Date
June 23, 2025, 1:39 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 16.999022] ================================================================== [ 17.000088] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 17.000772] Read of size 1 at addr ffff888100a10200 by task kunit_try_catch/185 [ 17.001910] [ 17.002328] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.002454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.002508] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.002589] Call Trace: [ 17.002650] <TASK> [ 17.002696] dump_stack_lvl+0x73/0xb0 [ 17.002746] print_report+0xd1/0x650 [ 17.002783] ? __virt_addr_valid+0x1db/0x2d0 [ 17.002815] ? krealloc_uaf+0x1b8/0x5e0 [ 17.002841] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.002875] ? krealloc_uaf+0x1b8/0x5e0 [ 17.002903] kasan_report+0x141/0x180 [ 17.002937] ? krealloc_uaf+0x1b8/0x5e0 [ 17.002966] ? krealloc_uaf+0x1b8/0x5e0 [ 17.002992] __kasan_check_byte+0x3d/0x50 [ 17.003025] krealloc_noprof+0x3f/0x340 [ 17.003060] krealloc_uaf+0x1b8/0x5e0 [ 17.003086] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.003110] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.003155] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.003186] kunit_try_run_case+0x1a5/0x480 [ 17.003271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.003309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.003345] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.003380] ? __kthread_parkme+0x82/0x180 [ 17.003413] ? preempt_count_sub+0x50/0x80 [ 17.003451] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.003486] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.003520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.003555] kthread+0x337/0x6f0 [ 17.003578] ? trace_preempt_on+0x20/0xc0 [ 17.003636] ? __pfx_kthread+0x10/0x10 [ 17.003663] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.003695] ? calculate_sigpending+0x7b/0xa0 [ 17.003727] ? __pfx_kthread+0x10/0x10 [ 17.003752] ret_from_fork+0x41/0x80 [ 17.003785] ? __pfx_kthread+0x10/0x10 [ 17.003810] ret_from_fork_asm+0x1a/0x30 [ 17.003852] </TASK> [ 17.003867] [ 17.020291] Allocated by task 185: [ 17.021252] kasan_save_stack+0x45/0x70 [ 17.021872] kasan_save_track+0x18/0x40 [ 17.022494] kasan_save_alloc_info+0x3b/0x50 [ 17.022893] __kasan_kmalloc+0xb7/0xc0 [ 17.023235] __kmalloc_cache_noprof+0x189/0x420 [ 17.024093] krealloc_uaf+0xbb/0x5e0 [ 17.024773] kunit_try_run_case+0x1a5/0x480 [ 17.025427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.025907] kthread+0x337/0x6f0 [ 17.026232] ret_from_fork+0x41/0x80 [ 17.026590] ret_from_fork_asm+0x1a/0x30 [ 17.027018] [ 17.027282] Freed by task 185: [ 17.027600] kasan_save_stack+0x45/0x70 [ 17.028062] kasan_save_track+0x18/0x40 [ 17.028550] kasan_save_free_info+0x3f/0x60 [ 17.028968] __kasan_slab_free+0x56/0x70 [ 17.029441] kfree+0x222/0x3f0 [ 17.029852] krealloc_uaf+0x13d/0x5e0 [ 17.030266] kunit_try_run_case+0x1a5/0x480 [ 17.030764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.031258] kthread+0x337/0x6f0 [ 17.031695] ret_from_fork+0x41/0x80 [ 17.032088] ret_from_fork_asm+0x1a/0x30 [ 17.032559] [ 17.032824] The buggy address belongs to the object at ffff888100a10200 [ 17.032824] which belongs to the cache kmalloc-256 of size 256 [ 17.033989] The buggy address is located 0 bytes inside of [ 17.033989] freed 256-byte region [ffff888100a10200, ffff888100a10300) [ 17.034974] [ 17.035275] The buggy address belongs to the physical page: [ 17.035769] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 17.036360] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.037078] flags: 0x200000000000040(head|node=0|zone=2) [ 17.037620] page_type: f5(slab) [ 17.037966] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.038769] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.039474] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.040146] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.040887] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 17.041565] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.042133] page dumped because: kasan: bad access detected [ 17.042667] [ 17.042918] Memory state around the buggy address: [ 17.043377] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.043971] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.044653] >ffff888100a10200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.045295] ^ [ 17.045625] ffff888100a10280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.046272] ffff888100a10300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.046913] ================================================================== [ 17.048342] ================================================================== [ 17.048968] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 17.049534] Read of size 1 at addr ffff888100a10200 by task kunit_try_catch/185 [ 17.050439] [ 17.050705] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.050819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.050852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.050901] Call Trace: [ 17.050945] <TASK> [ 17.050984] dump_stack_lvl+0x73/0xb0 [ 17.051052] print_report+0xd1/0x650 [ 17.051122] ? __virt_addr_valid+0x1db/0x2d0 [ 17.051190] ? krealloc_uaf+0x53c/0x5e0 [ 17.051305] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.051402] ? krealloc_uaf+0x53c/0x5e0 [ 17.051499] kasan_report+0x141/0x180 [ 17.051576] ? krealloc_uaf+0x53c/0x5e0 [ 17.051671] __asan_report_load1_noabort+0x18/0x20 [ 17.051739] krealloc_uaf+0x53c/0x5e0 [ 17.051808] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.051858] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.051958] ? __pfx_krealloc_uaf+0x10/0x10 [ 17.052062] kunit_try_run_case+0x1a5/0x480 [ 17.052143] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.052249] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.052330] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.052407] ? __kthread_parkme+0x82/0x180 [ 17.052496] ? preempt_count_sub+0x50/0x80 [ 17.052620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.052720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.052824] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.052896] kthread+0x337/0x6f0 [ 17.052959] ? trace_preempt_on+0x20/0xc0 [ 17.053017] ? __pfx_kthread+0x10/0x10 [ 17.053044] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.053076] ? calculate_sigpending+0x7b/0xa0 [ 17.053105] ? __pfx_kthread+0x10/0x10 [ 17.053130] ret_from_fork+0x41/0x80 [ 17.053162] ? __pfx_kthread+0x10/0x10 [ 17.053187] ret_from_fork_asm+0x1a/0x30 [ 17.053278] </TASK> [ 17.053298] [ 17.067453] Allocated by task 185: [ 17.067850] kasan_save_stack+0x45/0x70 [ 17.068261] kasan_save_track+0x18/0x40 [ 17.068690] kasan_save_alloc_info+0x3b/0x50 [ 17.069127] __kasan_kmalloc+0xb7/0xc0 [ 17.070118] __kmalloc_cache_noprof+0x189/0x420 [ 17.072460] krealloc_uaf+0xbb/0x5e0 [ 17.073104] kunit_try_run_case+0x1a5/0x480 [ 17.073762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.074127] kthread+0x337/0x6f0 [ 17.074407] ret_from_fork+0x41/0x80 [ 17.075279] ret_from_fork_asm+0x1a/0x30 [ 17.075963] [ 17.076186] Freed by task 185: [ 17.077151] kasan_save_stack+0x45/0x70 [ 17.077886] kasan_save_track+0x18/0x40 [ 17.078659] kasan_save_free_info+0x3f/0x60 [ 17.079352] __kasan_slab_free+0x56/0x70 [ 17.079804] kfree+0x222/0x3f0 [ 17.080141] krealloc_uaf+0x13d/0x5e0 [ 17.080624] kunit_try_run_case+0x1a5/0x480 [ 17.081108] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.081600] kthread+0x337/0x6f0 [ 17.082003] ret_from_fork+0x41/0x80 [ 17.082467] ret_from_fork_asm+0x1a/0x30 [ 17.082916] [ 17.083185] The buggy address belongs to the object at ffff888100a10200 [ 17.083185] which belongs to the cache kmalloc-256 of size 256 [ 17.084157] The buggy address is located 0 bytes inside of [ 17.084157] freed 256-byte region [ffff888100a10200, ffff888100a10300) [ 17.085043] [ 17.085296] The buggy address belongs to the physical page: [ 17.085884] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 17.086647] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 17.087308] flags: 0x200000000000040(head|node=0|zone=2) [ 17.087788] page_type: f5(slab) [ 17.088129] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.088801] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.089326] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 17.090079] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.090770] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 17.091487] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 17.092090] page dumped because: kasan: bad access detected [ 17.092633] [ 17.092910] Memory state around the buggy address: [ 17.093407] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.094054] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.094680] >ffff888100a10200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.095301] ^ [ 17.095704] ffff888100a10280: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.096297] ffff888100a10300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.096874] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 16.464542] ================================================================== [ 16.465914] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 16.466672] Write of size 1 at addr ffff888100a100c9 by task kunit_try_catch/179 [ 16.467344] [ 16.467601] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.467770] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.467809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.467863] Call Trace: [ 16.467903] <TASK> [ 16.467948] dump_stack_lvl+0x73/0xb0 [ 16.468027] print_report+0xd1/0x650 [ 16.468102] ? __virt_addr_valid+0x1db/0x2d0 [ 16.468177] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.468288] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.468369] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.468439] kasan_report+0x141/0x180 [ 16.468511] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.468593] __asan_report_store1_noabort+0x1b/0x30 [ 16.468695] krealloc_less_oob_helper+0xd70/0x11d0 [ 16.468776] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.468846] ? finish_task_switch.isra.0+0x153/0x700 [ 16.468925] ? __switch_to+0x5d9/0xf60 [ 16.468960] ? dequeue_task_fair+0x166/0x4e0 [ 16.468996] ? __schedule+0x10cc/0x2b60 [ 16.469029] ? __pfx_read_tsc+0x10/0x10 [ 16.469062] krealloc_less_oob+0x1c/0x30 [ 16.469091] kunit_try_run_case+0x1a5/0x480 [ 16.469129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469162] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.469195] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.469270] ? __kthread_parkme+0x82/0x180 [ 16.469317] ? preempt_count_sub+0x50/0x80 [ 16.469353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.469387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.469419] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.469451] kthread+0x337/0x6f0 [ 16.469473] ? trace_preempt_on+0x20/0xc0 [ 16.469505] ? __pfx_kthread+0x10/0x10 [ 16.469530] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.469559] ? calculate_sigpending+0x7b/0xa0 [ 16.469590] ? __pfx_kthread+0x10/0x10 [ 16.469639] ret_from_fork+0x41/0x80 [ 16.469672] ? __pfx_kthread+0x10/0x10 [ 16.469696] ret_from_fork_asm+0x1a/0x30 [ 16.469738] </TASK> [ 16.469751] [ 16.487054] Allocated by task 179: [ 16.487595] kasan_save_stack+0x45/0x70 [ 16.487944] kasan_save_track+0x18/0x40 [ 16.488335] kasan_save_alloc_info+0x3b/0x50 [ 16.488790] __kasan_krealloc+0x190/0x1f0 [ 16.489223] krealloc_noprof+0xf3/0x340 [ 16.489548] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.490187] krealloc_less_oob+0x1c/0x30 [ 16.490657] kunit_try_run_case+0x1a5/0x480 [ 16.491197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.491776] kthread+0x337/0x6f0 [ 16.492167] ret_from_fork+0x41/0x80 [ 16.492698] ret_from_fork_asm+0x1a/0x30 [ 16.493185] [ 16.493458] The buggy address belongs to the object at ffff888100a10000 [ 16.493458] which belongs to the cache kmalloc-256 of size 256 [ 16.494506] The buggy address is located 0 bytes to the right of [ 16.494506] allocated 201-byte region [ffff888100a10000, ffff888100a100c9) [ 16.495635] [ 16.495955] The buggy address belongs to the physical page: [ 16.496453] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 16.496964] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.497632] flags: 0x200000000000040(head|node=0|zone=2) [ 16.498600] page_type: f5(slab) [ 16.499230] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.500154] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.500850] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.501541] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.502194] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 16.502863] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.503538] page dumped because: kasan: bad access detected [ 16.504108] [ 16.504381] Memory state around the buggy address: [ 16.504955] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.505681] ffff888100a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.506280] >ffff888100a10080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.506963] ^ [ 16.507475] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.508047] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.508574] ================================================================== [ 16.955361] ================================================================== [ 16.956022] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.956820] Write of size 1 at addr ffff88810a0a60eb by task kunit_try_catch/183 [ 16.957456] [ 16.957847] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.957962] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.957996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.958045] Call Trace: [ 16.958088] <TASK> [ 16.958128] dump_stack_lvl+0x73/0xb0 [ 16.958198] print_report+0xd1/0x650 [ 16.958315] ? __virt_addr_valid+0x1db/0x2d0 [ 16.958391] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.958458] ? kasan_addr_to_slab+0x11/0xa0 [ 16.958679] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.958786] kasan_report+0x141/0x180 [ 16.958867] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.958948] __asan_report_store1_noabort+0x1b/0x30 [ 16.959018] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.959092] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.959254] ? finish_task_switch.isra.0+0x153/0x700 [ 16.959336] ? __switch_to+0x5d9/0xf60 [ 16.959402] ? dequeue_task_fair+0x166/0x4e0 [ 16.959537] ? __schedule+0x10cc/0x2b60 [ 16.959688] ? __pfx_read_tsc+0x10/0x10 [ 16.959766] krealloc_large_less_oob+0x1c/0x30 [ 16.959803] kunit_try_run_case+0x1a5/0x480 [ 16.959845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.959880] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.959917] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.959953] ? __kthread_parkme+0x82/0x180 [ 16.959984] ? preempt_count_sub+0x50/0x80 [ 16.960018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.960053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.960085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.960118] kthread+0x337/0x6f0 [ 16.960142] ? trace_preempt_on+0x20/0xc0 [ 16.960177] ? __pfx_kthread+0x10/0x10 [ 16.960202] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.960272] ? calculate_sigpending+0x7b/0xa0 [ 16.960307] ? __pfx_kthread+0x10/0x10 [ 16.960335] ret_from_fork+0x41/0x80 [ 16.960366] ? __pfx_kthread+0x10/0x10 [ 16.960393] ret_from_fork_asm+0x1a/0x30 [ 16.960437] </TASK> [ 16.960451] [ 16.978397] The buggy address belongs to the physical page: [ 16.979376] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.980049] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.980761] flags: 0x200000000000040(head|node=0|zone=2) [ 16.981373] page_type: f8(unknown) [ 16.981954] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.982875] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.983813] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.984574] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.985498] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.986140] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.986732] page dumped because: kasan: bad access detected [ 16.987421] [ 16.987737] Memory state around the buggy address: [ 16.988133] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.988952] ffff88810a0a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.989663] >ffff88810a0a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.990361] ^ [ 16.990944] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.991755] ffff88810a0a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.992395] ================================================================== [ 16.786463] ================================================================== [ 16.787503] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 16.788544] Write of size 1 at addr ffff88810a0a60c9 by task kunit_try_catch/183 [ 16.789408] [ 16.790018] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.790145] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.790180] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.790324] Call Trace: [ 16.790367] <TASK> [ 16.790427] dump_stack_lvl+0x73/0xb0 [ 16.790493] print_report+0xd1/0x650 [ 16.790529] ? __virt_addr_valid+0x1db/0x2d0 [ 16.790564] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.790617] ? kasan_addr_to_slab+0x11/0xa0 [ 16.790689] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.790760] kasan_report+0x141/0x180 [ 16.790826] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 16.790863] __asan_report_store1_noabort+0x1b/0x30 [ 16.790895] krealloc_less_oob_helper+0xd70/0x11d0 [ 16.790926] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.790956] ? finish_task_switch.isra.0+0x153/0x700 [ 16.790991] ? __switch_to+0x5d9/0xf60 [ 16.791021] ? dequeue_task_fair+0x166/0x4e0 [ 16.791055] ? __schedule+0x10cc/0x2b60 [ 16.791088] ? __pfx_read_tsc+0x10/0x10 [ 16.791122] krealloc_large_less_oob+0x1c/0x30 [ 16.791149] kunit_try_run_case+0x1a5/0x480 [ 16.791187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.791230] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.791285] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.791320] ? __kthread_parkme+0x82/0x180 [ 16.791353] ? preempt_count_sub+0x50/0x80 [ 16.791390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.791425] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.791460] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.791493] kthread+0x337/0x6f0 [ 16.791516] ? trace_preempt_on+0x20/0xc0 [ 16.791551] ? __pfx_kthread+0x10/0x10 [ 16.791576] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.791704] ? calculate_sigpending+0x7b/0xa0 [ 16.791749] ? __pfx_kthread+0x10/0x10 [ 16.791777] ret_from_fork+0x41/0x80 [ 16.791808] ? __pfx_kthread+0x10/0x10 [ 16.791835] ret_from_fork_asm+0x1a/0x30 [ 16.791877] </TASK> [ 16.791893] [ 16.810486] The buggy address belongs to the physical page: [ 16.812271] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.813333] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.813932] flags: 0x200000000000040(head|node=0|zone=2) [ 16.814403] page_type: f8(unknown) [ 16.814814] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.815381] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.816489] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.817287] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.817946] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.818537] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.819144] page dumped because: kasan: bad access detected [ 16.819764] [ 16.819995] Memory state around the buggy address: [ 16.820488] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.821195] ffff88810a0a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.821990] >ffff88810a0a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.822730] ^ [ 16.823175] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.823944] ffff88810a0a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.824494] ================================================================== [ 16.603245] ================================================================== [ 16.603819] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.604780] Write of size 1 at addr ffff888100a100ea by task kunit_try_catch/179 [ 16.605525] [ 16.605832] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.605953] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.605987] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.606281] Call Trace: [ 16.606333] <TASK> [ 16.606374] dump_stack_lvl+0x73/0xb0 [ 16.606452] print_report+0xd1/0x650 [ 16.606526] ? __virt_addr_valid+0x1db/0x2d0 [ 16.606645] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.606715] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.606786] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.606820] kasan_report+0x141/0x180 [ 16.606859] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.606897] __asan_report_store1_noabort+0x1b/0x30 [ 16.606952] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.607027] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.607115] ? finish_task_switch.isra.0+0x153/0x700 [ 16.607252] ? __switch_to+0x5d9/0xf60 [ 16.607325] ? dequeue_task_fair+0x166/0x4e0 [ 16.607421] ? __schedule+0x10cc/0x2b60 [ 16.607526] ? __pfx_read_tsc+0x10/0x10 [ 16.607619] krealloc_less_oob+0x1c/0x30 [ 16.607679] kunit_try_run_case+0x1a5/0x480 [ 16.607722] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607756] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.607792] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.607828] ? __kthread_parkme+0x82/0x180 [ 16.607859] ? preempt_count_sub+0x50/0x80 [ 16.607894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.607930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.607964] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.607999] kthread+0x337/0x6f0 [ 16.608023] ? trace_preempt_on+0x20/0xc0 [ 16.608057] ? __pfx_kthread+0x10/0x10 [ 16.608082] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.608112] ? calculate_sigpending+0x7b/0xa0 [ 16.608143] ? __pfx_kthread+0x10/0x10 [ 16.608169] ret_from_fork+0x41/0x80 [ 16.608200] ? __pfx_kthread+0x10/0x10 [ 16.608262] ret_from_fork_asm+0x1a/0x30 [ 16.608311] </TASK> [ 16.608326] [ 16.627253] Allocated by task 179: [ 16.627601] kasan_save_stack+0x45/0x70 [ 16.628056] kasan_save_track+0x18/0x40 [ 16.628911] kasan_save_alloc_info+0x3b/0x50 [ 16.629467] __kasan_krealloc+0x190/0x1f0 [ 16.629841] krealloc_noprof+0xf3/0x340 [ 16.630198] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.630942] krealloc_less_oob+0x1c/0x30 [ 16.631489] kunit_try_run_case+0x1a5/0x480 [ 16.632027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.632617] kthread+0x337/0x6f0 [ 16.633008] ret_from_fork+0x41/0x80 [ 16.633436] ret_from_fork_asm+0x1a/0x30 [ 16.633996] [ 16.634269] The buggy address belongs to the object at ffff888100a10000 [ 16.634269] which belongs to the cache kmalloc-256 of size 256 [ 16.635442] The buggy address is located 33 bytes to the right of [ 16.635442] allocated 201-byte region [ffff888100a10000, ffff888100a100c9) [ 16.636562] [ 16.636801] The buggy address belongs to the physical page: [ 16.637467] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 16.638299] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.639020] flags: 0x200000000000040(head|node=0|zone=2) [ 16.639546] page_type: f5(slab) [ 16.639931] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.640579] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.641156] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.641821] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.642563] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 16.643046] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.643863] page dumped because: kasan: bad access detected [ 16.644501] [ 16.644699] Memory state around the buggy address: [ 16.645125] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.645946] ffff888100a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.646599] >ffff888100a10080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.647377] ^ [ 16.648073] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.648780] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.649359] ================================================================== [ 16.827094] ================================================================== [ 16.827730] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.828377] Write of size 1 at addr ffff88810a0a60d0 by task kunit_try_catch/183 [ 16.828969] [ 16.829212] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.829332] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.829368] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.829421] Call Trace: [ 16.829467] <TASK> [ 16.829509] dump_stack_lvl+0x73/0xb0 [ 16.829585] print_report+0xd1/0x650 [ 16.829678] ? __virt_addr_valid+0x1db/0x2d0 [ 16.829750] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.829828] ? kasan_addr_to_slab+0x11/0xa0 [ 16.829904] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.829976] kasan_report+0x141/0x180 [ 16.830057] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.830140] __asan_report_store1_noabort+0x1b/0x30 [ 16.830217] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.830291] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.830359] ? finish_task_switch.isra.0+0x153/0x700 [ 16.830430] ? __switch_to+0x5d9/0xf60 [ 16.830497] ? dequeue_task_fair+0x166/0x4e0 [ 16.830572] ? __schedule+0x10cc/0x2b60 [ 16.830706] ? __pfx_read_tsc+0x10/0x10 [ 16.830768] krealloc_large_less_oob+0x1c/0x30 [ 16.830802] kunit_try_run_case+0x1a5/0x480 [ 16.830840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.830875] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.830910] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.830945] ? __kthread_parkme+0x82/0x180 [ 16.830975] ? preempt_count_sub+0x50/0x80 [ 16.831010] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.831046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.831080] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.831114] kthread+0x337/0x6f0 [ 16.831139] ? trace_preempt_on+0x20/0xc0 [ 16.831174] ? __pfx_kthread+0x10/0x10 [ 16.831200] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.831272] ? calculate_sigpending+0x7b/0xa0 [ 16.831309] ? __pfx_kthread+0x10/0x10 [ 16.831335] ret_from_fork+0x41/0x80 [ 16.831366] ? __pfx_kthread+0x10/0x10 [ 16.831391] ret_from_fork_asm+0x1a/0x30 [ 16.831433] </TASK> [ 16.831447] [ 16.852229] The buggy address belongs to the physical page: [ 16.852798] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.853554] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.854146] flags: 0x200000000000040(head|node=0|zone=2) [ 16.854830] page_type: f8(unknown) [ 16.855311] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.856166] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.857251] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.858118] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.858903] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.859600] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.860419] page dumped because: kasan: bad access detected [ 16.861043] [ 16.861260] Memory state around the buggy address: [ 16.862010] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.862584] ffff88810a0a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.863861] >ffff88810a0a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.864461] ^ [ 16.865045] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.865887] ffff88810a0a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.866497] ================================================================== [ 16.912157] ================================================================== [ 16.912559] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 16.914349] Write of size 1 at addr ffff88810a0a60ea by task kunit_try_catch/183 [ 16.915864] [ 16.916144] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.916352] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.916388] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.916458] Call Trace: [ 16.916530] <TASK> [ 16.916573] dump_stack_lvl+0x73/0xb0 [ 16.916678] print_report+0xd1/0x650 [ 16.916749] ? __virt_addr_valid+0x1db/0x2d0 [ 16.916788] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.916819] ? kasan_addr_to_slab+0x11/0xa0 [ 16.916850] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.916881] kasan_report+0x141/0x180 [ 16.916914] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 16.916951] __asan_report_store1_noabort+0x1b/0x30 [ 16.916982] krealloc_less_oob_helper+0xe90/0x11d0 [ 16.917015] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.917046] ? finish_task_switch.isra.0+0x153/0x700 [ 16.917080] ? __switch_to+0x5d9/0xf60 [ 16.917108] ? dequeue_task_fair+0x166/0x4e0 [ 16.917144] ? __schedule+0x10cc/0x2b60 [ 16.917176] ? __pfx_read_tsc+0x10/0x10 [ 16.917209] krealloc_large_less_oob+0x1c/0x30 [ 16.917266] kunit_try_run_case+0x1a5/0x480 [ 16.917306] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.917340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.917375] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.917409] ? __kthread_parkme+0x82/0x180 [ 16.917441] ? preempt_count_sub+0x50/0x80 [ 16.917476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.917510] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.917544] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.917578] kthread+0x337/0x6f0 [ 16.917622] ? trace_preempt_on+0x20/0xc0 [ 16.917701] ? __pfx_kthread+0x10/0x10 [ 16.917742] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.917788] ? calculate_sigpending+0x7b/0xa0 [ 16.917821] ? __pfx_kthread+0x10/0x10 [ 16.917847] ret_from_fork+0x41/0x80 [ 16.917879] ? __pfx_kthread+0x10/0x10 [ 16.917905] ret_from_fork_asm+0x1a/0x30 [ 16.917948] </TASK> [ 16.917962] [ 16.938093] The buggy address belongs to the physical page: [ 16.938910] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.939880] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.940786] flags: 0x200000000000040(head|node=0|zone=2) [ 16.941500] page_type: f8(unknown) [ 16.942100] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.942960] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.943694] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.944594] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.945403] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.946713] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.947286] page dumped because: kasan: bad access detected [ 16.948102] [ 16.948413] Memory state around the buggy address: [ 16.948869] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.949841] ffff88810a0a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.951370] >ffff88810a0a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.951966] ^ [ 16.952757] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.953523] ffff88810a0a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.954261] ================================================================== [ 16.511392] ================================================================== [ 16.512059] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 16.512760] Write of size 1 at addr ffff888100a100d0 by task kunit_try_catch/179 [ 16.513287] [ 16.513693] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.513926] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.513965] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.514016] Call Trace: [ 16.514051] <TASK> [ 16.514086] dump_stack_lvl+0x73/0xb0 [ 16.514159] print_report+0xd1/0x650 [ 16.514430] ? __virt_addr_valid+0x1db/0x2d0 [ 16.514536] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.514602] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.514677] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.514708] kasan_report+0x141/0x180 [ 16.514741] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 16.514776] __asan_report_store1_noabort+0x1b/0x30 [ 16.514808] krealloc_less_oob_helper+0xe23/0x11d0 [ 16.514839] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.514867] ? finish_task_switch.isra.0+0x153/0x700 [ 16.514900] ? __switch_to+0x5d9/0xf60 [ 16.514929] ? dequeue_task_fair+0x166/0x4e0 [ 16.514961] ? __schedule+0x10cc/0x2b60 [ 16.514992] ? __pfx_read_tsc+0x10/0x10 [ 16.515023] krealloc_less_oob+0x1c/0x30 [ 16.515050] kunit_try_run_case+0x1a5/0x480 [ 16.515085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.515116] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.515149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.515181] ? __kthread_parkme+0x82/0x180 [ 16.515234] ? preempt_count_sub+0x50/0x80 [ 16.515289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.515324] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.515356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.515389] kthread+0x337/0x6f0 [ 16.515412] ? trace_preempt_on+0x20/0xc0 [ 16.515444] ? __pfx_kthread+0x10/0x10 [ 16.515467] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.515496] ? calculate_sigpending+0x7b/0xa0 [ 16.515526] ? __pfx_kthread+0x10/0x10 [ 16.515549] ret_from_fork+0x41/0x80 [ 16.515578] ? __pfx_kthread+0x10/0x10 [ 16.515602] ret_from_fork_asm+0x1a/0x30 [ 16.515669] </TASK> [ 16.515683] [ 16.533166] Allocated by task 179: [ 16.533552] kasan_save_stack+0x45/0x70 [ 16.534145] kasan_save_track+0x18/0x40 [ 16.534633] kasan_save_alloc_info+0x3b/0x50 [ 16.535271] __kasan_krealloc+0x190/0x1f0 [ 16.535679] krealloc_noprof+0xf3/0x340 [ 16.536082] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.536470] krealloc_less_oob+0x1c/0x30 [ 16.536855] kunit_try_run_case+0x1a5/0x480 [ 16.537516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.538164] kthread+0x337/0x6f0 [ 16.538637] ret_from_fork+0x41/0x80 [ 16.539122] ret_from_fork_asm+0x1a/0x30 [ 16.539669] [ 16.539902] The buggy address belongs to the object at ffff888100a10000 [ 16.539902] which belongs to the cache kmalloc-256 of size 256 [ 16.540800] The buggy address is located 7 bytes to the right of [ 16.540800] allocated 201-byte region [ffff888100a10000, ffff888100a100c9) [ 16.542039] [ 16.542400] The buggy address belongs to the physical page: [ 16.542913] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 16.543756] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.544491] flags: 0x200000000000040(head|node=0|zone=2) [ 16.545064] page_type: f5(slab) [ 16.545538] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.546148] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.546925] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.547711] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.548437] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 16.549117] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.549844] page dumped because: kasan: bad access detected [ 16.550439] [ 16.550655] Memory state around the buggy address: [ 16.551199] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.551845] ffff888100a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.552586] >ffff888100a10080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.553192] ^ [ 16.553833] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.554530] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.555170] ================================================================== [ 16.557684] ================================================================== [ 16.558271] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.558989] Write of size 1 at addr ffff888100a100da by task kunit_try_catch/179 [ 16.559785] [ 16.560098] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.560324] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.560386] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.560441] Call Trace: [ 16.560491] <TASK> [ 16.560537] dump_stack_lvl+0x73/0xb0 [ 16.560628] print_report+0xd1/0x650 [ 16.560759] ? __virt_addr_valid+0x1db/0x2d0 [ 16.560861] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.560928] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.560985] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.561019] kasan_report+0x141/0x180 [ 16.561054] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.561090] __asan_report_store1_noabort+0x1b/0x30 [ 16.561120] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.561152] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.561182] ? finish_task_switch.isra.0+0x153/0x700 [ 16.561265] ? __switch_to+0x5d9/0xf60 [ 16.561302] ? dequeue_task_fair+0x166/0x4e0 [ 16.561338] ? __schedule+0x10cc/0x2b60 [ 16.561371] ? __pfx_read_tsc+0x10/0x10 [ 16.561404] krealloc_less_oob+0x1c/0x30 [ 16.561430] kunit_try_run_case+0x1a5/0x480 [ 16.561467] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.561533] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.561568] ? __kthread_parkme+0x82/0x180 [ 16.561600] ? preempt_count_sub+0x50/0x80 [ 16.561662] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.561699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.561732] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.561776] kthread+0x337/0x6f0 [ 16.561801] ? trace_preempt_on+0x20/0xc0 [ 16.561835] ? __pfx_kthread+0x10/0x10 [ 16.561860] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.561891] ? calculate_sigpending+0x7b/0xa0 [ 16.561922] ? __pfx_kthread+0x10/0x10 [ 16.561949] ret_from_fork+0x41/0x80 [ 16.561980] ? __pfx_kthread+0x10/0x10 [ 16.562005] ret_from_fork_asm+0x1a/0x30 [ 16.562047] </TASK> [ 16.562061] [ 16.580557] Allocated by task 179: [ 16.581152] kasan_save_stack+0x45/0x70 [ 16.581684] kasan_save_track+0x18/0x40 [ 16.582154] kasan_save_alloc_info+0x3b/0x50 [ 16.582651] __kasan_krealloc+0x190/0x1f0 [ 16.583077] krealloc_noprof+0xf3/0x340 [ 16.583695] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.584168] krealloc_less_oob+0x1c/0x30 [ 16.584596] kunit_try_run_case+0x1a5/0x480 [ 16.585153] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585775] kthread+0x337/0x6f0 [ 16.586203] ret_from_fork+0x41/0x80 [ 16.586656] ret_from_fork_asm+0x1a/0x30 [ 16.587156] [ 16.587422] The buggy address belongs to the object at ffff888100a10000 [ 16.587422] which belongs to the cache kmalloc-256 of size 256 [ 16.588555] The buggy address is located 17 bytes to the right of [ 16.588555] allocated 201-byte region [ffff888100a10000, ffff888100a100c9) [ 16.589719] [ 16.590046] The buggy address belongs to the physical page: [ 16.590663] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 16.591392] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.592002] flags: 0x200000000000040(head|node=0|zone=2) [ 16.592460] page_type: f5(slab) [ 16.592777] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.593528] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.594167] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.594932] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.595653] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 16.596364] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.596968] page dumped because: kasan: bad access detected [ 16.597444] [ 16.597693] Memory state around the buggy address: [ 16.598093] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.598718] ffff888100a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.599383] >ffff888100a10080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.600009] ^ [ 16.600585] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601181] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.601839] ================================================================== [ 16.651498] ================================================================== [ 16.652564] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 16.653178] Write of size 1 at addr ffff888100a100eb by task kunit_try_catch/179 [ 16.653803] [ 16.654161] CPU: 1 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.654284] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.654319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.654370] Call Trace: [ 16.654422] <TASK> [ 16.654468] dump_stack_lvl+0x73/0xb0 [ 16.654544] print_report+0xd1/0x650 [ 16.654638] ? __virt_addr_valid+0x1db/0x2d0 [ 16.654714] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.654782] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.654903] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.654976] kasan_report+0x141/0x180 [ 16.655055] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 16.655133] __asan_report_store1_noabort+0x1b/0x30 [ 16.655200] krealloc_less_oob_helper+0xd47/0x11d0 [ 16.655272] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.655305] ? finish_task_switch.isra.0+0x153/0x700 [ 16.655341] ? __switch_to+0x5d9/0xf60 [ 16.655369] ? dequeue_task_fair+0x166/0x4e0 [ 16.655402] ? __schedule+0x10cc/0x2b60 [ 16.655433] ? __pfx_read_tsc+0x10/0x10 [ 16.655463] krealloc_less_oob+0x1c/0x30 [ 16.655488] kunit_try_run_case+0x1a5/0x480 [ 16.655522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.655553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.655585] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.655646] ? __kthread_parkme+0x82/0x180 [ 16.655679] ? preempt_count_sub+0x50/0x80 [ 16.655714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.655748] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.655780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.655813] kthread+0x337/0x6f0 [ 16.655835] ? trace_preempt_on+0x20/0xc0 [ 16.655868] ? __pfx_kthread+0x10/0x10 [ 16.655891] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.655920] ? calculate_sigpending+0x7b/0xa0 [ 16.655949] ? __pfx_kthread+0x10/0x10 [ 16.655973] ret_from_fork+0x41/0x80 [ 16.656003] ? __pfx_kthread+0x10/0x10 [ 16.656028] ret_from_fork_asm+0x1a/0x30 [ 16.656069] </TASK> [ 16.656082] [ 16.671796] Allocated by task 179: [ 16.672201] kasan_save_stack+0x45/0x70 [ 16.672670] kasan_save_track+0x18/0x40 [ 16.673091] kasan_save_alloc_info+0x3b/0x50 [ 16.673595] __kasan_krealloc+0x190/0x1f0 [ 16.674037] krealloc_noprof+0xf3/0x340 [ 16.674477] krealloc_less_oob_helper+0x1aa/0x11d0 [ 16.674971] krealloc_less_oob+0x1c/0x30 [ 16.675475] kunit_try_run_case+0x1a5/0x480 [ 16.675930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.676518] kthread+0x337/0x6f0 [ 16.676865] ret_from_fork+0x41/0x80 [ 16.677337] ret_from_fork_asm+0x1a/0x30 [ 16.677779] [ 16.678039] The buggy address belongs to the object at ffff888100a10000 [ 16.678039] which belongs to the cache kmalloc-256 of size 256 [ 16.679015] The buggy address is located 34 bytes to the right of [ 16.679015] allocated 201-byte region [ffff888100a10000, ffff888100a100c9) [ 16.680054] [ 16.680346] The buggy address belongs to the physical page: [ 16.680853] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a10 [ 16.681396] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.682020] flags: 0x200000000000040(head|node=0|zone=2) [ 16.682666] page_type: f5(slab) [ 16.683056] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.683817] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.684536] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.685111] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.685721] head: 0200000000000001 ffffea0004028401 00000000ffffffff 00000000ffffffff [ 16.686516] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.688159] page dumped because: kasan: bad access detected [ 16.688792] [ 16.688999] Memory state around the buggy address: [ 16.689375] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.689985] ffff888100a10000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.690825] >ffff888100a10080: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 16.691518] ^ [ 16.692293] ffff888100a10100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.692981] ffff888100a10180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.693668] ================================================================== [ 16.869069] ================================================================== [ 16.870239] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 16.871179] Write of size 1 at addr ffff88810a0a60da by task kunit_try_catch/183 [ 16.872092] [ 16.872358] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.872476] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.872510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.872562] Call Trace: [ 16.872679] <TASK> [ 16.872800] dump_stack_lvl+0x73/0xb0 [ 16.872878] print_report+0xd1/0x650 [ 16.872949] ? __virt_addr_valid+0x1db/0x2d0 [ 16.873018] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.873084] ? kasan_addr_to_slab+0x11/0xa0 [ 16.873149] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.873260] kasan_report+0x141/0x180 [ 16.873307] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 16.873386] __asan_report_store1_noabort+0x1b/0x30 [ 16.873469] krealloc_less_oob_helper+0xec6/0x11d0 [ 16.873510] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 16.873540] ? finish_task_switch.isra.0+0x153/0x700 [ 16.873573] ? __switch_to+0x5d9/0xf60 [ 16.873650] ? dequeue_task_fair+0x166/0x4e0 [ 16.873729] ? __schedule+0x10cc/0x2b60 [ 16.873775] ? __pfx_read_tsc+0x10/0x10 [ 16.873809] krealloc_large_less_oob+0x1c/0x30 [ 16.873836] kunit_try_run_case+0x1a5/0x480 [ 16.873874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.873906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.873940] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.873972] ? __kthread_parkme+0x82/0x180 [ 16.874002] ? preempt_count_sub+0x50/0x80 [ 16.874035] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.874068] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.874099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.874131] kthread+0x337/0x6f0 [ 16.874153] ? trace_preempt_on+0x20/0xc0 [ 16.874185] ? __pfx_kthread+0x10/0x10 [ 16.874209] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.874268] ? calculate_sigpending+0x7b/0xa0 [ 16.874301] ? __pfx_kthread+0x10/0x10 [ 16.874326] ret_from_fork+0x41/0x80 [ 16.874357] ? __pfx_kthread+0x10/0x10 [ 16.874380] ret_from_fork_asm+0x1a/0x30 [ 16.874422] </TASK> [ 16.874435] [ 16.895127] The buggy address belongs to the physical page: [ 16.896291] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.897078] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.897777] flags: 0x200000000000040(head|node=0|zone=2) [ 16.898742] page_type: f8(unknown) [ 16.899187] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.899903] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.900519] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.901385] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.902256] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.903188] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.904134] page dumped because: kasan: bad access detected [ 16.904696] [ 16.904927] Memory state around the buggy address: [ 16.905944] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.906845] ffff88810a0a6000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.907584] >ffff88810a0a6080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 16.908305] ^ [ 16.909447] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.910278] ffff88810a0a6180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.911177] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 16.701907] ================================================================== [ 16.702799] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.703641] Write of size 1 at addr ffff888102bee0eb by task kunit_try_catch/181 [ 16.704780] [ 16.705629] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.705772] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.705809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.705866] Call Trace: [ 16.705908] <TASK> [ 16.705956] dump_stack_lvl+0x73/0xb0 [ 16.706036] print_report+0xd1/0x650 [ 16.706114] ? __virt_addr_valid+0x1db/0x2d0 [ 16.706151] ? krealloc_more_oob_helper+0x821/0x930 [ 16.706182] ? kasan_addr_to_slab+0x11/0xa0 [ 16.706218] ? krealloc_more_oob_helper+0x821/0x930 [ 16.706275] kasan_report+0x141/0x180 [ 16.706311] ? krealloc_more_oob_helper+0x821/0x930 [ 16.706347] __asan_report_store1_noabort+0x1b/0x30 [ 16.706379] krealloc_more_oob_helper+0x821/0x930 [ 16.706406] ? __schedule+0x10cc/0x2b60 [ 16.706441] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.706471] ? finish_task_switch.isra.0+0x153/0x700 [ 16.706506] ? __switch_to+0x5d9/0xf60 [ 16.706535] ? dequeue_task_fair+0x166/0x4e0 [ 16.706569] ? __schedule+0x10cc/0x2b60 [ 16.706621] ? __pfx_read_tsc+0x10/0x10 [ 16.706704] krealloc_large_more_oob+0x1c/0x30 [ 16.706755] kunit_try_run_case+0x1a5/0x480 [ 16.706794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.706828] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.706862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.706896] ? __kthread_parkme+0x82/0x180 [ 16.706928] ? preempt_count_sub+0x50/0x80 [ 16.706963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.706998] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.707030] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.707064] kthread+0x337/0x6f0 [ 16.707087] ? trace_preempt_on+0x20/0xc0 [ 16.707121] ? __pfx_kthread+0x10/0x10 [ 16.707146] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.707177] ? calculate_sigpending+0x7b/0xa0 [ 16.707209] ? __pfx_kthread+0x10/0x10 [ 16.707263] ret_from_fork+0x41/0x80 [ 16.707297] ? __pfx_kthread+0x10/0x10 [ 16.707322] ret_from_fork_asm+0x1a/0x30 [ 16.707365] </TASK> [ 16.707381] [ 16.726561] The buggy address belongs to the physical page: [ 16.727301] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bec [ 16.728172] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.728971] flags: 0x200000000000040(head|node=0|zone=2) [ 16.729404] page_type: f8(unknown) [ 16.730134] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.731005] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.731947] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.732665] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.733585] head: 0200000000000002 ffffea00040afb01 00000000ffffffff 00000000ffffffff [ 16.734211] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.735191] page dumped because: kasan: bad access detected [ 16.735863] [ 16.736076] Memory state around the buggy address: [ 16.737011] ffff888102bedf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.737810] ffff888102bee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.738379] >ffff888102bee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.739173] ^ [ 16.739924] ffff888102bee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.740557] ffff888102bee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.741122] ================================================================== [ 16.353168] ================================================================== [ 16.354344] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 16.355196] Write of size 1 at addr ffff888100a0feeb by task kunit_try_catch/177 [ 16.356037] [ 16.356380] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.356536] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.356993] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.357055] Call Trace: [ 16.357092] <TASK> [ 16.357134] dump_stack_lvl+0x73/0xb0 [ 16.357245] print_report+0xd1/0x650 [ 16.357327] ? __virt_addr_valid+0x1db/0x2d0 [ 16.357397] ? krealloc_more_oob_helper+0x821/0x930 [ 16.357429] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.357462] ? krealloc_more_oob_helper+0x821/0x930 [ 16.357491] kasan_report+0x141/0x180 [ 16.357525] ? krealloc_more_oob_helper+0x821/0x930 [ 16.357561] __asan_report_store1_noabort+0x1b/0x30 [ 16.357590] krealloc_more_oob_helper+0x821/0x930 [ 16.357696] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.357775] ? irqentry_exit+0x2a/0x60 [ 16.357808] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.357852] ? __pfx_krealloc_more_oob+0x10/0x10 [ 16.357883] krealloc_more_oob+0x1c/0x30 [ 16.357909] kunit_try_run_case+0x1a5/0x480 [ 16.357945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.357978] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.358012] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.358044] ? __kthread_parkme+0x82/0x180 [ 16.358074] ? preempt_count_sub+0x50/0x80 [ 16.358109] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.358142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.358175] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.358208] kthread+0x337/0x6f0 [ 16.358261] ? trace_preempt_on+0x20/0xc0 [ 16.358298] ? __pfx_kthread+0x10/0x10 [ 16.358322] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.358353] ? calculate_sigpending+0x7b/0xa0 [ 16.358382] ? __pfx_kthread+0x10/0x10 [ 16.358405] ret_from_fork+0x41/0x80 [ 16.358435] ? __pfx_kthread+0x10/0x10 [ 16.358459] ret_from_fork_asm+0x1a/0x30 [ 16.358501] </TASK> [ 16.358515] [ 16.378437] Allocated by task 177: [ 16.378798] kasan_save_stack+0x45/0x70 [ 16.379345] kasan_save_track+0x18/0x40 [ 16.379757] kasan_save_alloc_info+0x3b/0x50 [ 16.380557] __kasan_krealloc+0x190/0x1f0 [ 16.380902] krealloc_noprof+0xf3/0x340 [ 16.381789] krealloc_more_oob_helper+0x1a9/0x930 [ 16.382226] krealloc_more_oob+0x1c/0x30 [ 16.382569] kunit_try_run_case+0x1a5/0x480 [ 16.383046] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.383533] kthread+0x337/0x6f0 [ 16.383946] ret_from_fork+0x41/0x80 [ 16.384519] ret_from_fork_asm+0x1a/0x30 [ 16.385353] [ 16.385572] The buggy address belongs to the object at ffff888100a0fe00 [ 16.385572] which belongs to the cache kmalloc-256 of size 256 [ 16.387007] The buggy address is located 0 bytes to the right of [ 16.387007] allocated 235-byte region [ffff888100a0fe00, ffff888100a0feeb) [ 16.388245] [ 16.388512] The buggy address belongs to the physical page: [ 16.389337] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a0e [ 16.390548] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.391223] flags: 0x200000000000040(head|node=0|zone=2) [ 16.391728] page_type: f5(slab) [ 16.392060] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.393306] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.394029] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.395185] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.395907] head: 0200000000000001 ffffea0004028381 00000000ffffffff 00000000ffffffff [ 16.396779] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.397391] page dumped because: kasan: bad access detected [ 16.398266] [ 16.398431] Memory state around the buggy address: [ 16.399247] ffff888100a0fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.400450] ffff888100a0fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.401161] >ffff888100a0fe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.401839] ^ [ 16.402885] ffff888100a0ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.403505] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.404335] ================================================================== [ 16.742085] ================================================================== [ 16.743074] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 16.743850] Write of size 1 at addr ffff888102bee0f0 by task kunit_try_catch/181 [ 16.744471] [ 16.744916] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.745034] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.745069] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.745125] Call Trace: [ 16.745175] <TASK> [ 16.745285] dump_stack_lvl+0x73/0xb0 [ 16.745364] print_report+0xd1/0x650 [ 16.745437] ? __virt_addr_valid+0x1db/0x2d0 [ 16.745509] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.745577] ? kasan_addr_to_slab+0x11/0xa0 [ 16.745803] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.745872] kasan_report+0x141/0x180 [ 16.745977] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.746064] __asan_report_store1_noabort+0x1b/0x30 [ 16.746133] krealloc_more_oob_helper+0x7eb/0x930 [ 16.746194] ? __schedule+0x10cc/0x2b60 [ 16.746265] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.746315] ? finish_task_switch.isra.0+0x153/0x700 [ 16.746354] ? __switch_to+0x5d9/0xf60 [ 16.746382] ? dequeue_task_fair+0x166/0x4e0 [ 16.746415] ? __schedule+0x10cc/0x2b60 [ 16.746446] ? __pfx_read_tsc+0x10/0x10 [ 16.746478] krealloc_large_more_oob+0x1c/0x30 [ 16.746506] kunit_try_run_case+0x1a5/0x480 [ 16.746542] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.746574] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.746671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.746758] ? __kthread_parkme+0x82/0x180 [ 16.746836] ? preempt_count_sub+0x50/0x80 [ 16.746976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.747049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.747087] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.747121] kthread+0x337/0x6f0 [ 16.747144] ? trace_preempt_on+0x20/0xc0 [ 16.747180] ? __pfx_kthread+0x10/0x10 [ 16.747204] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.747273] ? calculate_sigpending+0x7b/0xa0 [ 16.747307] ? __pfx_kthread+0x10/0x10 [ 16.747333] ret_from_fork+0x41/0x80 [ 16.747364] ? __pfx_kthread+0x10/0x10 [ 16.747389] ret_from_fork_asm+0x1a/0x30 [ 16.747431] </TASK> [ 16.747444] [ 16.766921] The buggy address belongs to the physical page: [ 16.767934] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102bec [ 16.768767] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.769505] flags: 0x200000000000040(head|node=0|zone=2) [ 16.770145] page_type: f8(unknown) [ 16.770546] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.771353] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.772001] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.772920] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.773803] head: 0200000000000002 ffffea00040afb01 00000000ffffffff 00000000ffffffff [ 16.774450] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.775324] page dumped because: kasan: bad access detected [ 16.775904] [ 16.776083] Memory state around the buggy address: [ 16.776551] ffff888102bedf80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.777342] ffff888102bee000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.778045] >ffff888102bee080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 16.778558] ^ [ 16.779103] ffff888102bee100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.779726] ffff888102bee180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.780797] ================================================================== [ 16.406626] ================================================================== [ 16.407187] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 16.408059] Write of size 1 at addr ffff888100a0fef0 by task kunit_try_catch/177 [ 16.409438] [ 16.409992] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.410076] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.410106] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.410139] Call Trace: [ 16.410157] <TASK> [ 16.410176] dump_stack_lvl+0x73/0xb0 [ 16.410212] print_report+0xd1/0x650 [ 16.410244] ? __virt_addr_valid+0x1db/0x2d0 [ 16.410274] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.410302] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.410333] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.410360] kasan_report+0x141/0x180 [ 16.410390] ? krealloc_more_oob_helper+0x7eb/0x930 [ 16.410424] __asan_report_store1_noabort+0x1b/0x30 [ 16.410452] krealloc_more_oob_helper+0x7eb/0x930 [ 16.410482] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 16.410509] ? irqentry_exit+0x2a/0x60 [ 16.410533] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 16.410576] ? __pfx_krealloc_more_oob+0x10/0x10 [ 16.410666] krealloc_more_oob+0x1c/0x30 [ 16.410737] kunit_try_run_case+0x1a5/0x480 [ 16.410823] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.410937] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.411020] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.411112] ? __kthread_parkme+0x82/0x180 [ 16.411184] ? preempt_count_sub+0x50/0x80 [ 16.411271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.411313] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.411348] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.411384] kthread+0x337/0x6f0 [ 16.411407] ? trace_preempt_on+0x20/0xc0 [ 16.411442] ? __pfx_kthread+0x10/0x10 [ 16.411466] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.411497] ? calculate_sigpending+0x7b/0xa0 [ 16.411529] ? __pfx_kthread+0x10/0x10 [ 16.411556] ret_from_fork+0x41/0x80 [ 16.411587] ? __pfx_kthread+0x10/0x10 [ 16.411678] ret_from_fork_asm+0x1a/0x30 [ 16.411782] </TASK> [ 16.411799] [ 16.431978] Allocated by task 177: [ 16.432448] kasan_save_stack+0x45/0x70 [ 16.433088] kasan_save_track+0x18/0x40 [ 16.434014] kasan_save_alloc_info+0x3b/0x50 [ 16.434679] __kasan_krealloc+0x190/0x1f0 [ 16.435083] krealloc_noprof+0xf3/0x340 [ 16.435508] krealloc_more_oob_helper+0x1a9/0x930 [ 16.435964] krealloc_more_oob+0x1c/0x30 [ 16.436594] kunit_try_run_case+0x1a5/0x480 [ 16.437185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.438105] kthread+0x337/0x6f0 [ 16.438559] ret_from_fork+0x41/0x80 [ 16.439157] ret_from_fork_asm+0x1a/0x30 [ 16.439799] [ 16.440073] The buggy address belongs to the object at ffff888100a0fe00 [ 16.440073] which belongs to the cache kmalloc-256 of size 256 [ 16.441204] The buggy address is located 5 bytes to the right of [ 16.441204] allocated 235-byte region [ffff888100a0fe00, ffff888100a0feeb) [ 16.442828] [ 16.443108] The buggy address belongs to the physical page: [ 16.443587] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a0e [ 16.444489] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.445288] flags: 0x200000000000040(head|node=0|zone=2) [ 16.446136] page_type: f5(slab) [ 16.446548] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.447372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.448231] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 16.448973] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.449714] head: 0200000000000001 ffffea0004028381 00000000ffffffff 00000000ffffffff [ 16.451030] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 16.451498] page dumped because: kasan: bad access detected [ 16.452273] [ 16.452644] Memory state around the buggy address: [ 16.453161] ffff888100a0fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.454254] ffff888100a0fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.454956] >ffff888100a0fe80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 16.455558] ^ [ 16.456342] ffff888100a0ff00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.457132] ffff888100a0ff80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.458139] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 18.104181] ================================================================== [ 18.104938] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 18.105468] Read of size 1 at addr ffff888102a13478 by task kunit_try_catch/217 [ 18.106068] [ 18.106326] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.106437] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.106472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.106522] Call Trace: [ 18.106557] <TASK> [ 18.106592] dump_stack_lvl+0x73/0xb0 [ 18.106682] print_report+0xd1/0x650 [ 18.106759] ? __virt_addr_valid+0x1db/0x2d0 [ 18.106832] ? ksize_uaf+0x5e4/0x6c0 [ 18.106901] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.106976] ? ksize_uaf+0x5e4/0x6c0 [ 18.107050] kasan_report+0x141/0x180 [ 18.107128] ? ksize_uaf+0x5e4/0x6c0 [ 18.107262] __asan_report_load1_noabort+0x18/0x20 [ 18.107342] ksize_uaf+0x5e4/0x6c0 [ 18.107418] ? __pfx_ksize_uaf+0x10/0x10 [ 18.107479] ? __schedule+0x10cc/0x2b60 [ 18.107514] ? __pfx_read_tsc+0x10/0x10 [ 18.107543] ? ktime_get_ts64+0x86/0x230 [ 18.107579] kunit_try_run_case+0x1a5/0x480 [ 18.107637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.107674] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.107710] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.107745] ? __kthread_parkme+0x82/0x180 [ 18.107778] ? preempt_count_sub+0x50/0x80 [ 18.107813] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.107848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.107882] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.107914] kthread+0x337/0x6f0 [ 18.107938] ? trace_preempt_on+0x20/0xc0 [ 18.107971] ? __pfx_kthread+0x10/0x10 [ 18.107996] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.108027] ? calculate_sigpending+0x7b/0xa0 [ 18.108058] ? __pfx_kthread+0x10/0x10 [ 18.108082] ret_from_fork+0x41/0x80 [ 18.108112] ? __pfx_kthread+0x10/0x10 [ 18.108135] ret_from_fork_asm+0x1a/0x30 [ 18.108176] </TASK> [ 18.108191] [ 18.124015] Allocated by task 217: [ 18.124431] kasan_save_stack+0x45/0x70 [ 18.124876] kasan_save_track+0x18/0x40 [ 18.125265] kasan_save_alloc_info+0x3b/0x50 [ 18.125688] __kasan_kmalloc+0xb7/0xc0 [ 18.126007] __kmalloc_cache_noprof+0x189/0x420 [ 18.126461] ksize_uaf+0xaa/0x6c0 [ 18.126864] kunit_try_run_case+0x1a5/0x480 [ 18.127334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.127869] kthread+0x337/0x6f0 [ 18.128182] ret_from_fork+0x41/0x80 [ 18.128528] ret_from_fork_asm+0x1a/0x30 [ 18.128945] [ 18.129165] Freed by task 217: [ 18.129538] kasan_save_stack+0x45/0x70 [ 18.129971] kasan_save_track+0x18/0x40 [ 18.130422] kasan_save_free_info+0x3f/0x60 [ 18.130879] __kasan_slab_free+0x56/0x70 [ 18.131337] kfree+0x222/0x3f0 [ 18.131635] ksize_uaf+0x12c/0x6c0 [ 18.132014] kunit_try_run_case+0x1a5/0x480 [ 18.132503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.132998] kthread+0x337/0x6f0 [ 18.133343] ret_from_fork+0x41/0x80 [ 18.133685] ret_from_fork_asm+0x1a/0x30 [ 18.134110] [ 18.134392] The buggy address belongs to the object at ffff888102a13400 [ 18.134392] which belongs to the cache kmalloc-128 of size 128 [ 18.135387] The buggy address is located 120 bytes inside of [ 18.135387] freed 128-byte region [ffff888102a13400, ffff888102a13480) [ 18.136363] [ 18.136590] The buggy address belongs to the physical page: [ 18.136972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 18.137599] flags: 0x200000000000000(node=0|zone=2) [ 18.138118] page_type: f5(slab) [ 18.138553] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.139052] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.139650] page dumped because: kasan: bad access detected [ 18.140129] [ 18.140404] Memory state around the buggy address: [ 18.140866] ffff888102a13300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.141530] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.142111] >ffff888102a13400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.142685] ^ [ 18.143351] ffff888102a13480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.143917] ffff888102a13500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.144455] ================================================================== [ 18.057092] ================================================================== [ 18.057891] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 18.058658] Read of size 1 at addr ffff888102a13400 by task kunit_try_catch/217 [ 18.059314] [ 18.059534] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.059730] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.059768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.059821] Call Trace: [ 18.060029] <TASK> [ 18.060190] dump_stack_lvl+0x73/0xb0 [ 18.060317] print_report+0xd1/0x650 [ 18.060391] ? __virt_addr_valid+0x1db/0x2d0 [ 18.060460] ? ksize_uaf+0x5fe/0x6c0 [ 18.060525] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.060593] ? ksize_uaf+0x5fe/0x6c0 [ 18.060679] kasan_report+0x141/0x180 [ 18.060716] ? ksize_uaf+0x5fe/0x6c0 [ 18.060754] __asan_report_load1_noabort+0x18/0x20 [ 18.060782] ksize_uaf+0x5fe/0x6c0 [ 18.060813] ? __pfx_ksize_uaf+0x10/0x10 [ 18.060844] ? __schedule+0x10cc/0x2b60 [ 18.060875] ? __pfx_read_tsc+0x10/0x10 [ 18.060900] ? ktime_get_ts64+0x86/0x230 [ 18.060935] kunit_try_run_case+0x1a5/0x480 [ 18.060968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.061000] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.061033] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.061066] ? __kthread_parkme+0x82/0x180 [ 18.061094] ? preempt_count_sub+0x50/0x80 [ 18.061128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.061160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.061193] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.061259] kthread+0x337/0x6f0 [ 18.061290] ? trace_preempt_on+0x20/0xc0 [ 18.061324] ? __pfx_kthread+0x10/0x10 [ 18.061349] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.061380] ? calculate_sigpending+0x7b/0xa0 [ 18.061409] ? __pfx_kthread+0x10/0x10 [ 18.061433] ret_from_fork+0x41/0x80 [ 18.061464] ? __pfx_kthread+0x10/0x10 [ 18.061488] ret_from_fork_asm+0x1a/0x30 [ 18.061529] </TASK> [ 18.061542] [ 18.077686] Allocated by task 217: [ 18.078364] kasan_save_stack+0x45/0x70 [ 18.079079] kasan_save_track+0x18/0x40 [ 18.079669] kasan_save_alloc_info+0x3b/0x50 [ 18.079995] __kasan_kmalloc+0xb7/0xc0 [ 18.080405] __kmalloc_cache_noprof+0x189/0x420 [ 18.081048] ksize_uaf+0xaa/0x6c0 [ 18.081742] kunit_try_run_case+0x1a5/0x480 [ 18.082390] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.082959] kthread+0x337/0x6f0 [ 18.083107] ret_from_fork+0x41/0x80 [ 18.083578] ret_from_fork_asm+0x1a/0x30 [ 18.084280] [ 18.084578] Freed by task 217: [ 18.085096] kasan_save_stack+0x45/0x70 [ 18.085630] kasan_save_track+0x18/0x40 [ 18.086415] kasan_save_free_info+0x3f/0x60 [ 18.087056] __kasan_slab_free+0x56/0x70 [ 18.087500] kfree+0x222/0x3f0 [ 18.087875] ksize_uaf+0x12c/0x6c0 [ 18.088303] kunit_try_run_case+0x1a5/0x480 [ 18.088921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.089403] kthread+0x337/0x6f0 [ 18.089880] ret_from_fork+0x41/0x80 [ 18.090253] ret_from_fork_asm+0x1a/0x30 [ 18.091210] [ 18.091526] The buggy address belongs to the object at ffff888102a13400 [ 18.091526] which belongs to the cache kmalloc-128 of size 128 [ 18.092369] The buggy address is located 0 bytes inside of [ 18.092369] freed 128-byte region [ffff888102a13400, ffff888102a13480) [ 18.093121] [ 18.093345] The buggy address belongs to the physical page: [ 18.093896] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 18.094529] flags: 0x200000000000000(node=0|zone=2) [ 18.094911] page_type: f5(slab) [ 18.095278] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.095950] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.096552] page dumped because: kasan: bad access detected [ 18.097000] [ 18.097260] Memory state around the buggy address: [ 18.097685] ffff888102a13300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.098264] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.098895] >ffff888102a13400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.099454] ^ [ 18.099823] ffff888102a13480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.100481] ffff888102a13500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.101038] ================================================================== [ 18.009412] ================================================================== [ 18.010694] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 18.011420] Read of size 1 at addr ffff888102a13400 by task kunit_try_catch/217 [ 18.012111] [ 18.012451] CPU: 0 UID: 0 PID: 217 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.012570] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.012620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.012676] Call Trace: [ 18.012713] <TASK> [ 18.012752] dump_stack_lvl+0x73/0xb0 [ 18.012829] print_report+0xd1/0x650 [ 18.012906] ? __virt_addr_valid+0x1db/0x2d0 [ 18.012982] ? ksize_uaf+0x19d/0x6c0 [ 18.013050] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.013123] ? ksize_uaf+0x19d/0x6c0 [ 18.013197] kasan_report+0x141/0x180 [ 18.013267] ? ksize_uaf+0x19d/0x6c0 [ 18.013308] ? ksize_uaf+0x19d/0x6c0 [ 18.013340] __kasan_check_byte+0x3d/0x50 [ 18.013374] ksize+0x20/0x60 [ 18.013407] ksize_uaf+0x19d/0x6c0 [ 18.013437] ? __pfx_ksize_uaf+0x10/0x10 [ 18.013469] ? __schedule+0x10cc/0x2b60 [ 18.013502] ? __pfx_read_tsc+0x10/0x10 [ 18.013531] ? ktime_get_ts64+0x86/0x230 [ 18.013568] kunit_try_run_case+0x1a5/0x480 [ 18.013626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.013664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.013700] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.013734] ? __kthread_parkme+0x82/0x180 [ 18.013775] ? preempt_count_sub+0x50/0x80 [ 18.013812] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.013846] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.013879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.013912] kthread+0x337/0x6f0 [ 18.013935] ? trace_preempt_on+0x20/0xc0 [ 18.013968] ? __pfx_kthread+0x10/0x10 [ 18.013993] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.014023] ? calculate_sigpending+0x7b/0xa0 [ 18.014054] ? __pfx_kthread+0x10/0x10 [ 18.014080] ret_from_fork+0x41/0x80 [ 18.014109] ? __pfx_kthread+0x10/0x10 [ 18.014133] ret_from_fork_asm+0x1a/0x30 [ 18.014175] </TASK> [ 18.014188] [ 18.031234] Allocated by task 217: [ 18.031599] kasan_save_stack+0x45/0x70 [ 18.032156] kasan_save_track+0x18/0x40 [ 18.032646] kasan_save_alloc_info+0x3b/0x50 [ 18.033088] __kasan_kmalloc+0xb7/0xc0 [ 18.033417] __kmalloc_cache_noprof+0x189/0x420 [ 18.033910] ksize_uaf+0xaa/0x6c0 [ 18.034202] kunit_try_run_case+0x1a5/0x480 [ 18.034595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.035163] kthread+0x337/0x6f0 [ 18.035690] ret_from_fork+0x41/0x80 [ 18.036028] ret_from_fork_asm+0x1a/0x30 [ 18.036727] [ 18.036904] Freed by task 217: [ 18.037254] kasan_save_stack+0x45/0x70 [ 18.037674] kasan_save_track+0x18/0x40 [ 18.038125] kasan_save_free_info+0x3f/0x60 [ 18.038528] __kasan_slab_free+0x56/0x70 [ 18.039211] kfree+0x222/0x3f0 [ 18.039546] ksize_uaf+0x12c/0x6c0 [ 18.039976] kunit_try_run_case+0x1a5/0x480 [ 18.040587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.040996] kthread+0x337/0x6f0 [ 18.041796] ret_from_fork+0x41/0x80 [ 18.042203] ret_from_fork_asm+0x1a/0x30 [ 18.042663] [ 18.042900] The buggy address belongs to the object at ffff888102a13400 [ 18.042900] which belongs to the cache kmalloc-128 of size 128 [ 18.043867] The buggy address is located 0 bytes inside of [ 18.043867] freed 128-byte region [ffff888102a13400, ffff888102a13480) [ 18.044889] [ 18.045122] The buggy address belongs to the physical page: [ 18.046481] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 18.047170] flags: 0x200000000000000(node=0|zone=2) [ 18.047740] page_type: f5(slab) [ 18.048086] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 18.048863] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 18.049617] page dumped because: kasan: bad access detected [ 18.050033] [ 18.050355] Memory state around the buggy address: [ 18.050908] ffff888102a13300: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.051699] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.052389] >ffff888102a13400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.052920] ^ [ 18.053354] ffff888102a13480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.054089] ffff888102a13500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.054913] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 17.922815] ================================================================== [ 17.923467] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.924154] Read of size 1 at addr ffff888102a13378 by task kunit_try_catch/215 [ 17.925084] [ 17.925442] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.925563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.925596] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.925671] Call Trace: [ 17.925710] <TASK> [ 17.925765] dump_stack_lvl+0x73/0xb0 [ 17.925839] print_report+0xd1/0x650 [ 17.925908] ? __virt_addr_valid+0x1db/0x2d0 [ 17.925981] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.926020] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.926057] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.926087] kasan_report+0x141/0x180 [ 17.926122] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.926157] __asan_report_load1_noabort+0x18/0x20 [ 17.926187] ksize_unpoisons_memory+0x7e9/0x9b0 [ 17.926238] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.926288] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.926335] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.926370] kunit_try_run_case+0x1a5/0x480 [ 17.926408] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.926442] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.926478] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.926512] ? __kthread_parkme+0x82/0x180 [ 17.926544] ? preempt_count_sub+0x50/0x80 [ 17.926582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.926642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.926681] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.926716] kthread+0x337/0x6f0 [ 17.926741] ? trace_preempt_on+0x20/0xc0 [ 17.926776] ? __pfx_kthread+0x10/0x10 [ 17.926802] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.926834] ? calculate_sigpending+0x7b/0xa0 [ 17.926867] ? __pfx_kthread+0x10/0x10 [ 17.926894] ret_from_fork+0x41/0x80 [ 17.926924] ? __pfx_kthread+0x10/0x10 [ 17.926949] ret_from_fork_asm+0x1a/0x30 [ 17.926991] </TASK> [ 17.927004] [ 17.944152] Allocated by task 215: [ 17.944476] kasan_save_stack+0x45/0x70 [ 17.944918] kasan_save_track+0x18/0x40 [ 17.945395] kasan_save_alloc_info+0x3b/0x50 [ 17.945789] __kasan_kmalloc+0xb7/0xc0 [ 17.946203] __kmalloc_cache_noprof+0x189/0x420 [ 17.946683] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.947016] kunit_try_run_case+0x1a5/0x480 [ 17.947961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.948741] kthread+0x337/0x6f0 [ 17.949197] ret_from_fork+0x41/0x80 [ 17.949663] ret_from_fork_asm+0x1a/0x30 [ 17.950019] [ 17.950254] The buggy address belongs to the object at ffff888102a13300 [ 17.950254] which belongs to the cache kmalloc-128 of size 128 [ 17.951240] The buggy address is located 5 bytes to the right of [ 17.951240] allocated 115-byte region [ffff888102a13300, ffff888102a13373) [ 17.952862] [ 17.953044] The buggy address belongs to the physical page: [ 17.953822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 17.954504] flags: 0x200000000000000(node=0|zone=2) [ 17.955174] page_type: f5(slab) [ 17.955804] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.956644] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.957695] page dumped because: kasan: bad access detected [ 17.957906] [ 17.957993] Memory state around the buggy address: [ 17.958161] ffff888102a13200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.959283] ffff888102a13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.960137] >ffff888102a13300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.960886] ^ [ 17.961644] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.962359] ffff888102a13400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.963075] ================================================================== [ 17.881151] ================================================================== [ 17.882219] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 17.882921] Read of size 1 at addr ffff888102a13373 by task kunit_try_catch/215 [ 17.883925] [ 17.884462] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.884621] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.884660] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.884715] Call Trace: [ 17.884752] <TASK> [ 17.884798] dump_stack_lvl+0x73/0xb0 [ 17.884877] print_report+0xd1/0x650 [ 17.884951] ? __virt_addr_valid+0x1db/0x2d0 [ 17.885022] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.885084] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.885123] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.885153] kasan_report+0x141/0x180 [ 17.885188] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 17.885250] __asan_report_load1_noabort+0x18/0x20 [ 17.885292] ksize_unpoisons_memory+0x81c/0x9b0 [ 17.885323] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.885351] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.885399] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.885433] kunit_try_run_case+0x1a5/0x480 [ 17.885472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.885505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.885541] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.885576] ? __kthread_parkme+0x82/0x180 [ 17.885632] ? preempt_count_sub+0x50/0x80 [ 17.885675] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.885712] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.885746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.885796] kthread+0x337/0x6f0 [ 17.885820] ? trace_preempt_on+0x20/0xc0 [ 17.885857] ? __pfx_kthread+0x10/0x10 [ 17.885883] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.885914] ? calculate_sigpending+0x7b/0xa0 [ 17.885946] ? __pfx_kthread+0x10/0x10 [ 17.885973] ret_from_fork+0x41/0x80 [ 17.886005] ? __pfx_kthread+0x10/0x10 [ 17.886031] ret_from_fork_asm+0x1a/0x30 [ 17.886075] </TASK> [ 17.886089] [ 17.903252] Allocated by task 215: [ 17.903690] kasan_save_stack+0x45/0x70 [ 17.904090] kasan_save_track+0x18/0x40 [ 17.904458] kasan_save_alloc_info+0x3b/0x50 [ 17.904908] __kasan_kmalloc+0xb7/0xc0 [ 17.905330] __kmalloc_cache_noprof+0x189/0x420 [ 17.905788] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.906256] kunit_try_run_case+0x1a5/0x480 [ 17.906663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.907137] kthread+0x337/0x6f0 [ 17.907463] ret_from_fork+0x41/0x80 [ 17.907777] ret_from_fork_asm+0x1a/0x30 [ 17.908092] [ 17.908327] The buggy address belongs to the object at ffff888102a13300 [ 17.908327] which belongs to the cache kmalloc-128 of size 128 [ 17.909340] The buggy address is located 0 bytes to the right of [ 17.909340] allocated 115-byte region [ffff888102a13300, ffff888102a13373) [ 17.910415] [ 17.910601] The buggy address belongs to the physical page: [ 17.911123] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 17.911781] flags: 0x200000000000000(node=0|zone=2) [ 17.912135] page_type: f5(slab) [ 17.912484] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.913145] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.913838] page dumped because: kasan: bad access detected [ 17.914391] [ 17.914633] Memory state around the buggy address: [ 17.915075] ffff888102a13200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.915735] ffff888102a13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.917085] >ffff888102a13300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.918020] ^ [ 17.918711] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.919232] ffff888102a13400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.919829] ================================================================== [ 17.965861] ================================================================== [ 17.966625] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.967191] Read of size 1 at addr ffff888102a1337f by task kunit_try_catch/215 [ 17.967778] [ 17.968073] CPU: 0 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.968193] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.968228] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.968283] Call Trace: [ 17.968319] <TASK> [ 17.968361] dump_stack_lvl+0x73/0xb0 [ 17.968437] print_report+0xd1/0x650 [ 17.968508] ? __virt_addr_valid+0x1db/0x2d0 [ 17.968584] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.968669] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.968746] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.968814] kasan_report+0x141/0x180 [ 17.968887] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.968967] __asan_report_load1_noabort+0x18/0x20 [ 17.969035] ksize_unpoisons_memory+0x7b6/0x9b0 [ 17.969097] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.969129] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 17.969174] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 17.969211] kunit_try_run_case+0x1a5/0x480 [ 17.969276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.969314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.969351] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.969388] ? __kthread_parkme+0x82/0x180 [ 17.969420] ? preempt_count_sub+0x50/0x80 [ 17.969458] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.969494] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.969529] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.969563] kthread+0x337/0x6f0 [ 17.969587] ? trace_preempt_on+0x20/0xc0 [ 17.969646] ? __pfx_kthread+0x10/0x10 [ 17.969674] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.969707] ? calculate_sigpending+0x7b/0xa0 [ 17.969740] ? __pfx_kthread+0x10/0x10 [ 17.969776] ret_from_fork+0x41/0x80 [ 17.969808] ? __pfx_kthread+0x10/0x10 [ 17.969834] ret_from_fork_asm+0x1a/0x30 [ 17.969876] </TASK> [ 17.969890] [ 17.984180] Allocated by task 215: [ 17.984589] kasan_save_stack+0x45/0x70 [ 17.985074] kasan_save_track+0x18/0x40 [ 17.985504] kasan_save_alloc_info+0x3b/0x50 [ 17.986049] __kasan_kmalloc+0xb7/0xc0 [ 17.986364] __kmalloc_cache_noprof+0x189/0x420 [ 17.987062] ksize_unpoisons_memory+0xc7/0x9b0 [ 17.987572] kunit_try_run_case+0x1a5/0x480 [ 17.987934] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.988645] kthread+0x337/0x6f0 [ 17.989025] ret_from_fork+0x41/0x80 [ 17.989472] ret_from_fork_asm+0x1a/0x30 [ 17.990642] [ 17.990895] The buggy address belongs to the object at ffff888102a13300 [ 17.990895] which belongs to the cache kmalloc-128 of size 128 [ 17.992012] The buggy address is located 12 bytes to the right of [ 17.992012] allocated 115-byte region [ffff888102a13300, ffff888102a13373) [ 17.993018] [ 17.993290] The buggy address belongs to the physical page: [ 17.993782] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 17.994442] flags: 0x200000000000000(node=0|zone=2) [ 17.994915] page_type: f5(slab) [ 17.995278] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.995980] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.996678] page dumped because: kasan: bad access detected [ 17.997104] [ 17.997309] Memory state around the buggy address: [ 17.997834] ffff888102a13200: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.998495] ffff888102a13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.999110] >ffff888102a13300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 17.999841] ^ [ 18.000460] ffff888102a13380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.001048] ffff888102a13400: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.001961] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 17.822225] ================================================================== [ 17.822885] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 17.823449] Free of addr ffff888102175280 by task kunit_try_catch/213 [ 17.823950] [ 17.824222] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.824340] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.824374] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.824428] Call Trace: [ 17.824464] <TASK> [ 17.824504] dump_stack_lvl+0x73/0xb0 [ 17.824578] print_report+0xd1/0x650 [ 17.824877] ? __virt_addr_valid+0x1db/0x2d0 [ 17.824951] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.825021] ? kfree_sensitive+0x2e/0x90 [ 17.825090] kasan_report_invalid_free+0x10a/0x130 [ 17.825166] ? kfree_sensitive+0x2e/0x90 [ 17.825282] ? kfree_sensitive+0x2e/0x90 [ 17.825326] check_slab_allocation+0x101/0x130 [ 17.825363] __kasan_slab_pre_free+0x28/0x40 [ 17.825395] kfree+0xf0/0x3f0 [ 17.825421] ? kfree_sensitive+0x2e/0x90 [ 17.825455] kfree_sensitive+0x2e/0x90 [ 17.825486] kmalloc_double_kzfree+0x19c/0x350 [ 17.825513] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 17.825543] ? __schedule+0x10cc/0x2b60 [ 17.825577] ? __pfx_read_tsc+0x10/0x10 [ 17.825676] ? ktime_get_ts64+0x86/0x230 [ 17.825780] kunit_try_run_case+0x1a5/0x480 [ 17.825868] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.825946] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.825999] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.826034] ? __kthread_parkme+0x82/0x180 [ 17.826066] ? preempt_count_sub+0x50/0x80 [ 17.826100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.826134] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.826167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.826200] kthread+0x337/0x6f0 [ 17.826264] ? trace_preempt_on+0x20/0xc0 [ 17.826306] ? __pfx_kthread+0x10/0x10 [ 17.826331] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.826361] ? calculate_sigpending+0x7b/0xa0 [ 17.826392] ? __pfx_kthread+0x10/0x10 [ 17.826417] ret_from_fork+0x41/0x80 [ 17.826447] ? __pfx_kthread+0x10/0x10 [ 17.826471] ret_from_fork_asm+0x1a/0x30 [ 17.826512] </TASK> [ 17.826526] [ 17.846776] Allocated by task 213: [ 17.847186] kasan_save_stack+0x45/0x70 [ 17.848312] kasan_save_track+0x18/0x40 [ 17.848849] kasan_save_alloc_info+0x3b/0x50 [ 17.849687] __kasan_kmalloc+0xb7/0xc0 [ 17.850251] __kmalloc_cache_noprof+0x189/0x420 [ 17.850991] kmalloc_double_kzfree+0xa9/0x350 [ 17.851536] kunit_try_run_case+0x1a5/0x480 [ 17.851926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.852922] kthread+0x337/0x6f0 [ 17.853453] ret_from_fork+0x41/0x80 [ 17.853911] ret_from_fork_asm+0x1a/0x30 [ 17.854333] [ 17.854545] Freed by task 213: [ 17.855051] kasan_save_stack+0x45/0x70 [ 17.855449] kasan_save_track+0x18/0x40 [ 17.856265] kasan_save_free_info+0x3f/0x60 [ 17.856890] __kasan_slab_free+0x56/0x70 [ 17.857287] kfree+0x222/0x3f0 [ 17.857674] kfree_sensitive+0x67/0x90 [ 17.858054] kmalloc_double_kzfree+0x12b/0x350 [ 17.858505] kunit_try_run_case+0x1a5/0x480 [ 17.858948] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.859414] kthread+0x337/0x6f0 [ 17.860282] ret_from_fork+0x41/0x80 [ 17.860806] ret_from_fork_asm+0x1a/0x30 [ 17.861154] [ 17.861387] The buggy address belongs to the object at ffff888102175280 [ 17.861387] which belongs to the cache kmalloc-16 of size 16 [ 17.862579] The buggy address is located 0 bytes inside of [ 17.862579] 16-byte region [ffff888102175280, ffff888102175290) [ 17.863548] [ 17.864362] The buggy address belongs to the physical page: [ 17.864950] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102175 [ 17.865877] flags: 0x200000000000000(node=0|zone=2) [ 17.866315] page_type: f5(slab) [ 17.866832] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.867510] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.868488] page dumped because: kasan: bad access detected [ 17.869128] [ 17.869382] Memory state around the buggy address: [ 17.869854] ffff888102175180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 17.870418] ffff888102175200: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.870981] >ffff888102175280: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.871574] ^ [ 17.872418] ffff888102175300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.873098] ffff888102175380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.874145] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 17.770626] ================================================================== [ 17.772118] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 17.772972] Read of size 1 at addr ffff888102175280 by task kunit_try_catch/213 [ 17.773559] [ 17.773859] CPU: 1 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.773978] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.774013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.774067] Call Trace: [ 17.774107] <TASK> [ 17.774155] dump_stack_lvl+0x73/0xb0 [ 17.774236] print_report+0xd1/0x650 [ 17.774313] ? __virt_addr_valid+0x1db/0x2d0 [ 17.774388] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.774458] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.774533] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.774601] kasan_report+0x141/0x180 [ 17.775017] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.775054] ? kmalloc_double_kzfree+0x19c/0x350 [ 17.775085] __kasan_check_byte+0x3d/0x50 [ 17.775119] kfree_sensitive+0x22/0x90 [ 17.775156] kmalloc_double_kzfree+0x19c/0x350 [ 17.775185] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 17.775239] ? __schedule+0x10cc/0x2b60 [ 17.775289] ? __pfx_read_tsc+0x10/0x10 [ 17.775322] ? ktime_get_ts64+0x86/0x230 [ 17.775359] kunit_try_run_case+0x1a5/0x480 [ 17.775397] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.775431] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.775467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.775502] ? __kthread_parkme+0x82/0x180 [ 17.775535] ? preempt_count_sub+0x50/0x80 [ 17.775570] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.775666] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.775750] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.775787] kthread+0x337/0x6f0 [ 17.775814] ? trace_preempt_on+0x20/0xc0 [ 17.775848] ? __pfx_kthread+0x10/0x10 [ 17.775872] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.775902] ? calculate_sigpending+0x7b/0xa0 [ 17.775932] ? __pfx_kthread+0x10/0x10 [ 17.775956] ret_from_fork+0x41/0x80 [ 17.775986] ? __pfx_kthread+0x10/0x10 [ 17.776011] ret_from_fork_asm+0x1a/0x30 [ 17.776053] </TASK> [ 17.776067] [ 17.793262] Allocated by task 213: [ 17.793842] kasan_save_stack+0x45/0x70 [ 17.794275] kasan_save_track+0x18/0x40 [ 17.794881] kasan_save_alloc_info+0x3b/0x50 [ 17.795376] __kasan_kmalloc+0xb7/0xc0 [ 17.795932] __kmalloc_cache_noprof+0x189/0x420 [ 17.796399] kmalloc_double_kzfree+0xa9/0x350 [ 17.797118] kunit_try_run_case+0x1a5/0x480 [ 17.797574] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.798279] kthread+0x337/0x6f0 [ 17.798785] ret_from_fork+0x41/0x80 [ 17.799204] ret_from_fork_asm+0x1a/0x30 [ 17.799576] [ 17.799836] Freed by task 213: [ 17.800135] kasan_save_stack+0x45/0x70 [ 17.800533] kasan_save_track+0x18/0x40 [ 17.801196] kasan_save_free_info+0x3f/0x60 [ 17.801810] __kasan_slab_free+0x56/0x70 [ 17.802130] kfree+0x222/0x3f0 [ 17.802446] kfree_sensitive+0x67/0x90 [ 17.803005] kmalloc_double_kzfree+0x12b/0x350 [ 17.803499] kunit_try_run_case+0x1a5/0x480 [ 17.804070] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.804586] kthread+0x337/0x6f0 [ 17.805274] ret_from_fork+0x41/0x80 [ 17.805822] ret_from_fork_asm+0x1a/0x30 [ 17.806286] [ 17.806518] The buggy address belongs to the object at ffff888102175280 [ 17.806518] which belongs to the cache kmalloc-16 of size 16 [ 17.807439] The buggy address is located 0 bytes inside of [ 17.807439] freed 16-byte region [ffff888102175280, ffff888102175290) [ 17.808378] [ 17.808562] The buggy address belongs to the physical page: [ 17.809438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102175 [ 17.810300] flags: 0x200000000000000(node=0|zone=2) [ 17.810822] page_type: f5(slab) [ 17.811113] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.811802] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.812471] page dumped because: kasan: bad access detected [ 17.813440] [ 17.813658] Memory state around the buggy address: [ 17.814149] ffff888102175180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 17.814881] ffff888102175200: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 17.815392] >ffff888102175280: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.816132] ^ [ 17.816528] ffff888102175300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.817554] ffff888102175380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.818184] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 17.716499] ================================================================== [ 17.717502] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 17.718160] Read of size 1 at addr ffff888102a167a8 by task kunit_try_catch/209 [ 17.719335] [ 17.719559] CPU: 0 UID: 0 PID: 209 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.719776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.719865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.719948] Call Trace: [ 17.719991] <TASK> [ 17.720036] dump_stack_lvl+0x73/0xb0 [ 17.720110] print_report+0xd1/0x650 [ 17.720186] ? __virt_addr_valid+0x1db/0x2d0 [ 17.720378] ? kmalloc_uaf2+0x4a8/0x520 [ 17.720483] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.720546] ? kmalloc_uaf2+0x4a8/0x520 [ 17.720580] kasan_report+0x141/0x180 [ 17.720646] ? kmalloc_uaf2+0x4a8/0x520 [ 17.720728] __asan_report_load1_noabort+0x18/0x20 [ 17.720823] kmalloc_uaf2+0x4a8/0x520 [ 17.720924] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 17.720989] ? finish_task_switch.isra.0+0x153/0x700 [ 17.721041] ? __switch_to+0x5d9/0xf60 [ 17.721071] ? dequeue_task_fair+0x156/0x4e0 [ 17.721106] ? __schedule+0x10cc/0x2b60 [ 17.721139] ? __pfx_read_tsc+0x10/0x10 [ 17.721166] ? ktime_get_ts64+0x86/0x230 [ 17.721200] kunit_try_run_case+0x1a5/0x480 [ 17.721278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.721317] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.721353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.721386] ? __kthread_parkme+0x82/0x180 [ 17.721416] ? preempt_count_sub+0x50/0x80 [ 17.721450] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.721483] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.721515] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.721548] kthread+0x337/0x6f0 [ 17.721570] ? trace_preempt_on+0x20/0xc0 [ 17.721625] ? __pfx_kthread+0x10/0x10 [ 17.721653] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.721683] ? calculate_sigpending+0x7b/0xa0 [ 17.721712] ? __pfx_kthread+0x10/0x10 [ 17.721735] ret_from_fork+0x41/0x80 [ 17.721774] ? __pfx_kthread+0x10/0x10 [ 17.721799] ret_from_fork_asm+0x1a/0x30 [ 17.721840] </TASK> [ 17.721855] [ 17.738703] Allocated by task 209: [ 17.739080] kasan_save_stack+0x45/0x70 [ 17.739573] kasan_save_track+0x18/0x40 [ 17.739940] kasan_save_alloc_info+0x3b/0x50 [ 17.740429] __kasan_kmalloc+0xb7/0xc0 [ 17.740770] __kmalloc_cache_noprof+0x189/0x420 [ 17.741239] kmalloc_uaf2+0xc6/0x520 [ 17.741645] kunit_try_run_case+0x1a5/0x480 [ 17.742049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.742469] kthread+0x337/0x6f0 [ 17.742768] ret_from_fork+0x41/0x80 [ 17.743166] ret_from_fork_asm+0x1a/0x30 [ 17.743592] [ 17.743872] Freed by task 209: [ 17.744258] kasan_save_stack+0x45/0x70 [ 17.744684] kasan_save_track+0x18/0x40 [ 17.745102] kasan_save_free_info+0x3f/0x60 [ 17.745493] __kasan_slab_free+0x56/0x70 [ 17.745913] kfree+0x222/0x3f0 [ 17.746296] kmalloc_uaf2+0x14c/0x520 [ 17.746721] kunit_try_run_case+0x1a5/0x480 [ 17.747136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.747629] kthread+0x337/0x6f0 [ 17.747986] ret_from_fork+0x41/0x80 [ 17.748363] ret_from_fork_asm+0x1a/0x30 [ 17.748710] [ 17.748939] The buggy address belongs to the object at ffff888102a16780 [ 17.748939] which belongs to the cache kmalloc-64 of size 64 [ 17.749875] The buggy address is located 40 bytes inside of [ 17.749875] freed 64-byte region [ffff888102a16780, ffff888102a167c0) [ 17.750766] [ 17.750999] The buggy address belongs to the physical page: [ 17.751539] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 17.752280] flags: 0x200000000000000(node=0|zone=2) [ 17.752701] page_type: f5(slab) [ 17.753052] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.753651] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.754118] page dumped because: kasan: bad access detected [ 17.754703] [ 17.754925] Memory state around the buggy address: [ 17.755436] ffff888102a16680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.756051] ffff888102a16700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.756673] >ffff888102a16780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.757266] ^ [ 17.757590] ffff888102a16800: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 17.758260] ffff888102a16880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.758872] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 58.250896] ================================================================== [ 58.251627] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 58.251627] [ 58.252303] Use-after-free read at 0x(____ptrval____) (in kfence-#188): [ 58.252868] test_krealloc+0x6fc/0xbe0 [ 58.253250] kunit_try_run_case+0x1a5/0x480 [ 58.253702] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.254178] kthread+0x337/0x6f0 [ 58.254523] ret_from_fork+0x41/0x80 [ 58.254943] ret_from_fork_asm+0x1a/0x30 [ 58.255774] [ 58.256002] kfence-#188: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 58.256002] [ 58.256663] allocated by task 358 on cpu 0 at 58.250027s (0.006630s ago): [ 58.257132] test_alloc+0x364/0x10f0 [ 58.257725] test_krealloc+0xad/0xbe0 [ 58.258626] kunit_try_run_case+0x1a5/0x480 [ 58.259026] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.259559] kthread+0x337/0x6f0 [ 58.259883] ret_from_fork+0x41/0x80 [ 58.260359] ret_from_fork_asm+0x1a/0x30 [ 58.260790] [ 58.261005] freed by task 358 on cpu 0 at 58.250325s (0.010675s ago): [ 58.261561] krealloc_noprof+0x108/0x340 [ 58.261999] test_krealloc+0x226/0xbe0 [ 58.262424] kunit_try_run_case+0x1a5/0x480 [ 58.262807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.263353] kthread+0x337/0x6f0 [ 58.263748] ret_from_fork+0x41/0x80 [ 58.264080] ret_from_fork_asm+0x1a/0x30 [ 58.264555] [ 58.264850] CPU: 0 UID: 0 PID: 358 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 58.265683] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.266103] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.266860] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 58.166117] ================================================================== [ 58.166777] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.166777] [ 58.167564] Use-after-free read at 0x(____ptrval____) (in kfence-#187): [ 58.168224] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 58.168811] kunit_try_run_case+0x1a5/0x480 [ 58.169529] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.170438] kthread+0x337/0x6f0 [ 58.170885] ret_from_fork+0x41/0x80 [ 58.171301] ret_from_fork_asm+0x1a/0x30 [ 58.171742] [ 58.171985] kfence-#187: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 58.171985] [ 58.172799] allocated by task 356 on cpu 1 at 58.146092s (0.026701s ago): [ 58.173497] test_alloc+0x2a6/0x10f0 [ 58.173914] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 58.174358] kunit_try_run_case+0x1a5/0x480 [ 58.174872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.175418] kthread+0x337/0x6f0 [ 58.175789] ret_from_fork+0x41/0x80 [ 58.176276] ret_from_fork_asm+0x1a/0x30 [ 58.176682] [ 58.176927] freed by task 356 on cpu 1 at 58.146225s (0.030696s ago): [ 58.177528] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 58.178085] kunit_try_run_case+0x1a5/0x480 [ 58.178621] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 58.179168] kthread+0x337/0x6f0 [ 58.179601] ret_from_fork+0x41/0x80 [ 58.180010] ret_from_fork_asm+0x1a/0x30 [ 58.180512] [ 58.180836] CPU: 1 UID: 0 PID: 356 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 58.181684] Tainted: [B]=BAD_PAGE, [N]=TEST [ 58.182124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 58.182889] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 17.660233] ================================================================== [ 17.661099] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 17.662425] Write of size 33 at addr ffff888102a16700 by task kunit_try_catch/207 [ 17.663031] [ 17.663301] CPU: 0 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.663425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.663460] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.663512] Call Trace: [ 17.663552] <TASK> [ 17.663593] dump_stack_lvl+0x73/0xb0 [ 17.663687] print_report+0xd1/0x650 [ 17.663761] ? __virt_addr_valid+0x1db/0x2d0 [ 17.663837] ? kmalloc_uaf_memset+0x1a3/0x360 [ 17.663908] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.663984] ? kmalloc_uaf_memset+0x1a3/0x360 [ 17.664058] kasan_report+0x141/0x180 [ 17.664134] ? kmalloc_uaf_memset+0x1a3/0x360 [ 17.664220] kasan_check_range+0x10c/0x1c0 [ 17.664294] __asan_memset+0x27/0x50 [ 17.664360] kmalloc_uaf_memset+0x1a3/0x360 [ 17.664428] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 17.664617] ? __schedule+0x10cc/0x2b60 [ 17.664706] ? __pfx_read_tsc+0x10/0x10 [ 17.664754] ? ktime_get_ts64+0x86/0x230 [ 17.664794] kunit_try_run_case+0x1a5/0x480 [ 17.664831] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.664865] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.664898] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.664931] ? __kthread_parkme+0x82/0x180 [ 17.664961] ? preempt_count_sub+0x50/0x80 [ 17.664995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.665028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.665060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.665091] kthread+0x337/0x6f0 [ 17.665113] ? trace_preempt_on+0x20/0xc0 [ 17.665146] ? __pfx_kthread+0x10/0x10 [ 17.665169] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.665198] ? calculate_sigpending+0x7b/0xa0 [ 17.665260] ? __pfx_kthread+0x10/0x10 [ 17.665290] ret_from_fork+0x41/0x80 [ 17.665322] ? __pfx_kthread+0x10/0x10 [ 17.665345] ret_from_fork_asm+0x1a/0x30 [ 17.665386] </TASK> [ 17.665400] [ 17.683903] Allocated by task 207: [ 17.684339] kasan_save_stack+0x45/0x70 [ 17.684875] kasan_save_track+0x18/0x40 [ 17.685243] kasan_save_alloc_info+0x3b/0x50 [ 17.686106] __kasan_kmalloc+0xb7/0xc0 [ 17.686512] __kmalloc_cache_noprof+0x189/0x420 [ 17.687124] kmalloc_uaf_memset+0xa9/0x360 [ 17.687584] kunit_try_run_case+0x1a5/0x480 [ 17.688191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.688840] kthread+0x337/0x6f0 [ 17.689122] ret_from_fork+0x41/0x80 [ 17.689554] ret_from_fork_asm+0x1a/0x30 [ 17.690099] [ 17.690330] Freed by task 207: [ 17.690695] kasan_save_stack+0x45/0x70 [ 17.691097] kasan_save_track+0x18/0x40 [ 17.691988] kasan_save_free_info+0x3f/0x60 [ 17.692424] __kasan_slab_free+0x56/0x70 [ 17.692974] kfree+0x222/0x3f0 [ 17.693392] kmalloc_uaf_memset+0x12b/0x360 [ 17.693952] kunit_try_run_case+0x1a5/0x480 [ 17.694380] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.694958] kthread+0x337/0x6f0 [ 17.695342] ret_from_fork+0x41/0x80 [ 17.696102] ret_from_fork_asm+0x1a/0x30 [ 17.696514] [ 17.696908] The buggy address belongs to the object at ffff888102a16700 [ 17.696908] which belongs to the cache kmalloc-64 of size 64 [ 17.697873] The buggy address is located 0 bytes inside of [ 17.697873] freed 64-byte region [ffff888102a16700, ffff888102a16740) [ 17.698779] [ 17.699011] The buggy address belongs to the physical page: [ 17.699506] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 17.700143] flags: 0x200000000000000(node=0|zone=2) [ 17.700802] page_type: f5(slab) [ 17.701182] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.703113] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.703552] page dumped because: kasan: bad access detected [ 17.704453] [ 17.704711] Memory state around the buggy address: [ 17.705118] ffff888102a16600: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.705812] ffff888102a16680: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.706921] >ffff888102a16700: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.707894] ^ [ 17.708299] ffff888102a16780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.708912] ffff888102a16800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.709494] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 33.828297] ================================================================== [ 33.829273] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 33.829273] [ 33.830261] Invalid read at 0x(____ptrval____): [ 33.831474] test_invalid_access+0xf0/0x210 [ 33.832638] kunit_try_run_case+0x1a5/0x480 [ 33.833109] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.833572] kthread+0x337/0x6f0 [ 33.834244] ret_from_fork+0x41/0x80 [ 33.834586] ret_from_fork_asm+0x1a/0x30 [ 33.835142] [ 33.835435] CPU: 0 UID: 0 PID: 352 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 33.836761] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.837409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.838489] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 33.602528] ================================================================== [ 33.603144] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.603144] [ 33.603921] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#183): [ 33.605100] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.605645] kunit_try_run_case+0x1a5/0x480 [ 33.606042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.606806] kthread+0x337/0x6f0 [ 33.607252] ret_from_fork+0x41/0x80 [ 33.607613] ret_from_fork_asm+0x1a/0x30 [ 33.608046] [ 33.608285] kfence-#183: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 33.608285] [ 33.608896] allocated by task 346 on cpu 1 at 33.602189s (0.006701s ago): [ 33.609542] test_alloc+0x364/0x10f0 [ 33.610115] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 33.610646] kunit_try_run_case+0x1a5/0x480 [ 33.610979] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.611697] kthread+0x337/0x6f0 [ 33.612080] ret_from_fork+0x41/0x80 [ 33.612650] ret_from_fork_asm+0x1a/0x30 [ 33.612987] [ 33.613259] freed by task 346 on cpu 1 at 33.602393s (0.010860s ago): [ 33.614056] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 33.614580] kunit_try_run_case+0x1a5/0x480 [ 33.614935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.615652] kthread+0x337/0x6f0 [ 33.616094] ret_from_fork+0x41/0x80 [ 33.616712] ret_from_fork_asm+0x1a/0x30 [ 33.617108] [ 33.617341] CPU: 1 UID: 0 PID: 346 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 33.618315] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.619030] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.619799] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 33.498462] ================================================================== [ 33.499138] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 33.499138] [ 33.499948] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#182): [ 33.501312] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 33.501969] kunit_try_run_case+0x1a5/0x480 [ 33.502439] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.502945] kthread+0x337/0x6f0 [ 33.503409] ret_from_fork+0x41/0x80 [ 33.503783] ret_from_fork_asm+0x1a/0x30 [ 33.504317] [ 33.504545] kfence-#182: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 33.504545] [ 33.505373] allocated by task 344 on cpu 1 at 33.498161s (0.007206s ago): [ 33.506037] test_alloc+0x364/0x10f0 [ 33.506534] test_kmalloc_aligned_oob_read+0x105/0x560 [ 33.506964] kunit_try_run_case+0x1a5/0x480 [ 33.507535] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 33.508073] kthread+0x337/0x6f0 [ 33.508470] ret_from_fork+0x41/0x80 [ 33.508925] ret_from_fork_asm+0x1a/0x30 [ 33.509400] [ 33.509735] CPU: 1 UID: 0 PID: 344 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 33.510691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 33.511093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 33.511907] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 27.362510] ================================================================== [ 27.363250] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 27.363250] [ 27.363997] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#123): [ 27.365514] test_corruption+0x2d2/0x3e0 [ 27.365882] kunit_try_run_case+0x1a5/0x480 [ 27.366228] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.366628] kthread+0x337/0x6f0 [ 27.366929] ret_from_fork+0x41/0x80 [ 27.367416] ret_from_fork_asm+0x1a/0x30 [ 27.367831] [ 27.368053] kfence-#123: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.368053] [ 27.368873] allocated by task 332 on cpu 1 at 27.362155s (0.006712s ago): [ 27.369378] test_alloc+0x364/0x10f0 [ 27.369900] test_corruption+0xe6/0x3e0 [ 27.370383] kunit_try_run_case+0x1a5/0x480 [ 27.371698] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.372181] kthread+0x337/0x6f0 [ 27.372659] ret_from_fork+0x41/0x80 [ 27.372986] ret_from_fork_asm+0x1a/0x30 [ 27.373403] [ 27.373688] freed by task 332 on cpu 1 at 27.362294s (0.011389s ago): [ 27.374368] test_corruption+0x2d2/0x3e0 [ 27.374842] kunit_try_run_case+0x1a5/0x480 [ 27.375293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.375817] kthread+0x337/0x6f0 [ 27.376184] ret_from_fork+0x41/0x80 [ 27.376582] ret_from_fork_asm+0x1a/0x30 [ 27.376971] [ 27.377256] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 27.378128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.378450] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.379057] ================================================================== [ 28.194349] ================================================================== [ 28.194952] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 28.194952] [ 28.195658] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#131): [ 28.196274] test_corruption+0x216/0x3e0 [ 28.196836] kunit_try_run_case+0x1a5/0x480 [ 28.197298] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.197837] kthread+0x337/0x6f0 [ 28.198191] ret_from_fork+0x41/0x80 [ 28.198556] ret_from_fork_asm+0x1a/0x30 [ 28.199005] [ 28.199252] kfence-#131: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 28.199252] [ 28.199862] allocated by task 334 on cpu 0 at 28.194141s (0.005715s ago): [ 28.200467] test_alloc+0x2a6/0x10f0 [ 28.200921] test_corruption+0x1cb/0x3e0 [ 28.201364] kunit_try_run_case+0x1a5/0x480 [ 28.201952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.202535] kthread+0x337/0x6f0 [ 28.202849] ret_from_fork+0x41/0x80 [ 28.203252] ret_from_fork_asm+0x1a/0x30 [ 28.203693] [ 28.203934] freed by task 334 on cpu 0 at 28.194212s (0.009716s ago): [ 28.204564] test_corruption+0x216/0x3e0 [ 28.204974] kunit_try_run_case+0x1a5/0x480 [ 28.205448] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 28.205961] kthread+0x337/0x6f0 [ 28.206340] ret_from_fork+0x41/0x80 [ 28.206805] ret_from_fork_asm+0x1a/0x30 [ 28.207206] [ 28.207474] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 28.208389] Tainted: [B]=BAD_PAGE, [N]=TEST [ 28.208823] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 28.209398] ================================================================== [ 27.882364] ================================================================== [ 27.883083] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 27.883083] [ 27.884171] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#128): [ 27.885512] test_corruption+0x131/0x3e0 [ 27.885910] kunit_try_run_case+0x1a5/0x480 [ 27.886250] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.886835] kthread+0x337/0x6f0 [ 27.887299] ret_from_fork+0x41/0x80 [ 27.887791] ret_from_fork_asm+0x1a/0x30 [ 27.888269] [ 27.888497] kfence-#128: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 27.888497] [ 27.889274] allocated by task 334 on cpu 0 at 27.882140s (0.007128s ago): [ 27.889973] test_alloc+0x2a6/0x10f0 [ 27.890488] test_corruption+0xe6/0x3e0 [ 27.890871] kunit_try_run_case+0x1a5/0x480 [ 27.891409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.891923] kthread+0x337/0x6f0 [ 27.892385] ret_from_fork+0x41/0x80 [ 27.892800] ret_from_fork_asm+0x1a/0x30 [ 27.893338] [ 27.893618] freed by task 334 on cpu 0 at 27.882234s (0.011378s ago): [ 27.894106] test_corruption+0x131/0x3e0 [ 27.894661] kunit_try_run_case+0x1a5/0x480 [ 27.895106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.895684] kthread+0x337/0x6f0 [ 27.896091] ret_from_fork+0x41/0x80 [ 27.896516] ret_from_fork_asm+0x1a/0x30 [ 27.897016] [ 27.897348] CPU: 0 UID: 0 PID: 334 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 27.898310] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.898718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.899619] ================================================================== [ 27.466485] ================================================================== [ 27.467096] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 27.467096] [ 27.467832] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#124): [ 27.468581] test_corruption+0x2df/0x3e0 [ 27.468982] kunit_try_run_case+0x1a5/0x480 [ 27.469488] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.469966] kthread+0x337/0x6f0 [ 27.470369] ret_from_fork+0x41/0x80 [ 27.470821] ret_from_fork_asm+0x1a/0x30 [ 27.471184] [ 27.471427] kfence-#124: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 27.471427] [ 27.472161] allocated by task 332 on cpu 1 at 27.466151s (0.006005s ago): [ 27.472822] test_alloc+0x364/0x10f0 [ 27.473265] test_corruption+0x1cb/0x3e0 [ 27.473677] kunit_try_run_case+0x1a5/0x480 [ 27.474089] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.474562] kthread+0x337/0x6f0 [ 27.474926] ret_from_fork+0x41/0x80 [ 27.475380] ret_from_fork_asm+0x1a/0x30 [ 27.475828] [ 27.476068] freed by task 332 on cpu 1 at 27.466275s (0.009787s ago): [ 27.476702] test_corruption+0x2df/0x3e0 [ 27.477022] kunit_try_run_case+0x1a5/0x480 [ 27.477547] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 27.478092] kthread+0x337/0x6f0 [ 27.478465] ret_from_fork+0x41/0x80 [ 27.478904] ret_from_fork_asm+0x1a/0x30 [ 27.479266] [ 27.479497] CPU: 1 UID: 0 PID: 332 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 27.480463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 27.480906] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 27.481544] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 26.530361] ================================================================== [ 26.531063] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 26.531063] [ 26.531767] Invalid free of 0x(____ptrval____) (in kfence-#115): [ 26.532216] test_invalid_addr_free+0x1e1/0x260 [ 26.532902] kunit_try_run_case+0x1a5/0x480 [ 26.533267] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.533856] kthread+0x337/0x6f0 [ 26.534145] ret_from_fork+0x41/0x80 [ 26.534492] ret_from_fork_asm+0x1a/0x30 [ 26.534931] [ 26.535265] kfence-#115: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.535265] [ 26.536016] allocated by task 328 on cpu 0 at 26.530164s (0.005846s ago): [ 26.536808] test_alloc+0x364/0x10f0 [ 26.537298] test_invalid_addr_free+0xdb/0x260 [ 26.537672] kunit_try_run_case+0x1a5/0x480 [ 26.538053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.538739] kthread+0x337/0x6f0 [ 26.539115] ret_from_fork+0x41/0x80 [ 26.539426] ret_from_fork_asm+0x1a/0x30 [ 26.539808] [ 26.540097] CPU: 0 UID: 0 PID: 328 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 26.541077] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.541640] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.542297] ================================================================== [ 26.634164] ================================================================== [ 26.634785] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 26.634785] [ 26.635377] Invalid free of 0x(____ptrval____) (in kfence-#116): [ 26.635934] test_invalid_addr_free+0xfb/0x260 [ 26.636332] kunit_try_run_case+0x1a5/0x480 [ 26.636963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.638020] kthread+0x337/0x6f0 [ 26.638786] ret_from_fork+0x41/0x80 [ 26.639574] ret_from_fork_asm+0x1a/0x30 [ 26.640052] [ 26.640276] kfence-#116: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.640276] [ 26.641095] allocated by task 330 on cpu 0 at 26.634053s (0.007036s ago): [ 26.641974] test_alloc+0x2a6/0x10f0 [ 26.642499] test_invalid_addr_free+0xdb/0x260 [ 26.642923] kunit_try_run_case+0x1a5/0x480 [ 26.643729] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.644222] kthread+0x337/0x6f0 [ 26.644707] ret_from_fork+0x41/0x80 [ 26.645073] ret_from_fork_asm+0x1a/0x30 [ 26.645530] [ 26.645835] CPU: 0 UID: 0 PID: 330 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 26.646687] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.647037] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.647755] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 26.322494] ================================================================== [ 26.323020] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 26.323020] [ 26.324292] Invalid free of 0x(____ptrval____) (in kfence-#113): [ 26.324769] test_double_free+0x1d3/0x260 [ 26.325162] kunit_try_run_case+0x1a5/0x480 [ 26.325536] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.326079] kthread+0x337/0x6f0 [ 26.326477] ret_from_fork+0x41/0x80 [ 26.326871] ret_from_fork_asm+0x1a/0x30 [ 26.327328] [ 26.327532] kfence-#113: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 26.327532] [ 26.328381] allocated by task 324 on cpu 0 at 26.322156s (0.006218s ago): [ 26.328888] test_alloc+0x364/0x10f0 [ 26.329344] test_double_free+0xdb/0x260 [ 26.329774] kunit_try_run_case+0x1a5/0x480 [ 26.330106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.330662] kthread+0x337/0x6f0 [ 26.331032] ret_from_fork+0x41/0x80 [ 26.331478] ret_from_fork_asm+0x1a/0x30 [ 26.331879] [ 26.332111] freed by task 324 on cpu 0 at 26.322242s (0.009863s ago): [ 26.332738] test_double_free+0x1e0/0x260 [ 26.333166] kunit_try_run_case+0x1a5/0x480 [ 26.333567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.334086] kthread+0x337/0x6f0 [ 26.334505] ret_from_fork+0x41/0x80 [ 26.334887] ret_from_fork_asm+0x1a/0x30 [ 26.335256] [ 26.335499] CPU: 0 UID: 0 PID: 324 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 26.336530] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.336916] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.337694] ================================================================== [ 26.426365] ================================================================== [ 26.427005] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 26.427005] [ 26.427663] Invalid free of 0x(____ptrval____) (in kfence-#114): [ 26.428074] test_double_free+0x112/0x260 [ 26.428647] kunit_try_run_case+0x1a5/0x480 [ 26.429021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.429584] kthread+0x337/0x6f0 [ 26.429953] ret_from_fork+0x41/0x80 [ 26.430347] ret_from_fork_asm+0x1a/0x30 [ 26.430756] [ 26.430985] kfence-#114: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.430985] [ 26.431718] allocated by task 326 on cpu 1 at 26.426068s (0.005644s ago): [ 26.432337] test_alloc+0x2a6/0x10f0 [ 26.432708] test_double_free+0xdb/0x260 [ 26.433146] kunit_try_run_case+0x1a5/0x480 [ 26.433498] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.433959] kthread+0x337/0x6f0 [ 26.434364] ret_from_fork+0x41/0x80 [ 26.434794] ret_from_fork_asm+0x1a/0x30 [ 26.435176] [ 26.435430] freed by task 326 on cpu 1 at 26.426144s (0.009280s ago): [ 26.436012] test_double_free+0xfa/0x260 [ 26.436451] kunit_try_run_case+0x1a5/0x480 [ 26.436834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.437256] kthread+0x337/0x6f0 [ 26.437636] ret_from_fork+0x41/0x80 [ 26.438055] ret_from_fork_asm+0x1a/0x30 [ 26.438624] [ 26.438895] CPU: 1 UID: 0 PID: 326 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 26.439896] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.440273] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.440854] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 17.606020] ================================================================== [ 17.606979] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 17.607744] Read of size 1 at addr ffff8881025ebc48 by task kunit_try_catch/205 [ 17.608371] [ 17.608901] CPU: 0 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.609029] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.609099] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.609162] Call Trace: [ 17.609233] <TASK> [ 17.609282] dump_stack_lvl+0x73/0xb0 [ 17.609360] print_report+0xd1/0x650 [ 17.609430] ? __virt_addr_valid+0x1db/0x2d0 [ 17.609502] ? kmalloc_uaf+0x320/0x380 [ 17.609568] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.609740] ? kmalloc_uaf+0x320/0x380 [ 17.609826] kasan_report+0x141/0x180 [ 17.609899] ? kmalloc_uaf+0x320/0x380 [ 17.609953] __asan_report_load1_noabort+0x18/0x20 [ 17.609985] kmalloc_uaf+0x320/0x380 [ 17.610017] ? __pfx_kmalloc_uaf+0x10/0x10 [ 17.610051] ? __pfx_kmalloc_uaf+0x10/0x10 [ 17.610089] kunit_try_run_case+0x1a5/0x480 [ 17.610129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.610163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.610200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.610262] ? __kthread_parkme+0x82/0x180 [ 17.610299] ? preempt_count_sub+0x50/0x80 [ 17.610338] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.610373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.610406] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.610440] kthread+0x337/0x6f0 [ 17.610462] ? trace_preempt_on+0x20/0xc0 [ 17.610497] ? __pfx_kthread+0x10/0x10 [ 17.610522] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.610553] ? calculate_sigpending+0x7b/0xa0 [ 17.610585] ? __pfx_kthread+0x10/0x10 [ 17.610665] ret_from_fork+0x41/0x80 [ 17.610705] ? __pfx_kthread+0x10/0x10 [ 17.610731] ret_from_fork_asm+0x1a/0x30 [ 17.610776] </TASK> [ 17.610793] [ 17.627537] Allocated by task 205: [ 17.627966] kasan_save_stack+0x45/0x70 [ 17.628409] kasan_save_track+0x18/0x40 [ 17.629204] kasan_save_alloc_info+0x3b/0x50 [ 17.629880] __kasan_kmalloc+0xb7/0xc0 [ 17.630330] __kmalloc_cache_noprof+0x189/0x420 [ 17.630904] kmalloc_uaf+0xaa/0x380 [ 17.631365] kunit_try_run_case+0x1a5/0x480 [ 17.631977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.632430] kthread+0x337/0x6f0 [ 17.632953] ret_from_fork+0x41/0x80 [ 17.633412] ret_from_fork_asm+0x1a/0x30 [ 17.634273] [ 17.634513] Freed by task 205: [ 17.634922] kasan_save_stack+0x45/0x70 [ 17.635432] kasan_save_track+0x18/0x40 [ 17.635968] kasan_save_free_info+0x3f/0x60 [ 17.636482] __kasan_slab_free+0x56/0x70 [ 17.636900] kfree+0x222/0x3f0 [ 17.637451] kmalloc_uaf+0x12c/0x380 [ 17.637976] kunit_try_run_case+0x1a5/0x480 [ 17.638512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.639429] kthread+0x337/0x6f0 [ 17.639902] ret_from_fork+0x41/0x80 [ 17.640473] ret_from_fork_asm+0x1a/0x30 [ 17.641083] [ 17.641330] The buggy address belongs to the object at ffff8881025ebc40 [ 17.641330] which belongs to the cache kmalloc-16 of size 16 [ 17.642455] The buggy address is located 8 bytes inside of [ 17.642455] freed 16-byte region [ffff8881025ebc40, ffff8881025ebc50) [ 17.643564] [ 17.644276] The buggy address belongs to the physical page: [ 17.644788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 17.645736] flags: 0x200000000000000(node=0|zone=2) [ 17.646200] page_type: f5(slab) [ 17.646749] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.647414] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.648162] page dumped because: kasan: bad access detected [ 17.648898] [ 17.649164] Memory state around the buggy address: [ 17.649887] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.650506] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.651259] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc fc fc fc fc [ 17.651984] ^ [ 17.652194] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.652766] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.653442] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 17.550927] ================================================================== [ 17.551840] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 17.552475] Read of size 64 at addr ffff88810a077884 by task kunit_try_catch/203 [ 17.553078] [ 17.553311] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.553434] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.553468] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.553520] Call Trace: [ 17.553551] <TASK> [ 17.553589] dump_stack_lvl+0x73/0xb0 [ 17.553676] print_report+0xd1/0x650 [ 17.553767] ? __virt_addr_valid+0x1db/0x2d0 [ 17.554466] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 17.554548] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.554664] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 17.554745] kasan_report+0x141/0x180 [ 17.554825] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 17.554903] kasan_check_range+0x10c/0x1c0 [ 17.554979] __asan_memmove+0x27/0x70 [ 17.555050] kmalloc_memmove_invalid_size+0x16f/0x330 [ 17.555118] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 17.555169] ? __schedule+0x10cc/0x2b60 [ 17.555204] ? __pfx_read_tsc+0x10/0x10 [ 17.555287] ? ktime_get_ts64+0x86/0x230 [ 17.555376] kunit_try_run_case+0x1a5/0x480 [ 17.555454] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.555521] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.555571] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.555661] ? __kthread_parkme+0x82/0x180 [ 17.555744] ? preempt_count_sub+0x50/0x80 [ 17.555814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.555855] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.555889] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.555924] kthread+0x337/0x6f0 [ 17.555948] ? trace_preempt_on+0x20/0xc0 [ 17.555981] ? __pfx_kthread+0x10/0x10 [ 17.556005] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.556038] ? calculate_sigpending+0x7b/0xa0 [ 17.556069] ? __pfx_kthread+0x10/0x10 [ 17.556094] ret_from_fork+0x41/0x80 [ 17.556124] ? __pfx_kthread+0x10/0x10 [ 17.556149] ret_from_fork_asm+0x1a/0x30 [ 17.556191] </TASK> [ 17.556206] [ 17.576971] Allocated by task 203: [ 17.577351] kasan_save_stack+0x45/0x70 [ 17.578020] kasan_save_track+0x18/0x40 [ 17.578562] kasan_save_alloc_info+0x3b/0x50 [ 17.579441] __kasan_kmalloc+0xb7/0xc0 [ 17.580101] __kmalloc_cache_noprof+0x189/0x420 [ 17.580816] kmalloc_memmove_invalid_size+0xac/0x330 [ 17.581377] kunit_try_run_case+0x1a5/0x480 [ 17.582103] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.582590] kthread+0x337/0x6f0 [ 17.583488] ret_from_fork+0x41/0x80 [ 17.584124] ret_from_fork_asm+0x1a/0x30 [ 17.584849] [ 17.585155] The buggy address belongs to the object at ffff88810a077880 [ 17.585155] which belongs to the cache kmalloc-64 of size 64 [ 17.586382] The buggy address is located 4 bytes inside of [ 17.586382] allocated 64-byte region [ffff88810a077880, ffff88810a0778c0) [ 17.587945] [ 17.588181] The buggy address belongs to the physical page: [ 17.588952] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a077 [ 17.589705] flags: 0x200000000000000(node=0|zone=2) [ 17.590341] page_type: f5(slab) [ 17.591044] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.591942] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.592939] page dumped because: kasan: bad access detected [ 17.593173] [ 17.593318] Memory state around the buggy address: [ 17.593931] ffff88810a077780: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 17.595588] ffff88810a077800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.596500] >ffff88810a077880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.597644] ^ [ 17.597993] ffff88810a077900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.598702] ffff88810a077980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.599275] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 17.500088] ================================================================== [ 17.501349] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 17.502194] Read of size 18446744073709551614 at addr ffff888102a16504 by task kunit_try_catch/201 [ 17.503638] [ 17.503908] CPU: 0 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.504037] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.504074] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.504129] Call Trace: [ 17.504167] <TASK> [ 17.504213] dump_stack_lvl+0x73/0xb0 [ 17.504293] print_report+0xd1/0x650 [ 17.504366] ? __virt_addr_valid+0x1db/0x2d0 [ 17.504445] ? kmalloc_memmove_negative_size+0x171/0x330 [ 17.504509] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.504581] ? kmalloc_memmove_negative_size+0x171/0x330 [ 17.504701] kasan_report+0x141/0x180 [ 17.504782] ? kmalloc_memmove_negative_size+0x171/0x330 [ 17.504850] kasan_check_range+0x10c/0x1c0 [ 17.504880] __asan_memmove+0x27/0x70 [ 17.504909] kmalloc_memmove_negative_size+0x171/0x330 [ 17.504939] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 17.504969] ? __schedule+0x10cc/0x2b60 [ 17.505002] ? __pfx_read_tsc+0x10/0x10 [ 17.505029] ? ktime_get_ts64+0x86/0x230 [ 17.505065] kunit_try_run_case+0x1a5/0x480 [ 17.505101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.505132] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.505165] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.505197] ? __kthread_parkme+0x82/0x180 [ 17.505259] ? preempt_count_sub+0x50/0x80 [ 17.505303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.505338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.505372] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.505405] kthread+0x337/0x6f0 [ 17.505427] ? trace_preempt_on+0x20/0xc0 [ 17.505460] ? __pfx_kthread+0x10/0x10 [ 17.505483] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.505513] ? calculate_sigpending+0x7b/0xa0 [ 17.505542] ? __pfx_kthread+0x10/0x10 [ 17.505565] ret_from_fork+0x41/0x80 [ 17.505594] ? __pfx_kthread+0x10/0x10 [ 17.505670] ret_from_fork_asm+0x1a/0x30 [ 17.505774] </TASK> [ 17.505808] [ 17.525959] Allocated by task 201: [ 17.526384] kasan_save_stack+0x45/0x70 [ 17.526753] kasan_save_track+0x18/0x40 [ 17.527058] kasan_save_alloc_info+0x3b/0x50 [ 17.527379] __kasan_kmalloc+0xb7/0xc0 [ 17.527793] __kmalloc_cache_noprof+0x189/0x420 [ 17.528601] kmalloc_memmove_negative_size+0xac/0x330 [ 17.529493] kunit_try_run_case+0x1a5/0x480 [ 17.530355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.531085] kthread+0x337/0x6f0 [ 17.531357] ret_from_fork+0x41/0x80 [ 17.531894] ret_from_fork_asm+0x1a/0x30 [ 17.532348] [ 17.532582] The buggy address belongs to the object at ffff888102a16500 [ 17.532582] which belongs to the cache kmalloc-64 of size 64 [ 17.533577] The buggy address is located 4 bytes inside of [ 17.533577] 64-byte region [ffff888102a16500, ffff888102a16540) [ 17.534631] [ 17.534846] The buggy address belongs to the physical page: [ 17.535270] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a16 [ 17.535962] flags: 0x200000000000000(node=0|zone=2) [ 17.536411] page_type: f5(slab) [ 17.536984] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 17.537783] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 17.538401] page dumped because: kasan: bad access detected [ 17.538922] [ 17.539143] Memory state around the buggy address: [ 17.539755] ffff888102a16400: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 17.540262] ffff888102a16480: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 17.541045] >ffff888102a16500: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 17.541806] ^ [ 17.542166] ffff888102a16580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.542904] ffff888102a16600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.543454] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 25.906416] ================================================================== [ 25.907139] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 25.907139] [ 25.907895] Use-after-free read at 0x(____ptrval____) (in kfence-#109): [ 25.908533] test_use_after_free_read+0x129/0x270 [ 25.908897] kunit_try_run_case+0x1a5/0x480 [ 25.909330] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.909932] kthread+0x337/0x6f0 [ 25.910400] ret_from_fork+0x41/0x80 [ 25.910801] ret_from_fork_asm+0x1a/0x30 [ 25.911219] [ 25.911409] kfence-#109: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.911409] [ 25.912216] allocated by task 316 on cpu 0 at 25.906101s (0.006110s ago): [ 25.912897] test_alloc+0x364/0x10f0 [ 25.913248] test_use_after_free_read+0xdc/0x270 [ 25.913724] kunit_try_run_case+0x1a5/0x480 [ 25.914058] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.914900] kthread+0x337/0x6f0 [ 25.915242] ret_from_fork+0x41/0x80 [ 25.915645] ret_from_fork_asm+0x1a/0x30 [ 25.916101] [ 25.916582] freed by task 316 on cpu 0 at 25.906212s (0.010210s ago): [ 25.917177] test_use_after_free_read+0x1e7/0x270 [ 25.917662] kunit_try_run_case+0x1a5/0x480 [ 25.918112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.918492] kthread+0x337/0x6f0 [ 25.918869] ret_from_fork+0x41/0x80 [ 25.919497] ret_from_fork_asm+0x1a/0x30 [ 25.919925] [ 25.920199] CPU: 0 UID: 0 PID: 316 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 25.920947] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.921409] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.922157] ================================================================== [ 26.010334] ================================================================== [ 26.010970] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 26.010970] [ 26.011785] Use-after-free read at 0x(____ptrval____) (in kfence-#110): [ 26.012236] test_use_after_free_read+0x129/0x270 [ 26.012775] kunit_try_run_case+0x1a5/0x480 [ 26.013210] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.013847] kthread+0x337/0x6f0 [ 26.014275] ret_from_fork+0x41/0x80 [ 26.014730] ret_from_fork_asm+0x1a/0x30 [ 26.015122] [ 26.015408] kfence-#110: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 26.015408] [ 26.016214] allocated by task 318 on cpu 0 at 26.010145s (0.006063s ago): [ 26.016873] test_alloc+0x2a6/0x10f0 [ 26.017324] test_use_after_free_read+0xdc/0x270 [ 26.017852] kunit_try_run_case+0x1a5/0x480 [ 26.018277] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.018748] kthread+0x337/0x6f0 [ 26.019163] ret_from_fork+0x41/0x80 [ 26.019567] ret_from_fork_asm+0x1a/0x30 [ 26.020049] [ 26.020281] freed by task 318 on cpu 0 at 26.010210s (0.010065s ago): [ 26.020982] test_use_after_free_read+0xfb/0x270 [ 26.021512] kunit_try_run_case+0x1a5/0x480 [ 26.021996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 26.022559] kthread+0x337/0x6f0 [ 26.022949] ret_from_fork+0x41/0x80 [ 26.023436] ret_from_fork_asm+0x1a/0x30 [ 26.023769] [ 26.024052] CPU: 0 UID: 0 PID: 318 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 26.025518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 26.025852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 26.026514] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 25.802156] ================================================================== [ 25.802869] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 25.802869] [ 25.803803] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#108): [ 25.804402] test_out_of_bounds_write+0x10d/0x260 [ 25.804837] kunit_try_run_case+0x1a5/0x480 [ 25.805718] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.806120] kthread+0x337/0x6f0 [ 25.806554] ret_from_fork+0x41/0x80 [ 25.806937] ret_from_fork_asm+0x1a/0x30 [ 25.807420] [ 25.807682] kfence-#108: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.807682] [ 25.808419] allocated by task 314 on cpu 0 at 25.802061s (0.006352s ago): [ 25.808949] test_alloc+0x2a6/0x10f0 [ 25.809391] test_out_of_bounds_write+0xd4/0x260 [ 25.809875] kunit_try_run_case+0x1a5/0x480 [ 25.810340] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.810820] kthread+0x337/0x6f0 [ 25.811129] ret_from_fork+0x41/0x80 [ 25.811572] ret_from_fork_asm+0x1a/0x30 [ 25.812019] [ 25.812295] CPU: 0 UID: 0 PID: 314 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 25.813164] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.813510] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.814175] ================================================================== [ 25.698261] ================================================================== [ 25.698946] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 25.698946] [ 25.699827] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#107): [ 25.700447] test_out_of_bounds_write+0x10d/0x260 [ 25.700933] kunit_try_run_case+0x1a5/0x480 [ 25.701370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.701964] kthread+0x337/0x6f0 [ 25.702337] ret_from_fork+0x41/0x80 [ 25.702770] ret_from_fork_asm+0x1a/0x30 [ 25.703244] [ 25.703481] kfence-#107: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 25.703481] [ 25.704272] allocated by task 312 on cpu 0 at 25.698084s (0.006183s ago): [ 25.705081] test_alloc+0x364/0x10f0 [ 25.705380] test_out_of_bounds_write+0xd4/0x260 [ 25.706061] kunit_try_run_case+0x1a5/0x480 [ 25.706575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.707233] kthread+0x337/0x6f0 [ 25.707534] ret_from_fork+0x41/0x80 [ 25.707871] ret_from_fork_asm+0x1a/0x30 [ 25.708369] [ 25.708790] CPU: 0 UID: 0 PID: 312 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 25.709719] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.710116] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.710911] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 24.866334] ================================================================== [ 24.867083] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 24.867083] [ 24.867843] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#99): [ 24.868665] test_out_of_bounds_read+0x126/0x4e0 [ 24.869556] kunit_try_run_case+0x1a5/0x480 [ 24.869824] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.870025] kthread+0x337/0x6f0 [ 24.870167] ret_from_fork+0x41/0x80 [ 24.870885] ret_from_fork_asm+0x1a/0x30 [ 24.871626] [ 24.872004] kfence-#99: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 24.872004] [ 24.873392] allocated by task 310 on cpu 0 at 24.866241s (0.007145s ago): [ 24.874638] test_alloc+0x2a6/0x10f0 [ 24.875030] test_out_of_bounds_read+0xed/0x4e0 [ 24.875551] kunit_try_run_case+0x1a5/0x480 [ 24.875978] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.876447] kthread+0x337/0x6f0 [ 24.876836] ret_from_fork+0x41/0x80 [ 24.877359] ret_from_fork_asm+0x1a/0x30 [ 24.877798] [ 24.878122] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.878965] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.879464] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.880189] ================================================================== [ 24.658399] ================================================================== [ 24.659096] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 24.659096] [ 24.659851] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#97): [ 24.660515] test_out_of_bounds_read+0x216/0x4e0 [ 24.661083] kunit_try_run_case+0x1a5/0x480 [ 24.661690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.662183] kthread+0x337/0x6f0 [ 24.662665] ret_from_fork+0x41/0x80 [ 24.662984] ret_from_fork_asm+0x1a/0x30 [ 24.663458] [ 24.663725] kfence-#97: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.663725] [ 24.664388] allocated by task 308 on cpu 1 at 24.658135s (0.006247s ago): [ 24.665084] test_alloc+0x364/0x10f0 [ 24.665510] test_out_of_bounds_read+0x1e2/0x4e0 [ 24.665912] kunit_try_run_case+0x1a5/0x480 [ 24.666429] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.666976] kthread+0x337/0x6f0 [ 24.667439] ret_from_fork+0x41/0x80 [ 24.667820] ret_from_fork_asm+0x1a/0x30 [ 24.668221] [ 24.668503] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.669347] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.669696] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.670343] ================================================================== [ 24.555724] ================================================================== [ 24.556382] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 24.556382] [ 24.557133] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#96): [ 24.557938] test_out_of_bounds_read+0x126/0x4e0 [ 24.558344] kunit_try_run_case+0x1a5/0x480 [ 24.558799] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.559306] kthread+0x337/0x6f0 [ 24.559666] ret_from_fork+0x41/0x80 [ 24.560079] ret_from_fork_asm+0x1a/0x30 [ 24.560424] [ 24.560969] kfence-#96: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 24.560969] [ 24.562038] allocated by task 308 on cpu 1 at 24.554131s (0.007781s ago): [ 24.563475] test_alloc+0x364/0x10f0 [ 24.563923] test_out_of_bounds_read+0xed/0x4e0 [ 24.564324] kunit_try_run_case+0x1a5/0x480 [ 24.564786] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.565244] kthread+0x337/0x6f0 [ 24.565582] ret_from_fork+0x41/0x80 [ 24.566101] ret_from_fork_asm+0x1a/0x30 [ 24.566985] [ 24.567330] CPU: 1 UID: 0 PID: 308 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.568167] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.568525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.569288] ================================================================== [ 25.386072] ================================================================== [ 25.386839] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 25.386839] [ 25.387681] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#104): [ 25.388812] test_out_of_bounds_read+0x216/0x4e0 [ 25.389176] kunit_try_run_case+0x1a5/0x480 [ 25.389518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.389933] kthread+0x337/0x6f0 [ 25.390264] ret_from_fork+0x41/0x80 [ 25.390668] ret_from_fork_asm+0x1a/0x30 [ 25.391111] [ 25.391395] kfence-#104: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 25.391395] [ 25.392056] allocated by task 310 on cpu 0 at 25.385979s (0.006071s ago): [ 25.393517] test_alloc+0x2a6/0x10f0 [ 25.393853] test_out_of_bounds_read+0x1e2/0x4e0 [ 25.394212] kunit_try_run_case+0x1a5/0x480 [ 25.394688] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 25.395201] kthread+0x337/0x6f0 [ 25.395923] ret_from_fork+0x41/0x80 [ 25.396307] ret_from_fork_asm+0x1a/0x30 [ 25.396741] [ 25.397014] CPU: 0 UID: 0 PID: 310 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 25.397828] Tainted: [B]=BAD_PAGE, [N]=TEST [ 25.398493] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 25.399143] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 24.407653] ================================================================== [ 24.408129] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 24.408782] Write of size 1 at addr ffff88810a090278 by task kunit_try_catch/306 [ 24.409379] [ 24.409779] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.409945] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.409983] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.410045] Call Trace: [ 24.410097] <TASK> [ 24.410140] dump_stack_lvl+0x73/0xb0 [ 24.410212] print_report+0xd1/0x650 [ 24.410293] ? __virt_addr_valid+0x1db/0x2d0 [ 24.410367] ? strncpy_from_user+0x1a5/0x1d0 [ 24.410448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.410526] ? strncpy_from_user+0x1a5/0x1d0 [ 24.410625] kasan_report+0x141/0x180 [ 24.410705] ? strncpy_from_user+0x1a5/0x1d0 [ 24.410794] __asan_report_store1_noabort+0x1b/0x30 [ 24.410865] strncpy_from_user+0x1a5/0x1d0 [ 24.410949] copy_user_test_oob+0x760/0x10f0 [ 24.411025] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.411091] ? finish_task_switch.isra.0+0x153/0x700 [ 24.411166] ? __switch_to+0x5d9/0xf60 [ 24.411273] ? dequeue_task_fair+0x156/0x4e0 [ 24.411360] ? __schedule+0x10cc/0x2b60 [ 24.411438] ? __pfx_read_tsc+0x10/0x10 [ 24.411501] ? ktime_get_ts64+0x86/0x230 [ 24.411558] kunit_try_run_case+0x1a5/0x480 [ 24.411637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411697] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.411737] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.411774] ? __kthread_parkme+0x82/0x180 [ 24.411805] ? preempt_count_sub+0x50/0x80 [ 24.411840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.411876] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.411910] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.411945] kthread+0x337/0x6f0 [ 24.411971] ? trace_preempt_on+0x20/0xc0 [ 24.412006] ? __pfx_kthread+0x10/0x10 [ 24.412032] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.412063] ? calculate_sigpending+0x7b/0xa0 [ 24.412095] ? __pfx_kthread+0x10/0x10 [ 24.412121] ret_from_fork+0x41/0x80 [ 24.412153] ? __pfx_kthread+0x10/0x10 [ 24.412179] ret_from_fork_asm+0x1a/0x30 [ 24.412257] </TASK> [ 24.412277] [ 24.427112] Allocated by task 306: [ 24.427573] kasan_save_stack+0x45/0x70 [ 24.428026] kasan_save_track+0x18/0x40 [ 24.428475] kasan_save_alloc_info+0x3b/0x50 [ 24.428962] __kasan_kmalloc+0xb7/0xc0 [ 24.429438] __kmalloc_noprof+0x1c9/0x500 [ 24.429941] kunit_kmalloc_array+0x25/0x60 [ 24.430426] copy_user_test_oob+0xab/0x10f0 [ 24.430827] kunit_try_run_case+0x1a5/0x480 [ 24.431157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.431699] kthread+0x337/0x6f0 [ 24.432069] ret_from_fork+0x41/0x80 [ 24.432522] ret_from_fork_asm+0x1a/0x30 [ 24.432955] [ 24.433264] The buggy address belongs to the object at ffff88810a090200 [ 24.433264] which belongs to the cache kmalloc-128 of size 128 [ 24.435575] The buggy address is located 0 bytes to the right of [ 24.435575] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.436996] [ 24.437262] The buggy address belongs to the physical page: [ 24.437803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.438519] flags: 0x200000000000000(node=0|zone=2) [ 24.439044] page_type: f5(slab) [ 24.439481] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.440140] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.440812] page dumped because: kasan: bad access detected [ 24.441295] [ 24.441565] Memory state around the buggy address: [ 24.442044] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.442744] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.443377] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.444003] ^ [ 24.444667] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.445248] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.445860] ================================================================== [ 24.365785] ================================================================== [ 24.366257] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 24.367077] Write of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.368289] [ 24.368547] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.368689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.368729] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.368789] Call Trace: [ 24.368838] <TASK> [ 24.368881] dump_stack_lvl+0x73/0xb0 [ 24.368958] print_report+0xd1/0x650 [ 24.369026] ? __virt_addr_valid+0x1db/0x2d0 [ 24.369064] ? strncpy_from_user+0x2e/0x1d0 [ 24.369100] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.369138] ? strncpy_from_user+0x2e/0x1d0 [ 24.369173] kasan_report+0x141/0x180 [ 24.369216] ? strncpy_from_user+0x2e/0x1d0 [ 24.369283] kasan_check_range+0x10c/0x1c0 [ 24.369318] __kasan_check_write+0x18/0x20 [ 24.369350] strncpy_from_user+0x2e/0x1d0 [ 24.369389] copy_user_test_oob+0x760/0x10f0 [ 24.369421] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.369451] ? finish_task_switch.isra.0+0x153/0x700 [ 24.369486] ? __switch_to+0x5d9/0xf60 [ 24.369514] ? dequeue_task_fair+0x156/0x4e0 [ 24.369549] ? __schedule+0x10cc/0x2b60 [ 24.369583] ? __pfx_read_tsc+0x10/0x10 [ 24.369671] ? ktime_get_ts64+0x86/0x230 [ 24.369758] kunit_try_run_case+0x1a5/0x480 [ 24.369828] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.369895] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.369966] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.370008] ? __kthread_parkme+0x82/0x180 [ 24.370043] ? preempt_count_sub+0x50/0x80 [ 24.370079] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.370117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.370152] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.370189] kthread+0x337/0x6f0 [ 24.370224] ? trace_preempt_on+0x20/0xc0 [ 24.370279] ? __pfx_kthread+0x10/0x10 [ 24.370309] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.370344] ? calculate_sigpending+0x7b/0xa0 [ 24.370376] ? __pfx_kthread+0x10/0x10 [ 24.370404] ret_from_fork+0x41/0x80 [ 24.370438] ? __pfx_kthread+0x10/0x10 [ 24.370465] ret_from_fork_asm+0x1a/0x30 [ 24.370509] </TASK> [ 24.370525] [ 24.388263] Allocated by task 306: [ 24.388636] kasan_save_stack+0x45/0x70 [ 24.388967] kasan_save_track+0x18/0x40 [ 24.389535] kasan_save_alloc_info+0x3b/0x50 [ 24.390070] __kasan_kmalloc+0xb7/0xc0 [ 24.390778] __kmalloc_noprof+0x1c9/0x500 [ 24.391247] kunit_kmalloc_array+0x25/0x60 [ 24.391582] copy_user_test_oob+0xab/0x10f0 [ 24.392026] kunit_try_run_case+0x1a5/0x480 [ 24.392857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.393415] kthread+0x337/0x6f0 [ 24.393996] ret_from_fork+0x41/0x80 [ 24.394357] ret_from_fork_asm+0x1a/0x30 [ 24.394784] [ 24.395016] The buggy address belongs to the object at ffff88810a090200 [ 24.395016] which belongs to the cache kmalloc-128 of size 128 [ 24.396137] The buggy address is located 0 bytes inside of [ 24.396137] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.397066] [ 24.397314] The buggy address belongs to the physical page: [ 24.397968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.398793] flags: 0x200000000000000(node=0|zone=2) [ 24.399342] page_type: f5(slab) [ 24.399780] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.400532] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.401299] page dumped because: kasan: bad access detected [ 24.401744] [ 24.401994] Memory state around the buggy address: [ 24.402574] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.403262] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.403858] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.404559] ^ [ 24.405236] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.405895] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.406524] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 24.278097] ================================================================== [ 24.278732] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 24.279390] Write of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.280073] [ 24.280417] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.280540] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.280579] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.280667] Call Trace: [ 24.280740] <TASK> [ 24.280788] dump_stack_lvl+0x73/0xb0 [ 24.280867] print_report+0xd1/0x650 [ 24.280964] ? __virt_addr_valid+0x1db/0x2d0 [ 24.281075] ? copy_user_test_oob+0x557/0x10f0 [ 24.281150] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.281308] ? copy_user_test_oob+0x557/0x10f0 [ 24.281386] kasan_report+0x141/0x180 [ 24.281461] ? copy_user_test_oob+0x557/0x10f0 [ 24.281546] kasan_check_range+0x10c/0x1c0 [ 24.281637] __kasan_check_write+0x18/0x20 [ 24.281715] copy_user_test_oob+0x557/0x10f0 [ 24.281829] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.281937] ? finish_task_switch.isra.0+0x153/0x700 [ 24.282020] ? __switch_to+0x5d9/0xf60 [ 24.282087] ? dequeue_task_fair+0x156/0x4e0 [ 24.282189] ? __schedule+0x10cc/0x2b60 [ 24.282307] ? __pfx_read_tsc+0x10/0x10 [ 24.282340] ? ktime_get_ts64+0x86/0x230 [ 24.282378] kunit_try_run_case+0x1a5/0x480 [ 24.282416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.282452] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.282489] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.282523] ? __kthread_parkme+0x82/0x180 [ 24.282556] ? preempt_count_sub+0x50/0x80 [ 24.282593] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.282660] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.282698] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.282735] kthread+0x337/0x6f0 [ 24.282759] ? trace_preempt_on+0x20/0xc0 [ 24.282794] ? __pfx_kthread+0x10/0x10 [ 24.282821] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.282854] ? calculate_sigpending+0x7b/0xa0 [ 24.282885] ? __pfx_kthread+0x10/0x10 [ 24.282911] ret_from_fork+0x41/0x80 [ 24.282942] ? __pfx_kthread+0x10/0x10 [ 24.282970] ret_from_fork_asm+0x1a/0x30 [ 24.283013] </TASK> [ 24.283028] [ 24.301963] Allocated by task 306: [ 24.302372] kasan_save_stack+0x45/0x70 [ 24.302905] kasan_save_track+0x18/0x40 [ 24.303352] kasan_save_alloc_info+0x3b/0x50 [ 24.303899] __kasan_kmalloc+0xb7/0xc0 [ 24.304507] __kmalloc_noprof+0x1c9/0x500 [ 24.304926] kunit_kmalloc_array+0x25/0x60 [ 24.305377] copy_user_test_oob+0xab/0x10f0 [ 24.305837] kunit_try_run_case+0x1a5/0x480 [ 24.306406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.306822] kthread+0x337/0x6f0 [ 24.307287] ret_from_fork+0x41/0x80 [ 24.307697] ret_from_fork_asm+0x1a/0x30 [ 24.308133] [ 24.308411] The buggy address belongs to the object at ffff88810a090200 [ 24.308411] which belongs to the cache kmalloc-128 of size 128 [ 24.309398] The buggy address is located 0 bytes inside of [ 24.309398] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.310452] [ 24.310735] The buggy address belongs to the physical page: [ 24.311280] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.311997] flags: 0x200000000000000(node=0|zone=2) [ 24.312514] page_type: f5(slab) [ 24.312930] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.313570] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.314361] page dumped because: kasan: bad access detected [ 24.314784] [ 24.315042] Memory state around the buggy address: [ 24.315513] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.316114] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.316722] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.317277] ^ [ 24.317962] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.318588] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.319275] ================================================================== [ 24.235880] ================================================================== [ 24.236783] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 24.237530] Read of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.238266] [ 24.238542] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.238681] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.238721] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.238777] Call Trace: [ 24.238828] <TASK> [ 24.238872] dump_stack_lvl+0x73/0xb0 [ 24.238988] print_report+0xd1/0x650 [ 24.239071] ? __virt_addr_valid+0x1db/0x2d0 [ 24.239146] ? copy_user_test_oob+0x4aa/0x10f0 [ 24.239257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.239381] ? copy_user_test_oob+0x4aa/0x10f0 [ 24.239459] kasan_report+0x141/0x180 [ 24.239576] ? copy_user_test_oob+0x4aa/0x10f0 [ 24.239685] kasan_check_range+0x10c/0x1c0 [ 24.239762] __kasan_check_read+0x15/0x20 [ 24.239833] copy_user_test_oob+0x4aa/0x10f0 [ 24.239913] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.240024] ? finish_task_switch.isra.0+0x153/0x700 [ 24.240129] ? __switch_to+0x5d9/0xf60 [ 24.240240] ? dequeue_task_fair+0x156/0x4e0 [ 24.240327] ? __schedule+0x10cc/0x2b60 [ 24.240407] ? __pfx_read_tsc+0x10/0x10 [ 24.240479] ? ktime_get_ts64+0x86/0x230 [ 24.240597] kunit_try_run_case+0x1a5/0x480 [ 24.240704] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.240780] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.240901] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.240984] ? __kthread_parkme+0x82/0x180 [ 24.241058] ? preempt_count_sub+0x50/0x80 [ 24.241137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.241193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.241271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.241313] kthread+0x337/0x6f0 [ 24.241340] ? trace_preempt_on+0x20/0xc0 [ 24.241377] ? __pfx_kthread+0x10/0x10 [ 24.241405] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.241438] ? calculate_sigpending+0x7b/0xa0 [ 24.241470] ? __pfx_kthread+0x10/0x10 [ 24.241498] ret_from_fork+0x41/0x80 [ 24.241529] ? __pfx_kthread+0x10/0x10 [ 24.241555] ret_from_fork_asm+0x1a/0x30 [ 24.241617] </TASK> [ 24.241640] [ 24.258685] Allocated by task 306: [ 24.258966] kasan_save_stack+0x45/0x70 [ 24.259338] kasan_save_track+0x18/0x40 [ 24.259854] kasan_save_alloc_info+0x3b/0x50 [ 24.260344] __kasan_kmalloc+0xb7/0xc0 [ 24.260774] __kmalloc_noprof+0x1c9/0x500 [ 24.261394] kunit_kmalloc_array+0x25/0x60 [ 24.261888] copy_user_test_oob+0xab/0x10f0 [ 24.262443] kunit_try_run_case+0x1a5/0x480 [ 24.262968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.263655] kthread+0x337/0x6f0 [ 24.264056] ret_from_fork+0x41/0x80 [ 24.264591] ret_from_fork_asm+0x1a/0x30 [ 24.265026] [ 24.265402] The buggy address belongs to the object at ffff88810a090200 [ 24.265402] which belongs to the cache kmalloc-128 of size 128 [ 24.266475] The buggy address is located 0 bytes inside of [ 24.266475] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.267442] [ 24.267645] The buggy address belongs to the physical page: [ 24.268007] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.268834] flags: 0x200000000000000(node=0|zone=2) [ 24.269365] page_type: f5(slab) [ 24.269903] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.270634] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.271402] page dumped because: kasan: bad access detected [ 24.271873] [ 24.272052] Memory state around the buggy address: [ 24.272472] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.273168] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.273923] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.274625] ^ [ 24.275424] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.276048] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.276729] ================================================================== [ 24.196855] ================================================================== [ 24.197415] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 24.198112] Write of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.198996] [ 24.199447] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.199598] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.199659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.199739] Call Trace: [ 24.199808] <TASK> [ 24.199858] dump_stack_lvl+0x73/0xb0 [ 24.199931] print_report+0xd1/0x650 [ 24.199971] ? __virt_addr_valid+0x1db/0x2d0 [ 24.200007] ? copy_user_test_oob+0x3fd/0x10f0 [ 24.200039] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.200076] ? copy_user_test_oob+0x3fd/0x10f0 [ 24.200107] kasan_report+0x141/0x180 [ 24.200141] ? copy_user_test_oob+0x3fd/0x10f0 [ 24.200177] kasan_check_range+0x10c/0x1c0 [ 24.200210] __kasan_check_write+0x18/0x20 [ 24.200273] copy_user_test_oob+0x3fd/0x10f0 [ 24.200309] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.200339] ? finish_task_switch.isra.0+0x153/0x700 [ 24.200376] ? __switch_to+0x5d9/0xf60 [ 24.200404] ? dequeue_task_fair+0x156/0x4e0 [ 24.200439] ? __schedule+0x10cc/0x2b60 [ 24.200472] ? __pfx_read_tsc+0x10/0x10 [ 24.200503] ? ktime_get_ts64+0x86/0x230 [ 24.200539] kunit_try_run_case+0x1a5/0x480 [ 24.200578] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.200639] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.200679] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.200716] ? __kthread_parkme+0x82/0x180 [ 24.200756] ? preempt_count_sub+0x50/0x80 [ 24.200809] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.200848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.200883] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.200920] kthread+0x337/0x6f0 [ 24.200943] ? trace_preempt_on+0x20/0xc0 [ 24.200980] ? __pfx_kthread+0x10/0x10 [ 24.201007] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.201039] ? calculate_sigpending+0x7b/0xa0 [ 24.201103] ? __pfx_kthread+0x10/0x10 [ 24.201134] ret_from_fork+0x41/0x80 [ 24.201184] ? __pfx_kthread+0x10/0x10 [ 24.201218] ret_from_fork_asm+0x1a/0x30 [ 24.201291] </TASK> [ 24.201309] [ 24.218439] Allocated by task 306: [ 24.218855] kasan_save_stack+0x45/0x70 [ 24.219341] kasan_save_track+0x18/0x40 [ 24.219815] kasan_save_alloc_info+0x3b/0x50 [ 24.220286] __kasan_kmalloc+0xb7/0xc0 [ 24.220722] __kmalloc_noprof+0x1c9/0x500 [ 24.221167] kunit_kmalloc_array+0x25/0x60 [ 24.221693] copy_user_test_oob+0xab/0x10f0 [ 24.222084] kunit_try_run_case+0x1a5/0x480 [ 24.222559] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.223096] kthread+0x337/0x6f0 [ 24.223484] ret_from_fork+0x41/0x80 [ 24.223810] ret_from_fork_asm+0x1a/0x30 [ 24.224160] [ 24.224397] The buggy address belongs to the object at ffff88810a090200 [ 24.224397] which belongs to the cache kmalloc-128 of size 128 [ 24.225380] The buggy address is located 0 bytes inside of [ 24.225380] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.226122] [ 24.226365] The buggy address belongs to the physical page: [ 24.226820] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.227592] flags: 0x200000000000000(node=0|zone=2) [ 24.228089] page_type: f5(slab) [ 24.228513] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.229146] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.229708] page dumped because: kasan: bad access detected [ 24.230321] [ 24.230528] Memory state around the buggy address: [ 24.231025] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.231749] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.232438] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.233099] ^ [ 24.233597] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.234072] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.234668] ================================================================== [ 24.320515] ================================================================== [ 24.321922] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 24.323014] Read of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.323710] [ 24.324026] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.324153] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.324194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.324300] Call Trace: [ 24.324371] <TASK> [ 24.324450] dump_stack_lvl+0x73/0xb0 [ 24.324531] print_report+0xd1/0x650 [ 24.324623] ? __virt_addr_valid+0x1db/0x2d0 [ 24.324702] ? copy_user_test_oob+0x604/0x10f0 [ 24.324776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.324879] ? copy_user_test_oob+0x604/0x10f0 [ 24.324982] kasan_report+0x141/0x180 [ 24.325062] ? copy_user_test_oob+0x604/0x10f0 [ 24.325154] kasan_check_range+0x10c/0x1c0 [ 24.325276] __kasan_check_read+0x15/0x20 [ 24.325354] copy_user_test_oob+0x604/0x10f0 [ 24.325457] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.325558] ? finish_task_switch.isra.0+0x153/0x700 [ 24.325651] ? __switch_to+0x5d9/0xf60 [ 24.325722] ? dequeue_task_fair+0x156/0x4e0 [ 24.325812] ? __schedule+0x10cc/0x2b60 [ 24.325853] ? __pfx_read_tsc+0x10/0x10 [ 24.325886] ? ktime_get_ts64+0x86/0x230 [ 24.325927] kunit_try_run_case+0x1a5/0x480 [ 24.325968] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.326003] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.326039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.326076] ? __kthread_parkme+0x82/0x180 [ 24.326108] ? preempt_count_sub+0x50/0x80 [ 24.326144] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.326181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.326265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.326308] kthread+0x337/0x6f0 [ 24.326335] ? trace_preempt_on+0x20/0xc0 [ 24.326370] ? __pfx_kthread+0x10/0x10 [ 24.326396] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.326429] ? calculate_sigpending+0x7b/0xa0 [ 24.326462] ? __pfx_kthread+0x10/0x10 [ 24.326489] ret_from_fork+0x41/0x80 [ 24.326523] ? __pfx_kthread+0x10/0x10 [ 24.326550] ret_from_fork_asm+0x1a/0x30 [ 24.326595] </TASK> [ 24.326635] [ 24.345076] Allocated by task 306: [ 24.345587] kasan_save_stack+0x45/0x70 [ 24.346094] kasan_save_track+0x18/0x40 [ 24.346641] kasan_save_alloc_info+0x3b/0x50 [ 24.347174] __kasan_kmalloc+0xb7/0xc0 [ 24.347656] __kmalloc_noprof+0x1c9/0x500 [ 24.348172] kunit_kmalloc_array+0x25/0x60 [ 24.348731] copy_user_test_oob+0xab/0x10f0 [ 24.349277] kunit_try_run_case+0x1a5/0x480 [ 24.349834] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.350469] kthread+0x337/0x6f0 [ 24.350848] ret_from_fork+0x41/0x80 [ 24.351391] ret_from_fork_asm+0x1a/0x30 [ 24.351855] [ 24.352139] The buggy address belongs to the object at ffff88810a090200 [ 24.352139] which belongs to the cache kmalloc-128 of size 128 [ 24.353333] The buggy address is located 0 bytes inside of [ 24.353333] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.354469] [ 24.354748] The buggy address belongs to the physical page: [ 24.355282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.356095] flags: 0x200000000000000(node=0|zone=2) [ 24.356671] page_type: f5(slab) [ 24.357156] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.357941] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.358691] page dumped because: kasan: bad access detected [ 24.359143] [ 24.359435] Memory state around the buggy address: [ 24.359978] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.360744] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.361493] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.362492] ^ [ 24.363020] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.363589] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.364174] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 24.149363] ================================================================== [ 24.149929] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 24.150471] Read of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.151158] [ 24.151444] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.151573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.151630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.151689] Call Trace: [ 24.151740] <TASK> [ 24.151785] dump_stack_lvl+0x73/0xb0 [ 24.151866] print_report+0xd1/0x650 [ 24.151991] ? __virt_addr_valid+0x1db/0x2d0 [ 24.152072] ? _copy_to_user+0x4a/0x70 [ 24.152143] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.152220] ? _copy_to_user+0x4a/0x70 [ 24.152331] kasan_report+0x141/0x180 [ 24.152418] ? _copy_to_user+0x4a/0x70 [ 24.152505] kasan_check_range+0x10c/0x1c0 [ 24.152578] __kasan_check_read+0x15/0x20 [ 24.152639] _copy_to_user+0x4a/0x70 [ 24.152673] copy_user_test_oob+0x364/0x10f0 [ 24.152709] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.152740] ? finish_task_switch.isra.0+0x153/0x700 [ 24.152775] ? __switch_to+0x5d9/0xf60 [ 24.152805] ? dequeue_task_fair+0x156/0x4e0 [ 24.152840] ? __schedule+0x10cc/0x2b60 [ 24.152874] ? __pfx_read_tsc+0x10/0x10 [ 24.152903] ? ktime_get_ts64+0x86/0x230 [ 24.152940] kunit_try_run_case+0x1a5/0x480 [ 24.152977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.153013] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.153049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.153087] ? __kthread_parkme+0x82/0x180 [ 24.153120] ? preempt_count_sub+0x50/0x80 [ 24.153157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.153193] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.153266] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.153308] kthread+0x337/0x6f0 [ 24.153336] ? trace_preempt_on+0x20/0xc0 [ 24.153372] ? __pfx_kthread+0x10/0x10 [ 24.153399] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.153433] ? calculate_sigpending+0x7b/0xa0 [ 24.153465] ? __pfx_kthread+0x10/0x10 [ 24.153492] ret_from_fork+0x41/0x80 [ 24.153523] ? __pfx_kthread+0x10/0x10 [ 24.153550] ret_from_fork_asm+0x1a/0x30 [ 24.153594] </TASK> [ 24.153633] [ 24.171462] Allocated by task 306: [ 24.171816] kasan_save_stack+0x45/0x70 [ 24.172148] kasan_save_track+0x18/0x40 [ 24.172505] kasan_save_alloc_info+0x3b/0x50 [ 24.172955] __kasan_kmalloc+0xb7/0xc0 [ 24.173366] __kmalloc_noprof+0x1c9/0x500 [ 24.173859] kunit_kmalloc_array+0x25/0x60 [ 24.174190] copy_user_test_oob+0xab/0x10f0 [ 24.174558] kunit_try_run_case+0x1a5/0x480 [ 24.174905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.175340] kthread+0x337/0x6f0 [ 24.175832] ret_from_fork+0x41/0x80 [ 24.176415] ret_from_fork_asm+0x1a/0x30 [ 24.176975] [ 24.177310] The buggy address belongs to the object at ffff88810a090200 [ 24.177310] which belongs to the cache kmalloc-128 of size 128 [ 24.178409] The buggy address is located 0 bytes inside of [ 24.178409] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.179539] [ 24.179850] The buggy address belongs to the physical page: [ 24.180452] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.181287] flags: 0x200000000000000(node=0|zone=2) [ 24.181798] page_type: f5(slab) [ 24.182296] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.183032] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.183644] page dumped because: kasan: bad access detected [ 24.184005] [ 24.184308] Memory state around the buggy address: [ 24.184876] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.185591] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.186305] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.186909] ^ [ 24.188176] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.189006] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.189589] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 24.101648] ================================================================== [ 24.102821] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 24.103533] Write of size 121 at addr ffff88810a090200 by task kunit_try_catch/306 [ 24.104151] [ 24.104450] CPU: 1 UID: 0 PID: 306 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.104587] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.104645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.104683] Call Trace: [ 24.104704] <TASK> [ 24.104730] dump_stack_lvl+0x73/0xb0 [ 24.104809] print_report+0xd1/0x650 [ 24.104897] ? __virt_addr_valid+0x1db/0x2d0 [ 24.104975] ? _copy_from_user+0x32/0x90 [ 24.105049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.105125] ? _copy_from_user+0x32/0x90 [ 24.105199] kasan_report+0x141/0x180 [ 24.105277] ? _copy_from_user+0x32/0x90 [ 24.105359] kasan_check_range+0x10c/0x1c0 [ 24.105432] __kasan_check_write+0x18/0x20 [ 24.105522] _copy_from_user+0x32/0x90 [ 24.105560] copy_user_test_oob+0x2be/0x10f0 [ 24.105649] ? __pfx_copy_user_test_oob+0x10/0x10 [ 24.105680] ? finish_task_switch.isra.0+0x153/0x700 [ 24.105720] ? __switch_to+0x5d9/0xf60 [ 24.105760] ? dequeue_task_fair+0x156/0x4e0 [ 24.105798] ? __schedule+0x10cc/0x2b60 [ 24.105834] ? __pfx_read_tsc+0x10/0x10 [ 24.105865] ? ktime_get_ts64+0x86/0x230 [ 24.105903] kunit_try_run_case+0x1a5/0x480 [ 24.105942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.105976] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.106013] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.106049] ? __kthread_parkme+0x82/0x180 [ 24.106084] ? preempt_count_sub+0x50/0x80 [ 24.106122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.106159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.106194] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.106256] kthread+0x337/0x6f0 [ 24.106288] ? trace_preempt_on+0x20/0xc0 [ 24.106326] ? __pfx_kthread+0x10/0x10 [ 24.106354] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.106388] ? calculate_sigpending+0x7b/0xa0 [ 24.106421] ? __pfx_kthread+0x10/0x10 [ 24.106448] ret_from_fork+0x41/0x80 [ 24.106479] ? __pfx_kthread+0x10/0x10 [ 24.106506] ret_from_fork_asm+0x1a/0x30 [ 24.106550] </TASK> [ 24.106568] [ 24.124779] Allocated by task 306: [ 24.125471] kasan_save_stack+0x45/0x70 [ 24.125953] kasan_save_track+0x18/0x40 [ 24.126586] kasan_save_alloc_info+0x3b/0x50 [ 24.127026] __kasan_kmalloc+0xb7/0xc0 [ 24.127689] __kmalloc_noprof+0x1c9/0x500 [ 24.128159] kunit_kmalloc_array+0x25/0x60 [ 24.128534] copy_user_test_oob+0xab/0x10f0 [ 24.128968] kunit_try_run_case+0x1a5/0x480 [ 24.129563] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.130125] kthread+0x337/0x6f0 [ 24.130654] ret_from_fork+0x41/0x80 [ 24.131348] ret_from_fork_asm+0x1a/0x30 [ 24.131708] [ 24.132063] The buggy address belongs to the object at ffff88810a090200 [ 24.132063] which belongs to the cache kmalloc-128 of size 128 [ 24.133158] The buggy address is located 0 bytes inside of [ 24.133158] allocated 120-byte region [ffff88810a090200, ffff88810a090278) [ 24.134021] [ 24.134264] The buggy address belongs to the physical page: [ 24.134878] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.135702] flags: 0x200000000000000(node=0|zone=2) [ 24.136203] page_type: f5(slab) [ 24.136556] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.137794] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.138722] page dumped because: kasan: bad access detected [ 24.139091] [ 24.139470] Memory state around the buggy address: [ 24.140110] ffff88810a090100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.140797] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.141440] >ffff88810a090200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.142033] ^ [ 24.142619] ffff88810a090280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.143303] ffff88810a090300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.143967] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 24.034586] ================================================================== [ 24.035239] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 24.036061] Write of size 8 at addr ffff88810a090178 by task kunit_try_catch/302 [ 24.037006] [ 24.037284] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 24.037451] Tainted: [B]=BAD_PAGE, [N]=TEST [ 24.037494] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 24.037552] Call Trace: [ 24.037617] <TASK> [ 24.037663] dump_stack_lvl+0x73/0xb0 [ 24.037744] print_report+0xd1/0x650 [ 24.037842] ? __virt_addr_valid+0x1db/0x2d0 [ 24.037924] ? copy_to_kernel_nofault+0x99/0x260 [ 24.038000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 24.038081] ? copy_to_kernel_nofault+0x99/0x260 [ 24.038157] kasan_report+0x141/0x180 [ 24.038326] ? copy_to_kernel_nofault+0x99/0x260 [ 24.038422] kasan_check_range+0x10c/0x1c0 [ 24.038499] __kasan_check_write+0x18/0x20 [ 24.038573] copy_to_kernel_nofault+0x99/0x260 [ 24.038758] copy_to_kernel_nofault_oob+0x288/0x560 [ 24.038845] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 24.038929] ? finish_task_switch.isra.0+0x153/0x700 [ 24.039009] ? __schedule+0x10cc/0x2b60 [ 24.039079] ? trace_hardirqs_on+0x37/0xe0 [ 24.039175] ? __pfx_read_tsc+0x10/0x10 [ 24.039239] ? ktime_get_ts64+0x86/0x230 [ 24.039324] kunit_try_run_case+0x1a5/0x480 [ 24.039409] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.039484] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 24.039558] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 24.039677] ? __kthread_parkme+0x82/0x180 [ 24.039761] ? preempt_count_sub+0x50/0x80 [ 24.039847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 24.039933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.039976] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 24.040013] kthread+0x337/0x6f0 [ 24.040040] ? trace_preempt_on+0x20/0xc0 [ 24.040075] ? __pfx_kthread+0x10/0x10 [ 24.040102] ? _raw_spin_unlock_irq+0x47/0x80 [ 24.040138] ? calculate_sigpending+0x7b/0xa0 [ 24.040168] ? __pfx_kthread+0x10/0x10 [ 24.040195] ret_from_fork+0x41/0x80 [ 24.040270] ? __pfx_kthread+0x10/0x10 [ 24.040301] ret_from_fork_asm+0x1a/0x30 [ 24.040346] </TASK> [ 24.040362] [ 24.058483] Allocated by task 302: [ 24.059937] kasan_save_stack+0x45/0x70 [ 24.060802] kasan_save_track+0x18/0x40 [ 24.061649] kasan_save_alloc_info+0x3b/0x50 [ 24.062804] __kasan_kmalloc+0xb7/0xc0 [ 24.063905] __kmalloc_cache_noprof+0x189/0x420 [ 24.064256] copy_to_kernel_nofault_oob+0x12f/0x560 [ 24.064761] kunit_try_run_case+0x1a5/0x480 [ 24.065175] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.065769] kthread+0x337/0x6f0 [ 24.066145] ret_from_fork+0x41/0x80 [ 24.066485] ret_from_fork_asm+0x1a/0x30 [ 24.066956] [ 24.067283] The buggy address belongs to the object at ffff88810a090100 [ 24.067283] which belongs to the cache kmalloc-128 of size 128 [ 24.068175] The buggy address is located 0 bytes to the right of [ 24.068175] allocated 120-byte region [ffff88810a090100, ffff88810a090178) [ 24.070060] [ 24.070577] The buggy address belongs to the physical page: [ 24.071520] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.072489] flags: 0x200000000000000(node=0|zone=2) [ 24.072829] page_type: f5(slab) [ 24.073251] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.074164] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.075380] page dumped because: kasan: bad access detected [ 24.075912] [ 24.076126] Memory state around the buggy address: [ 24.076588] ffff88810a090000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.077935] ffff88810a090080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.078727] >ffff88810a090100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.079327] ^ [ 24.079840] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.080992] ffff88810a090200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.081416] ================================================================== [ 23.986018] ================================================================== [ 23.987232] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 23.987544] Read of size 8 at addr ffff88810a090178 by task kunit_try_catch/302 [ 23.988591] [ 23.988877] CPU: 1 UID: 0 PID: 302 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.989010] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.989051] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.989112] Call Trace: [ 23.989155] <TASK> [ 23.989207] dump_stack_lvl+0x73/0xb0 [ 23.989294] print_report+0xd1/0x650 [ 23.989385] ? __virt_addr_valid+0x1db/0x2d0 [ 23.989465] ? copy_to_kernel_nofault+0x225/0x260 [ 23.989540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.989744] ? copy_to_kernel_nofault+0x225/0x260 [ 23.989840] kasan_report+0x141/0x180 [ 23.989922] ? copy_to_kernel_nofault+0x225/0x260 [ 23.990013] __asan_report_load8_noabort+0x18/0x20 [ 23.990092] copy_to_kernel_nofault+0x225/0x260 [ 23.990173] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 23.990302] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 23.990356] ? finish_task_switch.isra.0+0x153/0x700 [ 23.990400] ? __schedule+0x10cc/0x2b60 [ 23.990437] ? trace_hardirqs_on+0x37/0xe0 [ 23.990484] ? __pfx_read_tsc+0x10/0x10 [ 23.990515] ? ktime_get_ts64+0x86/0x230 [ 23.990555] kunit_try_run_case+0x1a5/0x480 [ 23.990594] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.990722] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.990775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.990814] ? __kthread_parkme+0x82/0x180 [ 23.990851] ? preempt_count_sub+0x50/0x80 [ 23.990890] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.990930] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.990967] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.991003] kthread+0x337/0x6f0 [ 23.991029] ? trace_preempt_on+0x20/0xc0 [ 23.991066] ? __pfx_kthread+0x10/0x10 [ 23.991093] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.991127] ? calculate_sigpending+0x7b/0xa0 [ 23.991161] ? __pfx_kthread+0x10/0x10 [ 23.991189] ret_from_fork+0x41/0x80 [ 23.991255] ? __pfx_kthread+0x10/0x10 [ 23.991290] ret_from_fork_asm+0x1a/0x30 [ 23.991338] </TASK> [ 23.991354] [ 24.010797] Allocated by task 302: [ 24.011090] kasan_save_stack+0x45/0x70 [ 24.011413] kasan_save_track+0x18/0x40 [ 24.013075] kasan_save_alloc_info+0x3b/0x50 [ 24.014018] __kasan_kmalloc+0xb7/0xc0 [ 24.014425] __kmalloc_cache_noprof+0x189/0x420 [ 24.014847] copy_to_kernel_nofault_oob+0x12f/0x560 [ 24.015323] kunit_try_run_case+0x1a5/0x480 [ 24.015773] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 24.016247] kthread+0x337/0x6f0 [ 24.016674] ret_from_fork+0x41/0x80 [ 24.017122] ret_from_fork_asm+0x1a/0x30 [ 24.018063] [ 24.018912] The buggy address belongs to the object at ffff88810a090100 [ 24.018912] which belongs to the cache kmalloc-128 of size 128 [ 24.020122] The buggy address is located 0 bytes to the right of [ 24.020122] allocated 120-byte region [ffff88810a090100, ffff88810a090178) [ 24.021247] [ 24.021491] The buggy address belongs to the physical page: [ 24.022165] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a090 [ 24.023012] flags: 0x200000000000000(node=0|zone=2) [ 24.023783] page_type: f5(slab) [ 24.024183] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 24.025143] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 24.026033] page dumped because: kasan: bad access detected [ 24.026673] [ 24.026995] Memory state around the buggy address: [ 24.027526] ffff88810a090000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 24.028592] ffff88810a090080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.029922] >ffff88810a090100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 24.031307] ^ [ 24.031889] ffff88810a090180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.032532] ffff88810a090200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 24.033257] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 22.641999] ================================================================== [ 22.642758] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 22.643566] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.644109] [ 22.644397] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.644523] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.644560] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.644636] Call Trace: [ 22.644694] <TASK> [ 22.644745] dump_stack_lvl+0x73/0xb0 [ 22.644831] print_report+0xd1/0x650 [ 22.644909] ? __virt_addr_valid+0x1db/0x2d0 [ 22.644987] ? kasan_atomics_helper+0x49ce/0x5450 [ 22.645067] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.645148] ? kasan_atomics_helper+0x49ce/0x5450 [ 22.645267] kasan_report+0x141/0x180 [ 22.645349] ? kasan_atomics_helper+0x49ce/0x5450 [ 22.645437] __asan_report_load4_noabort+0x18/0x20 [ 22.645509] kasan_atomics_helper+0x49ce/0x5450 [ 22.645591] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.645689] ? ret_from_fork_asm+0x1a/0x30 [ 22.645792] kasan_atomics+0x1dc/0x310 [ 22.645863] ? __pfx_kasan_atomics+0x10/0x10 [ 22.645939] ? __pfx_read_tsc+0x10/0x10 [ 22.646010] ? ktime_get_ts64+0x86/0x230 [ 22.646098] kunit_try_run_case+0x1a5/0x480 [ 22.646186] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.646306] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.646387] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.646435] ? __kthread_parkme+0x82/0x180 [ 22.646470] ? preempt_count_sub+0x50/0x80 [ 22.646510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.646548] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.646584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.646648] kthread+0x337/0x6f0 [ 22.646676] ? trace_preempt_on+0x20/0xc0 [ 22.646714] ? __pfx_kthread+0x10/0x10 [ 22.646741] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.646775] ? calculate_sigpending+0x7b/0xa0 [ 22.646810] ? __pfx_kthread+0x10/0x10 [ 22.646838] ret_from_fork+0x41/0x80 [ 22.646870] ? __pfx_kthread+0x10/0x10 [ 22.646897] ret_from_fork_asm+0x1a/0x30 [ 22.646941] </TASK> [ 22.646956] [ 22.663000] Allocated by task 286: [ 22.663445] kasan_save_stack+0x45/0x70 [ 22.663861] kasan_save_track+0x18/0x40 [ 22.664271] kasan_save_alloc_info+0x3b/0x50 [ 22.664682] __kasan_kmalloc+0xb7/0xc0 [ 22.665043] __kmalloc_cache_noprof+0x189/0x420 [ 22.665529] kasan_atomics+0x95/0x310 [ 22.665914] kunit_try_run_case+0x1a5/0x480 [ 22.666364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.666836] kthread+0x337/0x6f0 [ 22.667188] ret_from_fork+0x41/0x80 [ 22.667576] ret_from_fork_asm+0x1a/0x30 [ 22.668034] [ 22.668321] The buggy address belongs to the object at ffff888102a2c100 [ 22.668321] which belongs to the cache kmalloc-64 of size 64 [ 22.669183] The buggy address is located 0 bytes to the right of [ 22.669183] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.670099] [ 22.670392] The buggy address belongs to the physical page: [ 22.670870] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.671557] flags: 0x200000000000000(node=0|zone=2) [ 22.671992] page_type: f5(slab) [ 22.672392] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.672917] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.673652] page dumped because: kasan: bad access detected [ 22.674037] [ 22.674273] Memory state around the buggy address: [ 22.674728] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.675410] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.675977] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.676567] ^ [ 22.677034] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.677694] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.678260] ================================================================== [ 21.482593] ================================================================== [ 21.483687] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 21.484633] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.485414] [ 21.485967] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.486088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.486127] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.486183] Call Trace: [ 21.486232] <TASK> [ 21.486280] dump_stack_lvl+0x73/0xb0 [ 21.486359] print_report+0xd1/0x650 [ 21.486522] ? __virt_addr_valid+0x1db/0x2d0 [ 21.486619] ? kasan_atomics_helper+0x4b3a/0x5450 [ 21.486860] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.486999] ? kasan_atomics_helper+0x4b3a/0x5450 [ 21.487106] kasan_report+0x141/0x180 [ 21.487186] ? kasan_atomics_helper+0x4b3a/0x5450 [ 21.487276] __asan_report_store4_noabort+0x1b/0x30 [ 21.487331] kasan_atomics_helper+0x4b3a/0x5450 [ 21.487369] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.487405] ? ret_from_fork_asm+0x1a/0x30 [ 21.487444] kasan_atomics+0x1dc/0x310 [ 21.487473] ? __pfx_kasan_atomics+0x10/0x10 [ 21.487502] ? __pfx_read_tsc+0x10/0x10 [ 21.487534] ? ktime_get_ts64+0x86/0x230 [ 21.487570] kunit_try_run_case+0x1a5/0x480 [ 21.487677] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.487770] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.487857] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.487948] ? __kthread_parkme+0x82/0x180 [ 21.487990] ? preempt_count_sub+0x50/0x80 [ 21.488085] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.488139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.488200] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.488273] kthread+0x337/0x6f0 [ 21.488302] ? trace_preempt_on+0x20/0xc0 [ 21.488340] ? __pfx_kthread+0x10/0x10 [ 21.488368] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.488401] ? calculate_sigpending+0x7b/0xa0 [ 21.488433] ? __pfx_kthread+0x10/0x10 [ 21.488460] ret_from_fork+0x41/0x80 [ 21.488492] ? __pfx_kthread+0x10/0x10 [ 21.488517] ret_from_fork_asm+0x1a/0x30 [ 21.488560] </TASK> [ 21.488576] [ 21.510166] Allocated by task 286: [ 21.510852] kasan_save_stack+0x45/0x70 [ 21.511367] kasan_save_track+0x18/0x40 [ 21.512064] kasan_save_alloc_info+0x3b/0x50 [ 21.512774] __kasan_kmalloc+0xb7/0xc0 [ 21.513224] __kmalloc_cache_noprof+0x189/0x420 [ 21.514164] kasan_atomics+0x95/0x310 [ 21.514654] kunit_try_run_case+0x1a5/0x480 [ 21.515239] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.515991] kthread+0x337/0x6f0 [ 21.516485] ret_from_fork+0x41/0x80 [ 21.517344] ret_from_fork_asm+0x1a/0x30 [ 21.518062] [ 21.518430] The buggy address belongs to the object at ffff888102a2c100 [ 21.518430] which belongs to the cache kmalloc-64 of size 64 [ 21.520096] The buggy address is located 0 bytes to the right of [ 21.520096] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.521587] [ 21.521962] The buggy address belongs to the physical page: [ 21.522653] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.523219] flags: 0x200000000000000(node=0|zone=2) [ 21.524136] page_type: f5(slab) [ 21.524801] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.525619] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.526173] page dumped because: kasan: bad access detected [ 21.526563] [ 21.526812] Memory state around the buggy address: [ 21.527214] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.527907] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.529053] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.529624] ^ [ 21.530699] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.531427] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.531780] ================================================================== [ 23.414128] ================================================================== [ 23.415440] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 23.416104] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.417229] [ 23.417577] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.417718] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.417768] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.417825] Call Trace: [ 23.417876] <TASK> [ 23.417923] dump_stack_lvl+0x73/0xb0 [ 23.418003] print_report+0xd1/0x650 [ 23.418083] ? __virt_addr_valid+0x1db/0x2d0 [ 23.418160] ? kasan_atomics_helper+0x1d7a/0x5450 [ 23.418257] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.418340] ? kasan_atomics_helper+0x1d7a/0x5450 [ 23.418416] kasan_report+0x141/0x180 [ 23.418464] ? kasan_atomics_helper+0x1d7a/0x5450 [ 23.418505] kasan_check_range+0x10c/0x1c0 [ 23.418534] __kasan_check_write+0x18/0x20 [ 23.418566] kasan_atomics_helper+0x1d7a/0x5450 [ 23.418626] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.418666] ? ret_from_fork_asm+0x1a/0x30 [ 23.418706] kasan_atomics+0x1dc/0x310 [ 23.418736] ? __pfx_kasan_atomics+0x10/0x10 [ 23.418765] ? __pfx_read_tsc+0x10/0x10 [ 23.418793] ? ktime_get_ts64+0x86/0x230 [ 23.418828] kunit_try_run_case+0x1a5/0x480 [ 23.418866] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.418901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.418936] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.418971] ? __kthread_parkme+0x82/0x180 [ 23.419003] ? preempt_count_sub+0x50/0x80 [ 23.419040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.419075] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.419110] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.419143] kthread+0x337/0x6f0 [ 23.419168] ? trace_preempt_on+0x20/0xc0 [ 23.419202] ? __pfx_kthread+0x10/0x10 [ 23.419259] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.419296] ? calculate_sigpending+0x7b/0xa0 [ 23.419329] ? __pfx_kthread+0x10/0x10 [ 23.419355] ret_from_fork+0x41/0x80 [ 23.419388] ? __pfx_kthread+0x10/0x10 [ 23.419413] ret_from_fork_asm+0x1a/0x30 [ 23.419455] </TASK> [ 23.419470] [ 23.436653] Allocated by task 286: [ 23.437356] kasan_save_stack+0x45/0x70 [ 23.438107] kasan_save_track+0x18/0x40 [ 23.438530] kasan_save_alloc_info+0x3b/0x50 [ 23.438979] __kasan_kmalloc+0xb7/0xc0 [ 23.439528] __kmalloc_cache_noprof+0x189/0x420 [ 23.439922] kasan_atomics+0x95/0x310 [ 23.440353] kunit_try_run_case+0x1a5/0x480 [ 23.440797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.441381] kthread+0x337/0x6f0 [ 23.441884] ret_from_fork+0x41/0x80 [ 23.442364] ret_from_fork_asm+0x1a/0x30 [ 23.442844] [ 23.443042] The buggy address belongs to the object at ffff888102a2c100 [ 23.443042] which belongs to the cache kmalloc-64 of size 64 [ 23.444141] The buggy address is located 0 bytes to the right of [ 23.444141] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.445115] [ 23.445503] The buggy address belongs to the physical page: [ 23.446089] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.446780] flags: 0x200000000000000(node=0|zone=2) [ 23.447374] page_type: f5(slab) [ 23.447827] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.448660] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.449371] page dumped because: kasan: bad access detected [ 23.449798] [ 23.450020] Memory state around the buggy address: [ 23.450631] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.451358] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.451921] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.452682] ^ [ 23.453081] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.453795] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.454462] ================================================================== [ 21.871434] ================================================================== [ 21.872088] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 21.872778] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.873401] [ 21.873693] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.873819] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.873859] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.873916] Call Trace: [ 21.873958] <TASK> [ 21.874006] dump_stack_lvl+0x73/0xb0 [ 21.874088] print_report+0xd1/0x650 [ 21.874167] ? __virt_addr_valid+0x1db/0x2d0 [ 21.874298] ? kasan_atomics_helper+0x992/0x5450 [ 21.874381] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.874457] ? kasan_atomics_helper+0x992/0x5450 [ 21.874537] kasan_report+0x141/0x180 [ 21.874631] ? kasan_atomics_helper+0x992/0x5450 [ 21.874724] kasan_check_range+0x10c/0x1c0 [ 21.874797] __kasan_check_write+0x18/0x20 [ 21.874854] kasan_atomics_helper+0x992/0x5450 [ 21.874908] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.874981] ? ret_from_fork_asm+0x1a/0x30 [ 21.875071] kasan_atomics+0x1dc/0x310 [ 21.875149] ? __pfx_kasan_atomics+0x10/0x10 [ 21.875279] ? __pfx_read_tsc+0x10/0x10 [ 21.875356] ? ktime_get_ts64+0x86/0x230 [ 21.875446] kunit_try_run_case+0x1a5/0x480 [ 21.875531] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.875624] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.875707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.875748] ? __kthread_parkme+0x82/0x180 [ 21.875786] ? preempt_count_sub+0x50/0x80 [ 21.875826] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.875865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.875902] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.875940] kthread+0x337/0x6f0 [ 21.875966] ? trace_preempt_on+0x20/0xc0 [ 21.876003] ? __pfx_kthread+0x10/0x10 [ 21.876031] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.876065] ? calculate_sigpending+0x7b/0xa0 [ 21.876099] ? __pfx_kthread+0x10/0x10 [ 21.876126] ret_from_fork+0x41/0x80 [ 21.876158] ? __pfx_kthread+0x10/0x10 [ 21.876186] ret_from_fork_asm+0x1a/0x30 [ 21.876273] </TASK> [ 21.876293] [ 21.892358] Allocated by task 286: [ 21.892806] kasan_save_stack+0x45/0x70 [ 21.893270] kasan_save_track+0x18/0x40 [ 21.894240] kasan_save_alloc_info+0x3b/0x50 [ 21.894862] __kasan_kmalloc+0xb7/0xc0 [ 21.895473] __kmalloc_cache_noprof+0x189/0x420 [ 21.895934] kasan_atomics+0x95/0x310 [ 21.896289] kunit_try_run_case+0x1a5/0x480 [ 21.896727] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.897240] kthread+0x337/0x6f0 [ 21.897659] ret_from_fork+0x41/0x80 [ 21.898107] ret_from_fork_asm+0x1a/0x30 [ 21.898616] [ 21.898827] The buggy address belongs to the object at ffff888102a2c100 [ 21.898827] which belongs to the cache kmalloc-64 of size 64 [ 21.899836] The buggy address is located 0 bytes to the right of [ 21.899836] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.900912] [ 21.901149] The buggy address belongs to the physical page: [ 21.901736] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.902489] flags: 0x200000000000000(node=0|zone=2) [ 21.902994] page_type: f5(slab) [ 21.903393] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.904120] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.904822] page dumped because: kasan: bad access detected [ 21.905394] [ 21.905594] Memory state around the buggy address: [ 21.906135] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.906785] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.907402] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.908014] ^ [ 21.908523] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.909128] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.909791] ================================================================== [ 22.848236] ================================================================== [ 22.849631] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 22.850435] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.851015] [ 22.851288] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.851417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.851457] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.851515] Call Trace: [ 22.851570] <TASK> [ 22.851635] dump_stack_lvl+0x73/0xb0 [ 22.851715] print_report+0xd1/0x650 [ 22.851792] ? __virt_addr_valid+0x1db/0x2d0 [ 22.851870] ? kasan_atomics_helper+0x151d/0x5450 [ 22.851945] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.852018] ? kasan_atomics_helper+0x151d/0x5450 [ 22.852093] kasan_report+0x141/0x180 [ 22.852168] ? kasan_atomics_helper+0x151d/0x5450 [ 22.852288] kasan_check_range+0x10c/0x1c0 [ 22.852333] __kasan_check_write+0x18/0x20 [ 22.852369] kasan_atomics_helper+0x151d/0x5450 [ 22.852405] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.852438] ? ret_from_fork_asm+0x1a/0x30 [ 22.852477] kasan_atomics+0x1dc/0x310 [ 22.852506] ? __pfx_kasan_atomics+0x10/0x10 [ 22.852540] ? __pfx_read_tsc+0x10/0x10 [ 22.852569] ? ktime_get_ts64+0x86/0x230 [ 22.852628] kunit_try_run_case+0x1a5/0x480 [ 22.852669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.852705] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.852740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.852774] ? __kthread_parkme+0x82/0x180 [ 22.852806] ? preempt_count_sub+0x50/0x80 [ 22.852842] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.852878] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.852912] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.852947] kthread+0x337/0x6f0 [ 22.852971] ? trace_preempt_on+0x20/0xc0 [ 22.853006] ? __pfx_kthread+0x10/0x10 [ 22.853032] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.853064] ? calculate_sigpending+0x7b/0xa0 [ 22.853094] ? __pfx_kthread+0x10/0x10 [ 22.853120] ret_from_fork+0x41/0x80 [ 22.853153] ? __pfx_kthread+0x10/0x10 [ 22.853178] ret_from_fork_asm+0x1a/0x30 [ 22.853262] </TASK> [ 22.853282] [ 22.870839] Allocated by task 286: [ 22.871465] kasan_save_stack+0x45/0x70 [ 22.872087] kasan_save_track+0x18/0x40 [ 22.872869] kasan_save_alloc_info+0x3b/0x50 [ 22.873479] __kasan_kmalloc+0xb7/0xc0 [ 22.874108] __kmalloc_cache_noprof+0x189/0x420 [ 22.874699] kasan_atomics+0x95/0x310 [ 22.875333] kunit_try_run_case+0x1a5/0x480 [ 22.875845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.876594] kthread+0x337/0x6f0 [ 22.876986] ret_from_fork+0x41/0x80 [ 22.877338] ret_from_fork_asm+0x1a/0x30 [ 22.877853] [ 22.878128] The buggy address belongs to the object at ffff888102a2c100 [ 22.878128] which belongs to the cache kmalloc-64 of size 64 [ 22.879080] The buggy address is located 0 bytes to the right of [ 22.879080] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.880081] [ 22.880326] The buggy address belongs to the physical page: [ 22.880837] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.881516] flags: 0x200000000000000(node=0|zone=2) [ 22.881944] page_type: f5(slab) [ 22.882351] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.883035] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.883855] page dumped because: kasan: bad access detected [ 22.884358] [ 22.884631] Memory state around the buggy address: [ 22.885069] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.885581] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.886645] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.887105] ^ [ 22.887640] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.888256] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.888760] ================================================================== [ 22.153647] ================================================================== [ 22.154864] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 22.155701] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.157093] [ 22.157571] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.157716] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.157766] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.157923] Call Trace: [ 22.157982] <TASK> [ 22.158023] dump_stack_lvl+0x73/0xb0 [ 22.158064] print_report+0xd1/0x650 [ 22.158099] ? __virt_addr_valid+0x1db/0x2d0 [ 22.158132] ? kasan_atomics_helper+0xde0/0x5450 [ 22.158166] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.158199] ? kasan_atomics_helper+0xde0/0x5450 [ 22.158264] kasan_report+0x141/0x180 [ 22.158302] ? kasan_atomics_helper+0xde0/0x5450 [ 22.158343] kasan_check_range+0x10c/0x1c0 [ 22.158373] __kasan_check_write+0x18/0x20 [ 22.158404] kasan_atomics_helper+0xde0/0x5450 [ 22.158440] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.158473] ? ret_from_fork_asm+0x1a/0x30 [ 22.158513] kasan_atomics+0x1dc/0x310 [ 22.158542] ? __pfx_kasan_atomics+0x10/0x10 [ 22.158571] ? __pfx_read_tsc+0x10/0x10 [ 22.158599] ? ktime_get_ts64+0x86/0x230 [ 22.158661] kunit_try_run_case+0x1a5/0x480 [ 22.158698] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.158732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.158767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.158803] ? __kthread_parkme+0x82/0x180 [ 22.158834] ? preempt_count_sub+0x50/0x80 [ 22.158870] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.158905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.158940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.158976] kthread+0x337/0x6f0 [ 22.159000] ? trace_preempt_on+0x20/0xc0 [ 22.159035] ? __pfx_kthread+0x10/0x10 [ 22.159060] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.159092] ? calculate_sigpending+0x7b/0xa0 [ 22.159123] ? __pfx_kthread+0x10/0x10 [ 22.159149] ret_from_fork+0x41/0x80 [ 22.159181] ? __pfx_kthread+0x10/0x10 [ 22.159208] ret_from_fork_asm+0x1a/0x30 [ 22.159277] </TASK> [ 22.159294] [ 22.177061] Allocated by task 286: [ 22.177475] kasan_save_stack+0x45/0x70 [ 22.177894] kasan_save_track+0x18/0x40 [ 22.178210] kasan_save_alloc_info+0x3b/0x50 [ 22.178600] __kasan_kmalloc+0xb7/0xc0 [ 22.179048] __kmalloc_cache_noprof+0x189/0x420 [ 22.179513] kasan_atomics+0x95/0x310 [ 22.179957] kunit_try_run_case+0x1a5/0x480 [ 22.180379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.180812] kthread+0x337/0x6f0 [ 22.181176] ret_from_fork+0x41/0x80 [ 22.181636] ret_from_fork_asm+0x1a/0x30 [ 22.182075] [ 22.182361] The buggy address belongs to the object at ffff888102a2c100 [ 22.182361] which belongs to the cache kmalloc-64 of size 64 [ 22.183310] The buggy address is located 0 bytes to the right of [ 22.183310] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.184282] [ 22.184487] The buggy address belongs to the physical page: [ 22.184992] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.185664] flags: 0x200000000000000(node=0|zone=2) [ 22.186059] page_type: f5(slab) [ 22.186368] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.186824] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.187298] page dumped because: kasan: bad access detected [ 22.187667] [ 22.187854] Memory state around the buggy address: [ 22.188252] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.188743] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.189188] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.189926] ^ [ 22.190441] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.191434] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.192058] ================================================================== [ 23.827649] ================================================================== [ 23.828172] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 23.828926] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.829640] [ 23.830488] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.831168] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.831266] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.831329] Call Trace: [ 23.831376] <TASK> [ 23.831419] dump_stack_lvl+0x73/0xb0 [ 23.831521] print_report+0xd1/0x650 [ 23.831644] ? __virt_addr_valid+0x1db/0x2d0 [ 23.831694] ? kasan_atomics_helper+0x4fa5/0x5450 [ 23.831733] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.831771] ? kasan_atomics_helper+0x4fa5/0x5450 [ 23.831808] kasan_report+0x141/0x180 [ 23.831844] ? kasan_atomics_helper+0x4fa5/0x5450 [ 23.831884] __asan_report_load8_noabort+0x18/0x20 [ 23.831916] kasan_atomics_helper+0x4fa5/0x5450 [ 23.831952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.831986] ? ret_from_fork_asm+0x1a/0x30 [ 23.832027] kasan_atomics+0x1dc/0x310 [ 23.832056] ? __pfx_kasan_atomics+0x10/0x10 [ 23.832087] ? __pfx_read_tsc+0x10/0x10 [ 23.832117] ? ktime_get_ts64+0x86/0x230 [ 23.832155] kunit_try_run_case+0x1a5/0x480 [ 23.832193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.832265] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.832307] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.832346] ? __kthread_parkme+0x82/0x180 [ 23.832379] ? preempt_count_sub+0x50/0x80 [ 23.832416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.832454] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.832490] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.832525] kthread+0x337/0x6f0 [ 23.832551] ? trace_preempt_on+0x20/0xc0 [ 23.832587] ? __pfx_kthread+0x10/0x10 [ 23.832639] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.832677] ? calculate_sigpending+0x7b/0xa0 [ 23.832710] ? __pfx_kthread+0x10/0x10 [ 23.832737] ret_from_fork+0x41/0x80 [ 23.832770] ? __pfx_kthread+0x10/0x10 [ 23.832797] ret_from_fork_asm+0x1a/0x30 [ 23.832839] </TASK> [ 23.832854] [ 23.848901] Allocated by task 286: [ 23.849704] kasan_save_stack+0x45/0x70 [ 23.850675] kasan_save_track+0x18/0x40 [ 23.851362] kasan_save_alloc_info+0x3b/0x50 [ 23.851823] __kasan_kmalloc+0xb7/0xc0 [ 23.852231] __kmalloc_cache_noprof+0x189/0x420 [ 23.852650] kasan_atomics+0x95/0x310 [ 23.853041] kunit_try_run_case+0x1a5/0x480 [ 23.853481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.854021] kthread+0x337/0x6f0 [ 23.854362] ret_from_fork+0x41/0x80 [ 23.854799] ret_from_fork_asm+0x1a/0x30 [ 23.855176] [ 23.855408] The buggy address belongs to the object at ffff888102a2c100 [ 23.855408] which belongs to the cache kmalloc-64 of size 64 [ 23.856342] The buggy address is located 0 bytes to the right of [ 23.856342] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.858068] [ 23.858268] The buggy address belongs to the physical page: [ 23.859149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.859974] flags: 0x200000000000000(node=0|zone=2) [ 23.860739] page_type: f5(slab) [ 23.861014] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.861869] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.862419] page dumped because: kasan: bad access detected [ 23.862908] [ 23.863132] Memory state around the buggy address: [ 23.863517] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.864250] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.864850] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.865489] ^ [ 23.865985] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.866643] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.867282] ================================================================== [ 23.787159] ================================================================== [ 23.787759] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 23.788475] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.789082] [ 23.789358] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.789485] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.789562] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.789642] Call Trace: [ 23.789693] <TASK> [ 23.789786] dump_stack_lvl+0x73/0xb0 [ 23.789870] print_report+0xd1/0x650 [ 23.789945] ? __virt_addr_valid+0x1db/0x2d0 [ 23.790018] ? kasan_atomics_helper+0x218a/0x5450 [ 23.790091] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.790240] ? kasan_atomics_helper+0x218a/0x5450 [ 23.790329] kasan_report+0x141/0x180 [ 23.790404] ? kasan_atomics_helper+0x218a/0x5450 [ 23.790453] kasan_check_range+0x10c/0x1c0 [ 23.790529] __kasan_check_write+0x18/0x20 [ 23.790620] kasan_atomics_helper+0x218a/0x5450 [ 23.790744] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.790826] ? ret_from_fork_asm+0x1a/0x30 [ 23.790919] kasan_atomics+0x1dc/0x310 [ 23.791036] ? __pfx_kasan_atomics+0x10/0x10 [ 23.791115] ? __pfx_read_tsc+0x10/0x10 [ 23.791184] ? ktime_get_ts64+0x86/0x230 [ 23.791279] kunit_try_run_case+0x1a5/0x480 [ 23.791320] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.791357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.791395] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.791433] ? __kthread_parkme+0x82/0x180 [ 23.791465] ? preempt_count_sub+0x50/0x80 [ 23.791501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.791538] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.791574] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.791641] kthread+0x337/0x6f0 [ 23.791687] ? trace_preempt_on+0x20/0xc0 [ 23.791723] ? __pfx_kthread+0x10/0x10 [ 23.791748] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.791780] ? calculate_sigpending+0x7b/0xa0 [ 23.791810] ? __pfx_kthread+0x10/0x10 [ 23.791835] ret_from_fork+0x41/0x80 [ 23.791866] ? __pfx_kthread+0x10/0x10 [ 23.791890] ret_from_fork_asm+0x1a/0x30 [ 23.791931] </TASK> [ 23.791945] [ 23.807817] Allocated by task 286: [ 23.808318] kasan_save_stack+0x45/0x70 [ 23.808865] kasan_save_track+0x18/0x40 [ 23.809288] kasan_save_alloc_info+0x3b/0x50 [ 23.809634] __kasan_kmalloc+0xb7/0xc0 [ 23.810041] __kmalloc_cache_noprof+0x189/0x420 [ 23.810636] kasan_atomics+0x95/0x310 [ 23.811111] kunit_try_run_case+0x1a5/0x480 [ 23.811735] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.812391] kthread+0x337/0x6f0 [ 23.812756] ret_from_fork+0x41/0x80 [ 23.813056] ret_from_fork_asm+0x1a/0x30 [ 23.813538] [ 23.813804] The buggy address belongs to the object at ffff888102a2c100 [ 23.813804] which belongs to the cache kmalloc-64 of size 64 [ 23.814985] The buggy address is located 0 bytes to the right of [ 23.814985] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.816737] [ 23.817020] The buggy address belongs to the physical page: [ 23.818022] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.818794] flags: 0x200000000000000(node=0|zone=2) [ 23.819325] page_type: f5(slab) [ 23.820036] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.820775] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.821517] page dumped because: kasan: bad access detected [ 23.821876] [ 23.822108] Memory state around the buggy address: [ 23.822912] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.823554] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.824127] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.824777] ^ [ 23.825288] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.825896] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.826538] ================================================================== [ 23.085594] ================================================================== [ 23.086859] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 23.087929] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.088502] [ 23.088756] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.088880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.088920] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.088976] Call Trace: [ 23.089032] <TASK> [ 23.089075] dump_stack_lvl+0x73/0xb0 [ 23.089154] print_report+0xd1/0x650 [ 23.089223] ? __virt_addr_valid+0x1db/0x2d0 [ 23.089275] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.089337] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.089415] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.089496] kasan_report+0x141/0x180 [ 23.089574] ? kasan_atomics_helper+0x18b1/0x5450 [ 23.089769] kasan_check_range+0x10c/0x1c0 [ 23.089846] __kasan_check_write+0x18/0x20 [ 23.089911] kasan_atomics_helper+0x18b1/0x5450 [ 23.089952] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.089987] ? ret_from_fork_asm+0x1a/0x30 [ 23.090027] kasan_atomics+0x1dc/0x310 [ 23.090057] ? __pfx_kasan_atomics+0x10/0x10 [ 23.090089] ? __pfx_read_tsc+0x10/0x10 [ 23.090117] ? ktime_get_ts64+0x86/0x230 [ 23.090156] kunit_try_run_case+0x1a5/0x480 [ 23.090193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.090267] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.090308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.090343] ? __kthread_parkme+0x82/0x180 [ 23.090377] ? preempt_count_sub+0x50/0x80 [ 23.090414] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.090450] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.090483] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.090519] kthread+0x337/0x6f0 [ 23.090543] ? trace_preempt_on+0x20/0xc0 [ 23.090577] ? __pfx_kthread+0x10/0x10 [ 23.090624] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.090665] ? calculate_sigpending+0x7b/0xa0 [ 23.090697] ? __pfx_kthread+0x10/0x10 [ 23.090725] ret_from_fork+0x41/0x80 [ 23.090757] ? __pfx_kthread+0x10/0x10 [ 23.090784] ret_from_fork_asm+0x1a/0x30 [ 23.090826] </TASK> [ 23.090841] [ 23.107098] Allocated by task 286: [ 23.107559] kasan_save_stack+0x45/0x70 [ 23.108030] kasan_save_track+0x18/0x40 [ 23.108573] kasan_save_alloc_info+0x3b/0x50 [ 23.109111] __kasan_kmalloc+0xb7/0xc0 [ 23.109590] __kmalloc_cache_noprof+0x189/0x420 [ 23.110131] kasan_atomics+0x95/0x310 [ 23.110689] kunit_try_run_case+0x1a5/0x480 [ 23.111159] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.111784] kthread+0x337/0x6f0 [ 23.112143] ret_from_fork+0x41/0x80 [ 23.112676] ret_from_fork_asm+0x1a/0x30 [ 23.113205] [ 23.113515] The buggy address belongs to the object at ffff888102a2c100 [ 23.113515] which belongs to the cache kmalloc-64 of size 64 [ 23.114568] The buggy address is located 0 bytes to the right of [ 23.114568] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.115767] [ 23.116028] The buggy address belongs to the physical page: [ 23.116652] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.117513] flags: 0x200000000000000(node=0|zone=2) [ 23.118046] page_type: f5(slab) [ 23.118579] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.119319] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.120014] page dumped because: kasan: bad access detected [ 23.120635] [ 23.120869] Memory state around the buggy address: [ 23.121397] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.122005] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.122656] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.123383] ^ [ 23.123914] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.124436] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.125265] ================================================================== [ 22.024893] ================================================================== [ 22.025802] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 22.026630] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.027188] [ 22.027447] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.027572] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.027632] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.027694] Call Trace: [ 22.027747] <TASK> [ 22.027791] dump_stack_lvl+0x73/0xb0 [ 22.027871] print_report+0xd1/0x650 [ 22.027949] ? __virt_addr_valid+0x1db/0x2d0 [ 22.028026] ? kasan_atomics_helper+0xc70/0x5450 [ 22.028102] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.028181] ? kasan_atomics_helper+0xc70/0x5450 [ 22.028263] kasan_report+0x141/0x180 [ 22.028346] ? kasan_atomics_helper+0xc70/0x5450 [ 22.028437] kasan_check_range+0x10c/0x1c0 [ 22.028518] __kasan_check_write+0x18/0x20 [ 22.028588] kasan_atomics_helper+0xc70/0x5450 [ 22.028688] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.028768] ? ret_from_fork_asm+0x1a/0x30 [ 22.028856] kasan_atomics+0x1dc/0x310 [ 22.028927] ? __pfx_kasan_atomics+0x10/0x10 [ 22.029000] ? __pfx_read_tsc+0x10/0x10 [ 22.029064] ? ktime_get_ts64+0x86/0x230 [ 22.029145] kunit_try_run_case+0x1a5/0x480 [ 22.029231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.029305] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.029386] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.029463] ? __kthread_parkme+0x82/0x180 [ 22.029533] ? preempt_count_sub+0x50/0x80 [ 22.029630] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.029711] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.029800] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.029876] kthread+0x337/0x6f0 [ 22.029936] ? trace_preempt_on+0x20/0xc0 [ 22.030012] ? __pfx_kthread+0x10/0x10 [ 22.030077] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.030149] ? calculate_sigpending+0x7b/0xa0 [ 22.030221] ? __pfx_kthread+0x10/0x10 [ 22.030285] ret_from_fork+0x41/0x80 [ 22.030338] ? __pfx_kthread+0x10/0x10 [ 22.030395] ret_from_fork_asm+0x1a/0x30 [ 22.030486] </TASK> [ 22.030528] [ 22.044184] Allocated by task 286: [ 22.044545] kasan_save_stack+0x45/0x70 [ 22.044982] kasan_save_track+0x18/0x40 [ 22.045503] kasan_save_alloc_info+0x3b/0x50 [ 22.045978] __kasan_kmalloc+0xb7/0xc0 [ 22.046502] __kmalloc_cache_noprof+0x189/0x420 [ 22.046929] kasan_atomics+0x95/0x310 [ 22.047299] kunit_try_run_case+0x1a5/0x480 [ 22.047736] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.048195] kthread+0x337/0x6f0 [ 22.048575] ret_from_fork+0x41/0x80 [ 22.048943] ret_from_fork_asm+0x1a/0x30 [ 22.049266] [ 22.049570] The buggy address belongs to the object at ffff888102a2c100 [ 22.049570] which belongs to the cache kmalloc-64 of size 64 [ 22.050554] The buggy address is located 0 bytes to the right of [ 22.050554] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.051287] [ 22.051470] The buggy address belongs to the physical page: [ 22.051957] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.052733] flags: 0x200000000000000(node=0|zone=2) [ 22.053477] page_type: f5(slab) [ 22.053802] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.054282] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.055046] page dumped because: kasan: bad access detected [ 22.055814] [ 22.056147] Memory state around the buggy address: [ 22.056708] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.059521] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.059988] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.061333] ^ [ 22.062747] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.063921] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.065137] ================================================================== [ 21.243970] ================================================================== [ 21.244922] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 21.245547] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.246081] [ 21.246335] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.246454] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.246492] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.246543] Call Trace: [ 21.246579] <TASK> [ 21.246635] dump_stack_lvl+0x73/0xb0 [ 21.246797] print_report+0xd1/0x650 [ 21.246882] ? __virt_addr_valid+0x1db/0x2d0 [ 21.246953] ? kasan_atomics_helper+0x4b88/0x5450 [ 21.247023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.247095] ? kasan_atomics_helper+0x4b88/0x5450 [ 21.247164] kasan_report+0x141/0x180 [ 21.247235] ? kasan_atomics_helper+0x4b88/0x5450 [ 21.247324] __asan_report_load4_noabort+0x18/0x20 [ 21.247390] kasan_atomics_helper+0x4b88/0x5450 [ 21.247446] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.247519] ? ret_from_fork_asm+0x1a/0x30 [ 21.247625] kasan_atomics+0x1dc/0x310 [ 21.247699] ? __pfx_kasan_atomics+0x10/0x10 [ 21.247775] ? __pfx_read_tsc+0x10/0x10 [ 21.247843] ? ktime_get_ts64+0x86/0x230 [ 21.247924] kunit_try_run_case+0x1a5/0x480 [ 21.248005] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.248075] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.248154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.248233] ? __kthread_parkme+0x82/0x180 [ 21.248404] ? preempt_count_sub+0x50/0x80 [ 21.248496] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.248571] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.248746] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.248824] kthread+0x337/0x6f0 [ 21.248884] ? trace_preempt_on+0x20/0xc0 [ 21.248960] ? __pfx_kthread+0x10/0x10 [ 21.249020] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.249088] ? calculate_sigpending+0x7b/0xa0 [ 21.249152] ? __pfx_kthread+0x10/0x10 [ 21.249183] ret_from_fork+0x41/0x80 [ 21.249223] ? __pfx_kthread+0x10/0x10 [ 21.249275] ret_from_fork_asm+0x1a/0x30 [ 21.249317] </TASK> [ 21.249332] [ 21.272192] Allocated by task 286: [ 21.272854] kasan_save_stack+0x45/0x70 [ 21.273332] kasan_save_track+0x18/0x40 [ 21.273857] kasan_save_alloc_info+0x3b/0x50 [ 21.274289] __kasan_kmalloc+0xb7/0xc0 [ 21.274700] __kmalloc_cache_noprof+0x189/0x420 [ 21.275140] kasan_atomics+0x95/0x310 [ 21.275482] kunit_try_run_case+0x1a5/0x480 [ 21.276184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.276656] kthread+0x337/0x6f0 [ 21.277021] ret_from_fork+0x41/0x80 [ 21.277429] ret_from_fork_asm+0x1a/0x30 [ 21.277958] [ 21.278198] The buggy address belongs to the object at ffff888102a2c100 [ 21.278198] which belongs to the cache kmalloc-64 of size 64 [ 21.279244] The buggy address is located 0 bytes to the right of [ 21.279244] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.280537] [ 21.280906] The buggy address belongs to the physical page: [ 21.281459] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.282707] flags: 0x200000000000000(node=0|zone=2) [ 21.283187] page_type: f5(slab) [ 21.283738] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.284455] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.285261] page dumped because: kasan: bad access detected [ 21.285933] [ 21.286155] Memory state around the buggy address: [ 21.287014] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.287666] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.288256] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.288939] ^ [ 21.289483] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.290257] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.291193] ================================================================== [ 23.208878] ================================================================== [ 23.209471] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 23.210257] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.211498] [ 23.211885] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.212008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.212049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.212131] Call Trace: [ 23.212212] <TASK> [ 23.212259] dump_stack_lvl+0x73/0xb0 [ 23.212355] print_report+0xd1/0x650 [ 23.212406] ? __virt_addr_valid+0x1db/0x2d0 [ 23.212441] ? kasan_atomics_helper+0x1a7f/0x5450 [ 23.212474] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.212509] ? kasan_atomics_helper+0x1a7f/0x5450 [ 23.212543] kasan_report+0x141/0x180 [ 23.212579] ? kasan_atomics_helper+0x1a7f/0x5450 [ 23.212646] kasan_check_range+0x10c/0x1c0 [ 23.212681] __kasan_check_write+0x18/0x20 [ 23.212711] kasan_atomics_helper+0x1a7f/0x5450 [ 23.212746] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.212780] ? ret_from_fork_asm+0x1a/0x30 [ 23.212819] kasan_atomics+0x1dc/0x310 [ 23.212848] ? __pfx_kasan_atomics+0x10/0x10 [ 23.212880] ? __pfx_read_tsc+0x10/0x10 [ 23.212908] ? ktime_get_ts64+0x86/0x230 [ 23.212945] kunit_try_run_case+0x1a5/0x480 [ 23.212981] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.213016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.213052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.213086] ? __kthread_parkme+0x82/0x180 [ 23.213118] ? preempt_count_sub+0x50/0x80 [ 23.213154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.213191] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.213260] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.213304] kthread+0x337/0x6f0 [ 23.213331] ? trace_preempt_on+0x20/0xc0 [ 23.213368] ? __pfx_kthread+0x10/0x10 [ 23.213393] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.213427] ? calculate_sigpending+0x7b/0xa0 [ 23.213458] ? __pfx_kthread+0x10/0x10 [ 23.213484] ret_from_fork+0x41/0x80 [ 23.213515] ? __pfx_kthread+0x10/0x10 [ 23.213541] ret_from_fork_asm+0x1a/0x30 [ 23.213584] </TASK> [ 23.213616] [ 23.230536] Allocated by task 286: [ 23.230857] kasan_save_stack+0x45/0x70 [ 23.231298] kasan_save_track+0x18/0x40 [ 23.231804] kasan_save_alloc_info+0x3b/0x50 [ 23.232223] __kasan_kmalloc+0xb7/0xc0 [ 23.232557] __kmalloc_cache_noprof+0x189/0x420 [ 23.233105] kasan_atomics+0x95/0x310 [ 23.233620] kunit_try_run_case+0x1a5/0x480 [ 23.234029] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.234474] kthread+0x337/0x6f0 [ 23.235537] ret_from_fork+0x41/0x80 [ 23.236290] ret_from_fork_asm+0x1a/0x30 [ 23.236747] [ 23.236960] The buggy address belongs to the object at ffff888102a2c100 [ 23.236960] which belongs to the cache kmalloc-64 of size 64 [ 23.238261] The buggy address is located 0 bytes to the right of [ 23.238261] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.239531] [ 23.239734] The buggy address belongs to the physical page: [ 23.240548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.241222] flags: 0x200000000000000(node=0|zone=2) [ 23.241653] page_type: f5(slab) [ 23.242000] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.242682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.243155] page dumped because: kasan: bad access detected [ 23.243676] [ 23.243903] Memory state around the buggy address: [ 23.244312] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.245169] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.246077] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.246652] ^ [ 23.247285] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.248236] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.249040] ================================================================== [ 21.731354] ================================================================== [ 21.732007] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 21.732753] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.733553] [ 21.733834] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.734024] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.734070] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.734130] Call Trace: [ 21.734187] <TASK> [ 21.734274] dump_stack_lvl+0x73/0xb0 [ 21.734362] print_report+0xd1/0x650 [ 21.734446] ? __virt_addr_valid+0x1db/0x2d0 [ 21.734529] ? kasan_atomics_helper+0x7c7/0x5450 [ 21.734625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.734710] ? kasan_atomics_helper+0x7c7/0x5450 [ 21.734811] kasan_report+0x141/0x180 [ 21.734923] ? kasan_atomics_helper+0x7c7/0x5450 [ 21.735011] kasan_check_range+0x10c/0x1c0 [ 21.735085] __kasan_check_write+0x18/0x20 [ 21.735155] kasan_atomics_helper+0x7c7/0x5450 [ 21.735272] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.735355] ? ret_from_fork_asm+0x1a/0x30 [ 21.735444] kasan_atomics+0x1dc/0x310 [ 21.735516] ? __pfx_kasan_atomics+0x10/0x10 [ 21.735589] ? __pfx_read_tsc+0x10/0x10 [ 21.735710] ? ktime_get_ts64+0x86/0x230 [ 21.735796] kunit_try_run_case+0x1a5/0x480 [ 21.735883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.735927] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.735964] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.736000] ? __kthread_parkme+0x82/0x180 [ 21.736031] ? preempt_count_sub+0x50/0x80 [ 21.736068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.736105] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.736139] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.736175] kthread+0x337/0x6f0 [ 21.736198] ? trace_preempt_on+0x20/0xc0 [ 21.736275] ? __pfx_kthread+0x10/0x10 [ 21.736305] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.736338] ? calculate_sigpending+0x7b/0xa0 [ 21.736370] ? __pfx_kthread+0x10/0x10 [ 21.736395] ret_from_fork+0x41/0x80 [ 21.736428] ? __pfx_kthread+0x10/0x10 [ 21.736454] ret_from_fork_asm+0x1a/0x30 [ 21.736498] </TASK> [ 21.736513] [ 21.758400] Allocated by task 286: [ 21.759344] kasan_save_stack+0x45/0x70 [ 21.759952] kasan_save_track+0x18/0x40 [ 21.760485] kasan_save_alloc_info+0x3b/0x50 [ 21.761164] __kasan_kmalloc+0xb7/0xc0 [ 21.761804] __kmalloc_cache_noprof+0x189/0x420 [ 21.762395] kasan_atomics+0x95/0x310 [ 21.762986] kunit_try_run_case+0x1a5/0x480 [ 21.763477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.764509] kthread+0x337/0x6f0 [ 21.764967] ret_from_fork+0x41/0x80 [ 21.765321] ret_from_fork_asm+0x1a/0x30 [ 21.765799] [ 21.766048] The buggy address belongs to the object at ffff888102a2c100 [ 21.766048] which belongs to the cache kmalloc-64 of size 64 [ 21.767347] The buggy address is located 0 bytes to the right of [ 21.767347] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.768631] [ 21.768957] The buggy address belongs to the physical page: [ 21.769340] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.770538] flags: 0x200000000000000(node=0|zone=2) [ 21.771040] page_type: f5(slab) [ 21.771388] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.772010] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.772593] page dumped because: kasan: bad access detected [ 21.773718] [ 21.773960] Memory state around the buggy address: [ 21.774789] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.775094] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.776100] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.777188] ^ [ 21.777545] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.778063] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.779279] ================================================================== [ 22.435406] ================================================================== [ 22.436042] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 22.436748] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.437539] [ 22.437832] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.437955] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.437996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.438053] Call Trace: [ 22.438159] <TASK> [ 22.438254] dump_stack_lvl+0x73/0xb0 [ 22.438398] print_report+0xd1/0x650 [ 22.438485] ? __virt_addr_valid+0x1db/0x2d0 [ 22.438563] ? kasan_atomics_helper+0x1148/0x5450 [ 22.438657] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.438708] ? kasan_atomics_helper+0x1148/0x5450 [ 22.438747] kasan_report+0x141/0x180 [ 22.438786] ? kasan_atomics_helper+0x1148/0x5450 [ 22.438827] kasan_check_range+0x10c/0x1c0 [ 22.438860] __kasan_check_write+0x18/0x20 [ 22.438890] kasan_atomics_helper+0x1148/0x5450 [ 22.438924] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.438960] ? ret_from_fork_asm+0x1a/0x30 [ 22.439001] kasan_atomics+0x1dc/0x310 [ 22.439031] ? __pfx_kasan_atomics+0x10/0x10 [ 22.439063] ? __pfx_read_tsc+0x10/0x10 [ 22.439092] ? ktime_get_ts64+0x86/0x230 [ 22.439129] kunit_try_run_case+0x1a5/0x480 [ 22.439169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.439205] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.439283] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.439321] ? __kthread_parkme+0x82/0x180 [ 22.439355] ? preempt_count_sub+0x50/0x80 [ 22.439393] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.439431] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.439467] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.439503] kthread+0x337/0x6f0 [ 22.439529] ? trace_preempt_on+0x20/0xc0 [ 22.439565] ? __pfx_kthread+0x10/0x10 [ 22.439593] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.439653] ? calculate_sigpending+0x7b/0xa0 [ 22.439689] ? __pfx_kthread+0x10/0x10 [ 22.439716] ret_from_fork+0x41/0x80 [ 22.439748] ? __pfx_kthread+0x10/0x10 [ 22.439775] ret_from_fork_asm+0x1a/0x30 [ 22.439819] </TASK> [ 22.439833] [ 22.457433] Allocated by task 286: [ 22.458157] kasan_save_stack+0x45/0x70 [ 22.458869] kasan_save_track+0x18/0x40 [ 22.459184] kasan_save_alloc_info+0x3b/0x50 [ 22.459639] __kasan_kmalloc+0xb7/0xc0 [ 22.460107] __kmalloc_cache_noprof+0x189/0x420 [ 22.460792] kasan_atomics+0x95/0x310 [ 22.461222] kunit_try_run_case+0x1a5/0x480 [ 22.461663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.462224] kthread+0x337/0x6f0 [ 22.462576] ret_from_fork+0x41/0x80 [ 22.463007] ret_from_fork_asm+0x1a/0x30 [ 22.463450] [ 22.463669] The buggy address belongs to the object at ffff888102a2c100 [ 22.463669] which belongs to the cache kmalloc-64 of size 64 [ 22.464662] The buggy address is located 0 bytes to the right of [ 22.464662] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.465429] [ 22.465686] The buggy address belongs to the physical page: [ 22.466193] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.466931] flags: 0x200000000000000(node=0|zone=2) [ 22.467524] page_type: f5(slab) [ 22.467908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.468926] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.469439] page dumped because: kasan: bad access detected [ 22.470010] [ 22.470169] Memory state around the buggy address: [ 22.470470] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.471153] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.471577] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.473171] ^ [ 22.473658] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.474197] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.475166] ================================================================== [ 23.495194] ================================================================== [ 23.496005] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 23.497777] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.498585] [ 23.498850] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.498964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.498985] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.499015] Call Trace: [ 23.499038] <TASK> [ 23.499059] dump_stack_lvl+0x73/0xb0 [ 23.499136] print_report+0xd1/0x650 [ 23.499230] ? __virt_addr_valid+0x1db/0x2d0 [ 23.499309] ? kasan_atomics_helper+0x1eaa/0x5450 [ 23.499379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.499458] ? kasan_atomics_helper+0x1eaa/0x5450 [ 23.499524] kasan_report+0x141/0x180 [ 23.499562] ? kasan_atomics_helper+0x1eaa/0x5450 [ 23.499625] kasan_check_range+0x10c/0x1c0 [ 23.499662] __kasan_check_write+0x18/0x20 [ 23.499694] kasan_atomics_helper+0x1eaa/0x5450 [ 23.499729] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.499764] ? ret_from_fork_asm+0x1a/0x30 [ 23.499804] kasan_atomics+0x1dc/0x310 [ 23.499832] ? __pfx_kasan_atomics+0x10/0x10 [ 23.499863] ? __pfx_read_tsc+0x10/0x10 [ 23.499893] ? ktime_get_ts64+0x86/0x230 [ 23.499930] kunit_try_run_case+0x1a5/0x480 [ 23.499967] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.500001] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.500037] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.500071] ? __kthread_parkme+0x82/0x180 [ 23.500102] ? preempt_count_sub+0x50/0x80 [ 23.500138] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.500174] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.500210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.500272] kthread+0x337/0x6f0 [ 23.500299] ? trace_preempt_on+0x20/0xc0 [ 23.500334] ? __pfx_kthread+0x10/0x10 [ 23.500361] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.500394] ? calculate_sigpending+0x7b/0xa0 [ 23.500426] ? __pfx_kthread+0x10/0x10 [ 23.500452] ret_from_fork+0x41/0x80 [ 23.500483] ? __pfx_kthread+0x10/0x10 [ 23.500507] ret_from_fork_asm+0x1a/0x30 [ 23.500549] </TASK> [ 23.500564] [ 23.520389] Allocated by task 286: [ 23.521206] kasan_save_stack+0x45/0x70 [ 23.521845] kasan_save_track+0x18/0x40 [ 23.522281] kasan_save_alloc_info+0x3b/0x50 [ 23.522913] __kasan_kmalloc+0xb7/0xc0 [ 23.523428] __kmalloc_cache_noprof+0x189/0x420 [ 23.523881] kasan_atomics+0x95/0x310 [ 23.524047] kunit_try_run_case+0x1a5/0x480 [ 23.524233] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.524796] kthread+0x337/0x6f0 [ 23.525164] ret_from_fork+0x41/0x80 [ 23.525722] ret_from_fork_asm+0x1a/0x30 [ 23.526153] [ 23.526668] The buggy address belongs to the object at ffff888102a2c100 [ 23.526668] which belongs to the cache kmalloc-64 of size 64 [ 23.528245] The buggy address is located 0 bytes to the right of [ 23.528245] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.529496] [ 23.530030] The buggy address belongs to the physical page: [ 23.530442] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.531448] flags: 0x200000000000000(node=0|zone=2) [ 23.532091] page_type: f5(slab) [ 23.532424] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.533018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.533700] page dumped because: kasan: bad access detected [ 23.534143] [ 23.534341] Memory state around the buggy address: [ 23.534896] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.536056] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.536781] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.537745] ^ [ 23.538136] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.538800] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.539364] ================================================================== [ 22.559416] ================================================================== [ 22.561115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 22.562351] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.563560] [ 22.564093] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.564296] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.564339] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.564407] Call Trace: [ 22.564455] <TASK> [ 22.564496] dump_stack_lvl+0x73/0xb0 [ 22.564544] print_report+0xd1/0x650 [ 22.564581] ? __virt_addr_valid+0x1db/0x2d0 [ 22.564636] ? kasan_atomics_helper+0x49e8/0x5450 [ 22.564674] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.564709] ? kasan_atomics_helper+0x49e8/0x5450 [ 22.564744] kasan_report+0x141/0x180 [ 22.564778] ? kasan_atomics_helper+0x49e8/0x5450 [ 22.564818] __asan_report_load4_noabort+0x18/0x20 [ 22.564850] kasan_atomics_helper+0x49e8/0x5450 [ 22.564885] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.564919] ? ret_from_fork_asm+0x1a/0x30 [ 22.564956] kasan_atomics+0x1dc/0x310 [ 22.564985] ? __pfx_kasan_atomics+0x10/0x10 [ 22.565015] ? __pfx_read_tsc+0x10/0x10 [ 22.565044] ? ktime_get_ts64+0x86/0x230 [ 22.565079] kunit_try_run_case+0x1a5/0x480 [ 22.565116] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.565149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.565185] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.565234] ? __kthread_parkme+0x82/0x180 [ 22.565284] ? preempt_count_sub+0x50/0x80 [ 22.565321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.565358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.565392] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.565428] kthread+0x337/0x6f0 [ 22.565451] ? trace_preempt_on+0x20/0xc0 [ 22.565485] ? __pfx_kthread+0x10/0x10 [ 22.565510] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.565542] ? calculate_sigpending+0x7b/0xa0 [ 22.565572] ? __pfx_kthread+0x10/0x10 [ 22.565598] ret_from_fork+0x41/0x80 [ 22.565652] ? __pfx_kthread+0x10/0x10 [ 22.565679] ret_from_fork_asm+0x1a/0x30 [ 22.565722] </TASK> [ 22.565737] [ 22.583088] Allocated by task 286: [ 22.583962] kasan_save_stack+0x45/0x70 [ 22.584492] kasan_save_track+0x18/0x40 [ 22.584902] kasan_save_alloc_info+0x3b/0x50 [ 22.585566] __kasan_kmalloc+0xb7/0xc0 [ 22.585908] __kmalloc_cache_noprof+0x189/0x420 [ 22.586592] kasan_atomics+0x95/0x310 [ 22.587011] kunit_try_run_case+0x1a5/0x480 [ 22.587616] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.588282] kthread+0x337/0x6f0 [ 22.588621] ret_from_fork+0x41/0x80 [ 22.589135] ret_from_fork_asm+0x1a/0x30 [ 22.589763] [ 22.589950] The buggy address belongs to the object at ffff888102a2c100 [ 22.589950] which belongs to the cache kmalloc-64 of size 64 [ 22.591185] The buggy address is located 0 bytes to the right of [ 22.591185] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.592455] [ 22.592713] The buggy address belongs to the physical page: [ 22.593432] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.594255] flags: 0x200000000000000(node=0|zone=2) [ 22.594797] page_type: f5(slab) [ 22.595169] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.596123] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.596925] page dumped because: kasan: bad access detected [ 22.597518] [ 22.597782] Memory state around the buggy address: [ 22.598283] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.598874] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.599520] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.600139] ^ [ 22.600630] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.601178] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.601862] ================================================================== [ 22.927432] ================================================================== [ 22.928128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 22.928836] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.929371] [ 22.929585] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.929776] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.929817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.929873] Call Trace: [ 22.929921] <TASK> [ 22.929964] dump_stack_lvl+0x73/0xb0 [ 22.930041] print_report+0xd1/0x650 [ 22.930120] ? __virt_addr_valid+0x1db/0x2d0 [ 22.930198] ? kasan_atomics_helper+0x164f/0x5450 [ 22.930320] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.930384] ? kasan_atomics_helper+0x164f/0x5450 [ 22.930446] kasan_report+0x141/0x180 [ 22.930524] ? kasan_atomics_helper+0x164f/0x5450 [ 22.930634] kasan_check_range+0x10c/0x1c0 [ 22.930715] __kasan_check_write+0x18/0x20 [ 22.930792] kasan_atomics_helper+0x164f/0x5450 [ 22.930873] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.930954] ? ret_from_fork_asm+0x1a/0x30 [ 22.931049] kasan_atomics+0x1dc/0x310 [ 22.931121] ? __pfx_kasan_atomics+0x10/0x10 [ 22.931201] ? __pfx_read_tsc+0x10/0x10 [ 22.931311] ? ktime_get_ts64+0x86/0x230 [ 22.931394] kunit_try_run_case+0x1a5/0x480 [ 22.931474] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.931545] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.931639] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.931720] ? __kthread_parkme+0x82/0x180 [ 22.931792] ? preempt_count_sub+0x50/0x80 [ 22.931872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.931950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.932026] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.932092] kthread+0x337/0x6f0 [ 22.932121] ? trace_preempt_on+0x20/0xc0 [ 22.932156] ? __pfx_kthread+0x10/0x10 [ 22.932183] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.932267] ? calculate_sigpending+0x7b/0xa0 [ 22.932307] ? __pfx_kthread+0x10/0x10 [ 22.932335] ret_from_fork+0x41/0x80 [ 22.932367] ? __pfx_kthread+0x10/0x10 [ 22.932393] ret_from_fork_asm+0x1a/0x30 [ 22.932435] </TASK> [ 22.932448] [ 22.946471] Allocated by task 286: [ 22.946853] kasan_save_stack+0x45/0x70 [ 22.947261] kasan_save_track+0x18/0x40 [ 22.947665] kasan_save_alloc_info+0x3b/0x50 [ 22.948020] __kasan_kmalloc+0xb7/0xc0 [ 22.948389] __kmalloc_cache_noprof+0x189/0x420 [ 22.948756] kasan_atomics+0x95/0x310 [ 22.949108] kunit_try_run_case+0x1a5/0x480 [ 22.949620] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.950168] kthread+0x337/0x6f0 [ 22.950590] ret_from_fork+0x41/0x80 [ 22.951026] ret_from_fork_asm+0x1a/0x30 [ 22.951496] [ 22.951753] The buggy address belongs to the object at ffff888102a2c100 [ 22.951753] which belongs to the cache kmalloc-64 of size 64 [ 22.952512] The buggy address is located 0 bytes to the right of [ 22.952512] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.953596] [ 22.953849] The buggy address belongs to the physical page: [ 22.954341] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.954984] flags: 0x200000000000000(node=0|zone=2) [ 22.955493] page_type: f5(slab) [ 22.955837] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.956371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.956963] page dumped because: kasan: bad access detected [ 22.957535] [ 22.957793] Memory state around the buggy address: [ 22.958294] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.958921] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.959582] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.960113] ^ [ 22.960491] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.961113] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.961800] ================================================================== [ 22.963929] ================================================================== [ 22.965896] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 22.966658] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.967995] [ 22.968482] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.968632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.968674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.968730] Call Trace: [ 22.968778] <TASK> [ 22.968821] dump_stack_lvl+0x73/0xb0 [ 22.968897] print_report+0xd1/0x650 [ 22.968972] ? __virt_addr_valid+0x1db/0x2d0 [ 22.969047] ? kasan_atomics_helper+0x16e7/0x5450 [ 22.969122] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.969218] ? kasan_atomics_helper+0x16e7/0x5450 [ 22.969286] kasan_report+0x141/0x180 [ 22.969326] ? kasan_atomics_helper+0x16e7/0x5450 [ 22.969368] kasan_check_range+0x10c/0x1c0 [ 22.969401] __kasan_check_write+0x18/0x20 [ 22.969432] kasan_atomics_helper+0x16e7/0x5450 [ 22.969467] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.969503] ? ret_from_fork_asm+0x1a/0x30 [ 22.969542] kasan_atomics+0x1dc/0x310 [ 22.969571] ? __pfx_kasan_atomics+0x10/0x10 [ 22.969623] ? __pfx_read_tsc+0x10/0x10 [ 22.969657] ? ktime_get_ts64+0x86/0x230 [ 22.969694] kunit_try_run_case+0x1a5/0x480 [ 22.969731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.969775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.969811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.969847] ? __kthread_parkme+0x82/0x180 [ 22.969877] ? preempt_count_sub+0x50/0x80 [ 22.969913] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.969949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.969983] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.970017] kthread+0x337/0x6f0 [ 22.970040] ? trace_preempt_on+0x20/0xc0 [ 22.970075] ? __pfx_kthread+0x10/0x10 [ 22.970099] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.970131] ? calculate_sigpending+0x7b/0xa0 [ 22.970163] ? __pfx_kthread+0x10/0x10 [ 22.970188] ret_from_fork+0x41/0x80 [ 22.970256] ? __pfx_kthread+0x10/0x10 [ 22.970290] ret_from_fork_asm+0x1a/0x30 [ 22.970333] </TASK> [ 22.970348] [ 22.984563] Allocated by task 286: [ 22.984958] kasan_save_stack+0x45/0x70 [ 22.985446] kasan_save_track+0x18/0x40 [ 22.985882] kasan_save_alloc_info+0x3b/0x50 [ 22.986297] __kasan_kmalloc+0xb7/0xc0 [ 22.986689] __kmalloc_cache_noprof+0x189/0x420 [ 22.987113] kasan_atomics+0x95/0x310 [ 22.987720] kunit_try_run_case+0x1a5/0x480 [ 22.988111] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.988635] kthread+0x337/0x6f0 [ 22.988916] ret_from_fork+0x41/0x80 [ 22.989214] ret_from_fork_asm+0x1a/0x30 [ 22.989637] [ 22.989883] The buggy address belongs to the object at ffff888102a2c100 [ 22.989883] which belongs to the cache kmalloc-64 of size 64 [ 22.990974] The buggy address is located 0 bytes to the right of [ 22.990974] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.991884] [ 22.992068] The buggy address belongs to the physical page: [ 22.992508] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.993436] flags: 0x200000000000000(node=0|zone=2) [ 22.993891] page_type: f5(slab) [ 22.994257] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.994872] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.995367] page dumped because: kasan: bad access detected [ 22.996188] [ 22.996394] Memory state around the buggy address: [ 22.996750] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.997197] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.999106] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.000722] ^ [ 23.001624] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.002091] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.002590] ================================================================== [ 21.158094] ================================================================== [ 21.159779] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 21.160481] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.161170] [ 21.161925] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.162105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.162147] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.162205] Call Trace: [ 21.162246] <TASK> [ 21.162290] dump_stack_lvl+0x73/0xb0 [ 21.162363] print_report+0xd1/0x650 [ 21.162435] ? __virt_addr_valid+0x1db/0x2d0 [ 21.162508] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.162571] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.162714] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.162757] kasan_report+0x141/0x180 [ 21.162792] ? kasan_atomics_helper+0x4bbc/0x5450 [ 21.162834] __asan_report_load4_noabort+0x18/0x20 [ 21.162865] kasan_atomics_helper+0x4bbc/0x5450 [ 21.162901] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.162935] ? ret_from_fork_asm+0x1a/0x30 [ 21.162977] kasan_atomics+0x1dc/0x310 [ 21.163005] ? __pfx_kasan_atomics+0x10/0x10 [ 21.163037] ? __pfx_read_tsc+0x10/0x10 [ 21.163067] ? ktime_get_ts64+0x86/0x230 [ 21.163103] kunit_try_run_case+0x1a5/0x480 [ 21.163141] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.163175] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.163213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.163277] ? __kthread_parkme+0x82/0x180 [ 21.163314] ? preempt_count_sub+0x50/0x80 [ 21.163351] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.163387] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.163422] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.163456] kthread+0x337/0x6f0 [ 21.163481] ? trace_preempt_on+0x20/0xc0 [ 21.163515] ? __pfx_kthread+0x10/0x10 [ 21.163542] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.163574] ? calculate_sigpending+0x7b/0xa0 [ 21.163649] ? __pfx_kthread+0x10/0x10 [ 21.163722] ret_from_fork+0x41/0x80 [ 21.163797] ? __pfx_kthread+0x10/0x10 [ 21.163829] ret_from_fork_asm+0x1a/0x30 [ 21.163871] </TASK> [ 21.163887] [ 21.181217] Allocated by task 286: [ 21.181782] kasan_save_stack+0x45/0x70 [ 21.182193] kasan_save_track+0x18/0x40 [ 21.182584] kasan_save_alloc_info+0x3b/0x50 [ 21.183162] __kasan_kmalloc+0xb7/0xc0 [ 21.183764] __kmalloc_cache_noprof+0x189/0x420 [ 21.184105] kasan_atomics+0x95/0x310 [ 21.184550] kunit_try_run_case+0x1a5/0x480 [ 21.185126] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.185888] kthread+0x337/0x6f0 [ 21.186256] ret_from_fork+0x41/0x80 [ 21.186814] ret_from_fork_asm+0x1a/0x30 [ 21.187194] [ 21.187430] The buggy address belongs to the object at ffff888102a2c100 [ 21.187430] which belongs to the cache kmalloc-64 of size 64 [ 21.188592] The buggy address is located 0 bytes to the right of [ 21.188592] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.189782] [ 21.190014] The buggy address belongs to the physical page: [ 21.190553] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.191368] flags: 0x200000000000000(node=0|zone=2) [ 21.191919] page_type: f5(slab) [ 21.192283] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.192919] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.193516] page dumped because: kasan: bad access detected [ 21.194039] [ 21.194316] Memory state around the buggy address: [ 21.194897] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.195504] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.196140] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.196966] ^ [ 21.197398] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.197950] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.198543] ================================================================== [ 21.434171] ================================================================== [ 21.434923] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 21.435569] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.436906] [ 21.437153] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.437280] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.437320] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.437377] Call Trace: [ 21.437425] <TASK> [ 21.437473] dump_stack_lvl+0x73/0xb0 [ 21.437547] print_report+0xd1/0x650 [ 21.437637] ? __virt_addr_valid+0x1db/0x2d0 [ 21.437720] ? kasan_atomics_helper+0x4a0/0x5450 [ 21.437879] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.437966] ? kasan_atomics_helper+0x4a0/0x5450 [ 21.438042] kasan_report+0x141/0x180 [ 21.438122] ? kasan_atomics_helper+0x4a0/0x5450 [ 21.438204] kasan_check_range+0x10c/0x1c0 [ 21.438239] __kasan_check_write+0x18/0x20 [ 21.438272] kasan_atomics_helper+0x4a0/0x5450 [ 21.438307] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.438342] ? ret_from_fork_asm+0x1a/0x30 [ 21.438416] kasan_atomics+0x1dc/0x310 [ 21.438450] ? __pfx_kasan_atomics+0x10/0x10 [ 21.438483] ? __pfx_read_tsc+0x10/0x10 [ 21.438514] ? ktime_get_ts64+0x86/0x230 [ 21.438553] kunit_try_run_case+0x1a5/0x480 [ 21.438591] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.438675] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.438745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.438783] ? __kthread_parkme+0x82/0x180 [ 21.438818] ? preempt_count_sub+0x50/0x80 [ 21.438855] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.438894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.438930] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.438966] kthread+0x337/0x6f0 [ 21.438990] ? trace_preempt_on+0x20/0xc0 [ 21.439027] ? __pfx_kthread+0x10/0x10 [ 21.439055] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.439088] ? calculate_sigpending+0x7b/0xa0 [ 21.439120] ? __pfx_kthread+0x10/0x10 [ 21.439148] ret_from_fork+0x41/0x80 [ 21.439180] ? __pfx_kthread+0x10/0x10 [ 21.439207] ret_from_fork_asm+0x1a/0x30 [ 21.439279] </TASK> [ 21.439295] [ 21.460441] Allocated by task 286: [ 21.461300] kasan_save_stack+0x45/0x70 [ 21.461666] kasan_save_track+0x18/0x40 [ 21.462010] kasan_save_alloc_info+0x3b/0x50 [ 21.462420] __kasan_kmalloc+0xb7/0xc0 [ 21.463034] __kmalloc_cache_noprof+0x189/0x420 [ 21.464300] kasan_atomics+0x95/0x310 [ 21.465004] kunit_try_run_case+0x1a5/0x480 [ 21.465768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.466012] kthread+0x337/0x6f0 [ 21.466159] ret_from_fork+0x41/0x80 [ 21.466442] ret_from_fork_asm+0x1a/0x30 [ 21.467458] [ 21.467797] The buggy address belongs to the object at ffff888102a2c100 [ 21.467797] which belongs to the cache kmalloc-64 of size 64 [ 21.468808] The buggy address is located 0 bytes to the right of [ 21.468808] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.470523] [ 21.470828] The buggy address belongs to the physical page: [ 21.471567] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.472423] flags: 0x200000000000000(node=0|zone=2) [ 21.473136] page_type: f5(slab) [ 21.473721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.474575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.475252] page dumped because: kasan: bad access detected [ 21.475735] [ 21.475954] Memory state around the buggy address: [ 21.476377] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.477838] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.478443] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.479455] ^ [ 21.480015] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.480704] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.481569] ================================================================== [ 21.987941] ================================================================== [ 21.988492] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 21.989002] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.989542] [ 21.989846] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.990002] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.990044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.990098] Call Trace: [ 21.990143] <TASK> [ 21.990183] dump_stack_lvl+0x73/0xb0 [ 21.990310] print_report+0xd1/0x650 [ 21.990386] ? __virt_addr_valid+0x1db/0x2d0 [ 21.990464] ? kasan_atomics_helper+0xb6a/0x5450 [ 21.990541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.990641] ? kasan_atomics_helper+0xb6a/0x5450 [ 21.990718] kasan_report+0x141/0x180 [ 21.990800] ? kasan_atomics_helper+0xb6a/0x5450 [ 21.990891] kasan_check_range+0x10c/0x1c0 [ 21.990969] __kasan_check_write+0x18/0x20 [ 21.991040] kasan_atomics_helper+0xb6a/0x5450 [ 21.991118] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.991187] ? ret_from_fork_asm+0x1a/0x30 [ 21.991323] kasan_atomics+0x1dc/0x310 [ 21.991398] ? __pfx_kasan_atomics+0x10/0x10 [ 21.991467] ? __pfx_read_tsc+0x10/0x10 [ 21.991533] ? ktime_get_ts64+0x86/0x230 [ 21.991631] kunit_try_run_case+0x1a5/0x480 [ 21.991703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.991775] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.991854] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.991934] ? __kthread_parkme+0x82/0x180 [ 21.992010] ? preempt_count_sub+0x50/0x80 [ 21.992092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.992172] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.992301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.992384] kthread+0x337/0x6f0 [ 21.992453] ? trace_preempt_on+0x20/0xc0 [ 21.992535] ? __pfx_kthread+0x10/0x10 [ 21.992617] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.992690] ? calculate_sigpending+0x7b/0xa0 [ 21.992761] ? __pfx_kthread+0x10/0x10 [ 21.992828] ret_from_fork+0x41/0x80 [ 21.992898] ? __pfx_kthread+0x10/0x10 [ 21.992962] ret_from_fork_asm+0x1a/0x30 [ 21.993051] </TASK> [ 21.993087] [ 22.007812] Allocated by task 286: [ 22.008173] kasan_save_stack+0x45/0x70 [ 22.008589] kasan_save_track+0x18/0x40 [ 22.009092] kasan_save_alloc_info+0x3b/0x50 [ 22.009501] __kasan_kmalloc+0xb7/0xc0 [ 22.009850] __kmalloc_cache_noprof+0x189/0x420 [ 22.010196] kasan_atomics+0x95/0x310 [ 22.010503] kunit_try_run_case+0x1a5/0x480 [ 22.010970] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.011499] kthread+0x337/0x6f0 [ 22.011895] ret_from_fork+0x41/0x80 [ 22.012335] ret_from_fork_asm+0x1a/0x30 [ 22.012800] [ 22.013018] The buggy address belongs to the object at ffff888102a2c100 [ 22.013018] which belongs to the cache kmalloc-64 of size 64 [ 22.014178] The buggy address is located 0 bytes to the right of [ 22.014178] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.014921] [ 22.015104] The buggy address belongs to the physical page: [ 22.015908] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.016834] flags: 0x200000000000000(node=0|zone=2) [ 22.017249] page_type: f5(slab) [ 22.017616] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.018229] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.018869] page dumped because: kasan: bad access detected [ 22.019329] [ 22.019553] Memory state around the buggy address: [ 22.019986] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.020577] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.021042] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.021653] ^ [ 22.022131] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.022891] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.023328] ================================================================== [ 23.250358] ================================================================== [ 23.250855] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 23.251394] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.252054] [ 23.252341] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.252467] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.252509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.252562] Call Trace: [ 23.252631] <TASK> [ 23.252677] dump_stack_lvl+0x73/0xb0 [ 23.252757] print_report+0xd1/0x650 [ 23.252837] ? __virt_addr_valid+0x1db/0x2d0 [ 23.252913] ? kasan_atomics_helper+0x1b22/0x5450 [ 23.252993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.253071] ? kasan_atomics_helper+0x1b22/0x5450 [ 23.253151] kasan_report+0x141/0x180 [ 23.253230] ? kasan_atomics_helper+0x1b22/0x5450 [ 23.253319] kasan_check_range+0x10c/0x1c0 [ 23.253392] __kasan_check_write+0x18/0x20 [ 23.253467] kasan_atomics_helper+0x1b22/0x5450 [ 23.253546] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.253670] ? ret_from_fork_asm+0x1a/0x30 [ 23.253742] kasan_atomics+0x1dc/0x310 [ 23.253787] ? __pfx_kasan_atomics+0x10/0x10 [ 23.253819] ? __pfx_read_tsc+0x10/0x10 [ 23.253849] ? ktime_get_ts64+0x86/0x230 [ 23.253888] kunit_try_run_case+0x1a5/0x480 [ 23.253927] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.253962] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.254000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.254036] ? __kthread_parkme+0x82/0x180 [ 23.254069] ? preempt_count_sub+0x50/0x80 [ 23.254106] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.254143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.254177] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.254236] kthread+0x337/0x6f0 [ 23.254281] ? trace_preempt_on+0x20/0xc0 [ 23.254319] ? __pfx_kthread+0x10/0x10 [ 23.254345] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.254380] ? calculate_sigpending+0x7b/0xa0 [ 23.254413] ? __pfx_kthread+0x10/0x10 [ 23.254441] ret_from_fork+0x41/0x80 [ 23.254471] ? __pfx_kthread+0x10/0x10 [ 23.254498] ret_from_fork_asm+0x1a/0x30 [ 23.254542] </TASK> [ 23.254557] [ 23.272800] Allocated by task 286: [ 23.273352] kasan_save_stack+0x45/0x70 [ 23.274139] kasan_save_track+0x18/0x40 [ 23.274694] kasan_save_alloc_info+0x3b/0x50 [ 23.275068] __kasan_kmalloc+0xb7/0xc0 [ 23.275514] __kmalloc_cache_noprof+0x189/0x420 [ 23.275913] kasan_atomics+0x95/0x310 [ 23.276316] kunit_try_run_case+0x1a5/0x480 [ 23.276803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.277327] kthread+0x337/0x6f0 [ 23.277706] ret_from_fork+0x41/0x80 [ 23.278034] ret_from_fork_asm+0x1a/0x30 [ 23.278500] [ 23.279171] The buggy address belongs to the object at ffff888102a2c100 [ 23.279171] which belongs to the cache kmalloc-64 of size 64 [ 23.279933] The buggy address is located 0 bytes to the right of [ 23.279933] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.281058] [ 23.281392] The buggy address belongs to the physical page: [ 23.281914] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.282796] flags: 0x200000000000000(node=0|zone=2) [ 23.283269] page_type: f5(slab) [ 23.283554] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.284213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.285002] page dumped because: kasan: bad access detected [ 23.285640] [ 23.285833] Memory state around the buggy address: [ 23.286162] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.286778] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.287418] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.288019] ^ [ 23.288490] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.289070] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.290079] ================================================================== [ 23.623867] ================================================================== [ 23.624566] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 23.625171] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.625897] [ 23.626120] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.626286] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.626328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.626384] Call Trace: [ 23.626455] <TASK> [ 23.626505] dump_stack_lvl+0x73/0xb0 [ 23.626625] print_report+0xd1/0x650 [ 23.626703] ? __virt_addr_valid+0x1db/0x2d0 [ 23.626776] ? kasan_atomics_helper+0x2006/0x5450 [ 23.626847] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.626927] ? kasan_atomics_helper+0x2006/0x5450 [ 23.627008] kasan_report+0x141/0x180 [ 23.627086] ? kasan_atomics_helper+0x2006/0x5450 [ 23.627257] kasan_check_range+0x10c/0x1c0 [ 23.627342] __kasan_check_write+0x18/0x20 [ 23.627435] kasan_atomics_helper+0x2006/0x5450 [ 23.627549] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.627644] ? ret_from_fork_asm+0x1a/0x30 [ 23.627704] kasan_atomics+0x1dc/0x310 [ 23.627735] ? __pfx_kasan_atomics+0x10/0x10 [ 23.627803] ? __pfx_read_tsc+0x10/0x10 [ 23.627872] ? ktime_get_ts64+0x86/0x230 [ 23.627981] kunit_try_run_case+0x1a5/0x480 [ 23.628093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.628172] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.628303] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.628412] ? __kthread_parkme+0x82/0x180 [ 23.628484] ? preempt_count_sub+0x50/0x80 [ 23.628529] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.628567] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.628625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.628665] kthread+0x337/0x6f0 [ 23.628690] ? trace_preempt_on+0x20/0xc0 [ 23.628726] ? __pfx_kthread+0x10/0x10 [ 23.628752] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.628783] ? calculate_sigpending+0x7b/0xa0 [ 23.628813] ? __pfx_kthread+0x10/0x10 [ 23.628838] ret_from_fork+0x41/0x80 [ 23.628870] ? __pfx_kthread+0x10/0x10 [ 23.628894] ret_from_fork_asm+0x1a/0x30 [ 23.628936] </TASK> [ 23.628951] [ 23.643462] Allocated by task 286: [ 23.643849] kasan_save_stack+0x45/0x70 [ 23.644380] kasan_save_track+0x18/0x40 [ 23.644860] kasan_save_alloc_info+0x3b/0x50 [ 23.645336] __kasan_kmalloc+0xb7/0xc0 [ 23.645787] __kmalloc_cache_noprof+0x189/0x420 [ 23.646325] kasan_atomics+0x95/0x310 [ 23.646745] kunit_try_run_case+0x1a5/0x480 [ 23.647269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.647769] kthread+0x337/0x6f0 [ 23.648172] ret_from_fork+0x41/0x80 [ 23.648522] ret_from_fork_asm+0x1a/0x30 [ 23.648955] [ 23.649185] The buggy address belongs to the object at ffff888102a2c100 [ 23.649185] which belongs to the cache kmalloc-64 of size 64 [ 23.650178] The buggy address is located 0 bytes to the right of [ 23.650178] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.652418] [ 23.652702] The buggy address belongs to the physical page: [ 23.653230] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.653974] flags: 0x200000000000000(node=0|zone=2) [ 23.654394] page_type: f5(slab) [ 23.655502] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.656150] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.656825] page dumped because: kasan: bad access detected [ 23.657380] [ 23.657653] Memory state around the buggy address: [ 23.658052] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.658783] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.659357] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.659978] ^ [ 23.660520] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.661090] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.661778] ================================================================== [ 23.745248] ================================================================== [ 23.746199] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 23.746865] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.747468] [ 23.747743] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.747864] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.747902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.747962] Call Trace: [ 23.748014] <TASK> [ 23.748101] dump_stack_lvl+0x73/0xb0 [ 23.748182] print_report+0xd1/0x650 [ 23.748266] ? __virt_addr_valid+0x1db/0x2d0 [ 23.748343] ? kasan_atomics_helper+0x4fb2/0x5450 [ 23.748450] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.748540] ? kasan_atomics_helper+0x4fb2/0x5450 [ 23.748635] kasan_report+0x141/0x180 [ 23.748754] ? kasan_atomics_helper+0x4fb2/0x5450 [ 23.748850] __asan_report_load8_noabort+0x18/0x20 [ 23.748931] kasan_atomics_helper+0x4fb2/0x5450 [ 23.749051] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.749133] ? ret_from_fork_asm+0x1a/0x30 [ 23.749222] kasan_atomics+0x1dc/0x310 [ 23.749298] ? __pfx_kasan_atomics+0x10/0x10 [ 23.749372] ? __pfx_read_tsc+0x10/0x10 [ 23.749434] ? ktime_get_ts64+0x86/0x230 [ 23.749476] kunit_try_run_case+0x1a5/0x480 [ 23.749518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.749554] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.749592] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.749659] ? __kthread_parkme+0x82/0x180 [ 23.749694] ? preempt_count_sub+0x50/0x80 [ 23.749733] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.749779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.749815] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.749853] kthread+0x337/0x6f0 [ 23.749878] ? trace_preempt_on+0x20/0xc0 [ 23.749915] ? __pfx_kthread+0x10/0x10 [ 23.749942] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.749975] ? calculate_sigpending+0x7b/0xa0 [ 23.750007] ? __pfx_kthread+0x10/0x10 [ 23.750034] ret_from_fork+0x41/0x80 [ 23.750066] ? __pfx_kthread+0x10/0x10 [ 23.750092] ret_from_fork_asm+0x1a/0x30 [ 23.750135] </TASK> [ 23.750150] [ 23.767923] Allocated by task 286: [ 23.768328] kasan_save_stack+0x45/0x70 [ 23.768870] kasan_save_track+0x18/0x40 [ 23.769382] kasan_save_alloc_info+0x3b/0x50 [ 23.769865] __kasan_kmalloc+0xb7/0xc0 [ 23.770173] __kmalloc_cache_noprof+0x189/0x420 [ 23.770901] kasan_atomics+0x95/0x310 [ 23.771510] kunit_try_run_case+0x1a5/0x480 [ 23.771995] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.772587] kthread+0x337/0x6f0 [ 23.773016] ret_from_fork+0x41/0x80 [ 23.773553] ret_from_fork_asm+0x1a/0x30 [ 23.774089] [ 23.774332] The buggy address belongs to the object at ffff888102a2c100 [ 23.774332] which belongs to the cache kmalloc-64 of size 64 [ 23.775321] The buggy address is located 0 bytes to the right of [ 23.775321] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.776387] [ 23.776641] The buggy address belongs to the physical page: [ 23.777268] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.777887] flags: 0x200000000000000(node=0|zone=2) [ 23.778481] page_type: f5(slab) [ 23.778868] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.779702] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.780377] page dumped because: kasan: bad access detected [ 23.780942] [ 23.781118] Memory state around the buggy address: [ 23.781692] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.782412] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.783131] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.783799] ^ [ 23.784518] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.785265] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.785833] ================================================================== [ 21.633371] ================================================================== [ 21.633879] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 21.635301] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.636040] [ 21.636282] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.636412] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.636453] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.636509] Call Trace: [ 21.636565] <TASK> [ 21.636627] dump_stack_lvl+0x73/0xb0 [ 21.636707] print_report+0xd1/0x650 [ 21.636784] ? __virt_addr_valid+0x1db/0x2d0 [ 21.636856] ? kasan_atomics_helper+0x697/0x5450 [ 21.636929] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.637006] ? kasan_atomics_helper+0x697/0x5450 [ 21.637089] kasan_report+0x141/0x180 [ 21.637171] ? kasan_atomics_helper+0x697/0x5450 [ 21.637226] kasan_check_range+0x10c/0x1c0 [ 21.637281] __kasan_check_write+0x18/0x20 [ 21.637316] kasan_atomics_helper+0x697/0x5450 [ 21.637353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.637388] ? ret_from_fork_asm+0x1a/0x30 [ 21.637429] kasan_atomics+0x1dc/0x310 [ 21.637459] ? __pfx_kasan_atomics+0x10/0x10 [ 21.637494] ? __pfx_read_tsc+0x10/0x10 [ 21.637525] ? ktime_get_ts64+0x86/0x230 [ 21.637562] kunit_try_run_case+0x1a5/0x480 [ 21.637620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.637699] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.637760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.637799] ? __kthread_parkme+0x82/0x180 [ 21.637831] ? preempt_count_sub+0x50/0x80 [ 21.637872] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.637909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.637945] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.637981] kthread+0x337/0x6f0 [ 21.638007] ? trace_preempt_on+0x20/0xc0 [ 21.638043] ? __pfx_kthread+0x10/0x10 [ 21.638070] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.638102] ? calculate_sigpending+0x7b/0xa0 [ 21.638134] ? __pfx_kthread+0x10/0x10 [ 21.638161] ret_from_fork+0x41/0x80 [ 21.638194] ? __pfx_kthread+0x10/0x10 [ 21.638256] ret_from_fork_asm+0x1a/0x30 [ 21.638307] </TASK> [ 21.638323] [ 21.660664] Allocated by task 286: [ 21.661066] kasan_save_stack+0x45/0x70 [ 21.661924] kasan_save_track+0x18/0x40 [ 21.662465] kasan_save_alloc_info+0x3b/0x50 [ 21.663182] __kasan_kmalloc+0xb7/0xc0 [ 21.663533] __kmalloc_cache_noprof+0x189/0x420 [ 21.664243] kasan_atomics+0x95/0x310 [ 21.664559] kunit_try_run_case+0x1a5/0x480 [ 21.665176] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.666127] kthread+0x337/0x6f0 [ 21.666812] ret_from_fork+0x41/0x80 [ 21.667299] ret_from_fork_asm+0x1a/0x30 [ 21.667878] [ 21.668066] The buggy address belongs to the object at ffff888102a2c100 [ 21.668066] which belongs to the cache kmalloc-64 of size 64 [ 21.669471] The buggy address is located 0 bytes to the right of [ 21.669471] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.670719] [ 21.671820] The buggy address belongs to the physical page: [ 21.672221] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.673257] flags: 0x200000000000000(node=0|zone=2) [ 21.673734] page_type: f5(slab) [ 21.674124] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.675129] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.676530] page dumped because: kasan: bad access detected [ 21.676906] [ 21.677204] Memory state around the buggy address: [ 21.678142] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.678907] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.679434] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.679962] ^ [ 21.680323] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.680813] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.682312] ================================================================== [ 22.314972] ================================================================== [ 22.315722] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 22.316295] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.316981] [ 22.317324] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.317447] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.317483] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.317538] Call Trace: [ 22.317590] <TASK> [ 22.317654] dump_stack_lvl+0x73/0xb0 [ 22.317791] print_report+0xd1/0x650 [ 22.317907] ? __virt_addr_valid+0x1db/0x2d0 [ 22.318017] ? kasan_atomics_helper+0x4a36/0x5450 [ 22.318123] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.318249] ? kasan_atomics_helper+0x4a36/0x5450 [ 22.318331] kasan_report+0x141/0x180 [ 22.318408] ? kasan_atomics_helper+0x4a36/0x5450 [ 22.318493] __asan_report_load4_noabort+0x18/0x20 [ 22.318564] kasan_atomics_helper+0x4a36/0x5450 [ 22.318660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.318739] ? ret_from_fork_asm+0x1a/0x30 [ 22.318867] kasan_atomics+0x1dc/0x310 [ 22.318950] ? __pfx_kasan_atomics+0x10/0x10 [ 22.319067] ? __pfx_read_tsc+0x10/0x10 [ 22.319135] ? ktime_get_ts64+0x86/0x230 [ 22.319258] kunit_try_run_case+0x1a5/0x480 [ 22.319330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.319369] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.319405] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.319442] ? __kthread_parkme+0x82/0x180 [ 22.319473] ? preempt_count_sub+0x50/0x80 [ 22.319509] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.319545] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.319578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.319641] kthread+0x337/0x6f0 [ 22.319669] ? trace_preempt_on+0x20/0xc0 [ 22.319705] ? __pfx_kthread+0x10/0x10 [ 22.319730] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.319762] ? calculate_sigpending+0x7b/0xa0 [ 22.319792] ? __pfx_kthread+0x10/0x10 [ 22.319818] ret_from_fork+0x41/0x80 [ 22.319852] ? __pfx_kthread+0x10/0x10 [ 22.319878] ret_from_fork_asm+0x1a/0x30 [ 22.319921] </TASK> [ 22.319935] [ 22.334566] Allocated by task 286: [ 22.335001] kasan_save_stack+0x45/0x70 [ 22.335468] kasan_save_track+0x18/0x40 [ 22.335918] kasan_save_alloc_info+0x3b/0x50 [ 22.336454] __kasan_kmalloc+0xb7/0xc0 [ 22.336872] __kmalloc_cache_noprof+0x189/0x420 [ 22.337392] kasan_atomics+0x95/0x310 [ 22.337815] kunit_try_run_case+0x1a5/0x480 [ 22.338334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.338901] kthread+0x337/0x6f0 [ 22.339272] ret_from_fork+0x41/0x80 [ 22.339578] ret_from_fork_asm+0x1a/0x30 [ 22.340041] [ 22.340351] The buggy address belongs to the object at ffff888102a2c100 [ 22.340351] which belongs to the cache kmalloc-64 of size 64 [ 22.341467] The buggy address is located 0 bytes to the right of [ 22.341467] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.342380] [ 22.342648] The buggy address belongs to the physical page: [ 22.343244] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.343869] flags: 0x200000000000000(node=0|zone=2) [ 22.344402] page_type: f5(slab) [ 22.344855] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.345580] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.346314] page dumped because: kasan: bad access detected [ 22.346805] [ 22.347040] Memory state around the buggy address: [ 22.347570] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.348282] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.348961] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.349687] ^ [ 22.350095] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.350617] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.351336] ================================================================== [ 22.679320] ================================================================== [ 22.679915] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 22.680443] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.681100] [ 22.681401] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.681519] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.681557] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.681631] Call Trace: [ 22.681684] <TASK> [ 22.681726] dump_stack_lvl+0x73/0xb0 [ 22.681815] print_report+0xd1/0x650 [ 22.681895] ? __virt_addr_valid+0x1db/0x2d0 [ 22.681972] ? kasan_atomics_helper+0x13b5/0x5450 [ 22.682050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.682131] ? kasan_atomics_helper+0x13b5/0x5450 [ 22.682249] kasan_report+0x141/0x180 [ 22.682338] ? kasan_atomics_helper+0x13b5/0x5450 [ 22.682433] kasan_check_range+0x10c/0x1c0 [ 22.682506] __kasan_check_read+0x15/0x20 [ 22.682564] kasan_atomics_helper+0x13b5/0x5450 [ 22.682642] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.682714] ? ret_from_fork_asm+0x1a/0x30 [ 22.682801] kasan_atomics+0x1dc/0x310 [ 22.682879] ? __pfx_kasan_atomics+0x10/0x10 [ 22.682955] ? __pfx_read_tsc+0x10/0x10 [ 22.683021] ? ktime_get_ts64+0x86/0x230 [ 22.683102] kunit_try_run_case+0x1a5/0x480 [ 22.683180] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.683308] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.683391] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.683475] ? __kthread_parkme+0x82/0x180 [ 22.683553] ? preempt_count_sub+0x50/0x80 [ 22.683651] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.683734] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.683813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.683894] kthread+0x337/0x6f0 [ 22.683956] ? trace_preempt_on+0x20/0xc0 [ 22.684033] ? __pfx_kthread+0x10/0x10 [ 22.684097] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.684168] ? calculate_sigpending+0x7b/0xa0 [ 22.684269] ? __pfx_kthread+0x10/0x10 [ 22.684303] ret_from_fork+0x41/0x80 [ 22.684338] ? __pfx_kthread+0x10/0x10 [ 22.684365] ret_from_fork_asm+0x1a/0x30 [ 22.684408] </TASK> [ 22.684424] [ 22.702357] Allocated by task 286: [ 22.702800] kasan_save_stack+0x45/0x70 [ 22.703344] kasan_save_track+0x18/0x40 [ 22.703834] kasan_save_alloc_info+0x3b/0x50 [ 22.704367] __kasan_kmalloc+0xb7/0xc0 [ 22.704843] __kmalloc_cache_noprof+0x189/0x420 [ 22.705424] kasan_atomics+0x95/0x310 [ 22.705946] kunit_try_run_case+0x1a5/0x480 [ 22.706490] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.707112] kthread+0x337/0x6f0 [ 22.707529] ret_from_fork+0x41/0x80 [ 22.708011] ret_from_fork_asm+0x1a/0x30 [ 22.708571] [ 22.709665] The buggy address belongs to the object at ffff888102a2c100 [ 22.709665] which belongs to the cache kmalloc-64 of size 64 [ 22.710998] The buggy address is located 0 bytes to the right of [ 22.710998] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.712085] [ 22.712314] The buggy address belongs to the physical page: [ 22.712815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.713923] flags: 0x200000000000000(node=0|zone=2) [ 22.714425] page_type: f5(slab) [ 22.714860] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.715493] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.716109] page dumped because: kasan: bad access detected [ 22.716662] [ 22.716912] Memory state around the buggy address: [ 22.717385] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.718002] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.718595] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.719164] ^ [ 22.719568] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.720272] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.720857] ================================================================== [ 23.540391] ================================================================== [ 23.541903] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 23.542164] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.543673] [ 23.544167] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.544295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.544336] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.544392] Call Trace: [ 23.544442] <TASK> [ 23.544484] dump_stack_lvl+0x73/0xb0 [ 23.544566] print_report+0xd1/0x650 [ 23.544659] ? __virt_addr_valid+0x1db/0x2d0 [ 23.544698] ? kasan_atomics_helper+0x1f43/0x5450 [ 23.544755] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.544793] ? kasan_atomics_helper+0x1f43/0x5450 [ 23.544828] kasan_report+0x141/0x180 [ 23.544862] ? kasan_atomics_helper+0x1f43/0x5450 [ 23.544902] kasan_check_range+0x10c/0x1c0 [ 23.544933] __kasan_check_write+0x18/0x20 [ 23.544962] kasan_atomics_helper+0x1f43/0x5450 [ 23.544998] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.545031] ? ret_from_fork_asm+0x1a/0x30 [ 23.545069] kasan_atomics+0x1dc/0x310 [ 23.545099] ? __pfx_kasan_atomics+0x10/0x10 [ 23.545129] ? __pfx_read_tsc+0x10/0x10 [ 23.545157] ? ktime_get_ts64+0x86/0x230 [ 23.545193] kunit_try_run_case+0x1a5/0x480 [ 23.545268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.545309] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.545346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.545380] ? __kthread_parkme+0x82/0x180 [ 23.545411] ? preempt_count_sub+0x50/0x80 [ 23.545446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.545482] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.545517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.545551] kthread+0x337/0x6f0 [ 23.545575] ? trace_preempt_on+0x20/0xc0 [ 23.545633] ? __pfx_kthread+0x10/0x10 [ 23.545663] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.545694] ? calculate_sigpending+0x7b/0xa0 [ 23.545726] ? __pfx_kthread+0x10/0x10 [ 23.545762] ret_from_fork+0x41/0x80 [ 23.545797] ? __pfx_kthread+0x10/0x10 [ 23.545823] ret_from_fork_asm+0x1a/0x30 [ 23.545867] </TASK> [ 23.545882] [ 23.564413] Allocated by task 286: [ 23.565164] kasan_save_stack+0x45/0x70 [ 23.565841] kasan_save_track+0x18/0x40 [ 23.566235] kasan_save_alloc_info+0x3b/0x50 [ 23.566591] __kasan_kmalloc+0xb7/0xc0 [ 23.566959] __kmalloc_cache_noprof+0x189/0x420 [ 23.567348] kasan_atomics+0x95/0x310 [ 23.567813] kunit_try_run_case+0x1a5/0x480 [ 23.568281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.568681] kthread+0x337/0x6f0 [ 23.569034] ret_from_fork+0x41/0x80 [ 23.569667] ret_from_fork_asm+0x1a/0x30 [ 23.570108] [ 23.570390] The buggy address belongs to the object at ffff888102a2c100 [ 23.570390] which belongs to the cache kmalloc-64 of size 64 [ 23.571468] The buggy address is located 0 bytes to the right of [ 23.571468] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.572626] [ 23.572923] The buggy address belongs to the physical page: [ 23.573517] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.574275] flags: 0x200000000000000(node=0|zone=2) [ 23.574850] page_type: f5(slab) [ 23.575299] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.576080] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.576772] page dumped because: kasan: bad access detected [ 23.577395] [ 23.577689] Memory state around the buggy address: [ 23.578203] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.578900] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.579664] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.580173] ^ [ 23.580746] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.581348] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.582051] ================================================================== [ 23.329918] ================================================================== [ 23.331198] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 23.333090] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.334192] [ 23.334514] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.334654] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.334693] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.334820] Call Trace: [ 23.334875] <TASK> [ 23.334918] dump_stack_lvl+0x73/0xb0 [ 23.334997] print_report+0xd1/0x650 [ 23.335131] ? __virt_addr_valid+0x1db/0x2d0 [ 23.335209] ? kasan_atomics_helper+0x4f30/0x5450 [ 23.335286] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.335366] ? kasan_atomics_helper+0x4f30/0x5450 [ 23.335440] kasan_report+0x141/0x180 [ 23.335556] ? kasan_atomics_helper+0x4f30/0x5450 [ 23.335691] __asan_report_load8_noabort+0x18/0x20 [ 23.335765] kasan_atomics_helper+0x4f30/0x5450 [ 23.335844] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.335914] ? ret_from_fork_asm+0x1a/0x30 [ 23.335958] kasan_atomics+0x1dc/0x310 [ 23.335989] ? __pfx_kasan_atomics+0x10/0x10 [ 23.336022] ? __pfx_read_tsc+0x10/0x10 [ 23.336051] ? ktime_get_ts64+0x86/0x230 [ 23.336088] kunit_try_run_case+0x1a5/0x480 [ 23.336128] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.336164] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.336200] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.336278] ? __kthread_parkme+0x82/0x180 [ 23.336315] ? preempt_count_sub+0x50/0x80 [ 23.336353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.336389] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.336425] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.336459] kthread+0x337/0x6f0 [ 23.336484] ? trace_preempt_on+0x20/0xc0 [ 23.336519] ? __pfx_kthread+0x10/0x10 [ 23.336545] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.336576] ? calculate_sigpending+0x7b/0xa0 [ 23.336631] ? __pfx_kthread+0x10/0x10 [ 23.336662] ret_from_fork+0x41/0x80 [ 23.336693] ? __pfx_kthread+0x10/0x10 [ 23.336719] ret_from_fork_asm+0x1a/0x30 [ 23.336762] </TASK> [ 23.336776] [ 23.354093] Allocated by task 286: [ 23.354495] kasan_save_stack+0x45/0x70 [ 23.354872] kasan_save_track+0x18/0x40 [ 23.355286] kasan_save_alloc_info+0x3b/0x50 [ 23.355875] __kasan_kmalloc+0xb7/0xc0 [ 23.356407] __kmalloc_cache_noprof+0x189/0x420 [ 23.356767] kasan_atomics+0x95/0x310 [ 23.357073] kunit_try_run_case+0x1a5/0x480 [ 23.357817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.358475] kthread+0x337/0x6f0 [ 23.358964] ret_from_fork+0x41/0x80 [ 23.359436] ret_from_fork_asm+0x1a/0x30 [ 23.359991] [ 23.360342] The buggy address belongs to the object at ffff888102a2c100 [ 23.360342] which belongs to the cache kmalloc-64 of size 64 [ 23.361324] The buggy address is located 0 bytes to the right of [ 23.361324] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.362617] [ 23.362835] The buggy address belongs to the physical page: [ 23.363565] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.364339] flags: 0x200000000000000(node=0|zone=2) [ 23.364821] page_type: f5(slab) [ 23.365492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.366140] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.366978] page dumped because: kasan: bad access detected [ 23.367560] [ 23.367801] Memory state around the buggy address: [ 23.368571] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.369262] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.369862] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.370496] ^ [ 23.370957] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.371669] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.372274] ================================================================== [ 22.521045] ================================================================== [ 22.521823] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 22.522534] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.523172] [ 22.523417] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.523545] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.523676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.523761] Call Trace: [ 22.523816] <TASK> [ 22.523860] dump_stack_lvl+0x73/0xb0 [ 22.524062] print_report+0xd1/0x650 [ 22.524177] ? __virt_addr_valid+0x1db/0x2d0 [ 22.524297] ? kasan_atomics_helper+0x1217/0x5450 [ 22.524371] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.524426] ? kasan_atomics_helper+0x1217/0x5450 [ 22.524484] kasan_report+0x141/0x180 [ 22.524562] ? kasan_atomics_helper+0x1217/0x5450 [ 22.524748] kasan_check_range+0x10c/0x1c0 [ 22.524830] __kasan_check_write+0x18/0x20 [ 22.524955] kasan_atomics_helper+0x1217/0x5450 [ 22.525074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.525151] ? ret_from_fork_asm+0x1a/0x30 [ 22.525198] kasan_atomics+0x1dc/0x310 [ 22.525271] ? __pfx_kasan_atomics+0x10/0x10 [ 22.525308] ? __pfx_read_tsc+0x10/0x10 [ 22.525337] ? ktime_get_ts64+0x86/0x230 [ 22.525376] kunit_try_run_case+0x1a5/0x480 [ 22.525413] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.525447] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.525484] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.525519] ? __kthread_parkme+0x82/0x180 [ 22.525551] ? preempt_count_sub+0x50/0x80 [ 22.525587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.525650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.525689] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.525726] kthread+0x337/0x6f0 [ 22.525763] ? trace_preempt_on+0x20/0xc0 [ 22.525800] ? __pfx_kthread+0x10/0x10 [ 22.525825] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.525857] ? calculate_sigpending+0x7b/0xa0 [ 22.525888] ? __pfx_kthread+0x10/0x10 [ 22.525913] ret_from_fork+0x41/0x80 [ 22.525945] ? __pfx_kthread+0x10/0x10 [ 22.525969] ret_from_fork_asm+0x1a/0x30 [ 22.526011] </TASK> [ 22.526025] [ 22.542124] Allocated by task 286: [ 22.542560] kasan_save_stack+0x45/0x70 [ 22.543019] kasan_save_track+0x18/0x40 [ 22.543484] kasan_save_alloc_info+0x3b/0x50 [ 22.543864] __kasan_kmalloc+0xb7/0xc0 [ 22.544174] __kmalloc_cache_noprof+0x189/0x420 [ 22.544675] kasan_atomics+0x95/0x310 [ 22.545087] kunit_try_run_case+0x1a5/0x480 [ 22.545573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.546125] kthread+0x337/0x6f0 [ 22.546526] ret_from_fork+0x41/0x80 [ 22.546901] ret_from_fork_asm+0x1a/0x30 [ 22.547367] [ 22.547593] The buggy address belongs to the object at ffff888102a2c100 [ 22.547593] which belongs to the cache kmalloc-64 of size 64 [ 22.548543] The buggy address is located 0 bytes to the right of [ 22.548543] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.549424] [ 22.549627] The buggy address belongs to the physical page: [ 22.550157] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.550927] flags: 0x200000000000000(node=0|zone=2) [ 22.551430] page_type: f5(slab) [ 22.551778] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.552410] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.553076] page dumped because: kasan: bad access detected [ 22.553554] [ 22.553802] Memory state around the buggy address: [ 22.554277] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.554800] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.555378] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.555907] ^ [ 22.556335] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.557640] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.558457] ================================================================== [ 23.456030] ================================================================== [ 23.457301] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 23.458148] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.459000] [ 23.459549] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.459699] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.459738] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.459818] Call Trace: [ 23.459898] <TASK> [ 23.459944] dump_stack_lvl+0x73/0xb0 [ 23.460001] print_report+0xd1/0x650 [ 23.460042] ? __virt_addr_valid+0x1db/0x2d0 [ 23.460076] ? kasan_atomics_helper+0x1e12/0x5450 [ 23.460112] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.460147] ? kasan_atomics_helper+0x1e12/0x5450 [ 23.460181] kasan_report+0x141/0x180 [ 23.460227] ? kasan_atomics_helper+0x1e12/0x5450 [ 23.460291] kasan_check_range+0x10c/0x1c0 [ 23.460323] __kasan_check_write+0x18/0x20 [ 23.460354] kasan_atomics_helper+0x1e12/0x5450 [ 23.460390] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.460424] ? ret_from_fork_asm+0x1a/0x30 [ 23.460464] kasan_atomics+0x1dc/0x310 [ 23.460493] ? __pfx_kasan_atomics+0x10/0x10 [ 23.460524] ? __pfx_read_tsc+0x10/0x10 [ 23.460554] ? ktime_get_ts64+0x86/0x230 [ 23.460592] kunit_try_run_case+0x1a5/0x480 [ 23.460656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.460694] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.460731] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.460767] ? __kthread_parkme+0x82/0x180 [ 23.460801] ? preempt_count_sub+0x50/0x80 [ 23.460838] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.460874] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.460911] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.460947] kthread+0x337/0x6f0 [ 23.460972] ? trace_preempt_on+0x20/0xc0 [ 23.461007] ? __pfx_kthread+0x10/0x10 [ 23.461035] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.461068] ? calculate_sigpending+0x7b/0xa0 [ 23.461100] ? __pfx_kthread+0x10/0x10 [ 23.461128] ret_from_fork+0x41/0x80 [ 23.461160] ? __pfx_kthread+0x10/0x10 [ 23.461186] ret_from_fork_asm+0x1a/0x30 [ 23.461259] </TASK> [ 23.461278] [ 23.476989] Allocated by task 286: [ 23.477445] kasan_save_stack+0x45/0x70 [ 23.477945] kasan_save_track+0x18/0x40 [ 23.478434] kasan_save_alloc_info+0x3b/0x50 [ 23.478880] __kasan_kmalloc+0xb7/0xc0 [ 23.479279] __kmalloc_cache_noprof+0x189/0x420 [ 23.479643] kasan_atomics+0x95/0x310 [ 23.480065] kunit_try_run_case+0x1a5/0x480 [ 23.480628] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.481193] kthread+0x337/0x6f0 [ 23.481630] ret_from_fork+0x41/0x80 [ 23.482084] ret_from_fork_asm+0x1a/0x30 [ 23.482480] [ 23.482685] The buggy address belongs to the object at ffff888102a2c100 [ 23.482685] which belongs to the cache kmalloc-64 of size 64 [ 23.483792] The buggy address is located 0 bytes to the right of [ 23.483792] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.484744] [ 23.484934] The buggy address belongs to the physical page: [ 23.485379] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.486132] flags: 0x200000000000000(node=0|zone=2) [ 23.486641] page_type: f5(slab) [ 23.487039] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.487732] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.488188] page dumped because: kasan: bad access detected [ 23.488684] [ 23.488946] Memory state around the buggy address: [ 23.489502] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.490162] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.490845] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.491442] ^ [ 23.491885] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.493155] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.493893] ================================================================== [ 21.780563] ================================================================== [ 21.781528] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 21.782163] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.782772] [ 21.783045] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.783172] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.783248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.783313] Call Trace: [ 21.783366] <TASK> [ 21.783415] dump_stack_lvl+0x73/0xb0 [ 21.783500] print_report+0xd1/0x650 [ 21.783583] ? __virt_addr_valid+0x1db/0x2d0 [ 21.783789] ? kasan_atomics_helper+0x860/0x5450 [ 21.783868] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.783948] ? kasan_atomics_helper+0x860/0x5450 [ 21.784024] kasan_report+0x141/0x180 [ 21.784107] ? kasan_atomics_helper+0x860/0x5450 [ 21.784196] kasan_check_range+0x10c/0x1c0 [ 21.784319] __kasan_check_write+0x18/0x20 [ 21.784392] kasan_atomics_helper+0x860/0x5450 [ 21.784473] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.784554] ? ret_from_fork_asm+0x1a/0x30 [ 21.784770] kasan_atomics+0x1dc/0x310 [ 21.784831] ? __pfx_kasan_atomics+0x10/0x10 [ 21.784866] ? __pfx_read_tsc+0x10/0x10 [ 21.784897] ? ktime_get_ts64+0x86/0x230 [ 21.784936] kunit_try_run_case+0x1a5/0x480 [ 21.784976] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.785011] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.785049] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.785086] ? __kthread_parkme+0x82/0x180 [ 21.785120] ? preempt_count_sub+0x50/0x80 [ 21.785158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.785195] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.785271] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.785311] kthread+0x337/0x6f0 [ 21.785339] ? trace_preempt_on+0x20/0xc0 [ 21.785376] ? __pfx_kthread+0x10/0x10 [ 21.785403] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.785436] ? calculate_sigpending+0x7b/0xa0 [ 21.785468] ? __pfx_kthread+0x10/0x10 [ 21.785496] ret_from_fork+0x41/0x80 [ 21.785527] ? __pfx_kthread+0x10/0x10 [ 21.785552] ret_from_fork_asm+0x1a/0x30 [ 21.785598] </TASK> [ 21.785675] [ 21.806077] Allocated by task 286: [ 21.806591] kasan_save_stack+0x45/0x70 [ 21.807324] kasan_save_track+0x18/0x40 [ 21.808007] kasan_save_alloc_info+0x3b/0x50 [ 21.808565] __kasan_kmalloc+0xb7/0xc0 [ 21.808950] __kmalloc_cache_noprof+0x189/0x420 [ 21.809797] kasan_atomics+0x95/0x310 [ 21.810287] kunit_try_run_case+0x1a5/0x480 [ 21.811113] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.811714] kthread+0x337/0x6f0 [ 21.812248] ret_from_fork+0x41/0x80 [ 21.812807] ret_from_fork_asm+0x1a/0x30 [ 21.813291] [ 21.813729] The buggy address belongs to the object at ffff888102a2c100 [ 21.813729] which belongs to the cache kmalloc-64 of size 64 [ 21.815015] The buggy address is located 0 bytes to the right of [ 21.815015] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.816520] [ 21.816947] The buggy address belongs to the physical page: [ 21.817500] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.818189] flags: 0x200000000000000(node=0|zone=2) [ 21.818724] page_type: f5(slab) [ 21.819151] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.819819] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.820459] page dumped because: kasan: bad access detected [ 21.821336] [ 21.821968] Memory state around the buggy address: [ 21.822691] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.823425] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.824277] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.825174] ^ [ 21.825731] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.826926] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.827506] ================================================================== [ 21.911322] ================================================================== [ 21.912016] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 21.912717] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.913404] [ 21.913736] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.913870] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.913911] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.913967] Call Trace: [ 21.914017] <TASK> [ 21.914065] dump_stack_lvl+0x73/0xb0 [ 21.914154] print_report+0xd1/0x650 [ 21.914286] ? __virt_addr_valid+0x1db/0x2d0 [ 21.914361] ? kasan_atomics_helper+0xa2b/0x5450 [ 21.914432] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.914506] ? kasan_atomics_helper+0xa2b/0x5450 [ 21.914582] kasan_report+0x141/0x180 [ 21.914682] ? kasan_atomics_helper+0xa2b/0x5450 [ 21.914795] kasan_check_range+0x10c/0x1c0 [ 21.914898] __kasan_check_write+0x18/0x20 [ 21.914971] kasan_atomics_helper+0xa2b/0x5450 [ 21.915074] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.915183] ? ret_from_fork_asm+0x1a/0x30 [ 21.915296] kasan_atomics+0x1dc/0x310 [ 21.915330] ? __pfx_kasan_atomics+0x10/0x10 [ 21.915362] ? __pfx_read_tsc+0x10/0x10 [ 21.915390] ? ktime_get_ts64+0x86/0x230 [ 21.915428] kunit_try_run_case+0x1a5/0x480 [ 21.915464] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.915499] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.915535] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.915571] ? __kthread_parkme+0x82/0x180 [ 21.915630] ? preempt_count_sub+0x50/0x80 [ 21.915703] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.915743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.915780] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.915815] kthread+0x337/0x6f0 [ 21.915839] ? trace_preempt_on+0x20/0xc0 [ 21.915875] ? __pfx_kthread+0x10/0x10 [ 21.915902] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.915934] ? calculate_sigpending+0x7b/0xa0 [ 21.915966] ? __pfx_kthread+0x10/0x10 [ 21.915992] ret_from_fork+0x41/0x80 [ 21.916022] ? __pfx_kthread+0x10/0x10 [ 21.916048] ret_from_fork_asm+0x1a/0x30 [ 21.916089] </TASK> [ 21.916104] [ 21.931146] Allocated by task 286: [ 21.931571] kasan_save_stack+0x45/0x70 [ 21.931979] kasan_save_track+0x18/0x40 [ 21.932490] kasan_save_alloc_info+0x3b/0x50 [ 21.932941] __kasan_kmalloc+0xb7/0xc0 [ 21.933392] __kmalloc_cache_noprof+0x189/0x420 [ 21.933873] kasan_atomics+0x95/0x310 [ 21.934378] kunit_try_run_case+0x1a5/0x480 [ 21.934766] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.935152] kthread+0x337/0x6f0 [ 21.935481] ret_from_fork+0x41/0x80 [ 21.935899] ret_from_fork_asm+0x1a/0x30 [ 21.936412] [ 21.936666] The buggy address belongs to the object at ffff888102a2c100 [ 21.936666] which belongs to the cache kmalloc-64 of size 64 [ 21.937777] The buggy address is located 0 bytes to the right of [ 21.937777] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.938809] [ 21.938996] The buggy address belongs to the physical page: [ 21.939426] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.940123] flags: 0x200000000000000(node=0|zone=2) [ 21.940618] page_type: f5(slab) [ 21.940986] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.941692] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.942431] page dumped because: kasan: bad access detected [ 21.942954] [ 21.943165] Memory state around the buggy address: [ 21.943695] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.944398] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.945030] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.945707] ^ [ 21.946190] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.946713] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.947441] ================================================================== [ 22.272966] ================================================================== [ 22.273656] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 22.274171] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.274788] [ 22.275009] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.275128] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.275169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.275225] Call Trace: [ 22.275275] <TASK> [ 22.275434] dump_stack_lvl+0x73/0xb0 [ 22.275548] print_report+0xd1/0x650 [ 22.275640] ? __virt_addr_valid+0x1db/0x2d0 [ 22.275719] ? kasan_atomics_helper+0xfa9/0x5450 [ 22.275791] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.275865] ? kasan_atomics_helper+0xfa9/0x5450 [ 22.275940] kasan_report+0x141/0x180 [ 22.276017] ? kasan_atomics_helper+0xfa9/0x5450 [ 22.276101] kasan_check_range+0x10c/0x1c0 [ 22.276175] __kasan_check_write+0x18/0x20 [ 22.276267] kasan_atomics_helper+0xfa9/0x5450 [ 22.276344] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.276420] ? ret_from_fork_asm+0x1a/0x30 [ 22.276504] kasan_atomics+0x1dc/0x310 [ 22.276570] ? __pfx_kasan_atomics+0x10/0x10 [ 22.276659] ? __pfx_read_tsc+0x10/0x10 [ 22.276711] ? ktime_get_ts64+0x86/0x230 [ 22.276781] kunit_try_run_case+0x1a5/0x480 [ 22.276861] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.276940] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.277022] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.277104] ? __kthread_parkme+0x82/0x180 [ 22.277179] ? preempt_count_sub+0x50/0x80 [ 22.277261] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.277345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.277424] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.277551] kthread+0x337/0x6f0 [ 22.277632] ? trace_preempt_on+0x20/0xc0 [ 22.277714] ? __pfx_kthread+0x10/0x10 [ 22.277790] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.277863] ? calculate_sigpending+0x7b/0xa0 [ 22.277932] ? __pfx_kthread+0x10/0x10 [ 22.277997] ret_from_fork+0x41/0x80 [ 22.278069] ? __pfx_kthread+0x10/0x10 [ 22.278133] ret_from_fork_asm+0x1a/0x30 [ 22.278255] </TASK> [ 22.278283] [ 22.296031] Allocated by task 286: [ 22.296816] kasan_save_stack+0x45/0x70 [ 22.297587] kasan_save_track+0x18/0x40 [ 22.297944] kasan_save_alloc_info+0x3b/0x50 [ 22.298443] __kasan_kmalloc+0xb7/0xc0 [ 22.299023] __kmalloc_cache_noprof+0x189/0x420 [ 22.299400] kasan_atomics+0x95/0x310 [ 22.299833] kunit_try_run_case+0x1a5/0x480 [ 22.300257] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.300729] kthread+0x337/0x6f0 [ 22.301075] ret_from_fork+0x41/0x80 [ 22.301630] ret_from_fork_asm+0x1a/0x30 [ 22.301961] [ 22.302150] The buggy address belongs to the object at ffff888102a2c100 [ 22.302150] which belongs to the cache kmalloc-64 of size 64 [ 22.303996] The buggy address is located 0 bytes to the right of [ 22.303996] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.305094] [ 22.305342] The buggy address belongs to the physical page: [ 22.305889] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.306577] flags: 0x200000000000000(node=0|zone=2) [ 22.307032] page_type: f5(slab) [ 22.307486] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.308262] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.308849] page dumped because: kasan: bad access detected [ 22.309443] [ 22.309700] Memory state around the buggy address: [ 22.310169] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.310839] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.311465] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.312116] ^ [ 22.312642] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.313259] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.313926] ================================================================== [ 22.066500] ================================================================== [ 22.067858] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 22.068482] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.069049] [ 22.069314] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.069435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.069476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.069533] Call Trace: [ 22.069581] <TASK> [ 22.069677] dump_stack_lvl+0x73/0xb0 [ 22.069768] print_report+0xd1/0x650 [ 22.069844] ? __virt_addr_valid+0x1db/0x2d0 [ 22.069916] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.069989] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.070065] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.070141] kasan_report+0x141/0x180 [ 22.070222] ? kasan_atomics_helper+0x4a84/0x5450 [ 22.070299] __asan_report_load4_noabort+0x18/0x20 [ 22.070337] kasan_atomics_helper+0x4a84/0x5450 [ 22.070374] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.070412] ? ret_from_fork_asm+0x1a/0x30 [ 22.070453] kasan_atomics+0x1dc/0x310 [ 22.070484] ? __pfx_kasan_atomics+0x10/0x10 [ 22.070517] ? __pfx_read_tsc+0x10/0x10 [ 22.070547] ? ktime_get_ts64+0x86/0x230 [ 22.070585] kunit_try_run_case+0x1a5/0x480 [ 22.070652] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.070692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.070728] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.070764] ? __kthread_parkme+0x82/0x180 [ 22.070796] ? preempt_count_sub+0x50/0x80 [ 22.070833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.070871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.070906] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.070940] kthread+0x337/0x6f0 [ 22.070966] ? trace_preempt_on+0x20/0xc0 [ 22.071001] ? __pfx_kthread+0x10/0x10 [ 22.071029] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.071061] ? calculate_sigpending+0x7b/0xa0 [ 22.071094] ? __pfx_kthread+0x10/0x10 [ 22.071121] ret_from_fork+0x41/0x80 [ 22.071153] ? __pfx_kthread+0x10/0x10 [ 22.071180] ret_from_fork_asm+0x1a/0x30 [ 22.071259] </TASK> [ 22.071278] [ 22.087050] Allocated by task 286: [ 22.087540] kasan_save_stack+0x45/0x70 [ 22.088062] kasan_save_track+0x18/0x40 [ 22.088626] kasan_save_alloc_info+0x3b/0x50 [ 22.089139] __kasan_kmalloc+0xb7/0xc0 [ 22.089707] __kmalloc_cache_noprof+0x189/0x420 [ 22.090266] kasan_atomics+0x95/0x310 [ 22.090777] kunit_try_run_case+0x1a5/0x480 [ 22.091333] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.091929] kthread+0x337/0x6f0 [ 22.092393] ret_from_fork+0x41/0x80 [ 22.092752] ret_from_fork_asm+0x1a/0x30 [ 22.093188] [ 22.093435] The buggy address belongs to the object at ffff888102a2c100 [ 22.093435] which belongs to the cache kmalloc-64 of size 64 [ 22.094512] The buggy address is located 0 bytes to the right of [ 22.094512] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.095598] [ 22.095804] The buggy address belongs to the physical page: [ 22.096159] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.097174] flags: 0x200000000000000(node=0|zone=2) [ 22.097820] page_type: f5(slab) [ 22.098348] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.099174] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.099812] page dumped because: kasan: bad access detected [ 22.100175] [ 22.100400] Memory state around the buggy address: [ 22.100886] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.101644] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.102308] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.102766] ^ [ 22.103205] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.103951] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.105018] ================================================================== [ 22.352785] ================================================================== [ 22.353501] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 22.354295] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.355055] [ 22.355461] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.355586] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.356108] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.356167] Call Trace: [ 22.356408] <TASK> [ 22.356462] dump_stack_lvl+0x73/0xb0 [ 22.356543] print_report+0xd1/0x650 [ 22.356634] ? __virt_addr_valid+0x1db/0x2d0 [ 22.356713] ? kasan_atomics_helper+0x1079/0x5450 [ 22.356776] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.356813] ? kasan_atomics_helper+0x1079/0x5450 [ 22.356847] kasan_report+0x141/0x180 [ 22.356883] ? kasan_atomics_helper+0x1079/0x5450 [ 22.356921] kasan_check_range+0x10c/0x1c0 [ 22.356950] __kasan_check_write+0x18/0x20 [ 22.356981] kasan_atomics_helper+0x1079/0x5450 [ 22.357016] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.357053] ? ret_from_fork_asm+0x1a/0x30 [ 22.357094] kasan_atomics+0x1dc/0x310 [ 22.357124] ? __pfx_kasan_atomics+0x10/0x10 [ 22.357154] ? __pfx_read_tsc+0x10/0x10 [ 22.357181] ? ktime_get_ts64+0x86/0x230 [ 22.357284] kunit_try_run_case+0x1a5/0x480 [ 22.357377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.357942] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.358029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.358109] ? __kthread_parkme+0x82/0x180 [ 22.358184] ? preempt_count_sub+0x50/0x80 [ 22.358276] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.358338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.358415] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.358494] kthread+0x337/0x6f0 [ 22.358559] ? trace_preempt_on+0x20/0xc0 [ 22.358664] ? __pfx_kthread+0x10/0x10 [ 22.358733] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.358814] ? calculate_sigpending+0x7b/0xa0 [ 22.358887] ? __pfx_kthread+0x10/0x10 [ 22.358957] ret_from_fork+0x41/0x80 [ 22.359032] ? __pfx_kthread+0x10/0x10 [ 22.359103] ret_from_fork_asm+0x1a/0x30 [ 22.359198] </TASK> [ 22.359259] [ 22.374496] Allocated by task 286: [ 22.374853] kasan_save_stack+0x45/0x70 [ 22.375362] kasan_save_track+0x18/0x40 [ 22.375814] kasan_save_alloc_info+0x3b/0x50 [ 22.376348] __kasan_kmalloc+0xb7/0xc0 [ 22.376713] __kmalloc_cache_noprof+0x189/0x420 [ 22.377195] kasan_atomics+0x95/0x310 [ 22.377705] kunit_try_run_case+0x1a5/0x480 [ 22.378179] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.378781] kthread+0x337/0x6f0 [ 22.379158] ret_from_fork+0x41/0x80 [ 22.379631] ret_from_fork_asm+0x1a/0x30 [ 22.380040] [ 22.380320] The buggy address belongs to the object at ffff888102a2c100 [ 22.380320] which belongs to the cache kmalloc-64 of size 64 [ 22.381332] The buggy address is located 0 bytes to the right of [ 22.381332] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.382375] [ 22.382584] The buggy address belongs to the physical page: [ 22.383091] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.383814] flags: 0x200000000000000(node=0|zone=2) [ 22.384346] page_type: f5(slab) [ 22.384762] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.385474] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.386150] page dumped because: kasan: bad access detected [ 22.387111] [ 22.387689] Memory state around the buggy address: [ 22.388843] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.389324] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.389996] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.390660] ^ [ 22.391032] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.391530] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.392004] ================================================================== [ 21.202075] ================================================================== [ 21.203104] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 21.203873] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.204460] [ 21.204849] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.204966] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.205001] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.205051] Call Trace: [ 21.205086] <TASK> [ 21.205121] dump_stack_lvl+0x73/0xb0 [ 21.205191] print_report+0xd1/0x650 [ 21.205261] ? __virt_addr_valid+0x1db/0x2d0 [ 21.205400] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.205482] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.205559] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.205691] kasan_report+0x141/0x180 [ 21.205777] ? kasan_atomics_helper+0x4ba2/0x5450 [ 21.205870] __asan_report_store4_noabort+0x1b/0x30 [ 21.205939] kasan_atomics_helper+0x4ba2/0x5450 [ 21.205977] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.206011] ? ret_from_fork_asm+0x1a/0x30 [ 21.206051] kasan_atomics+0x1dc/0x310 [ 21.206079] ? __pfx_kasan_atomics+0x10/0x10 [ 21.206109] ? __pfx_read_tsc+0x10/0x10 [ 21.206136] ? ktime_get_ts64+0x86/0x230 [ 21.206170] kunit_try_run_case+0x1a5/0x480 [ 21.206206] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.206316] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.206402] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.206442] ? __kthread_parkme+0x82/0x180 [ 21.206473] ? preempt_count_sub+0x50/0x80 [ 21.206511] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.206546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.206580] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.206652] kthread+0x337/0x6f0 [ 21.206721] ? trace_preempt_on+0x20/0xc0 [ 21.206759] ? __pfx_kthread+0x10/0x10 [ 21.206783] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.206814] ? calculate_sigpending+0x7b/0xa0 [ 21.206843] ? __pfx_kthread+0x10/0x10 [ 21.206868] ret_from_fork+0x41/0x80 [ 21.206897] ? __pfx_kthread+0x10/0x10 [ 21.206921] ret_from_fork_asm+0x1a/0x30 [ 21.206959] </TASK> [ 21.206972] [ 21.224250] Allocated by task 286: [ 21.224991] kasan_save_stack+0x45/0x70 [ 21.225483] kasan_save_track+0x18/0x40 [ 21.226005] kasan_save_alloc_info+0x3b/0x50 [ 21.226448] __kasan_kmalloc+0xb7/0xc0 [ 21.227112] __kmalloc_cache_noprof+0x189/0x420 [ 21.227673] kasan_atomics+0x95/0x310 [ 21.228102] kunit_try_run_case+0x1a5/0x480 [ 21.228437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.228902] kthread+0x337/0x6f0 [ 21.229432] ret_from_fork+0x41/0x80 [ 21.230259] ret_from_fork_asm+0x1a/0x30 [ 21.230802] [ 21.231047] The buggy address belongs to the object at ffff888102a2c100 [ 21.231047] which belongs to the cache kmalloc-64 of size 64 [ 21.232154] The buggy address is located 0 bytes to the right of [ 21.232154] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.233165] [ 21.233499] The buggy address belongs to the physical page: [ 21.234010] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.234666] flags: 0x200000000000000(node=0|zone=2) [ 21.235026] page_type: f5(slab) [ 21.235398] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.236115] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.236805] page dumped because: kasan: bad access detected [ 21.237158] [ 21.237432] Memory state around the buggy address: [ 21.237911] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.238853] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.239452] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.239906] ^ [ 21.240353] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.241425] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.242355] ================================================================== [ 23.868497] ================================================================== [ 23.869128] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 23.869740] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.870509] [ 23.870782] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.870902] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.870943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.870999] Call Trace: [ 23.871067] <TASK> [ 23.871116] dump_stack_lvl+0x73/0xb0 [ 23.871257] print_report+0xd1/0x650 [ 23.871340] ? __virt_addr_valid+0x1db/0x2d0 [ 23.871462] ? kasan_atomics_helper+0x224c/0x5450 [ 23.871540] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.871637] ? kasan_atomics_helper+0x224c/0x5450 [ 23.871742] kasan_report+0x141/0x180 [ 23.871849] ? kasan_atomics_helper+0x224c/0x5450 [ 23.871940] kasan_check_range+0x10c/0x1c0 [ 23.872016] __kasan_check_write+0x18/0x20 [ 23.872137] kasan_atomics_helper+0x224c/0x5450 [ 23.872262] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.872367] ? ret_from_fork_asm+0x1a/0x30 [ 23.872486] kasan_atomics+0x1dc/0x310 [ 23.872563] ? __pfx_kasan_atomics+0x10/0x10 [ 23.872635] ? __pfx_read_tsc+0x10/0x10 [ 23.872669] ? ktime_get_ts64+0x86/0x230 [ 23.872710] kunit_try_run_case+0x1a5/0x480 [ 23.872750] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.872785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.872820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.872856] ? __kthread_parkme+0x82/0x180 [ 23.872889] ? preempt_count_sub+0x50/0x80 [ 23.872926] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.872963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.872998] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.873032] kthread+0x337/0x6f0 [ 23.873057] ? trace_preempt_on+0x20/0xc0 [ 23.873092] ? __pfx_kthread+0x10/0x10 [ 23.873118] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.873149] ? calculate_sigpending+0x7b/0xa0 [ 23.873179] ? __pfx_kthread+0x10/0x10 [ 23.873204] ret_from_fork+0x41/0x80 [ 23.873275] ? __pfx_kthread+0x10/0x10 [ 23.873304] ret_from_fork_asm+0x1a/0x30 [ 23.873347] </TASK> [ 23.873362] [ 23.892175] Allocated by task 286: [ 23.892744] kasan_save_stack+0x45/0x70 [ 23.893073] kasan_save_track+0x18/0x40 [ 23.893740] kasan_save_alloc_info+0x3b/0x50 [ 23.894508] __kasan_kmalloc+0xb7/0xc0 [ 23.895129] __kmalloc_cache_noprof+0x189/0x420 [ 23.895826] kasan_atomics+0x95/0x310 [ 23.896186] kunit_try_run_case+0x1a5/0x480 [ 23.896595] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.897079] kthread+0x337/0x6f0 [ 23.897446] ret_from_fork+0x41/0x80 [ 23.897850] ret_from_fork_asm+0x1a/0x30 [ 23.898311] [ 23.898531] The buggy address belongs to the object at ffff888102a2c100 [ 23.898531] which belongs to the cache kmalloc-64 of size 64 [ 23.899493] The buggy address is located 0 bytes to the right of [ 23.899493] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.900425] [ 23.900626] The buggy address belongs to the physical page: [ 23.901117] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.901824] flags: 0x200000000000000(node=0|zone=2) [ 23.902176] page_type: f5(slab) [ 23.902585] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.903298] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.904021] page dumped because: kasan: bad access detected [ 23.904519] [ 23.904755] Memory state around the buggy address: [ 23.905291] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.905947] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.906632] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.907329] ^ [ 23.907812] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908300] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.908974] ================================================================== [ 22.603174] ================================================================== [ 22.604209] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 22.605066] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.605693] [ 22.605947] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.606042] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.606062] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.606092] Call Trace: [ 22.606116] <TASK> [ 22.606138] dump_stack_lvl+0x73/0xb0 [ 22.606176] print_report+0xd1/0x650 [ 22.606211] ? __virt_addr_valid+0x1db/0x2d0 [ 22.606246] ? kasan_atomics_helper+0x12e6/0x5450 [ 22.606283] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.606318] ? kasan_atomics_helper+0x12e6/0x5450 [ 22.606352] kasan_report+0x141/0x180 [ 22.606387] ? kasan_atomics_helper+0x12e6/0x5450 [ 22.606427] kasan_check_range+0x10c/0x1c0 [ 22.606457] __kasan_check_write+0x18/0x20 [ 22.606488] kasan_atomics_helper+0x12e6/0x5450 [ 22.606523] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.606557] ? ret_from_fork_asm+0x1a/0x30 [ 22.606598] kasan_atomics+0x1dc/0x310 [ 22.606711] ? __pfx_kasan_atomics+0x10/0x10 [ 22.606787] ? __pfx_read_tsc+0x10/0x10 [ 22.607059] ? ktime_get_ts64+0x86/0x230 [ 22.607179] kunit_try_run_case+0x1a5/0x480 [ 22.607265] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.607339] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.607415] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.607511] ? __kthread_parkme+0x82/0x180 [ 22.607592] ? preempt_count_sub+0x50/0x80 [ 22.607738] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.607867] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.607980] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.608060] kthread+0x337/0x6f0 [ 22.608119] ? trace_preempt_on+0x20/0xc0 [ 22.608158] ? __pfx_kthread+0x10/0x10 [ 22.608186] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.608227] ? calculate_sigpending+0x7b/0xa0 [ 22.608285] ? __pfx_kthread+0x10/0x10 [ 22.608313] ret_from_fork+0x41/0x80 [ 22.608348] ? __pfx_kthread+0x10/0x10 [ 22.608374] ret_from_fork_asm+0x1a/0x30 [ 22.608417] </TASK> [ 22.608432] [ 22.623653] Allocated by task 286: [ 22.624025] kasan_save_stack+0x45/0x70 [ 22.624475] kasan_save_track+0x18/0x40 [ 22.624833] kasan_save_alloc_info+0x3b/0x50 [ 22.625317] __kasan_kmalloc+0xb7/0xc0 [ 22.625654] __kmalloc_cache_noprof+0x189/0x420 [ 22.626011] kasan_atomics+0x95/0x310 [ 22.626370] kunit_try_run_case+0x1a5/0x480 [ 22.626860] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.627462] kthread+0x337/0x6f0 [ 22.627860] ret_from_fork+0x41/0x80 [ 22.629348] ret_from_fork_asm+0x1a/0x30 [ 22.629793] [ 22.630041] The buggy address belongs to the object at ffff888102a2c100 [ 22.630041] which belongs to the cache kmalloc-64 of size 64 [ 22.631824] The buggy address is located 0 bytes to the right of [ 22.631824] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.632692] [ 22.632927] The buggy address belongs to the physical page: [ 22.633396] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.634034] flags: 0x200000000000000(node=0|zone=2) [ 22.634390] page_type: f5(slab) [ 22.634841] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.635517] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.636095] page dumped because: kasan: bad access detected [ 22.636632] [ 22.636858] Memory state around the buggy address: [ 22.637359] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.637963] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.638478] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.639143] ^ [ 22.639569] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.640157] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.640809] ================================================================== [ 21.684024] ================================================================== [ 21.684694] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 21.685504] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.686264] [ 21.686728] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.686934] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.686977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.687037] Call Trace: [ 21.687078] <TASK> [ 21.687123] dump_stack_lvl+0x73/0xb0 [ 21.687204] print_report+0xd1/0x650 [ 21.687330] ? __virt_addr_valid+0x1db/0x2d0 [ 21.687441] ? kasan_atomics_helper+0x72f/0x5450 [ 21.687522] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.687594] ? kasan_atomics_helper+0x72f/0x5450 [ 21.687697] kasan_report+0x141/0x180 [ 21.687782] ? kasan_atomics_helper+0x72f/0x5450 [ 21.687872] kasan_check_range+0x10c/0x1c0 [ 21.687967] __kasan_check_write+0x18/0x20 [ 21.688043] kasan_atomics_helper+0x72f/0x5450 [ 21.688114] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.688183] ? ret_from_fork_asm+0x1a/0x30 [ 21.688320] kasan_atomics+0x1dc/0x310 [ 21.688406] ? __pfx_kasan_atomics+0x10/0x10 [ 21.688482] ? __pfx_read_tsc+0x10/0x10 [ 21.688545] ? ktime_get_ts64+0x86/0x230 [ 21.688644] kunit_try_run_case+0x1a5/0x480 [ 21.688731] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.688810] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.688892] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.688976] ? __kthread_parkme+0x82/0x180 [ 21.689053] ? preempt_count_sub+0x50/0x80 [ 21.689100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.689139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.689176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.689219] kthread+0x337/0x6f0 [ 21.689274] ? trace_preempt_on+0x20/0xc0 [ 21.689314] ? __pfx_kthread+0x10/0x10 [ 21.689343] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.689375] ? calculate_sigpending+0x7b/0xa0 [ 21.689411] ? __pfx_kthread+0x10/0x10 [ 21.689440] ret_from_fork+0x41/0x80 [ 21.689472] ? __pfx_kthread+0x10/0x10 [ 21.689499] ret_from_fork_asm+0x1a/0x30 [ 21.689540] </TASK> [ 21.689556] [ 21.709310] Allocated by task 286: [ 21.709948] kasan_save_stack+0x45/0x70 [ 21.710950] kasan_save_track+0x18/0x40 [ 21.712134] kasan_save_alloc_info+0x3b/0x50 [ 21.712869] __kasan_kmalloc+0xb7/0xc0 [ 21.713192] __kmalloc_cache_noprof+0x189/0x420 [ 21.714149] kasan_atomics+0x95/0x310 [ 21.714686] kunit_try_run_case+0x1a5/0x480 [ 21.715479] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.715963] kthread+0x337/0x6f0 [ 21.716635] ret_from_fork+0x41/0x80 [ 21.717153] ret_from_fork_asm+0x1a/0x30 [ 21.717564] [ 21.718102] The buggy address belongs to the object at ffff888102a2c100 [ 21.718102] which belongs to the cache kmalloc-64 of size 64 [ 21.719157] The buggy address is located 0 bytes to the right of [ 21.719157] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.720124] [ 21.720418] The buggy address belongs to the physical page: [ 21.720942] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.721973] flags: 0x200000000000000(node=0|zone=2) [ 21.722368] page_type: f5(slab) [ 21.723011] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.723881] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.724533] page dumped because: kasan: bad access detected [ 21.725289] [ 21.725508] Memory state around the buggy address: [ 21.726362] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.726978] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.727564] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.728336] ^ [ 21.728754] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.729556] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.730146] ================================================================== [ 21.948530] ================================================================== [ 21.949585] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 21.950300] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.950968] [ 21.951311] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.951402] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.951422] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.951451] Call Trace: [ 21.951474] <TASK> [ 21.951511] dump_stack_lvl+0x73/0xb0 [ 21.951568] print_report+0xd1/0x650 [ 21.951654] ? __virt_addr_valid+0x1db/0x2d0 [ 21.951731] ? kasan_atomics_helper+0xac7/0x5450 [ 21.951806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.951886] ? kasan_atomics_helper+0xac7/0x5450 [ 21.951965] kasan_report+0x141/0x180 [ 21.952044] ? kasan_atomics_helper+0xac7/0x5450 [ 21.952135] kasan_check_range+0x10c/0x1c0 [ 21.952251] __kasan_check_write+0x18/0x20 [ 21.952334] kasan_atomics_helper+0xac7/0x5450 [ 21.952414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.952514] ? ret_from_fork_asm+0x1a/0x30 [ 21.952645] kasan_atomics+0x1dc/0x310 [ 21.952719] ? __pfx_kasan_atomics+0x10/0x10 [ 21.952793] ? __pfx_read_tsc+0x10/0x10 [ 21.952858] ? ktime_get_ts64+0x86/0x230 [ 21.952936] kunit_try_run_case+0x1a5/0x480 [ 21.953014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.953087] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.953162] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.953283] ? __kthread_parkme+0x82/0x180 [ 21.953359] ? preempt_count_sub+0x50/0x80 [ 21.953440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.953516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.953584] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.953663] kthread+0x337/0x6f0 [ 21.953727] ? trace_preempt_on+0x20/0xc0 [ 21.953823] ? __pfx_kthread+0x10/0x10 [ 21.953941] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.954025] ? calculate_sigpending+0x7b/0xa0 [ 21.954101] ? __pfx_kthread+0x10/0x10 [ 21.954170] ret_from_fork+0x41/0x80 [ 21.954287] ? __pfx_kthread+0x10/0x10 [ 21.954359] ret_from_fork_asm+0x1a/0x30 [ 21.954469] </TASK> [ 21.954513] [ 21.969412] Allocated by task 286: [ 21.969707] kasan_save_stack+0x45/0x70 [ 21.970089] kasan_save_track+0x18/0x40 [ 21.970583] kasan_save_alloc_info+0x3b/0x50 [ 21.971122] __kasan_kmalloc+0xb7/0xc0 [ 21.971574] __kmalloc_cache_noprof+0x189/0x420 [ 21.972113] kasan_atomics+0x95/0x310 [ 21.972475] kunit_try_run_case+0x1a5/0x480 [ 21.972966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.973565] kthread+0x337/0x6f0 [ 21.973961] ret_from_fork+0x41/0x80 [ 21.974353] ret_from_fork_asm+0x1a/0x30 [ 21.974839] [ 21.975110] The buggy address belongs to the object at ffff888102a2c100 [ 21.975110] which belongs to the cache kmalloc-64 of size 64 [ 21.975894] The buggy address is located 0 bytes to the right of [ 21.975894] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.976664] [ 21.976940] The buggy address belongs to the physical page: [ 21.977503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.978271] flags: 0x200000000000000(node=0|zone=2) [ 21.978777] page_type: f5(slab) [ 21.979149] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.979887] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.980591] page dumped because: kasan: bad access detected [ 21.980972] [ 21.981150] Memory state around the buggy address: [ 21.981637] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.982382] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.983051] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.983765] ^ [ 21.984260] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.984921] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.985506] ================================================================== [ 22.393281] ================================================================== [ 22.393939] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 22.394658] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.395163] [ 22.395421] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.395541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.395580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.395656] Call Trace: [ 22.395704] <TASK> [ 22.395745] dump_stack_lvl+0x73/0xb0 [ 22.395820] print_report+0xd1/0x650 [ 22.395891] ? __virt_addr_valid+0x1db/0x2d0 [ 22.395963] ? kasan_atomics_helper+0x4a1c/0x5450 [ 22.396041] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.396121] ? kasan_atomics_helper+0x4a1c/0x5450 [ 22.396199] kasan_report+0x141/0x180 [ 22.396324] ? kasan_atomics_helper+0x4a1c/0x5450 [ 22.396418] __asan_report_load4_noabort+0x18/0x20 [ 22.396496] kasan_atomics_helper+0x4a1c/0x5450 [ 22.396579] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.396680] ? ret_from_fork_asm+0x1a/0x30 [ 22.396776] kasan_atomics+0x1dc/0x310 [ 22.396850] ? __pfx_kasan_atomics+0x10/0x10 [ 22.396924] ? __pfx_read_tsc+0x10/0x10 [ 22.396996] ? ktime_get_ts64+0x86/0x230 [ 22.397082] kunit_try_run_case+0x1a5/0x480 [ 22.397167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.397287] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.397365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.397441] ? __kthread_parkme+0x82/0x180 [ 22.397513] ? preempt_count_sub+0x50/0x80 [ 22.397592] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.397691] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.397776] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.397855] kthread+0x337/0x6f0 [ 22.397923] ? trace_preempt_on+0x20/0xc0 [ 22.398006] ? __pfx_kthread+0x10/0x10 [ 22.398072] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.398118] ? calculate_sigpending+0x7b/0xa0 [ 22.398150] ? __pfx_kthread+0x10/0x10 [ 22.398179] ret_from_fork+0x41/0x80 [ 22.398239] ? __pfx_kthread+0x10/0x10 [ 22.398287] ret_from_fork_asm+0x1a/0x30 [ 22.398331] </TASK> [ 22.398348] [ 22.414970] Allocated by task 286: [ 22.415441] kasan_save_stack+0x45/0x70 [ 22.415950] kasan_save_track+0x18/0x40 [ 22.416544] kasan_save_alloc_info+0x3b/0x50 [ 22.417041] __kasan_kmalloc+0xb7/0xc0 [ 22.417512] __kmalloc_cache_noprof+0x189/0x420 [ 22.418087] kasan_atomics+0x95/0x310 [ 22.418632] kunit_try_run_case+0x1a5/0x480 [ 22.419112] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.419783] kthread+0x337/0x6f0 [ 22.420068] ret_from_fork+0x41/0x80 [ 22.420788] ret_from_fork_asm+0x1a/0x30 [ 22.421496] [ 22.421766] The buggy address belongs to the object at ffff888102a2c100 [ 22.421766] which belongs to the cache kmalloc-64 of size 64 [ 22.422739] The buggy address is located 0 bytes to the right of [ 22.422739] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.424017] [ 22.424480] The buggy address belongs to the physical page: [ 22.425126] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.425856] flags: 0x200000000000000(node=0|zone=2) [ 22.426261] page_type: f5(slab) [ 22.426853] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.427648] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.428330] page dumped because: kasan: bad access detected [ 22.428843] [ 22.429079] Memory state around the buggy address: [ 22.429687] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.430301] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.430956] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.431524] ^ [ 22.432035] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.432885] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.433643] ================================================================== [ 22.804935] ================================================================== [ 22.806112] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 22.806820] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.808078] [ 22.808440] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.808571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.808629] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.808706] Call Trace: [ 22.808786] <TASK> [ 22.808835] dump_stack_lvl+0x73/0xb0 [ 22.808901] print_report+0xd1/0x650 [ 22.808940] ? __virt_addr_valid+0x1db/0x2d0 [ 22.808974] ? kasan_atomics_helper+0x50d4/0x5450 [ 22.809011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.809047] ? kasan_atomics_helper+0x50d4/0x5450 [ 22.809081] kasan_report+0x141/0x180 [ 22.809117] ? kasan_atomics_helper+0x50d4/0x5450 [ 22.809157] __asan_report_store8_noabort+0x1b/0x30 [ 22.809192] kasan_atomics_helper+0x50d4/0x5450 [ 22.809269] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.809310] ? ret_from_fork_asm+0x1a/0x30 [ 22.809351] kasan_atomics+0x1dc/0x310 [ 22.809381] ? __pfx_kasan_atomics+0x10/0x10 [ 22.809412] ? __pfx_read_tsc+0x10/0x10 [ 22.809443] ? ktime_get_ts64+0x86/0x230 [ 22.809479] kunit_try_run_case+0x1a5/0x480 [ 22.809516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.809553] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.809590] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.809653] ? __kthread_parkme+0x82/0x180 [ 22.809688] ? preempt_count_sub+0x50/0x80 [ 22.809727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.809779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.809818] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.809855] kthread+0x337/0x6f0 [ 22.809881] ? trace_preempt_on+0x20/0xc0 [ 22.809917] ? __pfx_kthread+0x10/0x10 [ 22.809945] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.809978] ? calculate_sigpending+0x7b/0xa0 [ 22.810009] ? __pfx_kthread+0x10/0x10 [ 22.810036] ret_from_fork+0x41/0x80 [ 22.810069] ? __pfx_kthread+0x10/0x10 [ 22.810096] ret_from_fork_asm+0x1a/0x30 [ 22.810141] </TASK> [ 22.810156] [ 22.827777] Allocated by task 286: [ 22.828130] kasan_save_stack+0x45/0x70 [ 22.828710] kasan_save_track+0x18/0x40 [ 22.829103] kasan_save_alloc_info+0x3b/0x50 [ 22.829507] __kasan_kmalloc+0xb7/0xc0 [ 22.829846] __kmalloc_cache_noprof+0x189/0x420 [ 22.830186] kasan_atomics+0x95/0x310 [ 22.830723] kunit_try_run_case+0x1a5/0x480 [ 22.831199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.831729] kthread+0x337/0x6f0 [ 22.832225] ret_from_fork+0x41/0x80 [ 22.832666] ret_from_fork_asm+0x1a/0x30 [ 22.833084] [ 22.833391] The buggy address belongs to the object at ffff888102a2c100 [ 22.833391] which belongs to the cache kmalloc-64 of size 64 [ 22.834277] The buggy address is located 0 bytes to the right of [ 22.834277] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.836706] [ 22.836943] The buggy address belongs to the physical page: [ 22.837425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.838132] flags: 0x200000000000000(node=0|zone=2) [ 22.839005] page_type: f5(slab) [ 22.839598] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.840336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.840962] page dumped because: kasan: bad access detected [ 22.841629] [ 22.841842] Memory state around the buggy address: [ 22.842276] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.843030] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.843591] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.844154] ^ [ 22.844561] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.845130] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.846157] ================================================================== [ 23.583416] ================================================================== [ 23.584064] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 23.584810] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.585539] [ 23.585806] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.585911] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.585943] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.585990] Call Trace: [ 23.586032] <TASK> [ 23.586070] dump_stack_lvl+0x73/0xb0 [ 23.586183] print_report+0xd1/0x650 [ 23.586370] ? __virt_addr_valid+0x1db/0x2d0 [ 23.586492] ? kasan_atomics_helper+0x4f71/0x5450 [ 23.586576] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.586670] ? kasan_atomics_helper+0x4f71/0x5450 [ 23.586745] kasan_report+0x141/0x180 [ 23.586824] ? kasan_atomics_helper+0x4f71/0x5450 [ 23.586915] __asan_report_load8_noabort+0x18/0x20 [ 23.586994] kasan_atomics_helper+0x4f71/0x5450 [ 23.587041] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.587080] ? ret_from_fork_asm+0x1a/0x30 [ 23.587121] kasan_atomics+0x1dc/0x310 [ 23.587178] ? __pfx_kasan_atomics+0x10/0x10 [ 23.587389] ? __pfx_read_tsc+0x10/0x10 [ 23.587461] ? ktime_get_ts64+0x86/0x230 [ 23.587704] kunit_try_run_case+0x1a5/0x480 [ 23.587795] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.587870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.587949] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.588025] ? __kthread_parkme+0x82/0x180 [ 23.588077] ? preempt_count_sub+0x50/0x80 [ 23.588117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.588155] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.588190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.588266] kthread+0x337/0x6f0 [ 23.588298] ? trace_preempt_on+0x20/0xc0 [ 23.588335] ? __pfx_kthread+0x10/0x10 [ 23.588362] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.588395] ? calculate_sigpending+0x7b/0xa0 [ 23.588429] ? __pfx_kthread+0x10/0x10 [ 23.588455] ret_from_fork+0x41/0x80 [ 23.588488] ? __pfx_kthread+0x10/0x10 [ 23.588514] ret_from_fork_asm+0x1a/0x30 [ 23.588557] </TASK> [ 23.588573] [ 23.604036] Allocated by task 286: [ 23.604376] kasan_save_stack+0x45/0x70 [ 23.604830] kasan_save_track+0x18/0x40 [ 23.605377] kasan_save_alloc_info+0x3b/0x50 [ 23.605870] __kasan_kmalloc+0xb7/0xc0 [ 23.606357] __kmalloc_cache_noprof+0x189/0x420 [ 23.606903] kasan_atomics+0x95/0x310 [ 23.607368] kunit_try_run_case+0x1a5/0x480 [ 23.607850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.608464] kthread+0x337/0x6f0 [ 23.608895] ret_from_fork+0x41/0x80 [ 23.609399] ret_from_fork_asm+0x1a/0x30 [ 23.609834] [ 23.610176] The buggy address belongs to the object at ffff888102a2c100 [ 23.610176] which belongs to the cache kmalloc-64 of size 64 [ 23.611349] The buggy address is located 0 bytes to the right of [ 23.611349] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.612626] [ 23.612911] The buggy address belongs to the physical page: [ 23.613473] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.614295] flags: 0x200000000000000(node=0|zone=2) [ 23.614862] page_type: f5(slab) [ 23.615303] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.616003] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.616772] page dumped because: kasan: bad access detected [ 23.617296] [ 23.617578] Memory state around the buggy address: [ 23.617995] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.618728] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.619432] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.620739] ^ [ 23.621268] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.621736] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.622422] ================================================================== [ 23.126894] ================================================================== [ 23.127554] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 23.129055] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.129723] [ 23.130044] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.130293] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.130337] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.130396] Call Trace: [ 23.130446] <TASK> [ 23.130488] dump_stack_lvl+0x73/0xb0 [ 23.130619] print_report+0xd1/0x650 [ 23.130707] ? __virt_addr_valid+0x1db/0x2d0 [ 23.130785] ? kasan_atomics_helper+0x194a/0x5450 [ 23.130855] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.130894] ? kasan_atomics_helper+0x194a/0x5450 [ 23.130929] kasan_report+0x141/0x180 [ 23.130965] ? kasan_atomics_helper+0x194a/0x5450 [ 23.131006] kasan_check_range+0x10c/0x1c0 [ 23.131036] __kasan_check_write+0x18/0x20 [ 23.131067] kasan_atomics_helper+0x194a/0x5450 [ 23.131102] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.131135] ? ret_from_fork_asm+0x1a/0x30 [ 23.131174] kasan_atomics+0x1dc/0x310 [ 23.131203] ? __pfx_kasan_atomics+0x10/0x10 [ 23.131277] ? __pfx_read_tsc+0x10/0x10 [ 23.131309] ? ktime_get_ts64+0x86/0x230 [ 23.131347] kunit_try_run_case+0x1a5/0x480 [ 23.131385] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.131419] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.131454] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.131489] ? __kthread_parkme+0x82/0x180 [ 23.131519] ? preempt_count_sub+0x50/0x80 [ 23.131555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.131590] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.131652] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.131689] kthread+0x337/0x6f0 [ 23.131713] ? trace_preempt_on+0x20/0xc0 [ 23.131748] ? __pfx_kthread+0x10/0x10 [ 23.131774] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.131807] ? calculate_sigpending+0x7b/0xa0 [ 23.131837] ? __pfx_kthread+0x10/0x10 [ 23.131863] ret_from_fork+0x41/0x80 [ 23.131895] ? __pfx_kthread+0x10/0x10 [ 23.131920] ret_from_fork_asm+0x1a/0x30 [ 23.131962] </TASK> [ 23.131976] [ 23.147304] Allocated by task 286: [ 23.147752] kasan_save_stack+0x45/0x70 [ 23.148182] kasan_save_track+0x18/0x40 [ 23.148699] kasan_save_alloc_info+0x3b/0x50 [ 23.149180] __kasan_kmalloc+0xb7/0xc0 [ 23.149542] __kmalloc_cache_noprof+0x189/0x420 [ 23.150044] kasan_atomics+0x95/0x310 [ 23.150548] kunit_try_run_case+0x1a5/0x480 [ 23.151031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.151614] kthread+0x337/0x6f0 [ 23.151988] ret_from_fork+0x41/0x80 [ 23.152347] ret_from_fork_asm+0x1a/0x30 [ 23.152701] [ 23.152864] The buggy address belongs to the object at ffff888102a2c100 [ 23.152864] which belongs to the cache kmalloc-64 of size 64 [ 23.153921] The buggy address is located 0 bytes to the right of [ 23.153921] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.154843] [ 23.155123] The buggy address belongs to the physical page: [ 23.155742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.156452] flags: 0x200000000000000(node=0|zone=2) [ 23.156938] page_type: f5(slab) [ 23.157363] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.158063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.158765] page dumped because: kasan: bad access detected [ 23.159301] [ 23.159554] Memory state around the buggy address: [ 23.159976] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.160476] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.161111] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.161843] ^ [ 23.162370] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.162930] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.164353] ================================================================== [ 22.233122] ================================================================== [ 22.234314] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 22.235410] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.236116] [ 22.236417] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.236541] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.236577] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.236651] Call Trace: [ 22.236703] <TASK> [ 22.236746] dump_stack_lvl+0x73/0xb0 [ 22.236822] print_report+0xd1/0x650 [ 22.236894] ? __virt_addr_valid+0x1db/0x2d0 [ 22.236968] ? kasan_atomics_helper+0xf10/0x5450 [ 22.237038] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.237112] ? kasan_atomics_helper+0xf10/0x5450 [ 22.237186] kasan_report+0x141/0x180 [ 22.237310] ? kasan_atomics_helper+0xf10/0x5450 [ 22.237398] kasan_check_range+0x10c/0x1c0 [ 22.237470] __kasan_check_write+0x18/0x20 [ 22.237537] kasan_atomics_helper+0xf10/0x5450 [ 22.237630] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.237717] ? ret_from_fork_asm+0x1a/0x30 [ 22.237857] kasan_atomics+0x1dc/0x310 [ 22.237967] ? __pfx_kasan_atomics+0x10/0x10 [ 22.238102] ? __pfx_read_tsc+0x10/0x10 [ 22.238176] ? ktime_get_ts64+0x86/0x230 [ 22.238289] kunit_try_run_case+0x1a5/0x480 [ 22.238362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.238434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.238580] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.238713] ? __kthread_parkme+0x82/0x180 [ 22.238797] ? preempt_count_sub+0x50/0x80 [ 22.238879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.238961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.239041] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.239121] kthread+0x337/0x6f0 [ 22.239188] ? trace_preempt_on+0x20/0xc0 [ 22.239283] ? __pfx_kthread+0x10/0x10 [ 22.239350] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.239422] ? calculate_sigpending+0x7b/0xa0 [ 22.239497] ? __pfx_kthread+0x10/0x10 [ 22.239565] ret_from_fork+0x41/0x80 [ 22.239717] ? __pfx_kthread+0x10/0x10 [ 22.239790] ret_from_fork_asm+0x1a/0x30 [ 22.239883] </TASK> [ 22.239921] [ 22.254838] Allocated by task 286: [ 22.255289] kasan_save_stack+0x45/0x70 [ 22.255703] kasan_save_track+0x18/0x40 [ 22.256150] kasan_save_alloc_info+0x3b/0x50 [ 22.256621] __kasan_kmalloc+0xb7/0xc0 [ 22.257010] __kmalloc_cache_noprof+0x189/0x420 [ 22.257571] kasan_atomics+0x95/0x310 [ 22.257938] kunit_try_run_case+0x1a5/0x480 [ 22.258442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.259014] kthread+0x337/0x6f0 [ 22.259338] ret_from_fork+0x41/0x80 [ 22.259820] ret_from_fork_asm+0x1a/0x30 [ 22.260311] [ 22.260578] The buggy address belongs to the object at ffff888102a2c100 [ 22.260578] which belongs to the cache kmalloc-64 of size 64 [ 22.261548] The buggy address is located 0 bytes to the right of [ 22.261548] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.262696] [ 22.262931] The buggy address belongs to the physical page: [ 22.263501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.264269] flags: 0x200000000000000(node=0|zone=2) [ 22.264792] page_type: f5(slab) [ 22.265170] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.265949] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.266634] page dumped because: kasan: bad access detected [ 22.267061] [ 22.267318] Memory state around the buggy address: [ 22.267821] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.268556] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.269156] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.269651] ^ [ 22.270085] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.270820] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.271537] ================================================================== [ 23.165242] ================================================================== [ 23.165803] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 23.166790] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.167727] [ 23.168876] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.169055] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.169097] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.169154] Call Trace: [ 23.169201] <TASK> [ 23.169284] dump_stack_lvl+0x73/0xb0 [ 23.169361] print_report+0xd1/0x650 [ 23.169433] ? __virt_addr_valid+0x1db/0x2d0 [ 23.169505] ? kasan_atomics_helper+0x19e3/0x5450 [ 23.169577] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.169653] ? kasan_atomics_helper+0x19e3/0x5450 [ 23.169694] kasan_report+0x141/0x180 [ 23.169730] ? kasan_atomics_helper+0x19e3/0x5450 [ 23.169781] kasan_check_range+0x10c/0x1c0 [ 23.169813] __kasan_check_write+0x18/0x20 [ 23.169846] kasan_atomics_helper+0x19e3/0x5450 [ 23.169884] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.169919] ? ret_from_fork_asm+0x1a/0x30 [ 23.169958] kasan_atomics+0x1dc/0x310 [ 23.169987] ? __pfx_kasan_atomics+0x10/0x10 [ 23.170018] ? __pfx_read_tsc+0x10/0x10 [ 23.170047] ? ktime_get_ts64+0x86/0x230 [ 23.170081] kunit_try_run_case+0x1a5/0x480 [ 23.170120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.170154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.170189] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.170258] ? __kthread_parkme+0x82/0x180 [ 23.170295] ? preempt_count_sub+0x50/0x80 [ 23.170335] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.170370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.170405] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.170440] kthread+0x337/0x6f0 [ 23.170465] ? trace_preempt_on+0x20/0xc0 [ 23.170499] ? __pfx_kthread+0x10/0x10 [ 23.170525] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.170557] ? calculate_sigpending+0x7b/0xa0 [ 23.170588] ? __pfx_kthread+0x10/0x10 [ 23.170637] ret_from_fork+0x41/0x80 [ 23.170671] ? __pfx_kthread+0x10/0x10 [ 23.170699] ret_from_fork_asm+0x1a/0x30 [ 23.170742] </TASK> [ 23.170757] [ 23.188635] Allocated by task 286: [ 23.189006] kasan_save_stack+0x45/0x70 [ 23.189539] kasan_save_track+0x18/0x40 [ 23.189882] kasan_save_alloc_info+0x3b/0x50 [ 23.190549] __kasan_kmalloc+0xb7/0xc0 [ 23.190995] __kmalloc_cache_noprof+0x189/0x420 [ 23.191659] kasan_atomics+0x95/0x310 [ 23.192127] kunit_try_run_case+0x1a5/0x480 [ 23.192669] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.193302] kthread+0x337/0x6f0 [ 23.193693] ret_from_fork+0x41/0x80 [ 23.194195] ret_from_fork_asm+0x1a/0x30 [ 23.194712] [ 23.195036] The buggy address belongs to the object at ffff888102a2c100 [ 23.195036] which belongs to the cache kmalloc-64 of size 64 [ 23.196014] The buggy address is located 0 bytes to the right of [ 23.196014] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.197126] [ 23.197465] The buggy address belongs to the physical page: [ 23.197944] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.198782] flags: 0x200000000000000(node=0|zone=2) [ 23.199319] page_type: f5(slab) [ 23.199721] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.200554] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.201293] page dumped because: kasan: bad access detected [ 23.201783] [ 23.202018] Memory state around the buggy address: [ 23.202687] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.203471] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.204110] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.204668] ^ [ 23.205330] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.205894] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.206642] ================================================================== [ 23.662890] ================================================================== [ 23.663397] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 23.664104] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.664813] [ 23.665085] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.665277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.665323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.665380] Call Trace: [ 23.665434] <TASK> [ 23.665482] dump_stack_lvl+0x73/0xb0 [ 23.665559] print_report+0xd1/0x650 [ 23.665656] ? __virt_addr_valid+0x1db/0x2d0 [ 23.665734] ? kasan_atomics_helper+0x4f98/0x5450 [ 23.665836] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.665944] ? kasan_atomics_helper+0x4f98/0x5450 [ 23.666022] kasan_report+0x141/0x180 [ 23.666101] ? kasan_atomics_helper+0x4f98/0x5450 [ 23.666185] __asan_report_load8_noabort+0x18/0x20 [ 23.666313] kasan_atomics_helper+0x4f98/0x5450 [ 23.666444] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.666527] ? ret_from_fork_asm+0x1a/0x30 [ 23.666633] kasan_atomics+0x1dc/0x310 [ 23.666732] ? __pfx_kasan_atomics+0x10/0x10 [ 23.666834] ? __pfx_read_tsc+0x10/0x10 [ 23.666902] ? ktime_get_ts64+0x86/0x230 [ 23.666945] kunit_try_run_case+0x1a5/0x480 [ 23.666986] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.667022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.667060] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.667099] ? __kthread_parkme+0x82/0x180 [ 23.667132] ? preempt_count_sub+0x50/0x80 [ 23.667169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.667204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.667279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.667316] kthread+0x337/0x6f0 [ 23.667341] ? trace_preempt_on+0x20/0xc0 [ 23.667377] ? __pfx_kthread+0x10/0x10 [ 23.667404] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.667437] ? calculate_sigpending+0x7b/0xa0 [ 23.667468] ? __pfx_kthread+0x10/0x10 [ 23.667495] ret_from_fork+0x41/0x80 [ 23.667525] ? __pfx_kthread+0x10/0x10 [ 23.667551] ret_from_fork_asm+0x1a/0x30 [ 23.667592] </TASK> [ 23.667631] [ 23.683396] Allocated by task 286: [ 23.683802] kasan_save_stack+0x45/0x70 [ 23.684276] kasan_save_track+0x18/0x40 [ 23.684716] kasan_save_alloc_info+0x3b/0x50 [ 23.685161] __kasan_kmalloc+0xb7/0xc0 [ 23.685594] __kmalloc_cache_noprof+0x189/0x420 [ 23.686109] kasan_atomics+0x95/0x310 [ 23.686588] kunit_try_run_case+0x1a5/0x480 [ 23.687021] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.687564] kthread+0x337/0x6f0 [ 23.687969] ret_from_fork+0x41/0x80 [ 23.688420] ret_from_fork_asm+0x1a/0x30 [ 23.688911] [ 23.689142] The buggy address belongs to the object at ffff888102a2c100 [ 23.689142] which belongs to the cache kmalloc-64 of size 64 [ 23.690153] The buggy address is located 0 bytes to the right of [ 23.690153] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.691147] [ 23.691402] The buggy address belongs to the physical page: [ 23.691876] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.692671] flags: 0x200000000000000(node=0|zone=2) [ 23.693156] page_type: f5(slab) [ 23.693589] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.694266] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.694748] page dumped because: kasan: bad access detected [ 23.695299] [ 23.695592] Memory state around the buggy address: [ 23.696114] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.696848] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.697549] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.698196] ^ [ 23.698888] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.700156] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.701170] ================================================================== [ 21.292555] ================================================================== [ 21.293358] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 21.294290] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.295005] [ 21.295360] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.295502] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.295545] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.295724] Call Trace: [ 21.295848] <TASK> [ 21.295896] dump_stack_lvl+0x73/0xb0 [ 21.295974] print_report+0xd1/0x650 [ 21.296049] ? __virt_addr_valid+0x1db/0x2d0 [ 21.296126] ? kasan_atomics_helper+0x4b6e/0x5450 [ 21.296268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.296354] ? kasan_atomics_helper+0x4b6e/0x5450 [ 21.296434] kasan_report+0x141/0x180 [ 21.296532] ? kasan_atomics_helper+0x4b6e/0x5450 [ 21.296670] __asan_report_store4_noabort+0x1b/0x30 [ 21.296785] kasan_atomics_helper+0x4b6e/0x5450 [ 21.296873] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.296960] ? ret_from_fork_asm+0x1a/0x30 [ 21.297038] kasan_atomics+0x1dc/0x310 [ 21.297070] ? __pfx_kasan_atomics+0x10/0x10 [ 21.297104] ? __pfx_read_tsc+0x10/0x10 [ 21.297135] ? ktime_get_ts64+0x86/0x230 [ 21.297172] kunit_try_run_case+0x1a5/0x480 [ 21.297231] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.297288] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.297327] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.297364] ? __kthread_parkme+0x82/0x180 [ 21.297397] ? preempt_count_sub+0x50/0x80 [ 21.297437] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.297474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.297509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.297544] kthread+0x337/0x6f0 [ 21.297570] ? trace_preempt_on+0x20/0xc0 [ 21.297652] ? __pfx_kthread+0x10/0x10 [ 21.297729] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.297775] ? calculate_sigpending+0x7b/0xa0 [ 21.297810] ? __pfx_kthread+0x10/0x10 [ 21.297838] ret_from_fork+0x41/0x80 [ 21.297870] ? __pfx_kthread+0x10/0x10 [ 21.297896] ret_from_fork_asm+0x1a/0x30 [ 21.297939] </TASK> [ 21.297954] [ 21.318040] Allocated by task 286: [ 21.318536] kasan_save_stack+0x45/0x70 [ 21.319483] kasan_save_track+0x18/0x40 [ 21.320079] kasan_save_alloc_info+0x3b/0x50 [ 21.320748] __kasan_kmalloc+0xb7/0xc0 [ 21.321203] __kmalloc_cache_noprof+0x189/0x420 [ 21.321868] kasan_atomics+0x95/0x310 [ 21.322309] kunit_try_run_case+0x1a5/0x480 [ 21.322992] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.323591] kthread+0x337/0x6f0 [ 21.324184] ret_from_fork+0x41/0x80 [ 21.324515] ret_from_fork_asm+0x1a/0x30 [ 21.324951] [ 21.325238] The buggy address belongs to the object at ffff888102a2c100 [ 21.325238] which belongs to the cache kmalloc-64 of size 64 [ 21.326965] The buggy address is located 0 bytes to the right of [ 21.326965] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.328394] [ 21.328649] The buggy address belongs to the physical page: [ 21.329122] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.329726] flags: 0x200000000000000(node=0|zone=2) [ 21.330138] page_type: f5(slab) [ 21.330519] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.331555] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.332306] page dumped because: kasan: bad access detected [ 21.332734] [ 21.332965] Memory state around the buggy address: [ 21.333417] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.334936] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.335937] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.337027] ^ [ 21.337996] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.339044] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.339528] ================================================================== [ 22.107356] ================================================================== [ 22.109029] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 22.109784] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.110491] [ 22.110876] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.110981] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.111018] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.111072] Call Trace: [ 22.111117] <TASK> [ 22.111152] dump_stack_lvl+0x73/0xb0 [ 22.111222] print_report+0xd1/0x650 [ 22.111300] ? __virt_addr_valid+0x1db/0x2d0 [ 22.111374] ? kasan_atomics_helper+0xd47/0x5450 [ 22.111575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.111693] ? kasan_atomics_helper+0xd47/0x5450 [ 22.111769] kasan_report+0x141/0x180 [ 22.111848] ? kasan_atomics_helper+0xd47/0x5450 [ 22.111944] kasan_check_range+0x10c/0x1c0 [ 22.112079] __kasan_check_write+0x18/0x20 [ 22.112263] kasan_atomics_helper+0xd47/0x5450 [ 22.112353] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.112434] ? ret_from_fork_asm+0x1a/0x30 [ 22.112525] kasan_atomics+0x1dc/0x310 [ 22.112580] ? __pfx_kasan_atomics+0x10/0x10 [ 22.112640] ? __pfx_read_tsc+0x10/0x10 [ 22.112673] ? ktime_get_ts64+0x86/0x230 [ 22.112713] kunit_try_run_case+0x1a5/0x480 [ 22.112751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.112785] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.112820] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.112855] ? __kthread_parkme+0x82/0x180 [ 22.112887] ? preempt_count_sub+0x50/0x80 [ 22.112923] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.112958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.112993] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.113028] kthread+0x337/0x6f0 [ 22.113053] ? trace_preempt_on+0x20/0xc0 [ 22.113086] ? __pfx_kthread+0x10/0x10 [ 22.113112] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.113143] ? calculate_sigpending+0x7b/0xa0 [ 22.113175] ? __pfx_kthread+0x10/0x10 [ 22.113200] ret_from_fork+0x41/0x80 [ 22.113261] ? __pfx_kthread+0x10/0x10 [ 22.113291] ret_from_fork_asm+0x1a/0x30 [ 22.113333] </TASK> [ 22.113350] [ 22.129904] Allocated by task 286: [ 22.130416] kasan_save_stack+0x45/0x70 [ 22.130907] kasan_save_track+0x18/0x40 [ 22.131315] kasan_save_alloc_info+0x3b/0x50 [ 22.131839] __kasan_kmalloc+0xb7/0xc0 [ 22.132248] __kmalloc_cache_noprof+0x189/0x420 [ 22.132637] kasan_atomics+0x95/0x310 [ 22.133038] kunit_try_run_case+0x1a5/0x480 [ 22.133537] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.133951] kthread+0x337/0x6f0 [ 22.134231] ret_from_fork+0x41/0x80 [ 22.134650] ret_from_fork_asm+0x1a/0x30 [ 22.135207] [ 22.135469] The buggy address belongs to the object at ffff888102a2c100 [ 22.135469] which belongs to the cache kmalloc-64 of size 64 [ 22.136718] The buggy address is located 0 bytes to the right of [ 22.136718] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.137790] [ 22.138099] The buggy address belongs to the physical page: [ 22.138836] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.139665] flags: 0x200000000000000(node=0|zone=2) [ 22.140022] page_type: f5(slab) [ 22.140552] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.141371] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.142096] page dumped because: kasan: bad access detected [ 22.142579] [ 22.144636] Memory state around the buggy address: [ 22.145276] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.147021] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.148977] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.150146] ^ [ 22.150823] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.151481] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.152284] ================================================================== [ 21.340597] ================================================================== [ 21.341407] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 21.342157] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.343100] [ 21.343394] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.343518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.343559] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.343635] Call Trace: [ 21.343692] <TASK> [ 21.343737] dump_stack_lvl+0x73/0xb0 [ 21.343816] print_report+0xd1/0x650 [ 21.343892] ? __virt_addr_valid+0x1db/0x2d0 [ 21.343967] ? kasan_atomics_helper+0x3df/0x5450 [ 21.344047] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.344126] ? kasan_atomics_helper+0x3df/0x5450 [ 21.344207] kasan_report+0x141/0x180 [ 21.344284] ? kasan_atomics_helper+0x3df/0x5450 [ 21.344369] kasan_check_range+0x10c/0x1c0 [ 21.344441] __kasan_check_read+0x15/0x20 [ 21.344509] kasan_atomics_helper+0x3df/0x5450 [ 21.344585] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.344721] ? ret_from_fork_asm+0x1a/0x30 [ 21.344812] kasan_atomics+0x1dc/0x310 [ 21.344890] ? __pfx_kasan_atomics+0x10/0x10 [ 21.344966] ? __pfx_read_tsc+0x10/0x10 [ 21.345036] ? ktime_get_ts64+0x86/0x230 [ 21.345111] kunit_try_run_case+0x1a5/0x480 [ 21.345153] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.345191] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.345264] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.345303] ? __kthread_parkme+0x82/0x180 [ 21.345336] ? preempt_count_sub+0x50/0x80 [ 21.345374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.345410] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.345446] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.345481] kthread+0x337/0x6f0 [ 21.345506] ? trace_preempt_on+0x20/0xc0 [ 21.345542] ? __pfx_kthread+0x10/0x10 [ 21.345569] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.345620] ? calculate_sigpending+0x7b/0xa0 [ 21.345698] ? __pfx_kthread+0x10/0x10 [ 21.345782] ret_from_fork+0x41/0x80 [ 21.345862] ? __pfx_kthread+0x10/0x10 [ 21.345934] ret_from_fork_asm+0x1a/0x30 [ 21.346021] </TASK> [ 21.346039] [ 21.366715] Allocated by task 286: [ 21.367039] kasan_save_stack+0x45/0x70 [ 21.367783] kasan_save_track+0x18/0x40 [ 21.368491] kasan_save_alloc_info+0x3b/0x50 [ 21.369086] __kasan_kmalloc+0xb7/0xc0 [ 21.369396] __kmalloc_cache_noprof+0x189/0x420 [ 21.369874] kasan_atomics+0x95/0x310 [ 21.370176] kunit_try_run_case+0x1a5/0x480 [ 21.370516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.370927] kthread+0x337/0x6f0 [ 21.371194] ret_from_fork+0x41/0x80 [ 21.371481] ret_from_fork_asm+0x1a/0x30 [ 21.372498] [ 21.372708] The buggy address belongs to the object at ffff888102a2c100 [ 21.372708] which belongs to the cache kmalloc-64 of size 64 [ 21.373561] The buggy address is located 0 bytes to the right of [ 21.373561] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.374482] [ 21.374725] The buggy address belongs to the physical page: [ 21.375187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.376347] flags: 0x200000000000000(node=0|zone=2) [ 21.376924] page_type: f5(slab) [ 21.377253] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.378066] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.378787] page dumped because: kasan: bad access detected [ 21.379309] [ 21.379538] Memory state around the buggy address: [ 21.380010] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.381040] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.381805] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.382411] ^ [ 21.382837] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383395] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.383850] ================================================================== [ 21.582454] ================================================================== [ 21.583244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 21.584499] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.585118] [ 21.585988] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.586121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.586159] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.586217] Call Trace: [ 21.586269] <TASK> [ 21.586316] dump_stack_lvl+0x73/0xb0 [ 21.586393] print_report+0xd1/0x650 [ 21.586468] ? __virt_addr_valid+0x1db/0x2d0 [ 21.586543] ? kasan_atomics_helper+0x5fe/0x5450 [ 21.586635] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.586740] ? kasan_atomics_helper+0x5fe/0x5450 [ 21.586826] kasan_report+0x141/0x180 [ 21.586873] ? kasan_atomics_helper+0x5fe/0x5450 [ 21.586917] kasan_check_range+0x10c/0x1c0 [ 21.586950] __kasan_check_write+0x18/0x20 [ 21.586984] kasan_atomics_helper+0x5fe/0x5450 [ 21.587021] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.587057] ? ret_from_fork_asm+0x1a/0x30 [ 21.587099] kasan_atomics+0x1dc/0x310 [ 21.587129] ? __pfx_kasan_atomics+0x10/0x10 [ 21.587159] ? __pfx_read_tsc+0x10/0x10 [ 21.587189] ? ktime_get_ts64+0x86/0x230 [ 21.587226] kunit_try_run_case+0x1a5/0x480 [ 21.587266] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.587301] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.587365] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.587405] ? __kthread_parkme+0x82/0x180 [ 21.587439] ? preempt_count_sub+0x50/0x80 [ 21.587477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.587514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.587549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.587584] kthread+0x337/0x6f0 [ 21.587653] ? trace_preempt_on+0x20/0xc0 [ 21.587729] ? __pfx_kthread+0x10/0x10 [ 21.587761] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.587794] ? calculate_sigpending+0x7b/0xa0 [ 21.587827] ? __pfx_kthread+0x10/0x10 [ 21.587854] ret_from_fork+0x41/0x80 [ 21.587886] ? __pfx_kthread+0x10/0x10 [ 21.587911] ret_from_fork_asm+0x1a/0x30 [ 21.587954] </TASK> [ 21.587969] [ 21.609691] Allocated by task 286: [ 21.610440] kasan_save_stack+0x45/0x70 [ 21.611120] kasan_save_track+0x18/0x40 [ 21.612065] kasan_save_alloc_info+0x3b/0x50 [ 21.613167] __kasan_kmalloc+0xb7/0xc0 [ 21.613874] __kmalloc_cache_noprof+0x189/0x420 [ 21.614267] kasan_atomics+0x95/0x310 [ 21.614566] kunit_try_run_case+0x1a5/0x480 [ 21.615566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.616403] kthread+0x337/0x6f0 [ 21.616737] ret_from_fork+0x41/0x80 [ 21.617326] ret_from_fork_asm+0x1a/0x30 [ 21.617700] [ 21.617963] The buggy address belongs to the object at ffff888102a2c100 [ 21.617963] which belongs to the cache kmalloc-64 of size 64 [ 21.618804] The buggy address is located 0 bytes to the right of [ 21.618804] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.619849] [ 21.620156] The buggy address belongs to the physical page: [ 21.620681] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.621494] flags: 0x200000000000000(node=0|zone=2) [ 21.622472] page_type: f5(slab) [ 21.623174] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.624488] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.625131] page dumped because: kasan: bad access detected [ 21.625894] [ 21.626487] Memory state around the buggy address: [ 21.627057] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.627801] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.628561] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.629152] ^ [ 21.629700] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.630628] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.631649] ================================================================== [ 23.910056] ================================================================== [ 23.910716] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 23.911323] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.911977] [ 23.912305] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.912479] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.912521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.912579] Call Trace: [ 23.912678] <TASK> [ 23.912755] dump_stack_lvl+0x73/0xb0 [ 23.912863] print_report+0xd1/0x650 [ 23.912972] ? __virt_addr_valid+0x1db/0x2d0 [ 23.913050] ? kasan_atomics_helper+0x5115/0x5450 [ 23.913126] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.913201] ? kasan_atomics_helper+0x5115/0x5450 [ 23.913325] kasan_report+0x141/0x180 [ 23.913404] ? kasan_atomics_helper+0x5115/0x5450 [ 23.913492] __asan_report_load8_noabort+0x18/0x20 [ 23.913565] kasan_atomics_helper+0x5115/0x5450 [ 23.913660] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.913741] ? ret_from_fork_asm+0x1a/0x30 [ 23.913844] kasan_atomics+0x1dc/0x310 [ 23.913913] ? __pfx_kasan_atomics+0x10/0x10 [ 23.913985] ? __pfx_read_tsc+0x10/0x10 [ 23.914054] ? ktime_get_ts64+0x86/0x230 [ 23.914176] kunit_try_run_case+0x1a5/0x480 [ 23.914337] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.914425] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.914508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.914588] ? __kthread_parkme+0x82/0x180 [ 23.914680] ? preempt_count_sub+0x50/0x80 [ 23.914724] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.914762] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.914799] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.914836] kthread+0x337/0x6f0 [ 23.914861] ? trace_preempt_on+0x20/0xc0 [ 23.914898] ? __pfx_kthread+0x10/0x10 [ 23.914925] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.914958] ? calculate_sigpending+0x7b/0xa0 [ 23.914990] ? __pfx_kthread+0x10/0x10 [ 23.915019] ret_from_fork+0x41/0x80 [ 23.915050] ? __pfx_kthread+0x10/0x10 [ 23.915076] ret_from_fork_asm+0x1a/0x30 [ 23.915119] </TASK> [ 23.915135] [ 23.930392] Allocated by task 286: [ 23.930819] kasan_save_stack+0x45/0x70 [ 23.931348] kasan_save_track+0x18/0x40 [ 23.931739] kasan_save_alloc_info+0x3b/0x50 [ 23.932267] __kasan_kmalloc+0xb7/0xc0 [ 23.932703] __kmalloc_cache_noprof+0x189/0x420 [ 23.933175] kasan_atomics+0x95/0x310 [ 23.933628] kunit_try_run_case+0x1a5/0x480 [ 23.934094] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.934711] kthread+0x337/0x6f0 [ 23.935097] ret_from_fork+0x41/0x80 [ 23.936031] ret_from_fork_asm+0x1a/0x30 [ 23.936954] [ 23.937197] The buggy address belongs to the object at ffff888102a2c100 [ 23.937197] which belongs to the cache kmalloc-64 of size 64 [ 23.937935] The buggy address is located 0 bytes to the right of [ 23.937935] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.939024] [ 23.939324] The buggy address belongs to the physical page: [ 23.939881] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.940625] flags: 0x200000000000000(node=0|zone=2) [ 23.940978] page_type: f5(slab) [ 23.941307] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.941954] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.942727] page dumped because: kasan: bad access detected [ 23.943338] [ 23.943623] Memory state around the buggy address: [ 23.944121] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.944679] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.945126] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.945851] ^ [ 23.946418] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.947108] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.947787] ================================================================== [ 23.373458] ================================================================== [ 23.374123] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 23.374757] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.375270] [ 23.375545] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.375679] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.375716] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.375771] Call Trace: [ 23.375812] <TASK> [ 23.375850] dump_stack_lvl+0x73/0xb0 [ 23.375922] print_report+0xd1/0x650 [ 23.375999] ? __virt_addr_valid+0x1db/0x2d0 [ 23.376074] ? kasan_atomics_helper+0x1ce1/0x5450 [ 23.376148] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.376268] ? kasan_atomics_helper+0x1ce1/0x5450 [ 23.376352] kasan_report+0x141/0x180 [ 23.376435] ? kasan_atomics_helper+0x1ce1/0x5450 [ 23.376528] kasan_check_range+0x10c/0x1c0 [ 23.376621] __kasan_check_write+0x18/0x20 [ 23.376697] kasan_atomics_helper+0x1ce1/0x5450 [ 23.376778] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.376858] ? ret_from_fork_asm+0x1a/0x30 [ 23.376951] kasan_atomics+0x1dc/0x310 [ 23.377022] ? __pfx_kasan_atomics+0x10/0x10 [ 23.377094] ? __pfx_read_tsc+0x10/0x10 [ 23.377162] ? ktime_get_ts64+0x86/0x230 [ 23.377285] kunit_try_run_case+0x1a5/0x480 [ 23.377375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.377449] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.377521] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.377562] ? __kthread_parkme+0x82/0x180 [ 23.377594] ? preempt_count_sub+0x50/0x80 [ 23.377660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.377699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.377735] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.377784] kthread+0x337/0x6f0 [ 23.377809] ? trace_preempt_on+0x20/0xc0 [ 23.377845] ? __pfx_kthread+0x10/0x10 [ 23.377870] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.377901] ? calculate_sigpending+0x7b/0xa0 [ 23.377931] ? __pfx_kthread+0x10/0x10 [ 23.377956] ret_from_fork+0x41/0x80 [ 23.377988] ? __pfx_kthread+0x10/0x10 [ 23.378013] ret_from_fork_asm+0x1a/0x30 [ 23.378055] </TASK> [ 23.378069] [ 23.394648] Allocated by task 286: [ 23.395083] kasan_save_stack+0x45/0x70 [ 23.395567] kasan_save_track+0x18/0x40 [ 23.396017] kasan_save_alloc_info+0x3b/0x50 [ 23.396515] __kasan_kmalloc+0xb7/0xc0 [ 23.396932] __kmalloc_cache_noprof+0x189/0x420 [ 23.397426] kasan_atomics+0x95/0x310 [ 23.397932] kunit_try_run_case+0x1a5/0x480 [ 23.398528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.399060] kthread+0x337/0x6f0 [ 23.399446] ret_from_fork+0x41/0x80 [ 23.399903] ret_from_fork_asm+0x1a/0x30 [ 23.400394] [ 23.400664] The buggy address belongs to the object at ffff888102a2c100 [ 23.400664] which belongs to the cache kmalloc-64 of size 64 [ 23.401663] The buggy address is located 0 bytes to the right of [ 23.401663] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.402692] [ 23.402962] The buggy address belongs to the physical page: [ 23.403474] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.404212] flags: 0x200000000000000(node=0|zone=2) [ 23.404569] page_type: f5(slab) [ 23.404881] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.405875] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.407302] page dumped because: kasan: bad access detected [ 23.407961] [ 23.408144] Memory state around the buggy address: [ 23.408492] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.409006] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.410498] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.411319] ^ [ 23.411655] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.412203] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.412806] ================================================================== [ 22.193830] ================================================================== [ 22.194414] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 22.195077] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.195828] [ 22.196081] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.196196] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.196278] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.196337] Call Trace: [ 22.196390] <TASK> [ 22.196437] dump_stack_lvl+0x73/0xb0 [ 22.196515] print_report+0xd1/0x650 [ 22.196595] ? __virt_addr_valid+0x1db/0x2d0 [ 22.196688] ? kasan_atomics_helper+0xe78/0x5450 [ 22.196760] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.196829] ? kasan_atomics_helper+0xe78/0x5450 [ 22.196918] kasan_report+0x141/0x180 [ 22.196989] ? kasan_atomics_helper+0xe78/0x5450 [ 22.197070] kasan_check_range+0x10c/0x1c0 [ 22.197138] __kasan_check_write+0x18/0x20 [ 22.197206] kasan_atomics_helper+0xe78/0x5450 [ 22.197367] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.197446] ? ret_from_fork_asm+0x1a/0x30 [ 22.197535] kasan_atomics+0x1dc/0x310 [ 22.197623] ? __pfx_kasan_atomics+0x10/0x10 [ 22.197699] ? __pfx_read_tsc+0x10/0x10 [ 22.197771] ? ktime_get_ts64+0x86/0x230 [ 22.197852] kunit_try_run_case+0x1a5/0x480 [ 22.197932] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.198005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.198081] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.198157] ? __kthread_parkme+0x82/0x180 [ 22.198313] ? preempt_count_sub+0x50/0x80 [ 22.198404] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.198481] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.198557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.198654] kthread+0x337/0x6f0 [ 22.198720] ? trace_preempt_on+0x20/0xc0 [ 22.198803] ? __pfx_kthread+0x10/0x10 [ 22.198910] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.198995] ? calculate_sigpending+0x7b/0xa0 [ 22.199072] ? __pfx_kthread+0x10/0x10 [ 22.199141] ret_from_fork+0x41/0x80 [ 22.199284] ? __pfx_kthread+0x10/0x10 [ 22.199365] ret_from_fork_asm+0x1a/0x30 [ 22.199466] </TASK> [ 22.199504] [ 22.214630] Allocated by task 286: [ 22.215025] kasan_save_stack+0x45/0x70 [ 22.215478] kasan_save_track+0x18/0x40 [ 22.215965] kasan_save_alloc_info+0x3b/0x50 [ 22.216459] __kasan_kmalloc+0xb7/0xc0 [ 22.216903] __kmalloc_cache_noprof+0x189/0x420 [ 22.217444] kasan_atomics+0x95/0x310 [ 22.217783] kunit_try_run_case+0x1a5/0x480 [ 22.218264] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.218821] kthread+0x337/0x6f0 [ 22.219124] ret_from_fork+0x41/0x80 [ 22.219522] ret_from_fork_asm+0x1a/0x30 [ 22.220026] [ 22.220254] The buggy address belongs to the object at ffff888102a2c100 [ 22.220254] which belongs to the cache kmalloc-64 of size 64 [ 22.221170] The buggy address is located 0 bytes to the right of [ 22.221170] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.222205] [ 22.222436] The buggy address belongs to the physical page: [ 22.222972] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.223757] flags: 0x200000000000000(node=0|zone=2) [ 22.224318] page_type: f5(slab) [ 22.224745] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.225437] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.226102] page dumped because: kasan: bad access detected [ 22.226634] [ 22.226864] Memory state around the buggy address: [ 22.227389] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.228054] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.228715] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.229379] ^ [ 22.229843] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.230477] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.231086] ================================================================== [ 22.762909] ================================================================== [ 22.764097] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 22.764752] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.765316] [ 22.765617] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.765743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.765793] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.765857] Call Trace: [ 22.765909] <TASK> [ 22.765960] dump_stack_lvl+0x73/0xb0 [ 22.766043] print_report+0xd1/0x650 [ 22.766121] ? __virt_addr_valid+0x1db/0x2d0 [ 22.766198] ? kasan_atomics_helper+0x1467/0x5450 [ 22.766278] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.766358] ? kasan_atomics_helper+0x1467/0x5450 [ 22.766434] kasan_report+0x141/0x180 [ 22.766515] ? kasan_atomics_helper+0x1467/0x5450 [ 22.766622] kasan_check_range+0x10c/0x1c0 [ 22.766701] __kasan_check_write+0x18/0x20 [ 22.766773] kasan_atomics_helper+0x1467/0x5450 [ 22.766855] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.766929] ? ret_from_fork_asm+0x1a/0x30 [ 22.766981] kasan_atomics+0x1dc/0x310 [ 22.767013] ? __pfx_kasan_atomics+0x10/0x10 [ 22.767046] ? __pfx_read_tsc+0x10/0x10 [ 22.767075] ? ktime_get_ts64+0x86/0x230 [ 22.767112] kunit_try_run_case+0x1a5/0x480 [ 22.767149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.767185] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.767251] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.767299] ? __kthread_parkme+0x82/0x180 [ 22.767334] ? preempt_count_sub+0x50/0x80 [ 22.767375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.767412] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.767447] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.767484] kthread+0x337/0x6f0 [ 22.767509] ? trace_preempt_on+0x20/0xc0 [ 22.767546] ? __pfx_kthread+0x10/0x10 [ 22.767573] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.767628] ? calculate_sigpending+0x7b/0xa0 [ 22.767665] ? __pfx_kthread+0x10/0x10 [ 22.767693] ret_from_fork+0x41/0x80 [ 22.767724] ? __pfx_kthread+0x10/0x10 [ 22.767751] ret_from_fork_asm+0x1a/0x30 [ 22.767794] </TASK> [ 22.767809] [ 22.785122] Allocated by task 286: [ 22.785540] kasan_save_stack+0x45/0x70 [ 22.786313] kasan_save_track+0x18/0x40 [ 22.786983] kasan_save_alloc_info+0x3b/0x50 [ 22.787384] __kasan_kmalloc+0xb7/0xc0 [ 22.787811] __kmalloc_cache_noprof+0x189/0x420 [ 22.788281] kasan_atomics+0x95/0x310 [ 22.788737] kunit_try_run_case+0x1a5/0x480 [ 22.789185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.789787] kthread+0x337/0x6f0 [ 22.790069] ret_from_fork+0x41/0x80 [ 22.790369] ret_from_fork_asm+0x1a/0x30 [ 22.790995] [ 22.791286] The buggy address belongs to the object at ffff888102a2c100 [ 22.791286] which belongs to the cache kmalloc-64 of size 64 [ 22.792752] The buggy address is located 0 bytes to the right of [ 22.792752] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.794170] [ 22.794361] The buggy address belongs to the physical page: [ 22.795090] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.796180] flags: 0x200000000000000(node=0|zone=2) [ 22.796581] page_type: f5(slab) [ 22.796872] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.797595] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.798552] page dumped because: kasan: bad access detected [ 22.798951] [ 22.799391] Memory state around the buggy address: [ 22.800023] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.800682] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.801275] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.801887] ^ [ 22.802396] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.803048] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.803662] ================================================================== [ 22.722175] ================================================================== [ 22.723171] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 22.724745] Read of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.725932] [ 22.726525] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.726628] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.726650] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.726681] Call Trace: [ 22.726707] <TASK> [ 22.726727] dump_stack_lvl+0x73/0xb0 [ 22.726766] print_report+0xd1/0x650 [ 22.726803] ? __virt_addr_valid+0x1db/0x2d0 [ 22.726838] ? kasan_atomics_helper+0x4eae/0x5450 [ 22.726872] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.726908] ? kasan_atomics_helper+0x4eae/0x5450 [ 22.726942] kasan_report+0x141/0x180 [ 22.726978] ? kasan_atomics_helper+0x4eae/0x5450 [ 22.727018] __asan_report_load8_noabort+0x18/0x20 [ 22.727051] kasan_atomics_helper+0x4eae/0x5450 [ 22.727087] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.727122] ? ret_from_fork_asm+0x1a/0x30 [ 22.727163] kasan_atomics+0x1dc/0x310 [ 22.727192] ? __pfx_kasan_atomics+0x10/0x10 [ 22.727259] ? __pfx_read_tsc+0x10/0x10 [ 22.727294] ? ktime_get_ts64+0x86/0x230 [ 22.727335] kunit_try_run_case+0x1a5/0x480 [ 22.727374] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.727409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.727446] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.727484] ? __kthread_parkme+0x82/0x180 [ 22.727517] ? preempt_count_sub+0x50/0x80 [ 22.727555] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.727592] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.727650] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.727688] kthread+0x337/0x6f0 [ 22.727712] ? trace_preempt_on+0x20/0xc0 [ 22.727749] ? __pfx_kthread+0x10/0x10 [ 22.727776] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.727809] ? calculate_sigpending+0x7b/0xa0 [ 22.727841] ? __pfx_kthread+0x10/0x10 [ 22.727868] ret_from_fork+0x41/0x80 [ 22.727900] ? __pfx_kthread+0x10/0x10 [ 22.727925] ret_from_fork_asm+0x1a/0x30 [ 22.727968] </TASK> [ 22.727983] [ 22.744292] Allocated by task 286: [ 22.744622] kasan_save_stack+0x45/0x70 [ 22.744954] kasan_save_track+0x18/0x40 [ 22.745327] kasan_save_alloc_info+0x3b/0x50 [ 22.745801] __kasan_kmalloc+0xb7/0xc0 [ 22.746260] __kmalloc_cache_noprof+0x189/0x420 [ 22.746744] kasan_atomics+0x95/0x310 [ 22.747142] kunit_try_run_case+0x1a5/0x480 [ 22.747644] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.748162] kthread+0x337/0x6f0 [ 22.748519] ret_from_fork+0x41/0x80 [ 22.748950] ret_from_fork_asm+0x1a/0x30 [ 22.749370] [ 22.749623] The buggy address belongs to the object at ffff888102a2c100 [ 22.749623] which belongs to the cache kmalloc-64 of size 64 [ 22.750379] The buggy address is located 0 bytes to the right of [ 22.750379] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.751411] [ 22.751648] The buggy address belongs to the physical page: [ 22.752096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.752704] flags: 0x200000000000000(node=0|zone=2) [ 22.753058] page_type: f5(slab) [ 22.753471] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.754138] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.754839] page dumped because: kasan: bad access detected [ 22.755367] [ 22.755627] Memory state around the buggy address: [ 22.756075] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.756598] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.757261] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.757928] ^ [ 22.759308] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.759939] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.761645] ================================================================== [ 22.890157] ================================================================== [ 22.890844] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 22.891522] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.892147] [ 22.892382] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.892501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.892543] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.892598] Call Trace: [ 22.892668] <TASK> [ 22.892709] dump_stack_lvl+0x73/0xb0 [ 22.892786] print_report+0xd1/0x650 [ 22.892868] ? __virt_addr_valid+0x1db/0x2d0 [ 22.892943] ? kasan_atomics_helper+0x15b6/0x5450 [ 22.893022] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.893100] ? kasan_atomics_helper+0x15b6/0x5450 [ 22.893173] kasan_report+0x141/0x180 [ 22.893251] ? kasan_atomics_helper+0x15b6/0x5450 [ 22.893343] kasan_check_range+0x10c/0x1c0 [ 22.893415] __kasan_check_write+0x18/0x20 [ 22.893485] kasan_atomics_helper+0x15b6/0x5450 [ 22.893566] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.893684] ? ret_from_fork_asm+0x1a/0x30 [ 22.893831] kasan_atomics+0x1dc/0x310 [ 22.893934] ? __pfx_kasan_atomics+0x10/0x10 [ 22.893992] ? __pfx_read_tsc+0x10/0x10 [ 22.894024] ? ktime_get_ts64+0x86/0x230 [ 22.894062] kunit_try_run_case+0x1a5/0x480 [ 22.894100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.894168] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.894261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.894364] ? __kthread_parkme+0x82/0x180 [ 22.894469] ? preempt_count_sub+0x50/0x80 [ 22.894560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.894680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.894793] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.894875] kthread+0x337/0x6f0 [ 22.894947] ? trace_preempt_on+0x20/0xc0 [ 22.894989] ? __pfx_kthread+0x10/0x10 [ 22.895035] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.895072] ? calculate_sigpending+0x7b/0xa0 [ 22.895119] ? __pfx_kthread+0x10/0x10 [ 22.895151] ret_from_fork+0x41/0x80 [ 22.895185] ? __pfx_kthread+0x10/0x10 [ 22.895251] ret_from_fork_asm+0x1a/0x30 [ 22.895316] </TASK> [ 22.895334] [ 22.910386] Allocated by task 286: [ 22.910784] kasan_save_stack+0x45/0x70 [ 22.911190] kasan_save_track+0x18/0x40 [ 22.911691] kasan_save_alloc_info+0x3b/0x50 [ 22.912122] __kasan_kmalloc+0xb7/0xc0 [ 22.912478] __kmalloc_cache_noprof+0x189/0x420 [ 22.912840] kasan_atomics+0x95/0x310 [ 22.913290] kunit_try_run_case+0x1a5/0x480 [ 22.913802] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.914384] kthread+0x337/0x6f0 [ 22.914763] ret_from_fork+0x41/0x80 [ 22.915244] ret_from_fork_asm+0x1a/0x30 [ 22.915659] [ 22.915901] The buggy address belongs to the object at ffff888102a2c100 [ 22.915901] which belongs to the cache kmalloc-64 of size 64 [ 22.916675] The buggy address is located 0 bytes to the right of [ 22.916675] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.917820] [ 22.918059] The buggy address belongs to the physical page: [ 22.918523] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.919022] flags: 0x200000000000000(node=0|zone=2) [ 22.919565] page_type: f5(slab) [ 22.919995] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.920742] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.921404] page dumped because: kasan: bad access detected [ 22.921928] [ 22.922155] Memory state around the buggy address: [ 22.922622] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.923109] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.923820] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.924480] ^ [ 22.925006] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.925668] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.926273] ================================================================== [ 21.384947] ================================================================== [ 21.385970] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 21.386831] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.387530] [ 21.387936] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.388057] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.388098] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.388154] Call Trace: [ 21.388207] <TASK> [ 21.388252] dump_stack_lvl+0x73/0xb0 [ 21.388377] print_report+0xd1/0x650 [ 21.388457] ? __virt_addr_valid+0x1db/0x2d0 [ 21.388540] ? kasan_atomics_helper+0x4b54/0x5450 [ 21.388752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.388836] ? kasan_atomics_helper+0x4b54/0x5450 [ 21.388914] kasan_report+0x141/0x180 [ 21.388996] ? kasan_atomics_helper+0x4b54/0x5450 [ 21.389087] __asan_report_load4_noabort+0x18/0x20 [ 21.389163] kasan_atomics_helper+0x4b54/0x5450 [ 21.389242] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.389362] ? ret_from_fork_asm+0x1a/0x30 [ 21.389451] kasan_atomics+0x1dc/0x310 [ 21.389523] ? __pfx_kasan_atomics+0x10/0x10 [ 21.389632] ? __pfx_read_tsc+0x10/0x10 [ 21.389807] ? ktime_get_ts64+0x86/0x230 [ 21.389894] kunit_try_run_case+0x1a5/0x480 [ 21.389974] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.390044] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.390119] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.390160] ? __kthread_parkme+0x82/0x180 [ 21.390192] ? preempt_count_sub+0x50/0x80 [ 21.390229] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.390268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.390304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.390339] kthread+0x337/0x6f0 [ 21.390364] ? trace_preempt_on+0x20/0xc0 [ 21.390400] ? __pfx_kthread+0x10/0x10 [ 21.390425] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.390458] ? calculate_sigpending+0x7b/0xa0 [ 21.390489] ? __pfx_kthread+0x10/0x10 [ 21.390515] ret_from_fork+0x41/0x80 [ 21.390547] ? __pfx_kthread+0x10/0x10 [ 21.390573] ret_from_fork_asm+0x1a/0x30 [ 21.390686] </TASK> [ 21.390736] [ 21.412154] Allocated by task 286: [ 21.412540] kasan_save_stack+0x45/0x70 [ 21.413261] kasan_save_track+0x18/0x40 [ 21.413787] kasan_save_alloc_info+0x3b/0x50 [ 21.414272] __kasan_kmalloc+0xb7/0xc0 [ 21.414737] __kmalloc_cache_noprof+0x189/0x420 [ 21.415256] kasan_atomics+0x95/0x310 [ 21.415679] kunit_try_run_case+0x1a5/0x480 [ 21.416142] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.416666] kthread+0x337/0x6f0 [ 21.417025] ret_from_fork+0x41/0x80 [ 21.417446] ret_from_fork_asm+0x1a/0x30 [ 21.417901] [ 21.418136] The buggy address belongs to the object at ffff888102a2c100 [ 21.418136] which belongs to the cache kmalloc-64 of size 64 [ 21.419581] The buggy address is located 0 bytes to the right of [ 21.419581] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.421647] [ 21.421840] The buggy address belongs to the physical page: [ 21.422438] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.423666] flags: 0x200000000000000(node=0|zone=2) [ 21.424497] page_type: f5(slab) [ 21.424897] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.425856] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.426327] page dumped because: kasan: bad access detected [ 21.426870] [ 21.427401] Memory state around the buggy address: [ 21.428129] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.429247] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.430076] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.430726] ^ [ 21.431513] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.432182] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.432951] ================================================================== [ 23.004295] ================================================================== [ 23.004785] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 23.005861] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.006508] [ 23.006765] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.006871] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.006892] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.006923] Call Trace: [ 23.006947] <TASK> [ 23.006969] dump_stack_lvl+0x73/0xb0 [ 23.007049] print_report+0xd1/0x650 [ 23.007202] ? __virt_addr_valid+0x1db/0x2d0 [ 23.007323] ? kasan_atomics_helper+0x177f/0x5450 [ 23.007397] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.007474] ? kasan_atomics_helper+0x177f/0x5450 [ 23.007547] kasan_report+0x141/0x180 [ 23.007644] ? kasan_atomics_helper+0x177f/0x5450 [ 23.007721] kasan_check_range+0x10c/0x1c0 [ 23.007754] __kasan_check_write+0x18/0x20 [ 23.007784] kasan_atomics_helper+0x177f/0x5450 [ 23.007819] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.007854] ? ret_from_fork_asm+0x1a/0x30 [ 23.007893] kasan_atomics+0x1dc/0x310 [ 23.007924] ? __pfx_kasan_atomics+0x10/0x10 [ 23.007954] ? __pfx_read_tsc+0x10/0x10 [ 23.007983] ? ktime_get_ts64+0x86/0x230 [ 23.008019] kunit_try_run_case+0x1a5/0x480 [ 23.008056] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.008090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.008127] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.008161] ? __kthread_parkme+0x82/0x180 [ 23.008193] ? preempt_count_sub+0x50/0x80 [ 23.008270] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.008311] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.008346] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.008381] kthread+0x337/0x6f0 [ 23.008406] ? trace_preempt_on+0x20/0xc0 [ 23.008441] ? __pfx_kthread+0x10/0x10 [ 23.008467] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.008499] ? calculate_sigpending+0x7b/0xa0 [ 23.008530] ? __pfx_kthread+0x10/0x10 [ 23.008555] ret_from_fork+0x41/0x80 [ 23.008587] ? __pfx_kthread+0x10/0x10 [ 23.008638] ret_from_fork_asm+0x1a/0x30 [ 23.008683] </TASK> [ 23.008698] [ 23.023988] Allocated by task 286: [ 23.024285] kasan_save_stack+0x45/0x70 [ 23.024597] kasan_save_track+0x18/0x40 [ 23.025026] kasan_save_alloc_info+0x3b/0x50 [ 23.025458] __kasan_kmalloc+0xb7/0xc0 [ 23.025887] __kmalloc_cache_noprof+0x189/0x420 [ 23.026344] kasan_atomics+0x95/0x310 [ 23.026842] kunit_try_run_case+0x1a5/0x480 [ 23.027358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.027894] kthread+0x337/0x6f0 [ 23.028183] ret_from_fork+0x41/0x80 [ 23.028538] ret_from_fork_asm+0x1a/0x30 [ 23.028994] [ 23.029298] The buggy address belongs to the object at ffff888102a2c100 [ 23.029298] which belongs to the cache kmalloc-64 of size 64 [ 23.030400] The buggy address is located 0 bytes to the right of [ 23.030400] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.031293] [ 23.031478] The buggy address belongs to the physical page: [ 23.031949] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.032680] flags: 0x200000000000000(node=0|zone=2) [ 23.033247] page_type: f5(slab) [ 23.033680] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.034284] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.034814] page dumped because: kasan: bad access detected [ 23.035409] [ 23.035654] Memory state around the buggy address: [ 23.036148] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.036863] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.037418] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.038082] ^ [ 23.038645] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.039280] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.040004] ================================================================== [ 23.042937] ================================================================== [ 23.044277] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 23.046053] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.047380] [ 23.047664] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.047795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.047837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.047940] Call Trace: [ 23.047995] <TASK> [ 23.048045] dump_stack_lvl+0x73/0xb0 [ 23.048125] print_report+0xd1/0x650 [ 23.048198] ? __virt_addr_valid+0x1db/0x2d0 [ 23.048272] ? kasan_atomics_helper+0x1818/0x5450 [ 23.048345] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.048443] ? kasan_atomics_helper+0x1818/0x5450 [ 23.048500] kasan_report+0x141/0x180 [ 23.048538] ? kasan_atomics_helper+0x1818/0x5450 [ 23.048581] kasan_check_range+0x10c/0x1c0 [ 23.048636] __kasan_check_write+0x18/0x20 [ 23.048671] kasan_atomics_helper+0x1818/0x5450 [ 23.048706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.048742] ? ret_from_fork_asm+0x1a/0x30 [ 23.048782] kasan_atomics+0x1dc/0x310 [ 23.048811] ? __pfx_kasan_atomics+0x10/0x10 [ 23.048841] ? __pfx_read_tsc+0x10/0x10 [ 23.048872] ? ktime_get_ts64+0x86/0x230 [ 23.048912] kunit_try_run_case+0x1a5/0x480 [ 23.048950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.048985] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.049023] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.049060] ? __kthread_parkme+0x82/0x180 [ 23.049093] ? preempt_count_sub+0x50/0x80 [ 23.049133] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.049169] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.049209] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.049274] kthread+0x337/0x6f0 [ 23.049303] ? trace_preempt_on+0x20/0xc0 [ 23.049341] ? __pfx_kthread+0x10/0x10 [ 23.049367] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.049400] ? calculate_sigpending+0x7b/0xa0 [ 23.049433] ? __pfx_kthread+0x10/0x10 [ 23.049460] ret_from_fork+0x41/0x80 [ 23.049493] ? __pfx_kthread+0x10/0x10 [ 23.049520] ret_from_fork_asm+0x1a/0x30 [ 23.049562] </TASK> [ 23.049577] [ 23.066712] Allocated by task 286: [ 23.067143] kasan_save_stack+0x45/0x70 [ 23.067656] kasan_save_track+0x18/0x40 [ 23.068039] kasan_save_alloc_info+0x3b/0x50 [ 23.068714] __kasan_kmalloc+0xb7/0xc0 [ 23.069182] __kmalloc_cache_noprof+0x189/0x420 [ 23.069767] kasan_atomics+0x95/0x310 [ 23.070183] kunit_try_run_case+0x1a5/0x480 [ 23.070761] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.071419] kthread+0x337/0x6f0 [ 23.071786] ret_from_fork+0x41/0x80 [ 23.072288] ret_from_fork_asm+0x1a/0x30 [ 23.072790] [ 23.073002] The buggy address belongs to the object at ffff888102a2c100 [ 23.073002] which belongs to the cache kmalloc-64 of size 64 [ 23.074129] The buggy address is located 0 bytes to the right of [ 23.074129] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.075341] [ 23.075580] The buggy address belongs to the physical page: [ 23.076082] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.076757] flags: 0x200000000000000(node=0|zone=2) [ 23.077250] page_type: f5(slab) [ 23.077710] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.078204] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.078795] page dumped because: kasan: bad access detected [ 23.079366] [ 23.079597] Memory state around the buggy address: [ 23.080152] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.080906] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.081578] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.082166] ^ [ 23.082546] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.083882] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.084457] ================================================================== [ 23.703453] ================================================================== [ 23.704136] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 23.704728] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.705398] [ 23.705681] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.705814] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.705854] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.705912] Call Trace: [ 23.705962] <TASK> [ 23.706006] dump_stack_lvl+0x73/0xb0 [ 23.706085] print_report+0xd1/0x650 [ 23.706197] ? __virt_addr_valid+0x1db/0x2d0 [ 23.706279] ? kasan_atomics_helper+0x20c8/0x5450 [ 23.706355] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.706432] ? kasan_atomics_helper+0x20c8/0x5450 [ 23.706502] kasan_report+0x141/0x180 [ 23.706583] ? kasan_atomics_helper+0x20c8/0x5450 [ 23.706720] kasan_check_range+0x10c/0x1c0 [ 23.706803] __kasan_check_write+0x18/0x20 [ 23.706879] kasan_atomics_helper+0x20c8/0x5450 [ 23.706959] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.707036] ? ret_from_fork_asm+0x1a/0x30 [ 23.707107] kasan_atomics+0x1dc/0x310 [ 23.707141] ? __pfx_kasan_atomics+0x10/0x10 [ 23.707173] ? __pfx_read_tsc+0x10/0x10 [ 23.707204] ? ktime_get_ts64+0x86/0x230 [ 23.707272] kunit_try_run_case+0x1a5/0x480 [ 23.707315] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.707351] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.707388] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.707423] ? __kthread_parkme+0x82/0x180 [ 23.707454] ? preempt_count_sub+0x50/0x80 [ 23.707492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.707530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.707564] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.707599] kthread+0x337/0x6f0 [ 23.707652] ? trace_preempt_on+0x20/0xc0 [ 23.707689] ? __pfx_kthread+0x10/0x10 [ 23.707715] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.707749] ? calculate_sigpending+0x7b/0xa0 [ 23.707781] ? __pfx_kthread+0x10/0x10 [ 23.707809] ret_from_fork+0x41/0x80 [ 23.707841] ? __pfx_kthread+0x10/0x10 [ 23.707869] ret_from_fork_asm+0x1a/0x30 [ 23.707911] </TASK> [ 23.707927] [ 23.725631] Allocated by task 286: [ 23.725936] kasan_save_stack+0x45/0x70 [ 23.726429] kasan_save_track+0x18/0x40 [ 23.726927] kasan_save_alloc_info+0x3b/0x50 [ 23.727468] __kasan_kmalloc+0xb7/0xc0 [ 23.727928] __kmalloc_cache_noprof+0x189/0x420 [ 23.728441] kasan_atomics+0x95/0x310 [ 23.728882] kunit_try_run_case+0x1a5/0x480 [ 23.729326] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.729917] kthread+0x337/0x6f0 [ 23.731122] ret_from_fork+0x41/0x80 [ 23.731532] ret_from_fork_asm+0x1a/0x30 [ 23.732060] [ 23.732385] The buggy address belongs to the object at ffff888102a2c100 [ 23.732385] which belongs to the cache kmalloc-64 of size 64 [ 23.733345] The buggy address is located 0 bytes to the right of [ 23.733345] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.734525] [ 23.734921] The buggy address belongs to the physical page: [ 23.735534] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.736330] flags: 0x200000000000000(node=0|zone=2) [ 23.736843] page_type: f5(slab) [ 23.737286] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.738018] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.738558] page dumped because: kasan: bad access detected [ 23.739168] [ 23.739486] Memory state around the buggy address: [ 23.740020] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.740744] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.741478] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.742102] ^ [ 23.742688] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.743274] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.743860] ================================================================== [ 23.291412] ================================================================== [ 23.292233] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 23.292971] Write of size 8 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 23.293688] [ 23.294009] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 23.294420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.294462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.294553] Call Trace: [ 23.294621] <TASK> [ 23.294665] dump_stack_lvl+0x73/0xb0 [ 23.294746] print_report+0xd1/0x650 [ 23.294865] ? __virt_addr_valid+0x1db/0x2d0 [ 23.294972] ? kasan_atomics_helper+0x1c18/0x5450 [ 23.295050] ? kasan_complete_mode_report_info+0x2a/0x200 [ 23.295129] ? kasan_atomics_helper+0x1c18/0x5450 [ 23.295206] kasan_report+0x141/0x180 [ 23.295288] ? kasan_atomics_helper+0x1c18/0x5450 [ 23.295377] kasan_check_range+0x10c/0x1c0 [ 23.295449] __kasan_check_write+0x18/0x20 [ 23.295518] kasan_atomics_helper+0x1c18/0x5450 [ 23.295594] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 23.295691] ? ret_from_fork_asm+0x1a/0x30 [ 23.295776] kasan_atomics+0x1dc/0x310 [ 23.295836] ? __pfx_kasan_atomics+0x10/0x10 [ 23.295871] ? __pfx_read_tsc+0x10/0x10 [ 23.295900] ? ktime_get_ts64+0x86/0x230 [ 23.295941] kunit_try_run_case+0x1a5/0x480 [ 23.295980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.296016] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 23.296054] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 23.296091] ? __kthread_parkme+0x82/0x180 [ 23.296124] ? preempt_count_sub+0x50/0x80 [ 23.296161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 23.296199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.296265] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 23.296304] kthread+0x337/0x6f0 [ 23.296329] ? trace_preempt_on+0x20/0xc0 [ 23.296365] ? __pfx_kthread+0x10/0x10 [ 23.296390] ? _raw_spin_unlock_irq+0x47/0x80 [ 23.296422] ? calculate_sigpending+0x7b/0xa0 [ 23.296454] ? __pfx_kthread+0x10/0x10 [ 23.296482] ret_from_fork+0x41/0x80 [ 23.296514] ? __pfx_kthread+0x10/0x10 [ 23.296541] ret_from_fork_asm+0x1a/0x30 [ 23.296582] </TASK> [ 23.296598] [ 23.312075] Allocated by task 286: [ 23.312517] kasan_save_stack+0x45/0x70 [ 23.312964] kasan_save_track+0x18/0x40 [ 23.313404] kasan_save_alloc_info+0x3b/0x50 [ 23.313920] __kasan_kmalloc+0xb7/0xc0 [ 23.314431] __kmalloc_cache_noprof+0x189/0x420 [ 23.314908] kasan_atomics+0x95/0x310 [ 23.315250] kunit_try_run_case+0x1a5/0x480 [ 23.315725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.316383] kthread+0x337/0x6f0 [ 23.316808] ret_from_fork+0x41/0x80 [ 23.317204] ret_from_fork_asm+0x1a/0x30 [ 23.317595] [ 23.317912] The buggy address belongs to the object at ffff888102a2c100 [ 23.317912] which belongs to the cache kmalloc-64 of size 64 [ 23.318778] The buggy address is located 0 bytes to the right of [ 23.318778] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 23.319876] [ 23.320128] The buggy address belongs to the physical page: [ 23.320705] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 23.321419] flags: 0x200000000000000(node=0|zone=2) [ 23.321906] page_type: f5(slab) [ 23.322359] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 23.323052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 23.323635] page dumped because: kasan: bad access detected [ 23.323997] [ 23.324179] Memory state around the buggy address: [ 23.324739] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.325454] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 23.326135] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 23.326828] ^ [ 23.327159] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.327817] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 23.328563] ================================================================== [ 22.477502] ================================================================== [ 22.479120] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 22.480679] Read of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 22.482289] [ 22.483126] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 22.483262] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.483302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.483357] Call Trace: [ 22.483409] <TASK> [ 22.483448] dump_stack_lvl+0x73/0xb0 [ 22.483488] print_report+0xd1/0x650 [ 22.483568] ? __virt_addr_valid+0x1db/0x2d0 [ 22.483639] ? kasan_atomics_helper+0x4a02/0x5450 [ 22.483683] ? kasan_complete_mode_report_info+0x2a/0x200 [ 22.483719] ? kasan_atomics_helper+0x4a02/0x5450 [ 22.483752] kasan_report+0x141/0x180 [ 22.483788] ? kasan_atomics_helper+0x4a02/0x5450 [ 22.483830] __asan_report_load4_noabort+0x18/0x20 [ 22.483863] kasan_atomics_helper+0x4a02/0x5450 [ 22.483897] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 22.483931] ? ret_from_fork_asm+0x1a/0x30 [ 22.483970] kasan_atomics+0x1dc/0x310 [ 22.483999] ? __pfx_kasan_atomics+0x10/0x10 [ 22.484029] ? __pfx_read_tsc+0x10/0x10 [ 22.484057] ? ktime_get_ts64+0x86/0x230 [ 22.484093] kunit_try_run_case+0x1a5/0x480 [ 22.484129] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.484163] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 22.484199] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 22.484261] ? __kthread_parkme+0x82/0x180 [ 22.484297] ? preempt_count_sub+0x50/0x80 [ 22.484334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 22.484370] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.484404] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 22.484440] kthread+0x337/0x6f0 [ 22.484464] ? trace_preempt_on+0x20/0xc0 [ 22.484499] ? __pfx_kthread+0x10/0x10 [ 22.484523] ? _raw_spin_unlock_irq+0x47/0x80 [ 22.484556] ? calculate_sigpending+0x7b/0xa0 [ 22.484587] ? __pfx_kthread+0x10/0x10 [ 22.484636] ret_from_fork+0x41/0x80 [ 22.484672] ? __pfx_kthread+0x10/0x10 [ 22.484697] ret_from_fork_asm+0x1a/0x30 [ 22.484739] </TASK> [ 22.484754] [ 22.501856] Allocated by task 286: [ 22.502320] kasan_save_stack+0x45/0x70 [ 22.502843] kasan_save_track+0x18/0x40 [ 22.503410] kasan_save_alloc_info+0x3b/0x50 [ 22.503946] __kasan_kmalloc+0xb7/0xc0 [ 22.504465] __kmalloc_cache_noprof+0x189/0x420 [ 22.505047] kasan_atomics+0x95/0x310 [ 22.505518] kunit_try_run_case+0x1a5/0x480 [ 22.506007] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.506501] kthread+0x337/0x6f0 [ 22.506972] ret_from_fork+0x41/0x80 [ 22.507424] ret_from_fork_asm+0x1a/0x30 [ 22.507888] [ 22.508123] The buggy address belongs to the object at ffff888102a2c100 [ 22.508123] which belongs to the cache kmalloc-64 of size 64 [ 22.508940] The buggy address is located 0 bytes to the right of [ 22.508940] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 22.509783] [ 22.510023] The buggy address belongs to the physical page: [ 22.510515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 22.511581] flags: 0x200000000000000(node=0|zone=2) [ 22.512249] page_type: f5(slab) [ 22.512673] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 22.513249] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 22.513843] page dumped because: kasan: bad access detected [ 22.514660] [ 22.514981] Memory state around the buggy address: [ 22.515497] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.516137] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 22.516779] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 22.517368] ^ [ 22.517933] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.518647] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 22.519434] ================================================================== [ 21.828997] ================================================================== [ 21.829910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 21.831261] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.832413] [ 21.832657] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.832724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.832743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.832773] Call Trace: [ 21.832792] <TASK> [ 21.832809] dump_stack_lvl+0x73/0xb0 [ 21.832846] print_report+0xd1/0x650 [ 21.832883] ? __virt_addr_valid+0x1db/0x2d0 [ 21.832915] ? kasan_atomics_helper+0x8f9/0x5450 [ 21.832950] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.832984] ? kasan_atomics_helper+0x8f9/0x5450 [ 21.833020] kasan_report+0x141/0x180 [ 21.833056] ? kasan_atomics_helper+0x8f9/0x5450 [ 21.833097] kasan_check_range+0x10c/0x1c0 [ 21.833128] __kasan_check_write+0x18/0x20 [ 21.833159] kasan_atomics_helper+0x8f9/0x5450 [ 21.833195] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.833262] ? ret_from_fork_asm+0x1a/0x30 [ 21.833362] kasan_atomics+0x1dc/0x310 [ 21.833508] ? __pfx_kasan_atomics+0x10/0x10 [ 21.833592] ? __pfx_read_tsc+0x10/0x10 [ 21.833679] ? ktime_get_ts64+0x86/0x230 [ 21.833819] kunit_try_run_case+0x1a5/0x480 [ 21.833921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.833997] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.834079] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.834159] ? __kthread_parkme+0x82/0x180 [ 21.834256] ? preempt_count_sub+0x50/0x80 [ 21.834346] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.834428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.834511] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.834595] kthread+0x337/0x6f0 [ 21.834679] ? trace_preempt_on+0x20/0xc0 [ 21.834757] ? __pfx_kthread+0x10/0x10 [ 21.834824] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.834900] ? calculate_sigpending+0x7b/0xa0 [ 21.834974] ? __pfx_kthread+0x10/0x10 [ 21.835040] ret_from_fork+0x41/0x80 [ 21.835115] ? __pfx_kthread+0x10/0x10 [ 21.835149] ret_from_fork_asm+0x1a/0x30 [ 21.835193] </TASK> [ 21.835211] [ 21.850786] Allocated by task 286: [ 21.851158] kasan_save_stack+0x45/0x70 [ 21.851556] kasan_save_track+0x18/0x40 [ 21.851900] kasan_save_alloc_info+0x3b/0x50 [ 21.852409] __kasan_kmalloc+0xb7/0xc0 [ 21.853139] __kmalloc_cache_noprof+0x189/0x420 [ 21.854327] kasan_atomics+0x95/0x310 [ 21.855010] kunit_try_run_case+0x1a5/0x480 [ 21.855651] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.856124] kthread+0x337/0x6f0 [ 21.856675] ret_from_fork+0x41/0x80 [ 21.857262] ret_from_fork_asm+0x1a/0x30 [ 21.857999] [ 21.858271] The buggy address belongs to the object at ffff888102a2c100 [ 21.858271] which belongs to the cache kmalloc-64 of size 64 [ 21.859468] The buggy address is located 0 bytes to the right of [ 21.859468] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.860726] [ 21.860894] The buggy address belongs to the physical page: [ 21.861427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.862529] flags: 0x200000000000000(node=0|zone=2) [ 21.862944] page_type: f5(slab) [ 21.863363] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.864053] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.864989] page dumped because: kasan: bad access detected [ 21.865381] [ 21.865629] Memory state around the buggy address: [ 21.866261] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.866981] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.867803] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.868353] ^ [ 21.868788] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.869298] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.869904] ================================================================== [ 21.533244] ================================================================== [ 21.534206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 21.534817] Write of size 4 at addr ffff888102a2c130 by task kunit_try_catch/286 [ 21.535398] [ 21.535785] CPU: 0 UID: 0 PID: 286 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.535917] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.535958] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.536017] Call Trace: [ 21.536071] <TASK> [ 21.536122] dump_stack_lvl+0x73/0xb0 [ 21.536204] print_report+0xd1/0x650 [ 21.536329] ? __virt_addr_valid+0x1db/0x2d0 [ 21.536410] ? kasan_atomics_helper+0x565/0x5450 [ 21.536486] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.536567] ? kasan_atomics_helper+0x565/0x5450 [ 21.536776] kasan_report+0x141/0x180 [ 21.536855] ? kasan_atomics_helper+0x565/0x5450 [ 21.536942] kasan_check_range+0x10c/0x1c0 [ 21.537022] __kasan_check_write+0x18/0x20 [ 21.537101] kasan_atomics_helper+0x565/0x5450 [ 21.537179] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 21.537284] ? ret_from_fork_asm+0x1a/0x30 [ 21.537332] kasan_atomics+0x1dc/0x310 [ 21.537363] ? __pfx_kasan_atomics+0x10/0x10 [ 21.537394] ? __pfx_read_tsc+0x10/0x10 [ 21.537423] ? ktime_get_ts64+0x86/0x230 [ 21.537462] kunit_try_run_case+0x1a5/0x480 [ 21.537500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.537537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.537573] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.537673] ? __kthread_parkme+0x82/0x180 [ 21.537748] ? preempt_count_sub+0x50/0x80 [ 21.537803] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.537841] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.537876] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.537912] kthread+0x337/0x6f0 [ 21.537937] ? trace_preempt_on+0x20/0xc0 [ 21.537971] ? __pfx_kthread+0x10/0x10 [ 21.537996] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.538028] ? calculate_sigpending+0x7b/0xa0 [ 21.538058] ? __pfx_kthread+0x10/0x10 [ 21.538083] ret_from_fork+0x41/0x80 [ 21.538115] ? __pfx_kthread+0x10/0x10 [ 21.538140] ret_from_fork_asm+0x1a/0x30 [ 21.538182] </TASK> [ 21.538197] [ 21.559113] Allocated by task 286: [ 21.559896] kasan_save_stack+0x45/0x70 [ 21.560271] kasan_save_track+0x18/0x40 [ 21.560591] kasan_save_alloc_info+0x3b/0x50 [ 21.560966] __kasan_kmalloc+0xb7/0xc0 [ 21.561301] __kmalloc_cache_noprof+0x189/0x420 [ 21.562595] kasan_atomics+0x95/0x310 [ 21.563245] kunit_try_run_case+0x1a5/0x480 [ 21.564322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.564963] kthread+0x337/0x6f0 [ 21.565281] ret_from_fork+0x41/0x80 [ 21.565618] ret_from_fork_asm+0x1a/0x30 [ 21.565975] [ 21.566138] The buggy address belongs to the object at ffff888102a2c100 [ 21.566138] which belongs to the cache kmalloc-64 of size 64 [ 21.568319] The buggy address is located 0 bytes to the right of [ 21.568319] allocated 48-byte region [ffff888102a2c100, ffff888102a2c130) [ 21.569630] [ 21.569872] The buggy address belongs to the physical page: [ 21.570342] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a2c [ 21.571566] flags: 0x200000000000000(node=0|zone=2) [ 21.572143] page_type: f5(slab) [ 21.572452] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 21.573723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 21.574383] page dumped because: kasan: bad access detected [ 21.574998] [ 21.575193] Memory state around the buggy address: [ 21.575561] ffff888102a2c000: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.576220] ffff888102a2c080: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 21.577123] >ffff888102a2c100: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 21.578115] ^ [ 21.578847] ffff888102a2c180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.579470] ffff888102a2c200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.580744] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 20.955503] ================================================================== [ 20.956541] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 20.957419] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.957913] [ 20.958180] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.958444] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.958487] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.958541] Call Trace: [ 20.958722] <TASK> [ 20.958776] dump_stack_lvl+0x73/0xb0 [ 20.958847] print_report+0xd1/0x650 [ 20.958917] ? __virt_addr_valid+0x1db/0x2d0 [ 20.958988] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 20.959062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.959136] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 20.959212] kasan_report+0x141/0x180 [ 20.959299] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 20.959424] kasan_check_range+0x10c/0x1c0 [ 20.959504] __kasan_check_write+0x18/0x20 [ 20.959573] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 20.959666] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.959748] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.960219] ? trace_hardirqs_on+0x37/0xe0 [ 20.960300] ? kasan_bitops_generic+0x92/0x1c0 [ 20.960379] kasan_bitops_generic+0x121/0x1c0 [ 20.960442] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.960478] ? __pfx_read_tsc+0x10/0x10 [ 20.960506] ? ktime_get_ts64+0x86/0x230 [ 20.960541] kunit_try_run_case+0x1a5/0x480 [ 20.960576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.960676] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.960754] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.960791] ? __kthread_parkme+0x82/0x180 [ 20.960827] ? preempt_count_sub+0x50/0x80 [ 20.960863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.960900] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.960935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.960970] kthread+0x337/0x6f0 [ 20.960994] ? trace_preempt_on+0x20/0xc0 [ 20.961026] ? __pfx_kthread+0x10/0x10 [ 20.961051] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.961083] ? calculate_sigpending+0x7b/0xa0 [ 20.961114] ? __pfx_kthread+0x10/0x10 [ 20.961140] ret_from_fork+0x41/0x80 [ 20.961170] ? __pfx_kthread+0x10/0x10 [ 20.961196] ret_from_fork_asm+0x1a/0x30 [ 20.961277] </TASK> [ 20.961294] [ 20.984629] Allocated by task 282: [ 20.985499] kasan_save_stack+0x45/0x70 [ 20.986431] kasan_save_track+0x18/0x40 [ 20.986854] kasan_save_alloc_info+0x3b/0x50 [ 20.987905] __kasan_kmalloc+0xb7/0xc0 [ 20.988648] __kmalloc_cache_noprof+0x189/0x420 [ 20.989040] kasan_bitops_generic+0x92/0x1c0 [ 20.989974] kunit_try_run_case+0x1a5/0x480 [ 20.990805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.991517] kthread+0x337/0x6f0 [ 20.992154] ret_from_fork+0x41/0x80 [ 20.992709] ret_from_fork_asm+0x1a/0x30 [ 20.993396] [ 20.993591] The buggy address belongs to the object at ffff8881025ebc60 [ 20.993591] which belongs to the cache kmalloc-16 of size 16 [ 20.995899] The buggy address is located 8 bytes inside of [ 20.995899] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.997087] [ 20.997362] The buggy address belongs to the physical page: [ 20.998029] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.998880] flags: 0x200000000000000(node=0|zone=2) [ 20.999451] page_type: f5(slab) [ 20.999824] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.000894] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.001988] page dumped because: kasan: bad access detected [ 21.002199] [ 21.002626] Memory state around the buggy address: [ 21.003455] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.003940] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.004734] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 21.005615] ^ [ 21.006371] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007086] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.007681] ================================================================== [ 21.106984] ================================================================== [ 21.107589] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.108391] Read of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 21.108933] [ 21.109186] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.109344] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.109375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.109427] Call Trace: [ 21.109475] <TASK> [ 21.109509] dump_stack_lvl+0x73/0xb0 [ 21.109575] print_report+0xd1/0x650 [ 21.109677] ? __virt_addr_valid+0x1db/0x2d0 [ 21.109748] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.109831] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.109910] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.109992] kasan_report+0x141/0x180 [ 21.110071] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.110162] __asan_report_load8_noabort+0x18/0x20 [ 21.110279] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 21.110364] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.110446] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.110517] ? trace_hardirqs_on+0x37/0xe0 [ 21.110595] ? kasan_bitops_generic+0x92/0x1c0 [ 21.110698] kasan_bitops_generic+0x121/0x1c0 [ 21.110772] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.110848] ? __pfx_read_tsc+0x10/0x10 [ 21.110914] ? ktime_get_ts64+0x86/0x230 [ 21.110994] kunit_try_run_case+0x1a5/0x480 [ 21.111069] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.111140] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.111255] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.111337] ? __kthread_parkme+0x82/0x180 [ 21.111410] ? preempt_count_sub+0x50/0x80 [ 21.111487] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.111562] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.111655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.111728] kthread+0x337/0x6f0 [ 21.111757] ? trace_preempt_on+0x20/0xc0 [ 21.111793] ? __pfx_kthread+0x10/0x10 [ 21.111818] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.111850] ? calculate_sigpending+0x7b/0xa0 [ 21.111882] ? __pfx_kthread+0x10/0x10 [ 21.111910] ret_from_fork+0x41/0x80 [ 21.111941] ? __pfx_kthread+0x10/0x10 [ 21.111966] ret_from_fork_asm+0x1a/0x30 [ 21.112009] </TASK> [ 21.112023] [ 21.130673] Allocated by task 282: [ 21.131048] kasan_save_stack+0x45/0x70 [ 21.131650] kasan_save_track+0x18/0x40 [ 21.132008] kasan_save_alloc_info+0x3b/0x50 [ 21.132672] __kasan_kmalloc+0xb7/0xc0 [ 21.133035] __kmalloc_cache_noprof+0x189/0x420 [ 21.133645] kasan_bitops_generic+0x92/0x1c0 [ 21.134078] kunit_try_run_case+0x1a5/0x480 [ 21.134565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.135104] kthread+0x337/0x6f0 [ 21.135505] ret_from_fork+0x41/0x80 [ 21.136065] ret_from_fork_asm+0x1a/0x30 [ 21.136525] [ 21.136731] The buggy address belongs to the object at ffff8881025ebc60 [ 21.136731] which belongs to the cache kmalloc-16 of size 16 [ 21.137830] The buggy address is located 8 bytes inside of [ 21.137830] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 21.138824] [ 21.139054] The buggy address belongs to the physical page: [ 21.139692] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 21.140451] flags: 0x200000000000000(node=0|zone=2) [ 21.140869] page_type: f5(slab) [ 21.141354] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.142055] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.142702] page dumped because: kasan: bad access detected [ 21.143194] [ 21.143574] Memory state around the buggy address: [ 21.144044] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.144649] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.145276] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 21.145965] ^ [ 21.146567] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.147297] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.147917] ================================================================== [ 20.903999] ================================================================== [ 20.904628] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 20.906117] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.907426] [ 20.907666] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.907830] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.907869] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.908049] Call Trace: [ 20.908095] <TASK> [ 20.908139] dump_stack_lvl+0x73/0xb0 [ 20.908217] print_report+0xd1/0x650 [ 20.908290] ? __virt_addr_valid+0x1db/0x2d0 [ 20.908355] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 20.908394] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.908429] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 20.908464] kasan_report+0x141/0x180 [ 20.908497] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 20.908537] kasan_check_range+0x10c/0x1c0 [ 20.908566] __kasan_check_write+0x18/0x20 [ 20.908594] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 20.908688] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.908768] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.908840] ? trace_hardirqs_on+0x37/0xe0 [ 20.908913] ? kasan_bitops_generic+0x92/0x1c0 [ 20.908995] kasan_bitops_generic+0x121/0x1c0 [ 20.909032] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.909063] ? __pfx_read_tsc+0x10/0x10 [ 20.909091] ? ktime_get_ts64+0x86/0x230 [ 20.909125] kunit_try_run_case+0x1a5/0x480 [ 20.909161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.909193] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.909267] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.909308] ? __kthread_parkme+0x82/0x180 [ 20.909340] ? preempt_count_sub+0x50/0x80 [ 20.909376] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.909409] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.909443] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.909475] kthread+0x337/0x6f0 [ 20.909498] ? trace_preempt_on+0x20/0xc0 [ 20.909530] ? __pfx_kthread+0x10/0x10 [ 20.909553] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.909583] ? calculate_sigpending+0x7b/0xa0 [ 20.909654] ? __pfx_kthread+0x10/0x10 [ 20.909728] ret_from_fork+0x41/0x80 [ 20.909781] ? __pfx_kthread+0x10/0x10 [ 20.909808] ret_from_fork_asm+0x1a/0x30 [ 20.909849] </TASK> [ 20.909864] [ 20.933788] Allocated by task 282: [ 20.934141] kasan_save_stack+0x45/0x70 [ 20.934854] kasan_save_track+0x18/0x40 [ 20.935321] kasan_save_alloc_info+0x3b/0x50 [ 20.935669] __kasan_kmalloc+0xb7/0xc0 [ 20.936253] __kmalloc_cache_noprof+0x189/0x420 [ 20.937119] kasan_bitops_generic+0x92/0x1c0 [ 20.938129] kunit_try_run_case+0x1a5/0x480 [ 20.938555] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.939531] kthread+0x337/0x6f0 [ 20.940260] ret_from_fork+0x41/0x80 [ 20.940548] ret_from_fork_asm+0x1a/0x30 [ 20.941039] [ 20.941394] The buggy address belongs to the object at ffff8881025ebc60 [ 20.941394] which belongs to the cache kmalloc-16 of size 16 [ 20.942475] The buggy address is located 8 bytes inside of [ 20.942475] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.943427] [ 20.944119] The buggy address belongs to the physical page: [ 20.944566] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.945382] flags: 0x200000000000000(node=0|zone=2) [ 20.946100] page_type: f5(slab) [ 20.946569] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.947513] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.948292] page dumped because: kasan: bad access detected [ 20.949212] [ 20.949449] Memory state around the buggy address: [ 20.950053] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.950875] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.951574] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.952596] ^ [ 20.953229] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.953813] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.954478] ================================================================== [ 20.849272] ================================================================== [ 20.850444] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 20.851584] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.852397] [ 20.853105] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.853314] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.853353] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.853410] Call Trace: [ 20.853446] <TASK> [ 20.853491] dump_stack_lvl+0x73/0xb0 [ 20.853567] print_report+0xd1/0x650 [ 20.853818] ? __virt_addr_valid+0x1db/0x2d0 [ 20.853922] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 20.854000] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.854073] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 20.854150] kasan_report+0x141/0x180 [ 20.854262] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 20.854357] kasan_check_range+0x10c/0x1c0 [ 20.854426] __kasan_check_write+0x18/0x20 [ 20.854478] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 20.854516] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.854551] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.854581] ? trace_hardirqs_on+0x37/0xe0 [ 20.854694] ? kasan_bitops_generic+0x92/0x1c0 [ 20.854766] kasan_bitops_generic+0x121/0x1c0 [ 20.854800] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.854833] ? __pfx_read_tsc+0x10/0x10 [ 20.854860] ? ktime_get_ts64+0x86/0x230 [ 20.854897] kunit_try_run_case+0x1a5/0x480 [ 20.854934] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.854967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.855000] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.855034] ? __kthread_parkme+0x82/0x180 [ 20.855066] ? preempt_count_sub+0x50/0x80 [ 20.855101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.855136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.855171] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.855205] kthread+0x337/0x6f0 [ 20.855272] ? trace_preempt_on+0x20/0xc0 [ 20.855308] ? __pfx_kthread+0x10/0x10 [ 20.855333] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.855364] ? calculate_sigpending+0x7b/0xa0 [ 20.855393] ? __pfx_kthread+0x10/0x10 [ 20.855417] ret_from_fork+0x41/0x80 [ 20.855447] ? __pfx_kthread+0x10/0x10 [ 20.855471] ret_from_fork_asm+0x1a/0x30 [ 20.855511] </TASK> [ 20.855524] [ 20.880279] Allocated by task 282: [ 20.881085] kasan_save_stack+0x45/0x70 [ 20.881572] kasan_save_track+0x18/0x40 [ 20.882079] kasan_save_alloc_info+0x3b/0x50 [ 20.883129] __kasan_kmalloc+0xb7/0xc0 [ 20.883674] __kmalloc_cache_noprof+0x189/0x420 [ 20.884139] kasan_bitops_generic+0x92/0x1c0 [ 20.885160] kunit_try_run_case+0x1a5/0x480 [ 20.886178] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.886895] kthread+0x337/0x6f0 [ 20.887274] ret_from_fork+0x41/0x80 [ 20.887625] ret_from_fork_asm+0x1a/0x30 [ 20.888054] [ 20.888267] The buggy address belongs to the object at ffff8881025ebc60 [ 20.888267] which belongs to the cache kmalloc-16 of size 16 [ 20.889457] The buggy address is located 8 bytes inside of [ 20.889457] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.890983] [ 20.891280] The buggy address belongs to the physical page: [ 20.891956] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.892786] flags: 0x200000000000000(node=0|zone=2) [ 20.893304] page_type: f5(slab) [ 20.894103] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.894887] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.895742] page dumped because: kasan: bad access detected [ 20.896375] [ 20.896985] Memory state around the buggy address: [ 20.897273] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.898440] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.899274] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.900032] ^ [ 20.900774] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.901400] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.902339] ================================================================== [ 20.802430] ================================================================== [ 20.803428] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 20.804709] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.805535] [ 20.805984] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.806105] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.806139] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.806194] Call Trace: [ 20.806241] <TASK> [ 20.806285] dump_stack_lvl+0x73/0xb0 [ 20.806391] print_report+0xd1/0x650 [ 20.806476] ? __virt_addr_valid+0x1db/0x2d0 [ 20.806576] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 20.806889] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.806982] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 20.807061] kasan_report+0x141/0x180 [ 20.807102] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 20.807147] kasan_check_range+0x10c/0x1c0 [ 20.807178] __kasan_check_write+0x18/0x20 [ 20.807207] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 20.807243] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.807282] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.807312] ? trace_hardirqs_on+0x37/0xe0 [ 20.807386] ? kasan_bitops_generic+0x92/0x1c0 [ 20.807424] kasan_bitops_generic+0x121/0x1c0 [ 20.807454] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.807486] ? __pfx_read_tsc+0x10/0x10 [ 20.807514] ? ktime_get_ts64+0x86/0x230 [ 20.807550] kunit_try_run_case+0x1a5/0x480 [ 20.807587] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.807670] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.807745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.807784] ? __kthread_parkme+0x82/0x180 [ 20.807817] ? preempt_count_sub+0x50/0x80 [ 20.807854] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.807890] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.807924] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.807960] kthread+0x337/0x6f0 [ 20.807984] ? trace_preempt_on+0x20/0xc0 [ 20.808018] ? __pfx_kthread+0x10/0x10 [ 20.808044] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.808076] ? calculate_sigpending+0x7b/0xa0 [ 20.808108] ? __pfx_kthread+0x10/0x10 [ 20.808135] ret_from_fork+0x41/0x80 [ 20.808168] ? __pfx_kthread+0x10/0x10 [ 20.808192] ret_from_fork_asm+0x1a/0x30 [ 20.808268] </TASK> [ 20.808287] [ 20.829148] Allocated by task 282: [ 20.829499] kasan_save_stack+0x45/0x70 [ 20.830048] kasan_save_track+0x18/0x40 [ 20.830627] kasan_save_alloc_info+0x3b/0x50 [ 20.831428] __kasan_kmalloc+0xb7/0xc0 [ 20.831802] __kmalloc_cache_noprof+0x189/0x420 [ 20.832360] kasan_bitops_generic+0x92/0x1c0 [ 20.832885] kunit_try_run_case+0x1a5/0x480 [ 20.833358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.834057] kthread+0x337/0x6f0 [ 20.834471] ret_from_fork+0x41/0x80 [ 20.835175] ret_from_fork_asm+0x1a/0x30 [ 20.835763] [ 20.836008] The buggy address belongs to the object at ffff8881025ebc60 [ 20.836008] which belongs to the cache kmalloc-16 of size 16 [ 20.836905] The buggy address is located 8 bytes inside of [ 20.836905] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.837702] [ 20.837988] The buggy address belongs to the physical page: [ 20.838470] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.839326] flags: 0x200000000000000(node=0|zone=2) [ 20.840206] page_type: f5(slab) [ 20.840667] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.841528] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.842377] page dumped because: kasan: bad access detected [ 20.842785] [ 20.843015] Memory state around the buggy address: [ 20.843649] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.845252] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.845763] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.846005] ^ [ 20.846224] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.846457] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.847018] ================================================================== [ 20.751097] ================================================================== [ 20.751743] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 20.752498] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.753701] [ 20.753939] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.754140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.754179] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.754297] Call Trace: [ 20.754380] <TASK> [ 20.754429] dump_stack_lvl+0x73/0xb0 [ 20.754505] print_report+0xd1/0x650 [ 20.754576] ? __virt_addr_valid+0x1db/0x2d0 [ 20.754666] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 20.754749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.754826] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 20.754902] kasan_report+0x141/0x180 [ 20.754978] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 20.755068] kasan_check_range+0x10c/0x1c0 [ 20.755136] __kasan_check_write+0x18/0x20 [ 20.755204] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 20.755287] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.755367] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.755437] ? trace_hardirqs_on+0x37/0xe0 [ 20.755510] ? kasan_bitops_generic+0x92/0x1c0 [ 20.755587] kasan_bitops_generic+0x121/0x1c0 [ 20.755675] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.755757] ? __pfx_read_tsc+0x10/0x10 [ 20.755825] ? ktime_get_ts64+0x86/0x230 [ 20.755903] kunit_try_run_case+0x1a5/0x480 [ 20.755979] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.756041] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.756080] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.756118] ? __kthread_parkme+0x82/0x180 [ 20.756151] ? preempt_count_sub+0x50/0x80 [ 20.756189] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.756262] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.756303] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.756340] kthread+0x337/0x6f0 [ 20.756365] ? trace_preempt_on+0x20/0xc0 [ 20.756399] ? __pfx_kthread+0x10/0x10 [ 20.756425] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.756457] ? calculate_sigpending+0x7b/0xa0 [ 20.756490] ? __pfx_kthread+0x10/0x10 [ 20.756518] ret_from_fork+0x41/0x80 [ 20.756548] ? __pfx_kthread+0x10/0x10 [ 20.756574] ret_from_fork_asm+0x1a/0x30 [ 20.756701] </TASK> [ 20.756747] [ 20.778878] Allocated by task 282: [ 20.779545] kasan_save_stack+0x45/0x70 [ 20.779991] kasan_save_track+0x18/0x40 [ 20.780858] kasan_save_alloc_info+0x3b/0x50 [ 20.781438] __kasan_kmalloc+0xb7/0xc0 [ 20.781770] __kmalloc_cache_noprof+0x189/0x420 [ 20.782105] kasan_bitops_generic+0x92/0x1c0 [ 20.782970] kunit_try_run_case+0x1a5/0x480 [ 20.784072] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.785058] kthread+0x337/0x6f0 [ 20.785411] ret_from_fork+0x41/0x80 [ 20.785853] ret_from_fork_asm+0x1a/0x30 [ 20.786531] [ 20.786957] The buggy address belongs to the object at ffff8881025ebc60 [ 20.786957] which belongs to the cache kmalloc-16 of size 16 [ 20.788433] The buggy address is located 8 bytes inside of [ 20.788433] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.789641] [ 20.790165] The buggy address belongs to the physical page: [ 20.790698] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.792001] flags: 0x200000000000000(node=0|zone=2) [ 20.792856] page_type: f5(slab) [ 20.793180] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.794033] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.794923] page dumped because: kasan: bad access detected [ 20.795470] [ 20.795729] Memory state around the buggy address: [ 20.796582] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.797182] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.797797] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.798708] ^ [ 20.799729] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.800388] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.801370] ================================================================== [ 21.062033] ================================================================== [ 21.062899] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.063799] Read of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 21.064532] [ 21.064925] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.065045] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.065079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.065137] Call Trace: [ 21.065176] <TASK> [ 21.065235] dump_stack_lvl+0x73/0xb0 [ 21.065313] print_report+0xd1/0x650 [ 21.065387] ? __virt_addr_valid+0x1db/0x2d0 [ 21.065462] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.065539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.065630] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.065709] kasan_report+0x141/0x180 [ 21.065797] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.065886] kasan_check_range+0x10c/0x1c0 [ 21.065948] __kasan_check_read+0x15/0x20 [ 21.065980] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 21.066017] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.066055] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.066086] ? trace_hardirqs_on+0x37/0xe0 [ 21.066120] ? kasan_bitops_generic+0x92/0x1c0 [ 21.066152] kasan_bitops_generic+0x121/0x1c0 [ 21.066181] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.066219] ? __pfx_read_tsc+0x10/0x10 [ 21.066273] ? ktime_get_ts64+0x86/0x230 [ 21.066311] kunit_try_run_case+0x1a5/0x480 [ 21.066348] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.066382] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.066416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.066452] ? __kthread_parkme+0x82/0x180 [ 21.066486] ? preempt_count_sub+0x50/0x80 [ 21.066523] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.066558] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.066592] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.066653] kthread+0x337/0x6f0 [ 21.066679] ? trace_preempt_on+0x20/0xc0 [ 21.066713] ? __pfx_kthread+0x10/0x10 [ 21.066738] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.066769] ? calculate_sigpending+0x7b/0xa0 [ 21.066801] ? __pfx_kthread+0x10/0x10 [ 21.066827] ret_from_fork+0x41/0x80 [ 21.066857] ? __pfx_kthread+0x10/0x10 [ 21.066882] ret_from_fork_asm+0x1a/0x30 [ 21.066925] </TASK> [ 21.066939] [ 21.086963] Allocated by task 282: [ 21.087508] kasan_save_stack+0x45/0x70 [ 21.087848] kasan_save_track+0x18/0x40 [ 21.088397] kasan_save_alloc_info+0x3b/0x50 [ 21.088843] __kasan_kmalloc+0xb7/0xc0 [ 21.089400] __kmalloc_cache_noprof+0x189/0x420 [ 21.089794] kasan_bitops_generic+0x92/0x1c0 [ 21.090185] kunit_try_run_case+0x1a5/0x480 [ 21.090918] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.091809] kthread+0x337/0x6f0 [ 21.092460] ret_from_fork+0x41/0x80 [ 21.093440] ret_from_fork_asm+0x1a/0x30 [ 21.094123] [ 21.094335] The buggy address belongs to the object at ffff8881025ebc60 [ 21.094335] which belongs to the cache kmalloc-16 of size 16 [ 21.095228] The buggy address is located 8 bytes inside of [ 21.095228] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 21.096200] [ 21.096375] The buggy address belongs to the physical page: [ 21.096777] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 21.098050] flags: 0x200000000000000(node=0|zone=2) [ 21.098313] page_type: f5(slab) [ 21.099105] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.099821] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.100434] page dumped because: kasan: bad access detected [ 21.101129] [ 21.101393] Memory state around the buggy address: [ 21.102097] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.102831] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.103587] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 21.104092] ^ [ 21.104699] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.105207] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.105814] ================================================================== [ 20.707500] ================================================================== [ 20.708311] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 20.709511] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.710164] [ 20.710450] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.710573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.710630] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.710688] Call Trace: [ 20.710738] <TASK> [ 20.710787] dump_stack_lvl+0x73/0xb0 [ 20.710866] print_report+0xd1/0x650 [ 20.710944] ? __virt_addr_valid+0x1db/0x2d0 [ 20.711020] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 20.711094] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.711172] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 20.711251] kasan_report+0x141/0x180 [ 20.711330] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 20.711420] kasan_check_range+0x10c/0x1c0 [ 20.711497] __kasan_check_write+0x18/0x20 [ 20.711573] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 20.711820] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 20.711868] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.711898] ? trace_hardirqs_on+0x37/0xe0 [ 20.711933] ? kasan_bitops_generic+0x92/0x1c0 [ 20.711968] kasan_bitops_generic+0x121/0x1c0 [ 20.711995] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.712025] ? __pfx_read_tsc+0x10/0x10 [ 20.712052] ? ktime_get_ts64+0x86/0x230 [ 20.712087] kunit_try_run_case+0x1a5/0x480 [ 20.712122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.712156] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.712190] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.712257] ? __kthread_parkme+0x82/0x180 [ 20.712293] ? preempt_count_sub+0x50/0x80 [ 20.712331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.712366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.712400] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.712433] kthread+0x337/0x6f0 [ 20.712457] ? trace_preempt_on+0x20/0xc0 [ 20.712488] ? __pfx_kthread+0x10/0x10 [ 20.712513] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.712544] ? calculate_sigpending+0x7b/0xa0 [ 20.712575] ? __pfx_kthread+0x10/0x10 [ 20.712621] ret_from_fork+0x41/0x80 [ 20.712731] ? __pfx_kthread+0x10/0x10 [ 20.712805] ret_from_fork_asm+0x1a/0x30 [ 20.712906] </TASK> [ 20.712937] [ 20.730901] Allocated by task 282: [ 20.731245] kasan_save_stack+0x45/0x70 [ 20.731781] kasan_save_track+0x18/0x40 [ 20.732144] kasan_save_alloc_info+0x3b/0x50 [ 20.732577] __kasan_kmalloc+0xb7/0xc0 [ 20.733006] __kmalloc_cache_noprof+0x189/0x420 [ 20.733477] kasan_bitops_generic+0x92/0x1c0 [ 20.734386] kunit_try_run_case+0x1a5/0x480 [ 20.734902] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.735433] kthread+0x337/0x6f0 [ 20.735957] ret_from_fork+0x41/0x80 [ 20.736382] ret_from_fork_asm+0x1a/0x30 [ 20.736741] [ 20.736919] The buggy address belongs to the object at ffff8881025ebc60 [ 20.736919] which belongs to the cache kmalloc-16 of size 16 [ 20.737893] The buggy address is located 8 bytes inside of [ 20.737893] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.738999] [ 20.739304] The buggy address belongs to the physical page: [ 20.739752] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.740820] flags: 0x200000000000000(node=0|zone=2) [ 20.741192] page_type: f5(slab) [ 20.741562] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.742415] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.743153] page dumped because: kasan: bad access detected [ 20.743517] [ 20.743714] Memory state around the buggy address: [ 20.744151] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.745108] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.746045] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.746600] ^ [ 20.747035] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.747974] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.748574] ================================================================== [ 21.008661] ================================================================== [ 21.009162] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.011256] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 21.012365] [ 21.012872] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 21.012996] Tainted: [B]=BAD_PAGE, [N]=TEST [ 21.013034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 21.013088] Call Trace: [ 21.013135] <TASK> [ 21.013180] dump_stack_lvl+0x73/0xb0 [ 21.013293] print_report+0xd1/0x650 [ 21.013372] ? __virt_addr_valid+0x1db/0x2d0 [ 21.013445] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.013521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 21.013972] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.014066] kasan_report+0x141/0x180 [ 21.014146] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.014277] kasan_check_range+0x10c/0x1c0 [ 21.014358] __kasan_check_write+0x18/0x20 [ 21.014433] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 21.014512] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 21.014591] ? __kmalloc_cache_noprof+0x189/0x420 [ 21.014687] ? trace_hardirqs_on+0x37/0xe0 [ 21.014764] ? kasan_bitops_generic+0x92/0x1c0 [ 21.014801] kasan_bitops_generic+0x121/0x1c0 [ 21.014832] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 21.014863] ? __pfx_read_tsc+0x10/0x10 [ 21.014891] ? ktime_get_ts64+0x86/0x230 [ 21.014927] kunit_try_run_case+0x1a5/0x480 [ 21.014963] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.014995] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 21.015029] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 21.015064] ? __kthread_parkme+0x82/0x180 [ 21.015096] ? preempt_count_sub+0x50/0x80 [ 21.015131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 21.015167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.015201] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 21.015263] kthread+0x337/0x6f0 [ 21.015290] ? trace_preempt_on+0x20/0xc0 [ 21.015324] ? __pfx_kthread+0x10/0x10 [ 21.015349] ? _raw_spin_unlock_irq+0x47/0x80 [ 21.015380] ? calculate_sigpending+0x7b/0xa0 [ 21.015411] ? __pfx_kthread+0x10/0x10 [ 21.015437] ret_from_fork+0x41/0x80 [ 21.015469] ? __pfx_kthread+0x10/0x10 [ 21.015495] ret_from_fork_asm+0x1a/0x30 [ 21.015538] </TASK> [ 21.015552] [ 21.040044] Allocated by task 282: [ 21.040479] kasan_save_stack+0x45/0x70 [ 21.041138] kasan_save_track+0x18/0x40 [ 21.041566] kasan_save_alloc_info+0x3b/0x50 [ 21.042399] __kasan_kmalloc+0xb7/0xc0 [ 21.042874] __kmalloc_cache_noprof+0x189/0x420 [ 21.043240] kasan_bitops_generic+0x92/0x1c0 [ 21.043807] kunit_try_run_case+0x1a5/0x480 [ 21.044319] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 21.044990] kthread+0x337/0x6f0 [ 21.045410] ret_from_fork+0x41/0x80 [ 21.046200] ret_from_fork_asm+0x1a/0x30 [ 21.046840] [ 21.047056] The buggy address belongs to the object at ffff8881025ebc60 [ 21.047056] which belongs to the cache kmalloc-16 of size 16 [ 21.048011] The buggy address is located 8 bytes inside of [ 21.048011] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 21.049331] [ 21.049560] The buggy address belongs to the physical page: [ 21.050400] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 21.051186] flags: 0x200000000000000(node=0|zone=2) [ 21.051822] page_type: f5(slab) [ 21.052190] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 21.052986] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 21.053871] page dumped because: kasan: bad access detected [ 21.054431] [ 21.054651] Memory state around the buggy address: [ 21.055073] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 21.056254] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 21.057205] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 21.058158] ^ [ 21.059200] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.059808] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 21.060623] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 20.314502] ================================================================== [ 20.315720] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 20.316660] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.318554] [ 20.319179] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.319326] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.319387] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.319466] Call Trace: [ 20.319507] <TASK> [ 20.319554] dump_stack_lvl+0x73/0xb0 [ 20.319670] print_report+0xd1/0x650 [ 20.319754] ? __virt_addr_valid+0x1db/0x2d0 [ 20.319792] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 20.319824] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.319859] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 20.319892] kasan_report+0x141/0x180 [ 20.319927] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 20.319966] kasan_check_range+0x10c/0x1c0 [ 20.319996] __kasan_check_write+0x18/0x20 [ 20.320024] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 20.320056] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.320089] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.320120] ? trace_hardirqs_on+0x37/0xe0 [ 20.320155] ? kasan_bitops_generic+0x92/0x1c0 [ 20.320191] kasan_bitops_generic+0x116/0x1c0 [ 20.320229] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.320282] ? __pfx_read_tsc+0x10/0x10 [ 20.320315] ? ktime_get_ts64+0x86/0x230 [ 20.320353] kunit_try_run_case+0x1a5/0x480 [ 20.320389] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.320422] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.320457] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.320492] ? __kthread_parkme+0x82/0x180 [ 20.320525] ? preempt_count_sub+0x50/0x80 [ 20.320564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.320618] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.320701] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.320785] kthread+0x337/0x6f0 [ 20.320855] ? trace_preempt_on+0x20/0xc0 [ 20.320915] ? __pfx_kthread+0x10/0x10 [ 20.320942] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.320974] ? calculate_sigpending+0x7b/0xa0 [ 20.321007] ? __pfx_kthread+0x10/0x10 [ 20.321032] ret_from_fork+0x41/0x80 [ 20.321063] ? __pfx_kthread+0x10/0x10 [ 20.321090] ret_from_fork_asm+0x1a/0x30 [ 20.321133] </TASK> [ 20.321148] [ 20.341557] Allocated by task 282: [ 20.342333] kasan_save_stack+0x45/0x70 [ 20.342769] kasan_save_track+0x18/0x40 [ 20.343194] kasan_save_alloc_info+0x3b/0x50 [ 20.344039] __kasan_kmalloc+0xb7/0xc0 [ 20.344498] __kmalloc_cache_noprof+0x189/0x420 [ 20.345401] kasan_bitops_generic+0x92/0x1c0 [ 20.346117] kunit_try_run_case+0x1a5/0x480 [ 20.346594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.347238] kthread+0x337/0x6f0 [ 20.347583] ret_from_fork+0x41/0x80 [ 20.348371] ret_from_fork_asm+0x1a/0x30 [ 20.348911] [ 20.349124] The buggy address belongs to the object at ffff8881025ebc60 [ 20.349124] which belongs to the cache kmalloc-16 of size 16 [ 20.350068] The buggy address is located 8 bytes inside of [ 20.350068] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.351191] [ 20.351581] The buggy address belongs to the physical page: [ 20.352407] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.353200] flags: 0x200000000000000(node=0|zone=2) [ 20.353781] page_type: f5(slab) [ 20.354212] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.355008] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.356435] page dumped because: kasan: bad access detected [ 20.356913] [ 20.357257] Memory state around the buggy address: [ 20.357838] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.358407] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.359176] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.359760] ^ [ 20.360468] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.361581] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.362565] ================================================================== [ 20.364082] ================================================================== [ 20.364579] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 20.365181] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.365762] [ 20.365988] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.366166] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.366208] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.366263] Call Trace: [ 20.366297] <TASK> [ 20.366331] dump_stack_lvl+0x73/0xb0 [ 20.366394] print_report+0xd1/0x650 [ 20.366454] ? __virt_addr_valid+0x1db/0x2d0 [ 20.366513] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 20.366575] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.366661] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 20.366903] kasan_report+0x141/0x180 [ 20.366991] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 20.367078] kasan_check_range+0x10c/0x1c0 [ 20.367158] __kasan_check_write+0x18/0x20 [ 20.367409] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 20.367496] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.367579] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.367669] ? trace_hardirqs_on+0x37/0xe0 [ 20.367745] ? kasan_bitops_generic+0x92/0x1c0 [ 20.367871] kasan_bitops_generic+0x116/0x1c0 [ 20.367946] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.368020] ? __pfx_read_tsc+0x10/0x10 [ 20.368086] ? ktime_get_ts64+0x86/0x230 [ 20.368173] kunit_try_run_case+0x1a5/0x480 [ 20.368258] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.368324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.368364] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.368402] ? __kthread_parkme+0x82/0x180 [ 20.368434] ? preempt_count_sub+0x50/0x80 [ 20.368470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.368504] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.368538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.368572] kthread+0x337/0x6f0 [ 20.368596] ? trace_preempt_on+0x20/0xc0 [ 20.368691] ? __pfx_kthread+0x10/0x10 [ 20.368750] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.368784] ? calculate_sigpending+0x7b/0xa0 [ 20.368816] ? __pfx_kthread+0x10/0x10 [ 20.368842] ret_from_fork+0x41/0x80 [ 20.368874] ? __pfx_kthread+0x10/0x10 [ 20.368899] ret_from_fork_asm+0x1a/0x30 [ 20.368941] </TASK> [ 20.368954] [ 20.388572] Allocated by task 282: [ 20.389126] kasan_save_stack+0x45/0x70 [ 20.391196] kasan_save_track+0x18/0x40 [ 20.392172] kasan_save_alloc_info+0x3b/0x50 [ 20.392563] __kasan_kmalloc+0xb7/0xc0 [ 20.393187] __kmalloc_cache_noprof+0x189/0x420 [ 20.394035] kasan_bitops_generic+0x92/0x1c0 [ 20.394828] kunit_try_run_case+0x1a5/0x480 [ 20.395301] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.395858] kthread+0x337/0x6f0 [ 20.396217] ret_from_fork+0x41/0x80 [ 20.396598] ret_from_fork_asm+0x1a/0x30 [ 20.396975] [ 20.397156] The buggy address belongs to the object at ffff8881025ebc60 [ 20.397156] which belongs to the cache kmalloc-16 of size 16 [ 20.398348] The buggy address is located 8 bytes inside of [ 20.398348] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.399736] [ 20.399967] The buggy address belongs to the physical page: [ 20.400822] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.402177] flags: 0x200000000000000(node=0|zone=2) [ 20.402575] page_type: f5(slab) [ 20.403798] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.404652] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.405944] page dumped because: kasan: bad access detected [ 20.406516] [ 20.407053] Memory state around the buggy address: [ 20.407373] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.408075] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.408689] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.409454] ^ [ 20.410187] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.411258] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.411788] ================================================================== [ 20.413103] ================================================================== [ 20.413762] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 20.415008] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.415543] [ 20.415775] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.416001] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.416043] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.416097] Call Trace: [ 20.416148] <TASK> [ 20.416197] dump_stack_lvl+0x73/0xb0 [ 20.416275] print_report+0xd1/0x650 [ 20.416352] ? __virt_addr_valid+0x1db/0x2d0 [ 20.416428] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 20.416526] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.416726] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 20.416810] kasan_report+0x141/0x180 [ 20.416884] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 20.416966] kasan_check_range+0x10c/0x1c0 [ 20.417034] __kasan_check_write+0x18/0x20 [ 20.417102] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 20.417177] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.417266] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.417342] ? trace_hardirqs_on+0x37/0xe0 [ 20.417418] ? kasan_bitops_generic+0x92/0x1c0 [ 20.417496] kasan_bitops_generic+0x116/0x1c0 [ 20.417567] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.417661] ? __pfx_read_tsc+0x10/0x10 [ 20.417730] ? ktime_get_ts64+0x86/0x230 [ 20.417822] kunit_try_run_case+0x1a5/0x480 [ 20.417905] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.417986] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.418066] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.418105] ? __kthread_parkme+0x82/0x180 [ 20.418138] ? preempt_count_sub+0x50/0x80 [ 20.418176] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.418215] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.418279] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.418316] kthread+0x337/0x6f0 [ 20.418340] ? trace_preempt_on+0x20/0xc0 [ 20.418372] ? __pfx_kthread+0x10/0x10 [ 20.418397] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.418427] ? calculate_sigpending+0x7b/0xa0 [ 20.418457] ? __pfx_kthread+0x10/0x10 [ 20.418481] ret_from_fork+0x41/0x80 [ 20.418512] ? __pfx_kthread+0x10/0x10 [ 20.418539] ret_from_fork_asm+0x1a/0x30 [ 20.418581] </TASK> [ 20.418597] [ 20.439353] Allocated by task 282: [ 20.440019] kasan_save_stack+0x45/0x70 [ 20.440928] kasan_save_track+0x18/0x40 [ 20.441379] kasan_save_alloc_info+0x3b/0x50 [ 20.442039] __kasan_kmalloc+0xb7/0xc0 [ 20.442552] __kmalloc_cache_noprof+0x189/0x420 [ 20.443236] kasan_bitops_generic+0x92/0x1c0 [ 20.443793] kunit_try_run_case+0x1a5/0x480 [ 20.444157] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.445124] kthread+0x337/0x6f0 [ 20.445541] ret_from_fork+0x41/0x80 [ 20.446119] ret_from_fork_asm+0x1a/0x30 [ 20.446857] [ 20.447104] The buggy address belongs to the object at ffff8881025ebc60 [ 20.447104] which belongs to the cache kmalloc-16 of size 16 [ 20.447995] The buggy address is located 8 bytes inside of [ 20.447995] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.449021] [ 20.449652] The buggy address belongs to the physical page: [ 20.450207] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.451254] flags: 0x200000000000000(node=0|zone=2) [ 20.451995] page_type: f5(slab) [ 20.452466] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.453549] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.454370] page dumped because: kasan: bad access detected [ 20.455025] [ 20.455413] Memory state around the buggy address: [ 20.456099] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.456864] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.457508] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.458499] ^ [ 20.459104] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.459768] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.460362] ================================================================== [ 20.512715] ================================================================== [ 20.513192] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 20.514155] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.515569] [ 20.515805] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.515925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.515963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.516018] Call Trace: [ 20.516165] <TASK> [ 20.516220] dump_stack_lvl+0x73/0xb0 [ 20.516376] print_report+0xd1/0x650 [ 20.516510] ? __virt_addr_valid+0x1db/0x2d0 [ 20.516781] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 20.516861] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.516935] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 20.517007] kasan_report+0x141/0x180 [ 20.517077] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 20.517122] kasan_check_range+0x10c/0x1c0 [ 20.517154] __kasan_check_write+0x18/0x20 [ 20.517184] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 20.517262] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.517323] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.517355] ? trace_hardirqs_on+0x37/0xe0 [ 20.517390] ? kasan_bitops_generic+0x92/0x1c0 [ 20.517425] kasan_bitops_generic+0x116/0x1c0 [ 20.517454] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.517486] ? __pfx_read_tsc+0x10/0x10 [ 20.517514] ? ktime_get_ts64+0x86/0x230 [ 20.517548] kunit_try_run_case+0x1a5/0x480 [ 20.517585] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.517688] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.517767] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.517807] ? __kthread_parkme+0x82/0x180 [ 20.517839] ? preempt_count_sub+0x50/0x80 [ 20.517877] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.517914] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.517950] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.517986] kthread+0x337/0x6f0 [ 20.518011] ? trace_preempt_on+0x20/0xc0 [ 20.518044] ? __pfx_kthread+0x10/0x10 [ 20.518069] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.518102] ? calculate_sigpending+0x7b/0xa0 [ 20.518133] ? __pfx_kthread+0x10/0x10 [ 20.518159] ret_from_fork+0x41/0x80 [ 20.518188] ? __pfx_kthread+0x10/0x10 [ 20.518238] ret_from_fork_asm+0x1a/0x30 [ 20.518300] </TASK> [ 20.518315] [ 20.542116] Allocated by task 282: [ 20.542598] kasan_save_stack+0x45/0x70 [ 20.543002] kasan_save_track+0x18/0x40 [ 20.543531] kasan_save_alloc_info+0x3b/0x50 [ 20.543894] __kasan_kmalloc+0xb7/0xc0 [ 20.544268] __kmalloc_cache_noprof+0x189/0x420 [ 20.544745] kasan_bitops_generic+0x92/0x1c0 [ 20.545168] kunit_try_run_case+0x1a5/0x480 [ 20.545955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.546999] kthread+0x337/0x6f0 [ 20.547740] ret_from_fork+0x41/0x80 [ 20.548114] ret_from_fork_asm+0x1a/0x30 [ 20.548529] [ 20.548898] The buggy address belongs to the object at ffff8881025ebc60 [ 20.548898] which belongs to the cache kmalloc-16 of size 16 [ 20.550141] The buggy address is located 8 bytes inside of [ 20.550141] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.551185] [ 20.551454] The buggy address belongs to the physical page: [ 20.551945] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.552575] flags: 0x200000000000000(node=0|zone=2) [ 20.553898] page_type: f5(slab) [ 20.554188] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.555470] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.556172] page dumped because: kasan: bad access detected [ 20.556916] [ 20.557262] Memory state around the buggy address: [ 20.557993] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.558892] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.559688] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.560342] ^ [ 20.561158] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.561874] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.562932] ================================================================== [ 20.650249] ================================================================== [ 20.651039] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 20.651594] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.652288] [ 20.652556] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.652844] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.652881] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.652935] Call Trace: [ 20.652983] <TASK> [ 20.653026] dump_stack_lvl+0x73/0xb0 [ 20.653099] print_report+0xd1/0x650 [ 20.653172] ? __virt_addr_valid+0x1db/0x2d0 [ 20.653289] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 20.653357] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.653431] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 20.653502] kasan_report+0x141/0x180 [ 20.653575] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 20.653805] kasan_check_range+0x10c/0x1c0 [ 20.653902] __kasan_check_write+0x18/0x20 [ 20.654004] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 20.654131] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.654270] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.654348] ? trace_hardirqs_on+0x37/0xe0 [ 20.654420] ? kasan_bitops_generic+0x92/0x1c0 [ 20.654496] kasan_bitops_generic+0x116/0x1c0 [ 20.654567] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.654997] ? __pfx_read_tsc+0x10/0x10 [ 20.655114] ? ktime_get_ts64+0x86/0x230 [ 20.655196] kunit_try_run_case+0x1a5/0x480 [ 20.655293] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.655352] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.655406] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.655459] ? __kthread_parkme+0x82/0x180 [ 20.655509] ? preempt_count_sub+0x50/0x80 [ 20.655565] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.655743] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.655803] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.655855] kthread+0x337/0x6f0 [ 20.655892] ? trace_preempt_on+0x20/0xc0 [ 20.655942] ? __pfx_kthread+0x10/0x10 [ 20.655982] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.656029] ? calculate_sigpending+0x7b/0xa0 [ 20.656076] ? __pfx_kthread+0x10/0x10 [ 20.656116] ret_from_fork+0x41/0x80 [ 20.656161] ? __pfx_kthread+0x10/0x10 [ 20.656200] ret_from_fork_asm+0x1a/0x30 [ 20.656307] </TASK> [ 20.656331] [ 20.682158] Allocated by task 282: [ 20.682595] kasan_save_stack+0x45/0x70 [ 20.683477] kasan_save_track+0x18/0x40 [ 20.683847] kasan_save_alloc_info+0x3b/0x50 [ 20.684848] __kasan_kmalloc+0xb7/0xc0 [ 20.685741] __kmalloc_cache_noprof+0x189/0x420 [ 20.687589] kasan_bitops_generic+0x92/0x1c0 [ 20.688076] kunit_try_run_case+0x1a5/0x480 [ 20.688737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.689657] kthread+0x337/0x6f0 [ 20.689988] ret_from_fork+0x41/0x80 [ 20.690265] ret_from_fork_asm+0x1a/0x30 [ 20.690515] [ 20.690965] The buggy address belongs to the object at ffff8881025ebc60 [ 20.690965] which belongs to the cache kmalloc-16 of size 16 [ 20.693149] The buggy address is located 8 bytes inside of [ 20.693149] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.693826] [ 20.693962] The buggy address belongs to the physical page: [ 20.694318] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.695570] flags: 0x200000000000000(node=0|zone=2) [ 20.696464] page_type: f5(slab) [ 20.696811] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.697882] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.699014] page dumped because: kasan: bad access detected [ 20.699745] [ 20.700143] Memory state around the buggy address: [ 20.701085] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.702059] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.702892] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.703658] ^ [ 20.704490] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.705533] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.706258] ================================================================== [ 20.563784] ================================================================== [ 20.564642] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 20.566087] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.566504] [ 20.566751] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.566872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.566910] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.566963] Call Trace: [ 20.567017] <TASK> [ 20.567066] dump_stack_lvl+0x73/0xb0 [ 20.567218] print_report+0xd1/0x650 [ 20.567305] ? __virt_addr_valid+0x1db/0x2d0 [ 20.567642] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 20.567727] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.567989] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 20.568072] kasan_report+0x141/0x180 [ 20.568152] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 20.568652] kasan_check_range+0x10c/0x1c0 [ 20.568742] __kasan_check_write+0x18/0x20 [ 20.568787] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 20.568825] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.568862] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.568893] ? trace_hardirqs_on+0x37/0xe0 [ 20.568928] ? kasan_bitops_generic+0x92/0x1c0 [ 20.568963] kasan_bitops_generic+0x116/0x1c0 [ 20.568993] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.569024] ? __pfx_read_tsc+0x10/0x10 [ 20.569054] ? ktime_get_ts64+0x86/0x230 [ 20.569089] kunit_try_run_case+0x1a5/0x480 [ 20.569127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.569161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.569197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.569259] ? __kthread_parkme+0x82/0x180 [ 20.569295] ? preempt_count_sub+0x50/0x80 [ 20.569332] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.569367] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.569401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.569437] kthread+0x337/0x6f0 [ 20.569460] ? trace_preempt_on+0x20/0xc0 [ 20.569494] ? __pfx_kthread+0x10/0x10 [ 20.569518] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.569550] ? calculate_sigpending+0x7b/0xa0 [ 20.569582] ? __pfx_kthread+0x10/0x10 [ 20.569654] ret_from_fork+0x41/0x80 [ 20.569727] ? __pfx_kthread+0x10/0x10 [ 20.569804] ret_from_fork_asm+0x1a/0x30 [ 20.569888] </TASK> [ 20.569926] [ 20.591938] Allocated by task 282: [ 20.592274] kasan_save_stack+0x45/0x70 [ 20.592684] kasan_save_track+0x18/0x40 [ 20.592922] kasan_save_alloc_info+0x3b/0x50 [ 20.593178] __kasan_kmalloc+0xb7/0xc0 [ 20.594085] __kmalloc_cache_noprof+0x189/0x420 [ 20.594756] kasan_bitops_generic+0x92/0x1c0 [ 20.595133] kunit_try_run_case+0x1a5/0x480 [ 20.595570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.596249] kthread+0x337/0x6f0 [ 20.596486] ret_from_fork+0x41/0x80 [ 20.596936] ret_from_fork_asm+0x1a/0x30 [ 20.597429] [ 20.598050] The buggy address belongs to the object at ffff8881025ebc60 [ 20.598050] which belongs to the cache kmalloc-16 of size 16 [ 20.599095] The buggy address is located 8 bytes inside of [ 20.599095] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.599811] [ 20.599945] The buggy address belongs to the physical page: [ 20.600240] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.600721] flags: 0x200000000000000(node=0|zone=2) [ 20.601002] page_type: f5(slab) [ 20.601241] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.601900] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.602315] page dumped because: kasan: bad access detected [ 20.602656] [ 20.603052] Memory state around the buggy address: [ 20.603586] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.604178] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.604948] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.605403] ^ [ 20.605839] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.606284] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.607341] ================================================================== [ 20.461306] ================================================================== [ 20.462125] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 20.463029] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.463743] [ 20.464575] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.464888] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.464925] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.464983] Call Trace: [ 20.465029] <TASK> [ 20.465052] dump_stack_lvl+0x73/0xb0 [ 20.465088] print_report+0xd1/0x650 [ 20.465122] ? __virt_addr_valid+0x1db/0x2d0 [ 20.465158] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 20.465266] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.465366] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 20.465472] kasan_report+0x141/0x180 [ 20.465551] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 20.465971] kasan_check_range+0x10c/0x1c0 [ 20.466034] __kasan_check_write+0x18/0x20 [ 20.466075] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 20.466126] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.466165] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.466197] ? trace_hardirqs_on+0x37/0xe0 [ 20.466256] ? kasan_bitops_generic+0x92/0x1c0 [ 20.466296] kasan_bitops_generic+0x116/0x1c0 [ 20.466327] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.466359] ? __pfx_read_tsc+0x10/0x10 [ 20.466387] ? ktime_get_ts64+0x86/0x230 [ 20.466423] kunit_try_run_case+0x1a5/0x480 [ 20.466460] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.466493] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.466527] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.466563] ? __kthread_parkme+0x82/0x180 [ 20.466595] ? preempt_count_sub+0x50/0x80 [ 20.466697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.466759] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.466795] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.466830] kthread+0x337/0x6f0 [ 20.466854] ? trace_preempt_on+0x20/0xc0 [ 20.466887] ? __pfx_kthread+0x10/0x10 [ 20.466913] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.466945] ? calculate_sigpending+0x7b/0xa0 [ 20.466977] ? __pfx_kthread+0x10/0x10 [ 20.467004] ret_from_fork+0x41/0x80 [ 20.467034] ? __pfx_kthread+0x10/0x10 [ 20.467058] ret_from_fork_asm+0x1a/0x30 [ 20.467101] </TASK> [ 20.467115] [ 20.488594] Allocated by task 282: [ 20.489992] kasan_save_stack+0x45/0x70 [ 20.490347] kasan_save_track+0x18/0x40 [ 20.490678] kasan_save_alloc_info+0x3b/0x50 [ 20.490930] __kasan_kmalloc+0xb7/0xc0 [ 20.491090] __kmalloc_cache_noprof+0x189/0x420 [ 20.491262] kasan_bitops_generic+0x92/0x1c0 [ 20.491428] kunit_try_run_case+0x1a5/0x480 [ 20.491594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.492686] kthread+0x337/0x6f0 [ 20.493406] ret_from_fork+0x41/0x80 [ 20.494443] ret_from_fork_asm+0x1a/0x30 [ 20.495204] [ 20.495708] The buggy address belongs to the object at ffff8881025ebc60 [ 20.495708] which belongs to the cache kmalloc-16 of size 16 [ 20.497734] The buggy address is located 8 bytes inside of [ 20.497734] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.500380] [ 20.500944] The buggy address belongs to the physical page: [ 20.501562] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.502374] flags: 0x200000000000000(node=0|zone=2) [ 20.502856] page_type: f5(slab) [ 20.503352] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.504184] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.504964] page dumped because: kasan: bad access detected [ 20.505642] [ 20.506092] Memory state around the buggy address: [ 20.507053] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.507939] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.508209] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.508735] ^ [ 20.509998] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.510821] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.511358] ================================================================== [ 20.608524] ================================================================== [ 20.609303] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 20.610435] Write of size 8 at addr ffff8881025ebc68 by task kunit_try_catch/282 [ 20.611321] [ 20.611593] CPU: 0 UID: 0 PID: 282 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.611853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.611890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.611945] Call Trace: [ 20.611993] <TASK> [ 20.612036] dump_stack_lvl+0x73/0xb0 [ 20.612109] print_report+0xd1/0x650 [ 20.612181] ? __virt_addr_valid+0x1db/0x2d0 [ 20.612309] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 20.612416] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.612493] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 20.612572] kasan_report+0x141/0x180 [ 20.612824] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 20.612912] kasan_check_range+0x10c/0x1c0 [ 20.612985] __kasan_check_write+0x18/0x20 [ 20.613053] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 20.613129] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 20.613202] ? __kmalloc_cache_noprof+0x189/0x420 [ 20.613286] ? trace_hardirqs_on+0x37/0xe0 [ 20.613358] ? kasan_bitops_generic+0x92/0x1c0 [ 20.613432] kasan_bitops_generic+0x116/0x1c0 [ 20.613487] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 20.613542] ? __pfx_read_tsc+0x10/0x10 [ 20.613627] ? ktime_get_ts64+0x86/0x230 [ 20.614067] kunit_try_run_case+0x1a5/0x480 [ 20.614159] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.614281] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.614360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.614462] ? __kthread_parkme+0x82/0x180 [ 20.614558] ? preempt_count_sub+0x50/0x80 [ 20.614780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.614858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.614935] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.615010] kthread+0x337/0x6f0 [ 20.615070] ? trace_preempt_on+0x20/0xc0 [ 20.615140] ? __pfx_kthread+0x10/0x10 [ 20.615184] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.615269] ? calculate_sigpending+0x7b/0xa0 [ 20.615319] ? __pfx_kthread+0x10/0x10 [ 20.615360] ret_from_fork+0x41/0x80 [ 20.615408] ? __pfx_kthread+0x10/0x10 [ 20.615451] ret_from_fork_asm+0x1a/0x30 [ 20.615526] </TASK> [ 20.615551] [ 20.631879] Allocated by task 282: [ 20.632359] kasan_save_stack+0x45/0x70 [ 20.632850] kasan_save_track+0x18/0x40 [ 20.633325] kasan_save_alloc_info+0x3b/0x50 [ 20.633962] __kasan_kmalloc+0xb7/0xc0 [ 20.634449] __kmalloc_cache_noprof+0x189/0x420 [ 20.635082] kasan_bitops_generic+0x92/0x1c0 [ 20.635329] kunit_try_run_case+0x1a5/0x480 [ 20.635725] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.636033] kthread+0x337/0x6f0 [ 20.636496] ret_from_fork+0x41/0x80 [ 20.637053] ret_from_fork_asm+0x1a/0x30 [ 20.637524] [ 20.637924] The buggy address belongs to the object at ffff8881025ebc60 [ 20.637924] which belongs to the cache kmalloc-16 of size 16 [ 20.639228] The buggy address is located 8 bytes inside of [ 20.639228] allocated 9-byte region [ffff8881025ebc60, ffff8881025ebc69) [ 20.639844] [ 20.639980] The buggy address belongs to the physical page: [ 20.640249] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 20.641158] flags: 0x200000000000000(node=0|zone=2) [ 20.641877] page_type: f5(slab) [ 20.642320] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 20.643003] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 20.643856] page dumped because: kasan: bad access detected [ 20.644381] [ 20.644789] Memory state around the buggy address: [ 20.645159] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 20.646069] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 20.646554] >ffff8881025ebc00: fa fb fc fc fa fb fc fc fa fb fc fc 00 01 fc fc [ 20.647193] ^ [ 20.647547] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.648349] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.648963] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 20.261850] ================================================================== [ 20.262980] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 20.263530] Read of size 1 at addr ffff88810a08ac10 by task kunit_try_catch/280 [ 20.264145] [ 20.264460] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.264620] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.264659] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.264711] Call Trace: [ 20.264768] <TASK> [ 20.264809] dump_stack_lvl+0x73/0xb0 [ 20.264911] print_report+0xd1/0x650 [ 20.264976] ? __virt_addr_valid+0x1db/0x2d0 [ 20.265012] ? strnlen+0x73/0x80 [ 20.265041] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.265076] ? strnlen+0x73/0x80 [ 20.265123] kasan_report+0x141/0x180 [ 20.265199] ? strnlen+0x73/0x80 [ 20.265329] __asan_report_load1_noabort+0x18/0x20 [ 20.265405] strnlen+0x73/0x80 [ 20.265530] kasan_strings+0x615/0xe80 [ 20.265600] ? trace_hardirqs_on+0x37/0xe0 [ 20.265691] ? __pfx_kasan_strings+0x10/0x10 [ 20.265743] ? finish_task_switch.isra.0+0x153/0x700 [ 20.265790] ? __switch_to+0x5d9/0xf60 [ 20.265821] ? dequeue_task_fair+0x166/0x4e0 [ 20.265857] ? __schedule+0x10cc/0x2b60 [ 20.265892] ? __pfx_read_tsc+0x10/0x10 [ 20.265920] ? ktime_get_ts64+0x86/0x230 [ 20.265956] kunit_try_run_case+0x1a5/0x480 [ 20.265993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.266028] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.266064] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.266100] ? __kthread_parkme+0x82/0x180 [ 20.266131] ? preempt_count_sub+0x50/0x80 [ 20.266167] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.266204] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.266281] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.266320] kthread+0x337/0x6f0 [ 20.266345] ? trace_preempt_on+0x20/0xc0 [ 20.266378] ? __pfx_kthread+0x10/0x10 [ 20.266405] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.266438] ? calculate_sigpending+0x7b/0xa0 [ 20.266469] ? __pfx_kthread+0x10/0x10 [ 20.266495] ret_from_fork+0x41/0x80 [ 20.266525] ? __pfx_kthread+0x10/0x10 [ 20.266549] ret_from_fork_asm+0x1a/0x30 [ 20.266594] </TASK> [ 20.266628] [ 20.285353] Allocated by task 280: [ 20.285687] kasan_save_stack+0x45/0x70 [ 20.286139] kasan_save_track+0x18/0x40 [ 20.286527] kasan_save_alloc_info+0x3b/0x50 [ 20.286948] __kasan_kmalloc+0xb7/0xc0 [ 20.287394] __kmalloc_cache_noprof+0x189/0x420 [ 20.287858] kasan_strings+0xc0/0xe80 [ 20.288276] kunit_try_run_case+0x1a5/0x480 [ 20.288639] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.289174] kthread+0x337/0x6f0 [ 20.289594] ret_from_fork+0x41/0x80 [ 20.290015] ret_from_fork_asm+0x1a/0x30 [ 20.290498] [ 20.290743] Freed by task 280: [ 20.291036] kasan_save_stack+0x45/0x70 [ 20.291391] kasan_save_track+0x18/0x40 [ 20.291814] kasan_save_free_info+0x3f/0x60 [ 20.292284] __kasan_slab_free+0x56/0x70 [ 20.292721] kfree+0x222/0x3f0 [ 20.293046] kasan_strings+0x2aa/0xe80 [ 20.293434] kunit_try_run_case+0x1a5/0x480 [ 20.293888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.294335] kthread+0x337/0x6f0 [ 20.294635] ret_from_fork+0x41/0x80 [ 20.295029] ret_from_fork_asm+0x1a/0x30 [ 20.295506] [ 20.295764] The buggy address belongs to the object at ffff88810a08ac00 [ 20.295764] which belongs to the cache kmalloc-32 of size 32 [ 20.298093] The buggy address is located 16 bytes inside of [ 20.298093] freed 32-byte region [ffff88810a08ac00, ffff88810a08ac20) [ 20.299152] [ 20.299830] The buggy address belongs to the physical page: [ 20.300178] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 20.301155] flags: 0x200000000000000(node=0|zone=2) [ 20.301924] page_type: f5(slab) [ 20.302536] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.303177] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.303809] page dumped because: kasan: bad access detected [ 20.304208] [ 20.304412] Memory state around the buggy address: [ 20.304830] ffff88810a08ab00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.305419] ffff88810a08ab80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.306006] >ffff88810a08ac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.306667] ^ [ 20.306962] ffff88810a08ac80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.307598] ffff88810a08ad00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.308093] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 20.215545] ================================================================== [ 20.216162] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 20.217131] Read of size 1 at addr ffff88810a08ac10 by task kunit_try_catch/280 [ 20.217783] [ 20.218032] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.218150] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.218190] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.218291] Call Trace: [ 20.218340] <TASK> [ 20.218379] dump_stack_lvl+0x73/0xb0 [ 20.218449] print_report+0xd1/0x650 [ 20.218526] ? __virt_addr_valid+0x1db/0x2d0 [ 20.218600] ? strlen+0x8f/0xb0 [ 20.218686] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.218764] ? strlen+0x8f/0xb0 [ 20.218832] kasan_report+0x141/0x180 [ 20.218905] ? strlen+0x8f/0xb0 [ 20.218991] __asan_report_load1_noabort+0x18/0x20 [ 20.219067] strlen+0x8f/0xb0 [ 20.219139] kasan_strings+0x57b/0xe80 [ 20.219250] ? trace_hardirqs_on+0x37/0xe0 [ 20.219333] ? __pfx_kasan_strings+0x10/0x10 [ 20.219406] ? finish_task_switch.isra.0+0x153/0x700 [ 20.219476] ? __switch_to+0x5d9/0xf60 [ 20.219524] ? dequeue_task_fair+0x166/0x4e0 [ 20.219561] ? __schedule+0x10cc/0x2b60 [ 20.219594] ? __pfx_read_tsc+0x10/0x10 [ 20.219649] ? ktime_get_ts64+0x86/0x230 [ 20.219687] kunit_try_run_case+0x1a5/0x480 [ 20.219725] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.219759] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.219793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.219827] ? __kthread_parkme+0x82/0x180 [ 20.219858] ? preempt_count_sub+0x50/0x80 [ 20.219894] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.219929] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.219962] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.219996] kthread+0x337/0x6f0 [ 20.220018] ? trace_preempt_on+0x20/0xc0 [ 20.220051] ? __pfx_kthread+0x10/0x10 [ 20.220075] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.220106] ? calculate_sigpending+0x7b/0xa0 [ 20.220135] ? __pfx_kthread+0x10/0x10 [ 20.220159] ret_from_fork+0x41/0x80 [ 20.220190] ? __pfx_kthread+0x10/0x10 [ 20.220261] ret_from_fork_asm+0x1a/0x30 [ 20.220310] </TASK> [ 20.220324] [ 20.236970] Allocated by task 280: [ 20.237392] kasan_save_stack+0x45/0x70 [ 20.237817] kasan_save_track+0x18/0x40 [ 20.238199] kasan_save_alloc_info+0x3b/0x50 [ 20.238590] __kasan_kmalloc+0xb7/0xc0 [ 20.238913] __kmalloc_cache_noprof+0x189/0x420 [ 20.239253] kasan_strings+0xc0/0xe80 [ 20.239551] kunit_try_run_case+0x1a5/0x480 [ 20.240059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.240649] kthread+0x337/0x6f0 [ 20.241052] ret_from_fork+0x41/0x80 [ 20.241595] ret_from_fork_asm+0x1a/0x30 [ 20.242058] [ 20.242339] Freed by task 280: [ 20.242680] kasan_save_stack+0x45/0x70 [ 20.243182] kasan_save_track+0x18/0x40 [ 20.243593] kasan_save_free_info+0x3f/0x60 [ 20.244005] __kasan_slab_free+0x56/0x70 [ 20.244673] kfree+0x222/0x3f0 [ 20.245579] kasan_strings+0x2aa/0xe80 [ 20.246686] kunit_try_run_case+0x1a5/0x480 [ 20.247090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.247589] kthread+0x337/0x6f0 [ 20.247958] ret_from_fork+0x41/0x80 [ 20.248368] ret_from_fork_asm+0x1a/0x30 [ 20.248875] [ 20.249128] The buggy address belongs to the object at ffff88810a08ac00 [ 20.249128] which belongs to the cache kmalloc-32 of size 32 [ 20.250255] The buggy address is located 16 bytes inside of [ 20.250255] freed 32-byte region [ffff88810a08ac00, ffff88810a08ac20) [ 20.251390] [ 20.251576] The buggy address belongs to the physical page: [ 20.252003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 20.252744] flags: 0x200000000000000(node=0|zone=2) [ 20.253571] page_type: f5(slab) [ 20.253927] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.254590] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.255425] page dumped because: kasan: bad access detected [ 20.255873] [ 20.256096] Memory state around the buggy address: [ 20.256845] ffff88810a08ab00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.257408] ffff88810a08ab80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.258053] >ffff88810a08ac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.258705] ^ [ 20.259089] ffff88810a08ac80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.259787] ffff88810a08ad00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.260438] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 20.167092] ================================================================== [ 20.168014] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 20.168919] Read of size 1 at addr ffff88810a08ac10 by task kunit_try_catch/280 [ 20.169597] [ 20.169838] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.169959] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.170034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.170093] Call Trace: [ 20.170131] <TASK> [ 20.170175] dump_stack_lvl+0x73/0xb0 [ 20.170284] print_report+0xd1/0x650 [ 20.170362] ? __virt_addr_valid+0x1db/0x2d0 [ 20.170436] ? kasan_strings+0xcbc/0xe80 [ 20.170513] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.170587] ? kasan_strings+0xcbc/0xe80 [ 20.170679] kasan_report+0x141/0x180 [ 20.170792] ? kasan_strings+0xcbc/0xe80 [ 20.170883] __asan_report_load1_noabort+0x18/0x20 [ 20.170963] kasan_strings+0xcbc/0xe80 [ 20.171031] ? trace_hardirqs_on+0x37/0xe0 [ 20.171106] ? __pfx_kasan_strings+0x10/0x10 [ 20.171176] ? finish_task_switch.isra.0+0x153/0x700 [ 20.171293] ? __switch_to+0x5d9/0xf60 [ 20.171366] ? dequeue_task_fair+0x166/0x4e0 [ 20.171433] ? __schedule+0x10cc/0x2b60 [ 20.171471] ? __pfx_read_tsc+0x10/0x10 [ 20.171501] ? ktime_get_ts64+0x86/0x230 [ 20.171539] kunit_try_run_case+0x1a5/0x480 [ 20.171577] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.171636] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.171675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.171711] ? __kthread_parkme+0x82/0x180 [ 20.171743] ? preempt_count_sub+0x50/0x80 [ 20.171780] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.171816] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.171851] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.171887] kthread+0x337/0x6f0 [ 20.171911] ? trace_preempt_on+0x20/0xc0 [ 20.171944] ? __pfx_kthread+0x10/0x10 [ 20.171969] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.171999] ? calculate_sigpending+0x7b/0xa0 [ 20.172031] ? __pfx_kthread+0x10/0x10 [ 20.172056] ret_from_fork+0x41/0x80 [ 20.172085] ? __pfx_kthread+0x10/0x10 [ 20.172111] ret_from_fork_asm+0x1a/0x30 [ 20.172153] </TASK> [ 20.172168] [ 20.189953] Allocated by task 280: [ 20.190786] kasan_save_stack+0x45/0x70 [ 20.191358] kasan_save_track+0x18/0x40 [ 20.191899] kasan_save_alloc_info+0x3b/0x50 [ 20.192376] __kasan_kmalloc+0xb7/0xc0 [ 20.192789] __kmalloc_cache_noprof+0x189/0x420 [ 20.193502] kasan_strings+0xc0/0xe80 [ 20.193831] kunit_try_run_case+0x1a5/0x480 [ 20.194455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.195096] kthread+0x337/0x6f0 [ 20.195638] ret_from_fork+0x41/0x80 [ 20.196013] ret_from_fork_asm+0x1a/0x30 [ 20.196540] [ 20.196891] Freed by task 280: [ 20.197399] kasan_save_stack+0x45/0x70 [ 20.197758] kasan_save_track+0x18/0x40 [ 20.198165] kasan_save_free_info+0x3f/0x60 [ 20.198978] __kasan_slab_free+0x56/0x70 [ 20.199523] kfree+0x222/0x3f0 [ 20.199837] kasan_strings+0x2aa/0xe80 [ 20.200220] kunit_try_run_case+0x1a5/0x480 [ 20.200658] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.201179] kthread+0x337/0x6f0 [ 20.201544] ret_from_fork+0x41/0x80 [ 20.201958] ret_from_fork_asm+0x1a/0x30 [ 20.202636] [ 20.202866] The buggy address belongs to the object at ffff88810a08ac00 [ 20.202866] which belongs to the cache kmalloc-32 of size 32 [ 20.203690] The buggy address is located 16 bytes inside of [ 20.203690] freed 32-byte region [ffff88810a08ac00, ffff88810a08ac20) [ 20.205136] [ 20.205766] The buggy address belongs to the physical page: [ 20.206140] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 20.206972] flags: 0x200000000000000(node=0|zone=2) [ 20.207354] page_type: f5(slab) [ 20.207726] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.208321] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.208993] page dumped because: kasan: bad access detected [ 20.209529] [ 20.209793] Memory state around the buggy address: [ 20.210137] ffff88810a08ab00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.210815] ffff88810a08ab80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.211408] >ffff88810a08ac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.211905] ^ [ 20.212335] ffff88810a08ac80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.212935] ffff88810a08ad00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.213519] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 20.118589] ================================================================== [ 20.120461] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 20.121014] Read of size 1 at addr ffff88810a08ac10 by task kunit_try_catch/280 [ 20.122098] [ 20.122401] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.122554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.122595] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.122675] Call Trace: [ 20.122714] <TASK> [ 20.122758] dump_stack_lvl+0x73/0xb0 [ 20.122857] print_report+0xd1/0x650 [ 20.122962] ? __virt_addr_valid+0x1db/0x2d0 [ 20.123034] ? strcmp+0xb0/0xc0 [ 20.123094] ? kasan_complete_mode_report_info+0x64/0x200 [ 20.123153] ? strcmp+0xb0/0xc0 [ 20.123181] kasan_report+0x141/0x180 [ 20.123235] ? strcmp+0xb0/0xc0 [ 20.123290] __asan_report_load1_noabort+0x18/0x20 [ 20.123326] strcmp+0xb0/0xc0 [ 20.123356] kasan_strings+0x431/0xe80 [ 20.123387] ? trace_hardirqs_on+0x37/0xe0 [ 20.123422] ? __pfx_kasan_strings+0x10/0x10 [ 20.123452] ? finish_task_switch.isra.0+0x153/0x700 [ 20.123484] ? __switch_to+0x5d9/0xf60 [ 20.123512] ? dequeue_task_fair+0x166/0x4e0 [ 20.123544] ? __schedule+0x10cc/0x2b60 [ 20.123576] ? __pfx_read_tsc+0x10/0x10 [ 20.123627] ? ktime_get_ts64+0x86/0x230 [ 20.123670] kunit_try_run_case+0x1a5/0x480 [ 20.123710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.123746] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.123782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.123815] ? __kthread_parkme+0x82/0x180 [ 20.123847] ? preempt_count_sub+0x50/0x80 [ 20.123883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.123919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.123953] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.123987] kthread+0x337/0x6f0 [ 20.124010] ? trace_preempt_on+0x20/0xc0 [ 20.124043] ? __pfx_kthread+0x10/0x10 [ 20.124067] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.124098] ? calculate_sigpending+0x7b/0xa0 [ 20.124130] ? __pfx_kthread+0x10/0x10 [ 20.124154] ret_from_fork+0x41/0x80 [ 20.124185] ? __pfx_kthread+0x10/0x10 [ 20.124211] ret_from_fork_asm+0x1a/0x30 [ 20.124281] </TASK> [ 20.124297] [ 20.141136] Allocated by task 280: [ 20.141579] kasan_save_stack+0x45/0x70 [ 20.141995] kasan_save_track+0x18/0x40 [ 20.142481] kasan_save_alloc_info+0x3b/0x50 [ 20.142863] __kasan_kmalloc+0xb7/0xc0 [ 20.143338] __kmalloc_cache_noprof+0x189/0x420 [ 20.143835] kasan_strings+0xc0/0xe80 [ 20.144164] kunit_try_run_case+0x1a5/0x480 [ 20.144720] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.145334] kthread+0x337/0x6f0 [ 20.145769] ret_from_fork+0x41/0x80 [ 20.146106] ret_from_fork_asm+0x1a/0x30 [ 20.146647] [ 20.146881] Freed by task 280: [ 20.147288] kasan_save_stack+0x45/0x70 [ 20.147758] kasan_save_track+0x18/0x40 [ 20.148101] kasan_save_free_info+0x3f/0x60 [ 20.148633] __kasan_slab_free+0x56/0x70 [ 20.149132] kfree+0x222/0x3f0 [ 20.149481] kasan_strings+0x2aa/0xe80 [ 20.149917] kunit_try_run_case+0x1a5/0x480 [ 20.150421] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.150896] kthread+0x337/0x6f0 [ 20.151306] ret_from_fork+0x41/0x80 [ 20.151749] ret_from_fork_asm+0x1a/0x30 [ 20.152131] [ 20.152438] The buggy address belongs to the object at ffff88810a08ac00 [ 20.152438] which belongs to the cache kmalloc-32 of size 32 [ 20.153379] The buggy address is located 16 bytes inside of [ 20.153379] freed 32-byte region [ffff88810a08ac00, ffff88810a08ac20) [ 20.154384] [ 20.154667] The buggy address belongs to the physical page: [ 20.155196] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 20.155906] flags: 0x200000000000000(node=0|zone=2) [ 20.156450] page_type: f5(slab) [ 20.156882] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.157544] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.158259] page dumped because: kasan: bad access detected [ 20.158766] [ 20.159007] Memory state around the buggy address: [ 20.159430] ffff88810a08ab00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.160178] ffff88810a08ab80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.161838] >ffff88810a08ac00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.162781] ^ [ 20.163179] ffff88810a08ac80: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.163868] ffff88810a08ad00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.164485] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 20.059150] ================================================================== [ 20.060544] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 20.061460] Read of size 1 at addr ffff88810a08ab58 by task kunit_try_catch/278 [ 20.062567] [ 20.062800] CPU: 1 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.062924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.062963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.063019] Call Trace: [ 20.063057] <TASK> [ 20.063232] dump_stack_lvl+0x73/0xb0 [ 20.063313] print_report+0xd1/0x650 [ 20.063423] ? __virt_addr_valid+0x1db/0x2d0 [ 20.063473] ? memcmp+0x1b4/0x1d0 [ 20.063504] ? kasan_complete_mode_report_info+0x2a/0x200 [ 20.063537] ? memcmp+0x1b4/0x1d0 [ 20.063563] kasan_report+0x141/0x180 [ 20.063597] ? memcmp+0x1b4/0x1d0 [ 20.063694] __asan_report_load1_noabort+0x18/0x20 [ 20.063755] memcmp+0x1b4/0x1d0 [ 20.063787] kasan_memcmp+0x18f/0x390 [ 20.063817] ? trace_hardirqs_on+0x37/0xe0 [ 20.063854] ? __pfx_kasan_memcmp+0x10/0x10 [ 20.063884] ? finish_task_switch.isra.0+0x153/0x700 [ 20.063917] ? __switch_to+0x5d9/0xf60 [ 20.063947] ? dequeue_task_fair+0x166/0x4e0 [ 20.063985] ? __pfx_read_tsc+0x10/0x10 [ 20.064015] ? ktime_get_ts64+0x86/0x230 [ 20.064050] kunit_try_run_case+0x1a5/0x480 [ 20.064086] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.064119] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.064154] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.064187] ? __kthread_parkme+0x82/0x180 [ 20.064230] ? preempt_count_sub+0x50/0x80 [ 20.064285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.064322] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.064356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.064390] kthread+0x337/0x6f0 [ 20.064414] ? trace_preempt_on+0x20/0xc0 [ 20.064446] ? __pfx_kthread+0x10/0x10 [ 20.064471] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.064503] ? calculate_sigpending+0x7b/0xa0 [ 20.064535] ? __pfx_kthread+0x10/0x10 [ 20.064560] ret_from_fork+0x41/0x80 [ 20.064591] ? __pfx_kthread+0x10/0x10 [ 20.064666] ret_from_fork_asm+0x1a/0x30 [ 20.064764] </TASK> [ 20.064805] [ 20.087076] Allocated by task 278: [ 20.087873] kasan_save_stack+0x45/0x70 [ 20.088675] kasan_save_track+0x18/0x40 [ 20.089285] kasan_save_alloc_info+0x3b/0x50 [ 20.089729] __kasan_kmalloc+0xb7/0xc0 [ 20.090123] __kmalloc_cache_noprof+0x189/0x420 [ 20.091019] kasan_memcmp+0xb7/0x390 [ 20.091332] kunit_try_run_case+0x1a5/0x480 [ 20.091917] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.092412] kthread+0x337/0x6f0 [ 20.093118] ret_from_fork+0x41/0x80 [ 20.093520] ret_from_fork_asm+0x1a/0x30 [ 20.093933] [ 20.094173] The buggy address belongs to the object at ffff88810a08ab40 [ 20.094173] which belongs to the cache kmalloc-32 of size 32 [ 20.095066] The buggy address is located 0 bytes to the right of [ 20.095066] allocated 24-byte region [ffff88810a08ab40, ffff88810a08ab58) [ 20.096124] [ 20.096355] The buggy address belongs to the physical page: [ 20.096996] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 20.097777] flags: 0x200000000000000(node=0|zone=2) [ 20.098294] page_type: f5(slab) [ 20.098741] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 20.099345] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 20.100376] page dumped because: kasan: bad access detected [ 20.101028] [ 20.101256] Memory state around the buggy address: [ 20.101900] ffff88810a08aa00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 20.102533] ffff88810a08aa80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 20.103219] >ffff88810a08ab00: 00 00 07 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 20.103808] ^ [ 20.104262] ffff88810a08ab80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.104994] ffff88810a08ac00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 20.105518] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 17.448425] ================================================================== [ 17.450810] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 17.451299] Write of size 16 at addr ffff88810a06f769 by task kunit_try_catch/199 [ 17.452625] [ 17.453092] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.453243] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.453286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.453343] Call Trace: [ 17.453381] <TASK> [ 17.453426] dump_stack_lvl+0x73/0xb0 [ 17.453502] print_report+0xd1/0x650 [ 17.453578] ? __virt_addr_valid+0x1db/0x2d0 [ 17.453670] ? kmalloc_oob_memset_16+0x166/0x330 [ 17.453821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.453879] ? kmalloc_oob_memset_16+0x166/0x330 [ 17.453918] kasan_report+0x141/0x180 [ 17.453953] ? kmalloc_oob_memset_16+0x166/0x330 [ 17.453993] kasan_check_range+0x10c/0x1c0 [ 17.454021] __asan_memset+0x27/0x50 [ 17.454049] kmalloc_oob_memset_16+0x166/0x330 [ 17.454083] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 17.454116] ? __schedule+0x10cc/0x2b60 [ 17.454147] ? __pfx_read_tsc+0x10/0x10 [ 17.454176] ? ktime_get_ts64+0x86/0x230 [ 17.454212] kunit_try_run_case+0x1a5/0x480 [ 17.454278] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.454314] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.454349] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.454381] ? __kthread_parkme+0x82/0x180 [ 17.454412] ? preempt_count_sub+0x50/0x80 [ 17.454446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.454480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.454512] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.454544] kthread+0x337/0x6f0 [ 17.454566] ? trace_preempt_on+0x20/0xc0 [ 17.454621] ? __pfx_kthread+0x10/0x10 [ 17.454693] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.454769] ? calculate_sigpending+0x7b/0xa0 [ 17.454842] ? __pfx_kthread+0x10/0x10 [ 17.454912] ret_from_fork+0x41/0x80 [ 17.454959] ? __pfx_kthread+0x10/0x10 [ 17.454986] ret_from_fork_asm+0x1a/0x30 [ 17.455028] </TASK> [ 17.455042] [ 17.474378] Allocated by task 199: [ 17.474751] kasan_save_stack+0x45/0x70 [ 17.475130] kasan_save_track+0x18/0x40 [ 17.475646] kasan_save_alloc_info+0x3b/0x50 [ 17.476087] __kasan_kmalloc+0xb7/0xc0 [ 17.476545] __kmalloc_cache_noprof+0x189/0x420 [ 17.476953] kmalloc_oob_memset_16+0xac/0x330 [ 17.477334] kunit_try_run_case+0x1a5/0x480 [ 17.477935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.478516] kthread+0x337/0x6f0 [ 17.479016] ret_from_fork+0x41/0x80 [ 17.479419] ret_from_fork_asm+0x1a/0x30 [ 17.479848] [ 17.480080] The buggy address belongs to the object at ffff88810a06f700 [ 17.480080] which belongs to the cache kmalloc-128 of size 128 [ 17.481401] The buggy address is located 105 bytes inside of [ 17.481401] allocated 120-byte region [ffff88810a06f700, ffff88810a06f778) [ 17.482474] [ 17.482851] The buggy address belongs to the physical page: [ 17.483320] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a06f [ 17.484117] flags: 0x200000000000000(node=0|zone=2) [ 17.484949] page_type: f5(slab) [ 17.485328] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.486009] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.486851] page dumped because: kasan: bad access detected [ 17.487329] [ 17.487552] Memory state around the buggy address: [ 17.487967] ffff88810a06f600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.488503] ffff88810a06f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.489136] >ffff88810a06f700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.490282] ^ [ 17.490978] ffff88810a06f780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.491587] ffff88810a06f800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.492146] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 17.369357] ================================================================== [ 17.370444] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 17.371418] Write of size 8 at addr ffff88810a06f671 by task kunit_try_catch/197 [ 17.372548] [ 17.373226] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.373348] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.373383] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.373438] Call Trace: [ 17.373475] <TASK> [ 17.373519] dump_stack_lvl+0x73/0xb0 [ 17.373588] print_report+0xd1/0x650 [ 17.373675] ? __virt_addr_valid+0x1db/0x2d0 [ 17.373765] ? kmalloc_oob_memset_8+0x166/0x330 [ 17.373820] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.373853] ? kmalloc_oob_memset_8+0x166/0x330 [ 17.373887] kasan_report+0x141/0x180 [ 17.373919] ? kmalloc_oob_memset_8+0x166/0x330 [ 17.373957] kasan_check_range+0x10c/0x1c0 [ 17.373984] __asan_memset+0x27/0x50 [ 17.374012] kmalloc_oob_memset_8+0x166/0x330 [ 17.374045] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 17.374077] ? __schedule+0x10cc/0x2b60 [ 17.374109] ? __pfx_read_tsc+0x10/0x10 [ 17.374137] ? ktime_get_ts64+0x86/0x230 [ 17.374174] kunit_try_run_case+0x1a5/0x480 [ 17.374211] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.374243] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.374277] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.374309] ? __kthread_parkme+0x82/0x180 [ 17.374339] ? preempt_count_sub+0x50/0x80 [ 17.374402] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.374440] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.374472] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.374504] kthread+0x337/0x6f0 [ 17.374525] ? trace_preempt_on+0x20/0xc0 [ 17.374558] ? __pfx_kthread+0x10/0x10 [ 17.374582] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.374714] ? calculate_sigpending+0x7b/0xa0 [ 17.374756] ? __pfx_kthread+0x10/0x10 [ 17.374783] ret_from_fork+0x41/0x80 [ 17.374814] ? __pfx_kthread+0x10/0x10 [ 17.374839] ret_from_fork_asm+0x1a/0x30 [ 17.374881] </TASK> [ 17.374895] [ 17.395559] Allocated by task 197: [ 17.395822] kasan_save_stack+0x45/0x70 [ 17.396085] kasan_save_track+0x18/0x40 [ 17.396332] kasan_save_alloc_info+0x3b/0x50 [ 17.396587] __kasan_kmalloc+0xb7/0xc0 [ 17.400768] __kmalloc_cache_noprof+0x189/0x420 [ 17.403285] kmalloc_oob_memset_8+0xac/0x330 [ 17.404819] kunit_try_run_case+0x1a5/0x480 [ 17.406148] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.407730] kthread+0x337/0x6f0 [ 17.409000] ret_from_fork+0x41/0x80 [ 17.410651] ret_from_fork_asm+0x1a/0x30 [ 17.412118] [ 17.413320] The buggy address belongs to the object at ffff88810a06f600 [ 17.413320] which belongs to the cache kmalloc-128 of size 128 [ 17.416481] The buggy address is located 113 bytes inside of [ 17.416481] allocated 120-byte region [ffff88810a06f600, ffff88810a06f678) [ 17.417078] [ 17.417226] The buggy address belongs to the physical page: [ 17.417514] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a06f [ 17.421912] flags: 0x200000000000000(node=0|zone=2) [ 17.423665] page_type: f5(slab) [ 17.424945] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.427295] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.427751] page dumped because: kasan: bad access detected [ 17.428043] [ 17.428182] Memory state around the buggy address: [ 17.428443] ffff88810a06f500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.432290] ffff88810a06f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.434143] >ffff88810a06f600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.436340] ^ [ 17.438085] ffff88810a06f680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.438471] ffff88810a06f700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.438847] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 17.316001] ================================================================== [ 17.317198] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 17.317926] Write of size 4 at addr ffff888102a13275 by task kunit_try_catch/195 [ 17.318886] [ 17.319177] CPU: 0 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.319329] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.319365] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.319830] Call Trace: [ 17.319876] <TASK> [ 17.319936] dump_stack_lvl+0x73/0xb0 [ 17.320016] print_report+0xd1/0x650 [ 17.320089] ? __virt_addr_valid+0x1db/0x2d0 [ 17.320170] ? kmalloc_oob_memset_4+0x166/0x330 [ 17.320244] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.320300] ? kmalloc_oob_memset_4+0x166/0x330 [ 17.320335] kasan_report+0x141/0x180 [ 17.320368] ? kmalloc_oob_memset_4+0x166/0x330 [ 17.320407] kasan_check_range+0x10c/0x1c0 [ 17.320434] __asan_memset+0x27/0x50 [ 17.320463] kmalloc_oob_memset_4+0x166/0x330 [ 17.320496] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 17.320532] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 17.320570] kunit_try_run_case+0x1a5/0x480 [ 17.320642] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320721] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.320768] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.320802] ? __kthread_parkme+0x82/0x180 [ 17.320836] ? preempt_count_sub+0x50/0x80 [ 17.320874] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.320909] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.320941] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.320974] kthread+0x337/0x6f0 [ 17.320996] ? trace_preempt_on+0x20/0xc0 [ 17.321031] ? __pfx_kthread+0x10/0x10 [ 17.321055] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.321086] ? calculate_sigpending+0x7b/0xa0 [ 17.321119] ? __pfx_kthread+0x10/0x10 [ 17.321144] ret_from_fork+0x41/0x80 [ 17.321175] ? __pfx_kthread+0x10/0x10 [ 17.321199] ret_from_fork_asm+0x1a/0x30 [ 17.321268] </TASK> [ 17.321285] [ 17.342120] Allocated by task 195: [ 17.342835] kasan_save_stack+0x45/0x70 [ 17.343657] kasan_save_track+0x18/0x40 [ 17.343967] kasan_save_alloc_info+0x3b/0x50 [ 17.344937] __kasan_kmalloc+0xb7/0xc0 [ 17.345387] __kmalloc_cache_noprof+0x189/0x420 [ 17.345990] kmalloc_oob_memset_4+0xac/0x330 [ 17.346474] kunit_try_run_case+0x1a5/0x480 [ 17.347076] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.347833] kthread+0x337/0x6f0 [ 17.348193] ret_from_fork+0x41/0x80 [ 17.348648] ret_from_fork_asm+0x1a/0x30 [ 17.349193] [ 17.349418] The buggy address belongs to the object at ffff888102a13200 [ 17.349418] which belongs to the cache kmalloc-128 of size 128 [ 17.350563] The buggy address is located 117 bytes inside of [ 17.350563] allocated 120-byte region [ffff888102a13200, ffff888102a13278) [ 17.351869] [ 17.352093] The buggy address belongs to the physical page: [ 17.352641] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 17.353507] flags: 0x200000000000000(node=0|zone=2) [ 17.354137] page_type: f5(slab) [ 17.354529] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.355362] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.356254] page dumped because: kasan: bad access detected [ 17.356897] [ 17.357088] Memory state around the buggy address: [ 17.357729] ffff888102a13100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.358425] ffff888102a13180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.359372] >ffff888102a13200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.360141] ^ [ 17.360804] ffff888102a13280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.361299] ffff888102a13300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.362449] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 17.264403] ================================================================== [ 17.265588] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 17.266737] Write of size 2 at addr ffff88810a06f577 by task kunit_try_catch/193 [ 17.267933] [ 17.268273] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.268392] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.268429] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.268484] Call Trace: [ 17.268524] <TASK> [ 17.268567] dump_stack_lvl+0x73/0xb0 [ 17.268663] print_report+0xd1/0x650 [ 17.268739] ? __virt_addr_valid+0x1db/0x2d0 [ 17.268893] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.268977] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.269054] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.269127] kasan_report+0x141/0x180 [ 17.269164] ? kmalloc_oob_memset_2+0x166/0x330 [ 17.269204] kasan_check_range+0x10c/0x1c0 [ 17.269273] __asan_memset+0x27/0x50 [ 17.269305] kmalloc_oob_memset_2+0x166/0x330 [ 17.269339] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 17.269373] ? __schedule+0x10cc/0x2b60 [ 17.269403] ? __pfx_read_tsc+0x10/0x10 [ 17.269432] ? ktime_get_ts64+0x86/0x230 [ 17.269466] kunit_try_run_case+0x1a5/0x480 [ 17.269500] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.269531] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.269564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.269599] ? __kthread_parkme+0x82/0x180 [ 17.269692] ? preempt_count_sub+0x50/0x80 [ 17.269749] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.269797] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.269830] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.269863] kthread+0x337/0x6f0 [ 17.269886] ? trace_preempt_on+0x20/0xc0 [ 17.269917] ? __pfx_kthread+0x10/0x10 [ 17.269941] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.269970] ? calculate_sigpending+0x7b/0xa0 [ 17.269998] ? __pfx_kthread+0x10/0x10 [ 17.270022] ret_from_fork+0x41/0x80 [ 17.270051] ? __pfx_kthread+0x10/0x10 [ 17.270074] ret_from_fork_asm+0x1a/0x30 [ 17.270115] </TASK> [ 17.270129] [ 17.290453] Allocated by task 193: [ 17.291457] kasan_save_stack+0x45/0x70 [ 17.292143] kasan_save_track+0x18/0x40 [ 17.292493] kasan_save_alloc_info+0x3b/0x50 [ 17.293297] __kasan_kmalloc+0xb7/0xc0 [ 17.293578] __kmalloc_cache_noprof+0x189/0x420 [ 17.293989] kmalloc_oob_memset_2+0xac/0x330 [ 17.294357] kunit_try_run_case+0x1a5/0x480 [ 17.295141] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.295795] kthread+0x337/0x6f0 [ 17.296139] ret_from_fork+0x41/0x80 [ 17.296538] ret_from_fork_asm+0x1a/0x30 [ 17.297028] [ 17.297348] The buggy address belongs to the object at ffff88810a06f500 [ 17.297348] which belongs to the cache kmalloc-128 of size 128 [ 17.298728] The buggy address is located 119 bytes inside of [ 17.298728] allocated 120-byte region [ffff88810a06f500, ffff88810a06f578) [ 17.300102] [ 17.300335] The buggy address belongs to the physical page: [ 17.301058] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a06f [ 17.301814] flags: 0x200000000000000(node=0|zone=2) [ 17.302397] page_type: f5(slab) [ 17.302929] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.303592] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.304364] page dumped because: kasan: bad access detected [ 17.305266] [ 17.305438] Memory state around the buggy address: [ 17.305955] ffff88810a06f400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.306787] ffff88810a06f480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.307498] >ffff88810a06f500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.308278] ^ [ 17.309026] ffff88810a06f580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.309734] ffff88810a06f600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.310331] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 17.210501] ================================================================== [ 17.211414] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 17.211975] Write of size 128 at addr ffff888102a13100 by task kunit_try_catch/191 [ 17.212648] [ 17.212932] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.213060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.213095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.213155] Call Trace: [ 17.213194] <TASK> [ 17.213281] dump_stack_lvl+0x73/0xb0 [ 17.213360] print_report+0xd1/0x650 [ 17.213431] ? __virt_addr_valid+0x1db/0x2d0 [ 17.213502] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.213574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.213742] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.213835] kasan_report+0x141/0x180 [ 17.213914] ? kmalloc_oob_in_memset+0x15f/0x320 [ 17.214032] kasan_check_range+0x10c/0x1c0 [ 17.214103] __asan_memset+0x27/0x50 [ 17.214171] kmalloc_oob_in_memset+0x15f/0x320 [ 17.214290] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 17.214368] ? __schedule+0x10cc/0x2b60 [ 17.214481] ? __pfx_read_tsc+0x10/0x10 [ 17.214518] ? ktime_get_ts64+0x86/0x230 [ 17.214557] kunit_try_run_case+0x1a5/0x480 [ 17.214595] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.214692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.214756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.214793] ? __kthread_parkme+0x82/0x180 [ 17.214827] ? preempt_count_sub+0x50/0x80 [ 17.214864] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.214899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.214934] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.214968] kthread+0x337/0x6f0 [ 17.214991] ? trace_preempt_on+0x20/0xc0 [ 17.215027] ? __pfx_kthread+0x10/0x10 [ 17.215052] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.215084] ? calculate_sigpending+0x7b/0xa0 [ 17.215115] ? __pfx_kthread+0x10/0x10 [ 17.215140] ret_from_fork+0x41/0x80 [ 17.215172] ? __pfx_kthread+0x10/0x10 [ 17.215196] ret_from_fork_asm+0x1a/0x30 [ 17.215269] </TASK> [ 17.215288] [ 17.233332] Allocated by task 191: [ 17.234167] kasan_save_stack+0x45/0x70 [ 17.234820] kasan_save_track+0x18/0x40 [ 17.235672] kasan_save_alloc_info+0x3b/0x50 [ 17.236151] __kasan_kmalloc+0xb7/0xc0 [ 17.236842] __kmalloc_cache_noprof+0x189/0x420 [ 17.237446] kmalloc_oob_in_memset+0xac/0x320 [ 17.238398] kunit_try_run_case+0x1a5/0x480 [ 17.239290] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.239945] kthread+0x337/0x6f0 [ 17.240285] ret_from_fork+0x41/0x80 [ 17.240655] ret_from_fork_asm+0x1a/0x30 [ 17.241036] [ 17.241241] The buggy address belongs to the object at ffff888102a13100 [ 17.241241] which belongs to the cache kmalloc-128 of size 128 [ 17.242893] The buggy address is located 0 bytes inside of [ 17.242893] allocated 120-byte region [ffff888102a13100, ffff888102a13178) [ 17.244725] [ 17.244908] The buggy address belongs to the physical page: [ 17.245776] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 17.247086] flags: 0x200000000000000(node=0|zone=2) [ 17.247516] page_type: f5(slab) [ 17.248085] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 17.248633] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 17.249341] page dumped because: kasan: bad access detected [ 17.250497] [ 17.251192] Memory state around the buggy address: [ 17.251674] ffff888102a13000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 17.252231] ffff888102a13080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.253745] >ffff888102a13100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 17.254706] ^ [ 17.255361] ffff888102a13180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.256700] ffff888102a13200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.257691] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 17.154089] ================================================================== [ 17.155261] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 17.156536] Read of size 16 at addr ffff888102175260 by task kunit_try_catch/189 [ 17.157250] [ 17.157541] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.157682] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.157718] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.157803] Call Trace: [ 17.157872] <TASK> [ 17.157917] dump_stack_lvl+0x73/0xb0 [ 17.158038] print_report+0xd1/0x650 [ 17.158113] ? __virt_addr_valid+0x1db/0x2d0 [ 17.158183] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.158278] ? kasan_complete_mode_report_info+0x64/0x200 [ 17.158317] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.158348] kasan_report+0x141/0x180 [ 17.158402] ? kmalloc_uaf_16+0x47b/0x4c0 [ 17.158472] __asan_report_load16_noabort+0x18/0x20 [ 17.158508] kmalloc_uaf_16+0x47b/0x4c0 [ 17.158541] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 17.158574] ? __schedule+0x10cc/0x2b60 [ 17.158672] ? __pfx_read_tsc+0x10/0x10 [ 17.158740] ? ktime_get_ts64+0x86/0x230 [ 17.158783] kunit_try_run_case+0x1a5/0x480 [ 17.158822] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.158856] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.158893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.158928] ? __kthread_parkme+0x82/0x180 [ 17.158960] ? preempt_count_sub+0x50/0x80 [ 17.158996] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.159031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.159064] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.159098] kthread+0x337/0x6f0 [ 17.159121] ? trace_preempt_on+0x20/0xc0 [ 17.159154] ? __pfx_kthread+0x10/0x10 [ 17.159180] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.159211] ? calculate_sigpending+0x7b/0xa0 [ 17.159280] ? __pfx_kthread+0x10/0x10 [ 17.159310] ret_from_fork+0x41/0x80 [ 17.159341] ? __pfx_kthread+0x10/0x10 [ 17.159366] ret_from_fork_asm+0x1a/0x30 [ 17.159410] </TASK> [ 17.159425] [ 17.176868] Allocated by task 189: [ 17.177355] kasan_save_stack+0x45/0x70 [ 17.178051] kasan_save_track+0x18/0x40 [ 17.178515] kasan_save_alloc_info+0x3b/0x50 [ 17.178959] __kasan_kmalloc+0xb7/0xc0 [ 17.179332] __kmalloc_cache_noprof+0x189/0x420 [ 17.180153] kmalloc_uaf_16+0x15b/0x4c0 [ 17.180650] kunit_try_run_case+0x1a5/0x480 [ 17.181116] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.181529] kthread+0x337/0x6f0 [ 17.181878] ret_from_fork+0x41/0x80 [ 17.182352] ret_from_fork_asm+0x1a/0x30 [ 17.183257] [ 17.183620] Freed by task 189: [ 17.184185] kasan_save_stack+0x45/0x70 [ 17.184497] kasan_save_track+0x18/0x40 [ 17.185387] kasan_save_free_info+0x3f/0x60 [ 17.186273] __kasan_slab_free+0x56/0x70 [ 17.186901] kfree+0x222/0x3f0 [ 17.187519] kmalloc_uaf_16+0x1d6/0x4c0 [ 17.187882] kunit_try_run_case+0x1a5/0x480 [ 17.188847] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.189350] kthread+0x337/0x6f0 [ 17.189682] ret_from_fork+0x41/0x80 [ 17.190123] ret_from_fork_asm+0x1a/0x30 [ 17.191250] [ 17.191864] The buggy address belongs to the object at ffff888102175260 [ 17.191864] which belongs to the cache kmalloc-16 of size 16 [ 17.192700] The buggy address is located 0 bytes inside of [ 17.192700] freed 16-byte region [ffff888102175260, ffff888102175270) [ 17.194106] [ 17.194340] The buggy address belongs to the physical page: [ 17.194968] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102175 [ 17.195672] flags: 0x200000000000000(node=0|zone=2) [ 17.196153] page_type: f5(slab) [ 17.196950] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.197653] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.198591] page dumped because: kasan: bad access detected [ 17.199538] [ 17.199772] Memory state around the buggy address: [ 17.200219] ffff888102175100: 00 06 fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 17.200751] ffff888102175180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 17.201332] >ffff888102175200: 00 04 fc fc fa fb fc fc 00 00 fc fc fa fb fc fc [ 17.202371] ^ [ 17.202942] ffff888102175280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.203543] ffff888102175300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.204211] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 17.103538] ================================================================== [ 17.104625] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 17.105430] Write of size 16 at addr ffff8881025ebc00 by task kunit_try_catch/187 [ 17.106583] [ 17.106989] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 17.107118] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.107174] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.107254] Call Trace: [ 17.107296] <TASK> [ 17.107375] dump_stack_lvl+0x73/0xb0 [ 17.107439] print_report+0xd1/0x650 [ 17.107475] ? __virt_addr_valid+0x1db/0x2d0 [ 17.107509] ? kmalloc_oob_16+0x452/0x4a0 [ 17.107541] ? kasan_complete_mode_report_info+0x2a/0x200 [ 17.107574] ? kmalloc_oob_16+0x452/0x4a0 [ 17.107630] kasan_report+0x141/0x180 [ 17.107743] ? kmalloc_oob_16+0x452/0x4a0 [ 17.107833] __asan_report_store16_noabort+0x1b/0x30 [ 17.107911] kmalloc_oob_16+0x452/0x4a0 [ 17.107963] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 17.107995] ? __schedule+0x10cc/0x2b60 [ 17.108028] ? __pfx_read_tsc+0x10/0x10 [ 17.108056] ? ktime_get_ts64+0x86/0x230 [ 17.108091] kunit_try_run_case+0x1a5/0x480 [ 17.108127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.108158] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 17.108191] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 17.108270] ? __kthread_parkme+0x82/0x180 [ 17.108307] ? preempt_count_sub+0x50/0x80 [ 17.108343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 17.108376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.108409] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 17.108441] kthread+0x337/0x6f0 [ 17.108462] ? trace_preempt_on+0x20/0xc0 [ 17.108497] ? __pfx_kthread+0x10/0x10 [ 17.108520] ? _raw_spin_unlock_irq+0x47/0x80 [ 17.108549] ? calculate_sigpending+0x7b/0xa0 [ 17.108578] ? __pfx_kthread+0x10/0x10 [ 17.108622] ret_from_fork+0x41/0x80 [ 17.108697] ? __pfx_kthread+0x10/0x10 [ 17.108754] ret_from_fork_asm+0x1a/0x30 [ 17.108798] </TASK> [ 17.108812] [ 17.127035] Allocated by task 187: [ 17.127302] kasan_save_stack+0x45/0x70 [ 17.127595] kasan_save_track+0x18/0x40 [ 17.127931] kasan_save_alloc_info+0x3b/0x50 [ 17.128256] __kasan_kmalloc+0xb7/0xc0 [ 17.128557] __kmalloc_cache_noprof+0x189/0x420 [ 17.129074] kmalloc_oob_16+0xa8/0x4a0 [ 17.130118] kunit_try_run_case+0x1a5/0x480 [ 17.130575] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.131378] kthread+0x337/0x6f0 [ 17.131951] ret_from_fork+0x41/0x80 [ 17.132391] ret_from_fork_asm+0x1a/0x30 [ 17.133313] [ 17.133687] The buggy address belongs to the object at ffff8881025ebc00 [ 17.133687] which belongs to the cache kmalloc-16 of size 16 [ 17.134629] The buggy address is located 0 bytes inside of [ 17.134629] allocated 13-byte region [ffff8881025ebc00, ffff8881025ebc0d) [ 17.136127] [ 17.136435] The buggy address belongs to the physical page: [ 17.137194] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1025eb [ 17.137747] flags: 0x200000000000000(node=0|zone=2) [ 17.138578] page_type: f5(slab) [ 17.139141] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 17.140130] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 17.141201] page dumped because: kasan: bad access detected [ 17.141913] [ 17.142092] Memory state around the buggy address: [ 17.142472] ffff8881025ebb00: 00 02 fc fc 00 02 fc fc 00 02 fc fc 00 02 fc fc [ 17.143420] ffff8881025ebb80: fa fb fc fc fa fb fc fc fa fb fc fc 00 05 fc fc [ 17.144040] >ffff8881025ebc00: 00 05 fc fc 00 00 fc fc fc fc fc fc fc fc fc fc [ 17.145205] ^ [ 17.145832] ffff8881025ebc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.146534] ffff8881025ebd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 17.147306] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 20.014345] ================================================================== [ 20.015816] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 20.016909] Read of size 1 at addr ffff88810a73fc4a by task kunit_try_catch/274 [ 20.017717] [ 20.017961] CPU: 1 UID: 0 PID: 274 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 20.018088] Tainted: [B]=BAD_PAGE, [N]=TEST [ 20.018123] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 20.018184] Call Trace: [ 20.018236] <TASK> [ 20.018285] dump_stack_lvl+0x73/0xb0 [ 20.018361] print_report+0xd1/0x650 [ 20.018433] ? __virt_addr_valid+0x1db/0x2d0 [ 20.018507] ? kasan_alloca_oob_right+0x329/0x390 [ 20.018577] ? kasan_addr_to_slab+0x11/0xa0 [ 20.018666] ? kasan_alloca_oob_right+0x329/0x390 [ 20.018735] kasan_report+0x141/0x180 [ 20.018773] ? kasan_alloca_oob_right+0x329/0x390 [ 20.018819] __asan_report_load1_noabort+0x18/0x20 [ 20.018850] kasan_alloca_oob_right+0x329/0x390 [ 20.018891] ? pick_task_fair+0xc9/0x340 [ 20.018930] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 20.018966] ? trace_hardirqs_on+0x37/0xe0 [ 20.019000] ? __schedule+0x207f/0x2b60 [ 20.019033] ? __pfx_read_tsc+0x10/0x10 [ 20.019062] ? ktime_get_ts64+0x86/0x230 [ 20.019098] kunit_try_run_case+0x1a5/0x480 [ 20.019136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.019170] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 20.019206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 20.019271] ? __kthread_parkme+0x82/0x180 [ 20.019308] ? preempt_count_sub+0x50/0x80 [ 20.019345] ? __pfx_kunit_try_run_case+0x10/0x10 [ 20.019382] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 20.019417] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 20.019452] kthread+0x337/0x6f0 [ 20.019476] ? trace_preempt_on+0x20/0xc0 [ 20.019509] ? __pfx_kthread+0x10/0x10 [ 20.019535] ? _raw_spin_unlock_irq+0x47/0x80 [ 20.019566] ? calculate_sigpending+0x7b/0xa0 [ 20.019598] ? __pfx_kthread+0x10/0x10 [ 20.019652] ret_from_fork+0x41/0x80 [ 20.019685] ? __pfx_kthread+0x10/0x10 [ 20.019710] ret_from_fork_asm+0x1a/0x30 [ 20.019756] </TASK> [ 20.019770] [ 20.035542] The buggy address belongs to stack of task kunit_try_catch/274 [ 20.036272] [ 20.036507] The buggy address belongs to the physical page: [ 20.037053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a73f [ 20.037808] flags: 0x200000000000000(node=0|zone=2) [ 20.038183] raw: 0200000000000000 ffffea000429cfc8 ffffea000429cfc8 0000000000000000 [ 20.038934] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.039680] page dumped because: kasan: bad access detected [ 20.040243] [ 20.040481] Memory state around the buggy address: [ 20.040949] ffff88810a73fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.041596] ffff88810a73fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.042097] >ffff88810a73fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.042822] ^ [ 20.043404] ffff88810a73fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.043967] ffff88810a73fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.044569] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 19.969144] ================================================================== [ 19.970044] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 19.971654] Read of size 1 at addr ffff88810a78fc3f by task kunit_try_catch/272 [ 19.972881] [ 19.973112] CPU: 1 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.973279] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.973322] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.973438] Call Trace: [ 19.973510] <TASK> [ 19.973586] dump_stack_lvl+0x73/0xb0 [ 19.973690] print_report+0xd1/0x650 [ 19.973777] ? __virt_addr_valid+0x1db/0x2d0 [ 19.973932] ? kasan_alloca_oob_left+0x320/0x380 [ 19.974008] ? kasan_addr_to_slab+0x11/0xa0 [ 19.974073] ? kasan_alloca_oob_left+0x320/0x380 [ 19.974143] kasan_report+0x141/0x180 [ 19.974182] ? kasan_alloca_oob_left+0x320/0x380 [ 19.974266] __asan_report_load1_noabort+0x18/0x20 [ 19.974307] kasan_alloca_oob_left+0x320/0x380 [ 19.974346] ? finish_task_switch.isra.0+0x153/0x700 [ 19.974385] ? rwsem_down_read_slowpath+0x6be/0xb90 [ 19.974419] ? trace_hardirqs_on+0x37/0xe0 [ 19.974455] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 19.974494] ? __schedule+0x10cc/0x2b60 [ 19.974528] ? __pfx_read_tsc+0x10/0x10 [ 19.974558] ? ktime_get_ts64+0x86/0x230 [ 19.974594] kunit_try_run_case+0x1a5/0x480 [ 19.974696] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.974761] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.974800] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.974837] ? __kthread_parkme+0x82/0x180 [ 19.974873] ? preempt_count_sub+0x50/0x80 [ 19.974911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.974947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.974982] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.975017] kthread+0x337/0x6f0 [ 19.975042] ? trace_preempt_on+0x20/0xc0 [ 19.975075] ? __pfx_kthread+0x10/0x10 [ 19.975101] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.975133] ? calculate_sigpending+0x7b/0xa0 [ 19.975167] ? __pfx_kthread+0x10/0x10 [ 19.975194] ret_from_fork+0x41/0x80 [ 19.975224] ? __pfx_kthread+0x10/0x10 [ 19.975250] ret_from_fork_asm+0x1a/0x30 [ 19.975298] </TASK> [ 19.975333] [ 19.996453] The buggy address belongs to stack of task kunit_try_catch/272 [ 19.997369] [ 19.997597] The buggy address belongs to the physical page: [ 19.998383] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a78f [ 19.999348] flags: 0x200000000000000(node=0|zone=2) [ 20.000012] raw: 0200000000000000 ffffea000429e3c8 ffffea000429e3c8 0000000000000000 [ 20.001059] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 20.002342] page dumped because: kasan: bad access detected [ 20.002739] [ 20.002968] Memory state around the buggy address: [ 20.003491] ffff88810a78fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.004245] ffff88810a78fb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 20.005041] >ffff88810a78fc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 20.006336] ^ [ 20.007021] ffff88810a78fc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 20.007961] ffff88810a78fd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 20.008635] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 19.921978] ================================================================== [ 19.923754] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 19.924544] Read of size 1 at addr ffff88810a76fd02 by task kunit_try_catch/270 [ 19.925524] [ 19.926051] CPU: 0 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.926173] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.926297] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.926392] Call Trace: [ 19.926435] <TASK> [ 19.926505] dump_stack_lvl+0x73/0xb0 [ 19.926582] print_report+0xd1/0x650 [ 19.926882] ? __virt_addr_valid+0x1db/0x2d0 [ 19.926955] ? kasan_stack_oob+0x2b5/0x300 [ 19.926990] ? kasan_addr_to_slab+0x11/0xa0 [ 19.927020] ? kasan_stack_oob+0x2b5/0x300 [ 19.927050] kasan_report+0x141/0x180 [ 19.927084] ? kasan_stack_oob+0x2b5/0x300 [ 19.927120] __asan_report_load1_noabort+0x18/0x20 [ 19.927150] kasan_stack_oob+0x2b5/0x300 [ 19.927180] ? __pfx_kasan_stack_oob+0x10/0x10 [ 19.927211] ? finish_task_switch.isra.0+0x153/0x700 [ 19.927273] ? __switch_to+0x5d9/0xf60 [ 19.927306] ? dequeue_task_fair+0x156/0x4e0 [ 19.927340] ? __schedule+0x10cc/0x2b60 [ 19.927373] ? __pfx_read_tsc+0x10/0x10 [ 19.927401] ? ktime_get_ts64+0x86/0x230 [ 19.927435] kunit_try_run_case+0x1a5/0x480 [ 19.927470] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.927504] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.927538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.927572] ? __kthread_parkme+0x82/0x180 [ 19.927653] ? preempt_count_sub+0x50/0x80 [ 19.927735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.927772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.927809] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.927844] kthread+0x337/0x6f0 [ 19.927868] ? trace_preempt_on+0x20/0xc0 [ 19.927905] ? __pfx_kthread+0x10/0x10 [ 19.927930] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.927961] ? calculate_sigpending+0x7b/0xa0 [ 19.927990] ? __pfx_kthread+0x10/0x10 [ 19.928014] ret_from_fork+0x41/0x80 [ 19.928045] ? __pfx_kthread+0x10/0x10 [ 19.928069] ret_from_fork_asm+0x1a/0x30 [ 19.928110] </TASK> [ 19.928125] [ 19.947218] The buggy address belongs to stack of task kunit_try_catch/270 [ 19.947980] and is located at offset 138 in frame: [ 19.948451] kasan_stack_oob+0x0/0x300 [ 19.949282] [ 19.949519] This frame has 4 objects: [ 19.950103] [48, 49) '__assertion' [ 19.950178] [64, 72) 'array' [ 19.951121] [96, 112) '__assertion' [ 19.951525] [128, 138) 'stack_array' [ 19.952089] [ 19.952840] The buggy address belongs to the physical page: [ 19.953377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a76f [ 19.954122] flags: 0x200000000000000(node=0|zone=2) [ 19.954800] raw: 0200000000000000 ffffea000429dbc8 ffffea000429dbc8 0000000000000000 [ 19.955549] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 19.956554] page dumped because: kasan: bad access detected [ 19.957189] [ 19.957408] Memory state around the buggy address: [ 19.957850] ffff88810a76fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 19.958424] ffff88810a76fc80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 19.959079] >ffff88810a76fd00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 19.959590] ^ [ 19.960073] ffff88810a76fd80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 19.960836] ffff88810a76fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.961480] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 19.876301] ================================================================== [ 19.877388] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 19.878324] Read of size 1 at addr ffffffffa8c4232d by task kunit_try_catch/266 [ 19.879228] [ 19.879858] CPU: 0 UID: 0 PID: 266 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.879986] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.880022] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.880080] Call Trace: [ 19.880121] <TASK> [ 19.880162] dump_stack_lvl+0x73/0xb0 [ 19.880237] print_report+0xd1/0x650 [ 19.880308] ? __virt_addr_valid+0x1db/0x2d0 [ 19.880344] ? kasan_global_oob_right+0x286/0x2d0 [ 19.880379] ? kasan_addr_to_slab+0x11/0xa0 [ 19.880410] ? kasan_global_oob_right+0x286/0x2d0 [ 19.880442] kasan_report+0x141/0x180 [ 19.880476] ? kasan_global_oob_right+0x286/0x2d0 [ 19.880515] __asan_report_load1_noabort+0x18/0x20 [ 19.880545] kasan_global_oob_right+0x286/0x2d0 [ 19.880577] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 19.880682] ? __schedule+0x10cc/0x2b60 [ 19.880748] ? __pfx_read_tsc+0x10/0x10 [ 19.880780] ? ktime_get_ts64+0x86/0x230 [ 19.880819] kunit_try_run_case+0x1a5/0x480 [ 19.880858] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.880893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.880928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.880965] ? __kthread_parkme+0x82/0x180 [ 19.880998] ? preempt_count_sub+0x50/0x80 [ 19.881034] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.881071] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.881105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.881140] kthread+0x337/0x6f0 [ 19.881164] ? trace_preempt_on+0x20/0xc0 [ 19.881199] ? __pfx_kthread+0x10/0x10 [ 19.881257] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.881300] ? calculate_sigpending+0x7b/0xa0 [ 19.881334] ? __pfx_kthread+0x10/0x10 [ 19.881360] ret_from_fork+0x41/0x80 [ 19.881393] ? __pfx_kthread+0x10/0x10 [ 19.881419] ret_from_fork_asm+0x1a/0x30 [ 19.881463] </TASK> [ 19.881477] [ 19.901081] The buggy address belongs to the variable: [ 19.901536] global_array+0xd/0x40 [ 19.902271] [ 19.902573] The buggy address belongs to the physical page: [ 19.903460] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x109a42 [ 19.904345] flags: 0x200000000002000(reserved|node=0|zone=2) [ 19.904993] raw: 0200000000002000 ffffea0004269088 ffffea0004269088 0000000000000000 [ 19.905926] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.906786] page dumped because: kasan: bad access detected [ 19.907305] [ 19.908000] Memory state around the buggy address: [ 19.908410] ffffffffa8c42200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.909053] ffffffffa8c42280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.909655] >ffffffffa8c42300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 19.910308] ^ [ 19.911186] ffffffffa8c42380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 19.911732] ffffffffa8c42400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 19.912514] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 19.773214] ================================================================== [ 19.774816] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.775490] Free of addr ffff88810a06fe01 by task kunit_try_catch/262 [ 19.776026] [ 19.776285] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.776388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.776406] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.776437] Call Trace: [ 19.776454] <TASK> [ 19.776475] dump_stack_lvl+0x73/0xb0 [ 19.776546] print_report+0xd1/0x650 [ 19.776790] ? __virt_addr_valid+0x1db/0x2d0 [ 19.776877] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.776950] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.777027] kasan_report_invalid_free+0x10a/0x130 [ 19.777108] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.777190] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.777317] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.777437] check_slab_allocation+0x11f/0x130 [ 19.777518] __kasan_mempool_poison_object+0x91/0x1d0 [ 19.777620] mempool_free+0x2ec/0x380 [ 19.777741] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.777834] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 19.777878] ? dequeue_entities+0x852/0x1740 [ 19.777916] ? irqentry_exit+0x2a/0x60 [ 19.777945] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.777986] mempool_kmalloc_invalid_free+0xed/0x140 [ 19.778023] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 19.778062] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.778089] ? __pfx_mempool_kfree+0x10/0x10 [ 19.778119] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 19.778159] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 19.778199] kunit_try_run_case+0x1a5/0x480 [ 19.778274] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.778310] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.778346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.778381] ? __kthread_parkme+0x82/0x180 [ 19.778431] ? preempt_count_sub+0x50/0x80 [ 19.778473] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.778512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.778546] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.778582] kthread+0x337/0x6f0 [ 19.778653] ? trace_preempt_on+0x20/0xc0 [ 19.778751] ? __pfx_kthread+0x10/0x10 [ 19.778781] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.778843] ? calculate_sigpending+0x7b/0xa0 [ 19.778876] ? __pfx_kthread+0x10/0x10 [ 19.778924] ret_from_fork+0x41/0x80 [ 19.778960] ? __pfx_kthread+0x10/0x10 [ 19.779005] ret_from_fork_asm+0x1a/0x30 [ 19.779053] </TASK> [ 19.779076] [ 19.801877] Allocated by task 262: [ 19.802436] kasan_save_stack+0x45/0x70 [ 19.802970] kasan_save_track+0x18/0x40 [ 19.803475] kasan_save_alloc_info+0x3b/0x50 [ 19.804140] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.804803] remove_element+0x11e/0x190 [ 19.805199] mempool_alloc_preallocated+0x4d/0x90 [ 19.805951] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 19.806506] mempool_kmalloc_invalid_free+0xed/0x140 [ 19.807134] kunit_try_run_case+0x1a5/0x480 [ 19.807798] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.808298] kthread+0x337/0x6f0 [ 19.808859] ret_from_fork+0x41/0x80 [ 19.809298] ret_from_fork_asm+0x1a/0x30 [ 19.809853] [ 19.810091] The buggy address belongs to the object at ffff88810a06fe00 [ 19.810091] which belongs to the cache kmalloc-128 of size 128 [ 19.811286] The buggy address is located 1 bytes inside of [ 19.811286] 128-byte region [ffff88810a06fe00, ffff88810a06fe80) [ 19.812397] [ 19.812730] The buggy address belongs to the physical page: [ 19.813356] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a06f [ 19.814203] flags: 0x200000000000000(node=0|zone=2) [ 19.814858] page_type: f5(slab) [ 19.815234] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.816161] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.816826] page dumped because: kasan: bad access detected [ 19.817487] [ 19.817893] Memory state around the buggy address: [ 19.818357] ffff88810a06fd00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.819277] ffff88810a06fd80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.819816] >ffff88810a06fe00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.820382] ^ [ 19.820742] ffff88810a06fe80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.821307] ffff88810a06ff00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.821995] ================================================================== [ 19.829115] ================================================================== [ 19.830189] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.831978] Free of addr ffff888102c08001 by task kunit_try_catch/264 [ 19.832540] [ 19.832873] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.833004] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.833044] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.833105] Call Trace: [ 19.833145] <TASK> [ 19.833194] dump_stack_lvl+0x73/0xb0 [ 19.833275] print_report+0xd1/0x650 [ 19.833354] ? __virt_addr_valid+0x1db/0x2d0 [ 19.833432] ? kasan_addr_to_slab+0x11/0xa0 [ 19.833497] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.833577] kasan_report_invalid_free+0x10a/0x130 [ 19.833684] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.833749] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.833799] __kasan_mempool_poison_object+0x102/0x1d0 [ 19.833838] mempool_free+0x2ec/0x380 [ 19.833874] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 19.833914] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 19.833952] ? dequeue_entities+0x852/0x1740 [ 19.833987] ? finish_task_switch.isra.0+0x153/0x700 [ 19.834026] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 19.834063] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 19.834100] ? dequeue_task_fair+0x166/0x4e0 [ 19.834131] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.834157] ? __pfx_mempool_kfree+0x10/0x10 [ 19.834186] ? __pfx_read_tsc+0x10/0x10 [ 19.834227] ? ktime_get_ts64+0x86/0x230 [ 19.834285] kunit_try_run_case+0x1a5/0x480 [ 19.834324] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.834357] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.834392] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.834426] ? __kthread_parkme+0x82/0x180 [ 19.834458] ? preempt_count_sub+0x50/0x80 [ 19.834492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.834527] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.834560] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.834596] kthread+0x337/0x6f0 [ 19.834674] ? trace_preempt_on+0x20/0xc0 [ 19.834740] ? __pfx_kthread+0x10/0x10 [ 19.834768] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.834798] ? calculate_sigpending+0x7b/0xa0 [ 19.834830] ? __pfx_kthread+0x10/0x10 [ 19.834854] ret_from_fork+0x41/0x80 [ 19.834885] ? __pfx_kthread+0x10/0x10 [ 19.834909] ret_from_fork_asm+0x1a/0x30 [ 19.834952] </TASK> [ 19.834967] [ 19.856400] The buggy address belongs to the physical page: [ 19.856997] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c08 [ 19.857558] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.858492] flags: 0x200000000000040(head|node=0|zone=2) [ 19.859390] page_type: f8(unknown) [ 19.859961] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.860779] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.861479] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.862388] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.863055] head: 0200000000000002 ffffea00040b0201 00000000ffffffff 00000000ffffffff [ 19.864107] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.864661] page dumped because: kasan: bad access detected [ 19.865158] [ 19.865527] Memory state around the buggy address: [ 19.866151] ffff888102c07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.866964] ffff888102c07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.867742] >ffff888102c08000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.868365] ^ [ 19.868923] ffff888102c08080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.869714] ffff888102c08100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.870746] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 19.728157] ================================================================== [ 19.729303] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 19.729913] Free of addr ffff888102c08000 by task kunit_try_catch/260 [ 19.731097] [ 19.731391] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.731517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.731554] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.731623] Call Trace: [ 19.731666] <TASK> [ 19.731714] dump_stack_lvl+0x73/0xb0 [ 19.731792] print_report+0xd1/0x650 [ 19.731866] ? __virt_addr_valid+0x1db/0x2d0 [ 19.731942] ? kasan_addr_to_slab+0x11/0xa0 [ 19.732013] ? mempool_double_free_helper+0x184/0x370 [ 19.732094] kasan_report_invalid_free+0x10a/0x130 [ 19.732181] ? mempool_double_free_helper+0x184/0x370 [ 19.732268] ? mempool_double_free_helper+0x184/0x370 [ 19.732349] __kasan_mempool_poison_pages+0x115/0x130 [ 19.732407] mempool_free+0x290/0x380 [ 19.732446] mempool_double_free_helper+0x184/0x370 [ 19.732483] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.732518] ? update_load_avg+0x1be/0x21b0 [ 19.732546] ? dequeue_entities+0x27e/0x1740 [ 19.732579] ? finish_task_switch.isra.0+0x153/0x700 [ 19.732662] mempool_page_alloc_double_free+0xe8/0x140 [ 19.732736] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 19.732772] ? dequeue_task_fair+0x166/0x4e0 [ 19.732805] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 19.732834] ? __pfx_mempool_free_pages+0x10/0x10 [ 19.732868] ? __pfx_read_tsc+0x10/0x10 [ 19.732897] ? ktime_get_ts64+0x86/0x230 [ 19.732933] kunit_try_run_case+0x1a5/0x480 [ 19.732970] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.733005] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.733038] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.733072] ? __kthread_parkme+0x82/0x180 [ 19.733103] ? preempt_count_sub+0x50/0x80 [ 19.733136] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.733170] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.733202] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.733263] kthread+0x337/0x6f0 [ 19.733290] ? trace_preempt_on+0x20/0xc0 [ 19.733326] ? __pfx_kthread+0x10/0x10 [ 19.733351] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.733383] ? calculate_sigpending+0x7b/0xa0 [ 19.733412] ? __pfx_kthread+0x10/0x10 [ 19.733436] ret_from_fork+0x41/0x80 [ 19.733465] ? __pfx_kthread+0x10/0x10 [ 19.733488] ret_from_fork_asm+0x1a/0x30 [ 19.733528] </TASK> [ 19.733541] [ 19.756690] The buggy address belongs to the physical page: [ 19.757261] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c08 [ 19.758811] flags: 0x200000000000000(node=0|zone=2) [ 19.759289] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.760129] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.760930] page dumped because: kasan: bad access detected [ 19.761477] [ 19.762077] Memory state around the buggy address: [ 19.762448] ffff888102c07f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.763167] ffff888102c07f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.764055] >ffff888102c08000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.764630] ^ [ 19.765264] ffff888102c08080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.766023] ffff888102c08100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.766688] ================================================================== [ 19.678056] ================================================================== [ 19.679213] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 19.680319] Free of addr ffff88810a6d8000 by task kunit_try_catch/258 [ 19.681942] [ 19.682511] CPU: 1 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.682791] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.682834] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.682892] Call Trace: [ 19.682935] <TASK> [ 19.682963] dump_stack_lvl+0x73/0xb0 [ 19.683007] print_report+0xd1/0x650 [ 19.683044] ? __virt_addr_valid+0x1db/0x2d0 [ 19.683079] ? kasan_addr_to_slab+0x11/0xa0 [ 19.683110] ? mempool_double_free_helper+0x184/0x370 [ 19.683148] kasan_report_invalid_free+0x10a/0x130 [ 19.683186] ? mempool_double_free_helper+0x184/0x370 [ 19.683261] ? mempool_double_free_helper+0x184/0x370 [ 19.683304] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 19.683343] mempool_free+0x2ec/0x380 [ 19.683380] mempool_double_free_helper+0x184/0x370 [ 19.683417] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.683455] ? dequeue_entities+0x852/0x1740 [ 19.683490] ? irqentry_exit+0x2a/0x60 [ 19.683519] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.683559] mempool_kmalloc_large_double_free+0xed/0x140 [ 19.683597] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 19.683702] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.683758] ? __pfx_mempool_kfree+0x10/0x10 [ 19.683791] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 19.683833] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 19.683874] kunit_try_run_case+0x1a5/0x480 [ 19.683915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.683950] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.683986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.684023] ? __kthread_parkme+0x82/0x180 [ 19.684057] ? preempt_count_sub+0x50/0x80 [ 19.684094] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.684131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.684166] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.684202] kthread+0x337/0x6f0 [ 19.684265] ? trace_preempt_on+0x20/0xc0 [ 19.684308] ? __pfx_kthread+0x10/0x10 [ 19.684334] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.684366] ? calculate_sigpending+0x7b/0xa0 [ 19.684399] ? __pfx_kthread+0x10/0x10 [ 19.684426] ret_from_fork+0x41/0x80 [ 19.684458] ? __pfx_kthread+0x10/0x10 [ 19.684482] ret_from_fork_asm+0x1a/0x30 [ 19.684526] </TASK> [ 19.684541] [ 19.707586] The buggy address belongs to the physical page: [ 19.708540] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6d8 [ 19.709451] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.710314] flags: 0x200000000000040(head|node=0|zone=2) [ 19.710922] page_type: f8(unknown) [ 19.711338] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.712512] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.713438] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.714102] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.714748] head: 0200000000000002 ffffea000429b601 00000000ffffffff 00000000ffffffff [ 19.715359] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.716219] page dumped because: kasan: bad access detected [ 19.716713] [ 19.716939] Memory state around the buggy address: [ 19.717334] ffff88810a6d7f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.718068] ffff88810a6d7f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.718689] >ffff88810a6d8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.719539] ^ [ 19.720049] ffff88810a6d8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.721387] ffff88810a6d8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.721887] ================================================================== [ 19.610827] ================================================================== [ 19.611827] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 19.612671] Free of addr ffff888102a13b00 by task kunit_try_catch/256 [ 19.613734] [ 19.614342] CPU: 0 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.614472] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.614498] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.614528] Call Trace: [ 19.614546] <TASK> [ 19.614566] dump_stack_lvl+0x73/0xb0 [ 19.614628] print_report+0xd1/0x650 [ 19.614714] ? __virt_addr_valid+0x1db/0x2d0 [ 19.614795] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.614905] ? mempool_double_free_helper+0x184/0x370 [ 19.615023] kasan_report_invalid_free+0x10a/0x130 [ 19.615108] ? mempool_double_free_helper+0x184/0x370 [ 19.615184] ? mempool_double_free_helper+0x184/0x370 [ 19.615237] ? mempool_double_free_helper+0x184/0x370 [ 19.615287] check_slab_allocation+0x101/0x130 [ 19.615321] __kasan_mempool_poison_object+0x91/0x1d0 [ 19.615358] mempool_free+0x2ec/0x380 [ 19.615390] mempool_double_free_helper+0x184/0x370 [ 19.615427] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 19.615460] ? update_load_avg+0x1be/0x21b0 [ 19.615486] ? dequeue_entities+0x852/0x1740 [ 19.615517] ? finish_task_switch.isra.0+0x153/0x700 [ 19.615553] mempool_kmalloc_double_free+0xed/0x140 [ 19.615587] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 19.615673] ? dequeue_task_fair+0x166/0x4e0 [ 19.615740] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.615771] ? __pfx_mempool_kfree+0x10/0x10 [ 19.615802] ? __pfx_read_tsc+0x10/0x10 [ 19.615830] ? ktime_get_ts64+0x86/0x230 [ 19.615864] kunit_try_run_case+0x1a5/0x480 [ 19.615902] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.615935] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.615968] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.616001] ? __kthread_parkme+0x82/0x180 [ 19.616031] ? preempt_count_sub+0x50/0x80 [ 19.616065] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.616100] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.616133] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.616167] kthread+0x337/0x6f0 [ 19.616190] ? trace_preempt_on+0x20/0xc0 [ 19.616266] ? __pfx_kthread+0x10/0x10 [ 19.616301] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.616333] ? calculate_sigpending+0x7b/0xa0 [ 19.616363] ? __pfx_kthread+0x10/0x10 [ 19.616388] ret_from_fork+0x41/0x80 [ 19.616418] ? __pfx_kthread+0x10/0x10 [ 19.616442] ret_from_fork_asm+0x1a/0x30 [ 19.616484] </TASK> [ 19.616498] [ 19.640133] Allocated by task 256: [ 19.640908] kasan_save_stack+0x45/0x70 [ 19.641389] kasan_save_track+0x18/0x40 [ 19.642025] kasan_save_alloc_info+0x3b/0x50 [ 19.642994] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.643809] remove_element+0x11e/0x190 [ 19.644356] mempool_alloc_preallocated+0x4d/0x90 [ 19.645116] mempool_double_free_helper+0x8a/0x370 [ 19.645655] mempool_kmalloc_double_free+0xed/0x140 [ 19.646133] kunit_try_run_case+0x1a5/0x480 [ 19.646661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.647267] kthread+0x337/0x6f0 [ 19.648178] ret_from_fork+0x41/0x80 [ 19.648794] ret_from_fork_asm+0x1a/0x30 [ 19.649504] [ 19.649710] Freed by task 256: [ 19.650204] kasan_save_stack+0x45/0x70 [ 19.651101] kasan_save_track+0x18/0x40 [ 19.651777] kasan_save_free_info+0x3f/0x60 [ 19.652323] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.653154] mempool_free+0x2ec/0x380 [ 19.653477] mempool_double_free_helper+0x109/0x370 [ 19.654444] mempool_kmalloc_double_free+0xed/0x140 [ 19.655015] kunit_try_run_case+0x1a5/0x480 [ 19.656042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.656855] kthread+0x337/0x6f0 [ 19.657312] ret_from_fork+0x41/0x80 [ 19.657583] ret_from_fork_asm+0x1a/0x30 [ 19.658026] [ 19.658250] The buggy address belongs to the object at ffff888102a13b00 [ 19.658250] which belongs to the cache kmalloc-128 of size 128 [ 19.659142] The buggy address is located 0 bytes inside of [ 19.659142] 128-byte region [ffff888102a13b00, ffff888102a13b80) [ 19.660917] [ 19.661137] The buggy address belongs to the physical page: [ 19.661801] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 19.662545] flags: 0x200000000000000(node=0|zone=2) [ 19.663136] page_type: f5(slab) [ 19.663715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.664372] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.665475] page dumped because: kasan: bad access detected [ 19.666170] [ 19.666478] Memory state around the buggy address: [ 19.667170] ffff888102a13a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.667914] ffff888102a13a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.668537] >ffff888102a13b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.669255] ^ [ 19.669589] ffff888102a13b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.670592] ffff888102a13c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.671296] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 19.448034] ================================================================== [ 19.449141] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 19.450686] Read of size 1 at addr ffff88810a6d0000 by task kunit_try_catch/250 [ 19.451578] [ 19.451862] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.452151] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.452192] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.452302] Call Trace: [ 19.452340] <TASK> [ 19.452366] dump_stack_lvl+0x73/0xb0 [ 19.452409] print_report+0xd1/0x650 [ 19.452446] ? __virt_addr_valid+0x1db/0x2d0 [ 19.452480] ? mempool_uaf_helper+0x392/0x400 [ 19.452514] ? kasan_addr_to_slab+0x11/0xa0 [ 19.452544] ? mempool_uaf_helper+0x392/0x400 [ 19.452578] kasan_report+0x141/0x180 [ 19.452685] ? mempool_uaf_helper+0x392/0x400 [ 19.452778] __asan_report_load1_noabort+0x18/0x20 [ 19.452815] mempool_uaf_helper+0x392/0x400 [ 19.452852] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.452888] ? dequeue_entities+0x852/0x1740 [ 19.452923] ? irqentry_exit+0x2a/0x60 [ 19.452951] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.452992] mempool_kmalloc_large_uaf+0xef/0x140 [ 19.453029] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.453069] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.453101] ? __pfx_mempool_kfree+0x10/0x10 [ 19.453131] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.453171] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 19.453210] kunit_try_run_case+0x1a5/0x480 [ 19.453287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.453324] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.453360] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.453396] ? __kthread_parkme+0x82/0x180 [ 19.453429] ? preempt_count_sub+0x50/0x80 [ 19.453466] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.453502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.453535] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.453569] kthread+0x337/0x6f0 [ 19.453592] ? trace_preempt_on+0x20/0xc0 [ 19.453687] ? __pfx_kthread+0x10/0x10 [ 19.453743] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.453789] ? calculate_sigpending+0x7b/0xa0 [ 19.453824] ? __pfx_kthread+0x10/0x10 [ 19.453852] ret_from_fork+0x41/0x80 [ 19.453884] ? __pfx_kthread+0x10/0x10 [ 19.453910] ret_from_fork_asm+0x1a/0x30 [ 19.453954] </TASK> [ 19.453971] [ 19.475544] The buggy address belongs to the physical page: [ 19.476290] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6d0 [ 19.477377] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.478418] flags: 0x200000000000040(head|node=0|zone=2) [ 19.479076] page_type: f8(unknown) [ 19.479512] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.480308] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.481103] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.481876] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.482834] head: 0200000000000002 ffffea000429b401 00000000ffffffff 00000000ffffffff [ 19.483824] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.484466] page dumped because: kasan: bad access detected [ 19.485172] [ 19.485395] Memory state around the buggy address: [ 19.486411] ffff88810a6cff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.487321] ffff88810a6cff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.488146] >ffff88810a6d0000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.488824] ^ [ 19.489360] ffff88810a6d0080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.490011] ffff88810a6d0100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.491174] ================================================================== [ 19.568159] ================================================================== [ 19.569060] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 19.569547] Read of size 1 at addr ffff88810a6d4000 by task kunit_try_catch/254 [ 19.570343] [ 19.570641] CPU: 1 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.570889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.570931] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.570989] Call Trace: [ 19.571028] <TASK> [ 19.571079] dump_stack_lvl+0x73/0xb0 [ 19.571163] print_report+0xd1/0x650 [ 19.571237] ? __virt_addr_valid+0x1db/0x2d0 [ 19.571313] ? mempool_uaf_helper+0x392/0x400 [ 19.571384] ? kasan_addr_to_slab+0x11/0xa0 [ 19.571449] ? mempool_uaf_helper+0x392/0x400 [ 19.571518] kasan_report+0x141/0x180 [ 19.571593] ? mempool_uaf_helper+0x392/0x400 [ 19.571978] __asan_report_load1_noabort+0x18/0x20 [ 19.572058] mempool_uaf_helper+0x392/0x400 [ 19.572138] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.572232] mempool_page_alloc_uaf+0xed/0x140 [ 19.572307] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 19.572375] ? dequeue_task_fair+0x166/0x4e0 [ 19.572454] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 19.572524] ? __pfx_mempool_free_pages+0x10/0x10 [ 19.572565] ? __pfx_read_tsc+0x10/0x10 [ 19.572599] ? ktime_get_ts64+0x86/0x230 [ 19.572704] kunit_try_run_case+0x1a5/0x480 [ 19.572790] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.572826] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.572865] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.572898] ? __kthread_parkme+0x82/0x180 [ 19.572930] ? preempt_count_sub+0x50/0x80 [ 19.572965] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.573000] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.573034] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.573068] kthread+0x337/0x6f0 [ 19.573091] ? trace_preempt_on+0x20/0xc0 [ 19.573125] ? __pfx_kthread+0x10/0x10 [ 19.573149] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.573181] ? calculate_sigpending+0x7b/0xa0 [ 19.573214] ? __pfx_kthread+0x10/0x10 [ 19.573268] ret_from_fork+0x41/0x80 [ 19.573303] ? __pfx_kthread+0x10/0x10 [ 19.573328] ret_from_fork_asm+0x1a/0x30 [ 19.573371] </TASK> [ 19.573385] [ 19.593525] The buggy address belongs to the physical page: [ 19.594461] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a6d4 [ 19.595410] flags: 0x200000000000000(node=0|zone=2) [ 19.596252] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 19.597280] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 19.598028] page dumped because: kasan: bad access detected [ 19.598603] [ 19.598971] Memory state around the buggy address: [ 19.599664] ffff88810a6d3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.600148] ffff88810a6d3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.600909] >ffff88810a6d4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.602188] ^ [ 19.602518] ffff88810a6d4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.603522] ffff88810a6d4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 19.604144] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 19.499776] ================================================================== [ 19.500772] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 19.501525] Read of size 1 at addr ffff88810a08c240 by task kunit_try_catch/252 [ 19.502747] [ 19.502963] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.503092] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.503128] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.503186] Call Trace: [ 19.503224] <TASK> [ 19.503268] dump_stack_lvl+0x73/0xb0 [ 19.503348] print_report+0xd1/0x650 [ 19.503427] ? __virt_addr_valid+0x1db/0x2d0 [ 19.503504] ? mempool_uaf_helper+0x392/0x400 [ 19.503582] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.503674] ? mempool_uaf_helper+0x392/0x400 [ 19.503760] kasan_report+0x141/0x180 [ 19.503836] ? mempool_uaf_helper+0x392/0x400 [ 19.503921] __asan_report_load1_noabort+0x18/0x20 [ 19.503981] mempool_uaf_helper+0x392/0x400 [ 19.504020] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.504055] ? update_load_avg+0x1be/0x21b0 [ 19.504095] ? finish_task_switch.isra.0+0x153/0x700 [ 19.504135] mempool_slab_uaf+0xea/0x140 [ 19.504165] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 19.504194] ? dequeue_task_fair+0x166/0x4e0 [ 19.504265] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.504305] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.504339] ? __pfx_read_tsc+0x10/0x10 [ 19.504368] ? ktime_get_ts64+0x86/0x230 [ 19.504404] kunit_try_run_case+0x1a5/0x480 [ 19.504441] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.504473] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.504508] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.504540] ? __kthread_parkme+0x82/0x180 [ 19.504571] ? preempt_count_sub+0x50/0x80 [ 19.504669] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.504749] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.504787] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.504823] kthread+0x337/0x6f0 [ 19.504847] ? trace_preempt_on+0x20/0xc0 [ 19.504882] ? __pfx_kthread+0x10/0x10 [ 19.504907] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.504939] ? calculate_sigpending+0x7b/0xa0 [ 19.504969] ? __pfx_kthread+0x10/0x10 [ 19.504993] ret_from_fork+0x41/0x80 [ 19.505025] ? __pfx_kthread+0x10/0x10 [ 19.505051] ret_from_fork_asm+0x1a/0x30 [ 19.505095] </TASK> [ 19.505109] [ 19.525998] Allocated by task 252: [ 19.526532] kasan_save_stack+0x45/0x70 [ 19.527270] kasan_save_track+0x18/0x40 [ 19.528030] kasan_save_alloc_info+0x3b/0x50 [ 19.528586] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 19.529346] remove_element+0x11e/0x190 [ 19.529961] mempool_alloc_preallocated+0x4d/0x90 [ 19.530552] mempool_uaf_helper+0x96/0x400 [ 19.530949] mempool_slab_uaf+0xea/0x140 [ 19.531419] kunit_try_run_case+0x1a5/0x480 [ 19.532059] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.532933] kthread+0x337/0x6f0 [ 19.533461] ret_from_fork+0x41/0x80 [ 19.534050] ret_from_fork_asm+0x1a/0x30 [ 19.534376] [ 19.534623] Freed by task 252: [ 19.534971] kasan_save_stack+0x45/0x70 [ 19.535324] kasan_save_track+0x18/0x40 [ 19.536224] kasan_save_free_info+0x3f/0x60 [ 19.537074] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.537732] mempool_free+0x2ec/0x380 [ 19.538361] mempool_uaf_helper+0x11a/0x400 [ 19.539035] mempool_slab_uaf+0xea/0x140 [ 19.539515] kunit_try_run_case+0x1a5/0x480 [ 19.539935] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.540568] kthread+0x337/0x6f0 [ 19.540929] ret_from_fork+0x41/0x80 [ 19.541306] ret_from_fork_asm+0x1a/0x30 [ 19.541748] [ 19.541975] The buggy address belongs to the object at ffff88810a08c240 [ 19.541975] which belongs to the cache test_cache of size 123 [ 19.543276] The buggy address is located 0 bytes inside of [ 19.543276] freed 123-byte region [ffff88810a08c240, ffff88810a08c2bb) [ 19.544281] [ 19.544520] The buggy address belongs to the physical page: [ 19.545149] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08c [ 19.545971] flags: 0x200000000000000(node=0|zone=2) [ 19.546490] page_type: f5(slab) [ 19.547366] raw: 0200000000000000 ffff888101611dc0 dead000000000122 0000000000000000 [ 19.548132] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.548831] page dumped because: kasan: bad access detected [ 19.549358] [ 19.549592] Memory state around the buggy address: [ 19.550104] ffff88810a08c100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.550669] ffff88810a08c180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.551215] >ffff88810a08c200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 19.551753] ^ [ 19.552777] ffff88810a08c280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 19.553355] ffff88810a08c300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.554082] ================================================================== [ 19.385130] ================================================================== [ 19.386565] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 19.387250] Read of size 1 at addr ffff888102a13700 by task kunit_try_catch/248 [ 19.388248] [ 19.388867] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.389018] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.389056] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.389114] Call Trace: [ 19.389150] <TASK> [ 19.389195] dump_stack_lvl+0x73/0xb0 [ 19.389279] print_report+0xd1/0x650 [ 19.389340] ? __virt_addr_valid+0x1db/0x2d0 [ 19.389376] ? mempool_uaf_helper+0x392/0x400 [ 19.389410] ? kasan_complete_mode_report_info+0x64/0x200 [ 19.389442] ? mempool_uaf_helper+0x392/0x400 [ 19.389474] kasan_report+0x141/0x180 [ 19.389507] ? mempool_uaf_helper+0x392/0x400 [ 19.389547] __asan_report_load1_noabort+0x18/0x20 [ 19.389576] mempool_uaf_helper+0x392/0x400 [ 19.389678] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 19.389759] ? dequeue_entities+0x852/0x1740 [ 19.389802] ? finish_task_switch.isra.0+0x153/0x700 [ 19.389843] mempool_kmalloc_uaf+0xef/0x140 [ 19.389877] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 19.389911] ? dequeue_task_fair+0x166/0x4e0 [ 19.389943] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.389975] ? __pfx_mempool_kfree+0x10/0x10 [ 19.390006] ? __pfx_read_tsc+0x10/0x10 [ 19.390036] ? ktime_get_ts64+0x86/0x230 [ 19.390072] kunit_try_run_case+0x1a5/0x480 [ 19.390111] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.390145] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.390181] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.390243] ? __kthread_parkme+0x82/0x180 [ 19.390292] ? preempt_count_sub+0x50/0x80 [ 19.390330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.390366] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.390401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.390436] kthread+0x337/0x6f0 [ 19.390460] ? trace_preempt_on+0x20/0xc0 [ 19.390495] ? __pfx_kthread+0x10/0x10 [ 19.390522] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.390554] ? calculate_sigpending+0x7b/0xa0 [ 19.390586] ? __pfx_kthread+0x10/0x10 [ 19.390657] ret_from_fork+0x41/0x80 [ 19.390730] ? __pfx_kthread+0x10/0x10 [ 19.390795] ret_from_fork_asm+0x1a/0x30 [ 19.390843] </TASK> [ 19.390860] [ 19.411008] Allocated by task 248: [ 19.411421] kasan_save_stack+0x45/0x70 [ 19.412084] kasan_save_track+0x18/0x40 [ 19.412948] kasan_save_alloc_info+0x3b/0x50 [ 19.413421] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.414324] remove_element+0x11e/0x190 [ 19.414905] mempool_alloc_preallocated+0x4d/0x90 [ 19.415485] mempool_uaf_helper+0x96/0x400 [ 19.416124] mempool_kmalloc_uaf+0xef/0x140 [ 19.416739] kunit_try_run_case+0x1a5/0x480 [ 19.417197] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.417977] kthread+0x337/0x6f0 [ 19.418443] ret_from_fork+0x41/0x80 [ 19.419096] ret_from_fork_asm+0x1a/0x30 [ 19.419532] [ 19.419733] Freed by task 248: [ 19.420052] kasan_save_stack+0x45/0x70 [ 19.420576] kasan_save_track+0x18/0x40 [ 19.421074] kasan_save_free_info+0x3f/0x60 [ 19.421784] __kasan_mempool_poison_object+0x131/0x1d0 [ 19.422341] mempool_free+0x2ec/0x380 [ 19.422863] mempool_uaf_helper+0x11a/0x400 [ 19.423397] mempool_kmalloc_uaf+0xef/0x140 [ 19.424104] kunit_try_run_case+0x1a5/0x480 [ 19.424732] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.425342] kthread+0x337/0x6f0 [ 19.425915] ret_from_fork+0x41/0x80 [ 19.426388] ret_from_fork_asm+0x1a/0x30 [ 19.427025] [ 19.427259] The buggy address belongs to the object at ffff888102a13700 [ 19.427259] which belongs to the cache kmalloc-128 of size 128 [ 19.428509] The buggy address is located 0 bytes inside of [ 19.428509] freed 128-byte region [ffff888102a13700, ffff888102a13780) [ 19.430787] [ 19.430940] The buggy address belongs to the physical page: [ 19.431536] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 19.432409] flags: 0x200000000000000(node=0|zone=2) [ 19.433071] page_type: f5(slab) [ 19.433401] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.434067] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.434696] page dumped because: kasan: bad access detected [ 19.435450] [ 19.435680] Memory state around the buggy address: [ 19.436437] ffff888102a13600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.437244] ffff888102a13680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.438742] >ffff888102a13700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.439304] ^ [ 19.439893] ffff888102a13780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.440523] ffff888102a13800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.441438] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 19.218421] ================================================================== [ 19.219669] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 19.220478] Read of size 1 at addr ffff88810a06fa73 by task kunit_try_catch/242 [ 19.221201] [ 19.221787] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.221919] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.221957] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.222013] Call Trace: [ 19.222050] <TASK> [ 19.222098] dump_stack_lvl+0x73/0xb0 [ 19.222182] print_report+0xd1/0x650 [ 19.222368] ? __virt_addr_valid+0x1db/0x2d0 [ 19.222452] ? mempool_oob_right_helper+0x318/0x380 [ 19.222521] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.222559] ? mempool_oob_right_helper+0x318/0x380 [ 19.222619] kasan_report+0x141/0x180 [ 19.222700] ? mempool_oob_right_helper+0x318/0x380 [ 19.222793] __asan_report_load1_noabort+0x18/0x20 [ 19.222869] mempool_oob_right_helper+0x318/0x380 [ 19.222939] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.222978] ? dequeue_entities+0x852/0x1740 [ 19.223016] ? finish_task_switch.isra.0+0x153/0x700 [ 19.223057] mempool_kmalloc_oob_right+0xf2/0x150 [ 19.223094] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 19.223129] ? dequeue_task_fair+0x166/0x4e0 [ 19.223162] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.223194] ? __pfx_mempool_kfree+0x10/0x10 [ 19.223271] ? __pfx_read_tsc+0x10/0x10 [ 19.223313] ? ktime_get_ts64+0x86/0x230 [ 19.223352] kunit_try_run_case+0x1a5/0x480 [ 19.223392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.223428] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.223466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.223502] ? __kthread_parkme+0x82/0x180 [ 19.223536] ? preempt_count_sub+0x50/0x80 [ 19.223573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.223716] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.223763] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.223798] kthread+0x337/0x6f0 [ 19.223823] ? trace_preempt_on+0x20/0xc0 [ 19.223861] ? __pfx_kthread+0x10/0x10 [ 19.223887] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.223920] ? calculate_sigpending+0x7b/0xa0 [ 19.223952] ? __pfx_kthread+0x10/0x10 [ 19.223978] ret_from_fork+0x41/0x80 [ 19.224008] ? __pfx_kthread+0x10/0x10 [ 19.224034] ret_from_fork_asm+0x1a/0x30 [ 19.224078] </TASK> [ 19.224094] [ 19.244795] Allocated by task 242: [ 19.245208] kasan_save_stack+0x45/0x70 [ 19.246130] kasan_save_track+0x18/0x40 [ 19.246759] kasan_save_alloc_info+0x3b/0x50 [ 19.247280] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 19.248034] remove_element+0x11e/0x190 [ 19.248562] mempool_alloc_preallocated+0x4d/0x90 [ 19.249347] mempool_oob_right_helper+0x8a/0x380 [ 19.250095] mempool_kmalloc_oob_right+0xf2/0x150 [ 19.250789] kunit_try_run_case+0x1a5/0x480 [ 19.251207] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.252061] kthread+0x337/0x6f0 [ 19.252546] ret_from_fork+0x41/0x80 [ 19.253187] ret_from_fork_asm+0x1a/0x30 [ 19.253966] [ 19.254125] The buggy address belongs to the object at ffff88810a06fa00 [ 19.254125] which belongs to the cache kmalloc-128 of size 128 [ 19.255496] The buggy address is located 0 bytes to the right of [ 19.255496] allocated 115-byte region [ffff88810a06fa00, ffff88810a06fa73) [ 19.256696] [ 19.256918] The buggy address belongs to the physical page: [ 19.257659] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a06f [ 19.258807] flags: 0x200000000000000(node=0|zone=2) [ 19.259313] page_type: f5(slab) [ 19.259874] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 19.260520] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 19.261386] page dumped because: kasan: bad access detected [ 19.262167] [ 19.262509] Memory state around the buggy address: [ 19.263153] ffff88810a06f900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.263916] ffff88810a06f980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.264558] >ffff88810a06fa00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.265375] ^ [ 19.266207] ffff88810a06fa80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.267075] ffff88810a06fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 19.267835] ================================================================== [ 19.326019] ================================================================== [ 19.327090] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 19.328056] Read of size 1 at addr ffff88810a08a2bb by task kunit_try_catch/246 [ 19.329112] [ 19.329424] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.329554] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.329593] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.329676] Call Trace: [ 19.329719] <TASK> [ 19.329781] dump_stack_lvl+0x73/0xb0 [ 19.329907] print_report+0xd1/0x650 [ 19.330010] ? __virt_addr_valid+0x1db/0x2d0 [ 19.330081] ? mempool_oob_right_helper+0x318/0x380 [ 19.330159] ? kasan_complete_mode_report_info+0x2a/0x200 [ 19.330198] ? mempool_oob_right_helper+0x318/0x380 [ 19.330274] kasan_report+0x141/0x180 [ 19.330311] ? mempool_oob_right_helper+0x318/0x380 [ 19.330354] __asan_report_load1_noabort+0x18/0x20 [ 19.330384] mempool_oob_right_helper+0x318/0x380 [ 19.330421] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.330461] ? finish_task_switch.isra.0+0x153/0x700 [ 19.330500] mempool_slab_oob_right+0xed/0x140 [ 19.330530] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 19.330558] ? dequeue_task_fair+0x166/0x4e0 [ 19.330589] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 19.330669] ? __pfx_mempool_free_slab+0x10/0x10 [ 19.330745] ? __pfx_read_tsc+0x10/0x10 [ 19.330779] ? ktime_get_ts64+0x86/0x230 [ 19.330811] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 19.330850] kunit_try_run_case+0x1a5/0x480 [ 19.330888] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.330920] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.330955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.330987] ? __kthread_parkme+0x82/0x180 [ 19.331019] ? preempt_count_sub+0x50/0x80 [ 19.331053] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.331087] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.331122] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.331156] kthread+0x337/0x6f0 [ 19.331179] ? trace_preempt_on+0x20/0xc0 [ 19.331216] ? __pfx_kthread+0x10/0x10 [ 19.331269] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.331302] ? calculate_sigpending+0x7b/0xa0 [ 19.331333] ? __pfx_kthread+0x10/0x10 [ 19.331358] ret_from_fork+0x41/0x80 [ 19.331389] ? __pfx_kthread+0x10/0x10 [ 19.331413] ret_from_fork_asm+0x1a/0x30 [ 19.331456] </TASK> [ 19.331470] [ 19.351352] Allocated by task 246: [ 19.351958] kasan_save_stack+0x45/0x70 [ 19.352454] kasan_save_track+0x18/0x40 [ 19.353083] kasan_save_alloc_info+0x3b/0x50 [ 19.353788] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 19.354400] remove_element+0x11e/0x190 [ 19.355055] mempool_alloc_preallocated+0x4d/0x90 [ 19.355853] mempool_oob_right_helper+0x8a/0x380 [ 19.356405] mempool_slab_oob_right+0xed/0x140 [ 19.357074] kunit_try_run_case+0x1a5/0x480 [ 19.357737] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.358368] kthread+0x337/0x6f0 [ 19.358875] ret_from_fork+0x41/0x80 [ 19.359278] ret_from_fork_asm+0x1a/0x30 [ 19.359756] [ 19.359943] The buggy address belongs to the object at ffff88810a08a240 [ 19.359943] which belongs to the cache test_cache of size 123 [ 19.360904] The buggy address is located 0 bytes to the right of [ 19.360904] allocated 123-byte region [ffff88810a08a240, ffff88810a08a2bb) [ 19.362138] [ 19.362368] The buggy address belongs to the physical page: [ 19.362989] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a08a [ 19.363950] flags: 0x200000000000000(node=0|zone=2) [ 19.364519] page_type: f5(slab) [ 19.365103] raw: 0200000000000000 ffff888101611c80 dead000000000122 0000000000000000 [ 19.365996] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 19.366503] page dumped because: kasan: bad access detected [ 19.367157] [ 19.367736] Memory state around the buggy address: [ 19.368179] ffff88810a08a180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 19.368734] ffff88810a08a200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 19.369523] >ffff88810a08a280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 19.370391] ^ [ 19.370857] ffff88810a08a300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.371944] ffff88810a08a380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 19.372664] ================================================================== [ 19.275099] ================================================================== [ 19.276477] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 19.277549] Read of size 1 at addr ffff888102c06001 by task kunit_try_catch/244 [ 19.278599] [ 19.278898] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 19.279053] Tainted: [B]=BAD_PAGE, [N]=TEST [ 19.279093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 19.279152] Call Trace: [ 19.279190] <TASK> [ 19.279282] dump_stack_lvl+0x73/0xb0 [ 19.279399] print_report+0xd1/0x650 [ 19.279468] ? __virt_addr_valid+0x1db/0x2d0 [ 19.279506] ? mempool_oob_right_helper+0x318/0x380 [ 19.279545] ? kasan_addr_to_slab+0x11/0xa0 [ 19.279578] ? mempool_oob_right_helper+0x318/0x380 [ 19.279671] kasan_report+0x141/0x180 [ 19.279752] ? mempool_oob_right_helper+0x318/0x380 [ 19.279820] __asan_report_load1_noabort+0x18/0x20 [ 19.279855] mempool_oob_right_helper+0x318/0x380 [ 19.279895] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 19.279931] ? dequeue_entities+0x852/0x1740 [ 19.279970] ? finish_task_switch.isra.0+0x153/0x700 [ 19.280009] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 19.280047] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 19.280085] ? dequeue_task_fair+0x166/0x4e0 [ 19.280118] ? __pfx_mempool_kmalloc+0x10/0x10 [ 19.280151] ? __pfx_mempool_kfree+0x10/0x10 [ 19.280183] ? __pfx_read_tsc+0x10/0x10 [ 19.280212] ? ktime_get_ts64+0x86/0x230 [ 19.280251] kunit_try_run_case+0x1a5/0x480 [ 19.280296] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.280354] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 19.280394] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 19.280430] ? __kthread_parkme+0x82/0x180 [ 19.280463] ? preempt_count_sub+0x50/0x80 [ 19.280498] ? __pfx_kunit_try_run_case+0x10/0x10 [ 19.280534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 19.280568] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 19.280842] kthread+0x337/0x6f0 [ 19.280884] ? trace_preempt_on+0x20/0xc0 [ 19.280925] ? __pfx_kthread+0x10/0x10 [ 19.280952] ? _raw_spin_unlock_irq+0x47/0x80 [ 19.280985] ? calculate_sigpending+0x7b/0xa0 [ 19.281017] ? __pfx_kthread+0x10/0x10 [ 19.281044] ret_from_fork+0x41/0x80 [ 19.281076] ? __pfx_kthread+0x10/0x10 [ 19.281101] ret_from_fork_asm+0x1a/0x30 [ 19.281146] </TASK> [ 19.281160] [ 19.302849] The buggy address belongs to the physical page: [ 19.303411] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c04 [ 19.304399] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 19.305343] flags: 0x200000000000040(head|node=0|zone=2) [ 19.305923] page_type: f8(unknown) [ 19.306319] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.307298] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.308068] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 19.308892] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 19.309505] head: 0200000000000002 ffffea00040b0101 00000000ffffffff 00000000ffffffff [ 19.310405] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 19.311075] page dumped because: kasan: bad access detected [ 19.311526] [ 19.312015] Memory state around the buggy address: [ 19.312745] ffff888102c05f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.313995] ffff888102c05f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 19.314913] >ffff888102c06000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.315458] ^ [ 19.315941] ffff888102c06080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.317092] ffff888102c06100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 19.317742] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 18.607525] ================================================================== [ 18.608450] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 18.609255] Read of size 1 at addr ffff888101488dc0 by task kunit_try_catch/236 [ 18.609982] [ 18.610283] CPU: 0 UID: 0 PID: 236 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.610416] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.610458] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.610517] Call Trace: [ 18.610555] <TASK> [ 18.610739] dump_stack_lvl+0x73/0xb0 [ 18.610825] print_report+0xd1/0x650 [ 18.610903] ? __virt_addr_valid+0x1db/0x2d0 [ 18.610984] ? kmem_cache_double_destroy+0x1bf/0x380 [ 18.611058] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.611136] ? kmem_cache_double_destroy+0x1bf/0x380 [ 18.611194] kasan_report+0x141/0x180 [ 18.611292] ? kmem_cache_double_destroy+0x1bf/0x380 [ 18.611374] ? kmem_cache_double_destroy+0x1bf/0x380 [ 18.611449] __kasan_check_byte+0x3d/0x50 [ 18.611527] kmem_cache_destroy+0x25/0x1d0 [ 18.611956] kmem_cache_double_destroy+0x1bf/0x380 [ 18.612042] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 18.612105] ? finish_task_switch.isra.0+0x153/0x700 [ 18.612145] ? __switch_to+0x5d9/0xf60 [ 18.612175] ? dequeue_task_fair+0x166/0x4e0 [ 18.612250] ? __pfx_read_tsc+0x10/0x10 [ 18.612284] ? ktime_get_ts64+0x86/0x230 [ 18.612320] kunit_try_run_case+0x1a5/0x480 [ 18.612358] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.612394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.612430] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.612463] ? __kthread_parkme+0x82/0x180 [ 18.612497] ? preempt_count_sub+0x50/0x80 [ 18.612532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.612565] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.612651] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.612742] kthread+0x337/0x6f0 [ 18.612773] ? trace_preempt_on+0x20/0xc0 [ 18.612814] ? __pfx_kthread+0x10/0x10 [ 18.612842] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.612875] ? calculate_sigpending+0x7b/0xa0 [ 18.612907] ? __pfx_kthread+0x10/0x10 [ 18.612933] ret_from_fork+0x41/0x80 [ 18.612966] ? __pfx_kthread+0x10/0x10 [ 18.612992] ret_from_fork_asm+0x1a/0x30 [ 18.613036] </TASK> [ 18.613052] [ 18.633083] Allocated by task 236: [ 18.633579] kasan_save_stack+0x45/0x70 [ 18.634402] kasan_save_track+0x18/0x40 [ 18.635025] kasan_save_alloc_info+0x3b/0x50 [ 18.635520] __kasan_slab_alloc+0x91/0xa0 [ 18.635971] kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.636723] __kmem_cache_create_args+0x169/0x240 [ 18.637271] kmem_cache_double_destroy+0xd5/0x380 [ 18.638133] kunit_try_run_case+0x1a5/0x480 [ 18.638659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.639176] kthread+0x337/0x6f0 [ 18.639767] ret_from_fork+0x41/0x80 [ 18.640358] ret_from_fork_asm+0x1a/0x30 [ 18.641152] [ 18.641399] Freed by task 236: [ 18.641962] kasan_save_stack+0x45/0x70 [ 18.642312] kasan_save_track+0x18/0x40 [ 18.643264] kasan_save_free_info+0x3f/0x60 [ 18.643890] __kasan_slab_free+0x56/0x70 [ 18.644312] kmem_cache_free+0x249/0x420 [ 18.644712] slab_kmem_cache_release+0x2e/0x40 [ 18.645141] kmem_cache_release+0x16/0x20 [ 18.645529] kobject_put+0x181/0x450 [ 18.645941] sysfs_slab_release+0x16/0x20 [ 18.646428] kmem_cache_destroy+0xf0/0x1d0 [ 18.646838] kmem_cache_double_destroy+0x14e/0x380 [ 18.647397] kunit_try_run_case+0x1a5/0x480 [ 18.647969] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.648537] kthread+0x337/0x6f0 [ 18.649029] ret_from_fork+0x41/0x80 [ 18.649523] ret_from_fork_asm+0x1a/0x30 [ 18.650298] [ 18.650550] The buggy address belongs to the object at ffff888101488dc0 [ 18.650550] which belongs to the cache kmem_cache of size 208 [ 18.651791] The buggy address is located 0 bytes inside of [ 18.651791] freed 208-byte region [ffff888101488dc0, ffff888101488e90) [ 18.652891] [ 18.653123] The buggy address belongs to the physical page: [ 18.653976] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x101488 [ 18.654883] flags: 0x200000000000000(node=0|zone=2) [ 18.655349] page_type: f5(slab) [ 18.655898] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 18.656555] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 18.657349] page dumped because: kasan: bad access detected [ 18.658287] [ 18.658586] Memory state around the buggy address: [ 18.659076] ffff888101488c80: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.659875] ffff888101488d00: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 18.660417] >ffff888101488d80: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 18.661091] ^ [ 18.661979] ffff888101488e00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.662558] ffff888101488e80: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.663338] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 18.520031] ================================================================== [ 18.520748] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 18.521473] Read of size 1 at addr ffff88810a085000 by task kunit_try_catch/234 [ 18.522068] [ 18.522403] CPU: 1 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.522573] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.522624] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.522684] Call Trace: [ 18.522731] <TASK> [ 18.522783] dump_stack_lvl+0x73/0xb0 [ 18.522903] print_report+0xd1/0x650 [ 18.522982] ? __virt_addr_valid+0x1db/0x2d0 [ 18.523057] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 18.523123] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.523237] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 18.523310] kasan_report+0x141/0x180 [ 18.523383] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 18.523427] __asan_report_load1_noabort+0x18/0x20 [ 18.523459] kmem_cache_rcu_uaf+0x3e3/0x510 [ 18.523488] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 18.523515] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.523601] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 18.523698] kunit_try_run_case+0x1a5/0x480 [ 18.523827] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.523901] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.523978] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.524056] ? __kthread_parkme+0x82/0x180 [ 18.524173] ? preempt_count_sub+0x50/0x80 [ 18.524257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.524331] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.524391] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.524426] kthread+0x337/0x6f0 [ 18.524451] ? trace_preempt_on+0x20/0xc0 [ 18.524486] ? __pfx_kthread+0x10/0x10 [ 18.524510] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.524540] ? calculate_sigpending+0x7b/0xa0 [ 18.524864] ? __pfx_kthread+0x10/0x10 [ 18.524895] ret_from_fork+0x41/0x80 [ 18.524929] ? __pfx_kthread+0x10/0x10 [ 18.524954] ret_from_fork_asm+0x1a/0x30 [ 18.524997] </TASK> [ 18.525011] [ 18.542644] Allocated by task 234: [ 18.543502] kasan_save_stack+0x45/0x70 [ 18.544084] kasan_save_track+0x18/0x40 [ 18.544696] kasan_save_alloc_info+0x3b/0x50 [ 18.545190] __kasan_slab_alloc+0x91/0xa0 [ 18.545672] kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.546099] kmem_cache_rcu_uaf+0x155/0x510 [ 18.546530] kunit_try_run_case+0x1a5/0x480 [ 18.546976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.547547] kthread+0x337/0x6f0 [ 18.548021] ret_from_fork+0x41/0x80 [ 18.548624] ret_from_fork_asm+0x1a/0x30 [ 18.549301] [ 18.549654] Freed by task 0: [ 18.550290] kasan_save_stack+0x45/0x70 [ 18.550835] kasan_save_track+0x18/0x40 [ 18.551428] kasan_save_free_info+0x3f/0x60 [ 18.551741] __kasan_slab_free+0x56/0x70 [ 18.552129] slab_free_after_rcu_debug+0xe4/0x310 [ 18.552982] rcu_core+0x66c/0x1c30 [ 18.553384] rcu_core_si+0x12/0x20 [ 18.553723] handle_softirqs+0x209/0x730 [ 18.554148] __irq_exit_rcu+0xc9/0x110 [ 18.554655] irq_exit_rcu+0x12/0x20 [ 18.555486] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.556011] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.556475] [ 18.556690] Last potentially related work creation: [ 18.557176] kasan_save_stack+0x45/0x70 [ 18.557643] kasan_record_aux_stack+0xb2/0xc0 [ 18.558321] kmem_cache_free+0x131/0x420 [ 18.558724] kmem_cache_rcu_uaf+0x194/0x510 [ 18.559216] kunit_try_run_case+0x1a5/0x480 [ 18.559633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.560123] kthread+0x337/0x6f0 [ 18.560463] ret_from_fork+0x41/0x80 [ 18.560902] ret_from_fork_asm+0x1a/0x30 [ 18.561590] [ 18.562363] The buggy address belongs to the object at ffff88810a085000 [ 18.562363] which belongs to the cache test_cache of size 200 [ 18.563218] The buggy address is located 0 bytes inside of [ 18.563218] freed 200-byte region [ffff88810a085000, ffff88810a0850c8) [ 18.564030] [ 18.564262] The buggy address belongs to the physical page: [ 18.565156] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a085 [ 18.565790] flags: 0x200000000000000(node=0|zone=2) [ 18.566257] page_type: f5(slab) [ 18.566765] raw: 0200000000000000 ffff888101611a00 dead000000000122 0000000000000000 [ 18.567584] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.568158] page dumped because: kasan: bad access detected [ 18.568767] [ 18.568970] Memory state around the buggy address: [ 18.569344] ffff88810a084f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.570452] ffff88810a084f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.570985] >ffff88810a085000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.571541] ^ [ 18.571896] ffff88810a085080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.572495] ffff88810a085100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.573055] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 18.437449] ================================================================== [ 18.438393] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 18.438929] Free of addr ffff88810a083001 by task kunit_try_catch/232 [ 18.439434] [ 18.439725] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.439849] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.439884] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.439941] Call Trace: [ 18.439979] <TASK> [ 18.440030] dump_stack_lvl+0x73/0xb0 [ 18.440106] print_report+0xd1/0x650 [ 18.440182] ? __virt_addr_valid+0x1db/0x2d0 [ 18.440261] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.440332] ? kmem_cache_invalid_free+0x1d8/0x460 [ 18.440399] kasan_report_invalid_free+0x10a/0x130 [ 18.440476] ? kmem_cache_invalid_free+0x1d8/0x460 [ 18.440547] ? kmem_cache_invalid_free+0x1d8/0x460 [ 18.440633] check_slab_allocation+0x11f/0x130 [ 18.440709] __kasan_slab_pre_free+0x28/0x40 [ 18.440761] kmem_cache_free+0xed/0x420 [ 18.440793] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.440825] ? kmem_cache_invalid_free+0x1d8/0x460 [ 18.440857] kmem_cache_invalid_free+0x1d8/0x460 [ 18.440885] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 18.440913] ? finish_task_switch.isra.0+0x153/0x700 [ 18.440946] ? __switch_to+0x5d9/0xf60 [ 18.440973] ? dequeue_task_fair+0x166/0x4e0 [ 18.441009] ? __pfx_read_tsc+0x10/0x10 [ 18.441037] ? ktime_get_ts64+0x86/0x230 [ 18.441071] kunit_try_run_case+0x1a5/0x480 [ 18.441107] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.441139] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.441172] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.441204] ? __kthread_parkme+0x82/0x180 [ 18.441265] ? preempt_count_sub+0x50/0x80 [ 18.441303] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.441338] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.441369] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.441401] kthread+0x337/0x6f0 [ 18.441422] ? trace_preempt_on+0x20/0xc0 [ 18.441455] ? __pfx_kthread+0x10/0x10 [ 18.441478] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.441507] ? calculate_sigpending+0x7b/0xa0 [ 18.441537] ? __pfx_kthread+0x10/0x10 [ 18.441560] ret_from_fork+0x41/0x80 [ 18.441589] ? __pfx_kthread+0x10/0x10 [ 18.441638] ret_from_fork_asm+0x1a/0x30 [ 18.441682] </TASK> [ 18.441696] [ 18.459450] Allocated by task 232: [ 18.459861] kasan_save_stack+0x45/0x70 [ 18.460346] kasan_save_track+0x18/0x40 [ 18.460763] kasan_save_alloc_info+0x3b/0x50 [ 18.461265] __kasan_slab_alloc+0x91/0xa0 [ 18.461683] kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.462102] kmem_cache_invalid_free+0x157/0x460 [ 18.462564] kunit_try_run_case+0x1a5/0x480 [ 18.462911] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.463380] kthread+0x337/0x6f0 [ 18.463750] ret_from_fork+0x41/0x80 [ 18.464148] ret_from_fork_asm+0x1a/0x30 [ 18.464599] [ 18.464836] The buggy address belongs to the object at ffff88810a083000 [ 18.464836] which belongs to the cache test_cache of size 200 [ 18.465892] The buggy address is located 1 bytes inside of [ 18.465892] 200-byte region [ffff88810a083000, ffff88810a0830c8) [ 18.466644] [ 18.466879] The buggy address belongs to the physical page: [ 18.467411] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a083 [ 18.468085] flags: 0x200000000000000(node=0|zone=2) [ 18.468636] page_type: f5(slab) [ 18.468960] raw: 0200000000000000 ffff8881016118c0 dead000000000122 0000000000000000 [ 18.469650] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.470135] page dumped because: kasan: bad access detected [ 18.470541] [ 18.470780] Memory state around the buggy address: [ 18.471208] ffff88810a082f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.471877] ffff88810a082f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.472552] >ffff88810a083000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.473063] ^ [ 18.473464] ffff88810a083080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.474126] ffff88810a083100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.474599] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 18.368218] ================================================================== [ 18.369119] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 18.370241] Free of addr ffff88810a082000 by task kunit_try_catch/230 [ 18.370949] [ 18.371912] CPU: 1 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.372496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.372529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.372582] Call Trace: [ 18.372636] <TASK> [ 18.372685] dump_stack_lvl+0x73/0xb0 [ 18.372762] print_report+0xd1/0x650 [ 18.372827] ? __virt_addr_valid+0x1db/0x2d0 [ 18.372924] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.372999] ? kmem_cache_double_free+0x1e5/0x480 [ 18.373074] kasan_report_invalid_free+0x10a/0x130 [ 18.373172] ? kmem_cache_double_free+0x1e5/0x480 [ 18.373286] ? kmem_cache_double_free+0x1e5/0x480 [ 18.373328] check_slab_allocation+0x101/0x130 [ 18.373364] __kasan_slab_pre_free+0x28/0x40 [ 18.373397] kmem_cache_free+0xed/0x420 [ 18.373427] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.373458] ? kmem_cache_double_free+0x1e5/0x480 [ 18.373492] kmem_cache_double_free+0x1e5/0x480 [ 18.373522] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 18.373550] ? finish_task_switch.isra.0+0x153/0x700 [ 18.373585] ? __switch_to+0x5d9/0xf60 [ 18.373650] ? dequeue_task_fair+0x166/0x4e0 [ 18.373738] ? __pfx_read_tsc+0x10/0x10 [ 18.373783] ? ktime_get_ts64+0x86/0x230 [ 18.373820] kunit_try_run_case+0x1a5/0x480 [ 18.373860] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.373894] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.373929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.373963] ? __kthread_parkme+0x82/0x180 [ 18.373995] ? preempt_count_sub+0x50/0x80 [ 18.374030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.374066] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.374100] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.374134] kthread+0x337/0x6f0 [ 18.374157] ? trace_preempt_on+0x20/0xc0 [ 18.374192] ? __pfx_kthread+0x10/0x10 [ 18.374226] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.374278] ? calculate_sigpending+0x7b/0xa0 [ 18.374310] ? __pfx_kthread+0x10/0x10 [ 18.374336] ret_from_fork+0x41/0x80 [ 18.374368] ? __pfx_kthread+0x10/0x10 [ 18.374393] ret_from_fork_asm+0x1a/0x30 [ 18.374435] </TASK> [ 18.374451] [ 18.397331] Allocated by task 230: [ 18.397832] kasan_save_stack+0x45/0x70 [ 18.398340] kasan_save_track+0x18/0x40 [ 18.398957] kasan_save_alloc_info+0x3b/0x50 [ 18.399370] __kasan_slab_alloc+0x91/0xa0 [ 18.400091] kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.400755] kmem_cache_double_free+0x14f/0x480 [ 18.401162] kunit_try_run_case+0x1a5/0x480 [ 18.401845] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.402395] kthread+0x337/0x6f0 [ 18.402876] ret_from_fork+0x41/0x80 [ 18.403349] ret_from_fork_asm+0x1a/0x30 [ 18.404210] [ 18.404749] Freed by task 230: [ 18.405086] kasan_save_stack+0x45/0x70 [ 18.405524] kasan_save_track+0x18/0x40 [ 18.406054] kasan_save_free_info+0x3f/0x60 [ 18.406517] __kasan_slab_free+0x56/0x70 [ 18.407084] kmem_cache_free+0x249/0x420 [ 18.407526] kmem_cache_double_free+0x16a/0x480 [ 18.408369] kunit_try_run_case+0x1a5/0x480 [ 18.408965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.409501] kthread+0x337/0x6f0 [ 18.410013] ret_from_fork+0x41/0x80 [ 18.410437] ret_from_fork_asm+0x1a/0x30 [ 18.411041] [ 18.411319] The buggy address belongs to the object at ffff88810a082000 [ 18.411319] which belongs to the cache test_cache of size 200 [ 18.412750] The buggy address is located 0 bytes inside of [ 18.412750] 200-byte region [ffff88810a082000, ffff88810a0820c8) [ 18.413887] [ 18.414138] The buggy address belongs to the physical page: [ 18.414778] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a082 [ 18.415419] flags: 0x200000000000000(node=0|zone=2) [ 18.416136] page_type: f5(slab) [ 18.416572] raw: 0200000000000000 ffff888101611780 dead000000000122 0000000000000000 [ 18.417335] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.418093] page dumped because: kasan: bad access detected [ 18.418758] [ 18.419002] Memory state around the buggy address: [ 18.419467] ffff88810a081f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.420205] ffff88810a081f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.421153] >ffff88810a082000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 18.422085] ^ [ 18.422444] ffff88810a082080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 18.422976] ffff88810a082100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.423645] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 18.305328] ================================================================== [ 18.306308] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 18.306892] Read of size 1 at addr ffff888102a1e0c8 by task kunit_try_catch/228 [ 18.307540] [ 18.307804] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.307920] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.307954] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.308011] Call Trace: [ 18.308049] <TASK> [ 18.308097] dump_stack_lvl+0x73/0xb0 [ 18.308183] print_report+0xd1/0x650 [ 18.308277] ? __virt_addr_valid+0x1db/0x2d0 [ 18.308350] ? kmem_cache_oob+0x402/0x530 [ 18.308418] ? kasan_complete_mode_report_info+0x2a/0x200 [ 18.308493] ? kmem_cache_oob+0x402/0x530 [ 18.308560] kasan_report+0x141/0x180 [ 18.308670] ? kmem_cache_oob+0x402/0x530 [ 18.308758] __asan_report_load1_noabort+0x18/0x20 [ 18.308828] kmem_cache_oob+0x402/0x530 [ 18.308895] ? __pfx_kmem_cache_oob+0x10/0x10 [ 18.308957] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 18.309056] ? __pfx_kmem_cache_oob+0x10/0x10 [ 18.309138] kunit_try_run_case+0x1a5/0x480 [ 18.309220] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.309294] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.309370] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.309423] ? __kthread_parkme+0x82/0x180 [ 18.309457] ? preempt_count_sub+0x50/0x80 [ 18.309494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.309528] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.309561] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.309592] kthread+0x337/0x6f0 [ 18.309670] ? trace_preempt_on+0x20/0xc0 [ 18.309745] ? __pfx_kthread+0x10/0x10 [ 18.309785] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.309816] ? calculate_sigpending+0x7b/0xa0 [ 18.309847] ? __pfx_kthread+0x10/0x10 [ 18.309871] ret_from_fork+0x41/0x80 [ 18.309903] ? __pfx_kthread+0x10/0x10 [ 18.309928] ret_from_fork_asm+0x1a/0x30 [ 18.309969] </TASK> [ 18.309983] [ 18.328195] Allocated by task 228: [ 18.328590] kasan_save_stack+0x45/0x70 [ 18.329176] kasan_save_track+0x18/0x40 [ 18.329738] kasan_save_alloc_info+0x3b/0x50 [ 18.330267] __kasan_slab_alloc+0x91/0xa0 [ 18.330832] kmem_cache_alloc_noprof+0x123/0x3f0 [ 18.331347] kmem_cache_oob+0x157/0x530 [ 18.331951] kunit_try_run_case+0x1a5/0x480 [ 18.332365] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.333466] kthread+0x337/0x6f0 [ 18.334003] ret_from_fork+0x41/0x80 [ 18.334994] ret_from_fork_asm+0x1a/0x30 [ 18.335365] [ 18.335726] The buggy address belongs to the object at ffff888102a1e000 [ 18.335726] which belongs to the cache test_cache of size 200 [ 18.336923] The buggy address is located 0 bytes to the right of [ 18.336923] allocated 200-byte region [ffff888102a1e000, ffff888102a1e0c8) [ 18.338377] [ 18.338845] The buggy address belongs to the physical page: [ 18.339351] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a1e [ 18.340185] flags: 0x200000000000000(node=0|zone=2) [ 18.340754] page_type: f5(slab) [ 18.341120] raw: 0200000000000000 ffff888101488c80 dead000000000122 0000000000000000 [ 18.342089] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 18.342850] page dumped because: kasan: bad access detected [ 18.343129] [ 18.343226] Memory state around the buggy address: [ 18.343629] ffff888102a1df80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.344934] ffff888102a1e000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 18.346001] >ffff888102a1e080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 18.346596] ^ [ 18.347092] ffff888102a1e100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.348041] ffff888102a1e180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.349047] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 18.232342] ================================================================== [ 18.233520] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 18.234212] Read of size 8 at addr ffff888102a18a40 by task kunit_try_catch/221 [ 18.234774] [ 18.235017] CPU: 0 UID: 0 PID: 221 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.235134] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.235169] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.235224] Call Trace: [ 18.235264] <TASK> [ 18.235490] dump_stack_lvl+0x73/0xb0 [ 18.235575] print_report+0xd1/0x650 [ 18.235670] ? __virt_addr_valid+0x1db/0x2d0 [ 18.235748] ? workqueue_uaf+0x4d6/0x560 [ 18.235819] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.235888] ? workqueue_uaf+0x4d6/0x560 [ 18.235958] kasan_report+0x141/0x180 [ 18.236032] ? workqueue_uaf+0x4d6/0x560 [ 18.236118] __asan_report_load8_noabort+0x18/0x20 [ 18.236189] workqueue_uaf+0x4d6/0x560 [ 18.236267] ? __pfx_workqueue_uaf+0x10/0x10 [ 18.236342] ? __schedule+0x10cc/0x2b60 [ 18.236412] ? __pfx_read_tsc+0x10/0x10 [ 18.236481] ? ktime_get_ts64+0x86/0x230 [ 18.236563] kunit_try_run_case+0x1a5/0x480 [ 18.236655] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.236732] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 18.236782] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 18.236818] ? __kthread_parkme+0x82/0x180 [ 18.236849] ? preempt_count_sub+0x50/0x80 [ 18.236884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 18.236919] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.236951] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 18.236983] kthread+0x337/0x6f0 [ 18.237004] ? trace_preempt_on+0x20/0xc0 [ 18.237037] ? __pfx_kthread+0x10/0x10 [ 18.237061] ? _raw_spin_unlock_irq+0x47/0x80 [ 18.237090] ? calculate_sigpending+0x7b/0xa0 [ 18.237120] ? __pfx_kthread+0x10/0x10 [ 18.237145] ret_from_fork+0x41/0x80 [ 18.237174] ? __pfx_kthread+0x10/0x10 [ 18.237197] ret_from_fork_asm+0x1a/0x30 [ 18.237272] </TASK> [ 18.237289] [ 18.255539] Allocated by task 221: [ 18.256112] kasan_save_stack+0x45/0x70 [ 18.256917] kasan_save_track+0x18/0x40 [ 18.257411] kasan_save_alloc_info+0x3b/0x50 [ 18.258017] __kasan_kmalloc+0xb7/0xc0 [ 18.258490] __kmalloc_cache_noprof+0x189/0x420 [ 18.259070] workqueue_uaf+0x152/0x560 [ 18.259551] kunit_try_run_case+0x1a5/0x480 [ 18.260140] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.261023] kthread+0x337/0x6f0 [ 18.261480] ret_from_fork+0x41/0x80 [ 18.261972] ret_from_fork_asm+0x1a/0x30 [ 18.262481] [ 18.262869] Freed by task 9: [ 18.263192] kasan_save_stack+0x45/0x70 [ 18.263633] kasan_save_track+0x18/0x40 [ 18.264201] kasan_save_free_info+0x3f/0x60 [ 18.264808] __kasan_slab_free+0x56/0x70 [ 18.265294] kfree+0x222/0x3f0 [ 18.265734] workqueue_uaf_work+0x12/0x20 [ 18.266090] process_one_work+0x5ee/0xf60 [ 18.267039] worker_thread+0x758/0x1220 [ 18.267458] kthread+0x337/0x6f0 [ 18.268001] ret_from_fork+0x41/0x80 [ 18.268438] ret_from_fork_asm+0x1a/0x30 [ 18.269023] [ 18.269328] Last potentially related work creation: [ 18.269927] kasan_save_stack+0x45/0x70 [ 18.270350] kasan_record_aux_stack+0xb2/0xc0 [ 18.270785] __queue_work+0x626/0xeb0 [ 18.271225] queue_work_on+0xb6/0xc0 [ 18.272106] workqueue_uaf+0x26d/0x560 [ 18.272803] kunit_try_run_case+0x1a5/0x480 [ 18.273373] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.274133] kthread+0x337/0x6f0 [ 18.274563] ret_from_fork+0x41/0x80 [ 18.275133] ret_from_fork_asm+0x1a/0x30 [ 18.275523] [ 18.276391] The buggy address belongs to the object at ffff888102a18a40 [ 18.276391] which belongs to the cache kmalloc-32 of size 32 [ 18.277925] The buggy address is located 0 bytes inside of [ 18.277925] freed 32-byte region [ffff888102a18a40, ffff888102a18a60) [ 18.278817] [ 18.279018] The buggy address belongs to the physical page: [ 18.279381] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a18 [ 18.280520] flags: 0x200000000000000(node=0|zone=2) [ 18.281294] page_type: f5(slab) [ 18.282055] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.282759] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.283320] page dumped because: kasan: bad access detected [ 18.283938] [ 18.284197] Memory state around the buggy address: [ 18.284725] ffff888102a18900: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.285453] ffff888102a18980: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.286303] >ffff888102a18a00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 18.287209] ^ [ 18.287894] ffff888102a18a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.288509] ffff888102a18b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.289262] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 18.157867] ================================================================== [ 18.158818] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 18.159327] Read of size 4 at addr ffff88810a07c480 by task swapper/1/0 [ 18.160047] [ 18.160303] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 18.160425] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.160461] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.160520] Call Trace: [ 18.160580] <IRQ> [ 18.160933] dump_stack_lvl+0x73/0xb0 [ 18.161019] print_report+0xd1/0x650 [ 18.161088] ? __virt_addr_valid+0x1db/0x2d0 [ 18.161128] ? rcu_uaf_reclaim+0x50/0x60 [ 18.161160] ? kasan_complete_mode_report_info+0x64/0x200 [ 18.161194] ? rcu_uaf_reclaim+0x50/0x60 [ 18.161241] kasan_report+0x141/0x180 [ 18.161646] ? rcu_uaf_reclaim+0x50/0x60 [ 18.161880] __asan_report_load4_noabort+0x18/0x20 [ 18.161927] rcu_uaf_reclaim+0x50/0x60 [ 18.161959] rcu_core+0x66c/0x1c30 [ 18.162003] ? __pfx_rcu_core+0x10/0x10 [ 18.162038] ? ktime_get+0x6b/0x150 [ 18.162078] rcu_core_si+0x12/0x20 [ 18.162103] handle_softirqs+0x209/0x730 [ 18.162137] ? hrtimer_interrupt+0x2fe/0x780 [ 18.162170] ? __pfx_handle_softirqs+0x10/0x10 [ 18.162209] __irq_exit_rcu+0xc9/0x110 [ 18.162270] irq_exit_rcu+0x12/0x20 [ 18.162298] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.162337] </IRQ> [ 18.162377] <TASK> [ 18.162394] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.162508] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 18.162834] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 83 cd 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 18.162947] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010206 [ 18.163070] RAX: ffff8881b2593000 RBX: ffff8881008353c0 RCX: ffffffffa660d015 [ 18.163133] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 000000000001eb94 [ 18.163194] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 18.163277] R10: ffff88815b130813 R11: 0000000000034000 R12: 0000000000000001 [ 18.163340] R13: ffffed1020106a78 R14: ffffffffa839c210 R15: 0000000000000000 [ 18.163419] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 18.163492] ? default_idle+0xd/0x20 [ 18.163524] arch_cpu_idle+0xd/0x20 [ 18.163551] default_idle_call+0x48/0x80 [ 18.163581] do_idle+0x379/0x4f0 [ 18.163671] ? __pfx_do_idle+0x10/0x10 [ 18.163739] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 18.163781] ? complete+0x15b/0x1d0 [ 18.163816] cpu_startup_entry+0x5c/0x70 [ 18.163847] start_secondary+0x211/0x290 [ 18.163877] ? __pfx_start_secondary+0x10/0x10 [ 18.163912] common_startup_64+0x13e/0x148 [ 18.163953] </TASK> [ 18.163968] [ 18.188971] Allocated by task 219: [ 18.189297] kasan_save_stack+0x45/0x70 [ 18.189987] kasan_save_track+0x18/0x40 [ 18.190537] kasan_save_alloc_info+0x3b/0x50 [ 18.191085] __kasan_kmalloc+0xb7/0xc0 [ 18.191736] __kmalloc_cache_noprof+0x189/0x420 [ 18.192275] rcu_uaf+0xb0/0x330 [ 18.193159] kunit_try_run_case+0x1a5/0x480 [ 18.193826] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.194470] kthread+0x337/0x6f0 [ 18.195042] ret_from_fork+0x41/0x80 [ 18.195447] ret_from_fork_asm+0x1a/0x30 [ 18.196108] [ 18.196330] Freed by task 0: [ 18.197382] kasan_save_stack+0x45/0x70 [ 18.197908] kasan_save_track+0x18/0x40 [ 18.198323] kasan_save_free_info+0x3f/0x60 [ 18.198726] __kasan_slab_free+0x56/0x70 [ 18.199106] kfree+0x222/0x3f0 [ 18.199468] rcu_uaf_reclaim+0x1f/0x60 [ 18.200249] rcu_core+0x66c/0x1c30 [ 18.200618] rcu_core_si+0x12/0x20 [ 18.201447] handle_softirqs+0x209/0x730 [ 18.202272] __irq_exit_rcu+0xc9/0x110 [ 18.202537] irq_exit_rcu+0x12/0x20 [ 18.203011] sysvec_apic_timer_interrupt+0x81/0x90 [ 18.203738] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 18.204708] [ 18.205542] Last potentially related work creation: [ 18.206119] kasan_save_stack+0x45/0x70 [ 18.206527] kasan_record_aux_stack+0xb2/0xc0 [ 18.206883] __call_rcu_common.constprop.0+0x72/0x9c0 [ 18.207374] call_rcu+0x12/0x20 [ 18.207766] rcu_uaf+0x168/0x330 [ 18.208107] kunit_try_run_case+0x1a5/0x480 [ 18.208541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.209459] kthread+0x337/0x6f0 [ 18.209934] ret_from_fork+0x41/0x80 [ 18.210366] ret_from_fork_asm+0x1a/0x30 [ 18.210911] [ 18.211152] The buggy address belongs to the object at ffff88810a07c480 [ 18.211152] which belongs to the cache kmalloc-32 of size 32 [ 18.212289] The buggy address is located 0 bytes inside of [ 18.212289] freed 32-byte region [ffff88810a07c480, ffff88810a07c4a0) [ 18.213545] [ 18.213927] The buggy address belongs to the physical page: [ 18.214427] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a07c [ 18.215136] flags: 0x200000000000000(node=0|zone=2) [ 18.215676] page_type: f5(slab) [ 18.216034] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 18.216601] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 18.217744] page dumped because: kasan: bad access detected [ 18.218169] [ 18.218445] Memory state around the buggy address: [ 18.218996] ffff88810a07c380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 18.219754] ffff88810a07c400: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 18.220420] >ffff88810a07c480: fa fb fb fb fc fc fc fc fc fc fc fc fc fc fc fc [ 18.221319] ^ [ 18.221829] ffff88810a07c500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.222443] ffff88810a07c580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 18.223107] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 16.311295] ================================================================== [ 16.312580] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 16.313487] Read of size 1 at addr ffff88810a700000 by task kunit_try_catch/175 [ 16.314068] [ 16.314326] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.314452] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.314489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.314542] Call Trace: [ 16.314582] <TASK> [ 16.315043] dump_stack_lvl+0x73/0xb0 [ 16.315125] print_report+0xd1/0x650 [ 16.315252] ? __virt_addr_valid+0x1db/0x2d0 [ 16.315313] ? page_alloc_uaf+0x356/0x3d0 [ 16.315344] ? kasan_addr_to_slab+0x11/0xa0 [ 16.315377] ? page_alloc_uaf+0x356/0x3d0 [ 16.315404] kasan_report+0x141/0x180 [ 16.315439] ? page_alloc_uaf+0x356/0x3d0 [ 16.315473] __asan_report_load1_noabort+0x18/0x20 [ 16.315505] page_alloc_uaf+0x356/0x3d0 [ 16.315531] ? __pfx_page_alloc_uaf+0x10/0x10 [ 16.315560] ? __schedule+0x10cc/0x2b60 [ 16.315594] ? __pfx_read_tsc+0x10/0x10 [ 16.315685] ? ktime_get_ts64+0x86/0x230 [ 16.315757] kunit_try_run_case+0x1a5/0x480 [ 16.315798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.315833] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.315869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.315904] ? __kthread_parkme+0x82/0x180 [ 16.315936] ? preempt_count_sub+0x50/0x80 [ 16.315973] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.316009] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.316042] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.316077] kthread+0x337/0x6f0 [ 16.316101] ? trace_preempt_on+0x20/0xc0 [ 16.316136] ? __pfx_kthread+0x10/0x10 [ 16.316162] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.316194] ? calculate_sigpending+0x7b/0xa0 [ 16.316263] ? __pfx_kthread+0x10/0x10 [ 16.316296] ret_from_fork+0x41/0x80 [ 16.316330] ? __pfx_kthread+0x10/0x10 [ 16.316355] ret_from_fork_asm+0x1a/0x30 [ 16.316398] </TASK> [ 16.316413] [ 16.336387] The buggy address belongs to the physical page: [ 16.336832] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a700 [ 16.337946] flags: 0x200000000000000(node=0|zone=2) [ 16.338684] page_type: f0(buddy) [ 16.339140] raw: 0200000000000000 ffff88817fffc500 ffff88817fffc500 0000000000000000 [ 16.340033] raw: 0000000000000000 0000000000000008 00000000f0000000 0000000000000000 [ 16.341050] page dumped because: kasan: bad access detected [ 16.341656] [ 16.341868] Memory state around the buggy address: [ 16.342315] ffff88810a6fff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.342897] ffff88810a6fff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.344169] >ffff88810a700000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.344828] ^ [ 16.345331] ffff88810a700080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.346226] ffff88810a700100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.346863] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 16.264978] ================================================================== [ 16.265842] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 16.266178] Free of addr ffff88810a0a4001 by task kunit_try_catch/171 [ 16.267202] [ 16.267717] CPU: 1 UID: 0 PID: 171 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.267843] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.267880] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.267936] Call Trace: [ 16.267974] <TASK> [ 16.268022] dump_stack_lvl+0x73/0xb0 [ 16.268106] print_report+0xd1/0x650 [ 16.268179] ? __virt_addr_valid+0x1db/0x2d0 [ 16.268256] ? kasan_addr_to_slab+0x11/0xa0 [ 16.268326] ? kfree+0x274/0x3f0 [ 16.268391] kasan_report_invalid_free+0x10a/0x130 [ 16.268475] ? kfree+0x274/0x3f0 [ 16.268545] ? kfree+0x274/0x3f0 [ 16.268793] __kasan_kfree_large+0x86/0xd0 [ 16.268878] free_large_kmalloc+0x4b/0x110 [ 16.268963] kfree+0x274/0x3f0 [ 16.269045] kmalloc_large_invalid_free+0x120/0x2b0 [ 16.269123] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 16.269202] ? __schedule+0x10cc/0x2b60 [ 16.269281] ? __pfx_read_tsc+0x10/0x10 [ 16.269323] ? ktime_get_ts64+0x86/0x230 [ 16.269361] kunit_try_run_case+0x1a5/0x480 [ 16.269399] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.269432] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.269466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.269499] ? __kthread_parkme+0x82/0x180 [ 16.269529] ? preempt_count_sub+0x50/0x80 [ 16.269564] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.269600] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.269695] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.269766] kthread+0x337/0x6f0 [ 16.269794] ? trace_preempt_on+0x20/0xc0 [ 16.269829] ? __pfx_kthread+0x10/0x10 [ 16.269853] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.269883] ? calculate_sigpending+0x7b/0xa0 [ 16.269912] ? __pfx_kthread+0x10/0x10 [ 16.269936] ret_from_fork+0x41/0x80 [ 16.269964] ? __pfx_kthread+0x10/0x10 [ 16.269987] ret_from_fork_asm+0x1a/0x30 [ 16.270028] </TASK> [ 16.270044] [ 16.286477] The buggy address belongs to the physical page: [ 16.287070] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.287937] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.288482] flags: 0x200000000000040(head|node=0|zone=2) [ 16.289370] page_type: f8(unknown) [ 16.289982] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.290740] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.291428] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.292223] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.292863] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.293429] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.294063] page dumped because: kasan: bad access detected [ 16.295041] [ 16.295292] Memory state around the buggy address: [ 16.295761] ffff88810a0a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.296458] ffff88810a0a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.297295] >ffff88810a0a4000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.298209] ^ [ 16.298564] ffff88810a0a4080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.299175] ffff88810a0a4100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.299773] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 16.224550] ================================================================== [ 16.225858] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 16.227096] Read of size 1 at addr ffff888102be8000 by task kunit_try_catch/169 [ 16.227779] [ 16.228047] CPU: 0 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.228169] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.228205] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.228258] Call Trace: [ 16.228297] <TASK> [ 16.228340] dump_stack_lvl+0x73/0xb0 [ 16.228421] print_report+0xd1/0x650 [ 16.228742] ? __virt_addr_valid+0x1db/0x2d0 [ 16.228824] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.228893] ? kasan_addr_to_slab+0x11/0xa0 [ 16.228950] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.228985] kasan_report+0x141/0x180 [ 16.229021] ? kmalloc_large_uaf+0x2f1/0x340 [ 16.229063] __asan_report_load1_noabort+0x18/0x20 [ 16.229095] kmalloc_large_uaf+0x2f1/0x340 [ 16.229128] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 16.229162] ? __schedule+0x10cc/0x2b60 [ 16.229196] ? __pfx_read_tsc+0x10/0x10 [ 16.229226] ? ktime_get_ts64+0x86/0x230 [ 16.229263] kunit_try_run_case+0x1a5/0x480 [ 16.229301] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.229373] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.229412] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.229448] ? __kthread_parkme+0x82/0x180 [ 16.229482] ? preempt_count_sub+0x50/0x80 [ 16.229518] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.229554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.229588] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.229702] kthread+0x337/0x6f0 [ 16.229788] ? trace_preempt_on+0x20/0xc0 [ 16.229864] ? __pfx_kthread+0x10/0x10 [ 16.229935] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.230008] ? calculate_sigpending+0x7b/0xa0 [ 16.230070] ? __pfx_kthread+0x10/0x10 [ 16.230132] ret_from_fork+0x41/0x80 [ 16.230207] ? __pfx_kthread+0x10/0x10 [ 16.230278] ret_from_fork_asm+0x1a/0x30 [ 16.230325] </TASK> [ 16.230339] [ 16.250014] The buggy address belongs to the physical page: [ 16.250501] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102be8 [ 16.251745] flags: 0x200000000000000(node=0|zone=2) [ 16.252175] raw: 0200000000000000 ffffea00040afb08 ffff88815b039a80 0000000000000000 [ 16.252912] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 16.253444] page dumped because: kasan: bad access detected [ 16.254040] [ 16.254324] Memory state around the buggy address: [ 16.254902] ffff888102be7f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.255485] ffff888102be7f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.256224] >ffff888102be8000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.257778] ^ [ 16.258273] ffff888102be8080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.258862] ffff888102be8100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 16.259506] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 16.182587] ================================================================== [ 16.183418] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 16.184784] Write of size 1 at addr ffff88810a0a600a by task kunit_try_catch/167 [ 16.186124] [ 16.186369] CPU: 1 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.186487] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.186523] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.186574] Call Trace: [ 16.186629] <TASK> [ 16.186671] dump_stack_lvl+0x73/0xb0 [ 16.186743] print_report+0xd1/0x650 [ 16.186816] ? __virt_addr_valid+0x1db/0x2d0 [ 16.186884] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.186954] ? kasan_addr_to_slab+0x11/0xa0 [ 16.187045] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.187130] kasan_report+0x141/0x180 [ 16.187187] ? kmalloc_large_oob_right+0x2e9/0x330 [ 16.187264] __asan_report_store1_noabort+0x1b/0x30 [ 16.187303] kmalloc_large_oob_right+0x2e9/0x330 [ 16.187338] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 16.187372] ? __schedule+0x10cc/0x2b60 [ 16.187405] ? __pfx_read_tsc+0x10/0x10 [ 16.187433] ? ktime_get_ts64+0x86/0x230 [ 16.187468] kunit_try_run_case+0x1a5/0x480 [ 16.187504] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.187535] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.187567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.187621] ? __kthread_parkme+0x82/0x180 [ 16.187699] ? preempt_count_sub+0x50/0x80 [ 16.187758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.187794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.187829] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.187861] kthread+0x337/0x6f0 [ 16.187883] ? trace_preempt_on+0x20/0xc0 [ 16.187915] ? __pfx_kthread+0x10/0x10 [ 16.187938] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.187967] ? calculate_sigpending+0x7b/0xa0 [ 16.187995] ? __pfx_kthread+0x10/0x10 [ 16.188018] ret_from_fork+0x41/0x80 [ 16.188048] ? __pfx_kthread+0x10/0x10 [ 16.188073] ret_from_fork_asm+0x1a/0x30 [ 16.188113] </TASK> [ 16.188126] [ 16.204541] The buggy address belongs to the physical page: [ 16.205432] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10a0a4 [ 16.206363] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.207121] flags: 0x200000000000040(head|node=0|zone=2) [ 16.207756] page_type: f8(unknown) [ 16.208058] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.209118] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.209816] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 16.210460] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 16.211084] head: 0200000000000002 ffffea0004282901 00000000ffffffff 00000000ffffffff [ 16.211779] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 16.212454] page dumped because: kasan: bad access detected [ 16.213179] [ 16.213438] Memory state around the buggy address: [ 16.214029] ffff88810a0a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.214555] ffff88810a0a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.215356] >ffff88810a0a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.216112] ^ [ 16.216487] ffff88810a0a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.217414] ffff88810a0a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 16.218192] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 16.131176] ================================================================== [ 16.132235] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 16.133002] Write of size 1 at addr ffff888102c49f00 by task kunit_try_catch/165 [ 16.134566] [ 16.135000] CPU: 1 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.135277] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.135318] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.135376] Call Trace: [ 16.135412] <TASK> [ 16.135459] dump_stack_lvl+0x73/0xb0 [ 16.135555] print_report+0xd1/0x650 [ 16.135673] ? __virt_addr_valid+0x1db/0x2d0 [ 16.135756] ? kmalloc_big_oob_right+0x316/0x370 [ 16.135826] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.135864] ? kmalloc_big_oob_right+0x316/0x370 [ 16.135901] kasan_report+0x141/0x180 [ 16.135935] ? kmalloc_big_oob_right+0x316/0x370 [ 16.135973] __asan_report_store1_noabort+0x1b/0x30 [ 16.136003] kmalloc_big_oob_right+0x316/0x370 [ 16.136036] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.136071] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 16.136109] kunit_try_run_case+0x1a5/0x480 [ 16.136145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.136213] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.136274] ? __kthread_parkme+0x82/0x180 [ 16.136308] ? preempt_count_sub+0x50/0x80 [ 16.136343] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.136376] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.136407] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.136438] kthread+0x337/0x6f0 [ 16.136460] ? trace_preempt_on+0x20/0xc0 [ 16.136492] ? __pfx_kthread+0x10/0x10 [ 16.136515] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.136544] ? calculate_sigpending+0x7b/0xa0 [ 16.136575] ? __pfx_kthread+0x10/0x10 [ 16.136618] ret_from_fork+0x41/0x80 [ 16.136691] ? __pfx_kthread+0x10/0x10 [ 16.136747] ret_from_fork_asm+0x1a/0x30 [ 16.136792] </TASK> [ 16.136806] [ 16.153504] Allocated by task 165: [ 16.153941] kasan_save_stack+0x45/0x70 [ 16.154801] kasan_save_track+0x18/0x40 [ 16.155257] kasan_save_alloc_info+0x3b/0x50 [ 16.156016] __kasan_kmalloc+0xb7/0xc0 [ 16.156518] __kmalloc_cache_noprof+0x189/0x420 [ 16.157185] kmalloc_big_oob_right+0xa9/0x370 [ 16.157863] kunit_try_run_case+0x1a5/0x480 [ 16.158284] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.158996] kthread+0x337/0x6f0 [ 16.159477] ret_from_fork+0x41/0x80 [ 16.160179] ret_from_fork_asm+0x1a/0x30 [ 16.160685] [ 16.160919] The buggy address belongs to the object at ffff888102c48000 [ 16.160919] which belongs to the cache kmalloc-8k of size 8192 [ 16.162109] The buggy address is located 0 bytes to the right of [ 16.162109] allocated 7936-byte region [ffff888102c48000, ffff888102c49f00) [ 16.163300] [ 16.163545] The buggy address belongs to the physical page: [ 16.164276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102c48 [ 16.165166] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.165999] flags: 0x200000000000040(head|node=0|zone=2) [ 16.166508] page_type: f5(slab) [ 16.167152] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.168004] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.168754] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 16.169644] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 16.170619] head: 0200000000000003 ffffea00040b1201 00000000ffffffff 00000000ffffffff [ 16.171297] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.171867] page dumped because: kasan: bad access detected [ 16.172303] [ 16.172495] Memory state around the buggy address: [ 16.173092] ffff888102c49e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.173855] ffff888102c49e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.174426] >ffff888102c49f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.175142] ^ [ 16.175486] ffff888102c49f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.176197] ffff888102c4a000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.176967] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 16.079967] ================================================================== [ 16.080424] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.081106] Write of size 1 at addr ffff888102a13078 by task kunit_try_catch/163 [ 16.082373] [ 16.082888] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.083008] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.083067] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.083136] Call Trace: [ 16.083173] <TASK> [ 16.083213] dump_stack_lvl+0x73/0xb0 [ 16.083286] print_report+0xd1/0x650 [ 16.083353] ? __virt_addr_valid+0x1db/0x2d0 [ 16.083392] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.083425] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.083458] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.083490] kasan_report+0x141/0x180 [ 16.083523] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.083560] __asan_report_store1_noabort+0x1b/0x30 [ 16.083590] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 16.083690] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.083757] ? __schedule+0x10cc/0x2b60 [ 16.083793] ? __pfx_read_tsc+0x10/0x10 [ 16.083822] ? ktime_get_ts64+0x86/0x230 [ 16.083860] kunit_try_run_case+0x1a5/0x480 [ 16.083896] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.083930] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.083963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.083997] ? __kthread_parkme+0x82/0x180 [ 16.084029] ? preempt_count_sub+0x50/0x80 [ 16.084067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.084104] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.084138] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.084171] kthread+0x337/0x6f0 [ 16.084195] ? trace_preempt_on+0x20/0xc0 [ 16.084259] ? __pfx_kthread+0x10/0x10 [ 16.084292] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.084326] ? calculate_sigpending+0x7b/0xa0 [ 16.084358] ? __pfx_kthread+0x10/0x10 [ 16.084385] ret_from_fork+0x41/0x80 [ 16.084416] ? __pfx_kthread+0x10/0x10 [ 16.084443] ret_from_fork_asm+0x1a/0x30 [ 16.084485] </TASK> [ 16.084499] [ 16.103842] Allocated by task 163: [ 16.104332] kasan_save_stack+0x45/0x70 [ 16.104817] kasan_save_track+0x18/0x40 [ 16.105413] kasan_save_alloc_info+0x3b/0x50 [ 16.106315] __kasan_kmalloc+0xb7/0xc0 [ 16.107028] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.107462] kmalloc_track_caller_oob_right+0x19a/0x520 [ 16.107990] kunit_try_run_case+0x1a5/0x480 [ 16.108379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.108920] kthread+0x337/0x6f0 [ 16.109649] ret_from_fork+0x41/0x80 [ 16.110272] ret_from_fork_asm+0x1a/0x30 [ 16.110588] [ 16.111193] The buggy address belongs to the object at ffff888102a13000 [ 16.111193] which belongs to the cache kmalloc-128 of size 128 [ 16.112493] The buggy address is located 0 bytes to the right of [ 16.112493] allocated 120-byte region [ffff888102a13000, ffff888102a13078) [ 16.113379] [ 16.113814] The buggy address belongs to the physical page: [ 16.114472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a13 [ 16.114975] flags: 0x200000000000000(node=0|zone=2) [ 16.115960] page_type: f5(slab) [ 16.116575] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.117243] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.118241] page dumped because: kasan: bad access detected [ 16.118944] [ 16.119673] Memory state around the buggy address: [ 16.120115] ffff888102a12f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.121193] ffff888102a12f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.122172] >ffff888102a13000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.122784] ^ [ 16.123739] ffff888102a13080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.124632] ffff888102a13100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.125509] ================================================================== [ 16.031901] ================================================================== [ 16.032857] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.034049] Write of size 1 at addr ffff888102a08f78 by task kunit_try_catch/163 [ 16.035441] [ 16.036027] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 16.036176] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.036210] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.036262] Call Trace: [ 16.036290] <TASK> [ 16.036311] dump_stack_lvl+0x73/0xb0 [ 16.036351] print_report+0xd1/0x650 [ 16.036386] ? __virt_addr_valid+0x1db/0x2d0 [ 16.036417] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.036448] ? kasan_complete_mode_report_info+0x2a/0x200 [ 16.036482] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.036513] kasan_report+0x141/0x180 [ 16.036546] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.036583] __asan_report_store1_noabort+0x1b/0x30 [ 16.036676] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 16.036750] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 16.036816] ? __schedule+0x10cc/0x2b60 [ 16.036895] ? __pfx_read_tsc+0x10/0x10 [ 16.036961] ? ktime_get_ts64+0x86/0x230 [ 16.037042] kunit_try_run_case+0x1a5/0x480 [ 16.037112] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.037147] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 16.037182] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 16.037222] ? __kthread_parkme+0x82/0x180 [ 16.037279] ? preempt_count_sub+0x50/0x80 [ 16.037317] ? __pfx_kunit_try_run_case+0x10/0x10 [ 16.037351] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.037384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 16.037416] kthread+0x337/0x6f0 [ 16.037438] ? trace_preempt_on+0x20/0xc0 [ 16.037471] ? __pfx_kthread+0x10/0x10 [ 16.037494] ? _raw_spin_unlock_irq+0x47/0x80 [ 16.037524] ? calculate_sigpending+0x7b/0xa0 [ 16.037553] ? __pfx_kthread+0x10/0x10 [ 16.037577] ret_from_fork+0x41/0x80 [ 16.037658] ? __pfx_kthread+0x10/0x10 [ 16.037728] ret_from_fork_asm+0x1a/0x30 [ 16.037782] </TASK> [ 16.037797] [ 16.057356] Allocated by task 163: [ 16.057896] kasan_save_stack+0x45/0x70 [ 16.058482] kasan_save_track+0x18/0x40 [ 16.059068] kasan_save_alloc_info+0x3b/0x50 [ 16.059645] __kasan_kmalloc+0xb7/0xc0 [ 16.060031] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 16.061155] kmalloc_track_caller_oob_right+0x99/0x520 [ 16.061819] kunit_try_run_case+0x1a5/0x480 [ 16.062337] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062968] kthread+0x337/0x6f0 [ 16.063379] ret_from_fork+0x41/0x80 [ 16.063918] ret_from_fork_asm+0x1a/0x30 [ 16.064368] [ 16.064926] The buggy address belongs to the object at ffff888102a08f00 [ 16.064926] which belongs to the cache kmalloc-128 of size 128 [ 16.065840] The buggy address is located 0 bytes to the right of [ 16.065840] allocated 120-byte region [ffff888102a08f00, ffff888102a08f78) [ 16.066968] [ 16.067190] The buggy address belongs to the physical page: [ 16.067861] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 16.068759] flags: 0x200000000000000(node=0|zone=2) [ 16.069265] page_type: f5(slab) [ 16.069829] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 16.070485] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 16.071420] page dumped because: kasan: bad access detected [ 16.072095] [ 16.072575] Memory state around the buggy address: [ 16.073227] ffff888102a08e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.073663] ffff888102a08e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.074808] >ffff888102a08f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 16.075338] ^ [ 16.076428] ffff888102a08f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.077136] ffff888102a09000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 16.078127] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 15.978520] ================================================================== [ 15.979622] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 15.980266] Read of size 1 at addr ffff888102b9f000 by task kunit_try_catch/161 [ 15.980984] [ 15.981282] CPU: 1 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 15.981552] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.981676] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.981839] Call Trace: [ 15.981907] <TASK> [ 15.981954] dump_stack_lvl+0x73/0xb0 [ 15.982029] print_report+0xd1/0x650 [ 15.982099] ? __virt_addr_valid+0x1db/0x2d0 [ 15.982169] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.982234] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.982306] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.982390] kasan_report+0x141/0x180 [ 15.982447] ? kmalloc_node_oob_right+0x369/0x3c0 [ 15.982482] __asan_report_load1_noabort+0x18/0x20 [ 15.982512] kmalloc_node_oob_right+0x369/0x3c0 [ 15.982541] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 15.982570] ? __schedule+0x10cc/0x2b60 [ 15.982601] ? __pfx_read_tsc+0x10/0x10 [ 15.982709] ? ktime_get_ts64+0x86/0x230 [ 15.982762] kunit_try_run_case+0x1a5/0x480 [ 15.982802] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.982836] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.982872] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.982907] ? __kthread_parkme+0x82/0x180 [ 15.982940] ? preempt_count_sub+0x50/0x80 [ 15.982977] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.983012] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.983045] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.983079] kthread+0x337/0x6f0 [ 15.983104] ? trace_preempt_on+0x20/0xc0 [ 15.983138] ? __pfx_kthread+0x10/0x10 [ 15.983163] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.983195] ? calculate_sigpending+0x7b/0xa0 [ 15.983271] ? __pfx_kthread+0x10/0x10 [ 15.983303] ret_from_fork+0x41/0x80 [ 15.983335] ? __pfx_kthread+0x10/0x10 [ 15.983360] ret_from_fork_asm+0x1a/0x30 [ 15.983402] </TASK> [ 15.983416] [ 16.000787] Allocated by task 161: [ 16.001163] kasan_save_stack+0x45/0x70 [ 16.001805] kasan_save_track+0x18/0x40 [ 16.002282] kasan_save_alloc_info+0x3b/0x50 [ 16.002955] __kasan_kmalloc+0xb7/0xc0 [ 16.003393] __kmalloc_cache_node_noprof+0x188/0x420 [ 16.004043] kmalloc_node_oob_right+0xab/0x3c0 [ 16.004539] kunit_try_run_case+0x1a5/0x480 [ 16.005122] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.005885] kthread+0x337/0x6f0 [ 16.006281] ret_from_fork+0x41/0x80 [ 16.006832] ret_from_fork_asm+0x1a/0x30 [ 16.007290] [ 16.007523] The buggy address belongs to the object at ffff888102b9e000 [ 16.007523] which belongs to the cache kmalloc-4k of size 4096 [ 16.008465] The buggy address is located 0 bytes to the right of [ 16.008465] allocated 4096-byte region [ffff888102b9e000, ffff888102b9f000) [ 16.009852] [ 16.010034] The buggy address belongs to the physical page: [ 16.010855] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102b98 [ 16.012133] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 16.012996] flags: 0x200000000000040(head|node=0|zone=2) [ 16.013700] page_type: f5(slab) [ 16.014025] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.015065] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.015869] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 16.016779] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 16.017399] head: 0200000000000003 ffffea00040ae601 00000000ffffffff 00000000ffffffff [ 16.018184] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 16.019014] page dumped because: kasan: bad access detected [ 16.019545] [ 16.019922] Memory state around the buggy address: [ 16.020348] ffff888102b9ef00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.020965] ffff888102b9ef80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 16.021556] >ffff888102b9f000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.022139] ^ [ 16.022788] ffff888102b9f080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.023919] ffff888102b9f100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 16.024538] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 15.925332] ================================================================== [ 15.926367] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 15.926963] Read of size 1 at addr ffff88810217521f by task kunit_try_catch/159 [ 15.927942] [ 15.928445] CPU: 1 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 15.928568] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.928743] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.928847] Call Trace: [ 15.928889] <TASK> [ 15.928951] dump_stack_lvl+0x73/0xb0 [ 15.929031] print_report+0xd1/0x650 [ 15.929091] ? __virt_addr_valid+0x1db/0x2d0 [ 15.929127] ? kmalloc_oob_left+0x361/0x3c0 [ 15.929158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.929191] ? kmalloc_oob_left+0x361/0x3c0 [ 15.929235] kasan_report+0x141/0x180 [ 15.929288] ? kmalloc_oob_left+0x361/0x3c0 [ 15.929328] __asan_report_load1_noabort+0x18/0x20 [ 15.929357] kmalloc_oob_left+0x361/0x3c0 [ 15.929389] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 15.929420] ? __schedule+0x10cc/0x2b60 [ 15.929453] ? __pfx_read_tsc+0x10/0x10 [ 15.929480] ? ktime_get_ts64+0x86/0x230 [ 15.929516] kunit_try_run_case+0x1a5/0x480 [ 15.929552] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929585] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.929673] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.929766] ? __kthread_parkme+0x82/0x180 [ 15.929845] ? preempt_count_sub+0x50/0x80 [ 15.929920] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.929958] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.929992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.930025] kthread+0x337/0x6f0 [ 15.930048] ? trace_preempt_on+0x20/0xc0 [ 15.930082] ? __pfx_kthread+0x10/0x10 [ 15.930106] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.930136] ? calculate_sigpending+0x7b/0xa0 [ 15.930166] ? __pfx_kthread+0x10/0x10 [ 15.930189] ret_from_fork+0x41/0x80 [ 15.930230] ? __pfx_kthread+0x10/0x10 [ 15.930276] ret_from_fork_asm+0x1a/0x30 [ 15.930320] </TASK> [ 15.930334] [ 15.949002] Allocated by task 24: [ 15.949554] kasan_save_stack+0x45/0x70 [ 15.950437] kasan_save_track+0x18/0x40 [ 15.951139] kasan_save_alloc_info+0x3b/0x50 [ 15.951567] __kasan_kmalloc+0xb7/0xc0 [ 15.951977] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 15.952642] kvasprintf+0xc5/0x150 [ 15.953427] __kthread_create_on_node+0x18b/0x3a0 [ 15.954571] kthread_create_on_node+0xab/0xe0 [ 15.955282] create_worker+0x3e5/0x7b0 [ 15.955665] worker_thread+0x992/0x1220 [ 15.956176] kthread+0x337/0x6f0 [ 15.956573] ret_from_fork+0x41/0x80 [ 15.957357] ret_from_fork_asm+0x1a/0x30 [ 15.957742] [ 15.957982] The buggy address belongs to the object at ffff888102175200 [ 15.957982] which belongs to the cache kmalloc-16 of size 16 [ 15.958896] The buggy address is located 19 bytes to the right of [ 15.958896] allocated 12-byte region [ffff888102175200, ffff88810217520c) [ 15.959857] [ 15.960201] The buggy address belongs to the physical page: [ 15.960737] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102175 [ 15.961494] flags: 0x200000000000000(node=0|zone=2) [ 15.962288] page_type: f5(slab) [ 15.962819] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 15.963649] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 15.964748] page dumped because: kasan: bad access detected [ 15.965418] [ 15.966081] Memory state around the buggy address: [ 15.966892] ffff888102175100: 00 06 fc fc 00 04 fc fc 00 00 fc fc 00 04 fc fc [ 15.967562] ffff888102175180: 00 04 fc fc 00 00 fc fc fa fb fc fc fa fb fc fc [ 15.968650] >ffff888102175200: 00 04 fc fc 00 07 fc fc fc fc fc fc fc fc fc fc [ 15.969733] ^ [ 15.970092] ffff888102175280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.970650] ffff888102175300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.972182] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 15.879082] ================================================================== [ 15.879766] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 15.880597] Read of size 1 at addr ffff888102a08e80 by task kunit_try_catch/157 [ 15.881149] [ 15.881432] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 15.881550] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.881585] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.881652] Call Trace: [ 15.881697] <TASK> [ 15.881735] dump_stack_lvl+0x73/0xb0 [ 15.881815] print_report+0xd1/0x650 [ 15.881892] ? __virt_addr_valid+0x1db/0x2d0 [ 15.881966] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.882037] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.882114] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.882189] kasan_report+0x141/0x180 [ 15.882752] ? kmalloc_oob_right+0x68a/0x7f0 [ 15.882847] __asan_report_load1_noabort+0x18/0x20 [ 15.882924] kmalloc_oob_right+0x68a/0x7f0 [ 15.883001] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.883078] ? __schedule+0x10cc/0x2b60 [ 15.883155] ? __pfx_read_tsc+0x10/0x10 [ 15.883259] ? ktime_get_ts64+0x86/0x230 [ 15.883311] kunit_try_run_case+0x1a5/0x480 [ 15.883353] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883387] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.883422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.883455] ? __kthread_parkme+0x82/0x180 [ 15.883485] ? preempt_count_sub+0x50/0x80 [ 15.883519] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.883554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.883587] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.883673] kthread+0x337/0x6f0 [ 15.883760] ? trace_preempt_on+0x20/0xc0 [ 15.883830] ? __pfx_kthread+0x10/0x10 [ 15.883860] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.883893] ? calculate_sigpending+0x7b/0xa0 [ 15.883924] ? __pfx_kthread+0x10/0x10 [ 15.883949] ret_from_fork+0x41/0x80 [ 15.883981] ? __pfx_kthread+0x10/0x10 [ 15.884006] ret_from_fork_asm+0x1a/0x30 [ 15.884048] </TASK> [ 15.884061] [ 15.900299] Allocated by task 157: [ 15.900676] kasan_save_stack+0x45/0x70 [ 15.901087] kasan_save_track+0x18/0x40 [ 15.901507] kasan_save_alloc_info+0x3b/0x50 [ 15.902296] __kasan_kmalloc+0xb7/0xc0 [ 15.902826] __kmalloc_cache_noprof+0x189/0x420 [ 15.903331] kmalloc_oob_right+0xa9/0x7f0 [ 15.903890] kunit_try_run_case+0x1a5/0x480 [ 15.904278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.904876] kthread+0x337/0x6f0 [ 15.905236] ret_from_fork+0x41/0x80 [ 15.906164] ret_from_fork_asm+0x1a/0x30 [ 15.906752] [ 15.906995] The buggy address belongs to the object at ffff888102a08e00 [ 15.906995] which belongs to the cache kmalloc-128 of size 128 [ 15.907892] The buggy address is located 13 bytes to the right of [ 15.907892] allocated 115-byte region [ffff888102a08e00, ffff888102a08e73) [ 15.908917] [ 15.909140] The buggy address belongs to the physical page: [ 15.910108] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 15.910951] flags: 0x200000000000000(node=0|zone=2) [ 15.911391] page_type: f5(slab) [ 15.911841] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.912538] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.913185] page dumped because: kasan: bad access detected [ 15.914153] [ 15.914384] Memory state around the buggy address: [ 15.914857] ffff888102a08d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.915394] ffff888102a08e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.916124] >ffff888102a08e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.916901] ^ [ 15.917246] ffff888102a08f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.918285] ffff888102a08f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.918988] ================================================================== [ 15.834069] ================================================================== [ 15.835025] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 15.835570] Write of size 1 at addr ffff888102a08e78 by task kunit_try_catch/157 [ 15.836285] [ 15.836512] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 15.836769] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.836810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.836875] Call Trace: [ 15.836936] <TASK> [ 15.836980] dump_stack_lvl+0x73/0xb0 [ 15.837052] print_report+0xd1/0x650 [ 15.837127] ? __virt_addr_valid+0x1db/0x2d0 [ 15.837196] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.837265] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.837335] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.837407] kasan_report+0x141/0x180 [ 15.837485] ? kmalloc_oob_right+0x6bd/0x7f0 [ 15.837572] __asan_report_store1_noabort+0x1b/0x30 [ 15.837666] kmalloc_oob_right+0x6bd/0x7f0 [ 15.837745] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.837834] ? __schedule+0x10cc/0x2b60 [ 15.837911] ? __pfx_read_tsc+0x10/0x10 [ 15.837971] ? ktime_get_ts64+0x86/0x230 [ 15.838050] kunit_try_run_case+0x1a5/0x480 [ 15.838108] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.838143] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.838178] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.838217] ? __kthread_parkme+0x82/0x180 [ 15.838274] ? preempt_count_sub+0x50/0x80 [ 15.838314] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.838352] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.838388] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.838423] kthread+0x337/0x6f0 [ 15.838447] ? trace_preempt_on+0x20/0xc0 [ 15.838482] ? __pfx_kthread+0x10/0x10 [ 15.838508] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.838540] ? calculate_sigpending+0x7b/0xa0 [ 15.838572] ? __pfx_kthread+0x10/0x10 [ 15.838601] ret_from_fork+0x41/0x80 [ 15.838687] ? __pfx_kthread+0x10/0x10 [ 15.838748] ret_from_fork_asm+0x1a/0x30 [ 15.838794] </TASK> [ 15.838807] [ 15.857750] Allocated by task 157: [ 15.858182] kasan_save_stack+0x45/0x70 [ 15.858654] kasan_save_track+0x18/0x40 [ 15.858968] kasan_save_alloc_info+0x3b/0x50 [ 15.859287] __kasan_kmalloc+0xb7/0xc0 [ 15.859915] __kmalloc_cache_noprof+0x189/0x420 [ 15.860468] kmalloc_oob_right+0xa9/0x7f0 [ 15.861286] kunit_try_run_case+0x1a5/0x480 [ 15.861920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.862511] kthread+0x337/0x6f0 [ 15.862935] ret_from_fork+0x41/0x80 [ 15.863379] ret_from_fork_asm+0x1a/0x30 [ 15.864008] [ 15.864274] The buggy address belongs to the object at ffff888102a08e00 [ 15.864274] which belongs to the cache kmalloc-128 of size 128 [ 15.865442] The buggy address is located 5 bytes to the right of [ 15.865442] allocated 115-byte region [ffff888102a08e00, ffff888102a08e73) [ 15.866944] [ 15.867252] The buggy address belongs to the physical page: [ 15.867902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 15.868990] flags: 0x200000000000000(node=0|zone=2) [ 15.869479] page_type: f5(slab) [ 15.869933] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.870837] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.871451] page dumped because: kasan: bad access detected [ 15.872088] [ 15.872368] Memory state around the buggy address: [ 15.873252] ffff888102a08d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.873957] ffff888102a08d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.874789] >ffff888102a08e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.875332] ^ [ 15.876126] ffff888102a08e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877133] ffff888102a08f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.877788] ================================================================== [ 15.780804] ================================================================== [ 15.782044] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 15.783170] Write of size 1 at addr ffff888102a08e73 by task kunit_try_catch/157 [ 15.783944] [ 15.786042] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 15.786426] Tainted: [N]=TEST [ 15.786472] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.786830] Call Trace: [ 15.786922] <TASK> [ 15.787095] dump_stack_lvl+0x73/0xb0 [ 15.787204] print_report+0xd1/0x650 [ 15.787249] ? __virt_addr_valid+0x1db/0x2d0 [ 15.787286] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.787348] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.787385] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.787418] kasan_report+0x141/0x180 [ 15.787451] ? kmalloc_oob_right+0x6f0/0x7f0 [ 15.787491] __asan_report_store1_noabort+0x1b/0x30 [ 15.787521] kmalloc_oob_right+0x6f0/0x7f0 [ 15.787555] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 15.787589] ? __schedule+0x10cc/0x2b60 [ 15.787672] ? __pfx_read_tsc+0x10/0x10 [ 15.787743] ? ktime_get_ts64+0x86/0x230 [ 15.787785] kunit_try_run_case+0x1a5/0x480 [ 15.787824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.787857] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.787893] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.787926] ? __kthread_parkme+0x82/0x180 [ 15.787958] ? preempt_count_sub+0x50/0x80 [ 15.787993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.788027] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.788060] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.788093] kthread+0x337/0x6f0 [ 15.788116] ? trace_preempt_on+0x20/0xc0 [ 15.788150] ? __pfx_kthread+0x10/0x10 [ 15.788174] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.788204] ? calculate_sigpending+0x7b/0xa0 [ 15.788234] ? __pfx_kthread+0x10/0x10 [ 15.788258] ret_from_fork+0x41/0x80 [ 15.788287] ? __pfx_kthread+0x10/0x10 [ 15.788346] ret_from_fork_asm+0x1a/0x30 [ 15.788433] </TASK> [ 15.788516] [ 15.806931] Allocated by task 157: [ 15.807544] kasan_save_stack+0x45/0x70 [ 15.808159] kasan_save_track+0x18/0x40 [ 15.808583] kasan_save_alloc_info+0x3b/0x50 [ 15.809060] __kasan_kmalloc+0xb7/0xc0 [ 15.809501] __kmalloc_cache_noprof+0x189/0x420 [ 15.810314] kmalloc_oob_right+0xa9/0x7f0 [ 15.810920] kunit_try_run_case+0x1a5/0x480 [ 15.811385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.812020] kthread+0x337/0x6f0 [ 15.812452] ret_from_fork+0x41/0x80 [ 15.812967] ret_from_fork_asm+0x1a/0x30 [ 15.813484] [ 15.814210] The buggy address belongs to the object at ffff888102a08e00 [ 15.814210] which belongs to the cache kmalloc-128 of size 128 [ 15.815424] The buggy address is located 0 bytes to the right of [ 15.815424] allocated 115-byte region [ffff888102a08e00, ffff888102a08e73) [ 15.816803] [ 15.817189] The buggy address belongs to the physical page: [ 15.818080] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a08 [ 15.819602] flags: 0x200000000000000(node=0|zone=2) [ 15.820767] page_type: f5(slab) [ 15.821715] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.822348] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.823470] page dumped because: kasan: bad access detected [ 15.824049] [ 15.824450] Memory state around the buggy address: [ 15.825797] ffff888102a08d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.826414] ffff888102a08d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.827541] >ffff888102a08e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 15.828544] ^ [ 15.829142] ffff888102a08e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.830171] ffff888102a08f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.830985] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 197.572588] WARNING: CPU: 0 PID: 2743 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 197.573860] Modules linked in: [ 197.574233] CPU: 0 UID: 0 PID: 2743 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 197.575458] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 197.576255] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 197.577224] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 197.578427] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 197.579872] RSP: 0000:ffff88810c78fc78 EFLAGS: 00010286 [ 197.580401] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 197.580994] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa6c240b4 [ 197.582019] RBP: ffff88810c78fca0 R08: 0000000000000000 R09: ffffed10203ce9c0 [ 197.583017] R10: ffff888101e74e07 R11: 0000000000000000 R12: ffffffffa6c240a0 [ 197.583597] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810c78fd38 [ 197.584299] FS: 0000000000000000(0000) GS:ffff8881b2493000(0000) knlGS:0000000000000000 [ 197.585242] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.586023] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 197.586594] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30902 [ 197.587135] DR3: ffffffffa8c30903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 197.587905] Call Trace: [ 197.588282] <TASK> [ 197.588539] drm_test_rect_calc_vscale+0x108/0x270 [ 197.589505] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 197.590347] ? __schedule+0x10cc/0x2b60 [ 197.590971] ? __pfx_read_tsc+0x10/0x10 [ 197.591473] ? ktime_get_ts64+0x86/0x230 [ 197.592188] kunit_try_run_case+0x1a5/0x480 [ 197.592999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.593507] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 197.594205] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 197.594888] ? __kthread_parkme+0x82/0x180 [ 197.595470] ? preempt_count_sub+0x50/0x80 [ 197.596172] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.596986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 197.597555] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 197.598448] kthread+0x337/0x6f0 [ 197.599009] ? trace_preempt_on+0x20/0xc0 [ 197.599454] ? __pfx_kthread+0x10/0x10 [ 197.600085] ? _raw_spin_unlock_irq+0x47/0x80 [ 197.600994] ? calculate_sigpending+0x7b/0xa0 [ 197.601473] ? __pfx_kthread+0x10/0x10 [ 197.602187] ret_from_fork+0x41/0x80 [ 197.602798] ? __pfx_kthread+0x10/0x10 [ 197.603243] ret_from_fork_asm+0x1a/0x30 [ 197.603957] </TASK> [ 197.604252] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 197.533802] WARNING: CPU: 1 PID: 2741 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 197.534789] Modules linked in: [ 197.535790] CPU: 1 UID: 0 PID: 2741 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 197.536519] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 197.537481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 197.538251] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 197.538730] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 b3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 197.540964] RSP: 0000:ffff88810accfc78 EFLAGS: 00010286 [ 197.541872] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 197.542468] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffffa6c2407c [ 197.543370] RBP: ffff88810accfca0 R08: 0000000000000000 R09: ffffed10201cad80 [ 197.544198] R10: ffff888100e56c07 R11: 0000000000000000 R12: ffffffffa6c24068 [ 197.545216] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810accfd38 [ 197.546245] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 197.547091] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.548015] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 197.549099] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 197.550058] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 197.550956] Call Trace: [ 197.551198] <TASK> [ 197.551405] drm_test_rect_calc_vscale+0x108/0x270 [ 197.551767] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 197.552878] ? __schedule+0x10cc/0x2b60 [ 197.553207] ? __pfx_read_tsc+0x10/0x10 [ 197.554397] ? ktime_get_ts64+0x86/0x230 [ 197.555014] kunit_try_run_case+0x1a5/0x480 [ 197.555947] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.556564] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 197.557427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 197.558330] ? __kthread_parkme+0x82/0x180 [ 197.558875] ? preempt_count_sub+0x50/0x80 [ 197.559472] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.560213] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 197.560806] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 197.561505] kthread+0x337/0x6f0 [ 197.562091] ? trace_preempt_on+0x20/0xc0 [ 197.562497] ? __pfx_kthread+0x10/0x10 [ 197.563031] ? _raw_spin_unlock_irq+0x47/0x80 [ 197.563583] ? calculate_sigpending+0x7b/0xa0 [ 197.564200] ? __pfx_kthread+0x10/0x10 [ 197.564597] ret_from_fork+0x41/0x80 [ 197.565197] ? __pfx_kthread+0x10/0x10 [ 197.565763] ret_from_fork_asm+0x1a/0x30 [ 197.566360] </TASK> [ 197.566751] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 197.477989] WARNING: CPU: 0 PID: 2731 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 197.479093] Modules linked in: [ 197.479467] CPU: 0 UID: 0 PID: 2731 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 197.481246] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 197.481710] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 197.482764] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 197.483485] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 197.485131] RSP: 0000:ffff88810a767c78 EFLAGS: 00010286 [ 197.486001] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 197.486818] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa6c240b8 [ 197.487330] RBP: ffff88810a767ca0 R08: 0000000000000000 R09: ffffed10203ce900 [ 197.487853] R10: ffff888101e74807 R11: 0000000000000000 R12: ffffffffa6c240a0 [ 197.488832] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810a767d38 [ 197.489457] FS: 0000000000000000(0000) GS:ffff8881b2493000(0000) knlGS:0000000000000000 [ 197.490893] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.491502] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 197.492072] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30902 [ 197.492967] DR3: ffffffffa8c30903 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 197.493550] Call Trace: [ 197.494404] <TASK> [ 197.495001] drm_test_rect_calc_hscale+0x108/0x270 [ 197.495513] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 197.496168] ? __schedule+0x10cc/0x2b60 [ 197.496567] ? __pfx_read_tsc+0x10/0x10 [ 197.497071] ? ktime_get_ts64+0x86/0x230 [ 197.497514] kunit_try_run_case+0x1a5/0x480 [ 197.498440] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.499057] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 197.499588] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 197.500305] ? __kthread_parkme+0x82/0x180 [ 197.500966] ? preempt_count_sub+0x50/0x80 [ 197.501416] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.502359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 197.503099] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 197.503699] kthread+0x337/0x6f0 [ 197.504069] ? trace_preempt_on+0x20/0xc0 [ 197.504478] ? __pfx_kthread+0x10/0x10 [ 197.505049] ? _raw_spin_unlock_irq+0x47/0x80 [ 197.505571] ? calculate_sigpending+0x7b/0xa0 [ 197.507080] ? __pfx_kthread+0x10/0x10 [ 197.507700] ret_from_fork+0x41/0x80 [ 197.508113] ? __pfx_kthread+0x10/0x10 [ 197.508470] ret_from_fork_asm+0x1a/0x30 [ 197.509026] </TASK> [ 197.509409] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 197.437693] WARNING: CPU: 1 PID: 2729 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 197.438961] Modules linked in: [ 197.439402] CPU: 1 UID: 0 PID: 2729 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 197.441348] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 197.442144] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 197.443050] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 197.443585] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 197.445746] RSP: 0000:ffff8881025ffc78 EFLAGS: 00010286 [ 197.446850] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 197.447317] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffffa6c24080 [ 197.448034] RBP: ffff8881025ffca0 R08: 0000000000000000 R09: ffffed10201cace0 [ 197.448914] R10: ffff888100e56707 R11: 0000000000000000 R12: ffffffffa6c24068 [ 197.449871] R13: 0000000000000000 R14: 000000007fffffff R15: ffff8881025ffd38 [ 197.450512] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 197.451331] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 197.452205] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 197.452818] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 197.453418] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 197.454242] Call Trace: [ 197.454917] <TASK> [ 197.455486] drm_test_rect_calc_hscale+0x108/0x270 [ 197.456492] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 197.457151] ? __schedule+0x10cc/0x2b60 [ 197.457497] ? __pfx_read_tsc+0x10/0x10 [ 197.458259] ? ktime_get_ts64+0x86/0x230 [ 197.458684] kunit_try_run_case+0x1a5/0x480 [ 197.459268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.460364] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 197.461269] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 197.461775] ? __kthread_parkme+0x82/0x180 [ 197.462937] ? preempt_count_sub+0x50/0x80 [ 197.463323] ? __pfx_kunit_try_run_case+0x10/0x10 [ 197.464161] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 197.464977] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 197.465861] kthread+0x337/0x6f0 [ 197.466021] ? trace_preempt_on+0x20/0xc0 [ 197.467180] ? __pfx_kthread+0x10/0x10 [ 197.467804] ? _raw_spin_unlock_irq+0x47/0x80 [ 197.468343] ? calculate_sigpending+0x7b/0xa0 [ 197.468938] ? __pfx_kthread+0x10/0x10 [ 197.469432] ret_from_fork+0x41/0x80 [ 197.470011] ? __pfx_kthread+0x10/0x10 [ 197.470508] ret_from_fork_asm+0x1a/0x30 [ 197.471099] </TASK> [ 197.471625] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 196.124832] WARNING: CPU: 1 PID: 2527 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 196.126350] Modules linked in: [ 196.127028] CPU: 1 UID: 0 PID: 2527 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 196.129098] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 196.129679] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 196.131169] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 196.131609] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 196.133196] RSP: 0000:ffff888102b6fb30 EFLAGS: 00010246 [ 196.134178] RAX: dffffc0000000000 RBX: ffff888102b6fc28 RCX: 0000000000000000 [ 196.134830] RDX: 1ffff1102056df8e RSI: ffff888102b6fc28 RDI: ffff888102b6fc70 [ 196.135774] RBP: ffff888102b6fb70 R08: ffff888102e77000 R09: ffffffffa6bcab60 [ 196.136522] R10: 0000000000000003 R11: 00000000f8e09294 R12: ffff888102e77000 [ 196.137455] R13: ffff88810031fae8 R14: ffff888102b6fba8 R15: 0000000000000000 [ 196.138429] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 196.139383] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.140025] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 196.141094] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 196.141749] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 196.142505] Call Trace: [ 196.143081] <TASK> [ 196.143553] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 196.144440] ? add_dr+0x148/0x1d0 [ 196.145071] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 196.146061] ? __drmm_add_action+0x1a4/0x280 [ 196.146569] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 196.147139] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 196.147889] ? __drmm_add_action_or_reset+0x22/0x50 [ 196.148325] ? __schedule+0x10cc/0x2b60 [ 196.148804] ? __pfx_read_tsc+0x10/0x10 [ 196.149600] ? ktime_get_ts64+0x86/0x230 [ 196.150188] kunit_try_run_case+0x1a5/0x480 [ 196.150634] ? __pfx_kunit_try_run_case+0x10/0x10 [ 196.151201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 196.151942] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 196.152427] ? __kthread_parkme+0x82/0x180 [ 196.153295] ? preempt_count_sub+0x50/0x80 [ 196.154122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 196.155051] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 196.155517] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 196.157253] kthread+0x337/0x6f0 [ 196.158069] ? trace_preempt_on+0x20/0xc0 [ 196.158468] ? __pfx_kthread+0x10/0x10 [ 196.159080] ? _raw_spin_unlock_irq+0x47/0x80 [ 196.160050] ? calculate_sigpending+0x7b/0xa0 [ 196.160498] ? __pfx_kthread+0x10/0x10 [ 196.161100] ret_from_fork+0x41/0x80 [ 196.161893] ? __pfx_kthread+0x10/0x10 [ 196.162517] ret_from_fork_asm+0x1a/0x30 [ 196.163096] </TASK> [ 196.163452] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 196.057279] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 196.057569] WARNING: CPU: 1 PID: 2523 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 196.060785] Modules linked in: [ 196.061218] CPU: 1 UID: 0 PID: 2523 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 196.062598] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 196.063380] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 196.064088] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 196.064715] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 bb 84 84 00 48 c7 c1 60 5b bc a6 4c 89 fa 48 c7 c7 c0 5b bc a6 48 89 c6 e8 42 b0 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 196.066792] RSP: 0000:ffff888102b6fb68 EFLAGS: 00010282 [ 196.067618] RAX: 0000000000000000 RBX: ffff888102b6fc40 RCX: 1ffffffff4f24b60 [ 196.069174] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 196.070290] RBP: ffff888102b6fb90 R08: 0000000000000000 R09: fffffbfff4f24b60 [ 196.071571] R10: 0000000000000003 R11: 00000000000363c8 R12: ffff888102b6fc18 [ 196.072194] R13: ffff888103001000 R14: ffff888102e73000 R15: ffff88810e0f2b80 [ 196.073155] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 196.073957] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 196.074511] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 196.075821] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 196.076498] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 196.077319] Call Trace: [ 196.077632] <TASK> [ 196.078100] drm_test_framebuffer_free+0x1ab/0x610 [ 196.078676] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 196.079501] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 196.080062] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 196.081148] ? __drmm_add_action_or_reset+0x22/0x50 [ 196.081731] ? __schedule+0x10cc/0x2b60 [ 196.082714] ? __pfx_read_tsc+0x10/0x10 [ 196.083229] ? ktime_get_ts64+0x86/0x230 [ 196.083933] kunit_try_run_case+0x1a5/0x480 [ 196.084508] ? __pfx_kunit_try_run_case+0x10/0x10 [ 196.085544] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 196.086354] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 196.087224] ? __kthread_parkme+0x82/0x180 [ 196.087838] ? preempt_count_sub+0x50/0x80 [ 196.088256] ? __pfx_kunit_try_run_case+0x10/0x10 [ 196.088899] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 196.089363] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 196.090017] kthread+0x337/0x6f0 [ 196.090704] ? trace_preempt_on+0x20/0xc0 [ 196.091432] ? __pfx_kthread+0x10/0x10 [ 196.091871] ? _raw_spin_unlock_irq+0x47/0x80 [ 196.092600] ? calculate_sigpending+0x7b/0xa0 [ 196.093203] ? __pfx_kthread+0x10/0x10 [ 196.093884] ret_from_fork+0x41/0x80 [ 196.094299] ? __pfx_kthread+0x10/0x10 [ 196.095051] ret_from_fork_asm+0x1a/0x30 [ 196.095463] </TASK> [ 196.096060] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 193.665996] WARNING: CPU: 1 PID: 1953 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 193.666977] Modules linked in: [ 193.667497] CPU: 1 UID: 0 PID: 1953 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 193.668419] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.669064] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.670055] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 193.670597] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 f6 21 02 48 89 df e8 d8 [ 193.672054] RSP: 0000:ffff88810d637c90 EFLAGS: 00010246 [ 193.672559] RAX: dffffc0000000000 RBX: ffff88810d714000 RCX: 0000000000000000 [ 193.673390] RDX: 1ffff11021ae2832 RSI: ffffffffa3df4a58 RDI: ffff88810d714190 [ 193.673940] RBP: ffff88810d637ca0 R08: 1ffff11020063f69 R09: ffffed1021ac6f65 [ 193.674816] R10: 0000000000000003 R11: ffffffffa28049aa R12: 0000000000000000 [ 193.675443] R13: ffff88810d637d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 193.676384] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 193.677155] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.677828] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 193.678296] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 193.679082] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.679726] Call Trace: [ 193.680030] <TASK> [ 193.680324] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 193.680870] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 193.681763] ? __schedule+0x10cc/0x2b60 [ 193.682302] ? __pfx_read_tsc+0x10/0x10 [ 193.682688] ? ktime_get_ts64+0x86/0x230 [ 193.683391] kunit_try_run_case+0x1a5/0x480 [ 193.683782] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.684367] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.684785] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.685547] ? __kthread_parkme+0x82/0x180 [ 193.686012] ? preempt_count_sub+0x50/0x80 [ 193.686573] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.687145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.687625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.688354] kthread+0x337/0x6f0 [ 193.688876] ? trace_preempt_on+0x20/0xc0 [ 193.689313] ? __pfx_kthread+0x10/0x10 [ 193.689700] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.690218] ? calculate_sigpending+0x7b/0xa0 [ 193.690998] ? __pfx_kthread+0x10/0x10 [ 193.691344] ret_from_fork+0x41/0x80 [ 193.691797] ? __pfx_kthread+0x10/0x10 [ 193.692471] ret_from_fork_asm+0x1a/0x30 [ 193.692921] </TASK> [ 193.693351] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 193.796079] WARNING: CPU: 1 PID: 1961 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 193.797968] Modules linked in: [ 193.798583] CPU: 1 UID: 0 PID: 1961 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 193.799977] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 193.800749] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 193.801563] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 193.802090] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 f6 21 02 48 89 df e8 d8 [ 193.803745] RSP: 0000:ffff88810d397c90 EFLAGS: 00010246 [ 193.804292] RAX: dffffc0000000000 RBX: ffff88810d880000 RCX: 0000000000000000 [ 193.804986] RDX: 1ffff11021b10032 RSI: ffffffffa3df4a58 RDI: ffff88810d880190 [ 193.805790] RBP: ffff88810d397ca0 R08: 1ffff11020063f69 R09: ffffed1021a72f65 [ 193.806437] R10: 0000000000000003 R11: ffffffffa3382b48 R12: 0000000000000000 [ 193.807318] R13: ffff88810d397d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 193.808015] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 193.808849] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 193.809417] CR2: 00007ffff7ffe000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 193.810199] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 193.810919] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 193.811820] Call Trace: [ 193.812096] <TASK> [ 193.812475] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 193.813790] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 193.814479] ? __schedule+0x10cc/0x2b60 [ 193.814959] ? __pfx_read_tsc+0x10/0x10 [ 193.815364] ? ktime_get_ts64+0x86/0x230 [ 193.815757] kunit_try_run_case+0x1a5/0x480 [ 193.816142] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.816731] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 193.817201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 193.817842] ? __kthread_parkme+0x82/0x180 [ 193.818437] ? preempt_count_sub+0x50/0x80 [ 193.819049] ? __pfx_kunit_try_run_case+0x10/0x10 [ 193.819699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 193.820301] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 193.820977] kthread+0x337/0x6f0 [ 193.821438] ? trace_preempt_on+0x20/0xc0 [ 193.821990] ? __pfx_kthread+0x10/0x10 [ 193.822493] ? _raw_spin_unlock_irq+0x47/0x80 [ 193.823182] ? calculate_sigpending+0x7b/0xa0 [ 193.823745] ? __pfx_kthread+0x10/0x10 [ 193.824245] ret_from_fork+0x41/0x80 [ 193.824780] ? __pfx_kthread+0x10/0x10 [ 193.825257] ret_from_fork_asm+0x1a/0x30 [ 193.825936] </TASK> [ 193.826210] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 144.671240] WARNING: CPU: 1 PID: 677 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 144.672508] Modules linked in: [ 144.673232] CPU: 1 UID: 0 PID: 677 Comm: kunit_try_catch Tainted: G B D W N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 144.674330] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 144.675398] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.676318] RIP: 0010:intlog10+0x2a/0x40 [ 144.676737] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 144.678331] RSP: 0000:ffff88810b7c7cb0 EFLAGS: 00010246 [ 144.678900] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110216f8fb4 [ 144.679510] RDX: 1ffffffff4d525a0 RSI: 1ffff110216f8fb3 RDI: 0000000000000000 [ 144.680105] RBP: ffff88810b7c7d60 R08: 0000000000000000 R09: ffffed1020538ac0 [ 144.680942] R10: ffff8881029c5607 R11: 0000000000000000 R12: 1ffff110216f8f97 [ 144.681572] R13: ffffffffa6a92d00 R14: 0000000000000000 R15: ffff88810b7c7d38 [ 144.682512] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 144.683448] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.684100] CR2: dffffc0000000000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 144.684936] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 144.685545] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.686131] Call Trace: [ 144.686825] <TASK> [ 144.687309] ? intlog10_test+0xf2/0x220 [ 144.687735] ? __pfx_intlog10_test+0x10/0x10 [ 144.688889] ? __schedule+0x10cc/0x2b60 [ 144.689288] ? __pfx_read_tsc+0x10/0x10 [ 144.689823] ? ktime_get_ts64+0x86/0x230 [ 144.690288] kunit_try_run_case+0x1a5/0x480 [ 144.691059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.691600] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.692245] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.692971] ? __kthread_parkme+0x82/0x180 [ 144.693341] ? preempt_count_sub+0x50/0x80 [ 144.694017] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.694745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.695853] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.696498] kthread+0x337/0x6f0 [ 144.697009] ? trace_preempt_on+0x20/0xc0 [ 144.697483] ? __pfx_kthread+0x10/0x10 [ 144.697990] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.698464] ? calculate_sigpending+0x7b/0xa0 [ 144.699065] ? __pfx_kthread+0x10/0x10 [ 144.699465] ret_from_fork+0x41/0x80 [ 144.700121] ? __pfx_kthread+0x10/0x10 [ 144.700433] ret_from_fork_asm+0x1a/0x30 [ 144.700803] </TASK> [ 144.701053] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 144.598739] WARNING: CPU: 1 PID: 659 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 144.599508] Modules linked in: [ 144.600076] CPU: 1 UID: 0 PID: 659 Comm: kunit_try_catch Tainted: G B D N 6.15.4-rc1 #1 PREEMPT(voluntary) [ 144.600769] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 144.601633] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 144.602663] RIP: 0010:intlog2+0xdf/0x110 [ 144.603554] Code: a9 a6 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d e9 d2 47 81 02 90 <0f> 0b 90 31 c0 e9 c7 47 81 02 89 45 e4 e8 df c6 56 ff 8b 45 e4 eb [ 144.605404] RSP: 0000:ffff88810b5efcb0 EFLAGS: 00010246 [ 144.606131] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110216bdfb4 [ 144.606934] RDX: 1ffffffff4d525f4 RSI: 1ffff110216bdfb3 RDI: 0000000000000000 [ 144.607717] RBP: ffff88810b5efd60 R08: 0000000000000000 R09: ffffed1021677d60 [ 144.608782] R10: ffff88810b3beb07 R11: 0000000000000000 R12: 1ffff110216bdf97 [ 144.609536] R13: ffffffffa6a92fa0 R14: 0000000000000000 R15: ffff88810b5efd38 [ 144.610278] FS: 0000000000000000(0000) GS:ffff8881b2593000(0000) knlGS:0000000000000000 [ 144.611205] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 144.612230] CR2: dffffc0000000000 CR3: 00000001086ba000 CR4: 00000000000006f0 [ 144.612749] DR0: ffffffffa8c30900 DR1: ffffffffa8c30901 DR2: ffffffffa8c30903 [ 144.613704] DR3: ffffffffa8c30905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 144.614338] Call Trace: [ 144.614650] <TASK> [ 144.615232] ? intlog2_test+0xf2/0x220 [ 144.615783] ? __pfx_intlog2_test+0x10/0x10 [ 144.616261] ? __schedule+0x10cc/0x2b60 [ 144.617017] ? __pfx_read_tsc+0x10/0x10 [ 144.617830] ? ktime_get_ts64+0x86/0x230 [ 144.618476] kunit_try_run_case+0x1a5/0x480 [ 144.619319] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.619738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 144.620157] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 144.621316] ? __kthread_parkme+0x82/0x180 [ 144.622065] ? preempt_count_sub+0x50/0x80 [ 144.622528] ? __pfx_kunit_try_run_case+0x10/0x10 [ 144.623165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 144.624000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 144.624523] kthread+0x337/0x6f0 [ 144.625360] ? trace_preempt_on+0x20/0xc0 [ 144.625916] ? __pfx_kthread+0x10/0x10 [ 144.626241] ? _raw_spin_unlock_irq+0x47/0x80 [ 144.626684] ? calculate_sigpending+0x7b/0xa0 [ 144.627388] ? __pfx_kthread+0x10/0x10 [ 144.628326] ret_from_fork+0x41/0x80 [ 144.628865] ? __pfx_kthread+0x10/0x10 [ 144.629297] ret_from_fork_asm+0x1a/0x30 [ 144.629786] </TASK> [ 144.630112] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 143.611507] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI