK> [ 19.555893] [ 19.575794] Allocated by task 202: [ 19.576232] kasan_save_stack+0x45/0x70 [ 19.576640] kasan_save_track+0x18/0x40 [ 19.577004] kasan_save_alloc_info+0x3b/0x50 [ 19.578334] __kasan_kmalloc+0xb7/0xc0 [ 19.578851] __kmalloc_cache_noprof+0x189/0x420 [ 19.579601] kmalloc_memmove_invalid_size+0xac/0x330 [ 19.580431] kunit_try_run_case+0x1a5/0x480 [ 19.580806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.581706] kthread+0x337/0x6f0 [ 19.582038] ret_from_fork+0x41/0x80 [ 19.582912] ret_from_fork_asm+0x1a/0x30 [ 19.583778] [ 19.583978] The buggy address belongs to the object at ffff8881030a1a80 [ 19.583978] which belongs to the cache kmalloc-64 of size 64 [ 19.584639] The buggy address is located 4 bytes inside of [ 19.584639] allocated 64-byte region [ffff8881030a1a80, ffff8881030a1ac0) [ 19.585264] [ 19.587610] The buggy address belongs to the physical page: [ 19.589709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030a1 [ 19.592779] flags: 0x200000000000000(node=0|zone=2) [ 19.594633] page_type: f5(slab) [ 19.595528] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.597567] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.598765] page dumped because: kasan: bad access detected [ 19.599448] [ 19.599683] Memory state around the buggy address: [ 19.600406] ffff8881030a1980: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 19.601132] ffff8881030a1a00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.601776] >ffff8881030a1a80: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.602637] ^ [ 19.603317] ffff8881030a1b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.603943] ffff8881030a1b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.604750] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 19.503780] ================================================================== [ 19.504616] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 19.506224] Read of size 18446744073709551614 at addr ffff888102eda404 by task kunit_try_catch/200 [ 19.506937] [ 19.507558] CPU: 1 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.507635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.507654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.507685] Call Trace: [ 19.507710] <TASK> [ 19.507735] dump_stack_lvl+0x73/0xb0 [ 19.507779] print_report+0xd1/0x650 [ 19.507815] ? __virt_addr_valid+0x1db/0x2d0 [ 19.507850] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.507897] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.507934] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.508004] kasan_report+0x141/0x180 [ 19.508084] ? kmalloc_memmove_negative_size+0x171/0x330 [ 19.508137] kasan_check_range+0x10c/0x1c0 [ 19.508170] __asan_memmove+0x27/0x70 [ 19.508204] kmalloc_memmove_negative_size+0x171/0x330 [ 19.508246] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 19.508323] ? __schedule+0x10cc/0x2b60 [ 19.508368] ? __pfx_read_tsc+0x10/0x10 [ 19.508402] ? ktime_get_ts64+0x86/0x230 [ 19.508443] kunit_try_run_case+0x1a5/0x480 [ 19.508485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.508520] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.508558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.508595] ? __kthread_parkme+0x82/0x180 [ 19.508629] ? preempt_count_sub+0x50/0x80 [ 19.508668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.508706] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.508740] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.508777] kthread+0x337/0x6f0 [ 19.508802] ? trace_preempt_on+0x20/0xc0 [ 19.508841] ? __pfx_kthread+0x10/0x10 [ 19.508869] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.508902] ? calculate_sigpending+0x7b/0xa0 [ 19.508937] ? __pfx_kthread+0x10/0x10 [ 19.508964] ret_from_fork+0x41/0x80 [ 19.508997] ? __pfx_kthread+0x10/0x10 [ 19.509025] ret_from_fork_asm+0x1a/0x30 [ 19.509100] </TASK> [ 19.509118] [ 19.525695] Allocated by task 200: [ 19.526208] kasan_save_stack+0x45/0x70 [ 19.526647] kasan_save_track+0x18/0x40 [ 19.527142] kasan_save_alloc_info+0x3b/0x50 [ 19.527627] __kasan_kmalloc+0xb7/0xc0 [ 19.528132] __kmalloc_cache_noprof+0x189/0x420 [ 19.528645] kmalloc_memmove_negative_size+0xac/0x330 [ 19.529161] kunit_try_run_case+0x1a5/0x480 [ 19.529641] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.530257] kthread+0x337/0x6f0 [ 19.530659] ret_from_fork+0x41/0x80 [ 19.531160] ret_from_fork_asm+0x1a/0x30 [ 19.531593] [ 19.531844] The buggy address belongs to the object at ffff888102eda400 [ 19.531844] which belongs to the cache kmalloc-64 of size 64 [ 19.533023] The buggy address is located 4 bytes inside of [ 19.533023] 64-byte region [ffff888102eda400, ffff888102eda440) [ 19.534081] [ 19.534354] The buggy address belongs to the physical page: [ 19.534822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102eda [ 19.535386] flags: 0x200000000000000(node=0|zone=2) [ 19.535872] page_type: f5(slab) [ 19.536387] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 19.537164] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 19.537841] page dumped because: kasan: bad access detected [ 19.538429] [ 19.538658] Memory state around the buggy address: [ 19.539203] ffff888102eda300: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.539724] ffff888102eda380: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.540285] >ffff888102eda400: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 19.540857] ^ [ 19.541242] ffff888102eda480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.541825] ffff888102eda500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.542501] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 19.446516] ================================================================== [ 19.447377] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 19.447974] Write of size 16 at addr ffff888102ed7469 by task kunit_try_catch/198 [ 19.449502] [ 19.449751] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.449877] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.450423] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.450489] Call Trace: [ 19.450520] <TASK> [ 19.450564] dump_stack_lvl+0x73/0xb0 [ 19.450650] print_report+0xd1/0x650 [ 19.450720] ? __virt_addr_valid+0x1db/0x2d0 [ 19.450795] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.450841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.450876] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.450911] kasan_report+0x141/0x180 [ 19.450969] ? kmalloc_oob_memset_16+0x166/0x330 [ 19.451080] kasan_check_range+0x10c/0x1c0 [ 19.451169] __asan_memset+0x27/0x50 [ 19.451205] kmalloc_oob_memset_16+0x166/0x330 [ 19.451244] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 19.451283] ? __schedule+0x10cc/0x2b60 [ 19.451346] ? __pfx_read_tsc+0x10/0x10 [ 19.451380] ? ktime_get_ts64+0x86/0x230 [ 19.451420] kunit_try_run_case+0x1a5/0x480 [ 19.451460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.451495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.451533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.451569] ? __kthread_parkme+0x82/0x180 [ 19.451605] ? preempt_count_sub+0x50/0x80 [ 19.451645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.451682] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.451717] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.451753] kthread+0x337/0x6f0 [ 19.451778] ? trace_preempt_on+0x20/0xc0 [ 19.451814] ? __pfx_kthread+0x10/0x10 [ 19.451840] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.451882] ? calculate_sigpending+0x7b/0xa0 [ 19.451920] ? __pfx_kthread+0x10/0x10 [ 19.451954] ret_from_fork+0x41/0x80 [ 19.452056] ? __pfx_kthread+0x10/0x10 [ 19.452121] ret_from_fork_asm+0x1a/0x30 [ 19.452172] </TASK> [ 19.452189] [ 19.473963] Allocated by task 198: [ 19.474505] kasan_save_stack+0x45/0x70 [ 19.475531] kasan_save_track+0x18/0x40 [ 19.475970] kasan_save_alloc_info+0x3b/0x50 [ 19.476779] __kasan_kmalloc+0xb7/0xc0 [ 19.477654] __kmalloc_cache_noprof+0x189/0x420 [ 19.477972] kmalloc_oob_memset_16+0xac/0x330 [ 19.478634] kunit_try_run_case+0x1a5/0x480 [ 19.479015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.479954] kthread+0x337/0x6f0 [ 19.480762] ret_from_fork+0x41/0x80 [ 19.481187] ret_from_fork_asm+0x1a/0x30 [ 19.481676] [ 19.481896] The buggy address belongs to the object at ffff888102ed7400 [ 19.481896] which belongs to the cache kmalloc-128 of size 128 [ 19.482966] The buggy address is located 105 bytes inside of [ 19.482966] allocated 120-byte region [ffff888102ed7400, ffff888102ed7478) [ 19.484063] [ 19.484824] The buggy address belongs to the physical page: [ 19.485689] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 19.486329] flags: 0x200000000000000(node=0|zone=2) [ 19.486959] page_type: f5(slab) [ 19.487594] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.488996] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.489594] page dumped because: kasan: bad access detected [ 19.490001] [ 19.490470] Memory state around the buggy address: [ 19.490920] ffff888102ed7300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.492089] ffff888102ed7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.493221] >ffff888102ed7400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.493803] ^ [ 19.494698] ffff888102ed7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.495635] ffff888102ed7500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.496646] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 19.389545] ================================================================== [ 19.390338] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 19.391516] Write of size 8 at addr ffff888102ed7371 by task kunit_try_catch/196 [ 19.392791] [ 19.393107] CPU: 1 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.393265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.393312] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.393389] Call Trace: [ 19.393438] <TASK> [ 19.393498] dump_stack_lvl+0x73/0xb0 [ 19.393570] print_report+0xd1/0x650 [ 19.393611] ? __virt_addr_valid+0x1db/0x2d0 [ 19.393646] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.393680] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.393714] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.393748] kasan_report+0x141/0x180 [ 19.393782] ? kmalloc_oob_memset_8+0x166/0x330 [ 19.393822] kasan_check_range+0x10c/0x1c0 [ 19.393851] __asan_memset+0x27/0x50 [ 19.393880] kmalloc_oob_memset_8+0x166/0x330 [ 19.393918] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 19.393968] ? __schedule+0x10cc/0x2b60 [ 19.394049] ? __pfx_read_tsc+0x10/0x10 [ 19.394108] ? ktime_get_ts64+0x86/0x230 [ 19.394181] kunit_try_run_case+0x1a5/0x480 [ 19.394359] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.394434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.394512] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.394562] ? __kthread_parkme+0x82/0x180 [ 19.394598] ? preempt_count_sub+0x50/0x80 [ 19.394636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.394672] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.394705] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.394739] kthread+0x337/0x6f0 [ 19.394763] ? trace_preempt_on+0x20/0xc0 [ 19.394798] ? __pfx_kthread+0x10/0x10 [ 19.394823] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.394853] ? calculate_sigpending+0x7b/0xa0 [ 19.394884] ? __pfx_kthread+0x10/0x10 [ 19.394908] ret_from_fork+0x41/0x80 [ 19.394938] ? __pfx_kthread+0x10/0x10 [ 19.395050] ret_from_fork_asm+0x1a/0x30 [ 19.395140] </TASK> [ 19.395169] [ 19.418119] Allocated by task 196: [ 19.418540] kasan_save_stack+0x45/0x70 [ 19.419113] kasan_save_track+0x18/0x40 [ 19.419850] kasan_save_alloc_info+0x3b/0x50 [ 19.420252] __kasan_kmalloc+0xb7/0xc0 [ 19.420661] __kmalloc_cache_noprof+0x189/0x420 [ 19.421101] kmalloc_oob_memset_8+0xac/0x330 [ 19.422079] kunit_try_run_case+0x1a5/0x480 [ 19.422718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.423378] kthread+0x337/0x6f0 [ 19.423715] ret_from_fork+0x41/0x80 [ 19.424356] ret_from_fork_asm+0x1a/0x30 [ 19.424670] [ 19.424910] The buggy address belongs to the object at ffff888102ed7300 [ 19.424910] which belongs to the cache kmalloc-128 of size 128 [ 19.426848] The buggy address is located 113 bytes inside of [ 19.426848] allocated 120-byte region [ffff888102ed7300, ffff888102ed7378) [ 19.428361] [ 19.428555] The buggy address belongs to the physical page: [ 19.428975] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 19.429561] flags: 0x200000000000000(node=0|zone=2) [ 19.429940] page_type: f5(slab) [ 19.430225] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.431809] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.432657] page dumped because: kasan: bad access detected [ 19.433375] [ 19.433636] Memory state around the buggy address: [ 19.434241] ffff888102ed7200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.435237] ffff888102ed7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.435820] >ffff888102ed7300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.436631] ^ [ 19.437395] ffff888102ed7380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.438197] ffff888102ed7400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.438792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 19.333920] ================================================================== [ 19.334917] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 19.335685] Write of size 4 at addr ffff888102ed7275 by task kunit_try_catch/194 [ 19.336266] [ 19.337066] CPU: 1 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.337185] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.337219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.337266] Call Trace: [ 19.337371] <TASK> [ 19.337446] dump_stack_lvl+0x73/0xb0 [ 19.337535] print_report+0xd1/0x650 [ 19.337614] ? __virt_addr_valid+0x1db/0x2d0 [ 19.337690] ? kmalloc_oob_memset_4+0x166/0x330 [ 19.337760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.337880] ? kmalloc_oob_memset_4+0x166/0x330 [ 19.337995] kasan_report+0x141/0x180 [ 19.338087] ? kmalloc_oob_memset_4+0x166/0x330 [ 19.338176] kasan_check_range+0x10c/0x1c0 [ 19.338245] __asan_memset+0x27/0x50 [ 19.338336] kmalloc_oob_memset_4+0x166/0x330 [ 19.338414] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 19.338488] ? __schedule+0x10cc/0x2b60 [ 19.338578] ? __pfx_read_tsc+0x10/0x10 [ 19.338650] ? ktime_get_ts64+0x86/0x230 [ 19.338714] kunit_try_run_case+0x1a5/0x480 [ 19.338755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.338789] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.338824] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.338858] ? __kthread_parkme+0x82/0x180 [ 19.338891] ? preempt_count_sub+0x50/0x80 [ 19.338928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.339008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.339092] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.339138] kthread+0x337/0x6f0 [ 19.339162] ? trace_preempt_on+0x20/0xc0 [ 19.339197] ? __pfx_kthread+0x10/0x10 [ 19.339221] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.339251] ? calculate_sigpending+0x7b/0xa0 [ 19.339281] ? __pfx_kthread+0x10/0x10 [ 19.339347] ret_from_fork+0x41/0x80 [ 19.339382] ? __pfx_kthread+0x10/0x10 [ 19.339408] ret_from_fork_asm+0x1a/0x30 [ 19.339451] </TASK> [ 19.339466] [ 19.360200] Allocated by task 194: [ 19.360712] kasan_save_stack+0x45/0x70 [ 19.361608] kasan_save_track+0x18/0x40 [ 19.362163] kasan_save_alloc_info+0x3b/0x50 [ 19.362641] __kasan_kmalloc+0xb7/0xc0 [ 19.363239] __kmalloc_cache_noprof+0x189/0x420 [ 19.363713] kmalloc_oob_memset_4+0xac/0x330 [ 19.364495] kunit_try_run_case+0x1a5/0x480 [ 19.365418] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.365843] kthread+0x337/0x6f0 [ 19.366333] ret_from_fork+0x41/0x80 [ 19.366786] ret_from_fork_asm+0x1a/0x30 [ 19.367257] [ 19.367465] The buggy address belongs to the object at ffff888102ed7200 [ 19.367465] which belongs to the cache kmalloc-128 of size 128 [ 19.368914] The buggy address is located 117 bytes inside of [ 19.368914] allocated 120-byte region [ffff888102ed7200, ffff888102ed7278) [ 19.370550] [ 19.370714] The buggy address belongs to the physical page: [ 19.371424] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 19.372406] flags: 0x200000000000000(node=0|zone=2) [ 19.372921] page_type: f5(slab) [ 19.373641] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.374591] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.375161] page dumped because: kasan: bad access detected [ 19.375960] [ 19.376164] Memory state around the buggy address: [ 19.376898] ffff888102ed7100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.377547] ffff888102ed7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.378592] >ffff888102ed7200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.379511] ^ [ 19.380207] ffff888102ed7280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.380987] ffff888102ed7300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.381814] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 19.266864] ================================================================== [ 19.267960] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 19.268769] Write of size 2 at addr ffff888103096677 by task kunit_try_catch/192 [ 19.269963] [ 19.271398] CPU: 0 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.271476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.271497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.271529] Call Trace: [ 19.271554] <TASK> [ 19.271580] dump_stack_lvl+0x73/0xb0 [ 19.271628] print_report+0xd1/0x650 [ 19.271666] ? __virt_addr_valid+0x1db/0x2d0 [ 19.271701] ? kmalloc_oob_memset_2+0x166/0x330 [ 19.271734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.271768] ? kmalloc_oob_memset_2+0x166/0x330 [ 19.271802] kasan_report+0x141/0x180 [ 19.271836] ? kmalloc_oob_memset_2+0x166/0x330 [ 19.271888] kasan_check_range+0x10c/0x1c0 [ 19.271920] __asan_memset+0x27/0x50 [ 19.271950] kmalloc_oob_memset_2+0x166/0x330 [ 19.271985] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 19.272020] ? __schedule+0x10cc/0x2b60 [ 19.272210] ? __pfx_read_tsc+0x10/0x10 [ 19.272430] ? ktime_get_ts64+0x86/0x230 [ 19.272512] kunit_try_run_case+0x1a5/0x480 [ 19.272568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.272605] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.272644] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.272678] ? __kthread_parkme+0x82/0x180 [ 19.272712] ? preempt_count_sub+0x50/0x80 [ 19.272750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.272785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.272819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.272854] kthread+0x337/0x6f0 [ 19.272879] ? trace_preempt_on+0x20/0xc0 [ 19.272916] ? __pfx_kthread+0x10/0x10 [ 19.272942] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.273028] ? calculate_sigpending+0x7b/0xa0 [ 19.273106] ? __pfx_kthread+0x10/0x10 [ 19.273138] ret_from_fork+0x41/0x80 [ 19.273172] ? __pfx_kthread+0x10/0x10 [ 19.273200] ret_from_fork_asm+0x1a/0x30 [ 19.273247] </TASK> [ 19.273264] [ 19.293522] Allocated by task 192: [ 19.294528] kasan_save_stack+0x45/0x70 [ 19.294941] kasan_save_track+0x18/0x40 [ 19.296094] kasan_save_alloc_info+0x3b/0x50 [ 19.296468] __kasan_kmalloc+0xb7/0xc0 [ 19.296839] __kmalloc_cache_noprof+0x189/0x420 [ 19.297664] kmalloc_oob_memset_2+0xac/0x330 [ 19.297994] kunit_try_run_case+0x1a5/0x480 [ 19.298492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.298987] kthread+0x337/0x6f0 [ 19.299374] ret_from_fork+0x41/0x80 [ 19.299753] ret_from_fork_asm+0x1a/0x30 [ 19.301305] [ 19.301496] The buggy address belongs to the object at ffff888103096600 [ 19.301496] which belongs to the cache kmalloc-128 of size 128 [ 19.302718] The buggy address is located 119 bytes inside of [ 19.302718] allocated 120-byte region [ffff888103096600, ffff888103096678) [ 19.305180] [ 19.305366] The buggy address belongs to the physical page: [ 19.305935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 19.306841] flags: 0x200000000000000(node=0|zone=2) [ 19.307681] page_type: f5(slab) [ 19.308840] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.309561] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.310583] page dumped because: kasan: bad access detected [ 19.311339] [ 19.311721] Memory state around the buggy address: [ 19.312404] ffff888103096500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.312943] ffff888103096580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.314474] >ffff888103096600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.315540] ^ [ 19.316383] ffff888103096680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.317217] ffff888103096700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.317784] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 19.212802] ================================================================== [ 19.213855] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 19.214937] Write of size 128 at addr ffff888103096500 by task kunit_try_catch/190 [ 19.217002] [ 19.217577] CPU: 0 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.217695] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.217728] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.217780] Call Trace: [ 19.217826] <TASK> [ 19.217878] dump_stack_lvl+0x73/0xb0 [ 19.218248] print_report+0xd1/0x650 [ 19.218361] ? __virt_addr_valid+0x1db/0x2d0 [ 19.218440] ? kmalloc_oob_in_memset+0x15f/0x320 [ 19.218517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.218593] ? kmalloc_oob_in_memset+0x15f/0x320 [ 19.218665] kasan_report+0x141/0x180 [ 19.218736] ? kmalloc_oob_in_memset+0x15f/0x320 [ 19.218812] kasan_check_range+0x10c/0x1c0 [ 19.218846] __asan_memset+0x27/0x50 [ 19.218875] kmalloc_oob_in_memset+0x15f/0x320 [ 19.218910] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 19.218944] ? __schedule+0x10cc/0x2b60 [ 19.219020] ? __pfx_read_tsc+0x10/0x10 [ 19.219106] ? ktime_get_ts64+0x86/0x230 [ 19.219179] kunit_try_run_case+0x1a5/0x480 [ 19.219232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.219268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.219327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.219364] ? __kthread_parkme+0x82/0x180 [ 19.219399] ? preempt_count_sub+0x50/0x80 [ 19.219436] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.219471] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.219505] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.219538] kthread+0x337/0x6f0 [ 19.219563] ? trace_preempt_on+0x20/0xc0 [ 19.219598] ? __pfx_kthread+0x10/0x10 [ 19.219623] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.219653] ? calculate_sigpending+0x7b/0xa0 [ 19.219684] ? __pfx_kthread+0x10/0x10 [ 19.219709] ret_from_fork+0x41/0x80 [ 19.219740] ? __pfx_kthread+0x10/0x10 [ 19.219764] ret_from_fork_asm+0x1a/0x30 [ 19.219808] </TASK> [ 19.219822] [ 19.236670] Allocated by task 190: [ 19.237051] kasan_save_stack+0x45/0x70 [ 19.237780] kasan_save_track+0x18/0x40 [ 19.238643] kasan_save_alloc_info+0x3b/0x50 [ 19.239029] __kasan_kmalloc+0xb7/0xc0 [ 19.239604] __kmalloc_cache_noprof+0x189/0x420 [ 19.240119] kmalloc_oob_in_memset+0xac/0x320 [ 19.240569] kunit_try_run_case+0x1a5/0x480 [ 19.240955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.241539] kthread+0x337/0x6f0 [ 19.241819] ret_from_fork+0x41/0x80 [ 19.242770] ret_from_fork_asm+0x1a/0x30 [ 19.243218] [ 19.243611] The buggy address belongs to the object at ffff888103096500 [ 19.243611] which belongs to the cache kmalloc-128 of size 128 [ 19.244352] The buggy address is located 0 bytes inside of [ 19.244352] allocated 120-byte region [ffff888103096500, ffff888103096578) [ 19.245833] [ 19.246443] The buggy address belongs to the physical page: [ 19.247156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 19.247775] flags: 0x200000000000000(node=0|zone=2) [ 19.248239] page_type: f5(slab) [ 19.248659] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.250511] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.250970] page dumped because: kasan: bad access detected [ 19.251818] [ 19.252907] Memory state around the buggy address: [ 19.254734] ffff888103096400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.255684] ffff888103096480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.256222] >ffff888103096500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 19.256746] ^ [ 19.257268] ffff888103096580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.258788] ffff888103096600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.259590] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 19.151526] ================================================================== [ 19.152486] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 19.153425] Read of size 16 at addr ffff8881021c1de0 by task kunit_try_catch/188 [ 19.154016] [ 19.154449] CPU: 1 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.154584] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.154624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.154683] Call Trace: [ 19.154722] <TASK> [ 19.154770] dump_stack_lvl+0x73/0xb0 [ 19.154854] print_report+0xd1/0x650 [ 19.154935] ? __virt_addr_valid+0x1db/0x2d0 [ 19.155192] ? kmalloc_uaf_16+0x47b/0x4c0 [ 19.155306] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.155382] ? kmalloc_uaf_16+0x47b/0x4c0 [ 19.155451] kasan_report+0x141/0x180 [ 19.155523] ? kmalloc_uaf_16+0x47b/0x4c0 [ 19.155606] __asan_report_load16_noabort+0x18/0x20 [ 19.155676] kmalloc_uaf_16+0x47b/0x4c0 [ 19.155740] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 19.155779] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 19.155817] kunit_try_run_case+0x1a5/0x480 [ 19.155856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.155909] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.155952] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.156074] ? __kthread_parkme+0x82/0x180 [ 19.156116] ? preempt_count_sub+0x50/0x80 [ 19.156156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.156213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.156253] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.156316] kthread+0x337/0x6f0 [ 19.156360] ? trace_preempt_on+0x20/0xc0 [ 19.156400] ? __pfx_kthread+0x10/0x10 [ 19.156450] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.156485] ? calculate_sigpending+0x7b/0xa0 [ 19.156535] ? __pfx_kthread+0x10/0x10 [ 19.156565] ret_from_fork+0x41/0x80 [ 19.156613] ? __pfx_kthread+0x10/0x10 [ 19.156651] ret_from_fork_asm+0x1a/0x30 [ 19.156713] </TASK> [ 19.156732] [ 19.177278] Allocated by task 188: [ 19.178243] kasan_save_stack+0x45/0x70 [ 19.178641] kasan_save_track+0x18/0x40 [ 19.179466] kasan_save_alloc_info+0x3b/0x50 [ 19.179936] __kasan_kmalloc+0xb7/0xc0 [ 19.180633] __kmalloc_cache_noprof+0x189/0x420 [ 19.181362] kmalloc_uaf_16+0x15b/0x4c0 [ 19.181810] kunit_try_run_case+0x1a5/0x480 [ 19.182655] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.183675] kthread+0x337/0x6f0 [ 19.183978] ret_from_fork+0x41/0x80 [ 19.184737] ret_from_fork_asm+0x1a/0x30 [ 19.185116] [ 19.185374] Freed by task 188: [ 19.185726] kasan_save_stack+0x45/0x70 [ 19.186109] kasan_save_track+0x18/0x40 [ 19.187163] kasan_save_free_info+0x3f/0x60 [ 19.187581] __kasan_slab_free+0x56/0x70 [ 19.188361] kfree+0x222/0x3f0 [ 19.188531] kmalloc_uaf_16+0x1d6/0x4c0 [ 19.188695] kunit_try_run_case+0x1a5/0x480 [ 19.188871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.189230] kthread+0x337/0x6f0 [ 19.189655] ret_from_fork+0x41/0x80 [ 19.190885] ret_from_fork_asm+0x1a/0x30 [ 19.191595] [ 19.191838] The buggy address belongs to the object at ffff8881021c1de0 [ 19.191838] which belongs to the cache kmalloc-16 of size 16 [ 19.194223] The buggy address is located 0 bytes inside of [ 19.194223] freed 16-byte region [ffff8881021c1de0, ffff8881021c1df0) [ 19.195043] [ 19.195328] The buggy address belongs to the physical page: [ 19.195715] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1021c1 [ 19.196966] flags: 0x200000000000000(node=0|zone=2) [ 19.197433] page_type: f5(slab) [ 19.198363] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.199609] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.200348] page dumped because: kasan: bad access detected [ 19.200688] [ 19.200854] Memory state around the buggy address: [ 19.201239] ffff8881021c1c80: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 19.201646] ffff8881021c1d00: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 19.202198] >ffff8881021c1d80: fa fb fc fc 00 05 fc fc 00 00 fc fc fa fb fc fc [ 19.203564] ^ [ 19.204171] ffff8881021c1e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.205365] ffff8881021c1e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.206163] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 19.094343] ================================================================== [ 19.095950] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 19.096714] Write of size 16 at addr ffff8881026cd040 by task kunit_try_catch/186 [ 19.097715] [ 19.097960] CPU: 0 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.098095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.098137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.098198] Call Trace: [ 19.098239] <TASK> [ 19.098305] dump_stack_lvl+0x73/0xb0 [ 19.098388] print_report+0xd1/0x650 [ 19.098462] ? __virt_addr_valid+0x1db/0x2d0 [ 19.098541] ? kmalloc_oob_16+0x452/0x4a0 [ 19.098609] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.098672] ? kmalloc_oob_16+0x452/0x4a0 [ 19.098707] kasan_report+0x141/0x180 [ 19.098741] ? kmalloc_oob_16+0x452/0x4a0 [ 19.098780] __asan_report_store16_noabort+0x1b/0x30 [ 19.098811] kmalloc_oob_16+0x452/0x4a0 [ 19.098843] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 19.098877] ? __schedule+0x10cc/0x2b60 [ 19.098912] ? __pfx_read_tsc+0x10/0x10 [ 19.098945] ? ktime_get_ts64+0x86/0x230 [ 19.099030] kunit_try_run_case+0x1a5/0x480 [ 19.099400] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.099477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.099552] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.099626] ? __kthread_parkme+0x82/0x180 [ 19.099691] ? preempt_count_sub+0x50/0x80 [ 19.099733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.099768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.099803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.099839] kthread+0x337/0x6f0 [ 19.099863] ? trace_preempt_on+0x20/0xc0 [ 19.099912] ? __pfx_kthread+0x10/0x10 [ 19.099937] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.100015] ? calculate_sigpending+0x7b/0xa0 [ 19.100096] ? __pfx_kthread+0x10/0x10 [ 19.100143] ret_from_fork+0x41/0x80 [ 19.100176] ? __pfx_kthread+0x10/0x10 [ 19.100201] ret_from_fork_asm+0x1a/0x30 [ 19.100246] </TASK> [ 19.100262] [ 19.120480] Allocated by task 186: [ 19.120799] kasan_save_stack+0x45/0x70 [ 19.121157] kasan_save_track+0x18/0x40 [ 19.121487] kasan_save_alloc_info+0x3b/0x50 [ 19.121834] __kasan_kmalloc+0xb7/0xc0 [ 19.122138] __kmalloc_cache_noprof+0x189/0x420 [ 19.124641] kmalloc_oob_16+0xa8/0x4a0 [ 19.125185] kunit_try_run_case+0x1a5/0x480 [ 19.125648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.126547] kthread+0x337/0x6f0 [ 19.127133] ret_from_fork+0x41/0x80 [ 19.128105] ret_from_fork_asm+0x1a/0x30 [ 19.128757] [ 19.129024] The buggy address belongs to the object at ffff8881026cd040 [ 19.129024] which belongs to the cache kmalloc-16 of size 16 [ 19.130178] The buggy address is located 0 bytes inside of [ 19.130178] allocated 13-byte region [ffff8881026cd040, ffff8881026cd04d) [ 19.131029] [ 19.131513] The buggy address belongs to the physical page: [ 19.131951] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 19.133552] flags: 0x200000000000000(node=0|zone=2) [ 19.134570] page_type: f5(slab) [ 19.135093] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 19.136191] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 19.136844] page dumped because: kasan: bad access detected [ 19.137306] [ 19.137544] Memory state around the buggy address: [ 19.137979] ffff8881026ccf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.139783] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.140824] >ffff8881026cd000: fa fb fc fc fa fb fc fc 00 05 fc fc 00 00 fc fc [ 19.141442] ^ [ 19.141914] ffff8881026cd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.142552] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.143085] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 19.020246] ================================================================== [ 19.021609] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 19.022223] Read of size 1 at addr ffff888100aab600 by task kunit_try_catch/184 [ 19.023026] [ 19.023267] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 19.023397] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.023430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.023479] Call Trace: [ 19.023511] <TASK> [ 19.023552] dump_stack_lvl+0x73/0xb0 [ 19.023640] print_report+0xd1/0x650 [ 19.023727] ? __virt_addr_valid+0x1db/0x2d0 [ 19.023832] ? krealloc_uaf+0x53c/0x5e0 [ 19.023989] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.024121] ? krealloc_uaf+0x53c/0x5e0 [ 19.024219] kasan_report+0x141/0x180 [ 19.024345] ? krealloc_uaf+0x53c/0x5e0 [ 19.024432] __asan_report_load1_noabort+0x18/0x20 [ 19.024513] krealloc_uaf+0x53c/0x5e0 [ 19.024587] ? __pfx_krealloc_uaf+0x10/0x10 [ 19.024678] ? finish_task_switch.isra.0+0x153/0x700 [ 19.024820] ? __switch_to+0x5d9/0xf60 [ 19.024896] ? dequeue_task_fair+0x166/0x4e0 [ 19.025069] ? __schedule+0x10cc/0x2b60 [ 19.025182] ? __pfx_read_tsc+0x10/0x10 [ 19.025261] ? ktime_get_ts64+0x86/0x230 [ 19.025356] kunit_try_run_case+0x1a5/0x480 [ 19.025404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.025444] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.025484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.025520] ? __kthread_parkme+0x82/0x180 [ 19.025556] ? preempt_count_sub+0x50/0x80 [ 19.025595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.025633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.025669] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.025705] kthread+0x337/0x6f0 [ 19.025732] ? trace_preempt_on+0x20/0xc0 [ 19.025771] ? __pfx_kthread+0x10/0x10 [ 19.025799] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.025833] ? calculate_sigpending+0x7b/0xa0 [ 19.025894] ? __pfx_kthread+0x10/0x10 [ 19.026010] ret_from_fork+0x41/0x80 [ 19.026101] ? __pfx_kthread+0x10/0x10 [ 19.026136] ret_from_fork_asm+0x1a/0x30 [ 19.026186] </TASK> [ 19.026202] [ 19.048686] Allocated by task 184: [ 19.048966] kasan_save_stack+0x45/0x70 [ 19.049453] kasan_save_track+0x18/0x40 [ 19.049874] kasan_save_alloc_info+0x3b/0x50 [ 19.051356] __kasan_kmalloc+0xb7/0xc0 [ 19.051810] __kmalloc_cache_noprof+0x189/0x420 [ 19.052170] krealloc_uaf+0xbb/0x5e0 [ 19.052466] kunit_try_run_case+0x1a5/0x480 [ 19.052854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.054405] kthread+0x337/0x6f0 [ 19.055812] ret_from_fork+0x41/0x80 [ 19.057181] ret_from_fork_asm+0x1a/0x30 [ 19.058338] [ 19.058507] Freed by task 184: [ 19.058722] kasan_save_stack+0x45/0x70 [ 19.058989] kasan_save_track+0x18/0x40 [ 19.059341] kasan_save_free_info+0x3f/0x60 [ 19.059654] __kasan_slab_free+0x56/0x70 [ 19.059920] kfree+0x222/0x3f0 [ 19.060153] krealloc_uaf+0x13d/0x5e0 [ 19.063523] kunit_try_run_case+0x1a5/0x480 [ 19.065939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.066511] kthread+0x337/0x6f0 [ 19.066762] ret_from_fork+0x41/0x80 [ 19.067215] ret_from_fork_asm+0x1a/0x30 [ 19.068271] [ 19.068631] The buggy address belongs to the object at ffff888100aab600 [ 19.068631] which belongs to the cache kmalloc-256 of size 256 [ 19.070967] The buggy address is located 0 bytes inside of [ 19.070967] freed 256-byte region [ffff888100aab600, ffff888100aab700) [ 19.071871] [ 19.072091] The buggy address belongs to the physical page: [ 19.073304] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 19.074186] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.075747] flags: 0x200000000000040(head|node=0|zone=2) [ 19.076279] page_type: f5(slab) [ 19.076639] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.077271] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.078079] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.078952] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.079628] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 19.080513] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.081406] page dumped because: kasan: bad access detected [ 19.082163] [ 19.082440] Memory state around the buggy address: [ 19.082860] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.083602] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.084131] >ffff888100aab600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.084764] ^ [ 19.085085] ffff888100aab680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.085795] ffff888100aab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.086589] ================================================================== [ 18.955405] ================================================================== [ 18.957278] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 18.957888] Read of size 1 at addr ffff888100aab600 by task kunit_try_catch/184 [ 18.958417] [ 18.959418] CPU: 1 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.959553] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.959595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.959782] Call Trace: [ 18.959820] <TASK> [ 18.959864] dump_stack_lvl+0x73/0xb0 [ 18.959927] print_report+0xd1/0x650 [ 18.960103] ? __virt_addr_valid+0x1db/0x2d0 [ 18.960155] ? krealloc_uaf+0x1b8/0x5e0 [ 18.960188] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.960226] ? krealloc_uaf+0x1b8/0x5e0 [ 18.960256] kasan_report+0x141/0x180 [ 18.960319] ? krealloc_uaf+0x1b8/0x5e0 [ 18.960359] ? krealloc_uaf+0x1b8/0x5e0 [ 18.960391] __kasan_check_byte+0x3d/0x50 [ 18.960428] krealloc_noprof+0x3f/0x340 [ 18.960469] krealloc_uaf+0x1b8/0x5e0 [ 18.960500] ? __pfx_krealloc_uaf+0x10/0x10 [ 18.960529] ? finish_task_switch.isra.0+0x153/0x700 [ 18.960570] ? __switch_to+0x5d9/0xf60 [ 18.960606] ? dequeue_task_fair+0x166/0x4e0 [ 18.960645] ? __schedule+0x10cc/0x2b60 [ 18.960684] ? __pfx_read_tsc+0x10/0x10 [ 18.960719] ? ktime_get_ts64+0x86/0x230 [ 18.960761] kunit_try_run_case+0x1a5/0x480 [ 18.960806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.960844] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.960884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.960922] ? __kthread_parkme+0x82/0x180 [ 18.960995] ? preempt_count_sub+0x50/0x80 [ 18.961085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.961149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.961190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.961229] kthread+0x337/0x6f0 [ 18.961258] ? trace_preempt_on+0x20/0xc0 [ 18.961322] ? __pfx_kthread+0x10/0x10 [ 18.961355] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.961392] ? calculate_sigpending+0x7b/0xa0 [ 18.961429] ? __pfx_kthread+0x10/0x10 [ 18.961459] ret_from_fork+0x41/0x80 [ 18.961497] ? __pfx_kthread+0x10/0x10 [ 18.961527] ret_from_fork_asm+0x1a/0x30 [ 18.961576] </TASK> [ 18.961591] [ 18.985060] Allocated by task 184: [ 18.985876] kasan_save_stack+0x45/0x70 [ 18.986536] kasan_save_track+0x18/0x40 [ 18.986922] kasan_save_alloc_info+0x3b/0x50 [ 18.987474] __kasan_kmalloc+0xb7/0xc0 [ 18.987834] __kmalloc_cache_noprof+0x189/0x420 [ 18.989080] krealloc_uaf+0xbb/0x5e0 [ 18.989535] kunit_try_run_case+0x1a5/0x480 [ 18.990473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.990906] kthread+0x337/0x6f0 [ 18.991843] ret_from_fork+0x41/0x80 [ 18.992721] ret_from_fork_asm+0x1a/0x30 [ 18.992904] [ 18.993170] Freed by task 184: [ 18.994157] kasan_save_stack+0x45/0x70 [ 18.994641] kasan_save_track+0x18/0x40 [ 18.995638] kasan_save_free_info+0x3f/0x60 [ 18.995837] __kasan_slab_free+0x56/0x70 [ 18.996054] kfree+0x222/0x3f0 [ 18.996253] krealloc_uaf+0x13d/0x5e0 [ 18.996558] kunit_try_run_case+0x1a5/0x480 [ 18.997248] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.998387] kthread+0x337/0x6f0 [ 18.998804] ret_from_fork+0x41/0x80 [ 18.999727] ret_from_fork_asm+0x1a/0x30 [ 19.000731] [ 19.001181] The buggy address belongs to the object at ffff888100aab600 [ 19.001181] which belongs to the cache kmalloc-256 of size 256 [ 19.002834] The buggy address is located 0 bytes inside of [ 19.002834] freed 256-byte region [ffff888100aab600, ffff888100aab700) [ 19.003909] [ 19.004464] The buggy address belongs to the physical page: [ 19.005103] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 19.005873] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.006700] flags: 0x200000000000040(head|node=0|zone=2) [ 19.007579] page_type: f5(slab) [ 19.007941] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.008835] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.009450] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 19.010560] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.011247] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 19.012211] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 19.012773] page dumped because: kasan: bad access detected [ 19.013275] [ 19.013500] Memory state around the buggy address: [ 19.013975] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.014738] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.015376] >ffff888100aab600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.016023] ^ [ 19.016572] ffff888100aab680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.017347] ffff888100aab700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.018008] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 18.858148] ================================================================== [ 18.859453] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 18.860361] Write of size 1 at addr ffff8881029f60ea by task kunit_try_catch/182 [ 18.861682] [ 18.861878] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.861967] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.862009] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.862061] Call Trace: [ 18.862233] <TASK> [ 18.862301] dump_stack_lvl+0x73/0xb0 [ 18.862360] print_report+0xd1/0x650 [ 18.862399] ? __virt_addr_valid+0x1db/0x2d0 [ 18.862431] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.862462] ? kasan_addr_to_slab+0x11/0xa0 [ 18.862495] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.862525] kasan_report+0x141/0x180 [ 18.862559] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.862598] __asan_report_store1_noabort+0x1b/0x30 [ 18.862630] krealloc_less_oob_helper+0xe90/0x11d0 [ 18.862663] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.862694] ? finish_task_switch.isra.0+0x153/0x700 [ 18.862727] ? __switch_to+0x5d9/0xf60 [ 18.862756] ? dequeue_task_fair+0x166/0x4e0 [ 18.862792] ? __schedule+0x10cc/0x2b60 [ 18.862826] ? __pfx_read_tsc+0x10/0x10 [ 18.862862] krealloc_large_less_oob+0x1c/0x30 [ 18.862891] kunit_try_run_case+0x1a5/0x480 [ 18.862928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.863157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.863212] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.863251] ? __kthread_parkme+0x82/0x180 [ 18.863303] ? preempt_count_sub+0x50/0x80 [ 18.863350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.863387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.863422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.863457] kthread+0x337/0x6f0 [ 18.863482] ? trace_preempt_on+0x20/0xc0 [ 18.863519] ? __pfx_kthread+0x10/0x10 [ 18.863546] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.863578] ? calculate_sigpending+0x7b/0xa0 [ 18.863610] ? __pfx_kthread+0x10/0x10 [ 18.863636] ret_from_fork+0x41/0x80 [ 18.863668] ? __pfx_kthread+0x10/0x10 [ 18.863694] ret_from_fork_asm+0x1a/0x30 [ 18.863739] </TASK> [ 18.863755] [ 18.887305] The buggy address belongs to the physical page: [ 18.887864] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 18.889475] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.890363] flags: 0x200000000000040(head|node=0|zone=2) [ 18.891050] page_type: f8(unknown) [ 18.891559] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.892523] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.893076] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.894607] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.895531] head: 0200000000000002 ffffea00040a7d01 00000000ffffffff 00000000ffffffff [ 18.896393] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.897126] page dumped because: kasan: bad access detected [ 18.897609] [ 18.897826] Memory state around the buggy address: [ 18.898515] ffff8881029f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.898833] ffff8881029f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.899434] >ffff8881029f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.899696] ^ [ 18.899936] ffff8881029f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.901706] ffff8881029f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.902281] ================================================================== [ 18.387819] ================================================================== [ 18.388652] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 18.389854] Write of size 1 at addr ffff888100aab4d0 by task kunit_try_catch/178 [ 18.390487] [ 18.390765] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.390868] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.390888] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.390917] Call Trace: [ 18.390935] <TASK> [ 18.390958] dump_stack_lvl+0x73/0xb0 [ 18.391090] print_report+0xd1/0x650 [ 18.391188] ? __virt_addr_valid+0x1db/0x2d0 [ 18.391261] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.391347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.391420] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.391487] kasan_report+0x141/0x180 [ 18.391552] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.391631] __asan_report_store1_noabort+0x1b/0x30 [ 18.391702] krealloc_less_oob_helper+0xe23/0x11d0 [ 18.391777] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.391904] ? finish_task_switch.isra.0+0x153/0x700 [ 18.392089] ? __switch_to+0x5d9/0xf60 [ 18.392126] ? dequeue_task_fair+0x166/0x4e0 [ 18.392162] ? __schedule+0x10cc/0x2b60 [ 18.392196] ? __pfx_read_tsc+0x10/0x10 [ 18.392231] krealloc_less_oob+0x1c/0x30 [ 18.392258] kunit_try_run_case+0x1a5/0x480 [ 18.392319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.392355] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.392391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.392426] ? __kthread_parkme+0x82/0x180 [ 18.392458] ? preempt_count_sub+0x50/0x80 [ 18.392492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.392526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.392559] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.392592] kthread+0x337/0x6f0 [ 18.392615] ? trace_preempt_on+0x20/0xc0 [ 18.392648] ? __pfx_kthread+0x10/0x10 [ 18.392672] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.392702] ? calculate_sigpending+0x7b/0xa0 [ 18.392733] ? __pfx_kthread+0x10/0x10 [ 18.392758] ret_from_fork+0x41/0x80 [ 18.392789] ? __pfx_kthread+0x10/0x10 [ 18.392814] ret_from_fork_asm+0x1a/0x30 [ 18.392856] </TASK> [ 18.392871] [ 18.413861] Allocated by task 178: [ 18.414387] kasan_save_stack+0x45/0x70 [ 18.415812] kasan_save_track+0x18/0x40 [ 18.416314] kasan_save_alloc_info+0x3b/0x50 [ 18.416696] __kasan_krealloc+0x190/0x1f0 [ 18.417029] krealloc_noprof+0xf3/0x340 [ 18.417947] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.418872] krealloc_less_oob+0x1c/0x30 [ 18.419903] kunit_try_run_case+0x1a5/0x480 [ 18.420627] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.421089] kthread+0x337/0x6f0 [ 18.421860] ret_from_fork+0x41/0x80 [ 18.422636] ret_from_fork_asm+0x1a/0x30 [ 18.423346] [ 18.423909] The buggy address belongs to the object at ffff888100aab400 [ 18.423909] which belongs to the cache kmalloc-256 of size 256 [ 18.425156] The buggy address is located 7 bytes to the right of [ 18.425156] allocated 201-byte region [ffff888100aab400, ffff888100aab4c9) [ 18.426119] [ 18.426677] The buggy address belongs to the physical page: [ 18.427952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 18.428841] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.429601] flags: 0x200000000000040(head|node=0|zone=2) [ 18.430360] page_type: f5(slab) [ 18.431035] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.432121] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.432689] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.433988] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.434801] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 18.436197] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.436732] page dumped because: kasan: bad access detected [ 18.437489] [ 18.437885] Memory state around the buggy address: [ 18.438630] ffff888100aab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.439215] ffff888100aab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.440445] >ffff888100aab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.441184] ^ [ 18.441731] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.442672] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.443906] ================================================================== [ 18.330771] ================================================================== [ 18.331433] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 18.331721] Write of size 1 at addr ffff888100aab4c9 by task kunit_try_catch/178 [ 18.331979] [ 18.332165] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.332282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.332341] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.332393] Call Trace: [ 18.332429] <TASK> [ 18.332480] dump_stack_lvl+0x73/0xb0 [ 18.332567] print_report+0xd1/0x650 [ 18.332645] ? __virt_addr_valid+0x1db/0x2d0 [ 18.332722] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.332793] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.333721] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.333801] kasan_report+0x141/0x180 [ 18.333875] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.334143] __asan_report_store1_noabort+0x1b/0x30 [ 18.334221] krealloc_less_oob_helper+0xd70/0x11d0 [ 18.334262] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.334321] ? finish_task_switch.isra.0+0x153/0x700 [ 18.334364] ? __switch_to+0x5d9/0xf60 [ 18.334395] ? dequeue_task_fair+0x166/0x4e0 [ 18.334429] ? __schedule+0x10cc/0x2b60 [ 18.334462] ? __pfx_read_tsc+0x10/0x10 [ 18.334497] krealloc_less_oob+0x1c/0x30 [ 18.334524] kunit_try_run_case+0x1a5/0x480 [ 18.334561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.334593] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.334628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.334661] ? __kthread_parkme+0x82/0x180 [ 18.334692] ? preempt_count_sub+0x50/0x80 [ 18.334725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.334759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.334791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.334823] kthread+0x337/0x6f0 [ 18.334847] ? trace_preempt_on+0x20/0xc0 [ 18.334882] ? __pfx_kthread+0x10/0x10 [ 18.334906] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.334936] ? calculate_sigpending+0x7b/0xa0 [ 18.335065] ? __pfx_kthread+0x10/0x10 [ 18.335122] ret_from_fork+0x41/0x80 [ 18.335163] ? __pfx_kthread+0x10/0x10 [ 18.335192] ret_from_fork_asm+0x1a/0x30 [ 18.335239] </TASK> [ 18.335255] [ 18.356112] Allocated by task 178: [ 18.356586] kasan_save_stack+0x45/0x70 [ 18.357001] kasan_save_track+0x18/0x40 [ 18.357573] kasan_save_alloc_info+0x3b/0x50 [ 18.357900] __kasan_krealloc+0x190/0x1f0 [ 18.358375] krealloc_noprof+0xf3/0x340 [ 18.359018] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.359980] krealloc_less_oob+0x1c/0x30 [ 18.360680] kunit_try_run_case+0x1a5/0x480 [ 18.361116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.361646] kthread+0x337/0x6f0 [ 18.362023] ret_from_fork+0x41/0x80 [ 18.363663] ret_from_fork_asm+0x1a/0x30 [ 18.364657] [ 18.365241] The buggy address belongs to the object at ffff888100aab400 [ 18.365241] which belongs to the cache kmalloc-256 of size 256 [ 18.366637] The buggy address is located 0 bytes to the right of [ 18.366637] allocated 201-byte region [ffff888100aab400, ffff888100aab4c9) [ 18.368118] [ 18.368349] The buggy address belongs to the physical page: [ 18.368866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 18.370012] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.370677] flags: 0x200000000000040(head|node=0|zone=2) [ 18.371444] page_type: f5(slab) [ 18.371658] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.371927] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.373646] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.374583] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.375595] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 18.376401] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.377766] page dumped because: kasan: bad access detected [ 18.377995] [ 18.378357] Memory state around the buggy address: [ 18.379621] ffff888100aab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.380897] ffff888100aab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.382152] >ffff888100aab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.382684] ^ [ 18.383802] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.384854] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.385551] ================================================================== [ 18.712628] ================================================================== [ 18.714389] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 18.715431] Write of size 1 at addr ffff8881029f60c9 by task kunit_try_catch/182 [ 18.715981] [ 18.717031] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.717487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.717515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.717550] Call Trace: [ 18.717573] <TASK> [ 18.717599] dump_stack_lvl+0x73/0xb0 [ 18.717644] print_report+0xd1/0x650 [ 18.717681] ? __virt_addr_valid+0x1db/0x2d0 [ 18.717716] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.717747] ? kasan_addr_to_slab+0x11/0xa0 [ 18.717778] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.717809] kasan_report+0x141/0x180 [ 18.717844] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 18.717880] __asan_report_store1_noabort+0x1b/0x30 [ 18.717911] krealloc_less_oob_helper+0xd70/0x11d0 [ 18.717946] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.718439] ? finish_task_switch.isra.0+0x153/0x700 [ 18.718486] ? __switch_to+0x5d9/0xf60 [ 18.718519] ? dequeue_task_fair+0x166/0x4e0 [ 18.718556] ? __schedule+0x10cc/0x2b60 [ 18.718592] ? __pfx_read_tsc+0x10/0x10 [ 18.718629] krealloc_large_less_oob+0x1c/0x30 [ 18.718658] kunit_try_run_case+0x1a5/0x480 [ 18.718698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.718733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.718770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.718805] ? __kthread_parkme+0x82/0x180 [ 18.718838] ? preempt_count_sub+0x50/0x80 [ 18.718873] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.718908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.718942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.719048] kthread+0x337/0x6f0 [ 18.719111] ? trace_preempt_on+0x20/0xc0 [ 18.719152] ? __pfx_kthread+0x10/0x10 [ 18.719178] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.719210] ? calculate_sigpending+0x7b/0xa0 [ 18.719241] ? __pfx_kthread+0x10/0x10 [ 18.719266] ret_from_fork+0x41/0x80 [ 18.719323] ? __pfx_kthread+0x10/0x10 [ 18.719352] ret_from_fork_asm+0x1a/0x30 [ 18.719398] </TASK> [ 18.719414] [ 18.741751] The buggy address belongs to the physical page: [ 18.742801] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 18.743738] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.744666] flags: 0x200000000000040(head|node=0|zone=2) [ 18.745145] page_type: f8(unknown) [ 18.745721] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.746328] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.746922] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.747723] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.749549] head: 0200000000000002 ffffea00040a7d01 00000000ffffffff 00000000ffffffff [ 18.750447] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.751508] page dumped because: kasan: bad access detected [ 18.752266] [ 18.752457] Memory state around the buggy address: [ 18.753812] ffff8881029f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.754823] ffff8881029f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.755411] >ffff8881029f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.756532] ^ [ 18.757313] ffff8881029f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.758029] ffff8881029f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.759831] ================================================================== [ 18.762032] ================================================================== [ 18.762610] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 18.763526] Write of size 1 at addr ffff8881029f60d0 by task kunit_try_catch/182 [ 18.764742] [ 18.765037] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.765172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.765499] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.765540] Call Trace: [ 18.765561] <TASK> [ 18.765585] dump_stack_lvl+0x73/0xb0 [ 18.765627] print_report+0xd1/0x650 [ 18.765664] ? __virt_addr_valid+0x1db/0x2d0 [ 18.765696] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.765725] ? kasan_addr_to_slab+0x11/0xa0 [ 18.765757] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.765787] kasan_report+0x141/0x180 [ 18.765821] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 18.765857] __asan_report_store1_noabort+0x1b/0x30 [ 18.765888] krealloc_less_oob_helper+0xe23/0x11d0 [ 18.765922] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.765963] ? finish_task_switch.isra.0+0x153/0x700 [ 18.766104] ? __switch_to+0x5d9/0xf60 [ 18.766139] ? dequeue_task_fair+0x166/0x4e0 [ 18.766178] ? __schedule+0x10cc/0x2b60 [ 18.766214] ? __pfx_read_tsc+0x10/0x10 [ 18.766251] krealloc_large_less_oob+0x1c/0x30 [ 18.766280] kunit_try_run_case+0x1a5/0x480 [ 18.766343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.766380] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.766416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.766452] ? __kthread_parkme+0x82/0x180 [ 18.766485] ? preempt_count_sub+0x50/0x80 [ 18.766521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.766557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.766590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.766626] kthread+0x337/0x6f0 [ 18.766652] ? trace_preempt_on+0x20/0xc0 [ 18.766688] ? __pfx_kthread+0x10/0x10 [ 18.766715] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.766748] ? calculate_sigpending+0x7b/0xa0 [ 18.766781] ? __pfx_kthread+0x10/0x10 [ 18.766806] ret_from_fork+0x41/0x80 [ 18.766838] ? __pfx_kthread+0x10/0x10 [ 18.766864] ret_from_fork_asm+0x1a/0x30 [ 18.766908] </TASK> [ 18.766923] [ 18.787364] The buggy address belongs to the physical page: [ 18.787742] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 18.788185] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.792063] flags: 0x200000000000040(head|node=0|zone=2) [ 18.793930] page_type: f8(unknown) [ 18.794986] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.795540] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.795981] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.796463] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.796857] head: 0200000000000002 ffffea00040a7d01 00000000ffffffff 00000000ffffffff [ 18.797242] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.798817] page dumped because: kasan: bad access detected [ 18.799279] [ 18.799504] Memory state around the buggy address: [ 18.799975] ffff8881029f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.800953] ffff8881029f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.801413] >ffff8881029f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.803752] ^ [ 18.805133] ffff8881029f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.805938] ffff8881029f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.806843] ================================================================== [ 18.446262] ================================================================== [ 18.446859] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 18.447905] Write of size 1 at addr ffff888100aab4da by task kunit_try_catch/178 [ 18.448636] [ 18.448866] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.448991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.449047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.449104] Call Trace: [ 18.449141] <TASK> [ 18.449186] dump_stack_lvl+0x73/0xb0 [ 18.449265] print_report+0xd1/0x650 [ 18.449362] ? __virt_addr_valid+0x1db/0x2d0 [ 18.449440] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.449509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.449584] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.449658] kasan_report+0x141/0x180 [ 18.449739] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.449824] __asan_report_store1_noabort+0x1b/0x30 [ 18.449894] krealloc_less_oob_helper+0xec6/0x11d0 [ 18.449967] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.450035] ? finish_task_switch.isra.0+0x153/0x700 [ 18.450106] ? __switch_to+0x5d9/0xf60 [ 18.450165] ? dequeue_task_fair+0x166/0x4e0 [ 18.450241] ? __schedule+0x10cc/0x2b60 [ 18.450403] ? __pfx_read_tsc+0x10/0x10 [ 18.450461] krealloc_less_oob+0x1c/0x30 [ 18.450492] kunit_try_run_case+0x1a5/0x480 [ 18.450533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.450568] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.450607] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.450643] ? __kthread_parkme+0x82/0x180 [ 18.450677] ? preempt_count_sub+0x50/0x80 [ 18.450713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.450748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.450785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.450822] kthread+0x337/0x6f0 [ 18.450847] ? trace_preempt_on+0x20/0xc0 [ 18.450885] ? __pfx_kthread+0x10/0x10 [ 18.450911] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.450944] ? calculate_sigpending+0x7b/0xa0 [ 18.450977] ? __pfx_kthread+0x10/0x10 [ 18.451004] ret_from_fork+0x41/0x80 [ 18.451046] ? __pfx_kthread+0x10/0x10 [ 18.451076] ret_from_fork_asm+0x1a/0x30 [ 18.451120] </TASK> [ 18.451136] [ 18.474849] Allocated by task 178: [ 18.476112] kasan_save_stack+0x45/0x70 [ 18.476471] kasan_save_track+0x18/0x40 [ 18.476860] kasan_save_alloc_info+0x3b/0x50 [ 18.477657] __kasan_krealloc+0x190/0x1f0 [ 18.478042] krealloc_noprof+0xf3/0x340 [ 18.479060] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.479614] krealloc_less_oob+0x1c/0x30 [ 18.479948] kunit_try_run_case+0x1a5/0x480 [ 18.480630] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.481033] kthread+0x337/0x6f0 [ 18.481427] ret_from_fork+0x41/0x80 [ 18.481762] ret_from_fork_asm+0x1a/0x30 [ 18.482392] [ 18.482724] The buggy address belongs to the object at ffff888100aab400 [ 18.482724] which belongs to the cache kmalloc-256 of size 256 [ 18.485024] The buggy address is located 17 bytes to the right of [ 18.485024] allocated 201-byte region [ffff888100aab400, ffff888100aab4c9) [ 18.486775] [ 18.486962] The buggy address belongs to the physical page: [ 18.487943] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 18.488683] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.489318] flags: 0x200000000000040(head|node=0|zone=2) [ 18.489802] page_type: f5(slab) [ 18.490594] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.491964] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.492850] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.493817] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.494945] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 18.495753] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.496988] page dumped because: kasan: bad access detected [ 18.497842] [ 18.498211] Memory state around the buggy address: [ 18.498899] ffff888100aab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.500170] ffff888100aab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.501231] >ffff888100aab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.501718] ^ [ 18.502502] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.503643] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.504203] ================================================================== [ 18.807903] ================================================================== [ 18.808828] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 18.810839] Write of size 1 at addr ffff8881029f60da by task kunit_try_catch/182 [ 18.812631] [ 18.813082] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.813213] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.813252] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.813326] Call Trace: [ 18.813370] <TASK> [ 18.813398] dump_stack_lvl+0x73/0xb0 [ 18.813483] print_report+0xd1/0x650 [ 18.813524] ? __virt_addr_valid+0x1db/0x2d0 [ 18.813558] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.813589] ? kasan_addr_to_slab+0x11/0xa0 [ 18.813623] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.813654] kasan_report+0x141/0x180 [ 18.813690] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 18.813728] __asan_report_store1_noabort+0x1b/0x30 [ 18.813760] krealloc_less_oob_helper+0xec6/0x11d0 [ 18.813793] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.813824] ? finish_task_switch.isra.0+0x153/0x700 [ 18.813860] ? __switch_to+0x5d9/0xf60 [ 18.813891] ? dequeue_task_fair+0x166/0x4e0 [ 18.813925] ? __schedule+0x10cc/0x2b60 [ 18.814225] ? __pfx_read_tsc+0x10/0x10 [ 18.814279] krealloc_large_less_oob+0x1c/0x30 [ 18.814341] kunit_try_run_case+0x1a5/0x480 [ 18.814383] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.814417] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.814453] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.814488] ? __kthread_parkme+0x82/0x180 [ 18.814520] ? preempt_count_sub+0x50/0x80 [ 18.814556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.814591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.814624] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.814658] kthread+0x337/0x6f0 [ 18.814684] ? trace_preempt_on+0x20/0xc0 [ 18.814721] ? __pfx_kthread+0x10/0x10 [ 18.814748] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.814780] ? calculate_sigpending+0x7b/0xa0 [ 18.814813] ? __pfx_kthread+0x10/0x10 [ 18.814840] ret_from_fork+0x41/0x80 [ 18.814872] ? __pfx_kthread+0x10/0x10 [ 18.814898] ret_from_fork_asm+0x1a/0x30 [ 18.814944] </TASK> [ 18.814977] [ 18.839384] The buggy address belongs to the physical page: [ 18.840588] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 18.841962] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.842597] flags: 0x200000000000040(head|node=0|zone=2) [ 18.843040] page_type: f8(unknown) [ 18.843517] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.844959] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.845652] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.845917] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.847739] head: 0200000000000002 ffffea00040a7d01 00000000ffffffff 00000000ffffffff [ 18.848838] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.849655] page dumped because: kasan: bad access detected [ 18.850070] [ 18.850317] Memory state around the buggy address: [ 18.850763] ffff8881029f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.852098] ffff8881029f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.852866] >ffff8881029f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.854107] ^ [ 18.854755] ffff8881029f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.855716] ffff8881029f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.856627] ================================================================== [ 18.566602] ================================================================== [ 18.567257] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 18.568429] Write of size 1 at addr ffff888100aab4eb by task kunit_try_catch/178 [ 18.569077] [ 18.569371] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.569506] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.569568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.569600] Call Trace: [ 18.569630] <TASK> [ 18.569678] dump_stack_lvl+0x73/0xb0 [ 18.569733] print_report+0xd1/0x650 [ 18.569771] ? __virt_addr_valid+0x1db/0x2d0 [ 18.569804] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.569833] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.569867] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.569898] kasan_report+0x141/0x180 [ 18.569931] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.569968] __asan_report_store1_noabort+0x1b/0x30 [ 18.569999] krealloc_less_oob_helper+0xd47/0x11d0 [ 18.570040] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.570096] ? finish_task_switch.isra.0+0x153/0x700 [ 18.570135] ? __switch_to+0x5d9/0xf60 [ 18.570166] ? dequeue_task_fair+0x166/0x4e0 [ 18.570201] ? __schedule+0x10cc/0x2b60 [ 18.570237] ? __pfx_read_tsc+0x10/0x10 [ 18.570274] krealloc_less_oob+0x1c/0x30 [ 18.570345] kunit_try_run_case+0x1a5/0x480 [ 18.570427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.570495] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.570566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.570635] ? __kthread_parkme+0x82/0x180 [ 18.570706] ? preempt_count_sub+0x50/0x80 [ 18.570782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.570857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.570934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.571010] kthread+0x337/0x6f0 [ 18.571055] ? trace_preempt_on+0x20/0xc0 [ 18.571112] ? __pfx_kthread+0x10/0x10 [ 18.571141] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.571175] ? calculate_sigpending+0x7b/0xa0 [ 18.571209] ? __pfx_kthread+0x10/0x10 [ 18.571237] ret_from_fork+0x41/0x80 [ 18.571270] ? __pfx_kthread+0x10/0x10 [ 18.571323] ret_from_fork_asm+0x1a/0x30 [ 18.571370] </TASK> [ 18.571386] [ 18.591399] Allocated by task 178: [ 18.591787] kasan_save_stack+0x45/0x70 [ 18.592188] kasan_save_track+0x18/0x40 [ 18.592624] kasan_save_alloc_info+0x3b/0x50 [ 18.593077] __kasan_krealloc+0x190/0x1f0 [ 18.593708] krealloc_noprof+0xf3/0x340 [ 18.594039] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.594453] krealloc_less_oob+0x1c/0x30 [ 18.594774] kunit_try_run_case+0x1a5/0x480 [ 18.595429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.595811] kthread+0x337/0x6f0 [ 18.596748] ret_from_fork+0x41/0x80 [ 18.597172] ret_from_fork_asm+0x1a/0x30 [ 18.598031] [ 18.598281] The buggy address belongs to the object at ffff888100aab400 [ 18.598281] which belongs to the cache kmalloc-256 of size 256 [ 18.599204] The buggy address is located 34 bytes to the right of [ 18.599204] allocated 201-byte region [ffff888100aab400, ffff888100aab4c9) [ 18.600141] [ 18.600464] The buggy address belongs to the physical page: [ 18.601542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 18.602505] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.602962] flags: 0x200000000000040(head|node=0|zone=2) [ 18.603412] page_type: f5(slab) [ 18.603767] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.604485] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.605790] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.606550] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.607496] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 18.608363] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.608903] page dumped because: kasan: bad access detected [ 18.609461] [ 18.609646] Memory state around the buggy address: [ 18.610084] ffff888100aab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.610689] ffff888100aab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.611468] >ffff888100aab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.612110] ^ [ 18.612545] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.613230] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.613955] ================================================================== [ 18.505792] ================================================================== [ 18.506502] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 18.507653] Write of size 1 at addr ffff888100aab4ea by task kunit_try_catch/178 [ 18.509443] [ 18.509642] CPU: 1 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.509769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.509806] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.509863] Call Trace: [ 18.509917] <TASK> [ 18.509989] dump_stack_lvl+0x73/0xb0 [ 18.510079] print_report+0xd1/0x650 [ 18.510156] ? __virt_addr_valid+0x1db/0x2d0 [ 18.510228] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.510339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.510435] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.510506] kasan_report+0x141/0x180 [ 18.510541] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 18.510578] __asan_report_store1_noabort+0x1b/0x30 [ 18.510612] krealloc_less_oob_helper+0xe90/0x11d0 [ 18.510644] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.510673] ? finish_task_switch.isra.0+0x153/0x700 [ 18.510708] ? __switch_to+0x5d9/0xf60 [ 18.510736] ? dequeue_task_fair+0x166/0x4e0 [ 18.510770] ? __schedule+0x10cc/0x2b60 [ 18.510804] ? __pfx_read_tsc+0x10/0x10 [ 18.510841] krealloc_less_oob+0x1c/0x30 [ 18.510867] kunit_try_run_case+0x1a5/0x480 [ 18.510905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.510936] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.511035] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.511113] ? __kthread_parkme+0x82/0x180 [ 18.511150] ? preempt_count_sub+0x50/0x80 [ 18.511185] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.511221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.511256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.511314] kthread+0x337/0x6f0 [ 18.511343] ? trace_preempt_on+0x20/0xc0 [ 18.511380] ? __pfx_kthread+0x10/0x10 [ 18.511405] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.511435] ? calculate_sigpending+0x7b/0xa0 [ 18.511466] ? __pfx_kthread+0x10/0x10 [ 18.511490] ret_from_fork+0x41/0x80 [ 18.511521] ? __pfx_kthread+0x10/0x10 [ 18.511546] ret_from_fork_asm+0x1a/0x30 [ 18.511589] </TASK> [ 18.511604] [ 18.534967] Allocated by task 178: [ 18.536210] kasan_save_stack+0x45/0x70 [ 18.537676] kasan_save_track+0x18/0x40 [ 18.538457] kasan_save_alloc_info+0x3b/0x50 [ 18.539282] __kasan_krealloc+0x190/0x1f0 [ 18.540184] krealloc_noprof+0xf3/0x340 [ 18.540631] krealloc_less_oob_helper+0x1aa/0x11d0 [ 18.541370] krealloc_less_oob+0x1c/0x30 [ 18.541774] kunit_try_run_case+0x1a5/0x480 [ 18.542565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.543007] kthread+0x337/0x6f0 [ 18.543557] ret_from_fork+0x41/0x80 [ 18.543968] ret_from_fork_asm+0x1a/0x30 [ 18.544643] [ 18.544866] The buggy address belongs to the object at ffff888100aab400 [ 18.544866] which belongs to the cache kmalloc-256 of size 256 [ 18.545840] The buggy address is located 33 bytes to the right of [ 18.545840] allocated 201-byte region [ffff888100aab400, ffff888100aab4c9) [ 18.547073] [ 18.547420] The buggy address belongs to the physical page: [ 18.547837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 18.549594] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.550498] flags: 0x200000000000040(head|node=0|zone=2) [ 18.550949] page_type: f5(slab) [ 18.551702] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.552798] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.553853] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.554437] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.554987] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 18.556526] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.557713] page dumped because: kasan: bad access detected [ 18.558401] [ 18.558632] Memory state around the buggy address: [ 18.559275] ffff888100aab380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.560432] ffff888100aab400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.560983] >ffff888100aab480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 18.561506] ^ [ 18.562054] ffff888100aab500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.562865] ffff888100aab580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.563581] ================================================================== [ 18.903171] ================================================================== [ 18.904787] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 18.905666] Write of size 1 at addr ffff8881029f60eb by task kunit_try_catch/182 [ 18.906716] [ 18.906929] CPU: 0 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.907048] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.907086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.907142] Call Trace: [ 18.907542] <TASK> [ 18.907575] dump_stack_lvl+0x73/0xb0 [ 18.907619] print_report+0xd1/0x650 [ 18.907656] ? __virt_addr_valid+0x1db/0x2d0 [ 18.907689] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.907718] ? kasan_addr_to_slab+0x11/0xa0 [ 18.907749] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.907781] kasan_report+0x141/0x180 [ 18.907815] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 18.907852] __asan_report_store1_noabort+0x1b/0x30 [ 18.907893] krealloc_less_oob_helper+0xd47/0x11d0 [ 18.907927] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 18.907970] ? finish_task_switch.isra.0+0x153/0x700 [ 18.908430] ? __switch_to+0x5d9/0xf60 [ 18.908464] ? dequeue_task_fair+0x166/0x4e0 [ 18.908502] ? __schedule+0x10cc/0x2b60 [ 18.908536] ? __pfx_read_tsc+0x10/0x10 [ 18.908572] krealloc_large_less_oob+0x1c/0x30 [ 18.908602] kunit_try_run_case+0x1a5/0x480 [ 18.908640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.908674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.908709] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.908745] ? __kthread_parkme+0x82/0x180 [ 18.908777] ? preempt_count_sub+0x50/0x80 [ 18.908814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.908849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.908884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.908918] kthread+0x337/0x6f0 [ 18.908944] ? trace_preempt_on+0x20/0xc0 [ 18.909020] ? __pfx_kthread+0x10/0x10 [ 18.909090] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.909140] ? calculate_sigpending+0x7b/0xa0 [ 18.909175] ? __pfx_kthread+0x10/0x10 [ 18.909201] ret_from_fork+0x41/0x80 [ 18.909234] ? __pfx_kthread+0x10/0x10 [ 18.909261] ret_from_fork_asm+0x1a/0x30 [ 18.909328] </TASK> [ 18.909346] [ 18.932319] The buggy address belongs to the physical page: [ 18.932796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f4 [ 18.934438] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.935310] flags: 0x200000000000040(head|node=0|zone=2) [ 18.935827] page_type: f8(unknown) [ 18.936214] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.936806] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.937933] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.938888] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.940335] head: 0200000000000002 ffffea00040a7d01 00000000ffffffff 00000000ffffffff [ 18.941409] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.942235] page dumped because: kasan: bad access detected [ 18.942678] [ 18.942901] Memory state around the buggy address: [ 18.943795] ffff8881029f5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.945141] ffff8881029f6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.945640] >ffff8881029f6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 18.946439] ^ [ 18.947267] ffff8881029f6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.947955] ffff8881029f6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.948673] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 18.622439] ================================================================== [ 18.623783] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 18.624464] Write of size 1 at addr ffff88810390a0eb by task kunit_try_catch/180 [ 18.624999] [ 18.625199] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.625271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.626548] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.626809] Call Trace: [ 18.626831] <TASK> [ 18.626860] dump_stack_lvl+0x73/0xb0 [ 18.626906] print_report+0xd1/0x650 [ 18.626960] ? __virt_addr_valid+0x1db/0x2d0 [ 18.627131] ? krealloc_more_oob_helper+0x821/0x930 [ 18.627173] ? kasan_addr_to_slab+0x11/0xa0 [ 18.627208] ? krealloc_more_oob_helper+0x821/0x930 [ 18.627240] kasan_report+0x141/0x180 [ 18.627275] ? krealloc_more_oob_helper+0x821/0x930 [ 18.627340] __asan_report_store1_noabort+0x1b/0x30 [ 18.627376] krealloc_more_oob_helper+0x821/0x930 [ 18.627407] ? __schedule+0x10cc/0x2b60 [ 18.627444] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.627475] ? finish_task_switch.isra.0+0x153/0x700 [ 18.627511] ? __switch_to+0x5d9/0xf60 [ 18.627543] ? dequeue_task_fair+0x166/0x4e0 [ 18.627580] ? __schedule+0x10cc/0x2b60 [ 18.627614] ? __pfx_read_tsc+0x10/0x10 [ 18.627649] krealloc_large_more_oob+0x1c/0x30 [ 18.627678] kunit_try_run_case+0x1a5/0x480 [ 18.627719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.627753] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.627789] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.627824] ? __kthread_parkme+0x82/0x180 [ 18.627857] ? preempt_count_sub+0x50/0x80 [ 18.627901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.627938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.628027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.628109] kthread+0x337/0x6f0 [ 18.628147] ? trace_preempt_on+0x20/0xc0 [ 18.628187] ? __pfx_kthread+0x10/0x10 [ 18.628214] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.628246] ? calculate_sigpending+0x7b/0xa0 [ 18.628280] ? __pfx_kthread+0x10/0x10 [ 18.628332] ret_from_fork+0x41/0x80 [ 18.628366] ? __pfx_kthread+0x10/0x10 [ 18.628393] ret_from_fork_asm+0x1a/0x30 [ 18.628443] </TASK> [ 18.628459] [ 18.650545] The buggy address belongs to the physical page: [ 18.651259] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103908 [ 18.652140] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.652987] flags: 0x200000000000040(head|node=0|zone=2) [ 18.653709] page_type: f8(unknown) [ 18.654181] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.655984] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.656803] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.657428] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.658118] head: 0200000000000002 ffffea00040e4201 00000000ffffffff 00000000ffffffff [ 18.659114] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.659580] page dumped because: kasan: bad access detected [ 18.660225] [ 18.660509] Memory state around the buggy address: [ 18.660979] ffff888103909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.661669] ffff88810390a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.662382] >ffff88810390a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.663099] ^ [ 18.663775] ffff88810390a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.664424] ffff88810390a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.665091] ================================================================== [ 18.268877] ================================================================== [ 18.269815] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 18.271257] Write of size 1 at addr ffff888100344ef0 by task kunit_try_catch/176 [ 18.272028] [ 18.272612] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.272747] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.272787] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.272864] Call Trace: [ 18.272942] <TASK> [ 18.273384] dump_stack_lvl+0x73/0xb0 [ 18.273466] print_report+0xd1/0x650 [ 18.273504] ? __virt_addr_valid+0x1db/0x2d0 [ 18.273536] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.273564] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.273596] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.273624] kasan_report+0x141/0x180 [ 18.273657] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.273692] __asan_report_store1_noabort+0x1b/0x30 [ 18.273725] krealloc_more_oob_helper+0x7eb/0x930 [ 18.273756] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.273783] ? irqentry_exit+0x2a/0x60 [ 18.273808] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.273849] ? __pfx_krealloc_more_oob+0x10/0x10 [ 18.273879] krealloc_more_oob+0x1c/0x30 [ 18.273906] kunit_try_run_case+0x1a5/0x480 [ 18.273941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.274078] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.274124] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.274161] ? __kthread_parkme+0x82/0x180 [ 18.274195] ? preempt_count_sub+0x50/0x80 [ 18.274232] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.274267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.274327] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.274366] kthread+0x337/0x6f0 [ 18.274391] ? trace_preempt_on+0x20/0xc0 [ 18.274429] ? __pfx_kthread+0x10/0x10 [ 18.274458] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.274491] ? calculate_sigpending+0x7b/0xa0 [ 18.274523] ? __pfx_kthread+0x10/0x10 [ 18.274550] ret_from_fork+0x41/0x80 [ 18.274585] ? __pfx_kthread+0x10/0x10 [ 18.274612] ret_from_fork_asm+0x1a/0x30 [ 18.274657] </TASK> [ 18.274673] [ 18.294984] Allocated by task 176: [ 18.295629] kasan_save_stack+0x45/0x70 [ 18.296054] kasan_save_track+0x18/0x40 [ 18.296454] kasan_save_alloc_info+0x3b/0x50 [ 18.296872] __kasan_krealloc+0x190/0x1f0 [ 18.298169] krealloc_noprof+0xf3/0x340 [ 18.298468] krealloc_more_oob_helper+0x1a9/0x930 [ 18.299446] krealloc_more_oob+0x1c/0x30 [ 18.300117] kunit_try_run_case+0x1a5/0x480 [ 18.300678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.301440] kthread+0x337/0x6f0 [ 18.301962] ret_from_fork+0x41/0x80 [ 18.303355] ret_from_fork_asm+0x1a/0x30 [ 18.303753] [ 18.304246] The buggy address belongs to the object at ffff888100344e00 [ 18.304246] which belongs to the cache kmalloc-256 of size 256 [ 18.305143] The buggy address is located 5 bytes to the right of [ 18.305143] allocated 235-byte region [ffff888100344e00, ffff888100344eeb) [ 18.306890] [ 18.307153] The buggy address belongs to the physical page: [ 18.308062] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 18.309099] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.309827] flags: 0x200000000000040(head|node=0|zone=2) [ 18.310158] page_type: f5(slab) [ 18.310496] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.311156] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.312624] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.313665] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.314374] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 18.315528] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.316034] page dumped because: kasan: bad access detected [ 18.316753] [ 18.316984] Memory state around the buggy address: [ 18.317935] ffff888100344d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.318417] ffff888100344e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.319907] >ffff888100344e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.320793] ^ [ 18.321939] ffff888100344f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.322658] ffff888100344f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.323550] ================================================================== [ 18.666206] ================================================================== [ 18.667155] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 18.667818] Write of size 1 at addr ffff88810390a0f0 by task kunit_try_catch/180 [ 18.668405] [ 18.668785] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.668984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.669064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.669162] Call Trace: [ 18.669215] <TASK> [ 18.669268] dump_stack_lvl+0x73/0xb0 [ 18.669405] print_report+0xd1/0x650 [ 18.669481] ? __virt_addr_valid+0x1db/0x2d0 [ 18.669550] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.669616] ? kasan_addr_to_slab+0x11/0xa0 [ 18.669686] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.669785] kasan_report+0x141/0x180 [ 18.669869] ? krealloc_more_oob_helper+0x7eb/0x930 [ 18.670083] __asan_report_store1_noabort+0x1b/0x30 [ 18.670204] krealloc_more_oob_helper+0x7eb/0x930 [ 18.670326] ? __schedule+0x10cc/0x2b60 [ 18.670443] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.670574] ? finish_task_switch.isra.0+0x153/0x700 [ 18.670663] ? __switch_to+0x5d9/0xf60 [ 18.670771] ? dequeue_task_fair+0x166/0x4e0 [ 18.670858] ? __schedule+0x10cc/0x2b60 [ 18.670931] ? __pfx_read_tsc+0x10/0x10 [ 18.671093] krealloc_large_more_oob+0x1c/0x30 [ 18.671165] kunit_try_run_case+0x1a5/0x480 [ 18.671248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.671339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.671419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.671493] ? __kthread_parkme+0x82/0x180 [ 18.671562] ? preempt_count_sub+0x50/0x80 [ 18.671632] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.671709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.671785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.671907] kthread+0x337/0x6f0 [ 18.672001] ? trace_preempt_on+0x20/0xc0 [ 18.672104] ? __pfx_kthread+0x10/0x10 [ 18.672169] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.672283] ? calculate_sigpending+0x7b/0xa0 [ 18.672378] ? __pfx_kthread+0x10/0x10 [ 18.672486] ret_from_fork+0x41/0x80 [ 18.672558] ? __pfx_kthread+0x10/0x10 [ 18.672617] ret_from_fork_asm+0x1a/0x30 [ 18.672737] </TASK> [ 18.672775] [ 18.689350] The buggy address belongs to the physical page: [ 18.689718] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103908 [ 18.690530] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.691280] flags: 0x200000000000040(head|node=0|zone=2) [ 18.691730] page_type: f8(unknown) [ 18.692079] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.692985] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.693649] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.694356] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.695080] head: 0200000000000002 ffffea00040e4201 00000000ffffffff 00000000ffffffff [ 18.695672] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.696371] page dumped because: kasan: bad access detected [ 18.696867] [ 18.697129] Memory state around the buggy address: [ 18.697817] ffff888103909f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.698572] ffff88810390a000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.699244] >ffff88810390a080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 18.700818] ^ [ 18.701683] ffff88810390a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.702679] ffff88810390a180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.703905] ================================================================== [ 18.207808] ================================================================== [ 18.209627] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 18.210915] Write of size 1 at addr ffff888100344eeb by task kunit_try_catch/176 [ 18.211960] [ 18.212245] CPU: 0 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.212409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.212450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.212502] Call Trace: [ 18.212537] <TASK> [ 18.212580] dump_stack_lvl+0x73/0xb0 [ 18.212640] print_report+0xd1/0x650 [ 18.212712] ? __virt_addr_valid+0x1db/0x2d0 [ 18.212754] ? krealloc_more_oob_helper+0x821/0x930 [ 18.212785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.212820] ? krealloc_more_oob_helper+0x821/0x930 [ 18.212850] kasan_report+0x141/0x180 [ 18.212886] ? krealloc_more_oob_helper+0x821/0x930 [ 18.212924] __asan_report_store1_noabort+0x1b/0x30 [ 18.212955] krealloc_more_oob_helper+0x821/0x930 [ 18.212989] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 18.213018] ? irqentry_exit+0x2a/0x60 [ 18.213340] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.213404] ? __pfx_krealloc_more_oob+0x10/0x10 [ 18.213439] krealloc_more_oob+0x1c/0x30 [ 18.213465] kunit_try_run_case+0x1a5/0x480 [ 18.213504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.213537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.213576] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.213609] ? __kthread_parkme+0x82/0x180 [ 18.213641] ? preempt_count_sub+0x50/0x80 [ 18.213678] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.213711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.213744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.213777] kthread+0x337/0x6f0 [ 18.213801] ? trace_preempt_on+0x20/0xc0 [ 18.213836] ? __pfx_kthread+0x10/0x10 [ 18.213860] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.213890] ? calculate_sigpending+0x7b/0xa0 [ 18.213920] ? __pfx_kthread+0x10/0x10 [ 18.213945] ret_from_fork+0x41/0x80 [ 18.214081] ? __pfx_kthread+0x10/0x10 [ 18.214144] ret_from_fork_asm+0x1a/0x30 [ 18.214220] </TASK> [ 18.214247] [ 18.233632] Allocated by task 176: [ 18.233832] kasan_save_stack+0x45/0x70 [ 18.234039] kasan_save_track+0x18/0x40 [ 18.234373] kasan_save_alloc_info+0x3b/0x50 [ 18.234714] __kasan_krealloc+0x190/0x1f0 [ 18.235061] krealloc_noprof+0xf3/0x340 [ 18.236572] krealloc_more_oob_helper+0x1a9/0x930 [ 18.236996] krealloc_more_oob+0x1c/0x30 [ 18.237959] kunit_try_run_case+0x1a5/0x480 [ 18.238767] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.239542] kthread+0x337/0x6f0 [ 18.239832] ret_from_fork+0x41/0x80 [ 18.240623] ret_from_fork_asm+0x1a/0x30 [ 18.240993] [ 18.241235] The buggy address belongs to the object at ffff888100344e00 [ 18.241235] which belongs to the cache kmalloc-256 of size 256 [ 18.242757] The buggy address is located 0 bytes to the right of [ 18.242757] allocated 235-byte region [ffff888100344e00, ffff888100344eeb) [ 18.244945] [ 18.245461] The buggy address belongs to the physical page: [ 18.245893] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 18.247086] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.247710] flags: 0x200000000000040(head|node=0|zone=2) [ 18.248336] page_type: f5(slab) [ 18.248926] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.249597] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.250461] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 18.251620] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.252160] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 18.253059] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 18.254321] page dumped because: kasan: bad access detected [ 18.255640] [ 18.256254] Memory state around the buggy address: [ 18.257031] ffff888100344d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.258003] ffff888100344e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.258419] >ffff888100344e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 18.258772] ^ [ 18.261678] ffff888100344f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.264187] ffff888100344f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.264576] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 58.468796] ================================================================== [ 58.469438] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 58.469438] [ 58.470153] Use-after-free read at 0x(____ptrval____) (in kfence-#178): [ 58.470756] test_krealloc+0x6fc/0xbe0 [ 58.471115] kunit_try_run_case+0x1a5/0x480 [ 58.471770] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.472794] kthread+0x337/0x6f0 [ 58.473472] ret_from_fork+0x41/0x80 [ 58.473794] ret_from_fork_asm+0x1a/0x30 [ 58.474293] [ 58.474565] kfence-#178: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 58.474565] [ 58.475467] allocated by task 357 on cpu 0 at 58.467777s (0.007684s ago): [ 58.476187] test_alloc+0x364/0x10f0 [ 58.476606] test_krealloc+0xad/0xbe0 [ 58.477104] kunit_try_run_case+0x1a5/0x480 [ 58.477492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.478121] kthread+0x337/0x6f0 [ 58.478529] ret_from_fork+0x41/0x80 [ 58.478969] ret_from_fork_asm+0x1a/0x30 [ 58.479469] [ 58.479662] freed by task 357 on cpu 0 at 58.468343s (0.011314s ago): [ 58.480325] krealloc_noprof+0x108/0x340 [ 58.480796] test_krealloc+0x226/0xbe0 [ 58.481286] kunit_try_run_case+0x1a5/0x480 [ 58.481725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.482339] kthread+0x337/0x6f0 [ 58.482746] ret_from_fork+0x41/0x80 [ 58.483176] ret_from_fork_asm+0x1a/0x30 [ 58.483636] [ 58.483973] CPU: 0 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 58.484898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.485413] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.486169] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 58.369479] ================================================================== [ 58.369858] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.369858] [ 58.371400] Use-after-free read at 0x(____ptrval____) (in kfence-#177): [ 58.372462] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.372904] kunit_try_run_case+0x1a5/0x480 [ 58.373650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.374459] kthread+0x337/0x6f0 [ 58.374796] ret_from_fork+0x41/0x80 [ 58.375285] ret_from_fork_asm+0x1a/0x30 [ 58.375667] [ 58.375911] kfence-#177: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 58.375911] [ 58.376626] allocated by task 355 on cpu 0 at 58.363757s (0.012863s ago): [ 58.377803] test_alloc+0x2a6/0x10f0 [ 58.378201] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 58.378697] kunit_try_run_case+0x1a5/0x480 [ 58.379196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.379977] kthread+0x337/0x6f0 [ 58.380516] ret_from_fork+0x41/0x80 [ 58.380972] ret_from_fork_asm+0x1a/0x30 [ 58.381416] [ 58.381763] freed by task 355 on cpu 0 at 58.363875s (0.017882s ago): [ 58.382815] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 58.383582] kunit_try_run_case+0x1a5/0x480 [ 58.384012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.384667] kthread+0x337/0x6f0 [ 58.385183] ret_from_fork+0x41/0x80 [ 58.385572] ret_from_fork_asm+0x1a/0x30 [ 58.386162] [ 58.386606] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 58.387539] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.387954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.388844] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 34.470872] ================================================================== [ 34.471748] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 34.471748] [ 34.472549] Invalid read at 0x(____ptrval____): [ 34.472894] test_invalid_access+0xf0/0x210 [ 34.473245] kunit_try_run_case+0x1a5/0x480 [ 34.474052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.475564] kthread+0x337/0x6f0 [ 34.476209] ret_from_fork+0x41/0x80 [ 34.476658] ret_from_fork_asm+0x1a/0x30 [ 34.477276] [ 34.477554] CPU: 1 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 34.478893] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.479496] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.480451] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 34.236035] ================================================================== [ 34.236672] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.236672] [ 34.238374] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#171): [ 34.239835] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.240526] kunit_try_run_case+0x1a5/0x480 [ 34.241124] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.241650] kthread+0x337/0x6f0 [ 34.242008] ret_from_fork+0x41/0x80 [ 34.242946] ret_from_fork_asm+0x1a/0x30 [ 34.243378] [ 34.243785] kfence-#171: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 34.243785] [ 34.244814] allocated by task 345 on cpu 0 at 34.235665s (0.009143s ago): [ 34.245773] test_alloc+0x364/0x10f0 [ 34.246442] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 34.246933] kunit_try_run_case+0x1a5/0x480 [ 34.247633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.248322] kthread+0x337/0x6f0 [ 34.248720] ret_from_fork+0x41/0x80 [ 34.249389] ret_from_fork_asm+0x1a/0x30 [ 34.250021] [ 34.250338] freed by task 345 on cpu 0 at 34.235904s (0.014427s ago): [ 34.251187] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 34.251687] kunit_try_run_case+0x1a5/0x480 [ 34.252401] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.253057] kthread+0x337/0x6f0 [ 34.253433] ret_from_fork+0x41/0x80 [ 34.254058] ret_from_fork_asm+0x1a/0x30 [ 34.254562] [ 34.254842] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 34.256040] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.256623] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.257620] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 34.131993] ================================================================== [ 34.132715] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 34.132715] [ 34.133511] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#170): [ 34.134111] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 34.135546] kunit_try_run_case+0x1a5/0x480 [ 34.136269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.136528] kthread+0x337/0x6f0 [ 34.136680] ret_from_fork+0x41/0x80 [ 34.136843] ret_from_fork_asm+0x1a/0x30 [ 34.137013] [ 34.137215] kfence-#170: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 34.137215] [ 34.138993] allocated by task 343 on cpu 1 at 34.131609s (0.007381s ago): [ 34.139711] test_alloc+0x364/0x10f0 [ 34.140029] test_kmalloc_aligned_oob_read+0x105/0x560 [ 34.141054] kunit_try_run_case+0x1a5/0x480 [ 34.141721] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 34.142234] kthread+0x337/0x6f0 [ 34.142857] ret_from_fork+0x41/0x80 [ 34.143285] ret_from_fork_asm+0x1a/0x30 [ 34.143723] [ 34.144021] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 34.145242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 34.145601] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 34.146467] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 29.243818] ================================================================== [ 29.244630] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 29.244630] [ 29.245195] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 29.246625] test_corruption+0x2d2/0x3e0 [ 29.247032] kunit_try_run_case+0x1a5/0x480 [ 29.247497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.248074] kthread+0x337/0x6f0 [ 29.248452] ret_from_fork+0x41/0x80 [ 29.248875] ret_from_fork_asm+0x1a/0x30 [ 29.249249] [ 29.249517] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.249517] [ 29.250414] allocated by task 331 on cpu 0 at 29.243554s (0.006854s ago): [ 29.250964] test_alloc+0x364/0x10f0 [ 29.251456] test_corruption+0xe6/0x3e0 [ 29.251869] kunit_try_run_case+0x1a5/0x480 [ 29.252400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.253231] kthread+0x337/0x6f0 [ 29.253638] ret_from_fork+0x41/0x80 [ 29.254025] ret_from_fork_asm+0x1a/0x30 [ 29.254441] [ 29.254629] freed by task 331 on cpu 0 at 29.243708s (0.010915s ago): [ 29.255172] test_corruption+0x2d2/0x3e0 [ 29.255629] kunit_try_run_case+0x1a5/0x480 [ 29.256108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.256568] kthread+0x337/0x6f0 [ 29.256946] ret_from_fork+0x41/0x80 [ 29.257375] ret_from_fork_asm+0x1a/0x30 [ 29.257705] [ 29.257948] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 29.258937] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.259614] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.260499] ================================================================== [ 29.452578] ================================================================== [ 29.453348] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 29.453348] [ 29.454034] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#125): [ 29.454925] test_corruption+0x2df/0x3e0 [ 29.455503] kunit_try_run_case+0x1a5/0x480 [ 29.455994] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.456546] kthread+0x337/0x6f0 [ 29.456948] ret_from_fork+0x41/0x80 [ 29.457418] ret_from_fork_asm+0x1a/0x30 [ 29.457882] [ 29.458102] kfence-#125: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 29.458102] [ 29.458901] allocated by task 331 on cpu 0 at 29.452102s (0.006794s ago): [ 29.459434] test_alloc+0x364/0x10f0 [ 29.460054] test_corruption+0x1cb/0x3e0 [ 29.460542] kunit_try_run_case+0x1a5/0x480 [ 29.461052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.461598] kthread+0x337/0x6f0 [ 29.462046] ret_from_fork+0x41/0x80 [ 29.462479] ret_from_fork_asm+0x1a/0x30 [ 29.462906] [ 29.463109] freed by task 331 on cpu 0 at 29.452382s (0.010721s ago): [ 29.463765] test_corruption+0x2df/0x3e0 [ 29.464283] kunit_try_run_case+0x1a5/0x480 [ 29.464839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.465333] kthread+0x337/0x6f0 [ 29.465624] ret_from_fork+0x41/0x80 [ 29.465934] ret_from_fork_asm+0x1a/0x30 [ 29.466641] [ 29.466966] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 29.468181] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.468646] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.469232] ================================================================== [ 29.867670] ================================================================== [ 29.868377] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 29.868377] [ 29.869002] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#129): [ 29.869751] test_corruption+0x216/0x3e0 [ 29.870108] kunit_try_run_case+0x1a5/0x480 [ 29.870594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.871093] kthread+0x337/0x6f0 [ 29.871434] ret_from_fork+0x41/0x80 [ 29.871850] ret_from_fork_asm+0x1a/0x30 [ 29.872462] [ 29.872712] kfence-#129: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.872712] [ 29.873503] allocated by task 333 on cpu 1 at 29.867505s (0.005992s ago): [ 29.874042] test_alloc+0x2a6/0x10f0 [ 29.874464] test_corruption+0x1cb/0x3e0 [ 29.874863] kunit_try_run_case+0x1a5/0x480 [ 29.875223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.875806] kthread+0x337/0x6f0 [ 29.876322] ret_from_fork+0x41/0x80 [ 29.876665] ret_from_fork_asm+0x1a/0x30 [ 29.877027] [ 29.877267] freed by task 333 on cpu 1 at 29.867579s (0.009683s ago): [ 29.878023] test_corruption+0x216/0x3e0 [ 29.878470] kunit_try_run_case+0x1a5/0x480 [ 29.878868] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.879452] kthread+0x337/0x6f0 [ 29.879833] ret_from_fork+0x41/0x80 [ 29.880239] ret_from_fork_asm+0x1a/0x30 [ 29.880710] [ 29.880985] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 29.881690] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.882232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.883015] ================================================================== [ 29.555923] ================================================================== [ 29.556645] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 29.556645] [ 29.557326] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#126): [ 29.559327] test_corruption+0x131/0x3e0 [ 29.559725] kunit_try_run_case+0x1a5/0x480 [ 29.560195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.560672] kthread+0x337/0x6f0 [ 29.561062] ret_from_fork+0x41/0x80 [ 29.561423] ret_from_fork_asm+0x1a/0x30 [ 29.561870] [ 29.562072] kfence-#126: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 29.562072] [ 29.562977] allocated by task 333 on cpu 1 at 29.555688s (0.007284s ago): [ 29.563497] test_alloc+0x2a6/0x10f0 [ 29.563915] test_corruption+0xe6/0x3e0 [ 29.564363] kunit_try_run_case+0x1a5/0x480 [ 29.564731] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.565239] kthread+0x337/0x6f0 [ 29.565747] ret_from_fork+0x41/0x80 [ 29.566193] ret_from_fork_asm+0x1a/0x30 [ 29.566598] [ 29.566813] freed by task 333 on cpu 1 at 29.555782s (0.011026s ago): [ 29.567491] test_corruption+0x131/0x3e0 [ 29.567851] kunit_try_run_case+0x1a5/0x480 [ 29.568318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 29.569044] kthread+0x337/0x6f0 [ 29.569408] ret_from_fork+0x41/0x80 [ 29.569739] ret_from_fork_asm+0x1a/0x30 [ 29.570135] [ 29.570453] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 29.571273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 29.571597] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 29.572354] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 28.619822] ================================================================== [ 28.620539] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 28.620539] [ 28.621969] Invalid free of 0x(____ptrval____) (in kfence-#117): [ 28.622936] test_invalid_addr_free+0xfb/0x260 [ 28.623436] kunit_try_run_case+0x1a5/0x480 [ 28.624175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.624706] kthread+0x337/0x6f0 [ 28.625361] ret_from_fork+0x41/0x80 [ 28.625919] ret_from_fork_asm+0x1a/0x30 [ 28.626588] [ 28.626999] kfence-#117: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.626999] [ 28.627745] allocated by task 329 on cpu 0 at 28.619627s (0.008112s ago): [ 28.628530] test_alloc+0x2a6/0x10f0 [ 28.629239] test_invalid_addr_free+0xdb/0x260 [ 28.629808] kunit_try_run_case+0x1a5/0x480 [ 28.630444] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.631062] kthread+0x337/0x6f0 [ 28.631445] ret_from_fork+0x41/0x80 [ 28.632092] ret_from_fork_asm+0x1a/0x30 [ 28.632516] [ 28.632802] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 28.633928] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.634509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.635469] ================================================================== [ 28.515832] ================================================================== [ 28.516611] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 28.516611] [ 28.517312] Invalid free of 0x(____ptrval____) (in kfence-#116): [ 28.517789] test_invalid_addr_free+0x1e1/0x260 [ 28.518156] kunit_try_run_case+0x1a5/0x480 [ 28.518786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.519334] kthread+0x337/0x6f0 [ 28.519636] ret_from_fork+0x41/0x80 [ 28.520069] ret_from_fork_asm+0x1a/0x30 [ 28.520517] [ 28.520756] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.520756] [ 28.521536] allocated by task 327 on cpu 1 at 28.515606s (0.005925s ago): [ 28.522124] test_alloc+0x364/0x10f0 [ 28.522625] test_invalid_addr_free+0xdb/0x260 [ 28.522973] kunit_try_run_case+0x1a5/0x480 [ 28.523465] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.523992] kthread+0x337/0x6f0 [ 28.524384] ret_from_fork+0x41/0x80 [ 28.524689] ret_from_fork_asm+0x1a/0x30 [ 28.525098] [ 28.525405] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 28.526406] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.526791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.527380] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 28.411938] ================================================================== [ 28.412564] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 28.412564] [ 28.413221] Invalid free of 0x(____ptrval____) (in kfence-#115): [ 28.413711] test_double_free+0x112/0x260 [ 28.414120] kunit_try_run_case+0x1a5/0x480 [ 28.414490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.415018] kthread+0x337/0x6f0 [ 28.415380] ret_from_fork+0x41/0x80 [ 28.415722] ret_from_fork_asm+0x1a/0x30 [ 28.416251] [ 28.416473] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.416473] [ 28.417114] allocated by task 325 on cpu 0 at 28.411645s (0.005463s ago): [ 28.417592] test_alloc+0x2a6/0x10f0 [ 28.418036] test_double_free+0xdb/0x260 [ 28.418596] kunit_try_run_case+0x1a5/0x480 [ 28.419040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.419638] kthread+0x337/0x6f0 [ 28.419982] ret_from_fork+0x41/0x80 [ 28.420409] ret_from_fork_asm+0x1a/0x30 [ 28.420731] [ 28.420910] freed by task 325 on cpu 0 at 28.411741s (0.009164s ago): [ 28.421500] test_double_free+0xfa/0x260 [ 28.422053] kunit_try_run_case+0x1a5/0x480 [ 28.422525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.422958] kthread+0x337/0x6f0 [ 28.423253] ret_from_fork+0x41/0x80 [ 28.423700] ret_from_fork_asm+0x1a/0x30 [ 28.424336] [ 28.424632] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 28.425645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.426047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.426755] ================================================================== [ 28.308003] ================================================================== [ 28.308689] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 28.308689] [ 28.309438] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 28.310074] test_double_free+0x1d3/0x260 [ 28.310459] kunit_try_run_case+0x1a5/0x480 [ 28.310948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.311536] kthread+0x337/0x6f0 [ 28.312015] ret_from_fork+0x41/0x80 [ 28.312392] ret_from_fork_asm+0x1a/0x30 [ 28.312776] [ 28.313039] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 28.313039] [ 28.314038] allocated by task 323 on cpu 0 at 28.307642s (0.006390s ago): [ 28.314715] test_alloc+0x364/0x10f0 [ 28.315164] test_double_free+0xdb/0x260 [ 28.315626] kunit_try_run_case+0x1a5/0x480 [ 28.316081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.316540] kthread+0x337/0x6f0 [ 28.316825] ret_from_fork+0x41/0x80 [ 28.317348] ret_from_fork_asm+0x1a/0x30 [ 28.317861] [ 28.318122] freed by task 323 on cpu 0 at 28.307747s (0.010370s ago): [ 28.318643] test_double_free+0x1e0/0x260 [ 28.319043] kunit_try_run_case+0x1a5/0x480 [ 28.319781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.320508] kthread+0x337/0x6f0 [ 28.320887] ret_from_fork+0x41/0x80 [ 28.321335] ret_from_fork_asm+0x1a/0x30 [ 28.321751] [ 28.322081] CPU: 0 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 28.322840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.323401] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.324074] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 27.995985] ================================================================== [ 27.996742] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.996742] [ 27.997464] Use-after-free read at 0x(____ptrval____) (in kfence-#111): [ 27.997943] test_use_after_free_read+0x129/0x270 [ 27.999097] kunit_try_run_case+0x1a5/0x480 [ 27.999834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.000791] kthread+0x337/0x6f0 [ 28.001517] ret_from_fork+0x41/0x80 [ 28.001881] ret_from_fork_asm+0x1a/0x30 [ 28.002646] [ 28.002924] kfence-#111: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.002924] [ 28.003769] allocated by task 317 on cpu 0 at 27.995647s (0.008116s ago): [ 28.004678] test_alloc+0x2a6/0x10f0 [ 28.005026] test_use_after_free_read+0xdc/0x270 [ 28.005438] kunit_try_run_case+0x1a5/0x480 [ 28.005782] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.006708] kthread+0x337/0x6f0 [ 28.007396] ret_from_fork+0x41/0x80 [ 28.008001] ret_from_fork_asm+0x1a/0x30 [ 28.008405] [ 28.008627] freed by task 317 on cpu 0 at 27.995737s (0.012884s ago): [ 28.009173] test_use_after_free_read+0xfb/0x270 [ 28.009693] kunit_try_run_case+0x1a5/0x480 [ 28.010077] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.010590] kthread+0x337/0x6f0 [ 28.010968] ret_from_fork+0x41/0x80 [ 28.011348] ret_from_fork_asm+0x1a/0x30 [ 28.011773] [ 28.012095] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 28.013014] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.013812] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.014934] ================================================================== [ 27.891991] ================================================================== [ 27.892714] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 27.892714] [ 27.893504] Use-after-free read at 0x(____ptrval____) (in kfence-#110): [ 27.894074] test_use_after_free_read+0x129/0x270 [ 27.895462] kunit_try_run_case+0x1a5/0x480 [ 27.895890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.896744] kthread+0x337/0x6f0 [ 27.897046] ret_from_fork+0x41/0x80 [ 27.897913] ret_from_fork_asm+0x1a/0x30 [ 27.898506] [ 27.898713] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.898713] [ 27.899608] allocated by task 315 on cpu 1 at 27.891664s (0.007938s ago): [ 27.900650] test_alloc+0x364/0x10f0 [ 27.900829] test_use_after_free_read+0xdc/0x270 [ 27.901014] kunit_try_run_case+0x1a5/0x480 [ 27.901732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.902773] kthread+0x337/0x6f0 [ 27.903112] ret_from_fork+0x41/0x80 [ 27.903628] ret_from_fork_asm+0x1a/0x30 [ 27.904037] [ 27.904692] freed by task 315 on cpu 1 at 27.891745s (0.012944s ago): [ 27.905365] test_use_after_free_read+0x1e7/0x270 [ 27.906008] kunit_try_run_case+0x1a5/0x480 [ 27.906446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.906962] kthread+0x337/0x6f0 [ 27.907525] ret_from_fork+0x41/0x80 [ 27.908230] ret_from_fork_asm+0x1a/0x30 [ 27.909069] [ 27.909631] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.910863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.911267] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.912006] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 27.787779] ================================================================== [ 27.788383] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.788383] [ 27.789503] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#109): [ 27.790113] test_out_of_bounds_write+0x10d/0x260 [ 27.790578] kunit_try_run_case+0x1a5/0x480 [ 27.791109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.791654] kthread+0x337/0x6f0 [ 27.792112] ret_from_fork+0x41/0x80 [ 27.792536] ret_from_fork_asm+0x1a/0x30 [ 27.793002] [ 27.793335] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.793335] [ 27.793936] allocated by task 313 on cpu 0 at 27.787676s (0.006254s ago): [ 27.794714] test_alloc+0x2a6/0x10f0 [ 27.795210] test_out_of_bounds_write+0xd4/0x260 [ 27.795787] kunit_try_run_case+0x1a5/0x480 [ 27.796328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.796868] kthread+0x337/0x6f0 [ 27.797277] ret_from_fork+0x41/0x80 [ 27.797734] ret_from_fork_asm+0x1a/0x30 [ 27.798161] [ 27.798490] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.799433] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.799754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.800639] ================================================================== [ 27.683870] ================================================================== [ 27.684520] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 27.684520] [ 27.685405] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#108): [ 27.685927] test_out_of_bounds_write+0x10d/0x260 [ 27.686330] kunit_try_run_case+0x1a5/0x480 [ 27.686640] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.687092] kthread+0x337/0x6f0 [ 27.688418] ret_from_fork+0x41/0x80 [ 27.688979] ret_from_fork_asm+0x1a/0x30 [ 27.689731] [ 27.690240] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.690240] [ 27.691479] allocated by task 311 on cpu 1 at 27.683656s (0.007818s ago): [ 27.692065] test_alloc+0x364/0x10f0 [ 27.692406] test_out_of_bounds_write+0xd4/0x260 [ 27.692777] kunit_try_run_case+0x1a5/0x480 [ 27.693625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.694376] kthread+0x337/0x6f0 [ 27.694818] ret_from_fork+0x41/0x80 [ 27.695357] ret_from_fork_asm+0x1a/0x30 [ 27.696015] [ 27.696430] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.697077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.697253] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.697890] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 27.579701] ================================================================== [ 27.580244] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 27.580244] [ 27.581585] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#107): [ 27.582212] test_out_of_bounds_read+0x216/0x4e0 [ 27.582625] kunit_try_run_case+0x1a5/0x480 [ 27.583074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.583580] kthread+0x337/0x6f0 [ 27.583982] ret_from_fork+0x41/0x80 [ 27.584679] ret_from_fork_asm+0x1a/0x30 [ 27.585094] [ 27.585313] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.585313] [ 27.586037] allocated by task 309 on cpu 1 at 27.579612s (0.006420s ago): [ 27.586876] test_alloc+0x2a6/0x10f0 [ 27.587209] test_out_of_bounds_read+0x1e2/0x4e0 [ 27.588073] kunit_try_run_case+0x1a5/0x480 [ 27.588734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.589417] kthread+0x337/0x6f0 [ 27.589686] ret_from_fork+0x41/0x80 [ 27.589973] ret_from_fork_asm+0x1a/0x30 [ 27.590838] [ 27.591159] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.592752] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.593455] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.595024] ================================================================== [ 27.371776] ================================================================== [ 27.372272] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 27.372272] [ 27.373135] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#105): [ 27.373649] test_out_of_bounds_read+0x216/0x4e0 [ 27.374126] kunit_try_run_case+0x1a5/0x480 [ 27.374657] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.375104] kthread+0x337/0x6f0 [ 27.375517] ret_from_fork+0x41/0x80 [ 27.375938] ret_from_fork_asm+0x1a/0x30 [ 27.376433] [ 27.376644] kfence-#105: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.376644] [ 27.377465] allocated by task 307 on cpu 0 at 27.371616s (0.005843s ago): [ 27.378115] test_alloc+0x364/0x10f0 [ 27.378458] test_out_of_bounds_read+0x1e2/0x4e0 [ 27.378882] kunit_try_run_case+0x1a5/0x480 [ 27.379403] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.379896] kthread+0x337/0x6f0 [ 27.380258] ret_from_fork+0x41/0x80 [ 27.380696] ret_from_fork_asm+0x1a/0x30 [ 27.381186] [ 27.381506] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.382368] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.382799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.383570] ================================================================== [ 27.475737] ================================================================== [ 27.476605] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 27.476605] [ 27.477680] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#106): [ 27.478821] test_out_of_bounds_read+0x126/0x4e0 [ 27.479389] kunit_try_run_case+0x1a5/0x480 [ 27.479585] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.479792] kthread+0x337/0x6f0 [ 27.479954] ret_from_fork+0x41/0x80 [ 27.480457] ret_from_fork_asm+0x1a/0x30 [ 27.481126] [ 27.481813] kfence-#106: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.481813] [ 27.482625] allocated by task 309 on cpu 1 at 27.475639s (0.006983s ago): [ 27.483234] test_alloc+0x2a6/0x10f0 [ 27.483522] test_out_of_bounds_read+0xed/0x4e0 [ 27.483961] kunit_try_run_case+0x1a5/0x480 [ 27.484457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.484888] kthread+0x337/0x6f0 [ 27.485396] ret_from_fork+0x41/0x80 [ 27.485803] ret_from_fork_asm+0x1a/0x30 [ 27.486124] [ 27.486432] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.488000] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.488647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.489599] ================================================================== [ 27.164329] ================================================================== [ 27.164991] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 27.164991] [ 27.165909] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#103): [ 27.166715] test_out_of_bounds_read+0x126/0x4e0 [ 27.167185] kunit_try_run_case+0x1a5/0x480 [ 27.167759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.168202] kthread+0x337/0x6f0 [ 27.168644] ret_from_fork+0x41/0x80 [ 27.169095] ret_from_fork_asm+0x1a/0x30 [ 27.169527] [ 27.169809] kfence-#103: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.169809] [ 27.170536] allocated by task 307 on cpu 0 at 27.163622s (0.006909s ago): [ 27.171211] test_alloc+0x364/0x10f0 [ 27.171664] test_out_of_bounds_read+0xed/0x4e0 [ 27.172078] kunit_try_run_case+0x1a5/0x480 [ 27.172670] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.173050] kthread+0x337/0x6f0 [ 27.173447] ret_from_fork+0x41/0x80 [ 27.173886] ret_from_fork_asm+0x1a/0x30 [ 27.174359] [ 27.174741] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.175796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.176641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.177938] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_track_caller_oob_right
[ 17.925638] ================================================================== [ 17.927413] BUG: KFENCE: memory corruption in kmalloc_track_caller_oob_right+0x288/0x520 [ 17.927413] [ 17.928754] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#62): [ 17.929684] kmalloc_track_caller_oob_right+0x288/0x520 [ 17.930081] kunit_try_run_case+0x1a5/0x480 [ 17.931835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.932982] kthread+0x337/0x6f0 [ 17.933624] ret_from_fork+0x41/0x80 [ 17.934343] ret_from_fork_asm+0x1a/0x30 [ 17.934690] [ 17.934934] kfence-#62: 0x(____ptrval____)-0x(____ptrval____), size=120, cache=kmalloc-128 [ 17.934934] [ 17.936051] allocated by task 162 on cpu 1 at 17.924457s (0.011587s ago): [ 17.937073] kmalloc_track_caller_oob_right+0x19a/0x520 [ 17.937646] kunit_try_run_case+0x1a5/0x480 [ 17.937990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.939002] kthread+0x337/0x6f0 [ 17.939607] ret_from_fork+0x41/0x80 [ 17.940007] ret_from_fork_asm+0x1a/0x30 [ 17.940663] [ 17.940913] freed by task 162 on cpu 1 at 17.925498s (0.015409s ago): [ 17.941846] kmalloc_track_caller_oob_right+0x288/0x520 [ 17.942544] kunit_try_run_case+0x1a5/0x480 [ 17.943129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.943656] kthread+0x337/0x6f0 [ 17.944347] ret_from_fork+0x41/0x80 [ 17.944512] ret_from_fork_asm+0x1a/0x30 [ 17.944675] [ 17.944789] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.945615] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.946463] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.947208] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 26.971183] ================================================================== [ 26.971895] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 26.972643] Write of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.973340] [ 26.973606] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.973742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.973784] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.973846] Call Trace: [ 26.973904] <TASK> [ 26.973962] dump_stack_lvl+0x73/0xb0 [ 26.974056] print_report+0xd1/0x650 [ 26.974144] ? __virt_addr_valid+0x1db/0x2d0 [ 26.974229] ? strncpy_from_user+0x2e/0x1d0 [ 26.974329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.974417] ? strncpy_from_user+0x2e/0x1d0 [ 26.974530] kasan_report+0x141/0x180 [ 26.974620] ? strncpy_from_user+0x2e/0x1d0 [ 26.974719] kasan_check_range+0x10c/0x1c0 [ 26.974799] __kasan_check_write+0x18/0x20 [ 26.974876] strncpy_from_user+0x2e/0x1d0 [ 26.974964] copy_user_test_oob+0x760/0x10f0 [ 26.975048] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.975107] ? finish_task_switch.isra.0+0x153/0x700 [ 26.975151] ? __switch_to+0x5d9/0xf60 [ 26.975185] ? dequeue_task_fair+0x166/0x4e0 [ 26.975224] ? __schedule+0x10cc/0x2b60 [ 26.975260] ? __pfx_read_tsc+0x10/0x10 [ 26.975317] ? ktime_get_ts64+0x86/0x230 [ 26.975364] kunit_try_run_case+0x1a5/0x480 [ 26.975406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.975442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.975481] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.975518] ? __kthread_parkme+0x82/0x180 [ 26.975553] ? preempt_count_sub+0x50/0x80 [ 26.975591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.975629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.975664] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.975700] kthread+0x337/0x6f0 [ 26.975725] ? trace_preempt_on+0x20/0xc0 [ 26.975763] ? __pfx_kthread+0x10/0x10 [ 26.975792] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.975825] ? calculate_sigpending+0x7b/0xa0 [ 26.975858] ? __pfx_kthread+0x10/0x10 [ 26.975902] ret_from_fork+0x41/0x80 [ 26.975937] ? __pfx_kthread+0x10/0x10 [ 26.975966] ret_from_fork_asm+0x1a/0x30 [ 26.976012] </TASK> [ 26.976030] [ 26.993603] Allocated by task 305: [ 26.994044] kasan_save_stack+0x45/0x70 [ 26.994642] kasan_save_track+0x18/0x40 [ 26.995074] kasan_save_alloc_info+0x3b/0x50 [ 26.995479] __kasan_kmalloc+0xb7/0xc0 [ 26.995799] __kmalloc_noprof+0x1c9/0x500 [ 26.996470] kunit_kmalloc_array+0x25/0x60 [ 26.997179] copy_user_test_oob+0xab/0x10f0 [ 26.997923] kunit_try_run_case+0x1a5/0x480 [ 26.998485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.999055] kthread+0x337/0x6f0 [ 26.999517] ret_from_fork+0x41/0x80 [ 27.000033] ret_from_fork_asm+0x1a/0x30 [ 27.000518] [ 27.000714] The buggy address belongs to the object at ffff888102ed7700 [ 27.000714] which belongs to the cache kmalloc-128 of size 128 [ 27.001623] The buggy address is located 0 bytes inside of [ 27.001623] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 27.002682] [ 27.002946] The buggy address belongs to the physical page: [ 27.003620] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 27.004471] flags: 0x200000000000000(node=0|zone=2) [ 27.005003] page_type: f5(slab) [ 27.005396] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.005909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.006598] page dumped because: kasan: bad access detected [ 27.007478] [ 27.007812] Memory state around the buggy address: [ 27.008463] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.009190] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.009786] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.010233] ^ [ 27.010793] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.011529] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.012156] ================================================================== [ 27.013865] ================================================================== [ 27.014542] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 27.015025] Write of size 1 at addr ffff888102ed7778 by task kunit_try_catch/305 [ 27.015723] [ 27.016026] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 27.016157] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.016202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.016264] Call Trace: [ 27.016337] <TASK> [ 27.016394] dump_stack_lvl+0x73/0xb0 [ 27.016486] print_report+0xd1/0x650 [ 27.016573] ? __virt_addr_valid+0x1db/0x2d0 [ 27.016676] ? strncpy_from_user+0x1a5/0x1d0 [ 27.016784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 27.016867] ? strncpy_from_user+0x1a5/0x1d0 [ 27.016948] kasan_report+0x141/0x180 [ 27.017027] ? strncpy_from_user+0x1a5/0x1d0 [ 27.017121] __asan_report_store1_noabort+0x1b/0x30 [ 27.017202] strncpy_from_user+0x1a5/0x1d0 [ 27.017287] copy_user_test_oob+0x760/0x10f0 [ 27.017388] ? __pfx_copy_user_test_oob+0x10/0x10 [ 27.017461] ? finish_task_switch.isra.0+0x153/0x700 [ 27.017534] ? __switch_to+0x5d9/0xf60 [ 27.017571] ? dequeue_task_fair+0x166/0x4e0 [ 27.017610] ? __schedule+0x10cc/0x2b60 [ 27.017648] ? __pfx_read_tsc+0x10/0x10 [ 27.017683] ? ktime_get_ts64+0x86/0x230 [ 27.017724] kunit_try_run_case+0x1a5/0x480 [ 27.017764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.017800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 27.017837] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 27.017874] ? __kthread_parkme+0x82/0x180 [ 27.017909] ? preempt_count_sub+0x50/0x80 [ 27.017946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 27.017981] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.018016] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 27.018068] kthread+0x337/0x6f0 [ 27.018116] ? trace_preempt_on+0x20/0xc0 [ 27.018154] ? __pfx_kthread+0x10/0x10 [ 27.018181] ? _raw_spin_unlock_irq+0x47/0x80 [ 27.018214] ? calculate_sigpending+0x7b/0xa0 [ 27.018248] ? __pfx_kthread+0x10/0x10 [ 27.018276] ret_from_fork+0x41/0x80 [ 27.018341] ? __pfx_kthread+0x10/0x10 [ 27.018371] ret_from_fork_asm+0x1a/0x30 [ 27.018418] </TASK> [ 27.018435] [ 27.033794] Allocated by task 305: [ 27.034444] kasan_save_stack+0x45/0x70 [ 27.034961] kasan_save_track+0x18/0x40 [ 27.035474] kasan_save_alloc_info+0x3b/0x50 [ 27.035960] __kasan_kmalloc+0xb7/0xc0 [ 27.036449] __kmalloc_noprof+0x1c9/0x500 [ 27.036788] kunit_kmalloc_array+0x25/0x60 [ 27.037234] copy_user_test_oob+0xab/0x10f0 [ 27.037742] kunit_try_run_case+0x1a5/0x480 [ 27.038255] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.038844] kthread+0x337/0x6f0 [ 27.039318] ret_from_fork+0x41/0x80 [ 27.039752] ret_from_fork_asm+0x1a/0x30 [ 27.040272] [ 27.040534] The buggy address belongs to the object at ffff888102ed7700 [ 27.040534] which belongs to the cache kmalloc-128 of size 128 [ 27.041592] The buggy address is located 0 bytes to the right of [ 27.041592] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 27.042649] [ 27.042907] The buggy address belongs to the physical page: [ 27.043529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 27.044275] flags: 0x200000000000000(node=0|zone=2) [ 27.044758] page_type: f5(slab) [ 27.045217] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 27.045869] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 27.047278] page dumped because: kasan: bad access detected [ 27.047676] [ 27.047860] Memory state around the buggy address: [ 27.048213] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 27.048661] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.048912] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 27.049149] ^ [ 27.049830] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.050943] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 27.052186] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 26.836266] ================================================================== [ 26.837159] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 26.838876] Read of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.839451] [ 26.839739] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.839904] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.839949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.840013] Call Trace: [ 26.840062] <TASK> [ 26.840111] dump_stack_lvl+0x73/0xb0 [ 26.840162] print_report+0xd1/0x650 [ 26.840243] ? __virt_addr_valid+0x1db/0x2d0 [ 26.840286] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.840375] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.840453] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.840530] kasan_report+0x141/0x180 [ 26.840610] ? copy_user_test_oob+0x4aa/0x10f0 [ 26.840697] kasan_check_range+0x10c/0x1c0 [ 26.840771] __kasan_check_read+0x15/0x20 [ 26.840843] copy_user_test_oob+0x4aa/0x10f0 [ 26.840924] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.840971] ? finish_task_switch.isra.0+0x153/0x700 [ 26.841016] ? __switch_to+0x5d9/0xf60 [ 26.841087] ? dequeue_task_fair+0x166/0x4e0 [ 26.841135] ? __schedule+0x10cc/0x2b60 [ 26.841175] ? __pfx_read_tsc+0x10/0x10 [ 26.841212] ? ktime_get_ts64+0x86/0x230 [ 26.841256] kunit_try_run_case+0x1a5/0x480 [ 26.841324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.841368] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.841410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.841451] ? __kthread_parkme+0x82/0x180 [ 26.841489] ? preempt_count_sub+0x50/0x80 [ 26.841528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.841568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.841606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.841645] kthread+0x337/0x6f0 [ 26.841673] ? trace_preempt_on+0x20/0xc0 [ 26.841714] ? __pfx_kthread+0x10/0x10 [ 26.841743] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.841778] ? calculate_sigpending+0x7b/0xa0 [ 26.841812] ? __pfx_kthread+0x10/0x10 [ 26.841843] ret_from_fork+0x41/0x80 [ 26.841878] ? __pfx_kthread+0x10/0x10 [ 26.841909] ret_from_fork_asm+0x1a/0x30 [ 26.841957] </TASK> [ 26.841974] [ 26.858218] Allocated by task 305: [ 26.858557] kasan_save_stack+0x45/0x70 [ 26.858923] kasan_save_track+0x18/0x40 [ 26.859667] kasan_save_alloc_info+0x3b/0x50 [ 26.860948] __kasan_kmalloc+0xb7/0xc0 [ 26.861661] __kmalloc_noprof+0x1c9/0x500 [ 26.862002] kunit_kmalloc_array+0x25/0x60 [ 26.862382] copy_user_test_oob+0xab/0x10f0 [ 26.862738] kunit_try_run_case+0x1a5/0x480 [ 26.863686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.864322] kthread+0x337/0x6f0 [ 26.864778] ret_from_fork+0x41/0x80 [ 26.865327] ret_from_fork_asm+0x1a/0x30 [ 26.866064] [ 26.866340] The buggy address belongs to the object at ffff888102ed7700 [ 26.866340] which belongs to the cache kmalloc-128 of size 128 [ 26.867261] The buggy address is located 0 bytes inside of [ 26.867261] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.868191] [ 26.868448] The buggy address belongs to the physical page: [ 26.868873] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.869918] flags: 0x200000000000000(node=0|zone=2) [ 26.870928] page_type: f5(slab) [ 26.871305] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.872210] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.872839] page dumped because: kasan: bad access detected [ 26.873673] [ 26.873904] Memory state around the buggy address: [ 26.874697] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.875453] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.876170] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.876910] ^ [ 26.877727] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.878493] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.879283] ================================================================== [ 26.924599] ================================================================== [ 26.925008] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 26.926762] Read of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.927570] [ 26.928391] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.928467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.928489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.928522] Call Trace: [ 26.928550] <TASK> [ 26.928577] dump_stack_lvl+0x73/0xb0 [ 26.928622] print_report+0xd1/0x650 [ 26.928664] ? __virt_addr_valid+0x1db/0x2d0 [ 26.928701] ? copy_user_test_oob+0x604/0x10f0 [ 26.928734] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.928772] ? copy_user_test_oob+0x604/0x10f0 [ 26.928805] kasan_report+0x141/0x180 [ 26.928843] ? copy_user_test_oob+0x604/0x10f0 [ 26.928883] kasan_check_range+0x10c/0x1c0 [ 26.928918] __kasan_check_read+0x15/0x20 [ 26.928950] copy_user_test_oob+0x604/0x10f0 [ 26.928987] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.929020] ? finish_task_switch.isra.0+0x153/0x700 [ 26.929086] ? __switch_to+0x5d9/0xf60 [ 26.929125] ? dequeue_task_fair+0x166/0x4e0 [ 26.929167] ? __schedule+0x10cc/0x2b60 [ 26.929209] ? __pfx_read_tsc+0x10/0x10 [ 26.929245] ? ktime_get_ts64+0x86/0x230 [ 26.929287] kunit_try_run_case+0x1a5/0x480 [ 26.929355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.929396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.929435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.929474] ? __kthread_parkme+0x82/0x180 [ 26.929510] ? preempt_count_sub+0x50/0x80 [ 26.929549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.929589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.929627] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.929667] kthread+0x337/0x6f0 [ 26.929695] ? trace_preempt_on+0x20/0xc0 [ 26.929736] ? __pfx_kthread+0x10/0x10 [ 26.929765] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.929799] ? calculate_sigpending+0x7b/0xa0 [ 26.929835] ? __pfx_kthread+0x10/0x10 [ 26.929865] ret_from_fork+0x41/0x80 [ 26.929902] ? __pfx_kthread+0x10/0x10 [ 26.929931] ret_from_fork_asm+0x1a/0x30 [ 26.929978] </TASK> [ 26.929996] [ 26.950308] Allocated by task 305: [ 26.950703] kasan_save_stack+0x45/0x70 [ 26.951093] kasan_save_track+0x18/0x40 [ 26.951568] kasan_save_alloc_info+0x3b/0x50 [ 26.951928] __kasan_kmalloc+0xb7/0xc0 [ 26.952384] __kmalloc_noprof+0x1c9/0x500 [ 26.953081] kunit_kmalloc_array+0x25/0x60 [ 26.953673] copy_user_test_oob+0xab/0x10f0 [ 26.954153] kunit_try_run_case+0x1a5/0x480 [ 26.954683] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.955378] kthread+0x337/0x6f0 [ 26.955860] ret_from_fork+0x41/0x80 [ 26.956367] ret_from_fork_asm+0x1a/0x30 [ 26.956851] [ 26.957140] The buggy address belongs to the object at ffff888102ed7700 [ 26.957140] which belongs to the cache kmalloc-128 of size 128 [ 26.958322] The buggy address is located 0 bytes inside of [ 26.958322] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.959462] [ 26.959713] The buggy address belongs to the physical page: [ 26.960423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.961251] flags: 0x200000000000000(node=0|zone=2) [ 26.961788] page_type: f5(slab) [ 26.962277] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.963019] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.963864] page dumped because: kasan: bad access detected [ 26.964685] [ 26.964782] Memory state around the buggy address: [ 26.964957] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.965580] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.966343] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.967015] ^ [ 26.967787] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.968732] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.969505] ================================================================== [ 26.785394] ================================================================== [ 26.786000] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 26.787107] Write of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.787849] [ 26.788086] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.789165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.789202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.789262] Call Trace: [ 26.789330] <TASK> [ 26.789387] dump_stack_lvl+0x73/0xb0 [ 26.789475] print_report+0xd1/0x650 [ 26.789556] ? __virt_addr_valid+0x1db/0x2d0 [ 26.789631] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.789701] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.789775] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.789843] kasan_report+0x141/0x180 [ 26.789918] ? copy_user_test_oob+0x3fd/0x10f0 [ 26.789999] kasan_check_range+0x10c/0x1c0 [ 26.790099] __kasan_check_write+0x18/0x20 [ 26.790164] copy_user_test_oob+0x3fd/0x10f0 [ 26.790226] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.790284] ? finish_task_switch.isra.0+0x153/0x700 [ 26.790372] ? __switch_to+0x5d9/0xf60 [ 26.790431] ? dequeue_task_fair+0x166/0x4e0 [ 26.790496] ? __schedule+0x10cc/0x2b60 [ 26.790562] ? __pfx_read_tsc+0x10/0x10 [ 26.790616] ? ktime_get_ts64+0x86/0x230 [ 26.790685] kunit_try_run_case+0x1a5/0x480 [ 26.790758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.790823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.790895] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.790968] ? __kthread_parkme+0x82/0x180 [ 26.791044] ? preempt_count_sub+0x50/0x80 [ 26.791129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.791207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.791278] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.791383] kthread+0x337/0x6f0 [ 26.791435] ? trace_preempt_on+0x20/0xc0 [ 26.791509] ? __pfx_kthread+0x10/0x10 [ 26.791563] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.791622] ? calculate_sigpending+0x7b/0xa0 [ 26.791681] ? __pfx_kthread+0x10/0x10 [ 26.791730] ret_from_fork+0x41/0x80 [ 26.791787] ? __pfx_kthread+0x10/0x10 [ 26.791836] ret_from_fork_asm+0x1a/0x30 [ 26.791926] </TASK> [ 26.791957] [ 26.814590] Allocated by task 305: [ 26.815007] kasan_save_stack+0x45/0x70 [ 26.816102] kasan_save_track+0x18/0x40 [ 26.816676] kasan_save_alloc_info+0x3b/0x50 [ 26.817059] __kasan_kmalloc+0xb7/0xc0 [ 26.817484] __kmalloc_noprof+0x1c9/0x500 [ 26.817865] kunit_kmalloc_array+0x25/0x60 [ 26.818891] copy_user_test_oob+0xab/0x10f0 [ 26.819320] kunit_try_run_case+0x1a5/0x480 [ 26.819870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.820594] kthread+0x337/0x6f0 [ 26.821341] ret_from_fork+0x41/0x80 [ 26.821847] ret_from_fork_asm+0x1a/0x30 [ 26.822239] [ 26.822675] The buggy address belongs to the object at ffff888102ed7700 [ 26.822675] which belongs to the cache kmalloc-128 of size 128 [ 26.823758] The buggy address is located 0 bytes inside of [ 26.823758] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.825123] [ 26.825545] The buggy address belongs to the physical page: [ 26.826141] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.826587] flags: 0x200000000000000(node=0|zone=2) [ 26.827231] page_type: f5(slab) [ 26.827630] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.828465] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.829229] page dumped because: kasan: bad access detected [ 26.829675] [ 26.830126] Memory state around the buggy address: [ 26.830665] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.831317] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.832211] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.832861] ^ [ 26.833652] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.834559] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.835311] ================================================================== [ 26.880280] ================================================================== [ 26.880835] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 26.882169] Write of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.883875] [ 26.884539] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.884816] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.884852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.884886] Call Trace: [ 26.884915] <TASK> [ 26.884942] dump_stack_lvl+0x73/0xb0 [ 26.884989] print_report+0xd1/0x650 [ 26.885031] ? __virt_addr_valid+0x1db/0x2d0 [ 26.885110] ? copy_user_test_oob+0x557/0x10f0 [ 26.885148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.885187] ? copy_user_test_oob+0x557/0x10f0 [ 26.885220] kasan_report+0x141/0x180 [ 26.885256] ? copy_user_test_oob+0x557/0x10f0 [ 26.885319] kasan_check_range+0x10c/0x1c0 [ 26.885359] __kasan_check_write+0x18/0x20 [ 26.885393] copy_user_test_oob+0x557/0x10f0 [ 26.885429] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.885460] ? finish_task_switch.isra.0+0x153/0x700 [ 26.885501] ? __switch_to+0x5d9/0xf60 [ 26.885534] ? dequeue_task_fair+0x166/0x4e0 [ 26.885572] ? __schedule+0x10cc/0x2b60 [ 26.885610] ? __pfx_read_tsc+0x10/0x10 [ 26.885646] ? ktime_get_ts64+0x86/0x230 [ 26.885694] kunit_try_run_case+0x1a5/0x480 [ 26.885738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.885776] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.885817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.885857] ? __kthread_parkme+0x82/0x180 [ 26.885894] ? preempt_count_sub+0x50/0x80 [ 26.885934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.885974] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.886013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.886063] kthread+0x337/0x6f0 [ 26.886110] ? trace_preempt_on+0x20/0xc0 [ 26.886150] ? __pfx_kthread+0x10/0x10 [ 26.886180] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.886215] ? calculate_sigpending+0x7b/0xa0 [ 26.886251] ? __pfx_kthread+0x10/0x10 [ 26.886279] ret_from_fork+0x41/0x80 [ 26.886340] ? __pfx_kthread+0x10/0x10 [ 26.886371] ret_from_fork_asm+0x1a/0x30 [ 26.886420] </TASK> [ 26.886438] [ 26.901625] Allocated by task 305: [ 26.902109] kasan_save_stack+0x45/0x70 [ 26.902604] kasan_save_track+0x18/0x40 [ 26.903078] kasan_save_alloc_info+0x3b/0x50 [ 26.903552] __kasan_kmalloc+0xb7/0xc0 [ 26.904009] __kmalloc_noprof+0x1c9/0x500 [ 26.904498] kunit_kmalloc_array+0x25/0x60 [ 26.904833] copy_user_test_oob+0xab/0x10f0 [ 26.905207] kunit_try_run_case+0x1a5/0x480 [ 26.905927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.906564] kthread+0x337/0x6f0 [ 26.906957] ret_from_fork+0x41/0x80 [ 26.907412] ret_from_fork_asm+0x1a/0x30 [ 26.907837] [ 26.908046] The buggy address belongs to the object at ffff888102ed7700 [ 26.908046] which belongs to the cache kmalloc-128 of size 128 [ 26.909441] The buggy address is located 0 bytes inside of [ 26.909441] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.910554] [ 26.910784] The buggy address belongs to the physical page: [ 26.911188] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.911936] flags: 0x200000000000000(node=0|zone=2) [ 26.913854] page_type: f5(slab) [ 26.915087] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.915778] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.916602] page dumped because: kasan: bad access detected [ 26.917354] [ 26.917740] Memory state around the buggy address: [ 26.918348] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.919263] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.920011] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.920746] ^ [ 26.921447] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.922322] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.923012] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 26.737897] ================================================================== [ 26.738697] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 26.739363] Read of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.739969] [ 26.740224] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.740323] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.740348] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.740382] Call Trace: [ 26.740409] <TASK> [ 26.740436] dump_stack_lvl+0x73/0xb0 [ 26.740483] print_report+0xd1/0x650 [ 26.740526] ? __virt_addr_valid+0x1db/0x2d0 [ 26.740562] ? _copy_to_user+0x4a/0x70 [ 26.740594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.740633] ? _copy_to_user+0x4a/0x70 [ 26.740663] kasan_report+0x141/0x180 [ 26.740701] ? _copy_to_user+0x4a/0x70 [ 26.740738] kasan_check_range+0x10c/0x1c0 [ 26.740772] __kasan_check_read+0x15/0x20 [ 26.740809] _copy_to_user+0x4a/0x70 [ 26.740841] copy_user_test_oob+0x364/0x10f0 [ 26.740877] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.740909] ? finish_task_switch.isra.0+0x153/0x700 [ 26.740948] ? __switch_to+0x5d9/0xf60 [ 26.740981] ? dequeue_task_fair+0x166/0x4e0 [ 26.741019] ? __schedule+0x10cc/0x2b60 [ 26.741083] ? __pfx_read_tsc+0x10/0x10 [ 26.741124] ? ktime_get_ts64+0x86/0x230 [ 26.741165] kunit_try_run_case+0x1a5/0x480 [ 26.741207] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.741245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.741283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.741454] ? __kthread_parkme+0x82/0x180 [ 26.741531] ? preempt_count_sub+0x50/0x80 [ 26.741616] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.741698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.741781] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.741864] kthread+0x337/0x6f0 [ 26.741936] ? trace_preempt_on+0x20/0xc0 [ 26.742021] ? __pfx_kthread+0x10/0x10 [ 26.742180] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.742257] ? calculate_sigpending+0x7b/0xa0 [ 26.742359] ? __pfx_kthread+0x10/0x10 [ 26.742431] ret_from_fork+0x41/0x80 [ 26.742504] ? __pfx_kthread+0x10/0x10 [ 26.742572] ret_from_fork_asm+0x1a/0x30 [ 26.742670] </TASK> [ 26.742710] [ 26.758449] Allocated by task 305: [ 26.758876] kasan_save_stack+0x45/0x70 [ 26.759445] kasan_save_track+0x18/0x40 [ 26.759886] kasan_save_alloc_info+0x3b/0x50 [ 26.760363] __kasan_kmalloc+0xb7/0xc0 [ 26.760681] __kmalloc_noprof+0x1c9/0x500 [ 26.761098] kunit_kmalloc_array+0x25/0x60 [ 26.761584] copy_user_test_oob+0xab/0x10f0 [ 26.762082] kunit_try_run_case+0x1a5/0x480 [ 26.762560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.763089] kthread+0x337/0x6f0 [ 26.763544] ret_from_fork+0x41/0x80 [ 26.763926] ret_from_fork_asm+0x1a/0x30 [ 26.764413] [ 26.764665] The buggy address belongs to the object at ffff888102ed7700 [ 26.764665] which belongs to the cache kmalloc-128 of size 128 [ 26.765555] The buggy address is located 0 bytes inside of [ 26.765555] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.766495] [ 26.766701] The buggy address belongs to the physical page: [ 26.767345] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.768187] flags: 0x200000000000000(node=0|zone=2) [ 26.768625] page_type: f5(slab) [ 26.768935] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.769579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.770382] page dumped because: kasan: bad access detected [ 26.770913] [ 26.771199] Memory state around the buggy address: [ 26.771730] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.773325] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.773877] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.775502] ^ [ 26.776604] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.777363] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.778089] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 26.688710] ================================================================== [ 26.689758] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 26.690423] Write of size 121 at addr ffff888102ed7700 by task kunit_try_catch/305 [ 26.691066] [ 26.691385] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.691554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.691598] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.691662] Call Trace: [ 26.691729] <TASK> [ 26.691817] dump_stack_lvl+0x73/0xb0 [ 26.691932] print_report+0xd1/0x650 [ 26.692017] ? __virt_addr_valid+0x1db/0x2d0 [ 26.692119] ? _copy_from_user+0x32/0x90 [ 26.692224] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.692324] ? _copy_from_user+0x32/0x90 [ 26.692400] kasan_report+0x141/0x180 [ 26.692504] ? _copy_from_user+0x32/0x90 [ 26.692621] kasan_check_range+0x10c/0x1c0 [ 26.692694] __kasan_check_write+0x18/0x20 [ 26.692729] _copy_from_user+0x32/0x90 [ 26.692762] copy_user_test_oob+0x2be/0x10f0 [ 26.692808] ? __pfx_copy_user_test_oob+0x10/0x10 [ 26.692873] ? finish_task_switch.isra.0+0x153/0x700 [ 26.692954] ? __switch_to+0x5d9/0xf60 [ 26.693030] ? dequeue_task_fair+0x166/0x4e0 [ 26.693134] ? __schedule+0x10cc/0x2b60 [ 26.693251] ? __pfx_read_tsc+0x10/0x10 [ 26.693343] ? ktime_get_ts64+0x86/0x230 [ 26.693460] kunit_try_run_case+0x1a5/0x480 [ 26.693576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.693651] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.693701] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.693740] ? __kthread_parkme+0x82/0x180 [ 26.693777] ? preempt_count_sub+0x50/0x80 [ 26.693816] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.693852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.693891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.693927] kthread+0x337/0x6f0 [ 26.693954] ? trace_preempt_on+0x20/0xc0 [ 26.693996] ? __pfx_kthread+0x10/0x10 [ 26.694025] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.694090] ? calculate_sigpending+0x7b/0xa0 [ 26.694129] ? __pfx_kthread+0x10/0x10 [ 26.694157] ret_from_fork+0x41/0x80 [ 26.694192] ? __pfx_kthread+0x10/0x10 [ 26.694222] ret_from_fork_asm+0x1a/0x30 [ 26.694268] </TASK> [ 26.694286] [ 26.712648] Allocated by task 305: [ 26.713319] kasan_save_stack+0x45/0x70 [ 26.713768] kasan_save_track+0x18/0x40 [ 26.714392] kasan_save_alloc_info+0x3b/0x50 [ 26.714881] __kasan_kmalloc+0xb7/0xc0 [ 26.715446] __kmalloc_noprof+0x1c9/0x500 [ 26.715898] kunit_kmalloc_array+0x25/0x60 [ 26.716504] copy_user_test_oob+0xab/0x10f0 [ 26.716938] kunit_try_run_case+0x1a5/0x480 [ 26.717448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.718130] kthread+0x337/0x6f0 [ 26.718499] ret_from_fork+0x41/0x80 [ 26.719116] ret_from_fork_asm+0x1a/0x30 [ 26.719570] [ 26.719903] The buggy address belongs to the object at ffff888102ed7700 [ 26.719903] which belongs to the cache kmalloc-128 of size 128 [ 26.720962] The buggy address is located 0 bytes inside of [ 26.720962] allocated 120-byte region [ffff888102ed7700, ffff888102ed7778) [ 26.722021] [ 26.722447] The buggy address belongs to the physical page: [ 26.723008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 26.723612] flags: 0x200000000000000(node=0|zone=2) [ 26.724089] page_type: f5(slab) [ 26.724589] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.725650] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.726392] page dumped because: kasan: bad access detected [ 26.726958] [ 26.727180] Memory state around the buggy address: [ 26.727784] ffff888102ed7600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.728701] ffff888102ed7680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.729897] >ffff888102ed7700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.730785] ^ [ 26.731359] ffff888102ed7780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.732026] ffff888102ed7800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.732623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 26.571839] ================================================================== [ 26.572972] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 26.573615] Read of size 8 at addr ffff8881030b5978 by task kunit_try_catch/301 [ 26.574211] [ 26.575499] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.575634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.575680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.575743] Call Trace: [ 26.575791] <TASK> [ 26.575849] dump_stack_lvl+0x73/0xb0 [ 26.575964] print_report+0xd1/0x650 [ 26.576068] ? __virt_addr_valid+0x1db/0x2d0 [ 26.576176] ? copy_to_kernel_nofault+0x225/0x260 [ 26.576281] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.576354] ? copy_to_kernel_nofault+0x225/0x260 [ 26.576390] kasan_report+0x141/0x180 [ 26.576429] ? copy_to_kernel_nofault+0x225/0x260 [ 26.576469] __asan_report_load8_noabort+0x18/0x20 [ 26.576503] copy_to_kernel_nofault+0x225/0x260 [ 26.576538] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 26.576578] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.576615] ? finish_task_switch.isra.0+0x153/0x700 [ 26.576656] ? __schedule+0x10cc/0x2b60 [ 26.576692] ? trace_hardirqs_on+0x37/0xe0 [ 26.576741] ? __pfx_read_tsc+0x10/0x10 [ 26.576774] ? ktime_get_ts64+0x86/0x230 [ 26.576817] kunit_try_run_case+0x1a5/0x480 [ 26.576856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.576891] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.576929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.577017] ? __kthread_parkme+0x82/0x180 [ 26.577108] ? preempt_count_sub+0x50/0x80 [ 26.577152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.577192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.577230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.577269] kthread+0x337/0x6f0 [ 26.577321] ? trace_preempt_on+0x20/0xc0 [ 26.577364] ? __pfx_kthread+0x10/0x10 [ 26.577394] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.577429] ? calculate_sigpending+0x7b/0xa0 [ 26.577464] ? __pfx_kthread+0x10/0x10 [ 26.577492] ret_from_fork+0x41/0x80 [ 26.577527] ? __pfx_kthread+0x10/0x10 [ 26.577555] ret_from_fork_asm+0x1a/0x30 [ 26.577602] </TASK> [ 26.577620] [ 26.599602] Allocated by task 301: [ 26.599940] kasan_save_stack+0x45/0x70 [ 26.601131] kasan_save_track+0x18/0x40 [ 26.601971] kasan_save_alloc_info+0x3b/0x50 [ 26.602353] __kasan_kmalloc+0xb7/0xc0 [ 26.602752] __kmalloc_cache_noprof+0x189/0x420 [ 26.603190] copy_to_kernel_nofault_oob+0x12f/0x560 [ 26.603681] kunit_try_run_case+0x1a5/0x480 [ 26.604375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.604843] kthread+0x337/0x6f0 [ 26.605436] ret_from_fork+0x41/0x80 [ 26.605774] ret_from_fork_asm+0x1a/0x30 [ 26.606362] [ 26.606764] The buggy address belongs to the object at ffff8881030b5900 [ 26.606764] which belongs to the cache kmalloc-128 of size 128 [ 26.607778] The buggy address is located 0 bytes to the right of [ 26.607778] allocated 120-byte region [ffff8881030b5900, ffff8881030b5978) [ 26.608711] [ 26.608950] The buggy address belongs to the physical page: [ 26.609515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030b5 [ 26.610059] flags: 0x200000000000000(node=0|zone=2) [ 26.610756] page_type: f5(slab) [ 26.611243] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.611806] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.612805] page dumped because: kasan: bad access detected [ 26.613398] [ 26.613625] Memory state around the buggy address: [ 26.614140] ffff8881030b5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.614758] ffff8881030b5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.615383] >ffff8881030b5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.615930] ^ [ 26.616419] ffff8881030b5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.617210] ffff8881030b5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.617946] ================================================================== [ 26.619729] ================================================================== [ 26.620394] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 26.621012] Write of size 8 at addr ffff8881030b5978 by task kunit_try_catch/301 [ 26.621663] [ 26.621946] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.622085] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.622127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.622188] Call Trace: [ 26.622232] <TASK> [ 26.622285] dump_stack_lvl+0x73/0xb0 [ 26.623537] print_report+0xd1/0x650 [ 26.623626] ? __virt_addr_valid+0x1db/0x2d0 [ 26.623706] ? copy_to_kernel_nofault+0x99/0x260 [ 26.623784] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.623869] ? copy_to_kernel_nofault+0x99/0x260 [ 26.623962] kasan_report+0x141/0x180 [ 26.624047] ? copy_to_kernel_nofault+0x99/0x260 [ 26.624135] kasan_check_range+0x10c/0x1c0 [ 26.624212] __kasan_check_write+0x18/0x20 [ 26.624308] copy_to_kernel_nofault+0x99/0x260 [ 26.624394] copy_to_kernel_nofault_oob+0x288/0x560 [ 26.625230] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 26.625274] ? finish_task_switch.isra.0+0x153/0x700 [ 26.625348] ? __schedule+0x10cc/0x2b60 [ 26.625389] ? trace_hardirqs_on+0x37/0xe0 [ 26.625440] ? __pfx_read_tsc+0x10/0x10 [ 26.625475] ? ktime_get_ts64+0x86/0x230 [ 26.625517] kunit_try_run_case+0x1a5/0x480 [ 26.625558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.625636] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.625674] ? __kthread_parkme+0x82/0x180 [ 26.625710] ? preempt_count_sub+0x50/0x80 [ 26.625748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.625787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.625825] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.625864] kthread+0x337/0x6f0 [ 26.625891] ? trace_preempt_on+0x20/0xc0 [ 26.625929] ? __pfx_kthread+0x10/0x10 [ 26.626025] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.626111] ? calculate_sigpending+0x7b/0xa0 [ 26.626153] ? __pfx_kthread+0x10/0x10 [ 26.626185] ret_from_fork+0x41/0x80 [ 26.626223] ? __pfx_kthread+0x10/0x10 [ 26.626254] ret_from_fork_asm+0x1a/0x30 [ 26.626324] </TASK> [ 26.626345] [ 26.643005] Allocated by task 301: [ 26.643368] kasan_save_stack+0x45/0x70 [ 26.643712] kasan_save_track+0x18/0x40 [ 26.644053] kasan_save_alloc_info+0x3b/0x50 [ 26.644584] __kasan_kmalloc+0xb7/0xc0 [ 26.645459] __kmalloc_cache_noprof+0x189/0x420 [ 26.646601] copy_to_kernel_nofault_oob+0x12f/0x560 [ 26.647506] kunit_try_run_case+0x1a5/0x480 [ 26.648625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.649732] kthread+0x337/0x6f0 [ 26.650428] ret_from_fork+0x41/0x80 [ 26.650749] ret_from_fork_asm+0x1a/0x30 [ 26.651807] [ 26.652245] The buggy address belongs to the object at ffff8881030b5900 [ 26.652245] which belongs to the cache kmalloc-128 of size 128 [ 26.655023] The buggy address is located 0 bytes to the right of [ 26.655023] allocated 120-byte region [ffff8881030b5900, ffff8881030b5978) [ 26.656486] [ 26.656656] The buggy address belongs to the physical page: [ 26.657028] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030b5 [ 26.657674] flags: 0x200000000000000(node=0|zone=2) [ 26.658356] page_type: f5(slab) [ 26.658729] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 26.659428] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 26.659907] page dumped because: kasan: bad access detected [ 26.660436] [ 26.660828] Memory state around the buggy address: [ 26.661497] ffff8881030b5800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 26.662404] ffff8881030b5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.663134] >ffff8881030b5900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 26.663805] ^ [ 26.664653] ffff8881030b5980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.665143] ffff8881030b5a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.665838] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-kmalloc_oob_right
[ 17.704591] ================================================================== [ 17.706681] BUG: KFENCE: memory corruption in kmalloc_oob_right+0x340/0x7f0 [ 17.706681] [ 17.707603] Corrupted memory at 0x(____ptrval____) [ ! . . . . ! . . . . . . . ] (in kfence-#60): [ 17.709507] kmalloc_oob_right+0x340/0x7f0 [ 17.709964] kunit_try_run_case+0x1a5/0x480 [ 17.710487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.710990] kthread+0x337/0x6f0 [ 17.711470] ret_from_fork+0x41/0x80 [ 17.711774] ret_from_fork_asm+0x1a/0x30 [ 17.712254] [ 17.712472] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=115, cache=kmalloc-128 [ 17.712472] [ 17.713356] allocated by task 156 on cpu 0 at 17.675691s (0.037659s ago): [ 17.714007] kmalloc_oob_right+0xa9/0x7f0 [ 17.714474] kunit_try_run_case+0x1a5/0x480 [ 17.714967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.715531] kthread+0x337/0x6f0 [ 17.715893] ret_from_fork+0x41/0x80 [ 17.716200] ret_from_fork_asm+0x1a/0x30 [ 17.716918] [ 17.717556] freed by task 156 on cpu 0 at 17.704389s (0.012998s ago): [ 17.718299] kmalloc_oob_right+0x340/0x7f0 [ 17.718637] kunit_try_run_case+0x1a5/0x480 [ 17.719092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.719574] kthread+0x337/0x6f0 [ 17.719825] ret_from_fork+0x41/0x80 [ 17.722486] ret_from_fork_asm+0x1a/0x30 [ 17.723592] [ 17.724050] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.725119] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.725913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.727018] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-kmalloc_oob_right
[ 17.681645] ================================================================== [ 17.683526] BUG: KFENCE: out-of-bounds read in kmalloc_oob_right+0x2ed/0x7f0 [ 17.683526] [ 17.685208] Out-of-bounds read at 0x(____ptrval____) (128B right of kfence-#60): [ 17.686930] kmalloc_oob_right+0x2ed/0x7f0 [ 17.687585] kunit_try_run_case+0x1a5/0x480 [ 17.688140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.688775] kthread+0x337/0x6f0 [ 17.689348] ret_from_fork+0x41/0x80 [ 17.689730] ret_from_fork_asm+0x1a/0x30 [ 17.690149] [ 17.690693] kfence-#60: 0x(____ptrval____)-0x(____ptrval____), size=115, cache=kmalloc-128 [ 17.690693] [ 17.692122] allocated by task 156 on cpu 0 at 17.675691s (0.016314s ago): [ 17.693483] kmalloc_oob_right+0xa9/0x7f0 [ 17.693892] kunit_try_run_case+0x1a5/0x480 [ 17.694555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694987] kthread+0x337/0x6f0 [ 17.695670] ret_from_fork+0x41/0x80 [ 17.695998] ret_from_fork_asm+0x1a/0x30 [ 17.696980] [ 17.698581] CPU: 0 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.699853] Tainted: [N]=TEST [ 17.700204] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.701552] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 24.778703] ================================================================== [ 24.779439] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 24.780276] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.780986] [ 24.781395] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.781533] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.781578] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.781640] Call Trace: [ 24.781824] <TASK> [ 24.781910] dump_stack_lvl+0x73/0xb0 [ 24.782003] print_report+0xd1/0x650 [ 24.782187] ? __virt_addr_valid+0x1db/0x2d0 [ 24.782313] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.782398] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.782481] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.782637] kasan_report+0x141/0x180 [ 24.782753] ? kasan_atomics_helper+0x4a1c/0x5450 [ 24.782822] __asan_report_load4_noabort+0x18/0x20 [ 24.782860] kasan_atomics_helper+0x4a1c/0x5450 [ 24.782897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.782934] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.782971] ? kasan_atomics+0x152/0x310 [ 24.783006] kasan_atomics+0x1dc/0x310 [ 24.783059] ? __pfx_kasan_atomics+0x10/0x10 [ 24.783117] ? __pfx_read_tsc+0x10/0x10 [ 24.783155] ? ktime_get_ts64+0x86/0x230 [ 24.783196] kunit_try_run_case+0x1a5/0x480 [ 24.783236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.783271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.783336] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.783378] ? __kthread_parkme+0x82/0x180 [ 24.783413] ? preempt_count_sub+0x50/0x80 [ 24.783450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.783487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.783523] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.783559] kthread+0x337/0x6f0 [ 24.783585] ? trace_preempt_on+0x20/0xc0 [ 24.783623] ? __pfx_kthread+0x10/0x10 [ 24.783651] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.783685] ? calculate_sigpending+0x7b/0xa0 [ 24.783717] ? __pfx_kthread+0x10/0x10 [ 24.783745] ret_from_fork+0x41/0x80 [ 24.783780] ? __pfx_kthread+0x10/0x10 [ 24.783809] ret_from_fork_asm+0x1a/0x30 [ 24.783856] </TASK> [ 24.783874] [ 24.798433] Allocated by task 285: [ 24.798931] kasan_save_stack+0x45/0x70 [ 24.799546] kasan_save_track+0x18/0x40 [ 24.799986] kasan_save_alloc_info+0x3b/0x50 [ 24.800520] __kasan_kmalloc+0xb7/0xc0 [ 24.800979] __kmalloc_cache_noprof+0x189/0x420 [ 24.801517] kasan_atomics+0x95/0x310 [ 24.801929] kunit_try_run_case+0x1a5/0x480 [ 24.802589] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.802982] kthread+0x337/0x6f0 [ 24.803395] ret_from_fork+0x41/0x80 [ 24.803821] ret_from_fork_asm+0x1a/0x30 [ 24.804511] [ 24.804735] The buggy address belongs to the object at ffff888102ef1180 [ 24.804735] which belongs to the cache kmalloc-64 of size 64 [ 24.805584] The buggy address is located 0 bytes to the right of [ 24.805584] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.806735] [ 24.806984] The buggy address belongs to the physical page: [ 24.807637] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.808415] flags: 0x200000000000000(node=0|zone=2) [ 24.808780] page_type: f5(slab) [ 24.809073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.809681] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.810750] page dumped because: kasan: bad access detected [ 24.811490] [ 24.811757] Memory state around the buggy address: [ 24.812400] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.813074] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.813722] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.814172] ^ [ 24.814539] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.814977] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.815638] ================================================================== [ 25.316147] ================================================================== [ 25.316715] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 25.317555] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.318192] [ 25.318407] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.318480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.318501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.318536] Call Trace: [ 25.318561] <TASK> [ 25.318589] dump_stack_lvl+0x73/0xb0 [ 25.318635] print_report+0xd1/0x650 [ 25.318675] ? __virt_addr_valid+0x1db/0x2d0 [ 25.318710] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.318746] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.318784] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.318819] kasan_report+0x141/0x180 [ 25.318856] ? kasan_atomics_helper+0x15b6/0x5450 [ 25.318900] kasan_check_range+0x10c/0x1c0 [ 25.318932] __kasan_check_write+0x18/0x20 [ 25.318964] kasan_atomics_helper+0x15b6/0x5450 [ 25.319000] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.319044] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.320276] ? kasan_atomics+0x152/0x310 [ 25.320373] kasan_atomics+0x1dc/0x310 [ 25.320447] ? __pfx_kasan_atomics+0x10/0x10 [ 25.320520] ? __pfx_read_tsc+0x10/0x10 [ 25.320599] ? ktime_get_ts64+0x86/0x230 [ 25.320680] kunit_try_run_case+0x1a5/0x480 [ 25.320762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.320839] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.320925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.321001] ? __kthread_parkme+0x82/0x180 [ 25.321081] ? preempt_count_sub+0x50/0x80 [ 25.321170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.321251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.321342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.321385] kthread+0x337/0x6f0 [ 25.321417] ? trace_preempt_on+0x20/0xc0 [ 25.321458] ? __pfx_kthread+0x10/0x10 [ 25.321489] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.321524] ? calculate_sigpending+0x7b/0xa0 [ 25.321562] ? __pfx_kthread+0x10/0x10 [ 25.321592] ret_from_fork+0x41/0x80 [ 25.321630] ? __pfx_kthread+0x10/0x10 [ 25.321662] ret_from_fork_asm+0x1a/0x30 [ 25.321709] </TASK> [ 25.321727] [ 25.343090] Allocated by task 285: [ 25.343553] kasan_save_stack+0x45/0x70 [ 25.344105] kasan_save_track+0x18/0x40 [ 25.344491] kasan_save_alloc_info+0x3b/0x50 [ 25.344952] __kasan_kmalloc+0xb7/0xc0 [ 25.345352] __kmalloc_cache_noprof+0x189/0x420 [ 25.345713] kasan_atomics+0x95/0x310 [ 25.346091] kunit_try_run_case+0x1a5/0x480 [ 25.346775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.347903] kthread+0x337/0x6f0 [ 25.348313] ret_from_fork+0x41/0x80 [ 25.348671] ret_from_fork_asm+0x1a/0x30 [ 25.349065] [ 25.350028] The buggy address belongs to the object at ffff888102ef1180 [ 25.350028] which belongs to the cache kmalloc-64 of size 64 [ 25.351305] The buggy address is located 0 bytes to the right of [ 25.351305] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.352808] [ 25.353058] The buggy address belongs to the physical page: [ 25.353545] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.354137] flags: 0x200000000000000(node=0|zone=2) [ 25.355138] page_type: f5(slab) [ 25.355826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.356708] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.357639] page dumped because: kasan: bad access detected [ 25.358264] [ 25.358520] Memory state around the buggy address: [ 25.359141] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.359739] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.360760] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.361225] ^ [ 25.361567] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.362550] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.363083] ================================================================== [ 24.513148] ================================================================== [ 24.513860] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 24.514509] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.515203] [ 24.515521] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.515691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.515735] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.515827] Call Trace: [ 24.515894] <TASK> [ 24.515980] dump_stack_lvl+0x73/0xb0 [ 24.516121] print_report+0xd1/0x650 [ 24.516208] ? __virt_addr_valid+0x1db/0x2d0 [ 24.516286] ? kasan_atomics_helper+0xde0/0x5450 [ 24.516384] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.516463] ? kasan_atomics_helper+0xde0/0x5450 [ 24.516539] kasan_report+0x141/0x180 [ 24.516619] ? kasan_atomics_helper+0xde0/0x5450 [ 24.516708] kasan_check_range+0x10c/0x1c0 [ 24.516783] __kasan_check_write+0x18/0x20 [ 24.516858] kasan_atomics_helper+0xde0/0x5450 [ 24.516901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.516942] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.516981] ? kasan_atomics+0x152/0x310 [ 24.517018] kasan_atomics+0x1dc/0x310 [ 24.517091] ? __pfx_kasan_atomics+0x10/0x10 [ 24.517133] ? __pfx_read_tsc+0x10/0x10 [ 24.517172] ? ktime_get_ts64+0x86/0x230 [ 24.517215] kunit_try_run_case+0x1a5/0x480 [ 24.517258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.517321] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.517369] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.517410] ? __kthread_parkme+0x82/0x180 [ 24.517447] ? preempt_count_sub+0x50/0x80 [ 24.517487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.517527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.517565] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.517603] kthread+0x337/0x6f0 [ 24.517631] ? trace_preempt_on+0x20/0xc0 [ 24.517671] ? __pfx_kthread+0x10/0x10 [ 24.517701] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.517738] ? calculate_sigpending+0x7b/0xa0 [ 24.517773] ? __pfx_kthread+0x10/0x10 [ 24.517803] ret_from_fork+0x41/0x80 [ 24.517839] ? __pfx_kthread+0x10/0x10 [ 24.517871] ret_from_fork_asm+0x1a/0x30 [ 24.517919] </TASK> [ 24.517939] [ 24.537090] Allocated by task 285: [ 24.537788] kasan_save_stack+0x45/0x70 [ 24.538459] kasan_save_track+0x18/0x40 [ 24.538788] kasan_save_alloc_info+0x3b/0x50 [ 24.539426] __kasan_kmalloc+0xb7/0xc0 [ 24.539753] __kmalloc_cache_noprof+0x189/0x420 [ 24.540250] kasan_atomics+0x95/0x310 [ 24.540621] kunit_try_run_case+0x1a5/0x480 [ 24.540984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.541459] kthread+0x337/0x6f0 [ 24.541835] ret_from_fork+0x41/0x80 [ 24.542323] ret_from_fork_asm+0x1a/0x30 [ 24.542766] [ 24.543010] The buggy address belongs to the object at ffff888102ef1180 [ 24.543010] which belongs to the cache kmalloc-64 of size 64 [ 24.543969] The buggy address is located 0 bytes to the right of [ 24.543969] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.544962] [ 24.545264] The buggy address belongs to the physical page: [ 24.545783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.546500] flags: 0x200000000000000(node=0|zone=2) [ 24.546973] page_type: f5(slab) [ 24.547395] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.548106] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.548643] page dumped because: kasan: bad access detected [ 24.549203] [ 24.549468] Memory state around the buggy address: [ 24.549904] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.550468] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.551132] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.551703] ^ [ 24.552166] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.552806] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.553483] ================================================================== [ 25.232919] ================================================================== [ 25.233575] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 25.234237] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.234799] [ 25.235085] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.235221] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.235262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.235347] Call Trace: [ 25.235408] <TASK> [ 25.235474] dump_stack_lvl+0x73/0xb0 [ 25.235601] print_report+0xd1/0x650 [ 25.235688] ? __virt_addr_valid+0x1db/0x2d0 [ 25.235781] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.235873] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.235980] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.236086] kasan_report+0x141/0x180 [ 25.236188] ? kasan_atomics_helper+0x50d4/0x5450 [ 25.236289] __asan_report_store8_noabort+0x1b/0x30 [ 25.236579] kasan_atomics_helper+0x50d4/0x5450 [ 25.236684] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.236751] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.236796] ? kasan_atomics+0x152/0x310 [ 25.236833] kasan_atomics+0x1dc/0x310 [ 25.236867] ? __pfx_kasan_atomics+0x10/0x10 [ 25.236901] ? __pfx_read_tsc+0x10/0x10 [ 25.236939] ? ktime_get_ts64+0x86/0x230 [ 25.236982] kunit_try_run_case+0x1a5/0x480 [ 25.237022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.237088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.237136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.237174] ? __kthread_parkme+0x82/0x180 [ 25.237211] ? preempt_count_sub+0x50/0x80 [ 25.237252] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.237313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.237394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.237480] kthread+0x337/0x6f0 [ 25.237546] ? trace_preempt_on+0x20/0xc0 [ 25.237630] ? __pfx_kthread+0x10/0x10 [ 25.237697] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.237776] ? calculate_sigpending+0x7b/0xa0 [ 25.237859] ? __pfx_kthread+0x10/0x10 [ 25.237929] ret_from_fork+0x41/0x80 [ 25.238004] ? __pfx_kthread+0x10/0x10 [ 25.238094] ret_from_fork_asm+0x1a/0x30 [ 25.238151] </TASK> [ 25.238170] [ 25.253078] Allocated by task 285: [ 25.253494] kasan_save_stack+0x45/0x70 [ 25.253900] kasan_save_track+0x18/0x40 [ 25.254310] kasan_save_alloc_info+0x3b/0x50 [ 25.254897] __kasan_kmalloc+0xb7/0xc0 [ 25.255382] __kmalloc_cache_noprof+0x189/0x420 [ 25.255734] kasan_atomics+0x95/0x310 [ 25.256073] kunit_try_run_case+0x1a5/0x480 [ 25.256543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.257056] kthread+0x337/0x6f0 [ 25.257485] ret_from_fork+0x41/0x80 [ 25.258116] ret_from_fork_asm+0x1a/0x30 [ 25.258471] [ 25.258660] The buggy address belongs to the object at ffff888102ef1180 [ 25.258660] which belongs to the cache kmalloc-64 of size 64 [ 25.259841] The buggy address is located 0 bytes to the right of [ 25.259841] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.261023] [ 25.261376] The buggy address belongs to the physical page: [ 25.261770] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.262406] flags: 0x200000000000000(node=0|zone=2) [ 25.263061] page_type: f5(slab) [ 25.263428] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.263931] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.264584] page dumped because: kasan: bad access detected [ 25.265126] [ 25.265466] Memory state around the buggy address: [ 25.265925] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.266759] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.267226] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.267863] ^ [ 25.269138] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.269785] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.270436] ================================================================== [ 25.364245] ================================================================== [ 25.366031] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 25.366743] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.368184] [ 25.368675] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.368956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.368980] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.369014] Call Trace: [ 25.369055] <TASK> [ 25.369101] dump_stack_lvl+0x73/0xb0 [ 25.369155] print_report+0xd1/0x650 [ 25.369197] ? __virt_addr_valid+0x1db/0x2d0 [ 25.369238] ? kasan_atomics_helper+0x164f/0x5450 [ 25.369275] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.369342] ? kasan_atomics_helper+0x164f/0x5450 [ 25.369380] kasan_report+0x141/0x180 [ 25.369420] ? kasan_atomics_helper+0x164f/0x5450 [ 25.369464] kasan_check_range+0x10c/0x1c0 [ 25.369498] __kasan_check_write+0x18/0x20 [ 25.369531] kasan_atomics_helper+0x164f/0x5450 [ 25.369569] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.369605] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.369644] ? kasan_atomics+0x152/0x310 [ 25.369682] kasan_atomics+0x1dc/0x310 [ 25.369716] ? __pfx_kasan_atomics+0x10/0x10 [ 25.369752] ? __pfx_read_tsc+0x10/0x10 [ 25.369791] ? ktime_get_ts64+0x86/0x230 [ 25.369836] kunit_try_run_case+0x1a5/0x480 [ 25.369879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.369918] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.369960] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.369998] ? __kthread_parkme+0x82/0x180 [ 25.370039] ? preempt_count_sub+0x50/0x80 [ 25.370105] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.370148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.370188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.370226] kthread+0x337/0x6f0 [ 25.370255] ? trace_preempt_on+0x20/0xc0 [ 25.370315] ? __pfx_kthread+0x10/0x10 [ 25.370348] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.370385] ? calculate_sigpending+0x7b/0xa0 [ 25.370425] ? __pfx_kthread+0x10/0x10 [ 25.370455] ret_from_fork+0x41/0x80 [ 25.370494] ? __pfx_kthread+0x10/0x10 [ 25.370524] ret_from_fork_asm+0x1a/0x30 [ 25.370575] </TASK> [ 25.370596] [ 25.392657] Allocated by task 285: [ 25.393123] kasan_save_stack+0x45/0x70 [ 25.393541] kasan_save_track+0x18/0x40 [ 25.393961] kasan_save_alloc_info+0x3b/0x50 [ 25.394800] __kasan_kmalloc+0xb7/0xc0 [ 25.395482] __kmalloc_cache_noprof+0x189/0x420 [ 25.395786] kasan_atomics+0x95/0x310 [ 25.396049] kunit_try_run_case+0x1a5/0x480 [ 25.397557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.397998] kthread+0x337/0x6f0 [ 25.398595] ret_from_fork+0x41/0x80 [ 25.398895] ret_from_fork_asm+0x1a/0x30 [ 25.399383] [ 25.399634] The buggy address belongs to the object at ffff888102ef1180 [ 25.399634] which belongs to the cache kmalloc-64 of size 64 [ 25.400600] The buggy address is located 0 bytes to the right of [ 25.400600] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.401579] [ 25.401769] The buggy address belongs to the physical page: [ 25.402941] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.404022] flags: 0x200000000000000(node=0|zone=2) [ 25.404646] page_type: f5(slab) [ 25.404912] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.405727] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.406595] page dumped because: kasan: bad access detected [ 25.407012] [ 25.407442] Memory state around the buggy address: [ 25.408415] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.408912] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.409662] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.410198] ^ [ 25.410821] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.411923] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.412610] ================================================================== [ 24.190661] ================================================================== [ 24.191509] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 24.192612] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.194612] [ 24.194858] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.194973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.195005] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.195051] Call Trace: [ 24.195106] <TASK> [ 24.195144] dump_stack_lvl+0x73/0xb0 [ 24.195192] print_report+0xd1/0x650 [ 24.195235] ? __virt_addr_valid+0x1db/0x2d0 [ 24.195269] ? kasan_atomics_helper+0x992/0x5450 [ 24.195365] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.195451] ? kasan_atomics_helper+0x992/0x5450 [ 24.195527] kasan_report+0x141/0x180 [ 24.195607] ? kasan_atomics_helper+0x992/0x5450 [ 24.195699] kasan_check_range+0x10c/0x1c0 [ 24.195774] __kasan_check_write+0x18/0x20 [ 24.195845] kasan_atomics_helper+0x992/0x5450 [ 24.195940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.196024] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.196092] ? kasan_atomics+0x152/0x310 [ 24.196168] kasan_atomics+0x1dc/0x310 [ 24.196207] ? __pfx_kasan_atomics+0x10/0x10 [ 24.196243] ? __pfx_read_tsc+0x10/0x10 [ 24.196279] ? ktime_get_ts64+0x86/0x230 [ 24.196349] kunit_try_run_case+0x1a5/0x480 [ 24.196391] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.196426] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.196463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.196499] ? __kthread_parkme+0x82/0x180 [ 24.196534] ? preempt_count_sub+0x50/0x80 [ 24.196572] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.196610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.196646] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.196682] kthread+0x337/0x6f0 [ 24.196709] ? trace_preempt_on+0x20/0xc0 [ 24.196746] ? __pfx_kthread+0x10/0x10 [ 24.196774] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.196807] ? calculate_sigpending+0x7b/0xa0 [ 24.196841] ? __pfx_kthread+0x10/0x10 [ 24.196869] ret_from_fork+0x41/0x80 [ 24.196903] ? __pfx_kthread+0x10/0x10 [ 24.196932] ret_from_fork_asm+0x1a/0x30 [ 24.197022] </TASK> [ 24.197070] [ 24.218224] Allocated by task 285: [ 24.218828] kasan_save_stack+0x45/0x70 [ 24.219435] kasan_save_track+0x18/0x40 [ 24.219890] kasan_save_alloc_info+0x3b/0x50 [ 24.220433] __kasan_kmalloc+0xb7/0xc0 [ 24.220838] __kmalloc_cache_noprof+0x189/0x420 [ 24.221383] kasan_atomics+0x95/0x310 [ 24.221842] kunit_try_run_case+0x1a5/0x480 [ 24.222377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.222938] kthread+0x337/0x6f0 [ 24.223418] ret_from_fork+0x41/0x80 [ 24.223818] ret_from_fork_asm+0x1a/0x30 [ 24.224325] [ 24.224570] The buggy address belongs to the object at ffff888102ef1180 [ 24.224570] which belongs to the cache kmalloc-64 of size 64 [ 24.225429] The buggy address is located 0 bytes to the right of [ 24.225429] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.226495] [ 24.226750] The buggy address belongs to the physical page: [ 24.227370] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.228029] flags: 0x200000000000000(node=0|zone=2) [ 24.228588] page_type: f5(slab) [ 24.228998] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.229714] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.230446] page dumped because: kasan: bad access detected [ 24.230930] [ 24.231263] Memory state around the buggy address: [ 24.231722] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.232395] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.233154] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.233818] ^ [ 24.234348] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.234944] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.235601] ================================================================== [ 26.050821] ================================================================== [ 26.052134] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 26.053014] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.054551] [ 26.054860] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.055015] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.055077] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.055138] Call Trace: [ 26.055171] <TASK> [ 26.055198] dump_stack_lvl+0x73/0xb0 [ 26.055246] print_report+0xd1/0x650 [ 26.055326] ? __virt_addr_valid+0x1db/0x2d0 [ 26.055387] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.055426] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.055464] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.055501] kasan_report+0x141/0x180 [ 26.055539] ? kasan_atomics_helper+0x1f43/0x5450 [ 26.055583] kasan_check_range+0x10c/0x1c0 [ 26.055616] __kasan_check_write+0x18/0x20 [ 26.055650] kasan_atomics_helper+0x1f43/0x5450 [ 26.055688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.055725] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.055761] ? kasan_atomics+0x152/0x310 [ 26.055798] kasan_atomics+0x1dc/0x310 [ 26.055830] ? __pfx_kasan_atomics+0x10/0x10 [ 26.055863] ? __pfx_read_tsc+0x10/0x10 [ 26.055920] ? ktime_get_ts64+0x86/0x230 [ 26.055965] kunit_try_run_case+0x1a5/0x480 [ 26.056007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.056046] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.056087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.056126] ? __kthread_parkme+0x82/0x180 [ 26.056162] ? preempt_count_sub+0x50/0x80 [ 26.056203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.056243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.056281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.056396] kthread+0x337/0x6f0 [ 26.056469] ? trace_preempt_on+0x20/0xc0 [ 26.056556] ? __pfx_kthread+0x10/0x10 [ 26.056618] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.056656] ? calculate_sigpending+0x7b/0xa0 [ 26.056692] ? __pfx_kthread+0x10/0x10 [ 26.056720] ret_from_fork+0x41/0x80 [ 26.056756] ? __pfx_kthread+0x10/0x10 [ 26.056786] ret_from_fork_asm+0x1a/0x30 [ 26.056833] </TASK> [ 26.056852] [ 26.076512] Allocated by task 285: [ 26.076852] kasan_save_stack+0x45/0x70 [ 26.077952] kasan_save_track+0x18/0x40 [ 26.078259] kasan_save_alloc_info+0x3b/0x50 [ 26.078862] __kasan_kmalloc+0xb7/0xc0 [ 26.079239] __kmalloc_cache_noprof+0x189/0x420 [ 26.080079] kasan_atomics+0x95/0x310 [ 26.080528] kunit_try_run_case+0x1a5/0x480 [ 26.080938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.081807] kthread+0x337/0x6f0 [ 26.082605] ret_from_fork+0x41/0x80 [ 26.082919] ret_from_fork_asm+0x1a/0x30 [ 26.083675] [ 26.083869] The buggy address belongs to the object at ffff888102ef1180 [ 26.083869] which belongs to the cache kmalloc-64 of size 64 [ 26.085509] The buggy address is located 0 bytes to the right of [ 26.085509] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.086034] [ 26.086167] The buggy address belongs to the physical page: [ 26.086396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.086666] flags: 0x200000000000000(node=0|zone=2) [ 26.086861] page_type: f5(slab) [ 26.087011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.088673] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.089357] page dumped because: kasan: bad access detected [ 26.089772] [ 26.090017] Memory state around the buggy address: [ 26.090545] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.091309] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.091826] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.092592] ^ [ 26.093154] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.093858] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.094887] ================================================================== [ 26.096164] ================================================================== [ 26.096684] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 26.097360] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.098033] [ 26.098350] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.098488] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.098591] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.098663] Call Trace: [ 26.098721] <TASK> [ 26.098779] dump_stack_lvl+0x73/0xb0 [ 26.098933] print_report+0xd1/0x650 [ 26.099021] ? __virt_addr_valid+0x1db/0x2d0 [ 26.099103] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.099240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.099350] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.099432] kasan_report+0x141/0x180 [ 26.099513] ? kasan_atomics_helper+0x4f71/0x5450 [ 26.099672] __asan_report_load8_noabort+0x18/0x20 [ 26.099870] kasan_atomics_helper+0x4f71/0x5450 [ 26.099974] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.100054] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.100197] ? kasan_atomics+0x152/0x310 [ 26.100287] kasan_atomics+0x1dc/0x310 [ 26.100390] ? __pfx_kasan_atomics+0x10/0x10 [ 26.100466] ? __pfx_read_tsc+0x10/0x10 [ 26.100530] ? ktime_get_ts64+0x86/0x230 [ 26.100575] kunit_try_run_case+0x1a5/0x480 [ 26.100620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.100661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.100707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.100746] ? __kthread_parkme+0x82/0x180 [ 26.100783] ? preempt_count_sub+0x50/0x80 [ 26.100823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.100864] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.100903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.100942] kthread+0x337/0x6f0 [ 26.100971] ? trace_preempt_on+0x20/0xc0 [ 26.101011] ? __pfx_kthread+0x10/0x10 [ 26.101048] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.101133] ? calculate_sigpending+0x7b/0xa0 [ 26.101173] ? __pfx_kthread+0x10/0x10 [ 26.101205] ret_from_fork+0x41/0x80 [ 26.101243] ? __pfx_kthread+0x10/0x10 [ 26.101275] ret_from_fork_asm+0x1a/0x30 [ 26.101368] </TASK> [ 26.101397] [ 26.120637] Allocated by task 285: [ 26.120825] kasan_save_stack+0x45/0x70 [ 26.121020] kasan_save_track+0x18/0x40 [ 26.121885] kasan_save_alloc_info+0x3b/0x50 [ 26.122622] __kasan_kmalloc+0xb7/0xc0 [ 26.123389] __kmalloc_cache_noprof+0x189/0x420 [ 26.124235] kasan_atomics+0x95/0x310 [ 26.124522] kunit_try_run_case+0x1a5/0x480 [ 26.125035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.125704] kthread+0x337/0x6f0 [ 26.126080] ret_from_fork+0x41/0x80 [ 26.126676] ret_from_fork_asm+0x1a/0x30 [ 26.127516] [ 26.127706] The buggy address belongs to the object at ffff888102ef1180 [ 26.127706] which belongs to the cache kmalloc-64 of size 64 [ 26.129131] The buggy address is located 0 bytes to the right of [ 26.129131] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.130040] [ 26.130272] The buggy address belongs to the physical page: [ 26.130815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.131464] flags: 0x200000000000000(node=0|zone=2) [ 26.131828] page_type: f5(slab) [ 26.132277] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.133007] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.133702] page dumped because: kasan: bad access detected [ 26.134244] [ 26.134514] Memory state around the buggy address: [ 26.134862] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.135458] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.136181] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.136896] ^ [ 26.137435] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.137972] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.138640] ================================================================== [ 23.725707] ================================================================== [ 23.726151] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 23.727041] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.728247] [ 23.728584] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.728848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.728873] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.728930] Call Trace: [ 23.728971] <TASK> [ 23.728997] dump_stack_lvl+0x73/0xb0 [ 23.729050] print_report+0xd1/0x650 [ 23.729107] ? __virt_addr_valid+0x1db/0x2d0 [ 23.729146] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.729392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.729473] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.729603] kasan_report+0x141/0x180 [ 23.729684] ? kasan_atomics_helper+0x4b54/0x5450 [ 23.729760] __asan_report_load4_noabort+0x18/0x20 [ 23.729799] kasan_atomics_helper+0x4b54/0x5450 [ 23.729838] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.729874] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.729912] ? kasan_atomics+0x152/0x310 [ 23.730004] kasan_atomics+0x1dc/0x310 [ 23.730082] ? __pfx_kasan_atomics+0x10/0x10 [ 23.730368] ? __pfx_read_tsc+0x10/0x10 [ 23.730453] ? ktime_get_ts64+0x86/0x230 [ 23.730540] kunit_try_run_case+0x1a5/0x480 [ 23.730621] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.730661] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.730705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.730744] ? __kthread_parkme+0x82/0x180 [ 23.730780] ? preempt_count_sub+0x50/0x80 [ 23.730819] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.730859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.730896] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.730935] kthread+0x337/0x6f0 [ 23.730963] ? trace_preempt_on+0x20/0xc0 [ 23.731000] ? __pfx_kthread+0x10/0x10 [ 23.731030] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.731098] ? calculate_sigpending+0x7b/0xa0 [ 23.731135] ? __pfx_kthread+0x10/0x10 [ 23.731164] ret_from_fork+0x41/0x80 [ 23.731202] ? __pfx_kthread+0x10/0x10 [ 23.731232] ret_from_fork_asm+0x1a/0x30 [ 23.731280] </TASK> [ 23.731323] [ 23.752125] Allocated by task 285: [ 23.752921] kasan_save_stack+0x45/0x70 [ 23.753647] kasan_save_track+0x18/0x40 [ 23.754030] kasan_save_alloc_info+0x3b/0x50 [ 23.754815] __kasan_kmalloc+0xb7/0xc0 [ 23.755416] __kmalloc_cache_noprof+0x189/0x420 [ 23.755872] kasan_atomics+0x95/0x310 [ 23.756511] kunit_try_run_case+0x1a5/0x480 [ 23.756849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.757703] kthread+0x337/0x6f0 [ 23.758077] ret_from_fork+0x41/0x80 [ 23.758473] ret_from_fork_asm+0x1a/0x30 [ 23.758843] [ 23.759085] The buggy address belongs to the object at ffff888102ef1180 [ 23.759085] which belongs to the cache kmalloc-64 of size 64 [ 23.759970] The buggy address is located 0 bytes to the right of [ 23.759970] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.761553] [ 23.762090] The buggy address belongs to the physical page: [ 23.762757] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.763344] flags: 0x200000000000000(node=0|zone=2) [ 23.763555] page_type: f5(slab) [ 23.763707] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.763979] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.765212] page dumped because: kasan: bad access detected [ 23.765795] [ 23.765976] Memory state around the buggy address: [ 23.766619] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.767395] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.768147] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.768939] ^ [ 23.769541] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.770057] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.770925] ================================================================== [ 24.897751] ================================================================== [ 24.899379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 24.901688] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.904027] [ 24.904283] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.904419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.904457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.904517] Call Trace: [ 24.904609] <TASK> [ 24.904676] dump_stack_lvl+0x73/0xb0 [ 24.904782] print_report+0xd1/0x650 [ 24.904869] ? __virt_addr_valid+0x1db/0x2d0 [ 24.904940] ? kasan_atomics_helper+0x1217/0x5450 [ 24.905018] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.905104] ? kasan_atomics_helper+0x1217/0x5450 [ 24.905188] kasan_report+0x141/0x180 [ 24.905273] ? kasan_atomics_helper+0x1217/0x5450 [ 24.905392] kasan_check_range+0x10c/0x1c0 [ 24.906088] __kasan_check_write+0x18/0x20 [ 24.906140] kasan_atomics_helper+0x1217/0x5450 [ 24.906183] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.906224] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.906264] ? kasan_atomics+0x152/0x310 [ 24.906326] kasan_atomics+0x1dc/0x310 [ 24.906362] ? __pfx_kasan_atomics+0x10/0x10 [ 24.906399] ? __pfx_read_tsc+0x10/0x10 [ 24.906437] ? ktime_get_ts64+0x86/0x230 [ 24.906480] kunit_try_run_case+0x1a5/0x480 [ 24.906523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.906561] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.906602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.906641] ? __kthread_parkme+0x82/0x180 [ 24.906677] ? preempt_count_sub+0x50/0x80 [ 24.906719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.906761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.906802] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.906839] kthread+0x337/0x6f0 [ 24.906867] ? trace_preempt_on+0x20/0xc0 [ 24.906906] ? __pfx_kthread+0x10/0x10 [ 24.906936] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.906973] ? calculate_sigpending+0x7b/0xa0 [ 24.907009] ? __pfx_kthread+0x10/0x10 [ 24.907048] ret_from_fork+0x41/0x80 [ 24.907105] ? __pfx_kthread+0x10/0x10 [ 24.907139] ret_from_fork_asm+0x1a/0x30 [ 24.907188] </TASK> [ 24.907207] [ 24.926766] Allocated by task 285: [ 24.927223] kasan_save_stack+0x45/0x70 [ 24.927614] kasan_save_track+0x18/0x40 [ 24.929668] kasan_save_alloc_info+0x3b/0x50 [ 24.930591] __kasan_kmalloc+0xb7/0xc0 [ 24.930865] __kmalloc_cache_noprof+0x189/0x420 [ 24.931191] kasan_atomics+0x95/0x310 [ 24.933585] kunit_try_run_case+0x1a5/0x480 [ 24.935011] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.936122] kthread+0x337/0x6f0 [ 24.936674] ret_from_fork+0x41/0x80 [ 24.937205] ret_from_fork_asm+0x1a/0x30 [ 24.937557] [ 24.938739] The buggy address belongs to the object at ffff888102ef1180 [ 24.938739] which belongs to the cache kmalloc-64 of size 64 [ 24.939793] The buggy address is located 0 bytes to the right of [ 24.939793] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.941975] [ 24.942659] The buggy address belongs to the physical page: [ 24.944499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.944998] flags: 0x200000000000000(node=0|zone=2) [ 24.946060] page_type: f5(slab) [ 24.946721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.948397] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.949366] page dumped because: kasan: bad access detected [ 24.950242] [ 24.950438] Memory state around the buggy address: [ 24.950825] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.952259] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.952915] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.953807] ^ [ 24.954099] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.954532] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.954925] ================================================================== [ 24.816916] ================================================================== [ 24.817736] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 24.818782] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.819584] [ 24.819924] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.820067] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.820132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.820219] Call Trace: [ 24.820277] <TASK> [ 24.820349] dump_stack_lvl+0x73/0xb0 [ 24.820441] print_report+0xd1/0x650 [ 24.820524] ? __virt_addr_valid+0x1db/0x2d0 [ 24.820599] ? kasan_atomics_helper+0x1148/0x5450 [ 24.820675] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.820751] ? kasan_atomics_helper+0x1148/0x5450 [ 24.820829] kasan_report+0x141/0x180 [ 24.820911] ? kasan_atomics_helper+0x1148/0x5450 [ 24.821002] kasan_check_range+0x10c/0x1c0 [ 24.821083] __kasan_check_write+0x18/0x20 [ 24.821160] kasan_atomics_helper+0x1148/0x5450 [ 24.821247] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.821390] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.821497] ? kasan_atomics+0x152/0x310 [ 24.821558] kasan_atomics+0x1dc/0x310 [ 24.821629] ? __pfx_kasan_atomics+0x10/0x10 [ 24.821705] ? __pfx_read_tsc+0x10/0x10 [ 24.821807] ? ktime_get_ts64+0x86/0x230 [ 24.821918] kunit_try_run_case+0x1a5/0x480 [ 24.822009] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.822099] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.822191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.822321] ? __kthread_parkme+0x82/0x180 [ 24.822406] ? preempt_count_sub+0x50/0x80 [ 24.822494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.822572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.822653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.822739] kthread+0x337/0x6f0 [ 24.822806] ? trace_preempt_on+0x20/0xc0 [ 24.822888] ? __pfx_kthread+0x10/0x10 [ 24.822959] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.823030] ? calculate_sigpending+0x7b/0xa0 [ 24.823129] ? __pfx_kthread+0x10/0x10 [ 24.823227] ret_from_fork+0x41/0x80 [ 24.823326] ? __pfx_kthread+0x10/0x10 [ 24.823400] ret_from_fork_asm+0x1a/0x30 [ 24.823499] </TASK> [ 24.823538] [ 24.839096] Allocated by task 285: [ 24.839534] kasan_save_stack+0x45/0x70 [ 24.840033] kasan_save_track+0x18/0x40 [ 24.840456] kasan_save_alloc_info+0x3b/0x50 [ 24.840926] __kasan_kmalloc+0xb7/0xc0 [ 24.841475] __kmalloc_cache_noprof+0x189/0x420 [ 24.841832] kasan_atomics+0x95/0x310 [ 24.842180] kunit_try_run_case+0x1a5/0x480 [ 24.842700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.843358] kthread+0x337/0x6f0 [ 24.843724] ret_from_fork+0x41/0x80 [ 24.844172] ret_from_fork_asm+0x1a/0x30 [ 24.844633] [ 24.844887] The buggy address belongs to the object at ffff888102ef1180 [ 24.844887] which belongs to the cache kmalloc-64 of size 64 [ 24.845904] The buggy address is located 0 bytes to the right of [ 24.845904] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.846990] [ 24.847253] The buggy address belongs to the physical page: [ 24.847793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.848520] flags: 0x200000000000000(node=0|zone=2) [ 24.849023] page_type: f5(slab) [ 24.849475] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.850179] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.850842] page dumped because: kasan: bad access detected [ 24.851448] [ 24.851730] Memory state around the buggy address: [ 24.852204] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.852877] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.853548] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.854079] ^ [ 24.854443] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.854895] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.855356] ================================================================== [ 24.048542] ================================================================== [ 24.051260] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 24.051831] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.052624] [ 24.052923] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.053060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.053103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.053165] Call Trace: [ 24.053223] <TASK> [ 24.053277] dump_stack_lvl+0x73/0xb0 [ 24.053389] print_report+0xd1/0x650 [ 24.053510] ? __virt_addr_valid+0x1db/0x2d0 [ 24.053594] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.053672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.053751] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.053833] kasan_report+0x141/0x180 [ 24.053917] ? kasan_atomics_helper+0x7c7/0x5450 [ 24.054010] kasan_check_range+0x10c/0x1c0 [ 24.054109] __kasan_check_write+0x18/0x20 [ 24.054187] kasan_atomics_helper+0x7c7/0x5450 [ 24.054274] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.054382] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.054462] ? kasan_atomics+0x152/0x310 [ 24.054545] kasan_atomics+0x1dc/0x310 [ 24.054617] ? __pfx_kasan_atomics+0x10/0x10 [ 24.054695] ? __pfx_read_tsc+0x10/0x10 [ 24.054774] ? ktime_get_ts64+0x86/0x230 [ 24.054870] kunit_try_run_case+0x1a5/0x480 [ 24.054960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.055041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.055129] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.055214] ? __kthread_parkme+0x82/0x180 [ 24.055312] ? preempt_count_sub+0x50/0x80 [ 24.055404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.055485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.055574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.055661] kthread+0x337/0x6f0 [ 24.055733] ? trace_preempt_on+0x20/0xc0 [ 24.055821] ? __pfx_kthread+0x10/0x10 [ 24.055902] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.055983] ? calculate_sigpending+0x7b/0xa0 [ 24.056086] ? __pfx_kthread+0x10/0x10 [ 24.056164] ret_from_fork+0x41/0x80 [ 24.056217] ? __pfx_kthread+0x10/0x10 [ 24.056249] ret_from_fork_asm+0x1a/0x30 [ 24.056321] </TASK> [ 24.056342] [ 24.070827] Allocated by task 285: [ 24.071377] kasan_save_stack+0x45/0x70 [ 24.071848] kasan_save_track+0x18/0x40 [ 24.072332] kasan_save_alloc_info+0x3b/0x50 [ 24.072723] __kasan_kmalloc+0xb7/0xc0 [ 24.073099] __kmalloc_cache_noprof+0x189/0x420 [ 24.073523] kasan_atomics+0x95/0x310 [ 24.073935] kunit_try_run_case+0x1a5/0x480 [ 24.074348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.074733] kthread+0x337/0x6f0 [ 24.075012] ret_from_fork+0x41/0x80 [ 24.075436] ret_from_fork_asm+0x1a/0x30 [ 24.075867] [ 24.076118] The buggy address belongs to the object at ffff888102ef1180 [ 24.076118] which belongs to the cache kmalloc-64 of size 64 [ 24.077419] The buggy address is located 0 bytes to the right of [ 24.077419] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.078153] [ 24.078419] The buggy address belongs to the physical page: [ 24.079099] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.080595] flags: 0x200000000000000(node=0|zone=2) [ 24.081103] page_type: f5(slab) [ 24.081510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.082232] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.084282] page dumped because: kasan: bad access detected [ 24.084858] [ 24.085669] Memory state around the buggy address: [ 24.086571] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.087158] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.087687] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.088824] ^ [ 24.089219] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.089773] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.090797] ================================================================== [ 25.604990] ================================================================== [ 25.605726] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 25.606751] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.607658] [ 25.607989] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.608123] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.608221] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.608489] Call Trace: [ 25.608552] <TASK> [ 25.608612] dump_stack_lvl+0x73/0xb0 [ 25.609149] print_report+0xd1/0x650 [ 25.609248] ? __virt_addr_valid+0x1db/0x2d0 [ 25.609331] ? kasan_atomics_helper+0x194a/0x5450 [ 25.609374] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.609415] ? kasan_atomics_helper+0x194a/0x5450 [ 25.609453] kasan_report+0x141/0x180 [ 25.609493] ? kasan_atomics_helper+0x194a/0x5450 [ 25.609537] kasan_check_range+0x10c/0x1c0 [ 25.609573] __kasan_check_write+0x18/0x20 [ 25.609608] kasan_atomics_helper+0x194a/0x5450 [ 25.609646] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.609683] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.609721] ? kasan_atomics+0x152/0x310 [ 25.609758] kasan_atomics+0x1dc/0x310 [ 25.609789] ? __pfx_kasan_atomics+0x10/0x10 [ 25.609823] ? __pfx_read_tsc+0x10/0x10 [ 25.609860] ? ktime_get_ts64+0x86/0x230 [ 25.609901] kunit_try_run_case+0x1a5/0x480 [ 25.609942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.609981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.610022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.610141] ? __kthread_parkme+0x82/0x180 [ 25.610223] ? preempt_count_sub+0x50/0x80 [ 25.610327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.610390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.610431] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.610469] kthread+0x337/0x6f0 [ 25.610496] ? trace_preempt_on+0x20/0xc0 [ 25.610533] ? __pfx_kthread+0x10/0x10 [ 25.610560] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.610594] ? calculate_sigpending+0x7b/0xa0 [ 25.610628] ? __pfx_kthread+0x10/0x10 [ 25.610656] ret_from_fork+0x41/0x80 [ 25.610690] ? __pfx_kthread+0x10/0x10 [ 25.610719] ret_from_fork_asm+0x1a/0x30 [ 25.610764] </TASK> [ 25.610782] [ 25.627612] Allocated by task 285: [ 25.628229] kasan_save_stack+0x45/0x70 [ 25.628788] kasan_save_track+0x18/0x40 [ 25.629360] kasan_save_alloc_info+0x3b/0x50 [ 25.629867] __kasan_kmalloc+0xb7/0xc0 [ 25.630289] __kmalloc_cache_noprof+0x189/0x420 [ 25.630927] kasan_atomics+0x95/0x310 [ 25.631455] kunit_try_run_case+0x1a5/0x480 [ 25.631951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.632589] kthread+0x337/0x6f0 [ 25.633019] ret_from_fork+0x41/0x80 [ 25.633517] ret_from_fork_asm+0x1a/0x30 [ 25.633977] [ 25.634261] The buggy address belongs to the object at ffff888102ef1180 [ 25.634261] which belongs to the cache kmalloc-64 of size 64 [ 25.635344] The buggy address is located 0 bytes to the right of [ 25.635344] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.636452] [ 25.636670] The buggy address belongs to the physical page: [ 25.637412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.638247] flags: 0x200000000000000(node=0|zone=2) [ 25.638852] page_type: f5(slab) [ 25.639392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.639968] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.640867] page dumped because: kasan: bad access detected [ 25.641312] [ 25.641596] Memory state around the buggy address: [ 25.642118] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.642815] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.643506] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.644117] ^ [ 25.644700] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.645352] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.645991] ================================================================== [ 26.188787] ================================================================== [ 26.190650] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 26.191285] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.192512] [ 26.192740] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.193216] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.193239] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.193272] Call Trace: [ 26.193322] <TASK> [ 26.193354] dump_stack_lvl+0x73/0xb0 [ 26.193399] print_report+0xd1/0x650 [ 26.193440] ? __virt_addr_valid+0x1db/0x2d0 [ 26.193480] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.193517] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.193555] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.193592] kasan_report+0x141/0x180 [ 26.193631] ? kasan_atomics_helper+0x4f98/0x5450 [ 26.193675] __asan_report_load8_noabort+0x18/0x20 [ 26.193709] kasan_atomics_helper+0x4f98/0x5450 [ 26.193748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.193787] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.193824] ? kasan_atomics+0x152/0x310 [ 26.193861] kasan_atomics+0x1dc/0x310 [ 26.193893] ? __pfx_kasan_atomics+0x10/0x10 [ 26.193927] ? __pfx_read_tsc+0x10/0x10 [ 26.193962] ? ktime_get_ts64+0x86/0x230 [ 26.194004] kunit_try_run_case+0x1a5/0x480 [ 26.194058] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.194113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.194156] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.194195] ? __kthread_parkme+0x82/0x180 [ 26.194232] ? preempt_count_sub+0x50/0x80 [ 26.194272] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.194334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.194375] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.194414] kthread+0x337/0x6f0 [ 26.194442] ? trace_preempt_on+0x20/0xc0 [ 26.194482] ? __pfx_kthread+0x10/0x10 [ 26.194512] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.194546] ? calculate_sigpending+0x7b/0xa0 [ 26.194584] ? __pfx_kthread+0x10/0x10 [ 26.194613] ret_from_fork+0x41/0x80 [ 26.194650] ? __pfx_kthread+0x10/0x10 [ 26.194680] ret_from_fork_asm+0x1a/0x30 [ 26.194729] </TASK> [ 26.194747] [ 26.214274] Allocated by task 285: [ 26.215395] kasan_save_stack+0x45/0x70 [ 26.215995] kasan_save_track+0x18/0x40 [ 26.216520] kasan_save_alloc_info+0x3b/0x50 [ 26.217262] __kasan_kmalloc+0xb7/0xc0 [ 26.217861] __kmalloc_cache_noprof+0x189/0x420 [ 26.218445] kasan_atomics+0x95/0x310 [ 26.218902] kunit_try_run_case+0x1a5/0x480 [ 26.219637] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.220363] kthread+0x337/0x6f0 [ 26.220703] ret_from_fork+0x41/0x80 [ 26.221056] ret_from_fork_asm+0x1a/0x30 [ 26.221499] [ 26.221741] The buggy address belongs to the object at ffff888102ef1180 [ 26.221741] which belongs to the cache kmalloc-64 of size 64 [ 26.222886] The buggy address is located 0 bytes to the right of [ 26.222886] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.224318] [ 26.224564] The buggy address belongs to the physical page: [ 26.225609] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.226524] flags: 0x200000000000000(node=0|zone=2) [ 26.226916] page_type: f5(slab) [ 26.227776] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.228620] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.229263] page dumped because: kasan: bad access detected [ 26.229627] [ 26.230258] Memory state around the buggy address: [ 26.230743] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.231815] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.232813] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.233728] ^ [ 26.234139] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.235032] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.235837] ================================================================== [ 25.136420] ================================================================== [ 25.137482] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 25.137988] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.138969] [ 25.139892] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.140234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.140278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.140660] Call Trace: [ 25.140721] <TASK> [ 25.140774] dump_stack_lvl+0x73/0xb0 [ 25.140865] print_report+0xd1/0x650 [ 25.140942] ? __virt_addr_valid+0x1db/0x2d0 [ 25.141091] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.141199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.141276] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.141372] kasan_report+0x141/0x180 [ 25.141451] ? kasan_atomics_helper+0x4eae/0x5450 [ 25.141532] __asan_report_load8_noabort+0x18/0x20 [ 25.141613] kasan_atomics_helper+0x4eae/0x5450 [ 25.141680] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.141750] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.141789] ? kasan_atomics+0x152/0x310 [ 25.141827] kasan_atomics+0x1dc/0x310 [ 25.141858] ? __pfx_kasan_atomics+0x10/0x10 [ 25.141893] ? __pfx_read_tsc+0x10/0x10 [ 25.141928] ? ktime_get_ts64+0x86/0x230 [ 25.142012] kunit_try_run_case+0x1a5/0x480 [ 25.142090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.142132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.142173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.142209] ? __kthread_parkme+0x82/0x180 [ 25.142243] ? preempt_count_sub+0x50/0x80 [ 25.142281] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.142347] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.142385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.142420] kthread+0x337/0x6f0 [ 25.142446] ? trace_preempt_on+0x20/0xc0 [ 25.142483] ? __pfx_kthread+0x10/0x10 [ 25.142513] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.142547] ? calculate_sigpending+0x7b/0xa0 [ 25.142581] ? __pfx_kthread+0x10/0x10 [ 25.142609] ret_from_fork+0x41/0x80 [ 25.142643] ? __pfx_kthread+0x10/0x10 [ 25.142670] ret_from_fork_asm+0x1a/0x30 [ 25.142716] </TASK> [ 25.142732] [ 25.158421] Allocated by task 285: [ 25.159101] kasan_save_stack+0x45/0x70 [ 25.159593] kasan_save_track+0x18/0x40 [ 25.160071] kasan_save_alloc_info+0x3b/0x50 [ 25.160561] __kasan_kmalloc+0xb7/0xc0 [ 25.160878] __kmalloc_cache_noprof+0x189/0x420 [ 25.161225] kasan_atomics+0x95/0x310 [ 25.161766] kunit_try_run_case+0x1a5/0x480 [ 25.162229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.162838] kthread+0x337/0x6f0 [ 25.163390] ret_from_fork+0x41/0x80 [ 25.163845] ret_from_fork_asm+0x1a/0x30 [ 25.164234] [ 25.164452] The buggy address belongs to the object at ffff888102ef1180 [ 25.164452] which belongs to the cache kmalloc-64 of size 64 [ 25.165352] The buggy address is located 0 bytes to the right of [ 25.165352] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.166959] [ 25.167331] The buggy address belongs to the physical page: [ 25.167724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.168331] flags: 0x200000000000000(node=0|zone=2) [ 25.168943] page_type: f5(slab) [ 25.169426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.170101] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.170774] page dumped because: kasan: bad access detected [ 25.171904] [ 25.172109] Memory state around the buggy address: [ 25.172619] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.173155] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.173851] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.174554] ^ [ 25.175066] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.175704] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.176399] ================================================================== [ 25.647469] ================================================================== [ 25.648075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 25.648730] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.649496] [ 25.649768] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.649903] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.649946] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.650011] Call Trace: [ 25.650126] <TASK> [ 25.650183] dump_stack_lvl+0x73/0xb0 [ 25.650260] print_report+0xd1/0x650 [ 25.650350] ? __virt_addr_valid+0x1db/0x2d0 [ 25.650422] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.650495] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.650562] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.650628] kasan_report+0x141/0x180 [ 25.650732] ? kasan_atomics_helper+0x19e3/0x5450 [ 25.650855] kasan_check_range+0x10c/0x1c0 [ 25.650930] __kasan_check_write+0x18/0x20 [ 25.651084] kasan_atomics_helper+0x19e3/0x5450 [ 25.651178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.651278] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.651397] ? kasan_atomics+0x152/0x310 [ 25.651483] kasan_atomics+0x1dc/0x310 [ 25.651542] ? __pfx_kasan_atomics+0x10/0x10 [ 25.651605] ? __pfx_read_tsc+0x10/0x10 [ 25.651681] ? ktime_get_ts64+0x86/0x230 [ 25.651799] kunit_try_run_case+0x1a5/0x480 [ 25.651928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.652011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.652188] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.652272] ? __kthread_parkme+0x82/0x180 [ 25.652376] ? preempt_count_sub+0x50/0x80 [ 25.652466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.652606] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.652693] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.652778] kthread+0x337/0x6f0 [ 25.652849] ? trace_preempt_on+0x20/0xc0 [ 25.652933] ? __pfx_kthread+0x10/0x10 [ 25.653022] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.653157] ? calculate_sigpending+0x7b/0xa0 [ 25.653236] ? __pfx_kthread+0x10/0x10 [ 25.653324] ret_from_fork+0x41/0x80 [ 25.653401] ? __pfx_kthread+0x10/0x10 [ 25.653474] ret_from_fork_asm+0x1a/0x30 [ 25.653541] </TASK> [ 25.653561] [ 25.669343] Allocated by task 285: [ 25.669811] kasan_save_stack+0x45/0x70 [ 25.670897] kasan_save_track+0x18/0x40 [ 25.671908] kasan_save_alloc_info+0x3b/0x50 [ 25.672273] __kasan_kmalloc+0xb7/0xc0 [ 25.673032] __kmalloc_cache_noprof+0x189/0x420 [ 25.673545] kasan_atomics+0x95/0x310 [ 25.674006] kunit_try_run_case+0x1a5/0x480 [ 25.674605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.675362] kthread+0x337/0x6f0 [ 25.675727] ret_from_fork+0x41/0x80 [ 25.676318] ret_from_fork_asm+0x1a/0x30 [ 25.676682] [ 25.677003] The buggy address belongs to the object at ffff888102ef1180 [ 25.677003] which belongs to the cache kmalloc-64 of size 64 [ 25.678070] The buggy address is located 0 bytes to the right of [ 25.678070] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.679143] [ 25.679531] The buggy address belongs to the physical page: [ 25.680162] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.680977] flags: 0x200000000000000(node=0|zone=2) [ 25.681533] page_type: f5(slab) [ 25.682000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.682629] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.683402] page dumped because: kasan: bad access detected [ 25.683948] [ 25.684264] Memory state around the buggy address: [ 25.684768] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.685265] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.685920] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.686591] ^ [ 25.687063] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.687702] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.688520] ================================================================== [ 25.873273] ================================================================== [ 25.873830] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 25.874634] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.875281] [ 25.875582] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.875723] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.875768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.875829] Call Trace: [ 25.875860] <TASK> [ 25.875916] dump_stack_lvl+0x73/0xb0 [ 25.875964] print_report+0xd1/0x650 [ 25.876045] ? __virt_addr_valid+0x1db/0x2d0 [ 25.876406] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.876467] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.876507] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.876543] kasan_report+0x141/0x180 [ 25.876580] ? kasan_atomics_helper+0x1ce1/0x5450 [ 25.876624] kasan_check_range+0x10c/0x1c0 [ 25.876657] __kasan_check_write+0x18/0x20 [ 25.876690] kasan_atomics_helper+0x1ce1/0x5450 [ 25.876729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.876767] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.876804] ? kasan_atomics+0x152/0x310 [ 25.876841] kasan_atomics+0x1dc/0x310 [ 25.876871] ? __pfx_kasan_atomics+0x10/0x10 [ 25.876902] ? __pfx_read_tsc+0x10/0x10 [ 25.876938] ? ktime_get_ts64+0x86/0x230 [ 25.876978] kunit_try_run_case+0x1a5/0x480 [ 25.877020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.877095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.877140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.877177] ? __kthread_parkme+0x82/0x180 [ 25.877211] ? preempt_count_sub+0x50/0x80 [ 25.877249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.877286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.877353] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.877392] kthread+0x337/0x6f0 [ 25.877419] ? trace_preempt_on+0x20/0xc0 [ 25.877460] ? __pfx_kthread+0x10/0x10 [ 25.877488] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.877522] ? calculate_sigpending+0x7b/0xa0 [ 25.877556] ? __pfx_kthread+0x10/0x10 [ 25.877584] ret_from_fork+0x41/0x80 [ 25.877619] ? __pfx_kthread+0x10/0x10 [ 25.877647] ret_from_fork_asm+0x1a/0x30 [ 25.877693] </TASK> [ 25.877710] [ 25.892468] Allocated by task 285: [ 25.892858] kasan_save_stack+0x45/0x70 [ 25.893366] kasan_save_track+0x18/0x40 [ 25.893799] kasan_save_alloc_info+0x3b/0x50 [ 25.894200] __kasan_kmalloc+0xb7/0xc0 [ 25.894539] __kmalloc_cache_noprof+0x189/0x420 [ 25.895026] kasan_atomics+0x95/0x310 [ 25.895524] kunit_try_run_case+0x1a5/0x480 [ 25.896013] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.896609] kthread+0x337/0x6f0 [ 25.896955] ret_from_fork+0x41/0x80 [ 25.897332] ret_from_fork_asm+0x1a/0x30 [ 25.897732] [ 25.897967] The buggy address belongs to the object at ffff888102ef1180 [ 25.897967] which belongs to the cache kmalloc-64 of size 64 [ 25.899012] The buggy address is located 0 bytes to the right of [ 25.899012] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.900002] [ 25.900279] The buggy address belongs to the physical page: [ 25.900765] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.901366] flags: 0x200000000000000(node=0|zone=2) [ 25.901734] page_type: f5(slab) [ 25.902073] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.902729] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.903501] page dumped because: kasan: bad access detected [ 25.904091] [ 25.904348] Memory state around the buggy address: [ 25.904823] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.905454] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.905902] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.906548] ^ [ 25.907071] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.907731] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.908433] ================================================================== [ 26.476909] ================================================================== [ 26.477552] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 26.478364] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.479246] [ 26.479715] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.480016] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.480055] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.480103] Call Trace: [ 26.480131] <TASK> [ 26.480160] dump_stack_lvl+0x73/0xb0 [ 26.480205] print_report+0xd1/0x650 [ 26.480246] ? __virt_addr_valid+0x1db/0x2d0 [ 26.480284] ? kasan_atomics_helper+0x5115/0x5450 [ 26.480348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.480387] ? kasan_atomics_helper+0x5115/0x5450 [ 26.480425] kasan_report+0x141/0x180 [ 26.480465] ? kasan_atomics_helper+0x5115/0x5450 [ 26.480510] __asan_report_load8_noabort+0x18/0x20 [ 26.480548] kasan_atomics_helper+0x5115/0x5450 [ 26.480586] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.480625] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.480663] ? kasan_atomics+0x152/0x310 [ 26.480702] kasan_atomics+0x1dc/0x310 [ 26.480738] ? __pfx_kasan_atomics+0x10/0x10 [ 26.480775] ? __pfx_read_tsc+0x10/0x10 [ 26.480814] ? ktime_get_ts64+0x86/0x230 [ 26.480855] kunit_try_run_case+0x1a5/0x480 [ 26.480898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.480937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.480978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.481018] ? __kthread_parkme+0x82/0x180 [ 26.481079] ? preempt_count_sub+0x50/0x80 [ 26.481125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.481165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.481206] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.481246] kthread+0x337/0x6f0 [ 26.481274] ? trace_preempt_on+0x20/0xc0 [ 26.481338] ? __pfx_kthread+0x10/0x10 [ 26.481369] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.481407] ? calculate_sigpending+0x7b/0xa0 [ 26.481444] ? __pfx_kthread+0x10/0x10 [ 26.481475] ret_from_fork+0x41/0x80 [ 26.481512] ? __pfx_kthread+0x10/0x10 [ 26.481545] ret_from_fork_asm+0x1a/0x30 [ 26.481597] </TASK> [ 26.481616] [ 26.501074] Allocated by task 285: [ 26.501681] kasan_save_stack+0x45/0x70 [ 26.502343] kasan_save_track+0x18/0x40 [ 26.502903] kasan_save_alloc_info+0x3b/0x50 [ 26.503519] __kasan_kmalloc+0xb7/0xc0 [ 26.503936] __kmalloc_cache_noprof+0x189/0x420 [ 26.504684] kasan_atomics+0x95/0x310 [ 26.505289] kunit_try_run_case+0x1a5/0x480 [ 26.505905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.506616] kthread+0x337/0x6f0 [ 26.507171] ret_from_fork+0x41/0x80 [ 26.507625] ret_from_fork_asm+0x1a/0x30 [ 26.508357] [ 26.508594] The buggy address belongs to the object at ffff888102ef1180 [ 26.508594] which belongs to the cache kmalloc-64 of size 64 [ 26.509886] The buggy address is located 0 bytes to the right of [ 26.509886] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.511380] [ 26.511629] The buggy address belongs to the physical page: [ 26.512158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.512771] flags: 0x200000000000000(node=0|zone=2) [ 26.513610] page_type: f5(slab) [ 26.513931] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.514900] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.515609] page dumped because: kasan: bad access detected [ 26.516115] [ 26.516357] Memory state around the buggy address: [ 26.516823] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.517498] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.518248] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.518979] ^ [ 26.519480] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.520118] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.520770] ================================================================== [ 23.966199] ================================================================== [ 23.966804] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 23.968397] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.969698] [ 23.970150] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.971063] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.971098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.971133] Call Trace: [ 23.971160] <TASK> [ 23.971187] dump_stack_lvl+0x73/0xb0 [ 23.971240] print_report+0xd1/0x650 [ 23.971284] ? __virt_addr_valid+0x1db/0x2d0 [ 23.971348] ? kasan_atomics_helper+0x697/0x5450 [ 23.971388] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.971426] ? kasan_atomics_helper+0x697/0x5450 [ 23.971463] kasan_report+0x141/0x180 [ 23.971503] ? kasan_atomics_helper+0x697/0x5450 [ 23.971547] kasan_check_range+0x10c/0x1c0 [ 23.971581] __kasan_check_write+0x18/0x20 [ 23.971615] kasan_atomics_helper+0x697/0x5450 [ 23.971657] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.971696] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.971734] ? kasan_atomics+0x152/0x310 [ 23.971772] kasan_atomics+0x1dc/0x310 [ 23.971804] ? __pfx_kasan_atomics+0x10/0x10 [ 23.971839] ? __pfx_read_tsc+0x10/0x10 [ 23.971874] ? ktime_get_ts64+0x86/0x230 [ 23.971928] kunit_try_run_case+0x1a5/0x480 [ 23.971971] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.972009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.972080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.972126] ? __kthread_parkme+0x82/0x180 [ 23.972165] ? preempt_count_sub+0x50/0x80 [ 23.972206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.972246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.972286] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.972349] kthread+0x337/0x6f0 [ 23.972379] ? trace_preempt_on+0x20/0xc0 [ 23.972418] ? __pfx_kthread+0x10/0x10 [ 23.972447] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.972483] ? calculate_sigpending+0x7b/0xa0 [ 23.972519] ? __pfx_kthread+0x10/0x10 [ 23.972549] ret_from_fork+0x41/0x80 [ 23.972584] ? __pfx_kthread+0x10/0x10 [ 23.972614] ret_from_fork_asm+0x1a/0x30 [ 23.972663] </TASK> [ 23.972682] [ 23.992563] Allocated by task 285: [ 23.993105] kasan_save_stack+0x45/0x70 [ 23.993486] kasan_save_track+0x18/0x40 [ 23.993798] kasan_save_alloc_info+0x3b/0x50 [ 23.994238] __kasan_kmalloc+0xb7/0xc0 [ 23.994717] __kmalloc_cache_noprof+0x189/0x420 [ 23.995315] kasan_atomics+0x95/0x310 [ 23.995779] kunit_try_run_case+0x1a5/0x480 [ 23.996320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.996829] kthread+0x337/0x6f0 [ 23.997339] ret_from_fork+0x41/0x80 [ 23.997678] ret_from_fork_asm+0x1a/0x30 [ 23.998193] [ 23.998487] The buggy address belongs to the object at ffff888102ef1180 [ 23.998487] which belongs to the cache kmalloc-64 of size 64 [ 23.999338] The buggy address is located 0 bytes to the right of [ 23.999338] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.000511] [ 24.000782] The buggy address belongs to the physical page: [ 24.001412] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.001925] flags: 0x200000000000000(node=0|zone=2) [ 24.002528] page_type: f5(slab) [ 24.002973] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.003683] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.004329] page dumped because: kasan: bad access detected [ 24.004843] [ 24.005170] Memory state around the buggy address: [ 24.005548] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.006234] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.006978] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.007666] ^ [ 24.008104] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.008827] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.009480] ================================================================== [ 26.004550] ================================================================== [ 26.005601] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 26.008400] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.009752] [ 26.010100] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.010240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.010283] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.010381] Call Trace: [ 26.010482] <TASK> [ 26.010542] dump_stack_lvl+0x73/0xb0 [ 26.010636] print_report+0xd1/0x650 [ 26.010713] ? __virt_addr_valid+0x1db/0x2d0 [ 26.010750] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.010788] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.010827] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.010864] kasan_report+0x141/0x180 [ 26.010903] ? kasan_atomics_helper+0x1eaa/0x5450 [ 26.010949] kasan_check_range+0x10c/0x1c0 [ 26.010982] __kasan_check_write+0x18/0x20 [ 26.011016] kasan_atomics_helper+0x1eaa/0x5450 [ 26.011091] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.011136] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.011174] ? kasan_atomics+0x152/0x310 [ 26.011211] kasan_atomics+0x1dc/0x310 [ 26.011243] ? __pfx_kasan_atomics+0x10/0x10 [ 26.011279] ? __pfx_read_tsc+0x10/0x10 [ 26.011345] ? ktime_get_ts64+0x86/0x230 [ 26.011387] kunit_try_run_case+0x1a5/0x480 [ 26.011430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.011467] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.011508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.011546] ? __kthread_parkme+0x82/0x180 [ 26.011583] ? preempt_count_sub+0x50/0x80 [ 26.011622] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.011661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.011698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.011737] kthread+0x337/0x6f0 [ 26.011764] ? trace_preempt_on+0x20/0xc0 [ 26.011803] ? __pfx_kthread+0x10/0x10 [ 26.011833] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.011867] ? calculate_sigpending+0x7b/0xa0 [ 26.011917] ? __pfx_kthread+0x10/0x10 [ 26.011949] ret_from_fork+0x41/0x80 [ 26.011985] ? __pfx_kthread+0x10/0x10 [ 26.012015] ret_from_fork_asm+0x1a/0x30 [ 26.012088] </TASK> [ 26.012112] [ 26.031804] Allocated by task 285: [ 26.032274] kasan_save_stack+0x45/0x70 [ 26.032666] kasan_save_track+0x18/0x40 [ 26.033050] kasan_save_alloc_info+0x3b/0x50 [ 26.033543] __kasan_kmalloc+0xb7/0xc0 [ 26.033964] __kmalloc_cache_noprof+0x189/0x420 [ 26.034508] kasan_atomics+0x95/0x310 [ 26.034828] kunit_try_run_case+0x1a5/0x480 [ 26.035265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.035836] kthread+0x337/0x6f0 [ 26.036285] ret_from_fork+0x41/0x80 [ 26.036797] ret_from_fork_asm+0x1a/0x30 [ 26.037213] [ 26.037567] The buggy address belongs to the object at ffff888102ef1180 [ 26.037567] which belongs to the cache kmalloc-64 of size 64 [ 26.038623] The buggy address is located 0 bytes to the right of [ 26.038623] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.039734] [ 26.039958] The buggy address belongs to the physical page: [ 26.040692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.041534] flags: 0x200000000000000(node=0|zone=2) [ 26.042132] page_type: f5(slab) [ 26.042477] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.043157] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.043764] page dumped because: kasan: bad access detected [ 26.044420] [ 26.044698] Memory state around the buggy address: [ 26.045231] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.045885] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.046820] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.047529] ^ [ 26.048056] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.048698] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.049245] ================================================================== [ 23.913158] ================================================================== [ 23.914732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 23.915662] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.915932] [ 23.916063] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.916132] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.916151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.916183] Call Trace: [ 23.916209] <TASK> [ 23.916234] dump_stack_lvl+0x73/0xb0 [ 23.916277] print_report+0xd1/0x650 [ 23.916343] ? __virt_addr_valid+0x1db/0x2d0 [ 23.916379] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.916413] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.916448] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.916482] kasan_report+0x141/0x180 [ 23.916518] ? kasan_atomics_helper+0x5fe/0x5450 [ 23.916560] kasan_check_range+0x10c/0x1c0 [ 23.916593] __kasan_check_write+0x18/0x20 [ 23.916625] kasan_atomics_helper+0x5fe/0x5450 [ 23.916661] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.916696] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.916731] ? kasan_atomics+0x152/0x310 [ 23.916769] kasan_atomics+0x1dc/0x310 [ 23.916799] ? __pfx_kasan_atomics+0x10/0x10 [ 23.916831] ? __pfx_read_tsc+0x10/0x10 [ 23.916865] ? ktime_get_ts64+0x86/0x230 [ 23.916907] kunit_try_run_case+0x1a5/0x480 [ 23.916946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.916981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.917019] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.917056] ? __kthread_parkme+0x82/0x180 [ 23.917090] ? preempt_count_sub+0x50/0x80 [ 23.917128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.917165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.917200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.917236] kthread+0x337/0x6f0 [ 23.917261] ? trace_preempt_on+0x20/0xc0 [ 23.917710] ? __pfx_kthread+0x10/0x10 [ 23.918378] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.918424] ? calculate_sigpending+0x7b/0xa0 [ 23.918464] ? __pfx_kthread+0x10/0x10 [ 23.918493] ret_from_fork+0x41/0x80 [ 23.918532] ? __pfx_kthread+0x10/0x10 [ 23.918562] ret_from_fork_asm+0x1a/0x30 [ 23.918609] </TASK> [ 23.918629] [ 23.945322] Allocated by task 285: [ 23.945771] kasan_save_stack+0x45/0x70 [ 23.946622] kasan_save_track+0x18/0x40 [ 23.946938] kasan_save_alloc_info+0x3b/0x50 [ 23.947791] __kasan_kmalloc+0xb7/0xc0 [ 23.948217] __kmalloc_cache_noprof+0x189/0x420 [ 23.948693] kasan_atomics+0x95/0x310 [ 23.949049] kunit_try_run_case+0x1a5/0x480 [ 23.949894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.950746] kthread+0x337/0x6f0 [ 23.951082] ret_from_fork+0x41/0x80 [ 23.951663] ret_from_fork_asm+0x1a/0x30 [ 23.952350] [ 23.952538] The buggy address belongs to the object at ffff888102ef1180 [ 23.952538] which belongs to the cache kmalloc-64 of size 64 [ 23.953827] The buggy address is located 0 bytes to the right of [ 23.953827] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.955158] [ 23.955357] The buggy address belongs to the physical page: [ 23.955750] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.956551] flags: 0x200000000000000(node=0|zone=2) [ 23.956911] page_type: f5(slab) [ 23.957270] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.958303] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.958891] page dumped because: kasan: bad access detected [ 23.959729] [ 23.960126] Memory state around the buggy address: [ 23.960800] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.961540] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.962100] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.962728] ^ [ 23.963259] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.963902] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.964551] ================================================================== [ 24.370710] ================================================================== [ 24.371724] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 24.372686] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.373474] [ 24.373806] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.373969] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.374013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.374097] Call Trace: [ 24.374157] <TASK> [ 24.374263] dump_stack_lvl+0x73/0xb0 [ 24.374442] print_report+0xd1/0x650 [ 24.374556] ? __virt_addr_valid+0x1db/0x2d0 [ 24.374635] ? kasan_atomics_helper+0xc70/0x5450 [ 24.374712] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.374790] ? kasan_atomics_helper+0xc70/0x5450 [ 24.374865] kasan_report+0x141/0x180 [ 24.374928] ? kasan_atomics_helper+0xc70/0x5450 [ 24.375010] kasan_check_range+0x10c/0x1c0 [ 24.375100] __kasan_check_write+0x18/0x20 [ 24.375239] kasan_atomics_helper+0xc70/0x5450 [ 24.375370] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.375487] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.375617] ? kasan_atomics+0x152/0x310 [ 24.375710] kasan_atomics+0x1dc/0x310 [ 24.375842] ? __pfx_kasan_atomics+0x10/0x10 [ 24.375963] ? __pfx_read_tsc+0x10/0x10 [ 24.376043] ? ktime_get_ts64+0x86/0x230 [ 24.376207] kunit_try_run_case+0x1a5/0x480 [ 24.376341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.376419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.376562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.376675] ? __kthread_parkme+0x82/0x180 [ 24.376758] ? preempt_count_sub+0x50/0x80 [ 24.376889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.376970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.377049] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.377135] kthread+0x337/0x6f0 [ 24.377170] ? trace_preempt_on+0x20/0xc0 [ 24.377210] ? __pfx_kthread+0x10/0x10 [ 24.377239] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.377272] ? calculate_sigpending+0x7b/0xa0 [ 24.377332] ? __pfx_kthread+0x10/0x10 [ 24.377364] ret_from_fork+0x41/0x80 [ 24.377400] ? __pfx_kthread+0x10/0x10 [ 24.377430] ret_from_fork_asm+0x1a/0x30 [ 24.377477] </TASK> [ 24.377495] [ 24.392842] Allocated by task 285: [ 24.393315] kasan_save_stack+0x45/0x70 [ 24.393795] kasan_save_track+0x18/0x40 [ 24.394258] kasan_save_alloc_info+0x3b/0x50 [ 24.394610] __kasan_kmalloc+0xb7/0xc0 [ 24.395008] __kmalloc_cache_noprof+0x189/0x420 [ 24.395548] kasan_atomics+0x95/0x310 [ 24.400079] kunit_try_run_case+0x1a5/0x480 [ 24.401331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.403236] kthread+0x337/0x6f0 [ 24.403502] ret_from_fork+0x41/0x80 [ 24.403756] ret_from_fork_asm+0x1a/0x30 [ 24.404056] [ 24.404239] The buggy address belongs to the object at ffff888102ef1180 [ 24.404239] which belongs to the cache kmalloc-64 of size 64 [ 24.408341] The buggy address is located 0 bytes to the right of [ 24.408341] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.411812] [ 24.411946] The buggy address belongs to the physical page: [ 24.412865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.413960] flags: 0x200000000000000(node=0|zone=2) [ 24.414450] page_type: f5(slab) [ 24.414842] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.415687] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.416591] page dumped because: kasan: bad access detected [ 24.417426] [ 24.417611] Memory state around the buggy address: [ 24.418248] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.418863] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.419818] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.420458] ^ [ 24.420922] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.421474] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.422203] ================================================================== [ 24.957064] ================================================================== [ 24.957928] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 24.958744] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.960364] [ 24.960600] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.961052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.961093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.961129] Call Trace: [ 24.961159] <TASK> [ 24.961187] dump_stack_lvl+0x73/0xb0 [ 24.961236] print_report+0xd1/0x650 [ 24.961278] ? __virt_addr_valid+0x1db/0x2d0 [ 24.961343] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.961381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.961418] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.961454] kasan_report+0x141/0x180 [ 24.961492] ? kasan_atomics_helper+0x49e8/0x5450 [ 24.961535] __asan_report_load4_noabort+0x18/0x20 [ 24.961570] kasan_atomics_helper+0x49e8/0x5450 [ 24.961607] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.961643] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.961681] ? kasan_atomics+0x152/0x310 [ 24.961717] kasan_atomics+0x1dc/0x310 [ 24.961749] ? __pfx_kasan_atomics+0x10/0x10 [ 24.961783] ? __pfx_read_tsc+0x10/0x10 [ 24.961817] ? ktime_get_ts64+0x86/0x230 [ 24.961859] kunit_try_run_case+0x1a5/0x480 [ 24.961901] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.961938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.961980] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.962019] ? __kthread_parkme+0x82/0x180 [ 24.962081] ? preempt_count_sub+0x50/0x80 [ 24.962125] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.962165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.962205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.962244] kthread+0x337/0x6f0 [ 24.962273] ? trace_preempt_on+0x20/0xc0 [ 24.962337] ? __pfx_kthread+0x10/0x10 [ 24.962370] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.962406] ? calculate_sigpending+0x7b/0xa0 [ 24.962443] ? __pfx_kthread+0x10/0x10 [ 24.962472] ret_from_fork+0x41/0x80 [ 24.962511] ? __pfx_kthread+0x10/0x10 [ 24.962540] ret_from_fork_asm+0x1a/0x30 [ 24.962591] </TASK> [ 24.962610] [ 24.980690] Allocated by task 285: [ 24.981022] kasan_save_stack+0x45/0x70 [ 24.981552] kasan_save_track+0x18/0x40 [ 24.981980] kasan_save_alloc_info+0x3b/0x50 [ 24.982598] __kasan_kmalloc+0xb7/0xc0 [ 24.983261] __kmalloc_cache_noprof+0x189/0x420 [ 24.983951] kasan_atomics+0x95/0x310 [ 24.984323] kunit_try_run_case+0x1a5/0x480 [ 24.984702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.985541] kthread+0x337/0x6f0 [ 24.986008] ret_from_fork+0x41/0x80 [ 24.986604] ret_from_fork_asm+0x1a/0x30 [ 24.987018] [ 24.987395] The buggy address belongs to the object at ffff888102ef1180 [ 24.987395] which belongs to the cache kmalloc-64 of size 64 [ 24.988639] The buggy address is located 0 bytes to the right of [ 24.988639] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.989707] [ 24.990140] The buggy address belongs to the physical page: [ 24.990758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.991572] flags: 0x200000000000000(node=0|zone=2) [ 24.992163] page_type: f5(slab) [ 24.992635] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.993455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.994194] page dumped because: kasan: bad access detected [ 24.994662] [ 24.994916] Memory state around the buggy address: [ 24.995444] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.996063] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.996745] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.997317] ^ [ 24.997921] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.998642] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.999382] ================================================================== [ 25.825372] ================================================================== [ 25.825924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 25.826794] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.827456] [ 25.827737] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.828133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.828200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.828265] Call Trace: [ 25.828334] <TASK> [ 25.828389] dump_stack_lvl+0x73/0xb0 [ 25.828479] print_report+0xd1/0x650 [ 25.828561] ? __virt_addr_valid+0x1db/0x2d0 [ 25.828635] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.828708] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.828785] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.828864] kasan_report+0x141/0x180 [ 25.829024] ? kasan_atomics_helper+0x4f30/0x5450 [ 25.829252] __asan_report_load8_noabort+0x18/0x20 [ 25.829350] kasan_atomics_helper+0x4f30/0x5450 [ 25.829419] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.829464] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.829505] ? kasan_atomics+0x152/0x310 [ 25.829543] kasan_atomics+0x1dc/0x310 [ 25.829576] ? __pfx_kasan_atomics+0x10/0x10 [ 25.829609] ? __pfx_read_tsc+0x10/0x10 [ 25.829644] ? ktime_get_ts64+0x86/0x230 [ 25.829686] kunit_try_run_case+0x1a5/0x480 [ 25.829727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.829765] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.829804] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.829844] ? __kthread_parkme+0x82/0x180 [ 25.829882] ? preempt_count_sub+0x50/0x80 [ 25.829922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.829962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.830001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.830067] kthread+0x337/0x6f0 [ 25.830115] ? trace_preempt_on+0x20/0xc0 [ 25.830157] ? __pfx_kthread+0x10/0x10 [ 25.830189] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.830227] ? calculate_sigpending+0x7b/0xa0 [ 25.830268] ? __pfx_kthread+0x10/0x10 [ 25.830323] ret_from_fork+0x41/0x80 [ 25.830365] ? __pfx_kthread+0x10/0x10 [ 25.830397] ret_from_fork_asm+0x1a/0x30 [ 25.830446] </TASK> [ 25.830464] [ 25.850921] Allocated by task 285: [ 25.851959] kasan_save_stack+0x45/0x70 [ 25.852620] kasan_save_track+0x18/0x40 [ 25.853028] kasan_save_alloc_info+0x3b/0x50 [ 25.853715] __kasan_kmalloc+0xb7/0xc0 [ 25.854104] __kmalloc_cache_noprof+0x189/0x420 [ 25.854684] kasan_atomics+0x95/0x310 [ 25.855037] kunit_try_run_case+0x1a5/0x480 [ 25.855820] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.856561] kthread+0x337/0x6f0 [ 25.857037] ret_from_fork+0x41/0x80 [ 25.857427] ret_from_fork_asm+0x1a/0x30 [ 25.858051] [ 25.858313] The buggy address belongs to the object at ffff888102ef1180 [ 25.858313] which belongs to the cache kmalloc-64 of size 64 [ 25.859170] The buggy address is located 0 bytes to the right of [ 25.859170] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.860519] [ 25.860898] The buggy address belongs to the physical page: [ 25.861448] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.862582] flags: 0x200000000000000(node=0|zone=2) [ 25.862974] page_type: f5(slab) [ 25.863426] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.864461] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.865168] page dumped because: kasan: bad access detected [ 25.865684] [ 25.866311] Memory state around the buggy address: [ 25.866816] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.867590] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.868338] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.868994] ^ [ 25.869697] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.870264] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.870853] ================================================================== [ 25.460636] ================================================================== [ 25.461868] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 25.463418] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.463819] [ 25.464097] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.464224] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.465641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.465696] Call Trace: [ 25.465740] <TASK> [ 25.465783] dump_stack_lvl+0x73/0xb0 [ 25.465857] print_report+0xd1/0x650 [ 25.465919] ? __virt_addr_valid+0x1db/0x2d0 [ 25.465973] ? kasan_atomics_helper+0x177f/0x5450 [ 25.466029] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.466146] ? kasan_atomics_helper+0x177f/0x5450 [ 25.466219] kasan_report+0x141/0x180 [ 25.466281] ? kasan_atomics_helper+0x177f/0x5450 [ 25.466393] kasan_check_range+0x10c/0x1c0 [ 25.466452] __kasan_check_write+0x18/0x20 [ 25.466506] kasan_atomics_helper+0x177f/0x5450 [ 25.466568] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.466625] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.466684] ? kasan_atomics+0x152/0x310 [ 25.466744] kasan_atomics+0x1dc/0x310 [ 25.466793] ? __pfx_kasan_atomics+0x10/0x10 [ 25.466849] ? __pfx_read_tsc+0x10/0x10 [ 25.466911] ? ktime_get_ts64+0x86/0x230 [ 25.466974] kunit_try_run_case+0x1a5/0x480 [ 25.467071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.467140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.467217] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.467286] ? __kthread_parkme+0x82/0x180 [ 25.467374] ? preempt_count_sub+0x50/0x80 [ 25.467445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.467521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.467600] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.467672] kthread+0x337/0x6f0 [ 25.467733] ? trace_preempt_on+0x20/0xc0 [ 25.467816] ? __pfx_kthread+0x10/0x10 [ 25.467896] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.467965] ? calculate_sigpending+0x7b/0xa0 [ 25.468031] ? __pfx_kthread+0x10/0x10 [ 25.468143] ret_from_fork+0x41/0x80 [ 25.468218] ? __pfx_kthread+0x10/0x10 [ 25.468280] ret_from_fork_asm+0x1a/0x30 [ 25.468402] </TASK> [ 25.468442] [ 25.491223] Allocated by task 285: [ 25.492567] kasan_save_stack+0x45/0x70 [ 25.492935] kasan_save_track+0x18/0x40 [ 25.494468] kasan_save_alloc_info+0x3b/0x50 [ 25.495085] __kasan_kmalloc+0xb7/0xc0 [ 25.495550] __kmalloc_cache_noprof+0x189/0x420 [ 25.496070] kasan_atomics+0x95/0x310 [ 25.496802] kunit_try_run_case+0x1a5/0x480 [ 25.497732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.498260] kthread+0x337/0x6f0 [ 25.498651] ret_from_fork+0x41/0x80 [ 25.498973] ret_from_fork_asm+0x1a/0x30 [ 25.499822] [ 25.500482] The buggy address belongs to the object at ffff888102ef1180 [ 25.500482] which belongs to the cache kmalloc-64 of size 64 [ 25.501348] The buggy address is located 0 bytes to the right of [ 25.501348] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.502365] [ 25.502627] The buggy address belongs to the physical page: [ 25.503070] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.504216] flags: 0x200000000000000(node=0|zone=2) [ 25.505379] page_type: f5(slab) [ 25.505742] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.506652] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.507621] page dumped because: kasan: bad access detected [ 25.508089] [ 25.508262] Memory state around the buggy address: [ 25.508590] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.509888] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.510670] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.511418] ^ [ 25.511958] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.512835] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.513878] ================================================================== [ 24.327462] ================================================================== [ 24.328085] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 24.328670] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.329986] [ 24.330364] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.330572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.330616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.330678] Call Trace: [ 24.330729] <TASK> [ 24.330782] dump_stack_lvl+0x73/0xb0 [ 24.330869] print_report+0xd1/0x650 [ 24.330951] ? __virt_addr_valid+0x1db/0x2d0 [ 24.331028] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.331154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.331235] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.331331] kasan_report+0x141/0x180 [ 24.331399] ? kasan_atomics_helper+0xb6a/0x5450 [ 24.331444] kasan_check_range+0x10c/0x1c0 [ 24.331477] __kasan_check_write+0x18/0x20 [ 24.331508] kasan_atomics_helper+0xb6a/0x5450 [ 24.331543] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.331577] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.331615] ? kasan_atomics+0x152/0x310 [ 24.331648] kasan_atomics+0x1dc/0x310 [ 24.331677] ? __pfx_kasan_atomics+0x10/0x10 [ 24.331711] ? __pfx_read_tsc+0x10/0x10 [ 24.331745] ? ktime_get_ts64+0x86/0x230 [ 24.331785] kunit_try_run_case+0x1a5/0x480 [ 24.331825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.331862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.331925] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.331962] ? __kthread_parkme+0x82/0x180 [ 24.331997] ? preempt_count_sub+0x50/0x80 [ 24.332053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.332117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.332156] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.332192] kthread+0x337/0x6f0 [ 24.332218] ? trace_preempt_on+0x20/0xc0 [ 24.332256] ? __pfx_kthread+0x10/0x10 [ 24.332282] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.332361] ? calculate_sigpending+0x7b/0xa0 [ 24.332416] ? __pfx_kthread+0x10/0x10 [ 24.332447] ret_from_fork+0x41/0x80 [ 24.332484] ? __pfx_kthread+0x10/0x10 [ 24.332511] ret_from_fork_asm+0x1a/0x30 [ 24.332560] </TASK> [ 24.332577] [ 24.349771] Allocated by task 285: [ 24.350270] kasan_save_stack+0x45/0x70 [ 24.350913] kasan_save_track+0x18/0x40 [ 24.351412] kasan_save_alloc_info+0x3b/0x50 [ 24.351922] __kasan_kmalloc+0xb7/0xc0 [ 24.352375] __kmalloc_cache_noprof+0x189/0x420 [ 24.352982] kasan_atomics+0x95/0x310 [ 24.353506] kunit_try_run_case+0x1a5/0x480 [ 24.353969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.354537] kthread+0x337/0x6f0 [ 24.354929] ret_from_fork+0x41/0x80 [ 24.355505] ret_from_fork_asm+0x1a/0x30 [ 24.355831] [ 24.356049] The buggy address belongs to the object at ffff888102ef1180 [ 24.356049] which belongs to the cache kmalloc-64 of size 64 [ 24.357228] The buggy address is located 0 bytes to the right of [ 24.357228] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.358399] [ 24.358726] The buggy address belongs to the physical page: [ 24.359379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.359994] flags: 0x200000000000000(node=0|zone=2) [ 24.360789] page_type: f5(slab) [ 24.361265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.362096] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.362970] page dumped because: kasan: bad access detected [ 24.363550] [ 24.363757] Memory state around the buggy address: [ 24.364449] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.364901] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.365741] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.366565] ^ [ 24.367091] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.367797] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.368459] ================================================================== [ 23.528474] ================================================================== [ 23.529165] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 23.529970] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.530725] [ 23.530931] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.531163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.531206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.531264] Call Trace: [ 23.531332] <TASK> [ 23.531384] dump_stack_lvl+0x73/0xb0 [ 23.531469] print_report+0xd1/0x650 [ 23.531610] ? __virt_addr_valid+0x1db/0x2d0 [ 23.531788] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.531867] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.531954] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.532029] kasan_report+0x141/0x180 [ 23.532271] ? kasan_atomics_helper+0x4ba2/0x5450 [ 23.532396] __asan_report_store4_noabort+0x1b/0x30 [ 23.532473] kasan_atomics_helper+0x4ba2/0x5450 [ 23.532551] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.532626] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.532759] ? kasan_atomics+0x152/0x310 [ 23.532869] kasan_atomics+0x1dc/0x310 [ 23.532942] ? __pfx_kasan_atomics+0x10/0x10 [ 23.533130] ? __pfx_read_tsc+0x10/0x10 [ 23.533207] ? ktime_get_ts64+0x86/0x230 [ 23.533275] kunit_try_run_case+0x1a5/0x480 [ 23.533348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.533386] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.533424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.533461] ? __kthread_parkme+0x82/0x180 [ 23.533495] ? preempt_count_sub+0x50/0x80 [ 23.533533] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.533569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.533602] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.533637] kthread+0x337/0x6f0 [ 23.533661] ? trace_preempt_on+0x20/0xc0 [ 23.533698] ? __pfx_kthread+0x10/0x10 [ 23.533724] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.533757] ? calculate_sigpending+0x7b/0xa0 [ 23.533792] ? __pfx_kthread+0x10/0x10 [ 23.533817] ret_from_fork+0x41/0x80 [ 23.533850] ? __pfx_kthread+0x10/0x10 [ 23.533877] ret_from_fork_asm+0x1a/0x30 [ 23.533921] </TASK> [ 23.533937] [ 23.553937] Allocated by task 285: [ 23.554574] kasan_save_stack+0x45/0x70 [ 23.554966] kasan_save_track+0x18/0x40 [ 23.555713] kasan_save_alloc_info+0x3b/0x50 [ 23.556371] __kasan_kmalloc+0xb7/0xc0 [ 23.556708] __kmalloc_cache_noprof+0x189/0x420 [ 23.557081] kasan_atomics+0x95/0x310 [ 23.557427] kunit_try_run_case+0x1a5/0x480 [ 23.557911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.558491] kthread+0x337/0x6f0 [ 23.558891] ret_from_fork+0x41/0x80 [ 23.559357] ret_from_fork_asm+0x1a/0x30 [ 23.559764] [ 23.560028] The buggy address belongs to the object at ffff888102ef1180 [ 23.560028] which belongs to the cache kmalloc-64 of size 64 [ 23.560933] The buggy address is located 0 bytes to the right of [ 23.560933] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.561911] [ 23.562786] The buggy address belongs to the physical page: [ 23.563391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.564114] flags: 0x200000000000000(node=0|zone=2) [ 23.564593] page_type: f5(slab) [ 23.564987] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.567560] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.568401] page dumped because: kasan: bad access detected [ 23.568744] [ 23.568877] Memory state around the buggy address: [ 23.569256] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.570441] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.571007] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.571709] ^ [ 23.572287] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.572890] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.573610] ================================================================== [ 26.290162] ================================================================== [ 26.290735] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 26.291776] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.292371] [ 26.292659] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.292866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.292914] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.292978] Call Trace: [ 26.293090] <TASK> [ 26.293150] dump_stack_lvl+0x73/0xb0 [ 26.293239] print_report+0xd1/0x650 [ 26.293360] ? __virt_addr_valid+0x1db/0x2d0 [ 26.293441] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.293516] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.293650] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.293790] kasan_report+0x141/0x180 [ 26.293939] ? kasan_atomics_helper+0x4fb2/0x5450 [ 26.294039] __asan_report_load8_noabort+0x18/0x20 [ 26.294156] kasan_atomics_helper+0x4fb2/0x5450 [ 26.294246] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.294322] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.294368] ? kasan_atomics+0x152/0x310 [ 26.294406] kasan_atomics+0x1dc/0x310 [ 26.294436] ? __pfx_kasan_atomics+0x10/0x10 [ 26.294470] ? __pfx_read_tsc+0x10/0x10 [ 26.294505] ? ktime_get_ts64+0x86/0x230 [ 26.294545] kunit_try_run_case+0x1a5/0x480 [ 26.294585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.294622] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.294661] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.294698] ? __kthread_parkme+0x82/0x180 [ 26.294733] ? preempt_count_sub+0x50/0x80 [ 26.294770] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.294809] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.294845] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.294882] kthread+0x337/0x6f0 [ 26.294909] ? trace_preempt_on+0x20/0xc0 [ 26.294954] ? __pfx_kthread+0x10/0x10 [ 26.295023] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.295137] ? calculate_sigpending+0x7b/0xa0 [ 26.295221] ? __pfx_kthread+0x10/0x10 [ 26.295311] ret_from_fork+0x41/0x80 [ 26.295380] ? __pfx_kthread+0x10/0x10 [ 26.295452] ret_from_fork_asm+0x1a/0x30 [ 26.295550] </TASK> [ 26.295579] [ 26.311886] Allocated by task 285: [ 26.312503] kasan_save_stack+0x45/0x70 [ 26.313021] kasan_save_track+0x18/0x40 [ 26.313573] kasan_save_alloc_info+0x3b/0x50 [ 26.313939] __kasan_kmalloc+0xb7/0xc0 [ 26.314317] __kmalloc_cache_noprof+0x189/0x420 [ 26.314763] kasan_atomics+0x95/0x310 [ 26.315079] kunit_try_run_case+0x1a5/0x480 [ 26.315583] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.316194] kthread+0x337/0x6f0 [ 26.316642] ret_from_fork+0x41/0x80 [ 26.317147] ret_from_fork_asm+0x1a/0x30 [ 26.317664] [ 26.317978] The buggy address belongs to the object at ffff888102ef1180 [ 26.317978] which belongs to the cache kmalloc-64 of size 64 [ 26.318961] The buggy address is located 0 bytes to the right of [ 26.318961] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.320130] [ 26.320517] The buggy address belongs to the physical page: [ 26.321093] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.321889] flags: 0x200000000000000(node=0|zone=2) [ 26.322516] page_type: f5(slab) [ 26.322965] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.323750] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.325289] page dumped because: kasan: bad access detected [ 26.326245] [ 26.326426] Memory state around the buggy address: [ 26.327168] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.327727] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.328526] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.329500] ^ [ 26.330161] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.330819] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.331623] ================================================================== [ 25.177599] ================================================================== [ 25.178689] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 25.179582] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.180110] [ 25.180435] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.180574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.180618] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.180680] Call Trace: [ 25.180737] <TASK> [ 25.180785] dump_stack_lvl+0x73/0xb0 [ 25.180864] print_report+0xd1/0x650 [ 25.180938] ? __virt_addr_valid+0x1db/0x2d0 [ 25.181009] ? kasan_atomics_helper+0x1467/0x5450 [ 25.181090] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.181239] ? kasan_atomics_helper+0x1467/0x5450 [ 25.181346] kasan_report+0x141/0x180 [ 25.181432] ? kasan_atomics_helper+0x1467/0x5450 [ 25.181524] kasan_check_range+0x10c/0x1c0 [ 25.181654] __kasan_check_write+0x18/0x20 [ 25.181739] kasan_atomics_helper+0x1467/0x5450 [ 25.181841] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.181927] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.182058] ? kasan_atomics+0x152/0x310 [ 25.182160] kasan_atomics+0x1dc/0x310 [ 25.182252] ? __pfx_kasan_atomics+0x10/0x10 [ 25.182362] ? __pfx_read_tsc+0x10/0x10 [ 25.182482] ? ktime_get_ts64+0x86/0x230 [ 25.182575] kunit_try_run_case+0x1a5/0x480 [ 25.182665] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.182743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.182871] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.182967] ? __kthread_parkme+0x82/0x180 [ 25.183055] ? preempt_count_sub+0x50/0x80 [ 25.183150] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.183272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.183386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.183516] kthread+0x337/0x6f0 [ 25.183626] ? trace_preempt_on+0x20/0xc0 [ 25.183745] ? __pfx_kthread+0x10/0x10 [ 25.183814] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.183903] ? calculate_sigpending+0x7b/0xa0 [ 25.183988] ? __pfx_kthread+0x10/0x10 [ 25.184076] ret_from_fork+0x41/0x80 [ 25.184157] ? __pfx_kthread+0x10/0x10 [ 25.184225] ret_from_fork_asm+0x1a/0x30 [ 25.184346] </TASK> [ 25.184391] [ 25.210869] Allocated by task 285: [ 25.211063] kasan_save_stack+0x45/0x70 [ 25.211253] kasan_save_track+0x18/0x40 [ 25.212862] kasan_save_alloc_info+0x3b/0x50 [ 25.213702] __kasan_kmalloc+0xb7/0xc0 [ 25.214414] __kmalloc_cache_noprof+0x189/0x420 [ 25.214976] kasan_atomics+0x95/0x310 [ 25.215462] kunit_try_run_case+0x1a5/0x480 [ 25.216160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.216843] kthread+0x337/0x6f0 [ 25.217283] ret_from_fork+0x41/0x80 [ 25.217692] ret_from_fork_asm+0x1a/0x30 [ 25.218035] [ 25.218933] The buggy address belongs to the object at ffff888102ef1180 [ 25.218933] which belongs to the cache kmalloc-64 of size 64 [ 25.220338] The buggy address is located 0 bytes to the right of [ 25.220338] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.220902] [ 25.221010] The buggy address belongs to the physical page: [ 25.221881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.223226] flags: 0x200000000000000(node=0|zone=2) [ 25.223933] page_type: f5(slab) [ 25.224240] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.224972] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.225804] page dumped because: kasan: bad access detected [ 25.226808] [ 25.227028] Memory state around the buggy address: [ 25.227690] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.228582] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.229039] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.229710] ^ [ 25.230069] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.230734] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.231405] ================================================================== [ 26.378750] ================================================================== [ 26.379844] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 26.381274] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.383004] [ 26.383492] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.383603] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.383626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.383661] Call Trace: [ 26.383686] <TASK> [ 26.383742] dump_stack_lvl+0x73/0xb0 [ 26.383814] print_report+0xd1/0x650 [ 26.383859] ? __virt_addr_valid+0x1db/0x2d0 [ 26.383911] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.383949] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.383986] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.384022] kasan_report+0x141/0x180 [ 26.384356] ? kasan_atomics_helper+0x4fa5/0x5450 [ 26.384416] __asan_report_load8_noabort+0x18/0x20 [ 26.384456] kasan_atomics_helper+0x4fa5/0x5450 [ 26.384496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.384533] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.384572] ? kasan_atomics+0x152/0x310 [ 26.384607] kasan_atomics+0x1dc/0x310 [ 26.384637] ? __pfx_kasan_atomics+0x10/0x10 [ 26.384668] ? __pfx_read_tsc+0x10/0x10 [ 26.384703] ? ktime_get_ts64+0x86/0x230 [ 26.384745] kunit_try_run_case+0x1a5/0x480 [ 26.384785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.384820] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.384858] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.384896] ? __kthread_parkme+0x82/0x180 [ 26.384931] ? preempt_count_sub+0x50/0x80 [ 26.384970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.385009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.385088] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.385136] kthread+0x337/0x6f0 [ 26.385167] ? trace_preempt_on+0x20/0xc0 [ 26.385208] ? __pfx_kthread+0x10/0x10 [ 26.385236] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.385270] ? calculate_sigpending+0x7b/0xa0 [ 26.385330] ? __pfx_kthread+0x10/0x10 [ 26.385364] ret_from_fork+0x41/0x80 [ 26.385401] ? __pfx_kthread+0x10/0x10 [ 26.385428] ret_from_fork_asm+0x1a/0x30 [ 26.385476] </TASK> [ 26.385494] [ 26.404975] Allocated by task 285: [ 26.405997] kasan_save_stack+0x45/0x70 [ 26.406522] kasan_save_track+0x18/0x40 [ 26.407838] kasan_save_alloc_info+0x3b/0x50 [ 26.408381] __kasan_kmalloc+0xb7/0xc0 [ 26.408794] __kmalloc_cache_noprof+0x189/0x420 [ 26.409473] kasan_atomics+0x95/0x310 [ 26.410030] kunit_try_run_case+0x1a5/0x480 [ 26.410643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.411395] kthread+0x337/0x6f0 [ 26.412041] ret_from_fork+0x41/0x80 [ 26.412411] ret_from_fork_asm+0x1a/0x30 [ 26.413118] [ 26.413345] The buggy address belongs to the object at ffff888102ef1180 [ 26.413345] which belongs to the cache kmalloc-64 of size 64 [ 26.414786] The buggy address is located 0 bytes to the right of [ 26.414786] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.416018] [ 26.416481] The buggy address belongs to the physical page: [ 26.416827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.417827] flags: 0x200000000000000(node=0|zone=2) [ 26.418226] page_type: f5(slab) [ 26.418660] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.419516] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.420350] page dumped because: kasan: bad access detected [ 26.420715] [ 26.421260] Memory state around the buggy address: [ 26.421687] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.422611] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.423145] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.423902] ^ [ 26.424830] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.425668] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.426314] ================================================================== [ 24.092127] ================================================================== [ 24.093097] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 24.094023] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.095359] [ 24.095645] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.095781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.095824] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.095897] Call Trace: [ 24.096521] <TASK> [ 24.096584] dump_stack_lvl+0x73/0xb0 [ 24.096672] print_report+0xd1/0x650 [ 24.096733] ? __virt_addr_valid+0x1db/0x2d0 [ 24.096770] ? kasan_atomics_helper+0x860/0x5450 [ 24.096806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.096841] ? kasan_atomics_helper+0x860/0x5450 [ 24.096877] kasan_report+0x141/0x180 [ 24.096912] ? kasan_atomics_helper+0x860/0x5450 [ 24.096955] kasan_check_range+0x10c/0x1c0 [ 24.096987] __kasan_check_write+0x18/0x20 [ 24.097018] kasan_atomics_helper+0x860/0x5450 [ 24.097093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.097133] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.097169] ? kasan_atomics+0x152/0x310 [ 24.097204] kasan_atomics+0x1dc/0x310 [ 24.097235] ? __pfx_kasan_atomics+0x10/0x10 [ 24.097267] ? __pfx_read_tsc+0x10/0x10 [ 24.097327] ? ktime_get_ts64+0x86/0x230 [ 24.097374] kunit_try_run_case+0x1a5/0x480 [ 24.097413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.097448] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.097486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.097523] ? __kthread_parkme+0x82/0x180 [ 24.097557] ? preempt_count_sub+0x50/0x80 [ 24.097595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.097632] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.097668] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.097703] kthread+0x337/0x6f0 [ 24.097729] ? trace_preempt_on+0x20/0xc0 [ 24.097766] ? __pfx_kthread+0x10/0x10 [ 24.097794] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.097826] ? calculate_sigpending+0x7b/0xa0 [ 24.097862] ? __pfx_kthread+0x10/0x10 [ 24.097890] ret_from_fork+0x41/0x80 [ 24.097925] ? __pfx_kthread+0x10/0x10 [ 24.097955] ret_from_fork_asm+0x1a/0x30 [ 24.098000] </TASK> [ 24.098018] [ 24.112329] Allocated by task 285: [ 24.112765] kasan_save_stack+0x45/0x70 [ 24.113345] kasan_save_track+0x18/0x40 [ 24.113693] kasan_save_alloc_info+0x3b/0x50 [ 24.114092] __kasan_kmalloc+0xb7/0xc0 [ 24.114514] __kmalloc_cache_noprof+0x189/0x420 [ 24.114996] kasan_atomics+0x95/0x310 [ 24.115405] kunit_try_run_case+0x1a5/0x480 [ 24.115826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.116399] kthread+0x337/0x6f0 [ 24.116714] ret_from_fork+0x41/0x80 [ 24.117115] ret_from_fork_asm+0x1a/0x30 [ 24.117557] [ 24.117798] The buggy address belongs to the object at ffff888102ef1180 [ 24.117798] which belongs to the cache kmalloc-64 of size 64 [ 24.118709] The buggy address is located 0 bytes to the right of [ 24.118709] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.119847] [ 24.120107] The buggy address belongs to the physical page: [ 24.120573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.121172] flags: 0x200000000000000(node=0|zone=2) [ 24.121722] page_type: f5(slab) [ 24.122031] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.123497] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.124406] page dumped because: kasan: bad access detected [ 24.124910] [ 24.125140] Memory state around the buggy address: [ 24.125623] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.126167] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.128276] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.129410] ^ [ 24.129605] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.129848] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.130461] ================================================================== [ 23.485997] ================================================================== [ 23.487153] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 23.487949] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.488622] [ 23.488894] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.489108] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.489172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.489239] Call Trace: [ 23.489285] <TASK> [ 23.489408] dump_stack_lvl+0x73/0xb0 [ 23.489544] print_report+0xd1/0x650 [ 23.489622] ? __virt_addr_valid+0x1db/0x2d0 [ 23.489750] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.489853] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.489938] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.490067] kasan_report+0x141/0x180 [ 23.490176] ? kasan_atomics_helper+0x4bbc/0x5450 [ 23.490262] __asan_report_load4_noabort+0x18/0x20 [ 23.490340] kasan_atomics_helper+0x4bbc/0x5450 [ 23.490379] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.490416] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.490451] ? kasan_atomics+0x152/0x310 [ 23.490486] kasan_atomics+0x1dc/0x310 [ 23.490513] ? __pfx_kasan_atomics+0x10/0x10 [ 23.490544] ? __pfx_read_tsc+0x10/0x10 [ 23.490577] ? ktime_get_ts64+0x86/0x230 [ 23.490616] kunit_try_run_case+0x1a5/0x480 [ 23.490655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.490689] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.490727] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.490762] ? __kthread_parkme+0x82/0x180 [ 23.490797] ? preempt_count_sub+0x50/0x80 [ 23.490835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.490871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.490907] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.490941] kthread+0x337/0x6f0 [ 23.490964] ? trace_preempt_on+0x20/0xc0 [ 23.491002] ? __pfx_kthread+0x10/0x10 [ 23.491027] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.491088] ? calculate_sigpending+0x7b/0xa0 [ 23.491124] ? __pfx_kthread+0x10/0x10 [ 23.491150] ret_from_fork+0x41/0x80 [ 23.491185] ? __pfx_kthread+0x10/0x10 [ 23.491212] ret_from_fork_asm+0x1a/0x30 [ 23.491258] </TASK> [ 23.491274] [ 23.508967] Allocated by task 285: [ 23.509511] kasan_save_stack+0x45/0x70 [ 23.510039] kasan_save_track+0x18/0x40 [ 23.510535] kasan_save_alloc_info+0x3b/0x50 [ 23.511008] __kasan_kmalloc+0xb7/0xc0 [ 23.511440] __kmalloc_cache_noprof+0x189/0x420 [ 23.511890] kasan_atomics+0x95/0x310 [ 23.512452] kunit_try_run_case+0x1a5/0x480 [ 23.512966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.513587] kthread+0x337/0x6f0 [ 23.513950] ret_from_fork+0x41/0x80 [ 23.514468] ret_from_fork_asm+0x1a/0x30 [ 23.515015] [ 23.515346] The buggy address belongs to the object at ffff888102ef1180 [ 23.515346] which belongs to the cache kmalloc-64 of size 64 [ 23.516493] The buggy address is located 0 bytes to the right of [ 23.516493] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.517388] [ 23.517633] The buggy address belongs to the physical page: [ 23.518023] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.518831] flags: 0x200000000000000(node=0|zone=2) [ 23.519490] page_type: f5(slab) [ 23.519955] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.520684] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.521140] page dumped because: kasan: bad access detected [ 23.521522] [ 23.521752] Memory state around the buggy address: [ 23.522402] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.523190] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.523921] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.524656] ^ [ 23.525146] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.526086] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.526549] ================================================================== [ 23.859474] ================================================================== [ 23.859936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 23.861584] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.862080] [ 23.862381] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.862500] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.862534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.862588] Call Trace: [ 23.862636] <TASK> [ 23.862688] dump_stack_lvl+0x73/0xb0 [ 23.862770] print_report+0xd1/0x650 [ 23.862849] ? __virt_addr_valid+0x1db/0x2d0 [ 23.862926] ? kasan_atomics_helper+0x565/0x5450 [ 23.862999] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.863120] ? kasan_atomics_helper+0x565/0x5450 [ 23.863196] kasan_report+0x141/0x180 [ 23.863273] ? kasan_atomics_helper+0x565/0x5450 [ 23.863379] kasan_check_range+0x10c/0x1c0 [ 23.863450] __kasan_check_write+0x18/0x20 [ 23.863510] kasan_atomics_helper+0x565/0x5450 [ 23.863573] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.863640] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.863706] ? kasan_atomics+0x152/0x310 [ 23.863772] kasan_atomics+0x1dc/0x310 [ 23.863828] ? __pfx_kasan_atomics+0x10/0x10 [ 23.863903] ? __pfx_read_tsc+0x10/0x10 [ 23.863961] ? ktime_get_ts64+0x86/0x230 [ 23.864074] kunit_try_run_case+0x1a5/0x480 [ 23.864154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.864218] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.864311] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.864397] ? __kthread_parkme+0x82/0x180 [ 23.864475] ? preempt_count_sub+0x50/0x80 [ 23.864561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.864650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.864731] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.864810] kthread+0x337/0x6f0 [ 23.864874] ? trace_preempt_on+0x20/0xc0 [ 23.864951] ? __pfx_kthread+0x10/0x10 [ 23.865020] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.865145] ? calculate_sigpending+0x7b/0xa0 [ 23.865224] ? __pfx_kthread+0x10/0x10 [ 23.865326] ret_from_fork+0x41/0x80 [ 23.865412] ? __pfx_kthread+0x10/0x10 [ 23.865488] ret_from_fork_asm+0x1a/0x30 [ 23.865590] </TASK> [ 23.865633] [ 23.891242] Allocated by task 285: [ 23.891975] kasan_save_stack+0x45/0x70 [ 23.892645] kasan_save_track+0x18/0x40 [ 23.893182] kasan_save_alloc_info+0x3b/0x50 [ 23.893621] __kasan_kmalloc+0xb7/0xc0 [ 23.893972] __kmalloc_cache_noprof+0x189/0x420 [ 23.894773] kasan_atomics+0x95/0x310 [ 23.895159] kunit_try_run_case+0x1a5/0x480 [ 23.895905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.896799] kthread+0x337/0x6f0 [ 23.897175] ret_from_fork+0x41/0x80 [ 23.897823] ret_from_fork_asm+0x1a/0x30 [ 23.898233] [ 23.898460] The buggy address belongs to the object at ffff888102ef1180 [ 23.898460] which belongs to the cache kmalloc-64 of size 64 [ 23.899400] The buggy address is located 0 bytes to the right of [ 23.899400] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.901203] [ 23.901478] The buggy address belongs to the physical page: [ 23.902149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.902923] flags: 0x200000000000000(node=0|zone=2) [ 23.903587] page_type: f5(slab) [ 23.904142] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.904879] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.905729] page dumped because: kasan: bad access detected [ 23.906239] [ 23.906558] Memory state around the buggy address: [ 23.906895] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.908017] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.908753] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.909551] ^ [ 23.909980] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.910840] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.911571] ================================================================== [ 24.857130] ================================================================== [ 24.858640] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 24.859961] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.860521] [ 24.860764] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.860921] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.860993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.861087] Call Trace: [ 24.861172] <TASK> [ 24.861244] dump_stack_lvl+0x73/0xb0 [ 24.861375] print_report+0xd1/0x650 [ 24.861464] ? __virt_addr_valid+0x1db/0x2d0 [ 24.861544] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.861622] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.861703] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.861775] kasan_report+0x141/0x180 [ 24.861854] ? kasan_atomics_helper+0x4a02/0x5450 [ 24.861944] __asan_report_load4_noabort+0x18/0x20 [ 24.862020] kasan_atomics_helper+0x4a02/0x5450 [ 24.862103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.862165] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.862237] ? kasan_atomics+0x152/0x310 [ 24.862339] kasan_atomics+0x1dc/0x310 [ 24.862421] ? __pfx_kasan_atomics+0x10/0x10 [ 24.862501] ? __pfx_read_tsc+0x10/0x10 [ 24.862578] ? ktime_get_ts64+0x86/0x230 [ 24.862666] kunit_try_run_case+0x1a5/0x480 [ 24.862754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.862832] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.862919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.863022] ? __kthread_parkme+0x82/0x180 [ 24.863127] ? preempt_count_sub+0x50/0x80 [ 24.863213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.863311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.863397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.863475] kthread+0x337/0x6f0 [ 24.863539] ? trace_preempt_on+0x20/0xc0 [ 24.863619] ? __pfx_kthread+0x10/0x10 [ 24.863688] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.863760] ? calculate_sigpending+0x7b/0xa0 [ 24.863837] ? __pfx_kthread+0x10/0x10 [ 24.863921] ret_from_fork+0x41/0x80 [ 24.863993] ? __pfx_kthread+0x10/0x10 [ 24.864086] ret_from_fork_asm+0x1a/0x30 [ 24.864193] </TASK> [ 24.864232] [ 24.880010] Allocated by task 285: [ 24.880580] kasan_save_stack+0x45/0x70 [ 24.881069] kasan_save_track+0x18/0x40 [ 24.881547] kasan_save_alloc_info+0x3b/0x50 [ 24.881998] __kasan_kmalloc+0xb7/0xc0 [ 24.882436] __kmalloc_cache_noprof+0x189/0x420 [ 24.883005] kasan_atomics+0x95/0x310 [ 24.883432] kunit_try_run_case+0x1a5/0x480 [ 24.883929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.884745] kthread+0x337/0x6f0 [ 24.885147] ret_from_fork+0x41/0x80 [ 24.885524] ret_from_fork_asm+0x1a/0x30 [ 24.885860] [ 24.886059] The buggy address belongs to the object at ffff888102ef1180 [ 24.886059] which belongs to the cache kmalloc-64 of size 64 [ 24.886780] The buggy address is located 0 bytes to the right of [ 24.886780] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.887930] [ 24.888176] The buggy address belongs to the physical page: [ 24.888823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.889677] flags: 0x200000000000000(node=0|zone=2) [ 24.890200] page_type: f5(slab) [ 24.890546] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.891028] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.891454] page dumped because: kasan: bad access detected [ 24.891778] [ 24.891964] Memory state around the buggy address: [ 24.892269] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.892703] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.893554] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.894033] ^ [ 24.894668] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.895488] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.896159] ================================================================== [ 25.515626] ================================================================== [ 25.517550] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 25.518407] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.519037] [ 25.519478] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.519612] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.519652] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.519715] Call Trace: [ 25.519770] <TASK> [ 25.519825] dump_stack_lvl+0x73/0xb0 [ 25.520034] print_report+0xd1/0x650 [ 25.520153] ? __virt_addr_valid+0x1db/0x2d0 [ 25.520265] ? kasan_atomics_helper+0x1818/0x5450 [ 25.520385] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.520467] ? kasan_atomics_helper+0x1818/0x5450 [ 25.520599] kasan_report+0x141/0x180 [ 25.520764] ? kasan_atomics_helper+0x1818/0x5450 [ 25.520891] kasan_check_range+0x10c/0x1c0 [ 25.520969] __kasan_check_write+0x18/0x20 [ 25.521048] kasan_atomics_helper+0x1818/0x5450 [ 25.521185] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.521358] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.521473] ? kasan_atomics+0x152/0x310 [ 25.521556] kasan_atomics+0x1dc/0x310 [ 25.521629] ? __pfx_kasan_atomics+0x10/0x10 [ 25.521685] ? __pfx_read_tsc+0x10/0x10 [ 25.521733] ? ktime_get_ts64+0x86/0x230 [ 25.521823] kunit_try_run_case+0x1a5/0x480 [ 25.521896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.521964] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.522008] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.522056] ? __kthread_parkme+0x82/0x180 [ 25.522120] ? preempt_count_sub+0x50/0x80 [ 25.522160] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.522199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.522238] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.522276] kthread+0x337/0x6f0 [ 25.522334] ? trace_preempt_on+0x20/0xc0 [ 25.522377] ? __pfx_kthread+0x10/0x10 [ 25.522407] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.522440] ? calculate_sigpending+0x7b/0xa0 [ 25.522475] ? __pfx_kthread+0x10/0x10 [ 25.522503] ret_from_fork+0x41/0x80 [ 25.522539] ? __pfx_kthread+0x10/0x10 [ 25.522567] ret_from_fork_asm+0x1a/0x30 [ 25.522614] </TASK> [ 25.522631] [ 25.539423] Allocated by task 285: [ 25.540054] kasan_save_stack+0x45/0x70 [ 25.540532] kasan_save_track+0x18/0x40 [ 25.540890] kasan_save_alloc_info+0x3b/0x50 [ 25.541232] __kasan_kmalloc+0xb7/0xc0 [ 25.541560] __kmalloc_cache_noprof+0x189/0x420 [ 25.541992] kasan_atomics+0x95/0x310 [ 25.542588] kunit_try_run_case+0x1a5/0x480 [ 25.543409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.544058] kthread+0x337/0x6f0 [ 25.544534] ret_from_fork+0x41/0x80 [ 25.544942] ret_from_fork_asm+0x1a/0x30 [ 25.545507] [ 25.545802] The buggy address belongs to the object at ffff888102ef1180 [ 25.545802] which belongs to the cache kmalloc-64 of size 64 [ 25.547106] The buggy address is located 0 bytes to the right of [ 25.547106] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.548268] [ 25.548810] The buggy address belongs to the physical page: [ 25.549527] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.550043] flags: 0x200000000000000(node=0|zone=2) [ 25.552219] page_type: f5(slab) [ 25.552622] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.553227] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.553838] page dumped because: kasan: bad access detected [ 25.554921] [ 25.555145] Memory state around the buggy address: [ 25.556037] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.556510] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.557352] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.558072] ^ [ 25.558566] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.559379] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.560004] ================================================================== [ 24.686585] ================================================================== [ 24.687639] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 24.688481] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.689271] [ 24.689631] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.689768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.689811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.689941] Call Trace: [ 24.689999] <TASK> [ 24.690141] dump_stack_lvl+0x73/0xb0 [ 24.690236] print_report+0xd1/0x650 [ 24.690337] ? __virt_addr_valid+0x1db/0x2d0 [ 24.690416] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.690560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.690648] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.690733] kasan_report+0x141/0x180 [ 24.690780] ? kasan_atomics_helper+0x4a36/0x5450 [ 24.690827] __asan_report_load4_noabort+0x18/0x20 [ 24.690865] kasan_atomics_helper+0x4a36/0x5450 [ 24.690905] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.690944] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.690983] ? kasan_atomics+0x152/0x310 [ 24.691020] kasan_atomics+0x1dc/0x310 [ 24.691092] ? __pfx_kasan_atomics+0x10/0x10 [ 24.691129] ? __pfx_read_tsc+0x10/0x10 [ 24.691167] ? ktime_get_ts64+0x86/0x230 [ 24.691208] kunit_try_run_case+0x1a5/0x480 [ 24.691250] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.691306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.691358] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.691396] ? __kthread_parkme+0x82/0x180 [ 24.691433] ? preempt_count_sub+0x50/0x80 [ 24.691473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.691515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.691552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.691592] kthread+0x337/0x6f0 [ 24.691620] ? trace_preempt_on+0x20/0xc0 [ 24.691657] ? __pfx_kthread+0x10/0x10 [ 24.691687] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.691722] ? calculate_sigpending+0x7b/0xa0 [ 24.691760] ? __pfx_kthread+0x10/0x10 [ 24.691790] ret_from_fork+0x41/0x80 [ 24.691827] ? __pfx_kthread+0x10/0x10 [ 24.691860] ret_from_fork_asm+0x1a/0x30 [ 24.691923] </TASK> [ 24.691943] [ 24.711365] Allocated by task 285: [ 24.711912] kasan_save_stack+0x45/0x70 [ 24.712619] kasan_save_track+0x18/0x40 [ 24.713052] kasan_save_alloc_info+0x3b/0x50 [ 24.713784] __kasan_kmalloc+0xb7/0xc0 [ 24.714231] __kmalloc_cache_noprof+0x189/0x420 [ 24.714720] kasan_atomics+0x95/0x310 [ 24.715120] kunit_try_run_case+0x1a5/0x480 [ 24.715982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.716484] kthread+0x337/0x6f0 [ 24.717279] ret_from_fork+0x41/0x80 [ 24.717799] ret_from_fork_asm+0x1a/0x30 [ 24.718192] [ 24.718521] The buggy address belongs to the object at ffff888102ef1180 [ 24.718521] which belongs to the cache kmalloc-64 of size 64 [ 24.719369] The buggy address is located 0 bytes to the right of [ 24.719369] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.721092] [ 24.721266] The buggy address belongs to the physical page: [ 24.722000] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.722656] flags: 0x200000000000000(node=0|zone=2) [ 24.723107] page_type: f5(slab) [ 24.723544] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.724174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.724838] page dumped because: kasan: bad access detected [ 24.725337] [ 24.725846] Memory state around the buggy address: [ 24.726393] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.726904] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.728028] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.728663] ^ [ 24.729176] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.730085] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.730657] ================================================================== [ 24.284787] ================================================================== [ 24.285803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 24.286615] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.287265] [ 24.287634] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.287771] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.287817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.287894] Call Trace: [ 24.287995] <TASK> [ 24.288076] dump_stack_lvl+0x73/0xb0 [ 24.288245] print_report+0xd1/0x650 [ 24.288351] ? __virt_addr_valid+0x1db/0x2d0 [ 24.288429] ? kasan_atomics_helper+0xac7/0x5450 [ 24.288499] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.288540] ? kasan_atomics_helper+0xac7/0x5450 [ 24.288577] kasan_report+0x141/0x180 [ 24.288616] ? kasan_atomics_helper+0xac7/0x5450 [ 24.288657] kasan_check_range+0x10c/0x1c0 [ 24.288688] __kasan_check_write+0x18/0x20 [ 24.288721] kasan_atomics_helper+0xac7/0x5450 [ 24.288756] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.288791] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.288826] ? kasan_atomics+0x152/0x310 [ 24.288860] kasan_atomics+0x1dc/0x310 [ 24.288891] ? __pfx_kasan_atomics+0x10/0x10 [ 24.288921] ? __pfx_read_tsc+0x10/0x10 [ 24.288956] ? ktime_get_ts64+0x86/0x230 [ 24.288998] kunit_try_run_case+0x1a5/0x480 [ 24.289046] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.289111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.289153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.289191] ? __kthread_parkme+0x82/0x180 [ 24.289225] ? preempt_count_sub+0x50/0x80 [ 24.289263] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.289325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.289368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.289405] kthread+0x337/0x6f0 [ 24.289431] ? trace_preempt_on+0x20/0xc0 [ 24.289467] ? __pfx_kthread+0x10/0x10 [ 24.289495] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.289529] ? calculate_sigpending+0x7b/0xa0 [ 24.289562] ? __pfx_kthread+0x10/0x10 [ 24.289589] ret_from_fork+0x41/0x80 [ 24.289623] ? __pfx_kthread+0x10/0x10 [ 24.289650] ret_from_fork_asm+0x1a/0x30 [ 24.289696] </TASK> [ 24.289713] [ 24.306704] Allocated by task 285: [ 24.307315] kasan_save_stack+0x45/0x70 [ 24.307763] kasan_save_track+0x18/0x40 [ 24.308323] kasan_save_alloc_info+0x3b/0x50 [ 24.308889] __kasan_kmalloc+0xb7/0xc0 [ 24.309413] __kmalloc_cache_noprof+0x189/0x420 [ 24.309760] kasan_atomics+0x95/0x310 [ 24.310356] kunit_try_run_case+0x1a5/0x480 [ 24.310823] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.311480] kthread+0x337/0x6f0 [ 24.311921] ret_from_fork+0x41/0x80 [ 24.312427] ret_from_fork_asm+0x1a/0x30 [ 24.312958] [ 24.313349] The buggy address belongs to the object at ffff888102ef1180 [ 24.313349] which belongs to the cache kmalloc-64 of size 64 [ 24.314448] The buggy address is located 0 bytes to the right of [ 24.314448] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.315594] [ 24.315888] The buggy address belongs to the physical page: [ 24.316522] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.317369] flags: 0x200000000000000(node=0|zone=2) [ 24.317897] page_type: f5(slab) [ 24.318373] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.319137] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.319818] page dumped because: kasan: bad access detected [ 24.320361] [ 24.320550] Memory state around the buggy address: [ 24.321130] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.321876] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.322615] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.323415] ^ [ 24.323839] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.324406] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.325359] ================================================================== [ 25.561440] ================================================================== [ 25.561933] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 25.563014] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.563955] [ 25.564407] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.564543] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.564588] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.564912] Call Trace: [ 25.564946] <TASK> [ 25.564975] dump_stack_lvl+0x73/0xb0 [ 25.565020] print_report+0xd1/0x650 [ 25.565092] ? __virt_addr_valid+0x1db/0x2d0 [ 25.565131] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.565167] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.565208] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.565246] kasan_report+0x141/0x180 [ 25.565285] ? kasan_atomics_helper+0x18b1/0x5450 [ 25.565356] kasan_check_range+0x10c/0x1c0 [ 25.565392] __kasan_check_write+0x18/0x20 [ 25.565426] kasan_atomics_helper+0x18b1/0x5450 [ 25.565464] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.565504] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.565541] ? kasan_atomics+0x152/0x310 [ 25.565579] kasan_atomics+0x1dc/0x310 [ 25.565610] ? __pfx_kasan_atomics+0x10/0x10 [ 25.565645] ? __pfx_read_tsc+0x10/0x10 [ 25.565680] ? ktime_get_ts64+0x86/0x230 [ 25.565722] kunit_try_run_case+0x1a5/0x480 [ 25.565763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.565800] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.565839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.565877] ? __kthread_parkme+0x82/0x180 [ 25.565913] ? preempt_count_sub+0x50/0x80 [ 25.565953] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.565991] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.566029] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.566091] kthread+0x337/0x6f0 [ 25.566123] ? trace_preempt_on+0x20/0xc0 [ 25.566164] ? __pfx_kthread+0x10/0x10 [ 25.566193] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.566228] ? calculate_sigpending+0x7b/0xa0 [ 25.566264] ? __pfx_kthread+0x10/0x10 [ 25.566314] ret_from_fork+0x41/0x80 [ 25.566357] ? __pfx_kthread+0x10/0x10 [ 25.566389] ret_from_fork_asm+0x1a/0x30 [ 25.566437] </TASK> [ 25.566455] [ 25.584630] Allocated by task 285: [ 25.585098] kasan_save_stack+0x45/0x70 [ 25.585685] kasan_save_track+0x18/0x40 [ 25.586099] kasan_save_alloc_info+0x3b/0x50 [ 25.586740] __kasan_kmalloc+0xb7/0xc0 [ 25.587197] __kmalloc_cache_noprof+0x189/0x420 [ 25.587754] kasan_atomics+0x95/0x310 [ 25.588419] kunit_try_run_case+0x1a5/0x480 [ 25.589042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.589607] kthread+0x337/0x6f0 [ 25.589977] ret_from_fork+0x41/0x80 [ 25.590516] ret_from_fork_asm+0x1a/0x30 [ 25.590980] [ 25.591174] The buggy address belongs to the object at ffff888102ef1180 [ 25.591174] which belongs to the cache kmalloc-64 of size 64 [ 25.592220] The buggy address is located 0 bytes to the right of [ 25.592220] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.593418] [ 25.593617] The buggy address belongs to the physical page: [ 25.594227] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.595072] flags: 0x200000000000000(node=0|zone=2) [ 25.595628] page_type: f5(slab) [ 25.596096] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.596851] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.597764] page dumped because: kasan: bad access detected [ 25.598484] [ 25.598780] Memory state around the buggy address: [ 25.599289] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.600024] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.600767] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.601594] ^ [ 25.602250] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.602886] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.603462] ================================================================== [ 26.427708] ================================================================== [ 26.429105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 26.429856] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.430476] [ 26.431160] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.431459] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.431497] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.431533] Call Trace: [ 26.431563] <TASK> [ 26.431590] dump_stack_lvl+0x73/0xb0 [ 26.431636] print_report+0xd1/0x650 [ 26.431678] ? __virt_addr_valid+0x1db/0x2d0 [ 26.431714] ? kasan_atomics_helper+0x224c/0x5450 [ 26.431751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.431788] ? kasan_atomics_helper+0x224c/0x5450 [ 26.431824] kasan_report+0x141/0x180 [ 26.431862] ? kasan_atomics_helper+0x224c/0x5450 [ 26.431917] kasan_check_range+0x10c/0x1c0 [ 26.431951] __kasan_check_write+0x18/0x20 [ 26.431985] kasan_atomics_helper+0x224c/0x5450 [ 26.432023] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.432087] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.432130] ? kasan_atomics+0x152/0x310 [ 26.432170] kasan_atomics+0x1dc/0x310 [ 26.432203] ? __pfx_kasan_atomics+0x10/0x10 [ 26.432238] ? __pfx_read_tsc+0x10/0x10 [ 26.432273] ? ktime_get_ts64+0x86/0x230 [ 26.432340] kunit_try_run_case+0x1a5/0x480 [ 26.432385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.432424] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.432467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.432507] ? __kthread_parkme+0x82/0x180 [ 26.432544] ? preempt_count_sub+0x50/0x80 [ 26.432584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.432625] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.432663] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.432702] kthread+0x337/0x6f0 [ 26.432730] ? trace_preempt_on+0x20/0xc0 [ 26.432769] ? __pfx_kthread+0x10/0x10 [ 26.432798] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.432833] ? calculate_sigpending+0x7b/0xa0 [ 26.432869] ? __pfx_kthread+0x10/0x10 [ 26.432900] ret_from_fork+0x41/0x80 [ 26.432934] ? __pfx_kthread+0x10/0x10 [ 26.432965] ret_from_fork_asm+0x1a/0x30 [ 26.433013] </TASK> [ 26.433031] [ 26.453910] Allocated by task 285: [ 26.454777] kasan_save_stack+0x45/0x70 [ 26.455129] kasan_save_track+0x18/0x40 [ 26.455917] kasan_save_alloc_info+0x3b/0x50 [ 26.456470] __kasan_kmalloc+0xb7/0xc0 [ 26.457050] __kmalloc_cache_noprof+0x189/0x420 [ 26.457513] kasan_atomics+0x95/0x310 [ 26.457883] kunit_try_run_case+0x1a5/0x480 [ 26.458738] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.459134] kthread+0x337/0x6f0 [ 26.459694] ret_from_fork+0x41/0x80 [ 26.460086] ret_from_fork_asm+0x1a/0x30 [ 26.460505] [ 26.460737] The buggy address belongs to the object at ffff888102ef1180 [ 26.460737] which belongs to the cache kmalloc-64 of size 64 [ 26.462070] The buggy address is located 0 bytes to the right of [ 26.462070] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.463216] [ 26.463485] The buggy address belongs to the physical page: [ 26.463910] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.465030] flags: 0x200000000000000(node=0|zone=2) [ 26.465708] page_type: f5(slab) [ 26.466669] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.467203] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.468009] page dumped because: kasan: bad access detected [ 26.468739] [ 26.469124] Memory state around the buggy address: [ 26.469631] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.470620] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.471149] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.472025] ^ [ 26.472765] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.473817] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.475076] ================================================================== [ 24.424360] ================================================================== [ 24.425093] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 24.425787] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.426614] [ 24.426974] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.427142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.427202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.427308] Call Trace: [ 24.427370] <TASK> [ 24.427424] dump_stack_lvl+0x73/0xb0 [ 24.427519] print_report+0xd1/0x650 [ 24.427655] ? __virt_addr_valid+0x1db/0x2d0 [ 24.427767] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.427847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.427925] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.427964] kasan_report+0x141/0x180 [ 24.428002] ? kasan_atomics_helper+0x4a84/0x5450 [ 24.428059] __asan_report_load4_noabort+0x18/0x20 [ 24.428117] kasan_atomics_helper+0x4a84/0x5450 [ 24.428156] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.428194] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.428231] ? kasan_atomics+0x152/0x310 [ 24.428268] kasan_atomics+0x1dc/0x310 [ 24.428323] ? __pfx_kasan_atomics+0x10/0x10 [ 24.428361] ? __pfx_read_tsc+0x10/0x10 [ 24.428397] ? ktime_get_ts64+0x86/0x230 [ 24.428437] kunit_try_run_case+0x1a5/0x480 [ 24.428477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.428511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.428550] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.428587] ? __kthread_parkme+0x82/0x180 [ 24.428622] ? preempt_count_sub+0x50/0x80 [ 24.428660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.428697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.428733] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.428770] kthread+0x337/0x6f0 [ 24.428796] ? trace_preempt_on+0x20/0xc0 [ 24.428835] ? __pfx_kthread+0x10/0x10 [ 24.428862] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.428895] ? calculate_sigpending+0x7b/0xa0 [ 24.428928] ? __pfx_kthread+0x10/0x10 [ 24.428954] ret_from_fork+0x41/0x80 [ 24.428989] ? __pfx_kthread+0x10/0x10 [ 24.429016] ret_from_fork_asm+0x1a/0x30 [ 24.429101] </TASK> [ 24.429121] [ 24.445959] Allocated by task 285: [ 24.446502] kasan_save_stack+0x45/0x70 [ 24.447058] kasan_save_track+0x18/0x40 [ 24.447559] kasan_save_alloc_info+0x3b/0x50 [ 24.448088] __kasan_kmalloc+0xb7/0xc0 [ 24.448531] __kmalloc_cache_noprof+0x189/0x420 [ 24.449112] kasan_atomics+0x95/0x310 [ 24.449524] kunit_try_run_case+0x1a5/0x480 [ 24.450061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.450855] kthread+0x337/0x6f0 [ 24.451515] ret_from_fork+0x41/0x80 [ 24.451844] ret_from_fork_asm+0x1a/0x30 [ 24.452495] [ 24.452836] The buggy address belongs to the object at ffff888102ef1180 [ 24.452836] which belongs to the cache kmalloc-64 of size 64 [ 24.454880] The buggy address is located 0 bytes to the right of [ 24.454880] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.456916] [ 24.457241] The buggy address belongs to the physical page: [ 24.457841] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.458589] flags: 0x200000000000000(node=0|zone=2) [ 24.459097] page_type: f5(slab) [ 24.459543] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.460326] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.460998] page dumped because: kasan: bad access detected [ 24.461462] [ 24.461698] Memory state around the buggy address: [ 24.462098] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.462702] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.463489] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.464164] ^ [ 24.464622] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.465279] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.465893] ================================================================== [ 24.133450] ================================================================== [ 24.136105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 24.137933] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.138348] [ 24.138563] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.138686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.138726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.138783] Call Trace: [ 24.138838] <TASK> [ 24.138888] dump_stack_lvl+0x73/0xb0 [ 24.138973] print_report+0xd1/0x650 [ 24.140163] ? __virt_addr_valid+0x1db/0x2d0 [ 24.140393] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.140466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.140538] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.140611] kasan_report+0x141/0x180 [ 24.140974] ? kasan_atomics_helper+0x8f9/0x5450 [ 24.141102] kasan_check_range+0x10c/0x1c0 [ 24.141176] __kasan_check_write+0x18/0x20 [ 24.141235] kasan_atomics_helper+0x8f9/0x5450 [ 24.141326] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.141395] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.141462] ? kasan_atomics+0x152/0x310 [ 24.141531] kasan_atomics+0x1dc/0x310 [ 24.141588] ? __pfx_kasan_atomics+0x10/0x10 [ 24.141646] ? __pfx_read_tsc+0x10/0x10 [ 24.141709] ? ktime_get_ts64+0x86/0x230 [ 24.141780] kunit_try_run_case+0x1a5/0x480 [ 24.141853] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.141923] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.141999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.142122] ? __kthread_parkme+0x82/0x180 [ 24.142196] ? preempt_count_sub+0x50/0x80 [ 24.142268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.142431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.142512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.142575] kthread+0x337/0x6f0 [ 24.142621] ? trace_preempt_on+0x20/0xc0 [ 24.142682] ? __pfx_kthread+0x10/0x10 [ 24.142732] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.142787] ? calculate_sigpending+0x7b/0xa0 [ 24.142845] ? __pfx_kthread+0x10/0x10 [ 24.142895] ret_from_fork+0x41/0x80 [ 24.142951] ? __pfx_kthread+0x10/0x10 [ 24.143002] ret_from_fork_asm+0x1a/0x30 [ 24.143104] </TASK> [ 24.143140] [ 24.166719] Allocated by task 285: [ 24.167199] kasan_save_stack+0x45/0x70 [ 24.167622] kasan_save_track+0x18/0x40 [ 24.168608] kasan_save_alloc_info+0x3b/0x50 [ 24.169089] __kasan_kmalloc+0xb7/0xc0 [ 24.169552] __kmalloc_cache_noprof+0x189/0x420 [ 24.169953] kasan_atomics+0x95/0x310 [ 24.170910] kunit_try_run_case+0x1a5/0x480 [ 24.171838] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.172391] kthread+0x337/0x6f0 [ 24.172680] ret_from_fork+0x41/0x80 [ 24.172992] ret_from_fork_asm+0x1a/0x30 [ 24.173988] [ 24.174206] The buggy address belongs to the object at ffff888102ef1180 [ 24.174206] which belongs to the cache kmalloc-64 of size 64 [ 24.175941] The buggy address is located 0 bytes to the right of [ 24.175941] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.177479] [ 24.177664] The buggy address belongs to the physical page: [ 24.178496] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.179508] flags: 0x200000000000000(node=0|zone=2) [ 24.180192] page_type: f5(slab) [ 24.180592] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.181511] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.182390] page dumped because: kasan: bad access detected [ 24.182819] [ 24.182984] Memory state around the buggy address: [ 24.184104] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.184717] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.185531] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.186331] ^ [ 24.186664] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.187275] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.188405] ================================================================== [ 25.274526] ================================================================== [ 25.275242] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 25.276418] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.277695] [ 25.277992] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.278138] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.278179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.278213] Call Trace: [ 25.278241] <TASK> [ 25.278270] dump_stack_lvl+0x73/0xb0 [ 25.278375] print_report+0xd1/0x650 [ 25.278426] ? __virt_addr_valid+0x1db/0x2d0 [ 25.278464] ? kasan_atomics_helper+0x151d/0x5450 [ 25.278501] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.278540] ? kasan_atomics_helper+0x151d/0x5450 [ 25.278576] kasan_report+0x141/0x180 [ 25.278613] ? kasan_atomics_helper+0x151d/0x5450 [ 25.278656] kasan_check_range+0x10c/0x1c0 [ 25.278690] __kasan_check_write+0x18/0x20 [ 25.278724] kasan_atomics_helper+0x151d/0x5450 [ 25.278763] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.278802] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.278839] ? kasan_atomics+0x152/0x310 [ 25.278877] kasan_atomics+0x1dc/0x310 [ 25.278908] ? __pfx_kasan_atomics+0x10/0x10 [ 25.278942] ? __pfx_read_tsc+0x10/0x10 [ 25.278976] ? ktime_get_ts64+0x86/0x230 [ 25.279018] kunit_try_run_case+0x1a5/0x480 [ 25.279186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.279307] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.279392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.279472] ? __kthread_parkme+0x82/0x180 [ 25.279548] ? preempt_count_sub+0x50/0x80 [ 25.279633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.279717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.279799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.279895] kthread+0x337/0x6f0 [ 25.279964] ? trace_preempt_on+0x20/0xc0 [ 25.280024] ? __pfx_kthread+0x10/0x10 [ 25.280097] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.280136] ? calculate_sigpending+0x7b/0xa0 [ 25.280172] ? __pfx_kthread+0x10/0x10 [ 25.280200] ret_from_fork+0x41/0x80 [ 25.280236] ? __pfx_kthread+0x10/0x10 [ 25.280266] ret_from_fork_asm+0x1a/0x30 [ 25.280339] </TASK> [ 25.280359] [ 25.295521] Allocated by task 285: [ 25.295989] kasan_save_stack+0x45/0x70 [ 25.296578] kasan_save_track+0x18/0x40 [ 25.297080] kasan_save_alloc_info+0x3b/0x50 [ 25.297601] __kasan_kmalloc+0xb7/0xc0 [ 25.298093] __kmalloc_cache_noprof+0x189/0x420 [ 25.298605] kasan_atomics+0x95/0x310 [ 25.298952] kunit_try_run_case+0x1a5/0x480 [ 25.299464] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.300100] kthread+0x337/0x6f0 [ 25.300457] ret_from_fork+0x41/0x80 [ 25.300792] ret_from_fork_asm+0x1a/0x30 [ 25.301173] [ 25.301402] The buggy address belongs to the object at ffff888102ef1180 [ 25.301402] which belongs to the cache kmalloc-64 of size 64 [ 25.302540] The buggy address is located 0 bytes to the right of [ 25.302540] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.303709] [ 25.303922] The buggy address belongs to the physical page: [ 25.304356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.304850] flags: 0x200000000000000(node=0|zone=2) [ 25.305247] page_type: f5(slab) [ 25.305620] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.306263] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.306920] page dumped because: kasan: bad access detected [ 25.307524] [ 25.307793] Memory state around the buggy address: [ 25.308350] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.309073] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.309738] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.310813] ^ [ 25.311249] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.312875] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.313573] ================================================================== [ 25.094099] ================================================================== [ 25.095140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 25.096085] Read of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.096658] [ 25.096976] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.097109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.097152] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.097216] Call Trace: [ 25.097272] <TASK> [ 25.097349] dump_stack_lvl+0x73/0xb0 [ 25.097474] print_report+0xd1/0x650 [ 25.097565] ? __virt_addr_valid+0x1db/0x2d0 [ 25.097646] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.097722] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.097799] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.097875] kasan_report+0x141/0x180 [ 25.097955] ? kasan_atomics_helper+0x13b5/0x5450 [ 25.098048] kasan_check_range+0x10c/0x1c0 [ 25.098254] __kasan_check_read+0x15/0x20 [ 25.098353] kasan_atomics_helper+0x13b5/0x5450 [ 25.098412] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.098453] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.098496] ? kasan_atomics+0x152/0x310 [ 25.098533] kasan_atomics+0x1dc/0x310 [ 25.098566] ? __pfx_kasan_atomics+0x10/0x10 [ 25.098603] ? __pfx_read_tsc+0x10/0x10 [ 25.098642] ? ktime_get_ts64+0x86/0x230 [ 25.098686] kunit_try_run_case+0x1a5/0x480 [ 25.098729] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.098766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.098808] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.098847] ? __kthread_parkme+0x82/0x180 [ 25.098882] ? preempt_count_sub+0x50/0x80 [ 25.098921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.098959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.098997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.099039] kthread+0x337/0x6f0 [ 25.099096] ? trace_preempt_on+0x20/0xc0 [ 25.099139] ? __pfx_kthread+0x10/0x10 [ 25.099169] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.099204] ? calculate_sigpending+0x7b/0xa0 [ 25.099241] ? __pfx_kthread+0x10/0x10 [ 25.099270] ret_from_fork+0x41/0x80 [ 25.099346] ? __pfx_kthread+0x10/0x10 [ 25.099417] ret_from_fork_asm+0x1a/0x30 [ 25.099517] </TASK> [ 25.099606] [ 25.117149] Allocated by task 285: [ 25.117684] kasan_save_stack+0x45/0x70 [ 25.118229] kasan_save_track+0x18/0x40 [ 25.118711] kasan_save_alloc_info+0x3b/0x50 [ 25.119245] __kasan_kmalloc+0xb7/0xc0 [ 25.119707] __kmalloc_cache_noprof+0x189/0x420 [ 25.120242] kasan_atomics+0x95/0x310 [ 25.120730] kunit_try_run_case+0x1a5/0x480 [ 25.121266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.121806] kthread+0x337/0x6f0 [ 25.122240] ret_from_fork+0x41/0x80 [ 25.122672] ret_from_fork_asm+0x1a/0x30 [ 25.123216] [ 25.123494] The buggy address belongs to the object at ffff888102ef1180 [ 25.123494] which belongs to the cache kmalloc-64 of size 64 [ 25.124535] The buggy address is located 0 bytes to the right of [ 25.124535] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.125636] [ 25.125895] The buggy address belongs to the physical page: [ 25.126282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.127115] flags: 0x200000000000000(node=0|zone=2) [ 25.127668] page_type: f5(slab) [ 25.128027] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.128803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.129540] page dumped because: kasan: bad access detected [ 25.130121] [ 25.130417] Memory state around the buggy address: [ 25.130830] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.131352] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.132188] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.132876] ^ [ 25.133443] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.133946] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.134539] ================================================================== [ 25.413778] ================================================================== [ 25.414814] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 25.415923] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.416994] [ 25.417493] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.417610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.417632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.417665] Call Trace: [ 25.417694] <TASK> [ 25.417723] dump_stack_lvl+0x73/0xb0 [ 25.417772] print_report+0xd1/0x650 [ 25.417815] ? __virt_addr_valid+0x1db/0x2d0 [ 25.417851] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.417887] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.417924] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.417962] kasan_report+0x141/0x180 [ 25.418003] ? kasan_atomics_helper+0x16e7/0x5450 [ 25.418062] kasan_check_range+0x10c/0x1c0 [ 25.418118] __kasan_check_write+0x18/0x20 [ 25.418152] kasan_atomics_helper+0x16e7/0x5450 [ 25.418192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.418231] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.418270] ? kasan_atomics+0x152/0x310 [ 25.418358] kasan_atomics+0x1dc/0x310 [ 25.418450] ? __pfx_kasan_atomics+0x10/0x10 [ 25.418549] ? __pfx_read_tsc+0x10/0x10 [ 25.418635] ? ktime_get_ts64+0x86/0x230 [ 25.418731] kunit_try_run_case+0x1a5/0x480 [ 25.418821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.418885] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.418932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.418971] ? __kthread_parkme+0x82/0x180 [ 25.419007] ? preempt_count_sub+0x50/0x80 [ 25.419088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.419136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.419177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.419214] kthread+0x337/0x6f0 [ 25.419241] ? trace_preempt_on+0x20/0xc0 [ 25.419280] ? __pfx_kthread+0x10/0x10 [ 25.419335] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.419372] ? calculate_sigpending+0x7b/0xa0 [ 25.419408] ? __pfx_kthread+0x10/0x10 [ 25.419439] ret_from_fork+0x41/0x80 [ 25.419474] ? __pfx_kthread+0x10/0x10 [ 25.419505] ret_from_fork_asm+0x1a/0x30 [ 25.419553] </TASK> [ 25.419570] [ 25.440630] Allocated by task 285: [ 25.441475] kasan_save_stack+0x45/0x70 [ 25.441860] kasan_save_track+0x18/0x40 [ 25.442706] kasan_save_alloc_info+0x3b/0x50 [ 25.443027] __kasan_kmalloc+0xb7/0xc0 [ 25.443725] __kmalloc_cache_noprof+0x189/0x420 [ 25.444159] kasan_atomics+0x95/0x310 [ 25.444925] kunit_try_run_case+0x1a5/0x480 [ 25.445527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.446206] kthread+0x337/0x6f0 [ 25.446511] ret_from_fork+0x41/0x80 [ 25.446827] ret_from_fork_asm+0x1a/0x30 [ 25.447226] [ 25.447409] The buggy address belongs to the object at ffff888102ef1180 [ 25.447409] which belongs to the cache kmalloc-64 of size 64 [ 25.448551] The buggy address is located 0 bytes to the right of [ 25.448551] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.449410] [ 25.449662] The buggy address belongs to the physical page: [ 25.450192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.451520] flags: 0x200000000000000(node=0|zone=2) [ 25.452376] page_type: f5(slab) [ 25.452648] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.453433] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.454112] page dumped because: kasan: bad access detected [ 25.454668] [ 25.454915] Memory state around the buggy address: [ 25.455417] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.456122] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.456755] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.457449] ^ [ 25.457917] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.458615] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.459250] ================================================================== [ 23.677708] ================================================================== [ 23.678744] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 23.680202] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.681143] [ 23.681398] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.681520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.681542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.681572] Call Trace: [ 23.681597] <TASK> [ 23.681622] dump_stack_lvl+0x73/0xb0 [ 23.681665] print_report+0xd1/0x650 [ 23.681706] ? __virt_addr_valid+0x1db/0x2d0 [ 23.681740] ? kasan_atomics_helper+0x3df/0x5450 [ 23.681774] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.681809] ? kasan_atomics_helper+0x3df/0x5450 [ 23.681843] kasan_report+0x141/0x180 [ 23.681879] ? kasan_atomics_helper+0x3df/0x5450 [ 23.681919] kasan_check_range+0x10c/0x1c0 [ 23.681949] __kasan_check_read+0x15/0x20 [ 23.681983] kasan_atomics_helper+0x3df/0x5450 [ 23.682022] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.682089] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.682128] ? kasan_atomics+0x152/0x310 [ 23.682164] kasan_atomics+0x1dc/0x310 [ 23.682194] ? __pfx_kasan_atomics+0x10/0x10 [ 23.682225] ? __pfx_read_tsc+0x10/0x10 [ 23.682260] ? ktime_get_ts64+0x86/0x230 [ 23.682330] kunit_try_run_case+0x1a5/0x480 [ 23.682423] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.682502] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.682588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.682667] ? __kthread_parkme+0x82/0x180 [ 23.682745] ? preempt_count_sub+0x50/0x80 [ 23.682829] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.682911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.682997] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.683078] kthread+0x337/0x6f0 [ 23.683159] ? trace_preempt_on+0x20/0xc0 [ 23.683210] ? __pfx_kthread+0x10/0x10 [ 23.683240] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.683274] ? calculate_sigpending+0x7b/0xa0 [ 23.683336] ? __pfx_kthread+0x10/0x10 [ 23.683366] ret_from_fork+0x41/0x80 [ 23.683403] ? __pfx_kthread+0x10/0x10 [ 23.683433] ret_from_fork_asm+0x1a/0x30 [ 23.683480] </TASK> [ 23.683498] [ 23.703865] Allocated by task 285: [ 23.704717] kasan_save_stack+0x45/0x70 [ 23.705165] kasan_save_track+0x18/0x40 [ 23.705539] kasan_save_alloc_info+0x3b/0x50 [ 23.705969] __kasan_kmalloc+0xb7/0xc0 [ 23.706373] __kmalloc_cache_noprof+0x189/0x420 [ 23.706804] kasan_atomics+0x95/0x310 [ 23.707137] kunit_try_run_case+0x1a5/0x480 [ 23.708156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.708637] kthread+0x337/0x6f0 [ 23.709287] ret_from_fork+0x41/0x80 [ 23.709818] ret_from_fork_asm+0x1a/0x30 [ 23.710479] [ 23.710706] The buggy address belongs to the object at ffff888102ef1180 [ 23.710706] which belongs to the cache kmalloc-64 of size 64 [ 23.711999] The buggy address is located 0 bytes to the right of [ 23.711999] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.713020] [ 23.713717] The buggy address belongs to the physical page: [ 23.714208] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.714804] flags: 0x200000000000000(node=0|zone=2) [ 23.715460] page_type: f5(slab) [ 23.715638] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.715915] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.716951] page dumped because: kasan: bad access detected [ 23.717891] [ 23.718125] Memory state around the buggy address: [ 23.718605] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.719119] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.720221] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.720794] ^ [ 23.721601] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.722281] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.723109] ================================================================== [ 24.010883] ================================================================== [ 24.011386] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 24.011958] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.012869] [ 24.013246] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.013398] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.013443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.013506] Call Trace: [ 24.013561] <TASK> [ 24.013616] dump_stack_lvl+0x73/0xb0 [ 24.013704] print_report+0xd1/0x650 [ 24.013794] ? __virt_addr_valid+0x1db/0x2d0 [ 24.013874] ? kasan_atomics_helper+0x72f/0x5450 [ 24.013950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.014027] ? kasan_atomics_helper+0x72f/0x5450 [ 24.014850] kasan_report+0x141/0x180 [ 24.014934] ? kasan_atomics_helper+0x72f/0x5450 [ 24.015095] kasan_check_range+0x10c/0x1c0 [ 24.015141] __kasan_check_write+0x18/0x20 [ 24.015176] kasan_atomics_helper+0x72f/0x5450 [ 24.015214] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.015252] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.015311] ? kasan_atomics+0x152/0x310 [ 24.015357] kasan_atomics+0x1dc/0x310 [ 24.015392] ? __pfx_kasan_atomics+0x10/0x10 [ 24.015427] ? __pfx_read_tsc+0x10/0x10 [ 24.015461] ? ktime_get_ts64+0x86/0x230 [ 24.015503] kunit_try_run_case+0x1a5/0x480 [ 24.015544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.015579] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.015618] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.015655] ? __kthread_parkme+0x82/0x180 [ 24.015689] ? preempt_count_sub+0x50/0x80 [ 24.015728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.015766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.015803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.015839] kthread+0x337/0x6f0 [ 24.015866] ? trace_preempt_on+0x20/0xc0 [ 24.015917] ? __pfx_kthread+0x10/0x10 [ 24.015944] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.015978] ? calculate_sigpending+0x7b/0xa0 [ 24.016012] ? __pfx_kthread+0x10/0x10 [ 24.016051] ret_from_fork+0x41/0x80 [ 24.016106] ? __pfx_kthread+0x10/0x10 [ 24.016138] ret_from_fork_asm+0x1a/0x30 [ 24.016183] </TASK> [ 24.016202] [ 24.030569] Allocated by task 285: [ 24.031023] kasan_save_stack+0x45/0x70 [ 24.031560] kasan_save_track+0x18/0x40 [ 24.031905] kasan_save_alloc_info+0x3b/0x50 [ 24.032247] __kasan_kmalloc+0xb7/0xc0 [ 24.032772] __kmalloc_cache_noprof+0x189/0x420 [ 24.033397] kasan_atomics+0x95/0x310 [ 24.033823] kunit_try_run_case+0x1a5/0x480 [ 24.034421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.034830] kthread+0x337/0x6f0 [ 24.035125] ret_from_fork+0x41/0x80 [ 24.035571] ret_from_fork_asm+0x1a/0x30 [ 24.036030] [ 24.036325] The buggy address belongs to the object at ffff888102ef1180 [ 24.036325] which belongs to the cache kmalloc-64 of size 64 [ 24.037060] The buggy address is located 0 bytes to the right of [ 24.037060] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.037792] [ 24.037993] The buggy address belongs to the physical page: [ 24.038462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.039236] flags: 0x200000000000000(node=0|zone=2) [ 24.039759] page_type: f5(slab) [ 24.040135] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.040867] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.041814] page dumped because: kasan: bad access detected [ 24.042386] [ 24.042621] Memory state around the buggy address: [ 24.043078] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.043671] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.044342] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.044893] ^ [ 24.045396] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.045896] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.046665] ================================================================== [ 25.690208] ================================================================== [ 25.690671] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 25.691534] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.692073] [ 25.692442] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.692582] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.692626] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.692688] Call Trace: [ 25.692754] <TASK> [ 25.692816] dump_stack_lvl+0x73/0xb0 [ 25.692941] print_report+0xd1/0x650 [ 25.693100] ? __virt_addr_valid+0x1db/0x2d0 [ 25.693191] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.693330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.693415] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.693466] kasan_report+0x141/0x180 [ 25.693510] ? kasan_atomics_helper+0x1a7f/0x5450 [ 25.693553] kasan_check_range+0x10c/0x1c0 [ 25.693622] __kasan_check_write+0x18/0x20 [ 25.693701] kasan_atomics_helper+0x1a7f/0x5450 [ 25.693814] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.693925] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.694013] ? kasan_atomics+0x152/0x310 [ 25.694185] kasan_atomics+0x1dc/0x310 [ 25.694265] ? __pfx_kasan_atomics+0x10/0x10 [ 25.694357] ? __pfx_read_tsc+0x10/0x10 [ 25.694402] ? ktime_get_ts64+0x86/0x230 [ 25.694445] kunit_try_run_case+0x1a5/0x480 [ 25.694487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.694524] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.694565] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.694603] ? __kthread_parkme+0x82/0x180 [ 25.694637] ? preempt_count_sub+0x50/0x80 [ 25.694675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.694714] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.694749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.694785] kthread+0x337/0x6f0 [ 25.694811] ? trace_preempt_on+0x20/0xc0 [ 25.694849] ? __pfx_kthread+0x10/0x10 [ 25.694877] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.694910] ? calculate_sigpending+0x7b/0xa0 [ 25.694945] ? __pfx_kthread+0x10/0x10 [ 25.694972] ret_from_fork+0x41/0x80 [ 25.695006] ? __pfx_kthread+0x10/0x10 [ 25.695054] ret_from_fork_asm+0x1a/0x30 [ 25.695126] </TASK> [ 25.695145] [ 25.715604] Allocated by task 285: [ 25.716074] kasan_save_stack+0x45/0x70 [ 25.716964] kasan_save_track+0x18/0x40 [ 25.717406] kasan_save_alloc_info+0x3b/0x50 [ 25.717756] __kasan_kmalloc+0xb7/0xc0 [ 25.718496] __kmalloc_cache_noprof+0x189/0x420 [ 25.718863] kasan_atomics+0x95/0x310 [ 25.719272] kunit_try_run_case+0x1a5/0x480 [ 25.719715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.720221] kthread+0x337/0x6f0 [ 25.720786] ret_from_fork+0x41/0x80 [ 25.721166] ret_from_fork_asm+0x1a/0x30 [ 25.721577] [ 25.721806] The buggy address belongs to the object at ffff888102ef1180 [ 25.721806] which belongs to the cache kmalloc-64 of size 64 [ 25.723112] The buggy address is located 0 bytes to the right of [ 25.723112] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.723973] [ 25.724177] The buggy address belongs to the physical page: [ 25.725458] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.725961] flags: 0x200000000000000(node=0|zone=2) [ 25.726996] page_type: f5(slab) [ 25.727342] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.727863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.728311] page dumped because: kasan: bad access detected [ 25.728622] [ 25.728775] Memory state around the buggy address: [ 25.729075] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.729844] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.731859] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.732801] ^ [ 25.734075] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.734643] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.735040] ================================================================== [ 23.817217] ================================================================== [ 23.818658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 23.819278] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.820346] [ 23.820622] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.820766] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.820811] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.820875] Call Trace: [ 23.820934] <TASK> [ 23.820990] dump_stack_lvl+0x73/0xb0 [ 23.821128] print_report+0xd1/0x650 [ 23.821209] ? __virt_addr_valid+0x1db/0x2d0 [ 23.821284] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.821380] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.821459] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.821538] kasan_report+0x141/0x180 [ 23.821595] ? kasan_atomics_helper+0x4b3a/0x5450 [ 23.821640] __asan_report_store4_noabort+0x1b/0x30 [ 23.821674] kasan_atomics_helper+0x4b3a/0x5450 [ 23.821711] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.821746] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.821782] ? kasan_atomics+0x152/0x310 [ 23.821819] kasan_atomics+0x1dc/0x310 [ 23.821849] ? __pfx_kasan_atomics+0x10/0x10 [ 23.821881] ? __pfx_read_tsc+0x10/0x10 [ 23.821916] ? ktime_get_ts64+0x86/0x230 [ 23.821958] kunit_try_run_case+0x1a5/0x480 [ 23.821998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.822051] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.822132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.822171] ? __kthread_parkme+0x82/0x180 [ 23.822206] ? preempt_count_sub+0x50/0x80 [ 23.822245] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.822282] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.822351] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.822389] kthread+0x337/0x6f0 [ 23.822415] ? trace_preempt_on+0x20/0xc0 [ 23.822454] ? __pfx_kthread+0x10/0x10 [ 23.822482] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.822515] ? calculate_sigpending+0x7b/0xa0 [ 23.822549] ? __pfx_kthread+0x10/0x10 [ 23.822576] ret_from_fork+0x41/0x80 [ 23.822610] ? __pfx_kthread+0x10/0x10 [ 23.822637] ret_from_fork_asm+0x1a/0x30 [ 23.822682] </TASK> [ 23.822698] [ 23.841622] Allocated by task 285: [ 23.842106] kasan_save_stack+0x45/0x70 [ 23.842605] kasan_save_track+0x18/0x40 [ 23.843005] kasan_save_alloc_info+0x3b/0x50 [ 23.843485] __kasan_kmalloc+0xb7/0xc0 [ 23.843837] __kmalloc_cache_noprof+0x189/0x420 [ 23.844376] kasan_atomics+0x95/0x310 [ 23.844762] kunit_try_run_case+0x1a5/0x480 [ 23.845259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.845769] kthread+0x337/0x6f0 [ 23.846183] ret_from_fork+0x41/0x80 [ 23.846568] ret_from_fork_asm+0x1a/0x30 [ 23.847012] [ 23.847309] The buggy address belongs to the object at ffff888102ef1180 [ 23.847309] which belongs to the cache kmalloc-64 of size 64 [ 23.848262] The buggy address is located 0 bytes to the right of [ 23.848262] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.849201] [ 23.849435] The buggy address belongs to the physical page: [ 23.849905] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.850612] flags: 0x200000000000000(node=0|zone=2) [ 23.851160] page_type: f5(slab) [ 23.851571] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.852206] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.852833] page dumped because: kasan: bad access detected [ 23.853384] [ 23.853605] Memory state around the buggy address: [ 23.854014] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.854572] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.855236] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.855857] ^ [ 23.856379] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.856884] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.857563] ================================================================== [ 26.139906] ================================================================== [ 26.140675] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 26.141242] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.141930] [ 26.142252] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.142403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.142443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.142505] Call Trace: [ 26.142558] <TASK> [ 26.142601] dump_stack_lvl+0x73/0xb0 [ 26.142649] print_report+0xd1/0x650 [ 26.142692] ? __virt_addr_valid+0x1db/0x2d0 [ 26.142748] ? kasan_atomics_helper+0x2006/0x5450 [ 26.142830] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.142911] ? kasan_atomics_helper+0x2006/0x5450 [ 26.142996] kasan_report+0x141/0x180 [ 26.143167] ? kasan_atomics_helper+0x2006/0x5450 [ 26.143268] kasan_check_range+0x10c/0x1c0 [ 26.143364] __kasan_check_write+0x18/0x20 [ 26.143439] kasan_atomics_helper+0x2006/0x5450 [ 26.143521] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.143599] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.143681] ? kasan_atomics+0x152/0x310 [ 26.143802] kasan_atomics+0x1dc/0x310 [ 26.143896] ? __pfx_kasan_atomics+0x10/0x10 [ 26.144012] ? __pfx_read_tsc+0x10/0x10 [ 26.144129] ? ktime_get_ts64+0x86/0x230 [ 26.144220] kunit_try_run_case+0x1a5/0x480 [ 26.144327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.144403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.144451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.144492] ? __kthread_parkme+0x82/0x180 [ 26.144529] ? preempt_count_sub+0x50/0x80 [ 26.144571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.144613] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.144653] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.144693] kthread+0x337/0x6f0 [ 26.144724] ? trace_preempt_on+0x20/0xc0 [ 26.144764] ? __pfx_kthread+0x10/0x10 [ 26.144794] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.144830] ? calculate_sigpending+0x7b/0xa0 [ 26.144866] ? __pfx_kthread+0x10/0x10 [ 26.144896] ret_from_fork+0x41/0x80 [ 26.144933] ? __pfx_kthread+0x10/0x10 [ 26.144965] ret_from_fork_asm+0x1a/0x30 [ 26.145015] </TASK> [ 26.145052] [ 26.165979] Allocated by task 285: [ 26.166419] kasan_save_stack+0x45/0x70 [ 26.166984] kasan_save_track+0x18/0x40 [ 26.167544] kasan_save_alloc_info+0x3b/0x50 [ 26.168151] __kasan_kmalloc+0xb7/0xc0 [ 26.168721] __kmalloc_cache_noprof+0x189/0x420 [ 26.169433] kasan_atomics+0x95/0x310 [ 26.169957] kunit_try_run_case+0x1a5/0x480 [ 26.170873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.171412] kthread+0x337/0x6f0 [ 26.171951] ret_from_fork+0x41/0x80 [ 26.172462] ret_from_fork_asm+0x1a/0x30 [ 26.173042] [ 26.173516] The buggy address belongs to the object at ffff888102ef1180 [ 26.173516] which belongs to the cache kmalloc-64 of size 64 [ 26.174940] The buggy address is located 0 bytes to the right of [ 26.174940] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.176239] [ 26.176491] The buggy address belongs to the physical page: [ 26.177410] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.178272] flags: 0x200000000000000(node=0|zone=2) [ 26.178968] page_type: f5(slab) [ 26.179312] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.179997] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.180632] page dumped because: kasan: bad access detected [ 26.181095] [ 26.181335] Memory state around the buggy address: [ 26.181761] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.182797] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.183606] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.184349] ^ [ 26.184667] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.185912] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.187207] ================================================================== [ 26.333266] ================================================================== [ 26.333822] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 26.335033] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.336455] [ 26.336743] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.336834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.336856] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.336890] Call Trace: [ 26.336931] <TASK> [ 26.336985] dump_stack_lvl+0x73/0xb0 [ 26.337035] print_report+0xd1/0x650 [ 26.337104] ? __virt_addr_valid+0x1db/0x2d0 [ 26.337141] ? kasan_atomics_helper+0x218a/0x5450 [ 26.337176] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.337213] ? kasan_atomics_helper+0x218a/0x5450 [ 26.337251] kasan_report+0x141/0x180 [ 26.337288] ? kasan_atomics_helper+0x218a/0x5450 [ 26.337411] kasan_check_range+0x10c/0x1c0 [ 26.337463] __kasan_check_write+0x18/0x20 [ 26.337504] kasan_atomics_helper+0x218a/0x5450 [ 26.337544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.337582] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.337620] ? kasan_atomics+0x152/0x310 [ 26.337656] kasan_atomics+0x1dc/0x310 [ 26.337688] ? __pfx_kasan_atomics+0x10/0x10 [ 26.337721] ? __pfx_read_tsc+0x10/0x10 [ 26.337757] ? ktime_get_ts64+0x86/0x230 [ 26.337799] kunit_try_run_case+0x1a5/0x480 [ 26.337842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.337879] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.337918] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.337958] ? __kthread_parkme+0x82/0x180 [ 26.337994] ? preempt_count_sub+0x50/0x80 [ 26.338037] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.338102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.338143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.338182] kthread+0x337/0x6f0 [ 26.338210] ? trace_preempt_on+0x20/0xc0 [ 26.338249] ? __pfx_kthread+0x10/0x10 [ 26.338279] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.338531] ? calculate_sigpending+0x7b/0xa0 [ 26.338575] ? __pfx_kthread+0x10/0x10 [ 26.338608] ret_from_fork+0x41/0x80 [ 26.338648] ? __pfx_kthread+0x10/0x10 [ 26.338680] ret_from_fork_asm+0x1a/0x30 [ 26.338730] </TASK> [ 26.338750] [ 26.359754] Allocated by task 285: [ 26.360167] kasan_save_stack+0x45/0x70 [ 26.360691] kasan_save_track+0x18/0x40 [ 26.361109] kasan_save_alloc_info+0x3b/0x50 [ 26.361610] __kasan_kmalloc+0xb7/0xc0 [ 26.362001] __kmalloc_cache_noprof+0x189/0x420 [ 26.362520] kasan_atomics+0x95/0x310 [ 26.362902] kunit_try_run_case+0x1a5/0x480 [ 26.363394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.364002] kthread+0x337/0x6f0 [ 26.364532] ret_from_fork+0x41/0x80 [ 26.364873] ret_from_fork_asm+0x1a/0x30 [ 26.365451] [ 26.365659] The buggy address belongs to the object at ffff888102ef1180 [ 26.365659] which belongs to the cache kmalloc-64 of size 64 [ 26.366664] The buggy address is located 0 bytes to the right of [ 26.366664] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.367868] [ 26.368189] The buggy address belongs to the physical page: [ 26.368623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.369423] flags: 0x200000000000000(node=0|zone=2) [ 26.369901] page_type: f5(slab) [ 26.370508] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.371121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.371705] page dumped because: kasan: bad access detected [ 26.372210] [ 26.372447] Memory state around the buggy address: [ 26.372856] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.374030] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.374566] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.375766] ^ [ 26.376163] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.376847] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.377528] ================================================================== [ 23.630040] ================================================================== [ 23.630658] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 23.631038] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.631994] [ 23.632169] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.632269] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.632313] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.632358] Call Trace: [ 23.632396] <TASK> [ 23.632431] dump_stack_lvl+0x73/0xb0 [ 23.632489] print_report+0xd1/0x650 [ 23.632541] ? __virt_addr_valid+0x1db/0x2d0 [ 23.632590] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.632640] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.632688] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.632736] kasan_report+0x141/0x180 [ 23.632787] ? kasan_atomics_helper+0x4b6e/0x5450 [ 23.632847] __asan_report_store4_noabort+0x1b/0x30 [ 23.632893] kasan_atomics_helper+0x4b6e/0x5450 [ 23.632944] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.632994] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.633042] ? kasan_atomics+0x152/0x310 [ 23.633097] kasan_atomics+0x1dc/0x310 [ 23.633182] ? __pfx_kasan_atomics+0x10/0x10 [ 23.633260] ? __pfx_read_tsc+0x10/0x10 [ 23.633356] ? ktime_get_ts64+0x86/0x230 [ 23.633446] kunit_try_run_case+0x1a5/0x480 [ 23.633865] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.633954] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.634042] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.634119] ? __kthread_parkme+0x82/0x180 [ 23.634195] ? preempt_count_sub+0x50/0x80 [ 23.634275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.634378] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.635035] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.635128] kthread+0x337/0x6f0 [ 23.635188] ? trace_preempt_on+0x20/0xc0 [ 23.635260] ? __pfx_kthread+0x10/0x10 [ 23.635320] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.635371] ? calculate_sigpending+0x7b/0xa0 [ 23.635421] ? __pfx_kthread+0x10/0x10 [ 23.635467] ret_from_fork+0x41/0x80 [ 23.635507] ? __pfx_kthread+0x10/0x10 [ 23.635539] ret_from_fork_asm+0x1a/0x30 [ 23.635588] </TASK> [ 23.635604] [ 23.654613] Allocated by task 285: [ 23.655054] kasan_save_stack+0x45/0x70 [ 23.655734] kasan_save_track+0x18/0x40 [ 23.655990] kasan_save_alloc_info+0x3b/0x50 [ 23.656279] __kasan_kmalloc+0xb7/0xc0 [ 23.656570] __kmalloc_cache_noprof+0x189/0x420 [ 23.656887] kasan_atomics+0x95/0x310 [ 23.657162] kunit_try_run_case+0x1a5/0x480 [ 23.659580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.660191] kthread+0x337/0x6f0 [ 23.660850] ret_from_fork+0x41/0x80 [ 23.661670] ret_from_fork_asm+0x1a/0x30 [ 23.662519] [ 23.662776] The buggy address belongs to the object at ffff888102ef1180 [ 23.662776] which belongs to the cache kmalloc-64 of size 64 [ 23.663939] The buggy address is located 0 bytes to the right of [ 23.663939] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.666063] [ 23.666237] The buggy address belongs to the physical page: [ 23.666783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.667522] flags: 0x200000000000000(node=0|zone=2) [ 23.668042] page_type: f5(slab) [ 23.668392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.669320] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.669962] page dumped because: kasan: bad access detected [ 23.670969] [ 23.671257] Memory state around the buggy address: [ 23.671688] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.672105] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.673427] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.674354] ^ [ 23.674833] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.675585] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.676173] ================================================================== [ 25.954288] ================================================================== [ 25.954874] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 25.955633] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.956205] [ 25.956467] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.956602] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.956647] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.956711] Call Trace: [ 25.956766] <TASK> [ 25.956817] dump_stack_lvl+0x73/0xb0 [ 25.956905] print_report+0xd1/0x650 [ 25.956983] ? __virt_addr_valid+0x1db/0x2d0 [ 25.957104] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.957188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.957270] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.957373] kasan_report+0x141/0x180 [ 25.957462] ? kasan_atomics_helper+0x1e12/0x5450 [ 25.957558] kasan_check_range+0x10c/0x1c0 [ 25.957641] __kasan_check_write+0x18/0x20 [ 25.957716] kasan_atomics_helper+0x1e12/0x5450 [ 25.957802] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.957883] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.957967] ? kasan_atomics+0x152/0x310 [ 25.958089] kasan_atomics+0x1dc/0x310 [ 25.958171] ? __pfx_kasan_atomics+0x10/0x10 [ 25.958247] ? __pfx_read_tsc+0x10/0x10 [ 25.958347] ? ktime_get_ts64+0x86/0x230 [ 25.958433] kunit_try_run_case+0x1a5/0x480 [ 25.958518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.958583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.958628] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.958669] ? __kthread_parkme+0x82/0x180 [ 25.958706] ? preempt_count_sub+0x50/0x80 [ 25.958748] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.958786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.958826] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.958866] kthread+0x337/0x6f0 [ 25.958896] ? trace_preempt_on+0x20/0xc0 [ 25.958935] ? __pfx_kthread+0x10/0x10 [ 25.958964] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.958999] ? calculate_sigpending+0x7b/0xa0 [ 25.959058] ? __pfx_kthread+0x10/0x10 [ 25.959116] ret_from_fork+0x41/0x80 [ 25.959156] ? __pfx_kthread+0x10/0x10 [ 25.959190] ret_from_fork_asm+0x1a/0x30 [ 25.959240] </TASK> [ 25.959260] [ 25.979622] Allocated by task 285: [ 25.979959] kasan_save_stack+0x45/0x70 [ 25.980966] kasan_save_track+0x18/0x40 [ 25.981314] kasan_save_alloc_info+0x3b/0x50 [ 25.982044] __kasan_kmalloc+0xb7/0xc0 [ 25.982721] __kmalloc_cache_noprof+0x189/0x420 [ 25.983122] kasan_atomics+0x95/0x310 [ 25.983447] kunit_try_run_case+0x1a5/0x480 [ 25.984342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.984947] kthread+0x337/0x6f0 [ 25.985518] ret_from_fork+0x41/0x80 [ 25.985857] ret_from_fork_asm+0x1a/0x30 [ 25.986795] [ 25.987071] The buggy address belongs to the object at ffff888102ef1180 [ 25.987071] which belongs to the cache kmalloc-64 of size 64 [ 25.987954] The buggy address is located 0 bytes to the right of [ 25.987954] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.989703] [ 25.989888] The buggy address belongs to the physical page: [ 25.990709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.991167] flags: 0x200000000000000(node=0|zone=2) [ 25.992569] page_type: f5(slab) [ 25.993154] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.993627] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.994038] page dumped because: kasan: bad access detected [ 25.994820] [ 25.995471] Memory state around the buggy address: [ 25.995942] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.997503] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.997889] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.998995] ^ [ 26.001073] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.001379] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.001623] ================================================================== [ 24.554913] ================================================================== [ 24.556625] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 24.557415] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.558546] [ 24.558984] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.559093] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.559137] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.559393] Call Trace: [ 24.559430] <TASK> [ 24.559460] dump_stack_lvl+0x73/0xb0 [ 24.559506] print_report+0xd1/0x650 [ 24.559546] ? __virt_addr_valid+0x1db/0x2d0 [ 24.559584] ? kasan_atomics_helper+0xe78/0x5450 [ 24.559619] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.559655] ? kasan_atomics_helper+0xe78/0x5450 [ 24.559692] kasan_report+0x141/0x180 [ 24.559729] ? kasan_atomics_helper+0xe78/0x5450 [ 24.559769] kasan_check_range+0x10c/0x1c0 [ 24.559802] __kasan_check_write+0x18/0x20 [ 24.559834] kasan_atomics_helper+0xe78/0x5450 [ 24.559873] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.559921] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.559957] ? kasan_atomics+0x152/0x310 [ 24.559992] kasan_atomics+0x1dc/0x310 [ 24.560023] ? __pfx_kasan_atomics+0x10/0x10 [ 24.560086] ? __pfx_read_tsc+0x10/0x10 [ 24.560125] ? ktime_get_ts64+0x86/0x230 [ 24.560166] kunit_try_run_case+0x1a5/0x480 [ 24.560209] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.560248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.560288] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.560354] ? __kthread_parkme+0x82/0x180 [ 24.560391] ? preempt_count_sub+0x50/0x80 [ 24.560430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.560470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.560507] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.560545] kthread+0x337/0x6f0 [ 24.560573] ? trace_preempt_on+0x20/0xc0 [ 24.560612] ? __pfx_kthread+0x10/0x10 [ 24.560642] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.560678] ? calculate_sigpending+0x7b/0xa0 [ 24.560715] ? __pfx_kthread+0x10/0x10 [ 24.560746] ret_from_fork+0x41/0x80 [ 24.560781] ? __pfx_kthread+0x10/0x10 [ 24.560812] ret_from_fork_asm+0x1a/0x30 [ 24.560860] </TASK> [ 24.560878] [ 24.576562] Allocated by task 285: [ 24.577080] kasan_save_stack+0x45/0x70 [ 24.577620] kasan_save_track+0x18/0x40 [ 24.578008] kasan_save_alloc_info+0x3b/0x50 [ 24.578416] __kasan_kmalloc+0xb7/0xc0 [ 24.578899] __kmalloc_cache_noprof+0x189/0x420 [ 24.579447] kasan_atomics+0x95/0x310 [ 24.579862] kunit_try_run_case+0x1a5/0x480 [ 24.580394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.580915] kthread+0x337/0x6f0 [ 24.581379] ret_from_fork+0x41/0x80 [ 24.581726] ret_from_fork_asm+0x1a/0x30 [ 24.582258] [ 24.582516] The buggy address belongs to the object at ffff888102ef1180 [ 24.582516] which belongs to the cache kmalloc-64 of size 64 [ 24.583509] The buggy address is located 0 bytes to the right of [ 24.583509] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.584307] [ 24.584567] The buggy address belongs to the physical page: [ 24.585192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.585977] flags: 0x200000000000000(node=0|zone=2) [ 24.586581] page_type: f5(slab) [ 24.586986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.587628] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.588166] page dumped because: kasan: bad access detected [ 24.588710] [ 24.588989] Memory state around the buggy address: [ 24.589509] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.590237] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.590883] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.591466] ^ [ 24.591959] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.592620] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.593214] ================================================================== [ 24.237341] ================================================================== [ 24.237772] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 24.238580] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.239262] [ 24.239566] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.239751] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.239813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.239918] Call Trace: [ 24.239978] <TASK> [ 24.240071] dump_stack_lvl+0x73/0xb0 [ 24.240155] print_report+0xd1/0x650 [ 24.240216] ? __virt_addr_valid+0x1db/0x2d0 [ 24.240310] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.240415] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.240527] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.240608] kasan_report+0x141/0x180 [ 24.240689] ? kasan_atomics_helper+0xa2b/0x5450 [ 24.240799] kasan_check_range+0x10c/0x1c0 [ 24.240910] __kasan_check_write+0x18/0x20 [ 24.240966] kasan_atomics_helper+0xa2b/0x5450 [ 24.241007] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.241094] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.241138] ? kasan_atomics+0x152/0x310 [ 24.241176] kasan_atomics+0x1dc/0x310 [ 24.241206] ? __pfx_kasan_atomics+0x10/0x10 [ 24.241241] ? __pfx_read_tsc+0x10/0x10 [ 24.241275] ? ktime_get_ts64+0x86/0x230 [ 24.241345] kunit_try_run_case+0x1a5/0x480 [ 24.241387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.241422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.241460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.241497] ? __kthread_parkme+0x82/0x180 [ 24.241530] ? preempt_count_sub+0x50/0x80 [ 24.241568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.241603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.241639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.241675] kthread+0x337/0x6f0 [ 24.241700] ? trace_preempt_on+0x20/0xc0 [ 24.241735] ? __pfx_kthread+0x10/0x10 [ 24.241762] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.241795] ? calculate_sigpending+0x7b/0xa0 [ 24.241827] ? __pfx_kthread+0x10/0x10 [ 24.241855] ret_from_fork+0x41/0x80 [ 24.241889] ? __pfx_kthread+0x10/0x10 [ 24.241917] ret_from_fork_asm+0x1a/0x30 [ 24.241965] </TASK> [ 24.241981] [ 24.263578] Allocated by task 285: [ 24.263954] kasan_save_stack+0x45/0x70 [ 24.264407] kasan_save_track+0x18/0x40 [ 24.264794] kasan_save_alloc_info+0x3b/0x50 [ 24.265687] __kasan_kmalloc+0xb7/0xc0 [ 24.265993] __kmalloc_cache_noprof+0x189/0x420 [ 24.266822] kasan_atomics+0x95/0x310 [ 24.267494] kunit_try_run_case+0x1a5/0x480 [ 24.268098] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.269191] kthread+0x337/0x6f0 [ 24.269536] ret_from_fork+0x41/0x80 [ 24.270046] ret_from_fork_asm+0x1a/0x30 [ 24.270502] [ 24.270739] The buggy address belongs to the object at ffff888102ef1180 [ 24.270739] which belongs to the cache kmalloc-64 of size 64 [ 24.272131] The buggy address is located 0 bytes to the right of [ 24.272131] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.273112] [ 24.273527] The buggy address belongs to the physical page: [ 24.274030] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.274856] flags: 0x200000000000000(node=0|zone=2) [ 24.275421] page_type: f5(slab) [ 24.275888] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.276700] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.277419] page dumped because: kasan: bad access detected [ 24.277892] [ 24.278178] Memory state around the buggy address: [ 24.278696] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.279488] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.280165] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.280814] ^ [ 24.281531] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.282362] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.282894] ================================================================== [ 24.732721] ================================================================== [ 24.733624] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 24.734323] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.735332] [ 24.735594] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.735996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.736025] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.736081] Call Trace: [ 24.736113] <TASK> [ 24.736142] dump_stack_lvl+0x73/0xb0 [ 24.736191] print_report+0xd1/0x650 [ 24.736232] ? __virt_addr_valid+0x1db/0x2d0 [ 24.736267] ? kasan_atomics_helper+0x1079/0x5450 [ 24.736329] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.736371] ? kasan_atomics_helper+0x1079/0x5450 [ 24.736408] kasan_report+0x141/0x180 [ 24.736446] ? kasan_atomics_helper+0x1079/0x5450 [ 24.736489] kasan_check_range+0x10c/0x1c0 [ 24.736522] __kasan_check_write+0x18/0x20 [ 24.736557] kasan_atomics_helper+0x1079/0x5450 [ 24.736639] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.736714] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.736785] ? kasan_atomics+0x152/0x310 [ 24.736825] kasan_atomics+0x1dc/0x310 [ 24.736857] ? __pfx_kasan_atomics+0x10/0x10 [ 24.736891] ? __pfx_read_tsc+0x10/0x10 [ 24.736928] ? ktime_get_ts64+0x86/0x230 [ 24.736971] kunit_try_run_case+0x1a5/0x480 [ 24.737012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.737060] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.737121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.737162] ? __kthread_parkme+0x82/0x180 [ 24.737200] ? preempt_count_sub+0x50/0x80 [ 24.737239] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.737279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.737343] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.737384] kthread+0x337/0x6f0 [ 24.737412] ? trace_preempt_on+0x20/0xc0 [ 24.737453] ? __pfx_kthread+0x10/0x10 [ 24.737482] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.737517] ? calculate_sigpending+0x7b/0xa0 [ 24.737552] ? __pfx_kthread+0x10/0x10 [ 24.737583] ret_from_fork+0x41/0x80 [ 24.737618] ? __pfx_kthread+0x10/0x10 [ 24.737649] ret_from_fork_asm+0x1a/0x30 [ 24.737697] </TASK> [ 24.737715] [ 24.757166] Allocated by task 285: [ 24.758132] kasan_save_stack+0x45/0x70 [ 24.758757] kasan_save_track+0x18/0x40 [ 24.759403] kasan_save_alloc_info+0x3b/0x50 [ 24.760001] __kasan_kmalloc+0xb7/0xc0 [ 24.760704] __kmalloc_cache_noprof+0x189/0x420 [ 24.761381] kasan_atomics+0x95/0x310 [ 24.761701] kunit_try_run_case+0x1a5/0x480 [ 24.762078] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.762511] kthread+0x337/0x6f0 [ 24.762790] ret_from_fork+0x41/0x80 [ 24.764134] ret_from_fork_asm+0x1a/0x30 [ 24.764728] [ 24.765111] The buggy address belongs to the object at ffff888102ef1180 [ 24.765111] which belongs to the cache kmalloc-64 of size 64 [ 24.766389] The buggy address is located 0 bytes to the right of [ 24.766389] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.767349] [ 24.767600] The buggy address belongs to the physical page: [ 24.768260] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.768878] flags: 0x200000000000000(node=0|zone=2) [ 24.769800] page_type: f5(slab) [ 24.770215] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.771055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.771870] page dumped because: kasan: bad access detected [ 24.772621] [ 24.772861] Memory state around the buggy address: [ 24.773307] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.773834] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.774515] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.775515] ^ [ 24.775950] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.776638] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.777263] ================================================================== [ 24.468175] ================================================================== [ 24.469489] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 24.470232] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.470706] [ 24.470993] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.471134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.471174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.471211] Call Trace: [ 24.471239] <TASK> [ 24.471265] dump_stack_lvl+0x73/0xb0 [ 24.471361] print_report+0xd1/0x650 [ 24.471414] ? __virt_addr_valid+0x1db/0x2d0 [ 24.471451] ? kasan_atomics_helper+0xd47/0x5450 [ 24.471488] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.471524] ? kasan_atomics_helper+0xd47/0x5450 [ 24.471560] kasan_report+0x141/0x180 [ 24.471597] ? kasan_atomics_helper+0xd47/0x5450 [ 24.471638] kasan_check_range+0x10c/0x1c0 [ 24.471671] __kasan_check_write+0x18/0x20 [ 24.471703] kasan_atomics_helper+0xd47/0x5450 [ 24.471740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.471778] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.471815] ? kasan_atomics+0x152/0x310 [ 24.471853] kasan_atomics+0x1dc/0x310 [ 24.471902] ? __pfx_kasan_atomics+0x10/0x10 [ 24.471941] ? __pfx_read_tsc+0x10/0x10 [ 24.471978] ? ktime_get_ts64+0x86/0x230 [ 24.472021] kunit_try_run_case+0x1a5/0x480 [ 24.472091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.472133] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.472175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.472215] ? __kthread_parkme+0x82/0x180 [ 24.472252] ? preempt_count_sub+0x50/0x80 [ 24.472357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.472462] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.472542] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.472621] kthread+0x337/0x6f0 [ 24.472689] ? trace_preempt_on+0x20/0xc0 [ 24.472770] ? __pfx_kthread+0x10/0x10 [ 24.472839] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.472914] ? calculate_sigpending+0x7b/0xa0 [ 24.472991] ? __pfx_kthread+0x10/0x10 [ 24.473082] ret_from_fork+0x41/0x80 [ 24.473173] ? __pfx_kthread+0x10/0x10 [ 24.473218] ret_from_fork_asm+0x1a/0x30 [ 24.473268] </TASK> [ 24.473287] [ 24.493527] Allocated by task 285: [ 24.493720] kasan_save_stack+0x45/0x70 [ 24.493912] kasan_save_track+0x18/0x40 [ 24.494223] kasan_save_alloc_info+0x3b/0x50 [ 24.495031] __kasan_kmalloc+0xb7/0xc0 [ 24.495847] __kmalloc_cache_noprof+0x189/0x420 [ 24.496445] kasan_atomics+0x95/0x310 [ 24.496835] kunit_try_run_case+0x1a5/0x480 [ 24.497286] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.497878] kthread+0x337/0x6f0 [ 24.498267] ret_from_fork+0x41/0x80 [ 24.498845] ret_from_fork_asm+0x1a/0x30 [ 24.499430] [ 24.499662] The buggy address belongs to the object at ffff888102ef1180 [ 24.499662] which belongs to the cache kmalloc-64 of size 64 [ 24.500899] The buggy address is located 0 bytes to the right of [ 24.500899] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.502363] [ 24.503013] The buggy address belongs to the physical page: [ 24.503598] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.504353] flags: 0x200000000000000(node=0|zone=2) [ 24.504755] page_type: f5(slab) [ 24.505123] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.505746] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.506424] page dumped because: kasan: bad access detected [ 24.506942] [ 24.507173] Memory state around the buggy address: [ 24.507576] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.508222] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.509136] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.509669] ^ [ 24.510130] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.510725] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.511181] ================================================================== [ 23.772522] ================================================================== [ 23.773795] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 23.774740] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.775988] [ 23.776268] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.776409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.776453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.776728] Call Trace: [ 23.776788] <TASK> [ 23.776843] dump_stack_lvl+0x73/0xb0 [ 23.776927] print_report+0xd1/0x650 [ 23.776971] ? __virt_addr_valid+0x1db/0x2d0 [ 23.777009] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.777056] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.777112] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.777149] kasan_report+0x141/0x180 [ 23.777186] ? kasan_atomics_helper+0x4a0/0x5450 [ 23.777229] kasan_check_range+0x10c/0x1c0 [ 23.777264] __kasan_check_write+0x18/0x20 [ 23.777320] kasan_atomics_helper+0x4a0/0x5450 [ 23.777361] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.777399] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.777437] ? kasan_atomics+0x152/0x310 [ 23.777474] kasan_atomics+0x1dc/0x310 [ 23.777505] ? __pfx_kasan_atomics+0x10/0x10 [ 23.777539] ? __pfx_read_tsc+0x10/0x10 [ 23.777576] ? ktime_get_ts64+0x86/0x230 [ 23.777618] kunit_try_run_case+0x1a5/0x480 [ 23.777661] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.777697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.777770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.777812] ? __kthread_parkme+0x82/0x180 [ 23.777848] ? preempt_count_sub+0x50/0x80 [ 23.777889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.777929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.777968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.778007] kthread+0x337/0x6f0 [ 23.778039] ? trace_preempt_on+0x20/0xc0 [ 23.778103] ? __pfx_kthread+0x10/0x10 [ 23.778135] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.778173] ? calculate_sigpending+0x7b/0xa0 [ 23.778210] ? __pfx_kthread+0x10/0x10 [ 23.778239] ret_from_fork+0x41/0x80 [ 23.778284] ? __pfx_kthread+0x10/0x10 [ 23.778348] ret_from_fork_asm+0x1a/0x30 [ 23.778414] </TASK> [ 23.778436] [ 23.798080] Allocated by task 285: [ 23.798521] kasan_save_stack+0x45/0x70 [ 23.799013] kasan_save_track+0x18/0x40 [ 23.799447] kasan_save_alloc_info+0x3b/0x50 [ 23.799947] __kasan_kmalloc+0xb7/0xc0 [ 23.800398] __kmalloc_cache_noprof+0x189/0x420 [ 23.800841] kasan_atomics+0x95/0x310 [ 23.801443] kunit_try_run_case+0x1a5/0x480 [ 23.801898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.802458] kthread+0x337/0x6f0 [ 23.802984] ret_from_fork+0x41/0x80 [ 23.803375] ret_from_fork_asm+0x1a/0x30 [ 23.803853] [ 23.804085] The buggy address belongs to the object at ffff888102ef1180 [ 23.804085] which belongs to the cache kmalloc-64 of size 64 [ 23.804928] The buggy address is located 0 bytes to the right of [ 23.804928] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.805954] [ 23.806153] The buggy address belongs to the physical page: [ 23.806776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.807554] flags: 0x200000000000000(node=0|zone=2) [ 23.808100] page_type: f5(slab) [ 23.808490] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.809010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.809727] page dumped because: kasan: bad access detected [ 23.810314] [ 23.810586] Memory state around the buggy address: [ 23.811001] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.811603] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.812204] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.812906] ^ [ 23.813548] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.814219] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.815798] ================================================================== [ 26.236927] ================================================================== [ 26.237499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 26.238592] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 26.239945] [ 26.240562] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 26.241140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.241163] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.241197] Call Trace: [ 26.241225] <TASK> [ 26.241250] dump_stack_lvl+0x73/0xb0 [ 26.241321] print_report+0xd1/0x650 [ 26.241368] ? __virt_addr_valid+0x1db/0x2d0 [ 26.241404] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.241439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 26.241478] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.241514] kasan_report+0x141/0x180 [ 26.241551] ? kasan_atomics_helper+0x20c8/0x5450 [ 26.241592] kasan_check_range+0x10c/0x1c0 [ 26.241625] __kasan_check_write+0x18/0x20 [ 26.241658] kasan_atomics_helper+0x20c8/0x5450 [ 26.241695] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 26.241732] ? __kmalloc_cache_noprof+0x189/0x420 [ 26.241768] ? kasan_atomics+0x152/0x310 [ 26.241804] kasan_atomics+0x1dc/0x310 [ 26.241835] ? __pfx_kasan_atomics+0x10/0x10 [ 26.241869] ? __pfx_read_tsc+0x10/0x10 [ 26.241903] ? ktime_get_ts64+0x86/0x230 [ 26.241944] kunit_try_run_case+0x1a5/0x480 [ 26.241985] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.242025] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 26.242095] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 26.242139] ? __kthread_parkme+0x82/0x180 [ 26.242177] ? preempt_count_sub+0x50/0x80 [ 26.242217] ? __pfx_kunit_try_run_case+0x10/0x10 [ 26.242258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.242317] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 26.242360] kthread+0x337/0x6f0 [ 26.242390] ? trace_preempt_on+0x20/0xc0 [ 26.242429] ? __pfx_kthread+0x10/0x10 [ 26.242461] ? _raw_spin_unlock_irq+0x47/0x80 [ 26.242497] ? calculate_sigpending+0x7b/0xa0 [ 26.242532] ? __pfx_kthread+0x10/0x10 [ 26.242564] ret_from_fork+0x41/0x80 [ 26.242600] ? __pfx_kthread+0x10/0x10 [ 26.242631] ret_from_fork_asm+0x1a/0x30 [ 26.242680] </TASK> [ 26.242698] [ 26.264691] Allocated by task 285: [ 26.264984] kasan_save_stack+0x45/0x70 [ 26.267713] kasan_save_track+0x18/0x40 [ 26.268719] kasan_save_alloc_info+0x3b/0x50 [ 26.269795] __kasan_kmalloc+0xb7/0xc0 [ 26.271213] __kmalloc_cache_noprof+0x189/0x420 [ 26.272280] kasan_atomics+0x95/0x310 [ 26.273518] kunit_try_run_case+0x1a5/0x480 [ 26.274201] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.274716] kthread+0x337/0x6f0 [ 26.275120] ret_from_fork+0x41/0x80 [ 26.275545] ret_from_fork_asm+0x1a/0x30 [ 26.275947] [ 26.276386] The buggy address belongs to the object at ffff888102ef1180 [ 26.276386] which belongs to the cache kmalloc-64 of size 64 [ 26.277254] The buggy address is located 0 bytes to the right of [ 26.277254] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 26.278434] [ 26.278706] The buggy address belongs to the physical page: [ 26.279320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 26.280073] flags: 0x200000000000000(node=0|zone=2) [ 26.280645] page_type: f5(slab) [ 26.281026] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 26.281863] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 26.282541] page dumped because: kasan: bad access detected [ 26.283095] [ 26.283418] Memory state around the buggy address: [ 26.283794] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.284537] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 26.285265] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 26.285836] ^ [ 26.286397] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.287123] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 26.287803] ================================================================== [ 24.595920] ================================================================== [ 24.596667] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 24.597557] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.598316] [ 24.598629] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.598767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.598808] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.598871] Call Trace: [ 24.598947] <TASK> [ 24.599026] dump_stack_lvl+0x73/0xb0 [ 24.599156] print_report+0xd1/0x650 [ 24.599237] ? __virt_addr_valid+0x1db/0x2d0 [ 24.599332] ? kasan_atomics_helper+0xf10/0x5450 [ 24.599411] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.599478] ? kasan_atomics_helper+0xf10/0x5450 [ 24.599538] kasan_report+0x141/0x180 [ 24.599619] ? kasan_atomics_helper+0xf10/0x5450 [ 24.599710] kasan_check_range+0x10c/0x1c0 [ 24.599789] __kasan_check_write+0x18/0x20 [ 24.599864] kasan_atomics_helper+0xf10/0x5450 [ 24.599960] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.600084] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.600177] ? kasan_atomics+0x152/0x310 [ 24.600263] kasan_atomics+0x1dc/0x310 [ 24.600374] ? __pfx_kasan_atomics+0x10/0x10 [ 24.600479] ? __pfx_read_tsc+0x10/0x10 [ 24.600561] ? ktime_get_ts64+0x86/0x230 [ 24.600647] kunit_try_run_case+0x1a5/0x480 [ 24.600735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.600813] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.600899] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.600978] ? __kthread_parkme+0x82/0x180 [ 24.601093] ? preempt_count_sub+0x50/0x80 [ 24.601143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.601184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.601221] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.601259] kthread+0x337/0x6f0 [ 24.601286] ? trace_preempt_on+0x20/0xc0 [ 24.601354] ? __pfx_kthread+0x10/0x10 [ 24.601383] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.601417] ? calculate_sigpending+0x7b/0xa0 [ 24.601451] ? __pfx_kthread+0x10/0x10 [ 24.601478] ret_from_fork+0x41/0x80 [ 24.601513] ? __pfx_kthread+0x10/0x10 [ 24.601542] ret_from_fork_asm+0x1a/0x30 [ 24.601587] </TASK> [ 24.601605] [ 24.616896] Allocated by task 285: [ 24.617456] kasan_save_stack+0x45/0x70 [ 24.617987] kasan_save_track+0x18/0x40 [ 24.618508] kasan_save_alloc_info+0x3b/0x50 [ 24.618960] __kasan_kmalloc+0xb7/0xc0 [ 24.619446] __kmalloc_cache_noprof+0x189/0x420 [ 24.619986] kasan_atomics+0x95/0x310 [ 24.620462] kunit_try_run_case+0x1a5/0x480 [ 24.620953] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.621539] kthread+0x337/0x6f0 [ 24.621956] ret_from_fork+0x41/0x80 [ 24.622480] ret_from_fork_asm+0x1a/0x30 [ 24.622799] [ 24.623103] The buggy address belongs to the object at ffff888102ef1180 [ 24.623103] which belongs to the cache kmalloc-64 of size 64 [ 24.623949] The buggy address is located 0 bytes to the right of [ 24.623949] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.624728] [ 24.624981] The buggy address belongs to the physical page: [ 24.625618] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.626411] flags: 0x200000000000000(node=0|zone=2) [ 24.626918] page_type: f5(slab) [ 24.627374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.628029] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.628752] page dumped because: kasan: bad access detected [ 24.629218] [ 24.629454] Memory state around the buggy address: [ 24.629974] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.630753] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.631471] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.631927] ^ [ 24.632459] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.633205] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.633868] ================================================================== [ 23.577536] ================================================================== [ 23.578112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 23.578826] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 23.579218] [ 23.579410] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 23.579517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.579544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.579587] Call Trace: [ 23.579613] <TASK> [ 23.579653] dump_stack_lvl+0x73/0xb0 [ 23.579714] print_report+0xd1/0x650 [ 23.579772] ? __virt_addr_valid+0x1db/0x2d0 [ 23.579822] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.579870] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.579939] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.579990] kasan_report+0x141/0x180 [ 23.580041] ? kasan_atomics_helper+0x4b88/0x5450 [ 23.580106] __asan_report_load4_noabort+0x18/0x20 [ 23.580156] kasan_atomics_helper+0x4b88/0x5450 [ 23.580211] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.580265] ? __kmalloc_cache_noprof+0x189/0x420 [ 23.580336] ? kasan_atomics+0x152/0x310 [ 23.580392] kasan_atomics+0x1dc/0x310 [ 23.580437] ? __pfx_kasan_atomics+0x10/0x10 [ 23.580485] ? __pfx_read_tsc+0x10/0x10 [ 23.580533] ? ktime_get_ts64+0x86/0x230 [ 23.580592] kunit_try_run_case+0x1a5/0x480 [ 23.580651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.580700] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.580758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.580812] ? __kthread_parkme+0x82/0x180 [ 23.580866] ? preempt_count_sub+0x50/0x80 [ 23.580925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.580984] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.581038] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.581090] kthread+0x337/0x6f0 [ 23.581132] ? trace_preempt_on+0x20/0xc0 [ 23.581186] ? __pfx_kthread+0x10/0x10 [ 23.581237] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.581478] ? calculate_sigpending+0x7b/0xa0 [ 23.581559] ? __pfx_kthread+0x10/0x10 [ 23.581623] ret_from_fork+0x41/0x80 [ 23.581665] ? __pfx_kthread+0x10/0x10 [ 23.581696] ret_from_fork_asm+0x1a/0x30 [ 23.581744] </TASK> [ 23.581763] [ 23.606772] Allocated by task 285: [ 23.607389] kasan_save_stack+0x45/0x70 [ 23.609261] kasan_save_track+0x18/0x40 [ 23.609716] kasan_save_alloc_info+0x3b/0x50 [ 23.610158] __kasan_kmalloc+0xb7/0xc0 [ 23.610573] __kmalloc_cache_noprof+0x189/0x420 [ 23.611032] kasan_atomics+0x95/0x310 [ 23.611279] kunit_try_run_case+0x1a5/0x480 [ 23.613473] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.614170] kthread+0x337/0x6f0 [ 23.614941] ret_from_fork+0x41/0x80 [ 23.615401] ret_from_fork_asm+0x1a/0x30 [ 23.615979] [ 23.616128] The buggy address belongs to the object at ffff888102ef1180 [ 23.616128] which belongs to the cache kmalloc-64 of size 64 [ 23.616759] The buggy address is located 0 bytes to the right of [ 23.616759] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 23.617346] [ 23.617487] The buggy address belongs to the physical page: [ 23.617771] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 23.619227] flags: 0x200000000000000(node=0|zone=2) [ 23.619839] page_type: f5(slab) [ 23.620336] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.621419] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.622114] page dumped because: kasan: bad access detected [ 23.622721] [ 23.623146] Memory state around the buggy address: [ 23.623554] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.624563] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.625088] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.625800] ^ [ 23.626368] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.627155] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.628231] ================================================================== [ 25.910246] ================================================================== [ 25.910875] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 25.911751] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.913237] [ 25.913493] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.913605] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.913649] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.913712] Call Trace: [ 25.913767] <TASK> [ 25.913825] dump_stack_lvl+0x73/0xb0 [ 25.913910] print_report+0xd1/0x650 [ 25.913992] ? __virt_addr_valid+0x1db/0x2d0 [ 25.914072] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.914144] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.914224] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.914358] kasan_report+0x141/0x180 [ 25.914482] ? kasan_atomics_helper+0x1d7a/0x5450 [ 25.914582] kasan_check_range+0x10c/0x1c0 [ 25.914660] __kasan_check_write+0x18/0x20 [ 25.914771] kasan_atomics_helper+0x1d7a/0x5450 [ 25.914863] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.914949] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.915030] ? kasan_atomics+0x152/0x310 [ 25.915199] kasan_atomics+0x1dc/0x310 [ 25.915281] ? __pfx_kasan_atomics+0x10/0x10 [ 25.915381] ? __pfx_read_tsc+0x10/0x10 [ 25.915500] ? ktime_get_ts64+0x86/0x230 [ 25.915598] kunit_try_run_case+0x1a5/0x480 [ 25.915691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.915772] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.915913] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.916003] ? __kthread_parkme+0x82/0x180 [ 25.916130] ? preempt_count_sub+0x50/0x80 [ 25.916262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.916367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.916492] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.916575] kthread+0x337/0x6f0 [ 25.916626] ? trace_preempt_on+0x20/0xc0 [ 25.916697] ? __pfx_kthread+0x10/0x10 [ 25.916767] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.916888] ? calculate_sigpending+0x7b/0xa0 [ 25.916977] ? __pfx_kthread+0x10/0x10 [ 25.917091] ret_from_fork+0x41/0x80 [ 25.917174] ? __pfx_kthread+0x10/0x10 [ 25.917242] ret_from_fork_asm+0x1a/0x30 [ 25.917364] </TASK> [ 25.917447] [ 25.933116] Allocated by task 285: [ 25.933640] kasan_save_stack+0x45/0x70 [ 25.934187] kasan_save_track+0x18/0x40 [ 25.934668] kasan_save_alloc_info+0x3b/0x50 [ 25.935150] __kasan_kmalloc+0xb7/0xc0 [ 25.935644] __kmalloc_cache_noprof+0x189/0x420 [ 25.936162] kasan_atomics+0x95/0x310 [ 25.936648] kunit_try_run_case+0x1a5/0x480 [ 25.937143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.937690] kthread+0x337/0x6f0 [ 25.938103] ret_from_fork+0x41/0x80 [ 25.938590] ret_from_fork_asm+0x1a/0x30 [ 25.939011] [ 25.939550] The buggy address belongs to the object at ffff888102ef1180 [ 25.939550] which belongs to the cache kmalloc-64 of size 64 [ 25.941248] The buggy address is located 0 bytes to the right of [ 25.941248] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.944258] [ 25.944827] The buggy address belongs to the physical page: [ 25.945599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.946227] flags: 0x200000000000000(node=0|zone=2) [ 25.946654] page_type: f5(slab) [ 25.947008] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.947698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.948375] page dumped because: kasan: bad access detected [ 25.948813] [ 25.949079] Memory state around the buggy address: [ 25.949554] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.950175] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.950740] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.951356] ^ [ 25.951790] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.952363] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.953001] ================================================================== [ 25.781226] ================================================================== [ 25.781890] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 25.783280] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.784413] [ 25.784654] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.784797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.784841] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.784903] Call Trace: [ 25.784963] <TASK> [ 25.785019] dump_stack_lvl+0x73/0xb0 [ 25.785431] print_report+0xd1/0x650 [ 25.785519] ? __virt_addr_valid+0x1db/0x2d0 [ 25.785599] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.785655] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.785699] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.785737] kasan_report+0x141/0x180 [ 25.785775] ? kasan_atomics_helper+0x1c18/0x5450 [ 25.785819] kasan_check_range+0x10c/0x1c0 [ 25.785853] __kasan_check_write+0x18/0x20 [ 25.785888] kasan_atomics_helper+0x1c18/0x5450 [ 25.785927] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.785965] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.786002] ? kasan_atomics+0x152/0x310 [ 25.786066] kasan_atomics+0x1dc/0x310 [ 25.786121] ? __pfx_kasan_atomics+0x10/0x10 [ 25.786156] ? __pfx_read_tsc+0x10/0x10 [ 25.786194] ? ktime_get_ts64+0x86/0x230 [ 25.786236] kunit_try_run_case+0x1a5/0x480 [ 25.786279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.786344] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.786387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.786427] ? __kthread_parkme+0x82/0x180 [ 25.786464] ? preempt_count_sub+0x50/0x80 [ 25.786506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.786545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.786587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.786624] kthread+0x337/0x6f0 [ 25.786653] ? trace_preempt_on+0x20/0xc0 [ 25.786694] ? __pfx_kthread+0x10/0x10 [ 25.786724] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.786762] ? calculate_sigpending+0x7b/0xa0 [ 25.786801] ? __pfx_kthread+0x10/0x10 [ 25.786832] ret_from_fork+0x41/0x80 [ 25.786869] ? __pfx_kthread+0x10/0x10 [ 25.786899] ret_from_fork_asm+0x1a/0x30 [ 25.786946] </TASK> [ 25.786965] [ 25.804736] Allocated by task 285: [ 25.805132] kasan_save_stack+0x45/0x70 [ 25.805836] kasan_save_track+0x18/0x40 [ 25.806449] kasan_save_alloc_info+0x3b/0x50 [ 25.807004] __kasan_kmalloc+0xb7/0xc0 [ 25.807584] __kmalloc_cache_noprof+0x189/0x420 [ 25.808120] kasan_atomics+0x95/0x310 [ 25.808728] kunit_try_run_case+0x1a5/0x480 [ 25.809205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.809610] kthread+0x337/0x6f0 [ 25.809968] ret_from_fork+0x41/0x80 [ 25.810770] ret_from_fork_asm+0x1a/0x30 [ 25.811334] [ 25.811568] The buggy address belongs to the object at ffff888102ef1180 [ 25.811568] which belongs to the cache kmalloc-64 of size 64 [ 25.812827] The buggy address is located 0 bytes to the right of [ 25.812827] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.813798] [ 25.814074] The buggy address belongs to the physical page: [ 25.814842] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.815718] flags: 0x200000000000000(node=0|zone=2) [ 25.816283] page_type: f5(slab) [ 25.816817] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.817769] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.818458] page dumped because: kasan: bad access detected [ 25.819001] [ 25.819277] Memory state around the buggy address: [ 25.820003] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.820683] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.821404] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.822086] ^ [ 25.822646] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.823342] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.824001] ================================================================== [ 24.635556] ================================================================== [ 24.636283] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 24.637110] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 24.637847] [ 24.638190] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 24.638364] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.638408] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.638466] Call Trace: [ 24.638546] <TASK> [ 24.638627] dump_stack_lvl+0x73/0xb0 [ 24.638720] print_report+0xd1/0x650 [ 24.638806] ? __virt_addr_valid+0x1db/0x2d0 [ 24.638887] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.638964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.639100] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.639216] kasan_report+0x141/0x180 [ 24.639317] ? kasan_atomics_helper+0xfa9/0x5450 [ 24.639413] kasan_check_range+0x10c/0x1c0 [ 24.639517] __kasan_check_write+0x18/0x20 [ 24.639618] kasan_atomics_helper+0xfa9/0x5450 [ 24.639694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 24.639750] ? __kmalloc_cache_noprof+0x189/0x420 [ 24.639790] ? kasan_atomics+0x152/0x310 [ 24.639863] kasan_atomics+0x1dc/0x310 [ 24.639926] ? __pfx_kasan_atomics+0x10/0x10 [ 24.639995] ? __pfx_read_tsc+0x10/0x10 [ 24.640133] ? ktime_get_ts64+0x86/0x230 [ 24.640251] kunit_try_run_case+0x1a5/0x480 [ 24.640356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.640437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.640572] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.640680] ? __kthread_parkme+0x82/0x180 [ 24.640781] ? preempt_count_sub+0x50/0x80 [ 24.640900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.641016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.641143] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.641224] kthread+0x337/0x6f0 [ 24.641310] ? trace_preempt_on+0x20/0xc0 [ 24.641398] ? __pfx_kthread+0x10/0x10 [ 24.641490] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.641598] ? calculate_sigpending+0x7b/0xa0 [ 24.641678] ? __pfx_kthread+0x10/0x10 [ 24.641747] ret_from_fork+0x41/0x80 [ 24.641819] ? __pfx_kthread+0x10/0x10 [ 24.641865] ret_from_fork_asm+0x1a/0x30 [ 24.641915] </TASK> [ 24.641932] [ 24.659378] Allocated by task 285: [ 24.659833] kasan_save_stack+0x45/0x70 [ 24.660959] kasan_save_track+0x18/0x40 [ 24.661264] kasan_save_alloc_info+0x3b/0x50 [ 24.661741] __kasan_kmalloc+0xb7/0xc0 [ 24.662130] __kmalloc_cache_noprof+0x189/0x420 [ 24.662603] kasan_atomics+0x95/0x310 [ 24.664014] kunit_try_run_case+0x1a5/0x480 [ 24.664708] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.665063] kthread+0x337/0x6f0 [ 24.665320] ret_from_fork+0x41/0x80 [ 24.665593] ret_from_fork_asm+0x1a/0x30 [ 24.665890] [ 24.666051] The buggy address belongs to the object at ffff888102ef1180 [ 24.666051] which belongs to the cache kmalloc-64 of size 64 [ 24.669183] The buggy address is located 0 bytes to the right of [ 24.669183] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 24.672408] [ 24.673272] The buggy address belongs to the physical page: [ 24.674502] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 24.676231] flags: 0x200000000000000(node=0|zone=2) [ 24.677791] page_type: f5(slab) [ 24.678263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 24.679121] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 24.679997] page dumped because: kasan: bad access detected [ 24.680600] [ 24.680842] Memory state around the buggy address: [ 24.681395] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.682093] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 24.682757] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 24.683461] ^ [ 24.683845] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.684563] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.685200] ================================================================== [ 25.047873] ================================================================== [ 25.048694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 25.049471] Read of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.050229] [ 25.050582] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.050804] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.050847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.050909] Call Trace: [ 25.050966] <TASK> [ 25.051024] dump_stack_lvl+0x73/0xb0 [ 25.051316] print_report+0xd1/0x650 [ 25.051406] ? __virt_addr_valid+0x1db/0x2d0 [ 25.051488] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.051624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.051739] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.051821] kasan_report+0x141/0x180 [ 25.051923] ? kasan_atomics_helper+0x49ce/0x5450 [ 25.052111] __asan_report_load4_noabort+0x18/0x20 [ 25.052242] kasan_atomics_helper+0x49ce/0x5450 [ 25.052329] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.052373] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.052419] ? kasan_atomics+0x152/0x310 [ 25.052456] kasan_atomics+0x1dc/0x310 [ 25.052487] ? __pfx_kasan_atomics+0x10/0x10 [ 25.052523] ? __pfx_read_tsc+0x10/0x10 [ 25.052557] ? ktime_get_ts64+0x86/0x230 [ 25.052597] kunit_try_run_case+0x1a5/0x480 [ 25.052637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.052674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.052713] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.052751] ? __kthread_parkme+0x82/0x180 [ 25.052785] ? preempt_count_sub+0x50/0x80 [ 25.052824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.052861] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.052898] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.052936] kthread+0x337/0x6f0 [ 25.052961] ? trace_preempt_on+0x20/0xc0 [ 25.052999] ? __pfx_kthread+0x10/0x10 [ 25.053026] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.053106] ? calculate_sigpending+0x7b/0xa0 [ 25.053145] ? __pfx_kthread+0x10/0x10 [ 25.053174] ret_from_fork+0x41/0x80 [ 25.053210] ? __pfx_kthread+0x10/0x10 [ 25.053238] ret_from_fork_asm+0x1a/0x30 [ 25.053287] </TASK> [ 25.053333] [ 25.073762] Allocated by task 285: [ 25.074715] kasan_save_stack+0x45/0x70 [ 25.075106] kasan_save_track+0x18/0x40 [ 25.075528] kasan_save_alloc_info+0x3b/0x50 [ 25.076199] __kasan_kmalloc+0xb7/0xc0 [ 25.076618] __kmalloc_cache_noprof+0x189/0x420 [ 25.077057] kasan_atomics+0x95/0x310 [ 25.077442] kunit_try_run_case+0x1a5/0x480 [ 25.077885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.078845] kthread+0x337/0x6f0 [ 25.079100] ret_from_fork+0x41/0x80 [ 25.079854] ret_from_fork_asm+0x1a/0x30 [ 25.080437] [ 25.080624] The buggy address belongs to the object at ffff888102ef1180 [ 25.080624] which belongs to the cache kmalloc-64 of size 64 [ 25.082149] The buggy address is located 0 bytes to the right of [ 25.082149] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.083730] [ 25.083953] The buggy address belongs to the physical page: [ 25.084591] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.085457] flags: 0x200000000000000(node=0|zone=2) [ 25.085927] page_type: f5(slab) [ 25.086353] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.087094] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.087745] page dumped because: kasan: bad access detected [ 25.088378] [ 25.088625] Memory state around the buggy address: [ 25.089137] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.089710] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.090430] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.091084] ^ [ 25.091565] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.092202] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.092840] ================================================================== [ 25.001338] ================================================================== [ 25.001923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 25.002783] Write of size 4 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.003491] [ 25.003993] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.004168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.004206] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.004257] Call Trace: [ 25.004319] <TASK> [ 25.004369] dump_stack_lvl+0x73/0xb0 [ 25.004484] print_report+0xd1/0x650 [ 25.004559] ? __virt_addr_valid+0x1db/0x2d0 [ 25.004641] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.004735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.004824] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.004883] kasan_report+0x141/0x180 [ 25.004924] ? kasan_atomics_helper+0x12e6/0x5450 [ 25.005100] kasan_check_range+0x10c/0x1c0 [ 25.005201] __kasan_check_write+0x18/0x20 [ 25.005315] kasan_atomics_helper+0x12e6/0x5450 [ 25.005415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.005497] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.005580] ? kasan_atomics+0x152/0x310 [ 25.005663] kasan_atomics+0x1dc/0x310 [ 25.005737] ? __pfx_kasan_atomics+0x10/0x10 [ 25.005815] ? __pfx_read_tsc+0x10/0x10 [ 25.006161] ? ktime_get_ts64+0x86/0x230 [ 25.006211] kunit_try_run_case+0x1a5/0x480 [ 25.006257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.006326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.006374] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.006413] ? __kthread_parkme+0x82/0x180 [ 25.006448] ? preempt_count_sub+0x50/0x80 [ 25.006490] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.006530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.006569] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.006609] kthread+0x337/0x6f0 [ 25.006639] ? trace_preempt_on+0x20/0xc0 [ 25.006680] ? __pfx_kthread+0x10/0x10 [ 25.006709] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.006745] ? calculate_sigpending+0x7b/0xa0 [ 25.006782] ? __pfx_kthread+0x10/0x10 [ 25.006811] ret_from_fork+0x41/0x80 [ 25.006847] ? __pfx_kthread+0x10/0x10 [ 25.006876] ret_from_fork_asm+0x1a/0x30 [ 25.006926] </TASK> [ 25.006944] [ 25.028094] Allocated by task 285: [ 25.028608] kasan_save_stack+0x45/0x70 [ 25.028982] kasan_save_track+0x18/0x40 [ 25.029638] kasan_save_alloc_info+0x3b/0x50 [ 25.030272] __kasan_kmalloc+0xb7/0xc0 [ 25.030779] __kmalloc_cache_noprof+0x189/0x420 [ 25.031254] kasan_atomics+0x95/0x310 [ 25.031931] kunit_try_run_case+0x1a5/0x480 [ 25.032402] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.033177] kthread+0x337/0x6f0 [ 25.033589] ret_from_fork+0x41/0x80 [ 25.033932] ret_from_fork_asm+0x1a/0x30 [ 25.034539] [ 25.034796] The buggy address belongs to the object at ffff888102ef1180 [ 25.034796] which belongs to the cache kmalloc-64 of size 64 [ 25.036363] The buggy address is located 0 bytes to the right of [ 25.036363] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.037502] [ 25.037705] The buggy address belongs to the physical page: [ 25.038340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.038950] flags: 0x200000000000000(node=0|zone=2) [ 25.039565] page_type: f5(slab) [ 25.039894] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.040719] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.041425] page dumped because: kasan: bad access detected [ 25.041997] [ 25.042372] Memory state around the buggy address: [ 25.042843] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.043597] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.044191] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.044725] ^ [ 25.045171] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.045763] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.046373] ================================================================== [ 25.738584] ================================================================== [ 25.739873] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 25.740640] Write of size 8 at addr ffff888102ef11b0 by task kunit_try_catch/285 [ 25.741827] [ 25.742182] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 25.742403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.742448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.742510] Call Trace: [ 25.742566] <TASK> [ 25.742617] dump_stack_lvl+0x73/0xb0 [ 25.742668] print_report+0xd1/0x650 [ 25.742709] ? __virt_addr_valid+0x1db/0x2d0 [ 25.742745] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.742782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 25.742823] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.742861] kasan_report+0x141/0x180 [ 25.742899] ? kasan_atomics_helper+0x1b22/0x5450 [ 25.742943] kasan_check_range+0x10c/0x1c0 [ 25.742977] __kasan_check_write+0x18/0x20 [ 25.743010] kasan_atomics_helper+0x1b22/0x5450 [ 25.743063] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 25.743119] ? __kmalloc_cache_noprof+0x189/0x420 [ 25.743156] ? kasan_atomics+0x152/0x310 [ 25.743194] kasan_atomics+0x1dc/0x310 [ 25.743225] ? __pfx_kasan_atomics+0x10/0x10 [ 25.743259] ? __pfx_read_tsc+0x10/0x10 [ 25.743323] ? ktime_get_ts64+0x86/0x230 [ 25.743374] kunit_try_run_case+0x1a5/0x480 [ 25.743417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.743454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 25.743495] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 25.743535] ? __kthread_parkme+0x82/0x180 [ 25.743572] ? preempt_count_sub+0x50/0x80 [ 25.743613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 25.743651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.743692] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 25.743731] kthread+0x337/0x6f0 [ 25.743759] ? trace_preempt_on+0x20/0xc0 [ 25.743797] ? __pfx_kthread+0x10/0x10 [ 25.743827] ? _raw_spin_unlock_irq+0x47/0x80 [ 25.743862] ? calculate_sigpending+0x7b/0xa0 [ 25.743912] ? __pfx_kthread+0x10/0x10 [ 25.743942] ret_from_fork+0x41/0x80 [ 25.743979] ? __pfx_kthread+0x10/0x10 [ 25.744010] ret_from_fork_asm+0x1a/0x30 [ 25.744094] </TASK> [ 25.744117] [ 25.759717] Allocated by task 285: [ 25.760208] kasan_save_stack+0x45/0x70 [ 25.760800] kasan_save_track+0x18/0x40 [ 25.761356] kasan_save_alloc_info+0x3b/0x50 [ 25.761803] __kasan_kmalloc+0xb7/0xc0 [ 25.762403] __kmalloc_cache_noprof+0x189/0x420 [ 25.762877] kasan_atomics+0x95/0x310 [ 25.763187] kunit_try_run_case+0x1a5/0x480 [ 25.763544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.764375] kthread+0x337/0x6f0 [ 25.764827] ret_from_fork+0x41/0x80 [ 25.765436] ret_from_fork_asm+0x1a/0x30 [ 25.766022] [ 25.766232] The buggy address belongs to the object at ffff888102ef1180 [ 25.766232] which belongs to the cache kmalloc-64 of size 64 [ 25.767216] The buggy address is located 0 bytes to the right of [ 25.767216] allocated 48-byte region [ffff888102ef1180, ffff888102ef11b0) [ 25.768417] [ 25.768746] The buggy address belongs to the physical page: [ 25.769376] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ef1 [ 25.770083] flags: 0x200000000000000(node=0|zone=2) [ 25.770660] page_type: f5(slab) [ 25.771083] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 25.771777] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 25.772590] page dumped because: kasan: bad access detected [ 25.773099] [ 25.773431] Memory state around the buggy address: [ 25.774362] ffff888102ef1080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.774948] ffff888102ef1100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 25.776025] >ffff888102ef1180: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 25.777740] ^ [ 25.778372] ffff888102ef1200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.779043] ffff888102ef1280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 25.779748] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 22.242901] ================================================================== [ 22.243854] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 22.244910] Read of size 1 at addr ffff8881039efc4a by task kunit_try_catch/273 [ 22.245996] [ 22.246263] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.246385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.246417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.246468] Call Trace: [ 22.246504] <TASK> [ 22.246541] dump_stack_lvl+0x73/0xb0 [ 22.246616] print_report+0xd1/0x650 [ 22.246688] ? __virt_addr_valid+0x1db/0x2d0 [ 22.246756] ? kasan_alloca_oob_right+0x329/0x390 [ 22.246818] ? kasan_addr_to_slab+0x11/0xa0 [ 22.246875] ? kasan_alloca_oob_right+0x329/0x390 [ 22.246938] kasan_report+0x141/0x180 [ 22.247000] ? kasan_alloca_oob_right+0x329/0x390 [ 22.247079] __asan_report_load1_noabort+0x18/0x20 [ 22.247145] kasan_alloca_oob_right+0x329/0x390 [ 22.247213] ? finish_task_switch.isra.0+0x153/0x700 [ 22.247277] ? down_write_killable+0x8e/0x180 [ 22.248482] ? trace_hardirqs_on+0x37/0xe0 [ 22.248560] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 22.248629] ? __schedule+0x10cc/0x2b60 [ 22.248693] ? __pfx_read_tsc+0x10/0x10 [ 22.248747] ? ktime_get_ts64+0x86/0x230 [ 22.248816] kunit_try_run_case+0x1a5/0x480 [ 22.248885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.248943] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.249005] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.249096] ? __kthread_parkme+0x82/0x180 [ 22.249166] ? preempt_count_sub+0x50/0x80 [ 22.249229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.249325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.249400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.249470] kthread+0x337/0x6f0 [ 22.249528] ? trace_preempt_on+0x20/0xc0 [ 22.249595] ? __pfx_kthread+0x10/0x10 [ 22.249653] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.249709] ? calculate_sigpending+0x7b/0xa0 [ 22.249771] ? __pfx_kthread+0x10/0x10 [ 22.249825] ret_from_fork+0x41/0x80 [ 22.249887] ? __pfx_kthread+0x10/0x10 [ 22.249919] ret_from_fork_asm+0x1a/0x30 [ 22.249969] </TASK> [ 22.249986] [ 22.272265] The buggy address belongs to stack of task kunit_try_catch/273 [ 22.272686] [ 22.272789] The buggy address belongs to the physical page: [ 22.272987] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 22.273259] flags: 0x200000000000000(node=0|zone=2) [ 22.274135] raw: 0200000000000000 ffffea00040e7bc8 ffffea00040e7bc8 0000000000000000 [ 22.275574] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.276797] page dumped because: kasan: bad access detected [ 22.277431] [ 22.277663] Memory state around the buggy address: [ 22.278510] ffff8881039efb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.279174] ffff8881039efb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.279898] >ffff8881039efc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.280802] ^ [ 22.281226] ffff8881039efc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 22.282251] ffff8881039efd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 22.282853] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 22.195348] ================================================================== [ 22.197200] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 22.197810] Read of size 1 at addr ffff8881039bfc3f by task kunit_try_catch/271 [ 22.199116] [ 22.199519] CPU: 0 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.199656] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.199682] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.199716] Call Trace: [ 22.199738] <TASK> [ 22.199766] dump_stack_lvl+0x73/0xb0 [ 22.199864] print_report+0xd1/0x650 [ 22.199924] ? __virt_addr_valid+0x1db/0x2d0 [ 22.199964] ? kasan_alloca_oob_left+0x320/0x380 [ 22.200002] ? kasan_addr_to_slab+0x11/0xa0 [ 22.200041] ? kasan_alloca_oob_left+0x320/0x380 [ 22.200105] kasan_report+0x141/0x180 [ 22.200148] ? kasan_alloca_oob_left+0x320/0x380 [ 22.200192] __asan_report_load1_noabort+0x18/0x20 [ 22.200226] kasan_alloca_oob_left+0x320/0x380 [ 22.200269] ? kasan_alloca_oob_left+0xb2/0x380 [ 22.200336] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 22.200379] ? __schedule+0x10cc/0x2b60 [ 22.200419] ? __pfx_read_tsc+0x10/0x10 [ 22.200456] ? ktime_get_ts64+0x86/0x230 [ 22.200498] kunit_try_run_case+0x1a5/0x480 [ 22.200541] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.200577] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.200617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.200654] ? __kthread_parkme+0x82/0x180 [ 22.200691] ? preempt_count_sub+0x50/0x80 [ 22.200732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.200772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.200809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.200847] kthread+0x337/0x6f0 [ 22.200874] ? trace_preempt_on+0x20/0xc0 [ 22.200915] ? __pfx_kthread+0x10/0x10 [ 22.200943] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.200979] ? calculate_sigpending+0x7b/0xa0 [ 22.201014] ? __pfx_kthread+0x10/0x10 [ 22.201056] ret_from_fork+0x41/0x80 [ 22.201159] ? __pfx_kthread+0x10/0x10 [ 22.201216] ret_from_fork_asm+0x1a/0x30 [ 22.201316] </TASK> [ 22.201348] [ 22.222678] The buggy address belongs to stack of task kunit_try_catch/271 [ 22.223559] [ 22.223777] The buggy address belongs to the physical page: [ 22.224237] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039bf [ 22.225820] flags: 0x200000000000000(node=0|zone=2) [ 22.226423] raw: 0200000000000000 ffffea00040e6fc8 ffffea00040e6fc8 0000000000000000 [ 22.227281] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.228137] page dumped because: kasan: bad access detected [ 22.228776] [ 22.229334] Memory state around the buggy address: [ 22.229697] ffff8881039bfb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.230790] ffff8881039bfb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.231656] >ffff8881039bfc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 22.232259] ^ [ 22.232950] ffff8881039bfc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 22.234334] ffff8881039bfd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 22.235402] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 22.146809] ================================================================== [ 22.148127] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 22.148656] Read of size 1 at addr ffff88810396fd02 by task kunit_try_catch/269 [ 22.149643] [ 22.149912] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.150809] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.150847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.151389] Call Trace: [ 22.151417] <TASK> [ 22.151446] dump_stack_lvl+0x73/0xb0 [ 22.151492] print_report+0xd1/0x650 [ 22.151533] ? __virt_addr_valid+0x1db/0x2d0 [ 22.151570] ? kasan_stack_oob+0x2b5/0x300 [ 22.151604] ? kasan_addr_to_slab+0x11/0xa0 [ 22.151639] ? kasan_stack_oob+0x2b5/0x300 [ 22.151672] kasan_report+0x141/0x180 [ 22.151708] ? kasan_stack_oob+0x2b5/0x300 [ 22.151746] __asan_report_load1_noabort+0x18/0x20 [ 22.151779] kasan_stack_oob+0x2b5/0x300 [ 22.151812] ? __pfx_kasan_stack_oob+0x10/0x10 [ 22.151843] ? finish_task_switch.isra.0+0x153/0x700 [ 22.151895] ? __switch_to+0x5d9/0xf60 [ 22.151931] ? dequeue_task_fair+0x166/0x4e0 [ 22.152246] ? __schedule+0x10cc/0x2b60 [ 22.152324] ? __pfx_read_tsc+0x10/0x10 [ 22.152367] ? ktime_get_ts64+0x86/0x230 [ 22.152410] kunit_try_run_case+0x1a5/0x480 [ 22.152451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.152489] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.152528] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.152565] ? __kthread_parkme+0x82/0x180 [ 22.152602] ? preempt_count_sub+0x50/0x80 [ 22.152640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.152678] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.152716] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.152752] kthread+0x337/0x6f0 [ 22.152779] ? trace_preempt_on+0x20/0xc0 [ 22.152820] ? __pfx_kthread+0x10/0x10 [ 22.152846] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.152879] ? calculate_sigpending+0x7b/0xa0 [ 22.152912] ? __pfx_kthread+0x10/0x10 [ 22.152941] ret_from_fork+0x41/0x80 [ 22.153008] ? __pfx_kthread+0x10/0x10 [ 22.153081] ret_from_fork_asm+0x1a/0x30 [ 22.153175] </TASK> [ 22.153194] [ 22.172329] The buggy address belongs to stack of task kunit_try_catch/269 [ 22.173130] and is located at offset 138 in frame: [ 22.173780] kasan_stack_oob+0x0/0x300 [ 22.174629] [ 22.174902] This frame has 4 objects: [ 22.176102] [48, 49) '__assertion' [ 22.176184] [64, 72) 'array' [ 22.176578] [96, 112) '__assertion' [ 22.177094] [128, 138) 'stack_array' [ 22.177550] [ 22.178381] The buggy address belongs to the physical page: [ 22.178880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10396f [ 22.180223] flags: 0x200000000000000(node=0|zone=2) [ 22.180721] raw: 0200000000000000 ffffea00040e5bc8 ffffea00040e5bc8 0000000000000000 [ 22.181505] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 22.182265] page dumped because: kasan: bad access detected [ 22.182693] [ 22.182938] Memory state around the buggy address: [ 22.183788] ffff88810396fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 22.184653] ffff88810396fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 22.185424] >ffff88810396fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 22.186177] ^ [ 22.186520] ffff88810396fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 22.187620] ffff88810396fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.188155] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 22.099092] ================================================================== [ 22.100732] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 22.101575] Read of size 1 at addr ffffffff9dc4232d by task kunit_try_catch/265 [ 22.102830] [ 22.103214] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.103414] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.103517] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.103621] Call Trace: [ 22.103683] <TASK> [ 22.103738] dump_stack_lvl+0x73/0xb0 [ 22.103819] print_report+0xd1/0x650 [ 22.103858] ? __virt_addr_valid+0x1db/0x2d0 [ 22.103907] ? kasan_global_oob_right+0x286/0x2d0 [ 22.103942] ? kasan_addr_to_slab+0x11/0xa0 [ 22.104028] ? kasan_global_oob_right+0x286/0x2d0 [ 22.104099] kasan_report+0x141/0x180 [ 22.104162] ? kasan_global_oob_right+0x286/0x2d0 [ 22.104230] __asan_report_load1_noabort+0x18/0x20 [ 22.104307] kasan_global_oob_right+0x286/0x2d0 [ 22.104370] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 22.104437] ? __schedule+0x10cc/0x2b60 [ 22.104502] ? __pfx_read_tsc+0x10/0x10 [ 22.104560] ? ktime_get_ts64+0x86/0x230 [ 22.104651] kunit_try_run_case+0x1a5/0x480 [ 22.104700] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.104734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.104769] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.104805] ? __kthread_parkme+0x82/0x180 [ 22.104837] ? preempt_count_sub+0x50/0x80 [ 22.104872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.104908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.104941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.105029] kthread+0x337/0x6f0 [ 22.105130] ? trace_preempt_on+0x20/0xc0 [ 22.105180] ? __pfx_kthread+0x10/0x10 [ 22.105206] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.105238] ? calculate_sigpending+0x7b/0xa0 [ 22.105269] ? __pfx_kthread+0x10/0x10 [ 22.105320] ret_from_fork+0x41/0x80 [ 22.105358] ? __pfx_kthread+0x10/0x10 [ 22.105386] ret_from_fork_asm+0x1a/0x30 [ 22.105429] </TASK> [ 22.105445] [ 22.123390] The buggy address belongs to the variable: [ 22.123946] global_array+0xd/0x40 [ 22.124618] [ 22.124841] The buggy address belongs to the physical page: [ 22.125371] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6cc42 [ 22.126785] flags: 0x100000000002000(reserved|node=0|zone=1) [ 22.127226] raw: 0100000000002000 ffffea0001b31088 ffffea0001b31088 0000000000000000 [ 22.127914] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 22.128925] page dumped because: kasan: bad access detected [ 22.130084] [ 22.130324] Memory state around the buggy address: [ 22.130733] ffffffff9dc42200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.131518] ffffffff9dc42280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.132402] >ffffffff9dc42300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 22.133200] ^ [ 22.133576] ffffffff9dc42380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 22.134616] ffffffff9dc42400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 22.135144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 21.990849] ================================================================== [ 21.993390] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.994459] Free of addr ffff8881030b5601 by task kunit_try_catch/261 [ 21.994814] [ 21.995014] CPU: 0 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.995121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.995149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.995195] Call Trace: [ 21.995224] <TASK> [ 21.995262] dump_stack_lvl+0x73/0xb0 [ 21.996609] print_report+0xd1/0x650 [ 21.996692] ? __virt_addr_valid+0x1db/0x2d0 [ 21.996779] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.996853] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.996937] kasan_report_invalid_free+0x10a/0x130 [ 21.997241] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.997363] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.997414] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.997460] check_slab_allocation+0x11f/0x130 [ 21.997500] __kasan_mempool_poison_object+0x91/0x1d0 [ 21.997546] mempool_free+0x2ec/0x380 [ 21.997590] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 21.997638] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 21.997683] ? update_load_avg+0x1be/0x21b0 [ 21.997716] ? dequeue_entities+0x27e/0x1740 [ 21.997756] ? finish_task_switch.isra.0+0x153/0x700 [ 21.997802] mempool_kmalloc_invalid_free+0xed/0x140 [ 21.997844] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 21.997884] ? dequeue_task_fair+0x166/0x4e0 [ 21.997921] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.998019] ? __pfx_mempool_kfree+0x10/0x10 [ 21.998117] ? __pfx_read_tsc+0x10/0x10 [ 21.998155] ? ktime_get_ts64+0x86/0x230 [ 21.998197] kunit_try_run_case+0x1a5/0x480 [ 21.998242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.998280] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.998352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.998395] ? __kthread_parkme+0x82/0x180 [ 21.998433] ? preempt_count_sub+0x50/0x80 [ 21.998473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.998513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.998552] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.998592] kthread+0x337/0x6f0 [ 21.998620] ? trace_preempt_on+0x20/0xc0 [ 21.998659] ? __pfx_kthread+0x10/0x10 [ 21.998687] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.998722] ? calculate_sigpending+0x7b/0xa0 [ 21.998759] ? __pfx_kthread+0x10/0x10 [ 21.998787] ret_from_fork+0x41/0x80 [ 21.998823] ? __pfx_kthread+0x10/0x10 [ 21.998853] ret_from_fork_asm+0x1a/0x30 [ 21.998901] </TASK> [ 21.998919] [ 22.021004] Allocated by task 261: [ 22.021637] kasan_save_stack+0x45/0x70 [ 22.022393] kasan_save_track+0x18/0x40 [ 22.022880] kasan_save_alloc_info+0x3b/0x50 [ 22.023539] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 22.023928] remove_element+0x11e/0x190 [ 22.024551] mempool_alloc_preallocated+0x4d/0x90 [ 22.025224] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 22.025865] mempool_kmalloc_invalid_free+0xed/0x140 [ 22.026562] kunit_try_run_case+0x1a5/0x480 [ 22.027095] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.027642] kthread+0x337/0x6f0 [ 22.028227] ret_from_fork+0x41/0x80 [ 22.028692] ret_from_fork_asm+0x1a/0x30 [ 22.029334] [ 22.029577] The buggy address belongs to the object at ffff8881030b5600 [ 22.029577] which belongs to the cache kmalloc-128 of size 128 [ 22.031259] The buggy address is located 1 bytes inside of [ 22.031259] 128-byte region [ffff8881030b5600, ffff8881030b5680) [ 22.032415] [ 22.032669] The buggy address belongs to the physical page: [ 22.033381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030b5 [ 22.034120] flags: 0x200000000000000(node=0|zone=2) [ 22.034602] page_type: f5(slab) [ 22.035275] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 22.036263] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 22.037221] page dumped because: kasan: bad access detected [ 22.037745] [ 22.038093] Memory state around the buggy address: [ 22.038603] ffff8881030b5500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 22.039461] ffff8881030b5580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.040026] >ffff8881030b5600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.040770] ^ [ 22.041319] ffff8881030b5680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.041862] ffff8881030b5700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.042764] ================================================================== [ 22.050223] ================================================================== [ 22.051192] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 22.051912] Free of addr ffff888102a08001 by task kunit_try_catch/263 [ 22.052568] [ 22.052806] CPU: 0 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 22.052948] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.053051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.053166] Call Trace: [ 22.053222] <TASK> [ 22.053273] dump_stack_lvl+0x73/0xb0 [ 22.053382] print_report+0xd1/0x650 [ 22.053520] ? __virt_addr_valid+0x1db/0x2d0 [ 22.053600] ? kasan_addr_to_slab+0x11/0xa0 [ 22.053672] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 22.053752] kasan_report_invalid_free+0x10a/0x130 [ 22.053834] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 22.053924] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 22.054069] __kasan_mempool_poison_object+0x102/0x1d0 [ 22.054283] mempool_free+0x2ec/0x380 [ 22.054356] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 22.054399] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 22.054441] ? dequeue_entities+0x852/0x1740 [ 22.054482] ? finish_task_switch.isra.0+0x153/0x700 [ 22.054523] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 22.054562] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 22.054603] ? dequeue_task_fair+0x166/0x4e0 [ 22.054638] ? __pfx_mempool_kmalloc+0x10/0x10 [ 22.054670] ? __pfx_mempool_kfree+0x10/0x10 [ 22.054702] ? __pfx_read_tsc+0x10/0x10 [ 22.054733] ? ktime_get_ts64+0x86/0x230 [ 22.054773] kunit_try_run_case+0x1a5/0x480 [ 22.054812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.054848] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.054887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.054923] ? __kthread_parkme+0x82/0x180 [ 22.054959] ? preempt_count_sub+0x50/0x80 [ 22.054997] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.055042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.055110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.055148] kthread+0x337/0x6f0 [ 22.055175] ? trace_preempt_on+0x20/0xc0 [ 22.055212] ? __pfx_kthread+0x10/0x10 [ 22.055240] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.055275] ? calculate_sigpending+0x7b/0xa0 [ 22.055335] ? __pfx_kthread+0x10/0x10 [ 22.055365] ret_from_fork+0x41/0x80 [ 22.055399] ? __pfx_kthread+0x10/0x10 [ 22.055429] ret_from_fork_asm+0x1a/0x30 [ 22.055477] </TASK> [ 22.055493] [ 22.078236] The buggy address belongs to the physical page: [ 22.079378] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 22.080167] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 22.080944] flags: 0x200000000000040(head|node=0|zone=2) [ 22.081624] page_type: f8(unknown) [ 22.082163] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.082889] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.083763] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 22.084548] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 22.085141] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 22.086040] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 22.086810] page dumped because: kasan: bad access detected [ 22.087520] [ 22.087854] Memory state around the buggy address: [ 22.088190] ffff888102a07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.088841] ffff888102a07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 22.089473] >ffff888102a08000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.090545] ^ [ 22.090798] ffff888102a08080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.091823] ffff888102a08100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 22.092620] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 21.876747] ================================================================== [ 21.878019] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.879120] Free of addr ffff888102a08000 by task kunit_try_catch/257 [ 21.880643] [ 21.880881] CPU: 0 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.881210] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.881246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.881281] Call Trace: [ 21.881325] <TASK> [ 21.881352] dump_stack_lvl+0x73/0xb0 [ 21.881396] print_report+0xd1/0x650 [ 21.881434] ? __virt_addr_valid+0x1db/0x2d0 [ 21.881471] ? kasan_addr_to_slab+0x11/0xa0 [ 21.881504] ? mempool_double_free_helper+0x184/0x370 [ 21.881545] kasan_report_invalid_free+0x10a/0x130 [ 21.881585] ? mempool_double_free_helper+0x184/0x370 [ 21.881627] ? mempool_double_free_helper+0x184/0x370 [ 21.881663] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 21.881702] mempool_free+0x2ec/0x380 [ 21.881741] mempool_double_free_helper+0x184/0x370 [ 21.881783] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.881822] ? update_load_avg+0x1be/0x21b0 [ 21.881853] ? dequeue_entities+0x27e/0x1740 [ 21.881891] ? finish_task_switch.isra.0+0x153/0x700 [ 21.881932] mempool_kmalloc_large_double_free+0xed/0x140 [ 21.881972] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 21.882012] ? dequeue_task_fair+0x166/0x4e0 [ 21.882322] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.882369] ? __pfx_mempool_kfree+0x10/0x10 [ 21.882405] ? __pfx_read_tsc+0x10/0x10 [ 21.882443] ? ktime_get_ts64+0x86/0x230 [ 21.882484] kunit_try_run_case+0x1a5/0x480 [ 21.882528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.882565] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.882604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.882643] ? __kthread_parkme+0x82/0x180 [ 21.882678] ? preempt_count_sub+0x50/0x80 [ 21.882717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.882754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.882790] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.882826] kthread+0x337/0x6f0 [ 21.882850] ? trace_preempt_on+0x20/0xc0 [ 21.882888] ? __pfx_kthread+0x10/0x10 [ 21.882915] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.882948] ? calculate_sigpending+0x7b/0xa0 [ 21.883046] ? __pfx_kthread+0x10/0x10 [ 21.883127] ret_from_fork+0x41/0x80 [ 21.883167] ? __pfx_kthread+0x10/0x10 [ 21.883194] ret_from_fork_asm+0x1a/0x30 [ 21.883242] </TASK> [ 21.883258] [ 21.907070] The buggy address belongs to the physical page: [ 21.907597] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 21.908612] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.909563] flags: 0x200000000000040(head|node=0|zone=2) [ 21.909953] page_type: f8(unknown) [ 21.910363] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.912695] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.913464] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.914734] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.915656] head: 0200000000000002 ffffea00040a8201 00000000ffffffff 00000000ffffffff [ 21.916765] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.917807] page dumped because: kasan: bad access detected [ 21.918601] [ 21.918772] Memory state around the buggy address: [ 21.919253] ffff888102a07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.919799] ffff888102a07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.921749] >ffff888102a08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.922626] ^ [ 21.922959] ffff888102a08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.923745] ffff888102a08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.924712] ================================================================== [ 21.932320] ================================================================== [ 21.933193] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.934344] Free of addr ffff888103928000 by task kunit_try_catch/259 [ 21.934985] [ 21.935729] CPU: 1 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.935867] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.935924] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.936362] Call Trace: [ 21.936408] <TASK> [ 21.936457] dump_stack_lvl+0x73/0xb0 [ 21.936558] print_report+0xd1/0x650 [ 21.936637] ? __virt_addr_valid+0x1db/0x2d0 [ 21.936700] ? kasan_addr_to_slab+0x11/0xa0 [ 21.936738] ? mempool_double_free_helper+0x184/0x370 [ 21.936779] kasan_report_invalid_free+0x10a/0x130 [ 21.936851] ? mempool_double_free_helper+0x184/0x370 [ 21.936904] ? mempool_double_free_helper+0x184/0x370 [ 21.936942] __kasan_mempool_poison_pages+0x115/0x130 [ 21.937020] mempool_free+0x290/0x380 [ 21.937278] mempool_double_free_helper+0x184/0x370 [ 21.937352] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.937396] ? dequeue_entities+0x852/0x1740 [ 21.937438] ? irqentry_exit+0x2a/0x60 [ 21.937466] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.937510] mempool_page_alloc_double_free+0xe8/0x140 [ 21.937544] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 21.937581] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 21.937613] ? __pfx_mempool_free_pages+0x10/0x10 [ 21.937647] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 21.937684] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 21.937720] kunit_try_run_case+0x1a5/0x480 [ 21.937761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.937798] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.937838] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.937875] ? __kthread_parkme+0x82/0x180 [ 21.937909] ? preempt_count_sub+0x50/0x80 [ 21.937950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.938031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.938111] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.938152] kthread+0x337/0x6f0 [ 21.938179] ? trace_preempt_on+0x20/0xc0 [ 21.938219] ? __pfx_kthread+0x10/0x10 [ 21.938247] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.938280] ? calculate_sigpending+0x7b/0xa0 [ 21.938341] ? __pfx_kthread+0x10/0x10 [ 21.938370] ret_from_fork+0x41/0x80 [ 21.938406] ? __pfx_kthread+0x10/0x10 [ 21.938437] ret_from_fork_asm+0x1a/0x30 [ 21.938486] </TASK> [ 21.938502] [ 21.965673] The buggy address belongs to the physical page: [ 21.966319] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103928 [ 21.966984] flags: 0x200000000000000(node=0|zone=2) [ 21.968150] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.968757] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.970094] page dumped because: kasan: bad access detected [ 21.970718] [ 21.970942] Memory state around the buggy address: [ 21.972120] ffff888103927f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.973461] ffff888103927f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.973961] >ffff888103928000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.974643] ^ [ 21.974968] ffff888103928080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.976459] ffff888103928100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.978194] ================================================================== [ 21.811576] ================================================================== [ 21.812959] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 21.813584] Free of addr ffff8881030b5200 by task kunit_try_catch/255 [ 21.814058] [ 21.815360] CPU: 0 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.815478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.815501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.815532] Call Trace: [ 21.815551] <TASK> [ 21.815577] dump_stack_lvl+0x73/0xb0 [ 21.815621] print_report+0xd1/0x650 [ 21.815659] ? __virt_addr_valid+0x1db/0x2d0 [ 21.815696] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.815733] ? mempool_double_free_helper+0x184/0x370 [ 21.815775] kasan_report_invalid_free+0x10a/0x130 [ 21.815817] ? mempool_double_free_helper+0x184/0x370 [ 21.815862] ? mempool_double_free_helper+0x184/0x370 [ 21.815920] ? mempool_double_free_helper+0x184/0x370 [ 21.816017] check_slab_allocation+0x101/0x130 [ 21.816117] __kasan_mempool_poison_object+0x91/0x1d0 [ 21.816170] mempool_free+0x2ec/0x380 [ 21.816211] mempool_double_free_helper+0x184/0x370 [ 21.816254] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 21.816321] ? dequeue_entities+0x852/0x1740 [ 21.816366] ? finish_task_switch.isra.0+0x153/0x700 [ 21.816410] mempool_kmalloc_double_free+0xed/0x140 [ 21.816451] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 21.816492] ? dequeue_task_fair+0x166/0x4e0 [ 21.816529] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.816561] ? __pfx_mempool_kfree+0x10/0x10 [ 21.816596] ? __pfx_read_tsc+0x10/0x10 [ 21.816629] ? ktime_get_ts64+0x86/0x230 [ 21.816669] kunit_try_run_case+0x1a5/0x480 [ 21.816709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.816747] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.816787] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.816825] ? __kthread_parkme+0x82/0x180 [ 21.816860] ? preempt_count_sub+0x50/0x80 [ 21.816897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.816936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.817030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.817120] kthread+0x337/0x6f0 [ 21.817160] ? trace_preempt_on+0x20/0xc0 [ 21.817201] ? __pfx_kthread+0x10/0x10 [ 21.817229] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.817265] ? calculate_sigpending+0x7b/0xa0 [ 21.817329] ? __pfx_kthread+0x10/0x10 [ 21.817363] ret_from_fork+0x41/0x80 [ 21.817400] ? __pfx_kthread+0x10/0x10 [ 21.817427] ret_from_fork_asm+0x1a/0x30 [ 21.817476] </TASK> [ 21.817492] [ 21.839122] Allocated by task 255: [ 21.839563] kasan_save_stack+0x45/0x70 [ 21.840234] kasan_save_track+0x18/0x40 [ 21.840679] kasan_save_alloc_info+0x3b/0x50 [ 21.841544] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.842410] remove_element+0x11e/0x190 [ 21.842843] mempool_alloc_preallocated+0x4d/0x90 [ 21.843459] mempool_double_free_helper+0x8a/0x370 [ 21.844086] mempool_kmalloc_double_free+0xed/0x140 [ 21.844586] kunit_try_run_case+0x1a5/0x480 [ 21.845447] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.846159] kthread+0x337/0x6f0 [ 21.846646] ret_from_fork+0x41/0x80 [ 21.847068] ret_from_fork_asm+0x1a/0x30 [ 21.847664] [ 21.847920] Freed by task 255: [ 21.848365] kasan_save_stack+0x45/0x70 [ 21.848685] kasan_save_track+0x18/0x40 [ 21.849042] kasan_save_free_info+0x3f/0x60 [ 21.849560] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.850144] mempool_free+0x2ec/0x380 [ 21.851082] mempool_double_free_helper+0x109/0x370 [ 21.851990] mempool_kmalloc_double_free+0xed/0x140 [ 21.852588] kunit_try_run_case+0x1a5/0x480 [ 21.853053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.854068] kthread+0x337/0x6f0 [ 21.854577] ret_from_fork+0x41/0x80 [ 21.855276] ret_from_fork_asm+0x1a/0x30 [ 21.855890] [ 21.856281] The buggy address belongs to the object at ffff8881030b5200 [ 21.856281] which belongs to the cache kmalloc-128 of size 128 [ 21.857144] The buggy address is located 0 bytes inside of [ 21.857144] 128-byte region [ffff8881030b5200, ffff8881030b5280) [ 21.858378] [ 21.858827] The buggy address belongs to the physical page: [ 21.859333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030b5 [ 21.860035] flags: 0x200000000000000(node=0|zone=2) [ 21.860916] page_type: f5(slab) [ 21.861595] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.862275] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.863345] page dumped because: kasan: bad access detected [ 21.863783] [ 21.864024] Memory state around the buggy address: [ 21.864587] ffff8881030b5100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.865728] ffff8881030b5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.866304] >ffff8881030b5200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.867214] ^ [ 21.867605] ffff8881030b5280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.868237] ffff8881030b5300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.868953] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 21.624687] ================================================================== [ 21.625436] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.626645] Read of size 1 at addr ffff888103924000 by task kunit_try_catch/249 [ 21.627905] [ 21.628510] CPU: 1 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.628645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.628688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.628961] Call Trace: [ 21.629266] <TASK> [ 21.629322] dump_stack_lvl+0x73/0xb0 [ 21.629392] print_report+0xd1/0x650 [ 21.629435] ? __virt_addr_valid+0x1db/0x2d0 [ 21.629472] ? mempool_uaf_helper+0x392/0x400 [ 21.629506] ? kasan_addr_to_slab+0x11/0xa0 [ 21.629541] ? mempool_uaf_helper+0x392/0x400 [ 21.629578] kasan_report+0x141/0x180 [ 21.629614] ? mempool_uaf_helper+0x392/0x400 [ 21.629657] __asan_report_load1_noabort+0x18/0x20 [ 21.629688] mempool_uaf_helper+0x392/0x400 [ 21.629726] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.629765] ? dequeue_entities+0x852/0x1740 [ 21.629806] ? finish_task_switch.isra.0+0x153/0x700 [ 21.629848] mempool_kmalloc_large_uaf+0xef/0x140 [ 21.629887] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 21.629925] ? dequeue_task_fair+0x166/0x4e0 [ 21.630010] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.630114] ? __pfx_mempool_kfree+0x10/0x10 [ 21.630153] ? __pfx_read_tsc+0x10/0x10 [ 21.630185] ? ktime_get_ts64+0x86/0x230 [ 21.630224] kunit_try_run_case+0x1a5/0x480 [ 21.630262] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.630317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.630359] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.630395] ? __kthread_parkme+0x82/0x180 [ 21.630427] ? preempt_count_sub+0x50/0x80 [ 21.630462] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.630497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.630529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.630563] kthread+0x337/0x6f0 [ 21.630587] ? trace_preempt_on+0x20/0xc0 [ 21.630622] ? __pfx_kthread+0x10/0x10 [ 21.630646] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.630677] ? calculate_sigpending+0x7b/0xa0 [ 21.630708] ? __pfx_kthread+0x10/0x10 [ 21.630733] ret_from_fork+0x41/0x80 [ 21.630763] ? __pfx_kthread+0x10/0x10 [ 21.630787] ret_from_fork_asm+0x1a/0x30 [ 21.630832] </TASK> [ 21.630848] [ 21.653368] The buggy address belongs to the physical page: [ 21.654216] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103924 [ 21.655735] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.656630] flags: 0x200000000000040(head|node=0|zone=2) [ 21.657347] page_type: f8(unknown) [ 21.657779] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.658640] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.659499] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.660533] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.661419] head: 0200000000000002 ffffea00040e4901 00000000ffffffff 00000000ffffffff [ 21.662220] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.662843] page dumped because: kasan: bad access detected [ 21.663362] [ 21.663584] Memory state around the buggy address: [ 21.664037] ffff888103923f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.664819] ffff888103923f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.665568] >ffff888103924000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.666880] ^ [ 21.667443] ffff888103924080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.668260] ffff888103924100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.668919] ================================================================== [ 21.758745] ================================================================== [ 21.759647] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.760194] Read of size 1 at addr ffff888102a08000 by task kunit_try_catch/253 [ 21.762431] [ 21.762905] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.763227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.763269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.763348] Call Trace: [ 21.763386] <TASK> [ 21.763430] dump_stack_lvl+0x73/0xb0 [ 21.763512] print_report+0xd1/0x650 [ 21.763579] ? __virt_addr_valid+0x1db/0x2d0 [ 21.763643] ? mempool_uaf_helper+0x392/0x400 [ 21.763704] ? kasan_addr_to_slab+0x11/0xa0 [ 21.763764] ? mempool_uaf_helper+0x392/0x400 [ 21.763827] kasan_report+0x141/0x180 [ 21.763899] ? mempool_uaf_helper+0x392/0x400 [ 21.763974] __asan_report_load1_noabort+0x18/0x20 [ 21.764035] mempool_uaf_helper+0x392/0x400 [ 21.764105] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.764170] ? dequeue_entities+0x852/0x1740 [ 21.764244] ? finish_task_switch.isra.0+0x153/0x700 [ 21.764479] mempool_page_alloc_uaf+0xed/0x140 [ 21.764525] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 21.764561] ? dequeue_task_fair+0x166/0x4e0 [ 21.764596] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 21.764635] ? __pfx_mempool_free_pages+0x10/0x10 [ 21.764673] ? __pfx_read_tsc+0x10/0x10 [ 21.764706] ? ktime_get_ts64+0x86/0x230 [ 21.764747] kunit_try_run_case+0x1a5/0x480 [ 21.764791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.764827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.764867] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.764904] ? __kthread_parkme+0x82/0x180 [ 21.764940] ? preempt_count_sub+0x50/0x80 [ 21.765020] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.765092] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.765137] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.765175] kthread+0x337/0x6f0 [ 21.765202] ? trace_preempt_on+0x20/0xc0 [ 21.765240] ? __pfx_kthread+0x10/0x10 [ 21.765268] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.765344] ? calculate_sigpending+0x7b/0xa0 [ 21.765452] ? __pfx_kthread+0x10/0x10 [ 21.765493] ret_from_fork+0x41/0x80 [ 21.765533] ? __pfx_kthread+0x10/0x10 [ 21.765563] ret_from_fork_asm+0x1a/0x30 [ 21.765611] </TASK> [ 21.765630] [ 21.793609] The buggy address belongs to the physical page: [ 21.794740] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 21.795243] flags: 0x200000000000000(node=0|zone=2) [ 21.795769] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 21.796784] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 21.797942] page dumped because: kasan: bad access detected [ 21.798421] [ 21.798584] Memory state around the buggy address: [ 21.798957] ffff888102a07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.800276] ffff888102a07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.801131] >ffff888102a08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.802329] ^ [ 21.802820] ffff888102a08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.803456] ffff888102a08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 21.804016] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 21.559750] ================================================================== [ 21.560711] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.561429] Read of size 1 at addr ffff888103096e00 by task kunit_try_catch/247 [ 21.563031] [ 21.563596] CPU: 0 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.563780] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.563830] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.563914] Call Trace: [ 21.563983] <TASK> [ 21.564038] dump_stack_lvl+0x73/0xb0 [ 21.564172] print_report+0xd1/0x650 [ 21.564269] ? __virt_addr_valid+0x1db/0x2d0 [ 21.564337] ? mempool_uaf_helper+0x392/0x400 [ 21.564374] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.564408] ? mempool_uaf_helper+0x392/0x400 [ 21.564443] kasan_report+0x141/0x180 [ 21.564481] ? mempool_uaf_helper+0x392/0x400 [ 21.564524] __asan_report_load1_noabort+0x18/0x20 [ 21.564557] mempool_uaf_helper+0x392/0x400 [ 21.564591] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.564627] ? dequeue_entities+0x852/0x1740 [ 21.564664] ? finish_task_switch.isra.0+0x153/0x700 [ 21.564703] mempool_kmalloc_uaf+0xef/0x140 [ 21.564738] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 21.564772] ? dequeue_task_fair+0x166/0x4e0 [ 21.564804] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.564835] ? __pfx_mempool_kfree+0x10/0x10 [ 21.564866] ? __pfx_read_tsc+0x10/0x10 [ 21.564898] ? ktime_get_ts64+0x86/0x230 [ 21.564936] kunit_try_run_case+0x1a5/0x480 [ 21.565032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.565112] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.565157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.565193] ? __kthread_parkme+0x82/0x180 [ 21.565228] ? preempt_count_sub+0x50/0x80 [ 21.565264] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.565329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.565368] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.565402] kthread+0x337/0x6f0 [ 21.565428] ? trace_preempt_on+0x20/0xc0 [ 21.565463] ? __pfx_kthread+0x10/0x10 [ 21.565490] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.565521] ? calculate_sigpending+0x7b/0xa0 [ 21.565554] ? __pfx_kthread+0x10/0x10 [ 21.565579] ret_from_fork+0x41/0x80 [ 21.565611] ? __pfx_kthread+0x10/0x10 [ 21.565636] ret_from_fork_asm+0x1a/0x30 [ 21.565682] </TASK> [ 21.565698] [ 21.589186] Allocated by task 247: [ 21.589685] kasan_save_stack+0x45/0x70 [ 21.590180] kasan_save_track+0x18/0x40 [ 21.590675] kasan_save_alloc_info+0x3b/0x50 [ 21.591275] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.591842] remove_element+0x11e/0x190 [ 21.593114] mempool_alloc_preallocated+0x4d/0x90 [ 21.593486] mempool_uaf_helper+0x96/0x400 [ 21.593823] mempool_kmalloc_uaf+0xef/0x140 [ 21.594597] kunit_try_run_case+0x1a5/0x480 [ 21.594930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.595884] kthread+0x337/0x6f0 [ 21.596590] ret_from_fork+0x41/0x80 [ 21.597575] ret_from_fork_asm+0x1a/0x30 [ 21.598134] [ 21.598375] Freed by task 247: [ 21.598767] kasan_save_stack+0x45/0x70 [ 21.599348] kasan_save_track+0x18/0x40 [ 21.599794] kasan_save_free_info+0x3f/0x60 [ 21.600168] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.600775] mempool_free+0x2ec/0x380 [ 21.601108] mempool_uaf_helper+0x11a/0x400 [ 21.601560] mempool_kmalloc_uaf+0xef/0x140 [ 21.601989] kunit_try_run_case+0x1a5/0x480 [ 21.602715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.603129] kthread+0x337/0x6f0 [ 21.603436] ret_from_fork+0x41/0x80 [ 21.604060] ret_from_fork_asm+0x1a/0x30 [ 21.604699] [ 21.605142] The buggy address belongs to the object at ffff888103096e00 [ 21.605142] which belongs to the cache kmalloc-128 of size 128 [ 21.606163] The buggy address is located 0 bytes inside of [ 21.606163] freed 128-byte region [ffff888103096e00, ffff888103096e80) [ 21.607537] [ 21.607816] The buggy address belongs to the physical page: [ 21.608499] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 21.609381] flags: 0x200000000000000(node=0|zone=2) [ 21.609821] page_type: f5(slab) [ 21.610511] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.611113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.611931] page dumped because: kasan: bad access detected [ 21.612585] [ 21.612837] Memory state around the buggy address: [ 21.613456] ffff888103096d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.614336] ffff888103096d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.614899] >ffff888103096e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.615595] ^ [ 21.616106] ffff888103096e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.616687] ffff888103096f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.617489] ================================================================== [ 21.678106] ================================================================== [ 21.678874] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 21.679808] Read of size 1 at addr ffff888102eec240 by task kunit_try_catch/251 [ 21.680959] [ 21.681318] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.681449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.681486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.681542] Call Trace: [ 21.681631] <TASK> [ 21.681682] dump_stack_lvl+0x73/0xb0 [ 21.681796] print_report+0xd1/0x650 [ 21.681880] ? __virt_addr_valid+0x1db/0x2d0 [ 21.681956] ? mempool_uaf_helper+0x392/0x400 [ 21.682220] ? kasan_complete_mode_report_info+0x64/0x200 [ 21.682311] ? mempool_uaf_helper+0x392/0x400 [ 21.682391] kasan_report+0x141/0x180 [ 21.682466] ? mempool_uaf_helper+0x392/0x400 [ 21.682524] __asan_report_load1_noabort+0x18/0x20 [ 21.682560] mempool_uaf_helper+0x392/0x400 [ 21.682602] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 21.682642] ? irqentry_exit+0x2a/0x60 [ 21.682671] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 21.682713] mempool_slab_uaf+0xea/0x140 [ 21.682744] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 21.682778] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 21.682815] ? __pfx_mempool_free_slab+0x10/0x10 [ 21.682852] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 21.682886] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 21.682919] kunit_try_run_case+0x1a5/0x480 [ 21.683056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.683111] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.683153] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.683190] ? __kthread_parkme+0x82/0x180 [ 21.683227] ? preempt_count_sub+0x50/0x80 [ 21.683265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.683333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.683376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.683413] kthread+0x337/0x6f0 [ 21.683440] ? trace_preempt_on+0x20/0xc0 [ 21.683477] ? __pfx_kthread+0x10/0x10 [ 21.683504] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.683539] ? calculate_sigpending+0x7b/0xa0 [ 21.683574] ? __pfx_kthread+0x10/0x10 [ 21.683603] ret_from_fork+0x41/0x80 [ 21.683636] ? __pfx_kthread+0x10/0x10 [ 21.683665] ret_from_fork_asm+0x1a/0x30 [ 21.683712] </TASK> [ 21.683728] [ 21.706021] Allocated by task 251: [ 21.706623] kasan_save_stack+0x45/0x70 [ 21.707086] kasan_save_track+0x18/0x40 [ 21.707707] kasan_save_alloc_info+0x3b/0x50 [ 21.708927] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 21.710030] remove_element+0x11e/0x190 [ 21.710459] mempool_alloc_preallocated+0x4d/0x90 [ 21.712244] mempool_uaf_helper+0x96/0x400 [ 21.713662] mempool_slab_uaf+0xea/0x140 [ 21.713951] kunit_try_run_case+0x1a5/0x480 [ 21.714253] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.715498] kthread+0x337/0x6f0 [ 21.715936] ret_from_fork+0x41/0x80 [ 21.717367] ret_from_fork_asm+0x1a/0x30 [ 21.717641] [ 21.717776] Freed by task 251: [ 21.718801] kasan_save_stack+0x45/0x70 [ 21.719133] kasan_save_track+0x18/0x40 [ 21.719473] kasan_save_free_info+0x3f/0x60 [ 21.719772] __kasan_mempool_poison_object+0x131/0x1d0 [ 21.720139] mempool_free+0x2ec/0x380 [ 21.721530] mempool_uaf_helper+0x11a/0x400 [ 21.723459] mempool_slab_uaf+0xea/0x140 [ 21.724752] kunit_try_run_case+0x1a5/0x480 [ 21.726230] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.727712] kthread+0x337/0x6f0 [ 21.727994] ret_from_fork+0x41/0x80 [ 21.728658] ret_from_fork_asm+0x1a/0x30 [ 21.728987] [ 21.729402] The buggy address belongs to the object at ffff888102eec240 [ 21.729402] which belongs to the cache test_cache of size 123 [ 21.731362] The buggy address is located 0 bytes inside of [ 21.731362] freed 123-byte region [ffff888102eec240, ffff888102eec2bb) [ 21.732813] [ 21.733266] The buggy address belongs to the physical page: [ 21.733747] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102eec [ 21.735376] flags: 0x200000000000000(node=0|zone=2) [ 21.735766] page_type: f5(slab) [ 21.736752] raw: 0200000000000000 ffff888102ee4280 dead000000000122 0000000000000000 [ 21.737798] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.738591] page dumped because: kasan: bad access detected [ 21.739063] [ 21.739349] Memory state around the buggy address: [ 21.739688] ffff888102eec100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.740421] ffff888102eec180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.741752] >ffff888102eec200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 21.742404] ^ [ 21.742915] ffff888102eec280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.743805] ffff888102eec300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.744685] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 21.375864] ================================================================== [ 21.376695] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.377118] Read of size 1 at addr ffff888103096a73 by task kunit_try_catch/241 [ 21.377541] [ 21.377664] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.377734] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.377753] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.377782] Call Trace: [ 21.377800] <TASK> [ 21.377823] dump_stack_lvl+0x73/0xb0 [ 21.377866] print_report+0xd1/0x650 [ 21.377902] ? __virt_addr_valid+0x1db/0x2d0 [ 21.378196] ? mempool_oob_right_helper+0x318/0x380 [ 21.378236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.378271] ? mempool_oob_right_helper+0x318/0x380 [ 21.378342] kasan_report+0x141/0x180 [ 21.378380] ? mempool_oob_right_helper+0x318/0x380 [ 21.378423] __asan_report_load1_noabort+0x18/0x20 [ 21.378456] mempool_oob_right_helper+0x318/0x380 [ 21.378494] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.378531] ? update_load_avg+0x1be/0x21b0 [ 21.378564] ? dequeue_entities+0x852/0x1740 [ 21.378600] ? finish_task_switch.isra.0+0x153/0x700 [ 21.378641] mempool_kmalloc_oob_right+0xf2/0x150 [ 21.378677] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 21.378715] ? dequeue_task_fair+0x166/0x4e0 [ 21.378750] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.378783] ? __pfx_mempool_kfree+0x10/0x10 [ 21.378816] ? __pfx_read_tsc+0x10/0x10 [ 21.378847] ? ktime_get_ts64+0x86/0x230 [ 21.378887] kunit_try_run_case+0x1a5/0x480 [ 21.378927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.378961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.379000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.379037] ? __kthread_parkme+0x82/0x180 [ 21.379073] ? preempt_count_sub+0x50/0x80 [ 21.379111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.379146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.379201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.379241] kthread+0x337/0x6f0 [ 21.379270] ? trace_preempt_on+0x20/0xc0 [ 21.380008] ? __pfx_kthread+0x10/0x10 [ 21.380083] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.380159] ? calculate_sigpending+0x7b/0xa0 [ 21.380236] ? __pfx_kthread+0x10/0x10 [ 21.380321] ret_from_fork+0x41/0x80 [ 21.380395] ? __pfx_kthread+0x10/0x10 [ 21.380461] ret_from_fork_asm+0x1a/0x30 [ 21.380558] </TASK> [ 21.380600] [ 21.400926] Allocated by task 241: [ 21.402081] kasan_save_stack+0x45/0x70 [ 21.402556] kasan_save_track+0x18/0x40 [ 21.402996] kasan_save_alloc_info+0x3b/0x50 [ 21.403717] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 21.404265] remove_element+0x11e/0x190 [ 21.404804] mempool_alloc_preallocated+0x4d/0x90 [ 21.405518] mempool_oob_right_helper+0x8a/0x380 [ 21.406240] mempool_kmalloc_oob_right+0xf2/0x150 [ 21.406742] kunit_try_run_case+0x1a5/0x480 [ 21.407860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.408403] kthread+0x337/0x6f0 [ 21.408794] ret_from_fork+0x41/0x80 [ 21.409441] ret_from_fork_asm+0x1a/0x30 [ 21.409900] [ 21.410360] The buggy address belongs to the object at ffff888103096a00 [ 21.410360] which belongs to the cache kmalloc-128 of size 128 [ 21.411618] The buggy address is located 0 bytes to the right of [ 21.411618] allocated 115-byte region [ffff888103096a00, ffff888103096a73) [ 21.412795] [ 21.413588] The buggy address belongs to the physical page: [ 21.414167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103096 [ 21.414788] flags: 0x200000000000000(node=0|zone=2) [ 21.415349] page_type: f5(slab) [ 21.415717] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 21.416579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 21.417468] page dumped because: kasan: bad access detected [ 21.417940] [ 21.418339] Memory state around the buggy address: [ 21.418694] ffff888103096900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.419988] ffff888103096980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.420837] >ffff888103096a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.421561] ^ [ 21.422138] ffff888103096a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.422738] ffff888103096b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 21.424074] ================================================================== [ 21.487669] ================================================================== [ 21.489079] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.489838] Read of size 1 at addr ffff888102eea2bb by task kunit_try_catch/245 [ 21.491761] [ 21.492058] CPU: 1 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.492165] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.492185] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.492218] Call Trace: [ 21.492240] <TASK> [ 21.492280] dump_stack_lvl+0x73/0xb0 [ 21.492432] print_report+0xd1/0x650 [ 21.492545] ? __virt_addr_valid+0x1db/0x2d0 [ 21.492624] ? mempool_oob_right_helper+0x318/0x380 [ 21.492700] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.492815] ? mempool_oob_right_helper+0x318/0x380 [ 21.492859] kasan_report+0x141/0x180 [ 21.492896] ? mempool_oob_right_helper+0x318/0x380 [ 21.492941] __asan_report_load1_noabort+0x18/0x20 [ 21.493026] mempool_oob_right_helper+0x318/0x380 [ 21.493114] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.493154] ? update_load_avg+0x1be/0x21b0 [ 21.493194] ? finish_task_switch.isra.0+0x153/0x700 [ 21.493234] mempool_slab_oob_right+0xed/0x140 [ 21.493265] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 21.493316] ? dequeue_task_fair+0x166/0x4e0 [ 21.493355] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 21.493390] ? __pfx_mempool_free_slab+0x10/0x10 [ 21.493422] ? __pfx_read_tsc+0x10/0x10 [ 21.493453] ? ktime_get_ts64+0x86/0x230 [ 21.493492] kunit_try_run_case+0x1a5/0x480 [ 21.493531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.493564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.493600] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.493636] ? __kthread_parkme+0x82/0x180 [ 21.493670] ? preempt_count_sub+0x50/0x80 [ 21.493705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.493739] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.493773] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.493806] kthread+0x337/0x6f0 [ 21.493830] ? trace_preempt_on+0x20/0xc0 [ 21.493866] ? __pfx_kthread+0x10/0x10 [ 21.493892] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.493926] ? calculate_sigpending+0x7b/0xa0 [ 21.494001] ? __pfx_kthread+0x10/0x10 [ 21.494106] ret_from_fork+0x41/0x80 [ 21.494191] ? __pfx_kthread+0x10/0x10 [ 21.494223] ret_from_fork_asm+0x1a/0x30 [ 21.494268] </TASK> [ 21.494285] [ 21.520094] Allocated by task 245: [ 21.520441] kasan_save_stack+0x45/0x70 [ 21.520799] kasan_save_track+0x18/0x40 [ 21.522866] kasan_save_alloc_info+0x3b/0x50 [ 21.523206] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 21.524373] remove_element+0x11e/0x190 [ 21.524763] mempool_alloc_preallocated+0x4d/0x90 [ 21.525720] mempool_oob_right_helper+0x8a/0x380 [ 21.526102] mempool_slab_oob_right+0xed/0x140 [ 21.527013] kunit_try_run_case+0x1a5/0x480 [ 21.527567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.528469] kthread+0x337/0x6f0 [ 21.528833] ret_from_fork+0x41/0x80 [ 21.529797] ret_from_fork_asm+0x1a/0x30 [ 21.530418] [ 21.530644] The buggy address belongs to the object at ffff888102eea240 [ 21.530644] which belongs to the cache test_cache of size 123 [ 21.532129] The buggy address is located 0 bytes to the right of [ 21.532129] allocated 123-byte region [ffff888102eea240, ffff888102eea2bb) [ 21.533040] [ 21.534384] The buggy address belongs to the physical page: [ 21.534871] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102eea [ 21.535753] flags: 0x200000000000000(node=0|zone=2) [ 21.536470] page_type: f5(slab) [ 21.536853] raw: 0200000000000000 ffff888102ee4140 dead000000000122 0000000000000000 [ 21.538399] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 21.539362] page dumped because: kasan: bad access detected [ 21.539811] [ 21.540320] Memory state around the buggy address: [ 21.541540] ffff888102eea180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 21.542043] ffff888102eea200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 21.542779] >ffff888102eea280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 21.543320] ^ [ 21.543803] ffff888102eea300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.544899] ffff888102eea380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.545918] ================================================================== [ 21.431594] ================================================================== [ 21.432768] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 21.433856] Read of size 1 at addr ffff888103926001 by task kunit_try_catch/243 [ 21.435214] [ 21.435448] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 21.435522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.435542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.435574] Call Trace: [ 21.435596] <TASK> [ 21.435621] dump_stack_lvl+0x73/0xb0 [ 21.435668] print_report+0xd1/0x650 [ 21.435705] ? __virt_addr_valid+0x1db/0x2d0 [ 21.435742] ? mempool_oob_right_helper+0x318/0x380 [ 21.435779] ? kasan_addr_to_slab+0x11/0xa0 [ 21.435811] ? mempool_oob_right_helper+0x318/0x380 [ 21.435848] kasan_report+0x141/0x180 [ 21.435930] ? mempool_oob_right_helper+0x318/0x380 [ 21.436010] __asan_report_load1_noabort+0x18/0x20 [ 21.436090] mempool_oob_right_helper+0x318/0x380 [ 21.436172] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 21.436220] ? dequeue_entities+0x852/0x1740 [ 21.436262] ? finish_task_switch.isra.0+0x153/0x700 [ 21.436344] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 21.436426] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 21.436497] ? dequeue_task_fair+0x166/0x4e0 [ 21.436536] ? __pfx_mempool_kmalloc+0x10/0x10 [ 21.436571] ? __pfx_mempool_kfree+0x10/0x10 [ 21.436604] ? __pfx_read_tsc+0x10/0x10 [ 21.436636] ? ktime_get_ts64+0x86/0x230 [ 21.436676] kunit_try_run_case+0x1a5/0x480 [ 21.436716] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436751] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.436788] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.436825] ? __kthread_parkme+0x82/0x180 [ 21.436859] ? preempt_count_sub+0x50/0x80 [ 21.436894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.436930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.437188] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.437276] kthread+0x337/0x6f0 [ 21.437419] ? trace_preempt_on+0x20/0xc0 [ 21.437464] ? __pfx_kthread+0x10/0x10 [ 21.437495] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.437532] ? calculate_sigpending+0x7b/0xa0 [ 21.437565] ? __pfx_kthread+0x10/0x10 [ 21.437594] ret_from_fork+0x41/0x80 [ 21.437628] ? __pfx_kthread+0x10/0x10 [ 21.437654] ret_from_fork_asm+0x1a/0x30 [ 21.437699] </TASK> [ 21.437714] [ 21.462327] The buggy address belongs to the physical page: [ 21.463262] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103924 [ 21.464240] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 21.464882] flags: 0x200000000000040(head|node=0|zone=2) [ 21.465566] page_type: f8(unknown) [ 21.466323] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.467325] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.468280] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 21.469322] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 21.470331] head: 0200000000000002 ffffea00040e4901 00000000ffffffff 00000000ffffffff [ 21.470888] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 21.471562] page dumped because: kasan: bad access detected [ 21.472069] [ 21.472541] Memory state around the buggy address: [ 21.473244] ffff888103925f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.473721] ffff888103925f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 21.474575] >ffff888103926000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.475335] ^ [ 21.475701] ffff888103926080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.476583] ffff888103926100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 21.477450] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 20.761145] ================================================================== [ 20.762538] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 20.763473] Read of size 1 at addr ffff888100fada00 by task kunit_try_catch/235 [ 20.764485] [ 20.764710] CPU: 0 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.764843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.764880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.764937] Call Trace: [ 20.764977] <TASK> [ 20.765029] dump_stack_lvl+0x73/0xb0 [ 20.765113] print_report+0xd1/0x650 [ 20.765191] ? __virt_addr_valid+0x1db/0x2d0 [ 20.765265] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.765472] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.765546] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.765612] kasan_report+0x141/0x180 [ 20.765683] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.765821] ? kmem_cache_double_destroy+0x1bf/0x380 [ 20.765907] __kasan_check_byte+0x3d/0x50 [ 20.765947] kmem_cache_destroy+0x25/0x1d0 [ 20.766026] kmem_cache_double_destroy+0x1bf/0x380 [ 20.766112] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 20.766149] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 20.766196] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 20.766235] kunit_try_run_case+0x1a5/0x480 [ 20.766276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.766335] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.766375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.766410] ? __kthread_parkme+0x82/0x180 [ 20.766445] ? preempt_count_sub+0x50/0x80 [ 20.766487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.766524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.766558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.766593] kthread+0x337/0x6f0 [ 20.766618] ? trace_preempt_on+0x20/0xc0 [ 20.766656] ? __pfx_kthread+0x10/0x10 [ 20.766684] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.766716] ? calculate_sigpending+0x7b/0xa0 [ 20.766771] ? __pfx_kthread+0x10/0x10 [ 20.766802] ret_from_fork+0x41/0x80 [ 20.766853] ? __pfx_kthread+0x10/0x10 [ 20.766892] ret_from_fork_asm+0x1a/0x30 [ 20.766963] </TASK> [ 20.767005] [ 20.786938] Allocated by task 235: [ 20.787399] kasan_save_stack+0x45/0x70 [ 20.787846] kasan_save_track+0x18/0x40 [ 20.789334] kasan_save_alloc_info+0x3b/0x50 [ 20.790125] __kasan_slab_alloc+0x91/0xa0 [ 20.790523] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.791174] __kmem_cache_create_args+0x169/0x240 [ 20.791604] kmem_cache_double_destroy+0xd5/0x380 [ 20.792046] kunit_try_run_case+0x1a5/0x480 [ 20.792999] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.793614] kthread+0x337/0x6f0 [ 20.793898] ret_from_fork+0x41/0x80 [ 20.794549] ret_from_fork_asm+0x1a/0x30 [ 20.794912] [ 20.795111] Freed by task 235: [ 20.795452] kasan_save_stack+0x45/0x70 [ 20.795867] kasan_save_track+0x18/0x40 [ 20.796223] kasan_save_free_info+0x3f/0x60 [ 20.797443] __kasan_slab_free+0x56/0x70 [ 20.797855] kmem_cache_free+0x249/0x420 [ 20.798634] slab_kmem_cache_release+0x2e/0x40 [ 20.799414] kmem_cache_release+0x16/0x20 [ 20.799926] kobject_put+0x181/0x450 [ 20.800480] sysfs_slab_release+0x16/0x20 [ 20.800916] kmem_cache_destroy+0xf0/0x1d0 [ 20.801393] kmem_cache_double_destroy+0x14e/0x380 [ 20.802002] kunit_try_run_case+0x1a5/0x480 [ 20.802891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.803448] kthread+0x337/0x6f0 [ 20.803931] ret_from_fork+0x41/0x80 [ 20.804629] ret_from_fork_asm+0x1a/0x30 [ 20.805263] [ 20.805491] The buggy address belongs to the object at ffff888100fada00 [ 20.805491] which belongs to the cache kmem_cache of size 208 [ 20.806657] The buggy address is located 0 bytes inside of [ 20.806657] freed 208-byte region [ffff888100fada00, ffff888100fadad0) [ 20.807917] [ 20.808237] The buggy address belongs to the physical page: [ 20.808735] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100fad [ 20.809745] flags: 0x200000000000000(node=0|zone=2) [ 20.810515] page_type: f5(slab) [ 20.810910] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 20.811910] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 20.812607] page dumped because: kasan: bad access detected [ 20.813367] [ 20.813632] Memory state around the buggy address: [ 20.814001] ffff888100fad900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.814905] ffff888100fad980: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.815732] >ffff888100fada00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.816523] ^ [ 20.816869] ffff888100fada80: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 20.817579] ffff888100fadb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.818373] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 20.664356] ================================================================== [ 20.665855] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.666954] Read of size 1 at addr ffff888102ee2000 by task kunit_try_catch/233 [ 20.667903] [ 20.668119] CPU: 1 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.668228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.668256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.668360] Call Trace: [ 20.668397] <TASK> [ 20.668441] dump_stack_lvl+0x73/0xb0 [ 20.668506] print_report+0xd1/0x650 [ 20.668570] ? __virt_addr_valid+0x1db/0x2d0 [ 20.668643] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.668703] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.668772] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.668839] kasan_report+0x141/0x180 [ 20.668910] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.668989] __asan_report_load1_noabort+0x18/0x20 [ 20.669108] kmem_cache_rcu_uaf+0x3e3/0x510 [ 20.669180] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 20.669235] ? finish_task_switch.isra.0+0x153/0x700 [ 20.669329] ? __switch_to+0x5d9/0xf60 [ 20.669394] ? dequeue_task_fair+0x166/0x4e0 [ 20.669473] ? __pfx_read_tsc+0x10/0x10 [ 20.669535] ? ktime_get_ts64+0x86/0x230 [ 20.669616] kunit_try_run_case+0x1a5/0x480 [ 20.669703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.669777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.669854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.669928] ? __kthread_parkme+0x82/0x180 [ 20.670002] ? preempt_count_sub+0x50/0x80 [ 20.670126] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.670205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.670277] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.670360] kthread+0x337/0x6f0 [ 20.670419] ? trace_preempt_on+0x20/0xc0 [ 20.670493] ? __pfx_kthread+0x10/0x10 [ 20.670550] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.670606] ? calculate_sigpending+0x7b/0xa0 [ 20.670667] ? __pfx_kthread+0x10/0x10 [ 20.670714] ret_from_fork+0x41/0x80 [ 20.670766] ? __pfx_kthread+0x10/0x10 [ 20.670814] ret_from_fork_asm+0x1a/0x30 [ 20.670893] </TASK> [ 20.670924] [ 20.686922] Allocated by task 233: [ 20.687404] kasan_save_stack+0x45/0x70 [ 20.687863] kasan_save_track+0x18/0x40 [ 20.688344] kasan_save_alloc_info+0x3b/0x50 [ 20.688757] __kasan_slab_alloc+0x91/0xa0 [ 20.689264] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.689643] kmem_cache_rcu_uaf+0x155/0x510 [ 20.690141] kunit_try_run_case+0x1a5/0x480 [ 20.690537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.690919] kthread+0x337/0x6f0 [ 20.691245] ret_from_fork+0x41/0x80 [ 20.691575] ret_from_fork_asm+0x1a/0x30 [ 20.692020] [ 20.692285] Freed by task 0: [ 20.692642] kasan_save_stack+0x45/0x70 [ 20.693100] kasan_save_track+0x18/0x40 [ 20.693564] kasan_save_free_info+0x3f/0x60 [ 20.694021] __kasan_slab_free+0x56/0x70 [ 20.694495] slab_free_after_rcu_debug+0xe4/0x310 [ 20.694946] rcu_core+0x66c/0x1c30 [ 20.695403] rcu_core_si+0x12/0x20 [ 20.695746] handle_softirqs+0x209/0x730 [ 20.696179] __irq_exit_rcu+0xc9/0x110 [ 20.696583] irq_exit_rcu+0x12/0x20 [ 20.696930] sysvec_apic_timer_interrupt+0x81/0x90 [ 20.697457] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 20.697823] [ 20.698001] Last potentially related work creation: [ 20.698426] kasan_save_stack+0x45/0x70 [ 20.698836] kasan_record_aux_stack+0xb2/0xc0 [ 20.699323] kmem_cache_free+0x131/0x420 [ 20.699743] kmem_cache_rcu_uaf+0x194/0x510 [ 20.700238] kunit_try_run_case+0x1a5/0x480 [ 20.700696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.701281] kthread+0x337/0x6f0 [ 20.701628] ret_from_fork+0x41/0x80 [ 20.701940] ret_from_fork_asm+0x1a/0x30 [ 20.702321] [ 20.702555] The buggy address belongs to the object at ffff888102ee2000 [ 20.702555] which belongs to the cache test_cache of size 200 [ 20.703640] The buggy address is located 0 bytes inside of [ 20.703640] freed 200-byte region [ffff888102ee2000, ffff888102ee20c8) [ 20.704703] [ 20.704942] The buggy address belongs to the physical page: [ 20.705459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ee2 [ 20.705949] flags: 0x200000000000000(node=0|zone=2) [ 20.706453] page_type: f5(slab) [ 20.706830] raw: 0200000000000000 ffff888101b20dc0 dead000000000122 0000000000000000 [ 20.707552] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.708244] page dumped because: kasan: bad access detected [ 20.708626] [ 20.708805] Memory state around the buggy address: [ 20.709315] ffff888102ee1f00: 00 00 00 00 00 00 00 00 00 00 00 00 fc fc fc fc [ 20.709898] ffff888102ee1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.710572] >ffff888102ee2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.711161] ^ [ 20.711503] ffff888102ee2080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.712149] ffff888102ee2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.712706] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 20.562259] ================================================================== [ 20.562899] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 20.564717] Free of addr ffff8881030ae001 by task kunit_try_catch/231 [ 20.565533] [ 20.565761] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.565848] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.565870] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.565901] Call Trace: [ 20.565928] <TASK> [ 20.565961] dump_stack_lvl+0x73/0xb0 [ 20.567406] print_report+0xd1/0x650 [ 20.567460] ? __virt_addr_valid+0x1db/0x2d0 [ 20.567498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.567532] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.567565] kasan_report_invalid_free+0x10a/0x130 [ 20.567601] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.567635] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.567667] check_slab_allocation+0x11f/0x130 [ 20.567700] __kasan_slab_pre_free+0x28/0x40 [ 20.567731] kmem_cache_free+0xed/0x420 [ 20.567763] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.567794] ? kmem_cache_invalid_free+0x1d8/0x460 [ 20.567828] kmem_cache_invalid_free+0x1d8/0x460 [ 20.567857] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 20.567898] ? finish_task_switch.isra.0+0x153/0x700 [ 20.567935] ? __switch_to+0x5d9/0xf60 [ 20.568021] ? dequeue_task_fair+0x166/0x4e0 [ 20.568116] ? __pfx_read_tsc+0x10/0x10 [ 20.568153] ? ktime_get_ts64+0x86/0x230 [ 20.568194] kunit_try_run_case+0x1a5/0x480 [ 20.568234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.568268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.568331] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.568369] ? __kthread_parkme+0x82/0x180 [ 20.568404] ? preempt_count_sub+0x50/0x80 [ 20.568439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.568476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.568511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.568547] kthread+0x337/0x6f0 [ 20.568574] ? trace_preempt_on+0x20/0xc0 [ 20.568612] ? __pfx_kthread+0x10/0x10 [ 20.568638] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.568670] ? calculate_sigpending+0x7b/0xa0 [ 20.568703] ? __pfx_kthread+0x10/0x10 [ 20.568730] ret_from_fork+0x41/0x80 [ 20.568762] ? __pfx_kthread+0x10/0x10 [ 20.568790] ret_from_fork_asm+0x1a/0x30 [ 20.568834] </TASK> [ 20.568851] [ 20.589850] Allocated by task 231: [ 20.591542] kasan_save_stack+0x45/0x70 [ 20.591990] kasan_save_track+0x18/0x40 [ 20.592417] kasan_save_alloc_info+0x3b/0x50 [ 20.592821] __kasan_slab_alloc+0x91/0xa0 [ 20.593519] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.593900] kmem_cache_invalid_free+0x157/0x460 [ 20.595077] kunit_try_run_case+0x1a5/0x480 [ 20.595851] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.596284] kthread+0x337/0x6f0 [ 20.596582] ret_from_fork+0x41/0x80 [ 20.596908] ret_from_fork_asm+0x1a/0x30 [ 20.598229] [ 20.598413] The buggy address belongs to the object at ffff8881030ae000 [ 20.598413] which belongs to the cache test_cache of size 200 [ 20.599632] The buggy address is located 1 bytes inside of [ 20.599632] 200-byte region [ffff8881030ae000, ffff8881030ae0c8) [ 20.600693] [ 20.600926] The buggy address belongs to the physical page: [ 20.601862] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030ae [ 20.602985] flags: 0x200000000000000(node=0|zone=2) [ 20.603465] page_type: f5(slab) [ 20.603824] raw: 0200000000000000 ffff888100fad8c0 dead000000000122 0000000000000000 [ 20.604910] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.605885] page dumped because: kasan: bad access detected [ 20.606813] [ 20.607125] Memory state around the buggy address: [ 20.607523] ffff8881030adf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.608554] ffff8881030adf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.609001] >ffff8881030ae000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.609789] ^ [ 20.610137] ffff8881030ae080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.611456] ffff8881030ae100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.612106] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 20.496404] ================================================================== [ 20.497151] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 20.497926] Free of addr ffff888102ee2000 by task kunit_try_catch/229 [ 20.498455] [ 20.498692] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.498834] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.498875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.498937] Call Trace: [ 20.498979] <TASK> [ 20.499036] dump_stack_lvl+0x73/0xb0 [ 20.499211] print_report+0xd1/0x650 [ 20.499307] ? __virt_addr_valid+0x1db/0x2d0 [ 20.499386] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.499457] ? kmem_cache_double_free+0x1e5/0x480 [ 20.499528] kasan_report_invalid_free+0x10a/0x130 [ 20.499606] ? kmem_cache_double_free+0x1e5/0x480 [ 20.499683] ? kmem_cache_double_free+0x1e5/0x480 [ 20.499800] check_slab_allocation+0x101/0x130 [ 20.499919] __kasan_slab_pre_free+0x28/0x40 [ 20.500043] kmem_cache_free+0xed/0x420 [ 20.500149] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.500221] ? kmem_cache_double_free+0x1e5/0x480 [ 20.500315] kmem_cache_double_free+0x1e5/0x480 [ 20.500390] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 20.500433] ? finish_task_switch.isra.0+0x153/0x700 [ 20.500472] ? __switch_to+0x5d9/0xf60 [ 20.500502] ? dequeue_task_fair+0x166/0x4e0 [ 20.500541] ? __pfx_read_tsc+0x10/0x10 [ 20.500571] ? ktime_get_ts64+0x86/0x230 [ 20.500607] kunit_try_run_case+0x1a5/0x480 [ 20.500647] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.500681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.500718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.500752] ? __kthread_parkme+0x82/0x180 [ 20.500785] ? preempt_count_sub+0x50/0x80 [ 20.500821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.500854] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.500887] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.500922] kthread+0x337/0x6f0 [ 20.500953] ? trace_preempt_on+0x20/0xc0 [ 20.501032] ? __pfx_kthread+0x10/0x10 [ 20.501092] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.501148] ? calculate_sigpending+0x7b/0xa0 [ 20.501184] ? __pfx_kthread+0x10/0x10 [ 20.501209] ret_from_fork+0x41/0x80 [ 20.501240] ? __pfx_kthread+0x10/0x10 [ 20.501265] ret_from_fork_asm+0x1a/0x30 [ 20.501335] </TASK> [ 20.501354] [ 20.520887] Allocated by task 229: [ 20.521463] kasan_save_stack+0x45/0x70 [ 20.521909] kasan_save_track+0x18/0x40 [ 20.522465] kasan_save_alloc_info+0x3b/0x50 [ 20.522787] __kasan_slab_alloc+0x91/0xa0 [ 20.523318] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.523840] kmem_cache_double_free+0x14f/0x480 [ 20.524603] kunit_try_run_case+0x1a5/0x480 [ 20.525259] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.525800] kthread+0x337/0x6f0 [ 20.526361] ret_from_fork+0x41/0x80 [ 20.526769] ret_from_fork_asm+0x1a/0x30 [ 20.527357] [ 20.527617] Freed by task 229: [ 20.528076] kasan_save_stack+0x45/0x70 [ 20.528528] kasan_save_track+0x18/0x40 [ 20.529255] kasan_save_free_info+0x3f/0x60 [ 20.529682] __kasan_slab_free+0x56/0x70 [ 20.530230] kmem_cache_free+0x249/0x420 [ 20.530682] kmem_cache_double_free+0x16a/0x480 [ 20.531301] kunit_try_run_case+0x1a5/0x480 [ 20.531716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.532464] kthread+0x337/0x6f0 [ 20.532767] ret_from_fork+0x41/0x80 [ 20.533359] ret_from_fork_asm+0x1a/0x30 [ 20.533817] [ 20.534346] The buggy address belongs to the object at ffff888102ee2000 [ 20.534346] which belongs to the cache test_cache of size 200 [ 20.535590] The buggy address is located 0 bytes inside of [ 20.535590] 200-byte region [ffff888102ee2000, ffff888102ee20c8) [ 20.536594] [ 20.536785] The buggy address belongs to the physical page: [ 20.537335] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ee2 [ 20.538305] flags: 0x200000000000000(node=0|zone=2) [ 20.538775] page_type: f5(slab) [ 20.539525] raw: 0200000000000000 ffff888101b20c80 dead000000000122 0000000000000000 [ 20.540469] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.541222] page dumped because: kasan: bad access detected [ 20.541670] [ 20.542079] Memory state around the buggy address: [ 20.542533] ffff888102ee1f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.543307] ffff888102ee1f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.543826] >ffff888102ee2000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.544633] ^ [ 20.545018] ffff888102ee2080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 20.545598] ffff888102ee2100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.546364] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 20.424418] ================================================================== [ 20.425699] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 20.426423] Read of size 1 at addr ffff8881030aa0c8 by task kunit_try_catch/227 [ 20.427323] [ 20.427605] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.427715] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.427736] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.427766] Call Trace: [ 20.427784] <TASK> [ 20.427808] dump_stack_lvl+0x73/0xb0 [ 20.427897] print_report+0xd1/0x650 [ 20.427943] ? __virt_addr_valid+0x1db/0x2d0 [ 20.427978] ? kmem_cache_oob+0x402/0x530 [ 20.428007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.428053] ? kmem_cache_oob+0x402/0x530 [ 20.428102] kasan_report+0x141/0x180 [ 20.428139] ? kmem_cache_oob+0x402/0x530 [ 20.428176] __asan_report_load1_noabort+0x18/0x20 [ 20.428208] kmem_cache_oob+0x402/0x530 [ 20.428235] ? trace_hardirqs_on+0x37/0xe0 [ 20.428272] ? __pfx_kmem_cache_oob+0x10/0x10 [ 20.428358] ? finish_task_switch.isra.0+0x153/0x700 [ 20.428435] ? __switch_to+0x5d9/0xf60 [ 20.428526] ? dequeue_task_fair+0x166/0x4e0 [ 20.428588] ? __pfx_read_tsc+0x10/0x10 [ 20.428639] ? ktime_get_ts64+0x86/0x230 [ 20.428679] kunit_try_run_case+0x1a5/0x480 [ 20.428719] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.428754] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.428791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.428827] ? __kthread_parkme+0x82/0x180 [ 20.428861] ? preempt_count_sub+0x50/0x80 [ 20.428897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.428933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.428968] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.429003] kthread+0x337/0x6f0 [ 20.429030] ? trace_preempt_on+0x20/0xc0 [ 20.429092] ? __pfx_kthread+0x10/0x10 [ 20.429120] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.429152] ? calculate_sigpending+0x7b/0xa0 [ 20.429185] ? __pfx_kthread+0x10/0x10 [ 20.429212] ret_from_fork+0x41/0x80 [ 20.429245] ? __pfx_kthread+0x10/0x10 [ 20.429272] ret_from_fork_asm+0x1a/0x30 [ 20.429342] </TASK> [ 20.429360] [ 20.449251] Allocated by task 227: [ 20.449977] kasan_save_stack+0x45/0x70 [ 20.450796] kasan_save_track+0x18/0x40 [ 20.451239] kasan_save_alloc_info+0x3b/0x50 [ 20.451934] __kasan_slab_alloc+0x91/0xa0 [ 20.452357] kmem_cache_alloc_noprof+0x123/0x3f0 [ 20.452750] kmem_cache_oob+0x157/0x530 [ 20.453125] kunit_try_run_case+0x1a5/0x480 [ 20.454034] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.454704] kthread+0x337/0x6f0 [ 20.455257] ret_from_fork+0x41/0x80 [ 20.455846] ret_from_fork_asm+0x1a/0x30 [ 20.456253] [ 20.456906] The buggy address belongs to the object at ffff8881030aa000 [ 20.456906] which belongs to the cache test_cache of size 200 [ 20.457890] The buggy address is located 0 bytes to the right of [ 20.457890] allocated 200-byte region [ffff8881030aa000, ffff8881030aa0c8) [ 20.458801] [ 20.459027] The buggy address belongs to the physical page: [ 20.459606] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030aa [ 20.460179] flags: 0x200000000000000(node=0|zone=2) [ 20.460799] page_type: f5(slab) [ 20.461316] raw: 0200000000000000 ffff888100fad780 dead000000000122 0000000000000000 [ 20.462022] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 20.462621] page dumped because: kasan: bad access detected [ 20.463300] [ 20.463479] Memory state around the buggy address: [ 20.463923] ffff8881030a9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.464743] ffff8881030aa000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.465639] >ffff8881030aa080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 20.466339] ^ [ 20.466840] ffff8881030aa100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.467605] ffff8881030aa180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.468302] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 20.337910] ================================================================== [ 20.338889] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 20.339575] Read of size 8 at addr ffff888102edc900 by task kunit_try_catch/220 [ 20.340716] [ 20.341030] CPU: 1 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.341169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.341224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.341313] Call Trace: [ 20.341360] <TASK> [ 20.341413] dump_stack_lvl+0x73/0xb0 [ 20.341494] print_report+0xd1/0x650 [ 20.341571] ? __virt_addr_valid+0x1db/0x2d0 [ 20.341672] ? workqueue_uaf+0x4d6/0x560 [ 20.341749] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.341976] ? workqueue_uaf+0x4d6/0x560 [ 20.342192] kasan_report+0x141/0x180 [ 20.342335] ? workqueue_uaf+0x4d6/0x560 [ 20.342430] __asan_report_load8_noabort+0x18/0x20 [ 20.342501] workqueue_uaf+0x4d6/0x560 [ 20.342544] ? __pfx_workqueue_uaf+0x10/0x10 [ 20.342582] ? __schedule+0x10cc/0x2b60 [ 20.342619] ? __pfx_read_tsc+0x10/0x10 [ 20.342651] ? ktime_get_ts64+0x86/0x230 [ 20.342693] kunit_try_run_case+0x1a5/0x480 [ 20.342732] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.342766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.342803] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.342838] ? __kthread_parkme+0x82/0x180 [ 20.342872] ? preempt_count_sub+0x50/0x80 [ 20.342909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.342948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.343027] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.343110] kthread+0x337/0x6f0 [ 20.343147] ? trace_preempt_on+0x20/0xc0 [ 20.343184] ? __pfx_kthread+0x10/0x10 [ 20.343210] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.343242] ? calculate_sigpending+0x7b/0xa0 [ 20.343274] ? __pfx_kthread+0x10/0x10 [ 20.343329] ret_from_fork+0x41/0x80 [ 20.343364] ? __pfx_kthread+0x10/0x10 [ 20.343391] ret_from_fork_asm+0x1a/0x30 [ 20.343437] </TASK> [ 20.343453] [ 20.365953] Allocated by task 220: [ 20.366597] kasan_save_stack+0x45/0x70 [ 20.366986] kasan_save_track+0x18/0x40 [ 20.367842] kasan_save_alloc_info+0x3b/0x50 [ 20.368404] __kasan_kmalloc+0xb7/0xc0 [ 20.368729] __kmalloc_cache_noprof+0x189/0x420 [ 20.369475] workqueue_uaf+0x152/0x560 [ 20.369817] kunit_try_run_case+0x1a5/0x480 [ 20.370279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.370825] kthread+0x337/0x6f0 [ 20.371192] ret_from_fork+0x41/0x80 [ 20.372329] ret_from_fork_asm+0x1a/0x30 [ 20.372783] [ 20.373155] Freed by task 24: [ 20.373559] kasan_save_stack+0x45/0x70 [ 20.374207] kasan_save_track+0x18/0x40 [ 20.374645] kasan_save_free_info+0x3f/0x60 [ 20.375538] __kasan_slab_free+0x56/0x70 [ 20.376199] kfree+0x222/0x3f0 [ 20.376562] workqueue_uaf_work+0x12/0x20 [ 20.377232] process_one_work+0x5ee/0xf60 [ 20.377733] worker_thread+0x758/0x1220 [ 20.378301] kthread+0x337/0x6f0 [ 20.378690] ret_from_fork+0x41/0x80 [ 20.379593] ret_from_fork_asm+0x1a/0x30 [ 20.380325] [ 20.380554] Last potentially related work creation: [ 20.381158] kasan_save_stack+0x45/0x70 [ 20.381702] kasan_record_aux_stack+0xb2/0xc0 [ 20.382167] __queue_work+0x626/0xeb0 [ 20.382753] queue_work_on+0xb6/0xc0 [ 20.383176] workqueue_uaf+0x26d/0x560 [ 20.383744] kunit_try_run_case+0x1a5/0x480 [ 20.384315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.384804] kthread+0x337/0x6f0 [ 20.385223] ret_from_fork+0x41/0x80 [ 20.386211] ret_from_fork_asm+0x1a/0x30 [ 20.386660] [ 20.386898] The buggy address belongs to the object at ffff888102edc900 [ 20.386898] which belongs to the cache kmalloc-32 of size 32 [ 20.388069] The buggy address is located 0 bytes inside of [ 20.388069] freed 32-byte region [ffff888102edc900, ffff888102edc920) [ 20.389232] [ 20.389827] The buggy address belongs to the physical page: [ 20.390254] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102edc [ 20.392085] flags: 0x200000000000000(node=0|zone=2) [ 20.392655] page_type: f5(slab) [ 20.392950] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.393548] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.393943] page dumped because: kasan: bad access detected [ 20.394261] [ 20.394484] Memory state around the buggy address: [ 20.394951] ffff888102edc800: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.395587] ffff888102edc880: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.396220] >ffff888102edc900: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 20.396673] ^ [ 20.396953] ffff888102edc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.397428] ffff888102edca00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.401218] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 20.268527] ================================================================== [ 20.269381] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 20.270126] Read of size 4 at addr ffff8881030a5840 by task swapper/0/0 [ 20.270736] [ 20.271027] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.271259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.271319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.271376] Call Trace: [ 20.271453] <IRQ> [ 20.271507] dump_stack_lvl+0x73/0xb0 [ 20.271596] print_report+0xd1/0x650 [ 20.271673] ? __virt_addr_valid+0x1db/0x2d0 [ 20.271753] ? rcu_uaf_reclaim+0x50/0x60 [ 20.271822] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.271916] ? rcu_uaf_reclaim+0x50/0x60 [ 20.271992] kasan_report+0x141/0x180 [ 20.272110] ? rcu_uaf_reclaim+0x50/0x60 [ 20.272200] __asan_report_load4_noabort+0x18/0x20 [ 20.272363] rcu_uaf_reclaim+0x50/0x60 [ 20.272494] rcu_core+0x66c/0x1c30 [ 20.272594] ? __pfx_rcu_core+0x10/0x10 [ 20.272671] ? ktime_get+0x6b/0x150 [ 20.272752] rcu_core_si+0x12/0x20 [ 20.272782] handle_softirqs+0x209/0x730 [ 20.272821] ? hrtimer_interrupt+0x2fe/0x780 [ 20.272857] ? __pfx_handle_softirqs+0x10/0x10 [ 20.272897] __irq_exit_rcu+0xc9/0x110 [ 20.272930] irq_exit_rcu+0x12/0x20 [ 20.272957] sysvec_apic_timer_interrupt+0x81/0x90 [ 20.272996] </IRQ> [ 20.273078] <TASK> [ 20.273103] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 20.273232] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 20.273530] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 ed 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 20.273647] RSP: 0000:ffffffff9c807dd8 EFLAGS: 00010216 [ 20.273766] RAX: ffff8881bd493000 RBX: ffffffff9c81ca80 RCX: ffffffff9b60b015 [ 20.273832] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 000000000000edcc [ 20.273901] RBP: ffffffff9c807de0 R08: 0000000000000001 R09: ffffed102b606102 [ 20.273961] R10: ffff88815b030813 R11: 0000000000058000 R12: 0000000000000000 [ 20.274022] R13: fffffbfff3903950 R14: ffffffff9d39bf10 R15: 0000000000000000 [ 20.274147] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 20.274225] ? default_idle+0xd/0x20 [ 20.274258] arch_cpu_idle+0xd/0x20 [ 20.274311] default_idle_call+0x48/0x80 [ 20.274346] do_idle+0x379/0x4f0 [ 20.274383] ? __pfx_do_idle+0x10/0x10 [ 20.274411] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.274448] ? trace_preempt_on+0x20/0xc0 [ 20.274481] ? schedule+0x86/0x2e0 [ 20.274511] ? preempt_count_sub+0x50/0x80 [ 20.274547] cpu_startup_entry+0x5c/0x70 [ 20.274577] rest_init+0x11a/0x140 [ 20.274603] ? acpi_subsystem_init+0x5d/0x150 [ 20.274639] start_kernel+0x32b/0x410 [ 20.274670] x86_64_start_reservations+0x1c/0x30 [ 20.274702] x86_64_start_kernel+0xcf/0xe0 [ 20.274732] common_startup_64+0x13e/0x148 [ 20.274776] </TASK> [ 20.274792] [ 20.297829] Allocated by task 218: [ 20.298282] kasan_save_stack+0x45/0x70 [ 20.298829] kasan_save_track+0x18/0x40 [ 20.299248] kasan_save_alloc_info+0x3b/0x50 [ 20.299685] __kasan_kmalloc+0xb7/0xc0 [ 20.300255] __kmalloc_cache_noprof+0x189/0x420 [ 20.300733] rcu_uaf+0xb0/0x330 [ 20.301121] kunit_try_run_case+0x1a5/0x480 [ 20.301647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.302222] kthread+0x337/0x6f0 [ 20.302683] ret_from_fork+0x41/0x80 [ 20.303111] ret_from_fork_asm+0x1a/0x30 [ 20.303619] [ 20.303865] Freed by task 0: [ 20.304249] kasan_save_stack+0x45/0x70 [ 20.304686] kasan_save_track+0x18/0x40 [ 20.305124] kasan_save_free_info+0x3f/0x60 [ 20.305478] __kasan_slab_free+0x56/0x70 [ 20.305857] kfree+0x222/0x3f0 [ 20.306340] rcu_uaf_reclaim+0x1f/0x60 [ 20.306773] rcu_core+0x66c/0x1c30 [ 20.307223] rcu_core_si+0x12/0x20 [ 20.307677] handle_softirqs+0x209/0x730 [ 20.308113] __irq_exit_rcu+0xc9/0x110 [ 20.308529] irq_exit_rcu+0x12/0x20 [ 20.308962] sysvec_apic_timer_interrupt+0x81/0x90 [ 20.309518] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 20.310090] [ 20.310443] Last potentially related work creation: [ 20.310920] kasan_save_stack+0x45/0x70 [ 20.311419] kasan_record_aux_stack+0xb2/0xc0 [ 20.311899] __call_rcu_common.constprop.0+0x72/0x9c0 [ 20.312490] call_rcu+0x12/0x20 [ 20.312840] rcu_uaf+0x168/0x330 [ 20.313194] kunit_try_run_case+0x1a5/0x480 [ 20.313704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.314361] kthread+0x337/0x6f0 [ 20.314710] ret_from_fork+0x41/0x80 [ 20.315091] ret_from_fork_asm+0x1a/0x30 [ 20.315579] [ 20.315832] The buggy address belongs to the object at ffff8881030a5840 [ 20.315832] which belongs to the cache kmalloc-32 of size 32 [ 20.316853] The buggy address is located 0 bytes inside of [ 20.316853] freed 32-byte region [ffff8881030a5840, ffff8881030a5860) [ 20.317858] [ 20.318178] The buggy address belongs to the physical page: [ 20.318573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030a5 [ 20.319185] flags: 0x200000000000000(node=0|zone=2) [ 20.319726] page_type: f5(slab) [ 20.320227] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.320963] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.321475] page dumped because: kasan: bad access detected [ 20.321925] [ 20.322245] Memory state around the buggy address: [ 20.322801] ffff8881030a5700: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.323531] ffff8881030a5780: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 20.324237] >ffff8881030a5800: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.324893] ^ [ 20.325364] ffff8881030a5880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.326093] ffff8881030a5900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.326710] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 20.123264] ================================================================== [ 20.126513] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 20.129358] Read of size 1 at addr ffff888102ed7500 by task kunit_try_catch/216 [ 20.130255] [ 20.131304] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.131430] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.131465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.131516] Call Trace: [ 20.131563] <TASK> [ 20.131610] dump_stack_lvl+0x73/0xb0 [ 20.131693] print_report+0xd1/0x650 [ 20.131756] ? __virt_addr_valid+0x1db/0x2d0 [ 20.131812] ? ksize_uaf+0x5fe/0x6c0 [ 20.131871] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.131944] ? ksize_uaf+0x5fe/0x6c0 [ 20.132002] kasan_report+0x141/0x180 [ 20.132059] ? ksize_uaf+0x5fe/0x6c0 [ 20.132128] __asan_report_load1_noabort+0x18/0x20 [ 20.132178] ksize_uaf+0x5fe/0x6c0 [ 20.132236] ? __pfx_ksize_uaf+0x10/0x10 [ 20.132698] ? __schedule+0x10cc/0x2b60 [ 20.132780] ? __pfx_read_tsc+0x10/0x10 [ 20.132841] ? ktime_get_ts64+0x86/0x230 [ 20.132911] kunit_try_run_case+0x1a5/0x480 [ 20.133513] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.133574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.133634] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.133690] ? __kthread_parkme+0x82/0x180 [ 20.133744] ? preempt_count_sub+0x50/0x80 [ 20.133802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.133859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.133914] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.134107] kthread+0x337/0x6f0 [ 20.134158] ? trace_preempt_on+0x20/0xc0 [ 20.134215] ? __pfx_kthread+0x10/0x10 [ 20.134258] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.134352] ? calculate_sigpending+0x7b/0xa0 [ 20.134424] ? __pfx_kthread+0x10/0x10 [ 20.134487] ret_from_fork+0x41/0x80 [ 20.134557] ? __pfx_kthread+0x10/0x10 [ 20.134619] ret_from_fork_asm+0x1a/0x30 [ 20.134698] </TASK> [ 20.134732] [ 20.153311] Allocated by task 216: [ 20.153764] kasan_save_stack+0x45/0x70 [ 20.154696] kasan_save_track+0x18/0x40 [ 20.155453] kasan_save_alloc_info+0x3b/0x50 [ 20.155930] __kasan_kmalloc+0xb7/0xc0 [ 20.156522] __kmalloc_cache_noprof+0x189/0x420 [ 20.157738] ksize_uaf+0xaa/0x6c0 [ 20.158092] kunit_try_run_case+0x1a5/0x480 [ 20.158822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.159636] kthread+0x337/0x6f0 [ 20.159787] ret_from_fork+0x41/0x80 [ 20.159959] ret_from_fork_asm+0x1a/0x30 [ 20.160560] [ 20.161039] Freed by task 216: [ 20.162419] kasan_save_stack+0x45/0x70 [ 20.162745] kasan_save_track+0x18/0x40 [ 20.163549] kasan_save_free_info+0x3f/0x60 [ 20.163914] __kasan_slab_free+0x56/0x70 [ 20.165049] kfree+0x222/0x3f0 [ 20.165600] ksize_uaf+0x12c/0x6c0 [ 20.165902] kunit_try_run_case+0x1a5/0x480 [ 20.167224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.167608] kthread+0x337/0x6f0 [ 20.168000] ret_from_fork+0x41/0x80 [ 20.168864] ret_from_fork_asm+0x1a/0x30 [ 20.169572] [ 20.169821] The buggy address belongs to the object at ffff888102ed7500 [ 20.169821] which belongs to the cache kmalloc-128 of size 128 [ 20.171684] The buggy address is located 0 bytes inside of [ 20.171684] freed 128-byte region [ffff888102ed7500, ffff888102ed7580) [ 20.173738] [ 20.174179] The buggy address belongs to the physical page: [ 20.175579] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 20.176386] flags: 0x200000000000000(node=0|zone=2) [ 20.176877] page_type: f5(slab) [ 20.177647] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.178575] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.179462] page dumped because: kasan: bad access detected [ 20.179895] [ 20.180156] Memory state around the buggy address: [ 20.181281] ffff888102ed7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.181960] ffff888102ed7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.182752] >ffff888102ed7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.182994] ^ [ 20.183918] ffff888102ed7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.184462] ffff888102ed7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.185030] ================================================================== [ 20.062256] ================================================================== [ 20.063632] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 20.064216] Read of size 1 at addr ffff888102ed7500 by task kunit_try_catch/216 [ 20.066274] [ 20.066742] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.066875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.066899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.066939] Call Trace: [ 20.066981] <TASK> [ 20.067282] dump_stack_lvl+0x73/0xb0 [ 20.067366] print_report+0xd1/0x650 [ 20.067408] ? __virt_addr_valid+0x1db/0x2d0 [ 20.067446] ? ksize_uaf+0x19d/0x6c0 [ 20.067479] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.067515] ? ksize_uaf+0x19d/0x6c0 [ 20.067549] kasan_report+0x141/0x180 [ 20.067583] ? ksize_uaf+0x19d/0x6c0 [ 20.067621] ? ksize_uaf+0x19d/0x6c0 [ 20.067653] __kasan_check_byte+0x3d/0x50 [ 20.067687] ksize+0x20/0x60 [ 20.067719] ksize_uaf+0x19d/0x6c0 [ 20.067752] ? __pfx_ksize_uaf+0x10/0x10 [ 20.067785] ? __schedule+0x10cc/0x2b60 [ 20.067820] ? __pfx_read_tsc+0x10/0x10 [ 20.067854] ? ktime_get_ts64+0x86/0x230 [ 20.067915] kunit_try_run_case+0x1a5/0x480 [ 20.068238] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.068315] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.068360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.068398] ? __kthread_parkme+0x82/0x180 [ 20.068434] ? preempt_count_sub+0x50/0x80 [ 20.068473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.068510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.068546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.068582] kthread+0x337/0x6f0 [ 20.068608] ? trace_preempt_on+0x20/0xc0 [ 20.068646] ? __pfx_kthread+0x10/0x10 [ 20.068674] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.068707] ? calculate_sigpending+0x7b/0xa0 [ 20.068740] ? __pfx_kthread+0x10/0x10 [ 20.068768] ret_from_fork+0x41/0x80 [ 20.068803] ? __pfx_kthread+0x10/0x10 [ 20.068832] ret_from_fork_asm+0x1a/0x30 [ 20.068880] </TASK> [ 20.068896] [ 20.092392] Allocated by task 216: [ 20.093005] kasan_save_stack+0x45/0x70 [ 20.093702] kasan_save_track+0x18/0x40 [ 20.093878] kasan_save_alloc_info+0x3b/0x50 [ 20.094074] __kasan_kmalloc+0xb7/0xc0 [ 20.094240] __kmalloc_cache_noprof+0x189/0x420 [ 20.094966] ksize_uaf+0xaa/0x6c0 [ 20.095884] kunit_try_run_case+0x1a5/0x480 [ 20.096370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.096860] kthread+0x337/0x6f0 [ 20.097515] ret_from_fork+0x41/0x80 [ 20.097836] ret_from_fork_asm+0x1a/0x30 [ 20.098245] [ 20.098658] Freed by task 216: [ 20.098994] kasan_save_stack+0x45/0x70 [ 20.099454] kasan_save_track+0x18/0x40 [ 20.099964] kasan_save_free_info+0x3f/0x60 [ 20.100328] __kasan_slab_free+0x56/0x70 [ 20.100767] kfree+0x222/0x3f0 [ 20.101139] ksize_uaf+0x12c/0x6c0 [ 20.102119] kunit_try_run_case+0x1a5/0x480 [ 20.102552] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.103014] kthread+0x337/0x6f0 [ 20.103406] ret_from_fork+0x41/0x80 [ 20.103810] ret_from_fork_asm+0x1a/0x30 [ 20.104454] [ 20.104650] The buggy address belongs to the object at ffff888102ed7500 [ 20.104650] which belongs to the cache kmalloc-128 of size 128 [ 20.105686] The buggy address is located 0 bytes inside of [ 20.105686] freed 128-byte region [ffff888102ed7500, ffff888102ed7580) [ 20.107998] [ 20.108945] The buggy address belongs to the physical page: [ 20.109427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 20.110112] flags: 0x200000000000000(node=0|zone=2) [ 20.110583] page_type: f5(slab) [ 20.110939] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.112570] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.112827] page dumped because: kasan: bad access detected [ 20.113335] [ 20.113920] Memory state around the buggy address: [ 20.114434] ffff888102ed7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.115653] ffff888102ed7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.116307] >ffff888102ed7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.117511] ^ [ 20.118062] ffff888102ed7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.118884] ffff888102ed7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.120183] ================================================================== [ 20.187074] ================================================================== [ 20.188483] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 20.189104] Read of size 1 at addr ffff888102ed7578 by task kunit_try_catch/216 [ 20.190836] [ 20.191187] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 20.191328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.191363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.191416] Call Trace: [ 20.191468] <TASK> [ 20.191518] dump_stack_lvl+0x73/0xb0 [ 20.191585] print_report+0xd1/0x650 [ 20.191624] ? __virt_addr_valid+0x1db/0x2d0 [ 20.191659] ? ksize_uaf+0x5e4/0x6c0 [ 20.191691] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.191724] ? ksize_uaf+0x5e4/0x6c0 [ 20.191757] kasan_report+0x141/0x180 [ 20.191791] ? ksize_uaf+0x5e4/0x6c0 [ 20.191832] __asan_report_load1_noabort+0x18/0x20 [ 20.191865] ksize_uaf+0x5e4/0x6c0 [ 20.191916] ? __pfx_ksize_uaf+0x10/0x10 [ 20.191960] ? __schedule+0x10cc/0x2b60 [ 20.192489] ? __pfx_read_tsc+0x10/0x10 [ 20.192527] ? ktime_get_ts64+0x86/0x230 [ 20.192569] kunit_try_run_case+0x1a5/0x480 [ 20.192610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.192647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.192686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.192722] ? __kthread_parkme+0x82/0x180 [ 20.192757] ? preempt_count_sub+0x50/0x80 [ 20.192794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.192831] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.192867] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.192901] kthread+0x337/0x6f0 [ 20.192928] ? trace_preempt_on+0x20/0xc0 [ 20.192990] ? __pfx_kthread+0x10/0x10 [ 20.193062] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.193140] ? calculate_sigpending+0x7b/0xa0 [ 20.193193] ? __pfx_kthread+0x10/0x10 [ 20.193223] ret_from_fork+0x41/0x80 [ 20.193259] ? __pfx_kthread+0x10/0x10 [ 20.193307] ret_from_fork_asm+0x1a/0x30 [ 20.193361] </TASK> [ 20.193379] [ 20.214425] Allocated by task 216: [ 20.214845] kasan_save_stack+0x45/0x70 [ 20.215320] kasan_save_track+0x18/0x40 [ 20.215734] kasan_save_alloc_info+0x3b/0x50 [ 20.216154] __kasan_kmalloc+0xb7/0xc0 [ 20.217500] __kmalloc_cache_noprof+0x189/0x420 [ 20.217965] ksize_uaf+0xaa/0x6c0 [ 20.218396] kunit_try_run_case+0x1a5/0x480 [ 20.218822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.219346] kthread+0x337/0x6f0 [ 20.219856] ret_from_fork+0x41/0x80 [ 20.220198] ret_from_fork_asm+0x1a/0x30 [ 20.220611] [ 20.221660] Freed by task 216: [ 20.222488] kasan_save_stack+0x45/0x70 [ 20.223441] kasan_save_track+0x18/0x40 [ 20.223977] kasan_save_free_info+0x3f/0x60 [ 20.224396] __kasan_slab_free+0x56/0x70 [ 20.224785] kfree+0x222/0x3f0 [ 20.225122] ksize_uaf+0x12c/0x6c0 [ 20.226213] kunit_try_run_case+0x1a5/0x480 [ 20.227218] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.228378] kthread+0x337/0x6f0 [ 20.228654] ret_from_fork+0x41/0x80 [ 20.228992] ret_from_fork_asm+0x1a/0x30 [ 20.229385] [ 20.229550] The buggy address belongs to the object at ffff888102ed7500 [ 20.229550] which belongs to the cache kmalloc-128 of size 128 [ 20.231274] The buggy address is located 120 bytes inside of [ 20.231274] freed 128-byte region [ffff888102ed7500, ffff888102ed7580) [ 20.233253] [ 20.233477] The buggy address belongs to the physical page: [ 20.234422] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 20.235352] flags: 0x200000000000000(node=0|zone=2) [ 20.235922] page_type: f5(slab) [ 20.236819] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 20.237606] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 20.238214] page dumped because: kasan: bad access detected [ 20.239537] [ 20.239734] Memory state around the buggy address: [ 20.240724] ffff888102ed7400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.241558] ffff888102ed7480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.242066] >ffff888102ed7500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 20.243567] ^ [ 20.244528] ffff888102ed7580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.245323] ffff888102ed7600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.245910] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 18.159885] ================================================================== [ 18.161602] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 18.163205] Read of size 1 at addr ffff888103980000 by task kunit_try_catch/174 [ 18.164469] [ 18.164970] CPU: 1 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.165283] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.165329] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.165362] Call Trace: [ 18.165386] <TASK> [ 18.165413] dump_stack_lvl+0x73/0xb0 [ 18.165459] print_report+0xd1/0x650 [ 18.165497] ? __virt_addr_valid+0x1db/0x2d0 [ 18.165532] ? page_alloc_uaf+0x356/0x3d0 [ 18.165559] ? kasan_addr_to_slab+0x11/0xa0 [ 18.165590] ? page_alloc_uaf+0x356/0x3d0 [ 18.165618] kasan_report+0x141/0x180 [ 18.165651] ? page_alloc_uaf+0x356/0x3d0 [ 18.165684] __asan_report_load1_noabort+0x18/0x20 [ 18.165717] page_alloc_uaf+0x356/0x3d0 [ 18.165748] ? __pfx_page_alloc_uaf+0x10/0x10 [ 18.165778] ? __schedule+0x10cc/0x2b60 [ 18.165815] ? __pfx_read_tsc+0x10/0x10 [ 18.165846] ? ktime_get_ts64+0x86/0x230 [ 18.165885] kunit_try_run_case+0x1a5/0x480 [ 18.165925] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.166202] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.166255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.166318] ? __kthread_parkme+0x82/0x180 [ 18.166359] ? preempt_count_sub+0x50/0x80 [ 18.166398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.166437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.166475] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.166512] kthread+0x337/0x6f0 [ 18.166539] ? trace_preempt_on+0x20/0xc0 [ 18.166577] ? __pfx_kthread+0x10/0x10 [ 18.166606] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.166640] ? calculate_sigpending+0x7b/0xa0 [ 18.166673] ? __pfx_kthread+0x10/0x10 [ 18.166700] ret_from_fork+0x41/0x80 [ 18.166735] ? __pfx_kthread+0x10/0x10 [ 18.166762] ret_from_fork_asm+0x1a/0x30 [ 18.166809] </TASK> [ 18.166826] [ 18.187773] The buggy address belongs to the physical page: [ 18.189100] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103980 [ 18.190382] flags: 0x200000000000000(node=0|zone=2) [ 18.190771] page_type: f0(buddy) [ 18.191516] raw: 0200000000000000 ffff88817fffb4b8 ffff88817fffb4b8 0000000000000000 [ 18.192350] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 18.192906] page dumped because: kasan: bad access detected [ 18.193887] [ 18.194335] Memory state around the buggy address: [ 18.194717] ffff88810397ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.195783] ffff88810397ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.196754] >ffff888103980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.197709] ^ [ 18.198236] ffff888103980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.198820] ffff888103980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.199934] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 18.101556] ================================================================== [ 18.102647] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 18.103239] Free of addr ffff8881030bc001 by task kunit_try_catch/170 [ 18.104002] [ 18.104277] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.104422] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.104459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.104514] Call Trace: [ 18.104556] <TASK> [ 18.104607] dump_stack_lvl+0x73/0xb0 [ 18.104689] print_report+0xd1/0x650 [ 18.104761] ? __virt_addr_valid+0x1db/0x2d0 [ 18.104837] ? kasan_addr_to_slab+0x11/0xa0 [ 18.104904] ? kfree+0x274/0x3f0 [ 18.104969] kasan_report_invalid_free+0x10a/0x130 [ 18.105054] ? kfree+0x274/0x3f0 [ 18.105129] ? kfree+0x274/0x3f0 [ 18.105195] __kasan_kfree_large+0x86/0xd0 [ 18.105273] free_large_kmalloc+0x4b/0x110 [ 18.105370] kfree+0x274/0x3f0 [ 18.105705] kmalloc_large_invalid_free+0x120/0x2b0 [ 18.105794] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 18.105879] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 18.105967] kunit_try_run_case+0x1a5/0x480 [ 18.106167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.106239] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.106343] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.106417] ? __kthread_parkme+0x82/0x180 [ 18.106482] ? preempt_count_sub+0x50/0x80 [ 18.106522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.106557] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.106592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.106626] kthread+0x337/0x6f0 [ 18.106650] ? trace_preempt_on+0x20/0xc0 [ 18.106687] ? __pfx_kthread+0x10/0x10 [ 18.106712] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.106742] ? calculate_sigpending+0x7b/0xa0 [ 18.106772] ? __pfx_kthread+0x10/0x10 [ 18.106796] ret_from_fork+0x41/0x80 [ 18.106827] ? __pfx_kthread+0x10/0x10 [ 18.106851] ret_from_fork_asm+0x1a/0x30 [ 18.106894] </TASK> [ 18.106909] [ 18.129693] The buggy address belongs to the physical page: [ 18.130809] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030bc [ 18.131704] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.132484] flags: 0x200000000000040(head|node=0|zone=2) [ 18.132900] page_type: f8(unknown) [ 18.134390] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.134857] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.135808] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.136965] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.137963] head: 0200000000000002 ffffea00040c2f01 00000000ffffffff 00000000ffffffff [ 18.138789] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.140219] page dumped because: kasan: bad access detected [ 18.140754] [ 18.141393] Memory state around the buggy address: [ 18.141774] ffff8881030bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.142654] ffff8881030bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.143471] >ffff8881030bc000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.144783] ^ [ 18.145024] ffff8881030bc080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.145687] ffff8881030bc100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.146763] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 18.058731] ================================================================== [ 18.060300] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 18.060937] Read of size 1 at addr ffff8881030bc000 by task kunit_try_catch/168 [ 18.061638] [ 18.061922] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.062142] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.062183] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.062242] Call Trace: [ 18.062281] <TASK> [ 18.062456] dump_stack_lvl+0x73/0xb0 [ 18.062544] print_report+0xd1/0x650 [ 18.062603] ? __virt_addr_valid+0x1db/0x2d0 [ 18.062639] ? kmalloc_large_uaf+0x2f1/0x340 [ 18.062672] ? kasan_addr_to_slab+0x11/0xa0 [ 18.062704] ? kmalloc_large_uaf+0x2f1/0x340 [ 18.062766] kasan_report+0x141/0x180 [ 18.062840] ? kmalloc_large_uaf+0x2f1/0x340 [ 18.062961] __asan_report_load1_noabort+0x18/0x20 [ 18.063039] kmalloc_large_uaf+0x2f1/0x340 [ 18.063224] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 18.063329] ? __schedule+0x10cc/0x2b60 [ 18.063456] ? __pfx_read_tsc+0x10/0x10 [ 18.063529] ? ktime_get_ts64+0x86/0x230 [ 18.063607] kunit_try_run_case+0x1a5/0x480 [ 18.063668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.063705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.063743] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.063778] ? __kthread_parkme+0x82/0x180 [ 18.063813] ? preempt_count_sub+0x50/0x80 [ 18.063851] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.063899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.063935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.064002] kthread+0x337/0x6f0 [ 18.064037] ? trace_preempt_on+0x20/0xc0 [ 18.064138] ? __pfx_kthread+0x10/0x10 [ 18.064167] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.064200] ? calculate_sigpending+0x7b/0xa0 [ 18.064232] ? __pfx_kthread+0x10/0x10 [ 18.064260] ret_from_fork+0x41/0x80 [ 18.064318] ? __pfx_kthread+0x10/0x10 [ 18.064372] ret_from_fork_asm+0x1a/0x30 [ 18.064459] </TASK> [ 18.064491] [ 18.085480] The buggy address belongs to the physical page: [ 18.086243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1030bc [ 18.086891] flags: 0x200000000000000(node=0|zone=2) [ 18.087553] raw: 0200000000000000 ffffea00040e4208 ffff88815b139a80 0000000000000000 [ 18.088406] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 18.089232] page dumped because: kasan: bad access detected [ 18.089483] [ 18.089574] Memory state around the buggy address: [ 18.089752] ffff8881030bbf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.090133] ffff8881030bbf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.091582] >ffff8881030bc000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.092893] ^ [ 18.093780] ffff8881030bc080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094467] ffff8881030bc100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 18.094997] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 18.011383] ================================================================== [ 18.012572] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 18.013393] Write of size 1 at addr ffff8881029f200a by task kunit_try_catch/166 [ 18.014761] [ 18.015520] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 18.015611] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.015632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.015663] Call Trace: [ 18.015681] <TASK> [ 18.015707] dump_stack_lvl+0x73/0xb0 [ 18.015751] print_report+0xd1/0x650 [ 18.015788] ? __virt_addr_valid+0x1db/0x2d0 [ 18.015824] ? kmalloc_large_oob_right+0x2e9/0x330 [ 18.015858] ? kasan_addr_to_slab+0x11/0xa0 [ 18.015906] ? kmalloc_large_oob_right+0x2e9/0x330 [ 18.015943] kasan_report+0x141/0x180 [ 18.015978] ? kmalloc_large_oob_right+0x2e9/0x330 [ 18.016020] __asan_report_store1_noabort+0x1b/0x30 [ 18.016102] kmalloc_large_oob_right+0x2e9/0x330 [ 18.016180] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 18.016257] ? __schedule+0x10cc/0x2b60 [ 18.016354] ? __pfx_read_tsc+0x10/0x10 [ 18.016420] ? ktime_get_ts64+0x86/0x230 [ 18.016548] kunit_try_run_case+0x1a5/0x480 [ 18.016639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.016892] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.016934] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.017064] ? __kthread_parkme+0x82/0x180 [ 18.017153] ? preempt_count_sub+0x50/0x80 [ 18.017196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.017234] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.017271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.017336] kthread+0x337/0x6f0 [ 18.017366] ? trace_preempt_on+0x20/0xc0 [ 18.017405] ? __pfx_kthread+0x10/0x10 [ 18.017432] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.017465] ? calculate_sigpending+0x7b/0xa0 [ 18.017498] ? __pfx_kthread+0x10/0x10 [ 18.017525] ret_from_fork+0x41/0x80 [ 18.017559] ? __pfx_kthread+0x10/0x10 [ 18.017588] ret_from_fork_asm+0x1a/0x30 [ 18.017634] </TASK> [ 18.017650] [ 18.036670] The buggy address belongs to the physical page: [ 18.037338] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029f0 [ 18.037928] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 18.038725] flags: 0x200000000000040(head|node=0|zone=2) [ 18.039319] page_type: f8(unknown) [ 18.039665] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.040380] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.040917] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 18.041624] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 18.042312] head: 0200000000000002 ffffea00040a7c01 00000000ffffffff 00000000ffffffff [ 18.042789] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 18.043711] page dumped because: kasan: bad access detected [ 18.044261] [ 18.046212] Memory state around the buggy address: [ 18.046733] ffff8881029f1f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.047550] ffff8881029f1f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.048315] >ffff8881029f2000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.048791] ^ [ 18.049164] ffff8881029f2080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.049763] ffff8881029f2100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 18.051157] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 17.953451] ================================================================== [ 17.954719] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 17.955419] Write of size 1 at addr ffff888103879f00 by task kunit_try_catch/164 [ 17.956564] [ 17.956833] CPU: 1 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.956932] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.956951] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.956981] Call Trace: [ 17.957000] <TASK> [ 17.957048] dump_stack_lvl+0x73/0xb0 [ 17.957119] print_report+0xd1/0x650 [ 17.957159] ? __virt_addr_valid+0x1db/0x2d0 [ 17.957196] ? kmalloc_big_oob_right+0x316/0x370 [ 17.957233] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.957270] ? kmalloc_big_oob_right+0x316/0x370 [ 17.957475] kasan_report+0x141/0x180 [ 17.957567] ? kmalloc_big_oob_right+0x316/0x370 [ 17.957663] __asan_report_store1_noabort+0x1b/0x30 [ 17.957741] kmalloc_big_oob_right+0x316/0x370 [ 17.957807] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 17.957847] ? __schedule+0x10cc/0x2b60 [ 17.957888] ? __pfx_read_tsc+0x10/0x10 [ 17.957921] ? ktime_get_ts64+0x86/0x230 [ 17.957963] kunit_try_run_case+0x1a5/0x480 [ 17.958006] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.958070] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.958121] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.958161] ? __kthread_parkme+0x82/0x180 [ 17.958198] ? preempt_count_sub+0x50/0x80 [ 17.958237] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.958274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.958340] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.958378] kthread+0x337/0x6f0 [ 17.958405] ? trace_preempt_on+0x20/0xc0 [ 17.958443] ? __pfx_kthread+0x10/0x10 [ 17.958471] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.958506] ? calculate_sigpending+0x7b/0xa0 [ 17.958540] ? __pfx_kthread+0x10/0x10 [ 17.958568] ret_from_fork+0x41/0x80 [ 17.958601] ? __pfx_kthread+0x10/0x10 [ 17.958628] ret_from_fork_asm+0x1a/0x30 [ 17.958676] </TASK> [ 17.958690] [ 17.975545] Allocated by task 164: [ 17.975959] kasan_save_stack+0x45/0x70 [ 17.976542] kasan_save_track+0x18/0x40 [ 17.977044] kasan_save_alloc_info+0x3b/0x50 [ 17.977628] __kasan_kmalloc+0xb7/0xc0 [ 17.978241] __kmalloc_cache_noprof+0x189/0x420 [ 17.978847] kmalloc_big_oob_right+0xa9/0x370 [ 17.979228] kunit_try_run_case+0x1a5/0x480 [ 17.979582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.980121] kthread+0x337/0x6f0 [ 17.980693] ret_from_fork+0x41/0x80 [ 17.981209] ret_from_fork_asm+0x1a/0x30 [ 17.981729] [ 17.982065] The buggy address belongs to the object at ffff888103878000 [ 17.982065] which belongs to the cache kmalloc-8k of size 8192 [ 17.983247] The buggy address is located 0 bytes to the right of [ 17.983247] allocated 7936-byte region [ffff888103878000, ffff888103879f00) [ 17.987251] [ 17.987451] The buggy address belongs to the physical page: [ 17.987755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103878 [ 17.988229] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.988758] flags: 0x200000000000040(head|node=0|zone=2) [ 17.989329] page_type: f5(slab) [ 17.989660] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 17.990278] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.990918] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 17.991561] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 17.992052] head: 0200000000000003 ffffea00040e1e01 00000000ffffffff 00000000ffffffff [ 17.992645] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.995608] page dumped because: kasan: bad access detected [ 17.996771] [ 17.996938] Memory state around the buggy address: [ 17.997261] ffff888103879e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.998131] ffff888103879e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.999614] >ffff888103879f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.001201] ^ [ 18.001715] ffff888103879f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.003666] ffff88810387a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.004524] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 17.871674] ================================================================== [ 17.872885] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.874446] Write of size 1 at addr ffff888102ed7078 by task kunit_try_catch/162 [ 17.875864] [ 17.876139] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.876270] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.876331] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.876480] Call Trace: [ 17.876525] <TASK> [ 17.876577] dump_stack_lvl+0x73/0xb0 [ 17.876660] print_report+0xd1/0x650 [ 17.876742] ? __virt_addr_valid+0x1db/0x2d0 [ 17.876803] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.876838] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.876873] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.876905] kasan_report+0x141/0x180 [ 17.876939] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.877086] __asan_report_store1_noabort+0x1b/0x30 [ 17.877125] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 17.877159] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 17.877194] ? __schedule+0x10cc/0x2b60 [ 17.877227] ? __pfx_read_tsc+0x10/0x10 [ 17.877259] ? ktime_get_ts64+0x86/0x230 [ 17.877322] kunit_try_run_case+0x1a5/0x480 [ 17.877364] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.877399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.877437] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.877472] ? __kthread_parkme+0x82/0x180 [ 17.877507] ? preempt_count_sub+0x50/0x80 [ 17.877545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.877582] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.877616] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.877651] kthread+0x337/0x6f0 [ 17.877677] ? trace_preempt_on+0x20/0xc0 [ 17.877712] ? __pfx_kthread+0x10/0x10 [ 17.877739] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.877771] ? calculate_sigpending+0x7b/0xa0 [ 17.877803] ? __pfx_kthread+0x10/0x10 [ 17.877830] ret_from_fork+0x41/0x80 [ 17.877862] ? __pfx_kthread+0x10/0x10 [ 17.877889] ret_from_fork_asm+0x1a/0x30 [ 17.877933] </TASK> [ 17.877959] [ 17.897906] Allocated by task 162: [ 17.898740] kasan_save_stack+0x45/0x70 [ 17.899263] kasan_save_track+0x18/0x40 [ 17.899605] kasan_save_alloc_info+0x3b/0x50 [ 17.900624] __kasan_kmalloc+0xb7/0xc0 [ 17.900954] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 17.901723] kmalloc_track_caller_oob_right+0x99/0x520 [ 17.902200] kunit_try_run_case+0x1a5/0x480 [ 17.902661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.903716] kthread+0x337/0x6f0 [ 17.904786] ret_from_fork+0x41/0x80 [ 17.905485] ret_from_fork_asm+0x1a/0x30 [ 17.905790] [ 17.906027] The buggy address belongs to the object at ffff888102ed7000 [ 17.906027] which belongs to the cache kmalloc-128 of size 128 [ 17.907396] The buggy address is located 0 bytes to the right of [ 17.907396] allocated 120-byte region [ffff888102ed7000, ffff888102ed7078) [ 17.908274] [ 17.908795] The buggy address belongs to the physical page: [ 17.909978] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102ed7 [ 17.911241] flags: 0x200000000000000(node=0|zone=2) [ 17.911893] page_type: f5(slab) [ 17.912790] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.913621] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.914420] page dumped because: kasan: bad access detected [ 17.914908] [ 17.915326] Memory state around the buggy address: [ 17.915793] ffff888102ed6f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.916534] ffff888102ed6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.917660] >ffff888102ed7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.918528] ^ [ 17.919042] ffff888102ed7080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920007] ffff888102ed7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.920777] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 17.811570] ================================================================== [ 17.812382] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 17.813823] Read of size 1 at addr ffff888103841000 by task kunit_try_catch/160 [ 17.814634] [ 17.814932] CPU: 1 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.815389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.815415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.815449] Call Trace: [ 17.815476] <TASK> [ 17.815527] dump_stack_lvl+0x73/0xb0 [ 17.815580] print_report+0xd1/0x650 [ 17.815619] ? __virt_addr_valid+0x1db/0x2d0 [ 17.815655] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.815685] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.815719] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.815749] kasan_report+0x141/0x180 [ 17.815783] ? kmalloc_node_oob_right+0x369/0x3c0 [ 17.815820] __asan_report_load1_noabort+0x18/0x20 [ 17.815851] kmalloc_node_oob_right+0x369/0x3c0 [ 17.815893] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 17.815926] ? __schedule+0x10cc/0x2b60 [ 17.816363] ? __pfx_read_tsc+0x10/0x10 [ 17.816411] ? ktime_get_ts64+0x86/0x230 [ 17.816454] kunit_try_run_case+0x1a5/0x480 [ 17.816495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.816529] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.816566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.816601] ? __kthread_parkme+0x82/0x180 [ 17.816636] ? preempt_count_sub+0x50/0x80 [ 17.816675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.816712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.816748] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.816783] kthread+0x337/0x6f0 [ 17.816809] ? trace_preempt_on+0x20/0xc0 [ 17.816846] ? __pfx_kthread+0x10/0x10 [ 17.816872] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.816903] ? calculate_sigpending+0x7b/0xa0 [ 17.816936] ? __pfx_kthread+0x10/0x10 [ 17.816988] ret_from_fork+0x41/0x80 [ 17.817065] ? __pfx_kthread+0x10/0x10 [ 17.817151] ret_from_fork_asm+0x1a/0x30 [ 17.817202] </TASK> [ 17.817218] [ 17.837962] Allocated by task 160: [ 17.838791] kasan_save_stack+0x45/0x70 [ 17.839764] kasan_save_track+0x18/0x40 [ 17.840487] kasan_save_alloc_info+0x3b/0x50 [ 17.840962] __kasan_kmalloc+0xb7/0xc0 [ 17.841654] __kmalloc_cache_node_noprof+0x188/0x420 [ 17.842586] kmalloc_node_oob_right+0xab/0x3c0 [ 17.843187] kunit_try_run_case+0x1a5/0x480 [ 17.843604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.844608] kthread+0x337/0x6f0 [ 17.844906] ret_from_fork+0x41/0x80 [ 17.845562] ret_from_fork_asm+0x1a/0x30 [ 17.846188] [ 17.846545] The buggy address belongs to the object at ffff888103840000 [ 17.846545] which belongs to the cache kmalloc-4k of size 4096 [ 17.847759] The buggy address is located 0 bytes to the right of [ 17.847759] allocated 4096-byte region [ffff888103840000, ffff888103841000) [ 17.849580] [ 17.849772] The buggy address belongs to the physical page: [ 17.851217] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103840 [ 17.852352] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.852866] flags: 0x200000000000040(head|node=0|zone=2) [ 17.853788] page_type: f5(slab) [ 17.854279] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 17.855255] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.855904] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 17.856844] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 17.857799] head: 0200000000000003 ffffea00040e1001 00000000ffffffff 00000000ffffffff [ 17.858900] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 17.859800] page dumped because: kasan: bad access detected [ 17.860731] [ 17.860906] Memory state around the buggy address: [ 17.861233] ffff888103840f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.862550] ffff888103840f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 17.863266] >ffff888103841000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.863899] ^ [ 17.864450] ffff888103841080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865238] ffff888103841100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.865504] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 17.739531] ================================================================== [ 17.741016] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 17.741920] Read of size 1 at addr ffff8881026cd01f by task kunit_try_catch/158 [ 17.742851] [ 17.744158] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 17.744578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.744629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.744853] Call Trace: [ 17.745237] <TASK> [ 17.745475] dump_stack_lvl+0x73/0xb0 [ 17.745596] print_report+0xd1/0x650 [ 17.745650] ? __virt_addr_valid+0x1db/0x2d0 [ 17.745687] ? kmalloc_oob_left+0x361/0x3c0 [ 17.745723] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.745759] ? kmalloc_oob_left+0x361/0x3c0 [ 17.745794] kasan_report+0x141/0x180 [ 17.745829] ? kmalloc_oob_left+0x361/0x3c0 [ 17.745868] __asan_report_load1_noabort+0x18/0x20 [ 17.745901] kmalloc_oob_left+0x361/0x3c0 [ 17.745936] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 17.746020] ? __schedule+0x10cc/0x2b60 [ 17.746106] ? __pfx_read_tsc+0x10/0x10 [ 17.746147] ? ktime_get_ts64+0x86/0x230 [ 17.746188] kunit_try_run_case+0x1a5/0x480 [ 17.746228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.746263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.746327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.746366] ? __kthread_parkme+0x82/0x180 [ 17.746402] ? preempt_count_sub+0x50/0x80 [ 17.746441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.746479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.746514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.746551] kthread+0x337/0x6f0 [ 17.746578] ? trace_preempt_on+0x20/0xc0 [ 17.746616] ? __pfx_kthread+0x10/0x10 [ 17.746643] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.746678] ? calculate_sigpending+0x7b/0xa0 [ 17.746712] ? __pfx_kthread+0x10/0x10 [ 17.746740] ret_from_fork+0x41/0x80 [ 17.746772] ? __pfx_kthread+0x10/0x10 [ 17.746800] ret_from_fork_asm+0x1a/0x30 [ 17.746885] </TASK> [ 17.747027] [ 17.769761] Allocated by task 1: [ 17.771214] kasan_save_stack+0x45/0x70 [ 17.771940] kasan_save_track+0x18/0x40 [ 17.772244] kasan_save_alloc_info+0x3b/0x50 [ 17.772696] __kasan_kmalloc+0xb7/0xc0 [ 17.773219] __kmalloc_noprof+0x1c9/0x500 [ 17.773695] kobject_get_path+0xa7/0x1f0 [ 17.774447] kobject_uevent_env+0x1f9/0xff0 [ 17.774848] kobject_uevent+0xf/0x20 [ 17.775254] param_sysfs_builtin_init+0x28b/0x3a0 [ 17.775707] do_one_initcall+0xd8/0x370 [ 17.776131] kernel_init_freeable+0x420/0x6f0 [ 17.776498] kernel_init+0x23/0x1e0 [ 17.777040] ret_from_fork+0x41/0x80 [ 17.777494] ret_from_fork_asm+0x1a/0x30 [ 17.777936] [ 17.778163] Freed by task 1: [ 17.778672] kasan_save_stack+0x45/0x70 [ 17.779090] kasan_save_track+0x18/0x40 [ 17.780720] kasan_save_free_info+0x3f/0x60 [ 17.781275] __kasan_slab_free+0x56/0x70 [ 17.781633] kfree+0x222/0x3f0 [ 17.781999] kobject_uevent_env+0x233/0xff0 [ 17.782454] kobject_uevent+0xf/0x20 [ 17.782868] param_sysfs_builtin_init+0x28b/0x3a0 [ 17.783547] do_one_initcall+0xd8/0x370 [ 17.783920] kernel_init_freeable+0x420/0x6f0 [ 17.784396] kernel_init+0x23/0x1e0 [ 17.785476] ret_from_fork+0x41/0x80 [ 17.785822] ret_from_fork_asm+0x1a/0x30 [ 17.786554] [ 17.786889] The buggy address belongs to the object at ffff8881026cd000 [ 17.786889] which belongs to the cache kmalloc-16 of size 16 [ 17.788213] The buggy address is located 15 bytes to the right of [ 17.788213] allocated 16-byte region [ffff8881026cd000, ffff8881026cd010) [ 17.789241] [ 17.790070] The buggy address belongs to the physical page: [ 17.791272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1026cd [ 17.792240] flags: 0x200000000000000(node=0|zone=2) [ 17.793661] page_type: f5(slab) [ 17.794691] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.795487] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.796355] page dumped because: kasan: bad access detected [ 17.796883] [ 17.797508] Memory state around the buggy address: [ 17.798560] ffff8881026ccf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.799227] ffff8881026ccf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.799854] >ffff8881026cd000: fa fb fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 17.800658] ^ [ 17.801150] ffff8881026cd080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.802363] ffff8881026cd100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.802959] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 208.171601] WARNING: CPU: 1 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 208.172805] Modules linked in: [ 208.173681] CPU: 1 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 208.174865] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.175777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.176777] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 208.177557] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 ac 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 208.179095] RSP: 0000:ffff888102e6fc78 EFLAGS: 00010286 [ 208.179519] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 208.181114] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9bc23bf4 [ 208.181802] RBP: ffff888102e6fca0 R08: 0000000000000000 R09: ffffed10205e68a0 [ 208.182607] R10: ffff888102f34507 R11: 0000000000000000 R12: ffffffff9bc23be0 [ 208.183386] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102e6fd38 [ 208.184887] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 208.185768] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.186378] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 208.187291] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 208.187933] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.188519] Call Trace: [ 208.188833] <TASK> [ 208.189131] drm_test_rect_calc_vscale+0x108/0x270 [ 208.189832] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 208.190621] ? __schedule+0x10cc/0x2b60 [ 208.191258] ? __pfx_read_tsc+0x10/0x10 [ 208.192049] ? ktime_get_ts64+0x86/0x230 [ 208.192442] kunit_try_run_case+0x1a5/0x480 [ 208.192885] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.193299] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.194222] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.194793] ? __kthread_parkme+0x82/0x180 [ 208.195527] ? preempt_count_sub+0x50/0x80 [ 208.196159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.196766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.197544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.198378] kthread+0x337/0x6f0 [ 208.198796] ? trace_preempt_on+0x20/0xc0 [ 208.199242] ? __pfx_kthread+0x10/0x10 [ 208.199897] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.200596] ? calculate_sigpending+0x7b/0xa0 [ 208.201064] ? __pfx_kthread+0x10/0x10 [ 208.201534] ret_from_fork+0x41/0x80 [ 208.202412] ? __pfx_kthread+0x10/0x10 [ 208.202907] ret_from_fork_asm+0x1a/0x30 [ 208.203623] </TASK> [ 208.203900] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 208.121526] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 208.122842] Modules linked in: [ 208.123611] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 208.124509] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.124933] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.126347] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 208.126919] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 d0 ac 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 208.128840] RSP: 0000:ffff888102cc7c78 EFLAGS: 00010286 [ 208.129423] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 208.129883] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9bc23bbc [ 208.130899] RBP: ffff888102cc7ca0 R08: 0000000000000000 R09: ffffed102058caa0 [ 208.131667] R10: ffff888102c65507 R11: 0000000000000000 R12: ffffffff9bc23ba8 [ 208.132206] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102cc7d38 [ 208.133750] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 208.134406] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.134872] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 208.135690] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 208.136886] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.137763] Call Trace: [ 208.138414] <TASK> [ 208.138745] drm_test_rect_calc_vscale+0x108/0x270 [ 208.140500] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 208.142286] ? __schedule+0x10cc/0x2b60 [ 208.142733] ? __pfx_read_tsc+0x10/0x10 [ 208.143083] ? ktime_get_ts64+0x86/0x230 [ 208.143622] kunit_try_run_case+0x1a5/0x480 [ 208.144314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.146347] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.148714] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.150071] ? __kthread_parkme+0x82/0x180 [ 208.151567] ? preempt_count_sub+0x50/0x80 [ 208.153230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.154442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.155520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.156870] kthread+0x337/0x6f0 [ 208.157384] ? trace_preempt_on+0x20/0xc0 [ 208.157768] ? __pfx_kthread+0x10/0x10 [ 208.158137] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.158552] ? calculate_sigpending+0x7b/0xa0 [ 208.158940] ? __pfx_kthread+0x10/0x10 [ 208.159312] ret_from_fork+0x41/0x80 [ 208.160814] ? __pfx_kthread+0x10/0x10 [ 208.161568] ret_from_fork_asm+0x1a/0x30 [ 208.162672] </TASK> [ 208.162886] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 208.017129] WARNING: CPU: 1 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 208.019073] Modules linked in: [ 208.019854] CPU: 1 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 208.021195] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.021714] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.022492] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 208.023032] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 208.024620] RSP: 0000:ffff8881030ffc78 EFLAGS: 00010286 [ 208.025186] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 208.025838] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9bc23bc0 [ 208.026578] RBP: ffff8881030ffca0 R08: 0000000000000000 R09: ffffed102064af80 [ 208.027251] R10: ffff888103257c07 R11: 0000000000000000 R12: ffffffff9bc23ba8 [ 208.027835] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881030ffd38 [ 208.028638] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 208.029349] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.029891] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 208.030525] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 208.031228] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.031833] Call Trace: [ 208.032910] <TASK> [ 208.033434] drm_test_rect_calc_hscale+0x108/0x270 [ 208.033829] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 208.034590] ? __schedule+0x10cc/0x2b60 [ 208.035201] ? __pfx_read_tsc+0x10/0x10 [ 208.035567] ? ktime_get_ts64+0x86/0x230 [ 208.036206] kunit_try_run_case+0x1a5/0x480 [ 208.036698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.037405] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.038334] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.039560] ? __kthread_parkme+0x82/0x180 [ 208.040433] ? preempt_count_sub+0x50/0x80 [ 208.040867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.041306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.041789] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.042318] kthread+0x337/0x6f0 [ 208.042821] ? trace_preempt_on+0x20/0xc0 [ 208.043517] ? __pfx_kthread+0x10/0x10 [ 208.043910] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.044582] ? calculate_sigpending+0x7b/0xa0 [ 208.045237] ? __pfx_kthread+0x10/0x10 [ 208.045718] ret_from_fork+0x41/0x80 [ 208.046338] ? __pfx_kthread+0x10/0x10 [ 208.046700] ret_from_fork_asm+0x1a/0x30 [ 208.048115] </TASK> [ 208.048539] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 208.055768] WARNING: CPU: 1 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 208.057653] Modules linked in: [ 208.058405] CPU: 1 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 208.061004] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 208.061707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 208.062733] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 208.063482] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 208.064939] RSP: 0000:ffff888102cc7c78 EFLAGS: 00010286 [ 208.065732] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 208.066977] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff9bc23bf8 [ 208.067875] RBP: ffff888102cc7ca0 R08: 0000000000000000 R09: ffffed102064afc0 [ 208.068719] R10: ffff888103257e07 R11: 0000000000000000 R12: ffffffff9bc23be0 [ 208.069658] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102cc7d38 [ 208.070105] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 208.070402] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 208.071248] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 208.071905] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 208.072913] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 208.074538] Call Trace: [ 208.074928] <TASK> [ 208.075396] drm_test_rect_calc_hscale+0x108/0x270 [ 208.075886] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 208.076866] ? __schedule+0x10cc/0x2b60 [ 208.077712] ? __pfx_read_tsc+0x10/0x10 [ 208.078562] ? ktime_get_ts64+0x86/0x230 [ 208.079258] kunit_try_run_case+0x1a5/0x480 [ 208.079499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.079693] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 208.079881] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 208.080551] ? __kthread_parkme+0x82/0x180 [ 208.081414] ? preempt_count_sub+0x50/0x80 [ 208.082321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 208.083754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 208.084455] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 208.085114] kthread+0x337/0x6f0 [ 208.085573] ? trace_preempt_on+0x20/0xc0 [ 208.085976] ? __pfx_kthread+0x10/0x10 [ 208.087525] ? _raw_spin_unlock_irq+0x47/0x80 [ 208.088315] ? calculate_sigpending+0x7b/0xa0 [ 208.088926] ? __pfx_kthread+0x10/0x10 [ 208.089543] ret_from_fork+0x41/0x80 [ 208.089905] ? __pfx_kthread+0x10/0x10 [ 208.090765] ret_from_fork_asm+0x1a/0x30 [ 208.091556] </TASK> [ 208.091784] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 206.384713] WARNING: CPU: 1 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 206.385327] Modules linked in: [ 206.385785] CPU: 1 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 206.387148] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.387603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.388566] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 206.389185] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 206.390687] RSP: 0000:ffff888102b07b30 EFLAGS: 00010246 [ 206.391393] RAX: dffffc0000000000 RBX: ffff888102b07c28 RCX: 0000000000000000 [ 206.392062] RDX: 1ffff11020560f8e RSI: ffff888102b07c28 RDI: ffff888102b07c70 [ 206.392627] RBP: ffff888102b07b70 R08: ffff888102706000 R09: ffffffff9bbca7e0 [ 206.393450] R10: 0000000000000003 R11: 00000000c5135ced R12: ffff888102706000 [ 206.394266] R13: ffff88810031fae8 R14: ffff888102b07ba8 R15: 0000000000000000 [ 206.395387] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 206.396166] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.397132] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 206.397852] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 206.398703] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.399536] Call Trace: [ 206.400130] <TASK> [ 206.400576] ? add_dr+0xc1/0x1d0 [ 206.400953] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 206.401746] ? add_dr+0x148/0x1d0 [ 206.402202] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 206.403571] ? __drmm_add_action+0x1a4/0x280 [ 206.404111] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 206.404653] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 206.405273] ? __drmm_add_action_or_reset+0x22/0x50 [ 206.405875] ? __schedule+0x10cc/0x2b60 [ 206.406508] ? __pfx_read_tsc+0x10/0x10 [ 206.407111] ? ktime_get_ts64+0x86/0x230 [ 206.407614] kunit_try_run_case+0x1a5/0x480 [ 206.408233] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.408795] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 206.409460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.410130] ? __kthread_parkme+0x82/0x180 [ 206.410669] ? preempt_count_sub+0x50/0x80 [ 206.411175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.411755] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.412617] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.413379] kthread+0x337/0x6f0 [ 206.413898] ? trace_preempt_on+0x20/0xc0 [ 206.414428] ? __pfx_kthread+0x10/0x10 [ 206.414857] ? _raw_spin_unlock_irq+0x47/0x80 [ 206.415526] ? calculate_sigpending+0x7b/0xa0 [ 206.416039] ? __pfx_kthread+0x10/0x10 [ 206.416593] ret_from_fork+0x41/0x80 [ 206.417139] ? __pfx_kthread+0x10/0x10 [ 206.417560] ret_from_fork_asm+0x1a/0x30 [ 206.418174] </TASK> [ 206.418535] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 206.318758] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 206.319013] WARNING: CPU: 1 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 206.321573] Modules linked in: [ 206.322252] CPU: 1 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 206.323343] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 206.323825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 206.324728] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 206.325516] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 5b 81 84 00 48 c7 c1 e0 57 bc 9b 4c 89 fa 48 c7 c7 40 58 bc 9b 48 89 c6 e8 d2 c9 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 206.326959] RSP: 0000:ffff8881024f7b68 EFLAGS: 00010282 [ 206.327685] RAX: 0000000000000000 RBX: ffff8881024f7c40 RCX: 1ffffffff3924b3c [ 206.328401] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 206.328956] RBP: ffff8881024f7b90 R08: 0000000000000000 R09: fffffbfff3924b3c [ 206.329606] R10: 0000000000000003 R11: 0000000000034760 R12: ffff8881024f7c18 [ 206.330245] R13: ffff888103950800 R14: ffff888102704000 R15: ffff888101627c00 [ 206.331065] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 206.331671] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 206.332926] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 206.333750] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 206.334596] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 206.335127] Call Trace: [ 206.335710] <TASK> [ 206.336162] drm_test_framebuffer_free+0x1ab/0x610 [ 206.337383] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 206.337860] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 206.338716] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 206.339461] ? __drmm_add_action_or_reset+0x22/0x50 [ 206.340533] ? __schedule+0x10cc/0x2b60 [ 206.340942] ? __pfx_read_tsc+0x10/0x10 [ 206.341741] ? ktime_get_ts64+0x86/0x230 [ 206.342561] kunit_try_run_case+0x1a5/0x480 [ 206.343421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.343808] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 206.344622] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 206.345071] ? __kthread_parkme+0x82/0x180 [ 206.345931] ? preempt_count_sub+0x50/0x80 [ 206.346686] ? __pfx_kunit_try_run_case+0x10/0x10 [ 206.347457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 206.347954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 206.348769] kthread+0x337/0x6f0 [ 206.348932] ? trace_preempt_on+0x20/0xc0 [ 206.349129] ? __pfx_kthread+0x10/0x10 [ 206.349292] ? _raw_spin_unlock_irq+0x47/0x80 [ 206.350078] ? calculate_sigpending+0x7b/0xa0 [ 206.350784] ? __pfx_kthread+0x10/0x10 [ 206.351704] ret_from_fork+0x41/0x80 [ 206.352329] ? __pfx_kthread+0x10/0x10 [ 206.352920] ret_from_fork_asm+0x1a/0x30 [ 206.353585] </TASK> [ 206.353893] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 203.529452] WARNING: CPU: 0 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 203.530401] Modules linked in: [ 203.530983] CPU: 0 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 203.532476] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.533150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.533848] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 203.534867] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 203.536454] RSP: 0000:ffff888105bcfc90 EFLAGS: 00010246 [ 203.536945] RAX: dffffc0000000000 RBX: ffff888105808000 RCX: 0000000000000000 [ 203.537720] RDX: 1ffff11020b01032 RSI: ffffffff98df3058 RDI: ffff888105808190 [ 203.538688] RBP: ffff888105bcfca0 R08: 1ffff11020063f69 R09: ffffed1020b79f65 [ 203.539774] R10: 0000000000000003 R11: ffffffff983820a8 R12: 0000000000000000 [ 203.540220] R13: ffff888105bcfd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 203.541503] FS: 0000000000000000(0000) GS:ffff8881bd493000(0000) knlGS:0000000000000000 [ 203.542827] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.543640] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 203.544571] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30902 [ 203.545585] DR3: ffffffff9dc30903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.546298] Call Trace: [ 203.546627] <TASK> [ 203.547661] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 203.548581] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 203.549602] ? __schedule+0x10cc/0x2b60 [ 203.550292] ? __pfx_read_tsc+0x10/0x10 [ 203.550616] ? ktime_get_ts64+0x86/0x230 [ 203.551617] kunit_try_run_case+0x1a5/0x480 [ 203.552332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.552649] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.553460] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.554345] ? __kthread_parkme+0x82/0x180 [ 203.554872] ? preempt_count_sub+0x50/0x80 [ 203.555856] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.556794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.557756] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.558629] kthread+0x337/0x6f0 [ 203.559434] ? trace_preempt_on+0x20/0xc0 [ 203.560330] ? __pfx_kthread+0x10/0x10 [ 203.560737] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.561123] ? calculate_sigpending+0x7b/0xa0 [ 203.561931] ? __pfx_kthread+0x10/0x10 [ 203.562937] ret_from_fork+0x41/0x80 [ 203.563803] ? __pfx_kthread+0x10/0x10 [ 203.564707] ret_from_fork_asm+0x1a/0x30 [ 203.565287] </TASK> [ 203.565501] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 203.367320] WARNING: CPU: 0 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 203.368880] Modules linked in: [ 203.369248] CPU: 0 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 203.374204] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 203.374745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 203.375670] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 203.377133] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d c3 cc cc cc cc 48 89 df e8 d8 [ 203.379586] RSP: 0000:ffff888105c9fc90 EFLAGS: 00010246 [ 203.379878] RAX: dffffc0000000000 RBX: ffff8881068f8000 RCX: 0000000000000000 [ 203.380143] RDX: 1ffff11020d1f032 RSI: ffffffff98df3058 RDI: ffff8881068f8190 [ 203.380449] RBP: ffff888105c9fca0 R08: 1ffff11020063f69 R09: ffffed1020b93f65 [ 203.382322] R10: 0000000000000003 R11: ffffffff983820a8 R12: 0000000000000000 [ 203.383556] R13: ffff888105c9fd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 203.384671] FS: 0000000000000000(0000) GS:ffff8881bd493000(0000) knlGS:0000000000000000 [ 203.385318] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 203.386465] CR2: 00007ffff7ffe000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 203.387098] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30902 [ 203.387732] DR3: ffffffff9dc30903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 203.388435] Call Trace: [ 203.388893] <TASK> [ 203.389513] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 203.390609] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 203.391579] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 203.392800] kunit_try_run_case+0x1a5/0x480 [ 203.393478] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.394733] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 203.395625] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 203.396663] ? __kthread_parkme+0x82/0x180 [ 203.396985] ? preempt_count_sub+0x50/0x80 [ 203.397750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 203.398315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 203.398878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 203.399445] kthread+0x337/0x6f0 [ 203.399983] ? trace_preempt_on+0x20/0xc0 [ 203.401149] ? __pfx_kthread+0x10/0x10 [ 203.401797] ? _raw_spin_unlock_irq+0x47/0x80 [ 203.402684] ? calculate_sigpending+0x7b/0xa0 [ 203.403439] ? __pfx_kthread+0x10/0x10 [ 203.403992] ret_from_fork+0x41/0x80 [ 203.404770] ? __pfx_kthread+0x10/0x10 [ 203.405746] ret_from_fork_asm+0x1a/0x30 [ 203.406449] </TASK> [ 203.406641] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 152.667308] WARNING: CPU: 1 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 152.668034] Modules linked in: [ 152.669486] CPU: 1 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 152.671311] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 152.672476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 152.672950] RIP: 0010:intlog10+0x2a/0x40 [ 152.673945] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 152.676248] RSP: 0000:ffff888104957cb0 EFLAGS: 00010246 [ 152.677204] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff1102092afb4 [ 152.678215] RDX: 1ffffffff3752558 RSI: 1ffff1102092afb3 RDI: 0000000000000000 [ 152.678753] RBP: ffff888104957d60 R08: 0000000000000000 R09: ffffed1020950b60 [ 152.679829] R10: ffff888104a85b07 R11: 0000000000000000 R12: 1ffff1102092af97 [ 152.680440] R13: ffffffff9ba92ac0 R14: 0000000000000000 R15: ffff888104957d38 [ 152.681621] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 152.682854] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.685728] CR2: dffffc0000000000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 152.687494] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 152.689545] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 152.690819] Call Trace: [ 152.691060] <TASK> [ 152.691261] ? intlog10_test+0xf2/0x220 [ 152.694777] ? __pfx_intlog10_test+0x10/0x10 [ 152.695935] ? __schedule+0x10cc/0x2b60 [ 152.696797] ? __pfx_read_tsc+0x10/0x10 [ 152.697881] ? ktime_get_ts64+0x86/0x230 [ 152.698469] kunit_try_run_case+0x1a5/0x480 [ 152.699081] ? __pfx_kunit_try_run_case+0x10/0x10 [ 152.700379] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 152.700882] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 152.701801] ? __kthread_parkme+0x82/0x180 [ 152.702342] ? preempt_count_sub+0x50/0x80 [ 152.702792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 152.703284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 152.704639] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 152.705546] kthread+0x337/0x6f0 [ 152.705894] ? trace_preempt_on+0x20/0xc0 [ 152.706721] ? __pfx_kthread+0x10/0x10 [ 152.707639] ? _raw_spin_unlock_irq+0x47/0x80 [ 152.708550] ? calculate_sigpending+0x7b/0xa0 [ 152.709287] ? __pfx_kthread+0x10/0x10 [ 152.709642] ret_from_fork+0x41/0x80 [ 152.710396] ? __pfx_kthread+0x10/0x10 [ 152.711098] ret_from_fork_asm+0x1a/0x30 [ 152.711468] </TASK> [ 152.711675] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 152.584164] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 152.585464] Modules linked in: [ 152.586540] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.3-rc1 #1 PREEMPT(voluntary) [ 152.587444] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 152.588803] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 152.589713] RIP: 0010:intlog2+0xdf/0x110 [ 152.590524] Code: a9 9b c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 41 81 02 90 <0f> 0b 90 31 c0 e9 c7 41 81 02 89 45 e4 e8 3f d6 56 ff 8b 45 e4 eb [ 152.592339] RSP: 0000:ffff8881046ffcb0 EFLAGS: 00010246 [ 152.593114] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110208dffb4 [ 152.593876] RDX: 1ffffffff37525ac RSI: 1ffff110208dffb3 RDI: 0000000000000000 [ 152.594785] RBP: ffff8881046ffd60 R08: 0000000000000000 R09: ffffed1020950a40 [ 152.595749] R10: ffff888104a85207 R11: 0000000000000000 R12: 1ffff110208dff97 [ 152.596712] R13: ffffffff9ba92d60 R14: 0000000000000000 R15: ffff8881046ffd38 [ 152.597974] FS: 0000000000000000(0000) GS:ffff8881bd593000(0000) knlGS:0000000000000000 [ 152.598716] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 152.599373] CR2: dffffc0000000000 CR3: 000000006b8ba000 CR4: 00000000000006f0 [ 152.599945] DR0: ffffffff9dc30900 DR1: ffffffff9dc30901 DR2: ffffffff9dc30903 [ 152.600866] DR3: ffffffff9dc30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 152.602074] Call Trace: [ 152.602614] <TASK> [ 152.602956] ? intlog2_test+0xf2/0x220 [ 152.603710] ? __pfx_intlog2_test+0x10/0x10 [ 152.604422] ? __schedule+0x10cc/0x2b60 [ 152.605308] ? __pfx_read_tsc+0x10/0x10 [ 152.605800] ? ktime_get_ts64+0x86/0x230 [ 152.606790] kunit_try_run_case+0x1a5/0x480 [ 152.607525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 152.607917] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 152.608826] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 152.609606] ? __kthread_parkme+0x82/0x180 [ 152.609965] ? preempt_count_sub+0x50/0x80 [ 152.611251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 152.611720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 152.612755] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 152.613539] kthread+0x337/0x6f0 [ 152.614634] ? trace_preempt_on+0x20/0xc0 [ 152.614941] ? __pfx_kthread+0x10/0x10 [ 152.615849] ? _raw_spin_unlock_irq+0x47/0x80 [ 152.616775] ? calculate_sigpending+0x7b/0xa0 [ 152.617263] ? __pfx_kthread+0x10/0x10 [ 152.617852] ret_from_fork+0x41/0x80 [ 152.618699] ? __pfx_kthread+0x10/0x10 [ 152.619247] ret_from_fork_asm+0x1a/0x30 [ 152.620006] </TASK> [ 152.620542] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 151.505445] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI