Date
June 24, 2025, 12:47 p.m.
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 13.816002] ================================================================== [ 13.816734] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 13.817377] Read of size 1 at addr ffff888103a87d02 by task kunit_try_catch/269 [ 13.817783] [ 13.818654] CPU: 1 UID: 0 PID: 269 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.818784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.818804] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.818830] Call Trace: [ 13.818846] <TASK> [ 13.818869] dump_stack_lvl+0x73/0xb0 [ 13.818909] print_report+0xd1/0x650 [ 13.818931] ? __virt_addr_valid+0x1db/0x2d0 [ 13.818953] ? kasan_stack_oob+0x2b5/0x300 [ 13.818972] ? kasan_addr_to_slab+0x11/0xa0 [ 13.818990] ? kasan_stack_oob+0x2b5/0x300 [ 13.819010] kasan_report+0x141/0x180 [ 13.819030] ? kasan_stack_oob+0x2b5/0x300 [ 13.819053] __asan_report_load1_noabort+0x18/0x20 [ 13.819072] kasan_stack_oob+0x2b5/0x300 [ 13.819092] ? __pfx_kasan_stack_oob+0x10/0x10 [ 13.819109] ? finish_task_switch.isra.0+0x153/0x700 [ 13.819132] ? __switch_to+0x5d9/0xf60 [ 13.819153] ? dequeue_task_fair+0x156/0x4e0 [ 13.819175] ? __schedule+0x10cc/0x2b60 [ 13.819197] ? __pfx_read_tsc+0x10/0x10 [ 13.819215] ? ktime_get_ts64+0x86/0x230 [ 13.819241] kunit_try_run_case+0x1a5/0x480 [ 13.819266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.819287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.819309] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.819331] ? __kthread_parkme+0x82/0x180 [ 13.819351] ? preempt_count_sub+0x50/0x80 [ 13.819373] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.819394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.819415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.819436] kthread+0x337/0x6f0 [ 13.819452] ? trace_preempt_on+0x20/0xc0 [ 13.819474] ? __pfx_kthread+0x10/0x10 [ 13.819491] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.819510] ? calculate_sigpending+0x7b/0xa0 [ 13.819530] ? __pfx_kthread+0x10/0x10 [ 13.819570] ret_from_fork+0x41/0x80 [ 13.819591] ? __pfx_kthread+0x10/0x10 [ 13.819607] ret_from_fork_asm+0x1a/0x30 [ 13.819653] </TASK> [ 13.819666] [ 13.831934] The buggy address belongs to stack of task kunit_try_catch/269 [ 13.832449] and is located at offset 138 in frame: [ 13.832901] kasan_stack_oob+0x0/0x300 [ 13.833373] [ 13.833523] This frame has 4 objects: [ 13.834059] [48, 49) '__assertion' [ 13.834116] [64, 72) 'array' [ 13.834306] [96, 112) '__assertion' [ 13.834560] [128, 138) 'stack_array' [ 13.835166] [ 13.835459] The buggy address belongs to the physical page: [ 13.836035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a87 [ 13.836312] flags: 0x200000000000000(node=0|zone=2) [ 13.836818] raw: 0200000000000000 ffffea00040ea1c8 ffffea00040ea1c8 0000000000000000 [ 13.837253] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.837854] page dumped because: kasan: bad access detected [ 13.838142] [ 13.838241] Memory state around the buggy address: [ 13.838520] ffff888103a87c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.839190] ffff888103a87c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.839488] >ffff888103a87d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.840062] ^ [ 13.840253] ffff888103a87d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.840541] ffff888103a87e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.840772] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 48.027956] ================================================================== [ 48.028353] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 48.028353] [ 48.028841] Use-after-free read at 0x(____ptrval____) (in kfence-#144): [ 48.029048] test_krealloc+0x6fc/0xbe0 [ 48.029439] kunit_try_run_case+0x1a5/0x480 [ 48.029779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.030228] kthread+0x337/0x6f0 [ 48.030457] ret_from_fork+0x41/0x80 [ 48.030718] ret_from_fork_asm+0x1a/0x30 [ 48.030877] [ 48.030976] kfence-#144: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 48.030976] [ 48.031286] allocated by task 357 on cpu 1 at 48.027031s (0.004249s ago): [ 48.031758] test_alloc+0x364/0x10f0 [ 48.032146] test_krealloc+0xad/0xbe0 [ 48.032433] kunit_try_run_case+0x1a5/0x480 [ 48.032803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.033195] kthread+0x337/0x6f0 [ 48.033394] ret_from_fork+0x41/0x80 [ 48.033555] ret_from_fork_asm+0x1a/0x30 [ 48.033877] [ 48.034047] freed by task 357 on cpu 1 at 48.027430s (0.006613s ago): [ 48.034371] krealloc_noprof+0x108/0x340 [ 48.034646] test_krealloc+0x226/0xbe0 [ 48.034973] kunit_try_run_case+0x1a5/0x480 [ 48.035416] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 48.035726] kthread+0x337/0x6f0 [ 48.035939] ret_from_fork+0x41/0x80 [ 48.036154] ret_from_fork_asm+0x1a/0x30 [ 48.036326] [ 48.036487] CPU: 1 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 48.037195] Tainted: [B]=BAD_PAGE, [N]=TEST [ 48.037603] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 48.038046] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.931271] ================================================================== [ 47.931733] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.931733] [ 47.932052] Use-after-free read at 0x(____ptrval____) (in kfence-#143): [ 47.932878] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.933361] kunit_try_run_case+0x1a5/0x480 [ 47.933748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.934159] kthread+0x337/0x6f0 [ 47.934569] ret_from_fork+0x41/0x80 [ 47.934830] ret_from_fork_asm+0x1a/0x30 [ 47.935028] [ 47.935188] kfence-#143: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.935188] [ 47.935659] allocated by task 355 on cpu 1 at 47.925764s (0.009889s ago): [ 47.935992] test_alloc+0x2a6/0x10f0 [ 47.936252] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.936453] kunit_try_run_case+0x1a5/0x480 [ 47.936775] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.937103] kthread+0x337/0x6f0 [ 47.937253] ret_from_fork+0x41/0x80 [ 47.937508] ret_from_fork_asm+0x1a/0x30 [ 47.937787] [ 47.937914] freed by task 355 on cpu 1 at 47.925959s (0.011950s ago): [ 47.938183] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.938587] kunit_try_run_case+0x1a5/0x480 [ 47.938924] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.939301] kthread+0x337/0x6f0 [ 47.939486] ret_from_fork+0x41/0x80 [ 47.939775] ret_from_fork_asm+0x1a/0x30 [ 47.939952] [ 47.940155] CPU: 1 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 47.940892] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.941111] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.941646] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.524216] ================================================================== [ 23.525043] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.525043] [ 23.526168] Invalid read at 0x(____ptrval____): [ 23.527138] test_invalid_access+0xf0/0x210 [ 23.527679] kunit_try_run_case+0x1a5/0x480 [ 23.527866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.528309] kthread+0x337/0x6f0 [ 23.528869] ret_from_fork+0x41/0x80 [ 23.529045] ret_from_fork_asm+0x1a/0x30 [ 23.529676] [ 23.529861] CPU: 1 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 23.530390] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.531047] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.531686] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 23.275347] ================================================================== [ 23.275751] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.275751] [ 23.276034] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#139): [ 23.277355] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.277776] kunit_try_run_case+0x1a5/0x480 [ 23.277982] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.278181] kthread+0x337/0x6f0 [ 23.278475] ret_from_fork+0x41/0x80 [ 23.278786] ret_from_fork_asm+0x1a/0x30 [ 23.279207] [ 23.279372] kfence-#139: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.279372] [ 23.279986] allocated by task 345 on cpu 1 at 23.274946s (0.005035s ago): [ 23.280497] test_alloc+0x364/0x10f0 [ 23.280807] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 23.281119] kunit_try_run_case+0x1a5/0x480 [ 23.281309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.281519] kthread+0x337/0x6f0 [ 23.281679] ret_from_fork+0x41/0x80 [ 23.281969] ret_from_fork_asm+0x1a/0x30 [ 23.282322] [ 23.282498] freed by task 345 on cpu 1 at 23.275177s (0.007316s ago): [ 23.283028] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 23.283405] kunit_try_run_case+0x1a5/0x480 [ 23.283845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.284493] kthread+0x337/0x6f0 [ 23.284813] ret_from_fork+0x41/0x80 [ 23.284994] ret_from_fork_asm+0x1a/0x30 [ 23.285174] [ 23.285326] CPU: 1 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 23.286111] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.286337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.287048] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 23.171311] ================================================================== [ 23.171786] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.171786] [ 23.172122] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#138): [ 23.172599] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 23.173192] kunit_try_run_case+0x1a5/0x480 [ 23.173381] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.173607] kthread+0x337/0x6f0 [ 23.173788] ret_from_fork+0x41/0x80 [ 23.173974] ret_from_fork_asm+0x1a/0x30 [ 23.174223] [ 23.174420] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 23.174420] [ 23.175122] allocated by task 343 on cpu 1 at 23.170941s (0.004176s ago): [ 23.175391] test_alloc+0x364/0x10f0 [ 23.175582] test_kmalloc_aligned_oob_read+0x105/0x560 [ 23.175946] kunit_try_run_case+0x1a5/0x480 [ 23.176287] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.176732] kthread+0x337/0x6f0 [ 23.176976] ret_from_fork+0x41/0x80 [ 23.177242] ret_from_fork_asm+0x1a/0x30 [ 23.177425] [ 23.177572] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 23.178432] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.178613] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.178883] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 18.907305] ================================================================== [ 18.907697] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 18.907697] [ 18.907927] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#97): [ 18.908462] test_corruption+0x2df/0x3e0 [ 18.908763] kunit_try_run_case+0x1a5/0x480 [ 18.909136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.909408] kthread+0x337/0x6f0 [ 18.909552] ret_from_fork+0x41/0x80 [ 18.909922] ret_from_fork_asm+0x1a/0x30 [ 18.910234] [ 18.910434] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.910434] [ 18.910876] allocated by task 331 on cpu 0 at 18.906927s (0.003943s ago): [ 18.911262] test_alloc+0x364/0x10f0 [ 18.911572] test_corruption+0x1cb/0x3e0 [ 18.911892] kunit_try_run_case+0x1a5/0x480 [ 18.912130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.912328] kthread+0x337/0x6f0 [ 18.912478] ret_from_fork+0x41/0x80 [ 18.912746] ret_from_fork_asm+0x1a/0x30 [ 18.913047] [ 18.913195] freed by task 331 on cpu 0 at 18.907092s (0.006098s ago): [ 18.913674] test_corruption+0x2df/0x3e0 [ 18.914032] kunit_try_run_case+0x1a5/0x480 [ 18.914267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.914530] kthread+0x337/0x6f0 [ 18.914733] ret_from_fork+0x41/0x80 [ 18.914906] ret_from_fork_asm+0x1a/0x30 [ 18.915195] [ 18.915394] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.916086] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.916343] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.916865] ================================================================== [ 19.219117] ================================================================== [ 19.219702] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 19.219702] [ 19.220077] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#100): [ 19.220840] test_corruption+0x216/0x3e0 [ 19.221103] kunit_try_run_case+0x1a5/0x480 [ 19.221272] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.221487] kthread+0x337/0x6f0 [ 19.221796] ret_from_fork+0x41/0x80 [ 19.222128] ret_from_fork_asm+0x1a/0x30 [ 19.222445] [ 19.222611] kfence-#100: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.222611] [ 19.223150] allocated by task 333 on cpu 1 at 19.218886s (0.004258s ago): [ 19.223671] test_alloc+0x2a6/0x10f0 [ 19.224085] test_corruption+0x1cb/0x3e0 [ 19.224287] kunit_try_run_case+0x1a5/0x480 [ 19.224472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.224684] kthread+0x337/0x6f0 [ 19.224969] ret_from_fork+0x41/0x80 [ 19.225284] ret_from_fork_asm+0x1a/0x30 [ 19.225592] [ 19.225756] freed by task 333 on cpu 1 at 19.218986s (0.006766s ago): [ 19.226173] test_corruption+0x216/0x3e0 [ 19.226456] kunit_try_run_case+0x1a5/0x480 [ 19.226752] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.227079] kthread+0x337/0x6f0 [ 19.227289] ret_from_fork+0x41/0x80 [ 19.227453] ret_from_fork_asm+0x1a/0x30 [ 19.227641] [ 19.227875] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 19.228798] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.229075] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.229340] ================================================================== [ 19.011130] ================================================================== [ 19.011572] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 19.011572] [ 19.011837] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#98): [ 19.012867] test_corruption+0x131/0x3e0 [ 19.013746] kunit_try_run_case+0x1a5/0x480 [ 19.014042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.014161] kthread+0x337/0x6f0 [ 19.014243] ret_from_fork+0x41/0x80 [ 19.014331] ret_from_fork_asm+0x1a/0x30 [ 19.014421] [ 19.014475] kfence-#98: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 19.014475] [ 19.015022] allocated by task 333 on cpu 1 at 19.010912s (0.004106s ago): [ 19.015450] test_alloc+0x2a6/0x10f0 [ 19.015744] test_corruption+0xe6/0x3e0 [ 19.016016] kunit_try_run_case+0x1a5/0x480 [ 19.016249] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.016422] kthread+0x337/0x6f0 [ 19.017609] ret_from_fork+0x41/0x80 [ 19.017810] ret_from_fork_asm+0x1a/0x30 [ 19.018102] [ 19.018234] freed by task 333 on cpu 1 at 19.011001s (0.007229s ago): [ 19.018594] test_corruption+0x131/0x3e0 [ 19.019186] kunit_try_run_case+0x1a5/0x480 [ 19.019355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.020056] kthread+0x337/0x6f0 [ 19.020237] ret_from_fork+0x41/0x80 [ 19.020483] ret_from_fork_asm+0x1a/0x30 [ 19.020982] [ 19.021142] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 19.021855] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.022238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.022788] ================================================================== [ 18.803344] ================================================================== [ 18.803779] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 18.803779] [ 18.804032] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#96): [ 18.805654] test_corruption+0x2d2/0x3e0 [ 18.805850] kunit_try_run_case+0x1a5/0x480 [ 18.806187] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.806512] kthread+0x337/0x6f0 [ 18.806746] ret_from_fork+0x41/0x80 [ 18.806971] ret_from_fork_asm+0x1a/0x30 [ 18.807149] [ 18.807311] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.807311] [ 18.807800] allocated by task 331 on cpu 0 at 18.802987s (0.004807s ago): [ 18.808167] test_alloc+0x364/0x10f0 [ 18.808427] test_corruption+0xe6/0x3e0 [ 18.808709] kunit_try_run_case+0x1a5/0x480 [ 18.808899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.809096] kthread+0x337/0x6f0 [ 18.809311] ret_from_fork+0x41/0x80 [ 18.809617] ret_from_fork_asm+0x1a/0x30 [ 18.809937] [ 18.810109] freed by task 331 on cpu 0 at 18.803130s (0.006975s ago): [ 18.810476] test_corruption+0x2d2/0x3e0 [ 18.810700] kunit_try_run_case+0x1a5/0x480 [ 18.810933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.811284] kthread+0x337/0x6f0 [ 18.811529] ret_from_fork+0x41/0x80 [ 18.811833] ret_from_fork_asm+0x1a/0x30 [ 18.812128] [ 18.812339] CPU: 0 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.812856] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.813030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.813489] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 18.491088] ================================================================== [ 18.491569] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 18.491569] [ 18.491843] Invalid free of 0x(____ptrval____) (in kfence-#93): [ 18.492306] test_invalid_addr_free+0x1e1/0x260 [ 18.492614] kunit_try_run_case+0x1a5/0x480 [ 18.492824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.493174] kthread+0x337/0x6f0 [ 18.493427] ret_from_fork+0x41/0x80 [ 18.493846] ret_from_fork_asm+0x1a/0x30 [ 18.494589] [ 18.494794] kfence-#93: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.494794] [ 18.495219] allocated by task 327 on cpu 1 at 18.490880s (0.004335s ago): [ 18.495977] test_alloc+0x364/0x10f0 [ 18.496287] test_invalid_addr_free+0xdb/0x260 [ 18.496575] kunit_try_run_case+0x1a5/0x480 [ 18.496778] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.496963] kthread+0x337/0x6f0 [ 18.497233] ret_from_fork+0x41/0x80 [ 18.497567] ret_from_fork_asm+0x1a/0x30 [ 18.497769] [ 18.497982] CPU: 1 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.498618] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.498927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.499360] ================================================================== [ 18.595200] ================================================================== [ 18.595655] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 18.595655] [ 18.595912] Invalid free of 0x(____ptrval____) (in kfence-#94): [ 18.596340] test_invalid_addr_free+0xfb/0x260 [ 18.596674] kunit_try_run_case+0x1a5/0x480 [ 18.596990] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.597301] kthread+0x337/0x6f0 [ 18.597479] ret_from_fork+0x41/0x80 [ 18.597814] ret_from_fork_asm+0x1a/0x30 [ 18.598012] [ 18.598125] kfence-#94: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.598125] [ 18.598600] allocated by task 329 on cpu 0 at 18.594994s (0.003600s ago): [ 18.599218] test_alloc+0x2a6/0x10f0 [ 18.599463] test_invalid_addr_free+0xdb/0x260 [ 18.599648] kunit_try_run_case+0x1a5/0x480 [ 18.599833] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.600041] kthread+0x337/0x6f0 [ 18.600197] ret_from_fork+0x41/0x80 [ 18.600360] ret_from_fork_asm+0x1a/0x30 [ 18.600535] [ 18.600760] CPU: 0 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.601577] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.601903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.602739] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 18.283272] ================================================================== [ 18.283720] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 18.283720] [ 18.283978] Invalid free of 0x(____ptrval____) (in kfence-#91): [ 18.284683] test_double_free+0x1d3/0x260 [ 18.285370] kunit_try_run_case+0x1a5/0x480 [ 18.285698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.286092] kthread+0x337/0x6f0 [ 18.286372] ret_from_fork+0x41/0x80 [ 18.286736] ret_from_fork_asm+0x1a/0x30 [ 18.287074] [ 18.287248] kfence-#91: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 18.287248] [ 18.287616] allocated by task 323 on cpu 1 at 18.282908s (0.004704s ago): [ 18.287949] test_alloc+0x364/0x10f0 [ 18.288167] test_double_free+0xdb/0x260 [ 18.288415] kunit_try_run_case+0x1a5/0x480 [ 18.288760] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.288977] kthread+0x337/0x6f0 [ 18.289219] ret_from_fork+0x41/0x80 [ 18.289436] ret_from_fork_asm+0x1a/0x30 [ 18.289761] [ 18.289896] freed by task 323 on cpu 1 at 18.283035s (0.006857s ago): [ 18.290219] test_double_free+0x1e0/0x260 [ 18.290494] kunit_try_run_case+0x1a5/0x480 [ 18.290741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.291058] kthread+0x337/0x6f0 [ 18.291214] ret_from_fork+0x41/0x80 [ 18.291383] ret_from_fork_asm+0x1a/0x30 [ 18.291581] [ 18.291818] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.292561] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.292872] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.293281] ================================================================== [ 18.387202] ================================================================== [ 18.387596] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 18.387596] [ 18.388089] Invalid free of 0x(____ptrval____) (in kfence-#92): [ 18.388330] test_double_free+0x112/0x260 [ 18.388490] kunit_try_run_case+0x1a5/0x480 [ 18.388675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.388849] kthread+0x337/0x6f0 [ 18.389180] ret_from_fork+0x41/0x80 [ 18.389483] ret_from_fork_asm+0x1a/0x30 [ 18.389814] [ 18.389993] kfence-#92: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.389993] [ 18.390257] allocated by task 325 on cpu 0 at 18.386915s (0.003337s ago): [ 18.390502] test_alloc+0x2a6/0x10f0 [ 18.390817] test_double_free+0xdb/0x260 [ 18.391131] kunit_try_run_case+0x1a5/0x480 [ 18.391456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.391932] kthread+0x337/0x6f0 [ 18.392344] ret_from_fork+0x41/0x80 [ 18.392611] ret_from_fork_asm+0x1a/0x30 [ 18.392892] [ 18.393039] freed by task 325 on cpu 0 at 18.387019s (0.006015s ago): [ 18.393339] test_double_free+0xfa/0x260 [ 18.393505] kunit_try_run_case+0x1a5/0x480 [ 18.393722] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.394033] kthread+0x337/0x6f0 [ 18.394292] ret_from_fork+0x41/0x80 [ 18.394613] ret_from_fork_asm+0x1a/0x30 [ 18.394940] [ 18.395172] CPU: 0 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 18.395733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.396013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.396468] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 17.867316] ================================================================== [ 17.867881] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.867881] [ 17.868397] Use-after-free read at 0x(____ptrval____) (in kfence-#87): [ 17.868768] test_use_after_free_read+0x129/0x270 [ 17.869142] kunit_try_run_case+0x1a5/0x480 [ 17.869375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.869786] kthread+0x337/0x6f0 [ 17.869931] ret_from_fork+0x41/0x80 [ 17.870101] ret_from_fork_asm+0x1a/0x30 [ 17.870281] [ 17.870387] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.870387] [ 17.870877] allocated by task 315 on cpu 1 at 17.866915s (0.003957s ago): [ 17.871462] test_alloc+0x364/0x10f0 [ 17.871839] test_use_after_free_read+0xdc/0x270 [ 17.872251] kunit_try_run_case+0x1a5/0x480 [ 17.872605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.872927] kthread+0x337/0x6f0 [ 17.873085] ret_from_fork+0x41/0x80 [ 17.873247] ret_from_fork_asm+0x1a/0x30 [ 17.873466] [ 17.873896] freed by task 315 on cpu 1 at 17.867033s (0.006650s ago): [ 17.874609] test_use_after_free_read+0x1e7/0x270 [ 17.874974] kunit_try_run_case+0x1a5/0x480 [ 17.875314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.875749] kthread+0x337/0x6f0 [ 17.876017] ret_from_fork+0x41/0x80 [ 17.876293] ret_from_fork_asm+0x1a/0x30 [ 17.876726] [ 17.876996] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.877768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.878063] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.878608] ================================================================== [ 17.971033] ================================================================== [ 17.971461] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 17.971461] [ 17.971837] Use-after-free read at 0x(____ptrval____) (in kfence-#88): [ 17.972165] test_use_after_free_read+0x129/0x270 [ 17.972524] kunit_try_run_case+0x1a5/0x480 [ 17.972829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.973073] kthread+0x337/0x6f0 [ 17.973238] ret_from_fork+0x41/0x80 [ 17.973476] ret_from_fork_asm+0x1a/0x30 [ 17.973654] [ 17.973759] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.973759] [ 17.974422] allocated by task 317 on cpu 1 at 17.970825s (0.003591s ago): [ 17.974950] test_alloc+0x2a6/0x10f0 [ 17.975120] test_use_after_free_read+0xdc/0x270 [ 17.975302] kunit_try_run_case+0x1a5/0x480 [ 17.975481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.975816] kthread+0x337/0x6f0 [ 17.976067] ret_from_fork+0x41/0x80 [ 17.976311] ret_from_fork_asm+0x1a/0x30 [ 17.976595] [ 17.976772] freed by task 317 on cpu 1 at 17.970919s (0.005848s ago): [ 17.977327] test_use_after_free_read+0xfb/0x270 [ 17.977589] kunit_try_run_case+0x1a5/0x480 [ 17.977811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.978071] kthread+0x337/0x6f0 [ 17.978324] ret_from_fork+0x41/0x80 [ 17.978496] ret_from_fork_asm+0x1a/0x30 [ 17.978686] [ 17.978850] CPU: 1 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.979330] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.979586] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.980124] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 17.659155] ================================================================== [ 17.659562] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.659562] [ 17.659885] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#85): [ 17.660952] test_out_of_bounds_write+0x10d/0x260 [ 17.661257] kunit_try_run_case+0x1a5/0x480 [ 17.661559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.662267] kthread+0x337/0x6f0 [ 17.662594] ret_from_fork+0x41/0x80 [ 17.662850] ret_from_fork_asm+0x1a/0x30 [ 17.663208] [ 17.663462] kfence-#85: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.663462] [ 17.664147] allocated by task 311 on cpu 1 at 17.658936s (0.005205s ago): [ 17.664922] test_alloc+0x364/0x10f0 [ 17.665146] test_out_of_bounds_write+0xd4/0x260 [ 17.665688] kunit_try_run_case+0x1a5/0x480 [ 17.666052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.666250] kthread+0x337/0x6f0 [ 17.666806] ret_from_fork+0x41/0x80 [ 17.667019] ret_from_fork_asm+0x1a/0x30 [ 17.667171] [ 17.667479] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.668206] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.668459] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.669175] ================================================================== [ 17.763045] ================================================================== [ 17.763490] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 17.763490] [ 17.763804] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#86): [ 17.764227] test_out_of_bounds_write+0x10d/0x260 [ 17.764571] kunit_try_run_case+0x1a5/0x480 [ 17.764942] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.765158] kthread+0x337/0x6f0 [ 17.765382] ret_from_fork+0x41/0x80 [ 17.765646] ret_from_fork_asm+0x1a/0x30 [ 17.766041] [ 17.766146] kfence-#86: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.766146] [ 17.766740] allocated by task 313 on cpu 1 at 17.762943s (0.003774s ago): [ 17.767057] test_alloc+0x2a6/0x10f0 [ 17.767359] test_out_of_bounds_write+0xd4/0x260 [ 17.767692] kunit_try_run_case+0x1a5/0x480 [ 17.768112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.768361] kthread+0x337/0x6f0 [ 17.768516] ret_from_fork+0x41/0x80 [ 17.768780] ret_from_fork_asm+0x1a/0x30 [ 17.769087] [ 17.769314] CPU: 1 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.770001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.770232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.770564] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 17.140223] ================================================================== [ 17.140766] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.140766] [ 17.141481] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#80): [ 17.142335] test_out_of_bounds_read+0x126/0x4e0 [ 17.143022] kunit_try_run_case+0x1a5/0x480 [ 17.143457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.143999] kthread+0x337/0x6f0 [ 17.144277] ret_from_fork+0x41/0x80 [ 17.144700] ret_from_fork_asm+0x1a/0x30 [ 17.144902] [ 17.145336] kfence-#80: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.145336] [ 17.146556] allocated by task 307 on cpu 1 at 17.138939s (0.006963s ago): [ 17.147434] test_alloc+0x364/0x10f0 [ 17.147752] test_out_of_bounds_read+0xed/0x4e0 [ 17.147980] kunit_try_run_case+0x1a5/0x480 [ 17.148196] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.148537] kthread+0x337/0x6f0 [ 17.148992] ret_from_fork+0x41/0x80 [ 17.149160] ret_from_fork_asm+0x1a/0x30 [ 17.149838] [ 17.150065] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.150689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.151092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.151529] ================================================================== [ 17.451027] ================================================================== [ 17.451475] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 17.451475] [ 17.451809] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#83): [ 17.452523] test_out_of_bounds_read+0x126/0x4e0 [ 17.452975] kunit_try_run_case+0x1a5/0x480 [ 17.453213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.453476] kthread+0x337/0x6f0 [ 17.454048] ret_from_fork+0x41/0x80 [ 17.454482] ret_from_fork_asm+0x1a/0x30 [ 17.454892] [ 17.455030] kfence-#83: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.455030] [ 17.455509] allocated by task 309 on cpu 1 at 17.450923s (0.004580s ago): [ 17.456179] test_alloc+0x2a6/0x10f0 [ 17.456479] test_out_of_bounds_read+0xed/0x4e0 [ 17.456705] kunit_try_run_case+0x1a5/0x480 [ 17.457025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.457261] kthread+0x337/0x6f0 [ 17.457524] ret_from_fork+0x41/0x80 [ 17.457940] ret_from_fork_asm+0x1a/0x30 [ 17.458307] [ 17.458569] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.459494] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.459741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.460189] ================================================================== [ 17.555067] ================================================================== [ 17.555537] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.555537] [ 17.555878] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#84): [ 17.556173] test_out_of_bounds_read+0x216/0x4e0 [ 17.556346] kunit_try_run_case+0x1a5/0x480 [ 17.556503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.556717] kthread+0x337/0x6f0 [ 17.556862] ret_from_fork+0x41/0x80 [ 17.557026] ret_from_fork_asm+0x1a/0x30 [ 17.557182] [ 17.557278] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.557278] [ 17.557582] allocated by task 309 on cpu 1 at 17.554964s (0.002613s ago): [ 17.558105] test_alloc+0x2a6/0x10f0 [ 17.558427] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.558835] kunit_try_run_case+0x1a5/0x480 [ 17.559183] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.559570] kthread+0x337/0x6f0 [ 17.559855] ret_from_fork+0x41/0x80 [ 17.560144] ret_from_fork_asm+0x1a/0x30 [ 17.560474] [ 17.560760] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.561484] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.561745] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.562038] ================================================================== [ 17.347215] ================================================================== [ 17.347643] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 17.347643] [ 17.348035] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#82): [ 17.348510] test_out_of_bounds_read+0x216/0x4e0 [ 17.348801] kunit_try_run_case+0x1a5/0x480 [ 17.348959] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.349154] kthread+0x337/0x6f0 [ 17.349414] ret_from_fork+0x41/0x80 [ 17.349654] ret_from_fork_asm+0x1a/0x30 [ 17.349994] [ 17.350158] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.350158] [ 17.350874] allocated by task 307 on cpu 1 at 17.346946s (0.003922s ago): [ 17.351166] test_alloc+0x364/0x10f0 [ 17.351334] test_out_of_bounds_read+0x1e2/0x4e0 [ 17.351607] kunit_try_run_case+0x1a5/0x480 [ 17.351939] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.352379] kthread+0x337/0x6f0 [ 17.352677] ret_from_fork+0x41/0x80 [ 17.352839] ret_from_fork_asm+0x1a/0x30 [ 17.353110] [ 17.353315] CPU: 1 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 17.353845] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.354092] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.354513] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 16.669647] ================================================================== [ 16.670037] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 16.670548] Write of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.671032] [ 16.671216] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.671353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.671379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.671424] Call Trace: [ 16.671486] <TASK> [ 16.671528] dump_stack_lvl+0x73/0xb0 [ 16.671583] print_report+0xd1/0x650 [ 16.671647] ? __virt_addr_valid+0x1db/0x2d0 [ 16.671706] ? strncpy_from_user+0x2e/0x1d0 [ 16.671750] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.671798] ? strncpy_from_user+0x2e/0x1d0 [ 16.671843] kasan_report+0x141/0x180 [ 16.671892] ? strncpy_from_user+0x2e/0x1d0 [ 16.671950] kasan_check_range+0x10c/0x1c0 [ 16.671996] __kasan_check_write+0x18/0x20 [ 16.672037] strncpy_from_user+0x2e/0x1d0 [ 16.672080] ? __kasan_check_read+0x15/0x20 [ 16.672127] copy_user_test_oob+0x760/0x10f0 [ 16.672177] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.672219] ? finish_task_switch.isra.0+0x153/0x700 [ 16.672270] ? __switch_to+0x5d9/0xf60 [ 16.672311] ? dequeue_task_fair+0x166/0x4e0 [ 16.672363] ? __schedule+0x10cc/0x2b60 [ 16.672411] ? __pfx_read_tsc+0x10/0x10 [ 16.672452] ? ktime_get_ts64+0x86/0x230 [ 16.672495] kunit_try_run_case+0x1a5/0x480 [ 16.672536] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.672570] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.672599] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.672640] ? __kthread_parkme+0x82/0x180 [ 16.672666] ? preempt_count_sub+0x50/0x80 [ 16.672689] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.672712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.672734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.672756] kthread+0x337/0x6f0 [ 16.672773] ? trace_preempt_on+0x20/0xc0 [ 16.672798] ? __pfx_kthread+0x10/0x10 [ 16.672816] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.672837] ? calculate_sigpending+0x7b/0xa0 [ 16.672858] ? __pfx_kthread+0x10/0x10 [ 16.672877] ret_from_fork+0x41/0x80 [ 16.672896] ? __pfx_kthread+0x10/0x10 [ 16.672914] ret_from_fork_asm+0x1a/0x30 [ 16.672944] </TASK> [ 16.672957] [ 16.683199] Allocated by task 305: [ 16.683613] kasan_save_stack+0x45/0x70 [ 16.683983] kasan_save_track+0x18/0x40 [ 16.684292] kasan_save_alloc_info+0x3b/0x50 [ 16.684701] __kasan_kmalloc+0xb7/0xc0 [ 16.685027] __kmalloc_noprof+0x1c9/0x500 [ 16.685393] kunit_kmalloc_array+0x25/0x60 [ 16.685750] copy_user_test_oob+0xab/0x10f0 [ 16.685985] kunit_try_run_case+0x1a5/0x480 [ 16.686167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.686377] kthread+0x337/0x6f0 [ 16.686699] ret_from_fork+0x41/0x80 [ 16.687000] ret_from_fork_asm+0x1a/0x30 [ 16.687318] [ 16.687488] The buggy address belongs to the object at ffff8881029ed100 [ 16.687488] which belongs to the cache kmalloc-128 of size 128 [ 16.688291] The buggy address is located 0 bytes inside of [ 16.688291] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.688877] [ 16.688999] The buggy address belongs to the physical page: [ 16.689197] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.689471] flags: 0x200000000000000(node=0|zone=2) [ 16.689924] page_type: f5(slab) [ 16.690271] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.690858] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.691389] page dumped because: kasan: bad access detected [ 16.691644] [ 16.691754] Memory state around the buggy address: [ 16.691945] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.692328] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692874] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.693368] ^ [ 16.693892] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.694389] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.694752] ================================================================== [ 16.695764] ================================================================== [ 16.696650] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 16.697337] Write of size 1 at addr ffff8881029ed178 by task kunit_try_catch/305 [ 16.698533] [ 16.698840] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.698951] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.699004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.699055] Call Trace: [ 16.699101] <TASK> [ 16.699141] dump_stack_lvl+0x73/0xb0 [ 16.699239] print_report+0xd1/0x650 [ 16.699290] ? __virt_addr_valid+0x1db/0x2d0 [ 16.699333] ? strncpy_from_user+0x1a5/0x1d0 [ 16.699364] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.699402] ? strncpy_from_user+0x1a5/0x1d0 [ 16.699425] kasan_report+0x141/0x180 [ 16.699448] ? strncpy_from_user+0x1a5/0x1d0 [ 16.699474] __asan_report_store1_noabort+0x1b/0x30 [ 16.699494] strncpy_from_user+0x1a5/0x1d0 [ 16.699518] copy_user_test_oob+0x760/0x10f0 [ 16.699572] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.699595] ? finish_task_switch.isra.0+0x153/0x700 [ 16.699634] ? __switch_to+0x5d9/0xf60 [ 16.699659] ? dequeue_task_fair+0x166/0x4e0 [ 16.699683] ? __schedule+0x10cc/0x2b60 [ 16.699707] ? __pfx_read_tsc+0x10/0x10 [ 16.699726] ? ktime_get_ts64+0x86/0x230 [ 16.699751] kunit_try_run_case+0x1a5/0x480 [ 16.699776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.699797] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.699821] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.699843] ? __kthread_parkme+0x82/0x180 [ 16.699865] ? preempt_count_sub+0x50/0x80 [ 16.699887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.699908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.699930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.699952] kthread+0x337/0x6f0 [ 16.699969] ? trace_preempt_on+0x20/0xc0 [ 16.699992] ? __pfx_kthread+0x10/0x10 [ 16.700010] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.700030] ? calculate_sigpending+0x7b/0xa0 [ 16.700050] ? __pfx_kthread+0x10/0x10 [ 16.700069] ret_from_fork+0x41/0x80 [ 16.700089] ? __pfx_kthread+0x10/0x10 [ 16.700107] ret_from_fork_asm+0x1a/0x30 [ 16.700139] </TASK> [ 16.700153] [ 16.710190] Allocated by task 305: [ 16.710592] kasan_save_stack+0x45/0x70 [ 16.710956] kasan_save_track+0x18/0x40 [ 16.711248] kasan_save_alloc_info+0x3b/0x50 [ 16.711576] __kasan_kmalloc+0xb7/0xc0 [ 16.711901] __kmalloc_noprof+0x1c9/0x500 [ 16.712229] kunit_kmalloc_array+0x25/0x60 [ 16.712454] copy_user_test_oob+0xab/0x10f0 [ 16.712827] kunit_try_run_case+0x1a5/0x480 [ 16.713060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.713470] kthread+0x337/0x6f0 [ 16.713712] ret_from_fork+0x41/0x80 [ 16.713921] ret_from_fork_asm+0x1a/0x30 [ 16.714212] [ 16.714326] The buggy address belongs to the object at ffff8881029ed100 [ 16.714326] which belongs to the cache kmalloc-128 of size 128 [ 16.714951] The buggy address is located 0 bytes to the right of [ 16.714951] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.715862] [ 16.715994] The buggy address belongs to the physical page: [ 16.716324] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.716753] flags: 0x200000000000000(node=0|zone=2) [ 16.717027] page_type: f5(slab) [ 16.717329] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.717846] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.718230] page dumped because: kasan: bad access detected [ 16.718524] [ 16.718731] Memory state around the buggy address: [ 16.719003] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.719373] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.719669] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.719905] ^ [ 16.720347] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.720889] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.721378] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 16.642311] ================================================================== [ 16.643299] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 16.643949] Read of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.644383] [ 16.644916] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.645032] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.645058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.645096] Call Trace: [ 16.645134] <TASK> [ 16.645164] dump_stack_lvl+0x73/0xb0 [ 16.645201] print_report+0xd1/0x650 [ 16.645237] ? __virt_addr_valid+0x1db/0x2d0 [ 16.645264] ? copy_user_test_oob+0x604/0x10f0 [ 16.645285] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.645307] ? copy_user_test_oob+0x604/0x10f0 [ 16.645327] kasan_report+0x141/0x180 [ 16.645348] ? copy_user_test_oob+0x604/0x10f0 [ 16.645372] kasan_check_range+0x10c/0x1c0 [ 16.645392] __kasan_check_read+0x15/0x20 [ 16.645411] copy_user_test_oob+0x604/0x10f0 [ 16.645433] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.645452] ? finish_task_switch.isra.0+0x153/0x700 [ 16.645476] ? __switch_to+0x5d9/0xf60 [ 16.645497] ? dequeue_task_fair+0x166/0x4e0 [ 16.645520] ? __schedule+0x10cc/0x2b60 [ 16.645547] ? __pfx_read_tsc+0x10/0x10 [ 16.645577] ? ktime_get_ts64+0x86/0x230 [ 16.645666] kunit_try_run_case+0x1a5/0x480 [ 16.645718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.645763] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.645812] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.645847] ? __kthread_parkme+0x82/0x180 [ 16.645871] ? preempt_count_sub+0x50/0x80 [ 16.645895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.645918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.645955] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.645983] kthread+0x337/0x6f0 [ 16.646002] ? trace_preempt_on+0x20/0xc0 [ 16.646026] ? __pfx_kthread+0x10/0x10 [ 16.646045] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.646067] ? calculate_sigpending+0x7b/0xa0 [ 16.646087] ? __pfx_kthread+0x10/0x10 [ 16.646107] ret_from_fork+0x41/0x80 [ 16.646127] ? __pfx_kthread+0x10/0x10 [ 16.646146] ret_from_fork_asm+0x1a/0x30 [ 16.646177] </TASK> [ 16.646191] [ 16.655790] Allocated by task 305: [ 16.656123] kasan_save_stack+0x45/0x70 [ 16.656363] kasan_save_track+0x18/0x40 [ 16.656534] kasan_save_alloc_info+0x3b/0x50 [ 16.656860] __kasan_kmalloc+0xb7/0xc0 [ 16.657182] __kmalloc_noprof+0x1c9/0x500 [ 16.657492] kunit_kmalloc_array+0x25/0x60 [ 16.657925] copy_user_test_oob+0xab/0x10f0 [ 16.658303] kunit_try_run_case+0x1a5/0x480 [ 16.658686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.659094] kthread+0x337/0x6f0 [ 16.659365] ret_from_fork+0x41/0x80 [ 16.659634] ret_from_fork_asm+0x1a/0x30 [ 16.659817] [ 16.659975] The buggy address belongs to the object at ffff8881029ed100 [ 16.659975] which belongs to the cache kmalloc-128 of size 128 [ 16.660849] The buggy address is located 0 bytes inside of [ 16.660849] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.661573] [ 16.661798] The buggy address belongs to the physical page: [ 16.662110] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.662461] flags: 0x200000000000000(node=0|zone=2) [ 16.662922] page_type: f5(slab) [ 16.663200] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.663736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.664259] page dumped because: kasan: bad access detected [ 16.664605] [ 16.664778] Memory state around the buggy address: [ 16.665065] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.665380] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.665937] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.666277] ^ [ 16.666785] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667228] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.667746] ================================================================== [ 16.582619] ================================================================== [ 16.583215] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 16.583797] Read of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.584307] [ 16.584461] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.584593] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.584633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.584684] Call Trace: [ 16.584729] <TASK> [ 16.584774] dump_stack_lvl+0x73/0xb0 [ 16.584832] print_report+0xd1/0x650 [ 16.584873] ? __virt_addr_valid+0x1db/0x2d0 [ 16.584947] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.584989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.585049] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.585091] kasan_report+0x141/0x180 [ 16.585137] ? copy_user_test_oob+0x4aa/0x10f0 [ 16.585186] kasan_check_range+0x10c/0x1c0 [ 16.585228] __kasan_check_read+0x15/0x20 [ 16.585269] copy_user_test_oob+0x4aa/0x10f0 [ 16.585317] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.585358] ? finish_task_switch.isra.0+0x153/0x700 [ 16.585404] ? __switch_to+0x5d9/0xf60 [ 16.585445] ? dequeue_task_fair+0x166/0x4e0 [ 16.586250] ? __schedule+0x10cc/0x2b60 [ 16.586330] ? __pfx_read_tsc+0x10/0x10 [ 16.586357] ? ktime_get_ts64+0x86/0x230 [ 16.586386] kunit_try_run_case+0x1a5/0x480 [ 16.586431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.586476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.586525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.586567] ? __kthread_parkme+0x82/0x180 [ 16.586613] ? preempt_count_sub+0x50/0x80 [ 16.586683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.586733] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.586785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.586836] kthread+0x337/0x6f0 [ 16.586877] ? trace_preempt_on+0x20/0xc0 [ 16.586927] ? __pfx_kthread+0x10/0x10 [ 16.586968] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.586996] ? calculate_sigpending+0x7b/0xa0 [ 16.587019] ? __pfx_kthread+0x10/0x10 [ 16.587038] ret_from_fork+0x41/0x80 [ 16.587058] ? __pfx_kthread+0x10/0x10 [ 16.587075] ret_from_fork_asm+0x1a/0x30 [ 16.587105] </TASK> [ 16.587120] [ 16.598344] Allocated by task 305: [ 16.598631] kasan_save_stack+0x45/0x70 [ 16.598869] kasan_save_track+0x18/0x40 [ 16.599189] kasan_save_alloc_info+0x3b/0x50 [ 16.599544] __kasan_kmalloc+0xb7/0xc0 [ 16.599892] __kmalloc_noprof+0x1c9/0x500 [ 16.600070] kunit_kmalloc_array+0x25/0x60 [ 16.600252] copy_user_test_oob+0xab/0x10f0 [ 16.600789] kunit_try_run_case+0x1a5/0x480 [ 16.601000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.601239] kthread+0x337/0x6f0 [ 16.601404] ret_from_fork+0x41/0x80 [ 16.602181] ret_from_fork_asm+0x1a/0x30 [ 16.602742] [ 16.602951] The buggy address belongs to the object at ffff8881029ed100 [ 16.602951] which belongs to the cache kmalloc-128 of size 128 [ 16.603470] The buggy address is located 0 bytes inside of [ 16.603470] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.604440] [ 16.604915] The buggy address belongs to the physical page: [ 16.605213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.605779] flags: 0x200000000000000(node=0|zone=2) [ 16.606179] page_type: f5(slab) [ 16.606366] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.607065] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.607519] page dumped because: kasan: bad access detected [ 16.607841] [ 16.607946] Memory state around the buggy address: [ 16.608167] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.608463] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.609359] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.610000] ^ [ 16.610441] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.610704] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.611272] ================================================================== [ 16.559275] ================================================================== [ 16.559695] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 16.560074] Write of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.560534] [ 16.560797] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.560905] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.560929] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.560971] Call Trace: [ 16.561006] <TASK> [ 16.561046] dump_stack_lvl+0x73/0xb0 [ 16.561108] print_report+0xd1/0x650 [ 16.561158] ? __virt_addr_valid+0x1db/0x2d0 [ 16.561199] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.561236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.561283] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.561326] kasan_report+0x141/0x180 [ 16.561368] ? copy_user_test_oob+0x3fd/0x10f0 [ 16.561445] kasan_check_range+0x10c/0x1c0 [ 16.561489] __kasan_check_write+0x18/0x20 [ 16.561533] copy_user_test_oob+0x3fd/0x10f0 [ 16.561578] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.561618] ? finish_task_switch.isra.0+0x153/0x700 [ 16.561684] ? __switch_to+0x5d9/0xf60 [ 16.561721] ? dequeue_task_fair+0x166/0x4e0 [ 16.561770] ? __schedule+0x10cc/0x2b60 [ 16.561802] ? __pfx_read_tsc+0x10/0x10 [ 16.561829] ? ktime_get_ts64+0x86/0x230 [ 16.561861] kunit_try_run_case+0x1a5/0x480 [ 16.561895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561916] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.561941] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.561980] ? __kthread_parkme+0x82/0x180 [ 16.562004] ? preempt_count_sub+0x50/0x80 [ 16.562029] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.562052] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.562077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.562099] kthread+0x337/0x6f0 [ 16.562117] ? trace_preempt_on+0x20/0xc0 [ 16.562142] ? __pfx_kthread+0x10/0x10 [ 16.562160] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.562182] ? calculate_sigpending+0x7b/0xa0 [ 16.562204] ? __pfx_kthread+0x10/0x10 [ 16.562223] ret_from_fork+0x41/0x80 [ 16.562244] ? __pfx_kthread+0x10/0x10 [ 16.562262] ret_from_fork_asm+0x1a/0x30 [ 16.562293] </TASK> [ 16.562306] [ 16.571112] Allocated by task 305: [ 16.571463] kasan_save_stack+0x45/0x70 [ 16.571828] kasan_save_track+0x18/0x40 [ 16.572034] kasan_save_alloc_info+0x3b/0x50 [ 16.572215] __kasan_kmalloc+0xb7/0xc0 [ 16.572431] __kmalloc_noprof+0x1c9/0x500 [ 16.572797] kunit_kmalloc_array+0x25/0x60 [ 16.573107] copy_user_test_oob+0xab/0x10f0 [ 16.573424] kunit_try_run_case+0x1a5/0x480 [ 16.573664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.574030] kthread+0x337/0x6f0 [ 16.574212] ret_from_fork+0x41/0x80 [ 16.574517] ret_from_fork_asm+0x1a/0x30 [ 16.574717] [ 16.574822] The buggy address belongs to the object at ffff8881029ed100 [ 16.574822] which belongs to the cache kmalloc-128 of size 128 [ 16.575450] The buggy address is located 0 bytes inside of [ 16.575450] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.575822] [ 16.575935] The buggy address belongs to the physical page: [ 16.576135] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.576404] flags: 0x200000000000000(node=0|zone=2) [ 16.576601] page_type: f5(slab) [ 16.576932] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.577451] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.577980] page dumped because: kasan: bad access detected [ 16.578376] [ 16.578560] Memory state around the buggy address: [ 16.578914] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.579396] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.579835] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.580071] ^ [ 16.580316] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.580578] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.581090] ================================================================== [ 16.614004] ================================================================== [ 16.614379] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 16.614634] Write of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.615258] [ 16.615929] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.616045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.616070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.616104] Call Trace: [ 16.616131] <TASK> [ 16.616160] dump_stack_lvl+0x73/0xb0 [ 16.616196] print_report+0xd1/0x650 [ 16.616220] ? __virt_addr_valid+0x1db/0x2d0 [ 16.616243] ? copy_user_test_oob+0x557/0x10f0 [ 16.616262] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.616284] ? copy_user_test_oob+0x557/0x10f0 [ 16.616304] kasan_report+0x141/0x180 [ 16.616326] ? copy_user_test_oob+0x557/0x10f0 [ 16.616350] kasan_check_range+0x10c/0x1c0 [ 16.616370] __kasan_check_write+0x18/0x20 [ 16.616389] copy_user_test_oob+0x557/0x10f0 [ 16.616411] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.616430] ? finish_task_switch.isra.0+0x153/0x700 [ 16.616453] ? __switch_to+0x5d9/0xf60 [ 16.616474] ? dequeue_task_fair+0x166/0x4e0 [ 16.616497] ? __schedule+0x10cc/0x2b60 [ 16.616520] ? __pfx_read_tsc+0x10/0x10 [ 16.616542] ? ktime_get_ts64+0x86/0x230 [ 16.616579] kunit_try_run_case+0x1a5/0x480 [ 16.616633] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.616678] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.616725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.616773] ? __kthread_parkme+0x82/0x180 [ 16.616807] ? preempt_count_sub+0x50/0x80 [ 16.616832] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.616855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.616878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.616901] kthread+0x337/0x6f0 [ 16.616919] ? trace_preempt_on+0x20/0xc0 [ 16.616942] ? __pfx_kthread+0x10/0x10 [ 16.616960] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.616980] ? calculate_sigpending+0x7b/0xa0 [ 16.617002] ? __pfx_kthread+0x10/0x10 [ 16.617020] ret_from_fork+0x41/0x80 [ 16.617040] ? __pfx_kthread+0x10/0x10 [ 16.617058] ret_from_fork_asm+0x1a/0x30 [ 16.617089] </TASK> [ 16.617103] [ 16.629050] Allocated by task 305: [ 16.629329] kasan_save_stack+0x45/0x70 [ 16.630014] kasan_save_track+0x18/0x40 [ 16.630220] kasan_save_alloc_info+0x3b/0x50 [ 16.630410] __kasan_kmalloc+0xb7/0xc0 [ 16.631028] __kmalloc_noprof+0x1c9/0x500 [ 16.631235] kunit_kmalloc_array+0x25/0x60 [ 16.631386] copy_user_test_oob+0xab/0x10f0 [ 16.631954] kunit_try_run_case+0x1a5/0x480 [ 16.632213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.632748] kthread+0x337/0x6f0 [ 16.632996] ret_from_fork+0x41/0x80 [ 16.633376] ret_from_fork_asm+0x1a/0x30 [ 16.633976] [ 16.634099] The buggy address belongs to the object at ffff8881029ed100 [ 16.634099] which belongs to the cache kmalloc-128 of size 128 [ 16.634571] The buggy address is located 0 bytes inside of [ 16.634571] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.635033] [ 16.635144] The buggy address belongs to the physical page: [ 16.635379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.635752] flags: 0x200000000000000(node=0|zone=2) [ 16.635959] page_type: f5(slab) [ 16.636127] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.637169] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.637474] page dumped because: kasan: bad access detected [ 16.637718] [ 16.637834] Memory state around the buggy address: [ 16.638568] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.638972] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.639441] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.639852] ^ [ 16.640270] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.640807] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.641090] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 16.529184] ================================================================== [ 16.529601] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 16.529986] Read of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.530455] [ 16.530695] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.530801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.530827] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.530872] Call Trace: [ 16.530939] <TASK> [ 16.530983] dump_stack_lvl+0x73/0xb0 [ 16.531040] print_report+0xd1/0x650 [ 16.531091] ? __virt_addr_valid+0x1db/0x2d0 [ 16.531135] ? _copy_to_user+0x4a/0x70 [ 16.531173] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.531211] ? _copy_to_user+0x4a/0x70 [ 16.531244] kasan_report+0x141/0x180 [ 16.531288] ? _copy_to_user+0x4a/0x70 [ 16.531334] kasan_check_range+0x10c/0x1c0 [ 16.531377] __kasan_check_read+0x15/0x20 [ 16.531414] _copy_to_user+0x4a/0x70 [ 16.531449] copy_user_test_oob+0x364/0x10f0 [ 16.531517] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.531557] ? finish_task_switch.isra.0+0x153/0x700 [ 16.531599] ? __switch_to+0x5d9/0xf60 [ 16.531653] ? dequeue_task_fair+0x166/0x4e0 [ 16.531705] ? __schedule+0x10cc/0x2b60 [ 16.531737] ? __pfx_read_tsc+0x10/0x10 [ 16.531759] ? ktime_get_ts64+0x86/0x230 [ 16.531784] kunit_try_run_case+0x1a5/0x480 [ 16.531807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.531852] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.531875] ? __kthread_parkme+0x82/0x180 [ 16.531897] ? preempt_count_sub+0x50/0x80 [ 16.531920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.531943] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.531965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.531987] kthread+0x337/0x6f0 [ 16.532004] ? trace_preempt_on+0x20/0xc0 [ 16.532027] ? __pfx_kthread+0x10/0x10 [ 16.532045] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.532066] ? calculate_sigpending+0x7b/0xa0 [ 16.532088] ? __pfx_kthread+0x10/0x10 [ 16.532107] ret_from_fork+0x41/0x80 [ 16.532127] ? __pfx_kthread+0x10/0x10 [ 16.532144] ret_from_fork_asm+0x1a/0x30 [ 16.532173] </TASK> [ 16.532186] [ 16.541073] Allocated by task 305: [ 16.541427] kasan_save_stack+0x45/0x70 [ 16.541889] kasan_save_track+0x18/0x40 [ 16.542207] kasan_save_alloc_info+0x3b/0x50 [ 16.542539] __kasan_kmalloc+0xb7/0xc0 [ 16.542847] __kmalloc_noprof+0x1c9/0x500 [ 16.543121] kunit_kmalloc_array+0x25/0x60 [ 16.543427] copy_user_test_oob+0xab/0x10f0 [ 16.543673] kunit_try_run_case+0x1a5/0x480 [ 16.543849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.544093] kthread+0x337/0x6f0 [ 16.544248] ret_from_fork+0x41/0x80 [ 16.544411] ret_from_fork_asm+0x1a/0x30 [ 16.544584] [ 16.544786] The buggy address belongs to the object at ffff8881029ed100 [ 16.544786] which belongs to the cache kmalloc-128 of size 128 [ 16.545567] The buggy address is located 0 bytes inside of [ 16.545567] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.547544] [ 16.547753] The buggy address belongs to the physical page: [ 16.548209] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.548552] flags: 0x200000000000000(node=0|zone=2) [ 16.549054] page_type: f5(slab) [ 16.549236] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.549736] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.550076] page dumped because: kasan: bad access detected [ 16.550464] [ 16.550608] Memory state around the buggy address: [ 16.550962] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.551207] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.551683] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.552153] ^ [ 16.552561] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.552910] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.553254] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 16.499072] ================================================================== [ 16.499668] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 16.500271] Write of size 121 at addr ffff8881029ed100 by task kunit_try_catch/305 [ 16.500874] [ 16.501035] CPU: 1 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.501140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.501169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.501213] Call Trace: [ 16.501244] <TASK> [ 16.501337] dump_stack_lvl+0x73/0xb0 [ 16.501404] print_report+0xd1/0x650 [ 16.501484] ? __virt_addr_valid+0x1db/0x2d0 [ 16.501533] ? _copy_from_user+0x32/0x90 [ 16.501578] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.501643] ? _copy_from_user+0x32/0x90 [ 16.501684] kasan_report+0x141/0x180 [ 16.501727] ? _copy_from_user+0x32/0x90 [ 16.501776] kasan_check_range+0x10c/0x1c0 [ 16.501857] __kasan_check_write+0x18/0x20 [ 16.501899] _copy_from_user+0x32/0x90 [ 16.501938] copy_user_test_oob+0x2be/0x10f0 [ 16.501993] ? __pfx_copy_user_test_oob+0x10/0x10 [ 16.502030] ? finish_task_switch.isra.0+0x153/0x700 [ 16.502079] ? __switch_to+0x5d9/0xf60 [ 16.502155] ? dequeue_task_fair+0x166/0x4e0 [ 16.502205] ? __schedule+0x10cc/0x2b60 [ 16.502254] ? __pfx_read_tsc+0x10/0x10 [ 16.502317] ? ktime_get_ts64+0x86/0x230 [ 16.502366] kunit_try_run_case+0x1a5/0x480 [ 16.502417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.502463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.502513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.502540] ? __kthread_parkme+0x82/0x180 [ 16.502577] ? preempt_count_sub+0x50/0x80 [ 16.502602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.502643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.502670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.502694] kthread+0x337/0x6f0 [ 16.502712] ? trace_preempt_on+0x20/0xc0 [ 16.502738] ? __pfx_kthread+0x10/0x10 [ 16.502757] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.502779] ? calculate_sigpending+0x7b/0xa0 [ 16.502803] ? __pfx_kthread+0x10/0x10 [ 16.502822] ret_from_fork+0x41/0x80 [ 16.502843] ? __pfx_kthread+0x10/0x10 [ 16.502862] ret_from_fork_asm+0x1a/0x30 [ 16.502894] </TASK> [ 16.502910] [ 16.512094] Allocated by task 305: [ 16.512517] kasan_save_stack+0x45/0x70 [ 16.512991] kasan_save_track+0x18/0x40 [ 16.513350] kasan_save_alloc_info+0x3b/0x50 [ 16.513772] __kasan_kmalloc+0xb7/0xc0 [ 16.513996] __kmalloc_noprof+0x1c9/0x500 [ 16.514231] kunit_kmalloc_array+0x25/0x60 [ 16.514569] copy_user_test_oob+0xab/0x10f0 [ 16.514939] kunit_try_run_case+0x1a5/0x480 [ 16.515149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.515388] kthread+0x337/0x6f0 [ 16.515560] ret_from_fork+0x41/0x80 [ 16.515877] ret_from_fork_asm+0x1a/0x30 [ 16.516196] [ 16.516356] The buggy address belongs to the object at ffff8881029ed100 [ 16.516356] which belongs to the cache kmalloc-128 of size 128 [ 16.516741] The buggy address is located 0 bytes inside of [ 16.516741] allocated 120-byte region [ffff8881029ed100, ffff8881029ed178) [ 16.517103] [ 16.517216] The buggy address belongs to the physical page: [ 16.517413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ed [ 16.517938] flags: 0x200000000000000(node=0|zone=2) [ 16.518337] page_type: f5(slab) [ 16.518651] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.519366] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.519971] page dumped because: kasan: bad access detected [ 16.520169] [ 16.520272] Memory state around the buggy address: [ 16.520459] ffff8881029ed000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.521011] ffff8881029ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.521478] >ffff8881029ed100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.521928] ^ [ 16.522285] ffff8881029ed180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522597] ffff8881029ed200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.522975] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 16.452017] ================================================================== [ 16.452645] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 16.452981] Write of size 8 at addr ffff888102d97d78 by task kunit_try_catch/301 [ 16.453779] [ 16.453909] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.453993] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.454007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.454033] Call Trace: [ 16.454055] <TASK> [ 16.454080] dump_stack_lvl+0x73/0xb0 [ 16.454115] print_report+0xd1/0x650 [ 16.454143] ? __virt_addr_valid+0x1db/0x2d0 [ 16.454166] ? copy_to_kernel_nofault+0x99/0x260 [ 16.454188] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.454213] ? copy_to_kernel_nofault+0x99/0x260 [ 16.454233] kasan_report+0x141/0x180 [ 16.454256] ? copy_to_kernel_nofault+0x99/0x260 [ 16.454283] kasan_check_range+0x10c/0x1c0 [ 16.454318] __kasan_check_write+0x18/0x20 [ 16.454350] copy_to_kernel_nofault+0x99/0x260 [ 16.454387] copy_to_kernel_nofault_oob+0x288/0x560 [ 16.454426] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.454467] ? finish_task_switch.isra.0+0x153/0x700 [ 16.454512] ? __schedule+0x10cc/0x2b60 [ 16.454562] ? trace_hardirqs_on+0x37/0xe0 [ 16.454823] ? __pfx_read_tsc+0x10/0x10 [ 16.454908] ? ktime_get_ts64+0x86/0x230 [ 16.454980] kunit_try_run_case+0x1a5/0x480 [ 16.455042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.455084] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.455120] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.455146] ? __kthread_parkme+0x82/0x180 [ 16.455171] ? preempt_count_sub+0x50/0x80 [ 16.455196] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.455221] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.455245] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.455269] kthread+0x337/0x6f0 [ 16.455332] ? trace_preempt_on+0x20/0xc0 [ 16.455370] ? __pfx_kthread+0x10/0x10 [ 16.455399] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.455430] ? calculate_sigpending+0x7b/0xa0 [ 16.455454] ? __pfx_kthread+0x10/0x10 [ 16.455472] ret_from_fork+0x41/0x80 [ 16.455494] ? __pfx_kthread+0x10/0x10 [ 16.455513] ret_from_fork_asm+0x1a/0x30 [ 16.455551] </TASK> [ 16.455569] [ 16.464241] Allocated by task 301: [ 16.464567] kasan_save_stack+0x45/0x70 [ 16.464865] kasan_save_track+0x18/0x40 [ 16.465066] kasan_save_alloc_info+0x3b/0x50 [ 16.465390] __kasan_kmalloc+0xb7/0xc0 [ 16.465575] __kmalloc_cache_noprof+0x189/0x420 [ 16.465782] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.465996] kunit_try_run_case+0x1a5/0x480 [ 16.466310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.466729] kthread+0x337/0x6f0 [ 16.466998] ret_from_fork+0x41/0x80 [ 16.467323] ret_from_fork_asm+0x1a/0x30 [ 16.467665] [ 16.468447] The buggy address belongs to the object at ffff888102d97d00 [ 16.468447] which belongs to the cache kmalloc-128 of size 128 [ 16.469342] The buggy address is located 0 bytes to the right of [ 16.469342] allocated 120-byte region [ffff888102d97d00, ffff888102d97d78) [ 16.470435] [ 16.470569] The buggy address belongs to the physical page: [ 16.471005] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 16.471706] flags: 0x200000000000000(node=0|zone=2) [ 16.471928] page_type: f5(slab) [ 16.472095] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.472344] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.472806] page dumped because: kasan: bad access detected [ 16.473178] [ 16.473334] Memory state around the buggy address: [ 16.473904] ffff888102d97c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.475309] ffff888102d97c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.475676] >ffff888102d97d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.475920] ^ [ 16.476144] ffff888102d97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.476380] ffff888102d97e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.477156] ================================================================== [ 16.419589] ================================================================== [ 16.420247] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 16.420968] Read of size 8 at addr ffff888102d97d78 by task kunit_try_catch/301 [ 16.421392] [ 16.421601] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.421698] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.421722] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.421764] Call Trace: [ 16.421792] <TASK> [ 16.421828] dump_stack_lvl+0x73/0xb0 [ 16.421951] print_report+0xd1/0x650 [ 16.422003] ? __virt_addr_valid+0x1db/0x2d0 [ 16.422051] ? copy_to_kernel_nofault+0x225/0x260 [ 16.422090] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.422171] ? copy_to_kernel_nofault+0x225/0x260 [ 16.422218] kasan_report+0x141/0x180 [ 16.422261] ? copy_to_kernel_nofault+0x225/0x260 [ 16.422313] __asan_report_load8_noabort+0x18/0x20 [ 16.422356] copy_to_kernel_nofault+0x225/0x260 [ 16.422463] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 16.422516] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 16.422564] ? finish_task_switch.isra.0+0x153/0x700 [ 16.422607] ? __schedule+0x10cc/0x2b60 [ 16.422665] ? trace_hardirqs_on+0x37/0xe0 [ 16.422708] ? __pfx_read_tsc+0x10/0x10 [ 16.422732] ? ktime_get_ts64+0x86/0x230 [ 16.422762] kunit_try_run_case+0x1a5/0x480 [ 16.422791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.422814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.422840] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.422864] ? __kthread_parkme+0x82/0x180 [ 16.422889] ? preempt_count_sub+0x50/0x80 [ 16.422915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.422940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.422965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.422988] kthread+0x337/0x6f0 [ 16.423006] ? trace_preempt_on+0x20/0xc0 [ 16.423030] ? __pfx_kthread+0x10/0x10 [ 16.423048] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.423070] ? calculate_sigpending+0x7b/0xa0 [ 16.423093] ? __pfx_kthread+0x10/0x10 [ 16.423111] ret_from_fork+0x41/0x80 [ 16.423132] ? __pfx_kthread+0x10/0x10 [ 16.423150] ret_from_fork_asm+0x1a/0x30 [ 16.423181] </TASK> [ 16.423195] [ 16.434965] Allocated by task 301: [ 16.435540] kasan_save_stack+0x45/0x70 [ 16.436107] kasan_save_track+0x18/0x40 [ 16.436265] kasan_save_alloc_info+0x3b/0x50 [ 16.437274] __kasan_kmalloc+0xb7/0xc0 [ 16.437446] __kmalloc_cache_noprof+0x189/0x420 [ 16.437754] copy_to_kernel_nofault_oob+0x12f/0x560 [ 16.438716] kunit_try_run_case+0x1a5/0x480 [ 16.438940] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.439118] kthread+0x337/0x6f0 [ 16.439721] ret_from_fork+0x41/0x80 [ 16.440118] ret_from_fork_asm+0x1a/0x30 [ 16.440525] [ 16.440666] The buggy address belongs to the object at ffff888102d97d00 [ 16.440666] which belongs to the cache kmalloc-128 of size 128 [ 16.441596] The buggy address is located 0 bytes to the right of [ 16.441596] allocated 120-byte region [ffff888102d97d00, ffff888102d97d78) [ 16.442612] [ 16.442741] The buggy address belongs to the physical page: [ 16.443817] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 16.444520] flags: 0x200000000000000(node=0|zone=2) [ 16.445045] page_type: f5(slab) [ 16.445726] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.445987] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.446283] page dumped because: kasan: bad access detected [ 16.446565] [ 16.446674] Memory state around the buggy address: [ 16.446844] ffff888102d97c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.447480] ffff888102d97c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.448405] >ffff888102d97d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.448610] ^ [ 16.448802] ffff888102d97d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449707] ffff888102d97e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.449957] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.714213] ================================================================== [ 14.715001] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 14.715908] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.716909] [ 14.717100] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.717175] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.717189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.717214] Call Trace: [ 14.717241] <TASK> [ 14.717267] dump_stack_lvl+0x73/0xb0 [ 14.717486] print_report+0xd1/0x650 [ 14.717551] ? __virt_addr_valid+0x1db/0x2d0 [ 14.717593] ? kasan_atomics_helper+0x3df/0x5450 [ 14.717658] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.717684] ? kasan_atomics_helper+0x3df/0x5450 [ 14.717706] kasan_report+0x141/0x180 [ 14.717729] ? kasan_atomics_helper+0x3df/0x5450 [ 14.717754] kasan_check_range+0x10c/0x1c0 [ 14.717775] __kasan_check_read+0x15/0x20 [ 14.717794] kasan_atomics_helper+0x3df/0x5450 [ 14.717816] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.717838] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.717859] ? kasan_atomics+0x152/0x310 [ 14.717882] kasan_atomics+0x1dc/0x310 [ 14.717900] ? __pfx_kasan_atomics+0x10/0x10 [ 14.717921] ? __pfx_read_tsc+0x10/0x10 [ 14.717942] ? ktime_get_ts64+0x86/0x230 [ 14.717984] kunit_try_run_case+0x1a5/0x480 [ 14.718011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718033] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.718058] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.718082] ? __kthread_parkme+0x82/0x180 [ 14.718106] ? preempt_count_sub+0x50/0x80 [ 14.718130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.718153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.718177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.718200] kthread+0x337/0x6f0 [ 14.718217] ? trace_preempt_on+0x20/0xc0 [ 14.718242] ? __pfx_kthread+0x10/0x10 [ 14.718261] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.718287] ? calculate_sigpending+0x7b/0xa0 [ 14.718374] ? __pfx_kthread+0x10/0x10 [ 14.718405] ret_from_fork+0x41/0x80 [ 14.718428] ? __pfx_kthread+0x10/0x10 [ 14.718447] ret_from_fork_asm+0x1a/0x30 [ 14.718479] </TASK> [ 14.718493] [ 14.729736] Allocated by task 285: [ 14.729976] kasan_save_stack+0x45/0x70 [ 14.730341] kasan_save_track+0x18/0x40 [ 14.730614] kasan_save_alloc_info+0x3b/0x50 [ 14.731066] __kasan_kmalloc+0xb7/0xc0 [ 14.732091] __kmalloc_cache_noprof+0x189/0x420 [ 14.732582] kasan_atomics+0x95/0x310 [ 14.732921] kunit_try_run_case+0x1a5/0x480 [ 14.733204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.733784] kthread+0x337/0x6f0 [ 14.733990] ret_from_fork+0x41/0x80 [ 14.734258] ret_from_fork_asm+0x1a/0x30 [ 14.734772] [ 14.734944] The buggy address belongs to the object at ffff8881029ef680 [ 14.734944] which belongs to the cache kmalloc-64 of size 64 [ 14.735678] The buggy address is located 0 bytes to the right of [ 14.735678] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.736663] [ 14.736989] The buggy address belongs to the physical page: [ 14.737352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.737866] flags: 0x200000000000000(node=0|zone=2) [ 14.738405] page_type: f5(slab) [ 14.738682] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.738903] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.739460] page dumped because: kasan: bad access detected [ 14.739849] [ 14.740026] Memory state around the buggy address: [ 14.740309] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.740923] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.741489] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.741909] ^ [ 14.742186] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.742569] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.743002] ================================================================== [ 15.661509] ================================================================== [ 15.662445] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 15.663087] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.663390] [ 15.663528] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.663635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.663665] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.663705] Call Trace: [ 15.663743] <TASK> [ 15.663775] dump_stack_lvl+0x73/0xb0 [ 15.663819] print_report+0xd1/0x650 [ 15.663852] ? __virt_addr_valid+0x1db/0x2d0 [ 15.663884] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.663906] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.663934] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.663964] kasan_report+0x141/0x180 [ 15.663987] ? kasan_atomics_helper+0x50d4/0x5450 [ 15.664012] __asan_report_store8_noabort+0x1b/0x30 [ 15.664033] kasan_atomics_helper+0x50d4/0x5450 [ 15.664055] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.664076] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.664098] ? kasan_atomics+0x152/0x310 [ 15.664121] kasan_atomics+0x1dc/0x310 [ 15.664140] ? __pfx_kasan_atomics+0x10/0x10 [ 15.664160] ? __pfx_read_tsc+0x10/0x10 [ 15.664180] ? ktime_get_ts64+0x86/0x230 [ 15.664205] kunit_try_run_case+0x1a5/0x480 [ 15.664230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.664250] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.664274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.664296] ? __kthread_parkme+0x82/0x180 [ 15.664317] ? preempt_count_sub+0x50/0x80 [ 15.664341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.664363] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.664385] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.664407] kthread+0x337/0x6f0 [ 15.664424] ? trace_preempt_on+0x20/0xc0 [ 15.664447] ? __pfx_kthread+0x10/0x10 [ 15.664465] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.664485] ? calculate_sigpending+0x7b/0xa0 [ 15.664506] ? __pfx_kthread+0x10/0x10 [ 15.664527] ret_from_fork+0x41/0x80 [ 15.664798] ? __pfx_kthread+0x10/0x10 [ 15.664860] ret_from_fork_asm+0x1a/0x30 [ 15.664925] </TASK> [ 15.664952] [ 15.676703] Allocated by task 285: [ 15.677273] kasan_save_stack+0x45/0x70 [ 15.677542] kasan_save_track+0x18/0x40 [ 15.677739] kasan_save_alloc_info+0x3b/0x50 [ 15.678044] __kasan_kmalloc+0xb7/0xc0 [ 15.678275] __kmalloc_cache_noprof+0x189/0x420 [ 15.678526] kasan_atomics+0x95/0x310 [ 15.679157] kunit_try_run_case+0x1a5/0x480 [ 15.679340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.680002] kthread+0x337/0x6f0 [ 15.680370] ret_from_fork+0x41/0x80 [ 15.680597] ret_from_fork_asm+0x1a/0x30 [ 15.681010] [ 15.681191] The buggy address belongs to the object at ffff8881029ef680 [ 15.681191] which belongs to the cache kmalloc-64 of size 64 [ 15.682071] The buggy address is located 0 bytes to the right of [ 15.682071] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.682853] [ 15.682968] The buggy address belongs to the physical page: [ 15.683164] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.683839] flags: 0x200000000000000(node=0|zone=2) [ 15.684061] page_type: f5(slab) [ 15.684245] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.684562] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.684867] page dumped because: kasan: bad access detected [ 15.685095] [ 15.685195] Memory state around the buggy address: [ 15.685401] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.685753] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.686006] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.686238] ^ [ 15.686466] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.686901] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.687136] ================================================================== [ 16.052747] ================================================================== [ 16.053319] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 16.053732] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.054243] [ 16.054495] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.054601] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.054644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.054688] Call Trace: [ 16.054738] <TASK> [ 16.054782] dump_stack_lvl+0x73/0xb0 [ 16.054869] print_report+0xd1/0x650 [ 16.054922] ? __virt_addr_valid+0x1db/0x2d0 [ 16.054967] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.055013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.055059] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.055101] kasan_report+0x141/0x180 [ 16.055138] ? kasan_atomics_helper+0x1d7a/0x5450 [ 16.055182] kasan_check_range+0x10c/0x1c0 [ 16.055224] __kasan_check_write+0x18/0x20 [ 16.055261] kasan_atomics_helper+0x1d7a/0x5450 [ 16.055316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.055376] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.055418] ? kasan_atomics+0x152/0x310 [ 16.055466] kasan_atomics+0x1dc/0x310 [ 16.055514] ? __pfx_kasan_atomics+0x10/0x10 [ 16.055582] ? __pfx_read_tsc+0x10/0x10 [ 16.055640] ? ktime_get_ts64+0x86/0x230 [ 16.055690] kunit_try_run_case+0x1a5/0x480 [ 16.055739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.055779] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.055829] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.055870] ? __kthread_parkme+0x82/0x180 [ 16.055911] ? preempt_count_sub+0x50/0x80 [ 16.055960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.056005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.056050] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.056089] kthread+0x337/0x6f0 [ 16.056118] ? trace_preempt_on+0x20/0xc0 [ 16.056161] ? __pfx_kthread+0x10/0x10 [ 16.056199] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.056243] ? calculate_sigpending+0x7b/0xa0 [ 16.056287] ? __pfx_kthread+0x10/0x10 [ 16.056326] ret_from_fork+0x41/0x80 [ 16.056368] ? __pfx_kthread+0x10/0x10 [ 16.056407] ret_from_fork_asm+0x1a/0x30 [ 16.056465] </TASK> [ 16.056483] [ 16.065023] Allocated by task 285: [ 16.065361] kasan_save_stack+0x45/0x70 [ 16.065774] kasan_save_track+0x18/0x40 [ 16.065990] kasan_save_alloc_info+0x3b/0x50 [ 16.066266] __kasan_kmalloc+0xb7/0xc0 [ 16.066501] __kmalloc_cache_noprof+0x189/0x420 [ 16.066803] kasan_atomics+0x95/0x310 [ 16.066963] kunit_try_run_case+0x1a5/0x480 [ 16.067142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.067397] kthread+0x337/0x6f0 [ 16.067656] ret_from_fork+0x41/0x80 [ 16.068004] ret_from_fork_asm+0x1a/0x30 [ 16.068400] [ 16.068593] The buggy address belongs to the object at ffff8881029ef680 [ 16.068593] which belongs to the cache kmalloc-64 of size 64 [ 16.069010] The buggy address is located 0 bytes to the right of [ 16.069010] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.069537] [ 16.069717] The buggy address belongs to the physical page: [ 16.070150] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.070412] flags: 0x200000000000000(node=0|zone=2) [ 16.070679] page_type: f5(slab) [ 16.070968] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.071561] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.071748] page dumped because: kasan: bad access detected [ 16.071882] [ 16.071982] Memory state around the buggy address: [ 16.072318] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.072796] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.073136] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.073447] ^ [ 16.073892] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.074190] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.074437] ================================================================== [ 16.181781] ================================================================== [ 16.182096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 16.183180] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.184485] [ 16.184894] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.185005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.185029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.185077] Call Trace: [ 16.185123] <TASK> [ 16.185162] dump_stack_lvl+0x73/0xb0 [ 16.185229] print_report+0xd1/0x650 [ 16.185276] ? __virt_addr_valid+0x1db/0x2d0 [ 16.185308] ? kasan_atomics_helper+0x2006/0x5450 [ 16.185330] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.185352] ? kasan_atomics_helper+0x2006/0x5450 [ 16.185373] kasan_report+0x141/0x180 [ 16.185395] ? kasan_atomics_helper+0x2006/0x5450 [ 16.185421] kasan_check_range+0x10c/0x1c0 [ 16.185448] __kasan_check_write+0x18/0x20 [ 16.185479] kasan_atomics_helper+0x2006/0x5450 [ 16.185501] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.185523] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.185568] ? kasan_atomics+0x152/0x310 [ 16.185592] kasan_atomics+0x1dc/0x310 [ 16.185610] ? __pfx_kasan_atomics+0x10/0x10 [ 16.185649] ? __pfx_read_tsc+0x10/0x10 [ 16.185671] ? ktime_get_ts64+0x86/0x230 [ 16.185696] kunit_try_run_case+0x1a5/0x480 [ 16.185722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185743] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.185765] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.185788] ? __kthread_parkme+0x82/0x180 [ 16.185810] ? preempt_count_sub+0x50/0x80 [ 16.185834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.185856] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.185878] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.185900] kthread+0x337/0x6f0 [ 16.185918] ? trace_preempt_on+0x20/0xc0 [ 16.185951] ? __pfx_kthread+0x10/0x10 [ 16.185975] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.185997] ? calculate_sigpending+0x7b/0xa0 [ 16.186020] ? __pfx_kthread+0x10/0x10 [ 16.186039] ret_from_fork+0x41/0x80 [ 16.186061] ? __pfx_kthread+0x10/0x10 [ 16.186080] ret_from_fork_asm+0x1a/0x30 [ 16.186112] </TASK> [ 16.186126] [ 16.194144] Allocated by task 285: [ 16.194481] kasan_save_stack+0x45/0x70 [ 16.194839] kasan_save_track+0x18/0x40 [ 16.195055] kasan_save_alloc_info+0x3b/0x50 [ 16.195236] __kasan_kmalloc+0xb7/0xc0 [ 16.195512] __kmalloc_cache_noprof+0x189/0x420 [ 16.195826] kasan_atomics+0x95/0x310 [ 16.196095] kunit_try_run_case+0x1a5/0x480 [ 16.196331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.196566] kthread+0x337/0x6f0 [ 16.196830] ret_from_fork+0x41/0x80 [ 16.197024] ret_from_fork_asm+0x1a/0x30 [ 16.197231] [ 16.197376] The buggy address belongs to the object at ffff8881029ef680 [ 16.197376] which belongs to the cache kmalloc-64 of size 64 [ 16.198019] The buggy address is located 0 bytes to the right of [ 16.198019] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.198432] [ 16.198603] The buggy address belongs to the physical page: [ 16.198959] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.199294] flags: 0x200000000000000(node=0|zone=2) [ 16.199550] page_type: f5(slab) [ 16.199819] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.200076] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.200327] page dumped because: kasan: bad access detected [ 16.200519] [ 16.200693] Memory state around the buggy address: [ 16.201014] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.201454] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.201948] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.202615] ^ [ 16.202967] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203420] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.203996] ================================================================== [ 15.900607] ================================================================== [ 15.900936] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 15.901506] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.901862] [ 15.902076] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.902176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.902202] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.902242] Call Trace: [ 15.902289] <TASK> [ 15.902331] dump_stack_lvl+0x73/0xb0 [ 15.902375] print_report+0xd1/0x650 [ 15.902400] ? __virt_addr_valid+0x1db/0x2d0 [ 15.902431] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.902452] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.902479] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.902516] kasan_report+0x141/0x180 [ 15.902596] ? kasan_atomics_helper+0x19e3/0x5450 [ 15.902658] kasan_check_range+0x10c/0x1c0 [ 15.902699] __kasan_check_write+0x18/0x20 [ 15.902735] kasan_atomics_helper+0x19e3/0x5450 [ 15.902778] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.902824] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.902863] ? kasan_atomics+0x152/0x310 [ 15.902911] kasan_atomics+0x1dc/0x310 [ 15.902952] ? __pfx_kasan_atomics+0x10/0x10 [ 15.902999] ? __pfx_read_tsc+0x10/0x10 [ 15.903036] ? ktime_get_ts64+0x86/0x230 [ 15.903082] kunit_try_run_case+0x1a5/0x480 [ 15.903130] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.903221] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.903270] ? __kthread_parkme+0x82/0x180 [ 15.903312] ? preempt_count_sub+0x50/0x80 [ 15.903365] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.903411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.903451] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.903474] kthread+0x337/0x6f0 [ 15.903493] ? trace_preempt_on+0x20/0xc0 [ 15.903516] ? __pfx_kthread+0x10/0x10 [ 15.903533] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.903577] ? calculate_sigpending+0x7b/0xa0 [ 15.903599] ? __pfx_kthread+0x10/0x10 [ 15.903617] ret_from_fork+0x41/0x80 [ 15.903655] ? __pfx_kthread+0x10/0x10 [ 15.903674] ret_from_fork_asm+0x1a/0x30 [ 15.903705] </TASK> [ 15.903719] [ 15.911938] Allocated by task 285: [ 15.912150] kasan_save_stack+0x45/0x70 [ 15.912370] kasan_save_track+0x18/0x40 [ 15.912702] kasan_save_alloc_info+0x3b/0x50 [ 15.913002] __kasan_kmalloc+0xb7/0xc0 [ 15.913289] __kmalloc_cache_noprof+0x189/0x420 [ 15.913650] kasan_atomics+0x95/0x310 [ 15.913972] kunit_try_run_case+0x1a5/0x480 [ 15.914279] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.914595] kthread+0x337/0x6f0 [ 15.914853] ret_from_fork+0x41/0x80 [ 15.915106] ret_from_fork_asm+0x1a/0x30 [ 15.915378] [ 15.915488] The buggy address belongs to the object at ffff8881029ef680 [ 15.915488] which belongs to the cache kmalloc-64 of size 64 [ 15.915879] The buggy address is located 0 bytes to the right of [ 15.915879] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.916266] [ 15.916379] The buggy address belongs to the physical page: [ 15.916631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.916899] flags: 0x200000000000000(node=0|zone=2) [ 15.917256] page_type: f5(slab) [ 15.917573] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.918115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.918668] page dumped because: kasan: bad access detected [ 15.919040] [ 15.919195] Memory state around the buggy address: [ 15.919518] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.920014] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.920479] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.920979] ^ [ 15.921325] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.921671] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.921917] ================================================================== [ 16.228099] ================================================================== [ 16.228438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 16.228745] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.228993] [ 16.229133] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.229230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.229256] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.229301] Call Trace: [ 16.229345] <TASK> [ 16.229387] dump_stack_lvl+0x73/0xb0 [ 16.229440] print_report+0xd1/0x650 [ 16.229490] ? __virt_addr_valid+0x1db/0x2d0 [ 16.229535] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.229581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.229649] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.229689] kasan_report+0x141/0x180 [ 16.229726] ? kasan_atomics_helper+0x20c8/0x5450 [ 16.229770] kasan_check_range+0x10c/0x1c0 [ 16.229809] __kasan_check_write+0x18/0x20 [ 16.229845] kasan_atomics_helper+0x20c8/0x5450 [ 16.229892] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.229936] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.229992] ? kasan_atomics+0x152/0x310 [ 16.230045] kasan_atomics+0x1dc/0x310 [ 16.230092] ? __pfx_kasan_atomics+0x10/0x10 [ 16.230138] ? __pfx_read_tsc+0x10/0x10 [ 16.230180] ? ktime_get_ts64+0x86/0x230 [ 16.230234] kunit_try_run_case+0x1a5/0x480 [ 16.230289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230336] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.230387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.230438] ? __kthread_parkme+0x82/0x180 [ 16.230487] ? preempt_count_sub+0x50/0x80 [ 16.230539] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.230588] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.230654] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.230707] kthread+0x337/0x6f0 [ 16.230752] ? trace_preempt_on+0x20/0xc0 [ 16.230803] ? __pfx_kthread+0x10/0x10 [ 16.230846] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.230894] ? calculate_sigpending+0x7b/0xa0 [ 16.230944] ? __pfx_kthread+0x10/0x10 [ 16.230987] ret_from_fork+0x41/0x80 [ 16.231031] ? __pfx_kthread+0x10/0x10 [ 16.231074] ret_from_fork_asm+0x1a/0x30 [ 16.231142] </TASK> [ 16.231171] [ 16.239971] Allocated by task 285: [ 16.240192] kasan_save_stack+0x45/0x70 [ 16.240487] kasan_save_track+0x18/0x40 [ 16.240810] kasan_save_alloc_info+0x3b/0x50 [ 16.241119] __kasan_kmalloc+0xb7/0xc0 [ 16.241380] __kmalloc_cache_noprof+0x189/0x420 [ 16.241749] kasan_atomics+0x95/0x310 [ 16.242028] kunit_try_run_case+0x1a5/0x480 [ 16.242266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.242528] kthread+0x337/0x6f0 [ 16.242809] ret_from_fork+0x41/0x80 [ 16.243047] ret_from_fork_asm+0x1a/0x30 [ 16.243241] [ 16.243346] The buggy address belongs to the object at ffff8881029ef680 [ 16.243346] which belongs to the cache kmalloc-64 of size 64 [ 16.244063] The buggy address is located 0 bytes to the right of [ 16.244063] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.244491] [ 16.244655] The buggy address belongs to the physical page: [ 16.245033] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.245430] flags: 0x200000000000000(node=0|zone=2) [ 16.245873] page_type: f5(slab) [ 16.246041] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.246304] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.246558] page dumped because: kasan: bad access detected [ 16.246938] [ 16.247096] Memory state around the buggy address: [ 16.247502] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.248000] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.248471] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.249004] ^ [ 16.249215] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.249518] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.249851] ================================================================== [ 15.156507] ================================================================== [ 15.156889] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 15.157448] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.157897] [ 15.158105] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.158230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.158264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.158340] Call Trace: [ 15.158383] <TASK> [ 15.158419] dump_stack_lvl+0x73/0xb0 [ 15.158468] print_report+0xd1/0x650 [ 15.158503] ? __virt_addr_valid+0x1db/0x2d0 [ 15.158532] ? kasan_atomics_helper+0xc70/0x5450 [ 15.158582] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.158613] ? kasan_atomics_helper+0xc70/0x5450 [ 15.158661] kasan_report+0x141/0x180 [ 15.158693] ? kasan_atomics_helper+0xc70/0x5450 [ 15.158729] kasan_check_range+0x10c/0x1c0 [ 15.158759] __kasan_check_write+0x18/0x20 [ 15.158788] kasan_atomics_helper+0xc70/0x5450 [ 15.158832] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.158871] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.158924] ? kasan_atomics+0x152/0x310 [ 15.158974] kasan_atomics+0x1dc/0x310 [ 15.159018] ? __pfx_kasan_atomics+0x10/0x10 [ 15.159060] ? __pfx_read_tsc+0x10/0x10 [ 15.159100] ? ktime_get_ts64+0x86/0x230 [ 15.159150] kunit_try_run_case+0x1a5/0x480 [ 15.159201] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159245] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.159305] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.159354] ? __kthread_parkme+0x82/0x180 [ 15.159391] ? preempt_count_sub+0x50/0x80 [ 15.159430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.159472] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.159564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.159657] kthread+0x337/0x6f0 [ 15.159695] ? trace_preempt_on+0x20/0xc0 [ 15.159748] ? __pfx_kthread+0x10/0x10 [ 15.159784] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.159831] ? calculate_sigpending+0x7b/0xa0 [ 15.159877] ? __pfx_kthread+0x10/0x10 [ 15.159911] ret_from_fork+0x41/0x80 [ 15.159934] ? __pfx_kthread+0x10/0x10 [ 15.159953] ret_from_fork_asm+0x1a/0x30 [ 15.159984] </TASK> [ 15.159997] [ 15.169251] Allocated by task 285: [ 15.169485] kasan_save_stack+0x45/0x70 [ 15.169872] kasan_save_track+0x18/0x40 [ 15.170247] kasan_save_alloc_info+0x3b/0x50 [ 15.170696] __kasan_kmalloc+0xb7/0xc0 [ 15.170987] __kmalloc_cache_noprof+0x189/0x420 [ 15.171334] kasan_atomics+0x95/0x310 [ 15.171666] kunit_try_run_case+0x1a5/0x480 [ 15.171951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.172356] kthread+0x337/0x6f0 [ 15.172617] ret_from_fork+0x41/0x80 [ 15.172908] ret_from_fork_asm+0x1a/0x30 [ 15.173258] [ 15.173401] The buggy address belongs to the object at ffff8881029ef680 [ 15.173401] which belongs to the cache kmalloc-64 of size 64 [ 15.174073] The buggy address is located 0 bytes to the right of [ 15.174073] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.174503] [ 15.174664] The buggy address belongs to the physical page: [ 15.175121] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.175869] flags: 0x200000000000000(node=0|zone=2) [ 15.176249] page_type: f5(slab) [ 15.176531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.177145] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.177748] page dumped because: kasan: bad access detected [ 15.178001] [ 15.178180] Memory state around the buggy address: [ 15.178490] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178753] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.178991] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.179372] ^ [ 15.179727] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180198] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.180762] ================================================================== [ 15.182576] ================================================================== [ 15.183027] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 15.183649] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.184191] [ 15.184442] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.184610] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.184657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.184701] Call Trace: [ 15.184772] <TASK> [ 15.184826] dump_stack_lvl+0x73/0xb0 [ 15.184889] print_report+0xd1/0x650 [ 15.184918] ? __virt_addr_valid+0x1db/0x2d0 [ 15.184941] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.184962] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.184992] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.185028] kasan_report+0x141/0x180 [ 15.185069] ? kasan_atomics_helper+0x4a84/0x5450 [ 15.185137] __asan_report_load4_noabort+0x18/0x20 [ 15.185180] kasan_atomics_helper+0x4a84/0x5450 [ 15.185227] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.185270] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.185313] ? kasan_atomics+0x152/0x310 [ 15.185379] kasan_atomics+0x1dc/0x310 [ 15.185422] ? __pfx_kasan_atomics+0x10/0x10 [ 15.185461] ? __pfx_read_tsc+0x10/0x10 [ 15.185497] ? ktime_get_ts64+0x86/0x230 [ 15.185533] kunit_try_run_case+0x1a5/0x480 [ 15.185581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.185603] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.185645] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.185670] ? __kthread_parkme+0x82/0x180 [ 15.185693] ? preempt_count_sub+0x50/0x80 [ 15.185718] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.185740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.185763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.185785] kthread+0x337/0x6f0 [ 15.185803] ? trace_preempt_on+0x20/0xc0 [ 15.185827] ? __pfx_kthread+0x10/0x10 [ 15.185845] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.185866] ? calculate_sigpending+0x7b/0xa0 [ 15.185888] ? __pfx_kthread+0x10/0x10 [ 15.185906] ret_from_fork+0x41/0x80 [ 15.185927] ? __pfx_kthread+0x10/0x10 [ 15.185955] ret_from_fork_asm+0x1a/0x30 [ 15.185989] </TASK> [ 15.186005] [ 15.195887] Allocated by task 285: [ 15.196371] kasan_save_stack+0x45/0x70 [ 15.197223] kasan_save_track+0x18/0x40 [ 15.197652] kasan_save_alloc_info+0x3b/0x50 [ 15.198010] __kasan_kmalloc+0xb7/0xc0 [ 15.198248] __kmalloc_cache_noprof+0x189/0x420 [ 15.198571] kasan_atomics+0x95/0x310 [ 15.198840] kunit_try_run_case+0x1a5/0x480 [ 15.199133] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.199338] kthread+0x337/0x6f0 [ 15.199791] ret_from_fork+0x41/0x80 [ 15.200056] ret_from_fork_asm+0x1a/0x30 [ 15.200340] [ 15.200488] The buggy address belongs to the object at ffff8881029ef680 [ 15.200488] which belongs to the cache kmalloc-64 of size 64 [ 15.201212] The buggy address is located 0 bytes to the right of [ 15.201212] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.202189] [ 15.202320] The buggy address belongs to the physical page: [ 15.202668] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.203022] flags: 0x200000000000000(node=0|zone=2) [ 15.203256] page_type: f5(slab) [ 15.203521] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.203857] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.204100] page dumped because: kasan: bad access detected [ 15.204288] [ 15.204431] Memory state around the buggy address: [ 15.204868] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.205429] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.205996] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.206323] ^ [ 15.206737] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207043] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207280] ================================================================== [ 15.506105] ================================================================== [ 15.506923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 15.507402] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.507660] [ 15.507880] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.507986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.508012] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.508059] Call Trace: [ 15.508104] <TASK> [ 15.508142] dump_stack_lvl+0x73/0xb0 [ 15.508199] print_report+0xd1/0x650 [ 15.508240] ? __virt_addr_valid+0x1db/0x2d0 [ 15.508297] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.508360] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.508405] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.508462] kasan_report+0x141/0x180 [ 15.508511] ? kasan_atomics_helper+0x49e8/0x5450 [ 15.508564] __asan_report_load4_noabort+0x18/0x20 [ 15.508601] kasan_atomics_helper+0x49e8/0x5450 [ 15.508659] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.508709] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.508752] ? kasan_atomics+0x152/0x310 [ 15.508812] kasan_atomics+0x1dc/0x310 [ 15.508852] ? __pfx_kasan_atomics+0x10/0x10 [ 15.508885] ? __pfx_read_tsc+0x10/0x10 [ 15.508918] ? ktime_get_ts64+0x86/0x230 [ 15.508968] kunit_try_run_case+0x1a5/0x480 [ 15.509022] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.509068] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.509126] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.509173] ? __kthread_parkme+0x82/0x180 [ 15.509223] ? preempt_count_sub+0x50/0x80 [ 15.509274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.509333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.509374] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.509402] kthread+0x337/0x6f0 [ 15.509420] ? trace_preempt_on+0x20/0xc0 [ 15.509444] ? __pfx_kthread+0x10/0x10 [ 15.509462] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.509482] ? calculate_sigpending+0x7b/0xa0 [ 15.509503] ? __pfx_kthread+0x10/0x10 [ 15.509521] ret_from_fork+0x41/0x80 [ 15.509544] ? __pfx_kthread+0x10/0x10 [ 15.509572] ret_from_fork_asm+0x1a/0x30 [ 15.509602] </TASK> [ 15.509615] [ 15.518620] Allocated by task 285: [ 15.518988] kasan_save_stack+0x45/0x70 [ 15.519225] kasan_save_track+0x18/0x40 [ 15.519401] kasan_save_alloc_info+0x3b/0x50 [ 15.519573] __kasan_kmalloc+0xb7/0xc0 [ 15.519867] __kmalloc_cache_noprof+0x189/0x420 [ 15.520221] kasan_atomics+0x95/0x310 [ 15.520602] kunit_try_run_case+0x1a5/0x480 [ 15.520951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.521308] kthread+0x337/0x6f0 [ 15.521477] ret_from_fork+0x41/0x80 [ 15.522027] ret_from_fork_asm+0x1a/0x30 [ 15.523234] [ 15.523341] The buggy address belongs to the object at ffff8881029ef680 [ 15.523341] which belongs to the cache kmalloc-64 of size 64 [ 15.524007] The buggy address is located 0 bytes to the right of [ 15.524007] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.524635] [ 15.524767] The buggy address belongs to the physical page: [ 15.525074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.525464] flags: 0x200000000000000(node=0|zone=2) [ 15.525680] page_type: f5(slab) [ 15.525854] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.526185] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.526791] page dumped because: kasan: bad access detected [ 15.527319] [ 15.527421] Memory state around the buggy address: [ 15.527653] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.528117] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.528429] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.528901] ^ [ 15.529172] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.529408] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.529782] ================================================================== [ 15.374941] ================================================================== [ 15.375818] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 15.376357] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.376779] [ 15.376949] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.377049] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.377074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.377116] Call Trace: [ 15.377181] <TASK> [ 15.377220] dump_stack_lvl+0x73/0xb0 [ 15.377281] print_report+0xd1/0x650 [ 15.377331] ? __virt_addr_valid+0x1db/0x2d0 [ 15.377374] ? kasan_atomics_helper+0x1079/0x5450 [ 15.377435] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.377483] ? kasan_atomics_helper+0x1079/0x5450 [ 15.377535] kasan_report+0x141/0x180 [ 15.377615] ? kasan_atomics_helper+0x1079/0x5450 [ 15.377686] kasan_check_range+0x10c/0x1c0 [ 15.377733] __kasan_check_write+0x18/0x20 [ 15.377769] kasan_atomics_helper+0x1079/0x5450 [ 15.377803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.377833] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.377862] ? kasan_atomics+0x152/0x310 [ 15.377893] kasan_atomics+0x1dc/0x310 [ 15.377918] ? __pfx_kasan_atomics+0x10/0x10 [ 15.377940] ? __pfx_read_tsc+0x10/0x10 [ 15.377971] ? ktime_get_ts64+0x86/0x230 [ 15.377998] kunit_try_run_case+0x1a5/0x480 [ 15.378025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.378049] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.378075] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.378098] ? __kthread_parkme+0x82/0x180 [ 15.378121] ? preempt_count_sub+0x50/0x80 [ 15.378147] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.378171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.378195] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.378217] kthread+0x337/0x6f0 [ 15.378235] ? trace_preempt_on+0x20/0xc0 [ 15.378258] ? __pfx_kthread+0x10/0x10 [ 15.378277] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.378298] ? calculate_sigpending+0x7b/0xa0 [ 15.378319] ? __pfx_kthread+0x10/0x10 [ 15.378337] ret_from_fork+0x41/0x80 [ 15.378357] ? __pfx_kthread+0x10/0x10 [ 15.378374] ret_from_fork_asm+0x1a/0x30 [ 15.378404] </TASK> [ 15.378419] [ 15.387764] Allocated by task 285: [ 15.388171] kasan_save_stack+0x45/0x70 [ 15.388435] kasan_save_track+0x18/0x40 [ 15.388829] kasan_save_alloc_info+0x3b/0x50 [ 15.389015] __kasan_kmalloc+0xb7/0xc0 [ 15.389305] __kmalloc_cache_noprof+0x189/0x420 [ 15.389716] kasan_atomics+0x95/0x310 [ 15.390088] kunit_try_run_case+0x1a5/0x480 [ 15.390288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.390637] kthread+0x337/0x6f0 [ 15.390911] ret_from_fork+0x41/0x80 [ 15.391230] ret_from_fork_asm+0x1a/0x30 [ 15.391634] [ 15.391798] The buggy address belongs to the object at ffff8881029ef680 [ 15.391798] which belongs to the cache kmalloc-64 of size 64 [ 15.392255] The buggy address is located 0 bytes to the right of [ 15.392255] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.392460] [ 15.392515] The buggy address belongs to the physical page: [ 15.392761] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.393295] flags: 0x200000000000000(node=0|zone=2) [ 15.393601] page_type: f5(slab) [ 15.393796] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.394141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.394537] page dumped because: kasan: bad access detected [ 15.395078] [ 15.395511] Memory state around the buggy address: [ 15.395956] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.396455] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.396999] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.397433] ^ [ 15.398080] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.398393] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.399216] ================================================================== [ 15.765573] ================================================================== [ 15.766163] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 15.766745] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.769008] [ 15.769235] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.769324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.769344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.769381] Call Trace: [ 15.769420] <TASK> [ 15.769455] dump_stack_lvl+0x73/0xb0 [ 15.769506] print_report+0xd1/0x650 [ 15.769539] ? __virt_addr_valid+0x1db/0x2d0 [ 15.769572] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.769601] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.769648] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.769685] kasan_report+0x141/0x180 [ 15.769724] ? kasan_atomics_helper+0x16e7/0x5450 [ 15.769775] kasan_check_range+0x10c/0x1c0 [ 15.769811] __kasan_check_write+0x18/0x20 [ 15.769838] kasan_atomics_helper+0x16e7/0x5450 [ 15.769868] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.769894] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.769915] ? kasan_atomics+0x152/0x310 [ 15.769939] kasan_atomics+0x1dc/0x310 [ 15.769986] ? __pfx_kasan_atomics+0x10/0x10 [ 15.770033] ? __pfx_read_tsc+0x10/0x10 [ 15.770085] ? ktime_get_ts64+0x86/0x230 [ 15.770134] kunit_try_run_case+0x1a5/0x480 [ 15.770183] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.770226] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.770259] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.770282] ? __kthread_parkme+0x82/0x180 [ 15.770305] ? preempt_count_sub+0x50/0x80 [ 15.770330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.770353] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.770376] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.770399] kthread+0x337/0x6f0 [ 15.770416] ? trace_preempt_on+0x20/0xc0 [ 15.770440] ? __pfx_kthread+0x10/0x10 [ 15.770458] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.770479] ? calculate_sigpending+0x7b/0xa0 [ 15.770501] ? __pfx_kthread+0x10/0x10 [ 15.770519] ret_from_fork+0x41/0x80 [ 15.770568] ? __pfx_kthread+0x10/0x10 [ 15.770591] ret_from_fork_asm+0x1a/0x30 [ 15.770637] </TASK> [ 15.770654] [ 15.780295] Allocated by task 285: [ 15.780687] kasan_save_stack+0x45/0x70 [ 15.781103] kasan_save_track+0x18/0x40 [ 15.781338] kasan_save_alloc_info+0x3b/0x50 [ 15.781729] __kasan_kmalloc+0xb7/0xc0 [ 15.781983] __kmalloc_cache_noprof+0x189/0x420 [ 15.782266] kasan_atomics+0x95/0x310 [ 15.782655] kunit_try_run_case+0x1a5/0x480 [ 15.782960] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.783286] kthread+0x337/0x6f0 [ 15.783605] ret_from_fork+0x41/0x80 [ 15.783913] ret_from_fork_asm+0x1a/0x30 [ 15.784204] [ 15.784336] The buggy address belongs to the object at ffff8881029ef680 [ 15.784336] which belongs to the cache kmalloc-64 of size 64 [ 15.785057] The buggy address is located 0 bytes to the right of [ 15.785057] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.785513] [ 15.785759] The buggy address belongs to the physical page: [ 15.786084] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.786664] flags: 0x200000000000000(node=0|zone=2) [ 15.787040] page_type: f5(slab) [ 15.787217] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.787469] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.788046] page dumped because: kasan: bad access detected [ 15.788435] [ 15.788680] Memory state around the buggy address: [ 15.789049] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.789583] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.789914] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.790432] ^ [ 15.790742] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.790998] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.791229] ================================================================== [ 14.590229] ================================================================== [ 14.591025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 14.591959] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.592295] [ 14.592448] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.592599] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.592641] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.592800] Call Trace: [ 14.593007] <TASK> [ 14.593057] dump_stack_lvl+0x73/0xb0 [ 14.593131] print_report+0xd1/0x650 [ 14.593158] ? __virt_addr_valid+0x1db/0x2d0 [ 14.593182] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.593203] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.593226] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.593247] kasan_report+0x141/0x180 [ 14.593267] ? kasan_atomics_helper+0x4bbc/0x5450 [ 14.593535] __asan_report_load4_noabort+0x18/0x20 [ 14.593588] kasan_atomics_helper+0x4bbc/0x5450 [ 14.593612] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.593653] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.593677] ? kasan_atomics+0x152/0x310 [ 14.593699] kasan_atomics+0x1dc/0x310 [ 14.593717] ? __pfx_kasan_atomics+0x10/0x10 [ 14.593737] ? __pfx_read_tsc+0x10/0x10 [ 14.593757] ? ktime_get_ts64+0x86/0x230 [ 14.593783] kunit_try_run_case+0x1a5/0x480 [ 14.593808] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593829] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.593854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.593876] ? __kthread_parkme+0x82/0x180 [ 14.593899] ? preempt_count_sub+0x50/0x80 [ 14.593938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.593973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.593996] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.594019] kthread+0x337/0x6f0 [ 14.594036] ? trace_preempt_on+0x20/0xc0 [ 14.594061] ? __pfx_kthread+0x10/0x10 [ 14.594079] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.594099] ? calculate_sigpending+0x7b/0xa0 [ 14.594121] ? __pfx_kthread+0x10/0x10 [ 14.594138] ret_from_fork+0x41/0x80 [ 14.594157] ? __pfx_kthread+0x10/0x10 [ 14.594175] ret_from_fork_asm+0x1a/0x30 [ 14.594206] </TASK> [ 14.594219] [ 14.608950] Allocated by task 285: [ 14.609235] kasan_save_stack+0x45/0x70 [ 14.609437] kasan_save_track+0x18/0x40 [ 14.609893] kasan_save_alloc_info+0x3b/0x50 [ 14.610161] __kasan_kmalloc+0xb7/0xc0 [ 14.610537] __kmalloc_cache_noprof+0x189/0x420 [ 14.610848] kasan_atomics+0x95/0x310 [ 14.611177] kunit_try_run_case+0x1a5/0x480 [ 14.611439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.611876] kthread+0x337/0x6f0 [ 14.612159] ret_from_fork+0x41/0x80 [ 14.612341] ret_from_fork_asm+0x1a/0x30 [ 14.612962] [ 14.613098] The buggy address belongs to the object at ffff8881029ef680 [ 14.613098] which belongs to the cache kmalloc-64 of size 64 [ 14.614275] The buggy address is located 0 bytes to the right of [ 14.614275] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.615725] [ 14.615850] The buggy address belongs to the physical page: [ 14.616081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.616499] flags: 0x200000000000000(node=0|zone=2) [ 14.616940] page_type: f5(slab) [ 14.617182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.617489] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.618021] page dumped because: kasan: bad access detected [ 14.618218] [ 14.619004] Memory state around the buggy address: [ 14.619511] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.619893] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.620182] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.620610] ^ [ 14.621209] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622024] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.622406] ================================================================== [ 16.309049] ================================================================== [ 16.309756] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 16.310790] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.311228] [ 16.311469] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.311598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.311644] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.311692] Call Trace: [ 16.311737] <TASK> [ 16.311780] dump_stack_lvl+0x73/0xb0 [ 16.311837] print_report+0xd1/0x650 [ 16.311879] ? __virt_addr_valid+0x1db/0x2d0 [ 16.311920] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.311990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.312054] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.312098] kasan_report+0x141/0x180 [ 16.312178] ? kasan_atomics_helper+0x4fa5/0x5450 [ 16.312252] __asan_report_load8_noabort+0x18/0x20 [ 16.312296] kasan_atomics_helper+0x4fa5/0x5450 [ 16.312346] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.312370] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.312405] ? kasan_atomics+0x152/0x310 [ 16.312431] kasan_atomics+0x1dc/0x310 [ 16.312450] ? __pfx_kasan_atomics+0x10/0x10 [ 16.312472] ? __pfx_read_tsc+0x10/0x10 [ 16.312492] ? ktime_get_ts64+0x86/0x230 [ 16.312518] kunit_try_run_case+0x1a5/0x480 [ 16.312547] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312578] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.312602] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.312642] ? __kthread_parkme+0x82/0x180 [ 16.312667] ? preempt_count_sub+0x50/0x80 [ 16.312692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.312715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.312739] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.312761] kthread+0x337/0x6f0 [ 16.312778] ? trace_preempt_on+0x20/0xc0 [ 16.312801] ? __pfx_kthread+0x10/0x10 [ 16.312819] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.312840] ? calculate_sigpending+0x7b/0xa0 [ 16.312861] ? __pfx_kthread+0x10/0x10 [ 16.312879] ret_from_fork+0x41/0x80 [ 16.312898] ? __pfx_kthread+0x10/0x10 [ 16.312916] ret_from_fork_asm+0x1a/0x30 [ 16.312946] </TASK> [ 16.312961] [ 16.322039] Allocated by task 285: [ 16.322271] kasan_save_stack+0x45/0x70 [ 16.322489] kasan_save_track+0x18/0x40 [ 16.322885] kasan_save_alloc_info+0x3b/0x50 [ 16.323229] __kasan_kmalloc+0xb7/0xc0 [ 16.323533] __kmalloc_cache_noprof+0x189/0x420 [ 16.323891] kasan_atomics+0x95/0x310 [ 16.324140] kunit_try_run_case+0x1a5/0x480 [ 16.324328] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.324698] kthread+0x337/0x6f0 [ 16.324983] ret_from_fork+0x41/0x80 [ 16.325294] ret_from_fork_asm+0x1a/0x30 [ 16.325570] [ 16.325737] The buggy address belongs to the object at ffff8881029ef680 [ 16.325737] which belongs to the cache kmalloc-64 of size 64 [ 16.326483] The buggy address is located 0 bytes to the right of [ 16.326483] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.326952] [ 16.327093] The buggy address belongs to the physical page: [ 16.327333] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.327649] flags: 0x200000000000000(node=0|zone=2) [ 16.327888] page_type: f5(slab) [ 16.328076] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.328580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.329081] page dumped because: kasan: bad access detected [ 16.329475] [ 16.329656] Memory state around the buggy address: [ 16.330033] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.330699] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.331109] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.331342] ^ [ 16.331526] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.331997] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.332474] ================================================================== [ 14.650404] ================================================================== [ 14.651006] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 14.651550] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.653524] [ 14.654072] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.654156] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.654170] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.654195] Call Trace: [ 14.654219] <TASK> [ 14.654244] dump_stack_lvl+0x73/0xb0 [ 14.654289] print_report+0xd1/0x650 [ 14.654363] ? __virt_addr_valid+0x1db/0x2d0 [ 14.654400] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.654425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.654447] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.654469] kasan_report+0x141/0x180 [ 14.654491] ? kasan_atomics_helper+0x4b88/0x5450 [ 14.654704] __asan_report_load4_noabort+0x18/0x20 [ 14.654731] kasan_atomics_helper+0x4b88/0x5450 [ 14.654777] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.654801] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.654825] ? kasan_atomics+0x152/0x310 [ 14.654850] kasan_atomics+0x1dc/0x310 [ 14.654871] ? __pfx_kasan_atomics+0x10/0x10 [ 14.654892] ? __pfx_read_tsc+0x10/0x10 [ 14.654914] ? ktime_get_ts64+0x86/0x230 [ 14.654940] kunit_try_run_case+0x1a5/0x480 [ 14.654967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.654989] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.655015] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.655037] ? __kthread_parkme+0x82/0x180 [ 14.655059] ? preempt_count_sub+0x50/0x80 [ 14.655084] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.655107] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.655130] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.655152] kthread+0x337/0x6f0 [ 14.655170] ? trace_preempt_on+0x20/0xc0 [ 14.655193] ? __pfx_kthread+0x10/0x10 [ 14.655211] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.655232] ? calculate_sigpending+0x7b/0xa0 [ 14.655254] ? __pfx_kthread+0x10/0x10 [ 14.655272] ret_from_fork+0x41/0x80 [ 14.655304] ? __pfx_kthread+0x10/0x10 [ 14.655335] ret_from_fork_asm+0x1a/0x30 [ 14.655377] </TASK> [ 14.655393] [ 14.667840] Allocated by task 285: [ 14.669015] kasan_save_stack+0x45/0x70 [ 14.669226] kasan_save_track+0x18/0x40 [ 14.669584] kasan_save_alloc_info+0x3b/0x50 [ 14.669845] __kasan_kmalloc+0xb7/0xc0 [ 14.670088] __kmalloc_cache_noprof+0x189/0x420 [ 14.670422] kasan_atomics+0x95/0x310 [ 14.670638] kunit_try_run_case+0x1a5/0x480 [ 14.671025] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.671377] kthread+0x337/0x6f0 [ 14.671905] ret_from_fork+0x41/0x80 [ 14.672652] ret_from_fork_asm+0x1a/0x30 [ 14.673058] [ 14.673225] The buggy address belongs to the object at ffff8881029ef680 [ 14.673225] which belongs to the cache kmalloc-64 of size 64 [ 14.673812] The buggy address is located 0 bytes to the right of [ 14.673812] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.674844] [ 14.674999] The buggy address belongs to the physical page: [ 14.675272] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.675836] flags: 0x200000000000000(node=0|zone=2) [ 14.676182] page_type: f5(slab) [ 14.676468] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.677124] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.677738] page dumped because: kasan: bad access detected [ 14.678576] [ 14.678696] Memory state around the buggy address: [ 14.679263] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.679539] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.679999] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.680291] ^ [ 14.680513] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.680898] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.681400] ================================================================== [ 15.558187] ================================================================== [ 15.559096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 15.559993] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.560724] [ 15.560913] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.561006] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.561030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.561066] Call Trace: [ 15.561108] <TASK> [ 15.561147] dump_stack_lvl+0x73/0xb0 [ 15.561217] print_report+0xd1/0x650 [ 15.561243] ? __virt_addr_valid+0x1db/0x2d0 [ 15.561272] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.561294] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.561321] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.561357] kasan_report+0x141/0x180 [ 15.561381] ? kasan_atomics_helper+0x49ce/0x5450 [ 15.561407] __asan_report_load4_noabort+0x18/0x20 [ 15.561427] kasan_atomics_helper+0x49ce/0x5450 [ 15.561450] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.561472] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.561494] ? kasan_atomics+0x152/0x310 [ 15.561517] kasan_atomics+0x1dc/0x310 [ 15.561546] ? __pfx_kasan_atomics+0x10/0x10 [ 15.561582] ? __pfx_read_tsc+0x10/0x10 [ 15.561613] ? ktime_get_ts64+0x86/0x230 [ 15.561675] kunit_try_run_case+0x1a5/0x480 [ 15.561723] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.561769] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.561817] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.561846] ? __kthread_parkme+0x82/0x180 [ 15.561869] ? preempt_count_sub+0x50/0x80 [ 15.561895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.561918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.561942] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.561978] kthread+0x337/0x6f0 [ 15.561997] ? trace_preempt_on+0x20/0xc0 [ 15.562023] ? __pfx_kthread+0x10/0x10 [ 15.562041] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.562064] ? calculate_sigpending+0x7b/0xa0 [ 15.562085] ? __pfx_kthread+0x10/0x10 [ 15.562105] ret_from_fork+0x41/0x80 [ 15.562125] ? __pfx_kthread+0x10/0x10 [ 15.562143] ret_from_fork_asm+0x1a/0x30 [ 15.562174] </TASK> [ 15.562187] [ 15.573462] Allocated by task 285: [ 15.573897] kasan_save_stack+0x45/0x70 [ 15.574357] kasan_save_track+0x18/0x40 [ 15.574615] kasan_save_alloc_info+0x3b/0x50 [ 15.575037] __kasan_kmalloc+0xb7/0xc0 [ 15.575353] __kmalloc_cache_noprof+0x189/0x420 [ 15.575664] kasan_atomics+0x95/0x310 [ 15.576008] kunit_try_run_case+0x1a5/0x480 [ 15.576228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.576523] kthread+0x337/0x6f0 [ 15.576828] ret_from_fork+0x41/0x80 [ 15.577021] ret_from_fork_asm+0x1a/0x30 [ 15.577367] [ 15.577557] The buggy address belongs to the object at ffff8881029ef680 [ 15.577557] which belongs to the cache kmalloc-64 of size 64 [ 15.578004] The buggy address is located 0 bytes to the right of [ 15.578004] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.578845] [ 15.579029] The buggy address belongs to the physical page: [ 15.579273] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.579546] flags: 0x200000000000000(node=0|zone=2) [ 15.579977] page_type: f5(slab) [ 15.580381] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.581033] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.581461] page dumped because: kasan: bad access detected [ 15.581890] [ 15.582008] Memory state around the buggy address: [ 15.582204] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.582771] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.583286] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.583764] ^ [ 15.584053] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.584544] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.584883] ================================================================== [ 14.874804] ================================================================== [ 14.875866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 14.876256] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.877127] [ 14.877290] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.877732] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.877764] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.877791] Call Trace: [ 14.877818] <TASK> [ 14.877844] dump_stack_lvl+0x73/0xb0 [ 14.877885] print_report+0xd1/0x650 [ 14.877909] ? __virt_addr_valid+0x1db/0x2d0 [ 14.877933] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.877969] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.877993] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.878016] kasan_report+0x141/0x180 [ 14.878039] ? kasan_atomics_helper+0x5fe/0x5450 [ 14.878066] kasan_check_range+0x10c/0x1c0 [ 14.878086] __kasan_check_write+0x18/0x20 [ 14.878105] kasan_atomics_helper+0x5fe/0x5450 [ 14.878128] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.878150] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.878171] ? kasan_atomics+0x152/0x310 [ 14.878193] kasan_atomics+0x1dc/0x310 [ 14.878212] ? __pfx_kasan_atomics+0x10/0x10 [ 14.878232] ? __pfx_read_tsc+0x10/0x10 [ 14.878251] ? ktime_get_ts64+0x86/0x230 [ 14.878275] kunit_try_run_case+0x1a5/0x480 [ 14.878311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.878343] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.878381] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.878408] ? __kthread_parkme+0x82/0x180 [ 14.878430] ? preempt_count_sub+0x50/0x80 [ 14.878454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.878476] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.878498] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.878520] kthread+0x337/0x6f0 [ 14.878537] ? trace_preempt_on+0x20/0xc0 [ 14.878567] ? __pfx_kthread+0x10/0x10 [ 14.878585] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.878605] ? calculate_sigpending+0x7b/0xa0 [ 14.878644] ? __pfx_kthread+0x10/0x10 [ 14.878665] ret_from_fork+0x41/0x80 [ 14.878684] ? __pfx_kthread+0x10/0x10 [ 14.878703] ret_from_fork_asm+0x1a/0x30 [ 14.878733] </TASK> [ 14.878746] [ 14.888395] Allocated by task 285: [ 14.888816] kasan_save_stack+0x45/0x70 [ 14.889235] kasan_save_track+0x18/0x40 [ 14.889589] kasan_save_alloc_info+0x3b/0x50 [ 14.889871] __kasan_kmalloc+0xb7/0xc0 [ 14.890118] __kmalloc_cache_noprof+0x189/0x420 [ 14.890414] kasan_atomics+0x95/0x310 [ 14.890846] kunit_try_run_case+0x1a5/0x480 [ 14.891200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.891650] kthread+0x337/0x6f0 [ 14.891886] ret_from_fork+0x41/0x80 [ 14.892054] ret_from_fork_asm+0x1a/0x30 [ 14.892205] [ 14.892411] The buggy address belongs to the object at ffff8881029ef680 [ 14.892411] which belongs to the cache kmalloc-64 of size 64 [ 14.893414] The buggy address is located 0 bytes to the right of [ 14.893414] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.894707] [ 14.894948] The buggy address belongs to the physical page: [ 14.895388] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.896201] flags: 0x200000000000000(node=0|zone=2) [ 14.896680] page_type: f5(slab) [ 14.896863] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.897266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.897766] page dumped because: kasan: bad access detected [ 14.898140] [ 14.898330] Memory state around the buggy address: [ 14.898670] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.899042] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.899222] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.899665] ^ [ 14.900055] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.900345] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.900877] ================================================================== [ 16.204980] ================================================================== [ 16.205438] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 16.206020] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.206280] [ 16.206475] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.206569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.206596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.206656] Call Trace: [ 16.206705] <TASK> [ 16.206749] dump_stack_lvl+0x73/0xb0 [ 16.206810] print_report+0xd1/0x650 [ 16.206863] ? __virt_addr_valid+0x1db/0x2d0 [ 16.206912] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.206960] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.207008] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.207055] kasan_report+0x141/0x180 [ 16.207102] ? kasan_atomics_helper+0x4f98/0x5450 [ 16.207158] __asan_report_load8_noabort+0x18/0x20 [ 16.207204] kasan_atomics_helper+0x4f98/0x5450 [ 16.207252] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.207287] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.207317] ? kasan_atomics+0x152/0x310 [ 16.207350] kasan_atomics+0x1dc/0x310 [ 16.207378] ? __pfx_kasan_atomics+0x10/0x10 [ 16.207409] ? __pfx_read_tsc+0x10/0x10 [ 16.207451] ? ktime_get_ts64+0x86/0x230 [ 16.207490] kunit_try_run_case+0x1a5/0x480 [ 16.207532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207569] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.207613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.207676] ? __kthread_parkme+0x82/0x180 [ 16.207723] ? preempt_count_sub+0x50/0x80 [ 16.207776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.207825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.207872] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.207921] kthread+0x337/0x6f0 [ 16.207959] ? trace_preempt_on+0x20/0xc0 [ 16.208008] ? __pfx_kthread+0x10/0x10 [ 16.208042] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.208088] ? calculate_sigpending+0x7b/0xa0 [ 16.208133] ? __pfx_kthread+0x10/0x10 [ 16.208174] ret_from_fork+0x41/0x80 [ 16.208216] ? __pfx_kthread+0x10/0x10 [ 16.208258] ret_from_fork_asm+0x1a/0x30 [ 16.208325] </TASK> [ 16.208352] [ 16.216660] Allocated by task 285: [ 16.216991] kasan_save_stack+0x45/0x70 [ 16.217441] kasan_save_track+0x18/0x40 [ 16.217809] kasan_save_alloc_info+0x3b/0x50 [ 16.218145] __kasan_kmalloc+0xb7/0xc0 [ 16.218444] __kmalloc_cache_noprof+0x189/0x420 [ 16.218902] kasan_atomics+0x95/0x310 [ 16.219178] kunit_try_run_case+0x1a5/0x480 [ 16.219367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.219572] kthread+0x337/0x6f0 [ 16.219921] ret_from_fork+0x41/0x80 [ 16.220200] ret_from_fork_asm+0x1a/0x30 [ 16.220472] [ 16.220651] The buggy address belongs to the object at ffff8881029ef680 [ 16.220651] which belongs to the cache kmalloc-64 of size 64 [ 16.221110] The buggy address is located 0 bytes to the right of [ 16.221110] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.221718] [ 16.221868] The buggy address belongs to the physical page: [ 16.222247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.222767] flags: 0x200000000000000(node=0|zone=2) [ 16.223116] page_type: f5(slab) [ 16.223289] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.223539] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.224056] page dumped because: kasan: bad access detected [ 16.224440] [ 16.224600] Memory state around the buggy address: [ 16.224897] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225179] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.225524] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.225810] ^ [ 16.226017] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.226490] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.227160] ================================================================== [ 15.973687] ================================================================== [ 15.974301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 15.974718] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.975022] [ 15.975153] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.975227] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.975243] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.975276] Call Trace: [ 15.975311] <TASK> [ 15.975343] dump_stack_lvl+0x73/0xb0 [ 15.975378] print_report+0xd1/0x650 [ 15.975407] ? __virt_addr_valid+0x1db/0x2d0 [ 15.975435] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.975463] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.975491] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.975513] kasan_report+0x141/0x180 [ 15.975534] ? kasan_atomics_helper+0x1c18/0x5450 [ 15.975576] kasan_check_range+0x10c/0x1c0 [ 15.975613] __kasan_check_write+0x18/0x20 [ 15.975660] kasan_atomics_helper+0x1c18/0x5450 [ 15.975695] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.975731] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.975772] ? kasan_atomics+0x152/0x310 [ 15.975813] kasan_atomics+0x1dc/0x310 [ 15.975851] ? __pfx_kasan_atomics+0x10/0x10 [ 15.975894] ? __pfx_read_tsc+0x10/0x10 [ 15.975933] ? ktime_get_ts64+0x86/0x230 [ 15.975982] kunit_try_run_case+0x1a5/0x480 [ 15.976031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.976071] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.976112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.976157] ? __kthread_parkme+0x82/0x180 [ 15.976201] ? preempt_count_sub+0x50/0x80 [ 15.976254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.976301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.976349] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.976416] kthread+0x337/0x6f0 [ 15.976462] ? trace_preempt_on+0x20/0xc0 [ 15.976521] ? __pfx_kthread+0x10/0x10 [ 15.976572] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.976615] ? calculate_sigpending+0x7b/0xa0 [ 15.976675] ? __pfx_kthread+0x10/0x10 [ 15.976718] ret_from_fork+0x41/0x80 [ 15.976761] ? __pfx_kthread+0x10/0x10 [ 15.976802] ret_from_fork_asm+0x1a/0x30 [ 15.976864] </TASK> [ 15.976892] [ 15.987362] Allocated by task 285: [ 15.987870] kasan_save_stack+0x45/0x70 [ 15.988431] kasan_save_track+0x18/0x40 [ 15.988775] kasan_save_alloc_info+0x3b/0x50 [ 15.989101] __kasan_kmalloc+0xb7/0xc0 [ 15.989389] __kmalloc_cache_noprof+0x189/0x420 [ 15.989836] kasan_atomics+0x95/0x310 [ 15.990208] kunit_try_run_case+0x1a5/0x480 [ 15.990578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.990921] kthread+0x337/0x6f0 [ 15.991280] ret_from_fork+0x41/0x80 [ 15.991648] ret_from_fork_asm+0x1a/0x30 [ 15.992023] [ 15.992171] The buggy address belongs to the object at ffff8881029ef680 [ 15.992171] which belongs to the cache kmalloc-64 of size 64 [ 15.992980] The buggy address is located 0 bytes to the right of [ 15.992980] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.993582] [ 15.993710] The buggy address belongs to the physical page: [ 15.993906] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.994500] flags: 0x200000000000000(node=0|zone=2) [ 15.995055] page_type: f5(slab) [ 15.995580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.995978] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.996328] page dumped because: kasan: bad access detected [ 15.996766] [ 15.996969] Memory state around the buggy address: [ 15.997348] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.998018] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.998504] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.998830] ^ [ 15.999082] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.999364] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.999718] ================================================================== [ 16.360148] ================================================================== [ 16.361514] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 16.362267] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.362549] [ 16.362784] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.362909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.362943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.362992] Call Trace: [ 16.363045] <TASK> [ 16.363095] dump_stack_lvl+0x73/0xb0 [ 16.363169] print_report+0xd1/0x650 [ 16.363228] ? __virt_addr_valid+0x1db/0x2d0 [ 16.363280] ? kasan_atomics_helper+0x5115/0x5450 [ 16.363318] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.363355] ? kasan_atomics_helper+0x5115/0x5450 [ 16.363394] kasan_report+0x141/0x180 [ 16.363434] ? kasan_atomics_helper+0x5115/0x5450 [ 16.363489] __asan_report_load8_noabort+0x18/0x20 [ 16.363531] kasan_atomics_helper+0x5115/0x5450 [ 16.363575] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.363634] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.363683] ? kasan_atomics+0x152/0x310 [ 16.363731] kasan_atomics+0x1dc/0x310 [ 16.363775] ? __pfx_kasan_atomics+0x10/0x10 [ 16.363820] ? __pfx_read_tsc+0x10/0x10 [ 16.363862] ? ktime_get_ts64+0x86/0x230 [ 16.363915] kunit_try_run_case+0x1a5/0x480 [ 16.364011] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.364059] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.364107] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.364155] ? __kthread_parkme+0x82/0x180 [ 16.364201] ? preempt_count_sub+0x50/0x80 [ 16.364254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.364300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.364342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.364379] kthread+0x337/0x6f0 [ 16.364407] ? trace_preempt_on+0x20/0xc0 [ 16.364447] ? __pfx_kthread+0x10/0x10 [ 16.364482] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.364547] ? calculate_sigpending+0x7b/0xa0 [ 16.364586] ? __pfx_kthread+0x10/0x10 [ 16.364646] ret_from_fork+0x41/0x80 [ 16.364705] ? __pfx_kthread+0x10/0x10 [ 16.364742] ret_from_fork_asm+0x1a/0x30 [ 16.364818] </TASK> [ 16.364845] [ 16.376539] Allocated by task 285: [ 16.376936] kasan_save_stack+0x45/0x70 [ 16.377336] kasan_save_track+0x18/0x40 [ 16.377531] kasan_save_alloc_info+0x3b/0x50 [ 16.377950] __kasan_kmalloc+0xb7/0xc0 [ 16.378174] __kmalloc_cache_noprof+0x189/0x420 [ 16.378494] kasan_atomics+0x95/0x310 [ 16.378784] kunit_try_run_case+0x1a5/0x480 [ 16.379003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.379344] kthread+0x337/0x6f0 [ 16.379599] ret_from_fork+0x41/0x80 [ 16.379854] ret_from_fork_asm+0x1a/0x30 [ 16.380140] [ 16.380308] The buggy address belongs to the object at ffff8881029ef680 [ 16.380308] which belongs to the cache kmalloc-64 of size 64 [ 16.380842] The buggy address is located 0 bytes to the right of [ 16.380842] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.381709] [ 16.381835] The buggy address belongs to the physical page: [ 16.382200] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.382814] flags: 0x200000000000000(node=0|zone=2) [ 16.383029] page_type: f5(slab) [ 16.383203] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.383698] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.384381] page dumped because: kasan: bad access detected [ 16.384661] [ 16.384842] Memory state around the buggy address: [ 16.385159] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.385548] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.385919] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.386247] ^ [ 16.386557] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.386903] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.387289] ================================================================== [ 15.610533] ================================================================== [ 15.611493] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 15.612246] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.612789] [ 15.612994] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.613090] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.613117] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.613161] Call Trace: [ 15.613209] <TASK> [ 15.613251] dump_stack_lvl+0x73/0xb0 [ 15.613327] print_report+0xd1/0x650 [ 15.613372] ? __virt_addr_valid+0x1db/0x2d0 [ 15.613412] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.613456] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.613515] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.613576] kasan_report+0x141/0x180 [ 15.613633] ? kasan_atomics_helper+0x4eae/0x5450 [ 15.613686] __asan_report_load8_noabort+0x18/0x20 [ 15.613727] kasan_atomics_helper+0x4eae/0x5450 [ 15.613776] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.613826] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.613872] ? kasan_atomics+0x152/0x310 [ 15.613971] kasan_atomics+0x1dc/0x310 [ 15.614019] ? __pfx_kasan_atomics+0x10/0x10 [ 15.614069] ? __pfx_read_tsc+0x10/0x10 [ 15.614113] ? ktime_get_ts64+0x86/0x230 [ 15.614167] kunit_try_run_case+0x1a5/0x480 [ 15.614221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.614268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.614319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.614371] ? __kthread_parkme+0x82/0x180 [ 15.614419] ? preempt_count_sub+0x50/0x80 [ 15.614474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.614525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.614572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.614634] kthread+0x337/0x6f0 [ 15.614676] ? trace_preempt_on+0x20/0xc0 [ 15.614730] ? __pfx_kthread+0x10/0x10 [ 15.614773] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.614819] ? calculate_sigpending+0x7b/0xa0 [ 15.614866] ? __pfx_kthread+0x10/0x10 [ 15.614908] ret_from_fork+0x41/0x80 [ 15.614953] ? __pfx_kthread+0x10/0x10 [ 15.614995] ret_from_fork_asm+0x1a/0x30 [ 15.615060] </TASK> [ 15.615087] [ 15.624263] Allocated by task 285: [ 15.624619] kasan_save_stack+0x45/0x70 [ 15.624911] kasan_save_track+0x18/0x40 [ 15.625088] kasan_save_alloc_info+0x3b/0x50 [ 15.625267] __kasan_kmalloc+0xb7/0xc0 [ 15.625433] __kmalloc_cache_noprof+0x189/0x420 [ 15.625643] kasan_atomics+0x95/0x310 [ 15.625808] kunit_try_run_case+0x1a5/0x480 [ 15.625936] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.626066] kthread+0x337/0x6f0 [ 15.626143] ret_from_fork+0x41/0x80 [ 15.626225] ret_from_fork_asm+0x1a/0x30 [ 15.626310] [ 15.626359] The buggy address belongs to the object at ffff8881029ef680 [ 15.626359] which belongs to the cache kmalloc-64 of size 64 [ 15.626549] The buggy address is located 0 bytes to the right of [ 15.626549] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.627267] [ 15.627469] The buggy address belongs to the physical page: [ 15.628011] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.628654] flags: 0x200000000000000(node=0|zone=2) [ 15.629071] page_type: f5(slab) [ 15.629366] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.629975] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.630567] page dumped because: kasan: bad access detected [ 15.631011] [ 15.631196] Memory state around the buggy address: [ 15.631587] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.631913] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.632119] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.632608] ^ [ 15.632888] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633231] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.633602] ================================================================== [ 14.840534] ================================================================== [ 14.841249] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 14.841901] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.842359] [ 14.842918] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.843005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.843030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.843071] Call Trace: [ 14.843132] <TASK> [ 14.843161] dump_stack_lvl+0x73/0xb0 [ 14.843204] print_report+0xd1/0x650 [ 14.843229] ? __virt_addr_valid+0x1db/0x2d0 [ 14.843256] ? kasan_atomics_helper+0x565/0x5450 [ 14.843402] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.843447] ? kasan_atomics_helper+0x565/0x5450 [ 14.843482] kasan_report+0x141/0x180 [ 14.843514] ? kasan_atomics_helper+0x565/0x5450 [ 14.843542] kasan_check_range+0x10c/0x1c0 [ 14.843571] __kasan_check_write+0x18/0x20 [ 14.843591] kasan_atomics_helper+0x565/0x5450 [ 14.843615] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.843657] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.843680] ? kasan_atomics+0x152/0x310 [ 14.843703] kasan_atomics+0x1dc/0x310 [ 14.843723] ? __pfx_kasan_atomics+0x10/0x10 [ 14.843743] ? __pfx_read_tsc+0x10/0x10 [ 14.843764] ? ktime_get_ts64+0x86/0x230 [ 14.843789] kunit_try_run_case+0x1a5/0x480 [ 14.843815] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.843836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.843861] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.843883] ? __kthread_parkme+0x82/0x180 [ 14.843907] ? preempt_count_sub+0x50/0x80 [ 14.843946] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.843969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.843991] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.844013] kthread+0x337/0x6f0 [ 14.844031] ? trace_preempt_on+0x20/0xc0 [ 14.844055] ? __pfx_kthread+0x10/0x10 [ 14.844073] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.844095] ? calculate_sigpending+0x7b/0xa0 [ 14.844116] ? __pfx_kthread+0x10/0x10 [ 14.844134] ret_from_fork+0x41/0x80 [ 14.844154] ? __pfx_kthread+0x10/0x10 [ 14.844173] ret_from_fork_asm+0x1a/0x30 [ 14.844204] </TASK> [ 14.844219] [ 14.857031] Allocated by task 285: [ 14.857812] kasan_save_stack+0x45/0x70 [ 14.858209] kasan_save_track+0x18/0x40 [ 14.859270] kasan_save_alloc_info+0x3b/0x50 [ 14.860178] __kasan_kmalloc+0xb7/0xc0 [ 14.860398] __kmalloc_cache_noprof+0x189/0x420 [ 14.860718] kasan_atomics+0x95/0x310 [ 14.860960] kunit_try_run_case+0x1a5/0x480 [ 14.861250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.861929] kthread+0x337/0x6f0 [ 14.862240] ret_from_fork+0x41/0x80 [ 14.862619] ret_from_fork_asm+0x1a/0x30 [ 14.862848] [ 14.862932] The buggy address belongs to the object at ffff8881029ef680 [ 14.862932] which belongs to the cache kmalloc-64 of size 64 [ 14.863213] The buggy address is located 0 bytes to the right of [ 14.863213] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.864990] [ 14.865150] The buggy address belongs to the physical page: [ 14.865373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.866144] flags: 0x200000000000000(node=0|zone=2) [ 14.866425] page_type: f5(slab) [ 14.866774] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.867973] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.868512] page dumped because: kasan: bad access detected [ 14.868883] [ 14.869379] Memory state around the buggy address: [ 14.870197] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.870725] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.871441] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.871889] ^ [ 14.872107] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.873245] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.873927] ================================================================== [ 15.586222] ================================================================== [ 15.587025] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 15.587330] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.587927] [ 15.588136] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.588234] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.588260] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.588302] Call Trace: [ 15.588347] <TASK> [ 15.588413] dump_stack_lvl+0x73/0xb0 [ 15.588471] print_report+0xd1/0x650 [ 15.588515] ? __virt_addr_valid+0x1db/0x2d0 [ 15.588567] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.588607] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.588684] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.588730] kasan_report+0x141/0x180 [ 15.588773] ? kasan_atomics_helper+0x13b5/0x5450 [ 15.588822] kasan_check_range+0x10c/0x1c0 [ 15.588860] __kasan_check_read+0x15/0x20 [ 15.588900] kasan_atomics_helper+0x13b5/0x5450 [ 15.588965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.589009] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.589053] ? kasan_atomics+0x152/0x310 [ 15.589100] kasan_atomics+0x1dc/0x310 [ 15.589155] ? __pfx_kasan_atomics+0x10/0x10 [ 15.589201] ? __pfx_read_tsc+0x10/0x10 [ 15.589239] ? ktime_get_ts64+0x86/0x230 [ 15.589282] kunit_try_run_case+0x1a5/0x480 [ 15.589316] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.589346] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.589377] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.589407] ? __kthread_parkme+0x82/0x180 [ 15.589443] ? preempt_count_sub+0x50/0x80 [ 15.589485] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.589530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.589570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.589647] kthread+0x337/0x6f0 [ 15.589684] ? trace_preempt_on+0x20/0xc0 [ 15.589730] ? __pfx_kthread+0x10/0x10 [ 15.589765] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.589809] ? calculate_sigpending+0x7b/0xa0 [ 15.589871] ? __pfx_kthread+0x10/0x10 [ 15.589909] ret_from_fork+0x41/0x80 [ 15.589960] ? __pfx_kthread+0x10/0x10 [ 15.589999] ret_from_fork_asm+0x1a/0x30 [ 15.590042] </TASK> [ 15.590057] [ 15.599298] Allocated by task 285: [ 15.599539] kasan_save_stack+0x45/0x70 [ 15.599854] kasan_save_track+0x18/0x40 [ 15.600163] kasan_save_alloc_info+0x3b/0x50 [ 15.600485] __kasan_kmalloc+0xb7/0xc0 [ 15.600902] __kmalloc_cache_noprof+0x189/0x420 [ 15.601240] kasan_atomics+0x95/0x310 [ 15.601453] kunit_try_run_case+0x1a5/0x480 [ 15.601647] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.601856] kthread+0x337/0x6f0 [ 15.602022] ret_from_fork+0x41/0x80 [ 15.602196] ret_from_fork_asm+0x1a/0x30 [ 15.602419] [ 15.602569] The buggy address belongs to the object at ffff8881029ef680 [ 15.602569] which belongs to the cache kmalloc-64 of size 64 [ 15.603569] The buggy address is located 0 bytes to the right of [ 15.603569] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.604408] [ 15.604573] The buggy address belongs to the physical page: [ 15.604964] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.605355] flags: 0x200000000000000(node=0|zone=2) [ 15.605778] page_type: f5(slab) [ 15.605988] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.606375] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.606892] page dumped because: kasan: bad access detected [ 15.607117] [ 15.607222] Memory state around the buggy address: [ 15.607417] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.607817] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.608300] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.608849] ^ [ 15.609124] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609443] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.609699] ================================================================== [ 14.927809] ================================================================== [ 14.928403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 14.929069] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.929642] [ 14.929912] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.930045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.930073] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.930121] Call Trace: [ 14.930168] <TASK> [ 14.930210] dump_stack_lvl+0x73/0xb0 [ 14.930274] print_report+0xd1/0x650 [ 14.930353] ? __virt_addr_valid+0x1db/0x2d0 [ 14.930404] ? kasan_atomics_helper+0x72f/0x5450 [ 14.930450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.930498] ? kasan_atomics_helper+0x72f/0x5450 [ 14.930568] kasan_report+0x141/0x180 [ 14.930620] ? kasan_atomics_helper+0x72f/0x5450 [ 14.930690] kasan_check_range+0x10c/0x1c0 [ 14.930727] __kasan_check_write+0x18/0x20 [ 14.930763] kasan_atomics_helper+0x72f/0x5450 [ 14.930807] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.930847] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.930933] ? kasan_atomics+0x152/0x310 [ 14.930998] kasan_atomics+0x1dc/0x310 [ 14.931059] ? __pfx_kasan_atomics+0x10/0x10 [ 14.931098] ? __pfx_read_tsc+0x10/0x10 [ 14.931145] ? ktime_get_ts64+0x86/0x230 [ 14.931188] kunit_try_run_case+0x1a5/0x480 [ 14.931235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931270] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.931313] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.931361] ? __kthread_parkme+0x82/0x180 [ 14.931401] ? preempt_count_sub+0x50/0x80 [ 14.931446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.931493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.931553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.931604] kthread+0x337/0x6f0 [ 14.931657] ? trace_preempt_on+0x20/0xc0 [ 14.931704] ? __pfx_kthread+0x10/0x10 [ 14.931744] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.931787] ? calculate_sigpending+0x7b/0xa0 [ 14.931831] ? __pfx_kthread+0x10/0x10 [ 14.931872] ret_from_fork+0x41/0x80 [ 14.931913] ? __pfx_kthread+0x10/0x10 [ 14.931954] ret_from_fork_asm+0x1a/0x30 [ 14.932017] </TASK> [ 14.932044] [ 14.941256] Allocated by task 285: [ 14.941656] kasan_save_stack+0x45/0x70 [ 14.942048] kasan_save_track+0x18/0x40 [ 14.942422] kasan_save_alloc_info+0x3b/0x50 [ 14.942885] __kasan_kmalloc+0xb7/0xc0 [ 14.943054] __kmalloc_cache_noprof+0x189/0x420 [ 14.943221] kasan_atomics+0x95/0x310 [ 14.943386] kunit_try_run_case+0x1a5/0x480 [ 14.943603] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.944992] kthread+0x337/0x6f0 [ 14.945290] ret_from_fork+0x41/0x80 [ 14.947247] ret_from_fork_asm+0x1a/0x30 [ 14.947898] [ 14.948115] The buggy address belongs to the object at ffff8881029ef680 [ 14.948115] which belongs to the cache kmalloc-64 of size 64 [ 14.950141] The buggy address is located 0 bytes to the right of [ 14.950141] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.950926] [ 14.951036] The buggy address belongs to the physical page: [ 14.951218] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.951718] flags: 0x200000000000000(node=0|zone=2) [ 14.951937] page_type: f5(slab) [ 14.952193] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.952770] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.953195] page dumped because: kasan: bad access detected [ 14.953758] [ 14.953997] Memory state around the buggy address: [ 14.954423] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.954980] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.955718] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.956169] ^ [ 14.956541] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957138] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.957687] ================================================================== [ 15.871268] ================================================================== [ 15.871825] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 15.872329] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.874795] [ 15.874982] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.875837] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.875890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.875927] Call Trace: [ 15.875980] <TASK> [ 15.876016] dump_stack_lvl+0x73/0xb0 [ 15.876080] print_report+0xd1/0x650 [ 15.876105] ? __virt_addr_valid+0x1db/0x2d0 [ 15.876128] ? kasan_atomics_helper+0x194a/0x5450 [ 15.876148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.876171] ? kasan_atomics_helper+0x194a/0x5450 [ 15.876192] kasan_report+0x141/0x180 [ 15.876213] ? kasan_atomics_helper+0x194a/0x5450 [ 15.876238] kasan_check_range+0x10c/0x1c0 [ 15.876261] __kasan_check_write+0x18/0x20 [ 15.876280] kasan_atomics_helper+0x194a/0x5450 [ 15.876302] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.876323] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.876344] ? kasan_atomics+0x152/0x310 [ 15.876368] kasan_atomics+0x1dc/0x310 [ 15.876387] ? __pfx_kasan_atomics+0x10/0x10 [ 15.876408] ? __pfx_read_tsc+0x10/0x10 [ 15.876427] ? ktime_get_ts64+0x86/0x230 [ 15.876452] kunit_try_run_case+0x1a5/0x480 [ 15.876475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.876496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.876520] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.876547] ? __kthread_parkme+0x82/0x180 [ 15.876579] ? preempt_count_sub+0x50/0x80 [ 15.876617] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.876669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.876703] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.876736] kthread+0x337/0x6f0 [ 15.876766] ? trace_preempt_on+0x20/0xc0 [ 15.876807] ? __pfx_kthread+0x10/0x10 [ 15.876843] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.876894] ? calculate_sigpending+0x7b/0xa0 [ 15.876941] ? __pfx_kthread+0x10/0x10 [ 15.876979] ret_from_fork+0x41/0x80 [ 15.877020] ? __pfx_kthread+0x10/0x10 [ 15.877059] ret_from_fork_asm+0x1a/0x30 [ 15.877124] </TASK> [ 15.877152] [ 15.886349] Allocated by task 285: [ 15.886683] kasan_save_stack+0x45/0x70 [ 15.887068] kasan_save_track+0x18/0x40 [ 15.887433] kasan_save_alloc_info+0x3b/0x50 [ 15.887852] __kasan_kmalloc+0xb7/0xc0 [ 15.888204] __kmalloc_cache_noprof+0x189/0x420 [ 15.888580] kasan_atomics+0x95/0x310 [ 15.888936] kunit_try_run_case+0x1a5/0x480 [ 15.889296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.889804] kthread+0x337/0x6f0 [ 15.889955] ret_from_fork+0x41/0x80 [ 15.890240] ret_from_fork_asm+0x1a/0x30 [ 15.890685] [ 15.891074] The buggy address belongs to the object at ffff8881029ef680 [ 15.891074] which belongs to the cache kmalloc-64 of size 64 [ 15.891900] The buggy address is located 0 bytes to the right of [ 15.891900] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.892656] [ 15.893104] The buggy address belongs to the physical page: [ 15.893406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.894010] flags: 0x200000000000000(node=0|zone=2) [ 15.894188] page_type: f5(slab) [ 15.894788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.895211] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.895520] page dumped because: kasan: bad access detected [ 15.896035] [ 15.896149] Memory state around the buggy address: [ 15.896503] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.896786] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.897361] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.898027] ^ [ 15.898353] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.898579] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.899022] ================================================================== [ 14.776698] ================================================================== [ 14.777259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 14.777822] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.778489] [ 14.778770] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.778873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.778913] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.778960] Call Trace: [ 14.779017] <TASK> [ 14.779057] dump_stack_lvl+0x73/0xb0 [ 14.779117] print_report+0xd1/0x650 [ 14.779165] ? __virt_addr_valid+0x1db/0x2d0 [ 14.779209] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.779254] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.779419] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.779460] kasan_report+0x141/0x180 [ 14.779487] ? kasan_atomics_helper+0x4a0/0x5450 [ 14.779514] kasan_check_range+0x10c/0x1c0 [ 14.779536] __kasan_check_write+0x18/0x20 [ 14.779556] kasan_atomics_helper+0x4a0/0x5450 [ 14.779579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.779601] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.779656] ? kasan_atomics+0x152/0x310 [ 14.779682] kasan_atomics+0x1dc/0x310 [ 14.779702] ? __pfx_kasan_atomics+0x10/0x10 [ 14.779724] ? __pfx_read_tsc+0x10/0x10 [ 14.779745] ? ktime_get_ts64+0x86/0x230 [ 14.779770] kunit_try_run_case+0x1a5/0x480 [ 14.779797] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779818] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.779843] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.779866] ? __kthread_parkme+0x82/0x180 [ 14.779890] ? preempt_count_sub+0x50/0x80 [ 14.779915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.779938] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.779960] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.779985] kthread+0x337/0x6f0 [ 14.780002] ? trace_preempt_on+0x20/0xc0 [ 14.780026] ? __pfx_kthread+0x10/0x10 [ 14.780045] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.780066] ? calculate_sigpending+0x7b/0xa0 [ 14.780088] ? __pfx_kthread+0x10/0x10 [ 14.780107] ret_from_fork+0x41/0x80 [ 14.780127] ? __pfx_kthread+0x10/0x10 [ 14.780145] ret_from_fork_asm+0x1a/0x30 [ 14.780177] </TASK> [ 14.780191] [ 14.792881] Allocated by task 285: [ 14.793266] kasan_save_stack+0x45/0x70 [ 14.793799] kasan_save_track+0x18/0x40 [ 14.794164] kasan_save_alloc_info+0x3b/0x50 [ 14.794679] __kasan_kmalloc+0xb7/0xc0 [ 14.795024] __kmalloc_cache_noprof+0x189/0x420 [ 14.795905] kasan_atomics+0x95/0x310 [ 14.796279] kunit_try_run_case+0x1a5/0x480 [ 14.796571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.797024] kthread+0x337/0x6f0 [ 14.797334] ret_from_fork+0x41/0x80 [ 14.797648] ret_from_fork_asm+0x1a/0x30 [ 14.797807] [ 14.797961] The buggy address belongs to the object at ffff8881029ef680 [ 14.797961] which belongs to the cache kmalloc-64 of size 64 [ 14.798603] The buggy address is located 0 bytes to the right of [ 14.798603] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.799695] [ 14.799990] The buggy address belongs to the physical page: [ 14.800293] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.800956] flags: 0x200000000000000(node=0|zone=2) [ 14.801230] page_type: f5(slab) [ 14.801497] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.802803] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.803056] page dumped because: kasan: bad access detected [ 14.803442] [ 14.804048] Memory state around the buggy address: [ 14.804327] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.804572] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.805020] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.805448] ^ [ 14.805935] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.806474] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.806749] ================================================================== [ 14.901987] ================================================================== [ 14.902476] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 14.902881] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.903393] [ 14.903656] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.903767] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.903795] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.903838] Call Trace: [ 14.903885] <TASK> [ 14.903969] dump_stack_lvl+0x73/0xb0 [ 14.904038] print_report+0xd1/0x650 [ 14.904079] ? __virt_addr_valid+0x1db/0x2d0 [ 14.904124] ? kasan_atomics_helper+0x697/0x5450 [ 14.904156] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.904187] ? kasan_atomics_helper+0x697/0x5450 [ 14.904219] kasan_report+0x141/0x180 [ 14.904298] ? kasan_atomics_helper+0x697/0x5450 [ 14.904344] kasan_check_range+0x10c/0x1c0 [ 14.904381] __kasan_check_write+0x18/0x20 [ 14.904419] kasan_atomics_helper+0x697/0x5450 [ 14.904496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.904534] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.904592] ? kasan_atomics+0x152/0x310 [ 14.904645] kasan_atomics+0x1dc/0x310 [ 14.904677] ? __pfx_kasan_atomics+0x10/0x10 [ 14.904708] ? __pfx_read_tsc+0x10/0x10 [ 14.904736] ? ktime_get_ts64+0x86/0x230 [ 14.904773] kunit_try_run_case+0x1a5/0x480 [ 14.904810] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.904872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.904902] ? __kthread_parkme+0x82/0x180 [ 14.904932] ? preempt_count_sub+0x50/0x80 [ 14.904965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.904998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.905031] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.905063] kthread+0x337/0x6f0 [ 14.905090] ? trace_preempt_on+0x20/0xc0 [ 14.905134] ? __pfx_kthread+0x10/0x10 [ 14.905169] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.905207] ? calculate_sigpending+0x7b/0xa0 [ 14.905248] ? __pfx_kthread+0x10/0x10 [ 14.905307] ret_from_fork+0x41/0x80 [ 14.905344] ? __pfx_kthread+0x10/0x10 [ 14.905377] ret_from_fork_asm+0x1a/0x30 [ 14.905434] </TASK> [ 14.905460] [ 14.916541] Allocated by task 285: [ 14.916916] kasan_save_stack+0x45/0x70 [ 14.917270] kasan_save_track+0x18/0x40 [ 14.917552] kasan_save_alloc_info+0x3b/0x50 [ 14.917980] __kasan_kmalloc+0xb7/0xc0 [ 14.918293] __kmalloc_cache_noprof+0x189/0x420 [ 14.918751] kasan_atomics+0x95/0x310 [ 14.918987] kunit_try_run_case+0x1a5/0x480 [ 14.919344] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.919525] kthread+0x337/0x6f0 [ 14.919669] ret_from_fork+0x41/0x80 [ 14.919783] ret_from_fork_asm+0x1a/0x30 [ 14.919902] [ 14.919974] The buggy address belongs to the object at ffff8881029ef680 [ 14.919974] which belongs to the cache kmalloc-64 of size 64 [ 14.920443] The buggy address is located 0 bytes to the right of [ 14.920443] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.921330] [ 14.921517] The buggy address belongs to the physical page: [ 14.921962] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.922439] flags: 0x200000000000000(node=0|zone=2) [ 14.922941] page_type: f5(slab) [ 14.923187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.923725] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.924153] page dumped because: kasan: bad access detected [ 14.924659] [ 14.924822] Memory state around the buggy address: [ 14.925182] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.925585] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.926111] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.926589] ^ [ 14.926754] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.926920] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.927081] ================================================================== [ 15.348687] ================================================================== [ 15.349256] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 15.349692] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.350308] [ 15.350453] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.350565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.350587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.350636] Call Trace: [ 15.350677] <TASK> [ 15.350712] dump_stack_lvl+0x73/0xb0 [ 15.350761] print_report+0xd1/0x650 [ 15.350797] ? __virt_addr_valid+0x1db/0x2d0 [ 15.350831] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.350882] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.350918] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.350950] kasan_report+0x141/0x180 [ 15.350982] ? kasan_atomics_helper+0x4a36/0x5450 [ 15.351022] __asan_report_load4_noabort+0x18/0x20 [ 15.351056] kasan_atomics_helper+0x4a36/0x5450 [ 15.351088] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.351121] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.351154] ? kasan_atomics+0x152/0x310 [ 15.351189] kasan_atomics+0x1dc/0x310 [ 15.351222] ? __pfx_kasan_atomics+0x10/0x10 [ 15.351257] ? __pfx_read_tsc+0x10/0x10 [ 15.351316] ? ktime_get_ts64+0x86/0x230 [ 15.351358] kunit_try_run_case+0x1a5/0x480 [ 15.351401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.351513] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.351593] ? __kthread_parkme+0x82/0x180 [ 15.351650] ? preempt_count_sub+0x50/0x80 [ 15.351701] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.351758] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.351819] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.351856] kthread+0x337/0x6f0 [ 15.351905] ? trace_preempt_on+0x20/0xc0 [ 15.351947] ? __pfx_kthread+0x10/0x10 [ 15.351990] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.352022] ? calculate_sigpending+0x7b/0xa0 [ 15.352270] ? __pfx_kthread+0x10/0x10 [ 15.352301] ret_from_fork+0x41/0x80 [ 15.352324] ? __pfx_kthread+0x10/0x10 [ 15.352343] ret_from_fork_asm+0x1a/0x30 [ 15.352375] </TASK> [ 15.352389] [ 15.362246] Allocated by task 285: [ 15.362657] kasan_save_stack+0x45/0x70 [ 15.363004] kasan_save_track+0x18/0x40 [ 15.363303] kasan_save_alloc_info+0x3b/0x50 [ 15.363729] __kasan_kmalloc+0xb7/0xc0 [ 15.364106] __kmalloc_cache_noprof+0x189/0x420 [ 15.364392] kasan_atomics+0x95/0x310 [ 15.364598] kunit_try_run_case+0x1a5/0x480 [ 15.364800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.365011] kthread+0x337/0x6f0 [ 15.365152] ret_from_fork+0x41/0x80 [ 15.365464] ret_from_fork_asm+0x1a/0x30 [ 15.365824] [ 15.365995] The buggy address belongs to the object at ffff8881029ef680 [ 15.365995] which belongs to the cache kmalloc-64 of size 64 [ 15.366897] The buggy address is located 0 bytes to the right of [ 15.366897] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.367733] [ 15.367948] The buggy address belongs to the physical page: [ 15.368295] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.368778] flags: 0x200000000000000(node=0|zone=2) [ 15.369108] page_type: f5(slab) [ 15.369443] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.369954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.370338] page dumped because: kasan: bad access detected [ 15.370649] [ 15.370861] Memory state around the buggy address: [ 15.371225] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.371658] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.371962] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.372410] ^ [ 15.372771] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373160] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.373563] ================================================================== [ 15.531562] ================================================================== [ 15.532087] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 15.532607] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.532997] [ 15.533213] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.533312] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.533337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.533378] Call Trace: [ 15.533433] <TASK> [ 15.533474] dump_stack_lvl+0x73/0xb0 [ 15.533547] print_report+0xd1/0x650 [ 15.533587] ? __virt_addr_valid+0x1db/0x2d0 [ 15.533642] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.533692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.533738] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.533794] kasan_report+0x141/0x180 [ 15.533835] ? kasan_atomics_helper+0x12e6/0x5450 [ 15.533884] kasan_check_range+0x10c/0x1c0 [ 15.533984] __kasan_check_write+0x18/0x20 [ 15.534028] kasan_atomics_helper+0x12e6/0x5450 [ 15.534095] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.534139] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.534185] ? kasan_atomics+0x152/0x310 [ 15.534239] kasan_atomics+0x1dc/0x310 [ 15.534284] ? __pfx_kasan_atomics+0x10/0x10 [ 15.534330] ? __pfx_read_tsc+0x10/0x10 [ 15.534378] ? ktime_get_ts64+0x86/0x230 [ 15.534430] kunit_try_run_case+0x1a5/0x480 [ 15.534501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.534546] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.534591] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.534655] ? __kthread_parkme+0x82/0x180 [ 15.534705] ? preempt_count_sub+0x50/0x80 [ 15.534750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.534795] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.534843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.534899] kthread+0x337/0x6f0 [ 15.534951] ? trace_preempt_on+0x20/0xc0 [ 15.534999] ? __pfx_kthread+0x10/0x10 [ 15.535038] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.535092] ? calculate_sigpending+0x7b/0xa0 [ 15.535140] ? __pfx_kthread+0x10/0x10 [ 15.535193] ret_from_fork+0x41/0x80 [ 15.535231] ? __pfx_kthread+0x10/0x10 [ 15.535261] ret_from_fork_asm+0x1a/0x30 [ 15.535293] </TASK> [ 15.535308] [ 15.544453] Allocated by task 285: [ 15.544803] kasan_save_stack+0x45/0x70 [ 15.545194] kasan_save_track+0x18/0x40 [ 15.545455] kasan_save_alloc_info+0x3b/0x50 [ 15.545917] __kasan_kmalloc+0xb7/0xc0 [ 15.546139] __kmalloc_cache_noprof+0x189/0x420 [ 15.546328] kasan_atomics+0x95/0x310 [ 15.546491] kunit_try_run_case+0x1a5/0x480 [ 15.546681] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.547068] kthread+0x337/0x6f0 [ 15.547330] ret_from_fork+0x41/0x80 [ 15.547616] ret_from_fork_asm+0x1a/0x30 [ 15.547948] [ 15.548107] The buggy address belongs to the object at ffff8881029ef680 [ 15.548107] which belongs to the cache kmalloc-64 of size 64 [ 15.548938] The buggy address is located 0 bytes to the right of [ 15.548938] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.549545] [ 15.549745] The buggy address belongs to the physical page: [ 15.550036] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.550428] flags: 0x200000000000000(node=0|zone=2) [ 15.550807] page_type: f5(slab) [ 15.551056] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.551453] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.553263] page dumped because: kasan: bad access detected [ 15.553719] [ 15.553831] Memory state around the buggy address: [ 15.554081] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.554419] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.554768] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.555773] ^ [ 15.555957] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556504] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.556825] ================================================================== [ 15.739247] ================================================================== [ 15.739912] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 15.740505] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.741035] [ 15.741283] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.741423] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.741453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.741495] Call Trace: [ 15.741540] <TASK> [ 15.741598] dump_stack_lvl+0x73/0xb0 [ 15.741673] print_report+0xd1/0x650 [ 15.741745] ? __virt_addr_valid+0x1db/0x2d0 [ 15.741788] ? kasan_atomics_helper+0x164f/0x5450 [ 15.741845] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.741909] ? kasan_atomics_helper+0x164f/0x5450 [ 15.741976] kasan_report+0x141/0x180 [ 15.742027] ? kasan_atomics_helper+0x164f/0x5450 [ 15.742088] kasan_check_range+0x10c/0x1c0 [ 15.742136] __kasan_check_write+0x18/0x20 [ 15.742179] kasan_atomics_helper+0x164f/0x5450 [ 15.742228] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.742276] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.742323] ? kasan_atomics+0x152/0x310 [ 15.742372] kasan_atomics+0x1dc/0x310 [ 15.742414] ? __pfx_kasan_atomics+0x10/0x10 [ 15.742458] ? __pfx_read_tsc+0x10/0x10 [ 15.742500] ? ktime_get_ts64+0x86/0x230 [ 15.742550] kunit_try_run_case+0x1a5/0x480 [ 15.742601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.742656] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.742704] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.742749] ? __kthread_parkme+0x82/0x180 [ 15.742797] ? preempt_count_sub+0x50/0x80 [ 15.742850] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.742893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.742932] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.742975] kthread+0x337/0x6f0 [ 15.743012] ? trace_preempt_on+0x20/0xc0 [ 15.743057] ? __pfx_kthread+0x10/0x10 [ 15.743097] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.743141] ? calculate_sigpending+0x7b/0xa0 [ 15.743186] ? __pfx_kthread+0x10/0x10 [ 15.743227] ret_from_fork+0x41/0x80 [ 15.743268] ? __pfx_kthread+0x10/0x10 [ 15.743307] ret_from_fork_asm+0x1a/0x30 [ 15.743372] </TASK> [ 15.743401] [ 15.753356] Allocated by task 285: [ 15.753808] kasan_save_stack+0x45/0x70 [ 15.754248] kasan_save_track+0x18/0x40 [ 15.754474] kasan_save_alloc_info+0x3b/0x50 [ 15.754877] __kasan_kmalloc+0xb7/0xc0 [ 15.755135] __kmalloc_cache_noprof+0x189/0x420 [ 15.755467] kasan_atomics+0x95/0x310 [ 15.755829] kunit_try_run_case+0x1a5/0x480 [ 15.756118] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.756310] kthread+0x337/0x6f0 [ 15.756466] ret_from_fork+0x41/0x80 [ 15.756637] ret_from_fork_asm+0x1a/0x30 [ 15.756815] [ 15.756920] The buggy address belongs to the object at ffff8881029ef680 [ 15.756920] which belongs to the cache kmalloc-64 of size 64 [ 15.757428] The buggy address is located 0 bytes to the right of [ 15.757428] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.758265] [ 15.758439] The buggy address belongs to the physical page: [ 15.758999] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.759534] flags: 0x200000000000000(node=0|zone=2) [ 15.759967] page_type: f5(slab) [ 15.760211] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.760643] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.761019] page dumped because: kasan: bad access detected [ 15.761263] [ 15.761466] Memory state around the buggy address: [ 15.761923] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.762336] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.762803] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.763064] ^ [ 15.763253] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.763485] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.763972] ================================================================== [ 14.623820] ================================================================== [ 14.624207] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 14.625513] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.625827] [ 14.625975] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.626065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.626090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.626128] Call Trace: [ 14.626169] <TASK> [ 14.626208] dump_stack_lvl+0x73/0xb0 [ 14.626272] print_report+0xd1/0x650 [ 14.626313] ? __virt_addr_valid+0x1db/0x2d0 [ 14.626346] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.626387] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.626423] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.626460] kasan_report+0x141/0x180 [ 14.626496] ? kasan_atomics_helper+0x4ba2/0x5450 [ 14.626540] __asan_report_store4_noabort+0x1b/0x30 [ 14.626576] kasan_atomics_helper+0x4ba2/0x5450 [ 14.626618] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.626674] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.626712] ? kasan_atomics+0x152/0x310 [ 14.626755] kasan_atomics+0x1dc/0x310 [ 14.626790] ? __pfx_kasan_atomics+0x10/0x10 [ 14.626833] ? __pfx_read_tsc+0x10/0x10 [ 14.626872] ? ktime_get_ts64+0x86/0x230 [ 14.626920] kunit_try_run_case+0x1a5/0x480 [ 14.626960] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.626983] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.627006] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.627029] ? __kthread_parkme+0x82/0x180 [ 14.627050] ? preempt_count_sub+0x50/0x80 [ 14.627075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.627097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.627119] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.627140] kthread+0x337/0x6f0 [ 14.627157] ? trace_preempt_on+0x20/0xc0 [ 14.627180] ? __pfx_kthread+0x10/0x10 [ 14.627198] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.627218] ? calculate_sigpending+0x7b/0xa0 [ 14.627238] ? __pfx_kthread+0x10/0x10 [ 14.627255] ret_from_fork+0x41/0x80 [ 14.627274] ? __pfx_kthread+0x10/0x10 [ 14.627291] ret_from_fork_asm+0x1a/0x30 [ 14.627320] </TASK> [ 14.627332] [ 14.637586] Allocated by task 285: [ 14.637912] kasan_save_stack+0x45/0x70 [ 14.638150] kasan_save_track+0x18/0x40 [ 14.638423] kasan_save_alloc_info+0x3b/0x50 [ 14.638755] __kasan_kmalloc+0xb7/0xc0 [ 14.639041] __kmalloc_cache_noprof+0x189/0x420 [ 14.639361] kasan_atomics+0x95/0x310 [ 14.639618] kunit_try_run_case+0x1a5/0x480 [ 14.639922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.640130] kthread+0x337/0x6f0 [ 14.640283] ret_from_fork+0x41/0x80 [ 14.640547] ret_from_fork_asm+0x1a/0x30 [ 14.641678] [ 14.641898] The buggy address belongs to the object at ffff8881029ef680 [ 14.641898] which belongs to the cache kmalloc-64 of size 64 [ 14.642920] The buggy address is located 0 bytes to the right of [ 14.642920] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.643306] [ 14.643417] The buggy address belongs to the physical page: [ 14.643613] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.644149] flags: 0x200000000000000(node=0|zone=2) [ 14.644473] page_type: f5(slab) [ 14.644803] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.645297] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.645800] page dumped because: kasan: bad access detected [ 14.646062] [ 14.646161] Memory state around the buggy address: [ 14.646345] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.646577] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.646847] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.647406] ^ [ 14.647880] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.648346] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.648799] ================================================================== [ 15.238450] ================================================================== [ 15.238872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 15.239131] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.239863] [ 15.240012] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.240095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.240119] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.240161] Call Trace: [ 15.240203] <TASK> [ 15.240242] dump_stack_lvl+0x73/0xb0 [ 15.240300] print_report+0xd1/0x650 [ 15.240341] ? __virt_addr_valid+0x1db/0x2d0 [ 15.240382] ? kasan_atomics_helper+0xde0/0x5450 [ 15.240423] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.240464] ? kasan_atomics_helper+0xde0/0x5450 [ 15.240507] kasan_report+0x141/0x180 [ 15.240943] ? kasan_atomics_helper+0xde0/0x5450 [ 15.240998] kasan_check_range+0x10c/0x1c0 [ 15.241022] __kasan_check_write+0x18/0x20 [ 15.241043] kasan_atomics_helper+0xde0/0x5450 [ 15.241065] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.241087] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.241109] ? kasan_atomics+0x152/0x310 [ 15.241131] kasan_atomics+0x1dc/0x310 [ 15.241150] ? __pfx_kasan_atomics+0x10/0x10 [ 15.241171] ? __pfx_read_tsc+0x10/0x10 [ 15.241191] ? ktime_get_ts64+0x86/0x230 [ 15.241216] kunit_try_run_case+0x1a5/0x480 [ 15.241242] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241263] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.241287] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.241309] ? __kthread_parkme+0x82/0x180 [ 15.241331] ? preempt_count_sub+0x50/0x80 [ 15.241356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.241379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.241401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.241423] kthread+0x337/0x6f0 [ 15.241440] ? trace_preempt_on+0x20/0xc0 [ 15.241463] ? __pfx_kthread+0x10/0x10 [ 15.241481] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.241502] ? calculate_sigpending+0x7b/0xa0 [ 15.241523] ? __pfx_kthread+0x10/0x10 [ 15.241545] ret_from_fork+0x41/0x80 [ 15.241574] ? __pfx_kthread+0x10/0x10 [ 15.241592] ret_from_fork_asm+0x1a/0x30 [ 15.241637] </TASK> [ 15.241656] [ 15.253504] Allocated by task 285: [ 15.253857] kasan_save_stack+0x45/0x70 [ 15.254173] kasan_save_track+0x18/0x40 [ 15.254433] kasan_save_alloc_info+0x3b/0x50 [ 15.255079] __kasan_kmalloc+0xb7/0xc0 [ 15.255246] __kmalloc_cache_noprof+0x189/0x420 [ 15.255465] kasan_atomics+0x95/0x310 [ 15.256077] kunit_try_run_case+0x1a5/0x480 [ 15.256506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.256881] kthread+0x337/0x6f0 [ 15.257027] ret_from_fork+0x41/0x80 [ 15.257398] ret_from_fork_asm+0x1a/0x30 [ 15.257824] [ 15.257971] The buggy address belongs to the object at ffff8881029ef680 [ 15.257971] which belongs to the cache kmalloc-64 of size 64 [ 15.258558] The buggy address is located 0 bytes to the right of [ 15.258558] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.259335] [ 15.259697] The buggy address belongs to the physical page: [ 15.260113] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.260649] flags: 0x200000000000000(node=0|zone=2) [ 15.261059] page_type: f5(slab) [ 15.261299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.261634] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.262214] page dumped because: kasan: bad access detected [ 15.262708] [ 15.262927] Memory state around the buggy address: [ 15.263107] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.263524] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.264059] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.264620] ^ [ 15.264982] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265410] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.265885] ================================================================== [ 15.823720] ================================================================== [ 15.824161] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 15.824671] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.825044] [ 15.825239] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.825338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.825363] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.825407] Call Trace: [ 15.825453] <TASK> [ 15.825495] dump_stack_lvl+0x73/0xb0 [ 15.825570] print_report+0xd1/0x650 [ 15.825619] ? __virt_addr_valid+0x1db/0x2d0 [ 15.825674] ? kasan_atomics_helper+0x1818/0x5450 [ 15.825718] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.825761] ? kasan_atomics_helper+0x1818/0x5450 [ 15.825798] kasan_report+0x141/0x180 [ 15.825842] ? kasan_atomics_helper+0x1818/0x5450 [ 15.825895] kasan_check_range+0x10c/0x1c0 [ 15.825940] __kasan_check_write+0x18/0x20 [ 15.825993] kasan_atomics_helper+0x1818/0x5450 [ 15.826035] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.826088] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.826112] ? kasan_atomics+0x152/0x310 [ 15.826142] kasan_atomics+0x1dc/0x310 [ 15.826167] ? __pfx_kasan_atomics+0x10/0x10 [ 15.826188] ? __pfx_read_tsc+0x10/0x10 [ 15.826209] ? ktime_get_ts64+0x86/0x230 [ 15.826235] kunit_try_run_case+0x1a5/0x480 [ 15.826260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.826281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.826307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.826330] ? __kthread_parkme+0x82/0x180 [ 15.826352] ? preempt_count_sub+0x50/0x80 [ 15.826377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.826400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.826423] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.826445] kthread+0x337/0x6f0 [ 15.826463] ? trace_preempt_on+0x20/0xc0 [ 15.826487] ? __pfx_kthread+0x10/0x10 [ 15.826506] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.826527] ? calculate_sigpending+0x7b/0xa0 [ 15.826567] ? __pfx_kthread+0x10/0x10 [ 15.826588] ret_from_fork+0x41/0x80 [ 15.826609] ? __pfx_kthread+0x10/0x10 [ 15.826646] ret_from_fork_asm+0x1a/0x30 [ 15.826681] </TASK> [ 15.826695] [ 15.836535] Allocated by task 285: [ 15.836938] kasan_save_stack+0x45/0x70 [ 15.837302] kasan_save_track+0x18/0x40 [ 15.837665] kasan_save_alloc_info+0x3b/0x50 [ 15.838057] __kasan_kmalloc+0xb7/0xc0 [ 15.838376] __kmalloc_cache_noprof+0x189/0x420 [ 15.838665] kasan_atomics+0x95/0x310 [ 15.838851] kunit_try_run_case+0x1a5/0x480 [ 15.839211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.839663] kthread+0x337/0x6f0 [ 15.839851] ret_from_fork+0x41/0x80 [ 15.840030] ret_from_fork_asm+0x1a/0x30 [ 15.840213] [ 15.840337] The buggy address belongs to the object at ffff8881029ef680 [ 15.840337] which belongs to the cache kmalloc-64 of size 64 [ 15.841024] The buggy address is located 0 bytes to the right of [ 15.841024] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.841504] [ 15.841615] The buggy address belongs to the physical page: [ 15.842850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.843272] flags: 0x200000000000000(node=0|zone=2) [ 15.843586] page_type: f5(slab) [ 15.844026] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.844482] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.844747] page dumped because: kasan: bad access detected [ 15.845091] [ 15.845282] Memory state around the buggy address: [ 15.845733] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846095] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.846436] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.846879] ^ [ 15.847082] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.847357] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.847784] ================================================================== [ 15.848817] ================================================================== [ 15.849259] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 15.849806] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.850079] [ 15.850257] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.850353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.850377] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.850417] Call Trace: [ 15.850460] <TASK> [ 15.850500] dump_stack_lvl+0x73/0xb0 [ 15.850593] print_report+0xd1/0x650 [ 15.850655] ? __virt_addr_valid+0x1db/0x2d0 [ 15.850695] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.850735] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.850775] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.850819] kasan_report+0x141/0x180 [ 15.850865] ? kasan_atomics_helper+0x18b1/0x5450 [ 15.850920] kasan_check_range+0x10c/0x1c0 [ 15.850960] __kasan_check_write+0x18/0x20 [ 15.850996] kasan_atomics_helper+0x18b1/0x5450 [ 15.851036] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.851083] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.851130] ? kasan_atomics+0x152/0x310 [ 15.851178] kasan_atomics+0x1dc/0x310 [ 15.851222] ? __pfx_kasan_atomics+0x10/0x10 [ 15.851268] ? __pfx_read_tsc+0x10/0x10 [ 15.851311] ? ktime_get_ts64+0x86/0x230 [ 15.851363] kunit_try_run_case+0x1a5/0x480 [ 15.851413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851459] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.851507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.851552] ? __kthread_parkme+0x82/0x180 [ 15.851585] ? preempt_count_sub+0x50/0x80 [ 15.851611] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.851651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.851698] kthread+0x337/0x6f0 [ 15.851716] ? trace_preempt_on+0x20/0xc0 [ 15.851740] ? __pfx_kthread+0x10/0x10 [ 15.851759] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.851779] ? calculate_sigpending+0x7b/0xa0 [ 15.851801] ? __pfx_kthread+0x10/0x10 [ 15.851820] ret_from_fork+0x41/0x80 [ 15.851840] ? __pfx_kthread+0x10/0x10 [ 15.851858] ret_from_fork_asm+0x1a/0x30 [ 15.851889] </TASK> [ 15.851903] [ 15.860716] Allocated by task 285: [ 15.861022] kasan_save_stack+0x45/0x70 [ 15.861245] kasan_save_track+0x18/0x40 [ 15.861418] kasan_save_alloc_info+0x3b/0x50 [ 15.861589] __kasan_kmalloc+0xb7/0xc0 [ 15.861790] __kmalloc_cache_noprof+0x189/0x420 [ 15.862117] kasan_atomics+0x95/0x310 [ 15.862411] kunit_try_run_case+0x1a5/0x480 [ 15.862860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.863257] kthread+0x337/0x6f0 [ 15.863509] ret_from_fork+0x41/0x80 [ 15.863815] ret_from_fork_asm+0x1a/0x30 [ 15.864079] [ 15.864187] The buggy address belongs to the object at ffff8881029ef680 [ 15.864187] which belongs to the cache kmalloc-64 of size 64 [ 15.864563] The buggy address is located 0 bytes to the right of [ 15.864563] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.865489] [ 15.865677] The buggy address belongs to the physical page: [ 15.865935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.866262] flags: 0x200000000000000(node=0|zone=2) [ 15.866485] page_type: f5(slab) [ 15.866673] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.866925] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.867390] page dumped because: kasan: bad access detected [ 15.867721] [ 15.867875] Memory state around the buggy address: [ 15.868220] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.868871] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.869326] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.869548] ^ [ 15.869882] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.870165] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.870407] ================================================================== [ 16.283902] ================================================================== [ 16.284246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 16.284851] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.285514] [ 16.285794] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.285863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.285884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.285923] Call Trace: [ 16.285974] <TASK> [ 16.286041] dump_stack_lvl+0x73/0xb0 [ 16.286107] print_report+0xd1/0x650 [ 16.286151] ? __virt_addr_valid+0x1db/0x2d0 [ 16.286194] ? kasan_atomics_helper+0x218a/0x5450 [ 16.286236] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.286274] ? kasan_atomics_helper+0x218a/0x5450 [ 16.286298] kasan_report+0x141/0x180 [ 16.286321] ? kasan_atomics_helper+0x218a/0x5450 [ 16.286348] kasan_check_range+0x10c/0x1c0 [ 16.286369] __kasan_check_write+0x18/0x20 [ 16.286390] kasan_atomics_helper+0x218a/0x5450 [ 16.286415] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.286438] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.286461] ? kasan_atomics+0x152/0x310 [ 16.286485] kasan_atomics+0x1dc/0x310 [ 16.286505] ? __pfx_kasan_atomics+0x10/0x10 [ 16.286527] ? __pfx_read_tsc+0x10/0x10 [ 16.286571] ? ktime_get_ts64+0x86/0x230 [ 16.286599] kunit_try_run_case+0x1a5/0x480 [ 16.286643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.286693] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.286716] ? __kthread_parkme+0x82/0x180 [ 16.286739] ? preempt_count_sub+0x50/0x80 [ 16.286764] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.286788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.286811] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.286833] kthread+0x337/0x6f0 [ 16.286852] ? trace_preempt_on+0x20/0xc0 [ 16.286876] ? __pfx_kthread+0x10/0x10 [ 16.286895] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.286917] ? calculate_sigpending+0x7b/0xa0 [ 16.286939] ? __pfx_kthread+0x10/0x10 [ 16.286958] ret_from_fork+0x41/0x80 [ 16.286980] ? __pfx_kthread+0x10/0x10 [ 16.286998] ret_from_fork_asm+0x1a/0x30 [ 16.287029] </TASK> [ 16.287043] [ 16.295579] Allocated by task 285: [ 16.296022] kasan_save_stack+0x45/0x70 [ 16.296365] kasan_save_track+0x18/0x40 [ 16.296938] kasan_save_alloc_info+0x3b/0x50 [ 16.297291] __kasan_kmalloc+0xb7/0xc0 [ 16.298324] __kmalloc_cache_noprof+0x189/0x420 [ 16.298780] kasan_atomics+0x95/0x310 [ 16.299093] kunit_try_run_case+0x1a5/0x480 [ 16.299426] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.299836] kthread+0x337/0x6f0 [ 16.300057] ret_from_fork+0x41/0x80 [ 16.300237] ret_from_fork_asm+0x1a/0x30 [ 16.300432] [ 16.300559] The buggy address belongs to the object at ffff8881029ef680 [ 16.300559] which belongs to the cache kmalloc-64 of size 64 [ 16.301587] The buggy address is located 0 bytes to the right of [ 16.301587] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.302471] [ 16.302854] The buggy address belongs to the physical page: [ 16.303280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.303684] flags: 0x200000000000000(node=0|zone=2) [ 16.303993] page_type: f5(slab) [ 16.304274] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.304547] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.304971] page dumped because: kasan: bad access detected [ 16.305210] [ 16.305357] Memory state around the buggy address: [ 16.305669] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.305934] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.306194] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.306437] ^ [ 16.306819] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.307384] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.307945] ================================================================== [ 15.453040] ================================================================== [ 15.454503] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 15.454954] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.455317] [ 15.455521] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.455651] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.455680] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.455721] Call Trace: [ 15.455766] <TASK> [ 15.455806] dump_stack_lvl+0x73/0xb0 [ 15.455870] print_report+0xd1/0x650 [ 15.455919] ? __virt_addr_valid+0x1db/0x2d0 [ 15.455976] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.456012] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.456051] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.456093] kasan_report+0x141/0x180 [ 15.456134] ? kasan_atomics_helper+0x4a02/0x5450 [ 15.456187] __asan_report_load4_noabort+0x18/0x20 [ 15.456228] kasan_atomics_helper+0x4a02/0x5450 [ 15.456278] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.456322] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.456383] ? kasan_atomics+0x152/0x310 [ 15.456436] kasan_atomics+0x1dc/0x310 [ 15.456462] ? __pfx_kasan_atomics+0x10/0x10 [ 15.456485] ? __pfx_read_tsc+0x10/0x10 [ 15.456506] ? ktime_get_ts64+0x86/0x230 [ 15.456534] kunit_try_run_case+0x1a5/0x480 [ 15.456571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.456592] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.456617] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.456657] ? __kthread_parkme+0x82/0x180 [ 15.456680] ? preempt_count_sub+0x50/0x80 [ 15.456704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.456727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.456749] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.456771] kthread+0x337/0x6f0 [ 15.456788] ? trace_preempt_on+0x20/0xc0 [ 15.456811] ? __pfx_kthread+0x10/0x10 [ 15.456828] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.456849] ? calculate_sigpending+0x7b/0xa0 [ 15.456870] ? __pfx_kthread+0x10/0x10 [ 15.456888] ret_from_fork+0x41/0x80 [ 15.456907] ? __pfx_kthread+0x10/0x10 [ 15.456925] ret_from_fork_asm+0x1a/0x30 [ 15.456954] </TASK> [ 15.456968] [ 15.466876] Allocated by task 285: [ 15.467069] kasan_save_stack+0x45/0x70 [ 15.467407] kasan_save_track+0x18/0x40 [ 15.467770] kasan_save_alloc_info+0x3b/0x50 [ 15.467998] __kasan_kmalloc+0xb7/0xc0 [ 15.468284] __kmalloc_cache_noprof+0x189/0x420 [ 15.469720] kasan_atomics+0x95/0x310 [ 15.470213] kunit_try_run_case+0x1a5/0x480 [ 15.470345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.470454] kthread+0x337/0x6f0 [ 15.470530] ret_from_fork+0x41/0x80 [ 15.470693] ret_from_fork_asm+0x1a/0x30 [ 15.470861] [ 15.471048] The buggy address belongs to the object at ffff8881029ef680 [ 15.471048] which belongs to the cache kmalloc-64 of size 64 [ 15.472182] The buggy address is located 0 bytes to the right of [ 15.472182] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.472848] [ 15.472967] The buggy address belongs to the physical page: [ 15.473481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.473852] flags: 0x200000000000000(node=0|zone=2) [ 15.474099] page_type: f5(slab) [ 15.474372] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.474715] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.474964] page dumped because: kasan: bad access detected [ 15.475408] [ 15.475570] Memory state around the buggy address: [ 15.476229] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.476451] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.477495] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.477843] ^ [ 15.478190] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.478709] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.479073] ================================================================== [ 15.946730] ================================================================== [ 15.947246] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 15.947748] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.948006] [ 15.948148] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.948248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.948272] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.948311] Call Trace: [ 15.948353] <TASK> [ 15.948392] dump_stack_lvl+0x73/0xb0 [ 15.948449] print_report+0xd1/0x650 [ 15.948496] ? __virt_addr_valid+0x1db/0x2d0 [ 15.948568] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.948616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.948680] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.948730] kasan_report+0x141/0x180 [ 15.948774] ? kasan_atomics_helper+0x1b22/0x5450 [ 15.948839] kasan_check_range+0x10c/0x1c0 [ 15.948871] __kasan_check_write+0x18/0x20 [ 15.948909] kasan_atomics_helper+0x1b22/0x5450 [ 15.948952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.948995] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.949028] ? kasan_atomics+0x152/0x310 [ 15.949061] kasan_atomics+0x1dc/0x310 [ 15.949092] ? __pfx_kasan_atomics+0x10/0x10 [ 15.949133] ? __pfx_read_tsc+0x10/0x10 [ 15.949173] ? ktime_get_ts64+0x86/0x230 [ 15.949227] kunit_try_run_case+0x1a5/0x480 [ 15.949277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.949318] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.949364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.949406] ? __kthread_parkme+0x82/0x180 [ 15.949451] ? preempt_count_sub+0x50/0x80 [ 15.949502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.949569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.949606] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.949657] kthread+0x337/0x6f0 [ 15.949685] ? trace_preempt_on+0x20/0xc0 [ 15.949740] ? __pfx_kthread+0x10/0x10 [ 15.949769] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.949799] ? calculate_sigpending+0x7b/0xa0 [ 15.949830] ? __pfx_kthread+0x10/0x10 [ 15.949856] ret_from_fork+0x41/0x80 [ 15.949887] ? __pfx_kthread+0x10/0x10 [ 15.949913] ret_from_fork_asm+0x1a/0x30 [ 15.949969] </TASK> [ 15.949989] [ 15.958492] Allocated by task 285: [ 15.958846] kasan_save_stack+0x45/0x70 [ 15.959204] kasan_save_track+0x18/0x40 [ 15.959529] kasan_save_alloc_info+0x3b/0x50 [ 15.959854] __kasan_kmalloc+0xb7/0xc0 [ 15.960146] __kmalloc_cache_noprof+0x189/0x420 [ 15.960453] kasan_atomics+0x95/0x310 [ 15.960770] kunit_try_run_case+0x1a5/0x480 [ 15.961073] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.961437] kthread+0x337/0x6f0 [ 15.961605] ret_from_fork+0x41/0x80 [ 15.961786] ret_from_fork_asm+0x1a/0x30 [ 15.961966] [ 15.962116] The buggy address belongs to the object at ffff8881029ef680 [ 15.962116] which belongs to the cache kmalloc-64 of size 64 [ 15.962857] The buggy address is located 0 bytes to the right of [ 15.962857] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.963238] [ 15.963350] The buggy address belongs to the physical page: [ 15.963570] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.964135] flags: 0x200000000000000(node=0|zone=2) [ 15.964507] page_type: f5(slab) [ 15.964809] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.965285] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.965760] page dumped because: kasan: bad access detected [ 15.966128] [ 15.966249] Memory state around the buggy address: [ 15.966479] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.966924] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.967417] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.970007] ^ [ 15.970453] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.971028] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.971460] ================================================================== [ 16.130367] ================================================================== [ 16.131005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 16.131474] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.132160] [ 16.132744] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.132878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.132907] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.132949] Call Trace: [ 16.132994] <TASK> [ 16.133039] dump_stack_lvl+0x73/0xb0 [ 16.133109] print_report+0xd1/0x650 [ 16.133162] ? __virt_addr_valid+0x1db/0x2d0 [ 16.133210] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.133255] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.133295] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.133322] kasan_report+0x141/0x180 [ 16.133345] ? kasan_atomics_helper+0x1f43/0x5450 [ 16.133371] kasan_check_range+0x10c/0x1c0 [ 16.133392] __kasan_check_write+0x18/0x20 [ 16.133412] kasan_atomics_helper+0x1f43/0x5450 [ 16.133435] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.133456] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.133479] ? kasan_atomics+0x152/0x310 [ 16.133502] kasan_atomics+0x1dc/0x310 [ 16.133522] ? __pfx_kasan_atomics+0x10/0x10 [ 16.133548] ? __pfx_read_tsc+0x10/0x10 [ 16.133576] ? ktime_get_ts64+0x86/0x230 [ 16.133602] kunit_try_run_case+0x1a5/0x480 [ 16.133645] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133670] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.133695] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.133718] ? __kthread_parkme+0x82/0x180 [ 16.133741] ? preempt_count_sub+0x50/0x80 [ 16.133766] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.133789] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.133812] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.133834] kthread+0x337/0x6f0 [ 16.133852] ? trace_preempt_on+0x20/0xc0 [ 16.133876] ? __pfx_kthread+0x10/0x10 [ 16.133894] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.133915] ? calculate_sigpending+0x7b/0xa0 [ 16.133984] ? __pfx_kthread+0x10/0x10 [ 16.134003] ret_from_fork+0x41/0x80 [ 16.134025] ? __pfx_kthread+0x10/0x10 [ 16.134044] ret_from_fork_asm+0x1a/0x30 [ 16.134074] </TASK> [ 16.134087] [ 16.145437] Allocated by task 285: [ 16.145696] kasan_save_stack+0x45/0x70 [ 16.146443] kasan_save_track+0x18/0x40 [ 16.146817] kasan_save_alloc_info+0x3b/0x50 [ 16.147240] __kasan_kmalloc+0xb7/0xc0 [ 16.147547] __kmalloc_cache_noprof+0x189/0x420 [ 16.147821] kasan_atomics+0x95/0x310 [ 16.148024] kunit_try_run_case+0x1a5/0x480 [ 16.148188] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.148558] kthread+0x337/0x6f0 [ 16.148758] ret_from_fork+0x41/0x80 [ 16.149067] ret_from_fork_asm+0x1a/0x30 [ 16.149254] [ 16.149699] The buggy address belongs to the object at ffff8881029ef680 [ 16.149699] which belongs to the cache kmalloc-64 of size 64 [ 16.150434] The buggy address is located 0 bytes to the right of [ 16.150434] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.151285] [ 16.151440] The buggy address belongs to the physical page: [ 16.151730] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.152308] flags: 0x200000000000000(node=0|zone=2) [ 16.152720] page_type: f5(slab) [ 16.152907] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.153270] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.153755] page dumped because: kasan: bad access detected [ 16.153998] [ 16.154162] Memory state around the buggy address: [ 16.154499] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.154825] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.155083] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.155603] ^ [ 16.155862] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156103] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.156545] ================================================================== [ 14.743595] ================================================================== [ 14.744047] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 14.744432] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.744850] [ 14.745082] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.745199] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.745229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.745272] Call Trace: [ 14.745319] <TASK> [ 14.745361] dump_stack_lvl+0x73/0xb0 [ 14.745416] print_report+0xd1/0x650 [ 14.745500] ? __virt_addr_valid+0x1db/0x2d0 [ 14.745552] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.745593] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.745682] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.745742] kasan_report+0x141/0x180 [ 14.745800] ? kasan_atomics_helper+0x4b54/0x5450 [ 14.745875] __asan_report_load4_noabort+0x18/0x20 [ 14.745916] kasan_atomics_helper+0x4b54/0x5450 [ 14.745969] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.746014] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.746073] ? kasan_atomics+0x152/0x310 [ 14.746136] kasan_atomics+0x1dc/0x310 [ 14.746173] ? __pfx_kasan_atomics+0x10/0x10 [ 14.746213] ? __pfx_read_tsc+0x10/0x10 [ 14.746251] ? ktime_get_ts64+0x86/0x230 [ 14.746319] kunit_try_run_case+0x1a5/0x480 [ 14.746367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.746404] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.746451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.746497] ? __kthread_parkme+0x82/0x180 [ 14.746564] ? preempt_count_sub+0x50/0x80 [ 14.746613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.746673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.746722] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.746768] kthread+0x337/0x6f0 [ 14.746842] ? trace_preempt_on+0x20/0xc0 [ 14.746887] ? __pfx_kthread+0x10/0x10 [ 14.746943] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.746991] ? calculate_sigpending+0x7b/0xa0 [ 14.747038] ? __pfx_kthread+0x10/0x10 [ 14.747081] ret_from_fork+0x41/0x80 [ 14.747126] ? __pfx_kthread+0x10/0x10 [ 14.747166] ret_from_fork_asm+0x1a/0x30 [ 14.747233] </TASK> [ 14.747259] [ 14.760078] Allocated by task 285: [ 14.760681] kasan_save_stack+0x45/0x70 [ 14.761106] kasan_save_track+0x18/0x40 [ 14.761418] kasan_save_alloc_info+0x3b/0x50 [ 14.761603] __kasan_kmalloc+0xb7/0xc0 [ 14.761918] __kmalloc_cache_noprof+0x189/0x420 [ 14.762131] kasan_atomics+0x95/0x310 [ 14.762353] kunit_try_run_case+0x1a5/0x480 [ 14.763383] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.764118] kthread+0x337/0x6f0 [ 14.764544] ret_from_fork+0x41/0x80 [ 14.764762] ret_from_fork_asm+0x1a/0x30 [ 14.764947] [ 14.765049] The buggy address belongs to the object at ffff8881029ef680 [ 14.765049] which belongs to the cache kmalloc-64 of size 64 [ 14.765893] The buggy address is located 0 bytes to the right of [ 14.765893] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.766367] [ 14.766545] The buggy address belongs to the physical page: [ 14.766818] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.767250] flags: 0x200000000000000(node=0|zone=2) [ 14.768429] page_type: f5(slab) [ 14.768885] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.769507] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.770183] page dumped because: kasan: bad access detected [ 14.770600] [ 14.770780] Memory state around the buggy address: [ 14.771080] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.771360] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.771787] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.772846] ^ [ 14.773034] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774453] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.774987] ================================================================== [ 15.321926] ================================================================== [ 15.322427] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 15.323185] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.323467] [ 15.323744] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.324110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.324162] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.324200] Call Trace: [ 15.324249] <TASK> [ 15.324282] dump_stack_lvl+0x73/0xb0 [ 15.324320] print_report+0xd1/0x650 [ 15.324345] ? __virt_addr_valid+0x1db/0x2d0 [ 15.324367] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.324389] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.324412] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.324433] kasan_report+0x141/0x180 [ 15.324455] ? kasan_atomics_helper+0xfa9/0x5450 [ 15.324480] kasan_check_range+0x10c/0x1c0 [ 15.324500] __kasan_check_write+0x18/0x20 [ 15.324519] kasan_atomics_helper+0xfa9/0x5450 [ 15.324544] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.324575] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.324596] ? kasan_atomics+0x152/0x310 [ 15.324618] kasan_atomics+0x1dc/0x310 [ 15.324656] ? __pfx_kasan_atomics+0x10/0x10 [ 15.324677] ? __pfx_read_tsc+0x10/0x10 [ 15.324696] ? ktime_get_ts64+0x86/0x230 [ 15.324721] kunit_try_run_case+0x1a5/0x480 [ 15.324746] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.324790] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.324813] ? __kthread_parkme+0x82/0x180 [ 15.324835] ? preempt_count_sub+0x50/0x80 [ 15.324859] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.324881] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.324903] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.324925] kthread+0x337/0x6f0 [ 15.324942] ? trace_preempt_on+0x20/0xc0 [ 15.324965] ? __pfx_kthread+0x10/0x10 [ 15.324983] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.325004] ? calculate_sigpending+0x7b/0xa0 [ 15.325025] ? __pfx_kthread+0x10/0x10 [ 15.325043] ret_from_fork+0x41/0x80 [ 15.325063] ? __pfx_kthread+0x10/0x10 [ 15.325081] ret_from_fork_asm+0x1a/0x30 [ 15.325112] </TASK> [ 15.325126] [ 15.334976] Allocated by task 285: [ 15.335319] kasan_save_stack+0x45/0x70 [ 15.335749] kasan_save_track+0x18/0x40 [ 15.336046] kasan_save_alloc_info+0x3b/0x50 [ 15.336356] __kasan_kmalloc+0xb7/0xc0 [ 15.336710] __kmalloc_cache_noprof+0x189/0x420 [ 15.337081] kasan_atomics+0x95/0x310 [ 15.337306] kunit_try_run_case+0x1a5/0x480 [ 15.337713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.338146] kthread+0x337/0x6f0 [ 15.338443] ret_from_fork+0x41/0x80 [ 15.338745] ret_from_fork_asm+0x1a/0x30 [ 15.338935] [ 15.339080] The buggy address belongs to the object at ffff8881029ef680 [ 15.339080] which belongs to the cache kmalloc-64 of size 64 [ 15.340033] The buggy address is located 0 bytes to the right of [ 15.340033] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.340950] [ 15.341179] The buggy address belongs to the physical page: [ 15.341408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.342035] flags: 0x200000000000000(node=0|zone=2) [ 15.342444] page_type: f5(slab) [ 15.342792] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.343180] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.343482] page dumped because: kasan: bad access detected [ 15.344130] [ 15.344231] Memory state around the buggy address: [ 15.344441] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.344965] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.345413] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.345809] ^ [ 15.346134] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.346688] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.347071] ================================================================== [ 15.792984] ================================================================== [ 15.793588] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 15.794065] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.794465] [ 15.794728] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.794863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.794895] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.794937] Call Trace: [ 15.794982] <TASK> [ 15.795023] dump_stack_lvl+0x73/0xb0 [ 15.795082] print_report+0xd1/0x650 [ 15.795161] ? __virt_addr_valid+0x1db/0x2d0 [ 15.795209] ? kasan_atomics_helper+0x177f/0x5450 [ 15.795248] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.795292] ? kasan_atomics_helper+0x177f/0x5450 [ 15.795336] kasan_report+0x141/0x180 [ 15.795410] ? kasan_atomics_helper+0x177f/0x5450 [ 15.795459] kasan_check_range+0x10c/0x1c0 [ 15.795501] __kasan_check_write+0x18/0x20 [ 15.795540] kasan_atomics_helper+0x177f/0x5450 [ 15.795579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.795666] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.795712] ? kasan_atomics+0x152/0x310 [ 15.795757] kasan_atomics+0x1dc/0x310 [ 15.795822] ? __pfx_kasan_atomics+0x10/0x10 [ 15.795867] ? __pfx_read_tsc+0x10/0x10 [ 15.795907] ? ktime_get_ts64+0x86/0x230 [ 15.795945] kunit_try_run_case+0x1a5/0x480 [ 15.795975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.795997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.796021] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.796047] ? __kthread_parkme+0x82/0x180 [ 15.796082] ? preempt_count_sub+0x50/0x80 [ 15.796127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.796200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.796246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.796290] kthread+0x337/0x6f0 [ 15.796326] ? trace_preempt_on+0x20/0xc0 [ 15.796395] ? __pfx_kthread+0x10/0x10 [ 15.796436] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.796476] ? calculate_sigpending+0x7b/0xa0 [ 15.796512] ? __pfx_kthread+0x10/0x10 [ 15.796548] ret_from_fork+0x41/0x80 [ 15.796581] ? __pfx_kthread+0x10/0x10 [ 15.796600] ret_from_fork_asm+0x1a/0x30 [ 15.796646] </TASK> [ 15.796664] [ 15.808612] Allocated by task 285: [ 15.808898] kasan_save_stack+0x45/0x70 [ 15.809432] kasan_save_track+0x18/0x40 [ 15.809614] kasan_save_alloc_info+0x3b/0x50 [ 15.809906] __kasan_kmalloc+0xb7/0xc0 [ 15.810298] __kmalloc_cache_noprof+0x189/0x420 [ 15.810975] kasan_atomics+0x95/0x310 [ 15.811195] kunit_try_run_case+0x1a5/0x480 [ 15.811355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.811820] kthread+0x337/0x6f0 [ 15.812290] ret_from_fork+0x41/0x80 [ 15.812594] ret_from_fork_asm+0x1a/0x30 [ 15.812942] [ 15.813254] The buggy address belongs to the object at ffff8881029ef680 [ 15.813254] which belongs to the cache kmalloc-64 of size 64 [ 15.814086] The buggy address is located 0 bytes to the right of [ 15.814086] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.814989] [ 15.815450] The buggy address belongs to the physical page: [ 15.815868] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.816338] flags: 0x200000000000000(node=0|zone=2) [ 15.816960] page_type: f5(slab) [ 15.817229] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.817801] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.818168] page dumped because: kasan: bad access detected [ 15.818461] [ 15.818578] Memory state around the buggy address: [ 15.819172] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.819773] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.820203] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.820571] ^ [ 15.821043] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.821602] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.822053] ================================================================== [ 15.126960] ================================================================== [ 15.127826] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 15.129210] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.129999] [ 15.130152] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.130218] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.130240] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.130281] Call Trace: [ 15.130322] <TASK> [ 15.130361] dump_stack_lvl+0x73/0xb0 [ 15.130579] print_report+0xd1/0x650 [ 15.130608] ? __virt_addr_valid+0x1db/0x2d0 [ 15.130650] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.130674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.130697] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.130719] kasan_report+0x141/0x180 [ 15.130742] ? kasan_atomics_helper+0xb6a/0x5450 [ 15.130768] kasan_check_range+0x10c/0x1c0 [ 15.130788] __kasan_check_write+0x18/0x20 [ 15.130808] kasan_atomics_helper+0xb6a/0x5450 [ 15.130830] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.130853] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.130875] ? kasan_atomics+0x152/0x310 [ 15.130897] kasan_atomics+0x1dc/0x310 [ 15.130916] ? __pfx_kasan_atomics+0x10/0x10 [ 15.130937] ? __pfx_read_tsc+0x10/0x10 [ 15.130957] ? ktime_get_ts64+0x86/0x230 [ 15.130982] kunit_try_run_case+0x1a5/0x480 [ 15.131007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.131029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.131053] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.131075] ? __kthread_parkme+0x82/0x180 [ 15.131099] ? preempt_count_sub+0x50/0x80 [ 15.131123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.131146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.131169] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.131191] kthread+0x337/0x6f0 [ 15.131209] ? trace_preempt_on+0x20/0xc0 [ 15.131232] ? __pfx_kthread+0x10/0x10 [ 15.131251] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.131272] ? calculate_sigpending+0x7b/0xa0 [ 15.131294] ? __pfx_kthread+0x10/0x10 [ 15.131312] ret_from_fork+0x41/0x80 [ 15.131333] ? __pfx_kthread+0x10/0x10 [ 15.131351] ret_from_fork_asm+0x1a/0x30 [ 15.131381] </TASK> [ 15.131395] [ 15.142762] Allocated by task 285: [ 15.143163] kasan_save_stack+0x45/0x70 [ 15.143586] kasan_save_track+0x18/0x40 [ 15.143957] kasan_save_alloc_info+0x3b/0x50 [ 15.144283] __kasan_kmalloc+0xb7/0xc0 [ 15.144497] __kmalloc_cache_noprof+0x189/0x420 [ 15.144927] kasan_atomics+0x95/0x310 [ 15.145199] kunit_try_run_case+0x1a5/0x480 [ 15.145566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.145790] kthread+0x337/0x6f0 [ 15.145953] ret_from_fork+0x41/0x80 [ 15.146256] ret_from_fork_asm+0x1a/0x30 [ 15.146696] [ 15.146906] The buggy address belongs to the object at ffff8881029ef680 [ 15.146906] which belongs to the cache kmalloc-64 of size 64 [ 15.147762] The buggy address is located 0 bytes to the right of [ 15.147762] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.148515] [ 15.148673] The buggy address belongs to the physical page: [ 15.148874] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.149464] flags: 0x200000000000000(node=0|zone=2) [ 15.149873] page_type: f5(slab) [ 15.150176] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.150614] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.151166] page dumped because: kasan: bad access detected [ 15.151359] [ 15.151561] Memory state around the buggy address: [ 15.151956] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.152453] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.152894] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.153274] ^ [ 15.153752] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154285] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.154738] ================================================================== [ 16.075527] ================================================================== [ 16.076105] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 16.078055] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.078573] [ 16.078789] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.078894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.078922] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.078971] Call Trace: [ 16.079016] <TASK> [ 16.079060] dump_stack_lvl+0x73/0xb0 [ 16.079127] print_report+0xd1/0x650 [ 16.079176] ? __virt_addr_valid+0x1db/0x2d0 [ 16.079223] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.079270] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.079316] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.079343] kasan_report+0x141/0x180 [ 16.079366] ? kasan_atomics_helper+0x1e12/0x5450 [ 16.079392] kasan_check_range+0x10c/0x1c0 [ 16.079412] __kasan_check_write+0x18/0x20 [ 16.079432] kasan_atomics_helper+0x1e12/0x5450 [ 16.079454] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.079476] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.079498] ? kasan_atomics+0x152/0x310 [ 16.079520] kasan_atomics+0x1dc/0x310 [ 16.079539] ? __pfx_kasan_atomics+0x10/0x10 [ 16.079594] ? __pfx_read_tsc+0x10/0x10 [ 16.079655] ? ktime_get_ts64+0x86/0x230 [ 16.079697] kunit_try_run_case+0x1a5/0x480 [ 16.079741] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.079782] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.080178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.081055] ? __kthread_parkme+0x82/0x180 [ 16.081130] ? preempt_count_sub+0x50/0x80 [ 16.081179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.081209] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.081236] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.081259] kthread+0x337/0x6f0 [ 16.081277] ? trace_preempt_on+0x20/0xc0 [ 16.081301] ? __pfx_kthread+0x10/0x10 [ 16.081320] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.081342] ? calculate_sigpending+0x7b/0xa0 [ 16.081364] ? __pfx_kthread+0x10/0x10 [ 16.081383] ret_from_fork+0x41/0x80 [ 16.081404] ? __pfx_kthread+0x10/0x10 [ 16.081425] ret_from_fork_asm+0x1a/0x30 [ 16.081456] </TASK> [ 16.081470] [ 16.091580] Allocated by task 285: [ 16.091911] kasan_save_stack+0x45/0x70 [ 16.092281] kasan_save_track+0x18/0x40 [ 16.092643] kasan_save_alloc_info+0x3b/0x50 [ 16.092997] __kasan_kmalloc+0xb7/0xc0 [ 16.093293] __kmalloc_cache_noprof+0x189/0x420 [ 16.093692] kasan_atomics+0x95/0x310 [ 16.094019] kunit_try_run_case+0x1a5/0x480 [ 16.094348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.094766] kthread+0x337/0x6f0 [ 16.095031] ret_from_fork+0x41/0x80 [ 16.095334] ret_from_fork_asm+0x1a/0x30 [ 16.095682] [ 16.095849] The buggy address belongs to the object at ffff8881029ef680 [ 16.095849] which belongs to the cache kmalloc-64 of size 64 [ 16.096666] The buggy address is located 0 bytes to the right of [ 16.096666] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.097202] [ 16.097357] The buggy address belongs to the physical page: [ 16.097631] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.098184] flags: 0x200000000000000(node=0|zone=2) [ 16.098527] page_type: f5(slab) [ 16.098818] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.099334] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.099687] page dumped because: kasan: bad access detected [ 16.099882] [ 16.099984] Memory state around the buggy address: [ 16.100177] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.100721] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.101228] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.101744] ^ [ 16.102066] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102365] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.102645] ================================================================== [ 15.074686] ================================================================== [ 15.075075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 15.075483] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.076088] [ 15.076317] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.076480] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.076502] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.076740] Call Trace: [ 15.076776] <TASK> [ 15.076815] dump_stack_lvl+0x73/0xb0 [ 15.076883] print_report+0xd1/0x650 [ 15.076927] ? __virt_addr_valid+0x1db/0x2d0 [ 15.076961] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.076994] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.077026] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.077059] kasan_report+0x141/0x180 [ 15.077096] ? kasan_atomics_helper+0xa2b/0x5450 [ 15.077144] kasan_check_range+0x10c/0x1c0 [ 15.077205] __kasan_check_write+0x18/0x20 [ 15.077247] kasan_atomics_helper+0xa2b/0x5450 [ 15.077316] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.077358] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.077382] ? kasan_atomics+0x152/0x310 [ 15.077406] kasan_atomics+0x1dc/0x310 [ 15.077426] ? __pfx_kasan_atomics+0x10/0x10 [ 15.077455] ? __pfx_read_tsc+0x10/0x10 [ 15.077488] ? ktime_get_ts64+0x86/0x230 [ 15.077534] kunit_try_run_case+0x1a5/0x480 [ 15.077641] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.077683] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.077731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.077776] ? __kthread_parkme+0x82/0x180 [ 15.077835] ? preempt_count_sub+0x50/0x80 [ 15.077884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.077930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.077983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.078024] kthread+0x337/0x6f0 [ 15.078044] ? trace_preempt_on+0x20/0xc0 [ 15.078070] ? __pfx_kthread+0x10/0x10 [ 15.078089] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.078112] ? calculate_sigpending+0x7b/0xa0 [ 15.078134] ? __pfx_kthread+0x10/0x10 [ 15.078153] ret_from_fork+0x41/0x80 [ 15.078176] ? __pfx_kthread+0x10/0x10 [ 15.078194] ret_from_fork_asm+0x1a/0x30 [ 15.078225] </TASK> [ 15.078239] [ 15.086987] Allocated by task 285: [ 15.087215] kasan_save_stack+0x45/0x70 [ 15.087417] kasan_save_track+0x18/0x40 [ 15.087768] kasan_save_alloc_info+0x3b/0x50 [ 15.088099] __kasan_kmalloc+0xb7/0xc0 [ 15.088404] __kmalloc_cache_noprof+0x189/0x420 [ 15.088795] kasan_atomics+0x95/0x310 [ 15.089101] kunit_try_run_case+0x1a5/0x480 [ 15.089425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.089863] kthread+0x337/0x6f0 [ 15.090068] ret_from_fork+0x41/0x80 [ 15.090322] ret_from_fork_asm+0x1a/0x30 [ 15.090507] [ 15.090714] The buggy address belongs to the object at ffff8881029ef680 [ 15.090714] which belongs to the cache kmalloc-64 of size 64 [ 15.091464] The buggy address is located 0 bytes to the right of [ 15.091464] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.091875] [ 15.091987] The buggy address belongs to the physical page: [ 15.092184] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.092660] flags: 0x200000000000000(node=0|zone=2) [ 15.093040] page_type: f5(slab) [ 15.093318] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.093860] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.094305] page dumped because: kasan: bad access detected [ 15.094716] [ 15.094821] Memory state around the buggy address: [ 15.095004] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.095242] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.095781] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.097426] ^ [ 15.097931] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098316] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.098946] ================================================================== [ 16.000938] ================================================================== [ 16.001266] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 16.001789] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.002157] [ 16.002356] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.002462] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.002489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.002530] Call Trace: [ 16.002573] <TASK> [ 16.002611] dump_stack_lvl+0x73/0xb0 [ 16.003483] print_report+0xd1/0x650 [ 16.003524] ? __virt_addr_valid+0x1db/0x2d0 [ 16.003560] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.003634] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.003673] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.003708] kasan_report+0x141/0x180 [ 16.003741] ? kasan_atomics_helper+0x4f30/0x5450 [ 16.003768] __asan_report_load8_noabort+0x18/0x20 [ 16.003788] kasan_atomics_helper+0x4f30/0x5450 [ 16.003811] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.003834] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.003857] ? kasan_atomics+0x152/0x310 [ 16.003881] kasan_atomics+0x1dc/0x310 [ 16.003900] ? __pfx_kasan_atomics+0x10/0x10 [ 16.003958] ? __pfx_read_tsc+0x10/0x10 [ 16.003983] ? ktime_get_ts64+0x86/0x230 [ 16.004008] kunit_try_run_case+0x1a5/0x480 [ 16.004035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.004056] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.004080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.004103] ? __kthread_parkme+0x82/0x180 [ 16.004126] ? preempt_count_sub+0x50/0x80 [ 16.004151] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.004173] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.004196] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.004218] kthread+0x337/0x6f0 [ 16.004235] ? trace_preempt_on+0x20/0xc0 [ 16.004260] ? __pfx_kthread+0x10/0x10 [ 16.004278] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.004299] ? calculate_sigpending+0x7b/0xa0 [ 16.004320] ? __pfx_kthread+0x10/0x10 [ 16.004339] ret_from_fork+0x41/0x80 [ 16.004359] ? __pfx_kthread+0x10/0x10 [ 16.004377] ret_from_fork_asm+0x1a/0x30 [ 16.004409] </TASK> [ 16.004422] [ 16.015043] Allocated by task 285: [ 16.015291] kasan_save_stack+0x45/0x70 [ 16.015654] kasan_save_track+0x18/0x40 [ 16.015888] kasan_save_alloc_info+0x3b/0x50 [ 16.016056] __kasan_kmalloc+0xb7/0xc0 [ 16.016223] __kmalloc_cache_noprof+0x189/0x420 [ 16.016409] kasan_atomics+0x95/0x310 [ 16.016573] kunit_try_run_case+0x1a5/0x480 [ 16.016798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.017180] kthread+0x337/0x6f0 [ 16.017449] ret_from_fork+0x41/0x80 [ 16.017787] ret_from_fork_asm+0x1a/0x30 [ 16.018143] [ 16.018309] The buggy address belongs to the object at ffff8881029ef680 [ 16.018309] which belongs to the cache kmalloc-64 of size 64 [ 16.019147] The buggy address is located 0 bytes to the right of [ 16.019147] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.020006] [ 16.020158] The buggy address belongs to the physical page: [ 16.020456] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.020780] flags: 0x200000000000000(node=0|zone=2) [ 16.020993] page_type: f5(slab) [ 16.021280] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.021888] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.022412] page dumped because: kasan: bad access detected [ 16.022870] [ 16.023043] Memory state around the buggy address: [ 16.023238] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.023800] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.024394] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.024991] ^ [ 16.025417] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025833] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.025984] ================================================================== [ 15.922887] ================================================================== [ 15.923554] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 15.924114] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.924602] [ 15.924796] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.924898] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.924926] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.924971] Call Trace: [ 15.925016] <TASK> [ 15.925060] dump_stack_lvl+0x73/0xb0 [ 15.925121] print_report+0xd1/0x650 [ 15.925171] ? __virt_addr_valid+0x1db/0x2d0 [ 15.925220] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925260] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.925300] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925340] kasan_report+0x141/0x180 [ 15.925376] ? kasan_atomics_helper+0x1a7f/0x5450 [ 15.925421] kasan_check_range+0x10c/0x1c0 [ 15.925458] __kasan_check_write+0x18/0x20 [ 15.925494] kasan_atomics_helper+0x1a7f/0x5450 [ 15.925531] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.925610] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.925668] ? kasan_atomics+0x152/0x310 [ 15.925720] kasan_atomics+0x1dc/0x310 [ 15.925763] ? __pfx_kasan_atomics+0x10/0x10 [ 15.925807] ? __pfx_read_tsc+0x10/0x10 [ 15.925850] ? ktime_get_ts64+0x86/0x230 [ 15.925901] kunit_try_run_case+0x1a5/0x480 [ 15.925959] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.926008] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.926060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.926111] ? __kthread_parkme+0x82/0x180 [ 15.926160] ? preempt_count_sub+0x50/0x80 [ 15.926204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.926243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.926285] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.926327] kthread+0x337/0x6f0 [ 15.926364] ? trace_preempt_on+0x20/0xc0 [ 15.926412] ? __pfx_kthread+0x10/0x10 [ 15.926451] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.926496] ? calculate_sigpending+0x7b/0xa0 [ 15.926571] ? __pfx_kthread+0x10/0x10 [ 15.926616] ret_from_fork+0x41/0x80 [ 15.926675] ? __pfx_kthread+0x10/0x10 [ 15.926715] ret_from_fork_asm+0x1a/0x30 [ 15.926781] </TASK> [ 15.926809] [ 15.935713] Allocated by task 285: [ 15.935941] kasan_save_stack+0x45/0x70 [ 15.936233] kasan_save_track+0x18/0x40 [ 15.936477] kasan_save_alloc_info+0x3b/0x50 [ 15.936823] __kasan_kmalloc+0xb7/0xc0 [ 15.937088] __kmalloc_cache_noprof+0x189/0x420 [ 15.937377] kasan_atomics+0x95/0x310 [ 15.937677] kunit_try_run_case+0x1a5/0x480 [ 15.937900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.938133] kthread+0x337/0x6f0 [ 15.938437] ret_from_fork+0x41/0x80 [ 15.938762] ret_from_fork_asm+0x1a/0x30 [ 15.939004] [ 15.939105] The buggy address belongs to the object at ffff8881029ef680 [ 15.939105] which belongs to the cache kmalloc-64 of size 64 [ 15.939468] The buggy address is located 0 bytes to the right of [ 15.939468] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.940287] [ 15.940458] The buggy address belongs to the physical page: [ 15.940766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.941067] flags: 0x200000000000000(node=0|zone=2) [ 15.941273] page_type: f5(slab) [ 15.941448] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.941743] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.941999] page dumped because: kasan: bad access detected [ 15.942197] [ 15.942304] Memory state around the buggy address: [ 15.942661] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943170] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.943697] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.944154] ^ [ 15.944507] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.944993] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.945464] ================================================================== [ 15.294323] ================================================================== [ 15.294840] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 15.295186] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.295662] [ 15.295909] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.296010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.296032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.296074] Call Trace: [ 15.296154] <TASK> [ 15.296198] dump_stack_lvl+0x73/0xb0 [ 15.296260] print_report+0xd1/0x650 [ 15.296306] ? __virt_addr_valid+0x1db/0x2d0 [ 15.296379] ? kasan_atomics_helper+0xf10/0x5450 [ 15.296422] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.296468] ? kasan_atomics_helper+0xf10/0x5450 [ 15.296511] kasan_report+0x141/0x180 [ 15.296580] ? kasan_atomics_helper+0xf10/0x5450 [ 15.296644] kasan_check_range+0x10c/0x1c0 [ 15.296691] __kasan_check_write+0x18/0x20 [ 15.296726] kasan_atomics_helper+0xf10/0x5450 [ 15.296773] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.296848] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.296894] ? kasan_atomics+0x152/0x310 [ 15.296941] kasan_atomics+0x1dc/0x310 [ 15.296971] ? __pfx_kasan_atomics+0x10/0x10 [ 15.297006] ? __pfx_read_tsc+0x10/0x10 [ 15.297043] ? ktime_get_ts64+0x86/0x230 [ 15.297116] kunit_try_run_case+0x1a5/0x480 [ 15.297184] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.297222] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.297265] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.297307] ? __kthread_parkme+0x82/0x180 [ 15.297351] ? preempt_count_sub+0x50/0x80 [ 15.297402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.297441] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.297466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.297488] kthread+0x337/0x6f0 [ 15.297506] ? trace_preempt_on+0x20/0xc0 [ 15.297530] ? __pfx_kthread+0x10/0x10 [ 15.297573] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.297594] ? calculate_sigpending+0x7b/0xa0 [ 15.297615] ? __pfx_kthread+0x10/0x10 [ 15.297654] ret_from_fork+0x41/0x80 [ 15.297675] ? __pfx_kthread+0x10/0x10 [ 15.297694] ret_from_fork_asm+0x1a/0x30 [ 15.297724] </TASK> [ 15.297738] [ 15.307221] Allocated by task 285: [ 15.307610] kasan_save_stack+0x45/0x70 [ 15.307922] kasan_save_track+0x18/0x40 [ 15.308253] kasan_save_alloc_info+0x3b/0x50 [ 15.308511] __kasan_kmalloc+0xb7/0xc0 [ 15.309043] __kmalloc_cache_noprof+0x189/0x420 [ 15.309491] kasan_atomics+0x95/0x310 [ 15.309869] kunit_try_run_case+0x1a5/0x480 [ 15.310079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.310355] kthread+0x337/0x6f0 [ 15.311246] ret_from_fork+0x41/0x80 [ 15.311467] ret_from_fork_asm+0x1a/0x30 [ 15.311652] [ 15.312434] The buggy address belongs to the object at ffff8881029ef680 [ 15.312434] which belongs to the cache kmalloc-64 of size 64 [ 15.313130] The buggy address is located 0 bytes to the right of [ 15.313130] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.314268] [ 15.314397] The buggy address belongs to the physical page: [ 15.314741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.315056] flags: 0x200000000000000(node=0|zone=2) [ 15.315303] page_type: f5(slab) [ 15.315560] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.316424] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.316792] page dumped because: kasan: bad access detected [ 15.317170] [ 15.317276] Memory state around the buggy address: [ 15.317637] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.317904] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.318452] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.318884] ^ [ 15.319281] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319578] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.319869] ================================================================== [ 16.334983] ================================================================== [ 16.335747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 16.336063] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.336321] [ 16.336461] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.336569] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.336595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.336654] Call Trace: [ 16.336702] <TASK> [ 16.336743] dump_stack_lvl+0x73/0xb0 [ 16.336794] print_report+0xd1/0x650 [ 16.336833] ? __virt_addr_valid+0x1db/0x2d0 [ 16.336866] ? kasan_atomics_helper+0x224c/0x5450 [ 16.336904] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.336946] ? kasan_atomics_helper+0x224c/0x5450 [ 16.337013] kasan_report+0x141/0x180 [ 16.337057] ? kasan_atomics_helper+0x224c/0x5450 [ 16.337121] kasan_check_range+0x10c/0x1c0 [ 16.337173] __kasan_check_write+0x18/0x20 [ 16.337223] kasan_atomics_helper+0x224c/0x5450 [ 16.337265] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.337306] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.337350] ? kasan_atomics+0x152/0x310 [ 16.337409] kasan_atomics+0x1dc/0x310 [ 16.337460] ? __pfx_kasan_atomics+0x10/0x10 [ 16.337512] ? __pfx_read_tsc+0x10/0x10 [ 16.337548] ? ktime_get_ts64+0x86/0x230 [ 16.337589] kunit_try_run_case+0x1a5/0x480 [ 16.337648] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.337687] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.337735] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.337783] ? __kthread_parkme+0x82/0x180 [ 16.337829] ? preempt_count_sub+0x50/0x80 [ 16.337882] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.337933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.337994] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.338043] kthread+0x337/0x6f0 [ 16.338083] ? trace_preempt_on+0x20/0xc0 [ 16.338134] ? __pfx_kthread+0x10/0x10 [ 16.338177] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.338225] ? calculate_sigpending+0x7b/0xa0 [ 16.338264] ? __pfx_kthread+0x10/0x10 [ 16.338300] ret_from_fork+0x41/0x80 [ 16.338342] ? __pfx_kthread+0x10/0x10 [ 16.338403] ret_from_fork_asm+0x1a/0x30 [ 16.338471] </TASK> [ 16.338496] [ 16.348468] Allocated by task 285: [ 16.348732] kasan_save_stack+0x45/0x70 [ 16.349092] kasan_save_track+0x18/0x40 [ 16.349293] kasan_save_alloc_info+0x3b/0x50 [ 16.349490] __kasan_kmalloc+0xb7/0xc0 [ 16.349692] __kmalloc_cache_noprof+0x189/0x420 [ 16.349977] kasan_atomics+0x95/0x310 [ 16.350247] kunit_try_run_case+0x1a5/0x480 [ 16.350573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.351124] kthread+0x337/0x6f0 [ 16.351388] ret_from_fork+0x41/0x80 [ 16.351703] ret_from_fork_asm+0x1a/0x30 [ 16.351948] [ 16.352055] The buggy address belongs to the object at ffff8881029ef680 [ 16.352055] which belongs to the cache kmalloc-64 of size 64 [ 16.352812] The buggy address is located 0 bytes to the right of [ 16.352812] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.353454] [ 16.353650] The buggy address belongs to the physical page: [ 16.354031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.354468] flags: 0x200000000000000(node=0|zone=2) [ 16.354795] page_type: f5(slab) [ 16.355101] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.355388] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.355764] page dumped because: kasan: bad access detected [ 16.356080] [ 16.356231] Memory state around the buggy address: [ 16.356596] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.356972] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.357234] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.357468] ^ [ 16.357790] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358313] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.358865] ================================================================== [ 16.104253] ================================================================== [ 16.104887] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 16.105433] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.105952] [ 16.106165] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.106273] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.106300] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.106397] Call Trace: [ 16.106446] <TASK> [ 16.106487] dump_stack_lvl+0x73/0xb0 [ 16.106591] print_report+0xd1/0x650 [ 16.106655] ? __virt_addr_valid+0x1db/0x2d0 [ 16.106718] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.106764] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.106808] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.106856] kasan_report+0x141/0x180 [ 16.106905] ? kasan_atomics_helper+0x1eaa/0x5450 [ 16.106963] kasan_check_range+0x10c/0x1c0 [ 16.107004] __kasan_check_write+0x18/0x20 [ 16.107043] kasan_atomics_helper+0x1eaa/0x5450 [ 16.107107] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.107151] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.107193] ? kasan_atomics+0x152/0x310 [ 16.107242] kasan_atomics+0x1dc/0x310 [ 16.107269] ? __pfx_kasan_atomics+0x10/0x10 [ 16.107301] ? __pfx_read_tsc+0x10/0x10 [ 16.107337] ? ktime_get_ts64+0x86/0x230 [ 16.107385] kunit_try_run_case+0x1a5/0x480 [ 16.107452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.107496] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.107573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.107658] ? __kthread_parkme+0x82/0x180 [ 16.107705] ? preempt_count_sub+0x50/0x80 [ 16.107755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.107800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.107841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.107864] kthread+0x337/0x6f0 [ 16.107882] ? trace_preempt_on+0x20/0xc0 [ 16.107906] ? __pfx_kthread+0x10/0x10 [ 16.107924] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.107946] ? calculate_sigpending+0x7b/0xa0 [ 16.107966] ? __pfx_kthread+0x10/0x10 [ 16.107984] ret_from_fork+0x41/0x80 [ 16.108005] ? __pfx_kthread+0x10/0x10 [ 16.108022] ret_from_fork_asm+0x1a/0x30 [ 16.108051] </TASK> [ 16.108065] [ 16.117387] Allocated by task 285: [ 16.117699] kasan_save_stack+0x45/0x70 [ 16.118100] kasan_save_track+0x18/0x40 [ 16.118356] kasan_save_alloc_info+0x3b/0x50 [ 16.118671] __kasan_kmalloc+0xb7/0xc0 [ 16.118954] __kmalloc_cache_noprof+0x189/0x420 [ 16.119281] kasan_atomics+0x95/0x310 [ 16.119612] kunit_try_run_case+0x1a5/0x480 [ 16.119894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.120178] kthread+0x337/0x6f0 [ 16.120458] ret_from_fork+0x41/0x80 [ 16.120706] ret_from_fork_asm+0x1a/0x30 [ 16.121011] [ 16.121191] The buggy address belongs to the object at ffff8881029ef680 [ 16.121191] which belongs to the cache kmalloc-64 of size 64 [ 16.121769] The buggy address is located 0 bytes to the right of [ 16.121769] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.122402] [ 16.122571] The buggy address belongs to the physical page: [ 16.122827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.123138] flags: 0x200000000000000(node=0|zone=2) [ 16.123381] page_type: f5(slab) [ 16.123699] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.124253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.124743] page dumped because: kasan: bad access detected [ 16.125105] [ 16.125265] Memory state around the buggy address: [ 16.125633] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126112] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.126607] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.127020] ^ [ 16.127298] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.127535] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.128009] ================================================================== [ 15.634840] ================================================================== [ 15.635499] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 15.636147] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.636500] [ 15.636725] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.636830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.636855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.636894] Call Trace: [ 15.636937] <TASK> [ 15.636976] dump_stack_lvl+0x73/0xb0 [ 15.637036] print_report+0xd1/0x650 [ 15.637086] ? __virt_addr_valid+0x1db/0x2d0 [ 15.637131] ? kasan_atomics_helper+0x1467/0x5450 [ 15.637177] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.637222] ? kasan_atomics_helper+0x1467/0x5450 [ 15.637268] kasan_report+0x141/0x180 [ 15.637304] ? kasan_atomics_helper+0x1467/0x5450 [ 15.637339] kasan_check_range+0x10c/0x1c0 [ 15.637360] __kasan_check_write+0x18/0x20 [ 15.637379] kasan_atomics_helper+0x1467/0x5450 [ 15.637401] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.637423] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.637445] ? kasan_atomics+0x152/0x310 [ 15.637467] kasan_atomics+0x1dc/0x310 [ 15.637486] ? __pfx_kasan_atomics+0x10/0x10 [ 15.637507] ? __pfx_read_tsc+0x10/0x10 [ 15.637527] ? ktime_get_ts64+0x86/0x230 [ 15.637581] kunit_try_run_case+0x1a5/0x480 [ 15.637608] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.637645] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.637671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.637694] ? __kthread_parkme+0x82/0x180 [ 15.637715] ? preempt_count_sub+0x50/0x80 [ 15.637740] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.637762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.637785] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.637808] kthread+0x337/0x6f0 [ 15.637825] ? trace_preempt_on+0x20/0xc0 [ 15.637849] ? __pfx_kthread+0x10/0x10 [ 15.637866] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.637887] ? calculate_sigpending+0x7b/0xa0 [ 15.637909] ? __pfx_kthread+0x10/0x10 [ 15.637929] ret_from_fork+0x41/0x80 [ 15.637961] ? __pfx_kthread+0x10/0x10 [ 15.637984] ret_from_fork_asm+0x1a/0x30 [ 15.638016] </TASK> [ 15.638030] [ 15.648381] Allocated by task 285: [ 15.648828] kasan_save_stack+0x45/0x70 [ 15.649061] kasan_save_track+0x18/0x40 [ 15.649325] kasan_save_alloc_info+0x3b/0x50 [ 15.649771] __kasan_kmalloc+0xb7/0xc0 [ 15.650015] __kmalloc_cache_noprof+0x189/0x420 [ 15.650330] kasan_atomics+0x95/0x310 [ 15.650572] kunit_try_run_case+0x1a5/0x480 [ 15.650893] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.651344] kthread+0x337/0x6f0 [ 15.651603] ret_from_fork+0x41/0x80 [ 15.651882] ret_from_fork_asm+0x1a/0x30 [ 15.652112] [ 15.652321] The buggy address belongs to the object at ffff8881029ef680 [ 15.652321] which belongs to the cache kmalloc-64 of size 64 [ 15.652964] The buggy address is located 0 bytes to the right of [ 15.652964] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.653817] [ 15.653987] The buggy address belongs to the physical page: [ 15.654391] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.654938] flags: 0x200000000000000(node=0|zone=2) [ 15.655246] page_type: f5(slab) [ 15.655529] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.655917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.656367] page dumped because: kasan: bad access detected [ 15.656679] [ 15.656784] Memory state around the buggy address: [ 15.657184] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.657634] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.657886] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.658370] ^ [ 15.658764] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659575] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.659817] ================================================================== [ 15.713052] ================================================================== [ 15.713757] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 15.714356] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.714954] [ 15.715145] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.715233] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.715258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.715306] Call Trace: [ 15.715352] <TASK> [ 15.715393] dump_stack_lvl+0x73/0xb0 [ 15.715456] print_report+0xd1/0x650 [ 15.715506] ? __virt_addr_valid+0x1db/0x2d0 [ 15.715550] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.715595] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.715656] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.715705] kasan_report+0x141/0x180 [ 15.715754] ? kasan_atomics_helper+0x15b6/0x5450 [ 15.715799] kasan_check_range+0x10c/0x1c0 [ 15.715841] __kasan_check_write+0x18/0x20 [ 15.715884] kasan_atomics_helper+0x15b6/0x5450 [ 15.715933] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.715982] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.716030] ? kasan_atomics+0x152/0x310 [ 15.716082] kasan_atomics+0x1dc/0x310 [ 15.716126] ? __pfx_kasan_atomics+0x10/0x10 [ 15.716171] ? __pfx_read_tsc+0x10/0x10 [ 15.716206] ? ktime_get_ts64+0x86/0x230 [ 15.716247] kunit_try_run_case+0x1a5/0x480 [ 15.716332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.716439] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.716488] ? __kthread_parkme+0x82/0x180 [ 15.716534] ? preempt_count_sub+0x50/0x80 [ 15.716584] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.716675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.716724] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.716769] kthread+0x337/0x6f0 [ 15.716801] ? trace_preempt_on+0x20/0xc0 [ 15.716840] ? __pfx_kthread+0x10/0x10 [ 15.716872] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.716914] ? calculate_sigpending+0x7b/0xa0 [ 15.716957] ? __pfx_kthread+0x10/0x10 [ 15.716998] ret_from_fork+0x41/0x80 [ 15.717039] ? __pfx_kthread+0x10/0x10 [ 15.717079] ret_from_fork_asm+0x1a/0x30 [ 15.717146] </TASK> [ 15.717173] [ 15.727391] Allocated by task 285: [ 15.727827] kasan_save_stack+0x45/0x70 [ 15.728167] kasan_save_track+0x18/0x40 [ 15.728475] kasan_save_alloc_info+0x3b/0x50 [ 15.728920] __kasan_kmalloc+0xb7/0xc0 [ 15.729164] __kmalloc_cache_noprof+0x189/0x420 [ 15.729357] kasan_atomics+0x95/0x310 [ 15.729522] kunit_try_run_case+0x1a5/0x480 [ 15.729709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.729917] kthread+0x337/0x6f0 [ 15.730087] ret_from_fork+0x41/0x80 [ 15.730262] ret_from_fork_asm+0x1a/0x30 [ 15.730438] [ 15.730561] The buggy address belongs to the object at ffff8881029ef680 [ 15.730561] which belongs to the cache kmalloc-64 of size 64 [ 15.731369] The buggy address is located 0 bytes to the right of [ 15.731369] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.732151] [ 15.732317] The buggy address belongs to the physical page: [ 15.732708] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.733235] flags: 0x200000000000000(node=0|zone=2) [ 15.733672] page_type: f5(slab) [ 15.734092] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.734657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.734983] page dumped because: kasan: bad access detected [ 15.735179] [ 15.735282] Memory state around the buggy address: [ 15.735471] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.735966] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.736508] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.737070] ^ [ 15.737433] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.737987] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.738219] ================================================================== [ 16.157681] ================================================================== [ 16.158037] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 16.159082] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.159427] [ 16.159619] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.159731] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.159754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.159796] Call Trace: [ 16.159839] <TASK> [ 16.159879] dump_stack_lvl+0x73/0xb0 [ 16.159943] print_report+0xd1/0x650 [ 16.159992] ? __virt_addr_valid+0x1db/0x2d0 [ 16.160036] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.160073] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.160112] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.160154] kasan_report+0x141/0x180 [ 16.160200] ? kasan_atomics_helper+0x4f71/0x5450 [ 16.160254] __asan_report_load8_noabort+0x18/0x20 [ 16.160301] kasan_atomics_helper+0x4f71/0x5450 [ 16.160352] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.160399] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.160446] ? kasan_atomics+0x152/0x310 [ 16.160497] kasan_atomics+0x1dc/0x310 [ 16.160534] ? __pfx_kasan_atomics+0x10/0x10 [ 16.160581] ? __pfx_read_tsc+0x10/0x10 [ 16.160619] ? ktime_get_ts64+0x86/0x230 [ 16.160684] kunit_try_run_case+0x1a5/0x480 [ 16.160733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.160823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.160863] ? __kthread_parkme+0x82/0x180 [ 16.160900] ? preempt_count_sub+0x50/0x80 [ 16.160945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.160992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.161042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.161091] kthread+0x337/0x6f0 [ 16.161115] ? trace_preempt_on+0x20/0xc0 [ 16.161140] ? __pfx_kthread+0x10/0x10 [ 16.161158] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.161180] ? calculate_sigpending+0x7b/0xa0 [ 16.161204] ? __pfx_kthread+0x10/0x10 [ 16.161223] ret_from_fork+0x41/0x80 [ 16.161243] ? __pfx_kthread+0x10/0x10 [ 16.161262] ret_from_fork_asm+0x1a/0x30 [ 16.161293] </TASK> [ 16.161307] [ 16.169446] Allocated by task 285: [ 16.169778] kasan_save_stack+0x45/0x70 [ 16.170124] kasan_save_track+0x18/0x40 [ 16.170398] kasan_save_alloc_info+0x3b/0x50 [ 16.170818] __kasan_kmalloc+0xb7/0xc0 [ 16.171116] __kmalloc_cache_noprof+0x189/0x420 [ 16.171411] kasan_atomics+0x95/0x310 [ 16.171704] kunit_try_run_case+0x1a5/0x480 [ 16.171923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.172199] kthread+0x337/0x6f0 [ 16.172423] ret_from_fork+0x41/0x80 [ 16.172657] ret_from_fork_asm+0x1a/0x30 [ 16.172955] [ 16.173095] The buggy address belongs to the object at ffff8881029ef680 [ 16.173095] which belongs to the cache kmalloc-64 of size 64 [ 16.173541] The buggy address is located 0 bytes to the right of [ 16.173541] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.174250] [ 16.174353] The buggy address belongs to the physical page: [ 16.174688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.175016] flags: 0x200000000000000(node=0|zone=2) [ 16.175220] page_type: f5(slab) [ 16.175393] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.175657] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.175901] page dumped because: kasan: bad access detected [ 16.176094] [ 16.176193] Memory state around the buggy address: [ 16.176525] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.177175] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.177673] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.178307] ^ [ 16.178676] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.179151] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.179599] ================================================================== [ 15.100349] ================================================================== [ 15.100828] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 15.101546] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.102052] [ 15.102742] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.102863] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.102923] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.102967] Call Trace: [ 15.103014] <TASK> [ 15.103056] dump_stack_lvl+0x73/0xb0 [ 15.103126] print_report+0xd1/0x650 [ 15.103186] ? __virt_addr_valid+0x1db/0x2d0 [ 15.103246] ? kasan_atomics_helper+0xac7/0x5450 [ 15.103296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.103340] ? kasan_atomics_helper+0xac7/0x5450 [ 15.103378] kasan_report+0x141/0x180 [ 15.103403] ? kasan_atomics_helper+0xac7/0x5450 [ 15.103429] kasan_check_range+0x10c/0x1c0 [ 15.103450] __kasan_check_write+0x18/0x20 [ 15.103470] kasan_atomics_helper+0xac7/0x5450 [ 15.103492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.103514] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.103544] ? kasan_atomics+0x152/0x310 [ 15.103578] kasan_atomics+0x1dc/0x310 [ 15.103599] ? __pfx_kasan_atomics+0x10/0x10 [ 15.103619] ? __pfx_read_tsc+0x10/0x10 [ 15.103658] ? ktime_get_ts64+0x86/0x230 [ 15.103684] kunit_try_run_case+0x1a5/0x480 [ 15.103709] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.103730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.103754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.103776] ? __kthread_parkme+0x82/0x180 [ 15.103799] ? preempt_count_sub+0x50/0x80 [ 15.103824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.103846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.103868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.103890] kthread+0x337/0x6f0 [ 15.103944] ? trace_preempt_on+0x20/0xc0 [ 15.103971] ? __pfx_kthread+0x10/0x10 [ 15.103989] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.104011] ? calculate_sigpending+0x7b/0xa0 [ 15.104034] ? __pfx_kthread+0x10/0x10 [ 15.104052] ret_from_fork+0x41/0x80 [ 15.104072] ? __pfx_kthread+0x10/0x10 [ 15.104089] ret_from_fork_asm+0x1a/0x30 [ 15.104119] </TASK> [ 15.104133] [ 15.113644] Allocated by task 285: [ 15.114019] kasan_save_stack+0x45/0x70 [ 15.114256] kasan_save_track+0x18/0x40 [ 15.114548] kasan_save_alloc_info+0x3b/0x50 [ 15.115045] __kasan_kmalloc+0xb7/0xc0 [ 15.115335] __kmalloc_cache_noprof+0x189/0x420 [ 15.115911] kasan_atomics+0x95/0x310 [ 15.117084] kunit_try_run_case+0x1a5/0x480 [ 15.117516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.118131] kthread+0x337/0x6f0 [ 15.118445] ret_from_fork+0x41/0x80 [ 15.118757] ret_from_fork_asm+0x1a/0x30 [ 15.118953] [ 15.119126] The buggy address belongs to the object at ffff8881029ef680 [ 15.119126] which belongs to the cache kmalloc-64 of size 64 [ 15.119585] The buggy address is located 0 bytes to the right of [ 15.119585] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.120228] [ 15.120401] The buggy address belongs to the physical page: [ 15.120857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.121181] flags: 0x200000000000000(node=0|zone=2) [ 15.121523] page_type: f5(slab) [ 15.121840] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.122115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.122668] page dumped because: kasan: bad access detected [ 15.122969] [ 15.123100] Memory state around the buggy address: [ 15.123412] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.123777] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.124045] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.124433] ^ [ 15.124841] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125221] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.125519] ================================================================== [ 14.682146] ================================================================== [ 14.683379] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 14.683926] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.684250] [ 14.684495] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.684591] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.684617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.684672] Call Trace: [ 14.684716] <TASK> [ 14.684756] dump_stack_lvl+0x73/0xb0 [ 14.684843] print_report+0xd1/0x650 [ 14.684887] ? __virt_addr_valid+0x1db/0x2d0 [ 14.684930] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.684973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.685030] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.685074] kasan_report+0x141/0x180 [ 14.685118] ? kasan_atomics_helper+0x4b6e/0x5450 [ 14.685170] __asan_report_store4_noabort+0x1b/0x30 [ 14.685215] kasan_atomics_helper+0x4b6e/0x5450 [ 14.685256] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.685525] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.685598] ? kasan_atomics+0x152/0x310 [ 14.685717] kasan_atomics+0x1dc/0x310 [ 14.685745] ? __pfx_kasan_atomics+0x10/0x10 [ 14.685767] ? __pfx_read_tsc+0x10/0x10 [ 14.685788] ? ktime_get_ts64+0x86/0x230 [ 14.685813] kunit_try_run_case+0x1a5/0x480 [ 14.685840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.685862] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.685887] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.685911] ? __kthread_parkme+0x82/0x180 [ 14.685933] ? preempt_count_sub+0x50/0x80 [ 14.685972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.685996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.686020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.686043] kthread+0x337/0x6f0 [ 14.686062] ? trace_preempt_on+0x20/0xc0 [ 14.686086] ? __pfx_kthread+0x10/0x10 [ 14.686105] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.686126] ? calculate_sigpending+0x7b/0xa0 [ 14.686148] ? __pfx_kthread+0x10/0x10 [ 14.686168] ret_from_fork+0x41/0x80 [ 14.686189] ? __pfx_kthread+0x10/0x10 [ 14.686210] ret_from_fork_asm+0x1a/0x30 [ 14.686241] </TASK> [ 14.686254] [ 14.699037] Allocated by task 285: [ 14.699283] kasan_save_stack+0x45/0x70 [ 14.699510] kasan_save_track+0x18/0x40 [ 14.700289] kasan_save_alloc_info+0x3b/0x50 [ 14.700518] __kasan_kmalloc+0xb7/0xc0 [ 14.700704] __kmalloc_cache_noprof+0x189/0x420 [ 14.701423] kasan_atomics+0x95/0x310 [ 14.701832] kunit_try_run_case+0x1a5/0x480 [ 14.702184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.702584] kthread+0x337/0x6f0 [ 14.702754] ret_from_fork+0x41/0x80 [ 14.703413] ret_from_fork_asm+0x1a/0x30 [ 14.703788] [ 14.703928] The buggy address belongs to the object at ffff8881029ef680 [ 14.703928] which belongs to the cache kmalloc-64 of size 64 [ 14.705197] The buggy address is located 0 bytes to the right of [ 14.705197] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.705580] [ 14.705681] The buggy address belongs to the physical page: [ 14.705822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.706929] flags: 0x200000000000000(node=0|zone=2) [ 14.707213] page_type: f5(slab) [ 14.707986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.708217] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.709082] page dumped because: kasan: bad access detected [ 14.709485] [ 14.709642] Memory state around the buggy address: [ 14.709888] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.710679] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.711711] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.711980] ^ [ 14.712169] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.713025] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.713361] ================================================================== [ 14.958411] ================================================================== [ 14.958753] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 14.959349] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.959992] [ 14.960190] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.960295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.960322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.960370] Call Trace: [ 14.960418] <TASK> [ 14.960460] dump_stack_lvl+0x73/0xb0 [ 14.960518] print_report+0xd1/0x650 [ 14.960573] ? __virt_addr_valid+0x1db/0x2d0 [ 14.960609] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.960661] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.960698] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.960728] kasan_report+0x141/0x180 [ 14.960761] ? kasan_atomics_helper+0x7c7/0x5450 [ 14.960799] kasan_check_range+0x10c/0x1c0 [ 14.960834] __kasan_check_write+0x18/0x20 [ 14.960909] kasan_atomics_helper+0x7c7/0x5450 [ 14.960966] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.961032] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.961107] ? kasan_atomics+0x152/0x310 [ 14.961163] kasan_atomics+0x1dc/0x310 [ 14.961207] ? __pfx_kasan_atomics+0x10/0x10 [ 14.961252] ? __pfx_read_tsc+0x10/0x10 [ 14.961294] ? ktime_get_ts64+0x86/0x230 [ 14.961345] kunit_try_run_case+0x1a5/0x480 [ 14.961397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.961436] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.961484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.961550] ? __kthread_parkme+0x82/0x180 [ 14.961591] ? preempt_count_sub+0x50/0x80 [ 14.961664] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.961729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.961779] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.961817] kthread+0x337/0x6f0 [ 14.961849] ? trace_preempt_on+0x20/0xc0 [ 14.961894] ? __pfx_kthread+0x10/0x10 [ 14.961964] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.962021] ? calculate_sigpending+0x7b/0xa0 [ 14.962069] ? __pfx_kthread+0x10/0x10 [ 14.962113] ret_from_fork+0x41/0x80 [ 14.962159] ? __pfx_kthread+0x10/0x10 [ 14.962199] ret_from_fork_asm+0x1a/0x30 [ 14.962256] </TASK> [ 14.962280] [ 14.975294] Allocated by task 285: [ 14.975662] kasan_save_stack+0x45/0x70 [ 14.976053] kasan_save_track+0x18/0x40 [ 14.976393] kasan_save_alloc_info+0x3b/0x50 [ 14.976904] __kasan_kmalloc+0xb7/0xc0 [ 14.977249] __kmalloc_cache_noprof+0x189/0x420 [ 14.977721] kasan_atomics+0x95/0x310 [ 14.977893] kunit_try_run_case+0x1a5/0x480 [ 14.978232] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.978689] kthread+0x337/0x6f0 [ 14.979008] ret_from_fork+0x41/0x80 [ 14.979280] ret_from_fork_asm+0x1a/0x30 [ 14.979755] [ 14.979856] The buggy address belongs to the object at ffff8881029ef680 [ 14.979856] which belongs to the cache kmalloc-64 of size 64 [ 14.980611] The buggy address is located 0 bytes to the right of [ 14.980611] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.981741] [ 14.981896] The buggy address belongs to the physical page: [ 14.982191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.983109] flags: 0x200000000000000(node=0|zone=2) [ 14.983448] page_type: f5(slab) [ 14.983834] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.984219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.984586] page dumped because: kasan: bad access detected [ 14.985064] [ 14.985239] Memory state around the buggy address: [ 14.985738] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986103] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.986775] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.987257] ^ [ 14.988240] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.988488] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.989187] ================================================================== [ 15.480595] ================================================================== [ 15.480866] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 15.481461] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.482223] [ 15.482473] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.482590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.482616] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.482674] Call Trace: [ 15.482749] <TASK> [ 15.482804] dump_stack_lvl+0x73/0xb0 [ 15.482862] print_report+0xd1/0x650 [ 15.482888] ? __virt_addr_valid+0x1db/0x2d0 [ 15.482911] ? kasan_atomics_helper+0x1217/0x5450 [ 15.482932] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.482955] ? kasan_atomics_helper+0x1217/0x5450 [ 15.482976] kasan_report+0x141/0x180 [ 15.483008] ? kasan_atomics_helper+0x1217/0x5450 [ 15.483042] kasan_check_range+0x10c/0x1c0 [ 15.483062] __kasan_check_write+0x18/0x20 [ 15.483081] kasan_atomics_helper+0x1217/0x5450 [ 15.483103] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.483124] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.483146] ? kasan_atomics+0x152/0x310 [ 15.483168] kasan_atomics+0x1dc/0x310 [ 15.483186] ? __pfx_kasan_atomics+0x10/0x10 [ 15.483206] ? __pfx_read_tsc+0x10/0x10 [ 15.483226] ? ktime_get_ts64+0x86/0x230 [ 15.483251] kunit_try_run_case+0x1a5/0x480 [ 15.483275] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483296] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.483319] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.483340] ? __kthread_parkme+0x82/0x180 [ 15.483362] ? preempt_count_sub+0x50/0x80 [ 15.483385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.483407] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.483429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.483450] kthread+0x337/0x6f0 [ 15.483466] ? trace_preempt_on+0x20/0xc0 [ 15.483489] ? __pfx_kthread+0x10/0x10 [ 15.483506] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.483527] ? calculate_sigpending+0x7b/0xa0 [ 15.483567] ? __pfx_kthread+0x10/0x10 [ 15.483586] ret_from_fork+0x41/0x80 [ 15.483606] ? __pfx_kthread+0x10/0x10 [ 15.483640] ret_from_fork_asm+0x1a/0x30 [ 15.483672] </TASK> [ 15.483686] [ 15.493100] Allocated by task 285: [ 15.493486] kasan_save_stack+0x45/0x70 [ 15.493878] kasan_save_track+0x18/0x40 [ 15.494277] kasan_save_alloc_info+0x3b/0x50 [ 15.494712] __kasan_kmalloc+0xb7/0xc0 [ 15.495015] __kmalloc_cache_noprof+0x189/0x420 [ 15.495395] kasan_atomics+0x95/0x310 [ 15.495746] kunit_try_run_case+0x1a5/0x480 [ 15.496108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.496573] kthread+0x337/0x6f0 [ 15.496883] ret_from_fork+0x41/0x80 [ 15.497188] ret_from_fork_asm+0x1a/0x30 [ 15.497363] [ 15.497470] The buggy address belongs to the object at ffff8881029ef680 [ 15.497470] which belongs to the cache kmalloc-64 of size 64 [ 15.498224] The buggy address is located 0 bytes to the right of [ 15.498224] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.499140] [ 15.499302] The buggy address belongs to the physical page: [ 15.499737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.500088] flags: 0x200000000000000(node=0|zone=2) [ 15.500445] page_type: f5(slab) [ 15.500807] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.501184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.501747] page dumped because: kasan: bad access detected [ 15.502043] [ 15.502205] Memory state around the buggy address: [ 15.502473] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.502936] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.503189] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.503754] ^ [ 15.504233] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504546] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.504871] ================================================================== [ 16.026697] ================================================================== [ 16.027215] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 16.027616] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.028102] [ 16.028327] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.028449] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.028477] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.028523] Call Trace: [ 16.028599] <TASK> [ 16.028658] dump_stack_lvl+0x73/0xb0 [ 16.028735] print_report+0xd1/0x650 [ 16.028795] ? __virt_addr_valid+0x1db/0x2d0 [ 16.028838] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.028889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.028928] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.028971] kasan_report+0x141/0x180 [ 16.029016] ? kasan_atomics_helper+0x1ce1/0x5450 [ 16.029070] kasan_check_range+0x10c/0x1c0 [ 16.029114] __kasan_check_write+0x18/0x20 [ 16.029156] kasan_atomics_helper+0x1ce1/0x5450 [ 16.029203] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.029245] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.029288] ? kasan_atomics+0x152/0x310 [ 16.029339] kasan_atomics+0x1dc/0x310 [ 16.029381] ? __pfx_kasan_atomics+0x10/0x10 [ 16.029423] ? __pfx_read_tsc+0x10/0x10 [ 16.029456] ? ktime_get_ts64+0x86/0x230 [ 16.029503] kunit_try_run_case+0x1a5/0x480 [ 16.029588] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.029640] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.029686] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.029737] ? __kthread_parkme+0x82/0x180 [ 16.029781] ? preempt_count_sub+0x50/0x80 [ 16.029848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.029898] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.029952] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.030004] kthread+0x337/0x6f0 [ 16.030046] ? trace_preempt_on+0x20/0xc0 [ 16.030097] ? __pfx_kthread+0x10/0x10 [ 16.030139] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.030184] ? calculate_sigpending+0x7b/0xa0 [ 16.030231] ? __pfx_kthread+0x10/0x10 [ 16.030252] ret_from_fork+0x41/0x80 [ 16.030274] ? __pfx_kthread+0x10/0x10 [ 16.030292] ret_from_fork_asm+0x1a/0x30 [ 16.030322] </TASK> [ 16.030335] [ 16.039719] Allocated by task 285: [ 16.039951] kasan_save_stack+0x45/0x70 [ 16.040172] kasan_save_track+0x18/0x40 [ 16.040343] kasan_save_alloc_info+0x3b/0x50 [ 16.040537] __kasan_kmalloc+0xb7/0xc0 [ 16.040856] __kmalloc_cache_noprof+0x189/0x420 [ 16.041277] kasan_atomics+0x95/0x310 [ 16.041584] kunit_try_run_case+0x1a5/0x480 [ 16.041914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.042173] kthread+0x337/0x6f0 [ 16.042332] ret_from_fork+0x41/0x80 [ 16.042502] ret_from_fork_asm+0x1a/0x30 [ 16.042815] [ 16.042982] The buggy address belongs to the object at ffff8881029ef680 [ 16.042982] which belongs to the cache kmalloc-64 of size 64 [ 16.043837] The buggy address is located 0 bytes to the right of [ 16.043837] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.044642] [ 16.044825] The buggy address belongs to the physical page: [ 16.045104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.045423] flags: 0x200000000000000(node=0|zone=2) [ 16.045779] page_type: f5(slab) [ 16.045969] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.046278] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.048293] page dumped because: kasan: bad access detected [ 16.048521] [ 16.048707] Memory state around the buggy address: [ 16.049064] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.049444] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.050118] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.050397] ^ [ 16.050598] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.051144] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.051584] ================================================================== [ 15.266941] ================================================================== [ 15.267204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 15.268091] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.268485] [ 15.268748] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.268924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.268955] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.269002] Call Trace: [ 15.269045] <TASK> [ 15.269089] dump_stack_lvl+0x73/0xb0 [ 15.269153] print_report+0xd1/0x650 [ 15.269194] ? __virt_addr_valid+0x1db/0x2d0 [ 15.269219] ? kasan_atomics_helper+0xe78/0x5450 [ 15.269240] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.269261] ? kasan_atomics_helper+0xe78/0x5450 [ 15.269282] kasan_report+0x141/0x180 [ 15.269304] ? kasan_atomics_helper+0xe78/0x5450 [ 15.269329] kasan_check_range+0x10c/0x1c0 [ 15.269349] __kasan_check_write+0x18/0x20 [ 15.269369] kasan_atomics_helper+0xe78/0x5450 [ 15.269390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.269412] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.269433] ? kasan_atomics+0x152/0x310 [ 15.269455] kasan_atomics+0x1dc/0x310 [ 15.269474] ? __pfx_kasan_atomics+0x10/0x10 [ 15.269495] ? __pfx_read_tsc+0x10/0x10 [ 15.269515] ? ktime_get_ts64+0x86/0x230 [ 15.269571] kunit_try_run_case+0x1a5/0x480 [ 15.269602] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.269641] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.269668] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.269691] ? __kthread_parkme+0x82/0x180 [ 15.269714] ? preempt_count_sub+0x50/0x80 [ 15.269739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.269762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.269786] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.269808] kthread+0x337/0x6f0 [ 15.269826] ? trace_preempt_on+0x20/0xc0 [ 15.269850] ? __pfx_kthread+0x10/0x10 [ 15.269868] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.269890] ? calculate_sigpending+0x7b/0xa0 [ 15.269913] ? __pfx_kthread+0x10/0x10 [ 15.269932] ret_from_fork+0x41/0x80 [ 15.269964] ? __pfx_kthread+0x10/0x10 [ 15.269984] ret_from_fork_asm+0x1a/0x30 [ 15.270016] </TASK> [ 15.270030] [ 15.281047] Allocated by task 285: [ 15.281415] kasan_save_stack+0x45/0x70 [ 15.281834] kasan_save_track+0x18/0x40 [ 15.282174] kasan_save_alloc_info+0x3b/0x50 [ 15.282502] __kasan_kmalloc+0xb7/0xc0 [ 15.282861] __kmalloc_cache_noprof+0x189/0x420 [ 15.283062] kasan_atomics+0x95/0x310 [ 15.283230] kunit_try_run_case+0x1a5/0x480 [ 15.283600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.284053] kthread+0x337/0x6f0 [ 15.284338] ret_from_fork+0x41/0x80 [ 15.284663] ret_from_fork_asm+0x1a/0x30 [ 15.284999] [ 15.285171] The buggy address belongs to the object at ffff8881029ef680 [ 15.285171] which belongs to the cache kmalloc-64 of size 64 [ 15.285564] The buggy address is located 0 bytes to the right of [ 15.285564] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.286425] [ 15.286648] The buggy address belongs to the physical page: [ 15.286929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.287519] flags: 0x200000000000000(node=0|zone=2) [ 15.287970] page_type: f5(slab) [ 15.288164] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.288854] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.289277] page dumped because: kasan: bad access detected [ 15.289784] [ 15.289957] Memory state around the buggy address: [ 15.290333] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.291085] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.291639] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.291937] ^ [ 15.292272] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.292741] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.293159] ================================================================== [ 15.400453] ================================================================== [ 15.401034] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 15.401606] Read of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.402069] [ 15.402293] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.402403] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.402432] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.402473] Call Trace: [ 15.402521] <TASK> [ 15.402690] dump_stack_lvl+0x73/0xb0 [ 15.402778] print_report+0xd1/0x650 [ 15.402828] ? __virt_addr_valid+0x1db/0x2d0 [ 15.402873] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.402914] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.402938] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.402961] kasan_report+0x141/0x180 [ 15.402984] ? kasan_atomics_helper+0x4a1c/0x5450 [ 15.403009] __asan_report_load4_noabort+0x18/0x20 [ 15.403029] kasan_atomics_helper+0x4a1c/0x5450 [ 15.403051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.403073] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.403093] ? kasan_atomics+0x152/0x310 [ 15.403118] kasan_atomics+0x1dc/0x310 [ 15.403137] ? __pfx_kasan_atomics+0x10/0x10 [ 15.403158] ? __pfx_read_tsc+0x10/0x10 [ 15.403178] ? ktime_get_ts64+0x86/0x230 [ 15.403203] kunit_try_run_case+0x1a5/0x480 [ 15.403227] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403248] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.403271] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.403292] ? __kthread_parkme+0x82/0x180 [ 15.403314] ? preempt_count_sub+0x50/0x80 [ 15.403338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.403360] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.403382] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.403404] kthread+0x337/0x6f0 [ 15.403420] ? trace_preempt_on+0x20/0xc0 [ 15.403443] ? __pfx_kthread+0x10/0x10 [ 15.403461] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.403482] ? calculate_sigpending+0x7b/0xa0 [ 15.403503] ? __pfx_kthread+0x10/0x10 [ 15.403521] ret_from_fork+0x41/0x80 [ 15.403565] ? __pfx_kthread+0x10/0x10 [ 15.403587] ret_from_fork_asm+0x1a/0x30 [ 15.403618] </TASK> [ 15.403647] [ 15.413040] Allocated by task 285: [ 15.413429] kasan_save_stack+0x45/0x70 [ 15.413792] kasan_save_track+0x18/0x40 [ 15.414042] kasan_save_alloc_info+0x3b/0x50 [ 15.414322] __kasan_kmalloc+0xb7/0xc0 [ 15.414684] __kmalloc_cache_noprof+0x189/0x420 [ 15.414885] kasan_atomics+0x95/0x310 [ 15.415183] kunit_try_run_case+0x1a5/0x480 [ 15.415524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.415763] kthread+0x337/0x6f0 [ 15.416032] ret_from_fork+0x41/0x80 [ 15.416299] ret_from_fork_asm+0x1a/0x30 [ 15.416567] [ 15.416727] The buggy address belongs to the object at ffff8881029ef680 [ 15.416727] which belongs to the cache kmalloc-64 of size 64 [ 15.417199] The buggy address is located 0 bytes to the right of [ 15.417199] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.417564] [ 15.417745] The buggy address belongs to the physical page: [ 15.418240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.418833] flags: 0x200000000000000(node=0|zone=2) [ 15.419236] page_type: f5(slab) [ 15.419486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.419856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.420102] page dumped because: kasan: bad access detected [ 15.420332] [ 15.420477] Memory state around the buggy address: [ 15.420881] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.421501] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.422026] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.422299] ^ [ 15.422497] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423155] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.423642] ================================================================== [ 15.424936] ================================================================== [ 15.425380] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 15.425690] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.425950] [ 15.426100] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.426214] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.426237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.426281] Call Trace: [ 15.426321] <TASK> [ 15.426362] dump_stack_lvl+0x73/0xb0 [ 15.426412] print_report+0xd1/0x650 [ 15.426446] ? __virt_addr_valid+0x1db/0x2d0 [ 15.426480] ? kasan_atomics_helper+0x1148/0x5450 [ 15.426510] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.426542] ? kasan_atomics_helper+0x1148/0x5450 [ 15.426575] kasan_report+0x141/0x180 [ 15.426609] ? kasan_atomics_helper+0x1148/0x5450 [ 15.426676] kasan_check_range+0x10c/0x1c0 [ 15.426715] __kasan_check_write+0x18/0x20 [ 15.426758] kasan_atomics_helper+0x1148/0x5450 [ 15.426803] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.426851] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.426899] ? kasan_atomics+0x152/0x310 [ 15.426952] kasan_atomics+0x1dc/0x310 [ 15.426993] ? __pfx_kasan_atomics+0x10/0x10 [ 15.427038] ? __pfx_read_tsc+0x10/0x10 [ 15.427078] ? ktime_get_ts64+0x86/0x230 [ 15.427130] kunit_try_run_case+0x1a5/0x480 [ 15.427182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.427225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.427274] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.427314] ? __kthread_parkme+0x82/0x180 [ 15.427344] ? preempt_count_sub+0x50/0x80 [ 15.427377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.427408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.427440] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.427471] kthread+0x337/0x6f0 [ 15.427496] ? trace_preempt_on+0x20/0xc0 [ 15.427529] ? __pfx_kthread+0x10/0x10 [ 15.427558] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.427589] ? calculate_sigpending+0x7b/0xa0 [ 15.427637] ? __pfx_kthread+0x10/0x10 [ 15.427674] ret_from_fork+0x41/0x80 [ 15.427712] ? __pfx_kthread+0x10/0x10 [ 15.427743] ret_from_fork_asm+0x1a/0x30 [ 15.427808] </TASK> [ 15.427832] [ 15.440105] Allocated by task 285: [ 15.440373] kasan_save_stack+0x45/0x70 [ 15.441312] kasan_save_track+0x18/0x40 [ 15.442075] kasan_save_alloc_info+0x3b/0x50 [ 15.442464] __kasan_kmalloc+0xb7/0xc0 [ 15.442832] __kmalloc_cache_noprof+0x189/0x420 [ 15.443220] kasan_atomics+0x95/0x310 [ 15.443504] kunit_try_run_case+0x1a5/0x480 [ 15.443700] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.444004] kthread+0x337/0x6f0 [ 15.444167] ret_from_fork+0x41/0x80 [ 15.444480] ret_from_fork_asm+0x1a/0x30 [ 15.444714] [ 15.444817] The buggy address belongs to the object at ffff8881029ef680 [ 15.444817] which belongs to the cache kmalloc-64 of size 64 [ 15.445455] The buggy address is located 0 bytes to the right of [ 15.445455] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.446179] [ 15.446400] The buggy address belongs to the physical page: [ 15.446804] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.447104] flags: 0x200000000000000(node=0|zone=2) [ 15.447467] page_type: f5(slab) [ 15.447762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.448131] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.448575] page dumped because: kasan: bad access detected [ 15.448804] [ 15.448973] Memory state around the buggy address: [ 15.449210] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.449683] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.450067] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.450434] ^ [ 15.450638] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451156] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.451718] ================================================================== [ 14.807241] ================================================================== [ 14.808404] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 14.809169] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.810075] [ 14.810314] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.810528] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.810555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.810595] Call Trace: [ 14.810657] <TASK> [ 14.810702] dump_stack_lvl+0x73/0xb0 [ 14.810770] print_report+0xd1/0x650 [ 14.810818] ? __virt_addr_valid+0x1db/0x2d0 [ 14.810863] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.810909] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.810949] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.810981] kasan_report+0x141/0x180 [ 14.811005] ? kasan_atomics_helper+0x4b3a/0x5450 [ 14.811031] __asan_report_store4_noabort+0x1b/0x30 [ 14.811053] kasan_atomics_helper+0x4b3a/0x5450 [ 14.811076] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.811098] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.811121] ? kasan_atomics+0x152/0x310 [ 14.811143] kasan_atomics+0x1dc/0x310 [ 14.811163] ? __pfx_kasan_atomics+0x10/0x10 [ 14.811183] ? __pfx_read_tsc+0x10/0x10 [ 14.811202] ? ktime_get_ts64+0x86/0x230 [ 14.811227] kunit_try_run_case+0x1a5/0x480 [ 14.811251] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.811271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.811318] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.811340] ? __kthread_parkme+0x82/0x180 [ 14.811361] ? preempt_count_sub+0x50/0x80 [ 14.811386] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.811408] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.811432] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.811453] kthread+0x337/0x6f0 [ 14.811470] ? trace_preempt_on+0x20/0xc0 [ 14.811493] ? __pfx_kthread+0x10/0x10 [ 14.811511] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.811531] ? calculate_sigpending+0x7b/0xa0 [ 14.811593] ? __pfx_kthread+0x10/0x10 [ 14.811638] ret_from_fork+0x41/0x80 [ 14.811678] ? __pfx_kthread+0x10/0x10 [ 14.811718] ret_from_fork_asm+0x1a/0x30 [ 14.811752] </TASK> [ 14.811766] [ 14.823503] Allocated by task 285: [ 14.823969] kasan_save_stack+0x45/0x70 [ 14.824764] kasan_save_track+0x18/0x40 [ 14.825512] kasan_save_alloc_info+0x3b/0x50 [ 14.825706] __kasan_kmalloc+0xb7/0xc0 [ 14.826146] __kmalloc_cache_noprof+0x189/0x420 [ 14.826774] kasan_atomics+0x95/0x310 [ 14.827089] kunit_try_run_case+0x1a5/0x480 [ 14.827579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.827968] kthread+0x337/0x6f0 [ 14.828274] ret_from_fork+0x41/0x80 [ 14.828645] ret_from_fork_asm+0x1a/0x30 [ 14.828953] [ 14.829125] The buggy address belongs to the object at ffff8881029ef680 [ 14.829125] which belongs to the cache kmalloc-64 of size 64 [ 14.830270] The buggy address is located 0 bytes to the right of [ 14.830270] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 14.830896] [ 14.831071] The buggy address belongs to the physical page: [ 14.831349] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 14.831843] flags: 0x200000000000000(node=0|zone=2) [ 14.832063] page_type: f5(slab) [ 14.832231] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.833068] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.833734] page dumped because: kasan: bad access detected [ 14.834716] [ 14.834828] Memory state around the buggy address: [ 14.834999] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.835960] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.836370] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.837569] ^ [ 14.838031] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.838500] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.839494] ================================================================== [ 15.016374] ================================================================== [ 15.016924] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 15.018250] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.018988] [ 15.019270] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.019634] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.019659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.019688] Call Trace: [ 15.019715] <TASK> [ 15.019743] dump_stack_lvl+0x73/0xb0 [ 15.019783] print_report+0xd1/0x650 [ 15.019807] ? __virt_addr_valid+0x1db/0x2d0 [ 15.019830] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.019851] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.019874] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.019895] kasan_report+0x141/0x180 [ 15.019917] ? kasan_atomics_helper+0x8f9/0x5450 [ 15.019944] kasan_check_range+0x10c/0x1c0 [ 15.019965] __kasan_check_write+0x18/0x20 [ 15.019984] kasan_atomics_helper+0x8f9/0x5450 [ 15.020006] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.020028] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.020050] ? kasan_atomics+0x152/0x310 [ 15.020072] kasan_atomics+0x1dc/0x310 [ 15.020091] ? __pfx_kasan_atomics+0x10/0x10 [ 15.020112] ? __pfx_read_tsc+0x10/0x10 [ 15.020131] ? ktime_get_ts64+0x86/0x230 [ 15.020156] kunit_try_run_case+0x1a5/0x480 [ 15.020181] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.020203] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.020227] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.020250] ? __kthread_parkme+0x82/0x180 [ 15.020272] ? preempt_count_sub+0x50/0x80 [ 15.020336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.020377] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.020411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.020444] kthread+0x337/0x6f0 [ 15.020470] ? trace_preempt_on+0x20/0xc0 [ 15.020500] ? __pfx_kthread+0x10/0x10 [ 15.020526] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.020567] ? calculate_sigpending+0x7b/0xa0 [ 15.020597] ? __pfx_kthread+0x10/0x10 [ 15.020637] ret_from_fork+0x41/0x80 [ 15.020669] ? __pfx_kthread+0x10/0x10 [ 15.020697] ret_from_fork_asm+0x1a/0x30 [ 15.020738] </TASK> [ 15.020756] [ 15.030266] Allocated by task 285: [ 15.030740] kasan_save_stack+0x45/0x70 [ 15.031693] kasan_save_track+0x18/0x40 [ 15.032054] kasan_save_alloc_info+0x3b/0x50 [ 15.032515] __kasan_kmalloc+0xb7/0xc0 [ 15.032904] __kmalloc_cache_noprof+0x189/0x420 [ 15.033437] kasan_atomics+0x95/0x310 [ 15.033800] kunit_try_run_case+0x1a5/0x480 [ 15.034129] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.034452] kthread+0x337/0x6f0 [ 15.034672] ret_from_fork+0x41/0x80 [ 15.035323] ret_from_fork_asm+0x1a/0x30 [ 15.035650] [ 15.035772] The buggy address belongs to the object at ffff8881029ef680 [ 15.035772] which belongs to the cache kmalloc-64 of size 64 [ 15.036344] The buggy address is located 0 bytes to the right of [ 15.036344] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.037401] [ 15.037572] The buggy address belongs to the physical page: [ 15.037956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.038541] flags: 0x200000000000000(node=0|zone=2) [ 15.038903] page_type: f5(slab) [ 15.039508] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.039983] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.040609] page dumped because: kasan: bad access detected [ 15.040918] [ 15.041038] Memory state around the buggy address: [ 15.041215] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.042047] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.043076] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.043319] ^ [ 15.043742] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.044162] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.044479] ================================================================== [ 15.046098] ================================================================== [ 15.046403] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 15.046779] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.047090] [ 15.047396] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.047505] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.047531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.047600] Call Trace: [ 15.047659] <TASK> [ 15.047701] dump_stack_lvl+0x73/0xb0 [ 15.047762] print_report+0xd1/0x650 [ 15.047812] ? __virt_addr_valid+0x1db/0x2d0 [ 15.047859] ? kasan_atomics_helper+0x992/0x5450 [ 15.047901] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.047938] ? kasan_atomics_helper+0x992/0x5450 [ 15.047979] kasan_report+0x141/0x180 [ 15.048021] ? kasan_atomics_helper+0x992/0x5450 [ 15.048076] kasan_check_range+0x10c/0x1c0 [ 15.048120] __kasan_check_write+0x18/0x20 [ 15.048163] kasan_atomics_helper+0x992/0x5450 [ 15.048212] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.048259] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.048411] ? kasan_atomics+0x152/0x310 [ 15.048442] kasan_atomics+0x1dc/0x310 [ 15.048463] ? __pfx_kasan_atomics+0x10/0x10 [ 15.048486] ? __pfx_read_tsc+0x10/0x10 [ 15.048506] ? ktime_get_ts64+0x86/0x230 [ 15.048531] kunit_try_run_case+0x1a5/0x480 [ 15.048568] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.048590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.048615] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.048657] ? __kthread_parkme+0x82/0x180 [ 15.048680] ? preempt_count_sub+0x50/0x80 [ 15.048705] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.048728] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.048751] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.048773] kthread+0x337/0x6f0 [ 15.048792] ? trace_preempt_on+0x20/0xc0 [ 15.048816] ? __pfx_kthread+0x10/0x10 [ 15.048835] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.048856] ? calculate_sigpending+0x7b/0xa0 [ 15.048878] ? __pfx_kthread+0x10/0x10 [ 15.048897] ret_from_fork+0x41/0x80 [ 15.048917] ? __pfx_kthread+0x10/0x10 [ 15.048936] ret_from_fork_asm+0x1a/0x30 [ 15.048966] </TASK> [ 15.048980] [ 15.059779] Allocated by task 285: [ 15.060055] kasan_save_stack+0x45/0x70 [ 15.060335] kasan_save_track+0x18/0x40 [ 15.060542] kasan_save_alloc_info+0x3b/0x50 [ 15.060852] __kasan_kmalloc+0xb7/0xc0 [ 15.061174] __kmalloc_cache_noprof+0x189/0x420 [ 15.061534] kasan_atomics+0x95/0x310 [ 15.061752] kunit_try_run_case+0x1a5/0x480 [ 15.061937] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.062162] kthread+0x337/0x6f0 [ 15.062319] ret_from_fork+0x41/0x80 [ 15.062485] ret_from_fork_asm+0x1a/0x30 [ 15.062781] [ 15.062932] The buggy address belongs to the object at ffff8881029ef680 [ 15.062932] which belongs to the cache kmalloc-64 of size 64 [ 15.063799] The buggy address is located 0 bytes to the right of [ 15.063799] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.064964] [ 15.065156] The buggy address belongs to the physical page: [ 15.065649] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.066060] flags: 0x200000000000000(node=0|zone=2) [ 15.066215] page_type: f5(slab) [ 15.066447] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.067112] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.067525] page dumped because: kasan: bad access detected [ 15.067877] [ 15.068170] Memory state around the buggy address: [ 15.068783] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.069123] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.070327] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.071040] ^ [ 15.072311] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.072690] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.073049] ================================================================== [ 15.688056] ================================================================== [ 15.688695] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 15.689409] Write of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.690110] [ 15.690361] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.690476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.690525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.690601] Call Trace: [ 15.690681] <TASK> [ 15.690736] dump_stack_lvl+0x73/0xb0 [ 15.690805] print_report+0xd1/0x650 [ 15.690850] ? __virt_addr_valid+0x1db/0x2d0 [ 15.690894] ? kasan_atomics_helper+0x151d/0x5450 [ 15.690971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.691031] ? kasan_atomics_helper+0x151d/0x5450 [ 15.691056] kasan_report+0x141/0x180 [ 15.691091] ? kasan_atomics_helper+0x151d/0x5450 [ 15.691126] kasan_check_range+0x10c/0x1c0 [ 15.691148] __kasan_check_write+0x18/0x20 [ 15.691169] kasan_atomics_helper+0x151d/0x5450 [ 15.691191] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.691213] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.691234] ? kasan_atomics+0x152/0x310 [ 15.691257] kasan_atomics+0x1dc/0x310 [ 15.691276] ? __pfx_kasan_atomics+0x10/0x10 [ 15.691297] ? __pfx_read_tsc+0x10/0x10 [ 15.691317] ? ktime_get_ts64+0x86/0x230 [ 15.691342] kunit_try_run_case+0x1a5/0x480 [ 15.691366] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.691411] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.691434] ? __kthread_parkme+0x82/0x180 [ 15.691457] ? preempt_count_sub+0x50/0x80 [ 15.691482] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.691504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.691527] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.691573] kthread+0x337/0x6f0 [ 15.691592] ? trace_preempt_on+0x20/0xc0 [ 15.691616] ? __pfx_kthread+0x10/0x10 [ 15.691655] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.691677] ? calculate_sigpending+0x7b/0xa0 [ 15.691699] ? __pfx_kthread+0x10/0x10 [ 15.691718] ret_from_fork+0x41/0x80 [ 15.691738] ? __pfx_kthread+0x10/0x10 [ 15.691756] ret_from_fork_asm+0x1a/0x30 [ 15.691788] </TASK> [ 15.691802] [ 15.701078] Allocated by task 285: [ 15.701437] kasan_save_stack+0x45/0x70 [ 15.701866] kasan_save_track+0x18/0x40 [ 15.702062] kasan_save_alloc_info+0x3b/0x50 [ 15.702315] __kasan_kmalloc+0xb7/0xc0 [ 15.702589] __kmalloc_cache_noprof+0x189/0x420 [ 15.702936] kasan_atomics+0x95/0x310 [ 15.703206] kunit_try_run_case+0x1a5/0x480 [ 15.703523] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.703902] kthread+0x337/0x6f0 [ 15.704118] ret_from_fork+0x41/0x80 [ 15.704283] ret_from_fork_asm+0x1a/0x30 [ 15.704456] [ 15.704558] The buggy address belongs to the object at ffff8881029ef680 [ 15.704558] which belongs to the cache kmalloc-64 of size 64 [ 15.705357] The buggy address is located 0 bytes to the right of [ 15.705357] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.706415] [ 15.706612] The buggy address belongs to the physical page: [ 15.706994] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.707438] flags: 0x200000000000000(node=0|zone=2) [ 15.707801] page_type: f5(slab) [ 15.708061] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.708513] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.708964] page dumped because: kasan: bad access detected [ 15.709152] [ 15.709251] Memory state around the buggy address: [ 15.709439] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.709820] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.710329] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.710978] ^ [ 15.711371] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.711877] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.712119] ================================================================== [ 15.208524] ================================================================== [ 15.209096] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 15.209743] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 15.210296] [ 15.210505] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 15.210653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.210681] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.210728] Call Trace: [ 15.210777] <TASK> [ 15.210819] dump_stack_lvl+0x73/0xb0 [ 15.210882] print_report+0xd1/0x650 [ 15.210932] ? __virt_addr_valid+0x1db/0x2d0 [ 15.210972] ? kasan_atomics_helper+0xd47/0x5450 [ 15.211013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.211058] ? kasan_atomics_helper+0xd47/0x5450 [ 15.211104] kasan_report+0x141/0x180 [ 15.211149] ? kasan_atomics_helper+0xd47/0x5450 [ 15.211193] kasan_check_range+0x10c/0x1c0 [ 15.211217] __kasan_check_write+0x18/0x20 [ 15.211237] kasan_atomics_helper+0xd47/0x5450 [ 15.211260] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.211283] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.211305] ? kasan_atomics+0x152/0x310 [ 15.211328] kasan_atomics+0x1dc/0x310 [ 15.211348] ? __pfx_kasan_atomics+0x10/0x10 [ 15.211369] ? __pfx_read_tsc+0x10/0x10 [ 15.211389] ? ktime_get_ts64+0x86/0x230 [ 15.211416] kunit_try_run_case+0x1a5/0x480 [ 15.211442] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.211486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.211508] ? __kthread_parkme+0x82/0x180 [ 15.211529] ? preempt_count_sub+0x50/0x80 [ 15.211580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.211674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.211730] kthread+0x337/0x6f0 [ 15.211768] ? trace_preempt_on+0x20/0xc0 [ 15.211818] ? __pfx_kthread+0x10/0x10 [ 15.211856] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.211900] ? calculate_sigpending+0x7b/0xa0 [ 15.211944] ? __pfx_kthread+0x10/0x10 [ 15.211985] ret_from_fork+0x41/0x80 [ 15.212029] ? __pfx_kthread+0x10/0x10 [ 15.212070] ret_from_fork_asm+0x1a/0x30 [ 15.212115] </TASK> [ 15.212130] [ 15.224459] Allocated by task 285: [ 15.224899] kasan_save_stack+0x45/0x70 [ 15.225079] kasan_save_track+0x18/0x40 [ 15.225348] kasan_save_alloc_info+0x3b/0x50 [ 15.225619] __kasan_kmalloc+0xb7/0xc0 [ 15.225909] __kmalloc_cache_noprof+0x189/0x420 [ 15.226169] kasan_atomics+0x95/0x310 [ 15.226382] kunit_try_run_case+0x1a5/0x480 [ 15.227123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.227335] kthread+0x337/0x6f0 [ 15.227571] ret_from_fork+0x41/0x80 [ 15.228088] ret_from_fork_asm+0x1a/0x30 [ 15.228457] [ 15.228552] The buggy address belongs to the object at ffff8881029ef680 [ 15.228552] which belongs to the cache kmalloc-64 of size 64 [ 15.229349] The buggy address is located 0 bytes to the right of [ 15.229349] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.230043] [ 15.230384] The buggy address belongs to the physical page: [ 15.230578] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.231231] flags: 0x200000000000000(node=0|zone=2) [ 15.231774] page_type: f5(slab) [ 15.231947] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.232455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.232962] page dumped because: kasan: bad access detected [ 15.233228] [ 15.233347] Memory state around the buggy address: [ 15.233597] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.234370] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.235133] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.235454] ^ [ 15.235763] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236133] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.236502] ================================================================== [ 14.989954] ================================================================== [ 14.990521] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 14.991208] Write of size 4 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 14.991542] [ 14.991778] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.991880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.991908] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.991975] Call Trace: [ 14.992021] <TASK> [ 14.992060] dump_stack_lvl+0x73/0xb0 [ 14.992122] print_report+0xd1/0x650 [ 14.992170] ? __virt_addr_valid+0x1db/0x2d0 [ 14.992219] ? kasan_atomics_helper+0x860/0x5450 [ 14.992263] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.992311] ? kasan_atomics_helper+0x860/0x5450 [ 14.992355] kasan_report+0x141/0x180 [ 14.992396] ? kasan_atomics_helper+0x860/0x5450 [ 14.992448] kasan_check_range+0x10c/0x1c0 [ 14.992643] __kasan_check_write+0x18/0x20 [ 14.992697] kasan_atomics_helper+0x860/0x5450 [ 14.992740] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.992782] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.992826] ? kasan_atomics+0x152/0x310 [ 14.992878] kasan_atomics+0x1dc/0x310 [ 14.992914] ? __pfx_kasan_atomics+0x10/0x10 [ 14.992937] ? __pfx_read_tsc+0x10/0x10 [ 14.992957] ? ktime_get_ts64+0x86/0x230 [ 14.992982] kunit_try_run_case+0x1a5/0x480 [ 14.993007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.993051] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.993073] ? __kthread_parkme+0x82/0x180 [ 14.993095] ? preempt_count_sub+0x50/0x80 [ 14.993120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.993142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.993164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.993185] kthread+0x337/0x6f0 [ 14.993202] ? trace_preempt_on+0x20/0xc0 [ 14.993225] ? __pfx_kthread+0x10/0x10 [ 14.993243] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.993263] ? calculate_sigpending+0x7b/0xa0 [ 14.993286] ? __pfx_kthread+0x10/0x10 [ 14.993314] ret_from_fork+0x41/0x80 [ 14.993343] ? __pfx_kthread+0x10/0x10 [ 14.993369] ret_from_fork_asm+0x1a/0x30 [ 14.993415] </TASK> [ 14.993431] [ 15.002160] Allocated by task 285: [ 15.002332] kasan_save_stack+0x45/0x70 [ 15.002506] kasan_save_track+0x18/0x40 [ 15.002811] kasan_save_alloc_info+0x3b/0x50 [ 15.003134] __kasan_kmalloc+0xb7/0xc0 [ 15.003427] __kmalloc_cache_noprof+0x189/0x420 [ 15.004513] kasan_atomics+0x95/0x310 [ 15.004879] kunit_try_run_case+0x1a5/0x480 [ 15.005064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.005288] kthread+0x337/0x6f0 [ 15.005744] ret_from_fork+0x41/0x80 [ 15.005931] ret_from_fork_asm+0x1a/0x30 [ 15.006122] [ 15.006227] The buggy address belongs to the object at ffff8881029ef680 [ 15.006227] which belongs to the cache kmalloc-64 of size 64 [ 15.007745] The buggy address is located 0 bytes to the right of [ 15.007745] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 15.009229] [ 15.009494] The buggy address belongs to the physical page: [ 15.010083] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 15.010522] flags: 0x200000000000000(node=0|zone=2) [ 15.010842] page_type: f5(slab) [ 15.010970] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.011144] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.011313] page dumped because: kasan: bad access detected [ 15.011445] [ 15.011513] Memory state around the buggy address: [ 15.012327] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.013137] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.013823] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.014406] ^ [ 15.014614] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.015316] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.015865] ================================================================== [ 16.250835] ================================================================== [ 16.252940] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 16.253503] Read of size 8 at addr ffff8881029ef6b0 by task kunit_try_catch/285 [ 16.253897] [ 16.254099] CPU: 1 UID: 0 PID: 285 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 16.254203] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.254232] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.254277] Call Trace: [ 16.254319] <TASK> [ 16.254364] dump_stack_lvl+0x73/0xb0 [ 16.254423] print_report+0xd1/0x650 [ 16.254475] ? __virt_addr_valid+0x1db/0x2d0 [ 16.254526] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.254575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.256662] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.256758] kasan_report+0x141/0x180 [ 16.256813] ? kasan_atomics_helper+0x4fb2/0x5450 [ 16.256871] __asan_report_load8_noabort+0x18/0x20 [ 16.256915] kasan_atomics_helper+0x4fb2/0x5450 [ 16.256965] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 16.257011] ? __kmalloc_cache_noprof+0x189/0x420 [ 16.257058] ? kasan_atomics+0x152/0x310 [ 16.257109] kasan_atomics+0x1dc/0x310 [ 16.257148] ? __pfx_kasan_atomics+0x10/0x10 [ 16.257187] ? __pfx_read_tsc+0x10/0x10 [ 16.257228] ? ktime_get_ts64+0x86/0x230 [ 16.257279] kunit_try_run_case+0x1a5/0x480 [ 16.257333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.257377] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.257426] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.257473] ? __kthread_parkme+0x82/0x180 [ 16.257520] ? preempt_count_sub+0x50/0x80 [ 16.257581] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.257614] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.257660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.257692] kthread+0x337/0x6f0 [ 16.257717] ? trace_preempt_on+0x20/0xc0 [ 16.257749] ? __pfx_kthread+0x10/0x10 [ 16.257775] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.257804] ? calculate_sigpending+0x7b/0xa0 [ 16.257835] ? __pfx_kthread+0x10/0x10 [ 16.257869] ret_from_fork+0x41/0x80 [ 16.257911] ? __pfx_kthread+0x10/0x10 [ 16.257961] ret_from_fork_asm+0x1a/0x30 [ 16.258031] </TASK> [ 16.258059] [ 16.269931] Allocated by task 285: [ 16.270341] kasan_save_stack+0x45/0x70 [ 16.270867] kasan_save_track+0x18/0x40 [ 16.271227] kasan_save_alloc_info+0x3b/0x50 [ 16.271598] __kasan_kmalloc+0xb7/0xc0 [ 16.271959] __kmalloc_cache_noprof+0x189/0x420 [ 16.272293] kasan_atomics+0x95/0x310 [ 16.272643] kunit_try_run_case+0x1a5/0x480 [ 16.272979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.273255] kthread+0x337/0x6f0 [ 16.273416] ret_from_fork+0x41/0x80 [ 16.273702] ret_from_fork_asm+0x1a/0x30 [ 16.273995] [ 16.274226] The buggy address belongs to the object at ffff8881029ef680 [ 16.274226] which belongs to the cache kmalloc-64 of size 64 [ 16.275055] The buggy address is located 0 bytes to the right of [ 16.275055] allocated 48-byte region [ffff8881029ef680, ffff8881029ef6b0) [ 16.275798] [ 16.275984] The buggy address belongs to the physical page: [ 16.276352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029ef [ 16.276742] flags: 0x200000000000000(node=0|zone=2) [ 16.276949] page_type: f5(slab) [ 16.277118] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 16.277405] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 16.278020] page dumped because: kasan: bad access detected [ 16.278424] [ 16.278671] Memory state around the buggy address: [ 16.279047] ffff8881029ef580: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.279603] ffff8881029ef600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 16.280069] >ffff8881029ef680: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 16.280326] ^ [ 16.280571] ffff8881029ef700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.281189] ffff8881029ef780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.281766] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 14.419263] ================================================================== [ 14.419648] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.420125] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.420420] [ 14.420562] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.421705] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.421737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.421770] Call Trace: [ 14.421795] <TASK> [ 14.421821] dump_stack_lvl+0x73/0xb0 [ 14.421860] print_report+0xd1/0x650 [ 14.421883] ? __virt_addr_valid+0x1db/0x2d0 [ 14.421905] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.421928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.421963] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.421987] kasan_report+0x141/0x180 [ 14.422009] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.422037] kasan_check_range+0x10c/0x1c0 [ 14.422057] __kasan_check_write+0x18/0x20 [ 14.422077] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 14.422098] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.422121] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.422141] ? trace_hardirqs_on+0x37/0xe0 [ 14.422163] ? kasan_bitops_generic+0x92/0x1c0 [ 14.422186] kasan_bitops_generic+0x121/0x1c0 [ 14.422205] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.422225] ? __pfx_read_tsc+0x10/0x10 [ 14.422245] ? ktime_get_ts64+0x86/0x230 [ 14.422270] kunit_try_run_case+0x1a5/0x480 [ 14.422304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422325] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.422348] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.422370] ? __kthread_parkme+0x82/0x180 [ 14.422392] ? preempt_count_sub+0x50/0x80 [ 14.422416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.422437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.422459] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.422480] kthread+0x337/0x6f0 [ 14.422497] ? trace_preempt_on+0x20/0xc0 [ 14.422517] ? __pfx_kthread+0x10/0x10 [ 14.422535] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.422565] ? calculate_sigpending+0x7b/0xa0 [ 14.422586] ? __pfx_kthread+0x10/0x10 [ 14.422604] ret_from_fork+0x41/0x80 [ 14.422638] ? __pfx_kthread+0x10/0x10 [ 14.422659] ret_from_fork_asm+0x1a/0x30 [ 14.422689] </TASK> [ 14.422703] [ 14.434513] Allocated by task 281: [ 14.434928] kasan_save_stack+0x45/0x70 [ 14.435279] kasan_save_track+0x18/0x40 [ 14.435445] kasan_save_alloc_info+0x3b/0x50 [ 14.435943] __kasan_kmalloc+0xb7/0xc0 [ 14.436335] __kmalloc_cache_noprof+0x189/0x420 [ 14.436548] kasan_bitops_generic+0x92/0x1c0 [ 14.436729] kunit_try_run_case+0x1a5/0x480 [ 14.436908] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.437106] kthread+0x337/0x6f0 [ 14.437371] ret_from_fork+0x41/0x80 [ 14.437808] ret_from_fork_asm+0x1a/0x30 [ 14.438166] [ 14.438284] The buggy address belongs to the object at ffff888102662fc0 [ 14.438284] which belongs to the cache kmalloc-16 of size 16 [ 14.438981] The buggy address is located 8 bytes inside of [ 14.438981] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.439580] [ 14.439771] The buggy address belongs to the physical page: [ 14.440149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.440460] flags: 0x200000000000000(node=0|zone=2) [ 14.440681] page_type: f5(slab) [ 14.440951] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.441532] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.441972] page dumped because: kasan: bad access detected [ 14.442182] [ 14.442323] Memory state around the buggy address: [ 14.442692] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.443470] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.444082] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.444477] ^ [ 14.444924] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.445268] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.445711] ================================================================== [ 14.475214] ================================================================== [ 14.476207] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.476993] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.477538] [ 14.477871] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.477984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.478030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.478073] Call Trace: [ 14.478119] <TASK> [ 14.478161] dump_stack_lvl+0x73/0xb0 [ 14.478224] print_report+0xd1/0x650 [ 14.478287] ? __virt_addr_valid+0x1db/0x2d0 [ 14.478332] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.478377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.478415] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.478459] kasan_report+0x141/0x180 [ 14.478501] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.478573] kasan_check_range+0x10c/0x1c0 [ 14.478613] __kasan_check_write+0x18/0x20 [ 14.478664] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 14.478711] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.478742] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.478771] ? trace_hardirqs_on+0x37/0xe0 [ 14.478799] ? kasan_bitops_generic+0x92/0x1c0 [ 14.478829] kasan_bitops_generic+0x121/0x1c0 [ 14.478859] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.478892] ? __pfx_read_tsc+0x10/0x10 [ 14.478917] ? ktime_get_ts64+0x86/0x230 [ 14.478941] kunit_try_run_case+0x1a5/0x480 [ 14.478968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.478988] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.479012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.479034] ? __kthread_parkme+0x82/0x180 [ 14.479056] ? preempt_count_sub+0x50/0x80 [ 14.479080] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.479102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.479124] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.479146] kthread+0x337/0x6f0 [ 14.479162] ? trace_preempt_on+0x20/0xc0 [ 14.479183] ? __pfx_kthread+0x10/0x10 [ 14.479200] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.479220] ? calculate_sigpending+0x7b/0xa0 [ 14.479242] ? __pfx_kthread+0x10/0x10 [ 14.479260] ret_from_fork+0x41/0x80 [ 14.479278] ? __pfx_kthread+0x10/0x10 [ 14.479295] ret_from_fork_asm+0x1a/0x30 [ 14.479327] </TASK> [ 14.479340] [ 14.489147] Allocated by task 281: [ 14.489373] kasan_save_stack+0x45/0x70 [ 14.489753] kasan_save_track+0x18/0x40 [ 14.490045] kasan_save_alloc_info+0x3b/0x50 [ 14.490375] __kasan_kmalloc+0xb7/0xc0 [ 14.490657] __kmalloc_cache_noprof+0x189/0x420 [ 14.490994] kasan_bitops_generic+0x92/0x1c0 [ 14.491294] kunit_try_run_case+0x1a5/0x480 [ 14.491522] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.491795] kthread+0x337/0x6f0 [ 14.491956] ret_from_fork+0x41/0x80 [ 14.492124] ret_from_fork_asm+0x1a/0x30 [ 14.492399] [ 14.492556] The buggy address belongs to the object at ffff888102662fc0 [ 14.492556] which belongs to the cache kmalloc-16 of size 16 [ 14.493323] The buggy address is located 8 bytes inside of [ 14.493323] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.493789] [ 14.493896] The buggy address belongs to the physical page: [ 14.494152] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.494693] flags: 0x200000000000000(node=0|zone=2) [ 14.495045] page_type: f5(slab) [ 14.495318] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.495885] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.496316] page dumped because: kasan: bad access detected [ 14.496610] [ 14.496726] Memory state around the buggy address: [ 14.496916] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.497161] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.497494] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.497956] ^ [ 14.498396] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.498636] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.498862] ================================================================== [ 14.328848] ================================================================== [ 14.330731] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.331313] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.331718] [ 14.331868] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.331982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.332008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.332051] Call Trace: [ 14.332110] <TASK> [ 14.332164] dump_stack_lvl+0x73/0xb0 [ 14.332225] print_report+0xd1/0x650 [ 14.332279] ? __virt_addr_valid+0x1db/0x2d0 [ 14.332321] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.332367] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.332414] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.332464] kasan_report+0x141/0x180 [ 14.332511] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.332575] kasan_check_range+0x10c/0x1c0 [ 14.332613] __kasan_check_write+0x18/0x20 [ 14.332668] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 14.332726] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.332772] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.332823] ? trace_hardirqs_on+0x37/0xe0 [ 14.332867] ? kasan_bitops_generic+0x92/0x1c0 [ 14.332925] kasan_bitops_generic+0x121/0x1c0 [ 14.332974] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.333011] ? __pfx_read_tsc+0x10/0x10 [ 14.333049] ? ktime_get_ts64+0x86/0x230 [ 14.333094] kunit_try_run_case+0x1a5/0x480 [ 14.333140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.333184] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.333232] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.333278] ? __kthread_parkme+0x82/0x180 [ 14.333323] ? preempt_count_sub+0x50/0x80 [ 14.333375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.333422] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.333469] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.333510] kthread+0x337/0x6f0 [ 14.333537] ? trace_preempt_on+0x20/0xc0 [ 14.333575] ? __pfx_kthread+0x10/0x10 [ 14.333604] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.333655] ? calculate_sigpending+0x7b/0xa0 [ 14.333694] ? __pfx_kthread+0x10/0x10 [ 14.333729] ret_from_fork+0x41/0x80 [ 14.334075] ? __pfx_kthread+0x10/0x10 [ 14.334131] ret_from_fork_asm+0x1a/0x30 [ 14.334192] </TASK> [ 14.334215] [ 14.348095] Allocated by task 281: [ 14.348457] kasan_save_stack+0x45/0x70 [ 14.348924] kasan_save_track+0x18/0x40 [ 14.349080] kasan_save_alloc_info+0x3b/0x50 [ 14.349568] __kasan_kmalloc+0xb7/0xc0 [ 14.349937] __kmalloc_cache_noprof+0x189/0x420 [ 14.350363] kasan_bitops_generic+0x92/0x1c0 [ 14.350722] kunit_try_run_case+0x1a5/0x480 [ 14.351035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.351433] kthread+0x337/0x6f0 [ 14.351882] ret_from_fork+0x41/0x80 [ 14.352097] ret_from_fork_asm+0x1a/0x30 [ 14.352379] [ 14.352538] The buggy address belongs to the object at ffff888102662fc0 [ 14.352538] which belongs to the cache kmalloc-16 of size 16 [ 14.353330] The buggy address is located 8 bytes inside of [ 14.353330] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.354219] [ 14.354377] The buggy address belongs to the physical page: [ 14.354596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.355230] flags: 0x200000000000000(node=0|zone=2) [ 14.355635] page_type: f5(slab) [ 14.355931] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.356509] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.356941] page dumped because: kasan: bad access detected [ 14.357341] [ 14.357498] Memory state around the buggy address: [ 14.357851] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.358170] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.358616] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.359001] ^ [ 14.359336] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.360268] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.360502] ================================================================== [ 14.390078] ================================================================== [ 14.390384] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.390853] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.391337] [ 14.392153] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.392282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.392299] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.392325] Call Trace: [ 14.392352] <TASK> [ 14.392378] dump_stack_lvl+0x73/0xb0 [ 14.392415] print_report+0xd1/0x650 [ 14.392439] ? __virt_addr_valid+0x1db/0x2d0 [ 14.392461] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.392483] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.392505] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.392529] kasan_report+0x141/0x180 [ 14.392948] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.393031] kasan_check_range+0x10c/0x1c0 [ 14.393079] __kasan_check_write+0x18/0x20 [ 14.393112] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 14.393137] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.393160] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.393182] ? trace_hardirqs_on+0x37/0xe0 [ 14.393204] ? kasan_bitops_generic+0x92/0x1c0 [ 14.393227] kasan_bitops_generic+0x121/0x1c0 [ 14.393247] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.393267] ? __pfx_read_tsc+0x10/0x10 [ 14.393287] ? ktime_get_ts64+0x86/0x230 [ 14.393310] kunit_try_run_case+0x1a5/0x480 [ 14.393336] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.393356] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.393378] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.393400] ? __kthread_parkme+0x82/0x180 [ 14.393421] ? preempt_count_sub+0x50/0x80 [ 14.393445] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.393466] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.393488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.393509] kthread+0x337/0x6f0 [ 14.393525] ? trace_preempt_on+0x20/0xc0 [ 14.393570] ? __pfx_kthread+0x10/0x10 [ 14.393589] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.393609] ? calculate_sigpending+0x7b/0xa0 [ 14.393649] ? __pfx_kthread+0x10/0x10 [ 14.393670] ret_from_fork+0x41/0x80 [ 14.393691] ? __pfx_kthread+0x10/0x10 [ 14.393708] ret_from_fork_asm+0x1a/0x30 [ 14.393738] </TASK> [ 14.393750] [ 14.406349] Allocated by task 281: [ 14.407126] kasan_save_stack+0x45/0x70 [ 14.407359] kasan_save_track+0x18/0x40 [ 14.407526] kasan_save_alloc_info+0x3b/0x50 [ 14.408013] __kasan_kmalloc+0xb7/0xc0 [ 14.408402] __kmalloc_cache_noprof+0x189/0x420 [ 14.408873] kasan_bitops_generic+0x92/0x1c0 [ 14.409099] kunit_try_run_case+0x1a5/0x480 [ 14.409308] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.409542] kthread+0x337/0x6f0 [ 14.409727] ret_from_fork+0x41/0x80 [ 14.409897] ret_from_fork_asm+0x1a/0x30 [ 14.410104] [ 14.410203] The buggy address belongs to the object at ffff888102662fc0 [ 14.410203] which belongs to the cache kmalloc-16 of size 16 [ 14.411782] The buggy address is located 8 bytes inside of [ 14.411782] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.412402] [ 14.412548] The buggy address belongs to the physical page: [ 14.412805] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.413124] flags: 0x200000000000000(node=0|zone=2) [ 14.413370] page_type: f5(slab) [ 14.413707] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.414049] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.414306] page dumped because: kasan: bad access detected [ 14.414674] [ 14.414845] Memory state around the buggy address: [ 14.415272] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.415804] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.416196] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.416696] ^ [ 14.417087] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.417483] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.417918] ================================================================== [ 14.362759] ================================================================== [ 14.363061] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.363323] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.363503] [ 14.363725] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.363818] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.363842] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.363885] Call Trace: [ 14.363925] <TASK> [ 14.363960] dump_stack_lvl+0x73/0xb0 [ 14.364043] print_report+0xd1/0x650 [ 14.364089] ? __virt_addr_valid+0x1db/0x2d0 [ 14.364146] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.364192] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.364240] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.364289] kasan_report+0x141/0x180 [ 14.364331] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.364360] kasan_check_range+0x10c/0x1c0 [ 14.364380] __kasan_check_write+0x18/0x20 [ 14.364400] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 14.364423] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.364448] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.364469] ? trace_hardirqs_on+0x37/0xe0 [ 14.364491] ? kasan_bitops_generic+0x92/0x1c0 [ 14.364514] kasan_bitops_generic+0x121/0x1c0 [ 14.364533] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.364578] ? __pfx_read_tsc+0x10/0x10 [ 14.364609] ? ktime_get_ts64+0x86/0x230 [ 14.364667] kunit_try_run_case+0x1a5/0x480 [ 14.364713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364752] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.364794] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.364840] ? __kthread_parkme+0x82/0x180 [ 14.364880] ? preempt_count_sub+0x50/0x80 [ 14.364928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.364973] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.365013] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.365047] kthread+0x337/0x6f0 [ 14.365078] ? trace_preempt_on+0x20/0xc0 [ 14.365121] ? __pfx_kthread+0x10/0x10 [ 14.365159] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.365201] ? calculate_sigpending+0x7b/0xa0 [ 14.365246] ? __pfx_kthread+0x10/0x10 [ 14.365283] ret_from_fork+0x41/0x80 [ 14.365324] ? __pfx_kthread+0x10/0x10 [ 14.365356] ret_from_fork_asm+0x1a/0x30 [ 14.365395] </TASK> [ 14.365413] [ 14.377975] Allocated by task 281: [ 14.378339] kasan_save_stack+0x45/0x70 [ 14.378672] kasan_save_track+0x18/0x40 [ 14.379062] kasan_save_alloc_info+0x3b/0x50 [ 14.379349] __kasan_kmalloc+0xb7/0xc0 [ 14.379566] __kmalloc_cache_noprof+0x189/0x420 [ 14.379817] kasan_bitops_generic+0x92/0x1c0 [ 14.380013] kunit_try_run_case+0x1a5/0x480 [ 14.380224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.380464] kthread+0x337/0x6f0 [ 14.380710] ret_from_fork+0x41/0x80 [ 14.381371] ret_from_fork_asm+0x1a/0x30 [ 14.381620] [ 14.382137] The buggy address belongs to the object at ffff888102662fc0 [ 14.382137] which belongs to the cache kmalloc-16 of size 16 [ 14.382795] The buggy address is located 8 bytes inside of [ 14.382795] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.383268] [ 14.383372] The buggy address belongs to the physical page: [ 14.383697] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.384238] flags: 0x200000000000000(node=0|zone=2) [ 14.384449] page_type: f5(slab) [ 14.384683] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.384944] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.385260] page dumped because: kasan: bad access detected [ 14.385726] [ 14.385899] Memory state around the buggy address: [ 14.386289] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.386865] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.387345] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.387609] ^ [ 14.387903] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.388293] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.388635] ================================================================== [ 14.447685] ================================================================== [ 14.448166] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.449299] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.449742] [ 14.450172] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.450248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.450269] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.450309] Call Trace: [ 14.450372] <TASK> [ 14.450402] dump_stack_lvl+0x73/0xb0 [ 14.450441] print_report+0xd1/0x650 [ 14.450471] ? __virt_addr_valid+0x1db/0x2d0 [ 14.450493] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.450526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.450657] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.450712] kasan_report+0x141/0x180 [ 14.450737] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.450765] kasan_check_range+0x10c/0x1c0 [ 14.450784] __kasan_check_write+0x18/0x20 [ 14.450803] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 14.450825] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.450847] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.450868] ? trace_hardirqs_on+0x37/0xe0 [ 14.450890] ? kasan_bitops_generic+0x92/0x1c0 [ 14.450912] kasan_bitops_generic+0x121/0x1c0 [ 14.450932] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.450952] ? __pfx_read_tsc+0x10/0x10 [ 14.450970] ? ktime_get_ts64+0x86/0x230 [ 14.450994] kunit_try_run_case+0x1a5/0x480 [ 14.451019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.451061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.451083] ? __kthread_parkme+0x82/0x180 [ 14.451104] ? preempt_count_sub+0x50/0x80 [ 14.451128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.451149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.451171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.451192] kthread+0x337/0x6f0 [ 14.451209] ? trace_preempt_on+0x20/0xc0 [ 14.451229] ? __pfx_kthread+0x10/0x10 [ 14.451246] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.451266] ? calculate_sigpending+0x7b/0xa0 [ 14.451287] ? __pfx_kthread+0x10/0x10 [ 14.451304] ret_from_fork+0x41/0x80 [ 14.451323] ? __pfx_kthread+0x10/0x10 [ 14.451340] ret_from_fork_asm+0x1a/0x30 [ 14.451369] </TASK> [ 14.451382] [ 14.462534] Allocated by task 281: [ 14.462977] kasan_save_stack+0x45/0x70 [ 14.463365] kasan_save_track+0x18/0x40 [ 14.463765] kasan_save_alloc_info+0x3b/0x50 [ 14.464170] __kasan_kmalloc+0xb7/0xc0 [ 14.464344] __kmalloc_cache_noprof+0x189/0x420 [ 14.464754] kasan_bitops_generic+0x92/0x1c0 [ 14.464941] kunit_try_run_case+0x1a5/0x480 [ 14.465338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.465601] kthread+0x337/0x6f0 [ 14.465912] ret_from_fork+0x41/0x80 [ 14.466129] ret_from_fork_asm+0x1a/0x30 [ 14.466507] [ 14.466664] The buggy address belongs to the object at ffff888102662fc0 [ 14.466664] which belongs to the cache kmalloc-16 of size 16 [ 14.467035] The buggy address is located 8 bytes inside of [ 14.467035] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.467873] [ 14.468042] The buggy address belongs to the physical page: [ 14.468419] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.468860] flags: 0x200000000000000(node=0|zone=2) [ 14.469072] page_type: f5(slab) [ 14.469241] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.469645] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.470187] page dumped because: kasan: bad access detected [ 14.470602] [ 14.470801] Memory state around the buggy address: [ 14.471066] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.471311] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.471903] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.472398] ^ [ 14.472842] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.473319] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.473786] ================================================================== [ 14.500204] ================================================================== [ 14.501528] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.502160] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.502658] [ 14.502852] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.502945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.502970] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.503011] Call Trace: [ 14.503056] <TASK> [ 14.503096] dump_stack_lvl+0x73/0xb0 [ 14.503150] print_report+0xd1/0x650 [ 14.503197] ? __virt_addr_valid+0x1db/0x2d0 [ 14.503244] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.503287] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.503330] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.503373] kasan_report+0x141/0x180 [ 14.503418] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.503475] kasan_check_range+0x10c/0x1c0 [ 14.503516] __kasan_check_write+0x18/0x20 [ 14.503550] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 14.503585] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.504092] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.504176] ? trace_hardirqs_on+0x37/0xe0 [ 14.504224] ? kasan_bitops_generic+0x92/0x1c0 [ 14.504276] kasan_bitops_generic+0x121/0x1c0 [ 14.504316] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.504360] ? __pfx_read_tsc+0x10/0x10 [ 14.504400] ? ktime_get_ts64+0x86/0x230 [ 14.504451] kunit_try_run_case+0x1a5/0x480 [ 14.504502] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.504544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.504588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.504648] ? __kthread_parkme+0x82/0x180 [ 14.504695] ? preempt_count_sub+0x50/0x80 [ 14.504745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.504792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.504839] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.504881] kthread+0x337/0x6f0 [ 14.504913] ? trace_preempt_on+0x20/0xc0 [ 14.504957] ? __pfx_kthread+0x10/0x10 [ 14.504993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.505030] ? calculate_sigpending+0x7b/0xa0 [ 14.505053] ? __pfx_kthread+0x10/0x10 [ 14.505070] ret_from_fork+0x41/0x80 [ 14.505090] ? __pfx_kthread+0x10/0x10 [ 14.505107] ret_from_fork_asm+0x1a/0x30 [ 14.505135] </TASK> [ 14.505147] [ 14.515073] Allocated by task 281: [ 14.515394] kasan_save_stack+0x45/0x70 [ 14.515861] kasan_save_track+0x18/0x40 [ 14.516027] kasan_save_alloc_info+0x3b/0x50 [ 14.516206] __kasan_kmalloc+0xb7/0xc0 [ 14.516369] __kmalloc_cache_noprof+0x189/0x420 [ 14.516722] kasan_bitops_generic+0x92/0x1c0 [ 14.517055] kunit_try_run_case+0x1a5/0x480 [ 14.517384] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.517836] kthread+0x337/0x6f0 [ 14.518100] ret_from_fork+0x41/0x80 [ 14.518275] ret_from_fork_asm+0x1a/0x30 [ 14.518572] [ 14.518756] The buggy address belongs to the object at ffff888102662fc0 [ 14.518756] which belongs to the cache kmalloc-16 of size 16 [ 14.519258] The buggy address is located 8 bytes inside of [ 14.519258] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.519720] [ 14.519887] The buggy address belongs to the physical page: [ 14.520286] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.520881] flags: 0x200000000000000(node=0|zone=2) [ 14.521153] page_type: f5(slab) [ 14.521335] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.521702] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.522222] page dumped because: kasan: bad access detected [ 14.522646] [ 14.522778] Memory state around the buggy address: [ 14.523065] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.523421] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.524016] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.524316] ^ [ 14.524772] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.525017] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.525248] ================================================================== [ 14.528465] ================================================================== [ 14.529050] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.530259] Read of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.530903] [ 14.531111] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.531219] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.531246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.531307] Call Trace: [ 14.531349] <TASK> [ 14.531388] dump_stack_lvl+0x73/0xb0 [ 14.531463] print_report+0xd1/0x650 [ 14.531523] ? __virt_addr_valid+0x1db/0x2d0 [ 14.531574] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.531616] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.531684] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.531732] kasan_report+0x141/0x180 [ 14.531791] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.531846] kasan_check_range+0x10c/0x1c0 [ 14.531895] __kasan_check_read+0x15/0x20 [ 14.531938] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 14.532000] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.532051] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.532075] ? trace_hardirqs_on+0x37/0xe0 [ 14.532099] ? kasan_bitops_generic+0x92/0x1c0 [ 14.532122] kasan_bitops_generic+0x121/0x1c0 [ 14.532142] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.532163] ? __pfx_read_tsc+0x10/0x10 [ 14.532189] ? ktime_get_ts64+0x86/0x230 [ 14.532230] kunit_try_run_case+0x1a5/0x480 [ 14.532277] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.532317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.532363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.532405] ? __kthread_parkme+0x82/0x180 [ 14.532442] ? preempt_count_sub+0x50/0x80 [ 14.532483] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.532525] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.532582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.532638] kthread+0x337/0x6f0 [ 14.532675] ? trace_preempt_on+0x20/0xc0 [ 14.532723] ? __pfx_kthread+0x10/0x10 [ 14.532751] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.532772] ? calculate_sigpending+0x7b/0xa0 [ 14.532794] ? __pfx_kthread+0x10/0x10 [ 14.532812] ret_from_fork+0x41/0x80 [ 14.532832] ? __pfx_kthread+0x10/0x10 [ 14.532850] ret_from_fork_asm+0x1a/0x30 [ 14.532880] </TASK> [ 14.532893] [ 14.542201] Allocated by task 281: [ 14.542434] kasan_save_stack+0x45/0x70 [ 14.542780] kasan_save_track+0x18/0x40 [ 14.543055] kasan_save_alloc_info+0x3b/0x50 [ 14.543378] __kasan_kmalloc+0xb7/0xc0 [ 14.543693] __kmalloc_cache_noprof+0x189/0x420 [ 14.544063] kasan_bitops_generic+0x92/0x1c0 [ 14.544266] kunit_try_run_case+0x1a5/0x480 [ 14.544568] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.544803] kthread+0x337/0x6f0 [ 14.544958] ret_from_fork+0x41/0x80 [ 14.545212] ret_from_fork_asm+0x1a/0x30 [ 14.545481] [ 14.545662] The buggy address belongs to the object at ffff888102662fc0 [ 14.545662] which belongs to the cache kmalloc-16 of size 16 [ 14.546176] The buggy address is located 8 bytes inside of [ 14.546176] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.546548] [ 14.546669] The buggy address belongs to the physical page: [ 14.547138] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.547655] flags: 0x200000000000000(node=0|zone=2) [ 14.548134] page_type: f5(slab) [ 14.548299] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.548538] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.550318] page dumped because: kasan: bad access detected [ 14.550555] [ 14.550676] Memory state around the buggy address: [ 14.551037] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.551372] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.552181] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.552872] ^ [ 14.553243] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.553504] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.553954] ================================================================== [ 14.555742] ================================================================== [ 14.556104] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.556519] Read of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.556945] [ 14.557103] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.557202] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.557224] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.557265] Call Trace: [ 14.557299] <TASK> [ 14.557336] dump_stack_lvl+0x73/0xb0 [ 14.557393] print_report+0xd1/0x650 [ 14.557433] ? __virt_addr_valid+0x1db/0x2d0 [ 14.557469] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.557508] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.557582] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.557611] kasan_report+0x141/0x180 [ 14.557662] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.557710] __asan_report_load8_noabort+0x18/0x20 [ 14.557749] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 14.557789] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 14.557829] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.557866] ? trace_hardirqs_on+0x37/0xe0 [ 14.557903] ? kasan_bitops_generic+0x92/0x1c0 [ 14.557957] kasan_bitops_generic+0x121/0x1c0 [ 14.557998] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.558035] ? __pfx_read_tsc+0x10/0x10 [ 14.558074] ? ktime_get_ts64+0x86/0x230 [ 14.558118] kunit_try_run_case+0x1a5/0x480 [ 14.558167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558206] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.558244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.558267] ? __kthread_parkme+0x82/0x180 [ 14.558290] ? preempt_count_sub+0x50/0x80 [ 14.558314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.558335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.558357] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.558378] kthread+0x337/0x6f0 [ 14.558395] ? trace_preempt_on+0x20/0xc0 [ 14.558416] ? __pfx_kthread+0x10/0x10 [ 14.558434] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.558454] ? calculate_sigpending+0x7b/0xa0 [ 14.558474] ? __pfx_kthread+0x10/0x10 [ 14.558491] ret_from_fork+0x41/0x80 [ 14.558510] ? __pfx_kthread+0x10/0x10 [ 14.558527] ret_from_fork_asm+0x1a/0x30 [ 14.558578] </TASK> [ 14.558593] [ 14.567353] Allocated by task 281: [ 14.567571] kasan_save_stack+0x45/0x70 [ 14.567918] kasan_save_track+0x18/0x40 [ 14.568210] kasan_save_alloc_info+0x3b/0x50 [ 14.568534] __kasan_kmalloc+0xb7/0xc0 [ 14.568895] __kmalloc_cache_noprof+0x189/0x420 [ 14.569238] kasan_bitops_generic+0x92/0x1c0 [ 14.569548] kunit_try_run_case+0x1a5/0x480 [ 14.569874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.570084] kthread+0x337/0x6f0 [ 14.570330] ret_from_fork+0x41/0x80 [ 14.570568] ret_from_fork_asm+0x1a/0x30 [ 14.570776] [ 14.570923] The buggy address belongs to the object at ffff888102662fc0 [ 14.570923] which belongs to the cache kmalloc-16 of size 16 [ 14.571470] The buggy address is located 8 bytes inside of [ 14.571470] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.572251] [ 14.572435] The buggy address belongs to the physical page: [ 14.572763] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.573183] flags: 0x200000000000000(node=0|zone=2) [ 14.573439] page_type: f5(slab) [ 14.573717] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.574207] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.574645] page dumped because: kasan: bad access detected [ 14.574994] [ 14.575154] Memory state around the buggy address: [ 14.575477] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.575837] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.576275] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.576696] ^ [ 14.576969] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.577214] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.577447] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 14.109781] ================================================================== [ 14.110159] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.111028] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.111830] [ 14.111988] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.112065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.112079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.112104] Call Trace: [ 14.112126] <TASK> [ 14.112151] dump_stack_lvl+0x73/0xb0 [ 14.112203] print_report+0xd1/0x650 [ 14.112227] ? __virt_addr_valid+0x1db/0x2d0 [ 14.112249] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.112271] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.112293] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.112314] kasan_report+0x141/0x180 [ 14.112335] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.112361] kasan_check_range+0x10c/0x1c0 [ 14.112380] __kasan_check_write+0x18/0x20 [ 14.112399] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 14.112420] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.112441] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.112461] ? trace_hardirqs_on+0x37/0xe0 [ 14.112482] ? kasan_bitops_generic+0x92/0x1c0 [ 14.112506] kasan_bitops_generic+0x116/0x1c0 [ 14.112525] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.112545] ? __pfx_read_tsc+0x10/0x10 [ 14.112564] ? ktime_get_ts64+0x86/0x230 [ 14.112588] kunit_try_run_case+0x1a5/0x480 [ 14.112613] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.112706] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.112748] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.112784] ? __kthread_parkme+0x82/0x180 [ 14.112816] ? preempt_count_sub+0x50/0x80 [ 14.112857] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.112899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.112945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.112991] kthread+0x337/0x6f0 [ 14.113029] ? trace_preempt_on+0x20/0xc0 [ 14.113066] ? __pfx_kthread+0x10/0x10 [ 14.113087] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.113108] ? calculate_sigpending+0x7b/0xa0 [ 14.113129] ? __pfx_kthread+0x10/0x10 [ 14.113154] ret_from_fork+0x41/0x80 [ 14.113174] ? __pfx_kthread+0x10/0x10 [ 14.113191] ret_from_fork_asm+0x1a/0x30 [ 14.113220] </TASK> [ 14.113233] [ 14.125809] Allocated by task 281: [ 14.126096] kasan_save_stack+0x45/0x70 [ 14.126376] kasan_save_track+0x18/0x40 [ 14.126585] kasan_save_alloc_info+0x3b/0x50 [ 14.126832] __kasan_kmalloc+0xb7/0xc0 [ 14.127059] __kmalloc_cache_noprof+0x189/0x420 [ 14.127295] kasan_bitops_generic+0x92/0x1c0 [ 14.127526] kunit_try_run_case+0x1a5/0x480 [ 14.128312] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.128558] kthread+0x337/0x6f0 [ 14.128708] ret_from_fork+0x41/0x80 [ 14.128873] ret_from_fork_asm+0x1a/0x30 [ 14.129164] [ 14.129449] The buggy address belongs to the object at ffff888102662fc0 [ 14.129449] which belongs to the cache kmalloc-16 of size 16 [ 14.130260] The buggy address is located 8 bytes inside of [ 14.130260] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.130998] [ 14.131487] The buggy address belongs to the physical page: [ 14.132692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.133321] flags: 0x200000000000000(node=0|zone=2) [ 14.133823] page_type: f5(slab) [ 14.134096] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.134634] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.135270] page dumped because: kasan: bad access detected [ 14.135941] [ 14.136064] Memory state around the buggy address: [ 14.136226] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.137343] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.137767] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.138435] ^ [ 14.138970] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.139274] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.139844] ================================================================== [ 14.269519] ================================================================== [ 14.270748] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.271697] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.272045] [ 14.272190] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.272263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.272278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.272310] Call Trace: [ 14.272345] <TASK> [ 14.272375] dump_stack_lvl+0x73/0xb0 [ 14.272414] print_report+0xd1/0x650 [ 14.272437] ? __virt_addr_valid+0x1db/0x2d0 [ 14.272460] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.272481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.272502] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.272523] kasan_report+0x141/0x180 [ 14.272553] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.272580] kasan_check_range+0x10c/0x1c0 [ 14.272600] __kasan_check_write+0x18/0x20 [ 14.272619] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 14.272667] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.272703] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.272739] ? trace_hardirqs_on+0x37/0xe0 [ 14.272777] ? kasan_bitops_generic+0x92/0x1c0 [ 14.272819] kasan_bitops_generic+0x116/0x1c0 [ 14.272859] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.272901] ? __pfx_read_tsc+0x10/0x10 [ 14.272941] ? ktime_get_ts64+0x86/0x230 [ 14.272970] kunit_try_run_case+0x1a5/0x480 [ 14.272998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273017] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.273041] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.273062] ? __kthread_parkme+0x82/0x180 [ 14.273083] ? preempt_count_sub+0x50/0x80 [ 14.273119] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.273147] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.273168] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.273190] kthread+0x337/0x6f0 [ 14.273206] ? trace_preempt_on+0x20/0xc0 [ 14.273228] ? __pfx_kthread+0x10/0x10 [ 14.273245] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.273265] ? calculate_sigpending+0x7b/0xa0 [ 14.273284] ? __pfx_kthread+0x10/0x10 [ 14.273302] ret_from_fork+0x41/0x80 [ 14.273320] ? __pfx_kthread+0x10/0x10 [ 14.273337] ret_from_fork_asm+0x1a/0x30 [ 14.273367] </TASK> [ 14.273379] [ 14.287116] Allocated by task 281: [ 14.287651] kasan_save_stack+0x45/0x70 [ 14.288007] kasan_save_track+0x18/0x40 [ 14.288227] kasan_save_alloc_info+0x3b/0x50 [ 14.288600] __kasan_kmalloc+0xb7/0xc0 [ 14.289124] __kmalloc_cache_noprof+0x189/0x420 [ 14.289290] kasan_bitops_generic+0x92/0x1c0 [ 14.289989] kunit_try_run_case+0x1a5/0x480 [ 14.290215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.291337] kthread+0x337/0x6f0 [ 14.291564] ret_from_fork+0x41/0x80 [ 14.291716] ret_from_fork_asm+0x1a/0x30 [ 14.291922] [ 14.292231] The buggy address belongs to the object at ffff888102662fc0 [ 14.292231] which belongs to the cache kmalloc-16 of size 16 [ 14.293084] The buggy address is located 8 bytes inside of [ 14.293084] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.293936] [ 14.294088] The buggy address belongs to the physical page: [ 14.294692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.295195] flags: 0x200000000000000(node=0|zone=2) [ 14.295354] page_type: f5(slab) [ 14.295486] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.296683] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.297155] page dumped because: kasan: bad access detected [ 14.297537] [ 14.297858] Memory state around the buggy address: [ 14.298227] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.298816] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.299112] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.299417] ^ [ 14.300126] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.300834] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.301294] ================================================================== [ 14.172716] ================================================================== [ 14.173155] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.173620] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.175005] [ 14.175425] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.175526] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.175542] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.175565] Call Trace: [ 14.175593] <TASK> [ 14.175615] dump_stack_lvl+0x73/0xb0 [ 14.175686] print_report+0xd1/0x650 [ 14.175776] ? __virt_addr_valid+0x1db/0x2d0 [ 14.176125] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.176152] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.176176] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.176197] kasan_report+0x141/0x180 [ 14.176220] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.176248] kasan_check_range+0x10c/0x1c0 [ 14.176267] __kasan_check_write+0x18/0x20 [ 14.176293] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 14.176327] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.176362] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.176393] ? trace_hardirqs_on+0x37/0xe0 [ 14.176421] ? kasan_bitops_generic+0x92/0x1c0 [ 14.176445] kasan_bitops_generic+0x116/0x1c0 [ 14.176464] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.176485] ? __pfx_read_tsc+0x10/0x10 [ 14.176504] ? ktime_get_ts64+0x86/0x230 [ 14.176529] kunit_try_run_case+0x1a5/0x480 [ 14.176560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.176581] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.176604] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.176644] ? __kthread_parkme+0x82/0x180 [ 14.176669] ? preempt_count_sub+0x50/0x80 [ 14.176693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.176715] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.176737] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.176758] kthread+0x337/0x6f0 [ 14.176774] ? trace_preempt_on+0x20/0xc0 [ 14.176795] ? __pfx_kthread+0x10/0x10 [ 14.176813] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.176833] ? calculate_sigpending+0x7b/0xa0 [ 14.176854] ? __pfx_kthread+0x10/0x10 [ 14.176872] ret_from_fork+0x41/0x80 [ 14.176891] ? __pfx_kthread+0x10/0x10 [ 14.176908] ret_from_fork_asm+0x1a/0x30 [ 14.176938] </TASK> [ 14.176951] [ 14.190317] Allocated by task 281: [ 14.191167] kasan_save_stack+0x45/0x70 [ 14.191540] kasan_save_track+0x18/0x40 [ 14.191732] kasan_save_alloc_info+0x3b/0x50 [ 14.191969] __kasan_kmalloc+0xb7/0xc0 [ 14.192611] __kmalloc_cache_noprof+0x189/0x420 [ 14.193036] kasan_bitops_generic+0x92/0x1c0 [ 14.193363] kunit_try_run_case+0x1a5/0x480 [ 14.194012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.194286] kthread+0x337/0x6f0 [ 14.194900] ret_from_fork+0x41/0x80 [ 14.195215] ret_from_fork_asm+0x1a/0x30 [ 14.195571] [ 14.195776] The buggy address belongs to the object at ffff888102662fc0 [ 14.195776] which belongs to the cache kmalloc-16 of size 16 [ 14.196441] The buggy address is located 8 bytes inside of [ 14.196441] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.196887] [ 14.196993] The buggy address belongs to the physical page: [ 14.197187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.197636] flags: 0x200000000000000(node=0|zone=2) [ 14.197888] page_type: f5(slab) [ 14.198174] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.198441] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.198946] page dumped because: kasan: bad access detected [ 14.199261] [ 14.199426] Memory state around the buggy address: [ 14.199815] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.200066] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.200480] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.201977] ^ [ 14.202352] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.202492] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.202893] ================================================================== [ 14.302579] ================================================================== [ 14.303199] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.304678] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.305325] [ 14.305713] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.305826] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.305848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.305884] Call Trace: [ 14.305912] <TASK> [ 14.305936] dump_stack_lvl+0x73/0xb0 [ 14.305988] print_report+0xd1/0x650 [ 14.306013] ? __virt_addr_valid+0x1db/0x2d0 [ 14.306035] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.306057] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.306079] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.306100] kasan_report+0x141/0x180 [ 14.306121] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.306148] kasan_check_range+0x10c/0x1c0 [ 14.306166] __kasan_check_write+0x18/0x20 [ 14.306185] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 14.306205] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.306227] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.306247] ? trace_hardirqs_on+0x37/0xe0 [ 14.306269] ? kasan_bitops_generic+0x92/0x1c0 [ 14.306291] kasan_bitops_generic+0x116/0x1c0 [ 14.306311] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.306331] ? __pfx_read_tsc+0x10/0x10 [ 14.306350] ? ktime_get_ts64+0x86/0x230 [ 14.306374] kunit_try_run_case+0x1a5/0x480 [ 14.306398] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.306419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.306442] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.306463] ? __kthread_parkme+0x82/0x180 [ 14.306485] ? preempt_count_sub+0x50/0x80 [ 14.306509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.306531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.306573] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.306595] kthread+0x337/0x6f0 [ 14.306611] ? trace_preempt_on+0x20/0xc0 [ 14.306649] ? __pfx_kthread+0x10/0x10 [ 14.306668] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.306688] ? calculate_sigpending+0x7b/0xa0 [ 14.306709] ? __pfx_kthread+0x10/0x10 [ 14.306727] ret_from_fork+0x41/0x80 [ 14.306747] ? __pfx_kthread+0x10/0x10 [ 14.306764] ret_from_fork_asm+0x1a/0x30 [ 14.306793] </TASK> [ 14.306806] [ 14.316341] Allocated by task 281: [ 14.316737] kasan_save_stack+0x45/0x70 [ 14.317010] kasan_save_track+0x18/0x40 [ 14.317256] kasan_save_alloc_info+0x3b/0x50 [ 14.317595] __kasan_kmalloc+0xb7/0xc0 [ 14.317871] __kmalloc_cache_noprof+0x189/0x420 [ 14.318185] kasan_bitops_generic+0x92/0x1c0 [ 14.318513] kunit_try_run_case+0x1a5/0x480 [ 14.318716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.319172] kthread+0x337/0x6f0 [ 14.319454] ret_from_fork+0x41/0x80 [ 14.319725] ret_from_fork_asm+0x1a/0x30 [ 14.319903] [ 14.320007] The buggy address belongs to the object at ffff888102662fc0 [ 14.320007] which belongs to the cache kmalloc-16 of size 16 [ 14.320832] The buggy address is located 8 bytes inside of [ 14.320832] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.321407] [ 14.321521] The buggy address belongs to the physical page: [ 14.321755] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.322270] flags: 0x200000000000000(node=0|zone=2) [ 14.322719] page_type: f5(slab) [ 14.322939] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.323238] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.323518] page dumped because: kasan: bad access detected [ 14.323960] [ 14.324112] Memory state around the buggy address: [ 14.324435] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.325104] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.325575] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.325871] ^ [ 14.326090] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.326335] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.326920] ================================================================== [ 14.203723] ================================================================== [ 14.204064] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.204353] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.204607] [ 14.204809] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.204909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.204934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.204979] Call Trace: [ 14.205024] <TASK> [ 14.205067] dump_stack_lvl+0x73/0xb0 [ 14.205117] print_report+0xd1/0x650 [ 14.205151] ? __virt_addr_valid+0x1db/0x2d0 [ 14.205182] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.205214] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.205245] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.205275] kasan_report+0x141/0x180 [ 14.205306] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.205341] kasan_check_range+0x10c/0x1c0 [ 14.205370] __kasan_check_write+0x18/0x20 [ 14.205398] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 14.205427] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.205457] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.205487] ? trace_hardirqs_on+0x37/0xe0 [ 14.205516] ? kasan_bitops_generic+0x92/0x1c0 [ 14.205551] kasan_bitops_generic+0x116/0x1c0 [ 14.205581] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.205613] ? __pfx_read_tsc+0x10/0x10 [ 14.205667] ? ktime_get_ts64+0x86/0x230 [ 14.205710] kunit_try_run_case+0x1a5/0x480 [ 14.205751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.205785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.205831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.205876] ? __kthread_parkme+0x82/0x180 [ 14.205918] ? preempt_count_sub+0x50/0x80 [ 14.205977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.206091] kthread+0x337/0x6f0 [ 14.206117] ? trace_preempt_on+0x20/0xc0 [ 14.206196] ? __pfx_kthread+0x10/0x10 [ 14.206231] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.206271] ? calculate_sigpending+0x7b/0xa0 [ 14.206678] ? __pfx_kthread+0x10/0x10 [ 14.206749] ret_from_fork+0x41/0x80 [ 14.206797] ? __pfx_kthread+0x10/0x10 [ 14.206835] ret_from_fork_asm+0x1a/0x30 [ 14.206903] </TASK> [ 14.206928] [ 14.220876] Allocated by task 281: [ 14.221530] kasan_save_stack+0x45/0x70 [ 14.221842] kasan_save_track+0x18/0x40 [ 14.222052] kasan_save_alloc_info+0x3b/0x50 [ 14.222255] __kasan_kmalloc+0xb7/0xc0 [ 14.222900] __kmalloc_cache_noprof+0x189/0x420 [ 14.223699] kasan_bitops_generic+0x92/0x1c0 [ 14.224135] kunit_try_run_case+0x1a5/0x480 [ 14.224686] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.225085] kthread+0x337/0x6f0 [ 14.225298] ret_from_fork+0x41/0x80 [ 14.225969] ret_from_fork_asm+0x1a/0x30 [ 14.226292] [ 14.226431] The buggy address belongs to the object at ffff888102662fc0 [ 14.226431] which belongs to the cache kmalloc-16 of size 16 [ 14.227419] The buggy address is located 8 bytes inside of [ 14.227419] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.228011] [ 14.228446] The buggy address belongs to the physical page: [ 14.229207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.229855] flags: 0x200000000000000(node=0|zone=2) [ 14.230111] page_type: f5(slab) [ 14.230298] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.231221] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.231888] page dumped because: kasan: bad access detected [ 14.232244] [ 14.233052] Memory state around the buggy address: [ 14.233526] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.234001] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.234609] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.234868] ^ [ 14.235265] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.235985] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.236920] ================================================================== [ 14.077983] ================================================================== [ 14.078493] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.080181] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.080715] [ 14.080926] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.081182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.081210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.081257] Call Trace: [ 14.081373] <TASK> [ 14.081411] dump_stack_lvl+0x73/0xb0 [ 14.081459] print_report+0xd1/0x650 [ 14.081484] ? __virt_addr_valid+0x1db/0x2d0 [ 14.081507] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.081528] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.081564] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.081585] kasan_report+0x141/0x180 [ 14.081606] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.081650] kasan_check_range+0x10c/0x1c0 [ 14.081672] __kasan_check_write+0x18/0x20 [ 14.081691] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 14.081712] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.081733] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.081755] ? trace_hardirqs_on+0x37/0xe0 [ 14.081778] ? kasan_bitops_generic+0x92/0x1c0 [ 14.081802] kasan_bitops_generic+0x116/0x1c0 [ 14.081820] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.081840] ? __pfx_read_tsc+0x10/0x10 [ 14.081860] ? ktime_get_ts64+0x86/0x230 [ 14.081884] kunit_try_run_case+0x1a5/0x480 [ 14.081908] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.081929] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.081964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.081988] ? __kthread_parkme+0x82/0x180 [ 14.082010] ? preempt_count_sub+0x50/0x80 [ 14.082035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.082058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.082080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.082103] kthread+0x337/0x6f0 [ 14.082119] ? trace_preempt_on+0x20/0xc0 [ 14.082140] ? __pfx_kthread+0x10/0x10 [ 14.082157] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.082177] ? calculate_sigpending+0x7b/0xa0 [ 14.082197] ? __pfx_kthread+0x10/0x10 [ 14.082215] ret_from_fork+0x41/0x80 [ 14.082234] ? __pfx_kthread+0x10/0x10 [ 14.082250] ret_from_fork_asm+0x1a/0x30 [ 14.082283] </TASK> [ 14.082304] [ 14.093673] Allocated by task 281: [ 14.094086] kasan_save_stack+0x45/0x70 [ 14.094759] kasan_save_track+0x18/0x40 [ 14.095509] kasan_save_alloc_info+0x3b/0x50 [ 14.095876] __kasan_kmalloc+0xb7/0xc0 [ 14.096181] __kmalloc_cache_noprof+0x189/0x420 [ 14.096458] kasan_bitops_generic+0x92/0x1c0 [ 14.096945] kunit_try_run_case+0x1a5/0x480 [ 14.097152] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.097476] kthread+0x337/0x6f0 [ 14.097766] ret_from_fork+0x41/0x80 [ 14.098099] ret_from_fork_asm+0x1a/0x30 [ 14.098939] [ 14.099119] The buggy address belongs to the object at ffff888102662fc0 [ 14.099119] which belongs to the cache kmalloc-16 of size 16 [ 14.099968] The buggy address is located 8 bytes inside of [ 14.099968] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.100726] [ 14.100909] The buggy address belongs to the physical page: [ 14.101174] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.101918] flags: 0x200000000000000(node=0|zone=2) [ 14.102273] page_type: f5(slab) [ 14.102973] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.103376] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.104130] page dumped because: kasan: bad access detected [ 14.104493] [ 14.104642] Memory state around the buggy address: [ 14.104984] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.105427] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.105899] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.106838] ^ [ 14.107194] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.107778] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.108109] ================================================================== [ 14.141039] ================================================================== [ 14.141698] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.141996] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.142244] [ 14.142380] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.143237] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.143263] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.143303] Call Trace: [ 14.143440] <TASK> [ 14.143480] dump_stack_lvl+0x73/0xb0 [ 14.143540] print_report+0xd1/0x650 [ 14.143580] ? __virt_addr_valid+0x1db/0x2d0 [ 14.143638] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.143679] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.143716] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.143755] kasan_report+0x141/0x180 [ 14.143790] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.143818] kasan_check_range+0x10c/0x1c0 [ 14.143838] __kasan_check_write+0x18/0x20 [ 14.143857] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 14.143878] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.143904] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.143936] ? trace_hardirqs_on+0x37/0xe0 [ 14.143958] ? kasan_bitops_generic+0x92/0x1c0 [ 14.143981] kasan_bitops_generic+0x116/0x1c0 [ 14.144000] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.144020] ? __pfx_read_tsc+0x10/0x10 [ 14.144039] ? ktime_get_ts64+0x86/0x230 [ 14.144064] kunit_try_run_case+0x1a5/0x480 [ 14.144088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144108] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.144132] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.144153] ? __kthread_parkme+0x82/0x180 [ 14.144175] ? preempt_count_sub+0x50/0x80 [ 14.144198] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.144220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.144241] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.144263] kthread+0x337/0x6f0 [ 14.144279] ? trace_preempt_on+0x20/0xc0 [ 14.144444] ? __pfx_kthread+0x10/0x10 [ 14.144485] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.144517] ? calculate_sigpending+0x7b/0xa0 [ 14.144550] ? __pfx_kthread+0x10/0x10 [ 14.144575] ret_from_fork+0x41/0x80 [ 14.144606] ? __pfx_kthread+0x10/0x10 [ 14.144649] ret_from_fork_asm+0x1a/0x30 [ 14.144698] </TASK> [ 14.144719] [ 14.156744] Allocated by task 281: [ 14.157127] kasan_save_stack+0x45/0x70 [ 14.158164] kasan_save_track+0x18/0x40 [ 14.158605] kasan_save_alloc_info+0x3b/0x50 [ 14.158797] __kasan_kmalloc+0xb7/0xc0 [ 14.159072] __kmalloc_cache_noprof+0x189/0x420 [ 14.159669] kasan_bitops_generic+0x92/0x1c0 [ 14.159960] kunit_try_run_case+0x1a5/0x480 [ 14.160505] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.160922] kthread+0x337/0x6f0 [ 14.161170] ret_from_fork+0x41/0x80 [ 14.161863] ret_from_fork_asm+0x1a/0x30 [ 14.162119] [ 14.162233] The buggy address belongs to the object at ffff888102662fc0 [ 14.162233] which belongs to the cache kmalloc-16 of size 16 [ 14.162856] The buggy address is located 8 bytes inside of [ 14.162856] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.163460] [ 14.163609] The buggy address belongs to the physical page: [ 14.164384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.164936] flags: 0x200000000000000(node=0|zone=2) [ 14.165252] page_type: f5(slab) [ 14.166104] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.166525] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.167114] page dumped because: kasan: bad access detected [ 14.167431] [ 14.167608] Memory state around the buggy address: [ 14.168103] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.168755] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.169016] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.170060] ^ [ 14.170422] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.171172] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.171577] ================================================================== [ 14.237565] ================================================================== [ 14.237896] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.239789] Write of size 8 at addr ffff888102662fc8 by task kunit_try_catch/281 [ 14.240214] [ 14.240735] CPU: 1 UID: 0 PID: 281 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.240839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.240858] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.240893] Call Trace: [ 14.240933] <TASK> [ 14.240968] dump_stack_lvl+0x73/0xb0 [ 14.241031] print_report+0xd1/0x650 [ 14.241082] ? __virt_addr_valid+0x1db/0x2d0 [ 14.241126] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.241165] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.241218] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.241263] kasan_report+0x141/0x180 [ 14.241301] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.241375] kasan_check_range+0x10c/0x1c0 [ 14.241414] __kasan_check_write+0x18/0x20 [ 14.241447] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 14.241476] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 14.241499] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.241520] ? trace_hardirqs_on+0x37/0xe0 [ 14.241561] ? kasan_bitops_generic+0x92/0x1c0 [ 14.241586] kasan_bitops_generic+0x116/0x1c0 [ 14.241606] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 14.241642] ? __pfx_read_tsc+0x10/0x10 [ 14.241663] ? ktime_get_ts64+0x86/0x230 [ 14.241689] kunit_try_run_case+0x1a5/0x480 [ 14.241715] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.241735] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.241758] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.241781] ? __kthread_parkme+0x82/0x180 [ 14.241802] ? preempt_count_sub+0x50/0x80 [ 14.241826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.241848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.241868] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.241889] kthread+0x337/0x6f0 [ 14.241906] ? trace_preempt_on+0x20/0xc0 [ 14.241928] ? __pfx_kthread+0x10/0x10 [ 14.241956] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.241979] ? calculate_sigpending+0x7b/0xa0 [ 14.242000] ? __pfx_kthread+0x10/0x10 [ 14.242019] ret_from_fork+0x41/0x80 [ 14.242038] ? __pfx_kthread+0x10/0x10 [ 14.242058] ret_from_fork_asm+0x1a/0x30 [ 14.242090] </TASK> [ 14.242103] [ 14.255201] Allocated by task 281: [ 14.255471] kasan_save_stack+0x45/0x70 [ 14.255740] kasan_save_track+0x18/0x40 [ 14.255946] kasan_save_alloc_info+0x3b/0x50 [ 14.256179] __kasan_kmalloc+0xb7/0xc0 [ 14.256420] __kmalloc_cache_noprof+0x189/0x420 [ 14.256718] kasan_bitops_generic+0x92/0x1c0 [ 14.256954] kunit_try_run_case+0x1a5/0x480 [ 14.257142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.257349] kthread+0x337/0x6f0 [ 14.257502] ret_from_fork+0x41/0x80 [ 14.258558] ret_from_fork_asm+0x1a/0x30 [ 14.258976] [ 14.259150] The buggy address belongs to the object at ffff888102662fc0 [ 14.259150] which belongs to the cache kmalloc-16 of size 16 [ 14.260210] The buggy address is located 8 bytes inside of [ 14.260210] allocated 9-byte region [ffff888102662fc0, ffff888102662fc9) [ 14.261131] [ 14.261833] The buggy address belongs to the physical page: [ 14.262096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 14.262974] flags: 0x200000000000000(node=0|zone=2) [ 14.263281] page_type: f5(slab) [ 14.263534] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 14.264555] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 14.264901] page dumped because: kasan: bad access detected [ 14.265811] [ 14.265920] Memory state around the buggy address: [ 14.266156] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 14.266669] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 14.266994] >ffff888102662f80: fa fb fc fc fa fb fc fc 00 01 fc fc fc fc fc fc [ 14.267262] ^ [ 14.267671] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 14.268215] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 14.268687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 14.044171] ================================================================== [ 14.044681] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 14.045337] Read of size 1 at addr ffff8881039efb10 by task kunit_try_catch/279 [ 14.046452] [ 14.046657] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.046769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.046796] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.046837] Call Trace: [ 14.046875] <TASK> [ 14.046913] dump_stack_lvl+0x73/0xb0 [ 14.046974] print_report+0xd1/0x650 [ 14.047024] ? __virt_addr_valid+0x1db/0x2d0 [ 14.047068] ? strnlen+0x73/0x80 [ 14.047098] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.047123] ? strnlen+0x73/0x80 [ 14.047142] kasan_report+0x141/0x180 [ 14.047163] ? strnlen+0x73/0x80 [ 14.047184] __asan_report_load1_noabort+0x18/0x20 [ 14.047205] strnlen+0x73/0x80 [ 14.047223] kasan_strings+0x615/0xe80 [ 14.047243] ? trace_hardirqs_on+0x37/0xe0 [ 14.047265] ? __pfx_kasan_strings+0x10/0x10 [ 14.047285] ? finish_task_switch.isra.0+0x153/0x700 [ 14.047309] ? __switch_to+0x5d9/0xf60 [ 14.047329] ? dequeue_task_fair+0x166/0x4e0 [ 14.047352] ? __schedule+0x10cc/0x2b60 [ 14.047375] ? __pfx_read_tsc+0x10/0x10 [ 14.047394] ? ktime_get_ts64+0x86/0x230 [ 14.047420] kunit_try_run_case+0x1a5/0x480 [ 14.047443] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047464] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.047487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.047509] ? __kthread_parkme+0x82/0x180 [ 14.047531] ? preempt_count_sub+0x50/0x80 [ 14.047578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.047602] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.047641] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.047667] kthread+0x337/0x6f0 [ 14.047684] ? trace_preempt_on+0x20/0xc0 [ 14.047705] ? __pfx_kthread+0x10/0x10 [ 14.047722] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.047743] ? calculate_sigpending+0x7b/0xa0 [ 14.047764] ? __pfx_kthread+0x10/0x10 [ 14.047782] ret_from_fork+0x41/0x80 [ 14.047801] ? __pfx_kthread+0x10/0x10 [ 14.047818] ret_from_fork_asm+0x1a/0x30 [ 14.047849] </TASK> [ 14.047860] [ 14.055980] Allocated by task 279: [ 14.056322] kasan_save_stack+0x45/0x70 [ 14.056665] kasan_save_track+0x18/0x40 [ 14.056955] kasan_save_alloc_info+0x3b/0x50 [ 14.057272] __kasan_kmalloc+0xb7/0xc0 [ 14.057608] __kmalloc_cache_noprof+0x189/0x420 [ 14.057989] kasan_strings+0xc0/0xe80 [ 14.058270] kunit_try_run_case+0x1a5/0x480 [ 14.058513] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.058865] kthread+0x337/0x6f0 [ 14.059053] ret_from_fork+0x41/0x80 [ 14.059245] ret_from_fork_asm+0x1a/0x30 [ 14.059439] [ 14.059582] Freed by task 279: [ 14.059775] kasan_save_stack+0x45/0x70 [ 14.059969] kasan_save_track+0x18/0x40 [ 14.060159] kasan_save_free_info+0x3f/0x60 [ 14.060480] __kasan_slab_free+0x56/0x70 [ 14.060815] kfree+0x222/0x3f0 [ 14.061075] kasan_strings+0x2aa/0xe80 [ 14.061376] kunit_try_run_case+0x1a5/0x480 [ 14.061740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.062128] kthread+0x337/0x6f0 [ 14.062396] ret_from_fork+0x41/0x80 [ 14.062716] ret_from_fork_asm+0x1a/0x30 [ 14.063014] [ 14.063174] The buggy address belongs to the object at ffff8881039efb00 [ 14.063174] which belongs to the cache kmalloc-32 of size 32 [ 14.064060] The buggy address is located 16 bytes inside of [ 14.064060] freed 32-byte region [ffff8881039efb00, ffff8881039efb20) [ 14.064591] [ 14.064771] The buggy address belongs to the physical page: [ 14.065175] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 14.065576] flags: 0x200000000000000(node=0|zone=2) [ 14.065804] page_type: f5(slab) [ 14.065986] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.066409] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.066942] page dumped because: kasan: bad access detected [ 14.067330] [ 14.067479] Memory state around the buggy address: [ 14.067873] ffff8881039efa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.068352] ffff8881039efa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.068788] >ffff8881039efb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.069153] ^ [ 14.069386] ffff8881039efb80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.069787] ffff8881039efc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.070039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 14.012002] ================================================================== [ 14.012320] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 14.013077] Read of size 1 at addr ffff8881039efb10 by task kunit_try_catch/279 [ 14.013835] [ 14.013999] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 14.014106] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.014132] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.014171] Call Trace: [ 14.014233] <TASK> [ 14.014272] dump_stack_lvl+0x73/0xb0 [ 14.014334] print_report+0xd1/0x650 [ 14.014383] ? __virt_addr_valid+0x1db/0x2d0 [ 14.014426] ? strlen+0x8f/0xb0 [ 14.014476] ? kasan_complete_mode_report_info+0x64/0x200 [ 14.014516] ? strlen+0x8f/0xb0 [ 14.014582] kasan_report+0x141/0x180 [ 14.014639] ? strlen+0x8f/0xb0 [ 14.014687] __asan_report_load1_noabort+0x18/0x20 [ 14.014743] strlen+0x8f/0xb0 [ 14.014780] kasan_strings+0x57b/0xe80 [ 14.014817] ? trace_hardirqs_on+0x37/0xe0 [ 14.014862] ? __pfx_kasan_strings+0x10/0x10 [ 14.014890] ? finish_task_switch.isra.0+0x153/0x700 [ 14.014916] ? __switch_to+0x5d9/0xf60 [ 14.014936] ? dequeue_task_fair+0x166/0x4e0 [ 14.014961] ? __schedule+0x10cc/0x2b60 [ 14.014996] ? __pfx_read_tsc+0x10/0x10 [ 14.015024] ? ktime_get_ts64+0x86/0x230 [ 14.015049] kunit_try_run_case+0x1a5/0x480 [ 14.015075] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015095] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.015119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.015142] ? __kthread_parkme+0x82/0x180 [ 14.015163] ? preempt_count_sub+0x50/0x80 [ 14.015187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.015208] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.015230] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.015253] kthread+0x337/0x6f0 [ 14.015270] ? trace_preempt_on+0x20/0xc0 [ 14.015291] ? __pfx_kthread+0x10/0x10 [ 14.015308] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.015328] ? calculate_sigpending+0x7b/0xa0 [ 14.015349] ? __pfx_kthread+0x10/0x10 [ 14.015367] ret_from_fork+0x41/0x80 [ 14.015386] ? __pfx_kthread+0x10/0x10 [ 14.015403] ret_from_fork_asm+0x1a/0x30 [ 14.015432] </TASK> [ 14.015445] [ 14.026938] Allocated by task 279: [ 14.027284] kasan_save_stack+0x45/0x70 [ 14.027540] kasan_save_track+0x18/0x40 [ 14.028491] kasan_save_alloc_info+0x3b/0x50 [ 14.029448] __kasan_kmalloc+0xb7/0xc0 [ 14.029985] __kmalloc_cache_noprof+0x189/0x420 [ 14.030605] kasan_strings+0xc0/0xe80 [ 14.030888] kunit_try_run_case+0x1a5/0x480 [ 14.031167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.031381] kthread+0x337/0x6f0 [ 14.031689] ret_from_fork+0x41/0x80 [ 14.031892] ret_from_fork_asm+0x1a/0x30 [ 14.032158] [ 14.032317] Freed by task 279: [ 14.032507] kasan_save_stack+0x45/0x70 [ 14.032773] kasan_save_track+0x18/0x40 [ 14.033012] kasan_save_free_info+0x3f/0x60 [ 14.033322] __kasan_slab_free+0x56/0x70 [ 14.033611] kfree+0x222/0x3f0 [ 14.033849] kasan_strings+0x2aa/0xe80 [ 14.034014] kunit_try_run_case+0x1a5/0x480 [ 14.034409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.034921] kthread+0x337/0x6f0 [ 14.035117] ret_from_fork+0x41/0x80 [ 14.035282] ret_from_fork_asm+0x1a/0x30 [ 14.035449] [ 14.035539] The buggy address belongs to the object at ffff8881039efb00 [ 14.035539] which belongs to the cache kmalloc-32 of size 32 [ 14.036261] The buggy address is located 16 bytes inside of [ 14.036261] freed 32-byte region [ffff8881039efb00, ffff8881039efb20) [ 14.037019] [ 14.037133] The buggy address belongs to the physical page: [ 14.037330] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 14.037993] flags: 0x200000000000000(node=0|zone=2) [ 14.038389] page_type: f5(slab) [ 14.038596] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.038963] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.039414] page dumped because: kasan: bad access detected [ 14.039905] [ 14.040062] Memory state around the buggy address: [ 14.040375] ffff8881039efa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.041141] ffff8881039efa80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.041460] >ffff8881039efb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.041719] ^ [ 14.041860] ffff8881039efb80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.042102] ffff8881039efc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.042584] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.981521] ================================================================== [ 13.981832] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.982136] Read of size 1 at addr ffff8881039efb10 by task kunit_try_catch/279 [ 13.982518] [ 13.982794] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.982894] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.982919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.982974] Call Trace: [ 13.983031] <TASK> [ 13.983071] dump_stack_lvl+0x73/0xb0 [ 13.983128] print_report+0xd1/0x650 [ 13.983183] ? __virt_addr_valid+0x1db/0x2d0 [ 13.983240] ? kasan_strings+0xcbc/0xe80 [ 13.983280] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.983312] ? kasan_strings+0xcbc/0xe80 [ 13.983333] kasan_report+0x141/0x180 [ 13.983356] ? kasan_strings+0xcbc/0xe80 [ 13.983381] __asan_report_load1_noabort+0x18/0x20 [ 13.983402] kasan_strings+0xcbc/0xe80 [ 13.983421] ? trace_hardirqs_on+0x37/0xe0 [ 13.983453] ? __pfx_kasan_strings+0x10/0x10 [ 13.983484] ? finish_task_switch.isra.0+0x153/0x700 [ 13.983527] ? __switch_to+0x5d9/0xf60 [ 13.983601] ? dequeue_task_fair+0x166/0x4e0 [ 13.983667] ? __schedule+0x10cc/0x2b60 [ 13.983712] ? __pfx_read_tsc+0x10/0x10 [ 13.983746] ? ktime_get_ts64+0x86/0x230 [ 13.983792] kunit_try_run_case+0x1a5/0x480 [ 13.983849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.983942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.983990] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.984026] ? __kthread_parkme+0x82/0x180 [ 13.984049] ? preempt_count_sub+0x50/0x80 [ 13.984073] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.984097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.984120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.984142] kthread+0x337/0x6f0 [ 13.984159] ? trace_preempt_on+0x20/0xc0 [ 13.984181] ? __pfx_kthread+0x10/0x10 [ 13.984198] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.984219] ? calculate_sigpending+0x7b/0xa0 [ 13.984239] ? __pfx_kthread+0x10/0x10 [ 13.984257] ret_from_fork+0x41/0x80 [ 13.984277] ? __pfx_kthread+0x10/0x10 [ 13.984294] ret_from_fork_asm+0x1a/0x30 [ 13.984323] </TASK> [ 13.984336] [ 13.994813] Allocated by task 279: [ 13.995165] kasan_save_stack+0x45/0x70 [ 13.995532] kasan_save_track+0x18/0x40 [ 13.995911] kasan_save_alloc_info+0x3b/0x50 [ 13.996201] __kasan_kmalloc+0xb7/0xc0 [ 13.996353] __kmalloc_cache_noprof+0x189/0x420 [ 13.996535] kasan_strings+0xc0/0xe80 [ 13.996753] kunit_try_run_case+0x1a5/0x480 [ 13.996933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.997166] kthread+0x337/0x6f0 [ 13.997420] ret_from_fork+0x41/0x80 [ 13.997788] ret_from_fork_asm+0x1a/0x30 [ 13.998112] [ 13.998280] Freed by task 279: [ 13.998574] kasan_save_stack+0x45/0x70 [ 13.998887] kasan_save_track+0x18/0x40 [ 13.999192] kasan_save_free_info+0x3f/0x60 [ 13.999505] __kasan_slab_free+0x56/0x70 [ 13.999852] kfree+0x222/0x3f0 [ 14.000115] kasan_strings+0x2aa/0xe80 [ 14.000430] kunit_try_run_case+0x1a5/0x480 [ 14.000786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.001180] kthread+0x337/0x6f0 [ 14.001375] ret_from_fork+0x41/0x80 [ 14.001586] ret_from_fork_asm+0x1a/0x30 [ 14.001923] [ 14.002094] The buggy address belongs to the object at ffff8881039efb00 [ 14.002094] which belongs to the cache kmalloc-32 of size 32 [ 14.002899] The buggy address is located 16 bytes inside of [ 14.002899] freed 32-byte region [ffff8881039efb00, ffff8881039efb20) [ 14.003385] [ 14.003497] The buggy address belongs to the physical page: [ 14.003850] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 14.004401] flags: 0x200000000000000(node=0|zone=2) [ 14.004802] page_type: f5(slab) [ 14.005063] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 14.005577] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 14.005832] page dumped because: kasan: bad access detected [ 14.006033] [ 14.006134] Memory state around the buggy address: [ 14.006516] ffff8881039efa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.007078] ffff8881039efa80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.007582] >ffff8881039efb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.008036] ^ [ 14.008248] ffff8881039efb80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 14.008655] ffff8881039efc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 14.008998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.948087] ================================================================== [ 13.949651] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.950186] Read of size 1 at addr ffff8881039efb10 by task kunit_try_catch/279 [ 13.950650] [ 13.950870] CPU: 0 UID: 0 PID: 279 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.950991] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.951020] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.951072] Call Trace: [ 13.951100] <TASK> [ 13.951139] dump_stack_lvl+0x73/0xb0 [ 13.951197] print_report+0xd1/0x650 [ 13.951252] ? __virt_addr_valid+0x1db/0x2d0 [ 13.951302] ? strcmp+0xb0/0xc0 [ 13.951335] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.951375] ? strcmp+0xb0/0xc0 [ 13.951409] kasan_report+0x141/0x180 [ 13.951472] ? strcmp+0xb0/0xc0 [ 13.951519] __asan_report_load1_noabort+0x18/0x20 [ 13.951593] strcmp+0xb0/0xc0 [ 13.951645] kasan_strings+0x431/0xe80 [ 13.951696] ? trace_hardirqs_on+0x37/0xe0 [ 13.951742] ? __pfx_kasan_strings+0x10/0x10 [ 13.951778] ? finish_task_switch.isra.0+0x153/0x700 [ 13.951820] ? __switch_to+0x5d9/0xf60 [ 13.951862] ? dequeue_task_fair+0x166/0x4e0 [ 13.951902] ? __schedule+0x10cc/0x2b60 [ 13.951933] ? __pfx_read_tsc+0x10/0x10 [ 13.951960] ? ktime_get_ts64+0x86/0x230 [ 13.951993] kunit_try_run_case+0x1a5/0x480 [ 13.952025] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.952052] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.952083] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.952112] ? __kthread_parkme+0x82/0x180 [ 13.952141] ? preempt_count_sub+0x50/0x80 [ 13.952170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.952199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.952227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.952255] kthread+0x337/0x6f0 [ 13.952276] ? trace_preempt_on+0x20/0xc0 [ 13.952304] ? __pfx_kthread+0x10/0x10 [ 13.952327] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.952353] ? calculate_sigpending+0x7b/0xa0 [ 13.952375] ? __pfx_kthread+0x10/0x10 [ 13.952392] ret_from_fork+0x41/0x80 [ 13.952412] ? __pfx_kthread+0x10/0x10 [ 13.952428] ret_from_fork_asm+0x1a/0x30 [ 13.952458] </TASK> [ 13.952469] [ 13.963210] Allocated by task 279: [ 13.963466] kasan_save_stack+0x45/0x70 [ 13.963806] kasan_save_track+0x18/0x40 [ 13.964089] kasan_save_alloc_info+0x3b/0x50 [ 13.964301] __kasan_kmalloc+0xb7/0xc0 [ 13.964485] __kmalloc_cache_noprof+0x189/0x420 [ 13.965679] kasan_strings+0xc0/0xe80 [ 13.966033] kunit_try_run_case+0x1a5/0x480 [ 13.966238] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.966445] kthread+0x337/0x6f0 [ 13.966641] ret_from_fork+0x41/0x80 [ 13.967065] ret_from_fork_asm+0x1a/0x30 [ 13.967365] [ 13.967507] Freed by task 279: [ 13.967898] kasan_save_stack+0x45/0x70 [ 13.968184] kasan_save_track+0x18/0x40 [ 13.968441] kasan_save_free_info+0x3f/0x60 [ 13.968930] __kasan_slab_free+0x56/0x70 [ 13.969151] kfree+0x222/0x3f0 [ 13.969393] kasan_strings+0x2aa/0xe80 [ 13.969639] kunit_try_run_case+0x1a5/0x480 [ 13.969988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.970314] kthread+0x337/0x6f0 [ 13.970561] ret_from_fork+0x41/0x80 [ 13.970865] ret_from_fork_asm+0x1a/0x30 [ 13.971055] [ 13.971199] The buggy address belongs to the object at ffff8881039efb00 [ 13.971199] which belongs to the cache kmalloc-32 of size 32 [ 13.971616] The buggy address is located 16 bytes inside of [ 13.971616] freed 32-byte region [ffff8881039efb00, ffff8881039efb20) [ 13.973299] [ 13.973445] The buggy address belongs to the physical page: [ 13.973838] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 13.974446] flags: 0x200000000000000(node=0|zone=2) [ 13.974721] page_type: f5(slab) [ 13.975004] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.975411] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.975835] page dumped because: kasan: bad access detected [ 13.976325] [ 13.976421] Memory state around the buggy address: [ 13.976610] ffff8881039efa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.977048] ffff8881039efa80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.977509] >ffff8881039efb00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.978083] ^ [ 13.978349] ffff8881039efb80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.978720] ffff8881039efc00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.979019] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.913522] ================================================================== [ 13.914054] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.914552] Read of size 1 at addr ffff8881039efa58 by task kunit_try_catch/277 [ 13.914935] [ 13.915088] CPU: 0 UID: 0 PID: 277 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.915176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.915199] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.915239] Call Trace: [ 13.915268] <TASK> [ 13.915303] dump_stack_lvl+0x73/0xb0 [ 13.915355] print_report+0xd1/0x650 [ 13.915400] ? __virt_addr_valid+0x1db/0x2d0 [ 13.915444] ? memcmp+0x1b4/0x1d0 [ 13.915482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.915527] ? memcmp+0x1b4/0x1d0 [ 13.915557] kasan_report+0x141/0x180 [ 13.915646] ? memcmp+0x1b4/0x1d0 [ 13.915692] __asan_report_load1_noabort+0x18/0x20 [ 13.915736] memcmp+0x1b4/0x1d0 [ 13.915779] kasan_memcmp+0x18f/0x390 [ 13.915821] ? trace_hardirqs_on+0x37/0xe0 [ 13.915871] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.915913] ? finish_task_switch.isra.0+0x153/0x700 [ 13.915960] ? __switch_to+0x5d9/0xf60 [ 13.915995] ? dequeue_task_fair+0x166/0x4e0 [ 13.916034] ? __pfx_read_tsc+0x10/0x10 [ 13.916062] ? ktime_get_ts64+0x86/0x230 [ 13.916094] kunit_try_run_case+0x1a5/0x480 [ 13.916127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.916153] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.916178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.916201] ? __kthread_parkme+0x82/0x180 [ 13.916222] ? preempt_count_sub+0x50/0x80 [ 13.916246] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.916269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.916291] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.916313] kthread+0x337/0x6f0 [ 13.916329] ? trace_preempt_on+0x20/0xc0 [ 13.916350] ? __pfx_kthread+0x10/0x10 [ 13.916367] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.916388] ? calculate_sigpending+0x7b/0xa0 [ 13.916409] ? __pfx_kthread+0x10/0x10 [ 13.916426] ret_from_fork+0x41/0x80 [ 13.916445] ? __pfx_kthread+0x10/0x10 [ 13.916462] ret_from_fork_asm+0x1a/0x30 [ 13.916493] </TASK> [ 13.916505] [ 13.925403] Allocated by task 277: [ 13.925650] kasan_save_stack+0x45/0x70 [ 13.925880] kasan_save_track+0x18/0x40 [ 13.926063] kasan_save_alloc_info+0x3b/0x50 [ 13.926243] __kasan_kmalloc+0xb7/0xc0 [ 13.926407] __kmalloc_cache_noprof+0x189/0x420 [ 13.926770] kasan_memcmp+0xb7/0x390 [ 13.927102] kunit_try_run_case+0x1a5/0x480 [ 13.927443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.927876] kthread+0x337/0x6f0 [ 13.928197] ret_from_fork+0x41/0x80 [ 13.928545] ret_from_fork_asm+0x1a/0x30 [ 13.928995] [ 13.929228] The buggy address belongs to the object at ffff8881039efa40 [ 13.929228] which belongs to the cache kmalloc-32 of size 32 [ 13.930228] The buggy address is located 0 bytes to the right of [ 13.930228] allocated 24-byte region [ffff8881039efa40, ffff8881039efa58) [ 13.930918] [ 13.931099] The buggy address belongs to the physical page: [ 13.931408] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 13.931955] flags: 0x200000000000000(node=0|zone=2) [ 13.932153] page_type: f5(slab) [ 13.932383] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.933113] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.933511] page dumped because: kasan: bad access detected [ 13.933808] [ 13.934031] Memory state around the buggy address: [ 13.934277] ffff8881039ef900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.934853] ffff8881039ef980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.935252] >ffff8881039efa00: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.935667] ^ [ 13.935995] ffff8881039efa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.936240] ffff8881039efb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.936475] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.874436] ================================================================== [ 13.875709] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.876124] Read of size 1 at addr ffff888103a87c4a by task kunit_try_catch/273 [ 13.876637] [ 13.876810] CPU: 0 UID: 0 PID: 273 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.877052] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.877171] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.877222] Call Trace: [ 13.877267] <TASK> [ 13.877307] dump_stack_lvl+0x73/0xb0 [ 13.877484] print_report+0xd1/0x650 [ 13.877536] ? __virt_addr_valid+0x1db/0x2d0 [ 13.877581] ? kasan_alloca_oob_right+0x329/0x390 [ 13.877605] ? kasan_addr_to_slab+0x11/0xa0 [ 13.877645] ? kasan_alloca_oob_right+0x329/0x390 [ 13.877670] kasan_report+0x141/0x180 [ 13.877693] ? kasan_alloca_oob_right+0x329/0x390 [ 13.877719] __asan_report_load1_noabort+0x18/0x20 [ 13.877740] kasan_alloca_oob_right+0x329/0x390 [ 13.877764] ? finish_task_switch.isra.0+0x153/0x700 [ 13.877791] ? rwsem_down_read_slowpath+0x6be/0xb90 [ 13.877813] ? trace_hardirqs_on+0x37/0xe0 [ 13.877839] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.877864] ? __schedule+0x10cc/0x2b60 [ 13.877887] ? __pfx_read_tsc+0x10/0x10 [ 13.877907] ? ktime_get_ts64+0x86/0x230 [ 13.877934] kunit_try_run_case+0x1a5/0x480 [ 13.877978] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878002] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.878026] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.878050] ? __kthread_parkme+0x82/0x180 [ 13.878075] ? preempt_count_sub+0x50/0x80 [ 13.878098] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.878123] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.878146] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.878168] kthread+0x337/0x6f0 [ 13.878185] ? trace_preempt_on+0x20/0xc0 [ 13.878207] ? __pfx_kthread+0x10/0x10 [ 13.878225] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.878248] ? calculate_sigpending+0x7b/0xa0 [ 13.878270] ? __pfx_kthread+0x10/0x10 [ 13.878313] ret_from_fork+0x41/0x80 [ 13.878354] ? __pfx_kthread+0x10/0x10 [ 13.878383] ret_from_fork_asm+0x1a/0x30 [ 13.878432] </TASK> [ 13.878454] [ 13.891101] The buggy address belongs to stack of task kunit_try_catch/273 [ 13.892305] [ 13.892490] The buggy address belongs to the physical page: [ 13.893042] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a87 [ 13.893677] flags: 0x200000000000000(node=0|zone=2) [ 13.894046] raw: 0200000000000000 ffffea00040ea1c8 ffffea00040ea1c8 0000000000000000 [ 13.894634] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.894962] page dumped because: kasan: bad access detected [ 13.895304] [ 13.895891] Memory state around the buggy address: [ 13.896256] ffff888103a87b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.897146] ffff888103a87b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.897529] >ffff888103a87c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.897974] ^ [ 13.898375] ffff888103a87c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.898852] ffff888103a87d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.899451] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.847845] ================================================================== [ 13.848509] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.849243] Read of size 1 at addr ffff888103aa7c3f by task kunit_try_catch/271 [ 13.849569] [ 13.849722] CPU: 1 UID: 0 PID: 271 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.849797] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.849813] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.849844] Call Trace: [ 13.849868] <TASK> [ 13.849897] dump_stack_lvl+0x73/0xb0 [ 13.849942] print_report+0xd1/0x650 [ 13.849986] ? __virt_addr_valid+0x1db/0x2d0 [ 13.850016] ? kasan_alloca_oob_left+0x320/0x380 [ 13.850045] ? kasan_addr_to_slab+0x11/0xa0 [ 13.850068] ? kasan_alloca_oob_left+0x320/0x380 [ 13.850090] kasan_report+0x141/0x180 [ 13.850111] ? kasan_alloca_oob_left+0x320/0x380 [ 13.850137] __asan_report_load1_noabort+0x18/0x20 [ 13.850159] kasan_alloca_oob_left+0x320/0x380 [ 13.850181] ? finish_task_switch.isra.0+0x153/0x700 [ 13.850205] ? rwsem_down_read_slowpath+0x6be/0xb90 [ 13.850226] ? trace_hardirqs_on+0x37/0xe0 [ 13.850249] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.850274] ? __schedule+0x10cc/0x2b60 [ 13.850295] ? __pfx_read_tsc+0x10/0x10 [ 13.850315] ? ktime_get_ts64+0x86/0x230 [ 13.850339] kunit_try_run_case+0x1a5/0x480 [ 13.850363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.850406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.850427] ? __kthread_parkme+0x82/0x180 [ 13.850449] ? preempt_count_sub+0x50/0x80 [ 13.850471] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.850493] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.850515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.850536] kthread+0x337/0x6f0 [ 13.850565] ? trace_preempt_on+0x20/0xc0 [ 13.850597] ? __pfx_kthread+0x10/0x10 [ 13.850642] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.850676] ? calculate_sigpending+0x7b/0xa0 [ 13.850710] ? __pfx_kthread+0x10/0x10 [ 13.850735] ret_from_fork+0x41/0x80 [ 13.850768] ? __pfx_kthread+0x10/0x10 [ 13.850795] ret_from_fork_asm+0x1a/0x30 [ 13.850854] </TASK> [ 13.850875] [ 13.861845] The buggy address belongs to stack of task kunit_try_catch/271 [ 13.862448] [ 13.862642] The buggy address belongs to the physical page: [ 13.862847] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103aa7 [ 13.863305] flags: 0x200000000000000(node=0|zone=2) [ 13.863727] raw: 0200000000000000 ffffea00040ea9c8 ffffea00040ea9c8 0000000000000000 [ 13.864044] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.864348] page dumped because: kasan: bad access detected [ 13.864702] [ 13.864833] Memory state around the buggy address: [ 13.865104] ffff888103aa7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.865422] ffff888103aa7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.865768] >ffff888103aa7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.866248] ^ [ 13.866455] ffff888103aa7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.866928] ffff888103aa7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.867250] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 13.780088] ================================================================== [ 13.781035] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 13.781764] Read of size 1 at addr ffffffffa984232d by task kunit_try_catch/265 [ 13.782373] [ 13.782903] CPU: 0 UID: 0 PID: 265 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.783025] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.783053] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.783098] Call Trace: [ 13.783132] <TASK> [ 13.783176] dump_stack_lvl+0x73/0xb0 [ 13.783250] print_report+0xd1/0x650 [ 13.783291] ? __virt_addr_valid+0x1db/0x2d0 [ 13.783330] ? kasan_global_oob_right+0x286/0x2d0 [ 13.783362] ? kasan_addr_to_slab+0x11/0xa0 [ 13.783392] ? kasan_global_oob_right+0x286/0x2d0 [ 13.783426] kasan_report+0x141/0x180 [ 13.783457] ? kasan_global_oob_right+0x286/0x2d0 [ 13.783483] __asan_report_load1_noabort+0x18/0x20 [ 13.783504] kasan_global_oob_right+0x286/0x2d0 [ 13.783525] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 13.783567] ? __schedule+0x10cc/0x2b60 [ 13.783591] ? __pfx_read_tsc+0x10/0x10 [ 13.783611] ? ktime_get_ts64+0x86/0x230 [ 13.783660] kunit_try_run_case+0x1a5/0x480 [ 13.783688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.783710] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.783734] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.783756] ? __kthread_parkme+0x82/0x180 [ 13.783780] ? preempt_count_sub+0x50/0x80 [ 13.783806] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.783829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.783851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.783873] kthread+0x337/0x6f0 [ 13.783931] ? trace_preempt_on+0x20/0xc0 [ 13.783959] ? __pfx_kthread+0x10/0x10 [ 13.783977] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.783997] ? calculate_sigpending+0x7b/0xa0 [ 13.784020] ? __pfx_kthread+0x10/0x10 [ 13.784037] ret_from_fork+0x41/0x80 [ 13.784058] ? __pfx_kthread+0x10/0x10 [ 13.784075] ret_from_fork_asm+0x1a/0x30 [ 13.784107] </TASK> [ 13.784120] [ 13.796790] The buggy address belongs to the variable: [ 13.797149] global_array+0xd/0x40 [ 13.797658] [ 13.797808] The buggy address belongs to the physical page: [ 13.798899] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x60842 [ 13.799242] flags: 0x100000000002000(reserved|node=0|zone=1) [ 13.799601] raw: 0100000000002000 ffffea0001821088 ffffea0001821088 0000000000000000 [ 13.799921] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.800237] page dumped because: kasan: bad access detected [ 13.800482] [ 13.800837] Memory state around the buggy address: [ 13.801117] ffffffffa9842200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.802041] ffffffffa9842280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.802791] >ffffffffa9842300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 13.803050] ^ [ 13.803449] ffffffffa9842380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 13.804423] ffffffffa9842400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 13.804618] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 13.713113] ================================================================== [ 13.713599] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.714117] Free of addr ffff8881029daf01 by task kunit_try_catch/261 [ 13.714404] [ 13.714554] CPU: 1 UID: 0 PID: 261 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.714672] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.714701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.714750] Call Trace: [ 13.714773] <TASK> [ 13.714803] dump_stack_lvl+0x73/0xb0 [ 13.714845] print_report+0xd1/0x650 [ 13.714877] ? __virt_addr_valid+0x1db/0x2d0 [ 13.714910] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.714944] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.714968] kasan_report_invalid_free+0x10a/0x130 [ 13.714991] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.715016] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.715038] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.715060] check_slab_allocation+0x11f/0x130 [ 13.715080] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.715103] mempool_free+0x2ec/0x380 [ 13.715127] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.715150] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.715173] ? update_load_avg+0x1be/0x21b0 [ 13.715192] ? dequeue_entities+0x27e/0x1740 [ 13.715213] ? finish_task_switch.isra.0+0x153/0x700 [ 13.715237] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.715261] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 13.715282] ? dequeue_task_fair+0x166/0x4e0 [ 13.715303] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.715320] ? __pfx_mempool_kfree+0x10/0x10 [ 13.715341] ? __pfx_read_tsc+0x10/0x10 [ 13.715359] ? ktime_get_ts64+0x86/0x230 [ 13.715383] kunit_try_run_case+0x1a5/0x480 [ 13.715408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.715427] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.715451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.715472] ? __kthread_parkme+0x82/0x180 [ 13.715494] ? preempt_count_sub+0x50/0x80 [ 13.715517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.715539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.715561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.715582] kthread+0x337/0x6f0 [ 13.715599] ? trace_preempt_on+0x20/0xc0 [ 13.715769] ? __pfx_kthread+0x10/0x10 [ 13.715814] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.715850] ? calculate_sigpending+0x7b/0xa0 [ 13.715882] ? __pfx_kthread+0x10/0x10 [ 13.715912] ret_from_fork+0x41/0x80 [ 13.715946] ? __pfx_kthread+0x10/0x10 [ 13.715976] ret_from_fork_asm+0x1a/0x30 [ 13.716027] </TASK> [ 13.716051] [ 13.731064] Allocated by task 261: [ 13.731564] kasan_save_stack+0x45/0x70 [ 13.731908] kasan_save_track+0x18/0x40 [ 13.732145] kasan_save_alloc_info+0x3b/0x50 [ 13.732477] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.732944] remove_element+0x11e/0x190 [ 13.733255] mempool_alloc_preallocated+0x4d/0x90 [ 13.733434] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 13.734032] mempool_kmalloc_invalid_free+0xed/0x140 [ 13.734228] kunit_try_run_case+0x1a5/0x480 [ 13.735117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.735468] kthread+0x337/0x6f0 [ 13.735941] ret_from_fork+0x41/0x80 [ 13.736099] ret_from_fork_asm+0x1a/0x30 [ 13.736371] [ 13.736514] The buggy address belongs to the object at ffff8881029daf00 [ 13.736514] which belongs to the cache kmalloc-128 of size 128 [ 13.737076] The buggy address is located 1 bytes inside of [ 13.737076] 128-byte region [ffff8881029daf00, ffff8881029daf80) [ 13.737531] [ 13.738325] The buggy address belongs to the physical page: [ 13.738778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 13.739127] flags: 0x200000000000000(node=0|zone=2) [ 13.739707] page_type: f5(slab) [ 13.739869] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.740048] raw: 0000000000000000 0000000000100010 00000000f5000000 0000000000000000 [ 13.740219] page dumped because: kasan: bad access detected [ 13.740325] [ 13.740593] Memory state around the buggy address: [ 13.740961] ffff8881029dae00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.741390] ffff8881029dae80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.741771] >ffff8881029daf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.742092] ^ [ 13.742354] ffff8881029daf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.742921] ffff8881029db000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.743439] ================================================================== [ 13.750939] ================================================================== [ 13.751427] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.752001] Free of addr ffff888103b04001 by task kunit_try_catch/263 [ 13.752428] [ 13.752567] CPU: 1 UID: 0 PID: 263 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.752671] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.752694] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.752735] Call Trace: [ 13.752763] <TASK> [ 13.752801] dump_stack_lvl+0x73/0xb0 [ 13.752860] print_report+0xd1/0x650 [ 13.752908] ? __virt_addr_valid+0x1db/0x2d0 [ 13.752946] ? kasan_addr_to_slab+0x11/0xa0 [ 13.752977] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.753015] kasan_report_invalid_free+0x10a/0x130 [ 13.753053] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.753101] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.753143] __kasan_mempool_poison_object+0x102/0x1d0 [ 13.753191] mempool_free+0x2ec/0x380 [ 13.753242] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 13.753292] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 13.753337] ? update_load_avg+0x1be/0x21b0 [ 13.753372] ? dequeue_entities+0x27e/0x1740 [ 13.753418] ? finish_task_switch.isra.0+0x153/0x700 [ 13.753462] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 13.753504] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 13.753546] ? dequeue_task_fair+0x166/0x4e0 [ 13.753582] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.753614] ? __pfx_mempool_kfree+0x10/0x10 [ 13.753666] ? __pfx_read_tsc+0x10/0x10 [ 13.753705] ? ktime_get_ts64+0x86/0x230 [ 13.753746] kunit_try_run_case+0x1a5/0x480 [ 13.753788] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.753821] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.753859] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.753948] ? __kthread_parkme+0x82/0x180 [ 13.753996] ? preempt_count_sub+0x50/0x80 [ 13.754048] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.754091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.754116] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.754138] kthread+0x337/0x6f0 [ 13.754154] ? trace_preempt_on+0x20/0xc0 [ 13.754178] ? __pfx_kthread+0x10/0x10 [ 13.754194] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.754214] ? calculate_sigpending+0x7b/0xa0 [ 13.754234] ? __pfx_kthread+0x10/0x10 [ 13.754252] ret_from_fork+0x41/0x80 [ 13.754270] ? __pfx_kthread+0x10/0x10 [ 13.754287] ret_from_fork_asm+0x1a/0x30 [ 13.754316] </TASK> [ 13.754328] [ 13.763725] The buggy address belongs to the physical page: [ 13.764246] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b04 [ 13.764812] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.765155] flags: 0x200000000000040(head|node=0|zone=2) [ 13.765383] page_type: f8(unknown) [ 13.765568] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.766080] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.766512] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.766919] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.767223] head: 0200000000000002 ffffea00040ec101 00000000ffffffff 00000000ffffffff [ 13.767470] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.768043] page dumped because: kasan: bad access detected [ 13.768396] [ 13.768493] Memory state around the buggy address: [ 13.768902] ffff888103b03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.769208] ffff888103b03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.769510] >ffff888103b04000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.769940] ^ [ 13.770164] ffff888103b04080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.770458] ffff888103b04100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.771040] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 13.612452] ================================================================== [ 13.613009] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.613447] Free of addr ffff8881029dab00 by task kunit_try_catch/255 [ 13.613684] [ 13.613881] CPU: 1 UID: 0 PID: 255 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.614036] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.614058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.614099] Call Trace: [ 13.614122] <TASK> [ 13.614158] dump_stack_lvl+0x73/0xb0 [ 13.614232] print_report+0xd1/0x650 [ 13.614281] ? __virt_addr_valid+0x1db/0x2d0 [ 13.614329] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.614398] ? mempool_double_free_helper+0x184/0x370 [ 13.614434] kasan_report_invalid_free+0x10a/0x130 [ 13.614477] ? mempool_double_free_helper+0x184/0x370 [ 13.614523] ? mempool_double_free_helper+0x184/0x370 [ 13.614596] ? mempool_double_free_helper+0x184/0x370 [ 13.614652] check_slab_allocation+0x101/0x130 [ 13.614689] __kasan_mempool_poison_object+0x91/0x1d0 [ 13.614729] mempool_free+0x2ec/0x380 [ 13.614767] ? __wake_up+0x49/0x60 [ 13.614809] mempool_double_free_helper+0x184/0x370 [ 13.614853] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.614900] ? dequeue_entities+0x852/0x1740 [ 13.614951] ? finish_task_switch.isra.0+0x153/0x700 [ 13.615007] mempool_kmalloc_double_free+0xed/0x140 [ 13.615046] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 13.615086] ? dequeue_task_fair+0x166/0x4e0 [ 13.615130] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.615169] ? __pfx_mempool_kfree+0x10/0x10 [ 13.615213] ? __pfx_read_tsc+0x10/0x10 [ 13.615254] ? ktime_get_ts64+0x86/0x230 [ 13.615303] kunit_try_run_case+0x1a5/0x480 [ 13.615355] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.615388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.615424] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.615457] ? __kthread_parkme+0x82/0x180 [ 13.615486] ? preempt_count_sub+0x50/0x80 [ 13.615517] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.615580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.615613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.615670] kthread+0x337/0x6f0 [ 13.615700] ? trace_preempt_on+0x20/0xc0 [ 13.615743] ? __pfx_kthread+0x10/0x10 [ 13.615770] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.615803] ? calculate_sigpending+0x7b/0xa0 [ 13.615841] ? __pfx_kthread+0x10/0x10 [ 13.615869] ret_from_fork+0x41/0x80 [ 13.615899] ? __pfx_kthread+0x10/0x10 [ 13.615927] ret_from_fork_asm+0x1a/0x30 [ 13.615981] </TASK> [ 13.616006] [ 13.630944] Allocated by task 255: [ 13.631369] kasan_save_stack+0x45/0x70 [ 13.631820] kasan_save_track+0x18/0x40 [ 13.631994] kasan_save_alloc_info+0x3b/0x50 [ 13.632614] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.632883] remove_element+0x11e/0x190 [ 13.633050] mempool_alloc_preallocated+0x4d/0x90 [ 13.633483] mempool_double_free_helper+0x8a/0x370 [ 13.633923] mempool_kmalloc_double_free+0xed/0x140 [ 13.634732] kunit_try_run_case+0x1a5/0x480 [ 13.634913] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.635088] kthread+0x337/0x6f0 [ 13.635345] ret_from_fork+0x41/0x80 [ 13.635508] ret_from_fork_asm+0x1a/0x30 [ 13.635770] [ 13.635905] Freed by task 255: [ 13.636127] kasan_save_stack+0x45/0x70 [ 13.636303] kasan_save_track+0x18/0x40 [ 13.636563] kasan_save_free_info+0x3f/0x60 [ 13.636778] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.637135] mempool_free+0x2ec/0x380 [ 13.637423] mempool_double_free_helper+0x109/0x370 [ 13.637595] mempool_kmalloc_double_free+0xed/0x140 [ 13.637938] kunit_try_run_case+0x1a5/0x480 [ 13.638215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.638456] kthread+0x337/0x6f0 [ 13.638647] ret_from_fork+0x41/0x80 [ 13.638952] ret_from_fork_asm+0x1a/0x30 [ 13.639719] [ 13.639880] The buggy address belongs to the object at ffff8881029dab00 [ 13.639880] which belongs to the cache kmalloc-128 of size 128 [ 13.641114] The buggy address is located 0 bytes inside of [ 13.641114] 128-byte region [ffff8881029dab00, ffff8881029dab80) [ 13.641982] [ 13.642147] The buggy address belongs to the physical page: [ 13.642596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 13.643112] flags: 0x200000000000000(node=0|zone=2) [ 13.643990] page_type: f5(slab) [ 13.644210] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.644788] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.645226] page dumped because: kasan: bad access detected [ 13.645882] [ 13.646013] Memory state around the buggy address: [ 13.646500] ffff8881029daa00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.646905] ffff8881029daa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.647185] >ffff8881029dab00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.648038] ^ [ 13.648323] ffff8881029dab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.648743] ffff8881029dac00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.649179] ================================================================== [ 13.683868] ================================================================== [ 13.684385] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.684772] Free of addr ffff888103b6c000 by task kunit_try_catch/259 [ 13.685003] [ 13.685129] CPU: 0 UID: 0 PID: 259 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.685220] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.685237] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.685268] Call Trace: [ 13.685289] <TASK> [ 13.685318] dump_stack_lvl+0x73/0xb0 [ 13.685360] print_report+0xd1/0x650 [ 13.685391] ? __virt_addr_valid+0x1db/0x2d0 [ 13.685420] ? kasan_addr_to_slab+0x11/0xa0 [ 13.685446] ? mempool_double_free_helper+0x184/0x370 [ 13.685477] kasan_report_invalid_free+0x10a/0x130 [ 13.685507] ? mempool_double_free_helper+0x184/0x370 [ 13.685540] ? mempool_double_free_helper+0x184/0x370 [ 13.685573] __kasan_mempool_poison_pages+0x115/0x130 [ 13.685609] mempool_free+0x290/0x380 [ 13.685664] mempool_double_free_helper+0x184/0x370 [ 13.685707] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.685745] ? dequeue_entities+0x852/0x1740 [ 13.685787] ? finish_task_switch.isra.0+0x153/0x700 [ 13.685834] mempool_page_alloc_double_free+0xe8/0x140 [ 13.685876] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 13.685917] ? dequeue_task_fair+0x166/0x4e0 [ 13.685971] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.686012] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.686049] ? __pfx_read_tsc+0x10/0x10 [ 13.686080] ? ktime_get_ts64+0x86/0x230 [ 13.686159] kunit_try_run_case+0x1a5/0x480 [ 13.686206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.686242] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.686286] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.686345] ? __kthread_parkme+0x82/0x180 [ 13.686386] ? preempt_count_sub+0x50/0x80 [ 13.686432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.686485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.686524] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.686559] kthread+0x337/0x6f0 [ 13.686586] ? trace_preempt_on+0x20/0xc0 [ 13.686643] ? __pfx_kthread+0x10/0x10 [ 13.686679] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.686720] ? calculate_sigpending+0x7b/0xa0 [ 13.686766] ? __pfx_kthread+0x10/0x10 [ 13.686806] ret_from_fork+0x41/0x80 [ 13.686848] ? __pfx_kthread+0x10/0x10 [ 13.686887] ret_from_fork_asm+0x1a/0x30 [ 13.686951] </TASK> [ 13.686975] [ 13.700341] The buggy address belongs to the physical page: [ 13.700614] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b6c [ 13.701812] flags: 0x200000000000000(node=0|zone=2) [ 13.702230] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.702863] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.703261] page dumped because: kasan: bad access detected [ 13.703811] [ 13.704020] Memory state around the buggy address: [ 13.704269] ffff888103b6bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.704981] ffff888103b6bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.705423] >ffff888103b6c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.705831] ^ [ 13.706148] ffff888103b6c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.706734] ffff888103b6c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.707113] ================================================================== [ 13.654880] ================================================================== [ 13.655363] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 13.655836] Free of addr ffff888103b04000 by task kunit_try_catch/257 [ 13.656160] [ 13.656344] CPU: 1 UID: 0 PID: 257 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.656440] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.656465] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.656505] Call Trace: [ 13.656531] <TASK> [ 13.656563] dump_stack_lvl+0x73/0xb0 [ 13.656664] print_report+0xd1/0x650 [ 13.656716] ? __virt_addr_valid+0x1db/0x2d0 [ 13.656762] ? kasan_addr_to_slab+0x11/0xa0 [ 13.656798] ? mempool_double_free_helper+0x184/0x370 [ 13.656838] kasan_report_invalid_free+0x10a/0x130 [ 13.656881] ? mempool_double_free_helper+0x184/0x370 [ 13.656926] ? mempool_double_free_helper+0x184/0x370 [ 13.656968] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 13.657013] mempool_free+0x2ec/0x380 [ 13.657059] mempool_double_free_helper+0x184/0x370 [ 13.657097] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 13.657138] ? dequeue_entities+0x852/0x1740 [ 13.657186] ? finish_task_switch.isra.0+0x153/0x700 [ 13.657225] mempool_kmalloc_large_double_free+0xed/0x140 [ 13.657261] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 13.657298] ? dequeue_task_fair+0x166/0x4e0 [ 13.657337] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.657372] ? __pfx_mempool_kfree+0x10/0x10 [ 13.657410] ? __pfx_read_tsc+0x10/0x10 [ 13.657443] ? ktime_get_ts64+0x86/0x230 [ 13.657482] kunit_try_run_case+0x1a5/0x480 [ 13.657525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.657596] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.657652] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.657688] ? __kthread_parkme+0x82/0x180 [ 13.657727] ? preempt_count_sub+0x50/0x80 [ 13.657769] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.657813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.657854] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.657876] kthread+0x337/0x6f0 [ 13.657894] ? trace_preempt_on+0x20/0xc0 [ 13.657918] ? __pfx_kthread+0x10/0x10 [ 13.657936] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.657970] ? calculate_sigpending+0x7b/0xa0 [ 13.657993] ? __pfx_kthread+0x10/0x10 [ 13.658011] ret_from_fork+0x41/0x80 [ 13.658032] ? __pfx_kthread+0x10/0x10 [ 13.658050] ret_from_fork_asm+0x1a/0x30 [ 13.658081] </TASK> [ 13.658094] [ 13.666314] The buggy address belongs to the physical page: [ 13.666714] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b04 [ 13.667026] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.667287] flags: 0x200000000000040(head|node=0|zone=2) [ 13.667511] page_type: f8(unknown) [ 13.667712] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.668147] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.668563] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.669052] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.669565] head: 0200000000000002 ffffea00040ec101 00000000ffffffff 00000000ffffffff [ 13.669850] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.670111] page dumped because: kasan: bad access detected [ 13.670316] [ 13.670420] Memory state around the buggy address: [ 13.670647] ffff888103b03f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.670856] ffff888103b03f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.671317] >ffff888103b04000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.671781] ^ [ 13.672032] ffff888103b04080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.672468] ffff888103b04100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.672946] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 13.498401] ================================================================== [ 13.499059] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.500216] Read of size 1 at addr ffff888103b68000 by task kunit_try_catch/249 [ 13.500470] [ 13.500618] CPU: 0 UID: 0 PID: 249 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.501041] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.501100] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.501149] Call Trace: [ 13.501178] <TASK> [ 13.501216] dump_stack_lvl+0x73/0xb0 [ 13.501359] print_report+0xd1/0x650 [ 13.501405] ? __virt_addr_valid+0x1db/0x2d0 [ 13.501455] ? mempool_uaf_helper+0x392/0x400 [ 13.501497] ? kasan_addr_to_slab+0x11/0xa0 [ 13.501591] ? mempool_uaf_helper+0x392/0x400 [ 13.501768] kasan_report+0x141/0x180 [ 13.501816] ? mempool_uaf_helper+0x392/0x400 [ 13.501845] __asan_report_load1_noabort+0x18/0x20 [ 13.501867] mempool_uaf_helper+0x392/0x400 [ 13.501890] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.501912] ? dequeue_entities+0x852/0x1740 [ 13.501939] ? finish_task_switch.isra.0+0x153/0x700 [ 13.501982] mempool_kmalloc_large_uaf+0xef/0x140 [ 13.502007] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 13.502031] ? dequeue_task_fair+0x166/0x4e0 [ 13.502054] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.502079] ? __pfx_mempool_kfree+0x10/0x10 [ 13.502101] ? __pfx_read_tsc+0x10/0x10 [ 13.502123] ? ktime_get_ts64+0x86/0x230 [ 13.502149] kunit_try_run_case+0x1a5/0x480 [ 13.502177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.502200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.502225] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.502248] ? __kthread_parkme+0x82/0x180 [ 13.502270] ? preempt_count_sub+0x50/0x80 [ 13.502327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.502362] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.502397] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.502421] kthread+0x337/0x6f0 [ 13.502439] ? trace_preempt_on+0x20/0xc0 [ 13.502464] ? __pfx_kthread+0x10/0x10 [ 13.502482] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.502503] ? calculate_sigpending+0x7b/0xa0 [ 13.502524] ? __pfx_kthread+0x10/0x10 [ 13.502545] ret_from_fork+0x41/0x80 [ 13.502571] ? __pfx_kthread+0x10/0x10 [ 13.502588] ret_from_fork_asm+0x1a/0x30 [ 13.502619] </TASK> [ 13.502650] [ 13.516242] The buggy address belongs to the physical page: [ 13.516915] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b68 [ 13.517309] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.517884] flags: 0x200000000000040(head|node=0|zone=2) [ 13.518257] page_type: f8(unknown) [ 13.518550] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.519157] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.519489] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.519902] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.520364] head: 0200000000000002 ffffea00040eda01 00000000ffffffff 00000000ffffffff [ 13.520787] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.522039] page dumped because: kasan: bad access detected [ 13.522317] [ 13.522474] Memory state around the buggy address: [ 13.523117] ffff888103b67f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.523555] ffff888103b67f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.524074] >ffff888103b68000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.524604] ^ [ 13.525134] ffff888103b68080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.525560] ffff888103b68100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.525751] ================================================================== [ 13.581955] ================================================================== [ 13.582999] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.583553] Read of size 1 at addr ffff888103b68000 by task kunit_try_catch/253 [ 13.584037] [ 13.584186] CPU: 0 UID: 0 PID: 253 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.584402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.584435] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.584475] Call Trace: [ 13.584504] <TASK> [ 13.584541] dump_stack_lvl+0x73/0xb0 [ 13.584613] print_report+0xd1/0x650 [ 13.584683] ? __virt_addr_valid+0x1db/0x2d0 [ 13.584719] ? mempool_uaf_helper+0x392/0x400 [ 13.584774] ? kasan_addr_to_slab+0x11/0xa0 [ 13.584812] ? mempool_uaf_helper+0x392/0x400 [ 13.584858] kasan_report+0x141/0x180 [ 13.584903] ? mempool_uaf_helper+0x392/0x400 [ 13.584958] __asan_report_load1_noabort+0x18/0x20 [ 13.585003] mempool_uaf_helper+0x392/0x400 [ 13.585040] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.585078] ? dequeue_entities+0x852/0x1740 [ 13.585121] ? irqentry_exit+0x2a/0x60 [ 13.585155] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.585215] mempool_page_alloc_uaf+0xed/0x140 [ 13.585271] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.585311] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 13.585350] ? __pfx_mempool_free_pages+0x10/0x10 [ 13.585390] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.585672] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 13.585739] kunit_try_run_case+0x1a5/0x480 [ 13.585781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.585814] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.585849] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.585881] ? __kthread_parkme+0x82/0x180 [ 13.585914] ? preempt_count_sub+0x50/0x80 [ 13.585967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.585995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.586020] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.586043] kthread+0x337/0x6f0 [ 13.586062] ? trace_preempt_on+0x20/0xc0 [ 13.586087] ? __pfx_kthread+0x10/0x10 [ 13.586105] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.586126] ? calculate_sigpending+0x7b/0xa0 [ 13.586148] ? __pfx_kthread+0x10/0x10 [ 13.586166] ret_from_fork+0x41/0x80 [ 13.586189] ? __pfx_kthread+0x10/0x10 [ 13.586206] ret_from_fork_asm+0x1a/0x30 [ 13.586235] </TASK> [ 13.586248] [ 13.598937] The buggy address belongs to the physical page: [ 13.599708] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103b68 [ 13.600208] flags: 0x200000000000000(node=0|zone=2) [ 13.600799] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 13.601412] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 13.601963] page dumped because: kasan: bad access detected [ 13.602424] [ 13.602607] Memory state around the buggy address: [ 13.603149] ffff888103b67f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.603500] ffff888103b67f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.604011] >ffff888103b68000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.604505] ^ [ 13.604828] ffff888103b68080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.605506] ffff888103b68100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 13.606054] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 13.533219] ================================================================== [ 13.533763] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.534124] Read of size 1 at addr ffff8881029eb240 by task kunit_try_catch/251 [ 13.534676] [ 13.534913] CPU: 1 UID: 0 PID: 251 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.535005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.535027] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.535061] Call Trace: [ 13.535087] <TASK> [ 13.535120] dump_stack_lvl+0x73/0xb0 [ 13.535177] print_report+0xd1/0x650 [ 13.535214] ? __virt_addr_valid+0x1db/0x2d0 [ 13.535243] ? mempool_uaf_helper+0x392/0x400 [ 13.535271] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.535306] ? mempool_uaf_helper+0x392/0x400 [ 13.535339] kasan_report+0x141/0x180 [ 13.535371] ? mempool_uaf_helper+0x392/0x400 [ 13.535409] __asan_report_load1_noabort+0x18/0x20 [ 13.535437] mempool_uaf_helper+0x392/0x400 [ 13.535469] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.535504] ? finish_task_switch.isra.0+0x153/0x700 [ 13.535542] mempool_slab_uaf+0xea/0x140 [ 13.535573] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 13.535598] ? dequeue_task_fair+0x166/0x4e0 [ 13.535645] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.535678] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.535708] ? __pfx_read_tsc+0x10/0x10 [ 13.535738] ? ktime_get_ts64+0x86/0x230 [ 13.535770] kunit_try_run_case+0x1a5/0x480 [ 13.535795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.535816] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.535839] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.535861] ? __kthread_parkme+0x82/0x180 [ 13.535884] ? preempt_count_sub+0x50/0x80 [ 13.535905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.535927] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.535949] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.535970] kthread+0x337/0x6f0 [ 13.535986] ? trace_preempt_on+0x20/0xc0 [ 13.536009] ? __pfx_kthread+0x10/0x10 [ 13.536026] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.536046] ? calculate_sigpending+0x7b/0xa0 [ 13.536066] ? __pfx_kthread+0x10/0x10 [ 13.536083] ret_from_fork+0x41/0x80 [ 13.536102] ? __pfx_kthread+0x10/0x10 [ 13.536119] ret_from_fork_asm+0x1a/0x30 [ 13.536149] </TASK> [ 13.536162] [ 13.549809] Allocated by task 251: [ 13.550165] kasan_save_stack+0x45/0x70 [ 13.550940] kasan_save_track+0x18/0x40 [ 13.551167] kasan_save_alloc_info+0x3b/0x50 [ 13.551521] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.551799] remove_element+0x11e/0x190 [ 13.551988] mempool_alloc_preallocated+0x4d/0x90 [ 13.552198] mempool_uaf_helper+0x96/0x400 [ 13.553185] mempool_slab_uaf+0xea/0x140 [ 13.553349] kunit_try_run_case+0x1a5/0x480 [ 13.554157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.554613] kthread+0x337/0x6f0 [ 13.554798] ret_from_fork+0x41/0x80 [ 13.555396] ret_from_fork_asm+0x1a/0x30 [ 13.555665] [ 13.556090] Freed by task 251: [ 13.556256] kasan_save_stack+0x45/0x70 [ 13.556554] kasan_save_track+0x18/0x40 [ 13.557448] kasan_save_free_info+0x3f/0x60 [ 13.558206] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.558536] mempool_free+0x2ec/0x380 [ 13.558844] mempool_uaf_helper+0x11a/0x400 [ 13.558976] mempool_slab_uaf+0xea/0x140 [ 13.559097] kunit_try_run_case+0x1a5/0x480 [ 13.559274] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.560244] kthread+0x337/0x6f0 [ 13.560684] ret_from_fork+0x41/0x80 [ 13.561025] ret_from_fork_asm+0x1a/0x30 [ 13.561199] [ 13.561342] The buggy address belongs to the object at ffff8881029eb240 [ 13.561342] which belongs to the cache test_cache of size 123 [ 13.561949] The buggy address is located 0 bytes inside of [ 13.561949] freed 123-byte region [ffff8881029eb240, ffff8881029eb2bb) [ 13.563227] [ 13.563405] The buggy address belongs to the physical page: [ 13.564088] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029eb [ 13.564731] flags: 0x200000000000000(node=0|zone=2) [ 13.565161] page_type: f5(slab) [ 13.565567] raw: 0200000000000000 ffff888101ab5640 dead000000000122 0000000000000000 [ 13.565956] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.566383] page dumped because: kasan: bad access detected [ 13.567114] [ 13.567232] Memory state around the buggy address: [ 13.567412] ffff8881029eb100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.567726] ffff8881029eb180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.567935] >ffff8881029eb200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 13.568141] ^ [ 13.568322] ffff8881029eb280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.568459] ffff8881029eb300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.568996] ================================================================== [ 13.457066] ================================================================== [ 13.457746] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 13.458203] Read of size 1 at addr ffff8881029da700 by task kunit_try_catch/247 [ 13.458826] [ 13.458969] CPU: 1 UID: 0 PID: 247 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.459065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.459089] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.459128] Call Trace: [ 13.459154] <TASK> [ 13.459191] dump_stack_lvl+0x73/0xb0 [ 13.459248] print_report+0xd1/0x650 [ 13.459291] ? __virt_addr_valid+0x1db/0x2d0 [ 13.459333] ? mempool_uaf_helper+0x392/0x400 [ 13.459363] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.459385] ? mempool_uaf_helper+0x392/0x400 [ 13.459413] kasan_report+0x141/0x180 [ 13.459434] ? mempool_uaf_helper+0x392/0x400 [ 13.459459] __asan_report_load1_noabort+0x18/0x20 [ 13.459478] mempool_uaf_helper+0x392/0x400 [ 13.459506] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 13.459539] ? dequeue_entities+0x852/0x1740 [ 13.459583] ? finish_task_switch.isra.0+0x153/0x700 [ 13.459837] mempool_kmalloc_uaf+0xef/0x140 [ 13.459900] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 13.459944] ? dequeue_task_fair+0x166/0x4e0 [ 13.459989] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.460030] ? __pfx_mempool_kfree+0x10/0x10 [ 13.460073] ? __pfx_read_tsc+0x10/0x10 [ 13.460115] ? ktime_get_ts64+0x86/0x230 [ 13.460168] kunit_try_run_case+0x1a5/0x480 [ 13.460220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460258] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.460307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.460354] ? __kthread_parkme+0x82/0x180 [ 13.460398] ? preempt_count_sub+0x50/0x80 [ 13.460447] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.460572] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.460614] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.460665] kthread+0x337/0x6f0 [ 13.460692] ? trace_preempt_on+0x20/0xc0 [ 13.460717] ? __pfx_kthread+0x10/0x10 [ 13.460734] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.460755] ? calculate_sigpending+0x7b/0xa0 [ 13.460776] ? __pfx_kthread+0x10/0x10 [ 13.460794] ret_from_fork+0x41/0x80 [ 13.460813] ? __pfx_kthread+0x10/0x10 [ 13.460830] ret_from_fork_asm+0x1a/0x30 [ 13.460859] </TASK> [ 13.460873] [ 13.472786] Allocated by task 247: [ 13.473031] kasan_save_stack+0x45/0x70 [ 13.473390] kasan_save_track+0x18/0x40 [ 13.474022] kasan_save_alloc_info+0x3b/0x50 [ 13.474573] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.474864] remove_element+0x11e/0x190 [ 13.475126] mempool_alloc_preallocated+0x4d/0x90 [ 13.475660] mempool_uaf_helper+0x96/0x400 [ 13.475912] mempool_kmalloc_uaf+0xef/0x140 [ 13.476187] kunit_try_run_case+0x1a5/0x480 [ 13.476704] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477105] kthread+0x337/0x6f0 [ 13.477683] ret_from_fork+0x41/0x80 [ 13.478012] ret_from_fork_asm+0x1a/0x30 [ 13.478249] [ 13.478586] Freed by task 247: [ 13.478799] kasan_save_stack+0x45/0x70 [ 13.479111] kasan_save_track+0x18/0x40 [ 13.479568] kasan_save_free_info+0x3f/0x60 [ 13.479821] __kasan_mempool_poison_object+0x131/0x1d0 [ 13.480213] mempool_free+0x2ec/0x380 [ 13.480664] mempool_uaf_helper+0x11a/0x400 [ 13.481003] mempool_kmalloc_uaf+0xef/0x140 [ 13.481254] kunit_try_run_case+0x1a5/0x480 [ 13.481910] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.482456] kthread+0x337/0x6f0 [ 13.482691] ret_from_fork+0x41/0x80 [ 13.482971] ret_from_fork_asm+0x1a/0x30 [ 13.483198] [ 13.483521] The buggy address belongs to the object at ffff8881029da700 [ 13.483521] which belongs to the cache kmalloc-128 of size 128 [ 13.484016] The buggy address is located 0 bytes inside of [ 13.484016] freed 128-byte region [ffff8881029da700, ffff8881029da780) [ 13.485001] [ 13.485142] The buggy address belongs to the physical page: [ 13.485769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 13.486164] flags: 0x200000000000000(node=0|zone=2) [ 13.486746] page_type: f5(slab) [ 13.487041] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.487532] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.487981] page dumped because: kasan: bad access detected [ 13.488249] [ 13.488587] Memory state around the buggy address: [ 13.488848] ffff8881029da600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.489260] ffff8881029da680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.489848] >ffff8881029da700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.490590] ^ [ 13.490769] ffff8881029da780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.491137] ffff8881029da800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.491792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 13.373780] ================================================================== [ 13.374387] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.375460] Read of size 1 at addr ffff888103afe001 by task kunit_try_catch/243 [ 13.376098] [ 13.376663] CPU: 1 UID: 0 PID: 243 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.377064] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.377090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.377132] Call Trace: [ 13.377153] <TASK> [ 13.377177] dump_stack_lvl+0x73/0xb0 [ 13.377216] print_report+0xd1/0x650 [ 13.377239] ? __virt_addr_valid+0x1db/0x2d0 [ 13.377263] ? mempool_oob_right_helper+0x318/0x380 [ 13.377323] ? kasan_addr_to_slab+0x11/0xa0 [ 13.377357] ? mempool_oob_right_helper+0x318/0x380 [ 13.377391] kasan_report+0x141/0x180 [ 13.377421] ? mempool_oob_right_helper+0x318/0x380 [ 13.377449] __asan_report_load1_noabort+0x18/0x20 [ 13.377469] mempool_oob_right_helper+0x318/0x380 [ 13.377492] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.377515] ? dequeue_entities+0x852/0x1740 [ 13.377542] ? finish_task_switch.isra.0+0x153/0x700 [ 13.377575] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 13.377598] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 13.377637] ? dequeue_task_fair+0x166/0x4e0 [ 13.377662] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.377685] ? __pfx_mempool_kfree+0x10/0x10 [ 13.377705] ? __pfx_read_tsc+0x10/0x10 [ 13.377726] ? ktime_get_ts64+0x86/0x230 [ 13.377752] kunit_try_run_case+0x1a5/0x480 [ 13.377778] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.377799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.377823] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.377861] ? __kthread_parkme+0x82/0x180 [ 13.377884] ? preempt_count_sub+0x50/0x80 [ 13.377906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.377928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.377963] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.377988] kthread+0x337/0x6f0 [ 13.378006] ? trace_preempt_on+0x20/0xc0 [ 13.378032] ? __pfx_kthread+0x10/0x10 [ 13.378051] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.378072] ? calculate_sigpending+0x7b/0xa0 [ 13.378096] ? __pfx_kthread+0x10/0x10 [ 13.378114] ret_from_fork+0x41/0x80 [ 13.378134] ? __pfx_kthread+0x10/0x10 [ 13.378153] ret_from_fork_asm+0x1a/0x30 [ 13.378184] </TASK> [ 13.378197] [ 13.392950] The buggy address belongs to the physical page: [ 13.394062] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103afc [ 13.394636] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 13.395125] flags: 0x200000000000040(head|node=0|zone=2) [ 13.395668] page_type: f8(unknown) [ 13.396021] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.396644] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.396991] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 13.397555] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 13.398021] head: 0200000000000002 ffffea00040ebf01 00000000ffffffff 00000000ffffffff [ 13.398222] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 13.398476] page dumped because: kasan: bad access detected [ 13.398970] [ 13.399859] Memory state around the buggy address: [ 13.400252] ffff888103afdf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.401023] ffff888103afdf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.401760] >ffff888103afe000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.402268] ^ [ 13.402568] ffff888103afe080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.403722] ffff888103afe100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 13.404235] ================================================================== [ 13.338589] ================================================================== [ 13.339126] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.339722] Read of size 1 at addr ffff888102d97973 by task kunit_try_catch/241 [ 13.340098] [ 13.340330] CPU: 0 UID: 0 PID: 241 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.340419] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.340438] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.340474] Call Trace: [ 13.340498] <TASK> [ 13.341182] dump_stack_lvl+0x73/0xb0 [ 13.341493] print_report+0xd1/0x650 [ 13.341593] ? __virt_addr_valid+0x1db/0x2d0 [ 13.341652] ? mempool_oob_right_helper+0x318/0x380 [ 13.341692] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.341728] ? mempool_oob_right_helper+0x318/0x380 [ 13.341769] kasan_report+0x141/0x180 [ 13.341811] ? mempool_oob_right_helper+0x318/0x380 [ 13.341868] __asan_report_load1_noabort+0x18/0x20 [ 13.341909] mempool_oob_right_helper+0x318/0x380 [ 13.341969] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.342012] ? dequeue_entities+0x852/0x1740 [ 13.342042] ? finish_task_switch.isra.0+0x153/0x700 [ 13.342070] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.342095] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 13.342118] ? dequeue_task_fair+0x166/0x4e0 [ 13.342140] ? __pfx_mempool_kmalloc+0x10/0x10 [ 13.342164] ? __pfx_mempool_kfree+0x10/0x10 [ 13.342186] ? __pfx_read_tsc+0x10/0x10 [ 13.342206] ? ktime_get_ts64+0x86/0x230 [ 13.342232] kunit_try_run_case+0x1a5/0x480 [ 13.342259] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.342312] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.342363] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.342400] ? __kthread_parkme+0x82/0x180 [ 13.342431] ? preempt_count_sub+0x50/0x80 [ 13.342460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.342490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.342519] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.342574] kthread+0x337/0x6f0 [ 13.342593] ? trace_preempt_on+0x20/0xc0 [ 13.342618] ? __pfx_kthread+0x10/0x10 [ 13.342658] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.342679] ? calculate_sigpending+0x7b/0xa0 [ 13.342701] ? __pfx_kthread+0x10/0x10 [ 13.342719] ret_from_fork+0x41/0x80 [ 13.342739] ? __pfx_kthread+0x10/0x10 [ 13.342756] ret_from_fork_asm+0x1a/0x30 [ 13.342786] </TASK> [ 13.342801] [ 13.353420] Allocated by task 241: [ 13.353740] kasan_save_stack+0x45/0x70 [ 13.354080] kasan_save_track+0x18/0x40 [ 13.354418] kasan_save_alloc_info+0x3b/0x50 [ 13.354814] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 13.355264] remove_element+0x11e/0x190 [ 13.355456] mempool_alloc_preallocated+0x4d/0x90 [ 13.355854] mempool_oob_right_helper+0x8a/0x380 [ 13.356050] mempool_kmalloc_oob_right+0xf2/0x150 [ 13.356237] kunit_try_run_case+0x1a5/0x480 [ 13.356417] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.356820] kthread+0x337/0x6f0 [ 13.357133] ret_from_fork+0x41/0x80 [ 13.357423] ret_from_fork_asm+0x1a/0x30 [ 13.357774] [ 13.358028] The buggy address belongs to the object at ffff888102d97900 [ 13.358028] which belongs to the cache kmalloc-128 of size 128 [ 13.358323] The buggy address is located 0 bytes to the right of [ 13.358323] allocated 115-byte region [ffff888102d97900, ffff888102d97973) [ 13.359168] [ 13.359299] The buggy address belongs to the physical page: [ 13.359718] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 13.360193] flags: 0x200000000000000(node=0|zone=2) [ 13.360499] page_type: f5(slab) [ 13.360793] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 13.360991] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 13.361478] page dumped because: kasan: bad access detected [ 13.361763] [ 13.361914] Memory state around the buggy address: [ 13.362120] ffff888102d97800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.362367] ffff888102d97880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.362608] >ffff888102d97900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.362847] ^ [ 13.363588] ffff888102d97980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.364005] ffff888102d97a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 13.364350] ================================================================== [ 13.411657] ================================================================== [ 13.412163] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 13.413192] Read of size 1 at addr ffff8881039ee2bb by task kunit_try_catch/245 [ 13.414377] [ 13.414637] CPU: 0 UID: 0 PID: 245 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 13.414742] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.414761] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.414799] Call Trace: [ 13.414819] <TASK> [ 13.414853] dump_stack_lvl+0x73/0xb0 [ 13.414913] print_report+0xd1/0x650 [ 13.414947] ? __virt_addr_valid+0x1db/0x2d0 [ 13.414979] ? mempool_oob_right_helper+0x318/0x380 [ 13.415010] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.415042] ? mempool_oob_right_helper+0x318/0x380 [ 13.415077] kasan_report+0x141/0x180 [ 13.415109] ? mempool_oob_right_helper+0x318/0x380 [ 13.415150] __asan_report_load1_noabort+0x18/0x20 [ 13.415180] mempool_oob_right_helper+0x318/0x380 [ 13.415217] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 13.415257] ? finish_task_switch.isra.0+0x153/0x700 [ 13.415298] mempool_slab_oob_right+0xed/0x140 [ 13.415329] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 13.415359] ? dequeue_task_fair+0x166/0x4e0 [ 13.415392] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 13.415429] ? __pfx_mempool_free_slab+0x10/0x10 [ 13.415468] ? __pfx_read_tsc+0x10/0x10 [ 13.415504] ? ktime_get_ts64+0x86/0x230 [ 13.415829] kunit_try_run_case+0x1a5/0x480 [ 13.415871] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.415894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.415920] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.415943] ? __kthread_parkme+0x82/0x180 [ 13.415966] ? preempt_count_sub+0x50/0x80 [ 13.415989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.416012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.416034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.416056] kthread+0x337/0x6f0 [ 13.416072] ? trace_preempt_on+0x20/0xc0 [ 13.416097] ? __pfx_kthread+0x10/0x10 [ 13.416114] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.416134] ? calculate_sigpending+0x7b/0xa0 [ 13.416156] ? __pfx_kthread+0x10/0x10 [ 13.416174] ret_from_fork+0x41/0x80 [ 13.416194] ? __pfx_kthread+0x10/0x10 [ 13.416211] ret_from_fork_asm+0x1a/0x30 [ 13.416244] </TASK> [ 13.416257] [ 13.430245] Allocated by task 245: [ 13.430572] kasan_save_stack+0x45/0x70 [ 13.431156] kasan_save_track+0x18/0x40 [ 13.432047] kasan_save_alloc_info+0x3b/0x50 [ 13.432571] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 13.432903] remove_element+0x11e/0x190 [ 13.433075] mempool_alloc_preallocated+0x4d/0x90 [ 13.433562] mempool_oob_right_helper+0x8a/0x380 [ 13.433975] mempool_slab_oob_right+0xed/0x140 [ 13.434244] kunit_try_run_case+0x1a5/0x480 [ 13.434684] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.435052] kthread+0x337/0x6f0 [ 13.435254] ret_from_fork+0x41/0x80 [ 13.436207] ret_from_fork_asm+0x1a/0x30 [ 13.436595] [ 13.436776] The buggy address belongs to the object at ffff8881039ee240 [ 13.436776] which belongs to the cache test_cache of size 123 [ 13.437418] The buggy address is located 0 bytes to the right of [ 13.437418] allocated 123-byte region [ffff8881039ee240, ffff8881039ee2bb) [ 13.438111] [ 13.438233] The buggy address belongs to the physical page: [ 13.438724] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ee [ 13.439161] flags: 0x200000000000000(node=0|zone=2) [ 13.439529] page_type: f5(slab) [ 13.439753] raw: 0200000000000000 ffff888101e34780 dead000000000122 0000000000000000 [ 13.440175] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 13.440534] page dumped because: kasan: bad access detected [ 13.441724] [ 13.441896] Memory state around the buggy address: [ 13.442131] ffff8881039ee180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.442479] ffff8881039ee200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 13.443041] >ffff8881039ee280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 13.443709] ^ [ 13.443920] ffff8881039ee300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.444599] ffff8881039ee380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.444856] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.744483] ================================================================== [ 12.745086] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.745517] Read of size 1 at addr ffff888101ab53c0 by task kunit_try_catch/235 [ 12.746244] [ 12.747119] CPU: 1 UID: 0 PID: 235 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.747242] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.747258] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.747287] Call Trace: [ 12.747551] <TASK> [ 12.747609] dump_stack_lvl+0x73/0xb0 [ 12.747677] print_report+0xd1/0x650 [ 12.747704] ? __virt_addr_valid+0x1db/0x2d0 [ 12.747729] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.747749] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.747770] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.747789] kasan_report+0x141/0x180 [ 12.747810] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.747832] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.747851] __kasan_check_byte+0x3d/0x50 [ 12.747872] kmem_cache_destroy+0x25/0x1d0 [ 12.747894] kmem_cache_double_destroy+0x1bf/0x380 [ 12.747913] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.747932] ? finish_task_switch.isra.0+0x153/0x700 [ 12.747954] ? __switch_to+0x5d9/0xf60 [ 12.747975] ? dequeue_task_fair+0x166/0x4e0 [ 12.748000] ? __pfx_read_tsc+0x10/0x10 [ 12.748019] ? ktime_get_ts64+0x86/0x230 [ 12.748044] kunit_try_run_case+0x1a5/0x480 [ 12.748070] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748089] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.748112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.748133] ? __kthread_parkme+0x82/0x180 [ 12.748155] ? preempt_count_sub+0x50/0x80 [ 12.748177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.748198] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.748219] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.748240] kthread+0x337/0x6f0 [ 12.748255] ? trace_preempt_on+0x20/0xc0 [ 12.748280] ? __pfx_kthread+0x10/0x10 [ 12.748309] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.748339] ? calculate_sigpending+0x7b/0xa0 [ 12.748371] ? __pfx_kthread+0x10/0x10 [ 12.748398] ret_from_fork+0x41/0x80 [ 12.748427] ? __pfx_kthread+0x10/0x10 [ 12.748451] ret_from_fork_asm+0x1a/0x30 [ 12.748501] </TASK> [ 12.748520] [ 12.761225] Allocated by task 235: [ 12.761851] kasan_save_stack+0x45/0x70 [ 12.762198] kasan_save_track+0x18/0x40 [ 12.762815] kasan_save_alloc_info+0x3b/0x50 [ 12.763072] __kasan_slab_alloc+0x91/0xa0 [ 12.763460] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.763934] __kmem_cache_create_args+0x169/0x240 [ 12.764223] kmem_cache_double_destroy+0xd5/0x380 [ 12.764588] kunit_try_run_case+0x1a5/0x480 [ 12.764967] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.765124] kthread+0x337/0x6f0 [ 12.765433] ret_from_fork+0x41/0x80 [ 12.765959] ret_from_fork_asm+0x1a/0x30 [ 12.766316] [ 12.766472] Freed by task 235: [ 12.767177] kasan_save_stack+0x45/0x70 [ 12.767345] kasan_save_track+0x18/0x40 [ 12.767695] kasan_save_free_info+0x3f/0x60 [ 12.768181] __kasan_slab_free+0x56/0x70 [ 12.768899] kmem_cache_free+0x249/0x420 [ 12.769397] slab_kmem_cache_release+0x2e/0x40 [ 12.769763] kmem_cache_release+0x16/0x20 [ 12.769959] kobject_put+0x181/0x450 [ 12.770222] sysfs_slab_release+0x16/0x20 [ 12.770784] kmem_cache_destroy+0xf0/0x1d0 [ 12.771113] kmem_cache_double_destroy+0x14e/0x380 [ 12.771564] kunit_try_run_case+0x1a5/0x480 [ 12.771867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.772208] kthread+0x337/0x6f0 [ 12.772911] ret_from_fork+0x41/0x80 [ 12.773224] ret_from_fork_asm+0x1a/0x30 [ 12.773462] [ 12.773637] The buggy address belongs to the object at ffff888101ab53c0 [ 12.773637] which belongs to the cache kmem_cache of size 208 [ 12.774198] The buggy address is located 0 bytes inside of [ 12.774198] freed 208-byte region [ffff888101ab53c0, ffff888101ab5490) [ 12.774744] [ 12.774867] The buggy address belongs to the physical page: [ 12.775247] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101ab5 [ 12.775883] flags: 0x200000000000000(node=0|zone=2) [ 12.776245] page_type: f5(slab) [ 12.776955] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.777536] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.777984] page dumped because: kasan: bad access detected [ 12.778261] [ 12.778572] Memory state around the buggy address: [ 12.778831] ffff888101ab5280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.779234] ffff888101ab5300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.779812] >ffff888101ab5380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.780274] ^ [ 12.781079] ffff888101ab5400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.781420] ffff888101ab5480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.781949] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 12.676652] ================================================================== [ 12.677322] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.677893] Read of size 1 at addr ffff8881039eb000 by task kunit_try_catch/233 [ 12.678218] [ 12.678409] CPU: 0 UID: 0 PID: 233 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.678477] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.678910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.678960] Call Trace: [ 12.679136] <TASK> [ 12.679188] dump_stack_lvl+0x73/0xb0 [ 12.679260] print_report+0xd1/0x650 [ 12.679312] ? __virt_addr_valid+0x1db/0x2d0 [ 12.679360] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.679408] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.679444] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.679476] kasan_report+0x141/0x180 [ 12.679514] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.679559] __asan_report_load1_noabort+0x18/0x20 [ 12.679596] kmem_cache_rcu_uaf+0x3e3/0x510 [ 12.679648] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 12.679687] ? finish_task_switch.isra.0+0x153/0x700 [ 12.679731] ? __switch_to+0x5d9/0xf60 [ 12.679767] ? dequeue_task_fair+0x166/0x4e0 [ 12.679811] ? __pfx_read_tsc+0x10/0x10 [ 12.679841] ? ktime_get_ts64+0x86/0x230 [ 12.679881] kunit_try_run_case+0x1a5/0x480 [ 12.679922] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.679956] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.679995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.680033] ? __kthread_parkme+0x82/0x180 [ 12.680074] ? preempt_count_sub+0x50/0x80 [ 12.680123] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.680170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.680214] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.680267] kthread+0x337/0x6f0 [ 12.680320] ? trace_preempt_on+0x20/0xc0 [ 12.680370] ? __pfx_kthread+0x10/0x10 [ 12.680398] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.680420] ? calculate_sigpending+0x7b/0xa0 [ 12.680443] ? __pfx_kthread+0x10/0x10 [ 12.680462] ret_from_fork+0x41/0x80 [ 12.680483] ? __pfx_kthread+0x10/0x10 [ 12.680501] ret_from_fork_asm+0x1a/0x30 [ 12.680533] </TASK> [ 12.680572] [ 12.691494] Allocated by task 233: [ 12.691868] kasan_save_stack+0x45/0x70 [ 12.692192] kasan_save_track+0x18/0x40 [ 12.692516] kasan_save_alloc_info+0x3b/0x50 [ 12.692789] __kasan_slab_alloc+0x91/0xa0 [ 12.693074] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.693485] kmem_cache_rcu_uaf+0x155/0x510 [ 12.693747] kunit_try_run_case+0x1a5/0x480 [ 12.694100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.695190] kthread+0x337/0x6f0 [ 12.695379] ret_from_fork+0x41/0x80 [ 12.695607] ret_from_fork_asm+0x1a/0x30 [ 12.695920] [ 12.696077] Freed by task 0: [ 12.696248] kasan_save_stack+0x45/0x70 [ 12.696505] kasan_save_track+0x18/0x40 [ 12.696904] kasan_save_free_info+0x3f/0x60 [ 12.697234] __kasan_slab_free+0x56/0x70 [ 12.697671] slab_free_after_rcu_debug+0xe4/0x310 [ 12.698004] rcu_core+0x66c/0x1c30 [ 12.698174] rcu_core_si+0x12/0x20 [ 12.698599] handle_softirqs+0x209/0x730 [ 12.698927] __irq_exit_rcu+0xc9/0x110 [ 12.699195] irq_exit_rcu+0x12/0x20 [ 12.699581] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.699824] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.700031] [ 12.700165] Last potentially related work creation: [ 12.701220] kasan_save_stack+0x45/0x70 [ 12.701674] kasan_record_aux_stack+0xb2/0xc0 [ 12.702002] kmem_cache_free+0x131/0x420 [ 12.702238] kmem_cache_rcu_uaf+0x194/0x510 [ 12.702713] kunit_try_run_case+0x1a5/0x480 [ 12.702951] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.703215] kthread+0x337/0x6f0 [ 12.703571] ret_from_fork+0x41/0x80 [ 12.703776] ret_from_fork_asm+0x1a/0x30 [ 12.704074] [ 12.704176] The buggy address belongs to the object at ffff8881039eb000 [ 12.704176] which belongs to the cache test_cache of size 200 [ 12.704870] The buggy address is located 0 bytes inside of [ 12.704870] freed 200-byte region [ffff8881039eb000, ffff8881039eb0c8) [ 12.705524] [ 12.705861] The buggy address belongs to the physical page: [ 12.706098] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039eb [ 12.707447] flags: 0x200000000000000(node=0|zone=2) [ 12.707750] page_type: f5(slab) [ 12.708026] raw: 0200000000000000 ffff888101e34500 dead000000000122 0000000000000000 [ 12.708558] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.708959] page dumped because: kasan: bad access detected [ 12.709167] [ 12.709435] Memory state around the buggy address: [ 12.709765] ffff8881039eaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.710108] ffff8881039eaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.710646] >ffff8881039eb000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.711062] ^ [ 12.712085] ffff8881039eb080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.712583] ffff8881039eb100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.712859] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 12.601910] ================================================================== [ 12.602719] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 12.603178] Free of addr ffff8881039ea001 by task kunit_try_catch/231 [ 12.603462] [ 12.603767] CPU: 0 UID: 0 PID: 231 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.603977] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.604023] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.604062] Call Trace: [ 12.604101] <TASK> [ 12.604139] dump_stack_lvl+0x73/0xb0 [ 12.604204] print_report+0xd1/0x650 [ 12.604252] ? __virt_addr_valid+0x1db/0x2d0 [ 12.604744] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.604807] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.604855] kasan_report_invalid_free+0x10a/0x130 [ 12.604910] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.604953] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.604995] check_slab_allocation+0x11f/0x130 [ 12.605040] __kasan_slab_pre_free+0x28/0x40 [ 12.605076] kmem_cache_free+0xed/0x420 [ 12.605098] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.605118] ? kmem_cache_invalid_free+0x1d8/0x460 [ 12.605141] kmem_cache_invalid_free+0x1d8/0x460 [ 12.605161] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 12.605181] ? finish_task_switch.isra.0+0x153/0x700 [ 12.605205] ? __switch_to+0x5d9/0xf60 [ 12.605225] ? dequeue_task_fair+0x166/0x4e0 [ 12.605250] ? __pfx_read_tsc+0x10/0x10 [ 12.605270] ? ktime_get_ts64+0x86/0x230 [ 12.605329] kunit_try_run_case+0x1a5/0x480 [ 12.605375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.605407] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.605441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.605473] ? __kthread_parkme+0x82/0x180 [ 12.605497] ? preempt_count_sub+0x50/0x80 [ 12.605520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.605562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.605586] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.605608] kthread+0x337/0x6f0 [ 12.605641] ? trace_preempt_on+0x20/0xc0 [ 12.605667] ? __pfx_kthread+0x10/0x10 [ 12.605684] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.605704] ? calculate_sigpending+0x7b/0xa0 [ 12.605726] ? __pfx_kthread+0x10/0x10 [ 12.605743] ret_from_fork+0x41/0x80 [ 12.605764] ? __pfx_kthread+0x10/0x10 [ 12.605781] ret_from_fork_asm+0x1a/0x30 [ 12.605811] </TASK> [ 12.605824] [ 12.618427] Allocated by task 231: [ 12.618929] kasan_save_stack+0x45/0x70 [ 12.619379] kasan_save_track+0x18/0x40 [ 12.619835] kasan_save_alloc_info+0x3b/0x50 [ 12.620037] __kasan_slab_alloc+0x91/0xa0 [ 12.620375] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.621116] kmem_cache_invalid_free+0x157/0x460 [ 12.621758] kunit_try_run_case+0x1a5/0x480 [ 12.622116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.622455] kthread+0x337/0x6f0 [ 12.622855] ret_from_fork+0x41/0x80 [ 12.623158] ret_from_fork_asm+0x1a/0x30 [ 12.623465] [ 12.623573] The buggy address belongs to the object at ffff8881039ea000 [ 12.623573] which belongs to the cache test_cache of size 200 [ 12.624199] The buggy address is located 1 bytes inside of [ 12.624199] 200-byte region [ffff8881039ea000, ffff8881039ea0c8) [ 12.625653] [ 12.625810] The buggy address belongs to the physical page: [ 12.626104] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ea [ 12.626861] flags: 0x200000000000000(node=0|zone=2) [ 12.627121] page_type: f5(slab) [ 12.627390] raw: 0200000000000000 ffff888101e343c0 dead000000000122 0000000000000000 [ 12.628054] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.629019] page dumped because: kasan: bad access detected [ 12.629328] [ 12.629678] Memory state around the buggy address: [ 12.629980] ffff8881039e9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.630276] ffff8881039e9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.630958] >ffff8881039ea000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.631601] ^ [ 12.631795] ffff8881039ea080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.632174] ffff8881039ea100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.632670] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 12.557804] ================================================================== [ 12.558585] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 12.559132] Free of addr ffff8881029e3000 by task kunit_try_catch/229 [ 12.559556] [ 12.559755] CPU: 1 UID: 0 PID: 229 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.559842] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.559860] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.559896] Call Trace: [ 12.559919] <TASK> [ 12.559951] dump_stack_lvl+0x73/0xb0 [ 12.560002] print_report+0xd1/0x650 [ 12.560045] ? __virt_addr_valid+0x1db/0x2d0 [ 12.560087] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.560127] ? kmem_cache_double_free+0x1e5/0x480 [ 12.560165] kasan_report_invalid_free+0x10a/0x130 [ 12.560205] ? kmem_cache_double_free+0x1e5/0x480 [ 12.560238] ? kmem_cache_double_free+0x1e5/0x480 [ 12.560268] check_slab_allocation+0x101/0x130 [ 12.560301] __kasan_slab_pre_free+0x28/0x40 [ 12.560332] kmem_cache_free+0xed/0x420 [ 12.560366] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.560399] ? kmem_cache_double_free+0x1e5/0x480 [ 12.560435] kmem_cache_double_free+0x1e5/0x480 [ 12.560469] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.560507] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.560562] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 12.560612] kunit_try_run_case+0x1a5/0x480 [ 12.560795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.560840] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.560880] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.560914] ? __kthread_parkme+0x82/0x180 [ 12.560949] ? preempt_count_sub+0x50/0x80 [ 12.560993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.561038] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.561082] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.561127] kthread+0x337/0x6f0 [ 12.561153] ? trace_preempt_on+0x20/0xc0 [ 12.561178] ? __pfx_kthread+0x10/0x10 [ 12.561195] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.561215] ? calculate_sigpending+0x7b/0xa0 [ 12.561236] ? __pfx_kthread+0x10/0x10 [ 12.561254] ret_from_fork+0x41/0x80 [ 12.561274] ? __pfx_kthread+0x10/0x10 [ 12.561326] ret_from_fork_asm+0x1a/0x30 [ 12.561385] </TASK> [ 12.561400] [ 12.572137] Allocated by task 229: [ 12.572381] kasan_save_stack+0x45/0x70 [ 12.572865] kasan_save_track+0x18/0x40 [ 12.573181] kasan_save_alloc_info+0x3b/0x50 [ 12.573664] __kasan_slab_alloc+0x91/0xa0 [ 12.573927] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.574259] kmem_cache_double_free+0x14f/0x480 [ 12.574683] kunit_try_run_case+0x1a5/0x480 [ 12.574875] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.575073] kthread+0x337/0x6f0 [ 12.575400] ret_from_fork+0x41/0x80 [ 12.575721] ret_from_fork_asm+0x1a/0x30 [ 12.576023] [ 12.576176] Freed by task 229: [ 12.577235] kasan_save_stack+0x45/0x70 [ 12.577765] kasan_save_track+0x18/0x40 [ 12.578095] kasan_save_free_info+0x3f/0x60 [ 12.578506] __kasan_slab_free+0x56/0x70 [ 12.578854] kmem_cache_free+0x249/0x420 [ 12.579076] kmem_cache_double_free+0x16a/0x480 [ 12.579516] kunit_try_run_case+0x1a5/0x480 [ 12.579806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.580054] kthread+0x337/0x6f0 [ 12.580209] ret_from_fork+0x41/0x80 [ 12.580639] ret_from_fork_asm+0x1a/0x30 [ 12.580947] [ 12.581090] The buggy address belongs to the object at ffff8881029e3000 [ 12.581090] which belongs to the cache test_cache of size 200 [ 12.581687] The buggy address is located 0 bytes inside of [ 12.581687] 200-byte region [ffff8881029e3000, ffff8881029e30c8) [ 12.582095] [ 12.582206] The buggy address belongs to the physical page: [ 12.582532] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e3 [ 12.583047] flags: 0x200000000000000(node=0|zone=2) [ 12.583391] page_type: f5(slab) [ 12.584566] raw: 0200000000000000 ffff888101ab5280 dead000000000122 0000000000000000 [ 12.584912] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.585501] page dumped because: kasan: bad access detected [ 12.585832] [ 12.585979] Memory state around the buggy address: [ 12.586238] ffff8881029e2f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.586867] ffff8881029e2f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.587216] >ffff8881029e3000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.587798] ^ [ 12.587968] ffff8881029e3080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 12.588960] ffff8881029e3100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.589472] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 12.507713] ================================================================== [ 12.508204] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 12.508952] Read of size 1 at addr ffff8881039e50c8 by task kunit_try_catch/227 [ 12.509372] [ 12.509571] CPU: 0 UID: 0 PID: 227 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.509827] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.509853] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.509894] Call Trace: [ 12.509920] <TASK> [ 12.509965] dump_stack_lvl+0x73/0xb0 [ 12.510030] print_report+0xd1/0x650 [ 12.510076] ? __virt_addr_valid+0x1db/0x2d0 [ 12.510114] ? kmem_cache_oob+0x402/0x530 [ 12.510147] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.510192] ? kmem_cache_oob+0x402/0x530 [ 12.510227] kasan_report+0x141/0x180 [ 12.510269] ? kmem_cache_oob+0x402/0x530 [ 12.510805] __asan_report_load1_noabort+0x18/0x20 [ 12.510855] kmem_cache_oob+0x402/0x530 [ 12.510890] ? trace_hardirqs_on+0x37/0xe0 [ 12.510932] ? __pfx_kmem_cache_oob+0x10/0x10 [ 12.510961] ? finish_task_switch.isra.0+0x153/0x700 [ 12.511001] ? __switch_to+0x5d9/0xf60 [ 12.511035] ? dequeue_task_fair+0x166/0x4e0 [ 12.511078] ? __pfx_read_tsc+0x10/0x10 [ 12.511100] ? ktime_get_ts64+0x86/0x230 [ 12.511124] kunit_try_run_case+0x1a5/0x480 [ 12.511149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.511170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.511195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.511217] ? __kthread_parkme+0x82/0x180 [ 12.511239] ? preempt_count_sub+0x50/0x80 [ 12.511261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.511391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.511419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.511440] kthread+0x337/0x6f0 [ 12.511457] ? trace_preempt_on+0x20/0xc0 [ 12.511479] ? __pfx_kthread+0x10/0x10 [ 12.511495] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.511515] ? calculate_sigpending+0x7b/0xa0 [ 12.511551] ? __pfx_kthread+0x10/0x10 [ 12.511572] ret_from_fork+0x41/0x80 [ 12.511593] ? __pfx_kthread+0x10/0x10 [ 12.511610] ret_from_fork_asm+0x1a/0x30 [ 12.511656] </TASK> [ 12.511669] [ 12.523948] Allocated by task 227: [ 12.524206] kasan_save_stack+0x45/0x70 [ 12.524802] kasan_save_track+0x18/0x40 [ 12.525015] kasan_save_alloc_info+0x3b/0x50 [ 12.525190] __kasan_slab_alloc+0x91/0xa0 [ 12.525738] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.526116] kmem_cache_oob+0x157/0x530 [ 12.526925] kunit_try_run_case+0x1a5/0x480 [ 12.527275] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.527844] kthread+0x337/0x6f0 [ 12.528056] ret_from_fork+0x41/0x80 [ 12.528485] ret_from_fork_asm+0x1a/0x30 [ 12.528820] [ 12.528974] The buggy address belongs to the object at ffff8881039e5000 [ 12.528974] which belongs to the cache test_cache of size 200 [ 12.530006] The buggy address is located 0 bytes to the right of [ 12.530006] allocated 200-byte region [ffff8881039e5000, ffff8881039e50c8) [ 12.530853] [ 12.530956] The buggy address belongs to the physical page: [ 12.531594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e5 [ 12.532240] flags: 0x200000000000000(node=0|zone=2) [ 12.532724] page_type: f5(slab) [ 12.532959] raw: 0200000000000000 ffff888101e34280 dead000000000122 0000000000000000 [ 12.533266] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 12.533719] page dumped because: kasan: bad access detected [ 12.533952] [ 12.534109] Memory state around the buggy address: [ 12.534373] ffff8881039e4f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.534803] ffff8881039e5000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.535038] >ffff8881039e5080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 12.535261] ^ [ 12.536255] ffff8881039e5100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.536677] ffff8881039e5180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.537039] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 12.454886] ================================================================== [ 12.455445] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 12.455807] Read of size 8 at addr ffff8881039e0380 by task kunit_try_catch/220 [ 12.456293] [ 12.456491] CPU: 0 UID: 0 PID: 220 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.456548] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.456560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.456584] Call Trace: [ 12.456600] <TASK> [ 12.456666] dump_stack_lvl+0x73/0xb0 [ 12.456810] print_report+0xd1/0x650 [ 12.456847] ? __virt_addr_valid+0x1db/0x2d0 [ 12.456877] ? workqueue_uaf+0x4d6/0x560 [ 12.456904] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.456934] ? workqueue_uaf+0x4d6/0x560 [ 12.456964] kasan_report+0x141/0x180 [ 12.456995] ? workqueue_uaf+0x4d6/0x560 [ 12.457030] __asan_report_load8_noabort+0x18/0x20 [ 12.457061] workqueue_uaf+0x4d6/0x560 [ 12.457093] ? __pfx_workqueue_uaf+0x10/0x10 [ 12.457127] ? __schedule+0x10cc/0x2b60 [ 12.457166] ? __pfx_read_tsc+0x10/0x10 [ 12.457199] ? ktime_get_ts64+0x86/0x230 [ 12.457239] kunit_try_run_case+0x1a5/0x480 [ 12.458091] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.458176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.458209] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.458233] ? __kthread_parkme+0x82/0x180 [ 12.458256] ? preempt_count_sub+0x50/0x80 [ 12.458286] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.458329] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.458365] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.458397] kthread+0x337/0x6f0 [ 12.458423] ? trace_preempt_on+0x20/0xc0 [ 12.458449] ? __pfx_kthread+0x10/0x10 [ 12.458467] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.458488] ? calculate_sigpending+0x7b/0xa0 [ 12.458509] ? __pfx_kthread+0x10/0x10 [ 12.458526] ret_from_fork+0x41/0x80 [ 12.458560] ? __pfx_kthread+0x10/0x10 [ 12.458579] ret_from_fork_asm+0x1a/0x30 [ 12.458609] </TASK> [ 12.458637] [ 12.470223] Allocated by task 220: [ 12.470800] kasan_save_stack+0x45/0x70 [ 12.471200] kasan_save_track+0x18/0x40 [ 12.471670] kasan_save_alloc_info+0x3b/0x50 [ 12.472015] __kasan_kmalloc+0xb7/0xc0 [ 12.472380] __kmalloc_cache_noprof+0x189/0x420 [ 12.472906] workqueue_uaf+0x152/0x560 [ 12.473500] kunit_try_run_case+0x1a5/0x480 [ 12.473697] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.473847] kthread+0x337/0x6f0 [ 12.473968] ret_from_fork+0x41/0x80 [ 12.474090] ret_from_fork_asm+0x1a/0x30 [ 12.474728] [ 12.474930] Freed by task 90: [ 12.475082] kasan_save_stack+0x45/0x70 [ 12.475257] kasan_save_track+0x18/0x40 [ 12.475380] kasan_save_free_info+0x3f/0x60 [ 12.475469] __kasan_slab_free+0x56/0x70 [ 12.475574] kfree+0x222/0x3f0 [ 12.476244] workqueue_uaf_work+0x12/0x20 [ 12.476713] process_one_work+0x5ee/0xf60 [ 12.477058] worker_thread+0x758/0x1220 [ 12.477489] kthread+0x337/0x6f0 [ 12.477953] ret_from_fork+0x41/0x80 [ 12.478270] ret_from_fork_asm+0x1a/0x30 [ 12.478717] [ 12.478882] Last potentially related work creation: [ 12.479222] kasan_save_stack+0x45/0x70 [ 12.479971] kasan_record_aux_stack+0xb2/0xc0 [ 12.480310] __queue_work+0x626/0xeb0 [ 12.481105] queue_work_on+0xb6/0xc0 [ 12.481718] workqueue_uaf+0x26d/0x560 [ 12.481910] kunit_try_run_case+0x1a5/0x480 [ 12.482544] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.483030] kthread+0x337/0x6f0 [ 12.483175] ret_from_fork+0x41/0x80 [ 12.483319] ret_from_fork_asm+0x1a/0x30 [ 12.483835] [ 12.484214] The buggy address belongs to the object at ffff8881039e0380 [ 12.484214] which belongs to the cache kmalloc-32 of size 32 [ 12.484871] The buggy address is located 0 bytes inside of [ 12.484871] freed 32-byte region [ffff8881039e0380, ffff8881039e03a0) [ 12.485149] [ 12.485265] The buggy address belongs to the physical page: [ 12.486338] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e0 [ 12.487075] flags: 0x200000000000000(node=0|zone=2) [ 12.487455] page_type: f5(slab) [ 12.487788] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.488196] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.488467] page dumped because: kasan: bad access detected [ 12.489051] [ 12.489236] Memory state around the buggy address: [ 12.489598] ffff8881039e0280: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.490206] ffff8881039e0300: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 12.490767] >ffff8881039e0380: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 12.491512] ^ [ 12.491801] ffff8881039e0400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.491987] ffff8881039e0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.492150] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 12.405468] ================================================================== [ 12.406156] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 12.406667] Read of size 4 at addr ffff8881039e02c0 by task swapper/0/0 [ 12.406993] [ 12.407134] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.407204] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.407219] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.407248] Call Trace: [ 12.407296] <IRQ> [ 12.407331] dump_stack_lvl+0x73/0xb0 [ 12.407380] print_report+0xd1/0x650 [ 12.407415] ? __virt_addr_valid+0x1db/0x2d0 [ 12.407448] ? rcu_uaf_reclaim+0x50/0x60 [ 12.407480] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.407517] ? rcu_uaf_reclaim+0x50/0x60 [ 12.407551] kasan_report+0x141/0x180 [ 12.407588] ? rcu_uaf_reclaim+0x50/0x60 [ 12.407653] __asan_report_load4_noabort+0x18/0x20 [ 12.407695] rcu_uaf_reclaim+0x50/0x60 [ 12.407735] rcu_core+0x66c/0x1c30 [ 12.407836] ? enqueue_hrtimer+0xfe/0x210 [ 12.407886] ? __pfx_rcu_core+0x10/0x10 [ 12.407918] ? ktime_get+0x6b/0x150 [ 12.407955] ? handle_softirqs+0x18e/0x730 [ 12.407996] rcu_core_si+0x12/0x20 [ 12.408023] handle_softirqs+0x209/0x730 [ 12.408056] ? hrtimer_interrupt+0x2fe/0x780 [ 12.408099] ? __pfx_handle_softirqs+0x10/0x10 [ 12.408150] __irq_exit_rcu+0xc9/0x110 [ 12.408193] irq_exit_rcu+0x12/0x20 [ 12.408227] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.408279] </IRQ> [ 12.408334] <TASK> [ 12.408352] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.408509] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 12.408918] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 cd 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 12.409114] RSP: 0000:ffffffffa8407dd8 EFLAGS: 00010206 [ 12.409323] RAX: ffff8881b1893000 RBX: ffffffffa841ca80 RCX: ffffffffa720d015 [ 12.409399] RDX: ffffed102b606103 RSI: 0000000000000004 RDI: 000000000000ec34 [ 12.409476] RBP: ffffffffa8407de0 R08: 0000000000000001 R09: ffffed102b606102 [ 12.409523] R10: ffff88815b030813 R11: 0000000000037800 R12: 0000000000000000 [ 12.409581] R13: fffffbfff5083950 R14: ffffffffa8f9c210 R15: 0000000000000000 [ 12.409665] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 12.409737] ? default_idle+0xd/0x20 [ 12.409758] arch_cpu_idle+0xd/0x20 [ 12.409778] default_idle_call+0x48/0x80 [ 12.409797] do_idle+0x379/0x4f0 [ 12.409820] ? __pfx_do_idle+0x10/0x10 [ 12.409838] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.409860] ? trace_preempt_on+0x20/0xc0 [ 12.409882] ? schedule+0x86/0x2e0 [ 12.409902] ? preempt_count_sub+0x50/0x80 [ 12.409926] cpu_startup_entry+0x5c/0x70 [ 12.409957] rest_init+0x11a/0x140 [ 12.409979] ? acpi_subsystem_init+0x5d/0x150 [ 12.410007] start_kernel+0x32b/0x410 [ 12.410030] x86_64_start_reservations+0x1c/0x30 [ 12.410052] x86_64_start_kernel+0xcf/0xe0 [ 12.410074] common_startup_64+0x13e/0x148 [ 12.410105] </TASK> [ 12.410118] [ 12.424967] Allocated by task 218: [ 12.425311] kasan_save_stack+0x45/0x70 [ 12.425705] kasan_save_track+0x18/0x40 [ 12.426093] kasan_save_alloc_info+0x3b/0x50 [ 12.426449] __kasan_kmalloc+0xb7/0xc0 [ 12.426763] __kmalloc_cache_noprof+0x189/0x420 [ 12.427119] rcu_uaf+0xb0/0x330 [ 12.427454] kunit_try_run_case+0x1a5/0x480 [ 12.427852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.428444] kthread+0x337/0x6f0 [ 12.428784] ret_from_fork+0x41/0x80 [ 12.429120] ret_from_fork_asm+0x1a/0x30 [ 12.429562] [ 12.429760] Freed by task 0: [ 12.430032] kasan_save_stack+0x45/0x70 [ 12.430389] kasan_save_track+0x18/0x40 [ 12.430874] kasan_save_free_info+0x3f/0x60 [ 12.431166] __kasan_slab_free+0x56/0x70 [ 12.431452] kfree+0x222/0x3f0 [ 12.431756] rcu_uaf_reclaim+0x1f/0x60 [ 12.431962] rcu_core+0x66c/0x1c30 [ 12.432234] rcu_core_si+0x12/0x20 [ 12.432526] handle_softirqs+0x209/0x730 [ 12.432844] __irq_exit_rcu+0xc9/0x110 [ 12.432994] irq_exit_rcu+0x12/0x20 [ 12.433156] sysvec_apic_timer_interrupt+0x81/0x90 [ 12.433594] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 12.434015] [ 12.434270] Last potentially related work creation: [ 12.434766] kasan_save_stack+0x45/0x70 [ 12.435109] kasan_record_aux_stack+0xb2/0xc0 [ 12.435491] __call_rcu_common.constprop.0+0x72/0x9c0 [ 12.435949] call_rcu+0x12/0x20 [ 12.436139] rcu_uaf+0x168/0x330 [ 12.436409] kunit_try_run_case+0x1a5/0x480 [ 12.436841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.437096] kthread+0x337/0x6f0 [ 12.437206] ret_from_fork+0x41/0x80 [ 12.437320] ret_from_fork_asm+0x1a/0x30 [ 12.437472] [ 12.437690] The buggy address belongs to the object at ffff8881039e02c0 [ 12.437690] which belongs to the cache kmalloc-32 of size 32 [ 12.438528] The buggy address is located 0 bytes inside of [ 12.438528] freed 32-byte region [ffff8881039e02c0, ffff8881039e02e0) [ 12.439433] [ 12.439661] The buggy address belongs to the physical page: [ 12.440264] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e0 [ 12.441065] flags: 0x200000000000000(node=0|zone=2) [ 12.441569] page_type: f5(slab) [ 12.441969] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 12.442591] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 12.443109] page dumped because: kasan: bad access detected [ 12.443459] [ 12.443654] Memory state around the buggy address: [ 12.443943] ffff8881039e0180: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 12.444165] ffff8881039e0200: 00 00 00 fc fc fc fc fc 00 00 05 fc fc fc fc fc [ 12.444406] >ffff8881039e0280: 00 00 07 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 12.445097] ^ [ 12.445693] ffff8881039e0300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.446121] ffff8881039e0380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.446639] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 12.325222] ================================================================== [ 12.326180] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 12.326668] Read of size 1 at addr ffff8881029da400 by task kunit_try_catch/216 [ 12.327185] [ 12.327320] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.327409] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.327430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.327469] Call Trace: [ 12.327508] <TASK> [ 12.327561] dump_stack_lvl+0x73/0xb0 [ 12.327969] print_report+0xd1/0x650 [ 12.328059] ? __virt_addr_valid+0x1db/0x2d0 [ 12.328104] ? ksize_uaf+0x5fe/0x6c0 [ 12.328126] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.328147] ? ksize_uaf+0x5fe/0x6c0 [ 12.328167] kasan_report+0x141/0x180 [ 12.328187] ? ksize_uaf+0x5fe/0x6c0 [ 12.328211] __asan_report_load1_noabort+0x18/0x20 [ 12.328230] ksize_uaf+0x5fe/0x6c0 [ 12.328249] ? __pfx_ksize_uaf+0x10/0x10 [ 12.328269] ? __schedule+0x10cc/0x2b60 [ 12.328291] ? __pfx_read_tsc+0x10/0x10 [ 12.328309] ? ktime_get_ts64+0x86/0x230 [ 12.328333] kunit_try_run_case+0x1a5/0x480 [ 12.328357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.328376] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.328397] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.328418] ? __kthread_parkme+0x82/0x180 [ 12.328438] ? preempt_count_sub+0x50/0x80 [ 12.328461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.328482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.328502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.328522] kthread+0x337/0x6f0 [ 12.328546] ? trace_preempt_on+0x20/0xc0 [ 12.328571] ? __pfx_kthread+0x10/0x10 [ 12.328588] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.328607] ? calculate_sigpending+0x7b/0xa0 [ 12.328646] ? __pfx_kthread+0x10/0x10 [ 12.328666] ret_from_fork+0x41/0x80 [ 12.328685] ? __pfx_kthread+0x10/0x10 [ 12.328701] ret_from_fork_asm+0x1a/0x30 [ 12.328732] </TASK> [ 12.328744] [ 12.338523] Allocated by task 216: [ 12.339956] kasan_save_stack+0x45/0x70 [ 12.340271] kasan_save_track+0x18/0x40 [ 12.340529] kasan_save_alloc_info+0x3b/0x50 [ 12.340770] __kasan_kmalloc+0xb7/0xc0 [ 12.340973] __kmalloc_cache_noprof+0x189/0x420 [ 12.341153] ksize_uaf+0xaa/0x6c0 [ 12.341307] kunit_try_run_case+0x1a5/0x480 [ 12.341858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.342380] kthread+0x337/0x6f0 [ 12.342693] ret_from_fork+0x41/0x80 [ 12.342969] ret_from_fork_asm+0x1a/0x30 [ 12.343188] [ 12.343320] Freed by task 216: [ 12.343524] kasan_save_stack+0x45/0x70 [ 12.344279] kasan_save_track+0x18/0x40 [ 12.344787] kasan_save_free_info+0x3f/0x60 [ 12.344983] __kasan_slab_free+0x56/0x70 [ 12.345237] kfree+0x222/0x3f0 [ 12.345579] ksize_uaf+0x12c/0x6c0 [ 12.345753] kunit_try_run_case+0x1a5/0x480 [ 12.345983] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.346182] kthread+0x337/0x6f0 [ 12.346332] ret_from_fork+0x41/0x80 [ 12.346507] ret_from_fork_asm+0x1a/0x30 [ 12.346820] [ 12.347200] The buggy address belongs to the object at ffff8881029da400 [ 12.347200] which belongs to the cache kmalloc-128 of size 128 [ 12.348325] The buggy address is located 0 bytes inside of [ 12.348325] freed 128-byte region [ffff8881029da400, ffff8881029da480) [ 12.349077] [ 12.349189] The buggy address belongs to the physical page: [ 12.349406] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 12.350683] flags: 0x200000000000000(node=0|zone=2) [ 12.351049] page_type: f5(slab) [ 12.351221] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.351461] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.352006] page dumped because: kasan: bad access detected [ 12.352375] [ 12.352525] Memory state around the buggy address: [ 12.353075] ffff8881029da300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.353319] ffff8881029da380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.353745] >ffff8881029da400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.354183] ^ [ 12.355015] ffff8881029da480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.355374] ffff8881029da500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.355809] ================================================================== [ 12.356808] ================================================================== [ 12.357473] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 12.357889] Read of size 1 at addr ffff8881029da478 by task kunit_try_catch/216 [ 12.358531] [ 12.359333] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.359441] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.359462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.359495] Call Trace: [ 12.359536] <TASK> [ 12.359573] dump_stack_lvl+0x73/0xb0 [ 12.359652] print_report+0xd1/0x650 [ 12.359700] ? __virt_addr_valid+0x1db/0x2d0 [ 12.359734] ? ksize_uaf+0x5e4/0x6c0 [ 12.359768] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.359805] ? ksize_uaf+0x5e4/0x6c0 [ 12.359837] kasan_report+0x141/0x180 [ 12.359871] ? ksize_uaf+0x5e4/0x6c0 [ 12.359910] __asan_report_load1_noabort+0x18/0x20 [ 12.359945] ksize_uaf+0x5e4/0x6c0 [ 12.359983] ? __pfx_ksize_uaf+0x10/0x10 [ 12.360020] ? __schedule+0x10cc/0x2b60 [ 12.360054] ? __pfx_read_tsc+0x10/0x10 [ 12.360089] ? ktime_get_ts64+0x86/0x230 [ 12.360132] kunit_try_run_case+0x1a5/0x480 [ 12.360177] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.360258] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.360294] ? __kthread_parkme+0x82/0x180 [ 12.360333] ? preempt_count_sub+0x50/0x80 [ 12.360375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.360411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.360452] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.360489] kthread+0x337/0x6f0 [ 12.360522] ? trace_preempt_on+0x20/0xc0 [ 12.360574] ? __pfx_kthread+0x10/0x10 [ 12.360606] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.360660] ? calculate_sigpending+0x7b/0xa0 [ 12.360696] ? __pfx_kthread+0x10/0x10 [ 12.360730] ret_from_fork+0x41/0x80 [ 12.360767] ? __pfx_kthread+0x10/0x10 [ 12.360802] ret_from_fork_asm+0x1a/0x30 [ 12.360858] </TASK> [ 12.360879] [ 12.371132] Allocated by task 216: [ 12.371432] kasan_save_stack+0x45/0x70 [ 12.372298] kasan_save_track+0x18/0x40 [ 12.372460] kasan_save_alloc_info+0x3b/0x50 [ 12.372866] __kasan_kmalloc+0xb7/0xc0 [ 12.373316] __kmalloc_cache_noprof+0x189/0x420 [ 12.373973] ksize_uaf+0xaa/0x6c0 [ 12.374374] kunit_try_run_case+0x1a5/0x480 [ 12.374894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.375212] kthread+0x337/0x6f0 [ 12.375505] ret_from_fork+0x41/0x80 [ 12.376392] ret_from_fork_asm+0x1a/0x30 [ 12.376904] [ 12.377084] Freed by task 216: [ 12.377258] kasan_save_stack+0x45/0x70 [ 12.377731] kasan_save_track+0x18/0x40 [ 12.377998] kasan_save_free_info+0x3f/0x60 [ 12.378310] __kasan_slab_free+0x56/0x70 [ 12.378677] kfree+0x222/0x3f0 [ 12.379030] ksize_uaf+0x12c/0x6c0 [ 12.379849] kunit_try_run_case+0x1a5/0x480 [ 12.380172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.380820] kthread+0x337/0x6f0 [ 12.380973] ret_from_fork+0x41/0x80 [ 12.381221] ret_from_fork_asm+0x1a/0x30 [ 12.381453] [ 12.381546] The buggy address belongs to the object at ffff8881029da400 [ 12.381546] which belongs to the cache kmalloc-128 of size 128 [ 12.382213] The buggy address is located 120 bytes inside of [ 12.382213] freed 128-byte region [ffff8881029da400, ffff8881029da480) [ 12.383398] [ 12.383500] The buggy address belongs to the physical page: [ 12.383670] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 12.383962] flags: 0x200000000000000(node=0|zone=2) [ 12.384871] page_type: f5(slab) [ 12.385443] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.386067] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.386679] page dumped because: kasan: bad access detected [ 12.387072] [ 12.387252] Memory state around the buggy address: [ 12.387669] ffff8881029da300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.388441] ffff8881029da380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.389215] >ffff8881029da400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.389648] ^ [ 12.390364] ffff8881029da480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.390779] ffff8881029da500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.391209] ================================================================== [ 12.290731] ================================================================== [ 12.291181] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 12.291897] Read of size 1 at addr ffff8881029da400 by task kunit_try_catch/216 [ 12.292283] [ 12.292478] CPU: 1 UID: 0 PID: 216 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.292574] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.292599] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.292657] Call Trace: [ 12.292679] <TASK> [ 12.292709] dump_stack_lvl+0x73/0xb0 [ 12.292747] print_report+0xd1/0x650 [ 12.292770] ? __virt_addr_valid+0x1db/0x2d0 [ 12.292793] ? ksize_uaf+0x19d/0x6c0 [ 12.292813] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.292834] ? ksize_uaf+0x19d/0x6c0 [ 12.292854] kasan_report+0x141/0x180 [ 12.292875] ? ksize_uaf+0x19d/0x6c0 [ 12.292898] ? ksize_uaf+0x19d/0x6c0 [ 12.292918] __kasan_check_byte+0x3d/0x50 [ 12.292939] ksize+0x20/0x60 [ 12.292959] ksize_uaf+0x19d/0x6c0 [ 12.292979] ? __pfx_ksize_uaf+0x10/0x10 [ 12.293000] ? __schedule+0x10cc/0x2b60 [ 12.293023] ? __pfx_read_tsc+0x10/0x10 [ 12.293043] ? ktime_get_ts64+0x86/0x230 [ 12.293068] kunit_try_run_case+0x1a5/0x480 [ 12.293093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.293113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.293136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.293157] ? __kthread_parkme+0x82/0x180 [ 12.293179] ? preempt_count_sub+0x50/0x80 [ 12.293204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.293225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.293246] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.293267] kthread+0x337/0x6f0 [ 12.293287] ? trace_preempt_on+0x20/0xc0 [ 12.293324] ? __pfx_kthread+0x10/0x10 [ 12.293350] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.293385] ? calculate_sigpending+0x7b/0xa0 [ 12.293414] ? __pfx_kthread+0x10/0x10 [ 12.293440] ret_from_fork+0x41/0x80 [ 12.293472] ? __pfx_kthread+0x10/0x10 [ 12.293502] ret_from_fork_asm+0x1a/0x30 [ 12.293557] </TASK> [ 12.293577] [ 12.306838] Allocated by task 216: [ 12.307388] kasan_save_stack+0x45/0x70 [ 12.307850] kasan_save_track+0x18/0x40 [ 12.308248] kasan_save_alloc_info+0x3b/0x50 [ 12.308653] __kasan_kmalloc+0xb7/0xc0 [ 12.308939] __kmalloc_cache_noprof+0x189/0x420 [ 12.309181] ksize_uaf+0xaa/0x6c0 [ 12.309388] kunit_try_run_case+0x1a5/0x480 [ 12.309711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.310088] kthread+0x337/0x6f0 [ 12.310261] ret_from_fork+0x41/0x80 [ 12.310518] ret_from_fork_asm+0x1a/0x30 [ 12.310960] [ 12.311078] Freed by task 216: [ 12.311330] kasan_save_stack+0x45/0x70 [ 12.312590] kasan_save_track+0x18/0x40 [ 12.312902] kasan_save_free_info+0x3f/0x60 [ 12.313062] __kasan_slab_free+0x56/0x70 [ 12.313494] kfree+0x222/0x3f0 [ 12.313759] ksize_uaf+0x12c/0x6c0 [ 12.313905] kunit_try_run_case+0x1a5/0x480 [ 12.314083] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.314668] kthread+0x337/0x6f0 [ 12.314949] ret_from_fork+0x41/0x80 [ 12.315204] ret_from_fork_asm+0x1a/0x30 [ 12.315938] [ 12.316062] The buggy address belongs to the object at ffff8881029da400 [ 12.316062] which belongs to the cache kmalloc-128 of size 128 [ 12.317075] The buggy address is located 0 bytes inside of [ 12.317075] freed 128-byte region [ffff8881029da400, ffff8881029da480) [ 12.317728] [ 12.317898] The buggy address belongs to the physical page: [ 12.318420] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 12.318828] flags: 0x200000000000000(node=0|zone=2) [ 12.319179] page_type: f5(slab) [ 12.319412] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.319717] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.320184] page dumped because: kasan: bad access detected [ 12.320530] [ 12.320938] Memory state around the buggy address: [ 12.321265] ffff8881029da300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.322063] ffff8881029da380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.322462] >ffff8881029da400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.323313] ^ [ 12.323531] ffff8881029da480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.323949] ffff8881029da500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.324211] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 12.191990] ================================================================== [ 12.192789] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 12.193313] Read of size 1 at addr ffff888102d97673 by task kunit_try_catch/214 [ 12.193973] [ 12.194141] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.194200] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.194212] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.194236] Call Trace: [ 12.194252] <TASK> [ 12.194274] dump_stack_lvl+0x73/0xb0 [ 12.194311] print_report+0xd1/0x650 [ 12.194335] ? __virt_addr_valid+0x1db/0x2d0 [ 12.194358] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.194377] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.194398] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.194417] kasan_report+0x141/0x180 [ 12.194438] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 12.194460] __asan_report_load1_noabort+0x18/0x20 [ 12.194479] ksize_unpoisons_memory+0x81c/0x9b0 [ 12.194498] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.194516] ? finish_task_switch.isra.0+0x153/0x700 [ 12.194542] ? __switch_to+0x5d9/0xf60 [ 12.194572] ? dequeue_task_fair+0x166/0x4e0 [ 12.194606] ? __schedule+0x10cc/0x2b60 [ 12.194657] ? __pfx_read_tsc+0x10/0x10 [ 12.194691] ? ktime_get_ts64+0x86/0x230 [ 12.194733] kunit_try_run_case+0x1a5/0x480 [ 12.194776] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.194812] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.194857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.194900] ? __kthread_parkme+0x82/0x180 [ 12.194942] ? preempt_count_sub+0x50/0x80 [ 12.194989] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.195026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.195058] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.195088] kthread+0x337/0x6f0 [ 12.195113] ? trace_preempt_on+0x20/0xc0 [ 12.195150] ? __pfx_kthread+0x10/0x10 [ 12.195255] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.195305] ? calculate_sigpending+0x7b/0xa0 [ 12.195346] ? __pfx_kthread+0x10/0x10 [ 12.195382] ret_from_fork+0x41/0x80 [ 12.195422] ? __pfx_kthread+0x10/0x10 [ 12.195457] ret_from_fork_asm+0x1a/0x30 [ 12.195519] </TASK> [ 12.195543] [ 12.208688] Allocated by task 214: [ 12.209034] kasan_save_stack+0x45/0x70 [ 12.209765] kasan_save_track+0x18/0x40 [ 12.209966] kasan_save_alloc_info+0x3b/0x50 [ 12.210121] __kasan_kmalloc+0xb7/0xc0 [ 12.210363] __kmalloc_cache_noprof+0x189/0x420 [ 12.210701] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.211655] kunit_try_run_case+0x1a5/0x480 [ 12.211878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.212045] kthread+0x337/0x6f0 [ 12.212281] ret_from_fork+0x41/0x80 [ 12.213105] ret_from_fork_asm+0x1a/0x30 [ 12.213411] [ 12.213520] The buggy address belongs to the object at ffff888102d97600 [ 12.213520] which belongs to the cache kmalloc-128 of size 128 [ 12.214054] The buggy address is located 0 bytes to the right of [ 12.214054] allocated 115-byte region [ffff888102d97600, ffff888102d97673) [ 12.215375] [ 12.215492] The buggy address belongs to the physical page: [ 12.215714] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 12.216516] flags: 0x200000000000000(node=0|zone=2) [ 12.216734] page_type: f5(slab) [ 12.217185] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.217802] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.218271] page dumped because: kasan: bad access detected [ 12.218799] [ 12.218916] Memory state around the buggy address: [ 12.219348] ffff888102d97500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.219912] ffff888102d97580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.220493] >ffff888102d97600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.220892] ^ [ 12.221578] ffff888102d97680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.221971] ffff888102d97700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.222438] ================================================================== [ 12.223919] ================================================================== [ 12.224308] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.224871] Read of size 1 at addr ffff888102d97678 by task kunit_try_catch/214 [ 12.225091] [ 12.225232] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.225353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.225378] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.225418] Call Trace: [ 12.225446] <TASK> [ 12.225476] dump_stack_lvl+0x73/0xb0 [ 12.225521] print_report+0xd1/0x650 [ 12.225580] ? __virt_addr_valid+0x1db/0x2d0 [ 12.225621] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.225669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.225724] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.225753] kasan_report+0x141/0x180 [ 12.225783] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.225815] __asan_report_load1_noabort+0x18/0x20 [ 12.225842] ksize_unpoisons_memory+0x7e9/0x9b0 [ 12.225868] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.225893] ? finish_task_switch.isra.0+0x153/0x700 [ 12.225925] ? __switch_to+0x5d9/0xf60 [ 12.225964] ? dequeue_task_fair+0x166/0x4e0 [ 12.226000] ? __schedule+0x10cc/0x2b60 [ 12.226035] ? __pfx_read_tsc+0x10/0x10 [ 12.226064] ? ktime_get_ts64+0x86/0x230 [ 12.226101] kunit_try_run_case+0x1a5/0x480 [ 12.226138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.226169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.226204] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.226237] ? __kthread_parkme+0x82/0x180 [ 12.226270] ? preempt_count_sub+0x50/0x80 [ 12.226327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.226370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.226407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.226470] kthread+0x337/0x6f0 [ 12.226516] ? trace_preempt_on+0x20/0xc0 [ 12.226584] ? __pfx_kthread+0x10/0x10 [ 12.226616] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.226684] ? calculate_sigpending+0x7b/0xa0 [ 12.226732] ? __pfx_kthread+0x10/0x10 [ 12.226777] ret_from_fork+0x41/0x80 [ 12.226826] ? __pfx_kthread+0x10/0x10 [ 12.226868] ret_from_fork_asm+0x1a/0x30 [ 12.226918] </TASK> [ 12.226941] [ 12.239972] Allocated by task 214: [ 12.240267] kasan_save_stack+0x45/0x70 [ 12.240702] kasan_save_track+0x18/0x40 [ 12.240882] kasan_save_alloc_info+0x3b/0x50 [ 12.241152] __kasan_kmalloc+0xb7/0xc0 [ 12.241835] __kmalloc_cache_noprof+0x189/0x420 [ 12.242176] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.242377] kunit_try_run_case+0x1a5/0x480 [ 12.243059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.243514] kthread+0x337/0x6f0 [ 12.244649] ret_from_fork+0x41/0x80 [ 12.244808] ret_from_fork_asm+0x1a/0x30 [ 12.245043] [ 12.245192] The buggy address belongs to the object at ffff888102d97600 [ 12.245192] which belongs to the cache kmalloc-128 of size 128 [ 12.246155] The buggy address is located 5 bytes to the right of [ 12.246155] allocated 115-byte region [ffff888102d97600, ffff888102d97673) [ 12.246987] [ 12.247154] The buggy address belongs to the physical page: [ 12.247585] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 12.248012] flags: 0x200000000000000(node=0|zone=2) [ 12.248410] page_type: f5(slab) [ 12.249251] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.249653] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.250434] page dumped because: kasan: bad access detected [ 12.250802] [ 12.250981] Memory state around the buggy address: [ 12.251209] ffff888102d97500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.251886] ffff888102d97580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.252279] >ffff888102d97600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.252803] ^ [ 12.253139] ffff888102d97680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.254198] ffff888102d97700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.255091] ================================================================== [ 12.256282] ================================================================== [ 12.257074] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.257794] Read of size 1 at addr ffff888102d9767f by task kunit_try_catch/214 [ 12.258239] [ 12.258469] CPU: 0 UID: 0 PID: 214 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.258563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.258587] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.258639] Call Trace: [ 12.258679] <TASK> [ 12.258710] dump_stack_lvl+0x73/0xb0 [ 12.258754] print_report+0xd1/0x650 [ 12.258780] ? __virt_addr_valid+0x1db/0x2d0 [ 12.258812] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.258836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.258857] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.258876] kasan_report+0x141/0x180 [ 12.258897] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.258919] __asan_report_load1_noabort+0x18/0x20 [ 12.258938] ksize_unpoisons_memory+0x7b6/0x9b0 [ 12.258957] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 12.258975] ? finish_task_switch.isra.0+0x153/0x700 [ 12.258998] ? __switch_to+0x5d9/0xf60 [ 12.259017] ? dequeue_task_fair+0x166/0x4e0 [ 12.259040] ? __schedule+0x10cc/0x2b60 [ 12.259063] ? __pfx_read_tsc+0x10/0x10 [ 12.259082] ? ktime_get_ts64+0x86/0x230 [ 12.259105] kunit_try_run_case+0x1a5/0x480 [ 12.259129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.259149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.259172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.259193] ? __kthread_parkme+0x82/0x180 [ 12.259214] ? preempt_count_sub+0x50/0x80 [ 12.259236] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.259258] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.259279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.259300] kthread+0x337/0x6f0 [ 12.259316] ? trace_preempt_on+0x20/0xc0 [ 12.259339] ? __pfx_kthread+0x10/0x10 [ 12.259355] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.259375] ? calculate_sigpending+0x7b/0xa0 [ 12.259395] ? __pfx_kthread+0x10/0x10 [ 12.259412] ret_from_fork+0x41/0x80 [ 12.259431] ? __pfx_kthread+0x10/0x10 [ 12.259448] ret_from_fork_asm+0x1a/0x30 [ 12.259477] </TASK> [ 12.259489] [ 12.271827] Allocated by task 214: [ 12.272134] kasan_save_stack+0x45/0x70 [ 12.272599] kasan_save_track+0x18/0x40 [ 12.272792] kasan_save_alloc_info+0x3b/0x50 [ 12.273060] __kasan_kmalloc+0xb7/0xc0 [ 12.273875] __kmalloc_cache_noprof+0x189/0x420 [ 12.274168] ksize_unpoisons_memory+0xc7/0x9b0 [ 12.274586] kunit_try_run_case+0x1a5/0x480 [ 12.274934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.275402] kthread+0x337/0x6f0 [ 12.275613] ret_from_fork+0x41/0x80 [ 12.275910] ret_from_fork_asm+0x1a/0x30 [ 12.276141] [ 12.276289] The buggy address belongs to the object at ffff888102d97600 [ 12.276289] which belongs to the cache kmalloc-128 of size 128 [ 12.276970] The buggy address is located 12 bytes to the right of [ 12.276970] allocated 115-byte region [ffff888102d97600, ffff888102d97673) [ 12.277564] [ 12.277817] The buggy address belongs to the physical page: [ 12.278394] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 12.278699] flags: 0x200000000000000(node=0|zone=2) [ 12.278913] page_type: f5(slab) [ 12.279497] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.280534] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.280905] page dumped because: kasan: bad access detected [ 12.281182] [ 12.281370] Memory state around the buggy address: [ 12.281866] ffff888102d97500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.282140] ffff888102d97580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.282666] >ffff888102d97600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.282892] ^ [ 12.283908] ffff888102d97680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.284225] ffff888102d97700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.284611] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 12.152572] ================================================================== [ 12.153242] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 12.154004] Free of addr ffff888102662fa0 by task kunit_try_catch/212 [ 12.154346] [ 12.154904] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.154971] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.154983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.155005] Call Trace: [ 12.155029] <TASK> [ 12.155051] dump_stack_lvl+0x73/0xb0 [ 12.155083] print_report+0xd1/0x650 [ 12.155108] ? __virt_addr_valid+0x1db/0x2d0 [ 12.155129] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.155149] ? kfree_sensitive+0x2e/0x90 [ 12.155169] kasan_report_invalid_free+0x10a/0x130 [ 12.155191] ? kfree_sensitive+0x2e/0x90 [ 12.155211] ? kfree_sensitive+0x2e/0x90 [ 12.155229] check_slab_allocation+0x101/0x130 [ 12.155249] __kasan_slab_pre_free+0x28/0x40 [ 12.155267] kfree+0xf0/0x3f0 [ 12.155285] ? kfree_sensitive+0x2e/0x90 [ 12.155305] kfree_sensitive+0x2e/0x90 [ 12.155323] kmalloc_double_kzfree+0x19c/0x350 [ 12.155341] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.155359] ? __schedule+0x10cc/0x2b60 [ 12.155380] ? __pfx_read_tsc+0x10/0x10 [ 12.155398] ? ktime_get_ts64+0x86/0x230 [ 12.155421] kunit_try_run_case+0x1a5/0x480 [ 12.155444] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.155463] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.155485] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.155505] ? __kthread_parkme+0x82/0x180 [ 12.155526] ? preempt_count_sub+0x50/0x80 [ 12.155755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.155825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.155870] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.155954] kthread+0x337/0x6f0 [ 12.155982] ? trace_preempt_on+0x20/0xc0 [ 12.156023] ? __pfx_kthread+0x10/0x10 [ 12.156056] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.156087] ? calculate_sigpending+0x7b/0xa0 [ 12.156115] ? __pfx_kthread+0x10/0x10 [ 12.156147] ret_from_fork+0x41/0x80 [ 12.156179] ? __pfx_kthread+0x10/0x10 [ 12.156209] ret_from_fork_asm+0x1a/0x30 [ 12.156267] </TASK> [ 12.156287] [ 12.167449] Allocated by task 212: [ 12.167739] kasan_save_stack+0x45/0x70 [ 12.168041] kasan_save_track+0x18/0x40 [ 12.168217] kasan_save_alloc_info+0x3b/0x50 [ 12.168393] __kasan_kmalloc+0xb7/0xc0 [ 12.168875] __kmalloc_cache_noprof+0x189/0x420 [ 12.169216] kmalloc_double_kzfree+0xa9/0x350 [ 12.169721] kunit_try_run_case+0x1a5/0x480 [ 12.170014] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.170231] kthread+0x337/0x6f0 [ 12.171124] ret_from_fork+0x41/0x80 [ 12.171414] ret_from_fork_asm+0x1a/0x30 [ 12.171794] [ 12.171960] Freed by task 212: [ 12.172158] kasan_save_stack+0x45/0x70 [ 12.172660] kasan_save_track+0x18/0x40 [ 12.172973] kasan_save_free_info+0x3f/0x60 [ 12.173199] __kasan_slab_free+0x56/0x70 [ 12.173685] kfree+0x222/0x3f0 [ 12.173887] kfree_sensitive+0x67/0x90 [ 12.174190] kmalloc_double_kzfree+0x12b/0x350 [ 12.174695] kunit_try_run_case+0x1a5/0x480 [ 12.175061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.176018] kthread+0x337/0x6f0 [ 12.176314] ret_from_fork+0x41/0x80 [ 12.176794] ret_from_fork_asm+0x1a/0x30 [ 12.177036] [ 12.177139] The buggy address belongs to the object at ffff888102662fa0 [ 12.177139] which belongs to the cache kmalloc-16 of size 16 [ 12.177960] The buggy address is located 0 bytes inside of [ 12.177960] 16-byte region [ffff888102662fa0, ffff888102662fb0) [ 12.178740] [ 12.178940] The buggy address belongs to the physical page: [ 12.179216] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.179843] flags: 0x200000000000000(node=0|zone=2) [ 12.180170] page_type: f5(slab) [ 12.181163] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.181805] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.182113] page dumped because: kasan: bad access detected [ 12.182688] [ 12.182830] Memory state around the buggy address: [ 12.183172] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.183752] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.184078] >ffff888102662f80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.184675] ^ [ 12.185011] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.185568] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.185915] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 12.120779] ================================================================== [ 12.121282] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 12.121865] Read of size 1 at addr ffff888102662fa0 by task kunit_try_catch/212 [ 12.122215] [ 12.122345] CPU: 1 UID: 0 PID: 212 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.122415] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.122430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.122457] Call Trace: [ 12.122476] <TASK> [ 12.122505] dump_stack_lvl+0x73/0xb0 [ 12.122543] print_report+0xd1/0x650 [ 12.122572] ? __virt_addr_valid+0x1db/0x2d0 [ 12.122599] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.122634] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.122670] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.122699] kasan_report+0x141/0x180 [ 12.122734] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.122772] ? kmalloc_double_kzfree+0x19c/0x350 [ 12.122805] __kasan_check_byte+0x3d/0x50 [ 12.122841] kfree_sensitive+0x22/0x90 [ 12.122885] kmalloc_double_kzfree+0x19c/0x350 [ 12.122923] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 12.122965] ? __schedule+0x10cc/0x2b60 [ 12.123009] ? __pfx_read_tsc+0x10/0x10 [ 12.123044] ? ktime_get_ts64+0x86/0x230 [ 12.123069] kunit_try_run_case+0x1a5/0x480 [ 12.123093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.123113] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.123136] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.123157] ? __kthread_parkme+0x82/0x180 [ 12.123177] ? preempt_count_sub+0x50/0x80 [ 12.123213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.123251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.123293] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.123333] kthread+0x337/0x6f0 [ 12.123367] ? trace_preempt_on+0x20/0xc0 [ 12.123407] ? __pfx_kthread+0x10/0x10 [ 12.123473] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.123507] ? calculate_sigpending+0x7b/0xa0 [ 12.123538] ? __pfx_kthread+0x10/0x10 [ 12.123566] ret_from_fork+0x41/0x80 [ 12.123599] ? __pfx_kthread+0x10/0x10 [ 12.123644] ret_from_fork_asm+0x1a/0x30 [ 12.123702] </TASK> [ 12.123725] [ 12.134914] Allocated by task 212: [ 12.135393] kasan_save_stack+0x45/0x70 [ 12.136030] kasan_save_track+0x18/0x40 [ 12.136175] kasan_save_alloc_info+0x3b/0x50 [ 12.136607] __kasan_kmalloc+0xb7/0xc0 [ 12.136834] __kmalloc_cache_noprof+0x189/0x420 [ 12.137034] kmalloc_double_kzfree+0xa9/0x350 [ 12.137222] kunit_try_run_case+0x1a5/0x480 [ 12.137477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.138146] kthread+0x337/0x6f0 [ 12.138350] ret_from_fork+0x41/0x80 [ 12.138523] ret_from_fork_asm+0x1a/0x30 [ 12.138991] [ 12.139155] Freed by task 212: [ 12.139436] kasan_save_stack+0x45/0x70 [ 12.139876] kasan_save_track+0x18/0x40 [ 12.140269] kasan_save_free_info+0x3f/0x60 [ 12.140410] __kasan_slab_free+0x56/0x70 [ 12.140524] kfree+0x222/0x3f0 [ 12.140789] kfree_sensitive+0x67/0x90 [ 12.141074] kmalloc_double_kzfree+0x12b/0x350 [ 12.141462] kunit_try_run_case+0x1a5/0x480 [ 12.141814] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.142244] kthread+0x337/0x6f0 [ 12.142474] ret_from_fork+0x41/0x80 [ 12.142967] ret_from_fork_asm+0x1a/0x30 [ 12.143364] [ 12.143593] The buggy address belongs to the object at ffff888102662fa0 [ 12.143593] which belongs to the cache kmalloc-16 of size 16 [ 12.144151] The buggy address is located 0 bytes inside of [ 12.144151] freed 16-byte region [ffff888102662fa0, ffff888102662fb0) [ 12.144725] [ 12.144870] The buggy address belongs to the physical page: [ 12.145243] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.145528] flags: 0x200000000000000(node=0|zone=2) [ 12.146039] page_type: f5(slab) [ 12.146228] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.146459] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.147220] page dumped because: kasan: bad access detected [ 12.147768] [ 12.147954] Memory state around the buggy address: [ 12.148353] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.148568] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.149093] >ffff888102662f80: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 12.149364] ^ [ 12.149859] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.150361] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.151080] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 12.077506] ================================================================== [ 12.078643] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 12.079112] Read of size 1 at addr ffff8881029e01a8 by task kunit_try_catch/208 [ 12.079462] [ 12.079601] CPU: 1 UID: 0 PID: 208 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.079701] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.079725] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.079766] Call Trace: [ 12.079795] <TASK> [ 12.079832] dump_stack_lvl+0x73/0xb0 [ 12.079876] print_report+0xd1/0x650 [ 12.079900] ? __virt_addr_valid+0x1db/0x2d0 [ 12.079922] ? kmalloc_uaf2+0x4a8/0x520 [ 12.079940] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.079961] ? kmalloc_uaf2+0x4a8/0x520 [ 12.079980] kasan_report+0x141/0x180 [ 12.080004] ? kmalloc_uaf2+0x4a8/0x520 [ 12.080042] __asan_report_load1_noabort+0x18/0x20 [ 12.080061] kmalloc_uaf2+0x4a8/0x520 [ 12.080080] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 12.080097] ? finish_task_switch.isra.0+0x153/0x700 [ 12.080118] ? __switch_to+0x5d9/0xf60 [ 12.080138] ? dequeue_task_fair+0x166/0x4e0 [ 12.080161] ? __schedule+0x10cc/0x2b60 [ 12.080182] ? __pfx_read_tsc+0x10/0x10 [ 12.080201] ? ktime_get_ts64+0x86/0x230 [ 12.080224] kunit_try_run_case+0x1a5/0x480 [ 12.080248] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080268] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.080291] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.080311] ? __kthread_parkme+0x82/0x180 [ 12.080331] ? preempt_count_sub+0x50/0x80 [ 12.080352] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.080373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.080394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.080414] kthread+0x337/0x6f0 [ 12.080429] ? trace_preempt_on+0x20/0xc0 [ 12.080450] ? __pfx_kthread+0x10/0x10 [ 12.080466] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.080486] ? calculate_sigpending+0x7b/0xa0 [ 12.080505] ? __pfx_kthread+0x10/0x10 [ 12.080521] ret_from_fork+0x41/0x80 [ 12.080539] ? __pfx_kthread+0x10/0x10 [ 12.080555] ret_from_fork_asm+0x1a/0x30 [ 12.080584] </TASK> [ 12.080597] [ 12.093922] Allocated by task 208: [ 12.094230] kasan_save_stack+0x45/0x70 [ 12.094512] kasan_save_track+0x18/0x40 [ 12.095288] kasan_save_alloc_info+0x3b/0x50 [ 12.095484] __kasan_kmalloc+0xb7/0xc0 [ 12.096108] __kmalloc_cache_noprof+0x189/0x420 [ 12.096386] kmalloc_uaf2+0xc6/0x520 [ 12.096683] kunit_try_run_case+0x1a5/0x480 [ 12.096907] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.097186] kthread+0x337/0x6f0 [ 12.097460] ret_from_fork+0x41/0x80 [ 12.097807] ret_from_fork_asm+0x1a/0x30 [ 12.098183] [ 12.098465] Freed by task 208: [ 12.098746] kasan_save_stack+0x45/0x70 [ 12.099061] kasan_save_track+0x18/0x40 [ 12.100013] kasan_save_free_info+0x3f/0x60 [ 12.100265] __kasan_slab_free+0x56/0x70 [ 12.100431] kfree+0x222/0x3f0 [ 12.100659] kmalloc_uaf2+0x14c/0x520 [ 12.100864] kunit_try_run_case+0x1a5/0x480 [ 12.101035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.101368] kthread+0x337/0x6f0 [ 12.101807] ret_from_fork+0x41/0x80 [ 12.102131] ret_from_fork_asm+0x1a/0x30 [ 12.102589] [ 12.102782] The buggy address belongs to the object at ffff8881029e0180 [ 12.102782] which belongs to the cache kmalloc-64 of size 64 [ 12.103717] The buggy address is located 40 bytes inside of [ 12.103717] freed 64-byte region [ffff8881029e0180, ffff8881029e01c0) [ 12.104220] [ 12.104521] The buggy address belongs to the physical page: [ 12.104914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e0 [ 12.105201] flags: 0x200000000000000(node=0|zone=2) [ 12.106237] page_type: f5(slab) [ 12.106531] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.106928] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.107524] page dumped because: kasan: bad access detected [ 12.107728] [ 12.107860] Memory state around the buggy address: [ 12.108175] ffff8881029e0080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.108565] ffff8881029e0100: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.108924] >ffff8881029e0180: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.109264] ^ [ 12.109549] ffff8881029e0200: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 12.110037] ffff8881029e0280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.110566] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 12.039903] ================================================================== [ 12.040422] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 12.041313] Write of size 33 at addr ffff8881039dbd00 by task kunit_try_catch/206 [ 12.042322] [ 12.042480] CPU: 0 UID: 0 PID: 206 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.042549] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.042568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.042607] Call Trace: [ 12.042648] <TASK> [ 12.042687] dump_stack_lvl+0x73/0xb0 [ 12.042743] print_report+0xd1/0x650 [ 12.042776] ? __virt_addr_valid+0x1db/0x2d0 [ 12.042809] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.042839] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.042896] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.042931] kasan_report+0x141/0x180 [ 12.042962] ? kmalloc_uaf_memset+0x1a3/0x360 [ 12.043006] kasan_check_range+0x10c/0x1c0 [ 12.043042] __asan_memset+0x27/0x50 [ 12.043078] kmalloc_uaf_memset+0x1a3/0x360 [ 12.043120] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 12.043165] ? __schedule+0x10cc/0x2b60 [ 12.043198] ? __pfx_read_tsc+0x10/0x10 [ 12.043219] ? ktime_get_ts64+0x86/0x230 [ 12.043246] kunit_try_run_case+0x1a5/0x480 [ 12.043273] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.043373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.043407] ? __kthread_parkme+0x82/0x180 [ 12.043431] ? preempt_count_sub+0x50/0x80 [ 12.043457] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.043480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.043502] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.043524] kthread+0x337/0x6f0 [ 12.043558] ? trace_preempt_on+0x20/0xc0 [ 12.043586] ? __pfx_kthread+0x10/0x10 [ 12.043603] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.043639] ? calculate_sigpending+0x7b/0xa0 [ 12.043666] ? __pfx_kthread+0x10/0x10 [ 12.043683] ret_from_fork+0x41/0x80 [ 12.043704] ? __pfx_kthread+0x10/0x10 [ 12.043720] ret_from_fork_asm+0x1a/0x30 [ 12.043751] </TASK> [ 12.043765] [ 12.054091] Allocated by task 206: [ 12.054616] kasan_save_stack+0x45/0x70 [ 12.054916] kasan_save_track+0x18/0x40 [ 12.055130] kasan_save_alloc_info+0x3b/0x50 [ 12.055608] __kasan_kmalloc+0xb7/0xc0 [ 12.055930] __kmalloc_cache_noprof+0x189/0x420 [ 12.056258] kmalloc_uaf_memset+0xa9/0x360 [ 12.056853] kunit_try_run_case+0x1a5/0x480 [ 12.057117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.057635] kthread+0x337/0x6f0 [ 12.057818] ret_from_fork+0x41/0x80 [ 12.058105] ret_from_fork_asm+0x1a/0x30 [ 12.058567] [ 12.058740] Freed by task 206: [ 12.058988] kasan_save_stack+0x45/0x70 [ 12.059244] kasan_save_track+0x18/0x40 [ 12.059663] kasan_save_free_info+0x3f/0x60 [ 12.059923] __kasan_slab_free+0x56/0x70 [ 12.060156] kfree+0x222/0x3f0 [ 12.060447] kmalloc_uaf_memset+0x12b/0x360 [ 12.060729] kunit_try_run_case+0x1a5/0x480 [ 12.061044] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.061306] kthread+0x337/0x6f0 [ 12.061457] ret_from_fork+0x41/0x80 [ 12.061757] ret_from_fork_asm+0x1a/0x30 [ 12.062084] [ 12.062248] The buggy address belongs to the object at ffff8881039dbd00 [ 12.062248] which belongs to the cache kmalloc-64 of size 64 [ 12.063041] The buggy address is located 0 bytes inside of [ 12.063041] freed 64-byte region [ffff8881039dbd00, ffff8881039dbd40) [ 12.063808] [ 12.063973] The buggy address belongs to the physical page: [ 12.064262] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039db [ 12.064953] flags: 0x200000000000000(node=0|zone=2) [ 12.065501] page_type: f5(slab) [ 12.065826] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 12.066154] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 12.066654] page dumped because: kasan: bad access detected [ 12.067095] [ 12.067262] Memory state around the buggy address: [ 12.067757] ffff8881039dbc00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.068211] ffff8881039dbc80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.068816] >ffff8881039dbd00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.069109] ^ [ 12.069390] ffff8881039dbd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.069850] ffff8881039dbe00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.070099] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 12.005980] ================================================================== [ 12.006501] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 12.007025] Read of size 1 at addr ffff888102662f88 by task kunit_try_catch/204 [ 12.007689] [ 12.007847] CPU: 1 UID: 0 PID: 204 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 12.007920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.007934] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.007963] Call Trace: [ 12.007982] <TASK> [ 12.008011] dump_stack_lvl+0x73/0xb0 [ 12.008054] print_report+0xd1/0x650 [ 12.008083] ? __virt_addr_valid+0x1db/0x2d0 [ 12.008109] ? kmalloc_uaf+0x320/0x380 [ 12.008134] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.008161] ? kmalloc_uaf+0x320/0x380 [ 12.008184] kasan_report+0x141/0x180 [ 12.008203] ? kmalloc_uaf+0x320/0x380 [ 12.008226] __asan_report_load1_noabort+0x18/0x20 [ 12.008244] kmalloc_uaf+0x320/0x380 [ 12.008263] ? __pfx_kmalloc_uaf+0x10/0x10 [ 12.008282] ? __schedule+0x10cc/0x2b60 [ 12.008303] ? __pfx_read_tsc+0x10/0x10 [ 12.008321] ? ktime_get_ts64+0x86/0x230 [ 12.008345] kunit_try_run_case+0x1a5/0x480 [ 12.008368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008388] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.008409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.008430] ? __kthread_parkme+0x82/0x180 [ 12.008450] ? preempt_count_sub+0x50/0x80 [ 12.008473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.008494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.008514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.008534] kthread+0x337/0x6f0 [ 12.008578] ? trace_preempt_on+0x20/0xc0 [ 12.008641] ? __pfx_kthread+0x10/0x10 [ 12.008674] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.008710] ? calculate_sigpending+0x7b/0xa0 [ 12.008750] ? __pfx_kthread+0x10/0x10 [ 12.008786] ret_from_fork+0x41/0x80 [ 12.008825] ? __pfx_kthread+0x10/0x10 [ 12.008857] ret_from_fork_asm+0x1a/0x30 [ 12.008936] </TASK> [ 12.009211] [ 12.018731] Allocated by task 204: [ 12.019105] kasan_save_stack+0x45/0x70 [ 12.019446] kasan_save_track+0x18/0x40 [ 12.019692] kasan_save_alloc_info+0x3b/0x50 [ 12.019875] __kasan_kmalloc+0xb7/0xc0 [ 12.020038] __kmalloc_cache_noprof+0x189/0x420 [ 12.020213] kmalloc_uaf+0xaa/0x380 [ 12.020460] kunit_try_run_case+0x1a5/0x480 [ 12.020858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.021272] kthread+0x337/0x6f0 [ 12.021583] ret_from_fork+0x41/0x80 [ 12.021909] ret_from_fork_asm+0x1a/0x30 [ 12.022240] [ 12.022436] Freed by task 204: [ 12.022773] kasan_save_stack+0x45/0x70 [ 12.023085] kasan_save_track+0x18/0x40 [ 12.023432] kasan_save_free_info+0x3f/0x60 [ 12.023776] __kasan_slab_free+0x56/0x70 [ 12.024027] kfree+0x222/0x3f0 [ 12.024179] kmalloc_uaf+0x12c/0x380 [ 12.024338] kunit_try_run_case+0x1a5/0x480 [ 12.024753] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.025190] kthread+0x337/0x6f0 [ 12.025458] ret_from_fork+0x41/0x80 [ 12.025812] ret_from_fork_asm+0x1a/0x30 [ 12.026167] [ 12.026295] The buggy address belongs to the object at ffff888102662f80 [ 12.026295] which belongs to the cache kmalloc-16 of size 16 [ 12.026791] The buggy address is located 8 bytes inside of [ 12.026791] freed 16-byte region [ffff888102662f80, ffff888102662f90) [ 12.027130] [ 12.027315] The buggy address belongs to the physical page: [ 12.027774] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 12.028315] flags: 0x200000000000000(node=0|zone=2) [ 12.028747] page_type: f5(slab) [ 12.029068] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 12.029588] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 12.030009] page dumped because: kasan: bad access detected [ 12.030428] [ 12.030606] Memory state around the buggy address: [ 12.030853] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 12.031299] ffff888102662f00: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 12.031770] >ffff888102662f80: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.032162] ^ [ 12.032398] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.032817] ffff888102663080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 12.033054] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.975930] ================================================================== [ 11.976397] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.977203] Read of size 64 at addr ffff8881029e0004 by task kunit_try_catch/202 [ 11.977538] [ 11.977843] CPU: 1 UID: 0 PID: 202 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.977953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.977975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.978006] Call Trace: [ 11.978029] <TASK> [ 11.978060] dump_stack_lvl+0x73/0xb0 [ 11.978106] print_report+0xd1/0x650 [ 11.978143] ? __virt_addr_valid+0x1db/0x2d0 [ 11.978177] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.978211] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.978246] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.978281] kasan_report+0x141/0x180 [ 11.978325] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.978377] kasan_check_range+0x10c/0x1c0 [ 11.978420] __asan_memmove+0x27/0x70 [ 11.978462] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.978502] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.978544] ? __schedule+0x207f/0x2b60 [ 11.978584] ? __pfx_read_tsc+0x10/0x10 [ 11.978639] ? ktime_get_ts64+0x86/0x230 [ 11.978716] kunit_try_run_case+0x1a5/0x480 [ 11.978785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.978831] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.978878] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.978921] ? __kthread_parkme+0x82/0x180 [ 11.978965] ? preempt_count_sub+0x50/0x80 [ 11.979007] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.979030] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.979051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.979072] kthread+0x337/0x6f0 [ 11.979088] ? trace_preempt_on+0x20/0xc0 [ 11.979110] ? __pfx_kthread+0x10/0x10 [ 11.979126] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.979146] ? calculate_sigpending+0x7b/0xa0 [ 11.979165] ? __pfx_kthread+0x10/0x10 [ 11.979182] ret_from_fork+0x41/0x80 [ 11.979200] ? __pfx_kthread+0x10/0x10 [ 11.979216] ret_from_fork_asm+0x1a/0x30 [ 11.979245] </TASK> [ 11.979259] [ 11.988750] Allocated by task 202: [ 11.989116] kasan_save_stack+0x45/0x70 [ 11.989518] kasan_save_track+0x18/0x40 [ 11.989827] kasan_save_alloc_info+0x3b/0x50 [ 11.990146] __kasan_kmalloc+0xb7/0xc0 [ 11.990313] __kmalloc_cache_noprof+0x189/0x420 [ 11.990501] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.990719] kunit_try_run_case+0x1a5/0x480 [ 11.990975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.991365] kthread+0x337/0x6f0 [ 11.991692] ret_from_fork+0x41/0x80 [ 11.992039] ret_from_fork_asm+0x1a/0x30 [ 11.992363] [ 11.992587] The buggy address belongs to the object at ffff8881029e0000 [ 11.992587] which belongs to the cache kmalloc-64 of size 64 [ 11.993401] The buggy address is located 4 bytes inside of [ 11.993401] allocated 64-byte region [ffff8881029e0000, ffff8881029e0040) [ 11.993935] [ 11.994069] The buggy address belongs to the physical page: [ 11.994301] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029e0 [ 11.994902] flags: 0x200000000000000(node=0|zone=2) [ 11.995272] page_type: f5(slab) [ 11.995599] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.996075] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.996319] page dumped because: kasan: bad access detected [ 11.996506] [ 11.996638] Memory state around the buggy address: [ 11.996991] ffff8881029dff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.997912] ffff8881029dff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.998413] >ffff8881029e0000: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.998890] ^ [ 11.999094] ffff8881029e0080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.999327] ffff8881029e0100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.999575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.943065] ================================================================== [ 11.943801] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.944666] Read of size 18446744073709551614 at addr ffff8881039db904 by task kunit_try_catch/200 [ 11.945452] [ 11.945739] CPU: 0 UID: 0 PID: 200 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.945872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.945899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.945963] Call Trace: [ 11.945995] <TASK> [ 11.946032] dump_stack_lvl+0x73/0xb0 [ 11.946174] print_report+0xd1/0x650 [ 11.946231] ? __virt_addr_valid+0x1db/0x2d0 [ 11.946270] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.946474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.946512] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.946584] kasan_report+0x141/0x180 [ 11.946612] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.946661] kasan_check_range+0x10c/0x1c0 [ 11.946682] __asan_memmove+0x27/0x70 [ 11.946702] kmalloc_memmove_negative_size+0x171/0x330 [ 11.946723] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.946744] ? __schedule+0x10cc/0x2b60 [ 11.946767] ? __pfx_read_tsc+0x10/0x10 [ 11.946788] ? ktime_get_ts64+0x86/0x230 [ 11.946814] kunit_try_run_case+0x1a5/0x480 [ 11.946839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946860] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.946884] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.946907] ? __kthread_parkme+0x82/0x180 [ 11.946929] ? preempt_count_sub+0x50/0x80 [ 11.946954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.946977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.946999] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.947021] kthread+0x337/0x6f0 [ 11.947038] ? trace_preempt_on+0x20/0xc0 [ 11.947060] ? __pfx_kthread+0x10/0x10 [ 11.947077] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.947097] ? calculate_sigpending+0x7b/0xa0 [ 11.947117] ? __pfx_kthread+0x10/0x10 [ 11.947134] ret_from_fork+0x41/0x80 [ 11.947153] ? __pfx_kthread+0x10/0x10 [ 11.947170] ret_from_fork_asm+0x1a/0x30 [ 11.947199] </TASK> [ 11.947212] [ 11.956441] Allocated by task 200: [ 11.956820] kasan_save_stack+0x45/0x70 [ 11.957156] kasan_save_track+0x18/0x40 [ 11.957589] kasan_save_alloc_info+0x3b/0x50 [ 11.957964] __kasan_kmalloc+0xb7/0xc0 [ 11.958271] __kmalloc_cache_noprof+0x189/0x420 [ 11.958720] kmalloc_memmove_negative_size+0xac/0x330 [ 11.958922] kunit_try_run_case+0x1a5/0x480 [ 11.959105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.959267] kthread+0x337/0x6f0 [ 11.959714] ret_from_fork+0x41/0x80 [ 11.959864] ret_from_fork_asm+0x1a/0x30 [ 11.960008] [ 11.960156] The buggy address belongs to the object at ffff8881039db900 [ 11.960156] which belongs to the cache kmalloc-64 of size 64 [ 11.961152] The buggy address is located 4 bytes inside of [ 11.961152] 64-byte region [ffff8881039db900, ffff8881039db940) [ 11.962022] [ 11.962206] The buggy address belongs to the physical page: [ 11.962661] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039db [ 11.962943] flags: 0x200000000000000(node=0|zone=2) [ 11.963128] page_type: f5(slab) [ 11.963374] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.964141] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.964687] page dumped because: kasan: bad access detected [ 11.965056] [ 11.965208] Memory state around the buggy address: [ 11.965552] ffff8881039db800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.965913] ffff8881039db880: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.966158] >ffff8881039db900: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.966608] ^ [ 11.967468] ffff8881039db980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.968015] ffff8881039dba00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.968605] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.907525] ================================================================== [ 11.908160] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.909401] Write of size 16 at addr ffff8881029da369 by task kunit_try_catch/198 [ 11.910008] [ 11.910219] CPU: 1 UID: 0 PID: 198 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.910485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.910515] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.910604] Call Trace: [ 11.910648] <TASK> [ 11.910688] dump_stack_lvl+0x73/0xb0 [ 11.910758] print_report+0xd1/0x650 [ 11.910799] ? __virt_addr_valid+0x1db/0x2d0 [ 11.910826] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.910848] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.910869] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.910890] kasan_report+0x141/0x180 [ 11.910912] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.910937] kasan_check_range+0x10c/0x1c0 [ 11.910956] __asan_memset+0x27/0x50 [ 11.910976] kmalloc_oob_memset_16+0x166/0x330 [ 11.910997] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.911019] ? __schedule+0x10cc/0x2b60 [ 11.911041] ? __pfx_read_tsc+0x10/0x10 [ 11.911061] ? ktime_get_ts64+0x86/0x230 [ 11.911088] kunit_try_run_case+0x1a5/0x480 [ 11.911114] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.911134] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.911157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.911178] ? __kthread_parkme+0x82/0x180 [ 11.911200] ? preempt_count_sub+0x50/0x80 [ 11.911224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.911247] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.911268] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.911331] kthread+0x337/0x6f0 [ 11.911371] ? trace_preempt_on+0x20/0xc0 [ 11.911409] ? __pfx_kthread+0x10/0x10 [ 11.911435] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.911465] ? calculate_sigpending+0x7b/0xa0 [ 11.911496] ? __pfx_kthread+0x10/0x10 [ 11.911524] ret_from_fork+0x41/0x80 [ 11.911564] ? __pfx_kthread+0x10/0x10 [ 11.911592] ret_from_fork_asm+0x1a/0x30 [ 11.911652] </TASK> [ 11.911674] [ 11.922506] Allocated by task 198: [ 11.922898] kasan_save_stack+0x45/0x70 [ 11.923268] kasan_save_track+0x18/0x40 [ 11.923464] kasan_save_alloc_info+0x3b/0x50 [ 11.923994] __kasan_kmalloc+0xb7/0xc0 [ 11.924749] __kmalloc_cache_noprof+0x189/0x420 [ 11.925111] kmalloc_oob_memset_16+0xac/0x330 [ 11.925487] kunit_try_run_case+0x1a5/0x480 [ 11.925849] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.926101] kthread+0x337/0x6f0 [ 11.926254] ret_from_fork+0x41/0x80 [ 11.926834] ret_from_fork_asm+0x1a/0x30 [ 11.927159] [ 11.927338] The buggy address belongs to the object at ffff8881029da300 [ 11.927338] which belongs to the cache kmalloc-128 of size 128 [ 11.928338] The buggy address is located 105 bytes inside of [ 11.928338] allocated 120-byte region [ffff8881029da300, ffff8881029da378) [ 11.929244] [ 11.929610] The buggy address belongs to the physical page: [ 11.929991] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 11.930732] flags: 0x200000000000000(node=0|zone=2) [ 11.931076] page_type: f5(slab) [ 11.931792] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.932132] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.932760] page dumped because: kasan: bad access detected [ 11.933091] [ 11.933247] Memory state around the buggy address: [ 11.933633] ffff8881029da200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.934055] ffff8881029da280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.934766] >ffff8881029da300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.935167] ^ [ 11.935950] ffff8881029da380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.936262] ffff8881029da400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.936544] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.878048] ================================================================== [ 11.878790] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.879206] Write of size 8 at addr ffff888102d97571 by task kunit_try_catch/196 [ 11.880075] [ 11.880297] CPU: 0 UID: 0 PID: 196 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.880380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.880399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.880435] Call Trace: [ 11.880455] <TASK> [ 11.880486] dump_stack_lvl+0x73/0xb0 [ 11.880544] print_report+0xd1/0x650 [ 11.880582] ? __virt_addr_valid+0x1db/0x2d0 [ 11.880617] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.880672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.880713] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.880750] kasan_report+0x141/0x180 [ 11.880789] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.880839] kasan_check_range+0x10c/0x1c0 [ 11.880879] __asan_memset+0x27/0x50 [ 11.880918] kmalloc_oob_memset_8+0x166/0x330 [ 11.880996] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.881038] ? __schedule+0x10cc/0x2b60 [ 11.881090] ? __pfx_read_tsc+0x10/0x10 [ 11.881127] ? ktime_get_ts64+0x86/0x230 [ 11.881171] kunit_try_run_case+0x1a5/0x480 [ 11.881221] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.881262] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.881307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.881351] ? __kthread_parkme+0x82/0x180 [ 11.881393] ? preempt_count_sub+0x50/0x80 [ 11.881431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.881461] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.881484] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.881506] kthread+0x337/0x6f0 [ 11.881523] ? trace_preempt_on+0x20/0xc0 [ 11.881551] ? __pfx_kthread+0x10/0x10 [ 11.881575] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.881595] ? calculate_sigpending+0x7b/0xa0 [ 11.881616] ? __pfx_kthread+0x10/0x10 [ 11.881651] ret_from_fork+0x41/0x80 [ 11.881672] ? __pfx_kthread+0x10/0x10 [ 11.881689] ret_from_fork_asm+0x1a/0x30 [ 11.881720] </TASK> [ 11.881733] [ 11.889492] Allocated by task 196: [ 11.889737] kasan_save_stack+0x45/0x70 [ 11.889959] kasan_save_track+0x18/0x40 [ 11.890134] kasan_save_alloc_info+0x3b/0x50 [ 11.890315] __kasan_kmalloc+0xb7/0xc0 [ 11.890648] __kmalloc_cache_noprof+0x189/0x420 [ 11.891005] kmalloc_oob_memset_8+0xac/0x330 [ 11.891343] kunit_try_run_case+0x1a5/0x480 [ 11.891669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.892036] kthread+0x337/0x6f0 [ 11.892288] ret_from_fork+0x41/0x80 [ 11.892595] ret_from_fork_asm+0x1a/0x30 [ 11.892920] [ 11.893085] The buggy address belongs to the object at ffff888102d97500 [ 11.893085] which belongs to the cache kmalloc-128 of size 128 [ 11.893702] The buggy address is located 113 bytes inside of [ 11.893702] allocated 120-byte region [ffff888102d97500, ffff888102d97578) [ 11.894073] [ 11.894188] The buggy address belongs to the physical page: [ 11.894383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 11.894988] flags: 0x200000000000000(node=0|zone=2) [ 11.895354] page_type: f5(slab) [ 11.895671] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.896192] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.896740] page dumped because: kasan: bad access detected [ 11.897092] [ 11.897244] Memory state around the buggy address: [ 11.897490] ffff888102d97400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.897772] ffff888102d97480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.898019] >ffff888102d97500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.898257] ^ [ 11.898760] ffff888102d97580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.899241] ffff888102d97600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.899747] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.841498] ================================================================== [ 11.842112] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.842940] Write of size 4 at addr ffff888102d97475 by task kunit_try_catch/194 [ 11.844444] [ 11.844599] CPU: 0 UID: 0 PID: 194 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.844681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.844701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.844736] Call Trace: [ 11.844761] <TASK> [ 11.844796] dump_stack_lvl+0x73/0xb0 [ 11.844857] print_report+0xd1/0x650 [ 11.844895] ? __virt_addr_valid+0x1db/0x2d0 [ 11.844928] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.844964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.845000] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.845038] kasan_report+0x141/0x180 [ 11.845080] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.845109] kasan_check_range+0x10c/0x1c0 [ 11.845129] __asan_memset+0x27/0x50 [ 11.845148] kmalloc_oob_memset_4+0x166/0x330 [ 11.845170] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.845191] ? __schedule+0x10cc/0x2b60 [ 11.845213] ? __pfx_read_tsc+0x10/0x10 [ 11.845233] ? ktime_get_ts64+0x86/0x230 [ 11.845260] kunit_try_run_case+0x1a5/0x480 [ 11.845289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.845319] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.845352] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.845384] ? __kthread_parkme+0x82/0x180 [ 11.845413] ? preempt_count_sub+0x50/0x80 [ 11.845448] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.845480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.845512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.845541] kthread+0x337/0x6f0 [ 11.845565] ? trace_preempt_on+0x20/0xc0 [ 11.845596] ? __pfx_kthread+0x10/0x10 [ 11.845635] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.845671] ? calculate_sigpending+0x7b/0xa0 [ 11.845702] ? __pfx_kthread+0x10/0x10 [ 11.845729] ret_from_fork+0x41/0x80 [ 11.845760] ? __pfx_kthread+0x10/0x10 [ 11.845777] ret_from_fork_asm+0x1a/0x30 [ 11.845807] </TASK> [ 11.845820] [ 11.857121] Allocated by task 194: [ 11.857855] kasan_save_stack+0x45/0x70 [ 11.858223] kasan_save_track+0x18/0x40 [ 11.858539] kasan_save_alloc_info+0x3b/0x50 [ 11.858881] __kasan_kmalloc+0xb7/0xc0 [ 11.859093] __kmalloc_cache_noprof+0x189/0x420 [ 11.859534] kmalloc_oob_memset_4+0xac/0x330 [ 11.859988] kunit_try_run_case+0x1a5/0x480 [ 11.860526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.860973] kthread+0x337/0x6f0 [ 11.861292] ret_from_fork+0x41/0x80 [ 11.861468] ret_from_fork_asm+0x1a/0x30 [ 11.861795] [ 11.861965] The buggy address belongs to the object at ffff888102d97400 [ 11.861965] which belongs to the cache kmalloc-128 of size 128 [ 11.862545] The buggy address is located 117 bytes inside of [ 11.862545] allocated 120-byte region [ffff888102d97400, ffff888102d97478) [ 11.863861] [ 11.863989] The buggy address belongs to the physical page: [ 11.864471] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102d97 [ 11.865081] flags: 0x200000000000000(node=0|zone=2) [ 11.865568] page_type: f5(slab) [ 11.865960] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.866403] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.867092] page dumped because: kasan: bad access detected [ 11.867237] [ 11.867363] Memory state around the buggy address: [ 11.868071] ffff888102d97300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.868982] ffff888102d97380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.869596] >ffff888102d97400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.870030] ^ [ 11.870602] ffff888102d97480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.871305] ffff888102d97500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.871745] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.805165] ================================================================== [ 11.805716] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.806347] Write of size 2 at addr ffff8881029da277 by task kunit_try_catch/192 [ 11.806793] [ 11.807031] CPU: 1 UID: 0 PID: 192 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.807118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.807136] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.807171] Call Trace: [ 11.807196] <TASK> [ 11.807228] dump_stack_lvl+0x73/0xb0 [ 11.807285] print_report+0xd1/0x650 [ 11.807322] ? __virt_addr_valid+0x1db/0x2d0 [ 11.807356] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.807392] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.807430] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.807466] kasan_report+0x141/0x180 [ 11.807507] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.807552] kasan_check_range+0x10c/0x1c0 [ 11.807585] __asan_memset+0x27/0x50 [ 11.807618] kmalloc_oob_memset_2+0x166/0x330 [ 11.807671] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.807706] ? __schedule+0x10cc/0x2b60 [ 11.807741] ? __pfx_read_tsc+0x10/0x10 [ 11.807775] ? ktime_get_ts64+0x86/0x230 [ 11.807821] kunit_try_run_case+0x1a5/0x480 [ 11.807869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.807910] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.807956] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.808000] ? __kthread_parkme+0x82/0x180 [ 11.808042] ? preempt_count_sub+0x50/0x80 [ 11.808087] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.808120] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.808151] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.808210] kthread+0x337/0x6f0 [ 11.808238] ? trace_preempt_on+0x20/0xc0 [ 11.808270] ? __pfx_kthread+0x10/0x10 [ 11.808307] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.808337] ? calculate_sigpending+0x7b/0xa0 [ 11.808366] ? __pfx_kthread+0x10/0x10 [ 11.808391] ret_from_fork+0x41/0x80 [ 11.808419] ? __pfx_kthread+0x10/0x10 [ 11.808446] ret_from_fork_asm+0x1a/0x30 [ 11.808489] </TASK> [ 11.808508] [ 11.820878] Allocated by task 192: [ 11.821104] kasan_save_stack+0x45/0x70 [ 11.821359] kasan_save_track+0x18/0x40 [ 11.821586] kasan_save_alloc_info+0x3b/0x50 [ 11.822866] __kasan_kmalloc+0xb7/0xc0 [ 11.823076] __kmalloc_cache_noprof+0x189/0x420 [ 11.823489] kmalloc_oob_memset_2+0xac/0x330 [ 11.824045] kunit_try_run_case+0x1a5/0x480 [ 11.824299] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.824648] kthread+0x337/0x6f0 [ 11.824907] ret_from_fork+0x41/0x80 [ 11.825079] ret_from_fork_asm+0x1a/0x30 [ 11.825380] [ 11.825511] The buggy address belongs to the object at ffff8881029da200 [ 11.825511] which belongs to the cache kmalloc-128 of size 128 [ 11.826658] The buggy address is located 119 bytes inside of [ 11.826658] allocated 120-byte region [ffff8881029da200, ffff8881029da278) [ 11.827583] [ 11.827816] The buggy address belongs to the physical page: [ 11.828031] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 11.828659] flags: 0x200000000000000(node=0|zone=2) [ 11.829015] page_type: f5(slab) [ 11.829437] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.829782] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.830284] page dumped because: kasan: bad access detected [ 11.831114] [ 11.831269] Memory state around the buggy address: [ 11.831693] ffff8881029da100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.832145] ffff8881029da180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.832827] >ffff8881029da200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.833060] ^ [ 11.833736] ffff8881029da280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.834130] ffff8881029da300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.834998] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.771581] ================================================================== [ 11.772124] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.772755] Write of size 128 at addr ffff8881029da100 by task kunit_try_catch/190 [ 11.773958] [ 11.774351] CPU: 1 UID: 0 PID: 190 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.774420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.774433] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.774458] Call Trace: [ 11.774475] <TASK> [ 11.774501] dump_stack_lvl+0x73/0xb0 [ 11.774544] print_report+0xd1/0x650 [ 11.774744] ? __virt_addr_valid+0x1db/0x2d0 [ 11.774825] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.774866] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.774916] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.774955] kasan_report+0x141/0x180 [ 11.774996] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.775046] kasan_check_range+0x10c/0x1c0 [ 11.775079] __asan_memset+0x27/0x50 [ 11.775107] kmalloc_oob_in_memset+0x15f/0x320 [ 11.775129] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.775152] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.775178] kunit_try_run_case+0x1a5/0x480 [ 11.775204] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.775224] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.775248] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.775269] ? __kthread_parkme+0x82/0x180 [ 11.775588] ? preempt_count_sub+0x50/0x80 [ 11.775669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.775694] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.775718] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.775739] kthread+0x337/0x6f0 [ 11.775756] ? trace_preempt_on+0x20/0xc0 [ 11.775780] ? __pfx_kthread+0x10/0x10 [ 11.775797] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.775817] ? calculate_sigpending+0x7b/0xa0 [ 11.775838] ? __pfx_kthread+0x10/0x10 [ 11.775855] ret_from_fork+0x41/0x80 [ 11.775875] ? __pfx_kthread+0x10/0x10 [ 11.775892] ret_from_fork_asm+0x1a/0x30 [ 11.775921] </TASK> [ 11.775935] [ 11.786836] Allocated by task 190: [ 11.787220] kasan_save_stack+0x45/0x70 [ 11.787721] kasan_save_track+0x18/0x40 [ 11.787959] kasan_save_alloc_info+0x3b/0x50 [ 11.788287] __kasan_kmalloc+0xb7/0xc0 [ 11.789092] __kmalloc_cache_noprof+0x189/0x420 [ 11.789366] kmalloc_oob_in_memset+0xac/0x320 [ 11.789596] kunit_try_run_case+0x1a5/0x480 [ 11.789796] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.790100] kthread+0x337/0x6f0 [ 11.790560] ret_from_fork+0x41/0x80 [ 11.790897] ret_from_fork_asm+0x1a/0x30 [ 11.791209] [ 11.791311] The buggy address belongs to the object at ffff8881029da100 [ 11.791311] which belongs to the cache kmalloc-128 of size 128 [ 11.791769] The buggy address is located 0 bytes inside of [ 11.791769] allocated 120-byte region [ffff8881029da100, ffff8881029da178) [ 11.792689] [ 11.792898] The buggy address belongs to the physical page: [ 11.793253] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 11.794254] flags: 0x200000000000000(node=0|zone=2) [ 11.794569] page_type: f5(slab) [ 11.794825] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.795256] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.795784] page dumped because: kasan: bad access detected [ 11.796095] [ 11.796197] Memory state around the buggy address: [ 11.796671] ffff8881029da000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.797017] ffff8881029da080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.797357] >ffff8881029da100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.798297] ^ [ 11.798595] ffff8881029da180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799122] ffff8881029da200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.799797] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.732106] ================================================================== [ 11.732978] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.733304] Read of size 16 at addr ffff8881023b0f60 by task kunit_try_catch/188 [ 11.733692] [ 11.733829] CPU: 0 UID: 0 PID: 188 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.733976] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.734004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.734048] Call Trace: [ 11.734079] <TASK> [ 11.734118] dump_stack_lvl+0x73/0xb0 [ 11.734192] print_report+0xd1/0x650 [ 11.734235] ? __virt_addr_valid+0x1db/0x2d0 [ 11.734283] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.734316] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.734353] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.734388] kasan_report+0x141/0x180 [ 11.734426] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.734473] __asan_report_load16_noabort+0x18/0x20 [ 11.734515] kmalloc_uaf_16+0x47b/0x4c0 [ 11.734559] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.734604] ? __schedule+0x10cc/0x2b60 [ 11.734668] ? __pfx_read_tsc+0x10/0x10 [ 11.734711] ? ktime_get_ts64+0x86/0x230 [ 11.734766] kunit_try_run_case+0x1a5/0x480 [ 11.734818] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.735190] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.735272] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.735317] ? __kthread_parkme+0x82/0x180 [ 11.735355] ? preempt_count_sub+0x50/0x80 [ 11.735394] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.735428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.735453] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.735474] kthread+0x337/0x6f0 [ 11.735491] ? trace_preempt_on+0x20/0xc0 [ 11.735514] ? __pfx_kthread+0x10/0x10 [ 11.735530] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.735565] ? calculate_sigpending+0x7b/0xa0 [ 11.735586] ? __pfx_kthread+0x10/0x10 [ 11.735603] ret_from_fork+0x41/0x80 [ 11.735641] ? __pfx_kthread+0x10/0x10 [ 11.735662] ret_from_fork_asm+0x1a/0x30 [ 11.735692] </TASK> [ 11.735705] [ 11.747259] Allocated by task 188: [ 11.747808] kasan_save_stack+0x45/0x70 [ 11.748160] kasan_save_track+0x18/0x40 [ 11.748884] kasan_save_alloc_info+0x3b/0x50 [ 11.749254] __kasan_kmalloc+0xb7/0xc0 [ 11.750007] __kmalloc_cache_noprof+0x189/0x420 [ 11.750211] kmalloc_uaf_16+0x15b/0x4c0 [ 11.750422] kunit_try_run_case+0x1a5/0x480 [ 11.750691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.751096] kthread+0x337/0x6f0 [ 11.751478] ret_from_fork+0x41/0x80 [ 11.751794] ret_from_fork_asm+0x1a/0x30 [ 11.751986] [ 11.752124] Freed by task 188: [ 11.752489] kasan_save_stack+0x45/0x70 [ 11.752710] kasan_save_track+0x18/0x40 [ 11.752948] kasan_save_free_info+0x3f/0x60 [ 11.753229] __kasan_slab_free+0x56/0x70 [ 11.754075] kfree+0x222/0x3f0 [ 11.754353] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.754702] kunit_try_run_case+0x1a5/0x480 [ 11.755016] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.755485] kthread+0x337/0x6f0 [ 11.755674] ret_from_fork+0x41/0x80 [ 11.755888] ret_from_fork_asm+0x1a/0x30 [ 11.756168] [ 11.756427] The buggy address belongs to the object at ffff8881023b0f60 [ 11.756427] which belongs to the cache kmalloc-16 of size 16 [ 11.757147] The buggy address is located 0 bytes inside of [ 11.757147] freed 16-byte region [ffff8881023b0f60, ffff8881023b0f70) [ 11.757940] [ 11.758122] The buggy address belongs to the physical page: [ 11.759074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b0 [ 11.759498] flags: 0x200000000000000(node=0|zone=2) [ 11.759767] page_type: f5(slab) [ 11.760027] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.760329] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.760993] page dumped because: kasan: bad access detected [ 11.761486] [ 11.761676] Memory state around the buggy address: [ 11.761906] ffff8881023b0e00: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.762514] ffff8881023b0e80: fa fb fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 11.762881] >ffff8881023b0f00: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 11.763245] ^ [ 11.763828] ffff8881023b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.764126] ffff8881023b1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.765316] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.697868] ================================================================== [ 11.698340] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.698945] Write of size 16 at addr ffff888102662f40 by task kunit_try_catch/186 [ 11.699147] [ 11.699276] CPU: 1 UID: 0 PID: 186 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.699362] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.699384] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.699420] Call Trace: [ 11.699447] <TASK> [ 11.699483] dump_stack_lvl+0x73/0xb0 [ 11.699535] print_report+0xd1/0x650 [ 11.699571] ? __virt_addr_valid+0x1db/0x2d0 [ 11.699608] ? kmalloc_oob_16+0x452/0x4a0 [ 11.699653] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.699676] ? kmalloc_oob_16+0x452/0x4a0 [ 11.699696] kasan_report+0x141/0x180 [ 11.699717] ? kmalloc_oob_16+0x452/0x4a0 [ 11.699741] __asan_report_store16_noabort+0x1b/0x30 [ 11.699761] kmalloc_oob_16+0x452/0x4a0 [ 11.699781] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.699801] ? __schedule+0x10cc/0x2b60 [ 11.699824] ? __pfx_read_tsc+0x10/0x10 [ 11.699844] ? ktime_get_ts64+0x86/0x230 [ 11.699869] kunit_try_run_case+0x1a5/0x480 [ 11.699895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.699915] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.699938] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.699959] ? __kthread_parkme+0x82/0x180 [ 11.699981] ? preempt_count_sub+0x50/0x80 [ 11.700005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.700027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.700048] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.700068] kthread+0x337/0x6f0 [ 11.700084] ? trace_preempt_on+0x20/0xc0 [ 11.700107] ? __pfx_kthread+0x10/0x10 [ 11.700124] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.700144] ? calculate_sigpending+0x7b/0xa0 [ 11.700165] ? __pfx_kthread+0x10/0x10 [ 11.700182] ret_from_fork+0x41/0x80 [ 11.700201] ? __pfx_kthread+0x10/0x10 [ 11.700217] ret_from_fork_asm+0x1a/0x30 [ 11.700247] </TASK> [ 11.700259] [ 11.711482] Allocated by task 186: [ 11.711850] kasan_save_stack+0x45/0x70 [ 11.712173] kasan_save_track+0x18/0x40 [ 11.712473] kasan_save_alloc_info+0x3b/0x50 [ 11.712748] __kasan_kmalloc+0xb7/0xc0 [ 11.713029] __kmalloc_cache_noprof+0x189/0x420 [ 11.713246] kmalloc_oob_16+0xa8/0x4a0 [ 11.713408] kunit_try_run_case+0x1a5/0x480 [ 11.713928] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.714829] kthread+0x337/0x6f0 [ 11.715111] ret_from_fork+0x41/0x80 [ 11.715526] ret_from_fork_asm+0x1a/0x30 [ 11.715846] [ 11.715954] The buggy address belongs to the object at ffff888102662f40 [ 11.715954] which belongs to the cache kmalloc-16 of size 16 [ 11.716657] The buggy address is located 0 bytes inside of [ 11.716657] allocated 13-byte region [ffff888102662f40, ffff888102662f4d) [ 11.717275] [ 11.717684] The buggy address belongs to the physical page: [ 11.718074] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102662 [ 11.718970] flags: 0x200000000000000(node=0|zone=2) [ 11.719277] page_type: f5(slab) [ 11.719742] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.720127] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.720661] page dumped because: kasan: bad access detected [ 11.721004] [ 11.721104] Memory state around the buggy address: [ 11.721414] ffff888102662e00: 00 02 fc fc 00 05 fc fc 00 02 fc fc 00 02 fc fc [ 11.721885] ffff888102662e80: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.722166] >ffff888102662f00: fa fb fc fc 00 05 fc fc 00 05 fc fc 00 00 fc fc [ 11.722578] ^ [ 11.723602] ffff888102662f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.723994] ffff888102663000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.724442] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.618044] ================================================================== [ 11.618817] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.619214] Read of size 1 at addr ffff888100345600 by task kunit_try_catch/184 [ 11.619760] [ 11.619973] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.620070] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.620095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.620139] Call Trace: [ 11.620168] <TASK> [ 11.620204] dump_stack_lvl+0x73/0xb0 [ 11.620261] print_report+0xd1/0x650 [ 11.620449] ? __virt_addr_valid+0x1db/0x2d0 [ 11.620502] ? krealloc_uaf+0x1b8/0x5e0 [ 11.620535] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.620573] ? krealloc_uaf+0x1b8/0x5e0 [ 11.620608] kasan_report+0x141/0x180 [ 11.620684] ? krealloc_uaf+0x1b8/0x5e0 [ 11.620723] ? krealloc_uaf+0x1b8/0x5e0 [ 11.620754] __kasan_check_byte+0x3d/0x50 [ 11.620797] krealloc_noprof+0x3f/0x340 [ 11.620847] krealloc_uaf+0x1b8/0x5e0 [ 11.620886] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.620918] ? finish_task_switch.isra.0+0x153/0x700 [ 11.620959] ? __switch_to+0x5d9/0xf60 [ 11.620999] ? dequeue_task_fair+0x166/0x4e0 [ 11.621048] ? __schedule+0x10cc/0x2b60 [ 11.621093] ? __pfx_read_tsc+0x10/0x10 [ 11.621127] ? ktime_get_ts64+0x86/0x230 [ 11.621154] kunit_try_run_case+0x1a5/0x480 [ 11.621182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.621204] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.621228] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.621251] ? __kthread_parkme+0x82/0x180 [ 11.621273] ? preempt_count_sub+0x50/0x80 [ 11.621329] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.621366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.621398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.621430] kthread+0x337/0x6f0 [ 11.621447] ? trace_preempt_on+0x20/0xc0 [ 11.621472] ? __pfx_kthread+0x10/0x10 [ 11.621489] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.621509] ? calculate_sigpending+0x7b/0xa0 [ 11.621531] ? __pfx_kthread+0x10/0x10 [ 11.621562] ret_from_fork+0x41/0x80 [ 11.621583] ? __pfx_kthread+0x10/0x10 [ 11.621601] ret_from_fork_asm+0x1a/0x30 [ 11.621646] </TASK> [ 11.621661] [ 11.633525] Allocated by task 184: [ 11.633899] kasan_save_stack+0x45/0x70 [ 11.634265] kasan_save_track+0x18/0x40 [ 11.634471] kasan_save_alloc_info+0x3b/0x50 [ 11.634781] __kasan_kmalloc+0xb7/0xc0 [ 11.634942] __kmalloc_cache_noprof+0x189/0x420 [ 11.635121] krealloc_uaf+0xbb/0x5e0 [ 11.635275] kunit_try_run_case+0x1a5/0x480 [ 11.635574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.636225] kthread+0x337/0x6f0 [ 11.636697] ret_from_fork+0x41/0x80 [ 11.637001] ret_from_fork_asm+0x1a/0x30 [ 11.637512] [ 11.637797] Freed by task 184: [ 11.638135] kasan_save_stack+0x45/0x70 [ 11.638641] kasan_save_track+0x18/0x40 [ 11.638956] kasan_save_free_info+0x3f/0x60 [ 11.639131] __kasan_slab_free+0x56/0x70 [ 11.639300] kfree+0x222/0x3f0 [ 11.639443] krealloc_uaf+0x13d/0x5e0 [ 11.639600] kunit_try_run_case+0x1a5/0x480 [ 11.639944] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.640363] kthread+0x337/0x6f0 [ 11.640815] ret_from_fork+0x41/0x80 [ 11.641330] ret_from_fork_asm+0x1a/0x30 [ 11.642042] [ 11.642277] The buggy address belongs to the object at ffff888100345600 [ 11.642277] which belongs to the cache kmalloc-256 of size 256 [ 11.643453] The buggy address is located 0 bytes inside of [ 11.643453] freed 256-byte region [ffff888100345600, ffff888100345700) [ 11.643928] [ 11.644046] The buggy address belongs to the physical page: [ 11.644248] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.644510] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.644898] flags: 0x200000000000040(head|node=0|zone=2) [ 11.645325] page_type: f5(slab) [ 11.645642] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.646545] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.647185] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.647876] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.648145] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.648392] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.649611] page dumped because: kasan: bad access detected [ 11.649815] [ 11.649992] Memory state around the buggy address: [ 11.650474] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.651323] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.651541] >ffff888100345600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.652427] ^ [ 11.652805] ffff888100345680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.653033] ffff888100345700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.653668] ================================================================== [ 11.655193] ================================================================== [ 11.655634] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.656255] Read of size 1 at addr ffff888100345600 by task kunit_try_catch/184 [ 11.657024] [ 11.657293] CPU: 0 UID: 0 PID: 184 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.657382] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.657402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.657433] Call Trace: [ 11.657469] <TASK> [ 11.657501] dump_stack_lvl+0x73/0xb0 [ 11.657565] print_report+0xd1/0x650 [ 11.657599] ? __virt_addr_valid+0x1db/0x2d0 [ 11.657645] ? krealloc_uaf+0x53c/0x5e0 [ 11.657673] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.657703] ? krealloc_uaf+0x53c/0x5e0 [ 11.657727] kasan_report+0x141/0x180 [ 11.657758] ? krealloc_uaf+0x53c/0x5e0 [ 11.657788] __asan_report_load1_noabort+0x18/0x20 [ 11.657815] krealloc_uaf+0x53c/0x5e0 [ 11.657841] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.657864] ? finish_task_switch.isra.0+0x153/0x700 [ 11.657898] ? __switch_to+0x5d9/0xf60 [ 11.657933] ? dequeue_task_fair+0x166/0x4e0 [ 11.657989] ? __schedule+0x10cc/0x2b60 [ 11.658028] ? __pfx_read_tsc+0x10/0x10 [ 11.658064] ? ktime_get_ts64+0x86/0x230 [ 11.658110] kunit_try_run_case+0x1a5/0x480 [ 11.658156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.658198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.658244] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.658276] ? __kthread_parkme+0x82/0x180 [ 11.658299] ? preempt_count_sub+0x50/0x80 [ 11.658323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.658346] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.658369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.658391] kthread+0x337/0x6f0 [ 11.658418] ? trace_preempt_on+0x20/0xc0 [ 11.658498] ? __pfx_kthread+0x10/0x10 [ 11.658529] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.658576] ? calculate_sigpending+0x7b/0xa0 [ 11.658606] ? __pfx_kthread+0x10/0x10 [ 11.658647] ret_from_fork+0x41/0x80 [ 11.658680] ? __pfx_kthread+0x10/0x10 [ 11.658708] ret_from_fork_asm+0x1a/0x30 [ 11.658761] </TASK> [ 11.658780] [ 11.671538] Allocated by task 184: [ 11.671743] kasan_save_stack+0x45/0x70 [ 11.672544] kasan_save_track+0x18/0x40 [ 11.673160] kasan_save_alloc_info+0x3b/0x50 [ 11.673592] __kasan_kmalloc+0xb7/0xc0 [ 11.673917] __kmalloc_cache_noprof+0x189/0x420 [ 11.674228] krealloc_uaf+0xbb/0x5e0 [ 11.674535] kunit_try_run_case+0x1a5/0x480 [ 11.674781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.675174] kthread+0x337/0x6f0 [ 11.675373] ret_from_fork+0x41/0x80 [ 11.675501] ret_from_fork_asm+0x1a/0x30 [ 11.675634] [ 11.675708] Freed by task 184: [ 11.675815] kasan_save_stack+0x45/0x70 [ 11.676088] kasan_save_track+0x18/0x40 [ 11.676967] kasan_save_free_info+0x3f/0x60 [ 11.677496] __kasan_slab_free+0x56/0x70 [ 11.677856] kfree+0x222/0x3f0 [ 11.678143] krealloc_uaf+0x13d/0x5e0 [ 11.678600] kunit_try_run_case+0x1a5/0x480 [ 11.678839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.679095] kthread+0x337/0x6f0 [ 11.679923] ret_from_fork+0x41/0x80 [ 11.680222] ret_from_fork_asm+0x1a/0x30 [ 11.680662] [ 11.680756] The buggy address belongs to the object at ffff888100345600 [ 11.680756] which belongs to the cache kmalloc-256 of size 256 [ 11.681394] The buggy address is located 0 bytes inside of [ 11.681394] freed 256-byte region [ffff888100345600, ffff888100345700) [ 11.682064] [ 11.682243] The buggy address belongs to the physical page: [ 11.682784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.683081] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.684189] flags: 0x200000000000040(head|node=0|zone=2) [ 11.684645] page_type: f5(slab) [ 11.684872] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.685239] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.685814] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.686195] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.686837] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.687159] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.688236] page dumped because: kasan: bad access detected [ 11.688564] [ 11.688670] Memory state around the buggy address: [ 11.688840] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.689302] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.689684] >ffff888100345600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.690152] ^ [ 11.690733] ffff888100345680: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.691086] ffff888100345700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691886] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.339764] ================================================================== [ 11.340046] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.340289] Write of size 1 at addr ffff8881003454da by task kunit_try_catch/178 [ 11.340469] [ 11.340583] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.340678] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.340697] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.340733] Call Trace: [ 11.340763] <TASK> [ 11.340796] dump_stack_lvl+0x73/0xb0 [ 11.340846] print_report+0xd1/0x650 [ 11.340888] ? __virt_addr_valid+0x1db/0x2d0 [ 11.340927] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.340964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.341006] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.341043] kasan_report+0x141/0x180 [ 11.341080] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.341123] __asan_report_store1_noabort+0x1b/0x30 [ 11.341163] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.341207] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.341246] ? finish_task_switch.isra.0+0x153/0x700 [ 11.341290] ? __switch_to+0x5d9/0xf60 [ 11.341328] ? dequeue_task_fair+0x166/0x4e0 [ 11.341367] ? __schedule+0x10cc/0x2b60 [ 11.341422] ? __pfx_read_tsc+0x10/0x10 [ 11.341464] krealloc_less_oob+0x1c/0x30 [ 11.341490] kunit_try_run_case+0x1a5/0x480 [ 11.341525] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341555] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.341586] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.341615] ? __kthread_parkme+0x82/0x180 [ 11.341661] ? preempt_count_sub+0x50/0x80 [ 11.341693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.341761] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.341796] kthread+0x337/0x6f0 [ 11.341821] ? trace_preempt_on+0x20/0xc0 [ 11.341853] ? __pfx_kthread+0x10/0x10 [ 11.341877] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.341906] ? calculate_sigpending+0x7b/0xa0 [ 11.341939] ? __pfx_kthread+0x10/0x10 [ 11.341977] ret_from_fork+0x41/0x80 [ 11.342012] ? __pfx_kthread+0x10/0x10 [ 11.342047] ret_from_fork_asm+0x1a/0x30 [ 11.342106] </TASK> [ 11.342130] [ 11.350646] Allocated by task 178: [ 11.350909] kasan_save_stack+0x45/0x70 [ 11.351201] kasan_save_track+0x18/0x40 [ 11.351423] kasan_save_alloc_info+0x3b/0x50 [ 11.351746] __kasan_krealloc+0x190/0x1f0 [ 11.352026] krealloc_noprof+0xf3/0x340 [ 11.352183] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.352488] krealloc_less_oob+0x1c/0x30 [ 11.352853] kunit_try_run_case+0x1a5/0x480 [ 11.353089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.353339] kthread+0x337/0x6f0 [ 11.353508] ret_from_fork+0x41/0x80 [ 11.353753] ret_from_fork_asm+0x1a/0x30 [ 11.353925] [ 11.354092] The buggy address belongs to the object at ffff888100345400 [ 11.354092] which belongs to the cache kmalloc-256 of size 256 [ 11.354722] The buggy address is located 17 bytes to the right of [ 11.354722] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 11.355155] [ 11.355310] The buggy address belongs to the physical page: [ 11.355725] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.356011] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.356384] flags: 0x200000000000040(head|node=0|zone=2) [ 11.356638] page_type: f5(slab) [ 11.356902] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.357473] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.357857] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.358121] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.358369] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.358658] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.359157] page dumped because: kasan: bad access detected [ 11.359538] [ 11.359714] Memory state around the buggy address: [ 11.360082] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.360576] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.360867] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.361142] ^ [ 11.361517] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.361895] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.362244] ================================================================== [ 11.538283] ================================================================== [ 11.539571] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.540103] Write of size 1 at addr ffff8881028620da by task kunit_try_catch/182 [ 11.540525] [ 11.540765] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.540913] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.540938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.540991] Call Trace: [ 11.541028] <TASK> [ 11.541067] dump_stack_lvl+0x73/0xb0 [ 11.541115] print_report+0xd1/0x650 [ 11.541145] ? __virt_addr_valid+0x1db/0x2d0 [ 11.541173] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.541197] ? kasan_addr_to_slab+0x11/0xa0 [ 11.541225] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.541255] kasan_report+0x141/0x180 [ 11.541289] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.541333] __asan_report_store1_noabort+0x1b/0x30 [ 11.541397] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.541453] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.541511] ? finish_task_switch.isra.0+0x153/0x700 [ 11.541566] ? __switch_to+0x5d9/0xf60 [ 11.541608] ? dequeue_task_fair+0x166/0x4e0 [ 11.541666] ? __schedule+0x10cc/0x2b60 [ 11.541712] ? __pfx_read_tsc+0x10/0x10 [ 11.541752] krealloc_large_less_oob+0x1c/0x30 [ 11.541780] kunit_try_run_case+0x1a5/0x480 [ 11.541804] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.541823] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.541846] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.541867] ? __kthread_parkme+0x82/0x180 [ 11.541888] ? preempt_count_sub+0x50/0x80 [ 11.541909] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.541931] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.541965] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.541988] kthread+0x337/0x6f0 [ 11.542005] ? trace_preempt_on+0x20/0xc0 [ 11.542029] ? __pfx_kthread+0x10/0x10 [ 11.542046] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.542067] ? calculate_sigpending+0x7b/0xa0 [ 11.542088] ? __pfx_kthread+0x10/0x10 [ 11.542105] ret_from_fork+0x41/0x80 [ 11.542124] ? __pfx_kthread+0x10/0x10 [ 11.542140] ret_from_fork_asm+0x1a/0x30 [ 11.542169] </TASK> [ 11.542182] [ 11.551401] The buggy address belongs to the physical page: [ 11.551960] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.552588] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.553144] flags: 0x200000000000040(head|node=0|zone=2) [ 11.553366] page_type: f8(unknown) [ 11.553538] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.553813] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.554238] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.554782] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.555112] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.555356] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.555616] page dumped because: kasan: bad access detected [ 11.555997] [ 11.556153] Memory state around the buggy address: [ 11.556499] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.557043] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.557434] >ffff888102862080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.557903] ^ [ 11.559130] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.559389] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.559610] ================================================================== [ 11.560819] ================================================================== [ 11.561402] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.562482] Write of size 1 at addr ffff8881028620ea by task kunit_try_catch/182 [ 11.563425] [ 11.563800] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.563875] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.563893] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.563917] Call Trace: [ 11.563943] <TASK> [ 11.563968] dump_stack_lvl+0x73/0xb0 [ 11.564007] print_report+0xd1/0x650 [ 11.564030] ? __virt_addr_valid+0x1db/0x2d0 [ 11.564050] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.564069] ? kasan_addr_to_slab+0x11/0xa0 [ 11.564087] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.564106] kasan_report+0x141/0x180 [ 11.564126] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.564149] __asan_report_store1_noabort+0x1b/0x30 [ 11.564169] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.564189] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.564208] ? finish_task_switch.isra.0+0x153/0x700 [ 11.564229] ? __switch_to+0x5d9/0xf60 [ 11.564248] ? dequeue_task_fair+0x166/0x4e0 [ 11.564270] ? __schedule+0x10cc/0x2b60 [ 11.564472] ? __pfx_read_tsc+0x10/0x10 [ 11.564518] krealloc_large_less_oob+0x1c/0x30 [ 11.564548] kunit_try_run_case+0x1a5/0x480 [ 11.564580] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.564668] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.564702] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.564732] ? __kthread_parkme+0x82/0x180 [ 11.564761] ? preempt_count_sub+0x50/0x80 [ 11.564791] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.564821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.564850] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.564879] kthread+0x337/0x6f0 [ 11.564900] ? trace_preempt_on+0x20/0xc0 [ 11.564930] ? __pfx_kthread+0x10/0x10 [ 11.564956] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.564985] ? calculate_sigpending+0x7b/0xa0 [ 11.565015] ? __pfx_kthread+0x10/0x10 [ 11.565042] ret_from_fork+0x41/0x80 [ 11.565070] ? __pfx_kthread+0x10/0x10 [ 11.565095] ret_from_fork_asm+0x1a/0x30 [ 11.565169] </TASK> [ 11.565198] [ 11.577069] The buggy address belongs to the physical page: [ 11.577351] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.577902] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.578274] flags: 0x200000000000040(head|node=0|zone=2) [ 11.578551] page_type: f8(unknown) [ 11.578761] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.579123] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.579470] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.579924] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.580268] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.580593] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.580965] page dumped because: kasan: bad access detected [ 11.581328] [ 11.581433] Memory state around the buggy address: [ 11.581831] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.582180] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.582493] >ffff888102862080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.582835] ^ [ 11.583345] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.583581] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.583932] ================================================================== [ 11.394108] ================================================================== [ 11.395427] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.395717] Write of size 1 at addr ffff8881003454eb by task kunit_try_catch/178 [ 11.395981] [ 11.396126] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.396208] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.396229] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.396267] Call Trace: [ 11.396305] <TASK> [ 11.396342] dump_stack_lvl+0x73/0xb0 [ 11.396397] print_report+0xd1/0x650 [ 11.396437] ? __virt_addr_valid+0x1db/0x2d0 [ 11.396475] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.396511] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.396563] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.396606] kasan_report+0x141/0x180 [ 11.396666] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.396714] __asan_report_store1_noabort+0x1b/0x30 [ 11.396747] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.396786] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.396822] ? finish_task_switch.isra.0+0x153/0x700 [ 11.396863] ? __switch_to+0x5d9/0xf60 [ 11.396902] ? dequeue_task_fair+0x166/0x4e0 [ 11.396943] ? __schedule+0x10cc/0x2b60 [ 11.396979] ? __pfx_read_tsc+0x10/0x10 [ 11.397022] krealloc_less_oob+0x1c/0x30 [ 11.397055] kunit_try_run_case+0x1a5/0x480 [ 11.397102] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.397143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.397189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.397226] ? __kthread_parkme+0x82/0x180 [ 11.397270] ? preempt_count_sub+0x50/0x80 [ 11.397304] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.397334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.397364] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.397394] kthread+0x337/0x6f0 [ 11.397416] ? trace_preempt_on+0x20/0xc0 [ 11.397448] ? __pfx_kthread+0x10/0x10 [ 11.397471] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.397491] ? calculate_sigpending+0x7b/0xa0 [ 11.397512] ? __pfx_kthread+0x10/0x10 [ 11.397529] ret_from_fork+0x41/0x80 [ 11.397564] ? __pfx_kthread+0x10/0x10 [ 11.397587] ret_from_fork_asm+0x1a/0x30 [ 11.397640] </TASK> [ 11.397655] [ 11.409841] Allocated by task 178: [ 11.410228] kasan_save_stack+0x45/0x70 [ 11.410676] kasan_save_track+0x18/0x40 [ 11.410936] kasan_save_alloc_info+0x3b/0x50 [ 11.411210] __kasan_krealloc+0x190/0x1f0 [ 11.411523] krealloc_noprof+0xf3/0x340 [ 11.411759] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.412073] krealloc_less_oob+0x1c/0x30 [ 11.412379] kunit_try_run_case+0x1a5/0x480 [ 11.412662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.413002] kthread+0x337/0x6f0 [ 11.413253] ret_from_fork+0x41/0x80 [ 11.413567] ret_from_fork_asm+0x1a/0x30 [ 11.413801] [ 11.413989] The buggy address belongs to the object at ffff888100345400 [ 11.413989] which belongs to the cache kmalloc-256 of size 256 [ 11.414694] The buggy address is located 34 bytes to the right of [ 11.414694] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 11.415401] [ 11.415580] The buggy address belongs to the physical page: [ 11.415880] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.416356] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.416696] flags: 0x200000000000040(head|node=0|zone=2) [ 11.417097] page_type: f5(slab) [ 11.417348] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.417649] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.418181] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.418679] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.419034] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.419452] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.419799] page dumped because: kasan: bad access detected [ 11.420145] [ 11.420290] Memory state around the buggy address: [ 11.420590] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.420985] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.421467] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.421759] ^ [ 11.422219] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.422584] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.423074] ================================================================== [ 11.305837] ================================================================== [ 11.306298] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.306547] Write of size 1 at addr ffff8881003454d0 by task kunit_try_catch/178 [ 11.307117] [ 11.307380] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.307482] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.307506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.307553] Call Trace: [ 11.307596] <TASK> [ 11.307795] dump_stack_lvl+0x73/0xb0 [ 11.307840] print_report+0xd1/0x650 [ 11.307866] ? __virt_addr_valid+0x1db/0x2d0 [ 11.307888] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.307907] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.307937] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.307966] kasan_report+0x141/0x180 [ 11.308001] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.308044] __asan_report_store1_noabort+0x1b/0x30 [ 11.308103] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.308142] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.308179] ? finish_task_switch.isra.0+0x153/0x700 [ 11.308223] ? __switch_to+0x5d9/0xf60 [ 11.308257] ? dequeue_task_fair+0x166/0x4e0 [ 11.308448] ? __schedule+0x10cc/0x2b60 [ 11.308496] ? __pfx_read_tsc+0x10/0x10 [ 11.308531] krealloc_less_oob+0x1c/0x30 [ 11.308569] kunit_try_run_case+0x1a5/0x480 [ 11.308597] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.308618] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.308662] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.308685] ? __kthread_parkme+0x82/0x180 [ 11.308708] ? preempt_count_sub+0x50/0x80 [ 11.308731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.308754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.308777] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.308799] kthread+0x337/0x6f0 [ 11.308815] ? trace_preempt_on+0x20/0xc0 [ 11.308838] ? __pfx_kthread+0x10/0x10 [ 11.308855] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.308876] ? calculate_sigpending+0x7b/0xa0 [ 11.308897] ? __pfx_kthread+0x10/0x10 [ 11.308914] ret_from_fork+0x41/0x80 [ 11.308934] ? __pfx_kthread+0x10/0x10 [ 11.308951] ret_from_fork_asm+0x1a/0x30 [ 11.308981] </TASK> [ 11.308993] [ 11.322999] Allocated by task 178: [ 11.323311] kasan_save_stack+0x45/0x70 [ 11.323564] kasan_save_track+0x18/0x40 [ 11.323755] kasan_save_alloc_info+0x3b/0x50 [ 11.323918] __kasan_krealloc+0x190/0x1f0 [ 11.324104] krealloc_noprof+0xf3/0x340 [ 11.324839] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.325370] krealloc_less_oob+0x1c/0x30 [ 11.325763] kunit_try_run_case+0x1a5/0x480 [ 11.326046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.326315] kthread+0x337/0x6f0 [ 11.327164] ret_from_fork+0x41/0x80 [ 11.327503] ret_from_fork_asm+0x1a/0x30 [ 11.327678] [ 11.327771] The buggy address belongs to the object at ffff888100345400 [ 11.327771] which belongs to the cache kmalloc-256 of size 256 [ 11.328323] The buggy address is located 7 bytes to the right of [ 11.328323] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 11.328964] [ 11.329177] The buggy address belongs to the physical page: [ 11.329655] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.330085] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.330414] flags: 0x200000000000040(head|node=0|zone=2) [ 11.330832] page_type: f5(slab) [ 11.331124] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.332531] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.332885] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.333261] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.333805] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.334087] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.334601] page dumped because: kasan: bad access detected [ 11.334844] [ 11.334997] Memory state around the buggy address: [ 11.335258] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.335586] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.335979] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.336357] ^ [ 11.336964] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.337324] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.338392] ================================================================== [ 11.585078] ================================================================== [ 11.586417] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.587356] Write of size 1 at addr ffff8881028620eb by task kunit_try_catch/182 [ 11.587896] [ 11.588077] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.588171] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.588195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.588231] Call Trace: [ 11.588272] <TASK> [ 11.588310] dump_stack_lvl+0x73/0xb0 [ 11.588371] print_report+0xd1/0x650 [ 11.588414] ? __virt_addr_valid+0x1db/0x2d0 [ 11.588455] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.588494] ? kasan_addr_to_slab+0x11/0xa0 [ 11.588530] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.588806] kasan_report+0x141/0x180 [ 11.588875] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.588917] __asan_report_store1_noabort+0x1b/0x30 [ 11.588942] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.588964] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.588983] ? finish_task_switch.isra.0+0x153/0x700 [ 11.589006] ? __switch_to+0x5d9/0xf60 [ 11.589028] ? dequeue_task_fair+0x166/0x4e0 [ 11.589051] ? __schedule+0x10cc/0x2b60 [ 11.589073] ? __pfx_read_tsc+0x10/0x10 [ 11.589095] krealloc_large_less_oob+0x1c/0x30 [ 11.589113] kunit_try_run_case+0x1a5/0x480 [ 11.589137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.589179] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.589200] ? __kthread_parkme+0x82/0x180 [ 11.589222] ? preempt_count_sub+0x50/0x80 [ 11.589244] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.589265] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.589328] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.589370] kthread+0x337/0x6f0 [ 11.589396] ? trace_preempt_on+0x20/0xc0 [ 11.589429] ? __pfx_kthread+0x10/0x10 [ 11.589453] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.589482] ? calculate_sigpending+0x7b/0xa0 [ 11.589508] ? __pfx_kthread+0x10/0x10 [ 11.589533] ret_from_fork+0x41/0x80 [ 11.589571] ? __pfx_kthread+0x10/0x10 [ 11.589597] ret_from_fork_asm+0x1a/0x30 [ 11.589653] </TASK> [ 11.589672] [ 11.603384] The buggy address belongs to the physical page: [ 11.603770] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.604367] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.604908] flags: 0x200000000000040(head|node=0|zone=2) [ 11.605319] page_type: f8(unknown) [ 11.605788] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.606051] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.606574] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.606908] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.607302] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.607773] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.608182] page dumped because: kasan: bad access detected [ 11.608503] [ 11.608705] Memory state around the buggy address: [ 11.609030] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.609390] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.609747] >ffff888102862080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.610245] ^ [ 11.610706] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.611138] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.611484] ================================================================== [ 11.490236] ================================================================== [ 11.490977] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.491492] Write of size 1 at addr ffff8881028620c9 by task kunit_try_catch/182 [ 11.492343] [ 11.492732] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.492840] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.492864] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.492905] Call Trace: [ 11.492932] <TASK> [ 11.492965] dump_stack_lvl+0x73/0xb0 [ 11.493027] print_report+0xd1/0x650 [ 11.493070] ? __virt_addr_valid+0x1db/0x2d0 [ 11.493111] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.493142] ? kasan_addr_to_slab+0x11/0xa0 [ 11.493173] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.493206] kasan_report+0x141/0x180 [ 11.493245] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.493288] __asan_report_store1_noabort+0x1b/0x30 [ 11.493325] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.493367] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.493402] ? finish_task_switch.isra.0+0x153/0x700 [ 11.493440] ? __switch_to+0x5d9/0xf60 [ 11.493473] ? dequeue_task_fair+0x166/0x4e0 [ 11.493531] ? __schedule+0x10cc/0x2b60 [ 11.493572] ? __pfx_read_tsc+0x10/0x10 [ 11.493615] krealloc_large_less_oob+0x1c/0x30 [ 11.493673] kunit_try_run_case+0x1a5/0x480 [ 11.493721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.493780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.493831] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.493866] ? __kthread_parkme+0x82/0x180 [ 11.493899] ? preempt_count_sub+0x50/0x80 [ 11.493930] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.493963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.493988] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.494009] kthread+0x337/0x6f0 [ 11.494026] ? trace_preempt_on+0x20/0xc0 [ 11.494049] ? __pfx_kthread+0x10/0x10 [ 11.494066] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.494086] ? calculate_sigpending+0x7b/0xa0 [ 11.494106] ? __pfx_kthread+0x10/0x10 [ 11.494124] ret_from_fork+0x41/0x80 [ 11.494144] ? __pfx_kthread+0x10/0x10 [ 11.494161] ret_from_fork_asm+0x1a/0x30 [ 11.494191] </TASK> [ 11.494205] [ 11.505195] The buggy address belongs to the physical page: [ 11.505541] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.506255] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.506508] flags: 0x200000000000040(head|node=0|zone=2) [ 11.507088] page_type: f8(unknown) [ 11.507950] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.508328] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.508709] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.509003] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.509258] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.509715] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.510427] page dumped because: kasan: bad access detected [ 11.510741] [ 11.511044] Memory state around the buggy address: [ 11.511308] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.511573] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.512128] >ffff888102862080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.512361] ^ [ 11.512831] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.513080] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.513458] ================================================================== [ 11.516123] ================================================================== [ 11.516487] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.516746] Write of size 1 at addr ffff8881028620d0 by task kunit_try_catch/182 [ 11.516937] [ 11.517139] CPU: 1 UID: 0 PID: 182 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.517223] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.517244] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.517283] Call Trace: [ 11.517333] <TASK> [ 11.517371] dump_stack_lvl+0x73/0xb0 [ 11.517429] print_report+0xd1/0x650 [ 11.517475] ? __virt_addr_valid+0x1db/0x2d0 [ 11.517508] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.517542] ? kasan_addr_to_slab+0x11/0xa0 [ 11.517576] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.517610] kasan_report+0x141/0x180 [ 11.517686] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.517727] __asan_report_store1_noabort+0x1b/0x30 [ 11.517761] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.517802] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.517838] ? finish_task_switch.isra.0+0x153/0x700 [ 11.517878] ? __switch_to+0x5d9/0xf60 [ 11.517916] ? dequeue_task_fair+0x166/0x4e0 [ 11.517965] ? __schedule+0x10cc/0x2b60 [ 11.518006] ? __pfx_read_tsc+0x10/0x10 [ 11.518045] krealloc_large_less_oob+0x1c/0x30 [ 11.518080] kunit_try_run_case+0x1a5/0x480 [ 11.518116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.518146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.518180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.518534] ? __kthread_parkme+0x82/0x180 [ 11.518585] ? preempt_count_sub+0x50/0x80 [ 11.518636] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.518673] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.518712] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.518744] kthread+0x337/0x6f0 [ 11.518776] ? trace_preempt_on+0x20/0xc0 [ 11.518809] ? __pfx_kthread+0x10/0x10 [ 11.518835] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.518865] ? calculate_sigpending+0x7b/0xa0 [ 11.518894] ? __pfx_kthread+0x10/0x10 [ 11.518921] ret_from_fork+0x41/0x80 [ 11.518952] ? __pfx_kthread+0x10/0x10 [ 11.518970] ret_from_fork_asm+0x1a/0x30 [ 11.519000] </TASK> [ 11.519013] [ 11.528784] The buggy address belongs to the physical page: [ 11.529147] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.529451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.529882] flags: 0x200000000000040(head|node=0|zone=2) [ 11.530324] page_type: f8(unknown) [ 11.530640] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.531154] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.531582] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.531903] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.532338] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.533029] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.533312] page dumped because: kasan: bad access detected [ 11.533696] [ 11.533870] Memory state around the buggy address: [ 11.534157] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.534563] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.534978] >ffff888102862080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.535409] ^ [ 11.535796] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.536186] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.536511] ================================================================== [ 11.270207] ================================================================== [ 11.271339] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.271874] Write of size 1 at addr ffff8881003454c9 by task kunit_try_catch/178 [ 11.272171] [ 11.272313] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.272405] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.272426] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.272464] Call Trace: [ 11.272493] <TASK> [ 11.272528] dump_stack_lvl+0x73/0xb0 [ 11.272579] print_report+0xd1/0x650 [ 11.272611] ? __virt_addr_valid+0x1db/0x2d0 [ 11.272679] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.273039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.273076] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.273098] kasan_report+0x141/0x180 [ 11.273121] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.273145] __asan_report_store1_noabort+0x1b/0x30 [ 11.273164] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.273185] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.273204] ? finish_task_switch.isra.0+0x153/0x700 [ 11.273228] ? __switch_to+0x5d9/0xf60 [ 11.273249] ? dequeue_task_fair+0x166/0x4e0 [ 11.273272] ? __schedule+0x10cc/0x2b60 [ 11.273312] ? __pfx_read_tsc+0x10/0x10 [ 11.273346] krealloc_less_oob+0x1c/0x30 [ 11.273374] kunit_try_run_case+0x1a5/0x480 [ 11.273407] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.273428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.273451] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.273473] ? __kthread_parkme+0x82/0x180 [ 11.273495] ? preempt_count_sub+0x50/0x80 [ 11.273518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.273540] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.273570] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.273591] kthread+0x337/0x6f0 [ 11.273608] ? trace_preempt_on+0x20/0xc0 [ 11.273650] ? __pfx_kthread+0x10/0x10 [ 11.273669] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.273690] ? calculate_sigpending+0x7b/0xa0 [ 11.273711] ? __pfx_kthread+0x10/0x10 [ 11.273729] ret_from_fork+0x41/0x80 [ 11.273749] ? __pfx_kthread+0x10/0x10 [ 11.273766] ret_from_fork_asm+0x1a/0x30 [ 11.273797] </TASK> [ 11.273810] [ 11.288185] Allocated by task 178: [ 11.288716] kasan_save_stack+0x45/0x70 [ 11.289063] kasan_save_track+0x18/0x40 [ 11.289324] kasan_save_alloc_info+0x3b/0x50 [ 11.289619] __kasan_krealloc+0x190/0x1f0 [ 11.289962] krealloc_noprof+0xf3/0x340 [ 11.290456] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.290860] krealloc_less_oob+0x1c/0x30 [ 11.291111] kunit_try_run_case+0x1a5/0x480 [ 11.291432] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.291897] kthread+0x337/0x6f0 [ 11.292134] ret_from_fork+0x41/0x80 [ 11.292734] ret_from_fork_asm+0x1a/0x30 [ 11.292986] [ 11.293094] The buggy address belongs to the object at ffff888100345400 [ 11.293094] which belongs to the cache kmalloc-256 of size 256 [ 11.293727] The buggy address is located 0 bytes to the right of [ 11.293727] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 11.294118] [ 11.294283] The buggy address belongs to the physical page: [ 11.295384] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.295891] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.296213] flags: 0x200000000000040(head|node=0|zone=2) [ 11.296636] page_type: f5(slab) [ 11.296923] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.297268] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.297752] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.298265] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.299025] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.299315] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.300038] page dumped because: kasan: bad access detected [ 11.300463] [ 11.300826] Memory state around the buggy address: [ 11.301184] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.301961] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.302749] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.302961] ^ [ 11.303384] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.303674] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.304046] ================================================================== [ 11.363817] ================================================================== [ 11.365285] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.365731] Write of size 1 at addr ffff8881003454ea by task kunit_try_catch/178 [ 11.366003] [ 11.366147] CPU: 0 UID: 0 PID: 178 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.366251] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.366277] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.366321] Call Trace: [ 11.366359] <TASK> [ 11.366399] dump_stack_lvl+0x73/0xb0 [ 11.366455] print_report+0xd1/0x650 [ 11.366505] ? __virt_addr_valid+0x1db/0x2d0 [ 11.366551] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.366594] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.366654] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.366700] kasan_report+0x141/0x180 [ 11.366748] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.366802] __asan_report_store1_noabort+0x1b/0x30 [ 11.366832] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.366855] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.366875] ? finish_task_switch.isra.0+0x153/0x700 [ 11.366900] ? __switch_to+0x5d9/0xf60 [ 11.366922] ? dequeue_task_fair+0x166/0x4e0 [ 11.366945] ? __schedule+0x10cc/0x2b60 [ 11.366969] ? __pfx_read_tsc+0x10/0x10 [ 11.366992] krealloc_less_oob+0x1c/0x30 [ 11.367010] kunit_try_run_case+0x1a5/0x480 [ 11.367035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367058] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.367081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.367103] ? __kthread_parkme+0x82/0x180 [ 11.367124] ? preempt_count_sub+0x50/0x80 [ 11.367146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.367168] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.367189] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.367210] kthread+0x337/0x6f0 [ 11.367226] ? trace_preempt_on+0x20/0xc0 [ 11.367248] ? __pfx_kthread+0x10/0x10 [ 11.367265] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.367285] ? calculate_sigpending+0x7b/0xa0 [ 11.367305] ? __pfx_kthread+0x10/0x10 [ 11.367322] ret_from_fork+0x41/0x80 [ 11.367341] ? __pfx_kthread+0x10/0x10 [ 11.367357] ret_from_fork_asm+0x1a/0x30 [ 11.367386] </TASK> [ 11.367399] [ 11.378880] Allocated by task 178: [ 11.379348] kasan_save_stack+0x45/0x70 [ 11.379784] kasan_save_track+0x18/0x40 [ 11.380067] kasan_save_alloc_info+0x3b/0x50 [ 11.380389] __kasan_krealloc+0x190/0x1f0 [ 11.380692] krealloc_noprof+0xf3/0x340 [ 11.381011] krealloc_less_oob_helper+0x1aa/0x11d0 [ 11.381388] krealloc_less_oob+0x1c/0x30 [ 11.381778] kunit_try_run_case+0x1a5/0x480 [ 11.382022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.382427] kthread+0x337/0x6f0 [ 11.382768] ret_from_fork+0x41/0x80 [ 11.383009] ret_from_fork_asm+0x1a/0x30 [ 11.383301] [ 11.383447] The buggy address belongs to the object at ffff888100345400 [ 11.383447] which belongs to the cache kmalloc-256 of size 256 [ 11.384118] The buggy address is located 33 bytes to the right of [ 11.384118] allocated 201-byte region [ffff888100345400, ffff8881003454c9) [ 11.384866] [ 11.385041] The buggy address belongs to the physical page: [ 11.385311] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100344 [ 11.385639] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.385933] flags: 0x200000000000040(head|node=0|zone=2) [ 11.386207] page_type: f5(slab) [ 11.386487] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.386855] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.387112] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.387377] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.387786] head: 0200000000000001 ffffea000400d101 00000000ffffffff 00000000ffffffff [ 11.388449] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.389004] page dumped because: kasan: bad access detected [ 11.389396] [ 11.389582] Memory state around the buggy address: [ 11.389822] ffff888100345380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.390301] ffff888100345400: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.390712] >ffff888100345480: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 11.391168] ^ [ 11.391581] ffff888100345500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.392030] ffff888100345580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.392443] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 11.193498] ================================================================== [ 11.194339] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.195392] Write of size 1 at addr ffff888100aaaeeb by task kunit_try_catch/176 [ 11.196419] [ 11.196708] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.196811] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.196835] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.196869] Call Trace: [ 11.196928] <TASK> [ 11.197043] dump_stack_lvl+0x73/0xb0 [ 11.197110] print_report+0xd1/0x650 [ 11.197138] ? __virt_addr_valid+0x1db/0x2d0 [ 11.197162] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197181] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.197202] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197221] kasan_report+0x141/0x180 [ 11.197241] ? krealloc_more_oob_helper+0x821/0x930 [ 11.197264] __asan_report_store1_noabort+0x1b/0x30 [ 11.197287] krealloc_more_oob_helper+0x821/0x930 [ 11.197321] ? __schedule+0x10cc/0x2b60 [ 11.197354] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.197382] ? finish_task_switch.isra.0+0x153/0x700 [ 11.197414] ? __switch_to+0x5d9/0xf60 [ 11.197442] ? dequeue_task_fair+0x166/0x4e0 [ 11.197474] ? __schedule+0x10cc/0x2b60 [ 11.197503] ? __pfx_read_tsc+0x10/0x10 [ 11.197534] krealloc_more_oob+0x1c/0x30 [ 11.197559] kunit_try_run_case+0x1a5/0x480 [ 11.197593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.197621] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.197669] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.197701] ? __kthread_parkme+0x82/0x180 [ 11.197731] ? preempt_count_sub+0x50/0x80 [ 11.197762] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.197793] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.197836] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.197857] kthread+0x337/0x6f0 [ 11.197874] ? trace_preempt_on+0x20/0xc0 [ 11.197898] ? __pfx_kthread+0x10/0x10 [ 11.197915] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.197936] ? calculate_sigpending+0x7b/0xa0 [ 11.197972] ? __pfx_kthread+0x10/0x10 [ 11.197990] ret_from_fork+0x41/0x80 [ 11.198010] ? __pfx_kthread+0x10/0x10 [ 11.198028] ret_from_fork_asm+0x1a/0x30 [ 11.198061] </TASK> [ 11.198074] [ 11.212074] Allocated by task 176: [ 11.212325] kasan_save_stack+0x45/0x70 [ 11.212742] kasan_save_track+0x18/0x40 [ 11.213053] kasan_save_alloc_info+0x3b/0x50 [ 11.213276] __kasan_krealloc+0x190/0x1f0 [ 11.213538] krealloc_noprof+0xf3/0x340 [ 11.214465] krealloc_more_oob_helper+0x1a9/0x930 [ 11.214999] krealloc_more_oob+0x1c/0x30 [ 11.215439] kunit_try_run_case+0x1a5/0x480 [ 11.215643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.215899] kthread+0x337/0x6f0 [ 11.216046] ret_from_fork+0x41/0x80 [ 11.216229] ret_from_fork_asm+0x1a/0x30 [ 11.216963] [ 11.217094] The buggy address belongs to the object at ffff888100aaae00 [ 11.217094] which belongs to the cache kmalloc-256 of size 256 [ 11.218089] The buggy address is located 0 bytes to the right of [ 11.218089] allocated 235-byte region [ffff888100aaae00, ffff888100aaaeeb) [ 11.219579] [ 11.219806] The buggy address belongs to the physical page: [ 11.220191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 11.220558] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.220897] flags: 0x200000000000040(head|node=0|zone=2) [ 11.221701] page_type: f5(slab) [ 11.221907] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.222686] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.223162] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.223493] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.223864] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 11.224338] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.224823] page dumped because: kasan: bad access detected [ 11.225195] [ 11.225328] Memory state around the buggy address: [ 11.225546] ffff888100aaad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.226743] ffff888100aaae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.227283] >ffff888100aaae80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.228395] ^ [ 11.229013] ffff888100aaaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.229356] ffff888100aaaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.229891] ================================================================== [ 11.429564] ================================================================== [ 11.430201] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 11.431213] Write of size 1 at addr ffff8881028620eb by task kunit_try_catch/180 [ 11.431937] [ 11.432513] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.432676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.432701] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.432743] Call Trace: [ 11.432768] <TASK> [ 11.432801] dump_stack_lvl+0x73/0xb0 [ 11.432857] print_report+0xd1/0x650 [ 11.432887] ? __virt_addr_valid+0x1db/0x2d0 [ 11.432918] ? krealloc_more_oob_helper+0x821/0x930 [ 11.432936] ? kasan_addr_to_slab+0x11/0xa0 [ 11.432955] ? krealloc_more_oob_helper+0x821/0x930 [ 11.432973] kasan_report+0x141/0x180 [ 11.432993] ? krealloc_more_oob_helper+0x821/0x930 [ 11.433016] __asan_report_store1_noabort+0x1b/0x30 [ 11.433035] krealloc_more_oob_helper+0x821/0x930 [ 11.433053] ? __schedule+0x10cc/0x2b60 [ 11.433074] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.433093] ? finish_task_switch.isra.0+0x153/0x700 [ 11.433116] ? __switch_to+0x5d9/0xf60 [ 11.433136] ? dequeue_task_fair+0x166/0x4e0 [ 11.433158] ? __schedule+0x10cc/0x2b60 [ 11.433178] ? __pfx_read_tsc+0x10/0x10 [ 11.433199] krealloc_large_more_oob+0x1c/0x30 [ 11.433217] kunit_try_run_case+0x1a5/0x480 [ 11.433241] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.433261] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.433327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.433373] ? __kthread_parkme+0x82/0x180 [ 11.433407] ? preempt_count_sub+0x50/0x80 [ 11.433439] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.433470] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.433503] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.433532] kthread+0x337/0x6f0 [ 11.433568] ? trace_preempt_on+0x20/0xc0 [ 11.433603] ? __pfx_kthread+0x10/0x10 [ 11.433647] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.433680] ? calculate_sigpending+0x7b/0xa0 [ 11.433731] ? __pfx_kthread+0x10/0x10 [ 11.433763] ret_from_fork+0x41/0x80 [ 11.433784] ? __pfx_kthread+0x10/0x10 [ 11.433801] ret_from_fork_asm+0x1a/0x30 [ 11.433831] </TASK> [ 11.433844] [ 11.446695] The buggy address belongs to the physical page: [ 11.447171] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.447946] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.448275] flags: 0x200000000000040(head|node=0|zone=2) [ 11.448732] page_type: f8(unknown) [ 11.449199] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.450112] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.450582] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.451137] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.451647] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.452499] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.452877] page dumped because: kasan: bad access detected [ 11.453684] [ 11.453785] Memory state around the buggy address: [ 11.454088] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.454768] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.455251] >ffff888102862080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.455578] ^ [ 11.456106] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.456665] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.457133] ================================================================== [ 11.230732] ================================================================== [ 11.231037] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.231615] Write of size 1 at addr ffff888100aaaef0 by task kunit_try_catch/176 [ 11.232963] [ 11.233275] CPU: 1 UID: 0 PID: 176 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.233478] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.233501] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.233538] Call Trace: [ 11.233570] <TASK> [ 11.233596] dump_stack_lvl+0x73/0xb0 [ 11.233656] print_report+0xd1/0x650 [ 11.233681] ? __virt_addr_valid+0x1db/0x2d0 [ 11.233702] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.233720] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.233742] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.233770] kasan_report+0x141/0x180 [ 11.233790] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.233812] __asan_report_store1_noabort+0x1b/0x30 [ 11.233831] krealloc_more_oob_helper+0x7eb/0x930 [ 11.233848] ? __schedule+0x10cc/0x2b60 [ 11.233879] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.233903] ? finish_task_switch.isra.0+0x153/0x700 [ 11.233926] ? __switch_to+0x5d9/0xf60 [ 11.233956] ? dequeue_task_fair+0x166/0x4e0 [ 11.233982] ? __schedule+0x10cc/0x2b60 [ 11.234003] ? __pfx_read_tsc+0x10/0x10 [ 11.234025] krealloc_more_oob+0x1c/0x30 [ 11.234044] kunit_try_run_case+0x1a5/0x480 [ 11.234069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.234088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.234110] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.234131] ? __kthread_parkme+0x82/0x180 [ 11.234150] ? preempt_count_sub+0x50/0x80 [ 11.234172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.234192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.234213] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.234233] kthread+0x337/0x6f0 [ 11.234249] ? trace_preempt_on+0x20/0xc0 [ 11.234271] ? __pfx_kthread+0x10/0x10 [ 11.234319] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.234360] ? calculate_sigpending+0x7b/0xa0 [ 11.234391] ? __pfx_kthread+0x10/0x10 [ 11.234417] ret_from_fork+0x41/0x80 [ 11.234445] ? __pfx_kthread+0x10/0x10 [ 11.234469] ret_from_fork_asm+0x1a/0x30 [ 11.234511] </TASK> [ 11.234529] [ 11.246055] Allocated by task 176: [ 11.246456] kasan_save_stack+0x45/0x70 [ 11.246914] kasan_save_track+0x18/0x40 [ 11.247231] kasan_save_alloc_info+0x3b/0x50 [ 11.247579] __kasan_krealloc+0x190/0x1f0 [ 11.247867] krealloc_noprof+0xf3/0x340 [ 11.248126] krealloc_more_oob_helper+0x1a9/0x930 [ 11.248440] krealloc_more_oob+0x1c/0x30 [ 11.248819] kunit_try_run_case+0x1a5/0x480 [ 11.249166] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.249796] kthread+0x337/0x6f0 [ 11.250097] ret_from_fork+0x41/0x80 [ 11.250317] ret_from_fork_asm+0x1a/0x30 [ 11.250665] [ 11.250841] The buggy address belongs to the object at ffff888100aaae00 [ 11.250841] which belongs to the cache kmalloc-256 of size 256 [ 11.251363] The buggy address is located 5 bytes to the right of [ 11.251363] allocated 235-byte region [ffff888100aaae00, ffff888100aaaeeb) [ 11.252422] [ 11.252902] The buggy address belongs to the physical page: [ 11.253529] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100aaa [ 11.254481] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.254989] flags: 0x200000000000040(head|node=0|zone=2) [ 11.255384] page_type: f5(slab) [ 11.255708] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.256378] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.257750] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.258135] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.258670] head: 0200000000000001 ffffea000402aa81 00000000ffffffff 00000000ffffffff [ 11.259066] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.259352] page dumped because: kasan: bad access detected [ 11.260173] [ 11.260278] Memory state around the buggy address: [ 11.260823] ffff888100aaad80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.261779] ffff888100aaae00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.262110] >ffff888100aaae80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 11.262729] ^ [ 11.262987] ffff888100aaaf00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.263149] ffff888100aaaf80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.263273] ================================================================== [ 11.458049] ================================================================== [ 11.458328] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 11.459430] Write of size 1 at addr ffff8881028620f0 by task kunit_try_catch/180 [ 11.460029] [ 11.460189] CPU: 1 UID: 0 PID: 180 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.460265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.460280] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.460315] Call Trace: [ 11.460354] <TASK> [ 11.460386] dump_stack_lvl+0x73/0xb0 [ 11.460420] print_report+0xd1/0x650 [ 11.460444] ? __virt_addr_valid+0x1db/0x2d0 [ 11.460465] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.460483] ? kasan_addr_to_slab+0x11/0xa0 [ 11.460502] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.460520] kasan_report+0x141/0x180 [ 11.460543] ? krealloc_more_oob_helper+0x7eb/0x930 [ 11.460583] __asan_report_store1_noabort+0x1b/0x30 [ 11.461014] krealloc_more_oob_helper+0x7eb/0x930 [ 11.461172] ? __schedule+0x10cc/0x2b60 [ 11.461226] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 11.461268] ? finish_task_switch.isra.0+0x153/0x700 [ 11.461306] ? __switch_to+0x5d9/0xf60 [ 11.461342] ? dequeue_task_fair+0x166/0x4e0 [ 11.461379] ? __schedule+0x10cc/0x2b60 [ 11.461411] ? __pfx_read_tsc+0x10/0x10 [ 11.461445] krealloc_large_more_oob+0x1c/0x30 [ 11.461474] kunit_try_run_case+0x1a5/0x480 [ 11.461507] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461534] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.461566] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.461598] ? __kthread_parkme+0x82/0x180 [ 11.461648] ? preempt_count_sub+0x50/0x80 [ 11.461683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.461713] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.461747] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.461778] kthread+0x337/0x6f0 [ 11.461804] ? trace_preempt_on+0x20/0xc0 [ 11.461833] ? __pfx_kthread+0x10/0x10 [ 11.461857] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.461889] ? calculate_sigpending+0x7b/0xa0 [ 11.461920] ? __pfx_kthread+0x10/0x10 [ 11.461990] ret_from_fork+0x41/0x80 [ 11.462045] ? __pfx_kthread+0x10/0x10 [ 11.462087] ret_from_fork_asm+0x1a/0x30 [ 11.462166] </TASK> [ 11.462204] [ 11.474964] The buggy address belongs to the physical page: [ 11.475328] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102860 [ 11.476603] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.476848] flags: 0x200000000000040(head|node=0|zone=2) [ 11.477218] page_type: f8(unknown) [ 11.477419] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.477790] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.478191] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.478505] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.479180] head: 0200000000000002 ffffea00040a1801 00000000ffffffff 00000000ffffffff [ 11.479474] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.479984] page dumped because: kasan: bad access detected [ 11.480272] [ 11.480404] Memory state around the buggy address: [ 11.481491] ffff888102861f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.481778] ffff888102862000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.482180] >ffff888102862080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.482711] ^ [ 11.483050] ffff888102862100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.483611] ffff888102862180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.484045] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 11.166823] ================================================================== [ 11.167757] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 11.168459] Read of size 1 at addr ffff888103a50000 by task kunit_try_catch/174 [ 11.169187] [ 11.169737] CPU: 0 UID: 0 PID: 174 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.169820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.169833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.169858] Call Trace: [ 11.169875] <TASK> [ 11.169899] dump_stack_lvl+0x73/0xb0 [ 11.169940] print_report+0xd1/0x650 [ 11.169979] ? __virt_addr_valid+0x1db/0x2d0 [ 11.170002] ? page_alloc_uaf+0x356/0x3d0 [ 11.170021] ? kasan_addr_to_slab+0x11/0xa0 [ 11.170041] ? page_alloc_uaf+0x356/0x3d0 [ 11.170061] kasan_report+0x141/0x180 [ 11.170083] ? page_alloc_uaf+0x356/0x3d0 [ 11.170105] __asan_report_load1_noabort+0x18/0x20 [ 11.170125] page_alloc_uaf+0x356/0x3d0 [ 11.170143] ? __pfx_page_alloc_uaf+0x10/0x10 [ 11.170163] ? __schedule+0x10cc/0x2b60 [ 11.170186] ? __pfx_read_tsc+0x10/0x10 [ 11.170207] ? ktime_get_ts64+0x86/0x230 [ 11.170234] kunit_try_run_case+0x1a5/0x480 [ 11.170260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.170283] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.170320] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.170354] ? __kthread_parkme+0x82/0x180 [ 11.170386] ? preempt_count_sub+0x50/0x80 [ 11.170421] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.170454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.170488] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.170517] kthread+0x337/0x6f0 [ 11.170541] ? trace_preempt_on+0x20/0xc0 [ 11.170575] ? __pfx_kthread+0x10/0x10 [ 11.170600] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.170646] ? calculate_sigpending+0x7b/0xa0 [ 11.170678] ? __pfx_kthread+0x10/0x10 [ 11.170705] ret_from_fork+0x41/0x80 [ 11.170732] ? __pfx_kthread+0x10/0x10 [ 11.170757] ret_from_fork_asm+0x1a/0x30 [ 11.170802] </TASK> [ 11.170820] [ 11.181268] The buggy address belongs to the physical page: [ 11.181816] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a50 [ 11.182089] flags: 0x200000000000000(node=0|zone=2) [ 11.182508] page_type: f0(buddy) [ 11.182778] raw: 0200000000000000 ffff88817fffb3e0 ffff88817fffb3e0 0000000000000000 [ 11.183180] raw: 0000000000000000 0000000000000004 00000000f0000000 0000000000000000 [ 11.183681] page dumped because: kasan: bad access detected [ 11.183948] [ 11.184116] Memory state around the buggy address: [ 11.184318] ffff888103a4ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.184731] ffff888103a4ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.185146] >ffff888103a50000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.185589] ^ [ 11.185784] ffff888103a50080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.186168] ffff888103a50100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.186638] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 11.134698] ================================================================== [ 11.135186] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 11.135772] Free of addr ffff888102858001 by task kunit_try_catch/170 [ 11.136688] [ 11.136837] CPU: 1 UID: 0 PID: 170 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.136927] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.136948] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.136986] Call Trace: [ 11.137011] <TASK> [ 11.137046] dump_stack_lvl+0x73/0xb0 [ 11.137106] print_report+0xd1/0x650 [ 11.137147] ? __virt_addr_valid+0x1db/0x2d0 [ 11.137185] ? kasan_addr_to_slab+0x11/0xa0 [ 11.137219] ? kfree+0x274/0x3f0 [ 11.137250] kasan_report_invalid_free+0x10a/0x130 [ 11.137290] ? kfree+0x274/0x3f0 [ 11.137329] ? kfree+0x274/0x3f0 [ 11.137364] __kasan_kfree_large+0x86/0xd0 [ 11.137405] free_large_kmalloc+0x4b/0x110 [ 11.137427] kfree+0x274/0x3f0 [ 11.137448] kmalloc_large_invalid_free+0x120/0x2b0 [ 11.137470] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.137493] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 11.137517] kunit_try_run_case+0x1a5/0x480 [ 11.137544] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137573] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.137596] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.137618] ? __kthread_parkme+0x82/0x180 [ 11.137659] ? preempt_count_sub+0x50/0x80 [ 11.137683] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.137705] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.137726] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.137747] kthread+0x337/0x6f0 [ 11.137763] ? trace_preempt_on+0x20/0xc0 [ 11.137785] ? __pfx_kthread+0x10/0x10 [ 11.137802] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.137821] ? calculate_sigpending+0x7b/0xa0 [ 11.137841] ? __pfx_kthread+0x10/0x10 [ 11.137858] ret_from_fork+0x41/0x80 [ 11.137879] ? __pfx_kthread+0x10/0x10 [ 11.137895] ret_from_fork_asm+0x1a/0x30 [ 11.137925] </TASK> [ 11.137937] [ 11.147343] The buggy address belongs to the physical page: [ 11.147900] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102858 [ 11.148395] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.148896] flags: 0x200000000000040(head|node=0|zone=2) [ 11.149219] page_type: f8(unknown) [ 11.149518] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.150089] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.150400] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.150929] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.151234] head: 0200000000000002 ffffea00040a1601 00000000ffffffff 00000000ffffffff [ 11.151740] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.152086] page dumped because: kasan: bad access detected [ 11.152348] [ 11.152518] Memory state around the buggy address: [ 11.152750] ffff888102857f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.153213] ffff888102857f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.153702] >ffff888102858000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.154008] ^ [ 11.154194] ffff888102858080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.154727] ffff888102858100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.155088] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 11.108150] ================================================================== [ 11.108860] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 11.109150] Read of size 1 at addr ffff888102858000 by task kunit_try_catch/168 [ 11.109671] [ 11.109877] CPU: 1 UID: 0 PID: 168 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.109984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.110010] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.110053] Call Trace: [ 11.110082] <TASK> [ 11.110123] dump_stack_lvl+0x73/0xb0 [ 11.110186] print_report+0xd1/0x650 [ 11.110227] ? __virt_addr_valid+0x1db/0x2d0 [ 11.110275] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.110318] ? kasan_addr_to_slab+0x11/0xa0 [ 11.110480] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.110520] kasan_report+0x141/0x180 [ 11.110586] ? kmalloc_large_uaf+0x2f1/0x340 [ 11.110648] __asan_report_load1_noabort+0x18/0x20 [ 11.110693] kmalloc_large_uaf+0x2f1/0x340 [ 11.110737] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 11.110784] ? __schedule+0x10cc/0x2b60 [ 11.110834] ? __pfx_read_tsc+0x10/0x10 [ 11.110876] ? ktime_get_ts64+0x86/0x230 [ 11.110932] kunit_try_run_case+0x1a5/0x480 [ 11.110975] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.111009] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.111048] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.111089] ? __kthread_parkme+0x82/0x180 [ 11.111128] ? preempt_count_sub+0x50/0x80 [ 11.111170] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.111211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.111256] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.111325] kthread+0x337/0x6f0 [ 11.111371] ? trace_preempt_on+0x20/0xc0 [ 11.111519] ? __pfx_kthread+0x10/0x10 [ 11.111589] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.111635] ? calculate_sigpending+0x7b/0xa0 [ 11.111669] ? __pfx_kthread+0x10/0x10 [ 11.111693] ret_from_fork+0x41/0x80 [ 11.111720] ? __pfx_kthread+0x10/0x10 [ 11.111743] ret_from_fork_asm+0x1a/0x30 [ 11.111782] </TASK> [ 11.111796] [ 11.122455] The buggy address belongs to the physical page: [ 11.122929] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102858 [ 11.123232] flags: 0x200000000000000(node=0|zone=2) [ 11.123642] raw: 0200000000000000 ffffea00040a1708 ffff88815b139a80 0000000000000000 [ 11.124164] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 11.124872] page dumped because: kasan: bad access detected [ 11.125237] [ 11.125749] Memory state around the buggy address: [ 11.126068] ffff888102857f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.126460] ffff888102857f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.127012] >ffff888102858000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.127611] ^ [ 11.127920] ffff888102858080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.128243] ffff888102858100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 11.128666] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 11.076186] ================================================================== [ 11.076990] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 11.077739] Write of size 1 at addr ffff88810234200a by task kunit_try_catch/166 [ 11.078464] [ 11.078993] CPU: 0 UID: 0 PID: 166 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.079088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.079102] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.079127] Call Trace: [ 11.079147] <TASK> [ 11.079172] dump_stack_lvl+0x73/0xb0 [ 11.079213] print_report+0xd1/0x650 [ 11.079238] ? __virt_addr_valid+0x1db/0x2d0 [ 11.079260] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.079285] ? kasan_addr_to_slab+0x11/0xa0 [ 11.079327] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.079359] kasan_report+0x141/0x180 [ 11.079391] ? kmalloc_large_oob_right+0x2e9/0x330 [ 11.079429] __asan_report_store1_noabort+0x1b/0x30 [ 11.079458] kmalloc_large_oob_right+0x2e9/0x330 [ 11.079488] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 11.079519] ? __schedule+0x10cc/0x2b60 [ 11.079551] ? __pfx_read_tsc+0x10/0x10 [ 11.079579] ? ktime_get_ts64+0x86/0x230 [ 11.079613] kunit_try_run_case+0x1a5/0x480 [ 11.079669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.079698] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.079732] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.079763] ? __kthread_parkme+0x82/0x180 [ 11.079793] ? preempt_count_sub+0x50/0x80 [ 11.079828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.079852] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.079874] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.079895] kthread+0x337/0x6f0 [ 11.079911] ? trace_preempt_on+0x20/0xc0 [ 11.079934] ? __pfx_kthread+0x10/0x10 [ 11.079950] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.079970] ? calculate_sigpending+0x7b/0xa0 [ 11.079992] ? __pfx_kthread+0x10/0x10 [ 11.080010] ret_from_fork+0x41/0x80 [ 11.080030] ? __pfx_kthread+0x10/0x10 [ 11.080046] ret_from_fork_asm+0x1a/0x30 [ 11.080077] </TASK> [ 11.080090] [ 11.090415] The buggy address belongs to the physical page: [ 11.091698] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102340 [ 11.092154] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.093131] flags: 0x200000000000040(head|node=0|zone=2) [ 11.093396] page_type: f8(unknown) [ 11.094102] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.094675] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.095444] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.096012] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.097076] head: 0200000000000002 ffffea000408d001 00000000ffffffff 00000000ffffffff [ 11.097362] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.097857] page dumped because: kasan: bad access detected [ 11.098107] [ 11.098334] Memory state around the buggy address: [ 11.098708] ffff888102341f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.099035] ffff888102341f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.099324] >ffff888102342000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.100275] ^ [ 11.100577] ffff888102342080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.101327] ffff888102342100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.101873] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 11.037760] ================================================================== [ 11.038341] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 11.039057] Write of size 1 at addr ffff888103a19f00 by task kunit_try_catch/164 [ 11.040078] [ 11.040773] CPU: 0 UID: 0 PID: 164 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.040900] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.040917] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.040944] Call Trace: [ 11.040963] <TASK> [ 11.040991] dump_stack_lvl+0x73/0xb0 [ 11.041036] print_report+0xd1/0x650 [ 11.041061] ? __virt_addr_valid+0x1db/0x2d0 [ 11.041085] ? kmalloc_big_oob_right+0x316/0x370 [ 11.041107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.041129] ? kmalloc_big_oob_right+0x316/0x370 [ 11.041151] kasan_report+0x141/0x180 [ 11.041173] ? kmalloc_big_oob_right+0x316/0x370 [ 11.041200] __asan_report_store1_noabort+0x1b/0x30 [ 11.041220] kmalloc_big_oob_right+0x316/0x370 [ 11.041242] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 11.041265] ? __schedule+0x10cc/0x2b60 [ 11.041306] ? __pfx_read_tsc+0x10/0x10 [ 11.041337] ? ktime_get_ts64+0x86/0x230 [ 11.041379] kunit_try_run_case+0x1a5/0x480 [ 11.041410] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.041431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.041456] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.041478] ? __kthread_parkme+0x82/0x180 [ 11.041501] ? preempt_count_sub+0x50/0x80 [ 11.041526] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.041562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.041585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.041607] kthread+0x337/0x6f0 [ 11.041640] ? trace_preempt_on+0x20/0xc0 [ 11.041668] ? __pfx_kthread+0x10/0x10 [ 11.041686] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.041707] ? calculate_sigpending+0x7b/0xa0 [ 11.041729] ? __pfx_kthread+0x10/0x10 [ 11.041747] ret_from_fork+0x41/0x80 [ 11.041767] ? __pfx_kthread+0x10/0x10 [ 11.041784] ret_from_fork_asm+0x1a/0x30 [ 11.041818] </TASK> [ 11.041831] [ 11.053271] Allocated by task 164: [ 11.053636] kasan_save_stack+0x45/0x70 [ 11.054023] kasan_save_track+0x18/0x40 [ 11.054313] kasan_save_alloc_info+0x3b/0x50 [ 11.054843] __kasan_kmalloc+0xb7/0xc0 [ 11.055080] __kmalloc_cache_noprof+0x189/0x420 [ 11.055332] kmalloc_big_oob_right+0xa9/0x370 [ 11.055645] kunit_try_run_case+0x1a5/0x480 [ 11.056502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.056857] kthread+0x337/0x6f0 [ 11.057125] ret_from_fork+0x41/0x80 [ 11.057330] ret_from_fork_asm+0x1a/0x30 [ 11.057498] [ 11.057877] The buggy address belongs to the object at ffff888103a18000 [ 11.057877] which belongs to the cache kmalloc-8k of size 8192 [ 11.058299] The buggy address is located 0 bytes to the right of [ 11.058299] allocated 7936-byte region [ffff888103a18000, ffff888103a19f00) [ 11.059168] [ 11.059447] The buggy address belongs to the physical page: [ 11.059901] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103a18 [ 11.061087] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.061563] flags: 0x200000000000040(head|node=0|zone=2) [ 11.061954] page_type: f5(slab) [ 11.062171] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.063315] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.063547] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 11.064063] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 11.064433] head: 0200000000000003 ffffea00040e8601 00000000ffffffff 00000000ffffffff [ 11.065425] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 11.065679] page dumped because: kasan: bad access detected [ 11.066341] [ 11.066444] Memory state around the buggy address: [ 11.066977] ffff888103a19e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.067564] ffff888103a19e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.067999] >ffff888103a19f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.068879] ^ [ 11.069020] ffff888103a19f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.069149] ffff888103a1a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.069268] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.971702] ================================================================== [ 10.972158] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.973106] Write of size 1 at addr ffff8881029d0f78 by task kunit_try_catch/162 [ 10.973990] [ 10.974156] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.974240] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.974259] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.974295] Call Trace: [ 10.974316] <TASK> [ 10.974347] dump_stack_lvl+0x73/0xb0 [ 10.974407] print_report+0xd1/0x650 [ 10.974448] ? __virt_addr_valid+0x1db/0x2d0 [ 10.975066] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.975111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.975133] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.975152] kasan_report+0x141/0x180 [ 10.975175] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.975198] __asan_report_store1_noabort+0x1b/0x30 [ 10.975217] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.975236] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.975256] ? __schedule+0x10cc/0x2b60 [ 10.975280] ? __pfx_read_tsc+0x10/0x10 [ 10.975311] ? ktime_get_ts64+0x86/0x230 [ 10.975350] kunit_try_run_case+0x1a5/0x480 [ 10.975387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.975416] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.975448] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.975480] ? __kthread_parkme+0x82/0x180 [ 10.975513] ? preempt_count_sub+0x50/0x80 [ 10.975546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.975578] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.975611] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.975658] kthread+0x337/0x6f0 [ 10.975685] ? trace_preempt_on+0x20/0xc0 [ 10.975718] ? __pfx_kthread+0x10/0x10 [ 10.975735] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.975756] ? calculate_sigpending+0x7b/0xa0 [ 10.975777] ? __pfx_kthread+0x10/0x10 [ 10.975794] ret_from_fork+0x41/0x80 [ 10.975814] ? __pfx_kthread+0x10/0x10 [ 10.975831] ret_from_fork_asm+0x1a/0x30 [ 10.975861] </TASK> [ 10.975875] [ 10.986794] Allocated by task 162: [ 10.987049] kasan_save_stack+0x45/0x70 [ 10.987399] kasan_save_track+0x18/0x40 [ 10.987733] kasan_save_alloc_info+0x3b/0x50 [ 10.988692] __kasan_kmalloc+0xb7/0xc0 [ 10.988898] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.989110] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.989301] kunit_try_run_case+0x1a5/0x480 [ 10.989479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.989805] kthread+0x337/0x6f0 [ 10.990141] ret_from_fork+0x41/0x80 [ 10.990424] ret_from_fork_asm+0x1a/0x30 [ 10.990744] [ 10.990905] The buggy address belongs to the object at ffff8881029d0f00 [ 10.990905] which belongs to the cache kmalloc-128 of size 128 [ 10.991717] The buggy address is located 0 bytes to the right of [ 10.991717] allocated 120-byte region [ffff8881029d0f00, ffff8881029d0f78) [ 10.993149] [ 10.993660] The buggy address belongs to the physical page: [ 10.994487] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 10.994778] flags: 0x200000000000000(node=0|zone=2) [ 10.995418] page_type: f5(slab) [ 10.995802] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.996045] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.996540] page dumped because: kasan: bad access detected [ 10.997557] [ 10.997717] Memory state around the buggy address: [ 10.998124] ffff8881029d0e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.998750] ffff8881029d0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.999047] >ffff8881029d0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.999497] ^ [ 10.999856] ffff8881029d0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.000249] ffff8881029d1000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.000618] ================================================================== [ 11.002991] ================================================================== [ 11.003943] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.004684] Write of size 1 at addr ffff8881029da078 by task kunit_try_catch/162 [ 11.004830] [ 11.004910] CPU: 1 UID: 0 PID: 162 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 11.004964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.004975] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.004998] Call Trace: [ 11.005013] <TASK> [ 11.005034] dump_stack_lvl+0x73/0xb0 [ 11.005066] print_report+0xd1/0x650 [ 11.005090] ? __virt_addr_valid+0x1db/0x2d0 [ 11.005111] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.005130] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.005150] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.005169] kasan_report+0x141/0x180 [ 11.005189] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.005212] __asan_report_store1_noabort+0x1b/0x30 [ 11.005231] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 11.005250] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 11.005270] ? __schedule+0x10cc/0x2b60 [ 11.005311] ? __pfx_read_tsc+0x10/0x10 [ 11.005340] ? ktime_get_ts64+0x86/0x230 [ 11.005379] kunit_try_run_case+0x1a5/0x480 [ 11.005415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.005446] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.005484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.005523] ? __kthread_parkme+0x82/0x180 [ 11.006005] ? preempt_count_sub+0x50/0x80 [ 11.006106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.006159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.006203] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.006238] kthread+0x337/0x6f0 [ 11.006256] ? trace_preempt_on+0x20/0xc0 [ 11.006312] ? __pfx_kthread+0x10/0x10 [ 11.006348] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.006381] ? calculate_sigpending+0x7b/0xa0 [ 11.006411] ? __pfx_kthread+0x10/0x10 [ 11.006438] ret_from_fork+0x41/0x80 [ 11.006466] ? __pfx_kthread+0x10/0x10 [ 11.006491] ret_from_fork_asm+0x1a/0x30 [ 11.006534] </TASK> [ 11.006565] [ 11.019243] Allocated by task 162: [ 11.019582] kasan_save_stack+0x45/0x70 [ 11.019812] kasan_save_track+0x18/0x40 [ 11.020095] kasan_save_alloc_info+0x3b/0x50 [ 11.020317] __kasan_kmalloc+0xb7/0xc0 [ 11.020600] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 11.020885] kmalloc_track_caller_oob_right+0x19a/0x520 [ 11.021132] kunit_try_run_case+0x1a5/0x480 [ 11.021375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.021687] kthread+0x337/0x6f0 [ 11.022102] ret_from_fork+0x41/0x80 [ 11.022814] ret_from_fork_asm+0x1a/0x30 [ 11.023337] [ 11.023682] The buggy address belongs to the object at ffff8881029da000 [ 11.023682] which belongs to the cache kmalloc-128 of size 128 [ 11.024711] The buggy address is located 0 bytes to the right of [ 11.024711] allocated 120-byte region [ffff8881029da000, ffff8881029da078) [ 11.025273] [ 11.025469] The buggy address belongs to the physical page: [ 11.026205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029da [ 11.026711] flags: 0x200000000000000(node=0|zone=2) [ 11.026976] page_type: f5(slab) [ 11.027732] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.028786] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.028979] page dumped because: kasan: bad access detected [ 11.029079] [ 11.029127] Memory state around the buggy address: [ 11.029219] ffff8881029d9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.029334] ffff8881029d9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.029447] >ffff8881029da000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.029558] ^ [ 11.030085] ffff8881029da080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.030888] ffff8881029da100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.031335] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.938717] ================================================================== [ 10.939226] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.939720] Read of size 1 at addr ffff8881025ed000 by task kunit_try_catch/160 [ 10.940091] [ 10.940247] CPU: 0 UID: 0 PID: 160 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.940380] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.940402] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.940439] Call Trace: [ 10.940464] <TASK> [ 10.940497] dump_stack_lvl+0x73/0xb0 [ 10.940731] print_report+0xd1/0x650 [ 10.940772] ? __virt_addr_valid+0x1db/0x2d0 [ 10.940796] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.940815] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.940838] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.940857] kasan_report+0x141/0x180 [ 10.940900] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.940943] __asan_report_load1_noabort+0x18/0x20 [ 10.940979] kmalloc_node_oob_right+0x369/0x3c0 [ 10.941014] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.941054] ? __schedule+0x10cc/0x2b60 [ 10.941094] ? __pfx_read_tsc+0x10/0x10 [ 10.941129] ? ktime_get_ts64+0x86/0x230 [ 10.941161] kunit_try_run_case+0x1a5/0x480 [ 10.941186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.941208] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.941231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.941253] ? __kthread_parkme+0x82/0x180 [ 10.941275] ? preempt_count_sub+0x50/0x80 [ 10.941299] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.941321] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.941342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.941364] kthread+0x337/0x6f0 [ 10.941379] ? trace_preempt_on+0x20/0xc0 [ 10.941402] ? __pfx_kthread+0x10/0x10 [ 10.941419] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.941439] ? calculate_sigpending+0x7b/0xa0 [ 10.941460] ? __pfx_kthread+0x10/0x10 [ 10.941477] ret_from_fork+0x41/0x80 [ 10.941496] ? __pfx_kthread+0x10/0x10 [ 10.941513] ret_from_fork_asm+0x1a/0x30 [ 10.941546] </TASK> [ 10.941594] [ 10.951100] Allocated by task 160: [ 10.951413] kasan_save_stack+0x45/0x70 [ 10.952059] kasan_save_track+0x18/0x40 [ 10.952221] kasan_save_alloc_info+0x3b/0x50 [ 10.952511] __kasan_kmalloc+0xb7/0xc0 [ 10.952782] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.953445] kmalloc_node_oob_right+0xab/0x3c0 [ 10.953861] kunit_try_run_case+0x1a5/0x480 [ 10.954179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.954651] kthread+0x337/0x6f0 [ 10.954935] ret_from_fork+0x41/0x80 [ 10.955114] ret_from_fork_asm+0x1a/0x30 [ 10.955326] [ 10.955470] The buggy address belongs to the object at ffff8881025ec000 [ 10.955470] which belongs to the cache kmalloc-4k of size 4096 [ 10.956118] The buggy address is located 0 bytes to the right of [ 10.956118] allocated 4096-byte region [ffff8881025ec000, ffff8881025ed000) [ 10.957013] [ 10.957141] The buggy address belongs to the physical page: [ 10.957539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025e8 [ 10.958742] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.959129] flags: 0x200000000000040(head|node=0|zone=2) [ 10.959496] page_type: f5(slab) [ 10.959719] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.960117] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.960449] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.960766] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.961014] head: 0200000000000003 ffffea0004097a01 00000000ffffffff 00000000ffffffff [ 10.961375] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.961979] page dumped because: kasan: bad access detected [ 10.962274] [ 10.962378] Memory state around the buggy address: [ 10.962598] ffff8881025ecf00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.962804] ffff8881025ecf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.963028] >ffff8881025ed000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.963938] ^ [ 10.964092] ffff8881025ed080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.964601] ffff8881025ed100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.965101] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.905490] ================================================================== [ 10.906168] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.906723] Read of size 1 at addr ffff8881023b0f1f by task kunit_try_catch/158 [ 10.907263] [ 10.907415] CPU: 0 UID: 0 PID: 158 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.907501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.907522] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.907617] Call Trace: [ 10.907671] <TASK> [ 10.907705] dump_stack_lvl+0x73/0xb0 [ 10.907766] print_report+0xd1/0x650 [ 10.907812] ? __virt_addr_valid+0x1db/0x2d0 [ 10.907849] ? kmalloc_oob_left+0x361/0x3c0 [ 10.907884] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.907920] ? kmalloc_oob_left+0x361/0x3c0 [ 10.907958] kasan_report+0x141/0x180 [ 10.908020] ? kmalloc_oob_left+0x361/0x3c0 [ 10.908070] __asan_report_load1_noabort+0x18/0x20 [ 10.908104] kmalloc_oob_left+0x361/0x3c0 [ 10.908146] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.908184] ? __schedule+0x10cc/0x2b60 [ 10.908228] ? __pfx_read_tsc+0x10/0x10 [ 10.908319] ? ktime_get_ts64+0x86/0x230 [ 10.908362] kunit_try_run_case+0x1a5/0x480 [ 10.908401] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.908433] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.908474] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.908513] ? __kthread_parkme+0x82/0x180 [ 10.908569] ? preempt_count_sub+0x50/0x80 [ 10.908603] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.908642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.908667] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.908689] kthread+0x337/0x6f0 [ 10.908712] ? trace_preempt_on+0x20/0xc0 [ 10.908747] ? __pfx_kthread+0x10/0x10 [ 10.908774] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.908809] ? calculate_sigpending+0x7b/0xa0 [ 10.908846] ? __pfx_kthread+0x10/0x10 [ 10.908901] ret_from_fork+0x41/0x80 [ 10.908938] ? __pfx_kthread+0x10/0x10 [ 10.908973] ret_from_fork_asm+0x1a/0x30 [ 10.909027] </TASK> [ 10.909050] [ 10.919263] Allocated by task 11: [ 10.919775] kasan_save_stack+0x45/0x70 [ 10.920135] kasan_save_track+0x18/0x40 [ 10.920565] kasan_save_alloc_info+0x3b/0x50 [ 10.920924] __kasan_kmalloc+0xb7/0xc0 [ 10.921117] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.921519] kvasprintf+0xc5/0x150 [ 10.921971] __kthread_create_on_node+0x18b/0x3a0 [ 10.922359] kthread_create_on_node+0xab/0xe0 [ 10.922687] create_worker+0x3e5/0x7b0 [ 10.922847] worker_thread+0x992/0x1220 [ 10.923099] kthread+0x337/0x6f0 [ 10.923343] ret_from_fork+0x41/0x80 [ 10.923507] ret_from_fork_asm+0x1a/0x30 [ 10.923723] [ 10.923867] The buggy address belongs to the object at ffff8881023b0f00 [ 10.923867] which belongs to the cache kmalloc-16 of size 16 [ 10.924753] The buggy address is located 19 bytes to the right of [ 10.924753] allocated 12-byte region [ffff8881023b0f00, ffff8881023b0f0c) [ 10.925172] [ 10.925285] The buggy address belongs to the physical page: [ 10.925935] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1023b0 [ 10.926526] flags: 0x200000000000000(node=0|zone=2) [ 10.926947] page_type: f5(slab) [ 10.927118] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.927372] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.927885] page dumped because: kasan: bad access detected [ 10.928251] [ 10.928407] Memory state around the buggy address: [ 10.928851] ffff8881023b0e00: 00 03 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 10.929336] ffff8881023b0e80: fa fb fc fc 00 00 fc fc fa fb fc fc 00 00 fc fc [ 10.929582] >ffff8881023b0f00: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 10.930081] ^ [ 10.930377] ffff8881023b0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.932122] ffff8881023b1000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.932383] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.875731] ================================================================== [ 10.876766] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.877855] Read of size 1 at addr ffff8881029d0e80 by task kunit_try_catch/156 [ 10.878327] [ 10.878578] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.878717] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.878754] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.878797] Call Trace: [ 10.878839] <TASK> [ 10.878878] dump_stack_lvl+0x73/0xb0 [ 10.878943] print_report+0xd1/0x650 [ 10.878973] ? __virt_addr_valid+0x1db/0x2d0 [ 10.878994] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.879014] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.879034] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.879054] kasan_report+0x141/0x180 [ 10.879074] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.879105] __asan_report_load1_noabort+0x18/0x20 [ 10.879136] kmalloc_oob_right+0x68a/0x7f0 [ 10.879158] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.879179] ? __schedule+0x10cc/0x2b60 [ 10.879200] ? __pfx_read_tsc+0x10/0x10 [ 10.879219] ? ktime_get_ts64+0x86/0x230 [ 10.879242] kunit_try_run_case+0x1a5/0x480 [ 10.879266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.879285] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.879306] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.879326] ? __kthread_parkme+0x82/0x180 [ 10.879346] ? preempt_count_sub+0x50/0x80 [ 10.879370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.879391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.879411] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.879431] kthread+0x337/0x6f0 [ 10.879447] ? trace_preempt_on+0x20/0xc0 [ 10.879468] ? __pfx_kthread+0x10/0x10 [ 10.879484] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.879504] ? calculate_sigpending+0x7b/0xa0 [ 10.879523] ? __pfx_kthread+0x10/0x10 [ 10.879543] ret_from_fork+0x41/0x80 [ 10.879570] ? __pfx_kthread+0x10/0x10 [ 10.879587] ret_from_fork_asm+0x1a/0x30 [ 10.879616] </TASK> [ 10.879642] [ 10.888027] Allocated by task 156: [ 10.888344] kasan_save_stack+0x45/0x70 [ 10.888778] kasan_save_track+0x18/0x40 [ 10.888989] kasan_save_alloc_info+0x3b/0x50 [ 10.889155] __kasan_kmalloc+0xb7/0xc0 [ 10.889322] __kmalloc_cache_noprof+0x189/0x420 [ 10.889506] kmalloc_oob_right+0xa9/0x7f0 [ 10.889690] kunit_try_run_case+0x1a5/0x480 [ 10.890019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.890451] kthread+0x337/0x6f0 [ 10.890797] ret_from_fork+0x41/0x80 [ 10.891122] ret_from_fork_asm+0x1a/0x30 [ 10.891514] [ 10.891711] The buggy address belongs to the object at ffff8881029d0e00 [ 10.891711] which belongs to the cache kmalloc-128 of size 128 [ 10.892494] The buggy address is located 13 bytes to the right of [ 10.892494] allocated 115-byte region [ffff8881029d0e00, ffff8881029d0e73) [ 10.892982] [ 10.893099] The buggy address belongs to the physical page: [ 10.893309] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 10.893991] flags: 0x200000000000000(node=0|zone=2) [ 10.894412] page_type: f5(slab) [ 10.894763] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.895238] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.895664] page dumped because: kasan: bad access detected [ 10.895899] [ 10.896001] Memory state around the buggy address: [ 10.896184] ffff8881029d0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.896419] ffff8881029d0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.896656] >ffff8881029d0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.896898] ^ [ 10.897218] ffff8881029d0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.897705] ffff8881029d0f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.898181] ================================================================== [ 10.820179] ================================================================== [ 10.821128] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.822047] Write of size 1 at addr ffff8881029d0e73 by task kunit_try_catch/156 [ 10.822503] [ 10.824116] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.824450] Tainted: [N]=TEST [ 10.824486] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.824788] Call Trace: [ 10.824866] <TASK> [ 10.825022] dump_stack_lvl+0x73/0xb0 [ 10.825125] print_report+0xd1/0x650 [ 10.825155] ? __virt_addr_valid+0x1db/0x2d0 [ 10.825179] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.825199] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.825220] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.825240] kasan_report+0x141/0x180 [ 10.825260] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.825284] __asan_report_store1_noabort+0x1b/0x30 [ 10.825302] kmalloc_oob_right+0x6f0/0x7f0 [ 10.825323] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.825343] ? __schedule+0x10cc/0x2b60 [ 10.825365] ? __pfx_read_tsc+0x10/0x10 [ 10.825384] ? ktime_get_ts64+0x86/0x230 [ 10.825409] kunit_try_run_case+0x1a5/0x480 [ 10.825434] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.825454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.825476] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.825496] ? __kthread_parkme+0x82/0x180 [ 10.825518] ? preempt_count_sub+0x50/0x80 [ 10.825545] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.825573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.825594] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.825614] kthread+0x337/0x6f0 [ 10.825648] ? trace_preempt_on+0x20/0xc0 [ 10.825672] ? __pfx_kthread+0x10/0x10 [ 10.825688] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.825707] ? calculate_sigpending+0x7b/0xa0 [ 10.825727] ? __pfx_kthread+0x10/0x10 [ 10.825744] ret_from_fork+0x41/0x80 [ 10.825762] ? __pfx_kthread+0x10/0x10 [ 10.825779] ret_from_fork_asm+0x1a/0x30 [ 10.825832] </TASK> [ 10.825900] [ 10.834083] Allocated by task 156: [ 10.835077] kasan_save_stack+0x45/0x70 [ 10.835525] kasan_save_track+0x18/0x40 [ 10.835874] kasan_save_alloc_info+0x3b/0x50 [ 10.836418] __kasan_kmalloc+0xb7/0xc0 [ 10.836720] __kmalloc_cache_noprof+0x189/0x420 [ 10.837011] kmalloc_oob_right+0xa9/0x7f0 [ 10.837316] kunit_try_run_case+0x1a5/0x480 [ 10.837609] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.837971] kthread+0x337/0x6f0 [ 10.838132] ret_from_fork+0x41/0x80 [ 10.838401] ret_from_fork_asm+0x1a/0x30 [ 10.838898] [ 10.839196] The buggy address belongs to the object at ffff8881029d0e00 [ 10.839196] which belongs to the cache kmalloc-128 of size 128 [ 10.840084] The buggy address is located 0 bytes to the right of [ 10.840084] allocated 115-byte region [ffff8881029d0e00, ffff8881029d0e73) [ 10.840795] [ 10.841054] The buggy address belongs to the physical page: [ 10.841919] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 10.842635] flags: 0x200000000000000(node=0|zone=2) [ 10.843435] page_type: f5(slab) [ 10.844219] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.844586] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.845136] page dumped because: kasan: bad access detected [ 10.845587] [ 10.845757] Memory state around the buggy address: [ 10.846640] ffff8881029d0d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.847056] ffff8881029d0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.847513] >ffff8881029d0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.847977] ^ [ 10.848463] ffff8881029d0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.848887] ffff8881029d0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.849421] ================================================================== [ 10.851535] ================================================================== [ 10.851748] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.851966] Write of size 1 at addr ffff8881029d0e78 by task kunit_try_catch/156 [ 10.852485] [ 10.852747] CPU: 1 UID: 0 PID: 156 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 10.852844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.852868] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.852933] Call Trace: [ 10.852977] <TASK> [ 10.853027] dump_stack_lvl+0x73/0xb0 [ 10.853082] print_report+0xd1/0x650 [ 10.853125] ? __virt_addr_valid+0x1db/0x2d0 [ 10.853186] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.853219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.853260] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.853291] kasan_report+0x141/0x180 [ 10.853323] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.853357] __asan_report_store1_noabort+0x1b/0x30 [ 10.853412] kmalloc_oob_right+0x6bd/0x7f0 [ 10.853452] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.853491] ? __schedule+0x10cc/0x2b60 [ 10.853530] ? __pfx_read_tsc+0x10/0x10 [ 10.853584] ? ktime_get_ts64+0x86/0x230 [ 10.853642] kunit_try_run_case+0x1a5/0x480 [ 10.853688] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.853725] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.853770] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.853810] ? __kthread_parkme+0x82/0x180 [ 10.853895] ? preempt_count_sub+0x50/0x80 [ 10.853954] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.854004] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.854051] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.854096] kthread+0x337/0x6f0 [ 10.854165] ? trace_preempt_on+0x20/0xc0 [ 10.854202] ? __pfx_kthread+0x10/0x10 [ 10.854244] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.854309] ? calculate_sigpending+0x7b/0xa0 [ 10.854346] ? __pfx_kthread+0x10/0x10 [ 10.854373] ret_from_fork+0x41/0x80 [ 10.854401] ? __pfx_kthread+0x10/0x10 [ 10.854425] ret_from_fork_asm+0x1a/0x30 [ 10.854472] </TASK> [ 10.854490] [ 10.863044] Allocated by task 156: [ 10.863433] kasan_save_stack+0x45/0x70 [ 10.863807] kasan_save_track+0x18/0x40 [ 10.864122] kasan_save_alloc_info+0x3b/0x50 [ 10.864335] __kasan_kmalloc+0xb7/0xc0 [ 10.864498] __kmalloc_cache_noprof+0x189/0x420 [ 10.864762] kmalloc_oob_right+0xa9/0x7f0 [ 10.865062] kunit_try_run_case+0x1a5/0x480 [ 10.865388] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.865809] kthread+0x337/0x6f0 [ 10.866016] ret_from_fork+0x41/0x80 [ 10.866331] ret_from_fork_asm+0x1a/0x30 [ 10.866518] [ 10.866733] The buggy address belongs to the object at ffff8881029d0e00 [ 10.866733] which belongs to the cache kmalloc-128 of size 128 [ 10.867192] The buggy address is located 5 bytes to the right of [ 10.867192] allocated 115-byte region [ffff8881029d0e00, ffff8881029d0e73) [ 10.868045] [ 10.868234] The buggy address belongs to the physical page: [ 10.868503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1029d0 [ 10.868964] flags: 0x200000000000000(node=0|zone=2) [ 10.869339] page_type: f5(slab) [ 10.869644] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.869920] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.870248] page dumped because: kasan: bad access detected [ 10.870675] [ 10.870830] Memory state around the buggy address: [ 10.871183] ffff8881029d0d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.871589] ffff8881029d0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.871959] >ffff8881029d0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.872310] ^ [ 10.872576] ffff8881029d0e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.873065] ffff8881029d0f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.873520] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 141.920050] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.920986] Modules linked in: [ 141.921178] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 141.922507] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.922792] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.923173] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.923884] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.925004] RSP: 0000:ffff888106a27c78 EFLAGS: 00010286 [ 141.925267] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.926157] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa782407c [ 141.926648] RBP: ffff888106a27ca0 R08: 0000000000000000 R09: ffffed10210c35a0 [ 141.927087] R10: ffff88810861ad07 R11: 0000000000000000 R12: ffffffffa7824068 [ 141.927321] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888106a27d38 [ 141.928116] FS: 0000000000000000(0000) GS:ffff8881b1993000(0000) knlGS:0000000000000000 [ 141.928637] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.929598] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 141.929926] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830903 [ 141.930323] DR3: ffffffffa9830905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.930636] Call Trace: [ 141.930851] <TASK> [ 141.931002] drm_test_rect_calc_vscale+0x108/0x270 [ 141.931248] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.931488] ? __schedule+0x10cc/0x2b60 [ 141.932119] ? __pfx_read_tsc+0x10/0x10 [ 141.932971] ? ktime_get_ts64+0x86/0x230 [ 141.933274] kunit_try_run_case+0x1a5/0x480 [ 141.933845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.934072] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.934717] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.935034] ? __kthread_parkme+0x82/0x180 [ 141.935635] ? preempt_count_sub+0x50/0x80 [ 141.935900] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.936200] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.937073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.937683] kthread+0x337/0x6f0 [ 141.937883] ? trace_preempt_on+0x20/0xc0 [ 141.938106] ? __pfx_kthread+0x10/0x10 [ 141.939134] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.939350] ? calculate_sigpending+0x7b/0xa0 [ 141.939969] ? __pfx_kthread+0x10/0x10 [ 141.940146] ret_from_fork+0x41/0x80 [ 141.940945] ? __pfx_kthread+0x10/0x10 [ 141.941605] ret_from_fork_asm+0x1a/0x30 [ 141.941869] </TASK> [ 141.942035] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.948091] WARNING: CPU: 1 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 141.948612] Modules linked in: [ 141.948882] CPU: 1 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 141.949473] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.950710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.951126] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 141.951683] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.952631] RSP: 0000:ffff88810630fc78 EFLAGS: 00010286 [ 141.952855] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.954015] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa78240b4 [ 141.954514] RBP: ffff88810630fca0 R08: 0000000000000000 R09: ffffed10210c35e0 [ 141.954855] R10: ffff88810861af07 R11: 0000000000000000 R12: ffffffffa78240a0 [ 141.955275] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810630fd38 [ 141.955721] FS: 0000000000000000(0000) GS:ffff8881b1993000(0000) knlGS:0000000000000000 [ 141.956044] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.956906] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 141.957203] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830903 [ 141.957873] DR3: ffffffffa9830905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.958877] Call Trace: [ 141.959163] <TASK> [ 141.959838] drm_test_rect_calc_vscale+0x108/0x270 [ 141.960117] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 141.960305] ? __schedule+0x10cc/0x2b60 [ 141.960975] ? __pfx_read_tsc+0x10/0x10 [ 141.961156] ? ktime_get_ts64+0x86/0x230 [ 141.961493] kunit_try_run_case+0x1a5/0x480 [ 141.961998] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.962367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.963060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.963790] ? __kthread_parkme+0x82/0x180 [ 141.964016] ? preempt_count_sub+0x50/0x80 [ 141.964172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.964788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.965252] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.965486] kthread+0x337/0x6f0 [ 141.965957] ? trace_preempt_on+0x20/0xc0 [ 141.966440] ? __pfx_kthread+0x10/0x10 [ 141.966698] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.966963] ? calculate_sigpending+0x7b/0xa0 [ 141.967300] ? __pfx_kthread+0x10/0x10 [ 141.967544] ret_from_fork+0x41/0x80 [ 141.968083] ? __pfx_kthread+0x10/0x10 [ 141.968990] ret_from_fork_asm+0x1a/0x30 [ 141.969462] </TASK> [ 141.969627] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 141.850164] WARNING: CPU: 0 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.851205] Modules linked in: [ 141.851636] CPU: 0 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 141.852128] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.852574] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.853186] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.853679] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.855164] RSP: 0000:ffff8881072cfc78 EFLAGS: 00010286 [ 141.855490] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 141.856130] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa7824080 [ 141.856682] RBP: ffff8881072cfca0 R08: 0000000000000000 R09: ffffed1020dfefc0 [ 141.857020] R10: ffff888106ff7e07 R11: 0000000000000000 R12: ffffffffa7824068 [ 141.857305] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881072cfd38 [ 141.857763] FS: 0000000000000000(0000) GS:ffff8881b1893000(0000) knlGS:0000000000000000 [ 141.858977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.859294] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 141.859973] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830902 [ 141.860327] DR3: ffffffffa9830903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.860879] Call Trace: [ 141.861088] <TASK> [ 141.861297] drm_test_rect_calc_hscale+0x108/0x270 [ 141.862075] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.862764] ? __schedule+0x10cc/0x2b60 [ 141.863075] ? __pfx_read_tsc+0x10/0x10 [ 141.863388] ? ktime_get_ts64+0x86/0x230 [ 141.863924] kunit_try_run_case+0x1a5/0x480 [ 141.864234] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.864777] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.865112] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.865743] ? __kthread_parkme+0x82/0x180 [ 141.866184] ? preempt_count_sub+0x50/0x80 [ 141.866428] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.867019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.867651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.868013] kthread+0x337/0x6f0 [ 141.868211] ? trace_preempt_on+0x20/0xc0 [ 141.868724] ? __pfx_kthread+0x10/0x10 [ 141.869079] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.869267] ? calculate_sigpending+0x7b/0xa0 [ 141.870096] ? __pfx_kthread+0x10/0x10 [ 141.870626] ret_from_fork+0x41/0x80 [ 141.870943] ? __pfx_kthread+0x10/0x10 [ 141.871157] ret_from_fork_asm+0x1a/0x30 [ 141.871425] </TASK> [ 141.871634] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.877210] WARNING: CPU: 1 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 141.878691] Modules linked in: [ 141.878914] CPU: 1 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 141.879699] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.880654] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.880994] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 141.881781] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 141.882657] RSP: 0000:ffff88810651fc78 EFLAGS: 00010286 [ 141.883278] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 141.884258] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa78240b8 [ 141.884830] RBP: ffff88810651fca0 R08: 0000000000000000 R09: ffffed10210c3520 [ 141.885213] R10: ffff88810861a907 R11: 0000000000000000 R12: ffffffffa78240a0 [ 141.885497] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810651fd38 [ 141.885798] FS: 0000000000000000(0000) GS:ffff8881b1993000(0000) knlGS:0000000000000000 [ 141.886212] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.886464] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 141.886983] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830903 [ 141.887234] DR3: ffffffffa9830905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.888204] Call Trace: [ 141.888459] <TASK> [ 141.888658] drm_test_rect_calc_hscale+0x108/0x270 [ 141.888898] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 141.889144] ? __schedule+0x10cc/0x2b60 [ 141.890081] ? __pfx_read_tsc+0x10/0x10 [ 141.890405] ? ktime_get_ts64+0x86/0x230 [ 141.890703] kunit_try_run_case+0x1a5/0x480 [ 141.890929] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.891158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.892620] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.892929] ? __kthread_parkme+0x82/0x180 [ 141.893153] ? preempt_count_sub+0x50/0x80 [ 141.893893] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.894226] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.894899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.895291] kthread+0x337/0x6f0 [ 141.895838] ? trace_preempt_on+0x20/0xc0 [ 141.896014] ? __pfx_kthread+0x10/0x10 [ 141.896298] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.897031] ? calculate_sigpending+0x7b/0xa0 [ 141.897762] ? __pfx_kthread+0x10/0x10 [ 141.898001] ret_from_fork+0x41/0x80 [ 141.898152] ? __pfx_kthread+0x10/0x10 [ 141.898380] ret_from_fork_asm+0x1a/0x30 [ 141.899063] </TASK> [ 141.899268] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 140.725045] WARNING: CPU: 0 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 140.725347] Modules linked in: [ 140.725711] CPU: 0 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 140.727041] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.728103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.728933] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 140.729240] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 140.730037] RSP: 0000:ffff8881067bfb30 EFLAGS: 00010246 [ 140.730306] RAX: dffffc0000000000 RBX: ffff8881067bfc28 RCX: 0000000000000000 [ 140.730945] RDX: 1ffff11020cf7f8e RSI: ffff8881067bfc28 RDI: ffff8881067bfc70 [ 140.731241] RBP: ffff8881067bfb70 R08: ffff888106867000 R09: ffffffffa77cab60 [ 140.731990] R10: 0000000000000003 R11: 00000000c8527f8c R12: ffff888106867000 [ 140.732850] R13: ffff88810031fae8 R14: ffff8881067bfba8 R15: 0000000000000000 [ 140.733172] FS: 0000000000000000(0000) GS:ffff8881b1893000(0000) knlGS:0000000000000000 [ 140.733804] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.734108] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 140.734889] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830902 [ 140.735262] DR3: ffffffffa9830903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.735880] Call Trace: [ 140.736067] <TASK> [ 140.736234] ? add_dr+0xc1/0x1d0 [ 140.736901] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 140.737613] ? add_dr+0x148/0x1d0 [ 140.737813] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 140.738052] ? __drmm_add_action+0x1a4/0x280 [ 140.738738] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.739019] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.739523] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.739962] ? __schedule+0x10cc/0x2b60 [ 140.740287] ? __pfx_read_tsc+0x10/0x10 [ 140.740845] ? ktime_get_ts64+0x86/0x230 [ 140.741040] kunit_try_run_case+0x1a5/0x480 [ 140.741510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.742477] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.742755] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.742933] ? __kthread_parkme+0x82/0x180 [ 140.743255] ? preempt_count_sub+0x50/0x80 [ 140.743916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.744102] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.745073] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.745360] kthread+0x337/0x6f0 [ 140.745878] ? trace_preempt_on+0x20/0xc0 [ 140.746180] ? __pfx_kthread+0x10/0x10 [ 140.746433] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.746909] ? calculate_sigpending+0x7b/0xa0 [ 140.747140] ? __pfx_kthread+0x10/0x10 [ 140.748049] ret_from_fork+0x41/0x80 [ 140.748548] ? __pfx_kthread+0x10/0x10 [ 140.749041] ret_from_fork_asm+0x1a/0x30 [ 140.749350] </TASK> [ 140.749816] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 140.674095] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 140.675115] WARNING: CPU: 0 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 140.676146] Modules linked in: [ 140.676381] CPU: 0 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 140.676828] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 140.677899] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 140.678965] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 140.679690] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 bb 84 84 00 48 c7 c1 60 5b 7c a7 4c 89 fa 48 c7 c7 c0 5b 7c a7 48 89 c6 e8 42 b0 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 140.680935] RSP: 0000:ffff88810686fb68 EFLAGS: 00010282 [ 140.681674] RAX: 0000000000000000 RBX: ffff88810686fc40 RCX: 1ffffffff50a4b60 [ 140.682005] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 140.682901] RBP: ffff88810686fb90 R08: 0000000000000000 R09: fffffbfff50a4b60 [ 140.683237] R10: 0000000000000003 R11: 00000000000377c8 R12: ffff88810686fc18 [ 140.684399] R13: ffff88810613b000 R14: ffff888106863000 R15: ffff888106b65d00 [ 140.684722] FS: 0000000000000000(0000) GS:ffff8881b1893000(0000) knlGS:0000000000000000 [ 140.685214] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 140.685999] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 140.686295] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830902 [ 140.686904] DR3: ffffffffa9830903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 140.687206] Call Trace: [ 140.687950] <TASK> [ 140.688266] drm_test_framebuffer_free+0x1ab/0x610 [ 140.688885] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 140.689140] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.689959] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 140.690258] ? __drmm_add_action_or_reset+0x22/0x50 [ 140.690778] ? __schedule+0x10cc/0x2b60 [ 140.691207] ? __pfx_read_tsc+0x10/0x10 [ 140.692031] ? ktime_get_ts64+0x86/0x230 [ 140.692263] kunit_try_run_case+0x1a5/0x480 [ 140.692567] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.692953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 140.693185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 140.693728] ? __kthread_parkme+0x82/0x180 [ 140.694094] ? preempt_count_sub+0x50/0x80 [ 140.694527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 140.694885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 140.695463] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 140.695975] kthread+0x337/0x6f0 [ 140.696168] ? trace_preempt_on+0x20/0xc0 [ 140.696644] ? __pfx_kthread+0x10/0x10 [ 140.696978] ? _raw_spin_unlock_irq+0x47/0x80 [ 140.697269] ? calculate_sigpending+0x7b/0xa0 [ 140.697781] ? __pfx_kthread+0x10/0x10 [ 140.697983] ret_from_fork+0x41/0x80 [ 140.698188] ? __pfx_kthread+0x10/0x10 [ 140.698764] ret_from_fork_asm+0x1a/0x30 [ 140.699031] </TASK> [ 140.699161] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 138.652938] WARNING: CPU: 1 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.653569] Modules linked in: [ 138.654196] CPU: 1 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 138.654847] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.655076] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.655678] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.656043] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 f6 21 02 48 89 df e8 d8 [ 138.657687] RSP: 0000:ffff888105c47c90 EFLAGS: 00010246 [ 138.657925] RAX: dffffc0000000000 RBX: ffff888105a58000 RCX: 0000000000000000 [ 138.658139] RDX: 1ffff11020b4b032 RSI: ffffffffa49f4a58 RDI: ffff888105a58190 [ 138.658359] RBP: ffff888105c47ca0 R08: 1ffff11020063f69 R09: ffffed1020b88f65 [ 138.659411] R10: 0000000000000003 R11: ffffffffa3f82b48 R12: 0000000000000000 [ 138.659935] R13: ffff888105c47d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 138.660288] FS: 0000000000000000(0000) GS:ffff8881b1993000(0000) knlGS:0000000000000000 [ 138.660947] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.661244] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 138.662110] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830903 [ 138.662763] DR3: ffffffffa9830905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.662990] Call Trace: [ 138.663130] <TASK> [ 138.663325] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 138.664112] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 138.664530] ? __schedule+0x10cc/0x2b60 [ 138.665166] ? __pfx_read_tsc+0x10/0x10 [ 138.665783] ? ktime_get_ts64+0x86/0x230 [ 138.666068] kunit_try_run_case+0x1a5/0x480 [ 138.666287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.666509] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.666742] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.666967] ? __kthread_parkme+0x82/0x180 [ 138.667177] ? preempt_count_sub+0x50/0x80 [ 138.667378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.668650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.669002] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.669259] kthread+0x337/0x6f0 [ 138.669854] ? trace_preempt_on+0x20/0xc0 [ 138.670070] ? __pfx_kthread+0x10/0x10 [ 138.670681] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.670986] ? calculate_sigpending+0x7b/0xa0 [ 138.671200] ? __pfx_kthread+0x10/0x10 [ 138.672165] ret_from_fork+0x41/0x80 [ 138.672505] ? __pfx_kthread+0x10/0x10 [ 138.672711] ret_from_fork_asm+0x1a/0x30 [ 138.673114] </TASK> [ 138.673546] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 138.764478] WARNING: CPU: 1 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 138.765876] Modules linked in: [ 138.766200] CPU: 1 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 138.767451] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 138.767667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 138.768647] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 138.768897] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 f6 21 02 48 89 df e8 d8 [ 138.769220] RSP: 0000:ffff888105b97c90 EFLAGS: 00010246 [ 138.769427] RAX: dffffc0000000000 RBX: ffff888105b16000 RCX: 0000000000000000 [ 138.770092] RDX: 1ffff11020b62c32 RSI: ffffffffa49f4a58 RDI: ffff888105b16190 [ 138.770808] RBP: ffff888105b97ca0 R08: 1ffff11020063f69 R09: ffffed1020b72f65 [ 138.771235] R10: 0000000000000003 R11: ffffffffa3f82b48 R12: 0000000000000000 [ 138.771651] R13: ffff888105b97d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 138.771860] FS: 0000000000000000(0000) GS:ffff8881b1993000(0000) knlGS:0000000000000000 [ 138.772004] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 138.772106] CR2: 00007ffff7ffe000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 138.772218] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830903 [ 138.773014] DR3: ffffffffa9830905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 138.773901] Call Trace: [ 138.774174] <TASK> [ 138.774698] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 138.775045] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 138.775362] ? __schedule+0x10cc/0x2b60 [ 138.776044] ? __pfx_read_tsc+0x10/0x10 [ 138.776738] ? ktime_get_ts64+0x86/0x230 [ 138.776982] kunit_try_run_case+0x1a5/0x480 [ 138.777182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.777890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 138.778523] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 138.778746] ? __kthread_parkme+0x82/0x180 [ 138.779049] ? preempt_count_sub+0x50/0x80 [ 138.779271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 138.780113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 138.780787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 138.781072] kthread+0x337/0x6f0 [ 138.781283] ? trace_preempt_on+0x20/0xc0 [ 138.781996] ? __pfx_kthread+0x10/0x10 [ 138.782258] ? _raw_spin_unlock_irq+0x47/0x80 [ 138.782692] ? calculate_sigpending+0x7b/0xa0 [ 138.783008] ? __pfx_kthread+0x10/0x10 [ 138.783238] ret_from_fork+0x41/0x80 [ 138.784028] ? __pfx_kthread+0x10/0x10 [ 138.784274] ret_from_fork_asm+0x1a/0x30 [ 138.784972] </TASK> [ 138.785117] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 107.980108] WARNING: CPU: 0 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 107.980649] Modules linked in: [ 107.981466] CPU: 0 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 107.981867] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 107.982150] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.983151] RIP: 0010:intlog10+0x2a/0x40 [ 107.983873] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 107.985200] RSP: 0000:ffff888103557cb0 EFLAGS: 00010246 [ 107.985862] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110206aafb4 [ 107.986225] RDX: 1ffffffff4ed25a0 RSI: 1ffff110206aafb3 RDI: 0000000000000000 [ 107.986809] RBP: ffff888103557d60 R08: 0000000000000000 R09: ffffed10203d3d40 [ 107.987180] R10: ffff888101e9ea07 R11: 0000000000000000 R12: 1ffff110206aaf97 [ 107.988249] R13: ffffffffa7692d00 R14: 0000000000000000 R15: ffff888103557d38 [ 107.988630] FS: 0000000000000000(0000) GS:ffff8881b1893000(0000) knlGS:0000000000000000 [ 107.988847] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.988956] CR2: dffffc0000000000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 107.989071] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830902 [ 107.989185] DR3: ffffffffa9830903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.989301] Call Trace: [ 107.989364] <TASK> [ 107.989423] ? intlog10_test+0xf2/0x220 [ 107.989542] ? __pfx_intlog10_test+0x10/0x10 [ 107.989762] ? __pfx_intlog10_test+0x10/0x10 [ 107.991039] kunit_try_run_case+0x1a5/0x480 [ 107.991877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.992298] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.992873] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.993206] ? __kthread_parkme+0x82/0x180 [ 107.993783] ? preempt_count_sub+0x50/0x80 [ 107.994015] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.994325] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.994856] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.995256] kthread+0x337/0x6f0 [ 107.995738] ? trace_preempt_on+0x20/0xc0 [ 107.996042] ? __pfx_kthread+0x10/0x10 [ 107.996553] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.997122] ? calculate_sigpending+0x7b/0xa0 [ 107.997380] ? __pfx_kthread+0x10/0x10 [ 107.997666] ret_from_fork+0x41/0x80 [ 107.998042] ? __pfx_kthread+0x10/0x10 [ 107.998386] ret_from_fork_asm+0x1a/0x30 [ 107.999048] </TASK> [ 107.999173] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 107.926042] WARNING: CPU: 0 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 107.926986] Modules linked in: [ 107.927329] CPU: 0 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.4-rc2 #1 PREEMPT(voluntary) [ 107.927961] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 107.928781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 107.929659] RIP: 0010:intlog2+0xdf/0x110 [ 107.929925] Code: 69 a7 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 47 81 02 90 <0f> 0b 90 31 c0 e9 c7 47 81 02 89 45 e4 e8 df c6 56 ff 8b 45 e4 eb [ 107.930883] RSP: 0000:ffff888102c27cb0 EFLAGS: 00010246 [ 107.931753] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff11020584fb4 [ 107.932285] RDX: 1ffffffff4ed25f4 RSI: 1ffff11020584fb3 RDI: 0000000000000000 [ 107.932802] RBP: ffff888102c27d60 R08: 0000000000000000 R09: ffffed1020748460 [ 107.933131] R10: ffff888103a42307 R11: 0000000000000000 R12: 1ffff11020584f97 [ 107.933348] R13: ffffffffa7692fa0 R14: 0000000000000000 R15: ffff888102c27d38 [ 107.934023] FS: 0000000000000000(0000) GS:ffff8881b1893000(0000) knlGS:0000000000000000 [ 107.934233] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 107.935468] CR2: dffffc0000000000 CR3: 000000005f4ba000 CR4: 00000000000006f0 [ 107.935799] DR0: ffffffffa9830900 DR1: ffffffffa9830901 DR2: ffffffffa9830902 [ 107.936152] DR3: ffffffffa9830903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 107.936561] Call Trace: [ 107.936820] <TASK> [ 107.937058] ? intlog2_test+0xf2/0x220 [ 107.937661] ? __pfx_intlog2_test+0x10/0x10 [ 107.937980] ? __schedule+0x10cc/0x2b60 [ 107.938435] ? __pfx_read_tsc+0x10/0x10 [ 107.938688] ? ktime_get_ts64+0x86/0x230 [ 107.938885] kunit_try_run_case+0x1a5/0x480 [ 107.939235] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.939742] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 107.940067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 107.940320] ? __kthread_parkme+0x82/0x180 [ 107.940813] ? preempt_count_sub+0x50/0x80 [ 107.941088] ? __pfx_kunit_try_run_case+0x10/0x10 [ 107.941664] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 107.942126] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 107.942560] kthread+0x337/0x6f0 [ 107.942859] ? trace_preempt_on+0x20/0xc0 [ 107.943118] ? __pfx_kthread+0x10/0x10 [ 107.943570] ? _raw_spin_unlock_irq+0x47/0x80 [ 107.943832] ? calculate_sigpending+0x7b/0xa0 [ 107.944029] ? __pfx_kthread+0x10/0x10 [ 107.944247] ret_from_fork+0x41/0x80 [ 107.944725] ? __pfx_kthread+0x10/0x10 [ 107.945044] ret_from_fork_asm+0x1a/0x30 [ 107.945398] </TASK> [ 107.945672] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 107.206392] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI