Date
July 3, 2025, 3:13 p.m.
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-ksize_unpoisons_memory
[ 11.621249] ================================================================== [ 11.621871] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.622198] Read of size 1 at addr ffff888103138f7f by task kunit_try_catch/213 [ 11.622632] [ 11.622744] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.622788] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.622799] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.622818] Call Trace: [ 11.622830] <TASK> [ 11.622844] dump_stack_lvl+0x73/0xb0 [ 11.622869] print_report+0xd1/0x650 [ 11.622891] ? __virt_addr_valid+0x1db/0x2d0 [ 11.622912] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.622931] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.622953] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.622973] kasan_report+0x141/0x180 [ 11.622995] ? ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.623020] __asan_report_load1_noabort+0x18/0x20 [ 11.623040] ksize_unpoisons_memory+0x7b6/0x9b0 [ 11.623060] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.623079] ? finish_task_switch.isra.0+0x153/0x700 [ 11.623102] ? __switch_to+0x5d9/0xf60 [ 11.623122] ? dequeue_task_fair+0x166/0x4e0 [ 11.623146] ? __schedule+0x10cc/0x2b60 [ 11.623168] ? __pfx_read_tsc+0x10/0x10 [ 11.623187] ? ktime_get_ts64+0x86/0x230 [ 11.623212] kunit_try_run_case+0x1a5/0x480 [ 11.623249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.623271] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.623294] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.623317] ? __kthread_parkme+0x82/0x180 [ 11.623338] ? preempt_count_sub+0x50/0x80 [ 11.623362] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.623385] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.623408] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.623431] kthread+0x337/0x6f0 [ 11.623448] ? trace_preempt_on+0x20/0xc0 [ 11.623470] ? __pfx_kthread+0x10/0x10 [ 11.623488] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.623509] ? calculate_sigpending+0x7b/0xa0 [ 11.623530] ? __pfx_kthread+0x10/0x10 [ 11.623548] ret_from_fork+0x41/0x80 [ 11.623568] ? __pfx_kthread+0x10/0x10 [ 11.623586] ret_from_fork_asm+0x1a/0x30 [ 11.623615] </TASK> [ 11.623624] [ 11.631705] Allocated by task 213: [ 11.631905] kasan_save_stack+0x45/0x70 [ 11.632057] kasan_save_track+0x18/0x40 [ 11.632190] kasan_save_alloc_info+0x3b/0x50 [ 11.632347] __kasan_kmalloc+0xb7/0xc0 [ 11.632479] __kmalloc_cache_noprof+0x189/0x420 [ 11.632628] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.632909] kunit_try_run_case+0x1a5/0x480 [ 11.633114] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.633521] kthread+0x337/0x6f0 [ 11.633742] ret_from_fork+0x41/0x80 [ 11.633927] ret_from_fork_asm+0x1a/0x30 [ 11.634125] [ 11.634222] The buggy address belongs to the object at ffff888103138f00 [ 11.634222] which belongs to the cache kmalloc-128 of size 128 [ 11.634753] The buggy address is located 12 bytes to the right of [ 11.634753] allocated 115-byte region [ffff888103138f00, ffff888103138f73) [ 11.635392] [ 11.635488] The buggy address belongs to the physical page: [ 11.635742] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 11.636045] flags: 0x200000000000000(node=0|zone=2) [ 11.636228] page_type: f5(slab) [ 11.636594] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.636927] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.637159] page dumped because: kasan: bad access detected [ 11.637345] [ 11.637416] Memory state around the buggy address: [ 11.637577] ffff888103138e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.638153] ffff888103138e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.638486] >ffff888103138f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.638804] ^ [ 11.639118] ffff888103138f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.639569] ffff888103139000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.639920] ================================================================== [ 11.582724] ================================================================== [ 11.583193] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x81c/0x9b0 [ 11.583608] Read of size 1 at addr ffff888103138f73 by task kunit_try_catch/213 [ 11.583917] [ 11.584039] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.584084] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.584095] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.584117] Call Trace: [ 11.584128] <TASK> [ 11.584143] dump_stack_lvl+0x73/0xb0 [ 11.584167] print_report+0xd1/0x650 [ 11.584190] ? __virt_addr_valid+0x1db/0x2d0 [ 11.584211] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.584230] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.584265] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.584285] kasan_report+0x141/0x180 [ 11.584308] ? ksize_unpoisons_memory+0x81c/0x9b0 [ 11.584377] __asan_report_load1_noabort+0x18/0x20 [ 11.584402] ksize_unpoisons_memory+0x81c/0x9b0 [ 11.584423] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.584443] ? finish_task_switch.isra.0+0x153/0x700 [ 11.584466] ? __switch_to+0x5d9/0xf60 [ 11.584488] ? dequeue_task_fair+0x166/0x4e0 [ 11.584512] ? __schedule+0x10cc/0x2b60 [ 11.584535] ? __pfx_read_tsc+0x10/0x10 [ 11.584554] ? ktime_get_ts64+0x86/0x230 [ 11.584578] kunit_try_run_case+0x1a5/0x480 [ 11.584601] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.584623] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.584646] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.584682] ? __kthread_parkme+0x82/0x180 [ 11.584704] ? preempt_count_sub+0x50/0x80 [ 11.584728] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.584751] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.584774] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.584796] kthread+0x337/0x6f0 [ 11.584813] ? trace_preempt_on+0x20/0xc0 [ 11.584836] ? __pfx_kthread+0x10/0x10 [ 11.584854] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.584875] ? calculate_sigpending+0x7b/0xa0 [ 11.584897] ? __pfx_kthread+0x10/0x10 [ 11.584915] ret_from_fork+0x41/0x80 [ 11.584935] ? __pfx_kthread+0x10/0x10 [ 11.584952] ret_from_fork_asm+0x1a/0x30 [ 11.584982] </TASK> [ 11.584992] [ 11.592645] Allocated by task 213: [ 11.592834] kasan_save_stack+0x45/0x70 [ 11.593032] kasan_save_track+0x18/0x40 [ 11.593196] kasan_save_alloc_info+0x3b/0x50 [ 11.593495] __kasan_kmalloc+0xb7/0xc0 [ 11.593680] __kmalloc_cache_noprof+0x189/0x420 [ 11.593869] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.594079] kunit_try_run_case+0x1a5/0x480 [ 11.594273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.594511] kthread+0x337/0x6f0 [ 11.594678] ret_from_fork+0x41/0x80 [ 11.594831] ret_from_fork_asm+0x1a/0x30 [ 11.595010] [ 11.595101] The buggy address belongs to the object at ffff888103138f00 [ 11.595101] which belongs to the cache kmalloc-128 of size 128 [ 11.595564] The buggy address is located 0 bytes to the right of [ 11.595564] allocated 115-byte region [ffff888103138f00, ffff888103138f73) [ 11.596250] [ 11.596457] The buggy address belongs to the physical page: [ 11.596710] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 11.596951] flags: 0x200000000000000(node=0|zone=2) [ 11.597114] page_type: f5(slab) [ 11.597245] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.597635] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.598217] page dumped because: kasan: bad access detected [ 11.598510] [ 11.598581] Memory state around the buggy address: [ 11.598735] ffff888103138e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.598946] ffff888103138e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.599157] >ffff888103138f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.599784] ^ [ 11.600102] ffff888103138f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.600441] ffff888103139000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.600809] ================================================================== [ 11.601471] ================================================================== [ 11.601829] BUG: KASAN: slab-out-of-bounds in ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.602164] Read of size 1 at addr ffff888103138f78 by task kunit_try_catch/213 [ 11.602548] [ 11.602659] CPU: 0 UID: 0 PID: 213 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.602700] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.602711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.602730] Call Trace: [ 11.602743] <TASK> [ 11.602757] dump_stack_lvl+0x73/0xb0 [ 11.602780] print_report+0xd1/0x650 [ 11.602801] ? __virt_addr_valid+0x1db/0x2d0 [ 11.602822] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.602841] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.602863] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.602883] kasan_report+0x141/0x180 [ 11.602906] ? ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.602930] __asan_report_load1_noabort+0x18/0x20 [ 11.602951] ksize_unpoisons_memory+0x7e9/0x9b0 [ 11.602971] ? __pfx_ksize_unpoisons_memory+0x10/0x10 [ 11.602991] ? finish_task_switch.isra.0+0x153/0x700 [ 11.603013] ? __switch_to+0x5d9/0xf60 [ 11.603033] ? dequeue_task_fair+0x166/0x4e0 [ 11.603056] ? __schedule+0x10cc/0x2b60 [ 11.603079] ? __pfx_read_tsc+0x10/0x10 [ 11.603098] ? ktime_get_ts64+0x86/0x230 [ 11.603122] kunit_try_run_case+0x1a5/0x480 [ 11.603146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.603167] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.603231] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.603265] ? __kthread_parkme+0x82/0x180 [ 11.603286] ? preempt_count_sub+0x50/0x80 [ 11.603311] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.603334] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.603356] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.603379] kthread+0x337/0x6f0 [ 11.603396] ? trace_preempt_on+0x20/0xc0 [ 11.603418] ? __pfx_kthread+0x10/0x10 [ 11.603436] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.603457] ? calculate_sigpending+0x7b/0xa0 [ 11.603479] ? __pfx_kthread+0x10/0x10 [ 11.603720] ret_from_fork+0x41/0x80 [ 11.603752] ? __pfx_kthread+0x10/0x10 [ 11.603770] ret_from_fork_asm+0x1a/0x30 [ 11.603800] </TASK> [ 11.603810] [ 11.611922] Allocated by task 213: [ 11.612113] kasan_save_stack+0x45/0x70 [ 11.612508] kasan_save_track+0x18/0x40 [ 11.612769] kasan_save_alloc_info+0x3b/0x50 [ 11.612980] __kasan_kmalloc+0xb7/0xc0 [ 11.613145] __kmalloc_cache_noprof+0x189/0x420 [ 11.613449] ksize_unpoisons_memory+0xc7/0x9b0 [ 11.613614] kunit_try_run_case+0x1a5/0x480 [ 11.613804] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.614058] kthread+0x337/0x6f0 [ 11.614218] ret_from_fork+0x41/0x80 [ 11.614438] ret_from_fork_asm+0x1a/0x30 [ 11.614688] [ 11.614785] The buggy address belongs to the object at ffff888103138f00 [ 11.614785] which belongs to the cache kmalloc-128 of size 128 [ 11.615257] The buggy address is located 5 bytes to the right of [ 11.615257] allocated 115-byte region [ffff888103138f00, ffff888103138f73) [ 11.615748] [ 11.615847] The buggy address belongs to the physical page: [ 11.616071] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 11.616472] flags: 0x200000000000000(node=0|zone=2) [ 11.616640] page_type: f5(slab) [ 11.616790] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.617155] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.617487] page dumped because: kasan: bad access detected [ 11.617742] [ 11.617812] Memory state around the buggy address: [ 11.617967] ffff888103138e00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.618186] ffff888103138e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.618901] >ffff888103138f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 11.619231] ^ [ 11.619903] ffff888103138f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.620123] ffff888103139000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.620687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kfree_sensitive
[ 11.554818] ================================================================== [ 11.555157] BUG: KASAN: double-free in kfree_sensitive+0x2e/0x90 [ 11.555841] Free of addr ffff888102224120 by task kunit_try_catch/211 [ 11.556564] [ 11.556679] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.556724] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.556737] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.556757] Call Trace: [ 11.556769] <TASK> [ 11.556785] dump_stack_lvl+0x73/0xb0 [ 11.556810] print_report+0xd1/0x650 [ 11.556833] ? __virt_addr_valid+0x1db/0x2d0 [ 11.556855] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.556877] ? kfree_sensitive+0x2e/0x90 [ 11.556900] kasan_report_invalid_free+0x10a/0x130 [ 11.556925] ? kfree_sensitive+0x2e/0x90 [ 11.556947] ? kfree_sensitive+0x2e/0x90 [ 11.556968] check_slab_allocation+0x101/0x130 [ 11.556990] __kasan_slab_pre_free+0x28/0x40 [ 11.557011] kfree+0xf0/0x3f0 [ 11.557029] ? kfree_sensitive+0x2e/0x90 [ 11.557052] kfree_sensitive+0x2e/0x90 [ 11.557073] kmalloc_double_kzfree+0x19c/0x350 [ 11.557092] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.557113] ? __schedule+0x10cc/0x2b60 [ 11.557135] ? __pfx_read_tsc+0x10/0x10 [ 11.557155] ? ktime_get_ts64+0x86/0x230 [ 11.557179] kunit_try_run_case+0x1a5/0x480 [ 11.557203] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.557225] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.557261] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.557284] ? __kthread_parkme+0x82/0x180 [ 11.557306] ? preempt_count_sub+0x50/0x80 [ 11.557331] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.557355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.557378] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.557401] kthread+0x337/0x6f0 [ 11.557592] ? trace_preempt_on+0x20/0xc0 [ 11.557623] ? __pfx_kthread+0x10/0x10 [ 11.557641] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.557663] ? calculate_sigpending+0x7b/0xa0 [ 11.557685] ? __pfx_kthread+0x10/0x10 [ 11.557703] ret_from_fork+0x41/0x80 [ 11.557724] ? __pfx_kthread+0x10/0x10 [ 11.557741] ret_from_fork_asm+0x1a/0x30 [ 11.557771] </TASK> [ 11.557782] [ 11.566429] Allocated by task 211: [ 11.566562] kasan_save_stack+0x45/0x70 [ 11.567030] kasan_save_track+0x18/0x40 [ 11.567256] kasan_save_alloc_info+0x3b/0x50 [ 11.567536] __kasan_kmalloc+0xb7/0xc0 [ 11.567806] __kmalloc_cache_noprof+0x189/0x420 [ 11.568009] kmalloc_double_kzfree+0xa9/0x350 [ 11.568201] kunit_try_run_case+0x1a5/0x480 [ 11.568503] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.568688] kthread+0x337/0x6f0 [ 11.568806] ret_from_fork+0x41/0x80 [ 11.568935] ret_from_fork_asm+0x1a/0x30 [ 11.569115] [ 11.569222] Freed by task 211: [ 11.569496] kasan_save_stack+0x45/0x70 [ 11.569736] kasan_save_track+0x18/0x40 [ 11.569873] kasan_save_free_info+0x3f/0x60 [ 11.570014] __kasan_slab_free+0x56/0x70 [ 11.570151] kfree+0x222/0x3f0 [ 11.570519] kfree_sensitive+0x67/0x90 [ 11.570792] kmalloc_double_kzfree+0x12b/0x350 [ 11.571014] kunit_try_run_case+0x1a5/0x480 [ 11.571219] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.571823] kthread+0x337/0x6f0 [ 11.571977] ret_from_fork+0x41/0x80 [ 11.572150] ret_from_fork_asm+0x1a/0x30 [ 11.572403] [ 11.572478] The buggy address belongs to the object at ffff888102224120 [ 11.572478] which belongs to the cache kmalloc-16 of size 16 [ 11.572828] The buggy address is located 0 bytes inside of [ 11.572828] 16-byte region [ffff888102224120, ffff888102224130) [ 11.573483] [ 11.573566] The buggy address belongs to the physical page: [ 11.573740] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102224 [ 11.573981] flags: 0x200000000000000(node=0|zone=2) [ 11.574440] page_type: f5(slab) [ 11.574614] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.575381] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.575857] page dumped because: kasan: bad access detected [ 11.576066] [ 11.576163] Memory state around the buggy address: [ 11.576471] ffff888102224000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.576690] ffff888102224080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.577173] >ffff888102224100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.577504] ^ [ 11.577791] ffff888102224180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.578012] ffff888102224200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.578339] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_double_kzfree
[ 11.525062] ================================================================== [ 11.526019] BUG: KASAN: slab-use-after-free in kmalloc_double_kzfree+0x19c/0x350 [ 11.526352] Read of size 1 at addr ffff888102224120 by task kunit_try_catch/211 [ 11.526643] [ 11.526761] CPU: 0 UID: 0 PID: 211 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.526806] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.526818] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.526841] Call Trace: [ 11.526854] <TASK> [ 11.526872] dump_stack_lvl+0x73/0xb0 [ 11.526898] print_report+0xd1/0x650 [ 11.526920] ? __virt_addr_valid+0x1db/0x2d0 [ 11.526942] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.526961] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.526984] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.527003] kasan_report+0x141/0x180 [ 11.527026] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.527049] ? kmalloc_double_kzfree+0x19c/0x350 [ 11.527069] __kasan_check_byte+0x3d/0x50 [ 11.527091] kfree_sensitive+0x22/0x90 [ 11.527115] kmalloc_double_kzfree+0x19c/0x350 [ 11.527134] ? __pfx_kmalloc_double_kzfree+0x10/0x10 [ 11.527155] ? __schedule+0x10cc/0x2b60 [ 11.527178] ? __pfx_read_tsc+0x10/0x10 [ 11.527198] ? ktime_get_ts64+0x86/0x230 [ 11.527224] kunit_try_run_case+0x1a5/0x480 [ 11.527260] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.527282] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.527308] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.527333] ? __kthread_parkme+0x82/0x180 [ 11.527356] ? preempt_count_sub+0x50/0x80 [ 11.527382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.527405] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.527428] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.527451] kthread+0x337/0x6f0 [ 11.527467] ? trace_preempt_on+0x20/0xc0 [ 11.527496] ? __pfx_kthread+0x10/0x10 [ 11.527514] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.527536] ? calculate_sigpending+0x7b/0xa0 [ 11.527558] ? __pfx_kthread+0x10/0x10 [ 11.527578] ret_from_fork+0x41/0x80 [ 11.527599] ? __pfx_kthread+0x10/0x10 [ 11.527617] ret_from_fork_asm+0x1a/0x30 [ 11.527648] </TASK> [ 11.527680] [ 11.538175] Allocated by task 211: [ 11.538610] kasan_save_stack+0x45/0x70 [ 11.538913] kasan_save_track+0x18/0x40 [ 11.539363] kasan_save_alloc_info+0x3b/0x50 [ 11.539709] __kasan_kmalloc+0xb7/0xc0 [ 11.539897] __kmalloc_cache_noprof+0x189/0x420 [ 11.540098] kmalloc_double_kzfree+0xa9/0x350 [ 11.540313] kunit_try_run_case+0x1a5/0x480 [ 11.540508] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.541209] kthread+0x337/0x6f0 [ 11.541823] ret_from_fork+0x41/0x80 [ 11.542079] ret_from_fork_asm+0x1a/0x30 [ 11.542573] [ 11.542689] Freed by task 211: [ 11.542981] kasan_save_stack+0x45/0x70 [ 11.543171] kasan_save_track+0x18/0x40 [ 11.543442] kasan_save_free_info+0x3f/0x60 [ 11.543630] __kasan_slab_free+0x56/0x70 [ 11.543811] kfree+0x222/0x3f0 [ 11.543959] kfree_sensitive+0x67/0x90 [ 11.544128] kmalloc_double_kzfree+0x12b/0x350 [ 11.544791] kunit_try_run_case+0x1a5/0x480 [ 11.545097] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.545702] kthread+0x337/0x6f0 [ 11.546261] ret_from_fork+0x41/0x80 [ 11.546454] ret_from_fork_asm+0x1a/0x30 [ 11.546915] [ 11.547018] The buggy address belongs to the object at ffff888102224120 [ 11.547018] which belongs to the cache kmalloc-16 of size 16 [ 11.547971] The buggy address is located 0 bytes inside of [ 11.547971] freed 16-byte region [ffff888102224120, ffff888102224130) [ 11.548879] [ 11.548980] The buggy address belongs to the physical page: [ 11.549213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102224 [ 11.549479] flags: 0x200000000000000(node=0|zone=2) [ 11.550079] page_type: f5(slab) [ 11.550250] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.550723] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.550997] page dumped because: kasan: bad access detected [ 11.551266] [ 11.551351] Memory state around the buggy address: [ 11.551565] ffff888102224000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.551854] ffff888102224080: fa fb fc fc 00 05 fc fc fa fb fc fc fa fb fc fc [ 11.552167] >ffff888102224100: fa fb fc fc fa fb fc fc fc fc fc fc fc fc fc fc [ 11.552453] ^ [ 11.552658] ffff888102224180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.553064] ffff888102224200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.553914] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf2
[ 11.489686] ================================================================== [ 11.490440] BUG: KASAN: slab-use-after-free in kmalloc_uaf2+0x4a8/0x520 [ 11.490932] Read of size 1 at addr ffff888102dccba8 by task kunit_try_catch/207 [ 11.491484] [ 11.491617] CPU: 1 UID: 0 PID: 207 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.491663] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.491674] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.491695] Call Trace: [ 11.491707] <TASK> [ 11.491721] dump_stack_lvl+0x73/0xb0 [ 11.491934] print_report+0xd1/0x650 [ 11.491957] ? __virt_addr_valid+0x1db/0x2d0 [ 11.491978] ? kmalloc_uaf2+0x4a8/0x520 [ 11.491999] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.492021] ? kmalloc_uaf2+0x4a8/0x520 [ 11.492042] kasan_report+0x141/0x180 [ 11.492065] ? kmalloc_uaf2+0x4a8/0x520 [ 11.492090] __asan_report_load1_noabort+0x18/0x20 [ 11.492111] kmalloc_uaf2+0x4a8/0x520 [ 11.492132] ? __pfx_kmalloc_uaf2+0x10/0x10 [ 11.492152] ? finish_task_switch.isra.0+0x153/0x700 [ 11.492176] ? __switch_to+0x5d9/0xf60 [ 11.492197] ? dequeue_task_fair+0x166/0x4e0 [ 11.492222] ? __schedule+0x10cc/0x2b60 [ 11.492258] ? __pfx_read_tsc+0x10/0x10 [ 11.492328] ? ktime_get_ts64+0x86/0x230 [ 11.492355] kunit_try_run_case+0x1a5/0x480 [ 11.492380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.492402] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.492425] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.492448] ? __kthread_parkme+0x82/0x180 [ 11.492470] ? preempt_count_sub+0x50/0x80 [ 11.492494] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.492518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.492540] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.492563] kthread+0x337/0x6f0 [ 11.492580] ? trace_preempt_on+0x20/0xc0 [ 11.492603] ? __pfx_kthread+0x10/0x10 [ 11.492620] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.492642] ? calculate_sigpending+0x7b/0xa0 [ 11.492663] ? __pfx_kthread+0x10/0x10 [ 11.492681] ret_from_fork+0x41/0x80 [ 11.492701] ? __pfx_kthread+0x10/0x10 [ 11.492719] ret_from_fork_asm+0x1a/0x30 [ 11.492749] </TASK> [ 11.492760] [ 11.504620] Allocated by task 207: [ 11.505037] kasan_save_stack+0x45/0x70 [ 11.505463] kasan_save_track+0x18/0x40 [ 11.506065] kasan_save_alloc_info+0x3b/0x50 [ 11.506263] __kasan_kmalloc+0xb7/0xc0 [ 11.506524] __kmalloc_cache_noprof+0x189/0x420 [ 11.506748] kmalloc_uaf2+0xc6/0x520 [ 11.507044] kunit_try_run_case+0x1a5/0x480 [ 11.507487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.508054] kthread+0x337/0x6f0 [ 11.508374] ret_from_fork+0x41/0x80 [ 11.508626] ret_from_fork_asm+0x1a/0x30 [ 11.508884] [ 11.509058] Freed by task 207: [ 11.509355] kasan_save_stack+0x45/0x70 [ 11.509809] kasan_save_track+0x18/0x40 [ 11.509964] kasan_save_free_info+0x3f/0x60 [ 11.510106] __kasan_slab_free+0x56/0x70 [ 11.510254] kfree+0x222/0x3f0 [ 11.510706] kmalloc_uaf2+0x14c/0x520 [ 11.511051] kunit_try_run_case+0x1a5/0x480 [ 11.511477] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.512023] kthread+0x337/0x6f0 [ 11.512361] ret_from_fork+0x41/0x80 [ 11.512783] ret_from_fork_asm+0x1a/0x30 [ 11.513122] [ 11.513195] The buggy address belongs to the object at ffff888102dccb80 [ 11.513195] which belongs to the cache kmalloc-64 of size 64 [ 11.514456] The buggy address is located 40 bytes inside of [ 11.514456] freed 64-byte region [ffff888102dccb80, ffff888102dccbc0) [ 11.514941] [ 11.515013] The buggy address belongs to the physical page: [ 11.515182] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dcc [ 11.515434] flags: 0x200000000000000(node=0|zone=2) [ 11.515853] page_type: f5(slab) [ 11.516006] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.516315] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.516598] page dumped because: kasan: bad access detected [ 11.516944] [ 11.517041] Memory state around the buggy address: [ 11.517280] ffff888102dcca80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.517702] ffff888102dccb00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.517991] >ffff888102dccb80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.518335] ^ [ 11.518568] ffff888102dccc00: 00 00 00 00 00 03 fc fc fc fc fc fc fc fc fc fc [ 11.518798] ffff888102dccc80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.519092] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_memset
[ 11.464717] ================================================================== [ 11.465135] BUG: KASAN: slab-use-after-free in kmalloc_uaf_memset+0x1a3/0x360 [ 11.465519] Write of size 33 at addr ffff888102dcca80 by task kunit_try_catch/205 [ 11.465841] [ 11.465935] CPU: 1 UID: 0 PID: 205 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.465982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.465994] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.466014] Call Trace: [ 11.466025] <TASK> [ 11.466042] dump_stack_lvl+0x73/0xb0 [ 11.466067] print_report+0xd1/0x650 [ 11.466089] ? __virt_addr_valid+0x1db/0x2d0 [ 11.466111] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.466132] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.466154] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.466176] kasan_report+0x141/0x180 [ 11.466198] ? kmalloc_uaf_memset+0x1a3/0x360 [ 11.466224] kasan_check_range+0x10c/0x1c0 [ 11.466256] __asan_memset+0x27/0x50 [ 11.466276] kmalloc_uaf_memset+0x1a3/0x360 [ 11.466298] ? __pfx_kmalloc_uaf_memset+0x10/0x10 [ 11.466320] ? __schedule+0x10cc/0x2b60 [ 11.466355] ? __pfx_read_tsc+0x10/0x10 [ 11.466375] ? ktime_get_ts64+0x86/0x230 [ 11.466400] kunit_try_run_case+0x1a5/0x480 [ 11.466424] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466445] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.466469] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.466492] ? __kthread_parkme+0x82/0x180 [ 11.466513] ? preempt_count_sub+0x50/0x80 [ 11.466537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.466560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.466582] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.466605] kthread+0x337/0x6f0 [ 11.466622] ? trace_preempt_on+0x20/0xc0 [ 11.466645] ? __pfx_kthread+0x10/0x10 [ 11.466663] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.466684] ? calculate_sigpending+0x7b/0xa0 [ 11.466705] ? __pfx_kthread+0x10/0x10 [ 11.466723] ret_from_fork+0x41/0x80 [ 11.466743] ? __pfx_kthread+0x10/0x10 [ 11.466761] ret_from_fork_asm+0x1a/0x30 [ 11.466791] </TASK> [ 11.466802] [ 11.474144] Allocated by task 205: [ 11.474407] kasan_save_stack+0x45/0x70 [ 11.474555] kasan_save_track+0x18/0x40 [ 11.474782] kasan_save_alloc_info+0x3b/0x50 [ 11.475020] __kasan_kmalloc+0xb7/0xc0 [ 11.475193] __kmalloc_cache_noprof+0x189/0x420 [ 11.475566] kmalloc_uaf_memset+0xa9/0x360 [ 11.475824] kunit_try_run_case+0x1a5/0x480 [ 11.476028] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.476261] kthread+0x337/0x6f0 [ 11.476457] ret_from_fork+0x41/0x80 [ 11.476627] ret_from_fork_asm+0x1a/0x30 [ 11.476763] [ 11.476834] Freed by task 205: [ 11.476994] kasan_save_stack+0x45/0x70 [ 11.477190] kasan_save_track+0x18/0x40 [ 11.477377] kasan_save_free_info+0x3f/0x60 [ 11.477519] __kasan_slab_free+0x56/0x70 [ 11.477698] kfree+0x222/0x3f0 [ 11.477859] kmalloc_uaf_memset+0x12b/0x360 [ 11.478064] kunit_try_run_case+0x1a5/0x480 [ 11.478278] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.478532] kthread+0x337/0x6f0 [ 11.478650] ret_from_fork+0x41/0x80 [ 11.478880] ret_from_fork_asm+0x1a/0x30 [ 11.479059] [ 11.479156] The buggy address belongs to the object at ffff888102dcca80 [ 11.479156] which belongs to the cache kmalloc-64 of size 64 [ 11.479796] The buggy address is located 0 bytes inside of [ 11.479796] freed 64-byte region [ffff888102dcca80, ffff888102dccac0) [ 11.480146] [ 11.480218] The buggy address belongs to the physical page: [ 11.480466] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dcc [ 11.481178] flags: 0x200000000000000(node=0|zone=2) [ 11.481371] page_type: f5(slab) [ 11.481617] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.481902] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.482129] page dumped because: kasan: bad access detected [ 11.482381] [ 11.482477] Memory state around the buggy address: [ 11.482702] ffff888102dcc980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.483149] ffff888102dcca00: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.483488] >ffff888102dcca80: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.483905] ^ [ 11.484190] ffff888102dccb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.484494] ffff888102dccb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.484711] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf
[ 11.427277] ================================================================== [ 11.427713] BUG: KASAN: slab-use-after-free in kmalloc_uaf+0x320/0x380 [ 11.428397] Read of size 1 at addr ffff888102307de8 by task kunit_try_catch/203 [ 11.429251] [ 11.429507] CPU: 1 UID: 0 PID: 203 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.429557] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.429569] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.429590] Call Trace: [ 11.429602] <TASK> [ 11.429616] dump_stack_lvl+0x73/0xb0 [ 11.429640] print_report+0xd1/0x650 [ 11.429701] ? __virt_addr_valid+0x1db/0x2d0 [ 11.429723] ? kmalloc_uaf+0x320/0x380 [ 11.429743] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.429772] ? kmalloc_uaf+0x320/0x380 [ 11.429793] kasan_report+0x141/0x180 [ 11.429815] ? kmalloc_uaf+0x320/0x380 [ 11.429840] __asan_report_load1_noabort+0x18/0x20 [ 11.429861] kmalloc_uaf+0x320/0x380 [ 11.429881] ? __pfx_kmalloc_uaf+0x10/0x10 [ 11.429902] ? __schedule+0x10cc/0x2b60 [ 11.429924] ? __pfx_read_tsc+0x10/0x10 [ 11.429943] ? ktime_get_ts64+0x86/0x230 [ 11.429967] kunit_try_run_case+0x1a5/0x480 [ 11.429991] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.430012] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.430036] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.430059] ? __kthread_parkme+0x82/0x180 [ 11.430080] ? preempt_count_sub+0x50/0x80 [ 11.430104] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.430127] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.430150] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.430173] kthread+0x337/0x6f0 [ 11.430189] ? trace_preempt_on+0x20/0xc0 [ 11.430212] ? __pfx_kthread+0x10/0x10 [ 11.430229] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.430260] ? calculate_sigpending+0x7b/0xa0 [ 11.430281] ? __pfx_kthread+0x10/0x10 [ 11.430300] ret_from_fork+0x41/0x80 [ 11.430319] ? __pfx_kthread+0x10/0x10 [ 11.430337] ret_from_fork_asm+0x1a/0x30 [ 11.430366] </TASK> [ 11.430376] [ 11.442166] Allocated by task 203: [ 11.442571] kasan_save_stack+0x45/0x70 [ 11.442990] kasan_save_track+0x18/0x40 [ 11.443443] kasan_save_alloc_info+0x3b/0x50 [ 11.443895] __kasan_kmalloc+0xb7/0xc0 [ 11.444286] __kmalloc_cache_noprof+0x189/0x420 [ 11.444750] kmalloc_uaf+0xaa/0x380 [ 11.445084] kunit_try_run_case+0x1a5/0x480 [ 11.445549] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.446061] kthread+0x337/0x6f0 [ 11.446430] ret_from_fork+0x41/0x80 [ 11.446828] ret_from_fork_asm+0x1a/0x30 [ 11.447197] [ 11.447408] Freed by task 203: [ 11.447637] kasan_save_stack+0x45/0x70 [ 11.447966] kasan_save_track+0x18/0x40 [ 11.448098] kasan_save_free_info+0x3f/0x60 [ 11.448247] __kasan_slab_free+0x56/0x70 [ 11.448382] kfree+0x222/0x3f0 [ 11.448716] kmalloc_uaf+0x12c/0x380 [ 11.449089] kunit_try_run_case+0x1a5/0x480 [ 11.449629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.450305] kthread+0x337/0x6f0 [ 11.450615] ret_from_fork+0x41/0x80 [ 11.451041] ret_from_fork_asm+0x1a/0x30 [ 11.451508] [ 11.451747] The buggy address belongs to the object at ffff888102307de0 [ 11.451747] which belongs to the cache kmalloc-16 of size 16 [ 11.452336] The buggy address is located 8 bytes inside of [ 11.452336] freed 16-byte region [ffff888102307de0, ffff888102307df0) [ 11.453073] [ 11.453290] The buggy address belongs to the physical page: [ 11.453827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 11.454602] flags: 0x200000000000000(node=0|zone=2) [ 11.455069] page_type: f5(slab) [ 11.455389] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.455615] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.456392] page dumped because: kasan: bad access detected [ 11.456898] [ 11.457054] Memory state around the buggy address: [ 11.457564] ffff888102307c80: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 11.457787] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 11.457996] >ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 11.458210] ^ [ 11.458892] ffff888102307e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.459781] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.460511] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_memmove_invalid_size
[ 11.405956] ================================================================== [ 11.406512] BUG: KASAN: slab-out-of-bounds in kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.406920] Read of size 64 at addr ffff888102dcca04 by task kunit_try_catch/201 [ 11.407197] [ 11.407339] CPU: 1 UID: 0 PID: 201 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.407388] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.407400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.407423] Call Trace: [ 11.407437] <TASK> [ 11.407455] dump_stack_lvl+0x73/0xb0 [ 11.407484] print_report+0xd1/0x650 [ 11.407506] ? __virt_addr_valid+0x1db/0x2d0 [ 11.407530] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.407550] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.407573] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.407594] kasan_report+0x141/0x180 [ 11.407616] ? kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.407642] kasan_check_range+0x10c/0x1c0 [ 11.407663] __asan_memmove+0x27/0x70 [ 11.407683] kmalloc_memmove_invalid_size+0x16f/0x330 [ 11.407704] ? __pfx_kmalloc_memmove_invalid_size+0x10/0x10 [ 11.407726] ? __schedule+0x10cc/0x2b60 [ 11.407750] ? __pfx_read_tsc+0x10/0x10 [ 11.407770] ? ktime_get_ts64+0x86/0x230 [ 11.407798] kunit_try_run_case+0x1a5/0x480 [ 11.407824] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.407846] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.407870] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.407894] ? __kthread_parkme+0x82/0x180 [ 11.407916] ? preempt_count_sub+0x50/0x80 [ 11.407943] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.407966] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.407989] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.408012] kthread+0x337/0x6f0 [ 11.408029] ? trace_preempt_on+0x20/0xc0 [ 11.408053] ? __pfx_kthread+0x10/0x10 [ 11.408071] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.408093] ? calculate_sigpending+0x7b/0xa0 [ 11.408115] ? __pfx_kthread+0x10/0x10 [ 11.408134] ret_from_fork+0x41/0x80 [ 11.408158] ? __pfx_kthread+0x10/0x10 [ 11.408192] ret_from_fork_asm+0x1a/0x30 [ 11.408255] </TASK> [ 11.408268] [ 11.415915] Allocated by task 201: [ 11.416096] kasan_save_stack+0x45/0x70 [ 11.416277] kasan_save_track+0x18/0x40 [ 11.416542] kasan_save_alloc_info+0x3b/0x50 [ 11.416708] __kasan_kmalloc+0xb7/0xc0 [ 11.416841] __kmalloc_cache_noprof+0x189/0x420 [ 11.416994] kmalloc_memmove_invalid_size+0xac/0x330 [ 11.417232] kunit_try_run_case+0x1a5/0x480 [ 11.417455] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.417717] kthread+0x337/0x6f0 [ 11.417834] ret_from_fork+0x41/0x80 [ 11.417962] ret_from_fork_asm+0x1a/0x30 [ 11.418299] [ 11.418403] The buggy address belongs to the object at ffff888102dcca00 [ 11.418403] which belongs to the cache kmalloc-64 of size 64 [ 11.419056] The buggy address is located 4 bytes inside of [ 11.419056] allocated 64-byte region [ffff888102dcca00, ffff888102dcca40) [ 11.419414] [ 11.419486] The buggy address belongs to the physical page: [ 11.419827] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dcc [ 11.420181] flags: 0x200000000000000(node=0|zone=2) [ 11.420426] page_type: f5(slab) [ 11.420580] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.421063] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.421363] page dumped because: kasan: bad access detected [ 11.421634] [ 11.421770] Memory state around the buggy address: [ 11.421999] ffff888102dcc900: 00 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc [ 11.422274] ffff888102dcc980: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.422616] >ffff888102dcca00: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.423546] ^ [ 11.423810] ffff888102dcca80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.424062] ffff888102dccb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.424449] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-out-of-bounds-in-kmalloc_memmove_negative_size
[ 11.372534] ================================================================== [ 11.373837] BUG: KASAN: out-of-bounds in kmalloc_memmove_negative_size+0x171/0x330 [ 11.374579] Read of size 18446744073709551614 at addr ffff888102dcc884 by task kunit_try_catch/199 [ 11.375530] [ 11.375727] CPU: 1 UID: 0 PID: 199 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.375777] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.375788] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.375810] Call Trace: [ 11.375823] <TASK> [ 11.375842] dump_stack_lvl+0x73/0xb0 [ 11.375870] print_report+0xd1/0x650 [ 11.375894] ? __virt_addr_valid+0x1db/0x2d0 [ 11.375950] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.375973] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.376001] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.376043] kasan_report+0x141/0x180 [ 11.376066] ? kmalloc_memmove_negative_size+0x171/0x330 [ 11.376092] kasan_check_range+0x10c/0x1c0 [ 11.376112] __asan_memmove+0x27/0x70 [ 11.376132] kmalloc_memmove_negative_size+0x171/0x330 [ 11.376154] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.376178] ? __pfx_kmalloc_memmove_negative_size+0x10/0x10 [ 11.376203] kunit_try_run_case+0x1a5/0x480 [ 11.376228] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.376259] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.376284] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.376307] ? __kthread_parkme+0x82/0x180 [ 11.376330] ? preempt_count_sub+0x50/0x80 [ 11.376356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.376379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.376401] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.376424] kthread+0x337/0x6f0 [ 11.376441] ? trace_preempt_on+0x20/0xc0 [ 11.376464] ? __pfx_kthread+0x10/0x10 [ 11.376482] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.376504] ? calculate_sigpending+0x7b/0xa0 [ 11.376526] ? __pfx_kthread+0x10/0x10 [ 11.376544] ret_from_fork+0x41/0x80 [ 11.376566] ? __pfx_kthread+0x10/0x10 [ 11.376583] ret_from_fork_asm+0x1a/0x30 [ 11.376614] </TASK> [ 11.376625] [ 11.389303] Allocated by task 199: [ 11.389730] kasan_save_stack+0x45/0x70 [ 11.390167] kasan_save_track+0x18/0x40 [ 11.390616] kasan_save_alloc_info+0x3b/0x50 [ 11.390870] __kasan_kmalloc+0xb7/0xc0 [ 11.391044] __kmalloc_cache_noprof+0x189/0x420 [ 11.391202] kmalloc_memmove_negative_size+0xac/0x330 [ 11.391705] kunit_try_run_case+0x1a5/0x480 [ 11.392146] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.392750] kthread+0x337/0x6f0 [ 11.393120] ret_from_fork+0x41/0x80 [ 11.393507] ret_from_fork_asm+0x1a/0x30 [ 11.393803] [ 11.394049] The buggy address belongs to the object at ffff888102dcc880 [ 11.394049] which belongs to the cache kmalloc-64 of size 64 [ 11.394807] The buggy address is located 4 bytes inside of [ 11.394807] 64-byte region [ffff888102dcc880, ffff888102dcc8c0) [ 11.395141] [ 11.395214] The buggy address belongs to the physical page: [ 11.395741] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dcc [ 11.396477] flags: 0x200000000000000(node=0|zone=2) [ 11.396983] page_type: f5(slab) [ 11.397187] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 11.397862] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 11.398494] page dumped because: kasan: bad access detected [ 11.398674] [ 11.398884] Memory state around the buggy address: [ 11.399322] ffff888102dcc780: 00 00 00 00 01 fc fc fc fc fc fc fc fc fc fc fc [ 11.400200] ffff888102dcc800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 11.400796] >ffff888102dcc880: 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc fc [ 11.401010] ^ [ 11.401123] ffff888102dcc900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.401374] ffff888102dcc980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.401920] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_16
[ 11.338713] ================================================================== [ 11.339204] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_16+0x166/0x330 [ 11.340098] Write of size 16 at addr ffff888102dc0969 by task kunit_try_catch/197 [ 11.340958] [ 11.341110] CPU: 1 UID: 0 PID: 197 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.341160] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.341172] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.341221] Call Trace: [ 11.341245] <TASK> [ 11.341264] dump_stack_lvl+0x73/0xb0 [ 11.341291] print_report+0xd1/0x650 [ 11.341314] ? __virt_addr_valid+0x1db/0x2d0 [ 11.341336] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.341358] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.341380] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.341402] kasan_report+0x141/0x180 [ 11.341424] ? kmalloc_oob_memset_16+0x166/0x330 [ 11.341485] kasan_check_range+0x10c/0x1c0 [ 11.341506] __asan_memset+0x27/0x50 [ 11.341526] kmalloc_oob_memset_16+0x166/0x330 [ 11.341549] ? __pfx_kmalloc_oob_memset_16+0x10/0x10 [ 11.341577] ? __schedule+0x10cc/0x2b60 [ 11.341600] ? __pfx_read_tsc+0x10/0x10 [ 11.341620] ? ktime_get_ts64+0x86/0x230 [ 11.341667] kunit_try_run_case+0x1a5/0x480 [ 11.341693] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.341738] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.341761] ? __kthread_parkme+0x82/0x180 [ 11.341782] ? preempt_count_sub+0x50/0x80 [ 11.341807] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.341829] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.341852] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.341874] kthread+0x337/0x6f0 [ 11.341890] ? trace_preempt_on+0x20/0xc0 [ 11.341914] ? __pfx_kthread+0x10/0x10 [ 11.341932] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.341953] ? calculate_sigpending+0x7b/0xa0 [ 11.341974] ? __pfx_kthread+0x10/0x10 [ 11.341992] ret_from_fork+0x41/0x80 [ 11.342012] ? __pfx_kthread+0x10/0x10 [ 11.342030] ret_from_fork_asm+0x1a/0x30 [ 11.342060] </TASK> [ 11.342070] [ 11.355259] Allocated by task 197: [ 11.355566] kasan_save_stack+0x45/0x70 [ 11.355811] kasan_save_track+0x18/0x40 [ 11.355945] kasan_save_alloc_info+0x3b/0x50 [ 11.356086] __kasan_kmalloc+0xb7/0xc0 [ 11.356218] __kmalloc_cache_noprof+0x189/0x420 [ 11.356390] kmalloc_oob_memset_16+0xac/0x330 [ 11.356836] kunit_try_run_case+0x1a5/0x480 [ 11.357206] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.357741] kthread+0x337/0x6f0 [ 11.358080] ret_from_fork+0x41/0x80 [ 11.358461] ret_from_fork_asm+0x1a/0x30 [ 11.358835] [ 11.359005] The buggy address belongs to the object at ffff888102dc0900 [ 11.359005] which belongs to the cache kmalloc-128 of size 128 [ 11.360368] The buggy address is located 105 bytes inside of [ 11.360368] allocated 120-byte region [ffff888102dc0900, ffff888102dc0978) [ 11.361580] [ 11.361770] The buggy address belongs to the physical page: [ 11.362161] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.362642] flags: 0x200000000000000(node=0|zone=2) [ 11.363152] page_type: f5(slab) [ 11.363497] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.364261] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.364864] page dumped because: kasan: bad access detected [ 11.365094] [ 11.365291] Memory state around the buggy address: [ 11.365838] ffff888102dc0800: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.366557] ffff888102dc0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.366892] >ffff888102dc0900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.367096] ^ [ 11.367390] ffff888102dc0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.367603] ffff888102dc0a00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.367807] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_8
[ 11.316209] ================================================================== [ 11.317044] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_8+0x166/0x330 [ 11.317359] Write of size 8 at addr ffff888102dc0871 by task kunit_try_catch/195 [ 11.317760] [ 11.317897] CPU: 1 UID: 0 PID: 195 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.317957] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.317969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.317991] Call Trace: [ 11.318003] <TASK> [ 11.318021] dump_stack_lvl+0x73/0xb0 [ 11.318057] print_report+0xd1/0x650 [ 11.318081] ? __virt_addr_valid+0x1db/0x2d0 [ 11.318104] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.318136] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.318159] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.318182] kasan_report+0x141/0x180 [ 11.318205] ? kmalloc_oob_memset_8+0x166/0x330 [ 11.318248] kasan_check_range+0x10c/0x1c0 [ 11.318268] __asan_memset+0x27/0x50 [ 11.318288] kmalloc_oob_memset_8+0x166/0x330 [ 11.318370] ? __pfx_kmalloc_oob_memset_8+0x10/0x10 [ 11.318397] ? __schedule+0x10cc/0x2b60 [ 11.318421] ? __pfx_read_tsc+0x10/0x10 [ 11.318442] ? ktime_get_ts64+0x86/0x230 [ 11.318468] kunit_try_run_case+0x1a5/0x480 [ 11.318493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.318515] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.318538] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.318562] ? __kthread_parkme+0x82/0x180 [ 11.318584] ? preempt_count_sub+0x50/0x80 [ 11.318609] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.318633] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.318655] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.318678] kthread+0x337/0x6f0 [ 11.318695] ? trace_preempt_on+0x20/0xc0 [ 11.318719] ? __pfx_kthread+0x10/0x10 [ 11.318748] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.318769] ? calculate_sigpending+0x7b/0xa0 [ 11.318791] ? __pfx_kthread+0x10/0x10 [ 11.318821] ret_from_fork+0x41/0x80 [ 11.318841] ? __pfx_kthread+0x10/0x10 [ 11.318859] ret_from_fork_asm+0x1a/0x30 [ 11.318901] </TASK> [ 11.318912] [ 11.326667] Allocated by task 195: [ 11.326867] kasan_save_stack+0x45/0x70 [ 11.327079] kasan_save_track+0x18/0x40 [ 11.327320] kasan_save_alloc_info+0x3b/0x50 [ 11.327568] __kasan_kmalloc+0xb7/0xc0 [ 11.327789] __kmalloc_cache_noprof+0x189/0x420 [ 11.328016] kmalloc_oob_memset_8+0xac/0x330 [ 11.328160] kunit_try_run_case+0x1a5/0x480 [ 11.328314] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.328570] kthread+0x337/0x6f0 [ 11.328732] ret_from_fork+0x41/0x80 [ 11.328917] ret_from_fork_asm+0x1a/0x30 [ 11.329053] [ 11.329122] The buggy address belongs to the object at ffff888102dc0800 [ 11.329122] which belongs to the cache kmalloc-128 of size 128 [ 11.329607] The buggy address is located 113 bytes inside of [ 11.329607] allocated 120-byte region [ffff888102dc0800, ffff888102dc0878) [ 11.330122] [ 11.330193] The buggy address belongs to the physical page: [ 11.330369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.330902] flags: 0x200000000000000(node=0|zone=2) [ 11.331169] page_type: f5(slab) [ 11.331437] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.331949] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.332247] page dumped because: kasan: bad access detected [ 11.332702] [ 11.332779] Memory state around the buggy address: [ 11.333006] ffff888102dc0700: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.333355] ffff888102dc0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.333678] >ffff888102dc0800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.333978] ^ [ 11.334318] ffff888102dc0880: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.334633] ffff888102dc0900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.334944] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_4
[ 11.290483] ================================================================== [ 11.291049] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_4+0x166/0x330 [ 11.291434] Write of size 4 at addr ffff888102dc0775 by task kunit_try_catch/193 [ 11.292085] [ 11.292215] CPU: 1 UID: 0 PID: 193 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.292276] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.292288] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.292311] Call Trace: [ 11.292323] <TASK> [ 11.292342] dump_stack_lvl+0x73/0xb0 [ 11.292371] print_report+0xd1/0x650 [ 11.292395] ? __virt_addr_valid+0x1db/0x2d0 [ 11.292417] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.292439] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.292462] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.292484] kasan_report+0x141/0x180 [ 11.292507] ? kmalloc_oob_memset_4+0x166/0x330 [ 11.292534] kasan_check_range+0x10c/0x1c0 [ 11.292554] __asan_memset+0x27/0x50 [ 11.292574] kmalloc_oob_memset_4+0x166/0x330 [ 11.292598] ? __pfx_kmalloc_oob_memset_4+0x10/0x10 [ 11.292622] ? __schedule+0x10cc/0x2b60 [ 11.292645] ? __pfx_read_tsc+0x10/0x10 [ 11.292665] ? ktime_get_ts64+0x86/0x230 [ 11.292692] kunit_try_run_case+0x1a5/0x480 [ 11.292717] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.292738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.292762] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.292785] ? __kthread_parkme+0x82/0x180 [ 11.292807] ? preempt_count_sub+0x50/0x80 [ 11.292833] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.292857] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.292879] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.292902] kthread+0x337/0x6f0 [ 11.292919] ? trace_preempt_on+0x20/0xc0 [ 11.292943] ? __pfx_kthread+0x10/0x10 [ 11.292961] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.292982] ? calculate_sigpending+0x7b/0xa0 [ 11.293004] ? __pfx_kthread+0x10/0x10 [ 11.293022] ret_from_fork+0x41/0x80 [ 11.293062] ? __pfx_kthread+0x10/0x10 [ 11.293097] ret_from_fork_asm+0x1a/0x30 [ 11.293141] </TASK> [ 11.293153] [ 11.301944] Allocated by task 193: [ 11.302144] kasan_save_stack+0x45/0x70 [ 11.302480] kasan_save_track+0x18/0x40 [ 11.302624] kasan_save_alloc_info+0x3b/0x50 [ 11.302937] __kasan_kmalloc+0xb7/0xc0 [ 11.303153] __kmalloc_cache_noprof+0x189/0x420 [ 11.303466] kmalloc_oob_memset_4+0xac/0x330 [ 11.303742] kunit_try_run_case+0x1a5/0x480 [ 11.303952] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.304141] kthread+0x337/0x6f0 [ 11.304366] ret_from_fork+0x41/0x80 [ 11.304613] ret_from_fork_asm+0x1a/0x30 [ 11.304858] [ 11.304951] The buggy address belongs to the object at ffff888102dc0700 [ 11.304951] which belongs to the cache kmalloc-128 of size 128 [ 11.305528] The buggy address is located 117 bytes inside of [ 11.305528] allocated 120-byte region [ffff888102dc0700, ffff888102dc0778) [ 11.306284] [ 11.306459] The buggy address belongs to the physical page: [ 11.306907] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.307427] flags: 0x200000000000000(node=0|zone=2) [ 11.307689] page_type: f5(slab) [ 11.307862] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.308193] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.308562] page dumped because: kasan: bad access detected [ 11.308913] [ 11.309000] Memory state around the buggy address: [ 11.309162] ffff888102dc0600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.309400] ffff888102dc0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.309947] >ffff888102dc0700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.310310] ^ [ 11.310635] ffff888102dc0780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.310884] ffff888102dc0800: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.311098] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_memset_2
[ 11.264512] ================================================================== [ 11.264989] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_memset_2+0x166/0x330 [ 11.265575] Write of size 2 at addr ffff888103138e77 by task kunit_try_catch/191 [ 11.266359] [ 11.266508] CPU: 0 UID: 0 PID: 191 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.266580] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.266592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.266614] Call Trace: [ 11.266627] <TASK> [ 11.266667] dump_stack_lvl+0x73/0xb0 [ 11.266697] print_report+0xd1/0x650 [ 11.266722] ? __virt_addr_valid+0x1db/0x2d0 [ 11.266754] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.266778] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.266800] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.266833] kasan_report+0x141/0x180 [ 11.266856] ? kmalloc_oob_memset_2+0x166/0x330 [ 11.266883] kasan_check_range+0x10c/0x1c0 [ 11.266903] __asan_memset+0x27/0x50 [ 11.266923] kmalloc_oob_memset_2+0x166/0x330 [ 11.266955] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.266980] ? __pfx_kmalloc_oob_memset_2+0x10/0x10 [ 11.267007] kunit_try_run_case+0x1a5/0x480 [ 11.267042] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267064] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.267089] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.267113] ? __kthread_parkme+0x82/0x180 [ 11.267135] ? preempt_count_sub+0x50/0x80 [ 11.267161] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.267185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.267207] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.267230] kthread+0x337/0x6f0 [ 11.267258] ? trace_preempt_on+0x20/0xc0 [ 11.267352] ? __pfx_kthread+0x10/0x10 [ 11.267376] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.267398] ? calculate_sigpending+0x7b/0xa0 [ 11.267421] ? __pfx_kthread+0x10/0x10 [ 11.267439] ret_from_fork+0x41/0x80 [ 11.267462] ? __pfx_kthread+0x10/0x10 [ 11.267480] ret_from_fork_asm+0x1a/0x30 [ 11.267511] </TASK> [ 11.267522] [ 11.275852] Allocated by task 191: [ 11.276041] kasan_save_stack+0x45/0x70 [ 11.276258] kasan_save_track+0x18/0x40 [ 11.276618] kasan_save_alloc_info+0x3b/0x50 [ 11.276814] __kasan_kmalloc+0xb7/0xc0 [ 11.277015] __kmalloc_cache_noprof+0x189/0x420 [ 11.277183] kmalloc_oob_memset_2+0xac/0x330 [ 11.277584] kunit_try_run_case+0x1a5/0x480 [ 11.277933] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.278111] kthread+0x337/0x6f0 [ 11.278231] ret_from_fork+0x41/0x80 [ 11.278431] ret_from_fork_asm+0x1a/0x30 [ 11.278630] [ 11.278837] The buggy address belongs to the object at ffff888103138e00 [ 11.278837] which belongs to the cache kmalloc-128 of size 128 [ 11.279475] The buggy address is located 119 bytes inside of [ 11.279475] allocated 120-byte region [ffff888103138e00, ffff888103138e78) [ 11.279996] [ 11.280073] The buggy address belongs to the physical page: [ 11.280322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 11.280713] flags: 0x200000000000000(node=0|zone=2) [ 11.281055] page_type: f5(slab) [ 11.281182] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.281974] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.282299] page dumped because: kasan: bad access detected [ 11.282754] [ 11.282882] Memory state around the buggy address: [ 11.283119] ffff888103138d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.283349] ffff888103138d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.283756] >ffff888103138e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.284006] ^ [ 11.284321] ffff888103138e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.284680] ffff888103138f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.284981] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_in_memset
[ 11.239996] ================================================================== [ 11.240438] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_in_memset+0x15f/0x320 [ 11.240702] Write of size 128 at addr ffff888102dc0600 by task kunit_try_catch/189 [ 11.241284] [ 11.241376] CPU: 1 UID: 0 PID: 189 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.241475] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.241489] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.241510] Call Trace: [ 11.241522] <TASK> [ 11.241762] dump_stack_lvl+0x73/0xb0 [ 11.241808] print_report+0xd1/0x650 [ 11.241831] ? __virt_addr_valid+0x1db/0x2d0 [ 11.241853] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.241888] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.241910] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.241933] kasan_report+0x141/0x180 [ 11.241956] ? kmalloc_oob_in_memset+0x15f/0x320 [ 11.241992] kasan_check_range+0x10c/0x1c0 [ 11.242012] __asan_memset+0x27/0x50 [ 11.242032] kmalloc_oob_in_memset+0x15f/0x320 [ 11.242065] ? __pfx_kmalloc_oob_in_memset+0x10/0x10 [ 11.242089] ? __schedule+0x10cc/0x2b60 [ 11.242112] ? __pfx_read_tsc+0x10/0x10 [ 11.242132] ? ktime_get_ts64+0x86/0x230 [ 11.242167] kunit_try_run_case+0x1a5/0x480 [ 11.242191] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.242213] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.242257] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.242330] ? __kthread_parkme+0x82/0x180 [ 11.242354] ? preempt_count_sub+0x50/0x80 [ 11.242380] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.242404] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.242438] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.242461] kthread+0x337/0x6f0 [ 11.242477] ? trace_preempt_on+0x20/0xc0 [ 11.242512] ? __pfx_kthread+0x10/0x10 [ 11.242530] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.242553] ? calculate_sigpending+0x7b/0xa0 [ 11.242575] ? __pfx_kthread+0x10/0x10 [ 11.242593] ret_from_fork+0x41/0x80 [ 11.242614] ? __pfx_kthread+0x10/0x10 [ 11.242631] ret_from_fork_asm+0x1a/0x30 [ 11.242673] </TASK> [ 11.242685] [ 11.250539] Allocated by task 189: [ 11.250801] kasan_save_stack+0x45/0x70 [ 11.251263] kasan_save_track+0x18/0x40 [ 11.251517] kasan_save_alloc_info+0x3b/0x50 [ 11.251839] __kasan_kmalloc+0xb7/0xc0 [ 11.252012] __kmalloc_cache_noprof+0x189/0x420 [ 11.252192] kmalloc_oob_in_memset+0xac/0x320 [ 11.252357] kunit_try_run_case+0x1a5/0x480 [ 11.252514] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.252767] kthread+0x337/0x6f0 [ 11.252964] ret_from_fork+0x41/0x80 [ 11.253335] ret_from_fork_asm+0x1a/0x30 [ 11.253487] [ 11.253564] The buggy address belongs to the object at ffff888102dc0600 [ 11.253564] which belongs to the cache kmalloc-128 of size 128 [ 11.254481] The buggy address is located 0 bytes inside of [ 11.254481] allocated 120-byte region [ffff888102dc0600, ffff888102dc0678) [ 11.254983] [ 11.255069] The buggy address belongs to the physical page: [ 11.255428] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.255851] flags: 0x200000000000000(node=0|zone=2) [ 11.256102] page_type: f5(slab) [ 11.256305] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.256911] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.257483] page dumped because: kasan: bad access detected [ 11.257734] [ 11.257805] Memory state around the buggy address: [ 11.257961] ffff888102dc0500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.258329] ffff888102dc0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.258624] >ffff888102dc0600: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 11.258841] ^ [ 11.259545] ffff888102dc0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.259896] ffff888102dc0700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.260190] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmalloc_uaf_16
[ 11.214423] ================================================================== [ 11.214881] BUG: KASAN: slab-use-after-free in kmalloc_uaf_16+0x47b/0x4c0 [ 11.215192] Read of size 16 at addr ffff888102224100 by task kunit_try_catch/187 [ 11.215641] [ 11.215837] CPU: 0 UID: 0 PID: 187 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.215885] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.215897] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.215930] Call Trace: [ 11.215942] <TASK> [ 11.215960] dump_stack_lvl+0x73/0xb0 [ 11.215990] print_report+0xd1/0x650 [ 11.216025] ? __virt_addr_valid+0x1db/0x2d0 [ 11.216049] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.216070] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.216101] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.216123] kasan_report+0x141/0x180 [ 11.216146] ? kmalloc_uaf_16+0x47b/0x4c0 [ 11.216183] __asan_report_load16_noabort+0x18/0x20 [ 11.216205] kmalloc_uaf_16+0x47b/0x4c0 [ 11.216226] ? __pfx_kmalloc_uaf_16+0x10/0x10 [ 11.216257] ? __schedule+0x10cc/0x2b60 [ 11.216338] ? __pfx_read_tsc+0x10/0x10 [ 11.216361] ? ktime_get_ts64+0x86/0x230 [ 11.216389] kunit_try_run_case+0x1a5/0x480 [ 11.216415] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.216437] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.216462] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.216485] ? __kthread_parkme+0x82/0x180 [ 11.216508] ? preempt_count_sub+0x50/0x80 [ 11.216546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.216570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.216593] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.216628] kthread+0x337/0x6f0 [ 11.216644] ? trace_preempt_on+0x20/0xc0 [ 11.216669] ? __pfx_kthread+0x10/0x10 [ 11.216696] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.216718] ? calculate_sigpending+0x7b/0xa0 [ 11.216740] ? __pfx_kthread+0x10/0x10 [ 11.216759] ret_from_fork+0x41/0x80 [ 11.216779] ? __pfx_kthread+0x10/0x10 [ 11.216797] ret_from_fork_asm+0x1a/0x30 [ 11.216828] </TASK> [ 11.216839] [ 11.224542] Allocated by task 187: [ 11.224797] kasan_save_stack+0x45/0x70 [ 11.225032] kasan_save_track+0x18/0x40 [ 11.225264] kasan_save_alloc_info+0x3b/0x50 [ 11.225531] __kasan_kmalloc+0xb7/0xc0 [ 11.225917] __kmalloc_cache_noprof+0x189/0x420 [ 11.226139] kmalloc_uaf_16+0x15b/0x4c0 [ 11.226451] kunit_try_run_case+0x1a5/0x480 [ 11.226671] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.226961] kthread+0x337/0x6f0 [ 11.227132] ret_from_fork+0x41/0x80 [ 11.227399] ret_from_fork_asm+0x1a/0x30 [ 11.227603] [ 11.227697] Freed by task 187: [ 11.227810] kasan_save_stack+0x45/0x70 [ 11.228078] kasan_save_track+0x18/0x40 [ 11.228220] kasan_save_free_info+0x3f/0x60 [ 11.228709] __kasan_slab_free+0x56/0x70 [ 11.228911] kfree+0x222/0x3f0 [ 11.229091] kmalloc_uaf_16+0x1d6/0x4c0 [ 11.229282] kunit_try_run_case+0x1a5/0x480 [ 11.229428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.229620] kthread+0x337/0x6f0 [ 11.229764] ret_from_fork+0x41/0x80 [ 11.229949] ret_from_fork_asm+0x1a/0x30 [ 11.230393] [ 11.230495] The buggy address belongs to the object at ffff888102224100 [ 11.230495] which belongs to the cache kmalloc-16 of size 16 [ 11.231048] The buggy address is located 0 bytes inside of [ 11.231048] freed 16-byte region [ffff888102224100, ffff888102224110) [ 11.231913] [ 11.232034] The buggy address belongs to the physical page: [ 11.232365] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102224 [ 11.232779] flags: 0x200000000000000(node=0|zone=2) [ 11.233018] page_type: f5(slab) [ 11.233209] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.233665] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.233997] page dumped because: kasan: bad access detected [ 11.234258] [ 11.234559] Memory state around the buggy address: [ 11.234832] ffff888102224000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 11.235158] ffff888102224080: fa fb fc fc 00 05 fc fc fa fb fc fc 00 00 fc fc [ 11.235522] >ffff888102224100: fa fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.235927] ^ [ 11.236051] ffff888102224180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.236476] ffff888102224200: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.236735] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_16
[ 11.194048] ================================================================== [ 11.194651] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_16+0x452/0x4a0 [ 11.194955] Write of size 16 at addr ffff888102307da0 by task kunit_try_catch/185 [ 11.195282] [ 11.195422] CPU: 1 UID: 0 PID: 185 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.195470] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.195482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.195503] Call Trace: [ 11.195516] <TASK> [ 11.195534] dump_stack_lvl+0x73/0xb0 [ 11.195560] print_report+0xd1/0x650 [ 11.195583] ? __virt_addr_valid+0x1db/0x2d0 [ 11.195616] ? kmalloc_oob_16+0x452/0x4a0 [ 11.195637] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.195660] ? kmalloc_oob_16+0x452/0x4a0 [ 11.195692] kasan_report+0x141/0x180 [ 11.195715] ? kmalloc_oob_16+0x452/0x4a0 [ 11.195752] __asan_report_store16_noabort+0x1b/0x30 [ 11.195774] kmalloc_oob_16+0x452/0x4a0 [ 11.195796] ? __pfx_kmalloc_oob_16+0x10/0x10 [ 11.195818] ? __schedule+0x10cc/0x2b60 [ 11.195841] ? __pfx_read_tsc+0x10/0x10 [ 11.195861] ? ktime_get_ts64+0x86/0x230 [ 11.195896] kunit_try_run_case+0x1a5/0x480 [ 11.195921] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.195953] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.195986] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.196009] ? __kthread_parkme+0x82/0x180 [ 11.196041] ? preempt_count_sub+0x50/0x80 [ 11.196067] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.196090] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.196112] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.196135] kthread+0x337/0x6f0 [ 11.196152] ? trace_preempt_on+0x20/0xc0 [ 11.196175] ? __pfx_kthread+0x10/0x10 [ 11.196193] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.196215] ? calculate_sigpending+0x7b/0xa0 [ 11.196247] ? __pfx_kthread+0x10/0x10 [ 11.196265] ret_from_fork+0x41/0x80 [ 11.196286] ? __pfx_kthread+0x10/0x10 [ 11.196303] ret_from_fork_asm+0x1a/0x30 [ 11.196335] </TASK> [ 11.196346] [ 11.203218] Allocated by task 185: [ 11.203370] kasan_save_stack+0x45/0x70 [ 11.203516] kasan_save_track+0x18/0x40 [ 11.203651] kasan_save_alloc_info+0x3b/0x50 [ 11.204103] __kasan_kmalloc+0xb7/0xc0 [ 11.204301] __kmalloc_cache_noprof+0x189/0x420 [ 11.204520] kmalloc_oob_16+0xa8/0x4a0 [ 11.204678] kunit_try_run_case+0x1a5/0x480 [ 11.204885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.205125] kthread+0x337/0x6f0 [ 11.205252] ret_from_fork+0x41/0x80 [ 11.205383] ret_from_fork_asm+0x1a/0x30 [ 11.205539] [ 11.205636] The buggy address belongs to the object at ffff888102307da0 [ 11.205636] which belongs to the cache kmalloc-16 of size 16 [ 11.206222] The buggy address is located 0 bytes inside of [ 11.206222] allocated 13-byte region [ffff888102307da0, ffff888102307dad) [ 11.206710] [ 11.206822] The buggy address belongs to the physical page: [ 11.207053] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 11.207395] flags: 0x200000000000000(node=0|zone=2) [ 11.207616] page_type: f5(slab) [ 11.207814] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 11.208154] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 11.208429] page dumped because: kasan: bad access detected [ 11.208601] [ 11.208670] Memory state around the buggy address: [ 11.208825] ffff888102307c80: 00 02 fc fc 00 06 fc fc 00 06 fc fc 00 04 fc fc [ 11.209244] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 11.209586] >ffff888102307d80: 00 04 fc fc 00 05 fc fc 00 00 fc fc fc fc fc fc [ 11.210245] ^ [ 11.210421] ffff888102307e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.210636] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.210848] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-krealloc_uaf
[ 11.121039] ================================================================== [ 11.122404] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x1b8/0x5e0 [ 11.123090] Read of size 1 at addr ffff888100a2bc00 by task kunit_try_catch/183 [ 11.123823] [ 11.124023] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.124072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.124084] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.124118] Call Trace: [ 11.124133] <TASK> [ 11.124153] dump_stack_lvl+0x73/0xb0 [ 11.124194] print_report+0xd1/0x650 [ 11.124226] ? __virt_addr_valid+0x1db/0x2d0 [ 11.124266] ? krealloc_uaf+0x1b8/0x5e0 [ 11.124284] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.124306] ? krealloc_uaf+0x1b8/0x5e0 [ 11.124324] kasan_report+0x141/0x180 [ 11.124367] ? krealloc_uaf+0x1b8/0x5e0 [ 11.124389] ? krealloc_uaf+0x1b8/0x5e0 [ 11.124407] __kasan_check_byte+0x3d/0x50 [ 11.124430] krealloc_noprof+0x3f/0x340 [ 11.124453] krealloc_uaf+0x1b8/0x5e0 [ 11.124472] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.124490] ? finish_task_switch.isra.0+0x153/0x700 [ 11.124514] ? __switch_to+0x5d9/0xf60 [ 11.124536] ? dequeue_task_fair+0x166/0x4e0 [ 11.124560] ? __schedule+0x10cc/0x2b60 [ 11.124583] ? __pfx_read_tsc+0x10/0x10 [ 11.124603] ? ktime_get_ts64+0x86/0x230 [ 11.124629] kunit_try_run_case+0x1a5/0x480 [ 11.124670] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.124692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.124716] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.124739] ? __kthread_parkme+0x82/0x180 [ 11.124761] ? preempt_count_sub+0x50/0x80 [ 11.124785] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.124808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.124831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.124854] kthread+0x337/0x6f0 [ 11.124871] ? trace_preempt_on+0x20/0xc0 [ 11.124895] ? __pfx_kthread+0x10/0x10 [ 11.124912] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.124934] ? calculate_sigpending+0x7b/0xa0 [ 11.124955] ? __pfx_kthread+0x10/0x10 [ 11.124975] ret_from_fork+0x41/0x80 [ 11.124995] ? __pfx_kthread+0x10/0x10 [ 11.125013] ret_from_fork_asm+0x1a/0x30 [ 11.125044] </TASK> [ 11.125055] [ 11.140410] Allocated by task 183: [ 11.140857] kasan_save_stack+0x45/0x70 [ 11.141149] kasan_save_track+0x18/0x40 [ 11.141546] kasan_save_alloc_info+0x3b/0x50 [ 11.141817] __kasan_kmalloc+0xb7/0xc0 [ 11.142185] __kmalloc_cache_noprof+0x189/0x420 [ 11.142680] krealloc_uaf+0xbb/0x5e0 [ 11.142816] kunit_try_run_case+0x1a5/0x480 [ 11.142962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.143136] kthread+0x337/0x6f0 [ 11.143268] ret_from_fork+0x41/0x80 [ 11.143508] ret_from_fork_asm+0x1a/0x30 [ 11.143720] [ 11.143837] Freed by task 183: [ 11.144132] kasan_save_stack+0x45/0x70 [ 11.144537] kasan_save_track+0x18/0x40 [ 11.144738] kasan_save_free_info+0x3f/0x60 [ 11.144949] __kasan_slab_free+0x56/0x70 [ 11.145176] kfree+0x222/0x3f0 [ 11.145350] krealloc_uaf+0x13d/0x5e0 [ 11.145595] kunit_try_run_case+0x1a5/0x480 [ 11.145803] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.146049] kthread+0x337/0x6f0 [ 11.146465] ret_from_fork+0x41/0x80 [ 11.146732] ret_from_fork_asm+0x1a/0x30 [ 11.146939] [ 11.147038] The buggy address belongs to the object at ffff888100a2bc00 [ 11.147038] which belongs to the cache kmalloc-256 of size 256 [ 11.148526] The buggy address is located 0 bytes inside of [ 11.148526] freed 256-byte region [ffff888100a2bc00, ffff888100a2bd00) [ 11.149101] [ 11.149201] The buggy address belongs to the physical page: [ 11.149938] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 11.150731] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.151050] flags: 0x200000000000040(head|node=0|zone=2) [ 11.151635] page_type: f5(slab) [ 11.151819] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.152135] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.152840] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.153590] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.154036] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 11.154448] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.154895] page dumped because: kasan: bad access detected [ 11.155127] [ 11.155215] Memory state around the buggy address: [ 11.155389] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.155784] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.156138] >ffff888100a2bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.156537] ^ [ 11.156764] ffff888100a2bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.157017] ffff888100a2bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.157399] ================================================================== [ 11.158265] ================================================================== [ 11.158973] BUG: KASAN: slab-use-after-free in krealloc_uaf+0x53c/0x5e0 [ 11.159198] Read of size 1 at addr ffff888100a2bc00 by task kunit_try_catch/183 [ 11.159653] [ 11.159774] CPU: 1 UID: 0 PID: 183 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.159820] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.159843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.159865] Call Trace: [ 11.159884] <TASK> [ 11.159917] dump_stack_lvl+0x73/0xb0 [ 11.159943] print_report+0xd1/0x650 [ 11.159967] ? __virt_addr_valid+0x1db/0x2d0 [ 11.159989] ? krealloc_uaf+0x53c/0x5e0 [ 11.160007] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.160030] ? krealloc_uaf+0x53c/0x5e0 [ 11.160048] kasan_report+0x141/0x180 [ 11.160071] ? krealloc_uaf+0x53c/0x5e0 [ 11.160093] __asan_report_load1_noabort+0x18/0x20 [ 11.160114] krealloc_uaf+0x53c/0x5e0 [ 11.160132] ? __pfx_krealloc_uaf+0x10/0x10 [ 11.160149] ? finish_task_switch.isra.0+0x153/0x700 [ 11.160276] ? __switch_to+0x5d9/0xf60 [ 11.160298] ? dequeue_task_fair+0x166/0x4e0 [ 11.160414] ? __schedule+0x10cc/0x2b60 [ 11.160443] ? __pfx_read_tsc+0x10/0x10 [ 11.160463] ? ktime_get_ts64+0x86/0x230 [ 11.160489] kunit_try_run_case+0x1a5/0x480 [ 11.160515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.160537] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.160562] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.160585] ? __kthread_parkme+0x82/0x180 [ 11.160608] ? preempt_count_sub+0x50/0x80 [ 11.160793] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.160817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.160841] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.160876] kthread+0x337/0x6f0 [ 11.160893] ? trace_preempt_on+0x20/0xc0 [ 11.160917] ? __pfx_kthread+0x10/0x10 [ 11.160947] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.160969] ? calculate_sigpending+0x7b/0xa0 [ 11.160991] ? __pfx_kthread+0x10/0x10 [ 11.161010] ret_from_fork+0x41/0x80 [ 11.161030] ? __pfx_kthread+0x10/0x10 [ 11.161048] ret_from_fork_asm+0x1a/0x30 [ 11.161079] </TASK> [ 11.161090] [ 11.174399] Allocated by task 183: [ 11.174767] kasan_save_stack+0x45/0x70 [ 11.174931] kasan_save_track+0x18/0x40 [ 11.175066] kasan_save_alloc_info+0x3b/0x50 [ 11.175208] __kasan_kmalloc+0xb7/0xc0 [ 11.175355] __kmalloc_cache_noprof+0x189/0x420 [ 11.175575] krealloc_uaf+0xbb/0x5e0 [ 11.175874] kunit_try_run_case+0x1a5/0x480 [ 11.176084] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.176308] kthread+0x337/0x6f0 [ 11.176479] ret_from_fork+0x41/0x80 [ 11.176664] ret_from_fork_asm+0x1a/0x30 [ 11.177037] [ 11.177115] Freed by task 183: [ 11.177280] kasan_save_stack+0x45/0x70 [ 11.177766] kasan_save_track+0x18/0x40 [ 11.177952] kasan_save_free_info+0x3f/0x60 [ 11.178128] __kasan_slab_free+0x56/0x70 [ 11.178305] kfree+0x222/0x3f0 [ 11.178471] krealloc_uaf+0x13d/0x5e0 [ 11.178784] kunit_try_run_case+0x1a5/0x480 [ 11.178947] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.179165] kthread+0x337/0x6f0 [ 11.179344] ret_from_fork+0x41/0x80 [ 11.179477] ret_from_fork_asm+0x1a/0x30 [ 11.179809] [ 11.179889] The buggy address belongs to the object at ffff888100a2bc00 [ 11.179889] which belongs to the cache kmalloc-256 of size 256 [ 11.180621] The buggy address is located 0 bytes inside of [ 11.180621] freed 256-byte region [ffff888100a2bc00, ffff888100a2bd00) [ 11.181133] [ 11.181209] The buggy address belongs to the physical page: [ 11.181398] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 11.182124] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.182719] flags: 0x200000000000040(head|node=0|zone=2) [ 11.183056] page_type: f5(slab) [ 11.183266] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.183517] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.184111] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 11.184734] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.185084] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 11.185659] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 11.185999] page dumped because: kasan: bad access detected [ 11.186233] [ 11.186399] Memory state around the buggy address: [ 11.186744] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.187048] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.187372] >ffff888100a2bc00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.187654] ^ [ 11.187946] ffff888100a2bc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.188257] ffff888100a2bd00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.188706] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_less_oob_helper
[ 11.013102] ================================================================== [ 11.013700] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 11.014082] Write of size 1 at addr ffff8881039120c9 by task kunit_try_catch/181 [ 11.014446] [ 11.014645] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.014689] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.014713] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.014734] Call Trace: [ 11.014746] <TASK> [ 11.014760] dump_stack_lvl+0x73/0xb0 [ 11.014784] print_report+0xd1/0x650 [ 11.014806] ? __virt_addr_valid+0x1db/0x2d0 [ 11.014826] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.014846] ? kasan_addr_to_slab+0x11/0xa0 [ 11.014866] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.014896] kasan_report+0x141/0x180 [ 11.014919] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 11.014944] __asan_report_store1_noabort+0x1b/0x30 [ 11.014976] krealloc_less_oob_helper+0xd70/0x11d0 [ 11.014999] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.015019] ? finish_task_switch.isra.0+0x153/0x700 [ 11.015042] ? __switch_to+0x5d9/0xf60 [ 11.015062] ? dequeue_task_fair+0x166/0x4e0 [ 11.015084] ? __schedule+0x10cc/0x2b60 [ 11.015106] ? __pfx_read_tsc+0x10/0x10 [ 11.015129] krealloc_large_less_oob+0x1c/0x30 [ 11.015148] kunit_try_run_case+0x1a5/0x480 [ 11.015179] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.015201] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.015224] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.015262] ? __kthread_parkme+0x82/0x180 [ 11.015297] ? preempt_count_sub+0x50/0x80 [ 11.015321] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.015345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.015367] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.015435] kthread+0x337/0x6f0 [ 11.015465] ? trace_preempt_on+0x20/0xc0 [ 11.015489] ? __pfx_kthread+0x10/0x10 [ 11.015506] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.015528] ? calculate_sigpending+0x7b/0xa0 [ 11.015549] ? __pfx_kthread+0x10/0x10 [ 11.015567] ret_from_fork+0x41/0x80 [ 11.015587] ? __pfx_kthread+0x10/0x10 [ 11.015605] ret_from_fork_asm+0x1a/0x30 [ 11.015635] </TASK> [ 11.015645] [ 11.024700] The buggy address belongs to the physical page: [ 11.024977] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.025307] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.025863] flags: 0x200000000000040(head|node=0|zone=2) [ 11.026105] page_type: f8(unknown) [ 11.026432] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.026795] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.027126] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.027554] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.027964] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.028321] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.028926] page dumped because: kasan: bad access detected [ 11.029105] [ 11.029176] Memory state around the buggy address: [ 11.029510] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.029957] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.030174] >ffff888103912080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.030618] ^ [ 11.031016] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.031334] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.031686] ================================================================== [ 10.861020] ================================================================== [ 10.861691] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd70/0x11d0 [ 10.862181] Write of size 1 at addr ffff888100a2bac9 by task kunit_try_catch/177 [ 10.862642] [ 10.862786] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.862832] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.862844] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.862877] Call Trace: [ 10.862889] <TASK> [ 10.862905] dump_stack_lvl+0x73/0xb0 [ 10.862932] print_report+0xd1/0x650 [ 10.862955] ? __virt_addr_valid+0x1db/0x2d0 [ 10.862987] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.863007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.863030] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.863061] kasan_report+0x141/0x180 [ 10.863083] ? krealloc_less_oob_helper+0xd70/0x11d0 [ 10.863109] __asan_report_store1_noabort+0x1b/0x30 [ 10.863130] krealloc_less_oob_helper+0xd70/0x11d0 [ 10.863152] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.863172] ? __schedule+0x207f/0x2b60 [ 10.863194] ? schedule+0x7c/0x2e0 [ 10.863214] ? trace_hardirqs_on+0x37/0xe0 [ 10.863248] ? __schedule+0x207f/0x2b60 [ 10.863270] ? __pfx_read_tsc+0x10/0x10 [ 10.863332] krealloc_less_oob+0x1c/0x30 [ 10.863352] kunit_try_run_case+0x1a5/0x480 [ 10.863377] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.863399] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.863422] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.863445] ? __kthread_parkme+0x82/0x180 [ 10.863467] ? preempt_count_sub+0x50/0x80 [ 10.863493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.863516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.863538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.863561] kthread+0x337/0x6f0 [ 10.863578] ? trace_preempt_on+0x20/0xc0 [ 10.863600] ? __pfx_kthread+0x10/0x10 [ 10.863617] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.863639] ? calculate_sigpending+0x7b/0xa0 [ 10.863660] ? __pfx_kthread+0x10/0x10 [ 10.863678] ret_from_fork+0x41/0x80 [ 10.863699] ? __pfx_kthread+0x10/0x10 [ 10.863716] ret_from_fork_asm+0x1a/0x30 [ 10.863747] </TASK> [ 10.863757] [ 10.872583] Allocated by task 177: [ 10.872882] kasan_save_stack+0x45/0x70 [ 10.873169] kasan_save_track+0x18/0x40 [ 10.873334] kasan_save_alloc_info+0x3b/0x50 [ 10.873619] __kasan_krealloc+0x190/0x1f0 [ 10.873854] krealloc_noprof+0xf3/0x340 [ 10.874082] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.874306] krealloc_less_oob+0x1c/0x30 [ 10.874509] kunit_try_run_case+0x1a5/0x480 [ 10.874769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.875008] kthread+0x337/0x6f0 [ 10.875179] ret_from_fork+0x41/0x80 [ 10.875401] ret_from_fork_asm+0x1a/0x30 [ 10.875624] [ 10.875750] The buggy address belongs to the object at ffff888100a2ba00 [ 10.875750] which belongs to the cache kmalloc-256 of size 256 [ 10.876278] The buggy address is located 0 bytes to the right of [ 10.876278] allocated 201-byte region [ffff888100a2ba00, ffff888100a2bac9) [ 10.877105] [ 10.877216] The buggy address belongs to the physical page: [ 10.877563] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 10.878049] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.878305] flags: 0x200000000000040(head|node=0|zone=2) [ 10.878532] page_type: f5(slab) [ 10.878742] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.879113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.879388] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.879618] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.880210] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 10.880564] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.880956] page dumped because: kasan: bad access detected [ 10.881233] [ 10.881435] Memory state around the buggy address: [ 10.881642] ffff888100a2b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.881950] ffff888100a2ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.882274] >ffff888100a2ba80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.882596] ^ [ 10.882984] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.883247] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.883686] ================================================================== [ 10.928619] ================================================================== [ 10.928912] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 10.929136] Write of size 1 at addr ffff888100a2baea by task kunit_try_catch/177 [ 10.929815] [ 10.929949] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.929992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.930004] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.930024] Call Trace: [ 10.930039] <TASK> [ 10.930053] dump_stack_lvl+0x73/0xb0 [ 10.930076] print_report+0xd1/0x650 [ 10.930098] ? __virt_addr_valid+0x1db/0x2d0 [ 10.930118] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.930138] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.930160] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.930180] kasan_report+0x141/0x180 [ 10.930203] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 10.930230] __asan_report_store1_noabort+0x1b/0x30 [ 10.930273] krealloc_less_oob_helper+0xe90/0x11d0 [ 10.930295] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.930316] ? __schedule+0x207f/0x2b60 [ 10.930336] ? schedule+0x7c/0x2e0 [ 10.930367] ? trace_hardirqs_on+0x37/0xe0 [ 10.930389] ? __schedule+0x207f/0x2b60 [ 10.930411] ? __pfx_read_tsc+0x10/0x10 [ 10.930434] krealloc_less_oob+0x1c/0x30 [ 10.930460] kunit_try_run_case+0x1a5/0x480 [ 10.930484] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.930505] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.930539] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.930562] ? __kthread_parkme+0x82/0x180 [ 10.930583] ? preempt_count_sub+0x50/0x80 [ 10.930606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.930638] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.930660] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.930683] kthread+0x337/0x6f0 [ 10.930710] ? trace_preempt_on+0x20/0xc0 [ 10.930732] ? __pfx_kthread+0x10/0x10 [ 10.930750] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.930771] ? calculate_sigpending+0x7b/0xa0 [ 10.930792] ? __pfx_kthread+0x10/0x10 [ 10.930810] ret_from_fork+0x41/0x80 [ 10.930830] ? __pfx_kthread+0x10/0x10 [ 10.930848] ret_from_fork_asm+0x1a/0x30 [ 10.930878] </TASK> [ 10.930888] [ 10.938366] Allocated by task 177: [ 10.938551] kasan_save_stack+0x45/0x70 [ 10.938774] kasan_save_track+0x18/0x40 [ 10.939054] kasan_save_alloc_info+0x3b/0x50 [ 10.939297] __kasan_krealloc+0x190/0x1f0 [ 10.939540] krealloc_noprof+0xf3/0x340 [ 10.939831] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.940041] krealloc_less_oob+0x1c/0x30 [ 10.940183] kunit_try_run_case+0x1a5/0x480 [ 10.940413] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.940697] kthread+0x337/0x6f0 [ 10.940867] ret_from_fork+0x41/0x80 [ 10.941056] ret_from_fork_asm+0x1a/0x30 [ 10.941267] [ 10.941349] The buggy address belongs to the object at ffff888100a2ba00 [ 10.941349] which belongs to the cache kmalloc-256 of size 256 [ 10.941830] The buggy address is located 33 bytes to the right of [ 10.941830] allocated 201-byte region [ffff888100a2ba00, ffff888100a2bac9) [ 10.942427] [ 10.942526] The buggy address belongs to the physical page: [ 10.942808] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 10.943157] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.943506] flags: 0x200000000000040(head|node=0|zone=2) [ 10.943837] page_type: f5(slab) [ 10.943973] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.944206] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.944588] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.944953] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.945187] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 10.945583] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.946014] page dumped because: kasan: bad access detected [ 10.946289] [ 10.946413] Memory state around the buggy address: [ 10.946570] ffff888100a2b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.947041] ffff888100a2ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.947365] >ffff888100a2ba80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.947650] ^ [ 10.947984] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.948300] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.948602] ================================================================== [ 10.907684] ================================================================== [ 10.907968] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 10.908600] Write of size 1 at addr ffff888100a2bada by task kunit_try_catch/177 [ 10.909022] [ 10.909162] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.909205] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.909216] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.909247] Call Trace: [ 10.909258] <TASK> [ 10.909271] dump_stack_lvl+0x73/0xb0 [ 10.909306] print_report+0xd1/0x650 [ 10.909327] ? __virt_addr_valid+0x1db/0x2d0 [ 10.909348] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.909379] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.909401] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.909421] kasan_report+0x141/0x180 [ 10.909444] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 10.909477] __asan_report_store1_noabort+0x1b/0x30 [ 10.909498] krealloc_less_oob_helper+0xec6/0x11d0 [ 10.909521] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.909552] ? __schedule+0x207f/0x2b60 [ 10.909577] ? schedule+0x7c/0x2e0 [ 10.909597] ? trace_hardirqs_on+0x37/0xe0 [ 10.909620] ? __schedule+0x207f/0x2b60 [ 10.909650] ? __pfx_read_tsc+0x10/0x10 [ 10.909674] krealloc_less_oob+0x1c/0x30 [ 10.909692] kunit_try_run_case+0x1a5/0x480 [ 10.909735] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.909757] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.909780] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.909804] ? __kthread_parkme+0x82/0x180 [ 10.909825] ? preempt_count_sub+0x50/0x80 [ 10.909849] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.909872] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.909894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.909917] kthread+0x337/0x6f0 [ 10.909934] ? trace_preempt_on+0x20/0xc0 [ 10.909955] ? __pfx_kthread+0x10/0x10 [ 10.909973] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.909994] ? calculate_sigpending+0x7b/0xa0 [ 10.910015] ? __pfx_kthread+0x10/0x10 [ 10.910033] ret_from_fork+0x41/0x80 [ 10.910053] ? __pfx_kthread+0x10/0x10 [ 10.910079] ret_from_fork_asm+0x1a/0x30 [ 10.910109] </TASK> [ 10.910119] [ 10.918199] Allocated by task 177: [ 10.918375] kasan_save_stack+0x45/0x70 [ 10.918567] kasan_save_track+0x18/0x40 [ 10.918784] kasan_save_alloc_info+0x3b/0x50 [ 10.918932] __kasan_krealloc+0x190/0x1f0 [ 10.919077] krealloc_noprof+0xf3/0x340 [ 10.919230] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.919491] krealloc_less_oob+0x1c/0x30 [ 10.919684] kunit_try_run_case+0x1a5/0x480 [ 10.919891] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.920147] kthread+0x337/0x6f0 [ 10.920340] ret_from_fork+0x41/0x80 [ 10.920471] ret_from_fork_asm+0x1a/0x30 [ 10.920671] [ 10.920768] The buggy address belongs to the object at ffff888100a2ba00 [ 10.920768] which belongs to the cache kmalloc-256 of size 256 [ 10.921301] The buggy address is located 17 bytes to the right of [ 10.921301] allocated 201-byte region [ffff888100a2ba00, ffff888100a2bac9) [ 10.921875] [ 10.921946] The buggy address belongs to the physical page: [ 10.922118] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 10.922369] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.922699] flags: 0x200000000000040(head|node=0|zone=2) [ 10.922951] page_type: f5(slab) [ 10.923125] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.923673] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.923951] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.924182] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.924521] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 10.924909] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.925352] page dumped because: kasan: bad access detected [ 10.925625] [ 10.925784] Memory state around the buggy address: [ 10.926030] ffff888100a2b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.926269] ffff888100a2ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.926484] >ffff888100a2ba80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.926845] ^ [ 10.927121] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.927481] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.928008] ================================================================== [ 10.949090] ================================================================== [ 10.949514] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 10.949987] Write of size 1 at addr ffff888100a2baeb by task kunit_try_catch/177 [ 10.950421] [ 10.950522] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.950564] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.950575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.950594] Call Trace: [ 10.950609] <TASK> [ 10.950624] dump_stack_lvl+0x73/0xb0 [ 10.950647] print_report+0xd1/0x650 [ 10.950669] ? __virt_addr_valid+0x1db/0x2d0 [ 10.950690] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.950710] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.950732] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.950753] kasan_report+0x141/0x180 [ 10.950776] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 10.950801] __asan_report_store1_noabort+0x1b/0x30 [ 10.950822] krealloc_less_oob_helper+0xd47/0x11d0 [ 10.950858] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.950879] ? __schedule+0x207f/0x2b60 [ 10.950900] ? schedule+0x7c/0x2e0 [ 10.950932] ? trace_hardirqs_on+0x37/0xe0 [ 10.950955] ? __schedule+0x207f/0x2b60 [ 10.950977] ? __pfx_read_tsc+0x10/0x10 [ 10.951000] krealloc_less_oob+0x1c/0x30 [ 10.951018] kunit_try_run_case+0x1a5/0x480 [ 10.951041] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.951063] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.951087] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.951111] ? __kthread_parkme+0x82/0x180 [ 10.951131] ? preempt_count_sub+0x50/0x80 [ 10.951156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.951181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.951205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.951230] kthread+0x337/0x6f0 [ 10.951257] ? trace_preempt_on+0x20/0xc0 [ 10.951279] ? __pfx_kthread+0x10/0x10 [ 10.951297] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.951319] ? calculate_sigpending+0x7b/0xa0 [ 10.951340] ? __pfx_kthread+0x10/0x10 [ 10.951359] ret_from_fork+0x41/0x80 [ 10.951379] ? __pfx_kthread+0x10/0x10 [ 10.951397] ret_from_fork_asm+0x1a/0x30 [ 10.951426] </TASK> [ 10.951436] [ 10.958953] Allocated by task 177: [ 10.959200] kasan_save_stack+0x45/0x70 [ 10.959422] kasan_save_track+0x18/0x40 [ 10.959618] kasan_save_alloc_info+0x3b/0x50 [ 10.959926] __kasan_krealloc+0x190/0x1f0 [ 10.960067] krealloc_noprof+0xf3/0x340 [ 10.960216] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.960474] krealloc_less_oob+0x1c/0x30 [ 10.960687] kunit_try_run_case+0x1a5/0x480 [ 10.960922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.961178] kthread+0x337/0x6f0 [ 10.961335] ret_from_fork+0x41/0x80 [ 10.961536] ret_from_fork_asm+0x1a/0x30 [ 10.961755] [ 10.961826] The buggy address belongs to the object at ffff888100a2ba00 [ 10.961826] which belongs to the cache kmalloc-256 of size 256 [ 10.962281] The buggy address is located 34 bytes to the right of [ 10.962281] allocated 201-byte region [ffff888100a2ba00, ffff888100a2bac9) [ 10.962791] [ 10.962865] The buggy address belongs to the physical page: [ 10.963102] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 10.963473] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.963930] flags: 0x200000000000040(head|node=0|zone=2) [ 10.964195] page_type: f5(slab) [ 10.964331] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.964686] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.965006] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.965343] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.965681] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 10.965984] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.966211] page dumped because: kasan: bad access detected [ 10.966393] [ 10.966462] Memory state around the buggy address: [ 10.966618] ffff888100a2b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.966918] ffff888100a2ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.967244] >ffff888100a2ba80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.967558] ^ [ 10.967857] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.968116] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.968337] ================================================================== [ 10.884746] ================================================================== [ 10.885100] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 10.885867] Write of size 1 at addr ffff888100a2bad0 by task kunit_try_catch/177 [ 10.886293] [ 10.886594] CPU: 1 UID: 0 PID: 177 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.886645] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.886657] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.886676] Call Trace: [ 10.886700] <TASK> [ 10.886715] dump_stack_lvl+0x73/0xb0 [ 10.886741] print_report+0xd1/0x650 [ 10.886775] ? __virt_addr_valid+0x1db/0x2d0 [ 10.886796] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.886816] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.886838] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.886859] kasan_report+0x141/0x180 [ 10.886881] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 10.886906] __asan_report_store1_noabort+0x1b/0x30 [ 10.886927] krealloc_less_oob_helper+0xe23/0x11d0 [ 10.886950] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 10.886970] ? __schedule+0x207f/0x2b60 [ 10.887000] ? schedule+0x7c/0x2e0 [ 10.887020] ? trace_hardirqs_on+0x37/0xe0 [ 10.887043] ? __schedule+0x207f/0x2b60 [ 10.887075] ? __pfx_read_tsc+0x10/0x10 [ 10.887098] krealloc_less_oob+0x1c/0x30 [ 10.887116] kunit_try_run_case+0x1a5/0x480 [ 10.887140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.887171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.887194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.887218] ? __kthread_parkme+0x82/0x180 [ 10.887262] ? preempt_count_sub+0x50/0x80 [ 10.887287] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.887310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.887333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.887356] kthread+0x337/0x6f0 [ 10.887372] ? trace_preempt_on+0x20/0xc0 [ 10.887394] ? __pfx_kthread+0x10/0x10 [ 10.887412] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.887433] ? calculate_sigpending+0x7b/0xa0 [ 10.887455] ? __pfx_kthread+0x10/0x10 [ 10.887473] ret_from_fork+0x41/0x80 [ 10.887494] ? __pfx_kthread+0x10/0x10 [ 10.887512] ret_from_fork_asm+0x1a/0x30 [ 10.887541] </TASK> [ 10.887551] [ 10.895946] Allocated by task 177: [ 10.896101] kasan_save_stack+0x45/0x70 [ 10.896266] kasan_save_track+0x18/0x40 [ 10.896517] kasan_save_alloc_info+0x3b/0x50 [ 10.896819] __kasan_krealloc+0x190/0x1f0 [ 10.896990] krealloc_noprof+0xf3/0x340 [ 10.897183] krealloc_less_oob_helper+0x1aa/0x11d0 [ 10.897613] krealloc_less_oob+0x1c/0x30 [ 10.897905] kunit_try_run_case+0x1a5/0x480 [ 10.898091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.898399] kthread+0x337/0x6f0 [ 10.898557] ret_from_fork+0x41/0x80 [ 10.898689] ret_from_fork_asm+0x1a/0x30 [ 10.898827] [ 10.898898] The buggy address belongs to the object at ffff888100a2ba00 [ 10.898898] which belongs to the cache kmalloc-256 of size 256 [ 10.899384] The buggy address is located 7 bytes to the right of [ 10.899384] allocated 201-byte region [ffff888100a2ba00, ffff888100a2bac9) [ 10.900011] [ 10.900108] The buggy address belongs to the physical page: [ 10.900413] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100a2a [ 10.900670] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.901008] flags: 0x200000000000040(head|node=0|zone=2) [ 10.901376] page_type: f5(slab) [ 10.901617] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.901909] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.902140] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.902585] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.903097] head: 0200000000000001 ffffea0004028a81 00000000ffffffff 00000000ffffffff [ 10.903337] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.903561] page dumped because: kasan: bad access detected [ 10.903920] [ 10.904021] Memory state around the buggy address: [ 10.904287] ffff888100a2b980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.904638] ffff888100a2ba00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.905166] >ffff888100a2ba80: 00 00 00 00 00 00 00 00 00 01 fc fc fc fc fc fc [ 10.905779] ^ [ 10.906044] ffff888100a2bb00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.906420] ffff888100a2bb80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.906810] ================================================================== [ 11.032106] ================================================================== [ 11.032804] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe23/0x11d0 [ 11.033185] Write of size 1 at addr ffff8881039120d0 by task kunit_try_catch/181 [ 11.033530] [ 11.033636] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.033676] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.033688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.033706] Call Trace: [ 11.033717] <TASK> [ 11.033731] dump_stack_lvl+0x73/0xb0 [ 11.033755] print_report+0xd1/0x650 [ 11.033777] ? __virt_addr_valid+0x1db/0x2d0 [ 11.033797] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.033817] ? kasan_addr_to_slab+0x11/0xa0 [ 11.033838] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.033859] kasan_report+0x141/0x180 [ 11.033881] ? krealloc_less_oob_helper+0xe23/0x11d0 [ 11.033907] __asan_report_store1_noabort+0x1b/0x30 [ 11.033928] krealloc_less_oob_helper+0xe23/0x11d0 [ 11.033950] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.033971] ? finish_task_switch.isra.0+0x153/0x700 [ 11.033994] ? __switch_to+0x5d9/0xf60 [ 11.034014] ? dequeue_task_fair+0x166/0x4e0 [ 11.034037] ? __schedule+0x10cc/0x2b60 [ 11.034060] ? __pfx_read_tsc+0x10/0x10 [ 11.034082] krealloc_large_less_oob+0x1c/0x30 [ 11.034101] kunit_try_run_case+0x1a5/0x480 [ 11.034124] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.034146] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.034170] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.034193] ? __kthread_parkme+0x82/0x180 [ 11.034213] ? preempt_count_sub+0x50/0x80 [ 11.034257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.034281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.034304] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.034339] kthread+0x337/0x6f0 [ 11.034356] ? trace_preempt_on+0x20/0xc0 [ 11.034388] ? __pfx_kthread+0x10/0x10 [ 11.034405] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.034427] ? calculate_sigpending+0x7b/0xa0 [ 11.034458] ? __pfx_kthread+0x10/0x10 [ 11.034476] ret_from_fork+0x41/0x80 [ 11.034496] ? __pfx_kthread+0x10/0x10 [ 11.034514] ret_from_fork_asm+0x1a/0x30 [ 11.034544] </TASK> [ 11.034553] [ 11.042517] The buggy address belongs to the physical page: [ 11.042796] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.043147] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.043488] flags: 0x200000000000040(head|node=0|zone=2) [ 11.043769] page_type: f8(unknown) [ 11.043949] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.044243] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.044475] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.044711] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.045041] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.045392] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.045979] page dumped because: kasan: bad access detected [ 11.046266] [ 11.046360] Memory state around the buggy address: [ 11.046573] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.046927] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.047230] >ffff888103912080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.047456] ^ [ 11.047636] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.047920] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.048277] ================================================================== [ 11.048951] ================================================================== [ 11.049821] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xec6/0x11d0 [ 11.050303] Write of size 1 at addr ffff8881039120da by task kunit_try_catch/181 [ 11.050625] [ 11.050845] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.050889] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.050900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.050920] Call Trace: [ 11.050935] <TASK> [ 11.050949] dump_stack_lvl+0x73/0xb0 [ 11.050972] print_report+0xd1/0x650 [ 11.051007] ? __virt_addr_valid+0x1db/0x2d0 [ 11.051028] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.051048] ? kasan_addr_to_slab+0x11/0xa0 [ 11.051081] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.051101] kasan_report+0x141/0x180 [ 11.051124] ? krealloc_less_oob_helper+0xec6/0x11d0 [ 11.051149] __asan_report_store1_noabort+0x1b/0x30 [ 11.051170] krealloc_less_oob_helper+0xec6/0x11d0 [ 11.051193] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.051213] ? finish_task_switch.isra.0+0x153/0x700 [ 11.051245] ? __switch_to+0x5d9/0xf60 [ 11.051265] ? dequeue_task_fair+0x166/0x4e0 [ 11.051289] ? __schedule+0x10cc/0x2b60 [ 11.051311] ? __pfx_read_tsc+0x10/0x10 [ 11.051333] krealloc_large_less_oob+0x1c/0x30 [ 11.051352] kunit_try_run_case+0x1a5/0x480 [ 11.051375] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.051397] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.051420] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.051443] ? __kthread_parkme+0x82/0x180 [ 11.051464] ? preempt_count_sub+0x50/0x80 [ 11.051488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.051511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.051534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.051557] kthread+0x337/0x6f0 [ 11.051573] ? trace_preempt_on+0x20/0xc0 [ 11.051606] ? __pfx_kthread+0x10/0x10 [ 11.051624] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.051645] ? calculate_sigpending+0x7b/0xa0 [ 11.051677] ? __pfx_kthread+0x10/0x10 [ 11.051695] ret_from_fork+0x41/0x80 [ 11.051715] ? __pfx_kthread+0x10/0x10 [ 11.051733] ret_from_fork_asm+0x1a/0x30 [ 11.051763] </TASK> [ 11.051773] [ 11.059428] The buggy address belongs to the physical page: [ 11.059695] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.059955] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.060315] flags: 0x200000000000040(head|node=0|zone=2) [ 11.060568] page_type: f8(unknown) [ 11.060738] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.060968] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.061198] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.061580] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.063866] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.064120] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.064361] page dumped because: kasan: bad access detected [ 11.064532] [ 11.064603] Memory state around the buggy address: [ 11.064769] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.064987] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.065204] >ffff888103912080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.066930] ^ [ 11.068026] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.069181] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.070342] ================================================================== [ 11.071264] ================================================================== [ 11.071786] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xe90/0x11d0 [ 11.072136] Write of size 1 at addr ffff8881039120ea by task kunit_try_catch/181 [ 11.072672] [ 11.072828] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.072872] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.072902] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.072936] Call Trace: [ 11.072948] <TASK> [ 11.072962] dump_stack_lvl+0x73/0xb0 [ 11.072987] print_report+0xd1/0x650 [ 11.073008] ? __virt_addr_valid+0x1db/0x2d0 [ 11.073030] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.073050] ? kasan_addr_to_slab+0x11/0xa0 [ 11.073070] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.073090] kasan_report+0x141/0x180 [ 11.073112] ? krealloc_less_oob_helper+0xe90/0x11d0 [ 11.073137] __asan_report_store1_noabort+0x1b/0x30 [ 11.073157] krealloc_less_oob_helper+0xe90/0x11d0 [ 11.073179] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.073199] ? finish_task_switch.isra.0+0x153/0x700 [ 11.073222] ? __switch_to+0x5d9/0xf60 [ 11.073253] ? dequeue_task_fair+0x166/0x4e0 [ 11.073276] ? __schedule+0x10cc/0x2b60 [ 11.073298] ? __pfx_read_tsc+0x10/0x10 [ 11.073321] krealloc_large_less_oob+0x1c/0x30 [ 11.073339] kunit_try_run_case+0x1a5/0x480 [ 11.073363] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.073385] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.073407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.073430] ? __kthread_parkme+0x82/0x180 [ 11.073451] ? preempt_count_sub+0x50/0x80 [ 11.073475] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.073497] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.073520] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.073542] kthread+0x337/0x6f0 [ 11.073563] ? trace_preempt_on+0x20/0xc0 [ 11.073585] ? __pfx_kthread+0x10/0x10 [ 11.073603] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.073623] ? calculate_sigpending+0x7b/0xa0 [ 11.073644] ? __pfx_kthread+0x10/0x10 [ 11.073673] ret_from_fork+0x41/0x80 [ 11.073694] ? __pfx_kthread+0x10/0x10 [ 11.073711] ret_from_fork_asm+0x1a/0x30 [ 11.073740] </TASK> [ 11.073750] [ 11.082133] The buggy address belongs to the physical page: [ 11.082514] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.083680] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.083922] flags: 0x200000000000040(head|node=0|zone=2) [ 11.084104] page_type: f8(unknown) [ 11.084234] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.084592] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.084939] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.085361] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.085776] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.086422] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.086854] page dumped because: kasan: bad access detected [ 11.087033] [ 11.087106] Memory state around the buggy address: [ 11.087298] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.088024] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.088696] >ffff888103912080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.089342] ^ [ 11.089947] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.090585] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.091013] ================================================================== [ 11.092009] ================================================================== [ 11.092904] BUG: KASAN: slab-out-of-bounds in krealloc_less_oob_helper+0xd47/0x11d0 [ 11.093799] Write of size 1 at addr ffff8881039120eb by task kunit_try_catch/181 [ 11.094145] [ 11.094250] CPU: 0 UID: 0 PID: 181 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.094295] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.094307] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.094329] Call Trace: [ 11.094347] <TASK> [ 11.094366] dump_stack_lvl+0x73/0xb0 [ 11.094392] print_report+0xd1/0x650 [ 11.094415] ? __virt_addr_valid+0x1db/0x2d0 [ 11.094435] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.094455] ? kasan_addr_to_slab+0x11/0xa0 [ 11.094476] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.094496] kasan_report+0x141/0x180 [ 11.094518] ? krealloc_less_oob_helper+0xd47/0x11d0 [ 11.094545] __asan_report_store1_noabort+0x1b/0x30 [ 11.094566] krealloc_less_oob_helper+0xd47/0x11d0 [ 11.094588] ? __pfx_krealloc_less_oob_helper+0x10/0x10 [ 11.094609] ? finish_task_switch.isra.0+0x153/0x700 [ 11.094632] ? __switch_to+0x5d9/0xf60 [ 11.094682] ? dequeue_task_fair+0x166/0x4e0 [ 11.094706] ? __schedule+0x10cc/0x2b60 [ 11.094728] ? __pfx_read_tsc+0x10/0x10 [ 11.094751] krealloc_large_less_oob+0x1c/0x30 [ 11.094780] kunit_try_run_case+0x1a5/0x480 [ 11.094805] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094827] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.094862] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.094885] ? __kthread_parkme+0x82/0x180 [ 11.094907] ? preempt_count_sub+0x50/0x80 [ 11.094939] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.094963] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.094985] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.095018] kthread+0x337/0x6f0 [ 11.095034] ? trace_preempt_on+0x20/0xc0 [ 11.095057] ? __pfx_kthread+0x10/0x10 [ 11.095075] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.095096] ? calculate_sigpending+0x7b/0xa0 [ 11.095117] ? __pfx_kthread+0x10/0x10 [ 11.095135] ret_from_fork+0x41/0x80 [ 11.095155] ? __pfx_kthread+0x10/0x10 [ 11.095173] ret_from_fork_asm+0x1a/0x30 [ 11.095203] </TASK> [ 11.095212] [ 11.108377] The buggy address belongs to the physical page: [ 11.108584] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.109315] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.109844] flags: 0x200000000000040(head|node=0|zone=2) [ 11.110023] page_type: f8(unknown) [ 11.110151] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.110729] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.111410] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.112083] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.112754] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.112985] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.113212] page dumped because: kasan: bad access detected [ 11.113747] [ 11.113905] Memory state around the buggy address: [ 11.114358] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.114990] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.115606] >ffff888103912080: 00 00 00 00 00 00 00 00 00 01 fe fe fe fe fe fe [ 11.116066] ^ [ 11.116279] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.116495] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.116859] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-krealloc_more_oob_helper
[ 10.787427] ================================================================== [ 10.787804] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.788050] Write of size 1 at addr ffff888100348aeb by task kunit_try_catch/175 [ 10.788291] [ 10.788377] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.788420] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.788431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.788451] Call Trace: [ 10.788462] <TASK> [ 10.788476] dump_stack_lvl+0x73/0xb0 [ 10.788499] print_report+0xd1/0x650 [ 10.788522] ? __virt_addr_valid+0x1db/0x2d0 [ 10.788543] ? krealloc_more_oob_helper+0x821/0x930 [ 10.788563] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.788585] ? krealloc_more_oob_helper+0x821/0x930 [ 10.788605] kasan_report+0x141/0x180 [ 10.788626] ? krealloc_more_oob_helper+0x821/0x930 [ 10.788651] __asan_report_store1_noabort+0x1b/0x30 [ 10.788671] krealloc_more_oob_helper+0x821/0x930 [ 10.788690] ? __schedule+0x10cc/0x2b60 [ 10.788712] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.788732] ? finish_task_switch.isra.0+0x153/0x700 [ 10.788754] ? __switch_to+0x5d9/0xf60 [ 10.788776] ? dequeue_task_fair+0x166/0x4e0 [ 10.788799] ? __schedule+0x10cc/0x2b60 [ 10.788821] ? __pfx_read_tsc+0x10/0x10 [ 10.788843] krealloc_more_oob+0x1c/0x30 [ 10.788861] kunit_try_run_case+0x1a5/0x480 [ 10.788884] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.788905] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.788929] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.788951] ? __kthread_parkme+0x82/0x180 [ 10.788972] ? preempt_count_sub+0x50/0x80 [ 10.788995] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.789018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.789040] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.789062] kthread+0x337/0x6f0 [ 10.789078] ? trace_preempt_on+0x20/0xc0 [ 10.789100] ? __pfx_kthread+0x10/0x10 [ 10.789117] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.789138] ? calculate_sigpending+0x7b/0xa0 [ 10.789159] ? __pfx_kthread+0x10/0x10 [ 10.789176] ret_from_fork+0x41/0x80 [ 10.789196] ? __pfx_kthread+0x10/0x10 [ 10.789213] ret_from_fork_asm+0x1a/0x30 [ 10.789601] </TASK> [ 10.789620] [ 10.806322] Allocated by task 175: [ 10.806857] kasan_save_stack+0x45/0x70 [ 10.807180] kasan_save_track+0x18/0x40 [ 10.807339] kasan_save_alloc_info+0x3b/0x50 [ 10.807487] __kasan_krealloc+0x190/0x1f0 [ 10.807733] krealloc_noprof+0xf3/0x340 [ 10.808417] krealloc_more_oob_helper+0x1a9/0x930 [ 10.808854] krealloc_more_oob+0x1c/0x30 [ 10.809347] kunit_try_run_case+0x1a5/0x480 [ 10.809792] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.810357] kthread+0x337/0x6f0 [ 10.810771] ret_from_fork+0x41/0x80 [ 10.811076] ret_from_fork_asm+0x1a/0x30 [ 10.811212] [ 10.811317] The buggy address belongs to the object at ffff888100348a00 [ 10.811317] which belongs to the cache kmalloc-256 of size 256 [ 10.812249] The buggy address is located 0 bytes to the right of [ 10.812249] allocated 235-byte region [ffff888100348a00, ffff888100348aeb) [ 10.812984] [ 10.813080] The buggy address belongs to the physical page: [ 10.813721] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 10.814367] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.814598] flags: 0x200000000000040(head|node=0|zone=2) [ 10.814874] page_type: f5(slab) [ 10.815174] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.815918] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.816720] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.817316] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.817917] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 10.818531] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.819316] page dumped because: kasan: bad access detected [ 10.819812] [ 10.819968] Memory state around the buggy address: [ 10.820258] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.820570] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.820841] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.821701] ^ [ 10.822313] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.823069] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.823554] ================================================================== [ 10.991329] ================================================================== [ 10.991658] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.991932] Write of size 1 at addr ffff8881039120f0 by task kunit_try_catch/179 [ 10.992181] [ 10.992356] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.992400] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.992411] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.992443] Call Trace: [ 10.992463] <TASK> [ 10.992476] dump_stack_lvl+0x73/0xb0 [ 10.992500] print_report+0xd1/0x650 [ 10.992534] ? __virt_addr_valid+0x1db/0x2d0 [ 10.992555] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.992575] ? kasan_addr_to_slab+0x11/0xa0 [ 10.992596] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.992616] kasan_report+0x141/0x180 [ 10.992638] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.992673] __asan_report_store1_noabort+0x1b/0x30 [ 10.992694] krealloc_more_oob_helper+0x7eb/0x930 [ 10.992713] ? __schedule+0x10cc/0x2b60 [ 10.992735] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.992765] ? finish_task_switch.isra.0+0x153/0x700 [ 10.992787] ? __switch_to+0x5d9/0xf60 [ 10.992807] ? dequeue_task_fair+0x166/0x4e0 [ 10.992840] ? __schedule+0x10cc/0x2b60 [ 10.992862] ? __pfx_read_tsc+0x10/0x10 [ 10.992885] krealloc_large_more_oob+0x1c/0x30 [ 10.992904] kunit_try_run_case+0x1a5/0x480 [ 10.992928] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.992949] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.992972] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.992995] ? __kthread_parkme+0x82/0x180 [ 10.993016] ? preempt_count_sub+0x50/0x80 [ 10.993040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.993064] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.993086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.993109] kthread+0x337/0x6f0 [ 10.993125] ? trace_preempt_on+0x20/0xc0 [ 10.993148] ? __pfx_kthread+0x10/0x10 [ 10.993165] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.993187] ? calculate_sigpending+0x7b/0xa0 [ 10.993208] ? __pfx_kthread+0x10/0x10 [ 10.993226] ret_from_fork+0x41/0x80 [ 10.993273] ? __pfx_kthread+0x10/0x10 [ 10.993291] ret_from_fork_asm+0x1a/0x30 [ 10.993407] </TASK> [ 10.993421] [ 11.002890] The buggy address belongs to the physical page: [ 11.003159] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 11.003455] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 11.003898] flags: 0x200000000000040(head|node=0|zone=2) [ 11.004134] page_type: f8(unknown) [ 11.004556] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.004938] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.005261] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 11.005660] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 11.006005] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 11.006352] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 11.006716] page dumped because: kasan: bad access detected [ 11.006969] [ 11.007073] Memory state around the buggy address: [ 11.007224] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.007450] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.007911] >ffff888103912080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 11.008223] ^ [ 11.008831] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.009152] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 11.009581] ================================================================== [ 10.824174] ================================================================== [ 10.824936] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x7eb/0x930 [ 10.825576] Write of size 1 at addr ffff888100348af0 by task kunit_try_catch/175 [ 10.825841] [ 10.826095] CPU: 0 UID: 0 PID: 175 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.826140] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.826151] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.826171] Call Trace: [ 10.826186] <TASK> [ 10.826201] dump_stack_lvl+0x73/0xb0 [ 10.826225] print_report+0xd1/0x650 [ 10.826257] ? __virt_addr_valid+0x1db/0x2d0 [ 10.826278] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.826297] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.826330] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.826350] kasan_report+0x141/0x180 [ 10.826373] ? krealloc_more_oob_helper+0x7eb/0x930 [ 10.826408] __asan_report_store1_noabort+0x1b/0x30 [ 10.826430] krealloc_more_oob_helper+0x7eb/0x930 [ 10.826495] ? __schedule+0x10cc/0x2b60 [ 10.826521] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.826542] ? finish_task_switch.isra.0+0x153/0x700 [ 10.826571] ? __switch_to+0x5d9/0xf60 [ 10.826591] ? dequeue_task_fair+0x166/0x4e0 [ 10.826614] ? __schedule+0x10cc/0x2b60 [ 10.826636] ? __pfx_read_tsc+0x10/0x10 [ 10.826820] krealloc_more_oob+0x1c/0x30 [ 10.826843] kunit_try_run_case+0x1a5/0x480 [ 10.826867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.826888] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.826912] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.826935] ? __kthread_parkme+0x82/0x180 [ 10.826956] ? preempt_count_sub+0x50/0x80 [ 10.826980] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.827003] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.827025] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.827048] kthread+0x337/0x6f0 [ 10.827064] ? trace_preempt_on+0x20/0xc0 [ 10.827087] ? __pfx_kthread+0x10/0x10 [ 10.827105] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.827126] ? calculate_sigpending+0x7b/0xa0 [ 10.827147] ? __pfx_kthread+0x10/0x10 [ 10.827165] ret_from_fork+0x41/0x80 [ 10.827185] ? __pfx_kthread+0x10/0x10 [ 10.827203] ret_from_fork_asm+0x1a/0x30 [ 10.827232] </TASK> [ 10.827255] [ 10.842486] Allocated by task 175: [ 10.842926] kasan_save_stack+0x45/0x70 [ 10.843303] kasan_save_track+0x18/0x40 [ 10.843777] kasan_save_alloc_info+0x3b/0x50 [ 10.844216] __kasan_krealloc+0x190/0x1f0 [ 10.844399] krealloc_noprof+0xf3/0x340 [ 10.844844] krealloc_more_oob_helper+0x1a9/0x930 [ 10.845381] krealloc_more_oob+0x1c/0x30 [ 10.845876] kunit_try_run_case+0x1a5/0x480 [ 10.846035] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.846212] kthread+0x337/0x6f0 [ 10.846377] ret_from_fork+0x41/0x80 [ 10.846545] ret_from_fork_asm+0x1a/0x30 [ 10.846715] [ 10.846789] The buggy address belongs to the object at ffff888100348a00 [ 10.846789] which belongs to the cache kmalloc-256 of size 256 [ 10.847292] The buggy address is located 5 bytes to the right of [ 10.847292] allocated 235-byte region [ffff888100348a00, ffff888100348aeb) [ 10.848195] [ 10.848285] The buggy address belongs to the physical page: [ 10.848682] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x100348 [ 10.849142] head: order:1 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.849744] flags: 0x200000000000040(head|node=0|zone=2) [ 10.850066] page_type: f5(slab) [ 10.850270] raw: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.850677] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.850977] head: 0200000000000040 ffff888100041b40 dead000000000122 0000000000000000 [ 10.851441] head: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.851867] head: 0200000000000001 ffffea000400d201 00000000ffffffff 00000000ffffffff [ 10.852192] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000002 [ 10.852576] page dumped because: kasan: bad access detected [ 10.852888] [ 10.852979] Memory state around the buggy address: [ 10.853232] ffff888100348980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.853755] ffff888100348a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.854376] >ffff888100348a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc fc [ 10.854723] ^ [ 10.854980] ffff888100348b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.855339] ffff888100348b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.855667] ================================================================== [ 10.972445] ================================================================== [ 10.972983] BUG: KASAN: slab-out-of-bounds in krealloc_more_oob_helper+0x821/0x930 [ 10.973350] Write of size 1 at addr ffff8881039120eb by task kunit_try_catch/179 [ 10.973740] [ 10.973925] CPU: 0 UID: 0 PID: 179 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.973973] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.973984] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.974006] Call Trace: [ 10.974020] <TASK> [ 10.974036] dump_stack_lvl+0x73/0xb0 [ 10.974063] print_report+0xd1/0x650 [ 10.974085] ? __virt_addr_valid+0x1db/0x2d0 [ 10.974108] ? krealloc_more_oob_helper+0x821/0x930 [ 10.974127] ? kasan_addr_to_slab+0x11/0xa0 [ 10.974148] ? krealloc_more_oob_helper+0x821/0x930 [ 10.974184] kasan_report+0x141/0x180 [ 10.974207] ? krealloc_more_oob_helper+0x821/0x930 [ 10.974232] __asan_report_store1_noabort+0x1b/0x30 [ 10.974264] krealloc_more_oob_helper+0x821/0x930 [ 10.974283] ? __schedule+0x10cc/0x2b60 [ 10.974306] ? __pfx_krealloc_more_oob_helper+0x10/0x10 [ 10.974327] ? finish_task_switch.isra.0+0x153/0x700 [ 10.974350] ? __switch_to+0x5d9/0xf60 [ 10.974371] ? dequeue_task_fair+0x166/0x4e0 [ 10.974396] ? __schedule+0x10cc/0x2b60 [ 10.974418] ? __pfx_read_tsc+0x10/0x10 [ 10.974451] krealloc_large_more_oob+0x1c/0x30 [ 10.974470] kunit_try_run_case+0x1a5/0x480 [ 10.974495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.974527] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.974551] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.974574] ? __kthread_parkme+0x82/0x180 [ 10.974596] ? preempt_count_sub+0x50/0x80 [ 10.974620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.974643] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.974666] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.974688] kthread+0x337/0x6f0 [ 10.974705] ? trace_preempt_on+0x20/0xc0 [ 10.974728] ? __pfx_kthread+0x10/0x10 [ 10.974746] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.974767] ? calculate_sigpending+0x7b/0xa0 [ 10.974789] ? __pfx_kthread+0x10/0x10 [ 10.974807] ret_from_fork+0x41/0x80 [ 10.974826] ? __pfx_kthread+0x10/0x10 [ 10.974844] ret_from_fork_asm+0x1a/0x30 [ 10.974874] </TASK> [ 10.974894] [ 10.984128] The buggy address belongs to the physical page: [ 10.984473] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103910 [ 10.984752] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.985062] flags: 0x200000000000040(head|node=0|zone=2) [ 10.985340] page_type: f8(unknown) [ 10.985778] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.986125] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.986593] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.987034] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.987383] head: 0200000000000002 ffffea00040e4401 00000000ffffffff 00000000ffffffff [ 10.987807] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.988147] page dumped because: kasan: bad access detected [ 10.988513] [ 10.988610] Memory state around the buggy address: [ 10.988857] ffff888103911f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.989071] ffff888103912000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.989453] >ffff888103912080: 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fe fe [ 10.989956] ^ [ 10.990263] ffff888103912100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.990633] ffff888103912180: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.990903] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_left
[ 10.547890] ================================================================== [ 10.548449] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_left+0x361/0x3c0 [ 10.549366] Read of size 1 at addr ffff8881022240bf by task kunit_try_catch/157 [ 10.549896] [ 10.550007] CPU: 0 UID: 0 PID: 157 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.550060] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.550072] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.550096] Call Trace: [ 10.550109] <TASK> [ 10.550130] dump_stack_lvl+0x73/0xb0 [ 10.550159] print_report+0xd1/0x650 [ 10.550182] ? __virt_addr_valid+0x1db/0x2d0 [ 10.550205] ? kmalloc_oob_left+0x361/0x3c0 [ 10.550225] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.550263] ? kmalloc_oob_left+0x361/0x3c0 [ 10.550285] kasan_report+0x141/0x180 [ 10.550307] ? kmalloc_oob_left+0x361/0x3c0 [ 10.550334] __asan_report_load1_noabort+0x18/0x20 [ 10.550355] kmalloc_oob_left+0x361/0x3c0 [ 10.550377] ? __pfx_kmalloc_oob_left+0x10/0x10 [ 10.550399] ? __schedule+0x10cc/0x2b60 [ 10.550423] ? __pfx_read_tsc+0x10/0x10 [ 10.550442] ? ktime_get_ts64+0x86/0x230 [ 10.550469] kunit_try_run_case+0x1a5/0x480 [ 10.550495] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.550516] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.550553] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.550577] ? __kthread_parkme+0x82/0x180 [ 10.550599] ? preempt_count_sub+0x50/0x80 [ 10.550625] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.550648] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.550670] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.550692] kthread+0x337/0x6f0 [ 10.550708] ? trace_preempt_on+0x20/0xc0 [ 10.550732] ? __pfx_kthread+0x10/0x10 [ 10.550749] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.550770] ? calculate_sigpending+0x7b/0xa0 [ 10.550792] ? __pfx_kthread+0x10/0x10 [ 10.550810] ret_from_fork+0x41/0x80 [ 10.550830] ? __pfx_kthread+0x10/0x10 [ 10.550847] ret_from_fork_asm+0x1a/0x30 [ 10.550878] </TASK> [ 10.550890] [ 10.565355] Allocated by task 1: [ 10.565498] kasan_save_stack+0x45/0x70 [ 10.565849] kasan_save_track+0x18/0x40 [ 10.566165] kasan_save_alloc_info+0x3b/0x50 [ 10.566469] __kasan_kmalloc+0xb7/0xc0 [ 10.566756] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.566937] kvasprintf+0xc5/0x150 [ 10.567107] __kthread_create_on_node+0x18b/0x3a0 [ 10.567357] kthread_create_on_node+0xab/0xe0 [ 10.567516] create_worker+0x3e5/0x7b0 [ 10.567643] alloc_unbound_pwq+0x8ea/0xdb0 [ 10.567779] apply_wqattrs_prepare+0x332/0xd20 [ 10.568055] apply_workqueue_attrs_locked+0x4d/0xa0 [ 10.568408] alloc_workqueue+0xcc7/0x1ad0 [ 10.568809] latency_fsnotify_init+0x1b/0x50 [ 10.568998] do_one_initcall+0xd8/0x370 [ 10.569186] kernel_init_freeable+0x420/0x6f0 [ 10.569388] kernel_init+0x23/0x1e0 [ 10.569566] ret_from_fork+0x41/0x80 [ 10.569961] ret_from_fork_asm+0x1a/0x30 [ 10.570157] [ 10.570260] The buggy address belongs to the object at ffff8881022240a0 [ 10.570260] which belongs to the cache kmalloc-16 of size 16 [ 10.570898] The buggy address is located 18 bytes to the right of [ 10.570898] allocated 13-byte region [ffff8881022240a0, ffff8881022240ad) [ 10.571270] [ 10.571352] The buggy address belongs to the physical page: [ 10.571612] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102224 [ 10.572189] flags: 0x200000000000000(node=0|zone=2) [ 10.572598] page_type: f5(slab) [ 10.573059] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 10.573579] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 10.573915] page dumped because: kasan: bad access detected [ 10.574103] [ 10.574198] Memory state around the buggy address: [ 10.574487] ffff888102223f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.575184] ffff888102224000: 00 02 fc fc 00 02 fc fc fa fb fc fc fa fb fc fc [ 10.575664] >ffff888102224080: fa fb fc fc 00 05 fc fc 00 07 fc fc fc fc fc fc [ 10.576096] ^ [ 10.576385] ffff888102224100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.576828] ffff888102224180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.577076] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_oob_right
[ 10.462208] ================================================================== [ 10.463028] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6f0/0x7f0 [ 10.463798] Write of size 1 at addr ffff888102dc0573 by task kunit_try_catch/155 [ 10.464211] [ 10.465148] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.465448] Tainted: [N]=TEST [ 10.465481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.465713] Call Trace: [ 10.465779] <TASK> [ 10.465924] dump_stack_lvl+0x73/0xb0 [ 10.466009] print_report+0xd1/0x650 [ 10.466037] ? __virt_addr_valid+0x1db/0x2d0 [ 10.466062] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.466083] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.466106] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.466127] kasan_report+0x141/0x180 [ 10.466150] ? kmalloc_oob_right+0x6f0/0x7f0 [ 10.466176] __asan_report_store1_noabort+0x1b/0x30 [ 10.466197] kmalloc_oob_right+0x6f0/0x7f0 [ 10.466219] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.466253] ? sysvec_call_function_single+0x50/0x90 [ 10.466293] ? trace_hardirqs_on+0x37/0xe0 [ 10.466318] ? __pfx_read_tsc+0x10/0x10 [ 10.466338] ? ktime_get_ts64+0x86/0x230 [ 10.466365] kunit_try_run_case+0x1a5/0x480 [ 10.466390] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.466414] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.466439] ? __kthread_parkme+0x82/0x180 [ 10.466462] ? preempt_count_sub+0x50/0x80 [ 10.466488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.466511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.466533] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.466556] kthread+0x337/0x6f0 [ 10.466572] ? trace_preempt_on+0x20/0xc0 [ 10.466594] ? __pfx_kthread+0x10/0x10 [ 10.466611] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.466633] ? calculate_sigpending+0x7b/0xa0 [ 10.466655] ? __pfx_kthread+0x10/0x10 [ 10.466673] ret_from_fork+0x41/0x80 [ 10.466693] ? __pfx_kthread+0x10/0x10 [ 10.466711] ret_from_fork_asm+0x1a/0x30 [ 10.466764] </TASK> [ 10.466827] [ 10.479173] Allocated by task 155: [ 10.479452] kasan_save_stack+0x45/0x70 [ 10.479654] kasan_save_track+0x18/0x40 [ 10.480135] kasan_save_alloc_info+0x3b/0x50 [ 10.480464] __kasan_kmalloc+0xb7/0xc0 [ 10.480659] __kmalloc_cache_noprof+0x189/0x420 [ 10.481083] kmalloc_oob_right+0xa9/0x7f0 [ 10.481282] kunit_try_run_case+0x1a5/0x480 [ 10.481680] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.481995] kthread+0x337/0x6f0 [ 10.482264] ret_from_fork+0x41/0x80 [ 10.482427] ret_from_fork_asm+0x1a/0x30 [ 10.482641] [ 10.483127] The buggy address belongs to the object at ffff888102dc0500 [ 10.483127] which belongs to the cache kmalloc-128 of size 128 [ 10.484027] The buggy address is located 0 bytes to the right of [ 10.484027] allocated 115-byte region [ffff888102dc0500, ffff888102dc0573) [ 10.484864] [ 10.485358] The buggy address belongs to the physical page: [ 10.485954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 10.486785] flags: 0x200000000000000(node=0|zone=2) [ 10.487488] page_type: f5(slab) [ 10.488146] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.488617] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.489101] page dumped because: kasan: bad access detected [ 10.489368] [ 10.489476] Memory state around the buggy address: [ 10.490313] ffff888102dc0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.490623] ffff888102dc0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.491039] >ffff888102dc0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.491345] ^ [ 10.491748] ffff888102dc0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.492047] ffff888102dc0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.492746] ================================================================== [ 10.520380] ================================================================== [ 10.520970] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x68a/0x7f0 [ 10.521349] Read of size 1 at addr ffff888102dc0580 by task kunit_try_catch/155 [ 10.522092] [ 10.522204] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.522259] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.522271] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.522290] Call Trace: [ 10.522301] <TASK> [ 10.522316] dump_stack_lvl+0x73/0xb0 [ 10.522420] print_report+0xd1/0x650 [ 10.522443] ? __virt_addr_valid+0x1db/0x2d0 [ 10.522463] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.522485] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.522507] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.522529] kasan_report+0x141/0x180 [ 10.522551] ? kmalloc_oob_right+0x68a/0x7f0 [ 10.522578] __asan_report_load1_noabort+0x18/0x20 [ 10.522598] kmalloc_oob_right+0x68a/0x7f0 [ 10.522621] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.522642] ? sysvec_call_function_single+0x50/0x90 [ 10.522667] ? trace_hardirqs_on+0x37/0xe0 [ 10.522688] ? __pfx_read_tsc+0x10/0x10 [ 10.522707] ? ktime_get_ts64+0x86/0x230 [ 10.522731] kunit_try_run_case+0x1a5/0x480 [ 10.522755] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.522779] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.522803] ? __kthread_parkme+0x82/0x180 [ 10.522823] ? preempt_count_sub+0x50/0x80 [ 10.522848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.522871] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.522894] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.522917] kthread+0x337/0x6f0 [ 10.522933] ? trace_preempt_on+0x20/0xc0 [ 10.522955] ? __pfx_kthread+0x10/0x10 [ 10.522973] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.522994] ? calculate_sigpending+0x7b/0xa0 [ 10.523014] ? __pfx_kthread+0x10/0x10 [ 10.523032] ret_from_fork+0x41/0x80 [ 10.523052] ? __pfx_kthread+0x10/0x10 [ 10.523069] ret_from_fork_asm+0x1a/0x30 [ 10.523099] </TASK> [ 10.523109] [ 10.532367] Allocated by task 155: [ 10.532540] kasan_save_stack+0x45/0x70 [ 10.532997] kasan_save_track+0x18/0x40 [ 10.533426] kasan_save_alloc_info+0x3b/0x50 [ 10.533737] __kasan_kmalloc+0xb7/0xc0 [ 10.534116] __kmalloc_cache_noprof+0x189/0x420 [ 10.534345] kmalloc_oob_right+0xa9/0x7f0 [ 10.534537] kunit_try_run_case+0x1a5/0x480 [ 10.534926] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.535330] kthread+0x337/0x6f0 [ 10.535620] ret_from_fork+0x41/0x80 [ 10.535978] ret_from_fork_asm+0x1a/0x30 [ 10.536172] [ 10.536270] The buggy address belongs to the object at ffff888102dc0500 [ 10.536270] which belongs to the cache kmalloc-128 of size 128 [ 10.537038] The buggy address is located 13 bytes to the right of [ 10.537038] allocated 115-byte region [ffff888102dc0500, ffff888102dc0573) [ 10.537968] [ 10.538064] The buggy address belongs to the physical page: [ 10.538488] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 10.539199] flags: 0x200000000000000(node=0|zone=2) [ 10.539556] page_type: f5(slab) [ 10.539874] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.540204] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.540520] page dumped because: kasan: bad access detected [ 10.540969] [ 10.541179] Memory state around the buggy address: [ 10.541642] ffff888102dc0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.542109] ffff888102dc0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.542594] >ffff888102dc0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.543030] ^ [ 10.543193] ffff888102dc0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.543496] ffff888102dc0680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.543893] ================================================================== [ 10.494499] ================================================================== [ 10.494981] BUG: KASAN: slab-out-of-bounds in kmalloc_oob_right+0x6bd/0x7f0 [ 10.495487] Write of size 1 at addr ffff888102dc0578 by task kunit_try_catch/155 [ 10.495835] [ 10.495949] CPU: 1 UID: 0 PID: 155 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.495992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.496003] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.496281] Call Trace: [ 10.496297] <TASK> [ 10.496312] dump_stack_lvl+0x73/0xb0 [ 10.496338] print_report+0xd1/0x650 [ 10.496361] ? __virt_addr_valid+0x1db/0x2d0 [ 10.496393] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.496414] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.496436] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.496458] kasan_report+0x141/0x180 [ 10.496481] ? kmalloc_oob_right+0x6bd/0x7f0 [ 10.496507] __asan_report_store1_noabort+0x1b/0x30 [ 10.496528] kmalloc_oob_right+0x6bd/0x7f0 [ 10.496550] ? __pfx_kmalloc_oob_right+0x10/0x10 [ 10.496572] ? sysvec_call_function_single+0x50/0x90 [ 10.496596] ? trace_hardirqs_on+0x37/0xe0 [ 10.496618] ? __pfx_read_tsc+0x10/0x10 [ 10.496637] ? ktime_get_ts64+0x86/0x230 [ 10.496814] kunit_try_run_case+0x1a5/0x480 [ 10.496844] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.496868] ? queued_spin_lock_slowpath+0x116/0xb40 [ 10.496892] ? __kthread_parkme+0x82/0x180 [ 10.496913] ? preempt_count_sub+0x50/0x80 [ 10.496937] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.496961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.496984] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.497006] kthread+0x337/0x6f0 [ 10.497022] ? trace_preempt_on+0x20/0xc0 [ 10.497044] ? __pfx_kthread+0x10/0x10 [ 10.497062] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.497083] ? calculate_sigpending+0x7b/0xa0 [ 10.497104] ? __pfx_kthread+0x10/0x10 [ 10.497122] ret_from_fork+0x41/0x80 [ 10.497142] ? __pfx_kthread+0x10/0x10 [ 10.497160] ret_from_fork_asm+0x1a/0x30 [ 10.497189] </TASK> [ 10.497199] [ 10.507886] Allocated by task 155: [ 10.508032] kasan_save_stack+0x45/0x70 [ 10.508234] kasan_save_track+0x18/0x40 [ 10.508681] kasan_save_alloc_info+0x3b/0x50 [ 10.508834] __kasan_kmalloc+0xb7/0xc0 [ 10.509155] __kmalloc_cache_noprof+0x189/0x420 [ 10.509546] kmalloc_oob_right+0xa9/0x7f0 [ 10.509771] kunit_try_run_case+0x1a5/0x480 [ 10.510117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.510686] kthread+0x337/0x6f0 [ 10.510832] ret_from_fork+0x41/0x80 [ 10.511010] ret_from_fork_asm+0x1a/0x30 [ 10.511497] [ 10.511603] The buggy address belongs to the object at ffff888102dc0500 [ 10.511603] which belongs to the cache kmalloc-128 of size 128 [ 10.512432] The buggy address is located 5 bytes to the right of [ 10.512432] allocated 115-byte region [ffff888102dc0500, ffff888102dc0573) [ 10.513133] [ 10.513219] The buggy address belongs to the physical page: [ 10.513542] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 10.514096] flags: 0x200000000000000(node=0|zone=2) [ 10.514554] page_type: f5(slab) [ 10.514690] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.515232] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.515689] page dumped because: kasan: bad access detected [ 10.516019] [ 10.516091] Memory state around the buggy address: [ 10.516406] ffff888102dc0400: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.517067] ffff888102dc0480: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.517573] >ffff888102dc0500: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 10.518050] ^ [ 10.518425] ffff888102dc0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.518766] ffff888102dc0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.519159] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_vscale
------------[ cut here ]------------ [ 143.895315] WARNING: CPU: 1 PID: 2740 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.895726] Modules linked in: [ 143.895890] CPU: 1 UID: 0 PID: 2740 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.896217] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.896446] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.897010] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.897568] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 c3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.898241] RSP: 0000:ffff888102c7fc78 EFLAGS: 00010286 [ 143.898525] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.898820] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff9562405c [ 143.899121] RBP: ffff888102c7fca0 R08: 0000000000000000 R09: ffffed1020628f00 [ 143.899692] R10: ffff888103147807 R11: 0000000000000000 R12: ffffffff95624048 [ 143.900086] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102c7fd38 [ 143.900356] FS: 0000000000000000(0000) GS:ffff8881c3b92000(0000) knlGS:0000000000000000 [ 143.900920] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.901176] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.901731] DR0: ffffffff97631904 DR1: ffffffff97631909 DR2: ffffffff9763190a [ 143.902078] DR3: ffffffff9763190b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.902433] Call Trace: [ 143.902904] <TASK> [ 143.903063] drm_test_rect_calc_vscale+0x108/0x270 [ 143.903483] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.903808] ? __schedule+0x10cc/0x2b60 [ 143.904078] ? __pfx_read_tsc+0x10/0x10 [ 143.904351] ? ktime_get_ts64+0x86/0x230 [ 143.904667] kunit_try_run_case+0x1a5/0x480 [ 143.904924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.905180] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.905564] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.905798] ? __kthread_parkme+0x82/0x180 [ 143.906022] ? preempt_count_sub+0x50/0x80 [ 143.906224] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.906597] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.906807] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.907176] kthread+0x337/0x6f0 [ 143.907405] ? trace_preempt_on+0x20/0xc0 [ 143.907889] ? __pfx_kthread+0x10/0x10 [ 143.908145] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.908516] ? calculate_sigpending+0x7b/0xa0 [ 143.908789] ? __pfx_kthread+0x10/0x10 [ 143.908982] ret_from_fork+0x41/0x80 [ 143.909284] ? __pfx_kthread+0x10/0x10 [ 143.909464] ret_from_fork_asm+0x1a/0x30 [ 143.909780] </TASK> [ 143.910089] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.914866] WARNING: CPU: 0 PID: 2742 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_vscale+0x130/0x190 [ 143.915663] Modules linked in: [ 143.915816] CPU: 0 UID: 0 PID: 2742 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.916147] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.916360] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.916877] RIP: 0010:drm_rect_calc_vscale+0x130/0x190 [ 143.917157] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d e9 40 c3 1a 02 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.918205] RSP: 0000:ffff888102617c78 EFLAGS: 00010286 [ 143.918534] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.918826] RDX: 0000000000000007 RSI: 0000000000000000 RDI: ffffffff95624094 [ 143.919123] RBP: ffff888102617ca0 R08: 0000000000000000 R09: ffffed102047a820 [ 143.919607] R10: ffff8881023d4107 R11: 0000000000000000 R12: ffffffff95624080 [ 143.919931] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102617d38 [ 143.920245] FS: 0000000000000000(0000) GS:ffff8881c3a92000(0000) knlGS:0000000000000000 [ 143.920584] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.920961] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.921233] DR0: ffffffff97631900 DR1: ffffffff97631901 DR2: ffffffff97631903 [ 143.921760] DR3: ffffffff97631905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.922091] Call Trace: [ 143.922220] <TASK> [ 143.922413] drm_test_rect_calc_vscale+0x108/0x270 [ 143.922641] ? __pfx_drm_test_rect_calc_vscale+0x10/0x10 [ 143.922948] ? __schedule+0x10cc/0x2b60 [ 143.923168] ? __pfx_read_tsc+0x10/0x10 [ 143.923514] ? ktime_get_ts64+0x86/0x230 [ 143.923807] kunit_try_run_case+0x1a5/0x480 [ 143.924059] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.924256] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.924487] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.924794] ? __kthread_parkme+0x82/0x180 [ 143.925047] ? preempt_count_sub+0x50/0x80 [ 143.925367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.925610] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.925893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.926151] kthread+0x337/0x6f0 [ 143.926378] ? trace_preempt_on+0x20/0xc0 [ 143.926685] ? __pfx_kthread+0x10/0x10 [ 143.926876] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.927041] ? calculate_sigpending+0x7b/0xa0 [ 143.927281] ? __pfx_kthread+0x10/0x10 [ 143.927567] ret_from_fork+0x41/0x80 [ 143.927984] ? __pfx_kthread+0x10/0x10 [ 143.928186] ret_from_fork_asm+0x1a/0x30 [ 143.928622] </TASK> [ 143.928747] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_rect-drm_rect_calc_hscale
------------[ cut here ]------------ [ 143.862849] WARNING: CPU: 0 PID: 2730 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.863242] Modules linked in: [ 143.863590] CPU: 0 UID: 0 PID: 2730 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.864025] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.864290] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.865028] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.865266] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.866068] RSP: 0000:ffff888102bb7c78 EFLAGS: 00010286 [ 143.866388] RAX: 0000000000010000 RBX: 00000000ffff0000 RCX: 00000000ffff0000 [ 143.866673] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff95624098 [ 143.866960] RBP: ffff888102bb7ca0 R08: 0000000000000000 R09: ffffed1020628e60 [ 143.867235] R10: ffff888103147307 R11: 0000000000000000 R12: ffffffff95624080 [ 143.867553] R13: 0000000000000000 R14: 000000007fffffff R15: ffff888102bb7d38 [ 143.868016] FS: 0000000000000000(0000) GS:ffff8881c3a92000(0000) knlGS:0000000000000000 [ 143.868345] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.868655] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.868950] DR0: ffffffff97631900 DR1: ffffffff97631901 DR2: ffffffff97631903 [ 143.869247] DR3: ffffffff97631905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.869574] Call Trace: [ 143.869788] <TASK> [ 143.869919] drm_test_rect_calc_hscale+0x108/0x270 [ 143.870165] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.870473] ? __schedule+0x10cc/0x2b60 [ 143.870652] ? __pfx_read_tsc+0x10/0x10 [ 143.870865] ? ktime_get_ts64+0x86/0x230 [ 143.871041] kunit_try_run_case+0x1a5/0x480 [ 143.871230] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.871462] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.871681] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.872058] ? __kthread_parkme+0x82/0x180 [ 143.872269] ? preempt_count_sub+0x50/0x80 [ 143.872455] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.872850] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.873117] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.873597] kthread+0x337/0x6f0 [ 143.873778] ? trace_preempt_on+0x20/0xc0 [ 143.874006] ? __pfx_kthread+0x10/0x10 [ 143.874179] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.874523] ? calculate_sigpending+0x7b/0xa0 [ 143.874691] ? __pfx_kthread+0x10/0x10 [ 143.874906] ret_from_fork+0x41/0x80 [ 143.875095] ? __pfx_kthread+0x10/0x10 [ 143.875288] ret_from_fork_asm+0x1a/0x30 [ 143.875474] </TASK> [ 143.875673] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 143.845158] WARNING: CPU: 1 PID: 2728 at drivers/gpu/drm/drm_rect.c:137 drm_rect_calc_hscale+0x125/0x190 [ 143.846765] Modules linked in: [ 143.846974] CPU: 1 UID: 0 PID: 2728 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.847328] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.847544] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.847931] RIP: 0010:drm_rect_calc_hscale+0x125/0x190 [ 143.848364] Code: 7f 43 41 39 ce 7c 3e 48 83 c4 08 89 c8 5b 41 5c 41 5d 41 5e 5d c3 cc cc cc cc 8d 44 08 ff 99 f7 f9 89 c1 85 c0 79 d6 eb de 90 <0f> 0b 90 b9 ea ff ff ff 48 83 c4 08 5b 89 c8 41 5c 41 5d 41 5e 5d [ 143.849206] RSP: 0000:ffff88810252fc78 EFLAGS: 00010286 [ 143.849442] RAX: 00000000ffff0000 RBX: 00000000ffff0000 RCX: 0000000000010000 [ 143.850110] RDX: 0000000000000003 RSI: 0000000000000000 RDI: ffffffff95624060 [ 143.850542] RBP: ffff88810252fca0 R08: 0000000000000000 R09: ffffed1020628e00 [ 143.850825] R10: ffff888103147007 R11: 0000000000000000 R12: ffffffff95624048 [ 143.851214] R13: 0000000000000000 R14: 000000007fffffff R15: ffff88810252fd38 [ 143.851621] FS: 0000000000000000(0000) GS:ffff8881c3b92000(0000) knlGS:0000000000000000 [ 143.851977] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.852216] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.852614] DR0: ffffffff97631904 DR1: ffffffff97631909 DR2: ffffffff9763190a [ 143.852909] DR3: ffffffff9763190b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.853189] Call Trace: [ 143.853313] <TASK> [ 143.853636] drm_test_rect_calc_hscale+0x108/0x270 [ 143.853887] ? __pfx_drm_test_rect_calc_hscale+0x10/0x10 [ 143.854087] ? __schedule+0x10cc/0x2b60 [ 143.854331] ? __pfx_read_tsc+0x10/0x10 [ 143.854544] ? ktime_get_ts64+0x86/0x230 [ 143.854740] kunit_try_run_case+0x1a5/0x480 [ 143.854940] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.855178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.855379] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.855624] ? __kthread_parkme+0x82/0x180 [ 143.855948] ? preempt_count_sub+0x50/0x80 [ 143.856122] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.856318] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.856635] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.856935] kthread+0x337/0x6f0 [ 143.857099] ? trace_preempt_on+0x20/0xc0 [ 143.857273] ? __pfx_kthread+0x10/0x10 [ 143.857410] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.857849] ? calculate_sigpending+0x7b/0xa0 [ 143.858068] ? __pfx_kthread+0x10/0x10 [ 143.858251] ret_from_fork+0x41/0x80 [ 143.858416] ? __pfx_kthread+0x10/0x10 [ 143.858684] ret_from_fork_asm+0x1a/0x30 [ 143.858893] </TASK> [ 143.859021] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_framebuffer-drm_framebuffer_init
------------[ cut here ]------------ [ 143.034265] WARNING: CPU: 0 PID: 2526 at drivers/gpu/drm/drm_framebuffer.c:867 drm_framebuffer_init+0x44/0x300 [ 143.034750] Modules linked in: [ 143.035126] CPU: 0 UID: 0 PID: 2526 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.035680] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.036058] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.036494] RIP: 0010:drm_framebuffer_init+0x44/0x300 [ 143.036765] Code: 56 49 89 d6 48 89 f2 41 55 48 c1 ea 03 41 54 49 89 fc 53 48 89 f3 48 83 ec 18 80 3c 02 00 0f 85 00 02 00 00 4c 39 23 74 20 90 <0f> 0b 90 41 bd ea ff ff ff 48 83 c4 18 44 89 e8 5b 41 5c 41 5d 41 [ 143.037639] RSP: 0000:ffff8881025c7b30 EFLAGS: 00010246 [ 143.037913] RAX: dffffc0000000000 RBX: ffff8881025c7c28 RCX: 0000000000000000 [ 143.038407] RDX: 1ffff110204b8f8e RSI: ffff8881025c7c28 RDI: ffff8881025c7c70 [ 143.038720] RBP: ffff8881025c7b70 R08: ffff888102367000 R09: ffffffff955cab60 [ 143.039030] R10: 0000000000000003 R11: 00000000316f8648 R12: ffff888102367000 [ 143.039330] R13: ffff88810031fae8 R14: ffff8881025c7ba8 R15: 0000000000000000 [ 143.039621] FS: 0000000000000000(0000) GS:ffff8881c3a92000(0000) knlGS:0000000000000000 [ 143.039965] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.040203] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.040484] DR0: ffffffff97631900 DR1: ffffffff97631901 DR2: ffffffff97631903 [ 143.040773] DR3: ffffffff97631905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.041112] Call Trace: [ 143.041226] <TASK> [ 143.041378] ? add_dr+0xc1/0x1d0 [ 143.041587] drm_test_framebuffer_init_bad_format+0xfc/0x240 [ 143.041873] ? add_dr+0x148/0x1d0 [ 143.042076] ? __pfx_drm_test_framebuffer_init_bad_format+0x10/0x10 [ 143.042481] ? __drmm_add_action+0x1a4/0x280 [ 143.042760] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.043038] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.043545] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.043761] ? __schedule+0x10cc/0x2b60 [ 143.043929] ? __pfx_read_tsc+0x10/0x10 [ 143.044169] ? ktime_get_ts64+0x86/0x230 [ 143.044639] kunit_try_run_case+0x1a5/0x480 [ 143.044897] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.045152] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.045498] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.045740] ? __kthread_parkme+0x82/0x180 [ 143.046008] ? preempt_count_sub+0x50/0x80 [ 143.046527] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.046819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.047098] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.047538] kthread+0x337/0x6f0 [ 143.047745] ? trace_preempt_on+0x20/0xc0 [ 143.047970] ? __pfx_kthread+0x10/0x10 [ 143.048184] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.048524] ? calculate_sigpending+0x7b/0xa0 [ 143.048753] ? __pfx_kthread+0x10/0x10 [ 143.049025] ret_from_fork+0x41/0x80 [ 143.049229] ? __pfx_kthread+0x10/0x10 [ 143.049575] ret_from_fork_asm+0x1a/0x30 [ 143.049772] </TASK> [ 143.049923] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-drm-kunit-mock-device-drm_test_framebuffer_freedrm-kunit-mock-device-drm-drm_warn_onlist_empty-filp_head
------------[ cut here ]------------ [ 142.998381] drm-kunit-mock-device drm_test_framebuffer_free.drm-kunit-mock-device: [drm] drm_WARN_ON(!list_empty(&fb->filp_head)) [ 142.998955] WARNING: CPU: 1 PID: 2522 at drivers/gpu/drm/drm_framebuffer.c:832 drm_framebuffer_free+0x13f/0x1c0 [ 143.000225] Modules linked in: [ 143.000775] CPU: 1 UID: 0 PID: 2522 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 143.001425] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 143.001707] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 143.002096] RIP: 0010:drm_framebuffer_free+0x13f/0x1c0 [ 143.002396] Code: 8b 7d 50 4d 85 ff 74 2b 4c 89 ef e8 0b 86 84 00 48 c7 c1 60 5b 5c 95 4c 89 fa 48 c7 c7 c0 5b 5c 95 48 89 c6 e8 02 a1 81 fe 90 <0f> 0b 90 90 e9 1c ff ff ff 48 b8 00 00 00 00 00 fc ff df 4c 89 ea [ 143.003397] RSP: 0000:ffff888102337b68 EFLAGS: 00010282 [ 143.003644] RAX: 0000000000000000 RBX: ffff888102337c40 RCX: 1ffffffff2c64b60 [ 143.003957] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000001 [ 143.004251] RBP: ffff888102337b90 R08: 0000000000000000 R09: fffffbfff2c64b60 [ 143.004790] R10: 0000000000000003 R11: 0000000000037748 R12: ffff888102337c18 [ 143.005112] R13: ffff888101b64800 R14: ffff8881023f0000 R15: ffff888108414a80 [ 143.005487] FS: 0000000000000000(0000) GS:ffff8881c3b92000(0000) knlGS:0000000000000000 [ 143.006120] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 143.006466] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 143.006774] DR0: ffffffff97631904 DR1: ffffffff97631909 DR2: ffffffff9763190a [ 143.007097] DR3: ffffffff9763190b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 143.007400] Call Trace: [ 143.007667] <TASK> [ 143.007860] drm_test_framebuffer_free+0x1ab/0x610 [ 143.008046] ? __pfx_drm_test_framebuffer_free+0x10/0x10 [ 143.008342] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.008797] ? __pfx_drm_mode_config_init_release+0x10/0x10 [ 143.009093] ? __drmm_add_action_or_reset+0x22/0x50 [ 143.009583] ? __schedule+0x10cc/0x2b60 [ 143.009756] ? __pfx_read_tsc+0x10/0x10 [ 143.010036] ? ktime_get_ts64+0x86/0x230 [ 143.010263] kunit_try_run_case+0x1a5/0x480 [ 143.010546] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.011039] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 143.011325] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 143.011667] ? __kthread_parkme+0x82/0x180 [ 143.011912] ? preempt_count_sub+0x50/0x80 [ 143.012131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 143.012604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 143.012869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 143.013178] kthread+0x337/0x6f0 [ 143.013430] ? trace_preempt_on+0x20/0xc0 [ 143.013624] ? __pfx_kthread+0x10/0x10 [ 143.014159] ? _raw_spin_unlock_irq+0x47/0x80 [ 143.014509] ? calculate_sigpending+0x7b/0xa0 [ 143.014768] ? __pfx_kthread+0x10/0x10 [ 143.014993] ret_from_fork+0x41/0x80 [ 143.015199] ? __pfx_kthread+0x10/0x10 [ 143.015435] ret_from_fork_asm+0x1a/0x30 [ 143.015799] </TASK> [ 143.015937] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-driversgpudrmdrm_connector-drm_connector_dynamic_register
------------[ cut here ]------------ [ 141.668207] WARNING: CPU: 0 PID: 1960 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.668698] Modules linked in: [ 141.668991] CPU: 0 UID: 0 PID: 1960 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 141.669771] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.670066] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.671068] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.671559] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 06 22 02 48 89 df e8 d8 [ 141.672572] RSP: 0000:ffff88810796fc90 EFLAGS: 00010246 [ 141.672988] RAX: dffffc0000000000 RBX: ffff888107ea0000 RCX: 0000000000000000 [ 141.673483] RDX: 1ffff11020fd4032 RSI: ffffffff927f59b8 RDI: ffff888107ea0190 [ 141.673907] RBP: ffff88810796fca0 R08: 1ffff11020063f69 R09: ffffed1020f2df65 [ 141.674209] R10: 0000000000000003 R11: ffffffff91d82d58 R12: 0000000000000000 [ 141.674715] R13: ffff88810796fd38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 141.675035] FS: 0000000000000000(0000) GS:ffff8881c3a92000(0000) knlGS:0000000000000000 [ 141.675640] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.676020] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 141.676443] DR0: ffffffff97631900 DR1: ffffffff97631901 DR2: ffffffff97631903 [ 141.676965] DR3: ffffffff97631905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.677233] Call Trace: [ 141.677649] <TASK> [ 141.677791] drm_test_drm_connector_dynamic_register_no_init+0x104/0x290 [ 141.678209] ? __pfx_drm_test_drm_connector_dynamic_register_no_init+0x10/0x10 [ 141.678797] ? __schedule+0x10cc/0x2b60 [ 141.679012] ? __pfx_read_tsc+0x10/0x10 [ 141.679220] ? ktime_get_ts64+0x86/0x230 [ 141.679404] kunit_try_run_case+0x1a5/0x480 [ 141.679956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.680157] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.680486] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.680772] ? __kthread_parkme+0x82/0x180 [ 141.681345] ? preempt_count_sub+0x50/0x80 [ 141.681562] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.681777] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.682000] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.682262] kthread+0x337/0x6f0 [ 141.682569] ? trace_preempt_on+0x20/0xc0 [ 141.682792] ? __pfx_kthread+0x10/0x10 [ 141.682976] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.683195] ? calculate_sigpending+0x7b/0xa0 [ 141.683910] ? __pfx_kthread+0x10/0x10 [ 141.684061] ret_from_fork+0x41/0x80 [ 141.684588] ? __pfx_kthread+0x10/0x10 [ 141.684908] ret_from_fork_asm+0x1a/0x30 [ 141.685223] </TASK> [ 141.685646] ---[ end trace 0000000000000000 ]--- ------------[ cut here ]------------ [ 141.585665] WARNING: CPU: 0 PID: 1952 at drivers/gpu/drm/drm_connector.c:861 drm_connector_dynamic_register+0xbf/0x110 [ 141.586587] Modules linked in: [ 141.587261] CPU: 0 UID: 0 PID: 1952 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 141.587850] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 141.588032] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 141.588325] RIP: 0010:drm_connector_dynamic_register+0xbf/0x110 [ 141.589415] Code: 49 8d 7c 24 58 48 89 fa 48 c1 ea 03 0f b6 04 02 84 c0 74 02 7e 36 31 c0 41 80 7c 24 58 00 75 1b 5b 41 5c 5d c3 cc cc cc cc 90 <0f> 0b 90 b8 ea ff ff ff 5b 41 5c 5d e9 90 06 22 02 48 89 df e8 d8 [ 141.591360] RSP: 0000:ffff888106f47c90 EFLAGS: 00010246 [ 141.591948] RAX: dffffc0000000000 RBX: ffff888107db4000 RCX: 0000000000000000 [ 141.592373] RDX: 1ffff11020fb6832 RSI: ffffffff927f59b8 RDI: ffff888107db4190 [ 141.592583] RBP: ffff888106f47ca0 R08: 1ffff11020063f69 R09: ffffed1020de8f65 [ 141.592788] R10: 0000000000000003 R11: ffffffff912049aa R12: 0000000000000000 [ 141.593007] R13: ffff888106f47d38 R14: ffff88810031fc50 R15: ffff88810031fc58 [ 141.593220] FS: 0000000000000000(0000) GS:ffff8881c3a92000(0000) knlGS:0000000000000000 [ 141.593467] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 141.593929] CR2: 00007ffff7ffe000 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 141.594200] DR0: ffffffff97631900 DR1: ffffffff97631901 DR2: ffffffff97631903 [ 141.594413] DR3: ffffffff97631905 DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 141.594931] Call Trace: [ 141.595183] <TASK> [ 141.595356] drm_test_drm_connector_dynamic_register_early_no_init+0x104/0x290 [ 141.595967] ? __pfx_drm_test_drm_connector_dynamic_register_early_no_init+0x10/0x10 [ 141.596904] ? __schedule+0x10cc/0x2b60 [ 141.597132] ? __pfx_read_tsc+0x10/0x10 [ 141.597354] ? ktime_get_ts64+0x86/0x230 [ 141.597723] kunit_try_run_case+0x1a5/0x480 [ 141.598101] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.598340] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 141.598601] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 141.598942] ? __kthread_parkme+0x82/0x180 [ 141.599123] ? preempt_count_sub+0x50/0x80 [ 141.599461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 141.599696] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 141.599954] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 141.600248] kthread+0x337/0x6f0 [ 141.600541] ? trace_preempt_on+0x20/0xc0 [ 141.600772] ? __pfx_kthread+0x10/0x10 [ 141.600944] ? _raw_spin_unlock_irq+0x47/0x80 [ 141.601163] ? calculate_sigpending+0x7b/0xa0 [ 141.601337] ? __pfx_kthread+0x10/0x10 [ 141.601818] ret_from_fork+0x41/0x80 [ 141.602039] ? __pfx_kthread+0x10/0x10 [ 141.602219] ret_from_fork_asm+0x1a/0x30 [ 141.602543] </TASK> [ 141.602693] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_krealloc
[ 47.882242] ================================================================== [ 47.882673] BUG: KFENCE: use-after-free read in test_krealloc+0x6fc/0xbe0 [ 47.882673] [ 47.883118] Use-after-free read at 0x(____ptrval____) (in kfence-#138): [ 47.883445] test_krealloc+0x6fc/0xbe0 [ 47.883687] kunit_try_run_case+0x1a5/0x480 [ 47.883916] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.884226] kthread+0x337/0x6f0 [ 47.884371] ret_from_fork+0x41/0x80 [ 47.884582] ret_from_fork_asm+0x1a/0x30 [ 47.884828] [ 47.884950] kfence-#138: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 47.884950] [ 47.885501] allocated by task 357 on cpu 0 at 47.881592s (0.003905s ago): [ 47.885737] test_alloc+0x364/0x10f0 [ 47.885946] test_krealloc+0xad/0xbe0 [ 47.886149] kunit_try_run_case+0x1a5/0x480 [ 47.886361] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.886650] kthread+0x337/0x6f0 [ 47.886812] ret_from_fork+0x41/0x80 [ 47.886999] ret_from_fork_asm+0x1a/0x30 [ 47.887234] [ 47.887350] freed by task 357 on cpu 0 at 47.881868s (0.005479s ago): [ 47.887649] krealloc_noprof+0x108/0x340 [ 47.887792] test_krealloc+0x226/0xbe0 [ 47.887928] kunit_try_run_case+0x1a5/0x480 [ 47.888229] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.888678] kthread+0x337/0x6f0 [ 47.888857] ret_from_fork+0x41/0x80 [ 47.889058] ret_from_fork_asm+0x1a/0x30 [ 47.889328] [ 47.889430] CPU: 0 UID: 0 PID: 357 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 47.890023] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.890189] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.890614] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_memcache_typesafe_by_rcu
[ 47.794626] ================================================================== [ 47.795102] BUG: KFENCE: use-after-free read in test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.795102] [ 47.795560] Use-after-free read at 0x(____ptrval____) (in kfence-#137): [ 47.795848] test_memcache_typesafe_by_rcu+0x2ec/0x670 [ 47.796110] kunit_try_run_case+0x1a5/0x480 [ 47.796281] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.796476] kthread+0x337/0x6f0 [ 47.797371] ret_from_fork+0x41/0x80 [ 47.797597] ret_from_fork_asm+0x1a/0x30 [ 47.797788] [ 47.797889] kfence-#137: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 47.797889] [ 47.798268] allocated by task 355 on cpu 0 at 47.777621s (0.020645s ago): [ 47.798550] test_alloc+0x2a6/0x10f0 [ 47.799093] test_memcache_typesafe_by_rcu+0x16f/0x670 [ 47.799311] kunit_try_run_case+0x1a5/0x480 [ 47.799659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.799976] kthread+0x337/0x6f0 [ 47.800133] ret_from_fork+0x41/0x80 [ 47.800501] ret_from_fork_asm+0x1a/0x30 [ 47.800788] [ 47.800884] freed by task 355 on cpu 0 at 47.777708s (0.023174s ago): [ 47.801297] test_memcache_typesafe_by_rcu+0x1bf/0x670 [ 47.801630] kunit_try_run_case+0x1a5/0x480 [ 47.801821] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 47.802051] kthread+0x337/0x6f0 [ 47.802210] ret_from_fork+0x41/0x80 [ 47.802375] ret_from_fork_asm+0x1a/0x30 [ 47.802814] [ 47.802938] CPU: 0 UID: 0 PID: 355 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 47.803439] Tainted: [B]=BAD_PAGE, [N]=TEST [ 47.803617] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 47.804138] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-read-in-test_invalid_access
[ 23.148898] ================================================================== [ 23.149391] BUG: KFENCE: invalid read in test_invalid_access+0xf0/0x210 [ 23.149391] [ 23.150413] Invalid read at 0x(____ptrval____): [ 23.150606] test_invalid_access+0xf0/0x210 [ 23.151245] kunit_try_run_case+0x1a5/0x480 [ 23.151531] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 23.151979] kthread+0x337/0x6f0 [ 23.152282] ret_from_fork+0x41/0x80 [ 23.152680] ret_from_fork_asm+0x1a/0x30 [ 23.153012] [ 23.153260] CPU: 0 UID: 0 PID: 351 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 23.153935] Tainted: [B]=BAD_PAGE, [N]=TEST [ 23.154264] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 23.154798] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_kmalloc_aligned_oob_write
[ 22.921900] ================================================================== [ 22.922323] BUG: KFENCE: memory corruption in test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.922323] [ 22.922702] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#133): [ 22.923307] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.923527] kunit_try_run_case+0x1a5/0x480 [ 22.923772] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.923953] kthread+0x337/0x6f0 [ 22.924077] ret_from_fork+0x41/0x80 [ 22.924278] ret_from_fork_asm+0x1a/0x30 [ 22.924484] [ 22.924586] kfence-#133: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.924586] [ 22.924998] allocated by task 345 on cpu 0 at 22.921616s (0.003379s ago): [ 22.925321] test_alloc+0x364/0x10f0 [ 22.925507] test_kmalloc_aligned_oob_write+0xc8/0x340 [ 22.925754] kunit_try_run_case+0x1a5/0x480 [ 22.925971] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.926216] kthread+0x337/0x6f0 [ 22.926390] ret_from_fork+0x41/0x80 [ 22.926522] ret_from_fork_asm+0x1a/0x30 [ 22.926739] [ 22.926838] freed by task 345 on cpu 0 at 22.921758s (0.005077s ago): [ 22.927148] test_kmalloc_aligned_oob_write+0x24f/0x340 [ 22.927385] kunit_try_run_case+0x1a5/0x480 [ 22.927566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.927849] kthread+0x337/0x6f0 [ 22.927968] ret_from_fork+0x41/0x80 [ 22.928155] ret_from_fork_asm+0x1a/0x30 [ 22.928368] [ 22.928492] CPU: 0 UID: 0 PID: 345 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 22.928908] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.929049] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.929413] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_kmalloc_aligned_oob_read
[ 22.817824] ================================================================== [ 22.818231] BUG: KFENCE: out-of-bounds read in test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.818231] [ 22.818795] Out-of-bounds read at 0x(____ptrval____) (105B right of kfence-#132): [ 22.819093] test_kmalloc_aligned_oob_read+0x27e/0x560 [ 22.819418] kunit_try_run_case+0x1a5/0x480 [ 22.819675] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.819902] kthread+0x337/0x6f0 [ 22.820072] ret_from_fork+0x41/0x80 [ 22.820352] ret_from_fork_asm+0x1a/0x30 [ 22.820555] [ 22.820652] kfence-#132: 0x(____ptrval____)-0x(____ptrval____), size=73, cache=kmalloc-96 [ 22.820652] [ 22.821122] allocated by task 343 on cpu 1 at 22.817594s (0.003525s ago): [ 22.821425] test_alloc+0x364/0x10f0 [ 22.821697] test_kmalloc_aligned_oob_read+0x105/0x560 [ 22.821862] kunit_try_run_case+0x1a5/0x480 [ 22.822074] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 22.822367] kthread+0x337/0x6f0 [ 22.822551] ret_from_fork+0x41/0x80 [ 22.822791] ret_from_fork_asm+0x1a/0x30 [ 22.822932] [ 22.823027] CPU: 1 UID: 0 PID: 343 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 22.823501] Tainted: [B]=BAD_PAGE, [N]=TEST [ 22.823724] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 22.824233] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-memory-corruption-in-test_corruption
[ 17.825824] ================================================================== [ 17.826232] BUG: KFENCE: memory corruption in test_corruption+0x2df/0x3e0 [ 17.826232] [ 17.826553] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#84): [ 17.826973] test_corruption+0x2df/0x3e0 [ 17.827186] kunit_try_run_case+0x1a5/0x480 [ 17.827355] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.827603] kthread+0x337/0x6f0 [ 17.827762] ret_from_fork+0x41/0x80 [ 17.827898] ret_from_fork_asm+0x1a/0x30 [ 17.828105] [ 17.828206] kfence-#84: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.828206] [ 17.828605] allocated by task 331 on cpu 1 at 17.825566s (0.003036s ago): [ 17.828859] test_alloc+0x364/0x10f0 [ 17.829049] test_corruption+0x1cb/0x3e0 [ 17.829256] kunit_try_run_case+0x1a5/0x480 [ 17.829428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.829655] kthread+0x337/0x6f0 [ 17.829827] ret_from_fork+0x41/0x80 [ 17.829983] ret_from_fork_asm+0x1a/0x30 [ 17.830192] [ 17.830288] freed by task 331 on cpu 1 at 17.825664s (0.004622s ago): [ 17.830581] test_corruption+0x2df/0x3e0 [ 17.830772] kunit_try_run_case+0x1a5/0x480 [ 17.830922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.831098] kthread+0x337/0x6f0 [ 17.831281] ret_from_fork+0x41/0x80 [ 17.831473] ret_from_fork_asm+0x1a/0x30 [ 17.831670] [ 17.831790] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.832383] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.832526] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.833173] ================================================================== [ 18.241749] ================================================================== [ 18.242140] BUG: KFENCE: memory corruption in test_corruption+0x216/0x3e0 [ 18.242140] [ 18.242511] Corrupted memory at 0x(____ptrval____) [ ! ] (in kfence-#88): [ 18.242968] test_corruption+0x216/0x3e0 [ 18.243292] kunit_try_run_case+0x1a5/0x480 [ 18.243623] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.243836] kthread+0x337/0x6f0 [ 18.243973] ret_from_fork+0x41/0x80 [ 18.244164] ret_from_fork_asm+0x1a/0x30 [ 18.244378] [ 18.244480] kfence-#88: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.244480] [ 18.244940] allocated by task 333 on cpu 1 at 18.241634s (0.003304s ago): [ 18.245163] test_alloc+0x2a6/0x10f0 [ 18.245303] test_corruption+0x1cb/0x3e0 [ 18.245438] kunit_try_run_case+0x1a5/0x480 [ 18.245591] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.245865] kthread+0x337/0x6f0 [ 18.246048] ret_from_fork+0x41/0x80 [ 18.246277] ret_from_fork_asm+0x1a/0x30 [ 18.246515] [ 18.246615] freed by task 333 on cpu 1 at 18.241674s (0.004938s ago): [ 18.247042] test_corruption+0x216/0x3e0 [ 18.247254] kunit_try_run_case+0x1a5/0x480 [ 18.247480] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.247697] kthread+0x337/0x6f0 [ 18.247880] ret_from_fork+0x41/0x80 [ 18.248079] ret_from_fork_asm+0x1a/0x30 [ 18.248228] [ 18.248322] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 18.248635] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.248843] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.249294] ================================================================== [ 17.617860] ================================================================== [ 17.618298] BUG: KFENCE: memory corruption in test_corruption+0x2d2/0x3e0 [ 17.618298] [ 17.618660] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#82): [ 17.619388] test_corruption+0x2d2/0x3e0 [ 17.619606] kunit_try_run_case+0x1a5/0x480 [ 17.619842] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.620045] kthread+0x337/0x6f0 [ 17.620169] ret_from_fork+0x41/0x80 [ 17.620373] ret_from_fork_asm+0x1a/0x30 [ 17.620581] [ 17.620676] kfence-#82: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.620676] [ 17.621058] allocated by task 331 on cpu 1 at 17.617605s (0.003450s ago): [ 17.621325] test_alloc+0x364/0x10f0 [ 17.621520] test_corruption+0xe6/0x3e0 [ 17.621783] kunit_try_run_case+0x1a5/0x480 [ 17.621988] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.622186] kthread+0x337/0x6f0 [ 17.622317] ret_from_fork+0x41/0x80 [ 17.622473] ret_from_fork_asm+0x1a/0x30 [ 17.622675] [ 17.622797] freed by task 331 on cpu 1 at 17.617698s (0.005097s ago): [ 17.623067] test_corruption+0x2d2/0x3e0 [ 17.623207] kunit_try_run_case+0x1a5/0x480 [ 17.623427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.623686] kthread+0x337/0x6f0 [ 17.623935] ret_from_fork+0x41/0x80 [ 17.624113] ret_from_fork_asm+0x1a/0x30 [ 17.624293] [ 17.624414] CPU: 1 UID: 0 PID: 331 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.624880] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.625059] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.625447] ================================================================== [ 18.137755] ================================================================== [ 18.138151] BUG: KFENCE: memory corruption in test_corruption+0x131/0x3e0 [ 18.138151] [ 18.138543] Corrupted memory at 0x(____ptrval____) [ ! . . . . . . . . . . . . . . . ] (in kfence-#87): [ 18.139144] test_corruption+0x131/0x3e0 [ 18.139357] kunit_try_run_case+0x1a5/0x480 [ 18.139577] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.139783] kthread+0x337/0x6f0 [ 18.139979] ret_from_fork+0x41/0x80 [ 18.140140] ret_from_fork_asm+0x1a/0x30 [ 18.140295] [ 18.140370] kfence-#87: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 18.140370] [ 18.140960] allocated by task 333 on cpu 1 at 18.137617s (0.003340s ago): [ 18.141303] test_alloc+0x2a6/0x10f0 [ 18.141442] test_corruption+0xe6/0x3e0 [ 18.141585] kunit_try_run_case+0x1a5/0x480 [ 18.141794] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.142046] kthread+0x337/0x6f0 [ 18.142169] ret_from_fork+0x41/0x80 [ 18.142310] ret_from_fork_asm+0x1a/0x30 [ 18.142722] [ 18.142822] freed by task 333 on cpu 1 at 18.137675s (0.005145s ago): [ 18.143091] test_corruption+0x131/0x3e0 [ 18.143240] kunit_try_run_case+0x1a5/0x480 [ 18.143420] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 18.143672] kthread+0x337/0x6f0 [ 18.143861] ret_from_fork+0x41/0x80 [ 18.144048] ret_from_fork_asm+0x1a/0x30 [ 18.144243] [ 18.144346] CPU: 1 UID: 0 PID: 333 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 18.144743] Tainted: [B]=BAD_PAGE, [N]=TEST [ 18.144909] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 18.145315] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_invalid_addr_free
[ 17.201759] ================================================================== [ 17.202143] BUG: KFENCE: invalid free in test_invalid_addr_free+0x1e1/0x260 [ 17.202143] [ 17.202662] Invalid free of 0x(____ptrval____) (in kfence-#78): [ 17.202957] test_invalid_addr_free+0x1e1/0x260 [ 17.203692] kunit_try_run_case+0x1a5/0x480 [ 17.204117] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.204489] kthread+0x337/0x6f0 [ 17.204633] ret_from_fork+0x41/0x80 [ 17.204976] ret_from_fork_asm+0x1a/0x30 [ 17.205250] [ 17.205342] kfence-#78: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 17.205342] [ 17.205804] allocated by task 327 on cpu 0 at 17.201620s (0.004182s ago): [ 17.206086] test_alloc+0x364/0x10f0 [ 17.206274] test_invalid_addr_free+0xdb/0x260 [ 17.206479] kunit_try_run_case+0x1a5/0x480 [ 17.207008] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.207244] kthread+0x337/0x6f0 [ 17.207495] ret_from_fork+0x41/0x80 [ 17.207833] ret_from_fork_asm+0x1a/0x30 [ 17.208086] [ 17.208205] CPU: 0 UID: 0 PID: 327 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.208795] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.209045] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.209500] ================================================================== [ 17.305721] ================================================================== [ 17.306116] BUG: KFENCE: invalid free in test_invalid_addr_free+0xfb/0x260 [ 17.306116] [ 17.306474] Invalid free of 0x(____ptrval____) (in kfence-#79): [ 17.306892] test_invalid_addr_free+0xfb/0x260 [ 17.307070] kunit_try_run_case+0x1a5/0x480 [ 17.307266] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.307502] kthread+0x337/0x6f0 [ 17.307697] ret_from_fork+0x41/0x80 [ 17.307868] ret_from_fork_asm+0x1a/0x30 [ 17.308015] [ 17.308115] kfence-#79: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.308115] [ 17.308526] allocated by task 329 on cpu 1 at 17.305592s (0.002931s ago): [ 17.308772] test_alloc+0x2a6/0x10f0 [ 17.308974] test_invalid_addr_free+0xdb/0x260 [ 17.309171] kunit_try_run_case+0x1a5/0x480 [ 17.309391] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.309605] kthread+0x337/0x6f0 [ 17.309726] ret_from_fork+0x41/0x80 [ 17.309856] ret_from_fork_asm+0x1a/0x30 [ 17.310060] [ 17.310191] CPU: 1 UID: 0 PID: 329 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.310649] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.310855] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.311130] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-invalid-free-in-test_double_free
[ 16.993871] ================================================================== [ 16.994341] BUG: KFENCE: invalid free in test_double_free+0x1d3/0x260 [ 16.994341] [ 16.994683] Invalid free of 0x(____ptrval____) (in kfence-#76): [ 16.994961] test_double_free+0x1d3/0x260 [ 16.995178] kunit_try_run_case+0x1a5/0x480 [ 16.995379] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.995626] kthread+0x337/0x6f0 [ 16.995754] ret_from_fork+0x41/0x80 [ 16.995915] ret_from_fork_asm+0x1a/0x30 [ 16.996162] [ 16.996255] kfence-#76: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.996255] [ 16.996619] allocated by task 323 on cpu 1 at 16.993625s (0.002991s ago): [ 16.996954] test_alloc+0x364/0x10f0 [ 16.997115] test_double_free+0xdb/0x260 [ 16.997310] kunit_try_run_case+0x1a5/0x480 [ 16.997458] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.997754] kthread+0x337/0x6f0 [ 16.997926] ret_from_fork+0x41/0x80 [ 16.998114] ret_from_fork_asm+0x1a/0x30 [ 16.998305] [ 16.998403] freed by task 323 on cpu 1 at 16.993688s (0.004713s ago): [ 16.998673] test_double_free+0x1e0/0x260 [ 16.998842] kunit_try_run_case+0x1a5/0x480 [ 16.999056] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.999303] kthread+0x337/0x6f0 [ 16.999454] ret_from_fork+0x41/0x80 [ 16.999591] ret_from_fork_asm+0x1a/0x30 [ 16.999734] [ 16.999832] CPU: 1 UID: 0 PID: 323 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.000328] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.000513] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.001352] ================================================================== [ 17.097827] ================================================================== [ 17.098248] BUG: KFENCE: invalid free in test_double_free+0x112/0x260 [ 17.098248] [ 17.098563] Invalid free of 0x(____ptrval____) (in kfence-#77): [ 17.098956] test_double_free+0x112/0x260 [ 17.099122] kunit_try_run_case+0x1a5/0x480 [ 17.099358] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.099574] kthread+0x337/0x6f0 [ 17.099826] ret_from_fork+0x41/0x80 [ 17.099963] ret_from_fork_asm+0x1a/0x30 [ 17.100163] [ 17.100279] kfence-#77: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 17.100279] [ 17.100621] allocated by task 325 on cpu 1 at 17.097650s (0.002969s ago): [ 17.100899] test_alloc+0x2a6/0x10f0 [ 17.101087] test_double_free+0xdb/0x260 [ 17.101301] kunit_try_run_case+0x1a5/0x480 [ 17.101478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.101664] kthread+0x337/0x6f0 [ 17.101831] ret_from_fork+0x41/0x80 [ 17.102104] ret_from_fork_asm+0x1a/0x30 [ 17.102317] [ 17.102400] freed by task 325 on cpu 1 at 17.097712s (0.004685s ago): [ 17.102713] test_double_free+0xfa/0x260 [ 17.102902] kunit_try_run_case+0x1a5/0x480 [ 17.103079] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 17.103276] kthread+0x337/0x6f0 [ 17.103450] ret_from_fork+0x41/0x80 [ 17.103648] ret_from_fork_asm+0x1a/0x30 [ 17.103858] [ 17.103981] CPU: 1 UID: 0 PID: 325 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 17.104426] Tainted: [B]=BAD_PAGE, [N]=TEST [ 17.104568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 17.105016] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-use-after-free-read-in-test_use_after_free_read
[ 16.681729] ================================================================== [ 16.682108] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.682108] [ 16.682875] Use-after-free read at 0x(____ptrval____) (in kfence-#73): [ 16.683563] test_use_after_free_read+0x129/0x270 [ 16.683791] kunit_try_run_case+0x1a5/0x480 [ 16.684269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.684591] kthread+0x337/0x6f0 [ 16.684769] ret_from_fork+0x41/0x80 [ 16.685068] ret_from_fork_asm+0x1a/0x30 [ 16.685210] [ 16.685297] kfence-#73: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.685297] [ 16.685566] allocated by task 317 on cpu 0 at 16.681598s (0.003965s ago): [ 16.686194] test_alloc+0x2a6/0x10f0 [ 16.686579] test_use_after_free_read+0xdc/0x270 [ 16.686853] kunit_try_run_case+0x1a5/0x480 [ 16.687067] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.687336] kthread+0x337/0x6f0 [ 16.687576] ret_from_fork+0x41/0x80 [ 16.687777] ret_from_fork_asm+0x1a/0x30 [ 16.687974] [ 16.688085] freed by task 317 on cpu 0 at 16.681641s (0.006442s ago): [ 16.688428] test_use_after_free_read+0xfb/0x270 [ 16.688703] kunit_try_run_case+0x1a5/0x480 [ 16.688922] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.689144] kthread+0x337/0x6f0 [ 16.689359] ret_from_fork+0x41/0x80 [ 16.689547] ret_from_fork_asm+0x1a/0x30 [ 16.689709] [ 16.689832] CPU: 0 UID: 0 PID: 317 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 16.690263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.690476] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.690910] ================================================================== [ 16.577814] ================================================================== [ 16.578262] BUG: KFENCE: use-after-free read in test_use_after_free_read+0x129/0x270 [ 16.578262] [ 16.579033] Use-after-free read at 0x(____ptrval____) (in kfence-#72): [ 16.579345] test_use_after_free_read+0x129/0x270 [ 16.579566] kunit_try_run_case+0x1a5/0x480 [ 16.580171] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.580433] kthread+0x337/0x6f0 [ 16.580606] ret_from_fork+0x41/0x80 [ 16.580979] ret_from_fork_asm+0x1a/0x30 [ 16.581177] [ 16.581276] kfence-#72: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.581276] [ 16.581675] allocated by task 315 on cpu 1 at 16.577609s (0.004064s ago): [ 16.581984] test_alloc+0x364/0x10f0 [ 16.582151] test_use_after_free_read+0xdc/0x270 [ 16.582376] kunit_try_run_case+0x1a5/0x480 [ 16.582570] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.583340] kthread+0x337/0x6f0 [ 16.583504] ret_from_fork+0x41/0x80 [ 16.583688] ret_from_fork_asm+0x1a/0x30 [ 16.584126] [ 16.584358] freed by task 315 on cpu 1 at 16.577658s (0.006615s ago): [ 16.584845] test_use_after_free_read+0x1e7/0x270 [ 16.585159] kunit_try_run_case+0x1a5/0x480 [ 16.585374] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.585765] kthread+0x337/0x6f0 [ 16.586000] ret_from_fork+0x41/0x80 [ 16.586147] ret_from_fork_asm+0x1a/0x30 [ 16.586534] [ 16.586671] CPU: 1 UID: 0 PID: 315 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 16.587228] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.587495] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.587936] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-write-in-test_out_of_bounds_write
[ 16.161782] ================================================================== [ 16.162186] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.162186] [ 16.162610] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#68): [ 16.163001] test_out_of_bounds_write+0x10d/0x260 [ 16.163239] kunit_try_run_case+0x1a5/0x480 [ 16.163446] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.164274] kthread+0x337/0x6f0 [ 16.164446] ret_from_fork+0x41/0x80 [ 16.164849] ret_from_fork_asm+0x1a/0x30 [ 16.165170] [ 16.165453] kfence-#68: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 16.165453] [ 16.165884] allocated by task 311 on cpu 1 at 16.161650s (0.004232s ago): [ 16.166384] test_alloc+0x364/0x10f0 [ 16.166737] test_out_of_bounds_write+0xd4/0x260 [ 16.167050] kunit_try_run_case+0x1a5/0x480 [ 16.167268] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.167514] kthread+0x337/0x6f0 [ 16.167672] ret_from_fork+0x41/0x80 [ 16.167841] ret_from_fork_asm+0x1a/0x30 [ 16.168028] [ 16.168139] CPU: 1 UID: 0 PID: 311 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 16.168600] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.169291] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.169775] ================================================================== [ 16.473713] ================================================================== [ 16.474126] BUG: KFENCE: out-of-bounds write in test_out_of_bounds_write+0x10d/0x260 [ 16.474126] [ 16.474572] Out-of-bounds write at 0x(____ptrval____) (1B left of kfence-#71): [ 16.474958] test_out_of_bounds_write+0x10d/0x260 [ 16.475135] kunit_try_run_case+0x1a5/0x480 [ 16.475474] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.475719] kthread+0x337/0x6f0 [ 16.475847] ret_from_fork+0x41/0x80 [ 16.476038] ret_from_fork_asm+0x1a/0x30 [ 16.476246] [ 16.476362] kfence-#71: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.476362] [ 16.476698] allocated by task 313 on cpu 0 at 16.473647s (0.003048s ago): [ 16.477041] test_alloc+0x2a6/0x10f0 [ 16.477237] test_out_of_bounds_write+0xd4/0x260 [ 16.477455] kunit_try_run_case+0x1a5/0x480 [ 16.477635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.477882] kthread+0x337/0x6f0 [ 16.478036] ret_from_fork+0x41/0x80 [ 16.478170] ret_from_fork_asm+0x1a/0x30 [ 16.478321] [ 16.478422] CPU: 0 UID: 0 PID: 313 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 16.478909] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.479118] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.479500] ==================================================================
Failure - log-parser-boot/kfence-bug-kfence-out-of-bounds-read-in-test_out_of_bounds_read
[ 15.849674] ================================================================== [ 15.850068] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.850068] [ 15.850579] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#65): [ 15.850922] test_out_of_bounds_read+0x126/0x4e0 [ 15.851086] kunit_try_run_case+0x1a5/0x480 [ 15.851316] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.851578] kthread+0x337/0x6f0 [ 15.851809] ret_from_fork+0x41/0x80 [ 15.852026] ret_from_fork_asm+0x1a/0x30 [ 15.852266] [ 15.852390] kfence-#65: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 15.852390] [ 15.852671] allocated by task 309 on cpu 1 at 15.849613s (0.003056s ago): [ 15.853006] test_alloc+0x2a6/0x10f0 [ 15.853245] test_out_of_bounds_read+0xed/0x4e0 [ 15.853507] kunit_try_run_case+0x1a5/0x480 [ 15.853668] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.853855] kthread+0x337/0x6f0 [ 15.854045] ret_from_fork+0x41/0x80 [ 15.854269] ret_from_fork_asm+0x1a/0x30 [ 15.854492] [ 15.854620] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.855109] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.855328] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.855666] ================================================================== [ 16.057718] ================================================================== [ 16.058127] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 16.058127] [ 16.058664] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#67): [ 16.059015] test_out_of_bounds_read+0x216/0x4e0 [ 16.059262] kunit_try_run_case+0x1a5/0x480 [ 16.059492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.059771] kthread+0x337/0x6f0 [ 16.059895] ret_from_fork+0x41/0x80 [ 16.060040] ret_from_fork_asm+0x1a/0x30 [ 16.060262] [ 16.060397] kfence-#67: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=test [ 16.060397] [ 16.060932] allocated by task 309 on cpu 1 at 16.057666s (0.003263s ago): [ 16.061248] test_alloc+0x2a6/0x10f0 [ 16.061440] test_out_of_bounds_read+0x1e2/0x4e0 [ 16.061675] kunit_try_run_case+0x1a5/0x480 [ 16.061863] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 16.062054] kthread+0x337/0x6f0 [ 16.062231] ret_from_fork+0x41/0x80 [ 16.062461] ret_from_fork_asm+0x1a/0x30 [ 16.062668] [ 16.062788] CPU: 1 UID: 0 PID: 309 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 16.063263] Tainted: [B]=BAD_PAGE, [N]=TEST [ 16.063481] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 16.063875] ================================================================== [ 15.745790] ================================================================== [ 15.746193] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x216/0x4e0 [ 15.746193] [ 15.746618] Out-of-bounds read at 0x(____ptrval____) (32B right of kfence-#64): [ 15.746975] test_out_of_bounds_read+0x216/0x4e0 [ 15.747207] kunit_try_run_case+0x1a5/0x480 [ 15.747411] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.747644] kthread+0x337/0x6f0 [ 15.747853] ret_from_fork+0x41/0x80 [ 15.747989] ret_from_fork_asm+0x1a/0x30 [ 15.748133] [ 15.748252] kfence-#64: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.748252] [ 15.748685] allocated by task 307 on cpu 0 at 15.745612s (0.003071s ago): [ 15.749125] test_alloc+0x364/0x10f0 [ 15.749303] test_out_of_bounds_read+0x1e2/0x4e0 [ 15.749465] kunit_try_run_case+0x1a5/0x480 [ 15.749690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.749934] kthread+0x337/0x6f0 [ 15.750055] ret_from_fork+0x41/0x80 [ 15.750188] ret_from_fork_asm+0x1a/0x30 [ 15.750553] [ 15.750759] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.751232] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.751415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.751815] ================================================================== [ 15.434948] ================================================================== [ 15.435421] BUG: KFENCE: out-of-bounds read in test_out_of_bounds_read+0x126/0x4e0 [ 15.435421] [ 15.435967] Out-of-bounds read at 0x(____ptrval____) (1B left of kfence-#61): [ 15.436426] test_out_of_bounds_read+0x126/0x4e0 [ 15.436680] kunit_try_run_case+0x1a5/0x480 [ 15.436835] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.437093] kthread+0x337/0x6f0 [ 15.437284] ret_from_fork+0x41/0x80 [ 15.437461] ret_from_fork_asm+0x1a/0x30 [ 15.437660] [ 15.437912] kfence-#61: 0x(____ptrval____)-0x(____ptrval____), size=32, cache=kmalloc-32 [ 15.437912] [ 15.438493] allocated by task 307 on cpu 0 at 15.433658s (0.004778s ago): [ 15.439100] test_alloc+0x364/0x10f0 [ 15.439283] test_out_of_bounds_read+0xed/0x4e0 [ 15.439518] kunit_try_run_case+0x1a5/0x480 [ 15.439754] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.440019] kthread+0x337/0x6f0 [ 15.440208] ret_from_fork+0x41/0x80 [ 15.440407] ret_from_fork_asm+0x1a/0x30 [ 15.440681] [ 15.440841] CPU: 0 UID: 0 PID: 307 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.441285] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.441443] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.441892] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-strncpy_from_user
[ 15.308500] ================================================================== [ 15.308934] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x1a5/0x1d0 [ 15.309254] Write of size 1 at addr ffff888103151e78 by task kunit_try_catch/305 [ 15.310191] [ 15.310333] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.310386] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.310400] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.310424] Call Trace: [ 15.310446] <TASK> [ 15.310468] dump_stack_lvl+0x73/0xb0 [ 15.310497] print_report+0xd1/0x650 [ 15.310522] ? __virt_addr_valid+0x1db/0x2d0 [ 15.310545] ? strncpy_from_user+0x1a5/0x1d0 [ 15.310570] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.310595] ? strncpy_from_user+0x1a5/0x1d0 [ 15.310619] kasan_report+0x141/0x180 [ 15.310785] ? strncpy_from_user+0x1a5/0x1d0 [ 15.310826] __asan_report_store1_noabort+0x1b/0x30 [ 15.310850] strncpy_from_user+0x1a5/0x1d0 [ 15.310876] copy_user_test_oob+0x760/0x10f0 [ 15.310942] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.310963] ? finish_task_switch.isra.0+0x153/0x700 [ 15.310989] ? __switch_to+0x5d9/0xf60 [ 15.311013] ? dequeue_task_fair+0x166/0x4e0 [ 15.311039] ? __schedule+0x10cc/0x2b60 [ 15.311064] ? __pfx_read_tsc+0x10/0x10 [ 15.311085] ? ktime_get_ts64+0x86/0x230 [ 15.311112] kunit_try_run_case+0x1a5/0x480 [ 15.311137] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.311161] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.311187] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.311213] ? __kthread_parkme+0x82/0x180 [ 15.311246] ? preempt_count_sub+0x50/0x80 [ 15.311271] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.311296] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.311319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.311344] kthread+0x337/0x6f0 [ 15.311362] ? trace_preempt_on+0x20/0xc0 [ 15.311387] ? __pfx_kthread+0x10/0x10 [ 15.311406] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.311429] ? calculate_sigpending+0x7b/0xa0 [ 15.311452] ? __pfx_kthread+0x10/0x10 [ 15.311472] ret_from_fork+0x41/0x80 [ 15.311493] ? __pfx_kthread+0x10/0x10 [ 15.311512] ret_from_fork_asm+0x1a/0x30 [ 15.311543] </TASK> [ 15.311556] [ 15.320040] Allocated by task 305: [ 15.320240] kasan_save_stack+0x45/0x70 [ 15.320487] kasan_save_track+0x18/0x40 [ 15.320674] kasan_save_alloc_info+0x3b/0x50 [ 15.320880] __kasan_kmalloc+0xb7/0xc0 [ 15.321099] __kmalloc_noprof+0x1c9/0x500 [ 15.321330] kunit_kmalloc_array+0x25/0x60 [ 15.321565] copy_user_test_oob+0xab/0x10f0 [ 15.321836] kunit_try_run_case+0x1a5/0x480 [ 15.322043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.322296] kthread+0x337/0x6f0 [ 15.322476] ret_from_fork+0x41/0x80 [ 15.322637] ret_from_fork_asm+0x1a/0x30 [ 15.322839] [ 15.322941] The buggy address belongs to the object at ffff888103151e00 [ 15.322941] which belongs to the cache kmalloc-128 of size 128 [ 15.323503] The buggy address is located 0 bytes to the right of [ 15.323503] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.324092] [ 15.324191] The buggy address belongs to the physical page: [ 15.324462] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.324887] flags: 0x200000000000000(node=0|zone=2) [ 15.325169] page_type: f5(slab) [ 15.325356] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.325699] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.326068] page dumped because: kasan: bad access detected [ 15.326334] [ 15.326405] Memory state around the buggy address: [ 15.326665] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.327080] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.327433] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.327743] ^ [ 15.328065] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.328404] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.328721] ================================================================== [ 15.279987] ================================================================== [ 15.280680] BUG: KASAN: slab-out-of-bounds in strncpy_from_user+0x2e/0x1d0 [ 15.281119] Write of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.281391] [ 15.281515] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.281571] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.281584] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.281609] Call Trace: [ 15.281629] <TASK> [ 15.281681] dump_stack_lvl+0x73/0xb0 [ 15.281711] print_report+0xd1/0x650 [ 15.281736] ? __virt_addr_valid+0x1db/0x2d0 [ 15.281759] ? strncpy_from_user+0x2e/0x1d0 [ 15.281785] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.281809] ? strncpy_from_user+0x2e/0x1d0 [ 15.281832] kasan_report+0x141/0x180 [ 15.281857] ? strncpy_from_user+0x2e/0x1d0 [ 15.281885] kasan_check_range+0x10c/0x1c0 [ 15.281907] __kasan_check_write+0x18/0x20 [ 15.281928] strncpy_from_user+0x2e/0x1d0 [ 15.281950] ? __kasan_check_read+0x15/0x20 [ 15.281974] copy_user_test_oob+0x760/0x10f0 [ 15.281998] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.282019] ? finish_task_switch.isra.0+0x153/0x700 [ 15.282045] ? __switch_to+0x5d9/0xf60 [ 15.282069] ? dequeue_task_fair+0x166/0x4e0 [ 15.282094] ? __schedule+0x10cc/0x2b60 [ 15.282119] ? __pfx_read_tsc+0x10/0x10 [ 15.282140] ? ktime_get_ts64+0x86/0x230 [ 15.282166] kunit_try_run_case+0x1a5/0x480 [ 15.282193] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282217] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.282254] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.282279] ? __kthread_parkme+0x82/0x180 [ 15.282303] ? preempt_count_sub+0x50/0x80 [ 15.282330] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.282354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.282379] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.282402] kthread+0x337/0x6f0 [ 15.282420] ? trace_preempt_on+0x20/0xc0 [ 15.282446] ? __pfx_kthread+0x10/0x10 [ 15.282465] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.282487] ? calculate_sigpending+0x7b/0xa0 [ 15.282511] ? __pfx_kthread+0x10/0x10 [ 15.282530] ret_from_fork+0x41/0x80 [ 15.282552] ? __pfx_kthread+0x10/0x10 [ 15.282570] ret_from_fork_asm+0x1a/0x30 [ 15.282602] </TASK> [ 15.282615] [ 15.294918] Allocated by task 305: [ 15.295165] kasan_save_stack+0x45/0x70 [ 15.295400] kasan_save_track+0x18/0x40 [ 15.295596] kasan_save_alloc_info+0x3b/0x50 [ 15.295925] __kasan_kmalloc+0xb7/0xc0 [ 15.296143] __kmalloc_noprof+0x1c9/0x500 [ 15.296422] kunit_kmalloc_array+0x25/0x60 [ 15.296705] copy_user_test_oob+0xab/0x10f0 [ 15.297256] kunit_try_run_case+0x1a5/0x480 [ 15.297427] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.297925] kthread+0x337/0x6f0 [ 15.298189] ret_from_fork+0x41/0x80 [ 15.298573] ret_from_fork_asm+0x1a/0x30 [ 15.298780] [ 15.298880] The buggy address belongs to the object at ffff888103151e00 [ 15.298880] which belongs to the cache kmalloc-128 of size 128 [ 15.299406] The buggy address is located 0 bytes inside of [ 15.299406] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.300187] [ 15.300679] The buggy address belongs to the physical page: [ 15.301096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.301597] flags: 0x200000000000000(node=0|zone=2) [ 15.302064] page_type: f5(slab) [ 15.302431] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.302898] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.303419] page dumped because: kasan: bad access detected [ 15.303878] [ 15.304143] Memory state around the buggy address: [ 15.304449] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.304898] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.305418] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.305814] ^ [ 15.306103] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.306396] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.306982] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_user_test_oob
[ 15.234676] ================================================================== [ 15.234981] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x557/0x10f0 [ 15.235287] Write of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.235604] [ 15.235717] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.235768] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.235781] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.235804] Call Trace: [ 15.235824] <TASK> [ 15.235844] dump_stack_lvl+0x73/0xb0 [ 15.235871] print_report+0xd1/0x650 [ 15.235895] ? __virt_addr_valid+0x1db/0x2d0 [ 15.235919] ? copy_user_test_oob+0x557/0x10f0 [ 15.235940] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.235964] ? copy_user_test_oob+0x557/0x10f0 [ 15.235985] kasan_report+0x141/0x180 [ 15.236009] ? copy_user_test_oob+0x557/0x10f0 [ 15.236036] kasan_check_range+0x10c/0x1c0 [ 15.236058] __kasan_check_write+0x18/0x20 [ 15.236080] copy_user_test_oob+0x557/0x10f0 [ 15.236103] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.236123] ? finish_task_switch.isra.0+0x153/0x700 [ 15.236150] ? __switch_to+0x5d9/0xf60 [ 15.236173] ? dequeue_task_fair+0x166/0x4e0 [ 15.236198] ? __schedule+0x10cc/0x2b60 [ 15.236233] ? __pfx_read_tsc+0x10/0x10 [ 15.236255] ? ktime_get_ts64+0x86/0x230 [ 15.236282] kunit_try_run_case+0x1a5/0x480 [ 15.236307] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236331] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.236356] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.236381] ? __kthread_parkme+0x82/0x180 [ 15.236405] ? preempt_count_sub+0x50/0x80 [ 15.236431] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.236457] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.236482] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.236506] kthread+0x337/0x6f0 [ 15.236525] ? trace_preempt_on+0x20/0xc0 [ 15.236550] ? __pfx_kthread+0x10/0x10 [ 15.236568] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.236592] ? calculate_sigpending+0x7b/0xa0 [ 15.236614] ? __pfx_kthread+0x10/0x10 [ 15.236634] ret_from_fork+0x41/0x80 [ 15.236656] ? __pfx_kthread+0x10/0x10 [ 15.236675] ret_from_fork_asm+0x1a/0x30 [ 15.236707] </TASK> [ 15.236718] [ 15.244678] Allocated by task 305: [ 15.244821] kasan_save_stack+0x45/0x70 [ 15.244973] kasan_save_track+0x18/0x40 [ 15.245262] kasan_save_alloc_info+0x3b/0x50 [ 15.245472] __kasan_kmalloc+0xb7/0xc0 [ 15.245659] __kmalloc_noprof+0x1c9/0x500 [ 15.245802] kunit_kmalloc_array+0x25/0x60 [ 15.245946] copy_user_test_oob+0xab/0x10f0 [ 15.246091] kunit_try_run_case+0x1a5/0x480 [ 15.246309] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.246569] kthread+0x337/0x6f0 [ 15.246739] ret_from_fork+0x41/0x80 [ 15.246927] ret_from_fork_asm+0x1a/0x30 [ 15.247143] [ 15.247249] The buggy address belongs to the object at ffff888103151e00 [ 15.247249] which belongs to the cache kmalloc-128 of size 128 [ 15.247632] The buggy address is located 0 bytes inside of [ 15.247632] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.248190] [ 15.248293] The buggy address belongs to the physical page: [ 15.248472] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.248716] flags: 0x200000000000000(node=0|zone=2) [ 15.248951] page_type: f5(slab) [ 15.249128] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.249486] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.250051] page dumped because: kasan: bad access detected [ 15.250335] [ 15.250434] Memory state around the buggy address: [ 15.250638] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.250943] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.251185] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.251517] ^ [ 15.252596] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.252972] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.253354] ================================================================== [ 15.255570] ================================================================== [ 15.255864] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x604/0x10f0 [ 15.256109] Read of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.256735] [ 15.256947] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.256999] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.257013] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.257038] Call Trace: [ 15.257058] <TASK> [ 15.257080] dump_stack_lvl+0x73/0xb0 [ 15.257110] print_report+0xd1/0x650 [ 15.257136] ? __virt_addr_valid+0x1db/0x2d0 [ 15.257161] ? copy_user_test_oob+0x604/0x10f0 [ 15.257182] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.257207] ? copy_user_test_oob+0x604/0x10f0 [ 15.257241] kasan_report+0x141/0x180 [ 15.257265] ? copy_user_test_oob+0x604/0x10f0 [ 15.257291] kasan_check_range+0x10c/0x1c0 [ 15.257313] __kasan_check_read+0x15/0x20 [ 15.257334] copy_user_test_oob+0x604/0x10f0 [ 15.257358] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.257379] ? finish_task_switch.isra.0+0x153/0x700 [ 15.257405] ? __switch_to+0x5d9/0xf60 [ 15.257428] ? dequeue_task_fair+0x166/0x4e0 [ 15.257454] ? __schedule+0x10cc/0x2b60 [ 15.257480] ? __pfx_read_tsc+0x10/0x10 [ 15.257501] ? ktime_get_ts64+0x86/0x230 [ 15.257528] kunit_try_run_case+0x1a5/0x480 [ 15.257560] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257583] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.257609] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.257634] ? __kthread_parkme+0x82/0x180 [ 15.257658] ? preempt_count_sub+0x50/0x80 [ 15.257684] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.257709] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.257734] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.257759] kthread+0x337/0x6f0 [ 15.257776] ? trace_preempt_on+0x20/0xc0 [ 15.257802] ? __pfx_kthread+0x10/0x10 [ 15.257820] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.257843] ? calculate_sigpending+0x7b/0xa0 [ 15.257866] ? __pfx_kthread+0x10/0x10 [ 15.257886] ret_from_fork+0x41/0x80 [ 15.257907] ? __pfx_kthread+0x10/0x10 [ 15.257926] ret_from_fork_asm+0x1a/0x30 [ 15.257959] </TASK> [ 15.257971] [ 15.267312] Allocated by task 305: [ 15.267599] kasan_save_stack+0x45/0x70 [ 15.268035] kasan_save_track+0x18/0x40 [ 15.268741] kasan_save_alloc_info+0x3b/0x50 [ 15.269420] __kasan_kmalloc+0xb7/0xc0 [ 15.269586] __kmalloc_noprof+0x1c9/0x500 [ 15.269838] kunit_kmalloc_array+0x25/0x60 [ 15.270235] copy_user_test_oob+0xab/0x10f0 [ 15.270536] kunit_try_run_case+0x1a5/0x480 [ 15.270888] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.271216] kthread+0x337/0x6f0 [ 15.271406] ret_from_fork+0x41/0x80 [ 15.271786] ret_from_fork_asm+0x1a/0x30 [ 15.272090] [ 15.272320] The buggy address belongs to the object at ffff888103151e00 [ 15.272320] which belongs to the cache kmalloc-128 of size 128 [ 15.273023] The buggy address is located 0 bytes inside of [ 15.273023] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.273603] [ 15.273856] The buggy address belongs to the physical page: [ 15.274238] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.274584] flags: 0x200000000000000(node=0|zone=2) [ 15.274986] page_type: f5(slab) [ 15.275276] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.275675] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.276066] page dumped because: kasan: bad access detected [ 15.276424] [ 15.276510] Memory state around the buggy address: [ 15.276879] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.277306] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.277677] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.277983] ^ [ 15.278236] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.278565] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.279098] ================================================================== [ 15.190206] ================================================================== [ 15.190568] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x3fd/0x10f0 [ 15.190935] Write of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.191275] [ 15.191399] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.191450] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.191462] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.191487] Call Trace: [ 15.191501] <TASK> [ 15.191523] dump_stack_lvl+0x73/0xb0 [ 15.191573] print_report+0xd1/0x650 [ 15.191598] ? __virt_addr_valid+0x1db/0x2d0 [ 15.191621] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.191643] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.191668] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.191703] kasan_report+0x141/0x180 [ 15.191727] ? copy_user_test_oob+0x3fd/0x10f0 [ 15.191754] kasan_check_range+0x10c/0x1c0 [ 15.191775] __kasan_check_write+0x18/0x20 [ 15.191796] copy_user_test_oob+0x3fd/0x10f0 [ 15.191819] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.191840] ? finish_task_switch.isra.0+0x153/0x700 [ 15.191865] ? __switch_to+0x5d9/0xf60 [ 15.191907] ? dequeue_task_fair+0x166/0x4e0 [ 15.191933] ? __schedule+0x10cc/0x2b60 [ 15.191958] ? __pfx_read_tsc+0x10/0x10 [ 15.191979] ? ktime_get_ts64+0x86/0x230 [ 15.192005] kunit_try_run_case+0x1a5/0x480 [ 15.192031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.192055] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.192082] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.192106] ? __kthread_parkme+0x82/0x180 [ 15.192130] ? preempt_count_sub+0x50/0x80 [ 15.192156] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.192181] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.192205] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.192241] kthread+0x337/0x6f0 [ 15.192258] ? trace_preempt_on+0x20/0xc0 [ 15.192283] ? __pfx_kthread+0x10/0x10 [ 15.192303] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.192326] ? calculate_sigpending+0x7b/0xa0 [ 15.192349] ? __pfx_kthread+0x10/0x10 [ 15.192368] ret_from_fork+0x41/0x80 [ 15.192389] ? __pfx_kthread+0x10/0x10 [ 15.192408] ret_from_fork_asm+0x1a/0x30 [ 15.192439] </TASK> [ 15.192451] [ 15.200062] Allocated by task 305: [ 15.200257] kasan_save_stack+0x45/0x70 [ 15.200457] kasan_save_track+0x18/0x40 [ 15.200597] kasan_save_alloc_info+0x3b/0x50 [ 15.200905] __kasan_kmalloc+0xb7/0xc0 [ 15.201127] __kmalloc_noprof+0x1c9/0x500 [ 15.201324] kunit_kmalloc_array+0x25/0x60 [ 15.201472] copy_user_test_oob+0xab/0x10f0 [ 15.201622] kunit_try_run_case+0x1a5/0x480 [ 15.201955] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.202394] kthread+0x337/0x6f0 [ 15.202555] ret_from_fork+0x41/0x80 [ 15.202682] ret_from_fork_asm+0x1a/0x30 [ 15.202816] [ 15.202910] The buggy address belongs to the object at ffff888103151e00 [ 15.202910] which belongs to the cache kmalloc-128 of size 128 [ 15.203582] The buggy address is located 0 bytes inside of [ 15.203582] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.203950] [ 15.204023] The buggy address belongs to the physical page: [ 15.204192] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.204559] flags: 0x200000000000000(node=0|zone=2) [ 15.204839] page_type: f5(slab) [ 15.205029] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.205405] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.205699] page dumped because: kasan: bad access detected [ 15.205929] [ 15.206022] Memory state around the buggy address: [ 15.206242] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.206486] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.206695] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.206977] ^ [ 15.207324] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207648] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.207886] ================================================================== [ 15.208534] ================================================================== [ 15.209242] BUG: KASAN: slab-out-of-bounds in copy_user_test_oob+0x4aa/0x10f0 [ 15.209506] Read of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.210323] [ 15.210444] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.210491] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.210504] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.210526] Call Trace: [ 15.210544] <TASK> [ 15.210563] dump_stack_lvl+0x73/0xb0 [ 15.210590] print_report+0xd1/0x650 [ 15.210614] ? __virt_addr_valid+0x1db/0x2d0 [ 15.210637] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.210659] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.210683] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.210704] kasan_report+0x141/0x180 [ 15.210728] ? copy_user_test_oob+0x4aa/0x10f0 [ 15.210755] kasan_check_range+0x10c/0x1c0 [ 15.210776] __kasan_check_read+0x15/0x20 [ 15.210797] copy_user_test_oob+0x4aa/0x10f0 [ 15.210821] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.210842] ? finish_task_switch.isra.0+0x153/0x700 [ 15.210867] ? __switch_to+0x5d9/0xf60 [ 15.210889] ? dequeue_task_fair+0x166/0x4e0 [ 15.210915] ? __schedule+0x10cc/0x2b60 [ 15.210939] ? __pfx_read_tsc+0x10/0x10 [ 15.210960] ? ktime_get_ts64+0x86/0x230 [ 15.210987] kunit_try_run_case+0x1a5/0x480 [ 15.211012] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211036] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.211061] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.211086] ? __kthread_parkme+0x82/0x180 [ 15.211109] ? preempt_count_sub+0x50/0x80 [ 15.211135] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.211160] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.211183] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.211208] kthread+0x337/0x6f0 [ 15.211236] ? trace_preempt_on+0x20/0xc0 [ 15.211261] ? __pfx_kthread+0x10/0x10 [ 15.211280] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.211303] ? calculate_sigpending+0x7b/0xa0 [ 15.211325] ? __pfx_kthread+0x10/0x10 [ 15.211345] ret_from_fork+0x41/0x80 [ 15.211366] ? __pfx_kthread+0x10/0x10 [ 15.211384] ret_from_fork_asm+0x1a/0x30 [ 15.211417] </TASK> [ 15.211428] [ 15.221633] Allocated by task 305: [ 15.221951] kasan_save_stack+0x45/0x70 [ 15.222144] kasan_save_track+0x18/0x40 [ 15.222333] kasan_save_alloc_info+0x3b/0x50 [ 15.222527] __kasan_kmalloc+0xb7/0xc0 [ 15.223006] __kmalloc_noprof+0x1c9/0x500 [ 15.223264] kunit_kmalloc_array+0x25/0x60 [ 15.223572] copy_user_test_oob+0xab/0x10f0 [ 15.223961] kunit_try_run_case+0x1a5/0x480 [ 15.224292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.224877] kthread+0x337/0x6f0 [ 15.225052] ret_from_fork+0x41/0x80 [ 15.225240] ret_from_fork_asm+0x1a/0x30 [ 15.225427] [ 15.225518] The buggy address belongs to the object at ffff888103151e00 [ 15.225518] which belongs to the cache kmalloc-128 of size 128 [ 15.226433] The buggy address is located 0 bytes inside of [ 15.226433] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.227254] [ 15.227359] The buggy address belongs to the physical page: [ 15.227599] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.228184] flags: 0x200000000000000(node=0|zone=2) [ 15.228597] page_type: f5(slab) [ 15.228928] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.229269] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.229599] page dumped because: kasan: bad access detected [ 15.230088] [ 15.230187] Memory state around the buggy address: [ 15.230636] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.231121] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.231554] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.232332] ^ [ 15.232845] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233344] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.233958] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_to_user
[ 15.162851] ================================================================== [ 15.163192] BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x4a/0x70 [ 15.163515] Read of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.163925] [ 15.164030] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.164080] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.164094] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.164117] Call Trace: [ 15.164137] <TASK> [ 15.164160] dump_stack_lvl+0x73/0xb0 [ 15.164213] print_report+0xd1/0x650 [ 15.164251] ? __virt_addr_valid+0x1db/0x2d0 [ 15.164294] ? _copy_to_user+0x4a/0x70 [ 15.164316] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.164340] ? _copy_to_user+0x4a/0x70 [ 15.164361] kasan_report+0x141/0x180 [ 15.164385] ? _copy_to_user+0x4a/0x70 [ 15.164410] kasan_check_range+0x10c/0x1c0 [ 15.164432] __kasan_check_read+0x15/0x20 [ 15.164453] _copy_to_user+0x4a/0x70 [ 15.164474] copy_user_test_oob+0x364/0x10f0 [ 15.164498] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.164519] ? finish_task_switch.isra.0+0x153/0x700 [ 15.164544] ? __switch_to+0x5d9/0xf60 [ 15.164567] ? dequeue_task_fair+0x166/0x4e0 [ 15.164592] ? __schedule+0x10cc/0x2b60 [ 15.164617] ? __pfx_read_tsc+0x10/0x10 [ 15.164639] ? ktime_get_ts64+0x86/0x230 [ 15.164665] kunit_try_run_case+0x1a5/0x480 [ 15.164691] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164714] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.164740] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.164766] ? __kthread_parkme+0x82/0x180 [ 15.164789] ? preempt_count_sub+0x50/0x80 [ 15.164814] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.164839] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.164864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.164889] kthread+0x337/0x6f0 [ 15.164907] ? trace_preempt_on+0x20/0xc0 [ 15.164932] ? __pfx_kthread+0x10/0x10 [ 15.164951] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.164974] ? calculate_sigpending+0x7b/0xa0 [ 15.164997] ? __pfx_kthread+0x10/0x10 [ 15.165018] ret_from_fork+0x41/0x80 [ 15.165039] ? __pfx_kthread+0x10/0x10 [ 15.165057] ret_from_fork_asm+0x1a/0x30 [ 15.165090] </TASK> [ 15.165101] [ 15.175967] Allocated by task 305: [ 15.176123] kasan_save_stack+0x45/0x70 [ 15.176337] kasan_save_track+0x18/0x40 [ 15.176517] kasan_save_alloc_info+0x3b/0x50 [ 15.177005] __kasan_kmalloc+0xb7/0xc0 [ 15.177184] __kmalloc_noprof+0x1c9/0x500 [ 15.177614] kunit_kmalloc_array+0x25/0x60 [ 15.177936] copy_user_test_oob+0xab/0x10f0 [ 15.178221] kunit_try_run_case+0x1a5/0x480 [ 15.178521] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.178874] kthread+0x337/0x6f0 [ 15.179131] ret_from_fork+0x41/0x80 [ 15.179422] ret_from_fork_asm+0x1a/0x30 [ 15.179696] [ 15.179958] The buggy address belongs to the object at ffff888103151e00 [ 15.179958] which belongs to the cache kmalloc-128 of size 128 [ 15.180568] The buggy address is located 0 bytes inside of [ 15.180568] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.181243] [ 15.181357] The buggy address belongs to the physical page: [ 15.181589] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.181911] flags: 0x200000000000000(node=0|zone=2) [ 15.182175] page_type: f5(slab) [ 15.182371] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.182733] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.182962] page dumped because: kasan: bad access detected [ 15.183201] [ 15.183307] Memory state around the buggy address: [ 15.183542] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.183847] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.184151] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.184446] ^ [ 15.184830] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185050] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.185379] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-_copy_from_user
[ 15.136734] ================================================================== [ 15.137778] BUG: KASAN: slab-out-of-bounds in _copy_from_user+0x32/0x90 [ 15.138112] Write of size 121 at addr ffff888103151e00 by task kunit_try_catch/305 [ 15.138384] [ 15.138511] CPU: 0 UID: 0 PID: 305 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.138566] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.138580] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.138607] Call Trace: [ 15.138622] <TASK> [ 15.138646] dump_stack_lvl+0x73/0xb0 [ 15.138678] print_report+0xd1/0x650 [ 15.138705] ? __virt_addr_valid+0x1db/0x2d0 [ 15.138731] ? _copy_from_user+0x32/0x90 [ 15.138752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.138776] ? _copy_from_user+0x32/0x90 [ 15.138797] kasan_report+0x141/0x180 [ 15.138821] ? _copy_from_user+0x32/0x90 [ 15.138846] kasan_check_range+0x10c/0x1c0 [ 15.138868] __kasan_check_write+0x18/0x20 [ 15.138889] _copy_from_user+0x32/0x90 [ 15.138910] copy_user_test_oob+0x2be/0x10f0 [ 15.138935] ? __pfx_copy_user_test_oob+0x10/0x10 [ 15.138955] ? finish_task_switch.isra.0+0x153/0x700 [ 15.138982] ? __switch_to+0x5d9/0xf60 [ 15.139006] ? dequeue_task_fair+0x166/0x4e0 [ 15.139032] ? __schedule+0x10cc/0x2b60 [ 15.139057] ? __pfx_read_tsc+0x10/0x10 [ 15.139078] ? ktime_get_ts64+0x86/0x230 [ 15.139105] kunit_try_run_case+0x1a5/0x480 [ 15.139131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139154] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.139180] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.139205] ? __kthread_parkme+0x82/0x180 [ 15.139242] ? preempt_count_sub+0x50/0x80 [ 15.139268] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.139294] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.139319] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.139343] kthread+0x337/0x6f0 [ 15.139362] ? trace_preempt_on+0x20/0xc0 [ 15.139387] ? __pfx_kthread+0x10/0x10 [ 15.139407] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.139430] ? calculate_sigpending+0x7b/0xa0 [ 15.139453] ? __pfx_kthread+0x10/0x10 [ 15.139473] ret_from_fork+0x41/0x80 [ 15.139495] ? __pfx_kthread+0x10/0x10 [ 15.139514] ret_from_fork_asm+0x1a/0x30 [ 15.139547] </TASK> [ 15.139560] [ 15.149207] Allocated by task 305: [ 15.149431] kasan_save_stack+0x45/0x70 [ 15.149633] kasan_save_track+0x18/0x40 [ 15.150061] kasan_save_alloc_info+0x3b/0x50 [ 15.150279] __kasan_kmalloc+0xb7/0xc0 [ 15.150581] __kmalloc_noprof+0x1c9/0x500 [ 15.150766] kunit_kmalloc_array+0x25/0x60 [ 15.151082] copy_user_test_oob+0xab/0x10f0 [ 15.151271] kunit_try_run_case+0x1a5/0x480 [ 15.151593] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.151904] kthread+0x337/0x6f0 [ 15.152059] ret_from_fork+0x41/0x80 [ 15.152236] ret_from_fork_asm+0x1a/0x30 [ 15.152424] [ 15.152522] The buggy address belongs to the object at ffff888103151e00 [ 15.152522] which belongs to the cache kmalloc-128 of size 128 [ 15.153287] The buggy address is located 0 bytes inside of [ 15.153287] allocated 120-byte region [ffff888103151e00, ffff888103151e78) [ 15.153998] [ 15.154238] The buggy address belongs to the physical page: [ 15.154504] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.154925] flags: 0x200000000000000(node=0|zone=2) [ 15.155273] page_type: f5(slab) [ 15.155414] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.155853] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.156174] page dumped because: kasan: bad access detected [ 15.156431] [ 15.156512] Memory state around the buggy address: [ 15.156720] ffff888103151d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.157015] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.157319] >ffff888103151e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.157625] ^ [ 15.158311] ffff888103151e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.158729] ffff888103151f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.159070] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-copy_to_kernel_nofault
[ 15.095266] ================================================================== [ 15.095808] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x99/0x260 [ 15.096384] Write of size 8 at addr ffff888103151d78 by task kunit_try_catch/301 [ 15.096843] [ 15.096967] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.097020] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.097034] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.097059] Call Trace: [ 15.097073] <TASK> [ 15.097095] dump_stack_lvl+0x73/0xb0 [ 15.097127] print_report+0xd1/0x650 [ 15.097154] ? __virt_addr_valid+0x1db/0x2d0 [ 15.097178] ? copy_to_kernel_nofault+0x99/0x260 [ 15.097200] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.097237] ? copy_to_kernel_nofault+0x99/0x260 [ 15.097260] kasan_report+0x141/0x180 [ 15.097434] ? copy_to_kernel_nofault+0x99/0x260 [ 15.097478] kasan_check_range+0x10c/0x1c0 [ 15.097503] __kasan_check_write+0x18/0x20 [ 15.097525] copy_to_kernel_nofault+0x99/0x260 [ 15.097555] copy_to_kernel_nofault_oob+0x288/0x560 [ 15.097620] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.097656] ? finish_task_switch.isra.0+0x153/0x700 [ 15.097683] ? __schedule+0x10cc/0x2b60 [ 15.097707] ? trace_hardirqs_on+0x37/0xe0 [ 15.097740] ? __pfx_read_tsc+0x10/0x10 [ 15.097764] ? ktime_get_ts64+0x86/0x230 [ 15.097791] kunit_try_run_case+0x1a5/0x480 [ 15.097817] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097841] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.097868] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.097893] ? __kthread_parkme+0x82/0x180 [ 15.097916] ? preempt_count_sub+0x50/0x80 [ 15.097942] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.097968] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.097992] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.098018] kthread+0x337/0x6f0 [ 15.098038] ? trace_preempt_on+0x20/0xc0 [ 15.098062] ? __pfx_kthread+0x10/0x10 [ 15.098082] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.098106] ? calculate_sigpending+0x7b/0xa0 [ 15.098130] ? __pfx_kthread+0x10/0x10 [ 15.098150] ret_from_fork+0x41/0x80 [ 15.098172] ? __pfx_kthread+0x10/0x10 [ 15.098191] ret_from_fork_asm+0x1a/0x30 [ 15.098236] </TASK> [ 15.098249] [ 15.110578] Allocated by task 301: [ 15.110930] kasan_save_stack+0x45/0x70 [ 15.111248] kasan_save_track+0x18/0x40 [ 15.111549] kasan_save_alloc_info+0x3b/0x50 [ 15.111859] __kasan_kmalloc+0xb7/0xc0 [ 15.112059] __kmalloc_cache_noprof+0x189/0x420 [ 15.112463] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.112769] kunit_try_run_case+0x1a5/0x480 [ 15.113088] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.113392] kthread+0x337/0x6f0 [ 15.113564] ret_from_fork+0x41/0x80 [ 15.113941] ret_from_fork_asm+0x1a/0x30 [ 15.114352] [ 15.114463] The buggy address belongs to the object at ffff888103151d00 [ 15.114463] which belongs to the cache kmalloc-128 of size 128 [ 15.115561] The buggy address is located 0 bytes to the right of [ 15.115561] allocated 120-byte region [ffff888103151d00, ffff888103151d78) [ 15.116218] [ 15.116497] The buggy address belongs to the physical page: [ 15.116902] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.117255] flags: 0x200000000000000(node=0|zone=2) [ 15.117650] page_type: f5(slab) [ 15.117816] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.118130] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.118764] page dumped because: kasan: bad access detected [ 15.119236] [ 15.119501] Memory state around the buggy address: [ 15.120001] ffff888103151c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.120484] ffff888103151c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.121152] >ffff888103151d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.121974] ^ [ 15.122448] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.122922] ffff888103151e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.123568] ================================================================== [ 15.055700] ================================================================== [ 15.057275] BUG: KASAN: slab-out-of-bounds in copy_to_kernel_nofault+0x225/0x260 [ 15.058459] Read of size 8 at addr ffff888103151d78 by task kunit_try_catch/301 [ 15.058715] [ 15.058818] CPU: 0 UID: 0 PID: 301 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.058873] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.058887] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.058912] Call Trace: [ 15.058927] <TASK> [ 15.058950] dump_stack_lvl+0x73/0xb0 [ 15.058983] print_report+0xd1/0x650 [ 15.059011] ? __virt_addr_valid+0x1db/0x2d0 [ 15.059037] ? copy_to_kernel_nofault+0x225/0x260 [ 15.059060] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.059085] ? copy_to_kernel_nofault+0x225/0x260 [ 15.059107] kasan_report+0x141/0x180 [ 15.059131] ? copy_to_kernel_nofault+0x225/0x260 [ 15.059158] __asan_report_load8_noabort+0x18/0x20 [ 15.059181] copy_to_kernel_nofault+0x225/0x260 [ 15.059204] copy_to_kernel_nofault_oob+0x1ed/0x560 [ 15.059491] ? __pfx_copy_to_kernel_nofault_oob+0x10/0x10 [ 15.059526] ? finish_task_switch.isra.0+0x153/0x700 [ 15.059569] ? __schedule+0x10cc/0x2b60 [ 15.059595] ? trace_hardirqs_on+0x37/0xe0 [ 15.059662] ? __pfx_read_tsc+0x10/0x10 [ 15.059687] ? ktime_get_ts64+0x86/0x230 [ 15.059715] kunit_try_run_case+0x1a5/0x480 [ 15.059742] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.059766] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.059793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.059818] ? __kthread_parkme+0x82/0x180 [ 15.059843] ? preempt_count_sub+0x50/0x80 [ 15.059869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.059894] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.059919] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.059944] kthread+0x337/0x6f0 [ 15.059962] ? trace_preempt_on+0x20/0xc0 [ 15.059987] ? __pfx_kthread+0x10/0x10 [ 15.060007] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.060030] ? calculate_sigpending+0x7b/0xa0 [ 15.060055] ? __pfx_kthread+0x10/0x10 [ 15.060075] ret_from_fork+0x41/0x80 [ 15.060097] ? __pfx_kthread+0x10/0x10 [ 15.060117] ret_from_fork_asm+0x1a/0x30 [ 15.060150] </TASK> [ 15.060164] [ 15.079522] Allocated by task 301: [ 15.079952] kasan_save_stack+0x45/0x70 [ 15.080548] kasan_save_track+0x18/0x40 [ 15.081152] kasan_save_alloc_info+0x3b/0x50 [ 15.081751] __kasan_kmalloc+0xb7/0xc0 [ 15.082129] __kmalloc_cache_noprof+0x189/0x420 [ 15.082806] copy_to_kernel_nofault_oob+0x12f/0x560 [ 15.082994] kunit_try_run_case+0x1a5/0x480 [ 15.083145] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.083590] kthread+0x337/0x6f0 [ 15.083924] ret_from_fork+0x41/0x80 [ 15.084111] ret_from_fork_asm+0x1a/0x30 [ 15.084532] [ 15.084640] The buggy address belongs to the object at ffff888103151d00 [ 15.084640] which belongs to the cache kmalloc-128 of size 128 [ 15.085517] The buggy address is located 0 bytes to the right of [ 15.085517] allocated 120-byte region [ffff888103151d00, ffff888103151d78) [ 15.086231] [ 15.086509] The buggy address belongs to the physical page: [ 15.087114] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 15.087990] flags: 0x200000000000000(node=0|zone=2) [ 15.088416] page_type: f5(slab) [ 15.088741] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 15.089214] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 15.089789] page dumped because: kasan: bad access detected [ 15.090171] [ 15.090437] Memory state around the buggy address: [ 15.090662] ffff888103151c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 15.090966] ffff888103151c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.091268] >ffff888103151d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 15.091583] ^ [ 15.092513] ffff888103151d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093070] ffff888103151e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.093745] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_atomics_helper
[ 14.890707] ================================================================== [ 14.891057] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x2006/0x5450 [ 14.891414] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.891644] [ 14.891734] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.891796] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.891810] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.891832] Call Trace: [ 14.891849] <TASK> [ 14.891866] dump_stack_lvl+0x73/0xb0 [ 14.891895] print_report+0xd1/0x650 [ 14.891919] ? __virt_addr_valid+0x1db/0x2d0 [ 14.891941] ? kasan_atomics_helper+0x2006/0x5450 [ 14.891964] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.891988] ? kasan_atomics_helper+0x2006/0x5450 [ 14.892011] kasan_report+0x141/0x180 [ 14.892036] ? kasan_atomics_helper+0x2006/0x5450 [ 14.892064] kasan_check_range+0x10c/0x1c0 [ 14.892086] __kasan_check_write+0x18/0x20 [ 14.892108] kasan_atomics_helper+0x2006/0x5450 [ 14.892133] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.892157] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.892181] ? kasan_atomics+0x152/0x310 [ 14.892205] kasan_atomics+0x1dc/0x310 [ 14.892237] ? __pfx_kasan_atomics+0x10/0x10 [ 14.892260] ? __pfx_read_tsc+0x10/0x10 [ 14.892281] ? ktime_get_ts64+0x86/0x230 [ 14.892308] kunit_try_run_case+0x1a5/0x480 [ 14.892334] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892358] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.892383] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.892409] ? __kthread_parkme+0x82/0x180 [ 14.892432] ? preempt_count_sub+0x50/0x80 [ 14.892459] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.892485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.892509] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.892534] kthread+0x337/0x6f0 [ 14.892552] ? trace_preempt_on+0x20/0xc0 [ 14.892577] ? __pfx_kthread+0x10/0x10 [ 14.892597] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.892621] ? calculate_sigpending+0x7b/0xa0 [ 14.892654] ? __pfx_kthread+0x10/0x10 [ 14.892675] ret_from_fork+0x41/0x80 [ 14.892697] ? __pfx_kthread+0x10/0x10 [ 14.892716] ret_from_fork_asm+0x1a/0x30 [ 14.892748] </TASK> [ 14.892759] [ 14.900044] Allocated by task 284: [ 14.900202] kasan_save_stack+0x45/0x70 [ 14.900425] kasan_save_track+0x18/0x40 [ 14.900589] kasan_save_alloc_info+0x3b/0x50 [ 14.900893] __kasan_kmalloc+0xb7/0xc0 [ 14.901085] __kmalloc_cache_noprof+0x189/0x420 [ 14.901266] kasan_atomics+0x95/0x310 [ 14.901401] kunit_try_run_case+0x1a5/0x480 [ 14.901551] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.901772] kthread+0x337/0x6f0 [ 14.901951] ret_from_fork+0x41/0x80 [ 14.902145] ret_from_fork_asm+0x1a/0x30 [ 14.902359] [ 14.902452] The buggy address belongs to the object at ffff8881039f4880 [ 14.902452] which belongs to the cache kmalloc-64 of size 64 [ 14.903087] The buggy address is located 0 bytes to the right of [ 14.903087] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.903594] [ 14.903696] The buggy address belongs to the physical page: [ 14.903915] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.904236] flags: 0x200000000000000(node=0|zone=2) [ 14.904403] page_type: f5(slab) [ 14.904578] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.905055] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.905327] page dumped because: kasan: bad access detected [ 14.905587] [ 14.905706] Memory state around the buggy address: [ 14.905876] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.906183] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.906488] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.906833] ^ [ 14.906989] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907206] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.907535] ================================================================== [ 14.486554] ================================================================== [ 14.486951] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x50d4/0x5450 [ 14.487292] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.487622] [ 14.487809] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.487862] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.487875] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.487899] Call Trace: [ 14.487920] <TASK> [ 14.487951] dump_stack_lvl+0x73/0xb0 [ 14.487979] print_report+0xd1/0x650 [ 14.488015] ? __virt_addr_valid+0x1db/0x2d0 [ 14.488039] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.488062] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.488087] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.488120] kasan_report+0x141/0x180 [ 14.488144] ? kasan_atomics_helper+0x50d4/0x5450 [ 14.488183] __asan_report_store8_noabort+0x1b/0x30 [ 14.488206] kasan_atomics_helper+0x50d4/0x5450 [ 14.488240] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.488274] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.488297] ? kasan_atomics+0x152/0x310 [ 14.488322] kasan_atomics+0x1dc/0x310 [ 14.488354] ? __pfx_kasan_atomics+0x10/0x10 [ 14.488376] ? __pfx_read_tsc+0x10/0x10 [ 14.488398] ? ktime_get_ts64+0x86/0x230 [ 14.488425] kunit_try_run_case+0x1a5/0x480 [ 14.488452] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.488476] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.488502] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.488527] ? __kthread_parkme+0x82/0x180 [ 14.488551] ? preempt_count_sub+0x50/0x80 [ 14.488579] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.488604] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.488628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.488653] kthread+0x337/0x6f0 [ 14.488671] ? trace_preempt_on+0x20/0xc0 [ 14.488697] ? __pfx_kthread+0x10/0x10 [ 14.488716] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.488739] ? calculate_sigpending+0x7b/0xa0 [ 14.488772] ? __pfx_kthread+0x10/0x10 [ 14.488792] ret_from_fork+0x41/0x80 [ 14.488814] ? __pfx_kthread+0x10/0x10 [ 14.488844] ret_from_fork_asm+0x1a/0x30 [ 14.488876] </TASK> [ 14.488889] [ 14.496319] Allocated by task 284: [ 14.496461] kasan_save_stack+0x45/0x70 [ 14.496614] kasan_save_track+0x18/0x40 [ 14.496800] kasan_save_alloc_info+0x3b/0x50 [ 14.497087] __kasan_kmalloc+0xb7/0xc0 [ 14.497314] __kmalloc_cache_noprof+0x189/0x420 [ 14.497668] kasan_atomics+0x95/0x310 [ 14.497893] kunit_try_run_case+0x1a5/0x480 [ 14.498101] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.498290] kthread+0x337/0x6f0 [ 14.498491] ret_from_fork+0x41/0x80 [ 14.498688] ret_from_fork_asm+0x1a/0x30 [ 14.498904] [ 14.499009] The buggy address belongs to the object at ffff8881039f4880 [ 14.499009] which belongs to the cache kmalloc-64 of size 64 [ 14.499512] The buggy address is located 0 bytes to the right of [ 14.499512] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.499958] [ 14.500062] The buggy address belongs to the physical page: [ 14.500322] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.500681] flags: 0x200000000000000(node=0|zone=2) [ 14.500902] page_type: f5(slab) [ 14.501074] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.501398] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.501728] page dumped because: kasan: bad access detected [ 14.501956] [ 14.502042] Memory state around the buggy address: [ 14.502254] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.502532] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.502749] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.502964] ^ [ 14.503118] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.503431] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.504094] ================================================================== [ 14.037737] ================================================================== [ 14.038084] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xac7/0x5450 [ 14.038455] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.038709] [ 14.038792] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.038835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.038848] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.038870] Call Trace: [ 14.038885] <TASK> [ 14.038900] dump_stack_lvl+0x73/0xb0 [ 14.038924] print_report+0xd1/0x650 [ 14.038948] ? __virt_addr_valid+0x1db/0x2d0 [ 14.038970] ? kasan_atomics_helper+0xac7/0x5450 [ 14.038993] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.039017] ? kasan_atomics_helper+0xac7/0x5450 [ 14.039040] kasan_report+0x141/0x180 [ 14.039065] ? kasan_atomics_helper+0xac7/0x5450 [ 14.039093] kasan_check_range+0x10c/0x1c0 [ 14.039116] __kasan_check_write+0x18/0x20 [ 14.039138] kasan_atomics_helper+0xac7/0x5450 [ 14.039161] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.039186] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.039210] ? kasan_atomics+0x152/0x310 [ 14.039245] kasan_atomics+0x1dc/0x310 [ 14.039265] ? __pfx_kasan_atomics+0x10/0x10 [ 14.039288] ? __pfx_read_tsc+0x10/0x10 [ 14.039308] ? ktime_get_ts64+0x86/0x230 [ 14.039335] kunit_try_run_case+0x1a5/0x480 [ 14.039360] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.039384] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.039409] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.039434] ? __kthread_parkme+0x82/0x180 [ 14.039456] ? preempt_count_sub+0x50/0x80 [ 14.039481] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.039507] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.039531] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.039556] kthread+0x337/0x6f0 [ 14.039574] ? trace_preempt_on+0x20/0xc0 [ 14.039598] ? __pfx_kthread+0x10/0x10 [ 14.039618] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.039661] ? calculate_sigpending+0x7b/0xa0 [ 14.039683] ? __pfx_kthread+0x10/0x10 [ 14.039704] ret_from_fork+0x41/0x80 [ 14.039726] ? __pfx_kthread+0x10/0x10 [ 14.039746] ret_from_fork_asm+0x1a/0x30 [ 14.039778] </TASK> [ 14.039790] [ 14.047250] Allocated by task 284: [ 14.047430] kasan_save_stack+0x45/0x70 [ 14.047603] kasan_save_track+0x18/0x40 [ 14.047800] kasan_save_alloc_info+0x3b/0x50 [ 14.047981] __kasan_kmalloc+0xb7/0xc0 [ 14.048160] __kmalloc_cache_noprof+0x189/0x420 [ 14.048369] kasan_atomics+0x95/0x310 [ 14.048532] kunit_try_run_case+0x1a5/0x480 [ 14.048741] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.048948] kthread+0x337/0x6f0 [ 14.049117] ret_from_fork+0x41/0x80 [ 14.049284] ret_from_fork_asm+0x1a/0x30 [ 14.049488] [ 14.049569] The buggy address belongs to the object at ffff8881039f4880 [ 14.049569] which belongs to the cache kmalloc-64 of size 64 [ 14.050023] The buggy address is located 0 bytes to the right of [ 14.050023] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.050401] [ 14.050476] The buggy address belongs to the physical page: [ 14.050671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.050912] flags: 0x200000000000000(node=0|zone=2) [ 14.051091] page_type: f5(slab) [ 14.051265] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.051610] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.051963] page dumped because: kasan: bad access detected [ 14.052213] [ 14.052315] Memory state around the buggy address: [ 14.052540] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.052808] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.053030] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.053253] ^ [ 14.053408] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053629] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.053957] ================================================================== [ 14.101723] ================================================================== [ 14.102308] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a84/0x5450 [ 14.102784] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.103163] [ 14.103292] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.103338] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.103352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.103376] Call Trace: [ 14.103388] <TASK> [ 14.103403] dump_stack_lvl+0x73/0xb0 [ 14.103619] print_report+0xd1/0x650 [ 14.103658] ? __virt_addr_valid+0x1db/0x2d0 [ 14.103681] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.103704] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.103728] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.103752] kasan_report+0x141/0x180 [ 14.103777] ? kasan_atomics_helper+0x4a84/0x5450 [ 14.103806] __asan_report_load4_noabort+0x18/0x20 [ 14.103827] kasan_atomics_helper+0x4a84/0x5450 [ 14.103851] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.103875] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.103897] ? kasan_atomics+0x152/0x310 [ 14.103922] kasan_atomics+0x1dc/0x310 [ 14.103944] ? __pfx_kasan_atomics+0x10/0x10 [ 14.103967] ? __pfx_read_tsc+0x10/0x10 [ 14.103987] ? ktime_get_ts64+0x86/0x230 [ 14.104013] kunit_try_run_case+0x1a5/0x480 [ 14.104038] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104061] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.104085] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.104110] ? __kthread_parkme+0x82/0x180 [ 14.104133] ? preempt_count_sub+0x50/0x80 [ 14.104158] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.104184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.104208] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.104246] kthread+0x337/0x6f0 [ 14.104264] ? trace_preempt_on+0x20/0xc0 [ 14.104288] ? __pfx_kthread+0x10/0x10 [ 14.104307] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.104331] ? calculate_sigpending+0x7b/0xa0 [ 14.104353] ? __pfx_kthread+0x10/0x10 [ 14.104373] ret_from_fork+0x41/0x80 [ 14.104394] ? __pfx_kthread+0x10/0x10 [ 14.104414] ret_from_fork_asm+0x1a/0x30 [ 14.104445] </TASK> [ 14.104458] [ 14.114165] Allocated by task 284: [ 14.114416] kasan_save_stack+0x45/0x70 [ 14.114745] kasan_save_track+0x18/0x40 [ 14.114923] kasan_save_alloc_info+0x3b/0x50 [ 14.115246] __kasan_kmalloc+0xb7/0xc0 [ 14.115511] __kmalloc_cache_noprof+0x189/0x420 [ 14.115786] kasan_atomics+0x95/0x310 [ 14.116038] kunit_try_run_case+0x1a5/0x480 [ 14.116224] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.116487] kthread+0x337/0x6f0 [ 14.116644] ret_from_fork+0x41/0x80 [ 14.117047] ret_from_fork_asm+0x1a/0x30 [ 14.117324] [ 14.117405] The buggy address belongs to the object at ffff8881039f4880 [ 14.117405] which belongs to the cache kmalloc-64 of size 64 [ 14.118104] The buggy address is located 0 bytes to the right of [ 14.118104] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.118707] [ 14.118950] The buggy address belongs to the physical page: [ 14.119167] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.119625] flags: 0x200000000000000(node=0|zone=2) [ 14.119867] page_type: f5(slab) [ 14.120018] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.120358] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.120665] page dumped because: kasan: bad access detected [ 14.120891] [ 14.120974] Memory state around the buggy address: [ 14.121180] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.121871] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.122247] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.122623] ^ [ 14.122918] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.123340] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.123717] ================================================================== [ 13.930525] ================================================================== [ 13.931075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x7c7/0x5450 [ 13.931437] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.931955] [ 13.932101] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.932147] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.932161] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.932184] Call Trace: [ 13.932197] <TASK> [ 13.932212] dump_stack_lvl+0x73/0xb0 [ 13.932251] print_report+0xd1/0x650 [ 13.932275] ? __virt_addr_valid+0x1db/0x2d0 [ 13.932298] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.932321] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.932346] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.932370] kasan_report+0x141/0x180 [ 13.932395] ? kasan_atomics_helper+0x7c7/0x5450 [ 13.932433] kasan_check_range+0x10c/0x1c0 [ 13.932455] __kasan_check_write+0x18/0x20 [ 13.932488] kasan_atomics_helper+0x7c7/0x5450 [ 13.932513] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.932537] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.932561] ? kasan_atomics+0x152/0x310 [ 13.932585] kasan_atomics+0x1dc/0x310 [ 13.932606] ? __pfx_kasan_atomics+0x10/0x10 [ 13.932629] ? __pfx_read_tsc+0x10/0x10 [ 13.932650] ? ktime_get_ts64+0x86/0x230 [ 13.932730] kunit_try_run_case+0x1a5/0x480 [ 13.932760] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.932784] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.932809] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.932835] ? __kthread_parkme+0x82/0x180 [ 13.932869] ? preempt_count_sub+0x50/0x80 [ 13.932895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.932920] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.932956] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.932981] kthread+0x337/0x6f0 [ 13.932999] ? trace_preempt_on+0x20/0xc0 [ 13.933023] ? __pfx_kthread+0x10/0x10 [ 13.933043] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.933065] ? calculate_sigpending+0x7b/0xa0 [ 13.933089] ? __pfx_kthread+0x10/0x10 [ 13.933109] ret_from_fork+0x41/0x80 [ 13.933130] ? __pfx_kthread+0x10/0x10 [ 13.933159] ret_from_fork_asm+0x1a/0x30 [ 13.933190] </TASK> [ 13.933201] [ 13.942072] Allocated by task 284: [ 13.942281] kasan_save_stack+0x45/0x70 [ 13.942485] kasan_save_track+0x18/0x40 [ 13.942679] kasan_save_alloc_info+0x3b/0x50 [ 13.942863] __kasan_kmalloc+0xb7/0xc0 [ 13.943003] __kmalloc_cache_noprof+0x189/0x420 [ 13.943701] kasan_atomics+0x95/0x310 [ 13.943923] kunit_try_run_case+0x1a5/0x480 [ 13.944091] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.944278] kthread+0x337/0x6f0 [ 13.944425] ret_from_fork+0x41/0x80 [ 13.944640] ret_from_fork_asm+0x1a/0x30 [ 13.944837] [ 13.944949] The buggy address belongs to the object at ffff8881039f4880 [ 13.944949] which belongs to the cache kmalloc-64 of size 64 [ 13.945350] The buggy address is located 0 bytes to the right of [ 13.945350] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.946096] [ 13.946203] The buggy address belongs to the physical page: [ 13.946493] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.947002] flags: 0x200000000000000(node=0|zone=2) [ 13.947247] page_type: f5(slab) [ 13.947593] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.947940] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.948257] page dumped because: kasan: bad access detected [ 13.948552] [ 13.948661] Memory state around the buggy address: [ 13.948853] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949082] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.949474] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.949942] ^ [ 13.950158] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.950730] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.951030] ================================================================== [ 14.249176] ================================================================== [ 14.250466] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1079/0x5450 [ 14.250880] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.251456] [ 14.251708] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.251764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.251778] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.251801] Call Trace: [ 14.251822] <TASK> [ 14.251842] dump_stack_lvl+0x73/0xb0 [ 14.251913] print_report+0xd1/0x650 [ 14.251938] ? __virt_addr_valid+0x1db/0x2d0 [ 14.251962] ? kasan_atomics_helper+0x1079/0x5450 [ 14.251985] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.252010] ? kasan_atomics_helper+0x1079/0x5450 [ 14.252033] kasan_report+0x141/0x180 [ 14.252058] ? kasan_atomics_helper+0x1079/0x5450 [ 14.252086] kasan_check_range+0x10c/0x1c0 [ 14.252108] __kasan_check_write+0x18/0x20 [ 14.252129] kasan_atomics_helper+0x1079/0x5450 [ 14.252154] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.252179] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.252203] ? kasan_atomics+0x152/0x310 [ 14.252239] kasan_atomics+0x1dc/0x310 [ 14.252259] ? __pfx_kasan_atomics+0x10/0x10 [ 14.252282] ? __pfx_read_tsc+0x10/0x10 [ 14.252304] ? ktime_get_ts64+0x86/0x230 [ 14.252331] kunit_try_run_case+0x1a5/0x480 [ 14.252357] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252381] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.252407] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.252434] ? __kthread_parkme+0x82/0x180 [ 14.252459] ? preempt_count_sub+0x50/0x80 [ 14.252486] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.252511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.252536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.252560] kthread+0x337/0x6f0 [ 14.252579] ? trace_preempt_on+0x20/0xc0 [ 14.252605] ? __pfx_kthread+0x10/0x10 [ 14.252625] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.252657] ? calculate_sigpending+0x7b/0xa0 [ 14.252682] ? __pfx_kthread+0x10/0x10 [ 14.252702] ret_from_fork+0x41/0x80 [ 14.252724] ? __pfx_kthread+0x10/0x10 [ 14.252743] ret_from_fork_asm+0x1a/0x30 [ 14.252776] </TASK> [ 14.252788] [ 14.263265] Allocated by task 284: [ 14.263643] kasan_save_stack+0x45/0x70 [ 14.263944] kasan_save_track+0x18/0x40 [ 14.264104] kasan_save_alloc_info+0x3b/0x50 [ 14.264359] __kasan_kmalloc+0xb7/0xc0 [ 14.264498] __kmalloc_cache_noprof+0x189/0x420 [ 14.264714] kasan_atomics+0x95/0x310 [ 14.264932] kunit_try_run_case+0x1a5/0x480 [ 14.265164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.265452] kthread+0x337/0x6f0 [ 14.265615] ret_from_fork+0x41/0x80 [ 14.265750] ret_from_fork_asm+0x1a/0x30 [ 14.266050] [ 14.266151] The buggy address belongs to the object at ffff8881039f4880 [ 14.266151] which belongs to the cache kmalloc-64 of size 64 [ 14.266658] The buggy address is located 0 bytes to the right of [ 14.266658] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.267194] [ 14.267312] The buggy address belongs to the physical page: [ 14.267572] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.267980] flags: 0x200000000000000(node=0|zone=2) [ 14.268199] page_type: f5(slab) [ 14.268389] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.268753] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.269119] page dumped because: kasan: bad access detected [ 14.269395] [ 14.269474] Memory state around the buggy address: [ 14.269636] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.269852] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.270507] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.270922] ^ [ 14.271311] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.271552] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.272051] ================================================================== [ 14.054568] ================================================================== [ 14.055115] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xb6a/0x5450 [ 14.056127] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.056490] [ 14.056600] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.056643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.056656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.056678] Call Trace: [ 14.056694] <TASK> [ 14.056710] dump_stack_lvl+0x73/0xb0 [ 14.056736] print_report+0xd1/0x650 [ 14.056759] ? __virt_addr_valid+0x1db/0x2d0 [ 14.056781] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.056803] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.056827] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.056853] kasan_report+0x141/0x180 [ 14.056877] ? kasan_atomics_helper+0xb6a/0x5450 [ 14.056905] kasan_check_range+0x10c/0x1c0 [ 14.056926] __kasan_check_write+0x18/0x20 [ 14.056948] kasan_atomics_helper+0xb6a/0x5450 [ 14.056972] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.056995] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.057018] ? kasan_atomics+0x152/0x310 [ 14.057042] kasan_atomics+0x1dc/0x310 [ 14.057062] ? __pfx_kasan_atomics+0x10/0x10 [ 14.057084] ? __pfx_read_tsc+0x10/0x10 [ 14.057104] ? ktime_get_ts64+0x86/0x230 [ 14.057130] kunit_try_run_case+0x1a5/0x480 [ 14.057154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.057178] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.057203] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.058148] ? __kthread_parkme+0x82/0x180 [ 14.058180] ? preempt_count_sub+0x50/0x80 [ 14.058208] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.058246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.058272] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.058297] kthread+0x337/0x6f0 [ 14.058315] ? trace_preempt_on+0x20/0xc0 [ 14.058339] ? __pfx_kthread+0x10/0x10 [ 14.058359] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.058382] ? calculate_sigpending+0x7b/0xa0 [ 14.058405] ? __pfx_kthread+0x10/0x10 [ 14.058426] ret_from_fork+0x41/0x80 [ 14.058449] ? __pfx_kthread+0x10/0x10 [ 14.058469] ret_from_fork_asm+0x1a/0x30 [ 14.058502] </TASK> [ 14.058515] [ 14.068450] Allocated by task 284: [ 14.068879] kasan_save_stack+0x45/0x70 [ 14.069138] kasan_save_track+0x18/0x40 [ 14.069421] kasan_save_alloc_info+0x3b/0x50 [ 14.069593] __kasan_kmalloc+0xb7/0xc0 [ 14.069903] __kmalloc_cache_noprof+0x189/0x420 [ 14.070198] kasan_atomics+0x95/0x310 [ 14.070349] kunit_try_run_case+0x1a5/0x480 [ 14.070699] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.070916] kthread+0x337/0x6f0 [ 14.071196] ret_from_fork+0x41/0x80 [ 14.071465] ret_from_fork_asm+0x1a/0x30 [ 14.071739] [ 14.071835] The buggy address belongs to the object at ffff8881039f4880 [ 14.071835] which belongs to the cache kmalloc-64 of size 64 [ 14.072443] The buggy address is located 0 bytes to the right of [ 14.072443] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.073129] [ 14.073351] The buggy address belongs to the physical page: [ 14.073574] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.074097] flags: 0x200000000000000(node=0|zone=2) [ 14.074473] page_type: f5(slab) [ 14.074607] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.075072] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.075465] page dumped because: kasan: bad access detected [ 14.075812] [ 14.075913] Memory state around the buggy address: [ 14.076286] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.076599] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.076943] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.077430] ^ [ 14.077705] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.077963] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.078393] ================================================================== [ 14.272612] ================================================================== [ 14.273211] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a1c/0x5450 [ 14.273695] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.274491] [ 14.274746] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.274812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.274825] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.274861] Call Trace: [ 14.274880] <TASK> [ 14.274898] dump_stack_lvl+0x73/0xb0 [ 14.274927] print_report+0xd1/0x650 [ 14.274951] ? __virt_addr_valid+0x1db/0x2d0 [ 14.274974] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.274997] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.275021] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.275045] kasan_report+0x141/0x180 [ 14.275068] ? kasan_atomics_helper+0x4a1c/0x5450 [ 14.275096] __asan_report_load4_noabort+0x18/0x20 [ 14.275118] kasan_atomics_helper+0x4a1c/0x5450 [ 14.275142] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.275166] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.275189] ? kasan_atomics+0x152/0x310 [ 14.275213] kasan_atomics+0x1dc/0x310 [ 14.275245] ? __pfx_kasan_atomics+0x10/0x10 [ 14.275286] ? __pfx_read_tsc+0x10/0x10 [ 14.275307] ? ktime_get_ts64+0x86/0x230 [ 14.275334] kunit_try_run_case+0x1a5/0x480 [ 14.275382] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275406] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.275431] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.275471] ? __kthread_parkme+0x82/0x180 [ 14.275495] ? preempt_count_sub+0x50/0x80 [ 14.275522] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.275546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.275571] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.275596] kthread+0x337/0x6f0 [ 14.275614] ? trace_preempt_on+0x20/0xc0 [ 14.275639] ? __pfx_kthread+0x10/0x10 [ 14.275659] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.275682] ? calculate_sigpending+0x7b/0xa0 [ 14.275705] ? __pfx_kthread+0x10/0x10 [ 14.275725] ret_from_fork+0x41/0x80 [ 14.275746] ? __pfx_kthread+0x10/0x10 [ 14.275766] ret_from_fork_asm+0x1a/0x30 [ 14.275797] </TASK> [ 14.275809] [ 14.286193] Allocated by task 284: [ 14.286392] kasan_save_stack+0x45/0x70 [ 14.286590] kasan_save_track+0x18/0x40 [ 14.287135] kasan_save_alloc_info+0x3b/0x50 [ 14.287324] __kasan_kmalloc+0xb7/0xc0 [ 14.287510] __kmalloc_cache_noprof+0x189/0x420 [ 14.288042] kasan_atomics+0x95/0x310 [ 14.288309] kunit_try_run_case+0x1a5/0x480 [ 14.288635] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.289072] kthread+0x337/0x6f0 [ 14.289256] ret_from_fork+0x41/0x80 [ 14.289431] ret_from_fork_asm+0x1a/0x30 [ 14.289619] [ 14.290055] The buggy address belongs to the object at ffff8881039f4880 [ 14.290055] which belongs to the cache kmalloc-64 of size 64 [ 14.290488] The buggy address is located 0 bytes to the right of [ 14.290488] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.291508] [ 14.291734] The buggy address belongs to the physical page: [ 14.292158] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.292676] flags: 0x200000000000000(node=0|zone=2) [ 14.292920] page_type: f5(slab) [ 14.293084] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.293364] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.293672] page dumped because: kasan: bad access detected [ 14.294209] [ 14.294339] Memory state around the buggy address: [ 14.294539] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.295014] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.295333] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.295622] ^ [ 14.295841] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.296139] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.296446] ================================================================== [ 14.580368] ================================================================== [ 14.580678] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x177f/0x5450 [ 14.581284] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.581512] [ 14.581608] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.581653] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.581667] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.581689] Call Trace: [ 14.581705] <TASK> [ 14.581724] dump_stack_lvl+0x73/0xb0 [ 14.581750] print_report+0xd1/0x650 [ 14.581773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.581796] ? kasan_atomics_helper+0x177f/0x5450 [ 14.581819] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.581843] ? kasan_atomics_helper+0x177f/0x5450 [ 14.581867] kasan_report+0x141/0x180 [ 14.581892] ? kasan_atomics_helper+0x177f/0x5450 [ 14.581920] kasan_check_range+0x10c/0x1c0 [ 14.581941] __kasan_check_write+0x18/0x20 [ 14.581963] kasan_atomics_helper+0x177f/0x5450 [ 14.581988] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.582012] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.582034] ? kasan_atomics+0x152/0x310 [ 14.582059] kasan_atomics+0x1dc/0x310 [ 14.582079] ? __pfx_kasan_atomics+0x10/0x10 [ 14.582102] ? __pfx_read_tsc+0x10/0x10 [ 14.582122] ? ktime_get_ts64+0x86/0x230 [ 14.582149] kunit_try_run_case+0x1a5/0x480 [ 14.582174] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.582198] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.582246] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.582272] ? __kthread_parkme+0x82/0x180 [ 14.582294] ? preempt_count_sub+0x50/0x80 [ 14.582333] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.582359] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.582384] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.582409] kthread+0x337/0x6f0 [ 14.582428] ? trace_preempt_on+0x20/0xc0 [ 14.582453] ? __pfx_kthread+0x10/0x10 [ 14.582473] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.582497] ? calculate_sigpending+0x7b/0xa0 [ 14.582520] ? __pfx_kthread+0x10/0x10 [ 14.582541] ret_from_fork+0x41/0x80 [ 14.582564] ? __pfx_kthread+0x10/0x10 [ 14.582583] ret_from_fork_asm+0x1a/0x30 [ 14.582615] </TASK> [ 14.582628] [ 14.591048] Allocated by task 284: [ 14.591237] kasan_save_stack+0x45/0x70 [ 14.591414] kasan_save_track+0x18/0x40 [ 14.591626] kasan_save_alloc_info+0x3b/0x50 [ 14.591828] __kasan_kmalloc+0xb7/0xc0 [ 14.592023] __kmalloc_cache_noprof+0x189/0x420 [ 14.592192] kasan_atomics+0x95/0x310 [ 14.592358] kunit_try_run_case+0x1a5/0x480 [ 14.592532] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.592745] kthread+0x337/0x6f0 [ 14.592889] ret_from_fork+0x41/0x80 [ 14.593121] ret_from_fork_asm+0x1a/0x30 [ 14.593366] [ 14.593468] The buggy address belongs to the object at ffff8881039f4880 [ 14.593468] which belongs to the cache kmalloc-64 of size 64 [ 14.594159] The buggy address is located 0 bytes to the right of [ 14.594159] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.594807] [ 14.594920] The buggy address belongs to the physical page: [ 14.595213] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.595470] flags: 0x200000000000000(node=0|zone=2) [ 14.595674] page_type: f5(slab) [ 14.595859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.596219] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.596566] page dumped because: kasan: bad access detected [ 14.596820] [ 14.596918] Memory state around the buggy address: [ 14.597136] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.597460] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.597855] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.598147] ^ [ 14.598353] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.598572] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.599138] ================================================================== [ 14.755902] ================================================================== [ 14.756475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1ce1/0x5450 [ 14.756746] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.756974] [ 14.757087] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.757133] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.757146] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.757170] Call Trace: [ 14.757185] <TASK> [ 14.757202] dump_stack_lvl+0x73/0xb0 [ 14.757240] print_report+0xd1/0x650 [ 14.757276] ? __virt_addr_valid+0x1db/0x2d0 [ 14.757299] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.757323] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.757359] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.757383] kasan_report+0x141/0x180 [ 14.757408] ? kasan_atomics_helper+0x1ce1/0x5450 [ 14.757436] kasan_check_range+0x10c/0x1c0 [ 14.757460] __kasan_check_write+0x18/0x20 [ 14.757482] kasan_atomics_helper+0x1ce1/0x5450 [ 14.757506] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.757531] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.757559] ? kasan_atomics+0x152/0x310 [ 14.757583] kasan_atomics+0x1dc/0x310 [ 14.757604] ? __pfx_kasan_atomics+0x10/0x10 [ 14.757627] ? __pfx_read_tsc+0x10/0x10 [ 14.757669] ? ktime_get_ts64+0x86/0x230 [ 14.757695] kunit_try_run_case+0x1a5/0x480 [ 14.757721] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757745] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.757771] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.757795] ? __kthread_parkme+0x82/0x180 [ 14.757818] ? preempt_count_sub+0x50/0x80 [ 14.757845] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.757870] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.757895] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.757919] kthread+0x337/0x6f0 [ 14.757937] ? trace_preempt_on+0x20/0xc0 [ 14.757962] ? __pfx_kthread+0x10/0x10 [ 14.757992] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.758015] ? calculate_sigpending+0x7b/0xa0 [ 14.758038] ? __pfx_kthread+0x10/0x10 [ 14.758069] ret_from_fork+0x41/0x80 [ 14.758090] ? __pfx_kthread+0x10/0x10 [ 14.758110] ret_from_fork_asm+0x1a/0x30 [ 14.758141] </TASK> [ 14.758153] [ 14.765689] Allocated by task 284: [ 14.765888] kasan_save_stack+0x45/0x70 [ 14.766128] kasan_save_track+0x18/0x40 [ 14.766334] kasan_save_alloc_info+0x3b/0x50 [ 14.766550] __kasan_kmalloc+0xb7/0xc0 [ 14.766795] __kmalloc_cache_noprof+0x189/0x420 [ 14.767014] kasan_atomics+0x95/0x310 [ 14.767199] kunit_try_run_case+0x1a5/0x480 [ 14.767414] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.767689] kthread+0x337/0x6f0 [ 14.767853] ret_from_fork+0x41/0x80 [ 14.768039] ret_from_fork_asm+0x1a/0x30 [ 14.768246] [ 14.768358] The buggy address belongs to the object at ffff8881039f4880 [ 14.768358] which belongs to the cache kmalloc-64 of size 64 [ 14.768832] The buggy address is located 0 bytes to the right of [ 14.768832] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.769202] [ 14.769331] The buggy address belongs to the physical page: [ 14.769664] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.770058] flags: 0x200000000000000(node=0|zone=2) [ 14.770288] page_type: f5(slab) [ 14.770414] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.770726] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.771090] page dumped because: kasan: bad access detected [ 14.771378] [ 14.771452] Memory state around the buggy address: [ 14.771708] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.772018] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.772351] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.772658] ^ [ 14.772848] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773133] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.773419] ================================================================== [ 14.943756] ================================================================== [ 14.944204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fb2/0x5450 [ 14.944552] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.945036] [ 14.945134] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.945182] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.945195] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.945220] Call Trace: [ 14.945247] <TASK> [ 14.945265] dump_stack_lvl+0x73/0xb0 [ 14.945291] print_report+0xd1/0x650 [ 14.945316] ? __virt_addr_valid+0x1db/0x2d0 [ 14.945340] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.945363] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.945388] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.945411] kasan_report+0x141/0x180 [ 14.945436] ? kasan_atomics_helper+0x4fb2/0x5450 [ 14.945465] __asan_report_load8_noabort+0x18/0x20 [ 14.945487] kasan_atomics_helper+0x4fb2/0x5450 [ 14.945512] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.945537] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.945565] ? kasan_atomics+0x152/0x310 [ 14.945593] kasan_atomics+0x1dc/0x310 [ 14.945614] ? __pfx_kasan_atomics+0x10/0x10 [ 14.945637] ? __pfx_read_tsc+0x10/0x10 [ 14.945659] ? ktime_get_ts64+0x86/0x230 [ 14.945686] kunit_try_run_case+0x1a5/0x480 [ 14.945712] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945736] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.945763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.945788] ? __kthread_parkme+0x82/0x180 [ 14.945812] ? preempt_count_sub+0x50/0x80 [ 14.945840] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.945866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.945891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.945916] kthread+0x337/0x6f0 [ 14.945934] ? trace_preempt_on+0x20/0xc0 [ 14.945959] ? __pfx_kthread+0x10/0x10 [ 14.945979] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.946002] ? calculate_sigpending+0x7b/0xa0 [ 14.946026] ? __pfx_kthread+0x10/0x10 [ 14.946045] ret_from_fork+0x41/0x80 [ 14.946068] ? __pfx_kthread+0x10/0x10 [ 14.946087] ret_from_fork_asm+0x1a/0x30 [ 14.946119] </TASK> [ 14.946130] [ 14.953170] Allocated by task 284: [ 14.953362] kasan_save_stack+0x45/0x70 [ 14.953567] kasan_save_track+0x18/0x40 [ 14.953768] kasan_save_alloc_info+0x3b/0x50 [ 14.954002] __kasan_kmalloc+0xb7/0xc0 [ 14.954150] __kmalloc_cache_noprof+0x189/0x420 [ 14.954357] kasan_atomics+0x95/0x310 [ 14.954551] kunit_try_run_case+0x1a5/0x480 [ 14.954818] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.954994] kthread+0x337/0x6f0 [ 14.955115] ret_from_fork+0x41/0x80 [ 14.955293] ret_from_fork_asm+0x1a/0x30 [ 14.955497] [ 14.955594] The buggy address belongs to the object at ffff8881039f4880 [ 14.955594] which belongs to the cache kmalloc-64 of size 64 [ 14.956280] The buggy address is located 0 bytes to the right of [ 14.956280] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.956861] [ 14.956945] The buggy address belongs to the physical page: [ 14.957172] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.957508] flags: 0x200000000000000(node=0|zone=2) [ 14.957758] page_type: f5(slab) [ 14.957913] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.958177] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.958417] page dumped because: kasan: bad access detected [ 14.958591] [ 14.958672] Memory state around the buggy address: [ 14.958902] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.959221] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.959548] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.960090] ^ [ 14.960318] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.960570] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.961064] ================================================================== [ 13.724127] ================================================================== [ 13.724750] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b6e/0x5450 [ 13.725001] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.725355] [ 13.725538] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.725590] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.725602] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.725624] Call Trace: [ 13.725640] <TASK> [ 13.725668] dump_stack_lvl+0x73/0xb0 [ 13.725693] print_report+0xd1/0x650 [ 13.725719] ? __virt_addr_valid+0x1db/0x2d0 [ 13.725741] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.725777] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.725803] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.725827] kasan_report+0x141/0x180 [ 13.725864] ? kasan_atomics_helper+0x4b6e/0x5450 [ 13.725893] __asan_report_store4_noabort+0x1b/0x30 [ 13.725916] kasan_atomics_helper+0x4b6e/0x5450 [ 13.725940] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.725964] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.725997] ? kasan_atomics+0x152/0x310 [ 13.726022] kasan_atomics+0x1dc/0x310 [ 13.726044] ? __pfx_kasan_atomics+0x10/0x10 [ 13.726076] ? __pfx_read_tsc+0x10/0x10 [ 13.726097] ? ktime_get_ts64+0x86/0x230 [ 13.726124] kunit_try_run_case+0x1a5/0x480 [ 13.726149] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.726173] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.726206] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.726247] ? __kthread_parkme+0x82/0x180 [ 13.726270] ? preempt_count_sub+0x50/0x80 [ 13.726341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.726369] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.726394] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.726419] kthread+0x337/0x6f0 [ 13.726438] ? trace_preempt_on+0x20/0xc0 [ 13.726464] ? __pfx_kthread+0x10/0x10 [ 13.726484] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.726508] ? calculate_sigpending+0x7b/0xa0 [ 13.726531] ? __pfx_kthread+0x10/0x10 [ 13.726562] ret_from_fork+0x41/0x80 [ 13.726585] ? __pfx_kthread+0x10/0x10 [ 13.726605] ret_from_fork_asm+0x1a/0x30 [ 13.726647] </TASK> [ 13.726660] [ 13.735968] Allocated by task 284: [ 13.736156] kasan_save_stack+0x45/0x70 [ 13.736469] kasan_save_track+0x18/0x40 [ 13.736869] kasan_save_alloc_info+0x3b/0x50 [ 13.737085] __kasan_kmalloc+0xb7/0xc0 [ 13.737327] __kmalloc_cache_noprof+0x189/0x420 [ 13.737612] kasan_atomics+0x95/0x310 [ 13.737827] kunit_try_run_case+0x1a5/0x480 [ 13.738019] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.738200] kthread+0x337/0x6f0 [ 13.738332] ret_from_fork+0x41/0x80 [ 13.738513] ret_from_fork_asm+0x1a/0x30 [ 13.738793] [ 13.738891] The buggy address belongs to the object at ffff8881039f4880 [ 13.738891] which belongs to the cache kmalloc-64 of size 64 [ 13.739290] The buggy address is located 0 bytes to the right of [ 13.739290] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.740554] [ 13.740670] The buggy address belongs to the physical page: [ 13.740848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.741471] flags: 0x200000000000000(node=0|zone=2) [ 13.741659] page_type: f5(slab) [ 13.741838] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.742256] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.742623] page dumped because: kasan: bad access detected [ 13.742922] [ 13.743020] Memory state around the buggy address: [ 13.743188] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.743485] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.743924] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.744236] ^ [ 13.744531] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.744904] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.745518] ================================================================== [ 14.321463] ================================================================== [ 14.321800] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a02/0x5450 [ 14.322088] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.322461] [ 14.322596] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.322643] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.322656] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.322678] Call Trace: [ 14.322697] <TASK> [ 14.322716] dump_stack_lvl+0x73/0xb0 [ 14.322742] print_report+0xd1/0x650 [ 14.322765] ? __virt_addr_valid+0x1db/0x2d0 [ 14.322789] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.322811] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.322836] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.322860] kasan_report+0x141/0x180 [ 14.322883] ? kasan_atomics_helper+0x4a02/0x5450 [ 14.322911] __asan_report_load4_noabort+0x18/0x20 [ 14.322933] kasan_atomics_helper+0x4a02/0x5450 [ 14.322958] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.322982] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.323005] ? kasan_atomics+0x152/0x310 [ 14.323030] kasan_atomics+0x1dc/0x310 [ 14.323050] ? __pfx_kasan_atomics+0x10/0x10 [ 14.323072] ? __pfx_read_tsc+0x10/0x10 [ 14.323094] ? ktime_get_ts64+0x86/0x230 [ 14.323120] kunit_try_run_case+0x1a5/0x480 [ 14.323146] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323171] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.323197] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.323222] ? __kthread_parkme+0x82/0x180 [ 14.323258] ? preempt_count_sub+0x50/0x80 [ 14.323285] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.323310] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.323333] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.323359] kthread+0x337/0x6f0 [ 14.323377] ? trace_preempt_on+0x20/0xc0 [ 14.323403] ? __pfx_kthread+0x10/0x10 [ 14.323422] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.323446] ? calculate_sigpending+0x7b/0xa0 [ 14.323469] ? __pfx_kthread+0x10/0x10 [ 14.323489] ret_from_fork+0x41/0x80 [ 14.323510] ? __pfx_kthread+0x10/0x10 [ 14.323530] ret_from_fork_asm+0x1a/0x30 [ 14.323561] </TASK> [ 14.323573] [ 14.330672] Allocated by task 284: [ 14.330858] kasan_save_stack+0x45/0x70 [ 14.331062] kasan_save_track+0x18/0x40 [ 14.331269] kasan_save_alloc_info+0x3b/0x50 [ 14.331478] __kasan_kmalloc+0xb7/0xc0 [ 14.331693] __kmalloc_cache_noprof+0x189/0x420 [ 14.331861] kasan_atomics+0x95/0x310 [ 14.331990] kunit_try_run_case+0x1a5/0x480 [ 14.332137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.332323] kthread+0x337/0x6f0 [ 14.332459] ret_from_fork+0x41/0x80 [ 14.332646] ret_from_fork_asm+0x1a/0x30 [ 14.332852] [ 14.332949] The buggy address belongs to the object at ffff8881039f4880 [ 14.332949] which belongs to the cache kmalloc-64 of size 64 [ 14.333504] The buggy address is located 0 bytes to the right of [ 14.333504] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.334045] [ 14.334149] The buggy address belongs to the physical page: [ 14.334369] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.334757] flags: 0x200000000000000(node=0|zone=2) [ 14.334971] page_type: f5(slab) [ 14.335146] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.335472] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.335816] page dumped because: kasan: bad access detected [ 14.336039] [ 14.336136] Memory state around the buggy address: [ 14.336357] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.336645] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.336933] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.337221] ^ [ 14.337430] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.337763] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.338028] ================================================================== [ 13.882728] ================================================================== [ 13.883206] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x697/0x5450 [ 13.883683] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.884146] [ 13.884343] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.884417] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.884431] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.884453] Call Trace: [ 13.884469] <TASK> [ 13.884523] dump_stack_lvl+0x73/0xb0 [ 13.884549] print_report+0xd1/0x650 [ 13.884572] ? __virt_addr_valid+0x1db/0x2d0 [ 13.884601] ? kasan_atomics_helper+0x697/0x5450 [ 13.884624] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.884657] ? kasan_atomics_helper+0x697/0x5450 [ 13.884682] kasan_report+0x141/0x180 [ 13.884707] ? kasan_atomics_helper+0x697/0x5450 [ 13.884736] kasan_check_range+0x10c/0x1c0 [ 13.884757] __kasan_check_write+0x18/0x20 [ 13.884777] kasan_atomics_helper+0x697/0x5450 [ 13.884802] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.884825] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.884850] ? kasan_atomics+0x152/0x310 [ 13.884874] kasan_atomics+0x1dc/0x310 [ 13.884895] ? __pfx_kasan_atomics+0x10/0x10 [ 13.884917] ? __pfx_read_tsc+0x10/0x10 [ 13.884938] ? ktime_get_ts64+0x86/0x230 [ 13.884964] kunit_try_run_case+0x1a5/0x480 [ 13.884990] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.885014] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.885039] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.885064] ? __kthread_parkme+0x82/0x180 [ 13.885087] ? preempt_count_sub+0x50/0x80 [ 13.885113] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.885139] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.885164] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.885189] kthread+0x337/0x6f0 [ 13.885207] ? trace_preempt_on+0x20/0xc0 [ 13.885240] ? __pfx_kthread+0x10/0x10 [ 13.885260] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.885311] ? calculate_sigpending+0x7b/0xa0 [ 13.885335] ? __pfx_kthread+0x10/0x10 [ 13.885355] ret_from_fork+0x41/0x80 [ 13.885387] ? __pfx_kthread+0x10/0x10 [ 13.885407] ret_from_fork_asm+0x1a/0x30 [ 13.885438] </TASK> [ 13.885448] [ 13.895179] Allocated by task 284: [ 13.895533] kasan_save_stack+0x45/0x70 [ 13.895856] kasan_save_track+0x18/0x40 [ 13.896032] kasan_save_alloc_info+0x3b/0x50 [ 13.896175] __kasan_kmalloc+0xb7/0xc0 [ 13.896318] __kmalloc_cache_noprof+0x189/0x420 [ 13.896469] kasan_atomics+0x95/0x310 [ 13.896852] kunit_try_run_case+0x1a5/0x480 [ 13.897400] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.897951] kthread+0x337/0x6f0 [ 13.898203] ret_from_fork+0x41/0x80 [ 13.898697] ret_from_fork_asm+0x1a/0x30 [ 13.898915] [ 13.899063] The buggy address belongs to the object at ffff8881039f4880 [ 13.899063] which belongs to the cache kmalloc-64 of size 64 [ 13.899815] The buggy address is located 0 bytes to the right of [ 13.899815] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.900170] [ 13.900603] The buggy address belongs to the physical page: [ 13.901189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.901923] flags: 0x200000000000000(node=0|zone=2) [ 13.902161] page_type: f5(slab) [ 13.902361] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.903215] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.903788] page dumped because: kasan: bad access detected [ 13.904267] [ 13.904697] Memory state around the buggy address: [ 13.905072] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.905974] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.906444] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.907101] ^ [ 13.907377] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.907705] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.907996] ================================================================== [ 14.363472] ================================================================== [ 14.364173] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49e8/0x5450 [ 14.364891] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.365567] [ 14.365792] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.365852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.365865] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.365890] Call Trace: [ 14.365909] <TASK> [ 14.365941] dump_stack_lvl+0x73/0xb0 [ 14.365973] print_report+0xd1/0x650 [ 14.365999] ? __virt_addr_valid+0x1db/0x2d0 [ 14.366022] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.366046] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.366071] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.366095] kasan_report+0x141/0x180 [ 14.366119] ? kasan_atomics_helper+0x49e8/0x5450 [ 14.366147] __asan_report_load4_noabort+0x18/0x20 [ 14.366169] kasan_atomics_helper+0x49e8/0x5450 [ 14.366194] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.366218] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.366251] ? kasan_atomics+0x152/0x310 [ 14.366275] kasan_atomics+0x1dc/0x310 [ 14.366296] ? __pfx_kasan_atomics+0x10/0x10 [ 14.366317] ? __pfx_read_tsc+0x10/0x10 [ 14.366340] ? ktime_get_ts64+0x86/0x230 [ 14.366366] kunit_try_run_case+0x1a5/0x480 [ 14.366392] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366415] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.366441] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.366466] ? __kthread_parkme+0x82/0x180 [ 14.366489] ? preempt_count_sub+0x50/0x80 [ 14.366516] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.366541] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.366566] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.366590] kthread+0x337/0x6f0 [ 14.366608] ? trace_preempt_on+0x20/0xc0 [ 14.366653] ? __pfx_kthread+0x10/0x10 [ 14.366673] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.366696] ? calculate_sigpending+0x7b/0xa0 [ 14.366720] ? __pfx_kthread+0x10/0x10 [ 14.366740] ret_from_fork+0x41/0x80 [ 14.366762] ? __pfx_kthread+0x10/0x10 [ 14.366781] ret_from_fork_asm+0x1a/0x30 [ 14.366813] </TASK> [ 14.366825] [ 14.379222] Allocated by task 284: [ 14.379568] kasan_save_stack+0x45/0x70 [ 14.380097] kasan_save_track+0x18/0x40 [ 14.380392] kasan_save_alloc_info+0x3b/0x50 [ 14.380602] __kasan_kmalloc+0xb7/0xc0 [ 14.381019] __kmalloc_cache_noprof+0x189/0x420 [ 14.381354] kasan_atomics+0x95/0x310 [ 14.381487] kunit_try_run_case+0x1a5/0x480 [ 14.381642] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.381819] kthread+0x337/0x6f0 [ 14.381939] ret_from_fork+0x41/0x80 [ 14.382076] ret_from_fork_asm+0x1a/0x30 [ 14.382217] [ 14.382305] The buggy address belongs to the object at ffff8881039f4880 [ 14.382305] which belongs to the cache kmalloc-64 of size 64 [ 14.382811] The buggy address is located 0 bytes to the right of [ 14.382811] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.383349] [ 14.383535] The buggy address belongs to the physical page: [ 14.383788] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.384036] flags: 0x200000000000000(node=0|zone=2) [ 14.384386] page_type: f5(slab) [ 14.384572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.385049] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.385330] page dumped because: kasan: bad access detected [ 14.385613] [ 14.385744] Memory state around the buggy address: [ 14.385970] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.386299] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.386614] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.386953] ^ [ 14.387159] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387446] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.387696] ================================================================== [ 14.599692] ================================================================== [ 14.600330] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1818/0x5450 [ 14.600580] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.601113] [ 14.601235] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.601282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.601295] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.601328] Call Trace: [ 14.601344] <TASK> [ 14.601362] dump_stack_lvl+0x73/0xb0 [ 14.601388] print_report+0xd1/0x650 [ 14.601423] ? __virt_addr_valid+0x1db/0x2d0 [ 14.601445] ? kasan_atomics_helper+0x1818/0x5450 [ 14.601469] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.601492] ? kasan_atomics_helper+0x1818/0x5450 [ 14.601517] kasan_report+0x141/0x180 [ 14.601541] ? kasan_atomics_helper+0x1818/0x5450 [ 14.601573] kasan_check_range+0x10c/0x1c0 [ 14.601594] __kasan_check_write+0x18/0x20 [ 14.601616] kasan_atomics_helper+0x1818/0x5450 [ 14.601641] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.601665] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.601687] ? kasan_atomics+0x152/0x310 [ 14.601721] kasan_atomics+0x1dc/0x310 [ 14.601741] ? __pfx_kasan_atomics+0x10/0x10 [ 14.601764] ? __pfx_read_tsc+0x10/0x10 [ 14.601796] ? ktime_get_ts64+0x86/0x230 [ 14.601822] kunit_try_run_case+0x1a5/0x480 [ 14.601847] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601870] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.601896] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.601922] ? __kthread_parkme+0x82/0x180 [ 14.601945] ? preempt_count_sub+0x50/0x80 [ 14.601972] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.601997] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.602021] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.602045] kthread+0x337/0x6f0 [ 14.602064] ? trace_preempt_on+0x20/0xc0 [ 14.602089] ? __pfx_kthread+0x10/0x10 [ 14.602108] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.602131] ? calculate_sigpending+0x7b/0xa0 [ 14.602154] ? __pfx_kthread+0x10/0x10 [ 14.602174] ret_from_fork+0x41/0x80 [ 14.602195] ? __pfx_kthread+0x10/0x10 [ 14.602217] ret_from_fork_asm+0x1a/0x30 [ 14.602256] </TASK> [ 14.602267] [ 14.610193] Allocated by task 284: [ 14.610422] kasan_save_stack+0x45/0x70 [ 14.610633] kasan_save_track+0x18/0x40 [ 14.610853] kasan_save_alloc_info+0x3b/0x50 [ 14.611063] __kasan_kmalloc+0xb7/0xc0 [ 14.611284] __kmalloc_cache_noprof+0x189/0x420 [ 14.611462] kasan_atomics+0x95/0x310 [ 14.611595] kunit_try_run_case+0x1a5/0x480 [ 14.611744] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.612112] kthread+0x337/0x6f0 [ 14.612317] ret_from_fork+0x41/0x80 [ 14.612508] ret_from_fork_asm+0x1a/0x30 [ 14.612707] [ 14.612807] The buggy address belongs to the object at ffff8881039f4880 [ 14.612807] which belongs to the cache kmalloc-64 of size 64 [ 14.613232] The buggy address is located 0 bytes to the right of [ 14.613232] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.613826] [ 14.613924] The buggy address belongs to the physical page: [ 14.614179] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.614531] flags: 0x200000000000000(node=0|zone=2) [ 14.614767] page_type: f5(slab) [ 14.614927] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.615241] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.615539] page dumped because: kasan: bad access detected [ 14.615775] [ 14.615847] Memory state around the buggy address: [ 14.616074] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.616367] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.616638] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.616993] ^ [ 14.617217] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617552] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.617868] ================================================================== [ 13.702965] ================================================================== [ 13.703288] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b88/0x5450 [ 13.703725] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.704013] [ 13.704143] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.704188] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.704200] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.704222] Call Trace: [ 13.704247] <TASK> [ 13.704261] dump_stack_lvl+0x73/0xb0 [ 13.704284] print_report+0xd1/0x650 [ 13.704308] ? __virt_addr_valid+0x1db/0x2d0 [ 13.704329] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.704352] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.704375] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.704397] kasan_report+0x141/0x180 [ 13.704430] ? kasan_atomics_helper+0x4b88/0x5450 [ 13.704457] __asan_report_load4_noabort+0x18/0x20 [ 13.704480] kasan_atomics_helper+0x4b88/0x5450 [ 13.704622] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.704715] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.704764] ? kasan_atomics+0x152/0x310 [ 13.704790] kasan_atomics+0x1dc/0x310 [ 13.704811] ? __pfx_kasan_atomics+0x10/0x10 [ 13.704834] ? __pfx_read_tsc+0x10/0x10 [ 13.704855] ? ktime_get_ts64+0x86/0x230 [ 13.704881] kunit_try_run_case+0x1a5/0x480 [ 13.704907] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.704931] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.704955] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.704981] ? __kthread_parkme+0x82/0x180 [ 13.705004] ? preempt_count_sub+0x50/0x80 [ 13.705032] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.705060] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.705086] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.705111] kthread+0x337/0x6f0 [ 13.705131] ? trace_preempt_on+0x20/0xc0 [ 13.705156] ? __pfx_kthread+0x10/0x10 [ 13.705178] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.705203] ? calculate_sigpending+0x7b/0xa0 [ 13.705242] ? __pfx_kthread+0x10/0x10 [ 13.705264] ret_from_fork+0x41/0x80 [ 13.705334] ? __pfx_kthread+0x10/0x10 [ 13.705357] ret_from_fork_asm+0x1a/0x30 [ 13.705389] </TASK> [ 13.705402] [ 13.714378] Allocated by task 284: [ 13.714632] kasan_save_stack+0x45/0x70 [ 13.714843] kasan_save_track+0x18/0x40 [ 13.715037] kasan_save_alloc_info+0x3b/0x50 [ 13.715257] __kasan_kmalloc+0xb7/0xc0 [ 13.715434] __kmalloc_cache_noprof+0x189/0x420 [ 13.715751] kasan_atomics+0x95/0x310 [ 13.715919] kunit_try_run_case+0x1a5/0x480 [ 13.716132] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.716564] kthread+0x337/0x6f0 [ 13.716767] ret_from_fork+0x41/0x80 [ 13.716938] ret_from_fork_asm+0x1a/0x30 [ 13.717145] [ 13.717219] The buggy address belongs to the object at ffff8881039f4880 [ 13.717219] which belongs to the cache kmalloc-64 of size 64 [ 13.717594] The buggy address is located 0 bytes to the right of [ 13.717594] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.718596] [ 13.718753] The buggy address belongs to the physical page: [ 13.718932] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.719224] flags: 0x200000000000000(node=0|zone=2) [ 13.719788] page_type: f5(slab) [ 13.719981] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.720309] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.720595] page dumped because: kasan: bad access detected [ 13.721091] [ 13.721199] Memory state around the buggy address: [ 13.721615] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.721986] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.722206] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.722602] ^ [ 13.722805] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723171] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.723409] ================================================================== [ 13.996062] ================================================================== [ 13.996747] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x992/0x5450 [ 13.997168] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.997669] [ 13.997886] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.997936] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.997950] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.997972] Call Trace: [ 13.997986] <TASK> [ 13.998095] dump_stack_lvl+0x73/0xb0 [ 13.998127] print_report+0xd1/0x650 [ 13.998151] ? __virt_addr_valid+0x1db/0x2d0 [ 13.998174] ? kasan_atomics_helper+0x992/0x5450 [ 13.998196] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.998220] ? kasan_atomics_helper+0x992/0x5450 [ 13.998253] kasan_report+0x141/0x180 [ 13.998278] ? kasan_atomics_helper+0x992/0x5450 [ 13.998307] kasan_check_range+0x10c/0x1c0 [ 13.998328] __kasan_check_write+0x18/0x20 [ 13.998350] kasan_atomics_helper+0x992/0x5450 [ 13.998376] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.998399] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.998425] ? kasan_atomics+0x152/0x310 [ 13.998449] kasan_atomics+0x1dc/0x310 [ 13.998470] ? __pfx_kasan_atomics+0x10/0x10 [ 13.998492] ? __pfx_read_tsc+0x10/0x10 [ 13.998513] ? ktime_get_ts64+0x86/0x230 [ 13.998540] kunit_try_run_case+0x1a5/0x480 [ 13.998566] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998590] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.998614] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.998664] ? __kthread_parkme+0x82/0x180 [ 13.998688] ? preempt_count_sub+0x50/0x80 [ 13.998714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.998740] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.998765] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.998790] kthread+0x337/0x6f0 [ 13.998808] ? trace_preempt_on+0x20/0xc0 [ 13.998833] ? __pfx_kthread+0x10/0x10 [ 13.998853] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.998876] ? calculate_sigpending+0x7b/0xa0 [ 13.998900] ? __pfx_kthread+0x10/0x10 [ 13.998921] ret_from_fork+0x41/0x80 [ 13.998943] ? __pfx_kthread+0x10/0x10 [ 13.998963] ret_from_fork_asm+0x1a/0x30 [ 13.998995] </TASK> [ 13.999007] [ 14.009520] Allocated by task 284: [ 14.009869] kasan_save_stack+0x45/0x70 [ 14.010158] kasan_save_track+0x18/0x40 [ 14.010327] kasan_save_alloc_info+0x3b/0x50 [ 14.010669] __kasan_kmalloc+0xb7/0xc0 [ 14.010944] __kmalloc_cache_noprof+0x189/0x420 [ 14.011266] kasan_atomics+0x95/0x310 [ 14.011451] kunit_try_run_case+0x1a5/0x480 [ 14.011788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.012128] kthread+0x337/0x6f0 [ 14.012402] ret_from_fork+0x41/0x80 [ 14.012556] ret_from_fork_asm+0x1a/0x30 [ 14.012931] [ 14.013017] The buggy address belongs to the object at ffff8881039f4880 [ 14.013017] which belongs to the cache kmalloc-64 of size 64 [ 14.013583] The buggy address is located 0 bytes to the right of [ 14.013583] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.014449] [ 14.014559] The buggy address belongs to the physical page: [ 14.014954] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.015392] flags: 0x200000000000000(node=0|zone=2) [ 14.015631] page_type: f5(slab) [ 14.015963] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.016393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.016828] page dumped because: kasan: bad access detected [ 14.017063] [ 14.017309] Memory state around the buggy address: [ 14.017517] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.018034] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.018455] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.018930] ^ [ 14.019265] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.019684] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.020126] ================================================================== [ 14.124431] ================================================================== [ 14.124732] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xd47/0x5450 [ 14.125553] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.126029] [ 14.126210] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.126335] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.126350] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.126430] Call Trace: [ 14.126448] <TASK> [ 14.126466] dump_stack_lvl+0x73/0xb0 [ 14.126492] print_report+0xd1/0x650 [ 14.126516] ? __virt_addr_valid+0x1db/0x2d0 [ 14.126538] ? kasan_atomics_helper+0xd47/0x5450 [ 14.126561] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.126586] ? kasan_atomics_helper+0xd47/0x5450 [ 14.126609] kasan_report+0x141/0x180 [ 14.126633] ? kasan_atomics_helper+0xd47/0x5450 [ 14.126661] kasan_check_range+0x10c/0x1c0 [ 14.126683] __kasan_check_write+0x18/0x20 [ 14.126704] kasan_atomics_helper+0xd47/0x5450 [ 14.126728] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.126753] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.126776] ? kasan_atomics+0x152/0x310 [ 14.126800] kasan_atomics+0x1dc/0x310 [ 14.126821] ? __pfx_kasan_atomics+0x10/0x10 [ 14.126844] ? __pfx_read_tsc+0x10/0x10 [ 14.126864] ? ktime_get_ts64+0x86/0x230 [ 14.126890] kunit_try_run_case+0x1a5/0x480 [ 14.126915] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.126938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.126963] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.126988] ? __kthread_parkme+0x82/0x180 [ 14.127010] ? preempt_count_sub+0x50/0x80 [ 14.127036] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.127061] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.127085] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.127110] kthread+0x337/0x6f0 [ 14.127129] ? trace_preempt_on+0x20/0xc0 [ 14.127153] ? __pfx_kthread+0x10/0x10 [ 14.127172] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.127195] ? calculate_sigpending+0x7b/0xa0 [ 14.127217] ? __pfx_kthread+0x10/0x10 [ 14.127250] ret_from_fork+0x41/0x80 [ 14.127272] ? __pfx_kthread+0x10/0x10 [ 14.127292] ret_from_fork_asm+0x1a/0x30 [ 14.127323] </TASK> [ 14.127334] [ 14.137192] Allocated by task 284: [ 14.137365] kasan_save_stack+0x45/0x70 [ 14.137744] kasan_save_track+0x18/0x40 [ 14.137927] kasan_save_alloc_info+0x3b/0x50 [ 14.138282] __kasan_kmalloc+0xb7/0xc0 [ 14.138534] __kmalloc_cache_noprof+0x189/0x420 [ 14.138755] kasan_atomics+0x95/0x310 [ 14.138948] kunit_try_run_case+0x1a5/0x480 [ 14.139297] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.139629] kthread+0x337/0x6f0 [ 14.139845] ret_from_fork+0x41/0x80 [ 14.140036] ret_from_fork_asm+0x1a/0x30 [ 14.140296] [ 14.140401] The buggy address belongs to the object at ffff8881039f4880 [ 14.140401] which belongs to the cache kmalloc-64 of size 64 [ 14.141097] The buggy address is located 0 bytes to the right of [ 14.141097] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.141659] [ 14.141840] The buggy address belongs to the physical page: [ 14.142205] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.142626] flags: 0x200000000000000(node=0|zone=2) [ 14.142826] page_type: f5(slab) [ 14.143109] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.143496] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.143840] page dumped because: kasan: bad access detected [ 14.144124] [ 14.144224] Memory state around the buggy address: [ 14.144424] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.144962] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.145331] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.145747] ^ [ 14.146045] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146427] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.146870] ================================================================== [ 14.644483] ================================================================== [ 14.645174] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x194a/0x5450 [ 14.645905] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.646578] [ 14.646802] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.646853] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.646867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.646891] Call Trace: [ 14.646922] <TASK> [ 14.646944] dump_stack_lvl+0x73/0xb0 [ 14.646972] print_report+0xd1/0x650 [ 14.647010] ? __virt_addr_valid+0x1db/0x2d0 [ 14.647034] ? kasan_atomics_helper+0x194a/0x5450 [ 14.647058] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.647084] ? kasan_atomics_helper+0x194a/0x5450 [ 14.647108] kasan_report+0x141/0x180 [ 14.647132] ? kasan_atomics_helper+0x194a/0x5450 [ 14.647160] kasan_check_range+0x10c/0x1c0 [ 14.647182] __kasan_check_write+0x18/0x20 [ 14.647203] kasan_atomics_helper+0x194a/0x5450 [ 14.647236] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.647260] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.647284] ? kasan_atomics+0x152/0x310 [ 14.647309] kasan_atomics+0x1dc/0x310 [ 14.647331] ? __pfx_kasan_atomics+0x10/0x10 [ 14.647356] ? __pfx_read_tsc+0x10/0x10 [ 14.647378] ? ktime_get_ts64+0x86/0x230 [ 14.647405] kunit_try_run_case+0x1a5/0x480 [ 14.647432] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.647480] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.647506] ? __kthread_parkme+0x82/0x180 [ 14.647530] ? preempt_count_sub+0x50/0x80 [ 14.647556] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.647581] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.647605] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.647649] kthread+0x337/0x6f0 [ 14.647668] ? trace_preempt_on+0x20/0xc0 [ 14.647693] ? __pfx_kthread+0x10/0x10 [ 14.647713] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.647736] ? calculate_sigpending+0x7b/0xa0 [ 14.647759] ? __pfx_kthread+0x10/0x10 [ 14.647779] ret_from_fork+0x41/0x80 [ 14.647800] ? __pfx_kthread+0x10/0x10 [ 14.647819] ret_from_fork_asm+0x1a/0x30 [ 14.647852] </TASK> [ 14.647864] [ 14.656521] Allocated by task 284: [ 14.656737] kasan_save_stack+0x45/0x70 [ 14.656944] kasan_save_track+0x18/0x40 [ 14.657116] kasan_save_alloc_info+0x3b/0x50 [ 14.657350] __kasan_kmalloc+0xb7/0xc0 [ 14.657485] __kmalloc_cache_noprof+0x189/0x420 [ 14.657673] kasan_atomics+0x95/0x310 [ 14.657808] kunit_try_run_case+0x1a5/0x480 [ 14.658049] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.658313] kthread+0x337/0x6f0 [ 14.658481] ret_from_fork+0x41/0x80 [ 14.658694] ret_from_fork_asm+0x1a/0x30 [ 14.658895] [ 14.658996] The buggy address belongs to the object at ffff8881039f4880 [ 14.658996] which belongs to the cache kmalloc-64 of size 64 [ 14.659479] The buggy address is located 0 bytes to the right of [ 14.659479] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.660014] [ 14.660090] The buggy address belongs to the physical page: [ 14.660353] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.660735] flags: 0x200000000000000(node=0|zone=2) [ 14.660954] page_type: f5(slab) [ 14.661144] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.661480] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.661823] page dumped because: kasan: bad access detected [ 14.662079] [ 14.662176] Memory state around the buggy address: [ 14.662395] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.662727] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.663034] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.663299] ^ [ 14.663458] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.663726] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.664058] ================================================================== [ 14.542850] ================================================================== [ 14.543335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x164f/0x5450 [ 14.543742] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.544064] [ 14.544165] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.544212] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.544238] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.544262] Call Trace: [ 14.544283] <TASK> [ 14.544302] dump_stack_lvl+0x73/0xb0 [ 14.544329] print_report+0xd1/0x650 [ 14.544353] ? __virt_addr_valid+0x1db/0x2d0 [ 14.544377] ? kasan_atomics_helper+0x164f/0x5450 [ 14.544400] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.544424] ? kasan_atomics_helper+0x164f/0x5450 [ 14.544450] kasan_report+0x141/0x180 [ 14.544473] ? kasan_atomics_helper+0x164f/0x5450 [ 14.544501] kasan_check_range+0x10c/0x1c0 [ 14.544523] __kasan_check_write+0x18/0x20 [ 14.544544] kasan_atomics_helper+0x164f/0x5450 [ 14.544568] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.544593] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.544617] ? kasan_atomics+0x152/0x310 [ 14.544642] kasan_atomics+0x1dc/0x310 [ 14.544664] ? __pfx_kasan_atomics+0x10/0x10 [ 14.544688] ? __pfx_read_tsc+0x10/0x10 [ 14.544709] ? ktime_get_ts64+0x86/0x230 [ 14.544735] kunit_try_run_case+0x1a5/0x480 [ 14.544761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544786] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.544811] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.544837] ? __kthread_parkme+0x82/0x180 [ 14.544861] ? preempt_count_sub+0x50/0x80 [ 14.544887] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.544912] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.544937] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.544963] kthread+0x337/0x6f0 [ 14.544981] ? trace_preempt_on+0x20/0xc0 [ 14.545006] ? __pfx_kthread+0x10/0x10 [ 14.545026] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.545052] ? calculate_sigpending+0x7b/0xa0 [ 14.545075] ? __pfx_kthread+0x10/0x10 [ 14.545095] ret_from_fork+0x41/0x80 [ 14.545129] ? __pfx_kthread+0x10/0x10 [ 14.545149] ret_from_fork_asm+0x1a/0x30 [ 14.545181] </TASK> [ 14.545205] [ 14.552893] Allocated by task 284: [ 14.553085] kasan_save_stack+0x45/0x70 [ 14.553363] kasan_save_track+0x18/0x40 [ 14.553500] kasan_save_alloc_info+0x3b/0x50 [ 14.553655] __kasan_kmalloc+0xb7/0xc0 [ 14.553789] __kmalloc_cache_noprof+0x189/0x420 [ 14.553942] kasan_atomics+0x95/0x310 [ 14.554073] kunit_try_run_case+0x1a5/0x480 [ 14.554220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.554485] kthread+0x337/0x6f0 [ 14.554666] ret_from_fork+0x41/0x80 [ 14.554858] ret_from_fork_asm+0x1a/0x30 [ 14.555060] [ 14.555159] The buggy address belongs to the object at ffff8881039f4880 [ 14.555159] which belongs to the cache kmalloc-64 of size 64 [ 14.555834] The buggy address is located 0 bytes to the right of [ 14.555834] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.556429] [ 14.556556] The buggy address belongs to the physical page: [ 14.556815] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.557058] flags: 0x200000000000000(node=0|zone=2) [ 14.557233] page_type: f5(slab) [ 14.557384] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.557877] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.558218] page dumped because: kasan: bad access detected [ 14.558476] [ 14.558598] Memory state around the buggy address: [ 14.558797] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559105] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.559412] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.559756] ^ [ 14.559993] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560307] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.560594] ================================================================== [ 13.671766] ================================================================== [ 13.672475] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4ba2/0x5450 [ 13.672856] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.673338] [ 13.673523] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.673637] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.673661] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.673683] Call Trace: [ 13.673694] <TASK> [ 13.673715] dump_stack_lvl+0x73/0xb0 [ 13.673740] print_report+0xd1/0x650 [ 13.673763] ? __virt_addr_valid+0x1db/0x2d0 [ 13.673784] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.673806] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.673829] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.673853] kasan_report+0x141/0x180 [ 13.673876] ? kasan_atomics_helper+0x4ba2/0x5450 [ 13.673903] __asan_report_store4_noabort+0x1b/0x30 [ 13.673924] kasan_atomics_helper+0x4ba2/0x5450 [ 13.673948] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.673972] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.673994] ? kasan_atomics+0x152/0x310 [ 13.674017] kasan_atomics+0x1dc/0x310 [ 13.674037] ? __pfx_kasan_atomics+0x10/0x10 [ 13.674058] ? __pfx_read_tsc+0x10/0x10 [ 13.674077] ? ktime_get_ts64+0x86/0x230 [ 13.674102] kunit_try_run_case+0x1a5/0x480 [ 13.674127] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.674149] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.674173] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.674197] ? __kthread_parkme+0x82/0x180 [ 13.674219] ? preempt_count_sub+0x50/0x80 [ 13.674253] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.674395] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.674429] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.674453] kthread+0x337/0x6f0 [ 13.674470] ? trace_preempt_on+0x20/0xc0 [ 13.674494] ? __pfx_kthread+0x10/0x10 [ 13.674513] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.674535] ? calculate_sigpending+0x7b/0xa0 [ 13.674557] ? __pfx_kthread+0x10/0x10 [ 13.674576] ret_from_fork+0x41/0x80 [ 13.674597] ? __pfx_kthread+0x10/0x10 [ 13.674616] ret_from_fork_asm+0x1a/0x30 [ 13.674646] </TASK> [ 13.674657] [ 13.688472] Allocated by task 284: [ 13.688896] kasan_save_stack+0x45/0x70 [ 13.689356] kasan_save_track+0x18/0x40 [ 13.689665] kasan_save_alloc_info+0x3b/0x50 [ 13.689975] __kasan_kmalloc+0xb7/0xc0 [ 13.690112] __kmalloc_cache_noprof+0x189/0x420 [ 13.690329] kasan_atomics+0x95/0x310 [ 13.690712] kunit_try_run_case+0x1a5/0x480 [ 13.691273] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.691960] kthread+0x337/0x6f0 [ 13.692335] ret_from_fork+0x41/0x80 [ 13.692563] ret_from_fork_asm+0x1a/0x30 [ 13.692816] [ 13.692996] The buggy address belongs to the object at ffff8881039f4880 [ 13.692996] which belongs to the cache kmalloc-64 of size 64 [ 13.694134] The buggy address is located 0 bytes to the right of [ 13.694134] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.694983] [ 13.695101] The buggy address belongs to the physical page: [ 13.695758] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.696522] flags: 0x200000000000000(node=0|zone=2) [ 13.696713] page_type: f5(slab) [ 13.697030] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.698000] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.698246] page dumped because: kasan: bad access detected [ 13.698934] [ 13.699127] Memory state around the buggy address: [ 13.699702] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.700376] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.700746] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.701076] ^ [ 13.701310] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.701653] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.701999] ================================================================== [ 13.839400] ================================================================== [ 13.839960] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x565/0x5450 [ 13.840344] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.840627] [ 13.840887] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.840949] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.840963] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.840986] Call Trace: [ 13.840999] <TASK> [ 13.841014] dump_stack_lvl+0x73/0xb0 [ 13.841041] print_report+0xd1/0x650 [ 13.841065] ? __virt_addr_valid+0x1db/0x2d0 [ 13.841088] ? kasan_atomics_helper+0x565/0x5450 [ 13.841111] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.841137] ? kasan_atomics_helper+0x565/0x5450 [ 13.841161] kasan_report+0x141/0x180 [ 13.841214] ? kasan_atomics_helper+0x565/0x5450 [ 13.841259] kasan_check_range+0x10c/0x1c0 [ 13.841297] __kasan_check_write+0x18/0x20 [ 13.841372] kasan_atomics_helper+0x565/0x5450 [ 13.841414] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.841438] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.841462] ? kasan_atomics+0x152/0x310 [ 13.841487] kasan_atomics+0x1dc/0x310 [ 13.841507] ? __pfx_kasan_atomics+0x10/0x10 [ 13.841530] ? __pfx_read_tsc+0x10/0x10 [ 13.841556] ? ktime_get_ts64+0x86/0x230 [ 13.841582] kunit_try_run_case+0x1a5/0x480 [ 13.841606] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.841630] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.841663] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.841689] ? __kthread_parkme+0x82/0x180 [ 13.841713] ? preempt_count_sub+0x50/0x80 [ 13.841739] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.841764] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.841788] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.841813] kthread+0x337/0x6f0 [ 13.841831] ? trace_preempt_on+0x20/0xc0 [ 13.841856] ? __pfx_kthread+0x10/0x10 [ 13.841875] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.841900] ? calculate_sigpending+0x7b/0xa0 [ 13.841923] ? __pfx_kthread+0x10/0x10 [ 13.841943] ret_from_fork+0x41/0x80 [ 13.841965] ? __pfx_kthread+0x10/0x10 [ 13.841984] ret_from_fork_asm+0x1a/0x30 [ 13.842015] </TASK> [ 13.842027] [ 13.851393] Allocated by task 284: [ 13.851587] kasan_save_stack+0x45/0x70 [ 13.851736] kasan_save_track+0x18/0x40 [ 13.851998] kasan_save_alloc_info+0x3b/0x50 [ 13.852140] __kasan_kmalloc+0xb7/0xc0 [ 13.852566] __kmalloc_cache_noprof+0x189/0x420 [ 13.852770] kasan_atomics+0x95/0x310 [ 13.852899] kunit_try_run_case+0x1a5/0x480 [ 13.853041] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.853211] kthread+0x337/0x6f0 [ 13.853338] ret_from_fork+0x41/0x80 [ 13.853465] ret_from_fork_asm+0x1a/0x30 [ 13.853685] [ 13.853790] The buggy address belongs to the object at ffff8881039f4880 [ 13.853790] which belongs to the cache kmalloc-64 of size 64 [ 13.854534] The buggy address is located 0 bytes to the right of [ 13.854534] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.855378] [ 13.855515] The buggy address belongs to the physical page: [ 13.855866] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.856213] flags: 0x200000000000000(node=0|zone=2) [ 13.856543] page_type: f5(slab) [ 13.856844] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.857166] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.857403] page dumped because: kasan: bad access detected [ 13.857578] [ 13.857678] Memory state around the buggy address: [ 13.857979] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.858352] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.858876] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.859337] ^ [ 13.859554] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.859996] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.860395] ================================================================== [ 13.791799] ================================================================== [ 13.792532] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a0/0x5450 [ 13.793029] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.793508] [ 13.793626] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.793726] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.793739] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.793846] Call Trace: [ 13.793881] <TASK> [ 13.793898] dump_stack_lvl+0x73/0xb0 [ 13.793925] print_report+0xd1/0x650 [ 13.793950] ? __virt_addr_valid+0x1db/0x2d0 [ 13.793973] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.793996] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.794020] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.794044] kasan_report+0x141/0x180 [ 13.794068] ? kasan_atomics_helper+0x4a0/0x5450 [ 13.794097] kasan_check_range+0x10c/0x1c0 [ 13.794119] __kasan_check_write+0x18/0x20 [ 13.794141] kasan_atomics_helper+0x4a0/0x5450 [ 13.794205] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.794252] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.794367] ? kasan_atomics+0x152/0x310 [ 13.794399] kasan_atomics+0x1dc/0x310 [ 13.794557] ? __pfx_kasan_atomics+0x10/0x10 [ 13.794586] ? __pfx_read_tsc+0x10/0x10 [ 13.794606] ? ktime_get_ts64+0x86/0x230 [ 13.794633] kunit_try_run_case+0x1a5/0x480 [ 13.794668] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.794692] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.794718] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.794743] ? __kthread_parkme+0x82/0x180 [ 13.794765] ? preempt_count_sub+0x50/0x80 [ 13.794792] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.794817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.794840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.794866] kthread+0x337/0x6f0 [ 13.794885] ? trace_preempt_on+0x20/0xc0 [ 13.794910] ? __pfx_kthread+0x10/0x10 [ 13.794930] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.794953] ? calculate_sigpending+0x7b/0xa0 [ 13.794975] ? __pfx_kthread+0x10/0x10 [ 13.794995] ret_from_fork+0x41/0x80 [ 13.795017] ? __pfx_kthread+0x10/0x10 [ 13.795037] ret_from_fork_asm+0x1a/0x30 [ 13.795070] </TASK> [ 13.795082] [ 13.805381] Allocated by task 284: [ 13.805520] kasan_save_stack+0x45/0x70 [ 13.805953] kasan_save_track+0x18/0x40 [ 13.806176] kasan_save_alloc_info+0x3b/0x50 [ 13.806605] __kasan_kmalloc+0xb7/0xc0 [ 13.806869] __kmalloc_cache_noprof+0x189/0x420 [ 13.807175] kasan_atomics+0x95/0x310 [ 13.807509] kunit_try_run_case+0x1a5/0x480 [ 13.807769] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.808017] kthread+0x337/0x6f0 [ 13.808141] ret_from_fork+0x41/0x80 [ 13.808400] ret_from_fork_asm+0x1a/0x30 [ 13.808689] [ 13.808790] The buggy address belongs to the object at ffff8881039f4880 [ 13.808790] which belongs to the cache kmalloc-64 of size 64 [ 13.809320] The buggy address is located 0 bytes to the right of [ 13.809320] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.810013] [ 13.810114] The buggy address belongs to the physical page: [ 13.810644] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.811072] flags: 0x200000000000000(node=0|zone=2) [ 13.811298] page_type: f5(slab) [ 13.811484] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.811990] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.812318] page dumped because: kasan: bad access detected [ 13.812544] [ 13.812643] Memory state around the buggy address: [ 13.812823] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.813111] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.813442] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.813840] ^ [ 13.814005] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814306] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.814852] ================================================================== [ 14.446527] ================================================================== [ 14.446884] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4eae/0x5450 [ 14.447274] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.447618] [ 14.447752] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.447812] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.447826] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.447860] Call Trace: [ 14.447881] <TASK> [ 14.447900] dump_stack_lvl+0x73/0xb0 [ 14.447927] print_report+0xd1/0x650 [ 14.447961] ? __virt_addr_valid+0x1db/0x2d0 [ 14.447985] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.448007] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.448042] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.448067] kasan_report+0x141/0x180 [ 14.448091] ? kasan_atomics_helper+0x4eae/0x5450 [ 14.448119] __asan_report_load8_noabort+0x18/0x20 [ 14.448143] kasan_atomics_helper+0x4eae/0x5450 [ 14.448167] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.448191] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.448215] ? kasan_atomics+0x152/0x310 [ 14.448252] kasan_atomics+0x1dc/0x310 [ 14.448273] ? __pfx_kasan_atomics+0x10/0x10 [ 14.448295] ? __pfx_read_tsc+0x10/0x10 [ 14.448316] ? ktime_get_ts64+0x86/0x230 [ 14.448344] kunit_try_run_case+0x1a5/0x480 [ 14.448370] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448403] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.448429] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.448465] ? __kthread_parkme+0x82/0x180 [ 14.448488] ? preempt_count_sub+0x50/0x80 [ 14.448515] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.448539] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.448572] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.448597] kthread+0x337/0x6f0 [ 14.448615] ? trace_preempt_on+0x20/0xc0 [ 14.448651] ? __pfx_kthread+0x10/0x10 [ 14.448671] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.448693] ? calculate_sigpending+0x7b/0xa0 [ 14.448716] ? __pfx_kthread+0x10/0x10 [ 14.448737] ret_from_fork+0x41/0x80 [ 14.448759] ? __pfx_kthread+0x10/0x10 [ 14.448779] ret_from_fork_asm+0x1a/0x30 [ 14.448811] </TASK> [ 14.448823] [ 14.456602] Allocated by task 284: [ 14.456814] kasan_save_stack+0x45/0x70 [ 14.456995] kasan_save_track+0x18/0x40 [ 14.457129] kasan_save_alloc_info+0x3b/0x50 [ 14.457283] __kasan_kmalloc+0xb7/0xc0 [ 14.457413] __kmalloc_cache_noprof+0x189/0x420 [ 14.457578] kasan_atomics+0x95/0x310 [ 14.457786] kunit_try_run_case+0x1a5/0x480 [ 14.457996] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.458255] kthread+0x337/0x6f0 [ 14.458421] ret_from_fork+0x41/0x80 [ 14.458790] ret_from_fork_asm+0x1a/0x30 [ 14.458983] [ 14.459053] The buggy address belongs to the object at ffff8881039f4880 [ 14.459053] which belongs to the cache kmalloc-64 of size 64 [ 14.459437] The buggy address is located 0 bytes to the right of [ 14.459437] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.460151] [ 14.460276] The buggy address belongs to the physical page: [ 14.460528] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.461017] flags: 0x200000000000000(node=0|zone=2) [ 14.461252] page_type: f5(slab) [ 14.461451] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.461788] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.462067] page dumped because: kasan: bad access detected [ 14.462254] [ 14.462326] Memory state around the buggy address: [ 14.462484] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.462702] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.463341] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.463674] ^ [ 14.464059] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.464318] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.464616] ================================================================== [ 13.860833] ================================================================== [ 13.861525] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5fe/0x5450 [ 13.861905] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.862200] [ 13.862342] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.862387] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.862430] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.862453] Call Trace: [ 13.862469] <TASK> [ 13.862486] dump_stack_lvl+0x73/0xb0 [ 13.862522] print_report+0xd1/0x650 [ 13.862546] ? __virt_addr_valid+0x1db/0x2d0 [ 13.862568] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.862618] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.862645] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.862669] kasan_report+0x141/0x180 [ 13.862715] ? kasan_atomics_helper+0x5fe/0x5450 [ 13.862744] kasan_check_range+0x10c/0x1c0 [ 13.862766] __kasan_check_write+0x18/0x20 [ 13.862814] kasan_atomics_helper+0x5fe/0x5450 [ 13.862839] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.862873] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.862897] ? kasan_atomics+0x152/0x310 [ 13.862947] kasan_atomics+0x1dc/0x310 [ 13.862969] ? __pfx_kasan_atomics+0x10/0x10 [ 13.862991] ? __pfx_read_tsc+0x10/0x10 [ 13.863023] ? ktime_get_ts64+0x86/0x230 [ 13.863049] kunit_try_run_case+0x1a5/0x480 [ 13.863100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.863124] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.863149] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.863185] ? __kthread_parkme+0x82/0x180 [ 13.863207] ? preempt_count_sub+0x50/0x80 [ 13.863267] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.863293] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.863329] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.863354] kthread+0x337/0x6f0 [ 13.863373] ? trace_preempt_on+0x20/0xc0 [ 13.863409] ? __pfx_kthread+0x10/0x10 [ 13.863429] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.863452] ? calculate_sigpending+0x7b/0xa0 [ 13.863486] ? __pfx_kthread+0x10/0x10 [ 13.863506] ret_from_fork+0x41/0x80 [ 13.863528] ? __pfx_kthread+0x10/0x10 [ 13.863548] ret_from_fork_asm+0x1a/0x30 [ 13.863590] </TASK> [ 13.863602] [ 13.873408] Allocated by task 284: [ 13.873595] kasan_save_stack+0x45/0x70 [ 13.873789] kasan_save_track+0x18/0x40 [ 13.873975] kasan_save_alloc_info+0x3b/0x50 [ 13.874203] __kasan_kmalloc+0xb7/0xc0 [ 13.874487] __kmalloc_cache_noprof+0x189/0x420 [ 13.874711] kasan_atomics+0x95/0x310 [ 13.874893] kunit_try_run_case+0x1a5/0x480 [ 13.875184] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.875481] kthread+0x337/0x6f0 [ 13.875704] ret_from_fork+0x41/0x80 [ 13.875834] ret_from_fork_asm+0x1a/0x30 [ 13.876100] [ 13.876220] The buggy address belongs to the object at ffff8881039f4880 [ 13.876220] which belongs to the cache kmalloc-64 of size 64 [ 13.876839] The buggy address is located 0 bytes to the right of [ 13.876839] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.877623] [ 13.877700] The buggy address belongs to the physical page: [ 13.877958] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.878330] flags: 0x200000000000000(node=0|zone=2) [ 13.878596] page_type: f5(slab) [ 13.878798] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.879104] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.879527] page dumped because: kasan: bad access detected [ 13.879819] [ 13.879929] Memory state around the buggy address: [ 13.880177] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.880500] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.880816] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.881056] ^ [ 13.881208] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.881427] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.881913] ================================================================== [ 14.407671] ================================================================== [ 14.408169] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x49ce/0x5450 [ 14.408751] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.409053] [ 14.409221] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.409309] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.409323] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.409347] Call Trace: [ 14.409377] <TASK> [ 14.409399] dump_stack_lvl+0x73/0xb0 [ 14.409427] print_report+0xd1/0x650 [ 14.409451] ? __virt_addr_valid+0x1db/0x2d0 [ 14.409475] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.409498] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.409522] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.409553] kasan_report+0x141/0x180 [ 14.409578] ? kasan_atomics_helper+0x49ce/0x5450 [ 14.409606] __asan_report_load4_noabort+0x18/0x20 [ 14.409629] kasan_atomics_helper+0x49ce/0x5450 [ 14.409661] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.409685] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.409708] ? kasan_atomics+0x152/0x310 [ 14.409732] kasan_atomics+0x1dc/0x310 [ 14.409786] ? __pfx_kasan_atomics+0x10/0x10 [ 14.409808] ? __pfx_read_tsc+0x10/0x10 [ 14.409853] ? ktime_get_ts64+0x86/0x230 [ 14.409880] kunit_try_run_case+0x1a5/0x480 [ 14.409906] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.409957] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.409995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.410057] ? __kthread_parkme+0x82/0x180 [ 14.410081] ? preempt_count_sub+0x50/0x80 [ 14.410131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.410156] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.410181] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.410205] kthread+0x337/0x6f0 [ 14.410233] ? trace_preempt_on+0x20/0xc0 [ 14.410258] ? __pfx_kthread+0x10/0x10 [ 14.410278] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.410302] ? calculate_sigpending+0x7b/0xa0 [ 14.410353] ? __pfx_kthread+0x10/0x10 [ 14.410374] ret_from_fork+0x41/0x80 [ 14.410398] ? __pfx_kthread+0x10/0x10 [ 14.410428] ret_from_fork_asm+0x1a/0x30 [ 14.410460] </TASK> [ 14.410472] [ 14.418492] Allocated by task 284: [ 14.418704] kasan_save_stack+0x45/0x70 [ 14.419041] kasan_save_track+0x18/0x40 [ 14.419260] kasan_save_alloc_info+0x3b/0x50 [ 14.419480] __kasan_kmalloc+0xb7/0xc0 [ 14.419729] __kmalloc_cache_noprof+0x189/0x420 [ 14.419944] kasan_atomics+0x95/0x310 [ 14.420078] kunit_try_run_case+0x1a5/0x480 [ 14.420292] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.420612] kthread+0x337/0x6f0 [ 14.420824] ret_from_fork+0x41/0x80 [ 14.421164] ret_from_fork_asm+0x1a/0x30 [ 14.421380] [ 14.421454] The buggy address belongs to the object at ffff8881039f4880 [ 14.421454] which belongs to the cache kmalloc-64 of size 64 [ 14.422323] The buggy address is located 0 bytes to the right of [ 14.422323] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.422872] [ 14.422949] The buggy address belongs to the physical page: [ 14.423239] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.423674] flags: 0x200000000000000(node=0|zone=2) [ 14.423894] page_type: f5(slab) [ 14.424022] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.424268] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.424592] page dumped because: kasan: bad access detected [ 14.424994] [ 14.425104] Memory state around the buggy address: [ 14.425345] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.425636] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.426021] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.426350] ^ [ 14.426630] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.426897] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.427115] ================================================================== [ 13.815723] ================================================================== [ 13.816110] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b3a/0x5450 [ 13.816580] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.817045] [ 13.817159] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.817265] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.817304] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.817336] Call Trace: [ 13.817411] <TASK> [ 13.817428] dump_stack_lvl+0x73/0xb0 [ 13.817465] print_report+0xd1/0x650 [ 13.817490] ? __virt_addr_valid+0x1db/0x2d0 [ 13.817513] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.817537] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.817565] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.817589] kasan_report+0x141/0x180 [ 13.817614] ? kasan_atomics_helper+0x4b3a/0x5450 [ 13.817642] __asan_report_store4_noabort+0x1b/0x30 [ 13.817665] kasan_atomics_helper+0x4b3a/0x5450 [ 13.817706] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.817730] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.817755] ? kasan_atomics+0x152/0x310 [ 13.817780] kasan_atomics+0x1dc/0x310 [ 13.817800] ? __pfx_kasan_atomics+0x10/0x10 [ 13.817823] ? __pfx_read_tsc+0x10/0x10 [ 13.817844] ? ktime_get_ts64+0x86/0x230 [ 13.817870] kunit_try_run_case+0x1a5/0x480 [ 13.817895] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.817919] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.817944] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.817969] ? __kthread_parkme+0x82/0x180 [ 13.817991] ? preempt_count_sub+0x50/0x80 [ 13.818018] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.818043] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.818067] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.818092] kthread+0x337/0x6f0 [ 13.818110] ? trace_preempt_on+0x20/0xc0 [ 13.818135] ? __pfx_kthread+0x10/0x10 [ 13.818155] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.818178] ? calculate_sigpending+0x7b/0xa0 [ 13.818201] ? __pfx_kthread+0x10/0x10 [ 13.818222] ret_from_fork+0x41/0x80 [ 13.818255] ? __pfx_kthread+0x10/0x10 [ 13.818275] ret_from_fork_asm+0x1a/0x30 [ 13.818307] </TASK> [ 13.818319] [ 13.828647] Allocated by task 284: [ 13.828840] kasan_save_stack+0x45/0x70 [ 13.829051] kasan_save_track+0x18/0x40 [ 13.829264] kasan_save_alloc_info+0x3b/0x50 [ 13.829479] __kasan_kmalloc+0xb7/0xc0 [ 13.829685] __kmalloc_cache_noprof+0x189/0x420 [ 13.830058] kasan_atomics+0x95/0x310 [ 13.830194] kunit_try_run_case+0x1a5/0x480 [ 13.830348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.830519] kthread+0x337/0x6f0 [ 13.830690] ret_from_fork+0x41/0x80 [ 13.830956] ret_from_fork_asm+0x1a/0x30 [ 13.831218] [ 13.831357] The buggy address belongs to the object at ffff8881039f4880 [ 13.831357] which belongs to the cache kmalloc-64 of size 64 [ 13.832545] The buggy address is located 0 bytes to the right of [ 13.832545] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.833199] [ 13.833520] The buggy address belongs to the physical page: [ 13.833865] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.834173] flags: 0x200000000000000(node=0|zone=2) [ 13.834593] page_type: f5(slab) [ 13.834820] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.835447] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.835798] page dumped because: kasan: bad access detected [ 13.836061] [ 13.836188] Memory state around the buggy address: [ 13.836506] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.836940] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.837412] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.837788] ^ [ 13.838051] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.838550] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.838864] ================================================================== [ 14.855555] ================================================================== [ 14.855829] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1f43/0x5450 [ 14.856159] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.856510] [ 14.856698] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.856746] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.856760] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.856784] Call Trace: [ 14.856803] <TASK> [ 14.856824] dump_stack_lvl+0x73/0xb0 [ 14.856850] print_report+0xd1/0x650 [ 14.856875] ? __virt_addr_valid+0x1db/0x2d0 [ 14.856898] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.856921] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.856946] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.856971] kasan_report+0x141/0x180 [ 14.856995] ? kasan_atomics_helper+0x1f43/0x5450 [ 14.857024] kasan_check_range+0x10c/0x1c0 [ 14.857046] __kasan_check_write+0x18/0x20 [ 14.857067] kasan_atomics_helper+0x1f43/0x5450 [ 14.857093] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.857118] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.857142] ? kasan_atomics+0x152/0x310 [ 14.857166] kasan_atomics+0x1dc/0x310 [ 14.857188] ? __pfx_kasan_atomics+0x10/0x10 [ 14.857210] ? __pfx_read_tsc+0x10/0x10 [ 14.857246] ? ktime_get_ts64+0x86/0x230 [ 14.857274] kunit_try_run_case+0x1a5/0x480 [ 14.857302] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857326] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.857353] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.857379] ? __kthread_parkme+0x82/0x180 [ 14.857403] ? preempt_count_sub+0x50/0x80 [ 14.857430] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.857456] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.857481] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.857506] kthread+0x337/0x6f0 [ 14.857524] ? trace_preempt_on+0x20/0xc0 [ 14.857555] ? __pfx_kthread+0x10/0x10 [ 14.857574] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.857598] ? calculate_sigpending+0x7b/0xa0 [ 14.857622] ? __pfx_kthread+0x10/0x10 [ 14.857642] ret_from_fork+0x41/0x80 [ 14.857665] ? __pfx_kthread+0x10/0x10 [ 14.857685] ret_from_fork_asm+0x1a/0x30 [ 14.857717] </TASK> [ 14.857728] [ 14.865022] Allocated by task 284: [ 14.865208] kasan_save_stack+0x45/0x70 [ 14.865422] kasan_save_track+0x18/0x40 [ 14.865628] kasan_save_alloc_info+0x3b/0x50 [ 14.865823] __kasan_kmalloc+0xb7/0xc0 [ 14.865965] __kmalloc_cache_noprof+0x189/0x420 [ 14.866191] kasan_atomics+0x95/0x310 [ 14.866391] kunit_try_run_case+0x1a5/0x480 [ 14.866594] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.866827] kthread+0x337/0x6f0 [ 14.867021] ret_from_fork+0x41/0x80 [ 14.867159] ret_from_fork_asm+0x1a/0x30 [ 14.867320] [ 14.867419] The buggy address belongs to the object at ffff8881039f4880 [ 14.867419] which belongs to the cache kmalloc-64 of size 64 [ 14.867991] The buggy address is located 0 bytes to the right of [ 14.867991] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.868369] [ 14.868444] The buggy address belongs to the physical page: [ 14.868688] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.869044] flags: 0x200000000000000(node=0|zone=2) [ 14.869295] page_type: f5(slab) [ 14.869467] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.869815] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.870176] page dumped because: kasan: bad access detected [ 14.870360] [ 14.870431] Memory state around the buggy address: [ 14.870589] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.871261] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.871571] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.871874] ^ [ 14.872092] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.872377] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.872645] ================================================================== [ 14.979642] ================================================================== [ 14.979994] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4fa5/0x5450 [ 14.980411] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.980733] [ 14.980829] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.980878] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.980890] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.980913] Call Trace: [ 14.980932] <TASK> [ 14.980951] dump_stack_lvl+0x73/0xb0 [ 14.980978] print_report+0xd1/0x650 [ 14.981002] ? __virt_addr_valid+0x1db/0x2d0 [ 14.981024] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.981049] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.981073] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.981097] kasan_report+0x141/0x180 [ 14.981121] ? kasan_atomics_helper+0x4fa5/0x5450 [ 14.981150] __asan_report_load8_noabort+0x18/0x20 [ 14.981173] kasan_atomics_helper+0x4fa5/0x5450 [ 14.981198] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.981235] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.981260] ? kasan_atomics+0x152/0x310 [ 14.981286] kasan_atomics+0x1dc/0x310 [ 14.981310] ? __pfx_kasan_atomics+0x10/0x10 [ 14.981333] ? __pfx_read_tsc+0x10/0x10 [ 14.981354] ? ktime_get_ts64+0x86/0x230 [ 14.981381] kunit_try_run_case+0x1a5/0x480 [ 14.981406] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.981430] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.981455] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.981481] ? __kthread_parkme+0x82/0x180 [ 14.981505] ? preempt_count_sub+0x50/0x80 [ 14.981532] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.981560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.981585] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.981610] kthread+0x337/0x6f0 [ 14.981630] ? trace_preempt_on+0x20/0xc0 [ 14.981656] ? __pfx_kthread+0x10/0x10 [ 14.981675] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.981698] ? calculate_sigpending+0x7b/0xa0 [ 14.981722] ? __pfx_kthread+0x10/0x10 [ 14.981743] ret_from_fork+0x41/0x80 [ 14.981765] ? __pfx_kthread+0x10/0x10 [ 14.981784] ret_from_fork_asm+0x1a/0x30 [ 14.981816] </TASK> [ 14.981829] [ 14.989030] Allocated by task 284: [ 14.989232] kasan_save_stack+0x45/0x70 [ 14.989434] kasan_save_track+0x18/0x40 [ 14.989607] kasan_save_alloc_info+0x3b/0x50 [ 14.989838] __kasan_kmalloc+0xb7/0xc0 [ 14.990015] __kmalloc_cache_noprof+0x189/0x420 [ 14.990182] kasan_atomics+0x95/0x310 [ 14.990324] kunit_try_run_case+0x1a5/0x480 [ 14.990516] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.990931] kthread+0x337/0x6f0 [ 14.991098] ret_from_fork+0x41/0x80 [ 14.991284] ret_from_fork_asm+0x1a/0x30 [ 14.991463] [ 14.991560] The buggy address belongs to the object at ffff8881039f4880 [ 14.991560] which belongs to the cache kmalloc-64 of size 64 [ 14.992059] The buggy address is located 0 bytes to the right of [ 14.992059] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.992555] [ 14.992665] The buggy address belongs to the physical page: [ 14.992891] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.993166] flags: 0x200000000000000(node=0|zone=2) [ 14.993342] page_type: f5(slab) [ 14.993464] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.993833] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.994172] page dumped because: kasan: bad access detected [ 14.994435] [ 14.994530] Memory state around the buggy address: [ 14.994833] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.995152] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.995408] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.995624] ^ [ 14.995859] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996183] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.996494] ================================================================== [ 14.338641] ================================================================== [ 14.339021] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1217/0x5450 [ 14.339371] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.339850] [ 14.339939] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.339984] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.339997] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.340020] Call Trace: [ 14.340037] <TASK> [ 14.340053] dump_stack_lvl+0x73/0xb0 [ 14.340078] print_report+0xd1/0x650 [ 14.340102] ? __virt_addr_valid+0x1db/0x2d0 [ 14.340310] ? kasan_atomics_helper+0x1217/0x5450 [ 14.340339] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.340364] ? kasan_atomics_helper+0x1217/0x5450 [ 14.340388] kasan_report+0x141/0x180 [ 14.340412] ? kasan_atomics_helper+0x1217/0x5450 [ 14.340441] kasan_check_range+0x10c/0x1c0 [ 14.340463] __kasan_check_write+0x18/0x20 [ 14.340484] kasan_atomics_helper+0x1217/0x5450 [ 14.340509] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.340534] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.340556] ? kasan_atomics+0x152/0x310 [ 14.340580] kasan_atomics+0x1dc/0x310 [ 14.340600] ? __pfx_kasan_atomics+0x10/0x10 [ 14.340622] ? __pfx_read_tsc+0x10/0x10 [ 14.340644] ? ktime_get_ts64+0x86/0x230 [ 14.340671] kunit_try_run_case+0x1a5/0x480 [ 14.340697] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.340720] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.340745] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.340771] ? __kthread_parkme+0x82/0x180 [ 14.340794] ? preempt_count_sub+0x50/0x80 [ 14.340820] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.340844] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.340869] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.340894] kthread+0x337/0x6f0 [ 14.340912] ? trace_preempt_on+0x20/0xc0 [ 14.340936] ? __pfx_kthread+0x10/0x10 [ 14.340956] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.340979] ? calculate_sigpending+0x7b/0xa0 [ 14.341002] ? __pfx_kthread+0x10/0x10 [ 14.341021] ret_from_fork+0x41/0x80 [ 14.341044] ? __pfx_kthread+0x10/0x10 [ 14.341063] ret_from_fork_asm+0x1a/0x30 [ 14.341095] </TASK> [ 14.341106] [ 14.348467] Allocated by task 284: [ 14.348603] kasan_save_stack+0x45/0x70 [ 14.349018] kasan_save_track+0x18/0x40 [ 14.349214] kasan_save_alloc_info+0x3b/0x50 [ 14.349443] __kasan_kmalloc+0xb7/0xc0 [ 14.349639] __kmalloc_cache_noprof+0x189/0x420 [ 14.349868] kasan_atomics+0x95/0x310 [ 14.350053] kunit_try_run_case+0x1a5/0x480 [ 14.350662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.350885] kthread+0x337/0x6f0 [ 14.351205] ret_from_fork+0x41/0x80 [ 14.351510] ret_from_fork_asm+0x1a/0x30 [ 14.351843] [ 14.351924] The buggy address belongs to the object at ffff8881039f4880 [ 14.351924] which belongs to the cache kmalloc-64 of size 64 [ 14.352295] The buggy address is located 0 bytes to the right of [ 14.352295] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.352675] [ 14.353829] The buggy address belongs to the physical page: [ 14.354581] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.355652] flags: 0x200000000000000(node=0|zone=2) [ 14.356465] page_type: f5(slab) [ 14.357107] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.357984] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.358833] page dumped because: kasan: bad access detected [ 14.359029] [ 14.359103] Memory state around the buggy address: [ 14.359276] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.360016] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.360704] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.361329] ^ [ 14.361799] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362448] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.362883] ================================================================== [ 14.925816] ================================================================== [ 14.926075] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x20c8/0x5450 [ 14.926373] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.926966] [ 14.927062] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.927110] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.927124] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.927148] Call Trace: [ 14.927167] <TASK> [ 14.927186] dump_stack_lvl+0x73/0xb0 [ 14.927213] print_report+0xd1/0x650 [ 14.927248] ? __virt_addr_valid+0x1db/0x2d0 [ 14.927272] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.927296] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.927320] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.927344] kasan_report+0x141/0x180 [ 14.927368] ? kasan_atomics_helper+0x20c8/0x5450 [ 14.927396] kasan_check_range+0x10c/0x1c0 [ 14.927418] __kasan_check_write+0x18/0x20 [ 14.927440] kasan_atomics_helper+0x20c8/0x5450 [ 14.927465] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.927489] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.927513] ? kasan_atomics+0x152/0x310 [ 14.927537] kasan_atomics+0x1dc/0x310 [ 14.927558] ? __pfx_kasan_atomics+0x10/0x10 [ 14.927581] ? __pfx_read_tsc+0x10/0x10 [ 14.927602] ? ktime_get_ts64+0x86/0x230 [ 14.927630] kunit_try_run_case+0x1a5/0x480 [ 14.927656] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.927679] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.927705] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.927731] ? __kthread_parkme+0x82/0x180 [ 14.927754] ? preempt_count_sub+0x50/0x80 [ 14.927781] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.927806] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.927831] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.927856] kthread+0x337/0x6f0 [ 14.927874] ? trace_preempt_on+0x20/0xc0 [ 14.927899] ? __pfx_kthread+0x10/0x10 [ 14.927921] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.927945] ? calculate_sigpending+0x7b/0xa0 [ 14.927969] ? __pfx_kthread+0x10/0x10 [ 14.927989] ret_from_fork+0x41/0x80 [ 14.928011] ? __pfx_kthread+0x10/0x10 [ 14.928031] ret_from_fork_asm+0x1a/0x30 [ 14.928063] </TASK> [ 14.928075] [ 14.935695] Allocated by task 284: [ 14.935876] kasan_save_stack+0x45/0x70 [ 14.936080] kasan_save_track+0x18/0x40 [ 14.936293] kasan_save_alloc_info+0x3b/0x50 [ 14.936506] __kasan_kmalloc+0xb7/0xc0 [ 14.936718] __kmalloc_cache_noprof+0x189/0x420 [ 14.936884] kasan_atomics+0x95/0x310 [ 14.937016] kunit_try_run_case+0x1a5/0x480 [ 14.937164] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.937352] kthread+0x337/0x6f0 [ 14.937475] ret_from_fork+0x41/0x80 [ 14.937674] ret_from_fork_asm+0x1a/0x30 [ 14.937875] [ 14.937973] The buggy address belongs to the object at ffff8881039f4880 [ 14.937973] which belongs to the cache kmalloc-64 of size 64 [ 14.938515] The buggy address is located 0 bytes to the right of [ 14.938515] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.939084] [ 14.939187] The buggy address belongs to the physical page: [ 14.939423] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.939694] flags: 0x200000000000000(node=0|zone=2) [ 14.939932] page_type: f5(slab) [ 14.940103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.940463] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.940893] page dumped because: kasan: bad access detected [ 14.941111] [ 14.941200] Memory state around the buggy address: [ 14.941398] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.941727] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.941944] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.942158] ^ [ 14.942325] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.942593] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.943257] ================================================================== [ 14.737874] ================================================================== [ 14.738244] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f30/0x5450 [ 14.738531] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.738755] [ 14.738876] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.738924] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.738937] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.738960] Call Trace: [ 14.738979] <TASK> [ 14.738999] dump_stack_lvl+0x73/0xb0 [ 14.739025] print_report+0xd1/0x650 [ 14.739049] ? __virt_addr_valid+0x1db/0x2d0 [ 14.739073] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.739096] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.739120] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.739145] kasan_report+0x141/0x180 [ 14.739168] ? kasan_atomics_helper+0x4f30/0x5450 [ 14.739197] __asan_report_load8_noabort+0x18/0x20 [ 14.739257] kasan_atomics_helper+0x4f30/0x5450 [ 14.739285] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.739309] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.739344] ? kasan_atomics+0x152/0x310 [ 14.739369] kasan_atomics+0x1dc/0x310 [ 14.739390] ? __pfx_kasan_atomics+0x10/0x10 [ 14.739413] ? __pfx_read_tsc+0x10/0x10 [ 14.739434] ? ktime_get_ts64+0x86/0x230 [ 14.739461] kunit_try_run_case+0x1a5/0x480 [ 14.739488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.739511] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.739536] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.739561] ? __kthread_parkme+0x82/0x180 [ 14.739584] ? preempt_count_sub+0x50/0x80 [ 14.739612] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.739650] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.739674] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.739708] kthread+0x337/0x6f0 [ 14.739727] ? trace_preempt_on+0x20/0xc0 [ 14.739752] ? __pfx_kthread+0x10/0x10 [ 14.739782] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.739806] ? calculate_sigpending+0x7b/0xa0 [ 14.739830] ? __pfx_kthread+0x10/0x10 [ 14.739859] ret_from_fork+0x41/0x80 [ 14.739881] ? __pfx_kthread+0x10/0x10 [ 14.739900] ret_from_fork_asm+0x1a/0x30 [ 14.739943] </TASK> [ 14.739954] [ 14.747614] Allocated by task 284: [ 14.747763] kasan_save_stack+0x45/0x70 [ 14.747909] kasan_save_track+0x18/0x40 [ 14.748048] kasan_save_alloc_info+0x3b/0x50 [ 14.748193] __kasan_kmalloc+0xb7/0xc0 [ 14.748397] __kmalloc_cache_noprof+0x189/0x420 [ 14.748679] kasan_atomics+0x95/0x310 [ 14.748872] kunit_try_run_case+0x1a5/0x480 [ 14.749082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.749348] kthread+0x337/0x6f0 [ 14.749518] ret_from_fork+0x41/0x80 [ 14.749734] ret_from_fork_asm+0x1a/0x30 [ 14.749877] [ 14.749950] The buggy address belongs to the object at ffff8881039f4880 [ 14.749950] which belongs to the cache kmalloc-64 of size 64 [ 14.750399] The buggy address is located 0 bytes to the right of [ 14.750399] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.751035] [ 14.751150] The buggy address belongs to the physical page: [ 14.751395] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.751783] flags: 0x200000000000000(node=0|zone=2) [ 14.752027] page_type: f5(slab) [ 14.752201] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.752540] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.752886] page dumped because: kasan: bad access detected [ 14.753139] [ 14.753266] Memory state around the buggy address: [ 14.753484] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.753854] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.754166] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.754491] ^ [ 14.754742] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.754959] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.755311] ================================================================== [ 13.641372] ================================================================== [ 13.642140] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4bbc/0x5450 [ 13.643110] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.644296] [ 13.644489] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.644555] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.644568] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.644592] Call Trace: [ 13.644604] <TASK> [ 13.644623] dump_stack_lvl+0x73/0xb0 [ 13.644671] print_report+0xd1/0x650 [ 13.644695] ? __virt_addr_valid+0x1db/0x2d0 [ 13.644717] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.644749] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.644773] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.644796] kasan_report+0x141/0x180 [ 13.644831] ? kasan_atomics_helper+0x4bbc/0x5450 [ 13.644858] __asan_report_load4_noabort+0x18/0x20 [ 13.644880] kasan_atomics_helper+0x4bbc/0x5450 [ 13.644903] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.644927] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.644951] ? kasan_atomics+0x152/0x310 [ 13.644974] kasan_atomics+0x1dc/0x310 [ 13.644994] ? __pfx_kasan_atomics+0x10/0x10 [ 13.645017] ? __pfx_read_tsc+0x10/0x10 [ 13.645038] ? ktime_get_ts64+0x86/0x230 [ 13.645066] kunit_try_run_case+0x1a5/0x480 [ 13.645093] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.645117] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.645141] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.645167] ? __kthread_parkme+0x82/0x180 [ 13.645190] ? preempt_count_sub+0x50/0x80 [ 13.645216] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.645252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.645433] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.645461] kthread+0x337/0x6f0 [ 13.645479] ? trace_preempt_on+0x20/0xc0 [ 13.645503] ? __pfx_kthread+0x10/0x10 [ 13.645521] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.645552] ? calculate_sigpending+0x7b/0xa0 [ 13.645575] ? __pfx_kthread+0x10/0x10 [ 13.645594] ret_from_fork+0x41/0x80 [ 13.645615] ? __pfx_kthread+0x10/0x10 [ 13.645655] ret_from_fork_asm+0x1a/0x30 [ 13.645688] </TASK> [ 13.645700] [ 13.658538] Allocated by task 284: [ 13.658917] kasan_save_stack+0x45/0x70 [ 13.659413] kasan_save_track+0x18/0x40 [ 13.659612] kasan_save_alloc_info+0x3b/0x50 [ 13.660047] __kasan_kmalloc+0xb7/0xc0 [ 13.660185] __kmalloc_cache_noprof+0x189/0x420 [ 13.660670] kasan_atomics+0x95/0x310 [ 13.661033] kunit_try_run_case+0x1a5/0x480 [ 13.661182] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.661818] kthread+0x337/0x6f0 [ 13.662158] ret_from_fork+0x41/0x80 [ 13.662591] ret_from_fork_asm+0x1a/0x30 [ 13.662960] [ 13.663034] The buggy address belongs to the object at ffff8881039f4880 [ 13.663034] which belongs to the cache kmalloc-64 of size 64 [ 13.663826] The buggy address is located 0 bytes to the right of [ 13.663826] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.664868] [ 13.664944] The buggy address belongs to the physical page: [ 13.665115] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.665536] flags: 0x200000000000000(node=0|zone=2) [ 13.666031] page_type: f5(slab) [ 13.666306] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.666806] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.667257] page dumped because: kasan: bad access detected [ 13.667618] [ 13.667794] Memory state around the buggy address: [ 13.668125] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.668429] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.669132] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.670049] ^ [ 13.670505] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.670959] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.671175] ================================================================== [ 14.719729] ================================================================== [ 14.720067] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1c18/0x5450 [ 14.720435] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.720785] [ 14.720905] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.720956] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.720969] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.721003] Call Trace: [ 14.721023] <TASK> [ 14.721043] dump_stack_lvl+0x73/0xb0 [ 14.721081] print_report+0xd1/0x650 [ 14.721106] ? __virt_addr_valid+0x1db/0x2d0 [ 14.721130] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.721154] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.721179] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.721203] kasan_report+0x141/0x180 [ 14.721236] ? kasan_atomics_helper+0x1c18/0x5450 [ 14.721265] kasan_check_range+0x10c/0x1c0 [ 14.721286] __kasan_check_write+0x18/0x20 [ 14.721308] kasan_atomics_helper+0x1c18/0x5450 [ 14.721333] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.721357] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.721381] ? kasan_atomics+0x152/0x310 [ 14.721406] kasan_atomics+0x1dc/0x310 [ 14.721436] ? __pfx_kasan_atomics+0x10/0x10 [ 14.721459] ? __pfx_read_tsc+0x10/0x10 [ 14.721480] ? ktime_get_ts64+0x86/0x230 [ 14.721517] kunit_try_run_case+0x1a5/0x480 [ 14.721549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.721572] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.721598] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.721623] ? __kthread_parkme+0x82/0x180 [ 14.721665] ? preempt_count_sub+0x50/0x80 [ 14.721692] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.721717] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.721744] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.721769] kthread+0x337/0x6f0 [ 14.721786] ? trace_preempt_on+0x20/0xc0 [ 14.721812] ? __pfx_kthread+0x10/0x10 [ 14.721831] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.721855] ? calculate_sigpending+0x7b/0xa0 [ 14.721879] ? __pfx_kthread+0x10/0x10 [ 14.721898] ret_from_fork+0x41/0x80 [ 14.721920] ? __pfx_kthread+0x10/0x10 [ 14.721939] ret_from_fork_asm+0x1a/0x30 [ 14.721981] </TASK> [ 14.721992] [ 14.729567] Allocated by task 284: [ 14.729721] kasan_save_stack+0x45/0x70 [ 14.729968] kasan_save_track+0x18/0x40 [ 14.730164] kasan_save_alloc_info+0x3b/0x50 [ 14.730382] __kasan_kmalloc+0xb7/0xc0 [ 14.730572] __kmalloc_cache_noprof+0x189/0x420 [ 14.730819] kasan_atomics+0x95/0x310 [ 14.730984] kunit_try_run_case+0x1a5/0x480 [ 14.731149] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.731415] kthread+0x337/0x6f0 [ 14.731589] ret_from_fork+0x41/0x80 [ 14.731751] ret_from_fork_asm+0x1a/0x30 [ 14.731893] [ 14.731966] The buggy address belongs to the object at ffff8881039f4880 [ 14.731966] which belongs to the cache kmalloc-64 of size 64 [ 14.732483] The buggy address is located 0 bytes to the right of [ 14.732483] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.733087] [ 14.733187] The buggy address belongs to the physical page: [ 14.733377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.733627] flags: 0x200000000000000(node=0|zone=2) [ 14.733902] page_type: f5(slab) [ 14.734103] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.734506] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.734842] page dumped because: kasan: bad access detected [ 14.735017] [ 14.735088] Memory state around the buggy address: [ 14.735329] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.735702] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.735964] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.736181] ^ [ 14.736421] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.736787] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.737111] ================================================================== [ 14.799091] ================================================================== [ 14.799872] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1e12/0x5450 [ 14.800156] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.800400] [ 14.800494] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.800542] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.800555] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.800580] Call Trace: [ 14.800601] <TASK> [ 14.800622] dump_stack_lvl+0x73/0xb0 [ 14.800679] print_report+0xd1/0x650 [ 14.800704] ? __virt_addr_valid+0x1db/0x2d0 [ 14.800729] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.800752] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.800777] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.800801] kasan_report+0x141/0x180 [ 14.800826] ? kasan_atomics_helper+0x1e12/0x5450 [ 14.800854] kasan_check_range+0x10c/0x1c0 [ 14.800877] __kasan_check_write+0x18/0x20 [ 14.800898] kasan_atomics_helper+0x1e12/0x5450 [ 14.800923] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.800947] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.800972] ? kasan_atomics+0x152/0x310 [ 14.800997] kasan_atomics+0x1dc/0x310 [ 14.801019] ? __pfx_kasan_atomics+0x10/0x10 [ 14.801041] ? __pfx_read_tsc+0x10/0x10 [ 14.801063] ? ktime_get_ts64+0x86/0x230 [ 14.801090] kunit_try_run_case+0x1a5/0x480 [ 14.801117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.801141] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.801167] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.801192] ? __kthread_parkme+0x82/0x180 [ 14.801216] ? preempt_count_sub+0x50/0x80 [ 14.801254] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.801280] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.801305] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.801329] kthread+0x337/0x6f0 [ 14.801347] ? trace_preempt_on+0x20/0xc0 [ 14.801372] ? __pfx_kthread+0x10/0x10 [ 14.801392] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.801414] ? calculate_sigpending+0x7b/0xa0 [ 14.801437] ? __pfx_kthread+0x10/0x10 [ 14.801458] ret_from_fork+0x41/0x80 [ 14.801479] ? __pfx_kthread+0x10/0x10 [ 14.801499] ret_from_fork_asm+0x1a/0x30 [ 14.801530] </TASK> [ 14.801550] [ 14.814985] Allocated by task 284: [ 14.815341] kasan_save_stack+0x45/0x70 [ 14.815738] kasan_save_track+0x18/0x40 [ 14.816051] kasan_save_alloc_info+0x3b/0x50 [ 14.816201] __kasan_kmalloc+0xb7/0xc0 [ 14.816569] __kmalloc_cache_noprof+0x189/0x420 [ 14.817012] kasan_atomics+0x95/0x310 [ 14.817353] kunit_try_run_case+0x1a5/0x480 [ 14.817724] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.817906] kthread+0x337/0x6f0 [ 14.818030] ret_from_fork+0x41/0x80 [ 14.818171] ret_from_fork_asm+0x1a/0x30 [ 14.818462] [ 14.818626] The buggy address belongs to the object at ffff8881039f4880 [ 14.818626] which belongs to the cache kmalloc-64 of size 64 [ 14.819594] The buggy address is located 0 bytes to the right of [ 14.819594] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.820386] [ 14.820464] The buggy address belongs to the physical page: [ 14.820662] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.821348] flags: 0x200000000000000(node=0|zone=2) [ 14.821798] page_type: f5(slab) [ 14.822094] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.822771] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.823364] page dumped because: kasan: bad access detected [ 14.823539] [ 14.823610] Memory state around the buggy address: [ 14.824048] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.824675] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.825288] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.825755] ^ [ 14.825917] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826134] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.826362] ================================================================== [ 14.222758] ================================================================== [ 14.223071] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4a36/0x5450 [ 14.223435] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.223914] [ 14.224011] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.224061] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.224090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.224114] Call Trace: [ 14.224134] <TASK> [ 14.224155] dump_stack_lvl+0x73/0xb0 [ 14.224184] print_report+0xd1/0x650 [ 14.224209] ? __virt_addr_valid+0x1db/0x2d0 [ 14.224243] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.224284] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.224309] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.224334] kasan_report+0x141/0x180 [ 14.224358] ? kasan_atomics_helper+0x4a36/0x5450 [ 14.224387] __asan_report_load4_noabort+0x18/0x20 [ 14.224409] kasan_atomics_helper+0x4a36/0x5450 [ 14.224433] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.224457] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.224862] ? kasan_atomics+0x152/0x310 [ 14.224888] kasan_atomics+0x1dc/0x310 [ 14.224908] ? __pfx_kasan_atomics+0x10/0x10 [ 14.224931] ? __pfx_read_tsc+0x10/0x10 [ 14.224952] ? ktime_get_ts64+0x86/0x230 [ 14.226729] kunit_try_run_case+0x1a5/0x480 [ 14.226763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.226787] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.226813] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.226839] ? __kthread_parkme+0x82/0x180 [ 14.226863] ? preempt_count_sub+0x50/0x80 [ 14.226889] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.226915] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.226940] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.226964] kthread+0x337/0x6f0 [ 14.226983] ? trace_preempt_on+0x20/0xc0 [ 14.227008] ? __pfx_kthread+0x10/0x10 [ 14.227027] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.227051] ? calculate_sigpending+0x7b/0xa0 [ 14.227075] ? __pfx_kthread+0x10/0x10 [ 14.227095] ret_from_fork+0x41/0x80 [ 14.227117] ? __pfx_kthread+0x10/0x10 [ 14.227135] ret_from_fork_asm+0x1a/0x30 [ 14.227168] </TASK> [ 14.227180] [ 14.237703] Allocated by task 284: [ 14.237889] kasan_save_stack+0x45/0x70 [ 14.238088] kasan_save_track+0x18/0x40 [ 14.238268] kasan_save_alloc_info+0x3b/0x50 [ 14.238467] __kasan_kmalloc+0xb7/0xc0 [ 14.238646] __kmalloc_cache_noprof+0x189/0x420 [ 14.238851] kasan_atomics+0x95/0x310 [ 14.239018] kunit_try_run_case+0x1a5/0x480 [ 14.239199] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.239951] kthread+0x337/0x6f0 [ 14.240086] ret_from_fork+0x41/0x80 [ 14.240369] ret_from_fork_asm+0x1a/0x30 [ 14.240814] [ 14.240906] The buggy address belongs to the object at ffff8881039f4880 [ 14.240906] which belongs to the cache kmalloc-64 of size 64 [ 14.241777] The buggy address is located 0 bytes to the right of [ 14.241777] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.242528] [ 14.242758] The buggy address belongs to the physical page: [ 14.243160] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.243668] flags: 0x200000000000000(node=0|zone=2) [ 14.244073] page_type: f5(slab) [ 14.244262] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.244579] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.245331] page dumped because: kasan: bad access detected [ 14.245760] [ 14.245977] Memory state around the buggy address: [ 14.246331] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.246913] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.247358] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.247660] ^ [ 14.247872] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.248159] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.248457] ================================================================== [ 14.873256] ================================================================== [ 14.873604] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f71/0x5450 [ 14.873967] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.874286] [ 14.874389] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.874435] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.874448] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.874471] Call Trace: [ 14.874489] <TASK> [ 14.874508] dump_stack_lvl+0x73/0xb0 [ 14.874533] print_report+0xd1/0x650 [ 14.874558] ? __virt_addr_valid+0x1db/0x2d0 [ 14.874582] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.874606] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.874631] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.874654] kasan_report+0x141/0x180 [ 14.874679] ? kasan_atomics_helper+0x4f71/0x5450 [ 14.874708] __asan_report_load8_noabort+0x18/0x20 [ 14.874730] kasan_atomics_helper+0x4f71/0x5450 [ 14.874755] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.874779] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.874803] ? kasan_atomics+0x152/0x310 [ 14.874828] kasan_atomics+0x1dc/0x310 [ 14.874848] ? __pfx_kasan_atomics+0x10/0x10 [ 14.874871] ? __pfx_read_tsc+0x10/0x10 [ 14.874892] ? ktime_get_ts64+0x86/0x230 [ 14.874919] kunit_try_run_case+0x1a5/0x480 [ 14.874944] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.874969] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.874995] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.875020] ? __kthread_parkme+0x82/0x180 [ 14.875044] ? preempt_count_sub+0x50/0x80 [ 14.875071] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.875096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.875121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.875146] kthread+0x337/0x6f0 [ 14.875165] ? trace_preempt_on+0x20/0xc0 [ 14.875190] ? __pfx_kthread+0x10/0x10 [ 14.875209] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.875243] ? calculate_sigpending+0x7b/0xa0 [ 14.875267] ? __pfx_kthread+0x10/0x10 [ 14.875287] ret_from_fork+0x41/0x80 [ 14.875310] ? __pfx_kthread+0x10/0x10 [ 14.875329] ret_from_fork_asm+0x1a/0x30 [ 14.875362] </TASK> [ 14.875374] [ 14.882536] Allocated by task 284: [ 14.882785] kasan_save_stack+0x45/0x70 [ 14.882990] kasan_save_track+0x18/0x40 [ 14.883130] kasan_save_alloc_info+0x3b/0x50 [ 14.883289] __kasan_kmalloc+0xb7/0xc0 [ 14.883424] __kmalloc_cache_noprof+0x189/0x420 [ 14.883579] kasan_atomics+0x95/0x310 [ 14.883711] kunit_try_run_case+0x1a5/0x480 [ 14.883858] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.884150] kthread+0x337/0x6f0 [ 14.884328] ret_from_fork+0x41/0x80 [ 14.884514] ret_from_fork_asm+0x1a/0x30 [ 14.884771] [ 14.884868] The buggy address belongs to the object at ffff8881039f4880 [ 14.884868] which belongs to the cache kmalloc-64 of size 64 [ 14.885417] The buggy address is located 0 bytes to the right of [ 14.885417] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.885964] [ 14.886073] The buggy address belongs to the physical page: [ 14.886271] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.886514] flags: 0x200000000000000(node=0|zone=2) [ 14.886678] page_type: f5(slab) [ 14.886799] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.887184] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.887540] page dumped because: kasan: bad access detected [ 14.887797] [ 14.887897] Memory state around the buggy address: [ 14.888129] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.888623] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.888958] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.889288] ^ [ 14.889517] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.889861] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.890107] ================================================================== [ 14.997048] ================================================================== [ 14.997343] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x224c/0x5450 [ 14.997662] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.997960] [ 14.998048] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.998095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.998107] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.998130] Call Trace: [ 14.998146] <TASK> [ 14.998161] dump_stack_lvl+0x73/0xb0 [ 14.998186] print_report+0xd1/0x650 [ 14.998210] ? __virt_addr_valid+0x1db/0x2d0 [ 14.998244] ? kasan_atomics_helper+0x224c/0x5450 [ 14.998268] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.998292] ? kasan_atomics_helper+0x224c/0x5450 [ 14.998315] kasan_report+0x141/0x180 [ 14.998340] ? kasan_atomics_helper+0x224c/0x5450 [ 14.998368] kasan_check_range+0x10c/0x1c0 [ 14.998391] __kasan_check_write+0x18/0x20 [ 14.998412] kasan_atomics_helper+0x224c/0x5450 [ 14.998436] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.998460] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.998483] ? kasan_atomics+0x152/0x310 [ 14.998508] kasan_atomics+0x1dc/0x310 [ 14.998530] ? __pfx_kasan_atomics+0x10/0x10 [ 14.998552] ? __pfx_read_tsc+0x10/0x10 [ 14.998573] ? ktime_get_ts64+0x86/0x230 [ 14.998600] kunit_try_run_case+0x1a5/0x480 [ 14.998626] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.998649] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.998675] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.998701] ? __kthread_parkme+0x82/0x180 [ 14.998724] ? preempt_count_sub+0x50/0x80 [ 14.998751] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.998776] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.998801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.998826] kthread+0x337/0x6f0 [ 14.998845] ? trace_preempt_on+0x20/0xc0 [ 14.998870] ? __pfx_kthread+0x10/0x10 [ 14.998889] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.998912] ? calculate_sigpending+0x7b/0xa0 [ 14.998936] ? __pfx_kthread+0x10/0x10 [ 14.998956] ret_from_fork+0x41/0x80 [ 14.998977] ? __pfx_kthread+0x10/0x10 [ 14.998996] ret_from_fork_asm+0x1a/0x30 [ 14.999028] </TASK> [ 14.999039] [ 15.006525] Allocated by task 284: [ 15.006772] kasan_save_stack+0x45/0x70 [ 15.006944] kasan_save_track+0x18/0x40 [ 15.007123] kasan_save_alloc_info+0x3b/0x50 [ 15.007318] __kasan_kmalloc+0xb7/0xc0 [ 15.007472] __kmalloc_cache_noprof+0x189/0x420 [ 15.007701] kasan_atomics+0x95/0x310 [ 15.007831] kunit_try_run_case+0x1a5/0x480 [ 15.007977] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.008219] kthread+0x337/0x6f0 [ 15.008399] ret_from_fork+0x41/0x80 [ 15.008586] ret_from_fork_asm+0x1a/0x30 [ 15.008795] [ 15.008897] The buggy address belongs to the object at ffff8881039f4880 [ 15.008897] which belongs to the cache kmalloc-64 of size 64 [ 15.009318] The buggy address is located 0 bytes to the right of [ 15.009318] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 15.009745] [ 15.009845] The buggy address belongs to the physical page: [ 15.010094] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 15.010457] flags: 0x200000000000000(node=0|zone=2) [ 15.010703] page_type: f5(slab) [ 15.010825] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.011052] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.011305] page dumped because: kasan: bad access detected [ 15.011564] [ 15.011668] Memory state around the buggy address: [ 15.011897] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.012179] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.012463] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.012742] ^ [ 15.012939] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013241] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.013504] ================================================================== [ 15.014109] ================================================================== [ 15.014491] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x5115/0x5450 [ 15.014808] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 15.015110] [ 15.015213] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 15.015271] Tainted: [B]=BAD_PAGE, [N]=TEST [ 15.015286] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 15.015309] Call Trace: [ 15.015328] <TASK> [ 15.015347] dump_stack_lvl+0x73/0xb0 [ 15.015374] print_report+0xd1/0x650 [ 15.015398] ? __virt_addr_valid+0x1db/0x2d0 [ 15.015421] ? kasan_atomics_helper+0x5115/0x5450 [ 15.015445] ? kasan_complete_mode_report_info+0x2a/0x200 [ 15.015469] ? kasan_atomics_helper+0x5115/0x5450 [ 15.015493] kasan_report+0x141/0x180 [ 15.015518] ? kasan_atomics_helper+0x5115/0x5450 [ 15.015546] __asan_report_load8_noabort+0x18/0x20 [ 15.015569] kasan_atomics_helper+0x5115/0x5450 [ 15.015597] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 15.015621] ? __kmalloc_cache_noprof+0x189/0x420 [ 15.015655] ? kasan_atomics+0x152/0x310 [ 15.015680] kasan_atomics+0x1dc/0x310 [ 15.015701] ? __pfx_kasan_atomics+0x10/0x10 [ 15.015724] ? __pfx_read_tsc+0x10/0x10 [ 15.015745] ? ktime_get_ts64+0x86/0x230 [ 15.015772] kunit_try_run_case+0x1a5/0x480 [ 15.015798] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015822] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 15.015848] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 15.015874] ? __kthread_parkme+0x82/0x180 [ 15.015897] ? preempt_count_sub+0x50/0x80 [ 15.015924] ? __pfx_kunit_try_run_case+0x10/0x10 [ 15.015949] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.015974] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 15.015999] kthread+0x337/0x6f0 [ 15.016017] ? trace_preempt_on+0x20/0xc0 [ 15.016042] ? __pfx_kthread+0x10/0x10 [ 15.016062] ? _raw_spin_unlock_irq+0x47/0x80 [ 15.016085] ? calculate_sigpending+0x7b/0xa0 [ 15.016108] ? __pfx_kthread+0x10/0x10 [ 15.016129] ret_from_fork+0x41/0x80 [ 15.016150] ? __pfx_kthread+0x10/0x10 [ 15.016170] ret_from_fork_asm+0x1a/0x30 [ 15.016202] </TASK> [ 15.016213] [ 15.023661] Allocated by task 284: [ 15.023815] kasan_save_stack+0x45/0x70 [ 15.023997] kasan_save_track+0x18/0x40 [ 15.024186] kasan_save_alloc_info+0x3b/0x50 [ 15.024389] __kasan_kmalloc+0xb7/0xc0 [ 15.024552] __kmalloc_cache_noprof+0x189/0x420 [ 15.024778] kasan_atomics+0x95/0x310 [ 15.024966] kunit_try_run_case+0x1a5/0x480 [ 15.025167] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 15.025379] kthread+0x337/0x6f0 [ 15.025501] ret_from_fork+0x41/0x80 [ 15.025637] ret_from_fork_asm+0x1a/0x30 [ 15.025840] [ 15.025936] The buggy address belongs to the object at ffff8881039f4880 [ 15.025936] which belongs to the cache kmalloc-64 of size 64 [ 15.026431] The buggy address is located 0 bytes to the right of [ 15.026431] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 15.027329] [ 15.027426] The buggy address belongs to the physical page: [ 15.027626] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 15.027867] flags: 0x200000000000000(node=0|zone=2) [ 15.028034] page_type: f5(slab) [ 15.028217] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 15.028575] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 15.029065] page dumped because: kasan: bad access detected [ 15.029247] [ 15.029318] Memory state around the buggy address: [ 15.029479] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.029854] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 15.030177] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 15.030509] ^ [ 15.030849] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.031182] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 15.031482] ================================================================== [ 13.745943] ================================================================== [ 13.746315] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x3df/0x5450 [ 13.746826] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.747160] [ 13.747286] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.747331] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.747344] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.747409] Call Trace: [ 13.747425] <TASK> [ 13.747454] dump_stack_lvl+0x73/0xb0 [ 13.747482] print_report+0xd1/0x650 [ 13.747506] ? __virt_addr_valid+0x1db/0x2d0 [ 13.747528] ? kasan_atomics_helper+0x3df/0x5450 [ 13.747560] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.747584] ? kasan_atomics_helper+0x3df/0x5450 [ 13.747619] kasan_report+0x141/0x180 [ 13.747642] ? kasan_atomics_helper+0x3df/0x5450 [ 13.747671] kasan_check_range+0x10c/0x1c0 [ 13.747693] __kasan_check_read+0x15/0x20 [ 13.747723] kasan_atomics_helper+0x3df/0x5450 [ 13.747748] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.747772] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.747806] ? kasan_atomics+0x152/0x310 [ 13.747831] kasan_atomics+0x1dc/0x310 [ 13.747852] ? __pfx_kasan_atomics+0x10/0x10 [ 13.747875] ? __pfx_read_tsc+0x10/0x10 [ 13.747896] ? ktime_get_ts64+0x86/0x230 [ 13.747931] kunit_try_run_case+0x1a5/0x480 [ 13.747956] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.747981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.748016] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.748041] ? __kthread_parkme+0x82/0x180 [ 13.748064] ? preempt_count_sub+0x50/0x80 [ 13.748090] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.748115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.748140] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.748172] kthread+0x337/0x6f0 [ 13.748190] ? trace_preempt_on+0x20/0xc0 [ 13.748215] ? __pfx_kthread+0x10/0x10 [ 13.748249] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.748273] ? calculate_sigpending+0x7b/0xa0 [ 13.748296] ? __pfx_kthread+0x10/0x10 [ 13.748315] ret_from_fork+0x41/0x80 [ 13.748338] ? __pfx_kthread+0x10/0x10 [ 13.748357] ret_from_fork_asm+0x1a/0x30 [ 13.748515] </TASK> [ 13.748533] [ 13.757116] Allocated by task 284: [ 13.757337] kasan_save_stack+0x45/0x70 [ 13.757543] kasan_save_track+0x18/0x40 [ 13.757743] kasan_save_alloc_info+0x3b/0x50 [ 13.758087] __kasan_kmalloc+0xb7/0xc0 [ 13.758224] __kmalloc_cache_noprof+0x189/0x420 [ 13.758423] kasan_atomics+0x95/0x310 [ 13.758611] kunit_try_run_case+0x1a5/0x480 [ 13.758962] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.759142] kthread+0x337/0x6f0 [ 13.759277] ret_from_fork+0x41/0x80 [ 13.759440] ret_from_fork_asm+0x1a/0x30 [ 13.759638] [ 13.759803] The buggy address belongs to the object at ffff8881039f4880 [ 13.759803] which belongs to the cache kmalloc-64 of size 64 [ 13.760348] The buggy address is located 0 bytes to the right of [ 13.760348] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.761011] [ 13.761094] The buggy address belongs to the physical page: [ 13.761281] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.761651] flags: 0x200000000000000(node=0|zone=2) [ 13.761914] page_type: f5(slab) [ 13.762263] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.762740] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.762975] page dumped because: kasan: bad access detected [ 13.763242] [ 13.763419] Memory state around the buggy address: [ 13.763648] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.764027] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.764534] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.764943] ^ [ 13.765185] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.765623] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.765918] ================================================================== [ 13.972818] ================================================================== [ 13.973099] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x8f9/0x5450 [ 13.973469] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.973874] [ 13.973962] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.974072] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.974086] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.974109] Call Trace: [ 13.974125] <TASK> [ 13.974143] dump_stack_lvl+0x73/0xb0 [ 13.974177] print_report+0xd1/0x650 [ 13.974202] ? __virt_addr_valid+0x1db/0x2d0 [ 13.974224] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.974264] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.974325] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.974351] kasan_report+0x141/0x180 [ 13.974386] ? kasan_atomics_helper+0x8f9/0x5450 [ 13.974414] kasan_check_range+0x10c/0x1c0 [ 13.974437] __kasan_check_write+0x18/0x20 [ 13.974470] kasan_atomics_helper+0x8f9/0x5450 [ 13.974496] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.974521] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.974553] ? kasan_atomics+0x152/0x310 [ 13.974578] kasan_atomics+0x1dc/0x310 [ 13.974601] ? __pfx_kasan_atomics+0x10/0x10 [ 13.974636] ? __pfx_read_tsc+0x10/0x10 [ 13.974660] ? ktime_get_ts64+0x86/0x230 [ 13.974689] kunit_try_run_case+0x1a5/0x480 [ 13.974714] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974738] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.974764] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.974790] ? __kthread_parkme+0x82/0x180 [ 13.974813] ? preempt_count_sub+0x50/0x80 [ 13.974839] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.974865] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.974890] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.974915] kthread+0x337/0x6f0 [ 13.974933] ? trace_preempt_on+0x20/0xc0 [ 13.974956] ? __pfx_kthread+0x10/0x10 [ 13.974976] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.974999] ? calculate_sigpending+0x7b/0xa0 [ 13.975022] ? __pfx_kthread+0x10/0x10 [ 13.975042] ret_from_fork+0x41/0x80 [ 13.975064] ? __pfx_kthread+0x10/0x10 [ 13.975083] ret_from_fork_asm+0x1a/0x30 [ 13.975115] </TASK> [ 13.975126] [ 13.984173] Allocated by task 284: [ 13.984351] kasan_save_stack+0x45/0x70 [ 13.984789] kasan_save_track+0x18/0x40 [ 13.985099] kasan_save_alloc_info+0x3b/0x50 [ 13.985357] __kasan_kmalloc+0xb7/0xc0 [ 13.985597] __kmalloc_cache_noprof+0x189/0x420 [ 13.985853] kasan_atomics+0x95/0x310 [ 13.986025] kunit_try_run_case+0x1a5/0x480 [ 13.986225] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.986601] kthread+0x337/0x6f0 [ 13.986826] ret_from_fork+0x41/0x80 [ 13.987000] ret_from_fork_asm+0x1a/0x30 [ 13.987219] [ 13.987303] The buggy address belongs to the object at ffff8881039f4880 [ 13.987303] which belongs to the cache kmalloc-64 of size 64 [ 13.987908] The buggy address is located 0 bytes to the right of [ 13.987908] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.988587] [ 13.988788] The buggy address belongs to the physical page: [ 13.988990] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.989244] flags: 0x200000000000000(node=0|zone=2) [ 13.989408] page_type: f5(slab) [ 13.989658] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.990336] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.990671] page dumped because: kasan: bad access detected [ 13.990914] [ 13.990995] Memory state around the buggy address: [ 13.991199] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.991635] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.991967] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.992325] ^ [ 13.992573] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.992925] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.994021] ================================================================== [ 13.766443] ================================================================== [ 13.766883] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4b54/0x5450 [ 13.767223] Read of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.767670] [ 13.767785] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.767839] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.767852] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.767874] Call Trace: [ 13.767887] <TASK> [ 13.767912] dump_stack_lvl+0x73/0xb0 [ 13.767937] print_report+0xd1/0x650 [ 13.767960] ? __virt_addr_valid+0x1db/0x2d0 [ 13.767982] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.768005] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.768030] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.768053] kasan_report+0x141/0x180 [ 13.768077] ? kasan_atomics_helper+0x4b54/0x5450 [ 13.768105] __asan_report_load4_noabort+0x18/0x20 [ 13.768129] kasan_atomics_helper+0x4b54/0x5450 [ 13.768153] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.768176] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.768199] ? kasan_atomics+0x152/0x310 [ 13.768224] kasan_atomics+0x1dc/0x310 [ 13.768255] ? __pfx_kasan_atomics+0x10/0x10 [ 13.768278] ? __pfx_read_tsc+0x10/0x10 [ 13.768299] ? ktime_get_ts64+0x86/0x230 [ 13.768325] kunit_try_run_case+0x1a5/0x480 [ 13.768350] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.768374] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.768408] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.768433] ? __kthread_parkme+0x82/0x180 [ 13.768456] ? preempt_count_sub+0x50/0x80 [ 13.768493] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.768518] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.768543] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.768567] kthread+0x337/0x6f0 [ 13.768586] ? trace_preempt_on+0x20/0xc0 [ 13.768610] ? __pfx_kthread+0x10/0x10 [ 13.768630] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.768653] ? calculate_sigpending+0x7b/0xa0 [ 13.768676] ? __pfx_kthread+0x10/0x10 [ 13.768696] ret_from_fork+0x41/0x80 [ 13.768718] ? __pfx_kthread+0x10/0x10 [ 13.768738] ret_from_fork_asm+0x1a/0x30 [ 13.768770] </TASK> [ 13.768781] [ 13.780026] Allocated by task 284: [ 13.780425] kasan_save_stack+0x45/0x70 [ 13.780904] kasan_save_track+0x18/0x40 [ 13.781166] kasan_save_alloc_info+0x3b/0x50 [ 13.781558] __kasan_kmalloc+0xb7/0xc0 [ 13.781901] __kmalloc_cache_noprof+0x189/0x420 [ 13.782325] kasan_atomics+0x95/0x310 [ 13.782755] kunit_try_run_case+0x1a5/0x480 [ 13.783031] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.783540] kthread+0x337/0x6f0 [ 13.783851] ret_from_fork+0x41/0x80 [ 13.784174] ret_from_fork_asm+0x1a/0x30 [ 13.784520] [ 13.784629] The buggy address belongs to the object at ffff8881039f4880 [ 13.784629] which belongs to the cache kmalloc-64 of size 64 [ 13.785110] The buggy address is located 0 bytes to the right of [ 13.785110] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.785511] [ 13.785690] The buggy address belongs to the physical page: [ 13.786189] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.786559] flags: 0x200000000000000(node=0|zone=2) [ 13.786855] page_type: f5(slab) [ 13.786977] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.787324] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.787813] page dumped because: kasan: bad access detected [ 13.788137] [ 13.788258] Memory state around the buggy address: [ 13.788556] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.788909] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.789144] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.789506] ^ [ 13.789806] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.790205] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.790691] ================================================================== [ 14.773947] ================================================================== [ 14.774297] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1d7a/0x5450 [ 14.774699] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.774983] [ 14.775075] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.775121] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.775135] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.775159] Call Trace: [ 14.775176] <TASK> [ 14.775195] dump_stack_lvl+0x73/0xb0 [ 14.775221] print_report+0xd1/0x650 [ 14.775254] ? __virt_addr_valid+0x1db/0x2d0 [ 14.775277] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.775301] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.775325] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.775349] kasan_report+0x141/0x180 [ 14.775383] ? kasan_atomics_helper+0x1d7a/0x5450 [ 14.775412] kasan_check_range+0x10c/0x1c0 [ 14.775434] __kasan_check_write+0x18/0x20 [ 14.775467] kasan_atomics_helper+0x1d7a/0x5450 [ 14.775492] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.775517] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.775543] ? kasan_atomics+0x152/0x310 [ 14.775569] kasan_atomics+0x1dc/0x310 [ 14.775590] ? __pfx_kasan_atomics+0x10/0x10 [ 14.775613] ? __pfx_read_tsc+0x10/0x10 [ 14.775653] ? ktime_get_ts64+0x86/0x230 [ 14.775680] kunit_try_run_case+0x1a5/0x480 [ 14.775706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.775730] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.775756] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.775781] ? __kthread_parkme+0x82/0x180 [ 14.775808] ? preempt_count_sub+0x50/0x80 [ 14.775835] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.775869] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.775893] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.775918] kthread+0x337/0x6f0 [ 14.775947] ? trace_preempt_on+0x20/0xc0 [ 14.775973] ? __pfx_kthread+0x10/0x10 [ 14.775993] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.776025] ? calculate_sigpending+0x7b/0xa0 [ 14.776049] ? __pfx_kthread+0x10/0x10 [ 14.776069] ret_from_fork+0x41/0x80 [ 14.776101] ? __pfx_kthread+0x10/0x10 [ 14.776121] ret_from_fork_asm+0x1a/0x30 [ 14.776152] </TASK> [ 14.776163] [ 14.785330] Allocated by task 284: [ 14.785699] kasan_save_stack+0x45/0x70 [ 14.786052] kasan_save_track+0x18/0x40 [ 14.786425] kasan_save_alloc_info+0x3b/0x50 [ 14.786834] __kasan_kmalloc+0xb7/0xc0 [ 14.787175] __kmalloc_cache_noprof+0x189/0x420 [ 14.787592] kasan_atomics+0x95/0x310 [ 14.787951] kunit_try_run_case+0x1a5/0x480 [ 14.788205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.788715] kthread+0x337/0x6f0 [ 14.788976] ret_from_fork+0x41/0x80 [ 14.789111] ret_from_fork_asm+0x1a/0x30 [ 14.789264] [ 14.789340] The buggy address belongs to the object at ffff8881039f4880 [ 14.789340] which belongs to the cache kmalloc-64 of size 64 [ 14.789840] The buggy address is located 0 bytes to the right of [ 14.789840] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.790932] [ 14.791095] The buggy address belongs to the physical page: [ 14.791568] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.792251] flags: 0x200000000000000(node=0|zone=2) [ 14.792700] page_type: f5(slab) [ 14.793002] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.793682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.794320] page dumped because: kasan: bad access detected [ 14.794808] [ 14.794883] Memory state around the buggy address: [ 14.795043] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.795320] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.795944] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.796561] ^ [ 14.797008] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.797622] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.798251] ================================================================== [ 14.187039] ================================================================== [ 14.187551] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xf10/0x5450 [ 14.187892] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.188134] [ 14.188244] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.188292] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.188305] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.188328] Call Trace: [ 14.188349] <TASK> [ 14.188369] dump_stack_lvl+0x73/0xb0 [ 14.188396] print_report+0xd1/0x650 [ 14.188419] ? __virt_addr_valid+0x1db/0x2d0 [ 14.188444] ? kasan_atomics_helper+0xf10/0x5450 [ 14.188466] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.188490] ? kasan_atomics_helper+0xf10/0x5450 [ 14.188514] kasan_report+0x141/0x180 [ 14.188538] ? kasan_atomics_helper+0xf10/0x5450 [ 14.188565] kasan_check_range+0x10c/0x1c0 [ 14.188588] __kasan_check_write+0x18/0x20 [ 14.188610] kasan_atomics_helper+0xf10/0x5450 [ 14.188635] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.188659] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.188682] ? kasan_atomics+0x152/0x310 [ 14.188708] kasan_atomics+0x1dc/0x310 [ 14.188728] ? __pfx_kasan_atomics+0x10/0x10 [ 14.188751] ? __pfx_read_tsc+0x10/0x10 [ 14.188772] ? ktime_get_ts64+0x86/0x230 [ 14.188799] kunit_try_run_case+0x1a5/0x480 [ 14.188825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188849] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.188875] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.188899] ? __kthread_parkme+0x82/0x180 [ 14.188923] ? preempt_count_sub+0x50/0x80 [ 14.188950] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.188976] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.189001] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.189025] kthread+0x337/0x6f0 [ 14.189044] ? trace_preempt_on+0x20/0xc0 [ 14.189069] ? __pfx_kthread+0x10/0x10 [ 14.189088] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.189112] ? calculate_sigpending+0x7b/0xa0 [ 14.189135] ? __pfx_kthread+0x10/0x10 [ 14.189155] ret_from_fork+0x41/0x80 [ 14.189177] ? __pfx_kthread+0x10/0x10 [ 14.189196] ret_from_fork_asm+0x1a/0x30 [ 14.189237] </TASK> [ 14.189249] [ 14.196765] Allocated by task 284: [ 14.196959] kasan_save_stack+0x45/0x70 [ 14.197149] kasan_save_track+0x18/0x40 [ 14.197324] kasan_save_alloc_info+0x3b/0x50 [ 14.197536] __kasan_kmalloc+0xb7/0xc0 [ 14.197727] __kmalloc_cache_noprof+0x189/0x420 [ 14.197894] kasan_atomics+0x95/0x310 [ 14.198083] kunit_try_run_case+0x1a5/0x480 [ 14.198285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.198497] kthread+0x337/0x6f0 [ 14.198618] ret_from_fork+0x41/0x80 [ 14.198750] ret_from_fork_asm+0x1a/0x30 [ 14.198891] [ 14.198963] The buggy address belongs to the object at ffff8881039f4880 [ 14.198963] which belongs to the cache kmalloc-64 of size 64 [ 14.199478] The buggy address is located 0 bytes to the right of [ 14.199478] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.200090] [ 14.200166] The buggy address belongs to the physical page: [ 14.200348] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.200587] flags: 0x200000000000000(node=0|zone=2) [ 14.200855] page_type: f5(slab) [ 14.201028] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.201393] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.201741] page dumped because: kasan: bad access detected [ 14.202047] [ 14.202119] Memory state around the buggy address: [ 14.202288] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.202506] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.202724] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.203049] ^ [ 14.203287] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.203606] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.203923] ================================================================== [ 13.951544] ================================================================== [ 13.952009] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x860/0x5450 [ 13.952416] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.952854] [ 13.952941] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.952985] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.952998] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.953020] Call Trace: [ 13.953036] <TASK> [ 13.953051] dump_stack_lvl+0x73/0xb0 [ 13.953076] print_report+0xd1/0x650 [ 13.953112] ? __virt_addr_valid+0x1db/0x2d0 [ 13.953134] ? kasan_atomics_helper+0x860/0x5450 [ 13.953158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.953194] ? kasan_atomics_helper+0x860/0x5450 [ 13.953218] kasan_report+0x141/0x180 [ 13.953252] ? kasan_atomics_helper+0x860/0x5450 [ 13.953328] kasan_check_range+0x10c/0x1c0 [ 13.953369] __kasan_check_write+0x18/0x20 [ 13.953391] kasan_atomics_helper+0x860/0x5450 [ 13.953428] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.953453] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.953476] ? kasan_atomics+0x152/0x310 [ 13.953501] kasan_atomics+0x1dc/0x310 [ 13.953531] ? __pfx_kasan_atomics+0x10/0x10 [ 13.953557] ? __pfx_read_tsc+0x10/0x10 [ 13.953588] ? ktime_get_ts64+0x86/0x230 [ 13.953614] kunit_try_run_case+0x1a5/0x480 [ 13.953640] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.953691] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.953715] ? __kthread_parkme+0x82/0x180 [ 13.953737] ? preempt_count_sub+0x50/0x80 [ 13.953763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.953788] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.953813] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.953838] kthread+0x337/0x6f0 [ 13.953856] ? trace_preempt_on+0x20/0xc0 [ 13.953880] ? __pfx_kthread+0x10/0x10 [ 13.953899] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.953932] ? calculate_sigpending+0x7b/0xa0 [ 13.953953] ? __pfx_kthread+0x10/0x10 [ 13.953974] ret_from_fork+0x41/0x80 [ 13.954006] ? __pfx_kthread+0x10/0x10 [ 13.954025] ret_from_fork_asm+0x1a/0x30 [ 13.954056] </TASK> [ 13.954067] [ 13.963198] Allocated by task 284: [ 13.963471] kasan_save_stack+0x45/0x70 [ 13.963714] kasan_save_track+0x18/0x40 [ 13.963876] kasan_save_alloc_info+0x3b/0x50 [ 13.964109] __kasan_kmalloc+0xb7/0xc0 [ 13.964272] __kmalloc_cache_noprof+0x189/0x420 [ 13.964560] kasan_atomics+0x95/0x310 [ 13.964823] kunit_try_run_case+0x1a5/0x480 [ 13.964986] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.965161] kthread+0x337/0x6f0 [ 13.965293] ret_from_fork+0x41/0x80 [ 13.965428] ret_from_fork_asm+0x1a/0x30 [ 13.965898] [ 13.966078] The buggy address belongs to the object at ffff8881039f4880 [ 13.966078] which belongs to the cache kmalloc-64 of size 64 [ 13.966862] The buggy address is located 0 bytes to the right of [ 13.966862] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.967283] [ 13.967360] The buggy address belongs to the physical page: [ 13.967671] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.968073] flags: 0x200000000000000(node=0|zone=2) [ 13.968349] page_type: f5(slab) [ 13.968586] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.969027] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.969393] page dumped because: kasan: bad access detected [ 13.969653] [ 13.969749] Memory state around the buggy address: [ 13.969942] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970222] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.970448] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.970894] ^ [ 13.971522] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.971874] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.972213] ================================================================== [ 14.147652] ================================================================== [ 14.148183] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xde0/0x5450 [ 14.148566] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.149000] [ 14.149126] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.149180] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.149194] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.149217] Call Trace: [ 14.149249] <TASK> [ 14.149269] dump_stack_lvl+0x73/0xb0 [ 14.149502] print_report+0xd1/0x650 [ 14.149528] ? __virt_addr_valid+0x1db/0x2d0 [ 14.149558] ? kasan_atomics_helper+0xde0/0x5450 [ 14.149581] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.149605] ? kasan_atomics_helper+0xde0/0x5450 [ 14.149628] kasan_report+0x141/0x180 [ 14.149664] ? kasan_atomics_helper+0xde0/0x5450 [ 14.149691] kasan_check_range+0x10c/0x1c0 [ 14.149713] __kasan_check_write+0x18/0x20 [ 14.149734] kasan_atomics_helper+0xde0/0x5450 [ 14.149759] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.149783] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.149806] ? kasan_atomics+0x152/0x310 [ 14.149831] kasan_atomics+0x1dc/0x310 [ 14.149852] ? __pfx_kasan_atomics+0x10/0x10 [ 14.149875] ? __pfx_read_tsc+0x10/0x10 [ 14.149895] ? ktime_get_ts64+0x86/0x230 [ 14.149922] kunit_try_run_case+0x1a5/0x480 [ 14.149948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.149971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.149996] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.150021] ? __kthread_parkme+0x82/0x180 [ 14.150045] ? preempt_count_sub+0x50/0x80 [ 14.150072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.150096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.150120] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.150145] kthread+0x337/0x6f0 [ 14.150164] ? trace_preempt_on+0x20/0xc0 [ 14.150189] ? __pfx_kthread+0x10/0x10 [ 14.150208] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.150244] ? calculate_sigpending+0x7b/0xa0 [ 14.150269] ? __pfx_kthread+0x10/0x10 [ 14.150289] ret_from_fork+0x41/0x80 [ 14.150310] ? __pfx_kthread+0x10/0x10 [ 14.150330] ret_from_fork_asm+0x1a/0x30 [ 14.150361] </TASK> [ 14.150373] [ 14.160398] Allocated by task 284: [ 14.160766] kasan_save_stack+0x45/0x70 [ 14.160940] kasan_save_track+0x18/0x40 [ 14.161141] kasan_save_alloc_info+0x3b/0x50 [ 14.161355] __kasan_kmalloc+0xb7/0xc0 [ 14.161541] __kmalloc_cache_noprof+0x189/0x420 [ 14.162011] kasan_atomics+0x95/0x310 [ 14.162179] kunit_try_run_case+0x1a5/0x480 [ 14.162478] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.162887] kthread+0x337/0x6f0 [ 14.163036] ret_from_fork+0x41/0x80 [ 14.163321] ret_from_fork_asm+0x1a/0x30 [ 14.163477] [ 14.163733] The buggy address belongs to the object at ffff8881039f4880 [ 14.163733] which belongs to the cache kmalloc-64 of size 64 [ 14.164217] The buggy address is located 0 bytes to the right of [ 14.164217] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.164669] [ 14.164769] The buggy address belongs to the physical page: [ 14.165003] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.165356] flags: 0x200000000000000(node=0|zone=2) [ 14.165584] page_type: f5(slab) [ 14.165788] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.166030] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.166393] page dumped because: kasan: bad access detected [ 14.166646] [ 14.166733] Memory state around the buggy address: [ 14.166937] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.167248] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.167494] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.167798] ^ [ 14.167955] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168258] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.168534] ================================================================== [ 14.388471] ================================================================== [ 14.388768] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x12e6/0x5450 [ 14.389391] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.389681] [ 14.389818] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.389866] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.389879] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.389902] Call Trace: [ 14.389921] <TASK> [ 14.389941] dump_stack_lvl+0x73/0xb0 [ 14.389968] print_report+0xd1/0x650 [ 14.389992] ? __virt_addr_valid+0x1db/0x2d0 [ 14.390015] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.390051] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.390075] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.390109] kasan_report+0x141/0x180 [ 14.390134] ? kasan_atomics_helper+0x12e6/0x5450 [ 14.390162] kasan_check_range+0x10c/0x1c0 [ 14.390183] __kasan_check_write+0x18/0x20 [ 14.390205] kasan_atomics_helper+0x12e6/0x5450 [ 14.390245] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.390269] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.390303] ? kasan_atomics+0x152/0x310 [ 14.390328] kasan_atomics+0x1dc/0x310 [ 14.390348] ? __pfx_kasan_atomics+0x10/0x10 [ 14.390371] ? __pfx_read_tsc+0x10/0x10 [ 14.390392] ? ktime_get_ts64+0x86/0x230 [ 14.390420] kunit_try_run_case+0x1a5/0x480 [ 14.390446] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390470] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.390496] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.390521] ? __kthread_parkme+0x82/0x180 [ 14.390547] ? preempt_count_sub+0x50/0x80 [ 14.390575] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.390601] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.390625] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.390650] kthread+0x337/0x6f0 [ 14.390668] ? trace_preempt_on+0x20/0xc0 [ 14.390694] ? __pfx_kthread+0x10/0x10 [ 14.390714] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.390738] ? calculate_sigpending+0x7b/0xa0 [ 14.390761] ? __pfx_kthread+0x10/0x10 [ 14.390780] ret_from_fork+0x41/0x80 [ 14.390803] ? __pfx_kthread+0x10/0x10 [ 14.390823] ret_from_fork_asm+0x1a/0x30 [ 14.390855] </TASK> [ 14.390866] [ 14.399208] Allocated by task 284: [ 14.399368] kasan_save_stack+0x45/0x70 [ 14.399560] kasan_save_track+0x18/0x40 [ 14.399786] kasan_save_alloc_info+0x3b/0x50 [ 14.399990] __kasan_kmalloc+0xb7/0xc0 [ 14.400173] __kmalloc_cache_noprof+0x189/0x420 [ 14.400383] kasan_atomics+0x95/0x310 [ 14.400549] kunit_try_run_case+0x1a5/0x480 [ 14.400822] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.401120] kthread+0x337/0x6f0 [ 14.401297] ret_from_fork+0x41/0x80 [ 14.401440] ret_from_fork_asm+0x1a/0x30 [ 14.401586] [ 14.401659] The buggy address belongs to the object at ffff8881039f4880 [ 14.401659] which belongs to the cache kmalloc-64 of size 64 [ 14.402099] The buggy address is located 0 bytes to the right of [ 14.402099] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.402690] [ 14.402791] The buggy address belongs to the physical page: [ 14.403041] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.403413] flags: 0x200000000000000(node=0|zone=2) [ 14.403675] page_type: f5(slab) [ 14.403908] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.404237] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.404554] page dumped because: kasan: bad access detected [ 14.404729] [ 14.404800] Memory state around the buggy address: [ 14.404959] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.405401] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.405777] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.406105] ^ [ 14.406332] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406739] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.406991] ================================================================== [ 14.561335] ================================================================== [ 14.561693] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x16e7/0x5450 [ 14.561984] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.562214] [ 14.562396] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.562442] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.562467] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.562491] Call Trace: [ 14.562509] <TASK> [ 14.562528] dump_stack_lvl+0x73/0xb0 [ 14.562554] print_report+0xd1/0x650 [ 14.562579] ? __virt_addr_valid+0x1db/0x2d0 [ 14.562602] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.562625] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.562658] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.562683] kasan_report+0x141/0x180 [ 14.562707] ? kasan_atomics_helper+0x16e7/0x5450 [ 14.562745] kasan_check_range+0x10c/0x1c0 [ 14.562768] __kasan_check_write+0x18/0x20 [ 14.562789] kasan_atomics_helper+0x16e7/0x5450 [ 14.562824] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.562849] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.562872] ? kasan_atomics+0x152/0x310 [ 14.562897] kasan_atomics+0x1dc/0x310 [ 14.562919] ? __pfx_kasan_atomics+0x10/0x10 [ 14.562940] ? __pfx_read_tsc+0x10/0x10 [ 14.562961] ? ktime_get_ts64+0x86/0x230 [ 14.562988] kunit_try_run_case+0x1a5/0x480 [ 14.563014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563037] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.563063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.563089] ? __kthread_parkme+0x82/0x180 [ 14.563113] ? preempt_count_sub+0x50/0x80 [ 14.563140] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.563165] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.563190] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.563217] kthread+0x337/0x6f0 [ 14.563246] ? trace_preempt_on+0x20/0xc0 [ 14.563272] ? __pfx_kthread+0x10/0x10 [ 14.563292] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.563316] ? calculate_sigpending+0x7b/0xa0 [ 14.563339] ? __pfx_kthread+0x10/0x10 [ 14.563359] ret_from_fork+0x41/0x80 [ 14.563382] ? __pfx_kthread+0x10/0x10 [ 14.563401] ret_from_fork_asm+0x1a/0x30 [ 14.563434] </TASK> [ 14.563447] [ 14.571408] Allocated by task 284: [ 14.571596] kasan_save_stack+0x45/0x70 [ 14.571805] kasan_save_track+0x18/0x40 [ 14.572149] kasan_save_alloc_info+0x3b/0x50 [ 14.572372] __kasan_kmalloc+0xb7/0xc0 [ 14.572563] __kmalloc_cache_noprof+0x189/0x420 [ 14.572835] kasan_atomics+0x95/0x310 [ 14.573023] kunit_try_run_case+0x1a5/0x480 [ 14.573243] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.573493] kthread+0x337/0x6f0 [ 14.573619] ret_from_fork+0x41/0x80 [ 14.573813] ret_from_fork_asm+0x1a/0x30 [ 14.574012] [ 14.574100] The buggy address belongs to the object at ffff8881039f4880 [ 14.574100] which belongs to the cache kmalloc-64 of size 64 [ 14.574524] The buggy address is located 0 bytes to the right of [ 14.574524] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.575294] [ 14.575401] The buggy address belongs to the physical page: [ 14.575576] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.576252] flags: 0x200000000000000(node=0|zone=2) [ 14.576419] page_type: f5(slab) [ 14.576541] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.576773] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.577067] page dumped because: kasan: bad access detected [ 14.577357] [ 14.577468] Memory state around the buggy address: [ 14.577732] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.578060] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.578347] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.578563] ^ [ 14.578904] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.579318] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.579646] ================================================================== [ 13.908434] ================================================================== [ 13.908674] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x72f/0x5450 [ 13.909162] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 13.909640] [ 13.909786] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.909846] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.909861] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.909883] Call Trace: [ 13.909900] <TASK> [ 13.909916] dump_stack_lvl+0x73/0xb0 [ 13.909943] print_report+0xd1/0x650 [ 13.909967] ? __virt_addr_valid+0x1db/0x2d0 [ 13.909990] ? kasan_atomics_helper+0x72f/0x5450 [ 13.910013] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.910038] ? kasan_atomics_helper+0x72f/0x5450 [ 13.910062] kasan_report+0x141/0x180 [ 13.910086] ? kasan_atomics_helper+0x72f/0x5450 [ 13.910115] kasan_check_range+0x10c/0x1c0 [ 13.910146] __kasan_check_write+0x18/0x20 [ 13.910167] kasan_atomics_helper+0x72f/0x5450 [ 13.910192] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 13.910242] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.910265] ? kasan_atomics+0x152/0x310 [ 13.910301] kasan_atomics+0x1dc/0x310 [ 13.910322] ? __pfx_kasan_atomics+0x10/0x10 [ 13.910344] ? __pfx_read_tsc+0x10/0x10 [ 13.910365] ? ktime_get_ts64+0x86/0x230 [ 13.910391] kunit_try_run_case+0x1a5/0x480 [ 13.910417] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910441] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.910466] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.910490] ? __kthread_parkme+0x82/0x180 [ 13.910513] ? preempt_count_sub+0x50/0x80 [ 13.910540] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.910566] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.910590] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.910616] kthread+0x337/0x6f0 [ 13.910634] ? trace_preempt_on+0x20/0xc0 [ 13.910658] ? __pfx_kthread+0x10/0x10 [ 13.910678] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.910701] ? calculate_sigpending+0x7b/0xa0 [ 13.910724] ? __pfx_kthread+0x10/0x10 [ 13.910743] ret_from_fork+0x41/0x80 [ 13.910765] ? __pfx_kthread+0x10/0x10 [ 13.911010] ret_from_fork_asm+0x1a/0x30 [ 13.911047] </TASK> [ 13.911059] [ 13.920359] Allocated by task 284: [ 13.920634] kasan_save_stack+0x45/0x70 [ 13.920902] kasan_save_track+0x18/0x40 [ 13.921126] kasan_save_alloc_info+0x3b/0x50 [ 13.921299] __kasan_kmalloc+0xb7/0xc0 [ 13.921489] __kmalloc_cache_noprof+0x189/0x420 [ 13.921795] kasan_atomics+0x95/0x310 [ 13.922010] kunit_try_run_case+0x1a5/0x480 [ 13.922306] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.922552] kthread+0x337/0x6f0 [ 13.922735] ret_from_fork+0x41/0x80 [ 13.922899] ret_from_fork_asm+0x1a/0x30 [ 13.923412] [ 13.923517] The buggy address belongs to the object at ffff8881039f4880 [ 13.923517] which belongs to the cache kmalloc-64 of size 64 [ 13.924025] The buggy address is located 0 bytes to the right of [ 13.924025] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 13.924752] [ 13.924851] The buggy address belongs to the physical page: [ 13.925106] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 13.925625] flags: 0x200000000000000(node=0|zone=2) [ 13.925872] page_type: f5(slab) [ 13.926042] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 13.926436] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 13.926968] page dumped because: kasan: bad access detected [ 13.927200] [ 13.927352] Memory state around the buggy address: [ 13.927640] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.927972] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 13.928216] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 13.928847] ^ [ 13.929064] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.929526] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.929884] ================================================================== [ 14.169273] ================================================================== [ 14.169672] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xe78/0x5450 [ 14.169989] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.170264] [ 14.170471] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.170518] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.170531] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.170554] Call Trace: [ 14.170571] <TASK> [ 14.170591] dump_stack_lvl+0x73/0xb0 [ 14.170617] print_report+0xd1/0x650 [ 14.170641] ? __virt_addr_valid+0x1db/0x2d0 [ 14.170665] ? kasan_atomics_helper+0xe78/0x5450 [ 14.170688] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.170712] ? kasan_atomics_helper+0xe78/0x5450 [ 14.170735] kasan_report+0x141/0x180 [ 14.170759] ? kasan_atomics_helper+0xe78/0x5450 [ 14.170787] kasan_check_range+0x10c/0x1c0 [ 14.170808] __kasan_check_write+0x18/0x20 [ 14.170830] kasan_atomics_helper+0xe78/0x5450 [ 14.170855] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.170879] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.170902] ? kasan_atomics+0x152/0x310 [ 14.170927] kasan_atomics+0x1dc/0x310 [ 14.170948] ? __pfx_kasan_atomics+0x10/0x10 [ 14.170971] ? __pfx_read_tsc+0x10/0x10 [ 14.170992] ? ktime_get_ts64+0x86/0x230 [ 14.171019] kunit_try_run_case+0x1a5/0x480 [ 14.171045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.171069] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.171094] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.171119] ? __kthread_parkme+0x82/0x180 [ 14.171142] ? preempt_count_sub+0x50/0x80 [ 14.171169] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.171194] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.171218] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.171255] kthread+0x337/0x6f0 [ 14.171273] ? trace_preempt_on+0x20/0xc0 [ 14.171298] ? __pfx_kthread+0x10/0x10 [ 14.171318] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.171342] ? calculate_sigpending+0x7b/0xa0 [ 14.171364] ? __pfx_kthread+0x10/0x10 [ 14.171384] ret_from_fork+0x41/0x80 [ 14.171406] ? __pfx_kthread+0x10/0x10 [ 14.171425] ret_from_fork_asm+0x1a/0x30 [ 14.171457] </TASK> [ 14.171469] [ 14.179086] Allocated by task 284: [ 14.179289] kasan_save_stack+0x45/0x70 [ 14.179475] kasan_save_track+0x18/0x40 [ 14.179665] kasan_save_alloc_info+0x3b/0x50 [ 14.179854] __kasan_kmalloc+0xb7/0xc0 [ 14.180020] __kmalloc_cache_noprof+0x189/0x420 [ 14.180174] kasan_atomics+0x95/0x310 [ 14.180357] kunit_try_run_case+0x1a5/0x480 [ 14.180569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.180820] kthread+0x337/0x6f0 [ 14.181029] ret_from_fork+0x41/0x80 [ 14.181162] ret_from_fork_asm+0x1a/0x30 [ 14.181374] [ 14.181469] The buggy address belongs to the object at ffff8881039f4880 [ 14.181469] which belongs to the cache kmalloc-64 of size 64 [ 14.181989] The buggy address is located 0 bytes to the right of [ 14.181989] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.182474] [ 14.182573] The buggy address belongs to the physical page: [ 14.182793] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.183140] flags: 0x200000000000000(node=0|zone=2) [ 14.183365] page_type: f5(slab) [ 14.183492] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.183723] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.183953] page dumped because: kasan: bad access detected [ 14.184124] [ 14.184219] Memory state around the buggy address: [ 14.184490] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.185026] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.185301] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.185517] ^ [ 14.185729] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.186053] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.186383] ================================================================== [ 14.204754] ================================================================== [ 14.205084] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xfa9/0x5450 [ 14.205507] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.205844] [ 14.205948] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.205995] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.206008] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.206032] Call Trace: [ 14.206051] <TASK> [ 14.206071] dump_stack_lvl+0x73/0xb0 [ 14.206097] print_report+0xd1/0x650 [ 14.206121] ? __virt_addr_valid+0x1db/0x2d0 [ 14.206145] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.206168] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.206319] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.206346] kasan_report+0x141/0x180 [ 14.206372] ? kasan_atomics_helper+0xfa9/0x5450 [ 14.206400] kasan_check_range+0x10c/0x1c0 [ 14.206422] __kasan_check_write+0x18/0x20 [ 14.206443] kasan_atomics_helper+0xfa9/0x5450 [ 14.206468] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.206492] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.206516] ? kasan_atomics+0x152/0x310 [ 14.206540] kasan_atomics+0x1dc/0x310 [ 14.206560] ? __pfx_kasan_atomics+0x10/0x10 [ 14.206583] ? __pfx_read_tsc+0x10/0x10 [ 14.206605] ? ktime_get_ts64+0x86/0x230 [ 14.206631] kunit_try_run_case+0x1a5/0x480 [ 14.206657] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206681] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.206707] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.206733] ? __kthread_parkme+0x82/0x180 [ 14.206757] ? preempt_count_sub+0x50/0x80 [ 14.206783] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.206808] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.206833] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.206858] kthread+0x337/0x6f0 [ 14.206875] ? trace_preempt_on+0x20/0xc0 [ 14.206901] ? __pfx_kthread+0x10/0x10 [ 14.206932] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.206956] ? calculate_sigpending+0x7b/0xa0 [ 14.206979] ? __pfx_kthread+0x10/0x10 [ 14.206999] ret_from_fork+0x41/0x80 [ 14.207020] ? __pfx_kthread+0x10/0x10 [ 14.207040] ret_from_fork_asm+0x1a/0x30 [ 14.207072] </TASK> [ 14.207084] [ 14.214466] Allocated by task 284: [ 14.214606] kasan_save_stack+0x45/0x70 [ 14.214832] kasan_save_track+0x18/0x40 [ 14.215038] kasan_save_alloc_info+0x3b/0x50 [ 14.215329] __kasan_kmalloc+0xb7/0xc0 [ 14.215527] __kmalloc_cache_noprof+0x189/0x420 [ 14.215860] kasan_atomics+0x95/0x310 [ 14.216020] kunit_try_run_case+0x1a5/0x480 [ 14.216246] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.216420] kthread+0x337/0x6f0 [ 14.216541] ret_from_fork+0x41/0x80 [ 14.216670] ret_from_fork_asm+0x1a/0x30 [ 14.216820] [ 14.216929] The buggy address belongs to the object at ffff8881039f4880 [ 14.216929] which belongs to the cache kmalloc-64 of size 64 [ 14.217463] The buggy address is located 0 bytes to the right of [ 14.217463] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.218113] [ 14.218187] The buggy address belongs to the physical page: [ 14.218364] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.218595] flags: 0x200000000000000(node=0|zone=2) [ 14.218756] page_type: f5(slab) [ 14.218876] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.219098] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.219546] page dumped because: kasan: bad access detected [ 14.219984] [ 14.220080] Memory state around the buggy address: [ 14.220321] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.220651] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.220977] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.221306] ^ [ 14.221477] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.221693] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.222016] ================================================================== [ 14.079184] ================================================================== [ 14.079839] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xc70/0x5450 [ 14.080187] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.080510] [ 14.080615] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.080841] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.080857] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.080880] Call Trace: [ 14.080897] <TASK> [ 14.080914] dump_stack_lvl+0x73/0xb0 [ 14.080941] print_report+0xd1/0x650 [ 14.080964] ? __virt_addr_valid+0x1db/0x2d0 [ 14.081084] ? kasan_atomics_helper+0xc70/0x5450 [ 14.081107] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.081133] ? kasan_atomics_helper+0xc70/0x5450 [ 14.081156] kasan_report+0x141/0x180 [ 14.081180] ? kasan_atomics_helper+0xc70/0x5450 [ 14.081208] kasan_check_range+0x10c/0x1c0 [ 14.081244] __kasan_check_write+0x18/0x20 [ 14.081265] kasan_atomics_helper+0xc70/0x5450 [ 14.081290] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.081315] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.081337] ? kasan_atomics+0x152/0x310 [ 14.081361] kasan_atomics+0x1dc/0x310 [ 14.081382] ? __pfx_kasan_atomics+0x10/0x10 [ 14.081404] ? __pfx_read_tsc+0x10/0x10 [ 14.081425] ? ktime_get_ts64+0x86/0x230 [ 14.081451] kunit_try_run_case+0x1a5/0x480 [ 14.081476] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.081500] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.081525] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.081556] ? __kthread_parkme+0x82/0x180 [ 14.081579] ? preempt_count_sub+0x50/0x80 [ 14.081605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.081629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.081676] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.081701] kthread+0x337/0x6f0 [ 14.081719] ? trace_preempt_on+0x20/0xc0 [ 14.081743] ? __pfx_kthread+0x10/0x10 [ 14.081762] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.081786] ? calculate_sigpending+0x7b/0xa0 [ 14.081808] ? __pfx_kthread+0x10/0x10 [ 14.081829] ret_from_fork+0x41/0x80 [ 14.081851] ? __pfx_kthread+0x10/0x10 [ 14.081871] ret_from_fork_asm+0x1a/0x30 [ 14.081902] </TASK> [ 14.081914] [ 14.091342] Allocated by task 284: [ 14.091527] kasan_save_stack+0x45/0x70 [ 14.092099] kasan_save_track+0x18/0x40 [ 14.092286] kasan_save_alloc_info+0x3b/0x50 [ 14.092585] __kasan_kmalloc+0xb7/0xc0 [ 14.092918] __kmalloc_cache_noprof+0x189/0x420 [ 14.093138] kasan_atomics+0x95/0x310 [ 14.093330] kunit_try_run_case+0x1a5/0x480 [ 14.093530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.094013] kthread+0x337/0x6f0 [ 14.094167] ret_from_fork+0x41/0x80 [ 14.094480] ret_from_fork_asm+0x1a/0x30 [ 14.094766] [ 14.094846] The buggy address belongs to the object at ffff8881039f4880 [ 14.094846] which belongs to the cache kmalloc-64 of size 64 [ 14.095475] The buggy address is located 0 bytes to the right of [ 14.095475] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.096092] [ 14.096185] The buggy address belongs to the physical page: [ 14.096625] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.097061] flags: 0x200000000000000(node=0|zone=2) [ 14.097365] page_type: f5(slab) [ 14.097510] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.097964] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.098386] page dumped because: kasan: bad access detected [ 14.098697] [ 14.098794] Memory state around the buggy address: [ 14.098963] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.099299] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.099599] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.099906] ^ [ 14.100131] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.100815] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.101181] ================================================================== [ 14.618520] ================================================================== [ 14.618881] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x18b1/0x5450 [ 14.619308] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.619644] [ 14.619735] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.619784] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.619797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.619821] Call Trace: [ 14.619841] <TASK> [ 14.619862] dump_stack_lvl+0x73/0xb0 [ 14.619887] print_report+0xd1/0x650 [ 14.619914] ? __virt_addr_valid+0x1db/0x2d0 [ 14.619937] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.619961] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.619984] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.620022] kasan_report+0x141/0x180 [ 14.620047] ? kasan_atomics_helper+0x18b1/0x5450 [ 14.620086] kasan_check_range+0x10c/0x1c0 [ 14.620109] __kasan_check_write+0x18/0x20 [ 14.620141] kasan_atomics_helper+0x18b1/0x5450 [ 14.620174] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.620198] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.620221] ? kasan_atomics+0x152/0x310 [ 14.620256] kasan_atomics+0x1dc/0x310 [ 14.620276] ? __pfx_kasan_atomics+0x10/0x10 [ 14.620299] ? __pfx_read_tsc+0x10/0x10 [ 14.620319] ? ktime_get_ts64+0x86/0x230 [ 14.620347] kunit_try_run_case+0x1a5/0x480 [ 14.620372] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620396] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.620423] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.620447] ? __kthread_parkme+0x82/0x180 [ 14.620471] ? preempt_count_sub+0x50/0x80 [ 14.620499] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.620524] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.620549] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.620573] kthread+0x337/0x6f0 [ 14.620591] ? trace_preempt_on+0x20/0xc0 [ 14.620617] ? __pfx_kthread+0x10/0x10 [ 14.620635] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.620659] ? calculate_sigpending+0x7b/0xa0 [ 14.620681] ? __pfx_kthread+0x10/0x10 [ 14.620701] ret_from_fork+0x41/0x80 [ 14.620722] ? __pfx_kthread+0x10/0x10 [ 14.620742] ret_from_fork_asm+0x1a/0x30 [ 14.620773] </TASK> [ 14.620784] [ 14.631020] Allocated by task 284: [ 14.631174] kasan_save_stack+0x45/0x70 [ 14.631565] kasan_save_track+0x18/0x40 [ 14.631928] kasan_save_alloc_info+0x3b/0x50 [ 14.632346] __kasan_kmalloc+0xb7/0xc0 [ 14.632713] __kmalloc_cache_noprof+0x189/0x420 [ 14.633132] kasan_atomics+0x95/0x310 [ 14.633365] kunit_try_run_case+0x1a5/0x480 [ 14.633517] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.633884] kthread+0x337/0x6f0 [ 14.634211] ret_from_fork+0x41/0x80 [ 14.634576] ret_from_fork_asm+0x1a/0x30 [ 14.634977] [ 14.635155] The buggy address belongs to the object at ffff8881039f4880 [ 14.635155] which belongs to the cache kmalloc-64 of size 64 [ 14.636143] The buggy address is located 0 bytes to the right of [ 14.636143] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.636528] [ 14.636605] The buggy address belongs to the physical page: [ 14.637129] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.637850] flags: 0x200000000000000(node=0|zone=2) [ 14.638306] page_type: f5(slab) [ 14.638627] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.639302] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.639974] page dumped because: kasan: bad access detected [ 14.640371] [ 14.640444] Memory state around the buggy address: [ 14.640604] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.641263] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.641902] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.642531] ^ [ 14.642900] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643296] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.643517] ================================================================== [ 14.664714] ================================================================== [ 14.665081] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x19e3/0x5450 [ 14.665441] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.665816] [ 14.665934] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.665982] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.665996] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.666020] Call Trace: [ 14.666039] <TASK> [ 14.666058] dump_stack_lvl+0x73/0xb0 [ 14.666085] print_report+0xd1/0x650 [ 14.666110] ? __virt_addr_valid+0x1db/0x2d0 [ 14.666134] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.666157] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.666182] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.666206] kasan_report+0x141/0x180 [ 14.666243] ? kasan_atomics_helper+0x19e3/0x5450 [ 14.666272] kasan_check_range+0x10c/0x1c0 [ 14.666295] __kasan_check_write+0x18/0x20 [ 14.666316] kasan_atomics_helper+0x19e3/0x5450 [ 14.666342] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.666365] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.666390] ? kasan_atomics+0x152/0x310 [ 14.666415] kasan_atomics+0x1dc/0x310 [ 14.666447] ? __pfx_kasan_atomics+0x10/0x10 [ 14.666469] ? __pfx_read_tsc+0x10/0x10 [ 14.666492] ? ktime_get_ts64+0x86/0x230 [ 14.666531] kunit_try_run_case+0x1a5/0x480 [ 14.666558] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.666586] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.666613] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.666643] ? __kthread_parkme+0x82/0x180 [ 14.666667] ? preempt_count_sub+0x50/0x80 [ 14.666694] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.666719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.666743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.666768] kthread+0x337/0x6f0 [ 14.666786] ? trace_preempt_on+0x20/0xc0 [ 14.666811] ? __pfx_kthread+0x10/0x10 [ 14.666832] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.666856] ? calculate_sigpending+0x7b/0xa0 [ 14.666878] ? __pfx_kthread+0x10/0x10 [ 14.666899] ret_from_fork+0x41/0x80 [ 14.666920] ? __pfx_kthread+0x10/0x10 [ 14.666940] ret_from_fork_asm+0x1a/0x30 [ 14.666972] </TASK> [ 14.666985] [ 14.674730] Allocated by task 284: [ 14.674897] kasan_save_stack+0x45/0x70 [ 14.675102] kasan_save_track+0x18/0x40 [ 14.675324] kasan_save_alloc_info+0x3b/0x50 [ 14.675521] __kasan_kmalloc+0xb7/0xc0 [ 14.675728] __kmalloc_cache_noprof+0x189/0x420 [ 14.675954] kasan_atomics+0x95/0x310 [ 14.676134] kunit_try_run_case+0x1a5/0x480 [ 14.676342] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.676563] kthread+0x337/0x6f0 [ 14.676704] ret_from_fork+0x41/0x80 [ 14.676837] ret_from_fork_asm+0x1a/0x30 [ 14.676978] [ 14.677049] The buggy address belongs to the object at ffff8881039f4880 [ 14.677049] which belongs to the cache kmalloc-64 of size 64 [ 14.677566] The buggy address is located 0 bytes to the right of [ 14.677566] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.678146] [ 14.678254] The buggy address belongs to the physical page: [ 14.678513] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.678885] flags: 0x200000000000000(node=0|zone=2) [ 14.679052] page_type: f5(slab) [ 14.679175] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.679421] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.679705] page dumped because: kasan: bad access detected [ 14.679974] [ 14.680071] Memory state around the buggy address: [ 14.680358] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.680736] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.681091] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.681429] ^ [ 14.681705] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.682001] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.682299] ================================================================== [ 14.682922] ================================================================== [ 14.683264] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1a7f/0x5450 [ 14.683578] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.683952] [ 14.684066] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.684112] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.684125] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.684151] Call Trace: [ 14.684166] <TASK> [ 14.684183] dump_stack_lvl+0x73/0xb0 [ 14.684210] print_report+0xd1/0x650 [ 14.684244] ? __virt_addr_valid+0x1db/0x2d0 [ 14.684268] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.684291] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.684316] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.684340] kasan_report+0x141/0x180 [ 14.684364] ? kasan_atomics_helper+0x1a7f/0x5450 [ 14.684403] kasan_check_range+0x10c/0x1c0 [ 14.684425] __kasan_check_write+0x18/0x20 [ 14.684447] kasan_atomics_helper+0x1a7f/0x5450 [ 14.684484] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.684507] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.684532] ? kasan_atomics+0x152/0x310 [ 14.684565] kasan_atomics+0x1dc/0x310 [ 14.684586] ? __pfx_kasan_atomics+0x10/0x10 [ 14.684609] ? __pfx_read_tsc+0x10/0x10 [ 14.684658] ? ktime_get_ts64+0x86/0x230 [ 14.684685] kunit_try_run_case+0x1a5/0x480 [ 14.684710] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.684734] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.684760] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.684785] ? __kthread_parkme+0x82/0x180 [ 14.684809] ? preempt_count_sub+0x50/0x80 [ 14.684834] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.684859] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.684884] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.684909] kthread+0x337/0x6f0 [ 14.684927] ? trace_preempt_on+0x20/0xc0 [ 14.684952] ? __pfx_kthread+0x10/0x10 [ 14.684971] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.684994] ? calculate_sigpending+0x7b/0xa0 [ 14.685017] ? __pfx_kthread+0x10/0x10 [ 14.685038] ret_from_fork+0x41/0x80 [ 14.685059] ? __pfx_kthread+0x10/0x10 [ 14.685089] ret_from_fork_asm+0x1a/0x30 [ 14.685120] </TASK> [ 14.685132] [ 14.693179] Allocated by task 284: [ 14.693358] kasan_save_stack+0x45/0x70 [ 14.693576] kasan_save_track+0x18/0x40 [ 14.693802] kasan_save_alloc_info+0x3b/0x50 [ 14.694023] __kasan_kmalloc+0xb7/0xc0 [ 14.694219] __kmalloc_cache_noprof+0x189/0x420 [ 14.694449] kasan_atomics+0x95/0x310 [ 14.694582] kunit_try_run_case+0x1a5/0x480 [ 14.694757] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.694996] kthread+0x337/0x6f0 [ 14.695177] ret_from_fork+0x41/0x80 [ 14.695375] ret_from_fork_asm+0x1a/0x30 [ 14.695572] [ 14.695700] The buggy address belongs to the object at ffff8881039f4880 [ 14.695700] which belongs to the cache kmalloc-64 of size 64 [ 14.696191] The buggy address is located 0 bytes to the right of [ 14.696191] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.696698] [ 14.696822] The buggy address belongs to the physical page: [ 14.697081] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.697430] flags: 0x200000000000000(node=0|zone=2) [ 14.697695] page_type: f5(slab) [ 14.697859] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.698213] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.698500] page dumped because: kasan: bad access detected [ 14.698799] [ 14.698895] Memory state around the buggy address: [ 14.699099] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.699333] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.699550] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.699913] ^ [ 14.700141] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700474] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.700821] ================================================================== [ 14.465362] ================================================================== [ 14.465704] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1467/0x5450 [ 14.466148] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.466430] [ 14.466556] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.466607] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.466620] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.466666] Call Trace: [ 14.466686] <TASK> [ 14.466718] dump_stack_lvl+0x73/0xb0 [ 14.466747] print_report+0xd1/0x650 [ 14.466773] ? __virt_addr_valid+0x1db/0x2d0 [ 14.466797] ? kasan_atomics_helper+0x1467/0x5450 [ 14.466821] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.466844] ? kasan_atomics_helper+0x1467/0x5450 [ 14.466868] kasan_report+0x141/0x180 [ 14.466892] ? kasan_atomics_helper+0x1467/0x5450 [ 14.466920] kasan_check_range+0x10c/0x1c0 [ 14.466941] __kasan_check_write+0x18/0x20 [ 14.466963] kasan_atomics_helper+0x1467/0x5450 [ 14.466987] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.467011] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.467035] ? kasan_atomics+0x152/0x310 [ 14.467060] kasan_atomics+0x1dc/0x310 [ 14.467080] ? __pfx_kasan_atomics+0x10/0x10 [ 14.467102] ? __pfx_read_tsc+0x10/0x10 [ 14.467124] ? ktime_get_ts64+0x86/0x230 [ 14.467150] kunit_try_run_case+0x1a5/0x480 [ 14.467175] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.467200] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.467235] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.467260] ? __kthread_parkme+0x82/0x180 [ 14.467283] ? preempt_count_sub+0x50/0x80 [ 14.467310] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.467335] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.467360] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.467384] kthread+0x337/0x6f0 [ 14.467405] ? trace_preempt_on+0x20/0xc0 [ 14.467431] ? __pfx_kthread+0x10/0x10 [ 14.467459] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.467482] ? calculate_sigpending+0x7b/0xa0 [ 14.467506] ? __pfx_kthread+0x10/0x10 [ 14.467537] ret_from_fork+0x41/0x80 [ 14.467559] ? __pfx_kthread+0x10/0x10 [ 14.467579] ret_from_fork_asm+0x1a/0x30 [ 14.467611] </TASK> [ 14.467623] [ 14.478138] Allocated by task 284: [ 14.478356] kasan_save_stack+0x45/0x70 [ 14.478583] kasan_save_track+0x18/0x40 [ 14.478792] kasan_save_alloc_info+0x3b/0x50 [ 14.478977] __kasan_kmalloc+0xb7/0xc0 [ 14.479180] __kmalloc_cache_noprof+0x189/0x420 [ 14.479408] kasan_atomics+0x95/0x310 [ 14.479588] kunit_try_run_case+0x1a5/0x480 [ 14.479813] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.480058] kthread+0x337/0x6f0 [ 14.480222] ret_from_fork+0x41/0x80 [ 14.480393] ret_from_fork_asm+0x1a/0x30 [ 14.480581] [ 14.480679] The buggy address belongs to the object at ffff8881039f4880 [ 14.480679] which belongs to the cache kmalloc-64 of size 64 [ 14.481167] The buggy address is located 0 bytes to the right of [ 14.481167] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.481674] [ 14.481777] The buggy address belongs to the physical page: [ 14.482034] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.482385] flags: 0x200000000000000(node=0|zone=2) [ 14.482627] page_type: f5(slab) [ 14.482809] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.483046] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.483311] page dumped because: kasan: bad access detected [ 14.483566] [ 14.483685] Memory state around the buggy address: [ 14.483914] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.484247] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.484678] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.484891] ^ [ 14.485299] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.485653] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.485971] ================================================================== [ 14.826923] ================================================================== [ 14.827599] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1eaa/0x5450 [ 14.828279] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.828902] [ 14.829087] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.829136] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.829149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.829173] Call Trace: [ 14.829194] <TASK> [ 14.829215] dump_stack_lvl+0x73/0xb0 [ 14.829251] print_report+0xd1/0x650 [ 14.829277] ? __virt_addr_valid+0x1db/0x2d0 [ 14.829301] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.829326] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.829351] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.829374] kasan_report+0x141/0x180 [ 14.829398] ? kasan_atomics_helper+0x1eaa/0x5450 [ 14.829427] kasan_check_range+0x10c/0x1c0 [ 14.829449] __kasan_check_write+0x18/0x20 [ 14.829470] kasan_atomics_helper+0x1eaa/0x5450 [ 14.829494] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.829519] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.829549] ? kasan_atomics+0x152/0x310 [ 14.829573] kasan_atomics+0x1dc/0x310 [ 14.829594] ? __pfx_kasan_atomics+0x10/0x10 [ 14.829616] ? __pfx_read_tsc+0x10/0x10 [ 14.829658] ? ktime_get_ts64+0x86/0x230 [ 14.829686] kunit_try_run_case+0x1a5/0x480 [ 14.829713] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829737] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.829763] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.829788] ? __kthread_parkme+0x82/0x180 [ 14.829814] ? preempt_count_sub+0x50/0x80 [ 14.829841] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.829866] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.829891] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.829916] kthread+0x337/0x6f0 [ 14.829934] ? trace_preempt_on+0x20/0xc0 [ 14.829960] ? __pfx_kthread+0x10/0x10 [ 14.829979] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.830003] ? calculate_sigpending+0x7b/0xa0 [ 14.830026] ? __pfx_kthread+0x10/0x10 [ 14.830046] ret_from_fork+0x41/0x80 [ 14.830068] ? __pfx_kthread+0x10/0x10 [ 14.830087] ret_from_fork_asm+0x1a/0x30 [ 14.830119] </TASK> [ 14.830132] [ 14.843598] Allocated by task 284: [ 14.843939] kasan_save_stack+0x45/0x70 [ 14.844243] kasan_save_track+0x18/0x40 [ 14.844380] kasan_save_alloc_info+0x3b/0x50 [ 14.844528] __kasan_kmalloc+0xb7/0xc0 [ 14.844703] __kmalloc_cache_noprof+0x189/0x420 [ 14.845098] kasan_atomics+0x95/0x310 [ 14.845433] kunit_try_run_case+0x1a5/0x480 [ 14.845832] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.846369] kthread+0x337/0x6f0 [ 14.846677] ret_from_fork+0x41/0x80 [ 14.846994] ret_from_fork_asm+0x1a/0x30 [ 14.847367] [ 14.847539] The buggy address belongs to the object at ffff8881039f4880 [ 14.847539] which belongs to the cache kmalloc-64 of size 64 [ 14.848159] The buggy address is located 0 bytes to the right of [ 14.848159] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.848538] [ 14.848614] The buggy address belongs to the physical page: [ 14.849096] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.849796] flags: 0x200000000000000(node=0|zone=2) [ 14.850280] page_type: f5(slab) [ 14.850572] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.851290] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.851968] page dumped because: kasan: bad access detected [ 14.852593] [ 14.852773] Memory state around the buggy address: [ 14.853200] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.853572] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.853815] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.854032] ^ [ 14.854188] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.854483] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.854714] ================================================================== [ 14.020675] ================================================================== [ 14.020985] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0xa2b/0x5450 [ 14.021327] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.021695] [ 14.021808] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.021854] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.021867] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.021890] Call Trace: [ 14.021902] <TASK> [ 14.021917] dump_stack_lvl+0x73/0xb0 [ 14.021941] print_report+0xd1/0x650 [ 14.021965] ? __virt_addr_valid+0x1db/0x2d0 [ 14.021987] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.022011] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.022035] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.022059] kasan_report+0x141/0x180 [ 14.022083] ? kasan_atomics_helper+0xa2b/0x5450 [ 14.022110] kasan_check_range+0x10c/0x1c0 [ 14.022133] __kasan_check_write+0x18/0x20 [ 14.022153] kasan_atomics_helper+0xa2b/0x5450 [ 14.022178] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.022203] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.022239] ? kasan_atomics+0x152/0x310 [ 14.022263] kasan_atomics+0x1dc/0x310 [ 14.022284] ? __pfx_kasan_atomics+0x10/0x10 [ 14.022307] ? __pfx_read_tsc+0x10/0x10 [ 14.022327] ? ktime_get_ts64+0x86/0x230 [ 14.022353] kunit_try_run_case+0x1a5/0x480 [ 14.022378] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.022401] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.022427] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.022453] ? __kthread_parkme+0x82/0x180 [ 14.022476] ? preempt_count_sub+0x50/0x80 [ 14.022501] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.022526] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.022551] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.022576] kthread+0x337/0x6f0 [ 14.022594] ? trace_preempt_on+0x20/0xc0 [ 14.022619] ? __pfx_kthread+0x10/0x10 [ 14.022657] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.022681] ? calculate_sigpending+0x7b/0xa0 [ 14.022705] ? __pfx_kthread+0x10/0x10 [ 14.022725] ret_from_fork+0x41/0x80 [ 14.022747] ? __pfx_kthread+0x10/0x10 [ 14.022767] ret_from_fork_asm+0x1a/0x30 [ 14.022799] </TASK> [ 14.022812] [ 14.030078] Allocated by task 284: [ 14.030250] kasan_save_stack+0x45/0x70 [ 14.030426] kasan_save_track+0x18/0x40 [ 14.030619] kasan_save_alloc_info+0x3b/0x50 [ 14.030829] __kasan_kmalloc+0xb7/0xc0 [ 14.030996] __kmalloc_cache_noprof+0x189/0x420 [ 14.031205] kasan_atomics+0x95/0x310 [ 14.031374] kunit_try_run_case+0x1a5/0x480 [ 14.031580] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.031841] kthread+0x337/0x6f0 [ 14.032001] ret_from_fork+0x41/0x80 [ 14.032166] ret_from_fork_asm+0x1a/0x30 [ 14.032345] [ 14.032420] The buggy address belongs to the object at ffff8881039f4880 [ 14.032420] which belongs to the cache kmalloc-64 of size 64 [ 14.032919] The buggy address is located 0 bytes to the right of [ 14.032919] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.033443] [ 14.033547] The buggy address belongs to the physical page: [ 14.033784] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.034138] flags: 0x200000000000000(node=0|zone=2) [ 14.034346] page_type: f5(slab) [ 14.034516] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.034852] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.035105] page dumped because: kasan: bad access detected [ 14.035288] [ 14.035361] Memory state around the buggy address: [ 14.035518] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.035761] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.036082] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.036407] ^ [ 14.036631] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.036968] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.037294] ================================================================== [ 14.701423] ================================================================== [ 14.701905] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1b22/0x5450 [ 14.702286] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.702553] [ 14.702666] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.702714] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.702727] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.702751] Call Trace: [ 14.702769] <TASK> [ 14.702788] dump_stack_lvl+0x73/0xb0 [ 14.702814] print_report+0xd1/0x650 [ 14.702839] ? __virt_addr_valid+0x1db/0x2d0 [ 14.702862] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.702886] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.702921] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.702946] kasan_report+0x141/0x180 [ 14.702984] ? kasan_atomics_helper+0x1b22/0x5450 [ 14.703013] kasan_check_range+0x10c/0x1c0 [ 14.703035] __kasan_check_write+0x18/0x20 [ 14.703056] kasan_atomics_helper+0x1b22/0x5450 [ 14.703081] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.703107] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.703131] ? kasan_atomics+0x152/0x310 [ 14.703156] kasan_atomics+0x1dc/0x310 [ 14.703176] ? __pfx_kasan_atomics+0x10/0x10 [ 14.703198] ? __pfx_read_tsc+0x10/0x10 [ 14.703219] ? ktime_get_ts64+0x86/0x230 [ 14.703253] kunit_try_run_case+0x1a5/0x480 [ 14.703279] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703303] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.703328] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.703353] ? __kthread_parkme+0x82/0x180 [ 14.703376] ? preempt_count_sub+0x50/0x80 [ 14.703403] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.703428] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.703461] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.703486] kthread+0x337/0x6f0 [ 14.703504] ? trace_preempt_on+0x20/0xc0 [ 14.703540] ? __pfx_kthread+0x10/0x10 [ 14.703560] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.703583] ? calculate_sigpending+0x7b/0xa0 [ 14.703605] ? __pfx_kthread+0x10/0x10 [ 14.703625] ret_from_fork+0x41/0x80 [ 14.703673] ? __pfx_kthread+0x10/0x10 [ 14.703693] ret_from_fork_asm+0x1a/0x30 [ 14.703735] </TASK> [ 14.703747] [ 14.711170] Allocated by task 284: [ 14.711339] kasan_save_stack+0x45/0x70 [ 14.711558] kasan_save_track+0x18/0x40 [ 14.711801] kasan_save_alloc_info+0x3b/0x50 [ 14.712055] __kasan_kmalloc+0xb7/0xc0 [ 14.712260] __kmalloc_cache_noprof+0x189/0x420 [ 14.712508] kasan_atomics+0x95/0x310 [ 14.712722] kunit_try_run_case+0x1a5/0x480 [ 14.712956] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.713178] kthread+0x337/0x6f0 [ 14.713341] ret_from_fork+0x41/0x80 [ 14.713548] ret_from_fork_asm+0x1a/0x30 [ 14.713768] [ 14.713878] The buggy address belongs to the object at ffff8881039f4880 [ 14.713878] which belongs to the cache kmalloc-64 of size 64 [ 14.714404] The buggy address is located 0 bytes to the right of [ 14.714404] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.714938] [ 14.715066] The buggy address belongs to the physical page: [ 14.715312] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.715569] flags: 0x200000000000000(node=0|zone=2) [ 14.715760] page_type: f5(slab) [ 14.715886] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.716253] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.716607] page dumped because: kasan: bad access detected [ 14.716876] [ 14.716948] Memory state around the buggy address: [ 14.717104] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.717334] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.717601] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.717980] ^ [ 14.718251] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.718613] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.718976] ================================================================== [ 14.908327] ================================================================== [ 14.908692] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x4f98/0x5450 [ 14.908957] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.909185] [ 14.909315] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.909361] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.909375] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.909397] Call Trace: [ 14.909415] <TASK> [ 14.909432] dump_stack_lvl+0x73/0xb0 [ 14.909457] print_report+0xd1/0x650 [ 14.909481] ? __virt_addr_valid+0x1db/0x2d0 [ 14.909505] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.909527] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.909558] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.909582] kasan_report+0x141/0x180 [ 14.909606] ? kasan_atomics_helper+0x4f98/0x5450 [ 14.909634] __asan_report_load8_noabort+0x18/0x20 [ 14.909656] kasan_atomics_helper+0x4f98/0x5450 [ 14.909681] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.909705] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.909728] ? kasan_atomics+0x152/0x310 [ 14.909753] kasan_atomics+0x1dc/0x310 [ 14.909774] ? __pfx_kasan_atomics+0x10/0x10 [ 14.909797] ? __pfx_read_tsc+0x10/0x10 [ 14.909818] ? ktime_get_ts64+0x86/0x230 [ 14.909845] kunit_try_run_case+0x1a5/0x480 [ 14.909869] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.909893] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.909919] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.909944] ? __kthread_parkme+0x82/0x180 [ 14.909967] ? preempt_count_sub+0x50/0x80 [ 14.909993] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.910018] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.910043] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.910068] kthread+0x337/0x6f0 [ 14.910087] ? trace_preempt_on+0x20/0xc0 [ 14.910112] ? __pfx_kthread+0x10/0x10 [ 14.910132] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.910155] ? calculate_sigpending+0x7b/0xa0 [ 14.910178] ? __pfx_kthread+0x10/0x10 [ 14.910199] ret_from_fork+0x41/0x80 [ 14.910221] ? __pfx_kthread+0x10/0x10 [ 14.910250] ret_from_fork_asm+0x1a/0x30 [ 14.910283] </TASK> [ 14.910294] [ 14.917754] Allocated by task 284: [ 14.917931] kasan_save_stack+0x45/0x70 [ 14.918142] kasan_save_track+0x18/0x40 [ 14.918309] kasan_save_alloc_info+0x3b/0x50 [ 14.918525] __kasan_kmalloc+0xb7/0xc0 [ 14.918736] __kmalloc_cache_noprof+0x189/0x420 [ 14.918935] kasan_atomics+0x95/0x310 [ 14.919119] kunit_try_run_case+0x1a5/0x480 [ 14.919336] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.919515] kthread+0x337/0x6f0 [ 14.919636] ret_from_fork+0x41/0x80 [ 14.919824] ret_from_fork_asm+0x1a/0x30 [ 14.920030] [ 14.920123] The buggy address belongs to the object at ffff8881039f4880 [ 14.920123] which belongs to the cache kmalloc-64 of size 64 [ 14.920685] The buggy address is located 0 bytes to the right of [ 14.920685] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.921064] [ 14.921139] The buggy address belongs to the physical page: [ 14.921373] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.921817] flags: 0x200000000000000(node=0|zone=2) [ 14.922069] page_type: f5(slab) [ 14.922298] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.922536] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.922843] page dumped because: kasan: bad access detected [ 14.923097] [ 14.923192] Memory state around the buggy address: [ 14.923430] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.923753] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.924067] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.924326] ^ [ 14.924554] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.924880] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.925199] ================================================================== [ 14.523847] ================================================================== [ 14.524204] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x15b6/0x5450 [ 14.524947] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.525204] [ 14.525327] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.525385] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.525399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.525421] Call Trace: [ 14.525451] <TASK> [ 14.525471] dump_stack_lvl+0x73/0xb0 [ 14.525498] print_report+0xd1/0x650 [ 14.525521] ? __virt_addr_valid+0x1db/0x2d0 [ 14.525559] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.525583] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.525619] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.525653] kasan_report+0x141/0x180 [ 14.525678] ? kasan_atomics_helper+0x15b6/0x5450 [ 14.525707] kasan_check_range+0x10c/0x1c0 [ 14.525739] __kasan_check_write+0x18/0x20 [ 14.525762] kasan_atomics_helper+0x15b6/0x5450 [ 14.525786] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.525822] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.525846] ? kasan_atomics+0x152/0x310 [ 14.525871] kasan_atomics+0x1dc/0x310 [ 14.525892] ? __pfx_kasan_atomics+0x10/0x10 [ 14.525923] ? __pfx_read_tsc+0x10/0x10 [ 14.525944] ? ktime_get_ts64+0x86/0x230 [ 14.525971] kunit_try_run_case+0x1a5/0x480 [ 14.526008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526032] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.526067] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.526092] ? __kthread_parkme+0x82/0x180 [ 14.526118] ? preempt_count_sub+0x50/0x80 [ 14.526157] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.526185] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.526210] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.526251] kthread+0x337/0x6f0 [ 14.526271] ? trace_preempt_on+0x20/0xc0 [ 14.526307] ? __pfx_kthread+0x10/0x10 [ 14.526327] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.526350] ? calculate_sigpending+0x7b/0xa0 [ 14.526374] ? __pfx_kthread+0x10/0x10 [ 14.526395] ret_from_fork+0x41/0x80 [ 14.526428] ? __pfx_kthread+0x10/0x10 [ 14.526448] ret_from_fork_asm+0x1a/0x30 [ 14.526490] </TASK> [ 14.526502] [ 14.534331] Allocated by task 284: [ 14.534470] kasan_save_stack+0x45/0x70 [ 14.534617] kasan_save_track+0x18/0x40 [ 14.534754] kasan_save_alloc_info+0x3b/0x50 [ 14.535032] __kasan_kmalloc+0xb7/0xc0 [ 14.535256] __kmalloc_cache_noprof+0x189/0x420 [ 14.535483] kasan_atomics+0x95/0x310 [ 14.535685] kunit_try_run_case+0x1a5/0x480 [ 14.535897] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.536153] kthread+0x337/0x6f0 [ 14.536334] ret_from_fork+0x41/0x80 [ 14.536549] ret_from_fork_asm+0x1a/0x30 [ 14.536849] [ 14.536948] The buggy address belongs to the object at ffff8881039f4880 [ 14.536948] which belongs to the cache kmalloc-64 of size 64 [ 14.537518] The buggy address is located 0 bytes to the right of [ 14.537518] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.538113] [ 14.538190] The buggy address belongs to the physical page: [ 14.538377] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.538620] flags: 0x200000000000000(node=0|zone=2) [ 14.538785] page_type: f5(slab) [ 14.538910] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.539391] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.539746] page dumped because: kasan: bad access detected [ 14.540018] [ 14.540114] Memory state around the buggy address: [ 14.540384] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540757] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.540973] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.541184] ^ [ 14.541348] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.541877] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.542217] ================================================================== [ 14.961771] ================================================================== [ 14.962038] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x218a/0x5450 [ 14.962328] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.962673] [ 14.962795] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.962852] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.962866] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.962889] Call Trace: [ 14.962907] <TASK> [ 14.962927] dump_stack_lvl+0x73/0xb0 [ 14.962953] print_report+0xd1/0x650 [ 14.962977] ? __virt_addr_valid+0x1db/0x2d0 [ 14.963001] ? kasan_atomics_helper+0x218a/0x5450 [ 14.963023] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.963048] ? kasan_atomics_helper+0x218a/0x5450 [ 14.963072] kasan_report+0x141/0x180 [ 14.963095] ? kasan_atomics_helper+0x218a/0x5450 [ 14.963136] kasan_check_range+0x10c/0x1c0 [ 14.963158] __kasan_check_write+0x18/0x20 [ 14.963180] kasan_atomics_helper+0x218a/0x5450 [ 14.963206] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.963243] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.963269] ? kasan_atomics+0x152/0x310 [ 14.963301] kasan_atomics+0x1dc/0x310 [ 14.963324] ? __pfx_kasan_atomics+0x10/0x10 [ 14.963349] ? __pfx_read_tsc+0x10/0x10 [ 14.963373] ? ktime_get_ts64+0x86/0x230 [ 14.963400] kunit_try_run_case+0x1a5/0x480 [ 14.963427] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963454] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.963482] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.963510] ? __kthread_parkme+0x82/0x180 [ 14.963534] ? preempt_count_sub+0x50/0x80 [ 14.963561] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.963587] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.963613] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.963638] kthread+0x337/0x6f0 [ 14.963668] ? trace_preempt_on+0x20/0xc0 [ 14.963693] ? __pfx_kthread+0x10/0x10 [ 14.963713] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.963737] ? calculate_sigpending+0x7b/0xa0 [ 14.963761] ? __pfx_kthread+0x10/0x10 [ 14.963782] ret_from_fork+0x41/0x80 [ 14.963805] ? __pfx_kthread+0x10/0x10 [ 14.963824] ret_from_fork_asm+0x1a/0x30 [ 14.963857] </TASK> [ 14.963869] [ 14.971806] Allocated by task 284: [ 14.972002] kasan_save_stack+0x45/0x70 [ 14.972219] kasan_save_track+0x18/0x40 [ 14.972430] kasan_save_alloc_info+0x3b/0x50 [ 14.972628] __kasan_kmalloc+0xb7/0xc0 [ 14.972803] __kmalloc_cache_noprof+0x189/0x420 [ 14.972970] kasan_atomics+0x95/0x310 [ 14.973106] kunit_try_run_case+0x1a5/0x480 [ 14.973276] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.973535] kthread+0x337/0x6f0 [ 14.973772] ret_from_fork+0x41/0x80 [ 14.973957] ret_from_fork_asm+0x1a/0x30 [ 14.974150] [ 14.974232] The buggy address belongs to the object at ffff8881039f4880 [ 14.974232] which belongs to the cache kmalloc-64 of size 64 [ 14.974783] The buggy address is located 0 bytes to the right of [ 14.974783] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.975262] [ 14.975363] The buggy address belongs to the physical page: [ 14.975595] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.975975] flags: 0x200000000000000(node=0|zone=2) [ 14.976170] page_type: f5(slab) [ 14.976330] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.976649] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.976894] page dumped because: kasan: bad access detected [ 14.977069] [ 14.977140] Memory state around the buggy address: [ 14.977342] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.977673] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.978000] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.978336] ^ [ 14.978557] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.978821] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.979039] ================================================================== [ 14.504955] ================================================================== [ 14.505434] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x151d/0x5450 [ 14.505833] Write of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.506150] [ 14.506257] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.506306] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.506319] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.506343] Call Trace: [ 14.506362] <TASK> [ 14.506382] dump_stack_lvl+0x73/0xb0 [ 14.506409] print_report+0xd1/0x650 [ 14.506435] ? __virt_addr_valid+0x1db/0x2d0 [ 14.506458] ? kasan_atomics_helper+0x151d/0x5450 [ 14.506481] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.506506] ? kasan_atomics_helper+0x151d/0x5450 [ 14.506530] kasan_report+0x141/0x180 [ 14.506554] ? kasan_atomics_helper+0x151d/0x5450 [ 14.506583] kasan_check_range+0x10c/0x1c0 [ 14.506605] __kasan_check_write+0x18/0x20 [ 14.506627] kasan_atomics_helper+0x151d/0x5450 [ 14.506662] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.506687] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.506711] ? kasan_atomics+0x152/0x310 [ 14.506736] kasan_atomics+0x1dc/0x310 [ 14.506758] ? __pfx_kasan_atomics+0x10/0x10 [ 14.506780] ? __pfx_read_tsc+0x10/0x10 [ 14.506801] ? ktime_get_ts64+0x86/0x230 [ 14.506829] kunit_try_run_case+0x1a5/0x480 [ 14.506867] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.506890] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.506928] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.506963] ? __kthread_parkme+0x82/0x180 [ 14.506987] ? preempt_count_sub+0x50/0x80 [ 14.507014] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.507040] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.507065] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.507111] kthread+0x337/0x6f0 [ 14.507131] ? trace_preempt_on+0x20/0xc0 [ 14.507156] ? __pfx_kthread+0x10/0x10 [ 14.507176] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.507199] ? calculate_sigpending+0x7b/0xa0 [ 14.507223] ? __pfx_kthread+0x10/0x10 [ 14.507253] ret_from_fork+0x41/0x80 [ 14.507275] ? __pfx_kthread+0x10/0x10 [ 14.507295] ret_from_fork_asm+0x1a/0x30 [ 14.507328] </TASK> [ 14.507340] [ 14.515986] Allocated by task 284: [ 14.516170] kasan_save_stack+0x45/0x70 [ 14.516389] kasan_save_track+0x18/0x40 [ 14.516577] kasan_save_alloc_info+0x3b/0x50 [ 14.516810] __kasan_kmalloc+0xb7/0xc0 [ 14.516962] __kmalloc_cache_noprof+0x189/0x420 [ 14.517183] kasan_atomics+0x95/0x310 [ 14.517372] kunit_try_run_case+0x1a5/0x480 [ 14.517560] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.517849] kthread+0x337/0x6f0 [ 14.518003] ret_from_fork+0x41/0x80 [ 14.518155] ret_from_fork_asm+0x1a/0x30 [ 14.518393] [ 14.518492] The buggy address belongs to the object at ffff8881039f4880 [ 14.518492] which belongs to the cache kmalloc-64 of size 64 [ 14.518944] The buggy address is located 0 bytes to the right of [ 14.518944] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.519322] [ 14.519398] The buggy address belongs to the physical page: [ 14.519573] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.519815] flags: 0x200000000000000(node=0|zone=2) [ 14.520055] page_type: f5(slab) [ 14.520326] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.520682] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.521019] page dumped because: kasan: bad access detected [ 14.521251] [ 14.521322] Memory state around the buggy address: [ 14.521479] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.521702] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.521919] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.522132] ^ [ 14.522406] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.522810] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.523159] ================================================================== [ 14.427904] ================================================================== [ 14.428335] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x13b5/0x5450 [ 14.428779] Read of size 8 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.429003] [ 14.429195] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.429287] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.429302] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.429337] Call Trace: [ 14.429360] <TASK> [ 14.429379] dump_stack_lvl+0x73/0xb0 [ 14.429406] print_report+0xd1/0x650 [ 14.429431] ? __virt_addr_valid+0x1db/0x2d0 [ 14.429454] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.429478] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.429503] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.429562] kasan_report+0x141/0x180 [ 14.429587] ? kasan_atomics_helper+0x13b5/0x5450 [ 14.429627] kasan_check_range+0x10c/0x1c0 [ 14.429648] __kasan_check_read+0x15/0x20 [ 14.429669] kasan_atomics_helper+0x13b5/0x5450 [ 14.429694] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.429718] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.429742] ? kasan_atomics+0x152/0x310 [ 14.429767] kasan_atomics+0x1dc/0x310 [ 14.429787] ? __pfx_kasan_atomics+0x10/0x10 [ 14.429809] ? __pfx_read_tsc+0x10/0x10 [ 14.429831] ? ktime_get_ts64+0x86/0x230 [ 14.429857] kunit_try_run_case+0x1a5/0x480 [ 14.429883] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.429906] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.429932] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.429956] ? __kthread_parkme+0x82/0x180 [ 14.429980] ? preempt_count_sub+0x50/0x80 [ 14.430008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.430033] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.430057] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.430081] kthread+0x337/0x6f0 [ 14.430110] ? trace_preempt_on+0x20/0xc0 [ 14.430134] ? __pfx_kthread+0x10/0x10 [ 14.430154] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.430188] ? calculate_sigpending+0x7b/0xa0 [ 14.430212] ? __pfx_kthread+0x10/0x10 [ 14.430240] ret_from_fork+0x41/0x80 [ 14.430263] ? __pfx_kthread+0x10/0x10 [ 14.430282] ret_from_fork_asm+0x1a/0x30 [ 14.430314] </TASK> [ 14.430325] [ 14.438050] Allocated by task 284: [ 14.438243] kasan_save_stack+0x45/0x70 [ 14.438448] kasan_save_track+0x18/0x40 [ 14.438643] kasan_save_alloc_info+0x3b/0x50 [ 14.438941] __kasan_kmalloc+0xb7/0xc0 [ 14.439098] __kmalloc_cache_noprof+0x189/0x420 [ 14.439277] kasan_atomics+0x95/0x310 [ 14.439469] kunit_try_run_case+0x1a5/0x480 [ 14.439685] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.439890] kthread+0x337/0x6f0 [ 14.440092] ret_from_fork+0x41/0x80 [ 14.440250] ret_from_fork_asm+0x1a/0x30 [ 14.440444] [ 14.440517] The buggy address belongs to the object at ffff8881039f4880 [ 14.440517] which belongs to the cache kmalloc-64 of size 64 [ 14.441247] The buggy address is located 0 bytes to the right of [ 14.441247] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.441689] [ 14.441806] The buggy address belongs to the physical page: [ 14.442105] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.442472] flags: 0x200000000000000(node=0|zone=2) [ 14.442755] page_type: f5(slab) [ 14.442883] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.443114] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.443409] page dumped because: kasan: bad access detected [ 14.443661] [ 14.443758] Memory state around the buggy address: [ 14.444026] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.444289] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.444513] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.444979] ^ [ 14.445207] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445567] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.445891] ================================================================== [ 14.298180] ================================================================== [ 14.298910] BUG: KASAN: slab-out-of-bounds in kasan_atomics_helper+0x1148/0x5450 [ 14.299328] Write of size 4 at addr ffff8881039f48b0 by task kunit_try_catch/284 [ 14.300055] [ 14.300296] CPU: 1 UID: 0 PID: 284 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 14.300353] Tainted: [B]=BAD_PAGE, [N]=TEST [ 14.300367] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 14.300391] Call Trace: [ 14.300411] <TASK> [ 14.300469] dump_stack_lvl+0x73/0xb0 [ 14.300500] print_report+0xd1/0x650 [ 14.300526] ? __virt_addr_valid+0x1db/0x2d0 [ 14.300549] ? kasan_atomics_helper+0x1148/0x5450 [ 14.300574] ? kasan_complete_mode_report_info+0x2a/0x200 [ 14.300598] ? kasan_atomics_helper+0x1148/0x5450 [ 14.300621] kasan_report+0x141/0x180 [ 14.300660] ? kasan_atomics_helper+0x1148/0x5450 [ 14.300689] kasan_check_range+0x10c/0x1c0 [ 14.300710] __kasan_check_write+0x18/0x20 [ 14.300731] kasan_atomics_helper+0x1148/0x5450 [ 14.300756] ? __pfx_kasan_atomics_helper+0x10/0x10 [ 14.300781] ? __kmalloc_cache_noprof+0x189/0x420 [ 14.300804] ? kasan_atomics+0x152/0x310 [ 14.300830] kasan_atomics+0x1dc/0x310 [ 14.300850] ? __pfx_kasan_atomics+0x10/0x10 [ 14.300873] ? __pfx_read_tsc+0x10/0x10 [ 14.300894] ? ktime_get_ts64+0x86/0x230 [ 14.300921] kunit_try_run_case+0x1a5/0x480 [ 14.300948] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.300971] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 14.300997] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 14.301022] ? __kthread_parkme+0x82/0x180 [ 14.301045] ? preempt_count_sub+0x50/0x80 [ 14.301072] ? __pfx_kunit_try_run_case+0x10/0x10 [ 14.301096] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.301121] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 14.301145] kthread+0x337/0x6f0 [ 14.301162] ? trace_preempt_on+0x20/0xc0 [ 14.301187] ? __pfx_kthread+0x10/0x10 [ 14.301207] ? _raw_spin_unlock_irq+0x47/0x80 [ 14.301242] ? calculate_sigpending+0x7b/0xa0 [ 14.301265] ? __pfx_kthread+0x10/0x10 [ 14.301285] ret_from_fork+0x41/0x80 [ 14.301306] ? __pfx_kthread+0x10/0x10 [ 14.301325] ret_from_fork_asm+0x1a/0x30 [ 14.301358] </TASK> [ 14.301370] [ 14.312553] Allocated by task 284: [ 14.312883] kasan_save_stack+0x45/0x70 [ 14.313273] kasan_save_track+0x18/0x40 [ 14.313589] kasan_save_alloc_info+0x3b/0x50 [ 14.313935] __kasan_kmalloc+0xb7/0xc0 [ 14.314124] __kmalloc_cache_noprof+0x189/0x420 [ 14.314345] kasan_atomics+0x95/0x310 [ 14.314521] kunit_try_run_case+0x1a5/0x480 [ 14.314800] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 14.315045] kthread+0x337/0x6f0 [ 14.315202] ret_from_fork+0x41/0x80 [ 14.315351] ret_from_fork_asm+0x1a/0x30 [ 14.315553] [ 14.315653] The buggy address belongs to the object at ffff8881039f4880 [ 14.315653] which belongs to the cache kmalloc-64 of size 64 [ 14.316019] The buggy address is located 0 bytes to the right of [ 14.316019] allocated 48-byte region [ffff8881039f4880, ffff8881039f48b0) [ 14.316780] [ 14.316859] The buggy address belongs to the physical page: [ 14.317035] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f4 [ 14.317380] flags: 0x200000000000000(node=0|zone=2) [ 14.317640] page_type: f5(slab) [ 14.317829] raw: 0200000000000000 ffff8881000418c0 dead000000000122 0000000000000000 [ 14.318160] raw: 0000000000000000 0000000080200020 00000000f5000000 0000000000000000 [ 14.318492] page dumped because: kasan: bad access detected [ 14.318744] [ 14.318830] Memory state around the buggy address: [ 14.319031] ffff8881039f4780: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.319318] ffff8881039f4800: fa fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 14.319615] >ffff8881039f4880: 00 00 00 00 00 00 fc fc fc fc fc fc fc fc fc fc [ 14.319882] ^ [ 14.320038] ffff8881039f4900: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.320350] ffff8881039f4980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 14.320678] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_test_and_modifyconstprop
[ 13.429728] ================================================================== [ 13.430019] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.430466] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.430694] [ 13.430781] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.430825] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.430837] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.430859] Call Trace: [ 13.430874] <TASK> [ 13.430889] dump_stack_lvl+0x73/0xb0 [ 13.430913] print_report+0xd1/0x650 [ 13.430936] ? __virt_addr_valid+0x1db/0x2d0 [ 13.430957] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.430980] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.431004] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.431029] kasan_report+0x141/0x180 [ 13.431052] ? kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.431082] kasan_check_range+0x10c/0x1c0 [ 13.431102] __kasan_check_write+0x18/0x20 [ 13.431122] kasan_bitops_test_and_modify.constprop.0+0x1a0/0xd90 [ 13.431147] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.431172] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.431193] ? trace_hardirqs_on+0x37/0xe0 [ 13.431217] ? kasan_bitops_generic+0x92/0x1c0 [ 13.431254] kasan_bitops_generic+0x121/0x1c0 [ 13.431275] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.431297] ? __pfx_read_tsc+0x10/0x10 [ 13.431317] ? ktime_get_ts64+0x86/0x230 [ 13.431342] kunit_try_run_case+0x1a5/0x480 [ 13.431367] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.431389] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.431416] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.431440] ? __kthread_parkme+0x82/0x180 [ 13.431462] ? preempt_count_sub+0x50/0x80 [ 13.431488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.431512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.431536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.431559] kthread+0x337/0x6f0 [ 13.431576] ? trace_preempt_on+0x20/0xc0 [ 13.431599] ? __pfx_kthread+0x10/0x10 [ 13.431618] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.431640] ? calculate_sigpending+0x7b/0xa0 [ 13.431662] ? __pfx_kthread+0x10/0x10 [ 13.431681] ret_from_fork+0x41/0x80 [ 13.431703] ? __pfx_kthread+0x10/0x10 [ 13.431721] ret_from_fork_asm+0x1a/0x30 [ 13.431753] </TASK> [ 13.431763] [ 13.440515] Allocated by task 280: [ 13.440657] kasan_save_stack+0x45/0x70 [ 13.440935] kasan_save_track+0x18/0x40 [ 13.441210] kasan_save_alloc_info+0x3b/0x50 [ 13.441540] __kasan_kmalloc+0xb7/0xc0 [ 13.441692] __kmalloc_cache_noprof+0x189/0x420 [ 13.441845] kasan_bitops_generic+0x92/0x1c0 [ 13.441991] kunit_try_run_case+0x1a5/0x480 [ 13.442137] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.442638] kthread+0x337/0x6f0 [ 13.442815] ret_from_fork+0x41/0x80 [ 13.442999] ret_from_fork_asm+0x1a/0x30 [ 13.443193] [ 13.443386] The buggy address belongs to the object at ffff888102307e00 [ 13.443386] which belongs to the cache kmalloc-16 of size 16 [ 13.443887] The buggy address is located 8 bytes inside of [ 13.443887] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.444249] [ 13.445044] The buggy address belongs to the physical page: [ 13.445643] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.446015] flags: 0x200000000000000(node=0|zone=2) [ 13.446592] page_type: f5(slab) [ 13.447041] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.447617] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.447943] page dumped because: kasan: bad access detected [ 13.448177] [ 13.448279] Memory state around the buggy address: [ 13.448489] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.449260] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.450169] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.450737] ^ [ 13.450911] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.451207] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.451438] ================================================================== [ 13.594597] ================================================================== [ 13.595311] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.596015] Read of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.596818] [ 13.596968] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.597017] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.597029] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.597082] Call Trace: [ 13.597101] <TASK> [ 13.597121] dump_stack_lvl+0x73/0xb0 [ 13.597149] print_report+0xd1/0x650 [ 13.597173] ? __virt_addr_valid+0x1db/0x2d0 [ 13.597195] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.597219] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.597254] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.597476] kasan_report+0x141/0x180 [ 13.597504] ? kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.597534] __asan_report_load8_noabort+0x18/0x20 [ 13.597561] kasan_bitops_test_and_modify.constprop.0+0xd06/0xd90 [ 13.597587] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.597613] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.597658] ? trace_hardirqs_on+0x37/0xe0 [ 13.597681] ? kasan_bitops_generic+0x92/0x1c0 [ 13.597706] kasan_bitops_generic+0x121/0x1c0 [ 13.597727] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.597749] ? __pfx_read_tsc+0x10/0x10 [ 13.597770] ? ktime_get_ts64+0x86/0x230 [ 13.597795] kunit_try_run_case+0x1a5/0x480 [ 13.597821] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.597843] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.597869] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.597893] ? __kthread_parkme+0x82/0x180 [ 13.597916] ? preempt_count_sub+0x50/0x80 [ 13.597941] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.597965] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.597990] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.598013] kthread+0x337/0x6f0 [ 13.598030] ? trace_preempt_on+0x20/0xc0 [ 13.598053] ? __pfx_kthread+0x10/0x10 [ 13.598071] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.598093] ? calculate_sigpending+0x7b/0xa0 [ 13.598116] ? __pfx_kthread+0x10/0x10 [ 13.598134] ret_from_fork+0x41/0x80 [ 13.598155] ? __pfx_kthread+0x10/0x10 [ 13.598173] ret_from_fork_asm+0x1a/0x30 [ 13.598205] </TASK> [ 13.598216] [ 13.613756] Allocated by task 280: [ 13.614147] kasan_save_stack+0x45/0x70 [ 13.614474] kasan_save_track+0x18/0x40 [ 13.614622] kasan_save_alloc_info+0x3b/0x50 [ 13.615024] __kasan_kmalloc+0xb7/0xc0 [ 13.615458] __kmalloc_cache_noprof+0x189/0x420 [ 13.616015] kasan_bitops_generic+0x92/0x1c0 [ 13.616474] kunit_try_run_case+0x1a5/0x480 [ 13.616811] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.616990] kthread+0x337/0x6f0 [ 13.617109] ret_from_fork+0x41/0x80 [ 13.617253] ret_from_fork_asm+0x1a/0x30 [ 13.617906] [ 13.618093] The buggy address belongs to the object at ffff888102307e00 [ 13.618093] which belongs to the cache kmalloc-16 of size 16 [ 13.619346] The buggy address is located 8 bytes inside of [ 13.619346] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.620755] [ 13.620927] The buggy address belongs to the physical page: [ 13.621575] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.621954] flags: 0x200000000000000(node=0|zone=2) [ 13.622119] page_type: f5(slab) [ 13.622254] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.622531] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.622818] page dumped because: kasan: bad access detected [ 13.623488] [ 13.623823] Memory state around the buggy address: [ 13.624413] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.625210] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.626127] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.626932] ^ [ 13.627623] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.628351] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.629107] ================================================================== [ 13.544282] ================================================================== [ 13.544728] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.545089] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.545496] [ 13.545630] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.545675] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.545688] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.545710] Call Trace: [ 13.545727] <TASK> [ 13.545753] dump_stack_lvl+0x73/0xb0 [ 13.545778] print_report+0xd1/0x650 [ 13.545801] ? __virt_addr_valid+0x1db/0x2d0 [ 13.545835] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.545859] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.545882] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.545917] kasan_report+0x141/0x180 [ 13.545940] ? kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.545969] kasan_check_range+0x10c/0x1c0 [ 13.546001] __kasan_check_write+0x18/0x20 [ 13.546022] kasan_bitops_test_and_modify.constprop.0+0x4b9/0xd90 [ 13.546047] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.546072] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.546094] ? trace_hardirqs_on+0x37/0xe0 [ 13.546117] ? kasan_bitops_generic+0x92/0x1c0 [ 13.546152] kasan_bitops_generic+0x121/0x1c0 [ 13.546172] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.546193] ? __pfx_read_tsc+0x10/0x10 [ 13.546224] ? ktime_get_ts64+0x86/0x230 [ 13.546274] kunit_try_run_case+0x1a5/0x480 [ 13.546298] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.546320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.546346] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.546370] ? __kthread_parkme+0x82/0x180 [ 13.546392] ? preempt_count_sub+0x50/0x80 [ 13.546419] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.546443] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.546466] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.546490] kthread+0x337/0x6f0 [ 13.546507] ? trace_preempt_on+0x20/0xc0 [ 13.546530] ? __pfx_kthread+0x10/0x10 [ 13.546549] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.546572] ? calculate_sigpending+0x7b/0xa0 [ 13.546594] ? __pfx_kthread+0x10/0x10 [ 13.546613] ret_from_fork+0x41/0x80 [ 13.546633] ? __pfx_kthread+0x10/0x10 [ 13.546652] ret_from_fork_asm+0x1a/0x30 [ 13.546683] </TASK> [ 13.546693] [ 13.556208] Allocated by task 280: [ 13.556455] kasan_save_stack+0x45/0x70 [ 13.556619] kasan_save_track+0x18/0x40 [ 13.556806] kasan_save_alloc_info+0x3b/0x50 [ 13.557132] __kasan_kmalloc+0xb7/0xc0 [ 13.557408] __kmalloc_cache_noprof+0x189/0x420 [ 13.557629] kasan_bitops_generic+0x92/0x1c0 [ 13.557838] kunit_try_run_case+0x1a5/0x480 [ 13.558045] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.558315] kthread+0x337/0x6f0 [ 13.558593] ret_from_fork+0x41/0x80 [ 13.558806] ret_from_fork_asm+0x1a/0x30 [ 13.558979] [ 13.559075] The buggy address belongs to the object at ffff888102307e00 [ 13.559075] which belongs to the cache kmalloc-16 of size 16 [ 13.559792] The buggy address is located 8 bytes inside of [ 13.559792] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.560303] [ 13.560407] The buggy address belongs to the physical page: [ 13.560764] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.561194] flags: 0x200000000000000(node=0|zone=2) [ 13.561435] page_type: f5(slab) [ 13.561637] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.562240] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.562727] page dumped because: kasan: bad access detected [ 13.562996] [ 13.563068] Memory state around the buggy address: [ 13.563330] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.563876] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.564184] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.564630] ^ [ 13.564821] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565107] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.565479] ================================================================== [ 13.475342] ================================================================== [ 13.475770] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.476164] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.476515] [ 13.476834] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.476899] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.476912] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.476933] Call Trace: [ 13.476952] <TASK> [ 13.476969] dump_stack_lvl+0x73/0xb0 [ 13.476996] print_report+0xd1/0x650 [ 13.477029] ? __virt_addr_valid+0x1db/0x2d0 [ 13.477051] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.477078] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.477112] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.477137] kasan_report+0x141/0x180 [ 13.477161] ? kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.477198] kasan_check_range+0x10c/0x1c0 [ 13.477219] __kasan_check_write+0x18/0x20 [ 13.477257] kasan_bitops_test_and_modify.constprop.0+0x2dd/0xd90 [ 13.477299] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.477328] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.477349] ? trace_hardirqs_on+0x37/0xe0 [ 13.477372] ? kasan_bitops_generic+0x92/0x1c0 [ 13.477406] kasan_bitops_generic+0x121/0x1c0 [ 13.477428] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.477524] ? __pfx_read_tsc+0x10/0x10 [ 13.477558] ? ktime_get_ts64+0x86/0x230 [ 13.477584] kunit_try_run_case+0x1a5/0x480 [ 13.477610] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477635] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.477671] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.477695] ? __kthread_parkme+0x82/0x180 [ 13.477728] ? preempt_count_sub+0x50/0x80 [ 13.477754] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.477779] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.477801] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.477825] kthread+0x337/0x6f0 [ 13.477842] ? trace_preempt_on+0x20/0xc0 [ 13.477864] ? __pfx_kthread+0x10/0x10 [ 13.477884] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.477906] ? calculate_sigpending+0x7b/0xa0 [ 13.477929] ? __pfx_kthread+0x10/0x10 [ 13.477947] ret_from_fork+0x41/0x80 [ 13.477968] ? __pfx_kthread+0x10/0x10 [ 13.477987] ret_from_fork_asm+0x1a/0x30 [ 13.478028] </TASK> [ 13.478038] [ 13.487543] Allocated by task 280: [ 13.487846] kasan_save_stack+0x45/0x70 [ 13.488042] kasan_save_track+0x18/0x40 [ 13.488202] kasan_save_alloc_info+0x3b/0x50 [ 13.488739] __kasan_kmalloc+0xb7/0xc0 [ 13.488930] __kmalloc_cache_noprof+0x189/0x420 [ 13.489150] kasan_bitops_generic+0x92/0x1c0 [ 13.489361] kunit_try_run_case+0x1a5/0x480 [ 13.489689] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.489886] kthread+0x337/0x6f0 [ 13.490006] ret_from_fork+0x41/0x80 [ 13.490140] ret_from_fork_asm+0x1a/0x30 [ 13.490362] [ 13.490489] The buggy address belongs to the object at ffff888102307e00 [ 13.490489] which belongs to the cache kmalloc-16 of size 16 [ 13.491072] The buggy address is located 8 bytes inside of [ 13.491072] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.491602] [ 13.491768] The buggy address belongs to the physical page: [ 13.492055] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.492898] flags: 0x200000000000000(node=0|zone=2) [ 13.493158] page_type: f5(slab) [ 13.493414] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.493805] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.494146] page dumped because: kasan: bad access detected [ 13.494480] [ 13.494580] Memory state around the buggy address: [ 13.494876] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.495167] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.495648] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.495959] ^ [ 13.496144] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.496478] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.496821] ================================================================== [ 13.452737] ================================================================== [ 13.453272] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.453955] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.454369] [ 13.454468] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.454524] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.454537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.454558] Call Trace: [ 13.454583] <TASK> [ 13.454599] dump_stack_lvl+0x73/0xb0 [ 13.454625] print_report+0xd1/0x650 [ 13.454648] ? __virt_addr_valid+0x1db/0x2d0 [ 13.454669] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.454703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.454726] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.454751] kasan_report+0x141/0x180 [ 13.454783] ? kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.454814] kasan_check_range+0x10c/0x1c0 [ 13.454836] __kasan_check_write+0x18/0x20 [ 13.454856] kasan_bitops_test_and_modify.constprop.0+0x23e/0xd90 [ 13.454890] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.454916] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.454947] ? trace_hardirqs_on+0x37/0xe0 [ 13.454969] ? kasan_bitops_generic+0x92/0x1c0 [ 13.454994] kasan_bitops_generic+0x121/0x1c0 [ 13.455014] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.455037] ? __pfx_read_tsc+0x10/0x10 [ 13.455066] ? ktime_get_ts64+0x86/0x230 [ 13.455092] kunit_try_run_case+0x1a5/0x480 [ 13.455117] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.455150] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.455175] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.455199] ? __kthread_parkme+0x82/0x180 [ 13.455221] ? preempt_count_sub+0x50/0x80 [ 13.455257] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.455354] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.455383] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.455407] kthread+0x337/0x6f0 [ 13.455426] ? trace_preempt_on+0x20/0xc0 [ 13.455448] ? __pfx_kthread+0x10/0x10 [ 13.455467] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.455491] ? calculate_sigpending+0x7b/0xa0 [ 13.455513] ? __pfx_kthread+0x10/0x10 [ 13.455532] ret_from_fork+0x41/0x80 [ 13.455553] ? __pfx_kthread+0x10/0x10 [ 13.455571] ret_from_fork_asm+0x1a/0x30 [ 13.455602] </TASK> [ 13.455612] [ 13.465640] Allocated by task 280: [ 13.465778] kasan_save_stack+0x45/0x70 [ 13.466214] kasan_save_track+0x18/0x40 [ 13.466399] kasan_save_alloc_info+0x3b/0x50 [ 13.466679] __kasan_kmalloc+0xb7/0xc0 [ 13.466925] __kmalloc_cache_noprof+0x189/0x420 [ 13.467120] kasan_bitops_generic+0x92/0x1c0 [ 13.467359] kunit_try_run_case+0x1a5/0x480 [ 13.467608] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.467864] kthread+0x337/0x6f0 [ 13.468046] ret_from_fork+0x41/0x80 [ 13.468247] ret_from_fork_asm+0x1a/0x30 [ 13.468795] [ 13.468892] The buggy address belongs to the object at ffff888102307e00 [ 13.468892] which belongs to the cache kmalloc-16 of size 16 [ 13.469488] The buggy address is located 8 bytes inside of [ 13.469488] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.470052] [ 13.470166] The buggy address belongs to the physical page: [ 13.470425] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.470930] flags: 0x200000000000000(node=0|zone=2) [ 13.471170] page_type: f5(slab) [ 13.471442] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.471813] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.472147] page dumped because: kasan: bad access detected [ 13.472562] [ 13.472775] Memory state around the buggy address: [ 13.473027] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.473274] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.473498] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.473912] ^ [ 13.474091] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474486] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.474822] ================================================================== [ 13.521790] ================================================================== [ 13.522254] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.522638] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.523054] [ 13.523220] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.523294] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.523306] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.523330] Call Trace: [ 13.523350] <TASK> [ 13.523485] dump_stack_lvl+0x73/0xb0 [ 13.523525] print_report+0xd1/0x650 [ 13.523550] ? __virt_addr_valid+0x1db/0x2d0 [ 13.523572] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.523598] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.523623] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.523647] kasan_report+0x141/0x180 [ 13.523670] ? kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.523699] kasan_check_range+0x10c/0x1c0 [ 13.523721] __kasan_check_write+0x18/0x20 [ 13.523741] kasan_bitops_test_and_modify.constprop.0+0x41a/0xd90 [ 13.523766] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.523792] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.523814] ? trace_hardirqs_on+0x37/0xe0 [ 13.523836] ? kasan_bitops_generic+0x92/0x1c0 [ 13.523861] kasan_bitops_generic+0x121/0x1c0 [ 13.523881] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.523903] ? __pfx_read_tsc+0x10/0x10 [ 13.523923] ? ktime_get_ts64+0x86/0x230 [ 13.523950] kunit_try_run_case+0x1a5/0x480 [ 13.524096] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.524121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.524145] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.524170] ? __kthread_parkme+0x82/0x180 [ 13.524192] ? preempt_count_sub+0x50/0x80 [ 13.524218] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.524252] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.524326] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.524354] kthread+0x337/0x6f0 [ 13.524373] ? trace_preempt_on+0x20/0xc0 [ 13.524396] ? __pfx_kthread+0x10/0x10 [ 13.524414] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.524436] ? calculate_sigpending+0x7b/0xa0 [ 13.524459] ? __pfx_kthread+0x10/0x10 [ 13.524478] ret_from_fork+0x41/0x80 [ 13.524499] ? __pfx_kthread+0x10/0x10 [ 13.524518] ret_from_fork_asm+0x1a/0x30 [ 13.524549] </TASK> [ 13.524560] [ 13.534368] Allocated by task 280: [ 13.534612] kasan_save_stack+0x45/0x70 [ 13.534867] kasan_save_track+0x18/0x40 [ 13.535062] kasan_save_alloc_info+0x3b/0x50 [ 13.535275] __kasan_kmalloc+0xb7/0xc0 [ 13.535543] __kmalloc_cache_noprof+0x189/0x420 [ 13.535960] kasan_bitops_generic+0x92/0x1c0 [ 13.536167] kunit_try_run_case+0x1a5/0x480 [ 13.536419] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.536766] kthread+0x337/0x6f0 [ 13.536968] ret_from_fork+0x41/0x80 [ 13.537099] ret_from_fork_asm+0x1a/0x30 [ 13.537250] [ 13.537331] The buggy address belongs to the object at ffff888102307e00 [ 13.537331] which belongs to the cache kmalloc-16 of size 16 [ 13.538144] The buggy address is located 8 bytes inside of [ 13.538144] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.538508] [ 13.538582] The buggy address belongs to the physical page: [ 13.538857] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.539264] flags: 0x200000000000000(node=0|zone=2) [ 13.539520] page_type: f5(slab) [ 13.539863] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.540270] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.540775] page dumped because: kasan: bad access detected [ 13.541053] [ 13.541143] Memory state around the buggy address: [ 13.541415] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.541823] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.542155] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.542680] ^ [ 13.542815] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.543033] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.543442] ================================================================== [ 13.409565] ================================================================== [ 13.409904] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.410274] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.410861] [ 13.410957] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.411005] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.411017] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.411038] Call Trace: [ 13.411055] <TASK> [ 13.411073] dump_stack_lvl+0x73/0xb0 [ 13.411101] print_report+0xd1/0x650 [ 13.411123] ? __virt_addr_valid+0x1db/0x2d0 [ 13.411146] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.411171] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.411194] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.411219] kasan_report+0x141/0x180 [ 13.411255] ? kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.411285] kasan_check_range+0x10c/0x1c0 [ 13.411306] __kasan_check_write+0x18/0x20 [ 13.411325] kasan_bitops_test_and_modify.constprop.0+0x101/0xd90 [ 13.411350] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.411375] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.411473] ? trace_hardirqs_on+0x37/0xe0 [ 13.411497] ? kasan_bitops_generic+0x92/0x1c0 [ 13.411522] kasan_bitops_generic+0x121/0x1c0 [ 13.411543] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.411565] ? __pfx_read_tsc+0x10/0x10 [ 13.411586] ? ktime_get_ts64+0x86/0x230 [ 13.411612] kunit_try_run_case+0x1a5/0x480 [ 13.411637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.411662] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.411688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.411712] ? __kthread_parkme+0x82/0x180 [ 13.411735] ? preempt_count_sub+0x50/0x80 [ 13.411761] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.411785] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.411808] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.411832] kthread+0x337/0x6f0 [ 13.411850] ? trace_preempt_on+0x20/0xc0 [ 13.411874] ? __pfx_kthread+0x10/0x10 [ 13.411892] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.411925] ? calculate_sigpending+0x7b/0xa0 [ 13.411948] ? __pfx_kthread+0x10/0x10 [ 13.411967] ret_from_fork+0x41/0x80 [ 13.411988] ? __pfx_kthread+0x10/0x10 [ 13.412006] ret_from_fork_asm+0x1a/0x30 [ 13.412037] </TASK> [ 13.412048] [ 13.421178] Allocated by task 280: [ 13.421380] kasan_save_stack+0x45/0x70 [ 13.421585] kasan_save_track+0x18/0x40 [ 13.421865] kasan_save_alloc_info+0x3b/0x50 [ 13.422047] __kasan_kmalloc+0xb7/0xc0 [ 13.422182] __kmalloc_cache_noprof+0x189/0x420 [ 13.422477] kasan_bitops_generic+0x92/0x1c0 [ 13.422697] kunit_try_run_case+0x1a5/0x480 [ 13.423082] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.423327] kthread+0x337/0x6f0 [ 13.423506] ret_from_fork+0x41/0x80 [ 13.423747] ret_from_fork_asm+0x1a/0x30 [ 13.423932] [ 13.424013] The buggy address belongs to the object at ffff888102307e00 [ 13.424013] which belongs to the cache kmalloc-16 of size 16 [ 13.424557] The buggy address is located 8 bytes inside of [ 13.424557] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.425080] [ 13.425172] The buggy address belongs to the physical page: [ 13.425503] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.425856] flags: 0x200000000000000(node=0|zone=2) [ 13.426026] page_type: f5(slab) [ 13.426146] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.426390] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.426618] page dumped because: kasan: bad access detected [ 13.426870] [ 13.426992] Memory state around the buggy address: [ 13.427217] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.427544] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.428046] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.428483] ^ [ 13.428647] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.428925] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.429198] ================================================================== [ 13.566052] ================================================================== [ 13.566499] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.566900] Read of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.567246] [ 13.567417] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.567463] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.567475] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.567496] Call Trace: [ 13.567512] <TASK> [ 13.567528] dump_stack_lvl+0x73/0xb0 [ 13.567552] print_report+0xd1/0x650 [ 13.567575] ? __virt_addr_valid+0x1db/0x2d0 [ 13.567597] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.567620] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.567644] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.567669] kasan_report+0x141/0x180 [ 13.567691] ? kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.567720] kasan_check_range+0x10c/0x1c0 [ 13.567741] __kasan_check_read+0x15/0x20 [ 13.567968] kasan_bitops_test_and_modify.constprop.0+0x557/0xd90 [ 13.567999] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.568026] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.568047] ? trace_hardirqs_on+0x37/0xe0 [ 13.568069] ? kasan_bitops_generic+0x92/0x1c0 [ 13.568103] kasan_bitops_generic+0x121/0x1c0 [ 13.568125] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.568148] ? __pfx_read_tsc+0x10/0x10 [ 13.568168] ? ktime_get_ts64+0x86/0x230 [ 13.568194] kunit_try_run_case+0x1a5/0x480 [ 13.568219] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.568255] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.568373] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.568403] ? __kthread_parkme+0x82/0x180 [ 13.568426] ? preempt_count_sub+0x50/0x80 [ 13.568453] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.568487] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.568514] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.568538] kthread+0x337/0x6f0 [ 13.568565] ? trace_preempt_on+0x20/0xc0 [ 13.568589] ? __pfx_kthread+0x10/0x10 [ 13.568608] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.568639] ? calculate_sigpending+0x7b/0xa0 [ 13.568662] ? __pfx_kthread+0x10/0x10 [ 13.568681] ret_from_fork+0x41/0x80 [ 13.568711] ? __pfx_kthread+0x10/0x10 [ 13.568730] ret_from_fork_asm+0x1a/0x30 [ 13.568761] </TASK> [ 13.568772] [ 13.579562] Allocated by task 280: [ 13.579722] kasan_save_stack+0x45/0x70 [ 13.579884] kasan_save_track+0x18/0x40 [ 13.580030] kasan_save_alloc_info+0x3b/0x50 [ 13.580960] __kasan_kmalloc+0xb7/0xc0 [ 13.581181] __kmalloc_cache_noprof+0x189/0x420 [ 13.581691] kasan_bitops_generic+0x92/0x1c0 [ 13.581956] kunit_try_run_case+0x1a5/0x480 [ 13.582192] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.582789] kthread+0x337/0x6f0 [ 13.583003] ret_from_fork+0x41/0x80 [ 13.583206] ret_from_fork_asm+0x1a/0x30 [ 13.583623] [ 13.583812] The buggy address belongs to the object at ffff888102307e00 [ 13.583812] which belongs to the cache kmalloc-16 of size 16 [ 13.584200] The buggy address is located 8 bytes inside of [ 13.584200] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.585397] [ 13.585830] The buggy address belongs to the physical page: [ 13.586097] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.587346] flags: 0x200000000000000(node=0|zone=2) [ 13.587748] page_type: f5(slab) [ 13.588260] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.588830] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.589062] page dumped because: kasan: bad access detected [ 13.589240] [ 13.589340] Memory state around the buggy address: [ 13.590100] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.590869] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.591589] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.592255] ^ [ 13.592719] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.593065] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.593558] ================================================================== [ 13.497520] ================================================================== [ 13.498293] BUG: KASAN: slab-out-of-bounds in kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.499053] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.499585] [ 13.499745] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.499793] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.499807] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.499830] Call Trace: [ 13.499842] <TASK> [ 13.499860] dump_stack_lvl+0x73/0xb0 [ 13.499887] print_report+0xd1/0x650 [ 13.499911] ? __virt_addr_valid+0x1db/0x2d0 [ 13.499934] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.499958] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.499982] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.500007] kasan_report+0x141/0x180 [ 13.500029] ? kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.500059] kasan_check_range+0x10c/0x1c0 [ 13.500080] __kasan_check_write+0x18/0x20 [ 13.500100] kasan_bitops_test_and_modify.constprop.0+0x37c/0xd90 [ 13.500138] ? __pfx_kasan_bitops_test_and_modify.constprop.0+0x10/0x10 [ 13.500164] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.500186] ? trace_hardirqs_on+0x37/0xe0 [ 13.500221] ? kasan_bitops_generic+0x92/0x1c0 [ 13.500256] kasan_bitops_generic+0x121/0x1c0 [ 13.500277] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.500298] ? __pfx_read_tsc+0x10/0x10 [ 13.500320] ? ktime_get_ts64+0x86/0x230 [ 13.500346] kunit_try_run_case+0x1a5/0x480 [ 13.500371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500394] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.500419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.500442] ? __kthread_parkme+0x82/0x180 [ 13.500466] ? preempt_count_sub+0x50/0x80 [ 13.500492] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.500573] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.500603] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.500627] kthread+0x337/0x6f0 [ 13.500645] ? trace_preempt_on+0x20/0xc0 [ 13.500668] ? __pfx_kthread+0x10/0x10 [ 13.500687] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.500710] ? calculate_sigpending+0x7b/0xa0 [ 13.500732] ? __pfx_kthread+0x10/0x10 [ 13.500752] ret_from_fork+0x41/0x80 [ 13.500774] ? __pfx_kthread+0x10/0x10 [ 13.500792] ret_from_fork_asm+0x1a/0x30 [ 13.500824] </TASK> [ 13.500835] [ 13.510805] Allocated by task 280: [ 13.511029] kasan_save_stack+0x45/0x70 [ 13.511623] kasan_save_track+0x18/0x40 [ 13.511848] kasan_save_alloc_info+0x3b/0x50 [ 13.512096] __kasan_kmalloc+0xb7/0xc0 [ 13.512337] __kmalloc_cache_noprof+0x189/0x420 [ 13.512514] kasan_bitops_generic+0x92/0x1c0 [ 13.512657] kunit_try_run_case+0x1a5/0x480 [ 13.512807] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.513313] kthread+0x337/0x6f0 [ 13.513482] ret_from_fork+0x41/0x80 [ 13.513811] ret_from_fork_asm+0x1a/0x30 [ 13.514055] [ 13.514196] The buggy address belongs to the object at ffff888102307e00 [ 13.514196] which belongs to the cache kmalloc-16 of size 16 [ 13.514831] The buggy address is located 8 bytes inside of [ 13.514831] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.515206] [ 13.515538] The buggy address belongs to the physical page: [ 13.515953] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.516408] flags: 0x200000000000000(node=0|zone=2) [ 13.516735] page_type: f5(slab) [ 13.516912] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.517322] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.517748] page dumped because: kasan: bad access detected [ 13.517925] [ 13.518017] Memory state around the buggy address: [ 13.518363] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.518900] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.519266] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.519848] ^ [ 13.520082] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.520521] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.520950] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kasan_bitops_modifyconstprop
[ 13.246094] ================================================================== [ 13.246783] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.247145] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.247917] [ 13.248042] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.248113] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.248126] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.248148] Call Trace: [ 13.248167] <TASK> [ 13.248185] dump_stack_lvl+0x73/0xb0 [ 13.248212] print_report+0xd1/0x650 [ 13.248249] ? __virt_addr_valid+0x1db/0x2d0 [ 13.248502] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.248539] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.248564] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.248587] kasan_report+0x141/0x180 [ 13.248611] ? kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.248639] kasan_check_range+0x10c/0x1c0 [ 13.248660] __kasan_check_write+0x18/0x20 [ 13.248681] kasan_bitops_modify.constprop.0+0x19c/0xd50 [ 13.248704] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.248727] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.248750] ? trace_hardirqs_on+0x37/0xe0 [ 13.248773] ? kasan_bitops_generic+0x92/0x1c0 [ 13.248797] kasan_bitops_generic+0x116/0x1c0 [ 13.248817] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.248840] ? __pfx_read_tsc+0x10/0x10 [ 13.248860] ? ktime_get_ts64+0x86/0x230 [ 13.248885] kunit_try_run_case+0x1a5/0x480 [ 13.248911] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.248932] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.248958] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.248982] ? __kthread_parkme+0x82/0x180 [ 13.249004] ? preempt_count_sub+0x50/0x80 [ 13.249030] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.249054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.249077] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.249101] kthread+0x337/0x6f0 [ 13.249117] ? trace_preempt_on+0x20/0xc0 [ 13.249141] ? __pfx_kthread+0x10/0x10 [ 13.249159] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.249181] ? calculate_sigpending+0x7b/0xa0 [ 13.249203] ? __pfx_kthread+0x10/0x10 [ 13.249222] ret_from_fork+0x41/0x80 [ 13.249258] ? __pfx_kthread+0x10/0x10 [ 13.249332] ret_from_fork_asm+0x1a/0x30 [ 13.249365] </TASK> [ 13.249375] [ 13.261161] Allocated by task 280: [ 13.261729] kasan_save_stack+0x45/0x70 [ 13.261944] kasan_save_track+0x18/0x40 [ 13.262085] kasan_save_alloc_info+0x3b/0x50 [ 13.262309] __kasan_kmalloc+0xb7/0xc0 [ 13.262870] __kmalloc_cache_noprof+0x189/0x420 [ 13.263388] kasan_bitops_generic+0x92/0x1c0 [ 13.263683] kunit_try_run_case+0x1a5/0x480 [ 13.264131] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.264492] kthread+0x337/0x6f0 [ 13.264618] ret_from_fork+0x41/0x80 [ 13.265055] ret_from_fork_asm+0x1a/0x30 [ 13.265445] [ 13.265625] The buggy address belongs to the object at ffff888102307e00 [ 13.265625] which belongs to the cache kmalloc-16 of size 16 [ 13.266265] The buggy address is located 8 bytes inside of [ 13.266265] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.266610] [ 13.266776] The buggy address belongs to the physical page: [ 13.266974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.267357] flags: 0x200000000000000(node=0|zone=2) [ 13.267571] page_type: f5(slab) [ 13.267726] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.267967] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.268358] page dumped because: kasan: bad access detected [ 13.268630] [ 13.268818] Memory state around the buggy address: [ 13.269015] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.269428] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.269724] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270084] ^ [ 13.270206] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270547] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.270863] ================================================================== [ 13.359318] ================================================================== [ 13.359640] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.360014] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.360343] [ 13.360467] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.360513] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.360525] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.360549] Call Trace: [ 13.360579] <TASK> [ 13.360599] dump_stack_lvl+0x73/0xb0 [ 13.360625] print_report+0xd1/0x650 [ 13.360649] ? __virt_addr_valid+0x1db/0x2d0 [ 13.360681] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.360703] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.360726] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.360749] kasan_report+0x141/0x180 [ 13.360771] ? kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.360798] kasan_check_range+0x10c/0x1c0 [ 13.360819] __kasan_check_write+0x18/0x20 [ 13.360839] kasan_bitops_modify.constprop.0+0x4ac/0xd50 [ 13.360862] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.360886] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.360908] ? trace_hardirqs_on+0x37/0xe0 [ 13.360930] ? kasan_bitops_generic+0x92/0x1c0 [ 13.360955] kasan_bitops_generic+0x116/0x1c0 [ 13.360975] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.360997] ? __pfx_read_tsc+0x10/0x10 [ 13.361017] ? ktime_get_ts64+0x86/0x230 [ 13.361042] kunit_try_run_case+0x1a5/0x480 [ 13.361068] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361090] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.361114] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.361138] ? __kthread_parkme+0x82/0x180 [ 13.361160] ? preempt_count_sub+0x50/0x80 [ 13.361187] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.361211] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.361243] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.361267] kthread+0x337/0x6f0 [ 13.361283] ? trace_preempt_on+0x20/0xc0 [ 13.361306] ? __pfx_kthread+0x10/0x10 [ 13.361325] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.361348] ? calculate_sigpending+0x7b/0xa0 [ 13.361370] ? __pfx_kthread+0x10/0x10 [ 13.361389] ret_from_fork+0x41/0x80 [ 13.361411] ? __pfx_kthread+0x10/0x10 [ 13.361429] ret_from_fork_asm+0x1a/0x30 [ 13.361461] </TASK> [ 13.361472] [ 13.375133] Allocated by task 280: [ 13.375365] kasan_save_stack+0x45/0x70 [ 13.375565] kasan_save_track+0x18/0x40 [ 13.376266] kasan_save_alloc_info+0x3b/0x50 [ 13.376780] __kasan_kmalloc+0xb7/0xc0 [ 13.377033] __kmalloc_cache_noprof+0x189/0x420 [ 13.377579] kasan_bitops_generic+0x92/0x1c0 [ 13.377932] kunit_try_run_case+0x1a5/0x480 [ 13.378086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.378428] kthread+0x337/0x6f0 [ 13.378570] ret_from_fork+0x41/0x80 [ 13.378772] ret_from_fork_asm+0x1a/0x30 [ 13.378975] [ 13.379054] The buggy address belongs to the object at ffff888102307e00 [ 13.379054] which belongs to the cache kmalloc-16 of size 16 [ 13.379638] The buggy address is located 8 bytes inside of [ 13.379638] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.380570] [ 13.380853] The buggy address belongs to the physical page: [ 13.381130] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.381953] flags: 0x200000000000000(node=0|zone=2) [ 13.382196] page_type: f5(slab) [ 13.382469] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.383106] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.383857] page dumped because: kasan: bad access detected [ 13.384117] [ 13.384213] Memory state around the buggy address: [ 13.384579] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.385739] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.386266] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.387129] ^ [ 13.387618] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.387960] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.388257] ================================================================== [ 13.312672] ================================================================== [ 13.313013] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.313363] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.314506] [ 13.314909] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.314964] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.314977] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.315059] Call Trace: [ 13.315081] <TASK> [ 13.315191] dump_stack_lvl+0x73/0xb0 [ 13.315226] print_report+0xd1/0x650 [ 13.315260] ? __virt_addr_valid+0x1db/0x2d0 [ 13.315308] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.315331] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.315354] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.315376] kasan_report+0x141/0x180 [ 13.315399] ? kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.315427] kasan_check_range+0x10c/0x1c0 [ 13.315447] __kasan_check_write+0x18/0x20 [ 13.315467] kasan_bitops_modify.constprop.0+0x373/0xd50 [ 13.315490] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.315513] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.315534] ? trace_hardirqs_on+0x37/0xe0 [ 13.315556] ? kasan_bitops_generic+0x92/0x1c0 [ 13.315581] kasan_bitops_generic+0x116/0x1c0 [ 13.315601] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.315623] ? __pfx_read_tsc+0x10/0x10 [ 13.315656] ? ktime_get_ts64+0x86/0x230 [ 13.315682] kunit_try_run_case+0x1a5/0x480 [ 13.315706] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.315728] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.315753] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.315778] ? __kthread_parkme+0x82/0x180 [ 13.315800] ? preempt_count_sub+0x50/0x80 [ 13.315825] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.315848] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.315871] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.315895] kthread+0x337/0x6f0 [ 13.315911] ? trace_preempt_on+0x20/0xc0 [ 13.315933] ? __pfx_kthread+0x10/0x10 [ 13.315951] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.315972] ? calculate_sigpending+0x7b/0xa0 [ 13.315995] ? __pfx_kthread+0x10/0x10 [ 13.316013] ret_from_fork+0x41/0x80 [ 13.316033] ? __pfx_kthread+0x10/0x10 [ 13.316051] ret_from_fork_asm+0x1a/0x30 [ 13.316081] </TASK> [ 13.316092] [ 13.325609] Allocated by task 280: [ 13.325808] kasan_save_stack+0x45/0x70 [ 13.325968] kasan_save_track+0x18/0x40 [ 13.326162] kasan_save_alloc_info+0x3b/0x50 [ 13.326563] __kasan_kmalloc+0xb7/0xc0 [ 13.326754] __kmalloc_cache_noprof+0x189/0x420 [ 13.326961] kasan_bitops_generic+0x92/0x1c0 [ 13.327164] kunit_try_run_case+0x1a5/0x480 [ 13.327424] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.327606] kthread+0x337/0x6f0 [ 13.327753] ret_from_fork+0x41/0x80 [ 13.327927] ret_from_fork_asm+0x1a/0x30 [ 13.328131] [ 13.328238] The buggy address belongs to the object at ffff888102307e00 [ 13.328238] which belongs to the cache kmalloc-16 of size 16 [ 13.328867] The buggy address is located 8 bytes inside of [ 13.328867] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.329504] [ 13.329603] The buggy address belongs to the physical page: [ 13.329803] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.330080] flags: 0x200000000000000(node=0|zone=2) [ 13.330497] page_type: f5(slab) [ 13.330679] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.331045] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.331487] page dumped because: kasan: bad access detected [ 13.331676] [ 13.331797] Memory state around the buggy address: [ 13.332030] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.332397] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.332721] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.332970] ^ [ 13.333149] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.333553] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.333876] ================================================================== [ 13.222077] ================================================================== [ 13.222660] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.223073] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.223531] [ 13.223641] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.223691] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.223705] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.223728] Call Trace: [ 13.223740] <TASK> [ 13.223760] dump_stack_lvl+0x73/0xb0 [ 13.223787] print_report+0xd1/0x650 [ 13.223811] ? __virt_addr_valid+0x1db/0x2d0 [ 13.223834] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.223856] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.223879] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.223902] kasan_report+0x141/0x180 [ 13.223925] ? kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.223953] kasan_check_range+0x10c/0x1c0 [ 13.224032] __kasan_check_write+0x18/0x20 [ 13.224069] kasan_bitops_modify.constprop.0+0x101/0xd50 [ 13.224092] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.224115] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.224137] ? trace_hardirqs_on+0x37/0xe0 [ 13.224161] ? kasan_bitops_generic+0x92/0x1c0 [ 13.224186] kasan_bitops_generic+0x116/0x1c0 [ 13.224207] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.224251] ? __pfx_read_tsc+0x10/0x10 [ 13.224275] ? ktime_get_ts64+0x86/0x230 [ 13.224484] kunit_try_run_case+0x1a5/0x480 [ 13.224510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.224533] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.224559] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.224583] ? __kthread_parkme+0x82/0x180 [ 13.224605] ? preempt_count_sub+0x50/0x80 [ 13.224631] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.224654] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.224679] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.224702] kthread+0x337/0x6f0 [ 13.224719] ? trace_preempt_on+0x20/0xc0 [ 13.224743] ? __pfx_kthread+0x10/0x10 [ 13.224761] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.224784] ? calculate_sigpending+0x7b/0xa0 [ 13.224807] ? __pfx_kthread+0x10/0x10 [ 13.224825] ret_from_fork+0x41/0x80 [ 13.224847] ? __pfx_kthread+0x10/0x10 [ 13.224864] ret_from_fork_asm+0x1a/0x30 [ 13.224895] </TASK> [ 13.224907] [ 13.234613] Allocated by task 280: [ 13.234842] kasan_save_stack+0x45/0x70 [ 13.235097] kasan_save_track+0x18/0x40 [ 13.235338] kasan_save_alloc_info+0x3b/0x50 [ 13.235526] __kasan_kmalloc+0xb7/0xc0 [ 13.235760] __kmalloc_cache_noprof+0x189/0x420 [ 13.235999] kasan_bitops_generic+0x92/0x1c0 [ 13.236253] kunit_try_run_case+0x1a5/0x480 [ 13.236659] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.236996] kthread+0x337/0x6f0 [ 13.237119] ret_from_fork+0x41/0x80 [ 13.237257] ret_from_fork_asm+0x1a/0x30 [ 13.237453] [ 13.237768] The buggy address belongs to the object at ffff888102307e00 [ 13.237768] which belongs to the cache kmalloc-16 of size 16 [ 13.238292] The buggy address is located 8 bytes inside of [ 13.238292] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.238949] [ 13.239067] The buggy address belongs to the physical page: [ 13.239352] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.239872] flags: 0x200000000000000(node=0|zone=2) [ 13.240139] page_type: f5(slab) [ 13.240588] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.241003] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.241255] page dumped because: kasan: bad access detected [ 13.241635] [ 13.241778] Memory state around the buggy address: [ 13.242103] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.242969] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.243223] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.243878] ^ [ 13.244051] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.244388] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.245168] ================================================================== [ 13.290497] ================================================================== [ 13.290933] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.291407] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.291643] [ 13.291774] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.291821] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.291833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.291856] Call Trace: [ 13.291875] <TASK> [ 13.291895] dump_stack_lvl+0x73/0xb0 [ 13.291921] print_report+0xd1/0x650 [ 13.291944] ? __virt_addr_valid+0x1db/0x2d0 [ 13.291967] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.291990] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.292014] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.292038] kasan_report+0x141/0x180 [ 13.292062] ? kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.292091] kasan_check_range+0x10c/0x1c0 [ 13.292114] __kasan_check_write+0x18/0x20 [ 13.292136] kasan_bitops_modify.constprop.0+0x2d5/0xd50 [ 13.292160] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.292184] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.292207] ? trace_hardirqs_on+0x37/0xe0 [ 13.292244] ? kasan_bitops_generic+0x92/0x1c0 [ 13.292270] kasan_bitops_generic+0x116/0x1c0 [ 13.292291] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.292315] ? __pfx_read_tsc+0x10/0x10 [ 13.292337] ? ktime_get_ts64+0x86/0x230 [ 13.292363] kunit_try_run_case+0x1a5/0x480 [ 13.292387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.292410] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.292435] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.292459] ? __kthread_parkme+0x82/0x180 [ 13.292481] ? preempt_count_sub+0x50/0x80 [ 13.292510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.292534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.292557] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.292580] kthread+0x337/0x6f0 [ 13.292597] ? trace_preempt_on+0x20/0xc0 [ 13.292619] ? __pfx_kthread+0x10/0x10 [ 13.292638] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.292660] ? calculate_sigpending+0x7b/0xa0 [ 13.292682] ? __pfx_kthread+0x10/0x10 [ 13.292700] ret_from_fork+0x41/0x80 [ 13.292721] ? __pfx_kthread+0x10/0x10 [ 13.292739] ret_from_fork_asm+0x1a/0x30 [ 13.292770] </TASK> [ 13.292780] [ 13.301053] Allocated by task 280: [ 13.301245] kasan_save_stack+0x45/0x70 [ 13.301400] kasan_save_track+0x18/0x40 [ 13.301536] kasan_save_alloc_info+0x3b/0x50 [ 13.301687] __kasan_kmalloc+0xb7/0xc0 [ 13.301820] __kmalloc_cache_noprof+0x189/0x420 [ 13.301973] kasan_bitops_generic+0x92/0x1c0 [ 13.302516] kunit_try_run_case+0x1a5/0x480 [ 13.302825] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.303085] kthread+0x337/0x6f0 [ 13.303276] ret_from_fork+0x41/0x80 [ 13.303527] ret_from_fork_asm+0x1a/0x30 [ 13.303850] [ 13.303949] The buggy address belongs to the object at ffff888102307e00 [ 13.303949] which belongs to the cache kmalloc-16 of size 16 [ 13.304509] The buggy address is located 8 bytes inside of [ 13.304509] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.305265] [ 13.305342] The buggy address belongs to the physical page: [ 13.305515] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.305758] flags: 0x200000000000000(node=0|zone=2) [ 13.305960] page_type: f5(slab) [ 13.306293] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.306638] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.306975] page dumped because: kasan: bad access detected [ 13.307193] [ 13.307470] Memory state around the buggy address: [ 13.307636] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.307964] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.308385] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.308787] ^ [ 13.308970] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309378] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.309667] ================================================================== [ 13.271322] ================================================================== [ 13.271869] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.272372] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.272663] [ 13.272754] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.272801] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.272817] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.272839] Call Trace: [ 13.272859] <TASK> [ 13.272878] dump_stack_lvl+0x73/0xb0 [ 13.272904] print_report+0xd1/0x650 [ 13.272926] ? __virt_addr_valid+0x1db/0x2d0 [ 13.272949] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.272971] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.272995] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.273018] kasan_report+0x141/0x180 [ 13.273041] ? kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.273069] kasan_check_range+0x10c/0x1c0 [ 13.273090] __kasan_check_write+0x18/0x20 [ 13.273110] kasan_bitops_modify.constprop.0+0x23a/0xd50 [ 13.273134] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.273157] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.273179] ? trace_hardirqs_on+0x37/0xe0 [ 13.273203] ? kasan_bitops_generic+0x92/0x1c0 [ 13.273241] kasan_bitops_generic+0x116/0x1c0 [ 13.273263] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.273285] ? __pfx_read_tsc+0x10/0x10 [ 13.273305] ? ktime_get_ts64+0x86/0x230 [ 13.273331] kunit_try_run_case+0x1a5/0x480 [ 13.273356] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273392] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.273417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.273441] ? __kthread_parkme+0x82/0x180 [ 13.273463] ? preempt_count_sub+0x50/0x80 [ 13.273488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.273512] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.273536] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.273567] kthread+0x337/0x6f0 [ 13.273583] ? trace_preempt_on+0x20/0xc0 [ 13.273606] ? __pfx_kthread+0x10/0x10 [ 13.273625] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.273647] ? calculate_sigpending+0x7b/0xa0 [ 13.273669] ? __pfx_kthread+0x10/0x10 [ 13.273689] ret_from_fork+0x41/0x80 [ 13.273709] ? __pfx_kthread+0x10/0x10 [ 13.273728] ret_from_fork_asm+0x1a/0x30 [ 13.273759] </TASK> [ 13.273769] [ 13.281800] Allocated by task 280: [ 13.281925] kasan_save_stack+0x45/0x70 [ 13.282065] kasan_save_track+0x18/0x40 [ 13.282257] kasan_save_alloc_info+0x3b/0x50 [ 13.282555] __kasan_kmalloc+0xb7/0xc0 [ 13.282877] __kmalloc_cache_noprof+0x189/0x420 [ 13.283056] kasan_bitops_generic+0x92/0x1c0 [ 13.283219] kunit_try_run_case+0x1a5/0x480 [ 13.283546] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.283787] kthread+0x337/0x6f0 [ 13.283947] ret_from_fork+0x41/0x80 [ 13.284108] ret_from_fork_asm+0x1a/0x30 [ 13.284270] [ 13.284606] The buggy address belongs to the object at ffff888102307e00 [ 13.284606] which belongs to the cache kmalloc-16 of size 16 [ 13.285131] The buggy address is located 8 bytes inside of [ 13.285131] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.285669] [ 13.285778] The buggy address belongs to the physical page: [ 13.286008] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.286364] flags: 0x200000000000000(node=0|zone=2) [ 13.286600] page_type: f5(slab) [ 13.286777] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.287112] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.287439] page dumped because: kasan: bad access detected [ 13.287638] [ 13.287707] Memory state around the buggy address: [ 13.287867] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.288084] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.288313] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.289021] ^ [ 13.289246] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.289638] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.289964] ================================================================== [ 13.336352] ================================================================== [ 13.336728] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.337108] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.337461] [ 13.337584] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.337632] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.337645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.337667] Call Trace: [ 13.337684] <TASK> [ 13.337702] dump_stack_lvl+0x73/0xb0 [ 13.337727] print_report+0xd1/0x650 [ 13.337751] ? __virt_addr_valid+0x1db/0x2d0 [ 13.337773] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.337795] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.337818] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.337840] kasan_report+0x141/0x180 [ 13.337863] ? kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.337889] kasan_check_range+0x10c/0x1c0 [ 13.337910] __kasan_check_write+0x18/0x20 [ 13.337929] kasan_bitops_modify.constprop.0+0x40e/0xd50 [ 13.337952] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.337975] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.337996] ? trace_hardirqs_on+0x37/0xe0 [ 13.338019] ? kasan_bitops_generic+0x92/0x1c0 [ 13.338043] kasan_bitops_generic+0x116/0x1c0 [ 13.338063] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.338085] ? __pfx_read_tsc+0x10/0x10 [ 13.338105] ? ktime_get_ts64+0x86/0x230 [ 13.338130] kunit_try_run_case+0x1a5/0x480 [ 13.338154] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.338177] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.338202] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.338225] ? __kthread_parkme+0x82/0x180 [ 13.338481] ? preempt_count_sub+0x50/0x80 [ 13.338510] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.338534] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.338558] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.338581] kthread+0x337/0x6f0 [ 13.338599] ? trace_preempt_on+0x20/0xc0 [ 13.338622] ? __pfx_kthread+0x10/0x10 [ 13.338665] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.338688] ? calculate_sigpending+0x7b/0xa0 [ 13.338711] ? __pfx_kthread+0x10/0x10 [ 13.338730] ret_from_fork+0x41/0x80 [ 13.338751] ? __pfx_kthread+0x10/0x10 [ 13.338769] ret_from_fork_asm+0x1a/0x30 [ 13.338801] </TASK> [ 13.338811] [ 13.348201] Allocated by task 280: [ 13.348468] kasan_save_stack+0x45/0x70 [ 13.348709] kasan_save_track+0x18/0x40 [ 13.348878] kasan_save_alloc_info+0x3b/0x50 [ 13.349050] __kasan_kmalloc+0xb7/0xc0 [ 13.349241] __kmalloc_cache_noprof+0x189/0x420 [ 13.349564] kasan_bitops_generic+0x92/0x1c0 [ 13.349786] kunit_try_run_case+0x1a5/0x480 [ 13.349975] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.350210] kthread+0x337/0x6f0 [ 13.350572] ret_from_fork+0x41/0x80 [ 13.350736] ret_from_fork_asm+0x1a/0x30 [ 13.350970] [ 13.351062] The buggy address belongs to the object at ffff888102307e00 [ 13.351062] which belongs to the cache kmalloc-16 of size 16 [ 13.351649] The buggy address is located 8 bytes inside of [ 13.351649] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.352150] [ 13.352260] The buggy address belongs to the physical page: [ 13.352560] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.352871] flags: 0x200000000000000(node=0|zone=2) [ 13.353042] page_type: f5(slab) [ 13.353166] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.353632] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.354008] page dumped because: kasan: bad access detected [ 13.354211] [ 13.354472] Memory state around the buggy address: [ 13.354706] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.355066] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.355511] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.355865] ^ [ 13.356011] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.356399] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.356729] ================================================================== [ 13.388749] ================================================================== [ 13.389131] BUG: KASAN: slab-out-of-bounds in kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.389681] Write of size 8 at addr ffff888102307e08 by task kunit_try_catch/280 [ 13.390021] [ 13.390116] CPU: 1 UID: 0 PID: 280 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.390163] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.390176] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.390198] Call Trace: [ 13.390217] <TASK> [ 13.390250] dump_stack_lvl+0x73/0xb0 [ 13.390277] print_report+0xd1/0x650 [ 13.390302] ? __virt_addr_valid+0x1db/0x2d0 [ 13.390325] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.390347] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.390370] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.390393] kasan_report+0x141/0x180 [ 13.390415] ? kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.390443] kasan_check_range+0x10c/0x1c0 [ 13.390464] __kasan_check_write+0x18/0x20 [ 13.390484] kasan_bitops_modify.constprop.0+0x547/0xd50 [ 13.390506] ? __pfx_kasan_bitops_modify.constprop.0+0x10/0x10 [ 13.390531] ? __kmalloc_cache_noprof+0x189/0x420 [ 13.390553] ? trace_hardirqs_on+0x37/0xe0 [ 13.390576] ? kasan_bitops_generic+0x92/0x1c0 [ 13.390601] kasan_bitops_generic+0x116/0x1c0 [ 13.390623] ? __pfx_kasan_bitops_generic+0x10/0x10 [ 13.390656] ? __pfx_read_tsc+0x10/0x10 [ 13.390676] ? ktime_get_ts64+0x86/0x230 [ 13.390703] kunit_try_run_case+0x1a5/0x480 [ 13.390727] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.390750] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.390775] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.390799] ? __kthread_parkme+0x82/0x180 [ 13.390821] ? preempt_count_sub+0x50/0x80 [ 13.390848] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.390873] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.390899] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.390923] kthread+0x337/0x6f0 [ 13.390940] ? trace_preempt_on+0x20/0xc0 [ 13.390964] ? __pfx_kthread+0x10/0x10 [ 13.390983] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.391005] ? calculate_sigpending+0x7b/0xa0 [ 13.391027] ? __pfx_kthread+0x10/0x10 [ 13.391046] ret_from_fork+0x41/0x80 [ 13.391068] ? __pfx_kthread+0x10/0x10 [ 13.391086] ret_from_fork_asm+0x1a/0x30 [ 13.391118] </TASK> [ 13.391130] [ 13.399987] Allocated by task 280: [ 13.400127] kasan_save_stack+0x45/0x70 [ 13.400395] kasan_save_track+0x18/0x40 [ 13.400595] kasan_save_alloc_info+0x3b/0x50 [ 13.400945] __kasan_kmalloc+0xb7/0xc0 [ 13.401145] __kmalloc_cache_noprof+0x189/0x420 [ 13.401322] kasan_bitops_generic+0x92/0x1c0 [ 13.401575] kunit_try_run_case+0x1a5/0x480 [ 13.402042] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.402242] kthread+0x337/0x6f0 [ 13.402363] ret_from_fork+0x41/0x80 [ 13.402515] ret_from_fork_asm+0x1a/0x30 [ 13.402712] [ 13.402807] The buggy address belongs to the object at ffff888102307e00 [ 13.402807] which belongs to the cache kmalloc-16 of size 16 [ 13.403518] The buggy address is located 8 bytes inside of [ 13.403518] allocated 9-byte region [ffff888102307e00, ffff888102307e09) [ 13.404197] [ 13.404316] The buggy address belongs to the physical page: [ 13.404623] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102307 [ 13.404924] flags: 0x200000000000000(node=0|zone=2) [ 13.405088] page_type: f5(slab) [ 13.405221] raw: 0200000000000000 ffff888100041640 dead000000000122 0000000000000000 [ 13.405941] raw: 0000000000000000 0000000080800080 00000000f5000000 0000000000000000 [ 13.406292] page dumped because: kasan: bad access detected [ 13.406537] [ 13.406609] Memory state around the buggy address: [ 13.407060] ffff888102307d00: 00 04 fc fc 00 01 fc fc 00 01 fc fc 00 04 fc fc [ 13.407382] ffff888102307d80: 00 04 fc fc fa fb fc fc fa fb fc fc fa fb fc fc [ 13.407600] >ffff888102307e00: 00 01 fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.407978] ^ [ 13.408163] ffff888102307e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.408647] ffff888102307f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.408855] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strnlen
[ 13.190605] ================================================================== [ 13.191772] BUG: KASAN: slab-use-after-free in strnlen+0x73/0x80 [ 13.192005] Read of size 1 at addr ffff88810314dfd0 by task kunit_try_catch/278 [ 13.192244] [ 13.192975] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.193075] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.193090] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.193113] Call Trace: [ 13.193133] <TASK> [ 13.193152] dump_stack_lvl+0x73/0xb0 [ 13.193181] print_report+0xd1/0x650 [ 13.193206] ? __virt_addr_valid+0x1db/0x2d0 [ 13.193238] ? strnlen+0x73/0x80 [ 13.193258] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.193282] ? strnlen+0x73/0x80 [ 13.193300] kasan_report+0x141/0x180 [ 13.193324] ? strnlen+0x73/0x80 [ 13.193348] __asan_report_load1_noabort+0x18/0x20 [ 13.193369] strnlen+0x73/0x80 [ 13.193389] kasan_strings+0x615/0xe80 [ 13.193409] ? trace_hardirqs_on+0x37/0xe0 [ 13.193432] ? __pfx_kasan_strings+0x10/0x10 [ 13.193453] ? finish_task_switch.isra.0+0x153/0x700 [ 13.193477] ? __switch_to+0x5d9/0xf60 [ 13.193497] ? dequeue_task_fair+0x166/0x4e0 [ 13.193520] ? __schedule+0x10cc/0x2b60 [ 13.193544] ? __pfx_read_tsc+0x10/0x10 [ 13.193570] ? ktime_get_ts64+0x86/0x230 [ 13.193596] kunit_try_run_case+0x1a5/0x480 [ 13.193620] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.193664] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.193688] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.193712] ? __kthread_parkme+0x82/0x180 [ 13.193734] ? preempt_count_sub+0x50/0x80 [ 13.193758] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.193781] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.193804] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.193827] kthread+0x337/0x6f0 [ 13.193844] ? trace_preempt_on+0x20/0xc0 [ 13.193866] ? __pfx_kthread+0x10/0x10 [ 13.193884] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.193905] ? calculate_sigpending+0x7b/0xa0 [ 13.193927] ? __pfx_kthread+0x10/0x10 [ 13.193945] ret_from_fork+0x41/0x80 [ 13.193966] ? __pfx_kthread+0x10/0x10 [ 13.193984] ret_from_fork_asm+0x1a/0x30 [ 13.194015] </TASK> [ 13.194026] [ 13.207509] Allocated by task 278: [ 13.207924] kasan_save_stack+0x45/0x70 [ 13.208368] kasan_save_track+0x18/0x40 [ 13.208725] kasan_save_alloc_info+0x3b/0x50 [ 13.208871] __kasan_kmalloc+0xb7/0xc0 [ 13.209000] __kmalloc_cache_noprof+0x189/0x420 [ 13.209151] kasan_strings+0xc0/0xe80 [ 13.209300] kunit_try_run_case+0x1a5/0x480 [ 13.209553] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.209860] kthread+0x337/0x6f0 [ 13.210050] ret_from_fork+0x41/0x80 [ 13.210183] ret_from_fork_asm+0x1a/0x30 [ 13.210390] [ 13.210519] Freed by task 278: [ 13.210719] kasan_save_stack+0x45/0x70 [ 13.210914] kasan_save_track+0x18/0x40 [ 13.211171] kasan_save_free_info+0x3f/0x60 [ 13.211370] __kasan_slab_free+0x56/0x70 [ 13.211611] kfree+0x222/0x3f0 [ 13.211805] kasan_strings+0x2aa/0xe80 [ 13.212004] kunit_try_run_case+0x1a5/0x480 [ 13.212216] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.212429] kthread+0x337/0x6f0 [ 13.212548] ret_from_fork+0x41/0x80 [ 13.212740] ret_from_fork_asm+0x1a/0x30 [ 13.212944] [ 13.213040] The buggy address belongs to the object at ffff88810314dfc0 [ 13.213040] which belongs to the cache kmalloc-32 of size 32 [ 13.213478] The buggy address is located 16 bytes inside of [ 13.213478] freed 32-byte region [ffff88810314dfc0, ffff88810314dfe0) [ 13.213899] [ 13.214001] The buggy address belongs to the physical page: [ 13.214276] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314d [ 13.214667] flags: 0x200000000000000(node=0|zone=2) [ 13.214947] page_type: f5(slab) [ 13.215143] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.215432] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.215712] page dumped because: kasan: bad access detected [ 13.215991] [ 13.216102] Memory state around the buggy address: [ 13.216350] ffff88810314de80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.216659] ffff88810314df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.216933] >ffff88810314df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.217220] ^ [ 13.217451] ffff88810314e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.217816] ffff88810314e080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 13.218113] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strlen
[ 13.165957] ================================================================== [ 13.166576] BUG: KASAN: slab-use-after-free in strlen+0x8f/0xb0 [ 13.167222] Read of size 1 at addr ffff88810314dfd0 by task kunit_try_catch/278 [ 13.167585] [ 13.167848] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.167906] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.167919] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.167943] Call Trace: [ 13.167962] <TASK> [ 13.167981] dump_stack_lvl+0x73/0xb0 [ 13.168046] print_report+0xd1/0x650 [ 13.168071] ? __virt_addr_valid+0x1db/0x2d0 [ 13.168095] ? strlen+0x8f/0xb0 [ 13.168115] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.168140] ? strlen+0x8f/0xb0 [ 13.168159] kasan_report+0x141/0x180 [ 13.168182] ? strlen+0x8f/0xb0 [ 13.168207] __asan_report_load1_noabort+0x18/0x20 [ 13.168240] strlen+0x8f/0xb0 [ 13.168260] kasan_strings+0x57b/0xe80 [ 13.168281] ? trace_hardirqs_on+0x37/0xe0 [ 13.168304] ? __pfx_kasan_strings+0x10/0x10 [ 13.168325] ? finish_task_switch.isra.0+0x153/0x700 [ 13.168350] ? __switch_to+0x5d9/0xf60 [ 13.168370] ? dequeue_task_fair+0x166/0x4e0 [ 13.168394] ? __schedule+0x10cc/0x2b60 [ 13.168418] ? __pfx_read_tsc+0x10/0x10 [ 13.168438] ? ktime_get_ts64+0x86/0x230 [ 13.168464] kunit_try_run_case+0x1a5/0x480 [ 13.168488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168510] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.168534] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.168559] ? __kthread_parkme+0x82/0x180 [ 13.168581] ? preempt_count_sub+0x50/0x80 [ 13.168605] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.168629] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.168661] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.168684] kthread+0x337/0x6f0 [ 13.168702] ? trace_preempt_on+0x20/0xc0 [ 13.168724] ? __pfx_kthread+0x10/0x10 [ 13.168742] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.168764] ? calculate_sigpending+0x7b/0xa0 [ 13.168786] ? __pfx_kthread+0x10/0x10 [ 13.168804] ret_from_fork+0x41/0x80 [ 13.168825] ? __pfx_kthread+0x10/0x10 [ 13.168844] ret_from_fork_asm+0x1a/0x30 [ 13.168875] </TASK> [ 13.168886] [ 13.179781] Allocated by task 278: [ 13.179974] kasan_save_stack+0x45/0x70 [ 13.180180] kasan_save_track+0x18/0x40 [ 13.180338] kasan_save_alloc_info+0x3b/0x50 [ 13.180487] __kasan_kmalloc+0xb7/0xc0 [ 13.180626] __kmalloc_cache_noprof+0x189/0x420 [ 13.180856] kasan_strings+0xc0/0xe80 [ 13.181049] kunit_try_run_case+0x1a5/0x480 [ 13.181220] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.181423] kthread+0x337/0x6f0 [ 13.181601] ret_from_fork+0x41/0x80 [ 13.181873] ret_from_fork_asm+0x1a/0x30 [ 13.182057] [ 13.182129] Freed by task 278: [ 13.182306] kasan_save_stack+0x45/0x70 [ 13.182489] kasan_save_track+0x18/0x40 [ 13.182626] kasan_save_free_info+0x3f/0x60 [ 13.182830] __kasan_slab_free+0x56/0x70 [ 13.183047] kfree+0x222/0x3f0 [ 13.183189] kasan_strings+0x2aa/0xe80 [ 13.183368] kunit_try_run_case+0x1a5/0x480 [ 13.183519] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.183692] kthread+0x337/0x6f0 [ 13.183857] ret_from_fork+0x41/0x80 [ 13.184047] ret_from_fork_asm+0x1a/0x30 [ 13.184258] [ 13.184355] The buggy address belongs to the object at ffff88810314dfc0 [ 13.184355] which belongs to the cache kmalloc-32 of size 32 [ 13.184927] The buggy address is located 16 bytes inside of [ 13.184927] freed 32-byte region [ffff88810314dfc0, ffff88810314dfe0) [ 13.185355] [ 13.185457] The buggy address belongs to the physical page: [ 13.185766] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314d [ 13.186127] flags: 0x200000000000000(node=0|zone=2) [ 13.186340] page_type: f5(slab) [ 13.186510] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.186798] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.187029] page dumped because: kasan: bad access detected [ 13.187215] [ 13.187321] Memory state around the buggy address: [ 13.187557] ffff88810314de80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.187897] ffff88810314df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.188117] >ffff88810314df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.188551] ^ [ 13.189028] ffff88810314e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.189351] ffff88810314e080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 13.189687] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kasan_strings
[ 13.136152] ================================================================== [ 13.136536] BUG: KASAN: slab-use-after-free in kasan_strings+0xcbc/0xe80 [ 13.136954] Read of size 1 at addr ffff88810314dfd0 by task kunit_try_catch/278 [ 13.137327] [ 13.137473] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.137525] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.137537] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.137567] Call Trace: [ 13.137586] <TASK> [ 13.137605] dump_stack_lvl+0x73/0xb0 [ 13.137666] print_report+0xd1/0x650 [ 13.137692] ? __virt_addr_valid+0x1db/0x2d0 [ 13.137715] ? kasan_strings+0xcbc/0xe80 [ 13.137736] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.137759] ? kasan_strings+0xcbc/0xe80 [ 13.137782] kasan_report+0x141/0x180 [ 13.137835] ? kasan_strings+0xcbc/0xe80 [ 13.137863] __asan_report_load1_noabort+0x18/0x20 [ 13.137885] kasan_strings+0xcbc/0xe80 [ 13.137905] ? trace_hardirqs_on+0x37/0xe0 [ 13.137928] ? __pfx_kasan_strings+0x10/0x10 [ 13.137950] ? finish_task_switch.isra.0+0x153/0x700 [ 13.137973] ? __switch_to+0x5d9/0xf60 [ 13.138026] ? dequeue_task_fair+0x166/0x4e0 [ 13.138051] ? __schedule+0x10cc/0x2b60 [ 13.138075] ? __pfx_read_tsc+0x10/0x10 [ 13.138095] ? ktime_get_ts64+0x86/0x230 [ 13.138121] kunit_try_run_case+0x1a5/0x480 [ 13.138145] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.138169] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.138194] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.138218] ? __kthread_parkme+0x82/0x180 [ 13.138280] ? preempt_count_sub+0x50/0x80 [ 13.138327] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.138375] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.138398] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.138422] kthread+0x337/0x6f0 [ 13.138439] ? trace_preempt_on+0x20/0xc0 [ 13.138461] ? __pfx_kthread+0x10/0x10 [ 13.138480] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.138501] ? calculate_sigpending+0x7b/0xa0 [ 13.138524] ? __pfx_kthread+0x10/0x10 [ 13.138542] ret_from_fork+0x41/0x80 [ 13.138566] ? __pfx_kthread+0x10/0x10 [ 13.138584] ret_from_fork_asm+0x1a/0x30 [ 13.138614] </TASK> [ 13.138625] [ 13.149047] Allocated by task 278: [ 13.149365] kasan_save_stack+0x45/0x70 [ 13.149578] kasan_save_track+0x18/0x40 [ 13.149860] kasan_save_alloc_info+0x3b/0x50 [ 13.150050] __kasan_kmalloc+0xb7/0xc0 [ 13.150220] __kmalloc_cache_noprof+0x189/0x420 [ 13.150824] kasan_strings+0xc0/0xe80 [ 13.151263] kunit_try_run_case+0x1a5/0x480 [ 13.151543] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.152054] kthread+0x337/0x6f0 [ 13.152372] ret_from_fork+0x41/0x80 [ 13.152544] ret_from_fork_asm+0x1a/0x30 [ 13.152995] [ 13.153089] Freed by task 278: [ 13.153392] kasan_save_stack+0x45/0x70 [ 13.153907] kasan_save_track+0x18/0x40 [ 13.154106] kasan_save_free_info+0x3f/0x60 [ 13.154311] __kasan_slab_free+0x56/0x70 [ 13.154495] kfree+0x222/0x3f0 [ 13.154647] kasan_strings+0x2aa/0xe80 [ 13.154830] kunit_try_run_case+0x1a5/0x480 [ 13.155022] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.155259] kthread+0x337/0x6f0 [ 13.155413] ret_from_fork+0x41/0x80 [ 13.155583] ret_from_fork_asm+0x1a/0x30 [ 13.156155] [ 13.156407] The buggy address belongs to the object at ffff88810314dfc0 [ 13.156407] which belongs to the cache kmalloc-32 of size 32 [ 13.157364] The buggy address is located 16 bytes inside of [ 13.157364] freed 32-byte region [ffff88810314dfc0, ffff88810314dfe0) [ 13.158714] [ 13.158941] The buggy address belongs to the physical page: [ 13.159191] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314d [ 13.159531] flags: 0x200000000000000(node=0|zone=2) [ 13.160001] page_type: f5(slab) [ 13.160451] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.161028] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.161364] page dumped because: kasan: bad access detected [ 13.161616] [ 13.161933] Memory state around the buggy address: [ 13.162290] ffff88810314de80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.163092] ffff88810314df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.163405] >ffff88810314df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.163758] ^ [ 13.164003] ffff88810314e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.164306] ffff88810314e080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 13.164597] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-strcmp
[ 13.107355] ================================================================== [ 13.108802] BUG: KASAN: slab-use-after-free in strcmp+0xb0/0xc0 [ 13.109105] Read of size 1 at addr ffff88810314dfd0 by task kunit_try_catch/278 [ 13.109524] [ 13.109639] CPU: 0 UID: 0 PID: 278 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.109692] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.109741] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.109767] Call Trace: [ 13.109804] <TASK> [ 13.109827] dump_stack_lvl+0x73/0xb0 [ 13.109854] print_report+0xd1/0x650 [ 13.109882] ? __virt_addr_valid+0x1db/0x2d0 [ 13.109907] ? strcmp+0xb0/0xc0 [ 13.109925] ? kasan_complete_mode_report_info+0x64/0x200 [ 13.109949] ? strcmp+0xb0/0xc0 [ 13.109968] kasan_report+0x141/0x180 [ 13.109991] ? strcmp+0xb0/0xc0 [ 13.110015] __asan_report_load1_noabort+0x18/0x20 [ 13.110068] strcmp+0xb0/0xc0 [ 13.110089] kasan_strings+0x431/0xe80 [ 13.110111] ? trace_hardirqs_on+0x37/0xe0 [ 13.110136] ? __pfx_kasan_strings+0x10/0x10 [ 13.110157] ? finish_task_switch.isra.0+0x153/0x700 [ 13.110182] ? __switch_to+0x5d9/0xf60 [ 13.110246] ? dequeue_task_fair+0x166/0x4e0 [ 13.110271] ? __schedule+0x10cc/0x2b60 [ 13.110296] ? __pfx_read_tsc+0x10/0x10 [ 13.110316] ? ktime_get_ts64+0x86/0x230 [ 13.110342] kunit_try_run_case+0x1a5/0x480 [ 13.110369] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.110393] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.110417] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.110440] ? __kthread_parkme+0x82/0x180 [ 13.110463] ? preempt_count_sub+0x50/0x80 [ 13.110488] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.110511] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.110534] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.110557] kthread+0x337/0x6f0 [ 13.110574] ? trace_preempt_on+0x20/0xc0 [ 13.110597] ? __pfx_kthread+0x10/0x10 [ 13.110615] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.110638] ? calculate_sigpending+0x7b/0xa0 [ 13.110661] ? __pfx_kthread+0x10/0x10 [ 13.110679] ret_from_fork+0x41/0x80 [ 13.110701] ? __pfx_kthread+0x10/0x10 [ 13.110719] ret_from_fork_asm+0x1a/0x30 [ 13.110751] </TASK> [ 13.110762] [ 13.120522] Allocated by task 278: [ 13.120867] kasan_save_stack+0x45/0x70 [ 13.121165] kasan_save_track+0x18/0x40 [ 13.121469] kasan_save_alloc_info+0x3b/0x50 [ 13.121787] __kasan_kmalloc+0xb7/0xc0 [ 13.122061] __kmalloc_cache_noprof+0x189/0x420 [ 13.122398] kasan_strings+0xc0/0xe80 [ 13.122680] kunit_try_run_case+0x1a5/0x480 [ 13.122905] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.123150] kthread+0x337/0x6f0 [ 13.123327] ret_from_fork+0x41/0x80 [ 13.123509] ret_from_fork_asm+0x1a/0x30 [ 13.124060] [ 13.124159] Freed by task 278: [ 13.124317] kasan_save_stack+0x45/0x70 [ 13.124679] kasan_save_track+0x18/0x40 [ 13.124948] kasan_save_free_info+0x3f/0x60 [ 13.125241] __kasan_slab_free+0x56/0x70 [ 13.125519] kfree+0x222/0x3f0 [ 13.125853] kasan_strings+0x2aa/0xe80 [ 13.126158] kunit_try_run_case+0x1a5/0x480 [ 13.126485] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.126888] kthread+0x337/0x6f0 [ 13.127249] ret_from_fork+0x41/0x80 [ 13.127436] ret_from_fork_asm+0x1a/0x30 [ 13.127592] [ 13.127717] The buggy address belongs to the object at ffff88810314dfc0 [ 13.127717] which belongs to the cache kmalloc-32 of size 32 [ 13.128549] The buggy address is located 16 bytes inside of [ 13.128549] freed 32-byte region [ffff88810314dfc0, ffff88810314dfe0) [ 13.129205] [ 13.129300] The buggy address belongs to the physical page: [ 13.129814] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314d [ 13.130270] flags: 0x200000000000000(node=0|zone=2) [ 13.130590] page_type: f5(slab) [ 13.130902] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.131346] raw: 0000000000000000 0000000000400040 00000000f5000000 0000000000000000 [ 13.131801] page dumped because: kasan: bad access detected [ 13.132157] [ 13.132386] Memory state around the buggy address: [ 13.132689] ffff88810314de80: 00 00 00 fc fc fc fc fc 00 00 00 04 fc fc fc fc [ 13.133044] ffff88810314df00: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.133460] >ffff88810314df80: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 13.133931] ^ [ 13.134195] ffff88810314e000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 13.134594] ffff88810314e080: fb fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb [ 13.134985] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-memcmp
[ 13.069430] ================================================================== [ 13.069903] BUG: KASAN: slab-out-of-bounds in memcmp+0x1b4/0x1d0 [ 13.070118] Read of size 1 at addr ffff8881039f0b18 by task kunit_try_catch/276 [ 13.070368] [ 13.070935] CPU: 1 UID: 0 PID: 276 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.070992] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.071007] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.071030] Call Trace: [ 13.071044] <TASK> [ 13.071062] dump_stack_lvl+0x73/0xb0 [ 13.071090] print_report+0xd1/0x650 [ 13.071116] ? __virt_addr_valid+0x1db/0x2d0 [ 13.071139] ? memcmp+0x1b4/0x1d0 [ 13.071158] ? kasan_complete_mode_report_info+0x2a/0x200 [ 13.071181] ? memcmp+0x1b4/0x1d0 [ 13.071202] kasan_report+0x141/0x180 [ 13.071226] ? memcmp+0x1b4/0x1d0 [ 13.071264] __asan_report_load1_noabort+0x18/0x20 [ 13.071286] memcmp+0x1b4/0x1d0 [ 13.071306] kasan_memcmp+0x18f/0x390 [ 13.071328] ? trace_hardirqs_on+0x37/0xe0 [ 13.071353] ? __pfx_kasan_memcmp+0x10/0x10 [ 13.071373] ? finish_task_switch.isra.0+0x153/0x700 [ 13.071398] ? __switch_to+0x5d9/0xf60 [ 13.071420] ? dequeue_task_fair+0x156/0x4e0 [ 13.071448] ? __pfx_read_tsc+0x10/0x10 [ 13.071468] ? ktime_get_ts64+0x86/0x230 [ 13.071494] kunit_try_run_case+0x1a5/0x480 [ 13.071520] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071543] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.071567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.071592] ? __kthread_parkme+0x82/0x180 [ 13.071614] ? preempt_count_sub+0x50/0x80 [ 13.071639] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.071663] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.071687] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.071710] kthread+0x337/0x6f0 [ 13.071727] ? trace_preempt_on+0x20/0xc0 [ 13.071750] ? __pfx_kthread+0x10/0x10 [ 13.071768] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.071790] ? calculate_sigpending+0x7b/0xa0 [ 13.071813] ? __pfx_kthread+0x10/0x10 [ 13.071831] ret_from_fork+0x41/0x80 [ 13.071852] ? __pfx_kthread+0x10/0x10 [ 13.071870] ret_from_fork_asm+0x1a/0x30 [ 13.071902] </TASK> [ 13.071913] [ 13.085796] Allocated by task 276: [ 13.085960] kasan_save_stack+0x45/0x70 [ 13.086116] kasan_save_track+0x18/0x40 [ 13.086262] kasan_save_alloc_info+0x3b/0x50 [ 13.086687] __kasan_kmalloc+0xb7/0xc0 [ 13.087078] __kmalloc_cache_noprof+0x189/0x420 [ 13.087640] kasan_memcmp+0xb7/0x390 [ 13.087995] kunit_try_run_case+0x1a5/0x480 [ 13.088437] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.089065] kthread+0x337/0x6f0 [ 13.089196] ret_from_fork+0x41/0x80 [ 13.089476] ret_from_fork_asm+0x1a/0x30 [ 13.089842] [ 13.090013] The buggy address belongs to the object at ffff8881039f0b00 [ 13.090013] which belongs to the cache kmalloc-32 of size 32 [ 13.091219] The buggy address is located 0 bytes to the right of [ 13.091219] allocated 24-byte region [ffff8881039f0b00, ffff8881039f0b18) [ 13.091983] [ 13.092063] The buggy address belongs to the physical page: [ 13.092250] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f0 [ 13.093415] flags: 0x200000000000000(node=0|zone=2) [ 13.093972] page_type: f5(slab) [ 13.094405] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 13.095093] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 13.095872] page dumped because: kasan: bad access detected [ 13.096181] [ 13.096265] Memory state around the buggy address: [ 13.096584] ffff8881039f0a00: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.097033] ffff8881039f0a80: 00 00 00 fc fc fc fc fc 00 00 00 fc fc fc fc fc [ 13.097728] >ffff8881039f0b00: 00 00 00 fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.098253] ^ [ 13.098698] ffff8881039f0b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099096] ffff8881039f0c00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 13.099476] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_right
[ 13.039467] ================================================================== [ 13.040092] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_right+0x329/0x390 [ 13.040626] Read of size 1 at addr ffff8881039e7c4a by task kunit_try_catch/272 [ 13.041913] [ 13.042183] CPU: 0 UID: 0 PID: 272 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.042248] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.042262] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.042285] Call Trace: [ 13.042300] <TASK> [ 13.042321] dump_stack_lvl+0x73/0xb0 [ 13.042368] print_report+0xd1/0x650 [ 13.042420] ? __virt_addr_valid+0x1db/0x2d0 [ 13.042445] ? kasan_alloca_oob_right+0x329/0x390 [ 13.042469] ? kasan_addr_to_slab+0x11/0xa0 [ 13.042502] ? kasan_alloca_oob_right+0x329/0x390 [ 13.042526] kasan_report+0x141/0x180 [ 13.042549] ? kasan_alloca_oob_right+0x329/0x390 [ 13.042576] __asan_report_load1_noabort+0x18/0x20 [ 13.042598] kasan_alloca_oob_right+0x329/0x390 [ 13.042622] ? irqentry_exit+0x2a/0x60 [ 13.042642] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 13.042667] ? trace_hardirqs_on+0x37/0xe0 [ 13.042694] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.042722] ? __pfx_kasan_alloca_oob_right+0x10/0x10 [ 13.042751] kunit_try_run_case+0x1a5/0x480 [ 13.042777] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042799] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.042825] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.042849] ? __kthread_parkme+0x82/0x180 [ 13.042872] ? preempt_count_sub+0x50/0x80 [ 13.042898] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.042921] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.042944] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.042968] kthread+0x337/0x6f0 [ 13.042985] ? trace_preempt_on+0x20/0xc0 [ 13.043006] ? __pfx_kthread+0x10/0x10 [ 13.043025] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.043046] ? calculate_sigpending+0x7b/0xa0 [ 13.043068] ? __pfx_kthread+0x10/0x10 [ 13.043086] ret_from_fork+0x41/0x80 [ 13.043109] ? __pfx_kthread+0x10/0x10 [ 13.043126] ret_from_fork_asm+0x1a/0x30 [ 13.043157] </TASK> [ 13.043169] [ 13.054033] The buggy address belongs to stack of task kunit_try_catch/272 [ 13.054875] [ 13.054977] The buggy address belongs to the physical page: [ 13.055257] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039e7 [ 13.055723] flags: 0x200000000000000(node=0|zone=2) [ 13.056051] raw: 0200000000000000 ffffea00040e79c8 ffffea00040e79c8 0000000000000000 [ 13.056386] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.056740] page dumped because: kasan: bad access detected [ 13.057242] [ 13.057648] Memory state around the buggy address: [ 13.057877] ffff8881039e7b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.058106] ffff8881039e7b80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.058570] >ffff8881039e7c00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.059352] ^ [ 13.060077] ffff8881039e7c80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.060817] ffff8881039e7d00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.061491] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-alloca-out-of-bounds-in-kasan_alloca_oob_left
[ 13.015206] ================================================================== [ 13.015754] BUG: KASAN: alloca-out-of-bounds in kasan_alloca_oob_left+0x320/0x380 [ 13.016104] Read of size 1 at addr ffff8881039efc3f by task kunit_try_catch/270 [ 13.016589] [ 13.016700] CPU: 1 UID: 0 PID: 270 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 13.016764] Tainted: [B]=BAD_PAGE, [N]=TEST [ 13.016777] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 13.016802] Call Trace: [ 13.016816] <TASK> [ 13.016837] dump_stack_lvl+0x73/0xb0 [ 13.016867] print_report+0xd1/0x650 [ 13.016891] ? __virt_addr_valid+0x1db/0x2d0 [ 13.016916] ? kasan_alloca_oob_left+0x320/0x380 [ 13.016940] ? kasan_addr_to_slab+0x11/0xa0 [ 13.016962] ? kasan_alloca_oob_left+0x320/0x380 [ 13.016986] kasan_report+0x141/0x180 [ 13.017009] ? kasan_alloca_oob_left+0x320/0x380 [ 13.017038] __asan_report_load1_noabort+0x18/0x20 [ 13.017059] kasan_alloca_oob_left+0x320/0x380 [ 13.017084] ? finish_task_switch.isra.0+0x153/0x700 [ 13.017111] ? __mutex_lock.constprop.0+0xace/0x1280 [ 13.017134] ? trace_hardirqs_on+0x37/0xe0 [ 13.017161] ? __pfx_kasan_alloca_oob_left+0x10/0x10 [ 13.017187] ? __schedule+0x10cc/0x2b60 [ 13.017210] ? __pfx_read_tsc+0x10/0x10 [ 13.017243] ? ktime_get_ts64+0x86/0x230 [ 13.017271] kunit_try_run_case+0x1a5/0x480 [ 13.017297] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.017320] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 13.017398] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 13.017427] ? __kthread_parkme+0x82/0x180 [ 13.017451] ? preempt_count_sub+0x50/0x80 [ 13.017477] ? __pfx_kunit_try_run_case+0x10/0x10 [ 13.017502] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 13.017526] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 13.017556] kthread+0x337/0x6f0 [ 13.017573] ? trace_preempt_on+0x20/0xc0 [ 13.017597] ? __pfx_kthread+0x10/0x10 [ 13.017615] ? _raw_spin_unlock_irq+0x47/0x80 [ 13.017638] ? calculate_sigpending+0x7b/0xa0 [ 13.017660] ? __pfx_kthread+0x10/0x10 [ 13.017679] ret_from_fork+0x41/0x80 [ 13.017700] ? __pfx_kthread+0x10/0x10 [ 13.017734] ret_from_fork_asm+0x1a/0x30 [ 13.017766] </TASK> [ 13.017778] [ 13.028932] The buggy address belongs to stack of task kunit_try_catch/270 [ 13.029436] [ 13.029534] The buggy address belongs to the physical page: [ 13.030015] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039ef [ 13.030521] flags: 0x200000000000000(node=0|zone=2) [ 13.030930] raw: 0200000000000000 ffffea00040e7bc8 ffffea00040e7bc8 0000000000000000 [ 13.031297] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.031864] page dumped because: kasan: bad access detected [ 13.032107] [ 13.032393] Memory state around the buggy address: [ 13.032877] ffff8881039efb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.033345] ffff8881039efb80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.033679] >ffff8881039efc00: 00 00 00 00 ca ca ca ca 00 02 cb cb cb cb cb cb [ 13.034163] ^ [ 13.034665] ffff8881039efc80: 00 00 00 f1 f1 f1 f1 01 f2 04 f2 00 f2 f2 f2 00 [ 13.035048] ffff8881039efd00: 00 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.035503] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-stack-out-of-bounds-in-kasan_stack_oob
[ 12.990471] ================================================================== [ 12.991926] BUG: KASAN: stack-out-of-bounds in kasan_stack_oob+0x2b5/0x300 [ 12.992174] Read of size 1 at addr ffff888103907d02 by task kunit_try_catch/268 [ 12.992416] [ 12.992513] CPU: 0 UID: 0 PID: 268 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.992563] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.992575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.992598] Call Trace: [ 12.992612] <TASK> [ 12.992631] dump_stack_lvl+0x73/0xb0 [ 12.992659] print_report+0xd1/0x650 [ 12.992683] ? __virt_addr_valid+0x1db/0x2d0 [ 12.992706] ? kasan_stack_oob+0x2b5/0x300 [ 12.992726] ? kasan_addr_to_slab+0x11/0xa0 [ 12.992748] ? kasan_stack_oob+0x2b5/0x300 [ 12.993354] kasan_report+0x141/0x180 [ 12.993389] ? kasan_stack_oob+0x2b5/0x300 [ 12.993417] __asan_report_load1_noabort+0x18/0x20 [ 12.993438] kasan_stack_oob+0x2b5/0x300 [ 12.993459] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.993480] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.993514] ? __pfx_kasan_stack_oob+0x10/0x10 [ 12.993540] kunit_try_run_case+0x1a5/0x480 [ 12.993571] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.993595] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.993621] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.993645] ? __kthread_parkme+0x82/0x180 [ 12.993668] ? preempt_count_sub+0x50/0x80 [ 12.993695] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.993719] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.993743] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.993767] kthread+0x337/0x6f0 [ 12.993784] ? trace_preempt_on+0x20/0xc0 [ 12.993807] ? __pfx_kthread+0x10/0x10 [ 12.993826] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.993847] ? calculate_sigpending+0x7b/0xa0 [ 12.993869] ? __pfx_kthread+0x10/0x10 [ 12.993887] ret_from_fork+0x41/0x80 [ 12.993910] ? __pfx_kthread+0x10/0x10 [ 12.993927] ret_from_fork_asm+0x1a/0x30 [ 12.993958] </TASK> [ 12.993970] [ 13.004264] The buggy address belongs to stack of task kunit_try_catch/268 [ 13.004690] and is located at offset 138 in frame: [ 13.004899] kasan_stack_oob+0x0/0x300 [ 13.005220] [ 13.005352] This frame has 4 objects: [ 13.005590] [48, 49) '__assertion' [ 13.005613] [64, 72) 'array' [ 13.005898] [96, 112) '__assertion' [ 13.006026] [128, 138) 'stack_array' [ 13.006172] [ 13.006463] The buggy address belongs to the physical page: [ 13.006786] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103907 [ 13.007116] flags: 0x200000000000000(node=0|zone=2) [ 13.007364] raw: 0200000000000000 ffffea00040e41c8 ffffea00040e41c8 0000000000000000 [ 13.007643] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 13.008108] page dumped because: kasan: bad access detected [ 13.008410] [ 13.008503] Memory state around the buggy address: [ 13.008671] ffff888103907c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.008890] ffff888103907c80: f1 f1 f1 f1 f1 01 f2 00 f2 f2 f2 00 00 f2 f2 00 [ 13.009206] >ffff888103907d00: 02 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00 f1 [ 13.009785] ^ [ 13.009915] ffff888103907d80: f1 f1 f1 00 00 f2 f2 00 00 f2 f2 00 00 f3 f3 00 [ 13.010393] ffff888103907e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 13.010808] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-global-out-of-bounds-in-kasan_global_oob_right
[ 12.956944] ================================================================== [ 12.957847] BUG: KASAN: global-out-of-bounds in kasan_global_oob_right+0x286/0x2d0 [ 12.958109] Read of size 1 at addr ffffffff9764332d by task kunit_try_catch/264 [ 12.958349] [ 12.958470] CPU: 0 UID: 0 PID: 264 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.958520] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.958534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.958558] Call Trace: [ 12.958572] <TASK> [ 12.958592] dump_stack_lvl+0x73/0xb0 [ 12.958620] print_report+0xd1/0x650 [ 12.958644] ? __virt_addr_valid+0x1db/0x2d0 [ 12.958667] ? kasan_global_oob_right+0x286/0x2d0 [ 12.958688] ? kasan_addr_to_slab+0x11/0xa0 [ 12.958710] ? kasan_global_oob_right+0x286/0x2d0 [ 12.958732] kasan_report+0x141/0x180 [ 12.958755] ? kasan_global_oob_right+0x286/0x2d0 [ 12.958782] __asan_report_load1_noabort+0x18/0x20 [ 12.958803] kasan_global_oob_right+0x286/0x2d0 [ 12.958825] ? __pfx_kasan_global_oob_right+0x10/0x10 [ 12.958851] ? __schedule+0x10cc/0x2b60 [ 12.958874] ? __pfx_read_tsc+0x10/0x10 [ 12.958894] ? ktime_get_ts64+0x86/0x230 [ 12.958921] kunit_try_run_case+0x1a5/0x480 [ 12.958945] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.958967] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.958992] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.959015] ? __kthread_parkme+0x82/0x180 [ 12.959037] ? preempt_count_sub+0x50/0x80 [ 12.959063] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.959086] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.959109] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.959133] kthread+0x337/0x6f0 [ 12.959149] ? trace_preempt_on+0x20/0xc0 [ 12.959173] ? __pfx_kthread+0x10/0x10 [ 12.959190] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.959212] ? calculate_sigpending+0x7b/0xa0 [ 12.959260] ? __pfx_kthread+0x10/0x10 [ 12.959279] ret_from_fork+0x41/0x80 [ 12.959299] ? __pfx_kthread+0x10/0x10 [ 12.959317] ret_from_fork_asm+0x1a/0x30 [ 12.959348] </TASK> [ 12.959360] [ 12.974964] The buggy address belongs to the variable: [ 12.975221] global_array+0xd/0x40 [ 12.975997] [ 12.976446] The buggy address belongs to the physical page: [ 12.976819] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x12bc43 [ 12.977448] flags: 0x200000000002000(reserved|node=0|zone=2) [ 12.977887] raw: 0200000000002000 ffffea0004af10c8 ffffea0004af10c8 0000000000000000 [ 12.978216] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.978894] page dumped because: kasan: bad access detected [ 12.979244] [ 12.979410] Memory state around the buggy address: [ 12.979625] ffffffff97643200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.980189] ffffffff97643280: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.980734] >ffffffff97643300: 00 00 00 00 00 02 f9 f9 f9 f9 f9 f9 00 f9 f9 f9 [ 12.981499] ^ [ 12.981805] ffffffff97643380: f9 f9 f9 f9 04 f9 f9 f9 f9 f9 f9 f9 02 f9 f9 f9 [ 12.982107] ffffffff97643400: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00 [ 12.982713] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-mempool_kmalloc_invalid_free_helper
[ 12.924570] ================================================================== [ 12.925263] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.926280] Free of addr ffff888102a3c001 by task kunit_try_catch/262 [ 12.927430] [ 12.927746] CPU: 1 UID: 0 PID: 262 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.927912] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.927927] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.927951] Call Trace: [ 12.927963] <TASK> [ 12.927986] dump_stack_lvl+0x73/0xb0 [ 12.928017] print_report+0xd1/0x650 [ 12.928042] ? __virt_addr_valid+0x1db/0x2d0 [ 12.928066] ? kasan_addr_to_slab+0x11/0xa0 [ 12.928087] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.928114] kasan_report_invalid_free+0x10a/0x130 [ 12.928139] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.928168] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.928193] __kasan_mempool_poison_object+0x102/0x1d0 [ 12.928218] mempool_free+0x2ec/0x380 [ 12.928255] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.928283] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.928309] ? dequeue_entities+0x852/0x1740 [ 12.928333] ? finish_task_switch.isra.0+0x153/0x700 [ 12.928361] mempool_kmalloc_large_invalid_free+0xed/0x140 [ 12.928385] ? __pfx_mempool_kmalloc_large_invalid_free+0x10/0x10 [ 12.928412] ? dequeue_task_fair+0x166/0x4e0 [ 12.928434] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.928454] ? __pfx_mempool_kfree+0x10/0x10 [ 12.928477] ? __pfx_read_tsc+0x10/0x10 [ 12.928498] ? ktime_get_ts64+0x86/0x230 [ 12.928524] kunit_try_run_case+0x1a5/0x480 [ 12.928549] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.928571] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.928595] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.928619] ? __kthread_parkme+0x82/0x180 [ 12.928643] ? preempt_count_sub+0x50/0x80 [ 12.928667] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.928690] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.928714] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.928737] kthread+0x337/0x6f0 [ 12.928753] ? trace_preempt_on+0x20/0xc0 [ 12.928777] ? __pfx_kthread+0x10/0x10 [ 12.928796] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.928817] ? calculate_sigpending+0x7b/0xa0 [ 12.928840] ? __pfx_kthread+0x10/0x10 [ 12.928858] ret_from_fork+0x41/0x80 [ 12.928879] ? __pfx_kthread+0x10/0x10 [ 12.928896] ret_from_fork_asm+0x1a/0x30 [ 12.928928] </TASK> [ 12.928939] [ 12.944403] The buggy address belongs to the physical page: [ 12.944898] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.946069] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.946831] flags: 0x200000000000040(head|node=0|zone=2) [ 12.947357] page_type: f8(unknown) [ 12.947770] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.948140] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.948426] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.949287] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.950146] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.950998] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.951741] page dumped because: kasan: bad access detected [ 12.951919] [ 12.951991] Memory state around the buggy address: [ 12.952152] ffff888102a3bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.952388] ffff888102a3bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.952881] >ffff888102a3c000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.953130] ^ [ 12.953456] ffff888102a3c080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.953873] ffff888102a3c100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.954135] ================================================================== [ 12.894639] ================================================================== [ 12.895073] BUG: KASAN: invalid-free in mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.895417] Free of addr ffff888103151a01 by task kunit_try_catch/260 [ 12.895633] [ 12.895730] CPU: 0 UID: 0 PID: 260 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.895779] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.895791] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.895814] Call Trace: [ 12.895827] <TASK> [ 12.895845] dump_stack_lvl+0x73/0xb0 [ 12.895873] print_report+0xd1/0x650 [ 12.895896] ? __virt_addr_valid+0x1db/0x2d0 [ 12.895920] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.895942] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.895969] kasan_report_invalid_free+0x10a/0x130 [ 12.895994] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.896022] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.896047] ? mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.896071] check_slab_allocation+0x11f/0x130 [ 12.896094] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.896119] mempool_free+0x2ec/0x380 [ 12.896143] mempool_kmalloc_invalid_free_helper+0x132/0x2e0 [ 12.896171] ? __pfx_mempool_kmalloc_invalid_free_helper+0x10/0x10 [ 12.896197] ? dequeue_entities+0x852/0x1740 [ 12.896221] ? irqentry_exit+0x2a/0x60 [ 12.896253] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.896294] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.896318] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.896346] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.896365] ? __pfx_mempool_kfree+0x10/0x10 [ 12.896386] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.896413] ? __pfx_mempool_kmalloc_invalid_free+0x10/0x10 [ 12.896440] kunit_try_run_case+0x1a5/0x480 [ 12.896465] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.896487] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.896511] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.896533] ? __kthread_parkme+0x82/0x180 [ 12.896557] ? preempt_count_sub+0x50/0x80 [ 12.896582] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.896605] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.896628] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.896652] kthread+0x337/0x6f0 [ 12.896668] ? trace_preempt_on+0x20/0xc0 [ 12.896692] ? __pfx_kthread+0x10/0x10 [ 12.896709] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.896731] ? calculate_sigpending+0x7b/0xa0 [ 12.896754] ? __pfx_kthread+0x10/0x10 [ 12.896772] ret_from_fork+0x41/0x80 [ 12.896795] ? __pfx_kthread+0x10/0x10 [ 12.896812] ret_from_fork_asm+0x1a/0x30 [ 12.896843] </TASK> [ 12.896853] [ 12.909188] Allocated by task 260: [ 12.909605] kasan_save_stack+0x45/0x70 [ 12.910085] kasan_save_track+0x18/0x40 [ 12.910370] kasan_save_alloc_info+0x3b/0x50 [ 12.910676] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.911087] remove_element+0x11e/0x190 [ 12.911515] mempool_alloc_preallocated+0x4d/0x90 [ 12.911896] mempool_kmalloc_invalid_free_helper+0x83/0x2e0 [ 12.912248] mempool_kmalloc_invalid_free+0xed/0x140 [ 12.912581] kunit_try_run_case+0x1a5/0x480 [ 12.912805] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.913050] kthread+0x337/0x6f0 [ 12.913208] ret_from_fork+0x41/0x80 [ 12.913789] ret_from_fork_asm+0x1a/0x30 [ 12.913987] [ 12.914065] The buggy address belongs to the object at ffff888103151a00 [ 12.914065] which belongs to the cache kmalloc-128 of size 128 [ 12.915067] The buggy address is located 1 bytes inside of [ 12.915067] 128-byte region [ffff888103151a00, ffff888103151a80) [ 12.915561] [ 12.915870] The buggy address belongs to the physical page: [ 12.916145] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 12.916672] flags: 0x200000000000000(node=0|zone=2) [ 12.916960] page_type: f5(slab) [ 12.917130] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.917460] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.917974] page dumped because: kasan: bad access detected [ 12.918222] [ 12.918405] Memory state around the buggy address: [ 12.918644] ffff888103151900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.918980] ffff888103151980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.919352] >ffff888103151a00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.919673] ^ [ 12.919840] ffff888103151a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.920143] ffff888103151b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.920577] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-mempool_double_free_helper
[ 12.845382] ================================================================== [ 12.845883] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.846189] Free of addr ffff888102a3c000 by task kunit_try_catch/256 [ 12.846568] [ 12.846683] CPU: 1 UID: 0 PID: 256 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.846733] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.846903] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.846932] Call Trace: [ 12.846947] <TASK> [ 12.846966] dump_stack_lvl+0x73/0xb0 [ 12.846996] print_report+0xd1/0x650 [ 12.847020] ? __virt_addr_valid+0x1db/0x2d0 [ 12.847044] ? kasan_addr_to_slab+0x11/0xa0 [ 12.847066] ? mempool_double_free_helper+0x184/0x370 [ 12.847092] kasan_report_invalid_free+0x10a/0x130 [ 12.847119] ? mempool_double_free_helper+0x184/0x370 [ 12.847146] ? mempool_double_free_helper+0x184/0x370 [ 12.847169] __kasan_mempool_poison_object+0x1b3/0x1d0 [ 12.847194] mempool_free+0x2ec/0x380 [ 12.847218] mempool_double_free_helper+0x184/0x370 [ 12.847256] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.847280] ? dequeue_entities+0x852/0x1740 [ 12.847306] ? finish_task_switch.isra.0+0x153/0x700 [ 12.847333] mempool_kmalloc_large_double_free+0xed/0x140 [ 12.847359] ? __pfx_mempool_kmalloc_large_double_free+0x10/0x10 [ 12.847385] ? dequeue_task_fair+0x166/0x4e0 [ 12.847407] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.847426] ? __pfx_mempool_kfree+0x10/0x10 [ 12.847449] ? __pfx_read_tsc+0x10/0x10 [ 12.847468] ? ktime_get_ts64+0x86/0x230 [ 12.847495] kunit_try_run_case+0x1a5/0x480 [ 12.847521] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.847542] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.847567] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.847591] ? __kthread_parkme+0x82/0x180 [ 12.847613] ? preempt_count_sub+0x50/0x80 [ 12.847637] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.847661] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.847684] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.847722] kthread+0x337/0x6f0 [ 12.847739] ? trace_preempt_on+0x20/0xc0 [ 12.847763] ? __pfx_kthread+0x10/0x10 [ 12.847781] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.847804] ? calculate_sigpending+0x7b/0xa0 [ 12.847828] ? __pfx_kthread+0x10/0x10 [ 12.847846] ret_from_fork+0x41/0x80 [ 12.847867] ? __pfx_kthread+0x10/0x10 [ 12.847885] ret_from_fork_asm+0x1a/0x30 [ 12.847916] </TASK> [ 12.847927] [ 12.858550] The buggy address belongs to the physical page: [ 12.858776] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a3c [ 12.859116] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.859585] flags: 0x200000000000040(head|node=0|zone=2) [ 12.860014] page_type: f8(unknown) [ 12.860188] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.861203] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.861892] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.862727] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.863142] head: 0200000000000002 ffffea00040a8f01 00000000ffffffff 00000000ffffffff [ 12.863605] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.864335] page dumped because: kasan: bad access detected [ 12.864654] [ 12.864793] Memory state around the buggy address: [ 12.865198] ffff888102a3bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.865756] ffff888102a3bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.866201] >ffff888102a3c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.866787] ^ [ 12.867038] ffff888102a3c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.867485] ffff888102a3c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.867929] ================================================================== [ 12.812481] ================================================================== [ 12.813099] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.813398] Free of addr ffff888103151600 by task kunit_try_catch/254 [ 12.813701] [ 12.813874] CPU: 0 UID: 0 PID: 254 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.813925] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.813938] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.814204] Call Trace: [ 12.814218] <TASK> [ 12.814249] dump_stack_lvl+0x73/0xb0 [ 12.814279] print_report+0xd1/0x650 [ 12.814303] ? __virt_addr_valid+0x1db/0x2d0 [ 12.814328] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.814351] ? mempool_double_free_helper+0x184/0x370 [ 12.814376] kasan_report_invalid_free+0x10a/0x130 [ 12.814401] ? mempool_double_free_helper+0x184/0x370 [ 12.814428] ? mempool_double_free_helper+0x184/0x370 [ 12.814451] ? mempool_double_free_helper+0x184/0x370 [ 12.814475] check_slab_allocation+0x101/0x130 [ 12.814497] __kasan_mempool_poison_object+0x91/0x1d0 [ 12.814523] mempool_free+0x2ec/0x380 [ 12.814549] mempool_double_free_helper+0x184/0x370 [ 12.814574] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.814601] ? kasan_save_track+0x18/0x40 [ 12.814621] ? kasan_save_alloc_info+0x3b/0x50 [ 12.814641] ? kasan_save_stack+0x45/0x70 [ 12.814663] ? mempool_alloc_preallocated+0x5b/0x90 [ 12.814688] mempool_kmalloc_double_free+0xed/0x140 [ 12.814713] ? __pfx_mempool_kmalloc_double_free+0x10/0x10 [ 12.814736] ? dequeue_task_fair+0x166/0x4e0 [ 12.814762] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.814781] ? __pfx_mempool_kfree+0x10/0x10 [ 12.814806] ? __pfx_read_tsc+0x10/0x10 [ 12.814827] ? ktime_get_ts64+0x86/0x230 [ 12.814854] kunit_try_run_case+0x1a5/0x480 [ 12.814879] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.814902] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.814926] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.814949] ? __kthread_parkme+0x82/0x180 [ 12.814972] ? preempt_count_sub+0x50/0x80 [ 12.814999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.815023] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.815046] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.815071] kthread+0x337/0x6f0 [ 12.815088] ? trace_preempt_on+0x20/0xc0 [ 12.815111] ? __pfx_kthread+0x10/0x10 [ 12.815129] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.815151] ? calculate_sigpending+0x7b/0xa0 [ 12.815173] ? __pfx_kthread+0x10/0x10 [ 12.815192] ret_from_fork+0x41/0x80 [ 12.815212] ? __pfx_kthread+0x10/0x10 [ 12.815239] ret_from_fork_asm+0x1a/0x30 [ 12.815271] </TASK> [ 12.815304] [ 12.827598] Allocated by task 254: [ 12.828019] kasan_save_stack+0x45/0x70 [ 12.828228] kasan_save_track+0x18/0x40 [ 12.828504] kasan_save_alloc_info+0x3b/0x50 [ 12.828910] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.829401] remove_element+0x11e/0x190 [ 12.829678] mempool_alloc_preallocated+0x4d/0x90 [ 12.829843] mempool_double_free_helper+0x8a/0x370 [ 12.830002] mempool_kmalloc_double_free+0xed/0x140 [ 12.830160] kunit_try_run_case+0x1a5/0x480 [ 12.830348] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.830550] kthread+0x337/0x6f0 [ 12.830797] ret_from_fork+0x41/0x80 [ 12.830949] ret_from_fork_asm+0x1a/0x30 [ 12.831150] [ 12.831223] Freed by task 254: [ 12.831383] kasan_save_stack+0x45/0x70 [ 12.831587] kasan_save_track+0x18/0x40 [ 12.831775] kasan_save_free_info+0x3f/0x60 [ 12.832249] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.832589] mempool_free+0x2ec/0x380 [ 12.833086] mempool_double_free_helper+0x109/0x370 [ 12.833292] mempool_kmalloc_double_free+0xed/0x140 [ 12.833658] kunit_try_run_case+0x1a5/0x480 [ 12.833880] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.834115] kthread+0x337/0x6f0 [ 12.834637] ret_from_fork+0x41/0x80 [ 12.834834] ret_from_fork_asm+0x1a/0x30 [ 12.834975] [ 12.835072] The buggy address belongs to the object at ffff888103151600 [ 12.835072] which belongs to the cache kmalloc-128 of size 128 [ 12.835790] The buggy address is located 0 bytes inside of [ 12.835790] 128-byte region [ffff888103151600, ffff888103151680) [ 12.836547] [ 12.836633] The buggy address belongs to the physical page: [ 12.836974] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 12.837569] flags: 0x200000000000000(node=0|zone=2) [ 12.837822] page_type: f5(slab) [ 12.837969] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.838296] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.838947] page dumped because: kasan: bad access detected [ 12.839143] [ 12.839253] Memory state around the buggy address: [ 12.839706] ffff888103151500: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.839952] ffff888103151580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.840538] >ffff888103151600: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.840883] ^ [ 12.841037] ffff888103151680: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.841624] ffff888103151700: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.841873] ================================================================== [ 12.872044] ================================================================== [ 12.872746] BUG: KASAN: double-free in mempool_double_free_helper+0x184/0x370 [ 12.873004] Free of addr ffff88810392c000 by task kunit_try_catch/258 [ 12.873316] [ 12.873632] CPU: 0 UID: 0 PID: 258 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.873686] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.873699] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.873749] Call Trace: [ 12.873762] <TASK> [ 12.873782] dump_stack_lvl+0x73/0xb0 [ 12.873811] print_report+0xd1/0x650 [ 12.873836] ? __virt_addr_valid+0x1db/0x2d0 [ 12.873860] ? kasan_addr_to_slab+0x11/0xa0 [ 12.873881] ? mempool_double_free_helper+0x184/0x370 [ 12.873908] kasan_report_invalid_free+0x10a/0x130 [ 12.874008] ? mempool_double_free_helper+0x184/0x370 [ 12.874037] ? mempool_double_free_helper+0x184/0x370 [ 12.874062] __kasan_mempool_poison_pages+0x115/0x130 [ 12.874088] mempool_free+0x290/0x380 [ 12.874113] mempool_double_free_helper+0x184/0x370 [ 12.874138] ? __pfx_mempool_double_free_helper+0x10/0x10 [ 12.874162] ? dequeue_entities+0x852/0x1740 [ 12.874188] ? finish_task_switch.isra.0+0x153/0x700 [ 12.874217] mempool_page_alloc_double_free+0xe8/0x140 [ 12.874251] ? __pfx_mempool_page_alloc_double_free+0x10/0x10 [ 12.874273] ? dequeue_task_fair+0x166/0x4e0 [ 12.874296] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.874317] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.874340] ? __pfx_read_tsc+0x10/0x10 [ 12.874361] ? ktime_get_ts64+0x86/0x230 [ 12.874387] kunit_try_run_case+0x1a5/0x480 [ 12.874412] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.874434] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.874459] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.874484] ? __kthread_parkme+0x82/0x180 [ 12.874506] ? preempt_count_sub+0x50/0x80 [ 12.874530] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.874554] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.874578] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.874601] kthread+0x337/0x6f0 [ 12.874618] ? trace_preempt_on+0x20/0xc0 [ 12.874642] ? __pfx_kthread+0x10/0x10 [ 12.874660] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.874682] ? calculate_sigpending+0x7b/0xa0 [ 12.874704] ? __pfx_kthread+0x10/0x10 [ 12.874724] ret_from_fork+0x41/0x80 [ 12.874744] ? __pfx_kthread+0x10/0x10 [ 12.874763] ret_from_fork_asm+0x1a/0x30 [ 12.874794] </TASK> [ 12.874805] [ 12.885854] The buggy address belongs to the physical page: [ 12.886142] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10392c [ 12.886711] flags: 0x200000000000000(node=0|zone=2) [ 12.887139] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.887555] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.888010] page dumped because: kasan: bad access detected [ 12.888487] [ 12.888605] Memory state around the buggy address: [ 12.889023] ffff88810392bf00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.889405] ffff88810392bf80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.889665] >ffff88810392c000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.890271] ^ [ 12.890448] ffff88810392c080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.890964] ffff88810392c100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.891259] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-mempool_uaf_helper
[ 12.705768] ================================================================== [ 12.706198] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.706680] Read of size 1 at addr ffff888103928000 by task kunit_try_catch/248 [ 12.707214] [ 12.707718] CPU: 0 UID: 0 PID: 248 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.707773] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.707786] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.707813] Call Trace: [ 12.707827] <TASK> [ 12.707847] dump_stack_lvl+0x73/0xb0 [ 12.707878] print_report+0xd1/0x650 [ 12.707902] ? __virt_addr_valid+0x1db/0x2d0 [ 12.707926] ? mempool_uaf_helper+0x392/0x400 [ 12.707949] ? kasan_addr_to_slab+0x11/0xa0 [ 12.707971] ? mempool_uaf_helper+0x392/0x400 [ 12.707994] kasan_report+0x141/0x180 [ 12.708017] ? mempool_uaf_helper+0x392/0x400 [ 12.708044] __asan_report_load1_noabort+0x18/0x20 [ 12.708066] mempool_uaf_helper+0x392/0x400 [ 12.708089] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.708112] ? update_load_avg+0x1be/0x21b0 [ 12.708134] ? dequeue_entities+0x27e/0x1740 [ 12.708157] ? finish_task_switch.isra.0+0x153/0x700 [ 12.708185] mempool_kmalloc_large_uaf+0xef/0x140 [ 12.708210] ? __pfx_mempool_kmalloc_large_uaf+0x10/0x10 [ 12.708248] ? dequeue_task_fair+0x166/0x4e0 [ 12.708271] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.708293] ? __pfx_mempool_kfree+0x10/0x10 [ 12.708315] ? __pfx_read_tsc+0x10/0x10 [ 12.708335] ? ktime_get_ts64+0x86/0x230 [ 12.708361] kunit_try_run_case+0x1a5/0x480 [ 12.708387] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.708409] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.708434] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.708458] ? __kthread_parkme+0x82/0x180 [ 12.708481] ? preempt_count_sub+0x50/0x80 [ 12.708506] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.708530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.708553] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.708576] kthread+0x337/0x6f0 [ 12.708593] ? trace_preempt_on+0x20/0xc0 [ 12.708617] ? __pfx_kthread+0x10/0x10 [ 12.708635] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.708658] ? calculate_sigpending+0x7b/0xa0 [ 12.708680] ? __pfx_kthread+0x10/0x10 [ 12.708699] ret_from_fork+0x41/0x80 [ 12.708719] ? __pfx_kthread+0x10/0x10 [ 12.708737] ret_from_fork_asm+0x1a/0x30 [ 12.708769] </TASK> [ 12.708781] [ 12.724819] The buggy address belongs to the physical page: [ 12.725037] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103928 [ 12.725381] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.726071] flags: 0x200000000000040(head|node=0|zone=2) [ 12.726613] page_type: f8(unknown) [ 12.726993] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.727799] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.728522] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.728995] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.729856] head: 0200000000000002 ffffea00040e4a01 00000000ffffffff 00000000ffffffff [ 12.730097] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.730515] page dumped because: kasan: bad access detected [ 12.731049] [ 12.731207] Memory state around the buggy address: [ 12.731704] ffff888103927f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.732431] ffff888103927f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.733101] >ffff888103928000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.733409] ^ [ 12.733750] ffff888103928080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.734387] ffff888103928100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.734669] ================================================================== [ 12.787386] ================================================================== [ 12.787857] BUG: KASAN: use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.788583] Read of size 1 at addr ffff888102a38000 by task kunit_try_catch/252 [ 12.789134] [ 12.789270] CPU: 1 UID: 0 PID: 252 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.789565] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.789592] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.789616] Call Trace: [ 12.789629] <TASK> [ 12.789649] dump_stack_lvl+0x73/0xb0 [ 12.789679] print_report+0xd1/0x650 [ 12.789703] ? __virt_addr_valid+0x1db/0x2d0 [ 12.789727] ? mempool_uaf_helper+0x392/0x400 [ 12.789750] ? kasan_addr_to_slab+0x11/0xa0 [ 12.789772] ? mempool_uaf_helper+0x392/0x400 [ 12.789796] kasan_report+0x141/0x180 [ 12.789819] ? mempool_uaf_helper+0x392/0x400 [ 12.789847] __asan_report_load1_noabort+0x18/0x20 [ 12.789868] mempool_uaf_helper+0x392/0x400 [ 12.789892] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.789915] ? dequeue_entities+0x852/0x1740 [ 12.789941] ? finish_task_switch.isra.0+0x153/0x700 [ 12.789970] mempool_page_alloc_uaf+0xed/0x140 [ 12.789990] ? __pfx_mempool_page_alloc_uaf+0x10/0x10 [ 12.790011] ? dequeue_task_fair+0x166/0x4e0 [ 12.790033] ? __pfx_mempool_alloc_pages+0x10/0x10 [ 12.790055] ? __pfx_mempool_free_pages+0x10/0x10 [ 12.790079] ? __pfx_read_tsc+0x10/0x10 [ 12.790098] ? ktime_get_ts64+0x86/0x230 [ 12.790124] kunit_try_run_case+0x1a5/0x480 [ 12.790152] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.790176] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.790201] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.790225] ? __kthread_parkme+0x82/0x180 [ 12.790258] ? preempt_count_sub+0x50/0x80 [ 12.790295] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.790320] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.790342] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.790366] kthread+0x337/0x6f0 [ 12.790384] ? trace_preempt_on+0x20/0xc0 [ 12.790409] ? __pfx_kthread+0x10/0x10 [ 12.790427] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.790449] ? calculate_sigpending+0x7b/0xa0 [ 12.790471] ? __pfx_kthread+0x10/0x10 [ 12.790490] ret_from_fork+0x41/0x80 [ 12.790511] ? __pfx_kthread+0x10/0x10 [ 12.790529] ret_from_fork_asm+0x1a/0x30 [ 12.790560] </TASK> [ 12.790572] [ 12.802865] The buggy address belongs to the physical page: [ 12.803208] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.803743] flags: 0x200000000000000(node=0|zone=2) [ 12.804023] raw: 0200000000000000 0000000000000000 dead000000000122 0000000000000000 [ 12.804468] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 12.804779] page dumped because: kasan: bad access detected [ 12.805112] [ 12.805268] Memory state around the buggy address: [ 12.805655] ffff888102a37f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.806111] ffff888102a37f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.806576] >ffff888102a38000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.806914] ^ [ 12.807035] ffff888102a38080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.807389] ffff888102a38100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 12.807839] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-mempool_uaf_helper
[ 12.672581] ================================================================== [ 12.672993] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.673249] Read of size 1 at addr ffff888102dc0d00 by task kunit_try_catch/246 [ 12.673487] [ 12.673584] CPU: 1 UID: 0 PID: 246 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.673781] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.673797] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.673823] Call Trace: [ 12.673836] <TASK> [ 12.674087] dump_stack_lvl+0x73/0xb0 [ 12.674124] print_report+0xd1/0x650 [ 12.674161] ? __virt_addr_valid+0x1db/0x2d0 [ 12.674185] ? mempool_uaf_helper+0x392/0x400 [ 12.674207] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.674240] ? mempool_uaf_helper+0x392/0x400 [ 12.674263] kasan_report+0x141/0x180 [ 12.674287] ? mempool_uaf_helper+0x392/0x400 [ 12.674314] __asan_report_load1_noabort+0x18/0x20 [ 12.674336] mempool_uaf_helper+0x392/0x400 [ 12.674360] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.674383] ? dequeue_entities+0x852/0x1740 [ 12.674409] ? finish_task_switch.isra.0+0x153/0x700 [ 12.674437] mempool_kmalloc_uaf+0xef/0x140 [ 12.674460] ? __pfx_mempool_kmalloc_uaf+0x10/0x10 [ 12.674483] ? dequeue_task_fair+0x166/0x4e0 [ 12.674506] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.674528] ? __pfx_mempool_kfree+0x10/0x10 [ 12.674550] ? __pfx_read_tsc+0x10/0x10 [ 12.674570] ? ktime_get_ts64+0x86/0x230 [ 12.674598] kunit_try_run_case+0x1a5/0x480 [ 12.674624] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.674647] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.674672] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.674697] ? __kthread_parkme+0x82/0x180 [ 12.674720] ? preempt_count_sub+0x50/0x80 [ 12.674744] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.674768] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.674791] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.674815] kthread+0x337/0x6f0 [ 12.674832] ? trace_preempt_on+0x20/0xc0 [ 12.674855] ? __pfx_kthread+0x10/0x10 [ 12.674874] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.674896] ? calculate_sigpending+0x7b/0xa0 [ 12.674919] ? __pfx_kthread+0x10/0x10 [ 12.674937] ret_from_fork+0x41/0x80 [ 12.674958] ? __pfx_kthread+0x10/0x10 [ 12.674976] ret_from_fork_asm+0x1a/0x30 [ 12.675007] </TASK> [ 12.675019] [ 12.687167] Allocated by task 246: [ 12.687503] kasan_save_stack+0x45/0x70 [ 12.687928] kasan_save_track+0x18/0x40 [ 12.688087] kasan_save_alloc_info+0x3b/0x50 [ 12.688252] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.688643] remove_element+0x11e/0x190 [ 12.689158] mempool_alloc_preallocated+0x4d/0x90 [ 12.689397] mempool_uaf_helper+0x96/0x400 [ 12.689746] mempool_kmalloc_uaf+0xef/0x140 [ 12.689896] kunit_try_run_case+0x1a5/0x480 [ 12.690106] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.690582] kthread+0x337/0x6f0 [ 12.690755] ret_from_fork+0x41/0x80 [ 12.691073] ret_from_fork_asm+0x1a/0x30 [ 12.691254] [ 12.691459] Freed by task 246: [ 12.691587] kasan_save_stack+0x45/0x70 [ 12.691868] kasan_save_track+0x18/0x40 [ 12.692000] kasan_save_free_info+0x3f/0x60 [ 12.692205] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.692461] mempool_free+0x2ec/0x380 [ 12.692635] mempool_uaf_helper+0x11a/0x400 [ 12.693030] mempool_kmalloc_uaf+0xef/0x140 [ 12.693204] kunit_try_run_case+0x1a5/0x480 [ 12.693442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.693618] kthread+0x337/0x6f0 [ 12.693732] ret_from_fork+0x41/0x80 [ 12.693984] ret_from_fork_asm+0x1a/0x30 [ 12.694210] [ 12.694309] The buggy address belongs to the object at ffff888102dc0d00 [ 12.694309] which belongs to the cache kmalloc-128 of size 128 [ 12.695103] The buggy address is located 0 bytes inside of [ 12.695103] freed 128-byte region [ffff888102dc0d00, ffff888102dc0d80) [ 12.696187] [ 12.696309] The buggy address belongs to the physical page: [ 12.696594] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 12.697045] flags: 0x200000000000000(node=0|zone=2) [ 12.697370] page_type: f5(slab) [ 12.697867] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.698402] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.698701] page dumped because: kasan: bad access detected [ 12.699145] [ 12.699264] Memory state around the buggy address: [ 12.699664] ffff888102dc0c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.700124] ffff888102dc0c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.700457] >ffff888102dc0d00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.701086] ^ [ 12.701451] ffff888102dc0d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.701935] ffff888102dc0e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.702190] ================================================================== [ 12.740183] ================================================================== [ 12.741387] BUG: KASAN: slab-use-after-free in mempool_uaf_helper+0x392/0x400 [ 12.741819] Read of size 1 at addr ffff8881039f2240 by task kunit_try_catch/250 [ 12.742610] [ 12.742981] CPU: 1 UID: 0 PID: 250 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.743095] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.743110] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.743135] Call Trace: [ 12.743149] <TASK> [ 12.743169] dump_stack_lvl+0x73/0xb0 [ 12.743202] print_report+0xd1/0x650 [ 12.743227] ? __virt_addr_valid+0x1db/0x2d0 [ 12.743263] ? mempool_uaf_helper+0x392/0x400 [ 12.743288] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.743311] ? mempool_uaf_helper+0x392/0x400 [ 12.743334] kasan_report+0x141/0x180 [ 12.743357] ? mempool_uaf_helper+0x392/0x400 [ 12.743385] __asan_report_load1_noabort+0x18/0x20 [ 12.743407] mempool_uaf_helper+0x392/0x400 [ 12.743430] ? __pfx_mempool_uaf_helper+0x10/0x10 [ 12.743457] ? finish_task_switch.isra.0+0x153/0x700 [ 12.743487] mempool_slab_uaf+0xea/0x140 [ 12.743507] ? __pfx_mempool_slab_uaf+0x10/0x10 [ 12.743527] ? dequeue_task_fair+0x166/0x4e0 [ 12.743551] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.743574] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.743597] ? __pfx_read_tsc+0x10/0x10 [ 12.743619] ? ktime_get_ts64+0x86/0x230 [ 12.743645] kunit_try_run_case+0x1a5/0x480 [ 12.743672] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.743695] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.743721] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.743746] ? __kthread_parkme+0x82/0x180 [ 12.743769] ? preempt_count_sub+0x50/0x80 [ 12.743794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.743819] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.743843] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.743866] kthread+0x337/0x6f0 [ 12.743883] ? trace_preempt_on+0x20/0xc0 [ 12.743908] ? __pfx_kthread+0x10/0x10 [ 12.743926] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.743949] ? calculate_sigpending+0x7b/0xa0 [ 12.743972] ? __pfx_kthread+0x10/0x10 [ 12.743990] ret_from_fork+0x41/0x80 [ 12.744010] ? __pfx_kthread+0x10/0x10 [ 12.744029] ret_from_fork_asm+0x1a/0x30 [ 12.744060] </TASK> [ 12.744072] [ 12.758497] Allocated by task 250: [ 12.758989] kasan_save_stack+0x45/0x70 [ 12.759456] kasan_save_track+0x18/0x40 [ 12.759825] kasan_save_alloc_info+0x3b/0x50 [ 12.760307] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.760639] remove_element+0x11e/0x190 [ 12.761053] mempool_alloc_preallocated+0x4d/0x90 [ 12.761685] mempool_uaf_helper+0x96/0x400 [ 12.762104] mempool_slab_uaf+0xea/0x140 [ 12.762597] kunit_try_run_case+0x1a5/0x480 [ 12.763053] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.763449] kthread+0x337/0x6f0 [ 12.763839] ret_from_fork+0x41/0x80 [ 12.764223] ret_from_fork_asm+0x1a/0x30 [ 12.764757] [ 12.765015] Freed by task 250: [ 12.765199] kasan_save_stack+0x45/0x70 [ 12.765492] kasan_save_track+0x18/0x40 [ 12.765755] kasan_save_free_info+0x3f/0x60 [ 12.765942] __kasan_mempool_poison_object+0x131/0x1d0 [ 12.766167] mempool_free+0x2ec/0x380 [ 12.766700] mempool_uaf_helper+0x11a/0x400 [ 12.767107] mempool_slab_uaf+0xea/0x140 [ 12.767561] kunit_try_run_case+0x1a5/0x480 [ 12.767950] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.768193] kthread+0x337/0x6f0 [ 12.768701] ret_from_fork+0x41/0x80 [ 12.768981] ret_from_fork_asm+0x1a/0x30 [ 12.769567] [ 12.769671] The buggy address belongs to the object at ffff8881039f2240 [ 12.769671] which belongs to the cache test_cache of size 123 [ 12.770142] The buggy address is located 0 bytes inside of [ 12.770142] freed 123-byte region [ffff8881039f2240, ffff8881039f22bb) [ 12.771173] [ 12.771434] The buggy address belongs to the physical page: [ 12.772261] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1039f2 [ 12.773123] flags: 0x200000000000000(node=0|zone=2) [ 12.773628] page_type: f5(slab) [ 12.773918] raw: 0200000000000000 ffff888101ac5640 dead000000000122 0000000000000000 [ 12.774251] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.774993] page dumped because: kasan: bad access detected [ 12.775251] [ 12.775619] Memory state around the buggy address: [ 12.775899] ffff8881039f2100: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.776222] ffff8881039f2180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.776452] >ffff8881039f2200: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.777060] ^ [ 12.777708] ffff8881039f2280: fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc fc [ 12.778185] ffff8881039f2300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.778769] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-mempool_oob_right_helper
[ 12.605608] ================================================================== [ 12.606091] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.606651] Read of size 1 at addr ffff888102a3a001 by task kunit_try_catch/242 [ 12.606970] [ 12.607204] CPU: 1 UID: 0 PID: 242 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.607266] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.607352] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.607378] Call Trace: [ 12.607392] <TASK> [ 12.607469] dump_stack_lvl+0x73/0xb0 [ 12.607503] print_report+0xd1/0x650 [ 12.607527] ? __virt_addr_valid+0x1db/0x2d0 [ 12.607551] ? mempool_oob_right_helper+0x318/0x380 [ 12.607575] ? kasan_addr_to_slab+0x11/0xa0 [ 12.607597] ? mempool_oob_right_helper+0x318/0x380 [ 12.607622] kasan_report+0x141/0x180 [ 12.607644] ? mempool_oob_right_helper+0x318/0x380 [ 12.607674] __asan_report_load1_noabort+0x18/0x20 [ 12.607695] mempool_oob_right_helper+0x318/0x380 [ 12.607720] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.607746] ? dequeue_entities+0x852/0x1740 [ 12.607772] ? irqentry_exit+0x2a/0x60 [ 12.607791] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.607820] mempool_kmalloc_large_oob_right+0xf2/0x150 [ 12.607845] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.607873] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.607896] ? __pfx_mempool_kfree+0x10/0x10 [ 12.607918] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.607945] ? __pfx_mempool_kmalloc_large_oob_right+0x10/0x10 [ 12.607973] kunit_try_run_case+0x1a5/0x480 [ 12.607999] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.608022] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.608047] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.608071] ? __kthread_parkme+0x82/0x180 [ 12.608095] ? preempt_count_sub+0x50/0x80 [ 12.608120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.608144] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.608167] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.608191] kthread+0x337/0x6f0 [ 12.608208] ? trace_preempt_on+0x20/0xc0 [ 12.608244] ? __pfx_kthread+0x10/0x10 [ 12.608262] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.608294] ? calculate_sigpending+0x7b/0xa0 [ 12.608317] ? __pfx_kthread+0x10/0x10 [ 12.608336] ret_from_fork+0x41/0x80 [ 12.608359] ? __pfx_kthread+0x10/0x10 [ 12.608377] ret_from_fork_asm+0x1a/0x30 [ 12.608409] </TASK> [ 12.608421] [ 12.620398] The buggy address belongs to the physical page: [ 12.620966] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a38 [ 12.621510] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 12.621959] flags: 0x200000000000040(head|node=0|zone=2) [ 12.622228] page_type: f8(unknown) [ 12.622563] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.623004] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.623627] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 12.623978] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 12.624578] head: 0200000000000002 ffffea00040a8e01 00000000ffffffff 00000000ffffffff [ 12.624950] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 12.625261] page dumped because: kasan: bad access detected [ 12.625612] [ 12.626319] Memory state around the buggy address: [ 12.626493] ffff888102a39f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.626717] ffff888102a39f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 12.626934] >ffff888102a3a000: 01 fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.627148] ^ [ 12.627279] ffff888102a3a080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.627582] ffff888102a3a100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 12.627797] ================================================================== [ 12.577979] ================================================================== [ 12.578450] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.579026] Read of size 1 at addr ffff888103151273 by task kunit_try_catch/240 [ 12.579322] [ 12.579443] CPU: 0 UID: 0 PID: 240 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.579496] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.579509] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.579533] Call Trace: [ 12.579546] <TASK> [ 12.579567] dump_stack_lvl+0x73/0xb0 [ 12.579598] print_report+0xd1/0x650 [ 12.579622] ? __virt_addr_valid+0x1db/0x2d0 [ 12.579647] ? mempool_oob_right_helper+0x318/0x380 [ 12.579672] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.579695] ? mempool_oob_right_helper+0x318/0x380 [ 12.579720] kasan_report+0x141/0x180 [ 12.579743] ? mempool_oob_right_helper+0x318/0x380 [ 12.579771] __asan_report_load1_noabort+0x18/0x20 [ 12.579793] mempool_oob_right_helper+0x318/0x380 [ 12.579818] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.579842] ? dequeue_entities+0x852/0x1740 [ 12.579868] ? irqentry_exit+0x2a/0x60 [ 12.579888] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 12.579916] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.579941] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.579969] ? __pfx_mempool_kmalloc+0x10/0x10 [ 12.579992] ? __pfx_mempool_kfree+0x10/0x10 [ 12.580013] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.580039] ? __pfx_mempool_kmalloc_oob_right+0x10/0x10 [ 12.580066] kunit_try_run_case+0x1a5/0x480 [ 12.580092] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.580115] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.580140] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.580164] ? __kthread_parkme+0x82/0x180 [ 12.580188] ? preempt_count_sub+0x50/0x80 [ 12.580215] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.580251] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.580276] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.580300] kthread+0x337/0x6f0 [ 12.580317] ? trace_preempt_on+0x20/0xc0 [ 12.580343] ? __pfx_kthread+0x10/0x10 [ 12.580361] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.580384] ? calculate_sigpending+0x7b/0xa0 [ 12.580407] ? __pfx_kthread+0x10/0x10 [ 12.580426] ret_from_fork+0x41/0x80 [ 12.580448] ? __pfx_kthread+0x10/0x10 [ 12.580467] ret_from_fork_asm+0x1a/0x30 [ 12.580499] </TASK> [ 12.580511] [ 12.590784] Allocated by task 240: [ 12.590952] kasan_save_stack+0x45/0x70 [ 12.591174] kasan_save_track+0x18/0x40 [ 12.591393] kasan_save_alloc_info+0x3b/0x50 [ 12.591617] __kasan_mempool_unpoison_object+0x1a9/0x200 [ 12.591897] remove_element+0x11e/0x190 [ 12.592062] mempool_alloc_preallocated+0x4d/0x90 [ 12.592303] mempool_oob_right_helper+0x8a/0x380 [ 12.592624] mempool_kmalloc_oob_right+0xf2/0x150 [ 12.592792] kunit_try_run_case+0x1a5/0x480 [ 12.593005] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.593224] kthread+0x337/0x6f0 [ 12.593434] ret_from_fork+0x41/0x80 [ 12.593594] ret_from_fork_asm+0x1a/0x30 [ 12.593820] [ 12.593895] The buggy address belongs to the object at ffff888103151200 [ 12.593895] which belongs to the cache kmalloc-128 of size 128 [ 12.594336] The buggy address is located 0 bytes to the right of [ 12.594336] allocated 115-byte region [ffff888103151200, ffff888103151273) [ 12.594948] [ 12.595024] The buggy address belongs to the physical page: [ 12.595510] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103151 [ 12.595897] flags: 0x200000000000000(node=0|zone=2) [ 12.596123] page_type: f5(slab) [ 12.596345] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 12.597142] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 12.597415] page dumped because: kasan: bad access detected [ 12.598022] [ 12.598138] Memory state around the buggy address: [ 12.598571] ffff888103151100: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.599122] ffff888103151180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.599478] >ffff888103151200: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.599805] ^ [ 12.600069] ffff888103151280: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.600354] ffff888103151300: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 03 fc [ 12.600710] ================================================================== [ 12.633424] ================================================================== [ 12.634817] BUG: KASAN: slab-out-of-bounds in mempool_oob_right_helper+0x318/0x380 [ 12.635510] Read of size 1 at addr ffff8881031542bb by task kunit_try_catch/244 [ 12.635868] [ 12.636011] CPU: 0 UID: 0 PID: 244 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.636065] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.636079] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.636104] Call Trace: [ 12.636117] <TASK> [ 12.636139] dump_stack_lvl+0x73/0xb0 [ 12.636169] print_report+0xd1/0x650 [ 12.636193] ? __virt_addr_valid+0x1db/0x2d0 [ 12.636218] ? mempool_oob_right_helper+0x318/0x380 [ 12.636253] ? kasan_complete_mode_report_info+0x2a/0x200 [ 12.636276] ? mempool_oob_right_helper+0x318/0x380 [ 12.636301] kasan_report+0x141/0x180 [ 12.636324] ? mempool_oob_right_helper+0x318/0x380 [ 12.636354] __asan_report_load1_noabort+0x18/0x20 [ 12.636374] mempool_oob_right_helper+0x318/0x380 [ 12.636400] ? __pfx_mempool_oob_right_helper+0x10/0x10 [ 12.636428] ? finish_task_switch.isra.0+0x153/0x700 [ 12.636458] mempool_slab_oob_right+0xed/0x140 [ 12.636479] ? __pfx_mempool_slab_oob_right+0x10/0x10 [ 12.636499] ? dequeue_task_fair+0x166/0x4e0 [ 12.636522] ? __pfx_mempool_alloc_slab+0x10/0x10 [ 12.636546] ? __pfx_mempool_free_slab+0x10/0x10 [ 12.636569] ? __pfx_read_tsc+0x10/0x10 [ 12.636590] ? ktime_get_ts64+0x86/0x230 [ 12.636616] kunit_try_run_case+0x1a5/0x480 [ 12.636643] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.636666] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.636692] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.636716] ? __kthread_parkme+0x82/0x180 [ 12.636739] ? preempt_count_sub+0x50/0x80 [ 12.636763] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.636787] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.636810] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.636834] kthread+0x337/0x6f0 [ 12.636851] ? trace_preempt_on+0x20/0xc0 [ 12.636876] ? __pfx_kthread+0x10/0x10 [ 12.636895] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.636917] ? calculate_sigpending+0x7b/0xa0 [ 12.636940] ? __pfx_kthread+0x10/0x10 [ 12.636959] ret_from_fork+0x41/0x80 [ 12.636980] ? __pfx_kthread+0x10/0x10 [ 12.636998] ret_from_fork_asm+0x1a/0x30 [ 12.637030] </TASK> [ 12.637043] [ 12.649960] Allocated by task 244: [ 12.650371] kasan_save_stack+0x45/0x70 [ 12.650809] kasan_save_track+0x18/0x40 [ 12.651073] kasan_save_alloc_info+0x3b/0x50 [ 12.651446] __kasan_mempool_unpoison_object+0x1bb/0x200 [ 12.651954] remove_element+0x11e/0x190 [ 12.652358] mempool_alloc_preallocated+0x4d/0x90 [ 12.652804] mempool_oob_right_helper+0x8a/0x380 [ 12.653043] mempool_slab_oob_right+0xed/0x140 [ 12.653254] kunit_try_run_case+0x1a5/0x480 [ 12.653492] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.654022] kthread+0x337/0x6f0 [ 12.654299] ret_from_fork+0x41/0x80 [ 12.654626] ret_from_fork_asm+0x1a/0x30 [ 12.655008] [ 12.655104] The buggy address belongs to the object at ffff888103154240 [ 12.655104] which belongs to the cache test_cache of size 123 [ 12.655957] The buggy address is located 0 bytes to the right of [ 12.655957] allocated 123-byte region [ffff888103154240, ffff8881031542bb) [ 12.656940] [ 12.657043] The buggy address belongs to the physical page: [ 12.657289] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103154 [ 12.657968] flags: 0x200000000000000(node=0|zone=2) [ 12.658431] page_type: f5(slab) [ 12.658600] raw: 0200000000000000 ffff88810111e640 dead000000000122 0000000000000000 [ 12.659080] raw: 0000000000000000 0000000080150015 00000000f5000000 0000000000000000 [ 12.659600] page dumped because: kasan: bad access detected [ 12.660179] [ 12.660427] Memory state around the buggy address: [ 12.661027] ffff888103154180: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.661410] ffff888103154200: fc fc fc fc fc fc fc fc 00 00 00 00 00 00 00 00 [ 12.661772] >ffff888103154280: 00 00 00 00 00 00 00 03 fc fc fc fc fc fc fc fc [ 12.662069] ^ [ 12.662608] ffff888103154300: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663456] ffff888103154380: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.663898] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_double_destroy
[ 12.008686] ================================================================== [ 12.009197] BUG: KASAN: slab-use-after-free in kmem_cache_double_destroy+0x1bf/0x380 [ 12.010581] Read of size 1 at addr ffff88810111e3c0 by task kunit_try_catch/234 [ 12.011389] [ 12.011656] CPU: 0 UID: 0 PID: 234 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 12.011713] Tainted: [B]=BAD_PAGE, [N]=TEST [ 12.011726] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 12.011751] Call Trace: [ 12.011765] <TASK> [ 12.011785] dump_stack_lvl+0x73/0xb0 [ 12.011816] print_report+0xd1/0x650 [ 12.011841] ? __virt_addr_valid+0x1db/0x2d0 [ 12.011866] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.011887] ? kasan_complete_mode_report_info+0x64/0x200 [ 12.011910] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.011932] kasan_report+0x141/0x180 [ 12.011954] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.011979] ? kmem_cache_double_destroy+0x1bf/0x380 [ 12.012000] __kasan_check_byte+0x3d/0x50 [ 12.012022] kmem_cache_destroy+0x25/0x1d0 [ 12.012047] kmem_cache_double_destroy+0x1bf/0x380 [ 12.012068] ? __pfx_kmem_cache_double_destroy+0x10/0x10 [ 12.012089] ? finish_task_switch.isra.0+0x153/0x700 [ 12.012116] ? __switch_to+0x5d9/0xf60 [ 12.012138] ? dequeue_task_fair+0x166/0x4e0 [ 12.012165] ? __pfx_read_tsc+0x10/0x10 [ 12.012186] ? ktime_get_ts64+0x86/0x230 [ 12.012211] kunit_try_run_case+0x1a5/0x480 [ 12.012249] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.012272] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 12.012296] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 12.012320] ? __kthread_parkme+0x82/0x180 [ 12.012343] ? preempt_count_sub+0x50/0x80 [ 12.012368] ? __pfx_kunit_try_run_case+0x10/0x10 [ 12.012392] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.012414] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 12.012438] kthread+0x337/0x6f0 [ 12.012456] ? trace_preempt_on+0x20/0xc0 [ 12.012479] ? __pfx_kthread+0x10/0x10 [ 12.012516] ? _raw_spin_unlock_irq+0x47/0x80 [ 12.012538] ? calculate_sigpending+0x7b/0xa0 [ 12.012560] ? __pfx_kthread+0x10/0x10 [ 12.012580] ret_from_fork+0x41/0x80 [ 12.012601] ? __pfx_kthread+0x10/0x10 [ 12.012619] ret_from_fork_asm+0x1a/0x30 [ 12.012651] </TASK> [ 12.012663] [ 12.021491] Allocated by task 234: [ 12.021637] kasan_save_stack+0x45/0x70 [ 12.021847] kasan_save_track+0x18/0x40 [ 12.022120] kasan_save_alloc_info+0x3b/0x50 [ 12.022454] __kasan_slab_alloc+0x91/0xa0 [ 12.022597] kmem_cache_alloc_noprof+0x123/0x3f0 [ 12.023012] __kmem_cache_create_args+0x169/0x240 [ 12.023246] kmem_cache_double_destroy+0xd5/0x380 [ 12.023930] kunit_try_run_case+0x1a5/0x480 [ 12.024136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.024763] kthread+0x337/0x6f0 [ 12.024984] ret_from_fork+0x41/0x80 [ 12.025162] ret_from_fork_asm+0x1a/0x30 [ 12.025378] [ 12.025565] Freed by task 234: [ 12.025731] kasan_save_stack+0x45/0x70 [ 12.025887] kasan_save_track+0x18/0x40 [ 12.026102] kasan_save_free_info+0x3f/0x60 [ 12.026389] __kasan_slab_free+0x56/0x70 [ 12.026551] kmem_cache_free+0x249/0x420 [ 12.026825] slab_kmem_cache_release+0x2e/0x40 [ 12.026996] kmem_cache_release+0x16/0x20 [ 12.027197] kobject_put+0x181/0x450 [ 12.027457] sysfs_slab_release+0x16/0x20 [ 12.027626] kmem_cache_destroy+0xf0/0x1d0 [ 12.027978] kmem_cache_double_destroy+0x14e/0x380 [ 12.028156] kunit_try_run_case+0x1a5/0x480 [ 12.028394] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 12.029192] kthread+0x337/0x6f0 [ 12.029384] ret_from_fork+0x41/0x80 [ 12.029565] ret_from_fork_asm+0x1a/0x30 [ 12.030096] [ 12.030382] The buggy address belongs to the object at ffff88810111e3c0 [ 12.030382] which belongs to the cache kmem_cache of size 208 [ 12.031406] The buggy address is located 0 bytes inside of [ 12.031406] freed 208-byte region [ffff88810111e3c0, ffff88810111e490) [ 12.032170] [ 12.032466] The buggy address belongs to the physical page: [ 12.032709] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10111e [ 12.033021] flags: 0x200000000000000(node=0|zone=2) [ 12.033307] page_type: f5(slab) [ 12.033563] raw: 0200000000000000 ffff888100041000 dead000000000122 0000000000000000 [ 12.034167] raw: 0000000000000000 00000000800c000c 00000000f5000000 0000000000000000 [ 12.034773] page dumped because: kasan: bad access detected [ 12.035100] [ 12.035174] Memory state around the buggy address: [ 12.035516] ffff88810111e280: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.036178] ffff88810111e300: fb fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc [ 12.036945] >ffff88810111e380: fc fc fc fc fc fc fc fc fa fb fb fb fb fb fb fb [ 12.037482] ^ [ 12.038106] ffff88810111e400: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 12.038357] ffff88810111e480: fb fb fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 12.038575] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-kmem_cache_rcu_uaf
[ 11.945653] ================================================================== [ 11.946133] BUG: KASAN: slab-use-after-free in kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.946646] Read of size 1 at addr ffff888102dda000 by task kunit_try_catch/232 [ 11.947320] [ 11.947899] CPU: 1 UID: 0 PID: 232 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.948230] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.948254] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.948280] Call Trace: [ 11.948296] <TASK> [ 11.948318] dump_stack_lvl+0x73/0xb0 [ 11.948355] print_report+0xd1/0x650 [ 11.948380] ? __virt_addr_valid+0x1db/0x2d0 [ 11.948404] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.948425] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.948448] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.948467] kasan_report+0x141/0x180 [ 11.948490] ? kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.948515] __asan_report_load1_noabort+0x18/0x20 [ 11.948536] kmem_cache_rcu_uaf+0x3e3/0x510 [ 11.948557] ? __pfx_kmem_cache_rcu_uaf+0x10/0x10 [ 11.948796] ? finish_task_switch.isra.0+0x153/0x700 [ 11.948832] ? __switch_to+0x5d9/0xf60 [ 11.948856] ? dequeue_task_fair+0x166/0x4e0 [ 11.948884] ? __pfx_read_tsc+0x10/0x10 [ 11.948905] ? ktime_get_ts64+0x86/0x230 [ 11.948931] kunit_try_run_case+0x1a5/0x480 [ 11.948958] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.948981] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.949007] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.949031] ? __kthread_parkme+0x82/0x180 [ 11.949054] ? preempt_count_sub+0x50/0x80 [ 11.949078] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.949121] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.949145] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.949168] kthread+0x337/0x6f0 [ 11.949185] ? trace_preempt_on+0x20/0xc0 [ 11.949210] ? __pfx_kthread+0x10/0x10 [ 11.949229] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.949267] ? calculate_sigpending+0x7b/0xa0 [ 11.949290] ? __pfx_kthread+0x10/0x10 [ 11.949308] ret_from_fork+0x41/0x80 [ 11.949330] ? __pfx_kthread+0x10/0x10 [ 11.949348] ret_from_fork_asm+0x1a/0x30 [ 11.949379] </TASK> [ 11.949391] [ 11.960193] Allocated by task 232: [ 11.960687] kasan_save_stack+0x45/0x70 [ 11.960945] kasan_save_track+0x18/0x40 [ 11.961168] kasan_save_alloc_info+0x3b/0x50 [ 11.961532] __kasan_slab_alloc+0x91/0xa0 [ 11.961762] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.961976] kmem_cache_rcu_uaf+0x155/0x510 [ 11.962121] kunit_try_run_case+0x1a5/0x480 [ 11.962406] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.962751] kthread+0x337/0x6f0 [ 11.962979] ret_from_fork+0x41/0x80 [ 11.963153] ret_from_fork_asm+0x1a/0x30 [ 11.963304] [ 11.963404] Freed by task 0: [ 11.963723] kasan_save_stack+0x45/0x70 [ 11.963916] kasan_save_track+0x18/0x40 [ 11.964053] kasan_save_free_info+0x3f/0x60 [ 11.964268] __kasan_slab_free+0x56/0x70 [ 11.964541] slab_free_after_rcu_debug+0xe4/0x310 [ 11.965107] rcu_core+0x66c/0x1c30 [ 11.965272] rcu_core_si+0x12/0x20 [ 11.965584] handle_softirqs+0x209/0x730 [ 11.965819] __irq_exit_rcu+0xc9/0x110 [ 11.965961] irq_exit_rcu+0x12/0x20 [ 11.966147] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.966621] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.966875] [ 11.966976] Last potentially related work creation: [ 11.967231] kasan_save_stack+0x45/0x70 [ 11.967518] kasan_record_aux_stack+0xb2/0xc0 [ 11.967762] kmem_cache_free+0x131/0x420 [ 11.967934] kmem_cache_rcu_uaf+0x194/0x510 [ 11.968076] kunit_try_run_case+0x1a5/0x480 [ 11.968241] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.968593] kthread+0x337/0x6f0 [ 11.968895] ret_from_fork+0x41/0x80 [ 11.969027] ret_from_fork_asm+0x1a/0x30 [ 11.969166] [ 11.969524] The buggy address belongs to the object at ffff888102dda000 [ 11.969524] which belongs to the cache test_cache of size 200 [ 11.970384] The buggy address is located 0 bytes inside of [ 11.970384] freed 200-byte region [ffff888102dda000, ffff888102dda0c8) [ 11.971165] [ 11.971606] The buggy address belongs to the physical page: [ 11.972116] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dda [ 11.972570] flags: 0x200000000000000(node=0|zone=2) [ 11.973023] page_type: f5(slab) [ 11.973205] raw: 0200000000000000 ffff888101ac53c0 dead000000000122 0000000000000000 [ 11.974072] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.974620] page dumped because: kasan: bad access detected [ 11.974998] [ 11.975077] Memory state around the buggy address: [ 11.975490] ffff888102dd9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.975919] ffff888102dd9f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.976413] >ffff888102dda000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.976897] ^ [ 11.977155] ffff888102dda080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.977751] ffff888102dda100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.978162] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kmem_cache_invalid_free
[ 11.888587] ================================================================== [ 11.889065] BUG: KASAN: invalid-free in kmem_cache_invalid_free+0x1d8/0x460 [ 11.889632] Free of addr ffff88810314b001 by task kunit_try_catch/230 [ 11.889841] [ 11.890414] CPU: 0 UID: 0 PID: 230 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.890469] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.890482] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.890505] Call Trace: [ 11.890518] <TASK> [ 11.890538] dump_stack_lvl+0x73/0xb0 [ 11.890569] print_report+0xd1/0x650 [ 11.890593] ? __virt_addr_valid+0x1db/0x2d0 [ 11.890617] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.890639] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.890662] kasan_report_invalid_free+0x10a/0x130 [ 11.890687] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.890710] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.890730] check_slab_allocation+0x11f/0x130 [ 11.890752] __kasan_slab_pre_free+0x28/0x40 [ 11.890773] kmem_cache_free+0xed/0x420 [ 11.890795] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.890815] ? kmem_cache_invalid_free+0x1d8/0x460 [ 11.890839] kmem_cache_invalid_free+0x1d8/0x460 [ 11.890859] ? __pfx_kmem_cache_invalid_free+0x10/0x10 [ 11.890880] ? finish_task_switch.isra.0+0x153/0x700 [ 11.890904] ? __switch_to+0x5d9/0xf60 [ 11.890926] ? dequeue_task_fair+0x166/0x4e0 [ 11.890952] ? __pfx_read_tsc+0x10/0x10 [ 11.890972] ? ktime_get_ts64+0x86/0x230 [ 11.890997] kunit_try_run_case+0x1a5/0x480 [ 11.891023] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.891045] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.891070] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.891093] ? __kthread_parkme+0x82/0x180 [ 11.891115] ? preempt_count_sub+0x50/0x80 [ 11.891139] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.891162] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.891184] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.891206] kthread+0x337/0x6f0 [ 11.891222] ? trace_preempt_on+0x20/0xc0 [ 11.891259] ? __pfx_kthread+0x10/0x10 [ 11.891378] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.891407] ? calculate_sigpending+0x7b/0xa0 [ 11.891430] ? __pfx_kthread+0x10/0x10 [ 11.891449] ret_from_fork+0x41/0x80 [ 11.891470] ? __pfx_kthread+0x10/0x10 [ 11.891488] ret_from_fork_asm+0x1a/0x30 [ 11.891519] </TASK> [ 11.891530] [ 11.903842] Allocated by task 230: [ 11.904319] kasan_save_stack+0x45/0x70 [ 11.904535] kasan_save_track+0x18/0x40 [ 11.904908] kasan_save_alloc_info+0x3b/0x50 [ 11.905111] __kasan_slab_alloc+0x91/0xa0 [ 11.905457] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.905891] kmem_cache_invalid_free+0x157/0x460 [ 11.906212] kunit_try_run_case+0x1a5/0x480 [ 11.906662] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.907027] kthread+0x337/0x6f0 [ 11.907203] ret_from_fork+0x41/0x80 [ 11.907402] ret_from_fork_asm+0x1a/0x30 [ 11.907862] [ 11.907958] The buggy address belongs to the object at ffff88810314b000 [ 11.907958] which belongs to the cache test_cache of size 200 [ 11.908852] The buggy address is located 1 bytes inside of [ 11.908852] 200-byte region [ffff88810314b000, ffff88810314b0c8) [ 11.909525] [ 11.909838] The buggy address belongs to the physical page: [ 11.910079] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314b [ 11.910636] flags: 0x200000000000000(node=0|zone=2) [ 11.910936] page_type: f5(slab) [ 11.911225] raw: 0200000000000000 ffff88810111e280 dead000000000122 0000000000000000 [ 11.911880] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.912322] page dumped because: kasan: bad access detected [ 11.912732] [ 11.912909] Memory state around the buggy address: [ 11.913140] ffff88810314af00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.913717] ffff88810314af80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.914164] >ffff88810314b000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.914637] ^ [ 11.914883] ffff88810314b080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.915350] ffff88810314b100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.915927] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-double-free-in-kmem_cache_double_free
[ 11.843221] ================================================================== [ 11.844019] BUG: KASAN: double-free in kmem_cache_double_free+0x1e5/0x480 [ 11.844260] Free of addr ffff88810314a000 by task kunit_try_catch/228 [ 11.845070] [ 11.845538] CPU: 0 UID: 0 PID: 228 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.845592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.845604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.845627] Call Trace: [ 11.845640] <TASK> [ 11.845771] dump_stack_lvl+0x73/0xb0 [ 11.845809] print_report+0xd1/0x650 [ 11.845832] ? __virt_addr_valid+0x1db/0x2d0 [ 11.845854] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.845877] ? kmem_cache_double_free+0x1e5/0x480 [ 11.845899] kasan_report_invalid_free+0x10a/0x130 [ 11.845932] ? kmem_cache_double_free+0x1e5/0x480 [ 11.845954] ? kmem_cache_double_free+0x1e5/0x480 [ 11.845975] check_slab_allocation+0x101/0x130 [ 11.845998] __kasan_slab_pre_free+0x28/0x40 [ 11.846019] kmem_cache_free+0xed/0x420 [ 11.846039] ? kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.846060] ? kmem_cache_double_free+0x1e5/0x480 [ 11.846083] kmem_cache_double_free+0x1e5/0x480 [ 11.846104] ? __pfx_kmem_cache_double_free+0x10/0x10 [ 11.846124] ? finish_task_switch.isra.0+0x153/0x700 [ 11.846147] ? __switch_to+0x5d9/0xf60 [ 11.846167] ? dequeue_task_fair+0x166/0x4e0 [ 11.846192] ? trace_hardirqs_on+0x37/0xe0 [ 11.846213] ? __pfx_read_tsc+0x10/0x10 [ 11.846241] ? ktime_get_ts64+0x86/0x230 [ 11.846265] kunit_try_run_case+0x1a5/0x480 [ 11.846289] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.846316] ? __x86_indirect_its_thunk_r15+0x80/0x80 [ 11.846341] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.846364] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.846386] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.846470] kthread+0x337/0x6f0 [ 11.846490] ? trace_preempt_on+0x20/0xc0 [ 11.846512] ? __pfx_kthread+0x10/0x10 [ 11.846529] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.846563] ? calculate_sigpending+0x7b/0xa0 [ 11.846586] ? __pfx_kthread+0x10/0x10 [ 11.846604] ret_from_fork+0x41/0x80 [ 11.846624] ? __pfx_kthread+0x10/0x10 [ 11.846642] ret_from_fork_asm+0x1a/0x30 [ 11.846671] </TASK> [ 11.846682] [ 11.862220] Allocated by task 228: [ 11.862764] kasan_save_stack+0x45/0x70 [ 11.863181] kasan_save_track+0x18/0x40 [ 11.863516] kasan_save_alloc_info+0x3b/0x50 [ 11.863996] __kasan_slab_alloc+0x91/0xa0 [ 11.864362] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.864573] kmem_cache_double_free+0x14f/0x480 [ 11.864878] kunit_try_run_case+0x1a5/0x480 [ 11.865300] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.865940] kthread+0x337/0x6f0 [ 11.866175] ret_from_fork+0x41/0x80 [ 11.866563] ret_from_fork_asm+0x1a/0x30 [ 11.866944] [ 11.867023] Freed by task 228: [ 11.867136] kasan_save_stack+0x45/0x70 [ 11.867288] kasan_save_track+0x18/0x40 [ 11.867423] kasan_save_free_info+0x3f/0x60 [ 11.867565] __kasan_slab_free+0x56/0x70 [ 11.867701] kmem_cache_free+0x249/0x420 [ 11.867836] kmem_cache_double_free+0x16a/0x480 [ 11.867986] kunit_try_run_case+0x1a5/0x480 [ 11.868130] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.868458] kthread+0x337/0x6f0 [ 11.868776] ret_from_fork+0x41/0x80 [ 11.869107] ret_from_fork_asm+0x1a/0x30 [ 11.869647] [ 11.869865] The buggy address belongs to the object at ffff88810314a000 [ 11.869865] which belongs to the cache test_cache of size 200 [ 11.871326] The buggy address is located 0 bytes inside of [ 11.871326] 200-byte region [ffff88810314a000, ffff88810314a0c8) [ 11.872588] [ 11.872816] The buggy address belongs to the physical page: [ 11.873363] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x10314a [ 11.874316] flags: 0x200000000000000(node=0|zone=2) [ 11.875021] page_type: f5(slab) [ 11.875407] raw: 0200000000000000 ffff88810111e140 dead000000000122 0000000000000000 [ 11.875905] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.876135] page dumped because: kasan: bad access detected [ 11.876317] [ 11.876388] Memory state around the buggy address: [ 11.876545] ffff888103149f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.876822] ffff888103149f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.877108] >ffff88810314a000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.877783] ^ [ 11.877921] ffff88810314a080: fb fb fb fb fb fb fb fb fb fc fc fc fc fc fc fc [ 11.878214] ffff88810314a100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.878671] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmem_cache_oob
[ 11.802842] ================================================================== [ 11.803324] BUG: KASAN: slab-out-of-bounds in kmem_cache_oob+0x402/0x530 [ 11.803852] Read of size 1 at addr ffff888102dd70c8 by task kunit_try_catch/226 [ 11.804406] [ 11.804531] CPU: 1 UID: 0 PID: 226 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.804578] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.804590] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.804611] Call Trace: [ 11.804623] <TASK> [ 11.804641] dump_stack_lvl+0x73/0xb0 [ 11.804667] print_report+0xd1/0x650 [ 11.804690] ? __virt_addr_valid+0x1db/0x2d0 [ 11.804713] ? kmem_cache_oob+0x402/0x530 [ 11.804731] ? kasan_complete_mode_report_info+0x2a/0x200 [ 11.804754] ? kmem_cache_oob+0x402/0x530 [ 11.804774] kasan_report+0x141/0x180 [ 11.804797] ? kmem_cache_oob+0x402/0x530 [ 11.804821] __asan_report_load1_noabort+0x18/0x20 [ 11.804842] kmem_cache_oob+0x402/0x530 [ 11.804860] ? trace_hardirqs_on+0x37/0xe0 [ 11.804883] ? __pfx_kmem_cache_oob+0x10/0x10 [ 11.804902] ? finish_task_switch.isra.0+0x153/0x700 [ 11.804926] ? __switch_to+0x5d9/0xf60 [ 11.804969] ? dequeue_task_fair+0x166/0x4e0 [ 11.804996] ? __pfx_read_tsc+0x10/0x10 [ 11.805015] ? ktime_get_ts64+0x86/0x230 [ 11.805041] kunit_try_run_case+0x1a5/0x480 [ 11.805066] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.805088] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.805113] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.805136] ? __kthread_parkme+0x82/0x180 [ 11.805158] ? preempt_count_sub+0x50/0x80 [ 11.805182] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.805205] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.805227] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.805261] kthread+0x337/0x6f0 [ 11.805298] ? trace_preempt_on+0x20/0xc0 [ 11.805320] ? __pfx_kthread+0x10/0x10 [ 11.805338] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.805360] ? calculate_sigpending+0x7b/0xa0 [ 11.805382] ? __pfx_kthread+0x10/0x10 [ 11.805399] ret_from_fork+0x41/0x80 [ 11.805420] ? __pfx_kthread+0x10/0x10 [ 11.805438] ret_from_fork_asm+0x1a/0x30 [ 11.805468] </TASK> [ 11.805479] [ 11.817029] Allocated by task 226: [ 11.817221] kasan_save_stack+0x45/0x70 [ 11.817650] kasan_save_track+0x18/0x40 [ 11.818011] kasan_save_alloc_info+0x3b/0x50 [ 11.818319] __kasan_slab_alloc+0x91/0xa0 [ 11.818613] kmem_cache_alloc_noprof+0x123/0x3f0 [ 11.818828] kmem_cache_oob+0x157/0x530 [ 11.819151] kunit_try_run_case+0x1a5/0x480 [ 11.819442] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.819860] kthread+0x337/0x6f0 [ 11.820017] ret_from_fork+0x41/0x80 [ 11.820299] ret_from_fork_asm+0x1a/0x30 [ 11.820529] [ 11.820689] The buggy address belongs to the object at ffff888102dd7000 [ 11.820689] which belongs to the cache test_cache of size 200 [ 11.821189] The buggy address is located 0 bytes to the right of [ 11.821189] allocated 200-byte region [ffff888102dd7000, ffff888102dd70c8) [ 11.822076] [ 11.822159] The buggy address belongs to the physical page: [ 11.822457] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dd7 [ 11.823017] flags: 0x200000000000000(node=0|zone=2) [ 11.823489] page_type: f5(slab) [ 11.823685] raw: 0200000000000000 ffff888101ac5280 dead000000000122 0000000000000000 [ 11.823978] raw: 0000000000000000 00000000800f000f 00000000f5000000 0000000000000000 [ 11.824507] page dumped because: kasan: bad access detected [ 11.824793] [ 11.824886] Memory state around the buggy address: [ 11.825067] ffff888102dd6f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.825720] ffff888102dd7000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 11.826165] >ffff888102dd7080: 00 00 00 00 00 00 00 00 00 fc fc fc fc fc fc fc [ 11.826498] ^ [ 11.826904] ffff888102dd7100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827347] ffff888102dd7180: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.827764] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-workqueue_uaf
[ 11.763898] ================================================================== [ 11.764454] BUG: KASAN: slab-use-after-free in workqueue_uaf+0x4d6/0x560 [ 11.764944] Read of size 8 at addr ffff888102dd0540 by task kunit_try_catch/219 [ 11.765376] [ 11.765567] CPU: 1 UID: 0 PID: 219 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.765613] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.765625] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.765646] Call Trace: [ 11.765659] <TASK> [ 11.765674] dump_stack_lvl+0x73/0xb0 [ 11.765699] print_report+0xd1/0x650 [ 11.765721] ? __virt_addr_valid+0x1db/0x2d0 [ 11.765742] ? workqueue_uaf+0x4d6/0x560 [ 11.765762] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.765785] ? workqueue_uaf+0x4d6/0x560 [ 11.765806] kasan_report+0x141/0x180 [ 11.765829] ? workqueue_uaf+0x4d6/0x560 [ 11.765855] __asan_report_load8_noabort+0x18/0x20 [ 11.765875] workqueue_uaf+0x4d6/0x560 [ 11.765897] ? __pfx_workqueue_uaf+0x10/0x10 [ 11.765920] ? __schedule+0x10cc/0x2b60 [ 11.765942] ? __pfx_read_tsc+0x10/0x10 [ 11.765961] ? ktime_get_ts64+0x86/0x230 [ 11.765985] kunit_try_run_case+0x1a5/0x480 [ 11.766008] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.766029] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.766052] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.766075] ? __kthread_parkme+0x82/0x180 [ 11.766096] ? preempt_count_sub+0x50/0x80 [ 11.766120] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.766143] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.766165] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.766188] kthread+0x337/0x6f0 [ 11.766204] ? trace_preempt_on+0x20/0xc0 [ 11.766227] ? __pfx_kthread+0x10/0x10 [ 11.766257] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.766302] ? calculate_sigpending+0x7b/0xa0 [ 11.766324] ? __pfx_kthread+0x10/0x10 [ 11.766342] ret_from_fork+0x41/0x80 [ 11.766362] ? __pfx_kthread+0x10/0x10 [ 11.766380] ret_from_fork_asm+0x1a/0x30 [ 11.766410] </TASK> [ 11.766420] [ 11.776087] Allocated by task 219: [ 11.776381] kasan_save_stack+0x45/0x70 [ 11.776604] kasan_save_track+0x18/0x40 [ 11.777067] kasan_save_alloc_info+0x3b/0x50 [ 11.777331] __kasan_kmalloc+0xb7/0xc0 [ 11.777630] __kmalloc_cache_noprof+0x189/0x420 [ 11.778007] workqueue_uaf+0x152/0x560 [ 11.778168] kunit_try_run_case+0x1a5/0x480 [ 11.778530] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.778910] kthread+0x337/0x6f0 [ 11.779185] ret_from_fork+0x41/0x80 [ 11.779399] ret_from_fork_asm+0x1a/0x30 [ 11.779564] [ 11.779663] Freed by task 48: [ 11.779809] kasan_save_stack+0x45/0x70 [ 11.779980] kasan_save_track+0x18/0x40 [ 11.780167] kasan_save_free_info+0x3f/0x60 [ 11.780767] __kasan_slab_free+0x56/0x70 [ 11.780965] kfree+0x222/0x3f0 [ 11.781118] workqueue_uaf_work+0x12/0x20 [ 11.781593] process_one_work+0x5ee/0xf60 [ 11.781970] worker_thread+0x758/0x1220 [ 11.782182] kthread+0x337/0x6f0 [ 11.782503] ret_from_fork+0x41/0x80 [ 11.782666] ret_from_fork_asm+0x1a/0x30 [ 11.782866] [ 11.783044] Last potentially related work creation: [ 11.783269] kasan_save_stack+0x45/0x70 [ 11.783755] kasan_record_aux_stack+0xb2/0xc0 [ 11.784105] __queue_work+0x626/0xeb0 [ 11.784290] queue_work_on+0xb6/0xc0 [ 11.784737] workqueue_uaf+0x26d/0x560 [ 11.784921] kunit_try_run_case+0x1a5/0x480 [ 11.785115] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.785501] kthread+0x337/0x6f0 [ 11.785672] ret_from_fork+0x41/0x80 [ 11.785867] ret_from_fork_asm+0x1a/0x30 [ 11.786220] [ 11.786364] The buggy address belongs to the object at ffff888102dd0540 [ 11.786364] which belongs to the cache kmalloc-32 of size 32 [ 11.787215] The buggy address is located 0 bytes inside of [ 11.787215] freed 32-byte region [ffff888102dd0540, ffff888102dd0560) [ 11.788052] [ 11.788263] The buggy address belongs to the physical page: [ 11.788548] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dd0 [ 11.789049] flags: 0x200000000000000(node=0|zone=2) [ 11.789373] page_type: f5(slab) [ 11.789596] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.790171] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.790675] page dumped because: kasan: bad access detected [ 11.790918] [ 11.791017] Memory state around the buggy address: [ 11.791255] ffff888102dd0400: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 11.791628] ffff888102dd0480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.792285] >ffff888102dd0500: 00 00 00 fc fc fc fc fc fa fb fb fb fc fc fc fc [ 11.792783] ^ [ 11.793137] ffff888102dd0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.793549] ffff888102dd0600: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.794046] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-rcu_uaf_reclaim
[ 11.725501] ================================================================== [ 11.725981] BUG: KASAN: slab-use-after-free in rcu_uaf_reclaim+0x50/0x60 [ 11.726347] Read of size 4 at addr ffff888102dd04c0 by task swapper/1/0 [ 11.726636] [ 11.726816] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.726860] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.726871] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.726891] Call Trace: [ 11.726917] <IRQ> [ 11.726933] dump_stack_lvl+0x73/0xb0 [ 11.726961] print_report+0xd1/0x650 [ 11.726984] ? __virt_addr_valid+0x1db/0x2d0 [ 11.727006] ? rcu_uaf_reclaim+0x50/0x60 [ 11.727027] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.727049] ? rcu_uaf_reclaim+0x50/0x60 [ 11.727071] kasan_report+0x141/0x180 [ 11.727093] ? rcu_uaf_reclaim+0x50/0x60 [ 11.727119] __asan_report_load4_noabort+0x18/0x20 [ 11.727140] rcu_uaf_reclaim+0x50/0x60 [ 11.727161] rcu_core+0x66c/0x1c30 [ 11.727185] ? enqueue_hrtimer+0xfe/0x210 [ 11.727209] ? __pfx_rcu_core+0x10/0x10 [ 11.727231] ? ktime_get+0x6b/0x150 [ 11.727265] ? handle_softirqs+0x18e/0x730 [ 11.727291] rcu_core_si+0x12/0x20 [ 11.727308] handle_softirqs+0x209/0x730 [ 11.727329] ? hrtimer_interrupt+0x2fe/0x780 [ 11.727352] ? __pfx_handle_softirqs+0x10/0x10 [ 11.727378] __irq_exit_rcu+0xc9/0x110 [ 11.727400] irq_exit_rcu+0x12/0x20 [ 11.727417] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.727442] </IRQ> [ 11.727467] <TASK> [ 11.727477] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.727564] RIP: 0010:pv_native_safe_halt+0xf/0x20 [ 11.727828] Code: 1f 84 00 00 00 00 00 0f 1f 40 00 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa eb 07 0f 00 2d 43 ae 27 00 fb f4 <e9> fc 1f 02 00 66 2e 0f 1f 84 00 00 00 00 00 66 90 90 90 90 90 90 [ 11.727913] RSP: 0000:ffff88810086fdc8 EFLAGS: 00010212 [ 11.728007] RAX: ffff8881c3b92000 RBX: ffff8881008353c0 RCX: ffffffff9500ef55 [ 11.728053] RDX: ffffed102b626103 RSI: 0000000000000004 RDI: 000000000001a79c [ 11.728096] RBP: ffff88810086fdd0 R08: 0000000000000001 R09: ffffed102b626102 [ 11.728147] R10: ffff88815b130813 R11: ffffffff975a3300 R12: 0000000000000001 [ 11.728192] R13: ffffed1020106a78 R14: ffffffff96d9c210 R15: 0000000000000000 [ 11.728262] ? ct_kernel_exit.constprop.0+0xa5/0xd0 [ 11.728363] ? default_idle+0xd/0x20 [ 11.728384] arch_cpu_idle+0xd/0x20 [ 11.728403] default_idle_call+0x48/0x80 [ 11.728422] do_idle+0x379/0x4f0 [ 11.728443] ? complete+0x15b/0x1d0 [ 11.728463] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.728489] ? __pfx_do_idle+0x10/0x10 [ 11.728507] ? _raw_spin_unlock_irqrestore+0x49/0x90 [ 11.728532] ? complete+0x15b/0x1d0 [ 11.728555] cpu_startup_entry+0x5c/0x70 [ 11.728578] start_secondary+0x211/0x290 [ 11.728601] ? __pfx_start_secondary+0x10/0x10 [ 11.728626] common_startup_64+0x13e/0x148 [ 11.728672] </TASK> [ 11.728684] [ 11.741546] Allocated by task 217: [ 11.741808] kasan_save_stack+0x45/0x70 [ 11.742006] kasan_save_track+0x18/0x40 [ 11.742190] kasan_save_alloc_info+0x3b/0x50 [ 11.742452] __kasan_kmalloc+0xb7/0xc0 [ 11.742619] __kmalloc_cache_noprof+0x189/0x420 [ 11.742899] rcu_uaf+0xb0/0x330 [ 11.743073] kunit_try_run_case+0x1a5/0x480 [ 11.743223] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.743491] kthread+0x337/0x6f0 [ 11.743655] ret_from_fork+0x41/0x80 [ 11.743881] ret_from_fork_asm+0x1a/0x30 [ 11.744024] [ 11.744094] Freed by task 0: [ 11.744201] kasan_save_stack+0x45/0x70 [ 11.744363] kasan_save_track+0x18/0x40 [ 11.744560] kasan_save_free_info+0x3f/0x60 [ 11.744823] __kasan_slab_free+0x56/0x70 [ 11.745025] kfree+0x222/0x3f0 [ 11.745190] rcu_uaf_reclaim+0x1f/0x60 [ 11.745614] rcu_core+0x66c/0x1c30 [ 11.745910] rcu_core_si+0x12/0x20 [ 11.746884] handle_softirqs+0x209/0x730 [ 11.747186] __irq_exit_rcu+0xc9/0x110 [ 11.747522] irq_exit_rcu+0x12/0x20 [ 11.747872] sysvec_apic_timer_interrupt+0x81/0x90 [ 11.748116] asm_sysvec_apic_timer_interrupt+0x1f/0x30 [ 11.748520] [ 11.748644] Last potentially related work creation: [ 11.749062] kasan_save_stack+0x45/0x70 [ 11.749357] kasan_record_aux_stack+0xb2/0xc0 [ 11.749584] __call_rcu_common.constprop.0+0x72/0x9c0 [ 11.750111] call_rcu+0x12/0x20 [ 11.750258] rcu_uaf+0x168/0x330 [ 11.750626] kunit_try_run_case+0x1a5/0x480 [ 11.750961] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.751209] kthread+0x337/0x6f0 [ 11.751575] ret_from_fork+0x41/0x80 [ 11.751791] ret_from_fork_asm+0x1a/0x30 [ 11.752125] [ 11.752257] The buggy address belongs to the object at ffff888102dd04c0 [ 11.752257] which belongs to the cache kmalloc-32 of size 32 [ 11.753085] The buggy address is located 0 bytes inside of [ 11.753085] freed 32-byte region [ffff888102dd04c0, ffff888102dd04e0) [ 11.753779] [ 11.753927] The buggy address belongs to the physical page: [ 11.754187] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dd0 [ 11.754952] flags: 0x200000000000000(node=0|zone=2) [ 11.755186] page_type: f5(slab) [ 11.755406] raw: 0200000000000000 ffff888100041780 dead000000000122 0000000000000000 [ 11.755749] raw: 0000000000000000 0000000080400040 00000000f5000000 0000000000000000 [ 11.756064] page dumped because: kasan: bad access detected [ 11.756347] [ 11.756568] Memory state around the buggy address: [ 11.756787] ffff888102dd0380: fa fb fb fb fc fc fc fc 00 00 00 fc fc fc fc fc [ 11.757148] ffff888102dd0400: 00 00 05 fc fc fc fc fc 00 00 07 fc fc fc fc fc [ 11.757654] >ffff888102dd0480: fa fb fb fb fc fc fc fc fa fb fb fb fc fc fc fc [ 11.758188] ^ [ 11.758653] ffff888102dd0500: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.758936] ffff888102dd0580: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.759247] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-use-after-free-in-ksize_uaf
[ 11.664479] ================================================================== [ 11.664824] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5fe/0x6c0 [ 11.665216] Read of size 1 at addr ffff888102dc0a00 by task kunit_try_catch/215 [ 11.665498] [ 11.665591] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.665633] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.665645] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.665665] Call Trace: [ 11.665676] <TASK> [ 11.665688] dump_stack_lvl+0x73/0xb0 [ 11.665712] print_report+0xd1/0x650 [ 11.665733] ? __virt_addr_valid+0x1db/0x2d0 [ 11.665754] ? ksize_uaf+0x5fe/0x6c0 [ 11.665774] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.665797] ? ksize_uaf+0x5fe/0x6c0 [ 11.665818] kasan_report+0x141/0x180 [ 11.665841] ? ksize_uaf+0x5fe/0x6c0 [ 11.665867] __asan_report_load1_noabort+0x18/0x20 [ 11.665888] ksize_uaf+0x5fe/0x6c0 [ 11.665908] ? __pfx_ksize_uaf+0x10/0x10 [ 11.665931] ? __schedule+0x10cc/0x2b60 [ 11.665953] ? __pfx_read_tsc+0x10/0x10 [ 11.665972] ? ktime_get_ts64+0x86/0x230 [ 11.665996] kunit_try_run_case+0x1a5/0x480 [ 11.666019] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.666040] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.666063] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.666086] ? __kthread_parkme+0x82/0x180 [ 11.666107] ? preempt_count_sub+0x50/0x80 [ 11.666131] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.666154] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.666176] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.666261] kthread+0x337/0x6f0 [ 11.666314] ? trace_preempt_on+0x20/0xc0 [ 11.666338] ? __pfx_kthread+0x10/0x10 [ 11.666356] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.666378] ? calculate_sigpending+0x7b/0xa0 [ 11.666399] ? __pfx_kthread+0x10/0x10 [ 11.666417] ret_from_fork+0x41/0x80 [ 11.666437] ? __pfx_kthread+0x10/0x10 [ 11.666455] ret_from_fork_asm+0x1a/0x30 [ 11.666484] </TASK> [ 11.666494] [ 11.673995] Allocated by task 215: [ 11.674220] kasan_save_stack+0x45/0x70 [ 11.674561] kasan_save_track+0x18/0x40 [ 11.674756] kasan_save_alloc_info+0x3b/0x50 [ 11.674963] __kasan_kmalloc+0xb7/0xc0 [ 11.675148] __kmalloc_cache_noprof+0x189/0x420 [ 11.676327] ksize_uaf+0xaa/0x6c0 [ 11.676545] kunit_try_run_case+0x1a5/0x480 [ 11.677015] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.677207] kthread+0x337/0x6f0 [ 11.677800] ret_from_fork+0x41/0x80 [ 11.678076] ret_from_fork_asm+0x1a/0x30 [ 11.678741] [ 11.678846] Freed by task 215: [ 11.679003] kasan_save_stack+0x45/0x70 [ 11.679188] kasan_save_track+0x18/0x40 [ 11.679677] kasan_save_free_info+0x3f/0x60 [ 11.680059] __kasan_slab_free+0x56/0x70 [ 11.680473] kfree+0x222/0x3f0 [ 11.680636] ksize_uaf+0x12c/0x6c0 [ 11.681089] kunit_try_run_case+0x1a5/0x480 [ 11.681345] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.681613] kthread+0x337/0x6f0 [ 11.682164] ret_from_fork+0x41/0x80 [ 11.682522] ret_from_fork_asm+0x1a/0x30 [ 11.682897] [ 11.682993] The buggy address belongs to the object at ffff888102dc0a00 [ 11.682993] which belongs to the cache kmalloc-128 of size 128 [ 11.684075] The buggy address is located 0 bytes inside of [ 11.684075] freed 128-byte region [ffff888102dc0a00, ffff888102dc0a80) [ 11.685006] [ 11.685344] The buggy address belongs to the physical page: [ 11.685596] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.686642] flags: 0x200000000000000(node=0|zone=2) [ 11.687074] page_type: f5(slab) [ 11.687606] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.688092] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.688603] page dumped because: kasan: bad access detected [ 11.689026] [ 11.689270] Memory state around the buggy address: [ 11.689563] ffff888102dc0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.690084] ffff888102dc0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.690705] >ffff888102dc0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.691020] ^ [ 11.691176] ffff888102dc0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.691834] ffff888102dc0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.692301] ================================================================== [ 11.642980] ================================================================== [ 11.643849] BUG: KASAN: slab-use-after-free in ksize_uaf+0x19d/0x6c0 [ 11.644168] Read of size 1 at addr ffff888102dc0a00 by task kunit_try_catch/215 [ 11.644480] [ 11.644595] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.644884] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.644900] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.644922] Call Trace: [ 11.644935] <TASK> [ 11.644951] dump_stack_lvl+0x73/0xb0 [ 11.644981] print_report+0xd1/0x650 [ 11.645003] ? __virt_addr_valid+0x1db/0x2d0 [ 11.645026] ? ksize_uaf+0x19d/0x6c0 [ 11.645047] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.645069] ? ksize_uaf+0x19d/0x6c0 [ 11.645091] kasan_report+0x141/0x180 [ 11.645113] ? ksize_uaf+0x19d/0x6c0 [ 11.645137] ? ksize_uaf+0x19d/0x6c0 [ 11.645158] __kasan_check_byte+0x3d/0x50 [ 11.645180] ksize+0x20/0x60 [ 11.645202] ksize_uaf+0x19d/0x6c0 [ 11.645223] ? __pfx_ksize_uaf+0x10/0x10 [ 11.645259] ? __schedule+0x10cc/0x2b60 [ 11.645346] ? __pfx_read_tsc+0x10/0x10 [ 11.645371] ? ktime_get_ts64+0x86/0x230 [ 11.645396] kunit_try_run_case+0x1a5/0x480 [ 11.645422] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.645443] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.645467] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.645490] ? __kthread_parkme+0x82/0x180 [ 11.645512] ? preempt_count_sub+0x50/0x80 [ 11.645537] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.645569] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.645591] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.645614] kthread+0x337/0x6f0 [ 11.645631] ? trace_preempt_on+0x20/0xc0 [ 11.645665] ? __pfx_kthread+0x10/0x10 [ 11.645682] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.645704] ? calculate_sigpending+0x7b/0xa0 [ 11.645726] ? __pfx_kthread+0x10/0x10 [ 11.645744] ret_from_fork+0x41/0x80 [ 11.645764] ? __pfx_kthread+0x10/0x10 [ 11.645781] ret_from_fork_asm+0x1a/0x30 [ 11.645812] </TASK> [ 11.645823] [ 11.652863] Allocated by task 215: [ 11.653039] kasan_save_stack+0x45/0x70 [ 11.653288] kasan_save_track+0x18/0x40 [ 11.653487] kasan_save_alloc_info+0x3b/0x50 [ 11.653770] __kasan_kmalloc+0xb7/0xc0 [ 11.653914] __kmalloc_cache_noprof+0x189/0x420 [ 11.654067] ksize_uaf+0xaa/0x6c0 [ 11.654189] kunit_try_run_case+0x1a5/0x480 [ 11.654506] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.654762] kthread+0x337/0x6f0 [ 11.655066] ret_from_fork+0x41/0x80 [ 11.655368] ret_from_fork_asm+0x1a/0x30 [ 11.655575] [ 11.655669] Freed by task 215: [ 11.655795] kasan_save_stack+0x45/0x70 [ 11.655930] kasan_save_track+0x18/0x40 [ 11.656099] kasan_save_free_info+0x3f/0x60 [ 11.656368] __kasan_slab_free+0x56/0x70 [ 11.656563] kfree+0x222/0x3f0 [ 11.656922] ksize_uaf+0x12c/0x6c0 [ 11.657070] kunit_try_run_case+0x1a5/0x480 [ 11.657269] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.657560] kthread+0x337/0x6f0 [ 11.657731] ret_from_fork+0x41/0x80 [ 11.657895] ret_from_fork_asm+0x1a/0x30 [ 11.658066] [ 11.658152] The buggy address belongs to the object at ffff888102dc0a00 [ 11.658152] which belongs to the cache kmalloc-128 of size 128 [ 11.658650] The buggy address is located 0 bytes inside of [ 11.658650] freed 128-byte region [ffff888102dc0a00, ffff888102dc0a80) [ 11.658996] [ 11.659067] The buggy address belongs to the physical page: [ 11.659282] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.660017] flags: 0x200000000000000(node=0|zone=2) [ 11.660225] page_type: f5(slab) [ 11.660355] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.660584] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.661201] page dumped because: kasan: bad access detected [ 11.661462] [ 11.661560] Memory state around the buggy address: [ 11.661873] ffff888102dc0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.662092] ffff888102dc0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.662520] >ffff888102dc0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.662984] ^ [ 11.663110] ffff888102dc0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.663393] ffff888102dc0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.663900] ================================================================== [ 11.693045] ================================================================== [ 11.693767] BUG: KASAN: slab-use-after-free in ksize_uaf+0x5e4/0x6c0 [ 11.694050] Read of size 1 at addr ffff888102dc0a78 by task kunit_try_catch/215 [ 11.694472] [ 11.694581] CPU: 1 UID: 0 PID: 215 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 11.694625] Tainted: [B]=BAD_PAGE, [N]=TEST [ 11.694637] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 11.694878] Call Trace: [ 11.694897] <TASK> [ 11.694912] dump_stack_lvl+0x73/0xb0 [ 11.694937] print_report+0xd1/0x650 [ 11.694960] ? __virt_addr_valid+0x1db/0x2d0 [ 11.694982] ? ksize_uaf+0x5e4/0x6c0 [ 11.695004] ? kasan_complete_mode_report_info+0x64/0x200 [ 11.695190] ? ksize_uaf+0x5e4/0x6c0 [ 11.695215] kasan_report+0x141/0x180 [ 11.695252] ? ksize_uaf+0x5e4/0x6c0 [ 11.695279] __asan_report_load1_noabort+0x18/0x20 [ 11.695300] ksize_uaf+0x5e4/0x6c0 [ 11.695322] ? __pfx_ksize_uaf+0x10/0x10 [ 11.695345] ? __schedule+0x10cc/0x2b60 [ 11.695368] ? __pfx_read_tsc+0x10/0x10 [ 11.695388] ? ktime_get_ts64+0x86/0x230 [ 11.695413] kunit_try_run_case+0x1a5/0x480 [ 11.695461] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.695483] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 11.695507] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 11.695530] ? __kthread_parkme+0x82/0x180 [ 11.695551] ? preempt_count_sub+0x50/0x80 [ 11.695576] ? __pfx_kunit_try_run_case+0x10/0x10 [ 11.695599] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.695622] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 11.695644] kthread+0x337/0x6f0 [ 11.695661] ? trace_preempt_on+0x20/0xc0 [ 11.695683] ? __pfx_kthread+0x10/0x10 [ 11.695701] ? _raw_spin_unlock_irq+0x47/0x80 [ 11.695723] ? calculate_sigpending+0x7b/0xa0 [ 11.695744] ? __pfx_kthread+0x10/0x10 [ 11.695762] ret_from_fork+0x41/0x80 [ 11.695782] ? __pfx_kthread+0x10/0x10 [ 11.695800] ret_from_fork_asm+0x1a/0x30 [ 11.695830] </TASK> [ 11.695840] [ 11.704931] Allocated by task 215: [ 11.705092] kasan_save_stack+0x45/0x70 [ 11.705329] kasan_save_track+0x18/0x40 [ 11.705523] kasan_save_alloc_info+0x3b/0x50 [ 11.705805] __kasan_kmalloc+0xb7/0xc0 [ 11.705944] __kmalloc_cache_noprof+0x189/0x420 [ 11.706117] ksize_uaf+0xaa/0x6c0 [ 11.706364] kunit_try_run_case+0x1a5/0x480 [ 11.706579] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.706954] kthread+0x337/0x6f0 [ 11.707114] ret_from_fork+0x41/0x80 [ 11.707351] ret_from_fork_asm+0x1a/0x30 [ 11.707512] [ 11.707607] Freed by task 215: [ 11.707799] kasan_save_stack+0x45/0x70 [ 11.707972] kasan_save_track+0x18/0x40 [ 11.708145] kasan_save_free_info+0x3f/0x60 [ 11.708338] __kasan_slab_free+0x56/0x70 [ 11.708641] kfree+0x222/0x3f0 [ 11.708763] ksize_uaf+0x12c/0x6c0 [ 11.708941] kunit_try_run_case+0x1a5/0x480 [ 11.709136] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 11.709378] kthread+0x337/0x6f0 [ 11.709776] ret_from_fork+0x41/0x80 [ 11.710066] ret_from_fork_asm+0x1a/0x30 [ 11.710215] [ 11.710331] The buggy address belongs to the object at ffff888102dc0a00 [ 11.710331] which belongs to the cache kmalloc-128 of size 128 [ 11.710917] The buggy address is located 120 bytes inside of [ 11.710917] freed 128-byte region [ffff888102dc0a00, ffff888102dc0a80) [ 11.711352] [ 11.711495] The buggy address belongs to the physical page: [ 11.711848] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102dc0 [ 11.712100] flags: 0x200000000000000(node=0|zone=2) [ 11.712425] page_type: f5(slab) [ 11.712597] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 11.713007] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 11.713344] page dumped because: kasan: bad access detected [ 11.713625] [ 11.713775] Memory state around the buggy address: [ 11.713971] ffff888102dc0900: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.714228] ffff888102dc0980: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.714757] >ffff888102dc0a00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 11.714979] ^ [ 11.715191] ffff888102dc0a80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.715473] ffff888102dc0b00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 11.715792] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-page_alloc_uaf
[ 10.767099] ================================================================== [ 10.767986] BUG: KASAN: use-after-free in page_alloc_uaf+0x356/0x3d0 [ 10.768293] Read of size 1 at addr ffff888103980000 by task kunit_try_catch/173 [ 10.768687] [ 10.768792] CPU: 0 UID: 0 PID: 173 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.768835] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.768847] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.768869] Call Trace: [ 10.768881] <TASK> [ 10.768896] dump_stack_lvl+0x73/0xb0 [ 10.768921] print_report+0xd1/0x650 [ 10.768957] ? __virt_addr_valid+0x1db/0x2d0 [ 10.768979] ? page_alloc_uaf+0x356/0x3d0 [ 10.768999] ? kasan_addr_to_slab+0x11/0xa0 [ 10.769037] ? page_alloc_uaf+0x356/0x3d0 [ 10.769059] kasan_report+0x141/0x180 [ 10.769083] ? page_alloc_uaf+0x356/0x3d0 [ 10.769118] __asan_report_load1_noabort+0x18/0x20 [ 10.769143] page_alloc_uaf+0x356/0x3d0 [ 10.769163] ? __pfx_page_alloc_uaf+0x10/0x10 [ 10.769195] ? __schedule+0x10cc/0x2b60 [ 10.769219] ? __pfx_read_tsc+0x10/0x10 [ 10.769250] ? ktime_get_ts64+0x86/0x230 [ 10.769340] kunit_try_run_case+0x1a5/0x480 [ 10.769371] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.769395] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.769419] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.769444] ? __kthread_parkme+0x82/0x180 [ 10.769466] ? preempt_count_sub+0x50/0x80 [ 10.769491] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.769515] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.769538] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.769567] kthread+0x337/0x6f0 [ 10.769585] ? trace_preempt_on+0x20/0xc0 [ 10.769608] ? __pfx_kthread+0x10/0x10 [ 10.769626] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.769648] ? calculate_sigpending+0x7b/0xa0 [ 10.769670] ? __pfx_kthread+0x10/0x10 [ 10.769688] ret_from_fork+0x41/0x80 [ 10.769709] ? __pfx_kthread+0x10/0x10 [ 10.769727] ret_from_fork_asm+0x1a/0x30 [ 10.769759] </TASK> [ 10.769770] [ 10.778856] The buggy address belongs to the physical page: [ 10.779290] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103980 [ 10.779913] flags: 0x200000000000000(node=0|zone=2) [ 10.780231] page_type: f0(buddy) [ 10.780469] raw: 0200000000000000 ffff88817fffc4b8 ffff88817fffc4b8 0000000000000000 [ 10.780953] raw: 0000000000000000 0000000000000007 00000000f0000000 0000000000000000 [ 10.781393] page dumped because: kasan: bad access detected [ 10.781665] [ 10.781763] Memory state around the buggy address: [ 10.781963] ffff88810397ff00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.782634] ffff88810397ff80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.782919] >ffff888103980000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.783321] ^ [ 10.783691] ffff888103980080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.784297] ffff888103980100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.784990] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-invalid-free-in-kfree
[ 10.738067] ================================================================== [ 10.738614] BUG: KASAN: invalid-free in kfree+0x274/0x3f0 [ 10.738885] Free of addr ffff888102a24001 by task kunit_try_catch/169 [ 10.739148] [ 10.739258] CPU: 1 UID: 0 PID: 169 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.739303] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.739314] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.739335] Call Trace: [ 10.739346] <TASK> [ 10.739361] dump_stack_lvl+0x73/0xb0 [ 10.739387] print_report+0xd1/0x650 [ 10.739410] ? __virt_addr_valid+0x1db/0x2d0 [ 10.739433] ? kasan_addr_to_slab+0x11/0xa0 [ 10.739453] ? kfree+0x274/0x3f0 [ 10.739472] kasan_report_invalid_free+0x10a/0x130 [ 10.739496] ? kfree+0x274/0x3f0 [ 10.739517] ? kfree+0x274/0x3f0 [ 10.739534] __kasan_kfree_large+0x86/0xd0 [ 10.739556] free_large_kmalloc+0x4b/0x110 [ 10.739576] kfree+0x274/0x3f0 [ 10.739598] kmalloc_large_invalid_free+0x120/0x2b0 [ 10.739621] ? __pfx_kmalloc_large_invalid_free+0x10/0x10 [ 10.739645] ? __schedule+0x10cc/0x2b60 [ 10.739668] ? __pfx_read_tsc+0x10/0x10 [ 10.739687] ? ktime_get_ts64+0x86/0x230 [ 10.739712] kunit_try_run_case+0x1a5/0x480 [ 10.739737] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.739760] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.739793] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.739817] ? __kthread_parkme+0x82/0x180 [ 10.739838] ? preempt_count_sub+0x50/0x80 [ 10.739863] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.739886] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.739909] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.739931] kthread+0x337/0x6f0 [ 10.739948] ? trace_preempt_on+0x20/0xc0 [ 10.739971] ? __pfx_kthread+0x10/0x10 [ 10.739989] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.740010] ? calculate_sigpending+0x7b/0xa0 [ 10.740032] ? __pfx_kthread+0x10/0x10 [ 10.740050] ret_from_fork+0x41/0x80 [ 10.740071] ? __pfx_kthread+0x10/0x10 [ 10.740088] ret_from_fork_asm+0x1a/0x30 [ 10.740119] </TASK> [ 10.740129] [ 10.749970] The buggy address belongs to the physical page: [ 10.750220] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a24 [ 10.750945] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.751232] flags: 0x200000000000040(head|node=0|zone=2) [ 10.751567] page_type: f8(unknown) [ 10.751775] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.752132] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.752613] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.753056] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.753631] head: 0200000000000002 ffffea00040a8901 00000000ffffffff 00000000ffffffff [ 10.754058] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.754489] page dumped because: kasan: bad access detected [ 10.754752] [ 10.754901] Memory state around the buggy address: [ 10.755108] ffff888102a23f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.755613] ffff888102a23f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.755946] >ffff888102a24000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.756519] ^ [ 10.756692] ffff888102a24080: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.757080] ffff888102a24100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.757510] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-use-after-free-in-kmalloc_large_uaf
[ 10.720035] ================================================================== [ 10.720530] BUG: KASAN: use-after-free in kmalloc_large_uaf+0x2f1/0x340 [ 10.720816] Read of size 1 at addr ffff8881031a4000 by task kunit_try_catch/167 [ 10.721118] [ 10.721229] CPU: 0 UID: 0 PID: 167 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.721282] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.721294] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.721314] Call Trace: [ 10.721326] <TASK> [ 10.721341] dump_stack_lvl+0x73/0xb0 [ 10.721365] print_report+0xd1/0x650 [ 10.721388] ? __virt_addr_valid+0x1db/0x2d0 [ 10.721410] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.721430] ? kasan_addr_to_slab+0x11/0xa0 [ 10.721451] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.721472] kasan_report+0x141/0x180 [ 10.721495] ? kmalloc_large_uaf+0x2f1/0x340 [ 10.721520] __asan_report_load1_noabort+0x18/0x20 [ 10.721541] kmalloc_large_uaf+0x2f1/0x340 [ 10.721568] ? __pfx_kmalloc_large_uaf+0x10/0x10 [ 10.721590] ? __schedule+0x10cc/0x2b60 [ 10.721612] ? __pfx_read_tsc+0x10/0x10 [ 10.721632] ? ktime_get_ts64+0x86/0x230 [ 10.721656] kunit_try_run_case+0x1a5/0x480 [ 10.721680] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721702] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.721725] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.721748] ? __kthread_parkme+0x82/0x180 [ 10.721770] ? preempt_count_sub+0x50/0x80 [ 10.721794] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.721817] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.721840] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.721862] kthread+0x337/0x6f0 [ 10.721880] ? trace_preempt_on+0x20/0xc0 [ 10.721903] ? __pfx_kthread+0x10/0x10 [ 10.721922] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.721945] ? calculate_sigpending+0x7b/0xa0 [ 10.721969] ? __pfx_kthread+0x10/0x10 [ 10.721987] ret_from_fork+0x41/0x80 [ 10.722008] ? __pfx_kthread+0x10/0x10 [ 10.722027] ret_from_fork_asm+0x1a/0x30 [ 10.722057] </TASK> [ 10.722068] [ 10.729479] The buggy address belongs to the physical page: [ 10.729754] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031a4 [ 10.730070] flags: 0x200000000000000(node=0|zone=2) [ 10.730393] raw: 0200000000000000 ffffea00040e4408 ffff88815b039a80 0000000000000000 [ 10.730629] raw: 0000000000000000 0000000000000000 00000000ffffffff 0000000000000000 [ 10.730982] page dumped because: kasan: bad access detected [ 10.731248] [ 10.731409] Memory state around the buggy address: [ 10.731636] ffff8881031a3f00: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.731987] ffff8881031a3f80: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.732249] >ffff8881031a4000: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.732604] ^ [ 10.732743] ffff8881031a4080: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.733069] ffff8881031a4100: ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff ff [ 10.733457] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_large_oob_right
[ 10.699933] ================================================================== [ 10.700476] BUG: KASAN: slab-out-of-bounds in kmalloc_large_oob_right+0x2e9/0x330 [ 10.701004] Write of size 1 at addr ffff8881031a600a by task kunit_try_catch/165 [ 10.701308] [ 10.701463] CPU: 0 UID: 0 PID: 165 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.701509] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.701521] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.701542] Call Trace: [ 10.701563] <TASK> [ 10.701581] dump_stack_lvl+0x73/0xb0 [ 10.701609] print_report+0xd1/0x650 [ 10.701632] ? __virt_addr_valid+0x1db/0x2d0 [ 10.701655] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.701677] ? kasan_addr_to_slab+0x11/0xa0 [ 10.701699] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.701722] kasan_report+0x141/0x180 [ 10.701745] ? kmalloc_large_oob_right+0x2e9/0x330 [ 10.701773] __asan_report_store1_noabort+0x1b/0x30 [ 10.701795] kmalloc_large_oob_right+0x2e9/0x330 [ 10.701818] ? __pfx_kmalloc_large_oob_right+0x10/0x10 [ 10.701843] ? __schedule+0x207f/0x2b60 [ 10.701867] ? __pfx_read_tsc+0x10/0x10 [ 10.701887] ? ktime_get_ts64+0x86/0x230 [ 10.701914] kunit_try_run_case+0x1a5/0x480 [ 10.701938] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.701961] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.701985] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.702009] ? __kthread_parkme+0x82/0x180 [ 10.702031] ? preempt_count_sub+0x50/0x80 [ 10.702057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.702081] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.702105] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.702128] kthread+0x337/0x6f0 [ 10.702145] ? trace_preempt_on+0x20/0xc0 [ 10.702168] ? __pfx_kthread+0x10/0x10 [ 10.702187] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.702208] ? calculate_sigpending+0x7b/0xa0 [ 10.702230] ? __pfx_kthread+0x10/0x10 [ 10.702387] ret_from_fork+0x41/0x80 [ 10.702410] ? __pfx_kthread+0x10/0x10 [ 10.702429] ret_from_fork_asm+0x1a/0x30 [ 10.702460] </TASK> [ 10.702471] [ 10.709947] The buggy address belongs to the physical page: [ 10.710230] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1031a4 [ 10.710607] head: order:2 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.710961] flags: 0x200000000000040(head|node=0|zone=2) [ 10.711217] page_type: f8(unknown) [ 10.711683] raw: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.711989] raw: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.712273] head: 0200000000000040 0000000000000000 dead000000000122 0000000000000000 [ 10.712615] head: 0000000000000000 0000000000000000 00000001f8000000 0000000000000000 [ 10.712988] head: 0200000000000002 ffffea00040c6901 00000000ffffffff 00000000ffffffff [ 10.713250] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000004 [ 10.713549] page dumped because: kasan: bad access detected [ 10.713996] [ 10.714092] Memory state around the buggy address: [ 10.714543] ffff8881031a5f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.714827] ffff8881031a5f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.715093] >ffff8881031a6000: 00 02 fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.715324] ^ [ 10.715502] ffff8881031a6080: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.715814] ffff8881031a6100: fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe fe [ 10.716374] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_big_oob_right
[ 10.664630] ================================================================== [ 10.665334] BUG: KASAN: slab-out-of-bounds in kmalloc_big_oob_right+0x316/0x370 [ 10.665956] Write of size 1 at addr ffff888102a91f00 by task kunit_try_catch/163 [ 10.666442] [ 10.666531] CPU: 0 UID: 0 PID: 163 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.666592] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.666604] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.666625] Call Trace: [ 10.666647] <TASK> [ 10.666662] dump_stack_lvl+0x73/0xb0 [ 10.666686] print_report+0xd1/0x650 [ 10.666708] ? __virt_addr_valid+0x1db/0x2d0 [ 10.666729] ? kmalloc_big_oob_right+0x316/0x370 [ 10.666751] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.666774] ? kmalloc_big_oob_right+0x316/0x370 [ 10.666796] kasan_report+0x141/0x180 [ 10.666893] ? kmalloc_big_oob_right+0x316/0x370 [ 10.666922] __asan_report_store1_noabort+0x1b/0x30 [ 10.666943] kmalloc_big_oob_right+0x316/0x370 [ 10.666966] ? __pfx_kmalloc_big_oob_right+0x10/0x10 [ 10.666999] ? __schedule+0x10cc/0x2b60 [ 10.667021] ? __pfx_read_tsc+0x10/0x10 [ 10.667041] ? ktime_get_ts64+0x86/0x230 [ 10.667076] kunit_try_run_case+0x1a5/0x480 [ 10.667100] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.667121] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.667144] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.667168] ? __kthread_parkme+0x82/0x180 [ 10.667188] ? preempt_count_sub+0x50/0x80 [ 10.667213] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.667244] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.667267] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.667332] kthread+0x337/0x6f0 [ 10.667352] ? trace_preempt_on+0x20/0xc0 [ 10.667376] ? __pfx_kthread+0x10/0x10 [ 10.667395] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.667418] ? calculate_sigpending+0x7b/0xa0 [ 10.667439] ? __pfx_kthread+0x10/0x10 [ 10.667457] ret_from_fork+0x41/0x80 [ 10.667477] ? __pfx_kthread+0x10/0x10 [ 10.667495] ret_from_fork_asm+0x1a/0x30 [ 10.667527] </TASK> [ 10.667537] [ 10.681123] Allocated by task 163: [ 10.681271] kasan_save_stack+0x45/0x70 [ 10.681415] kasan_save_track+0x18/0x40 [ 10.681551] kasan_save_alloc_info+0x3b/0x50 [ 10.681856] __kasan_kmalloc+0xb7/0xc0 [ 10.682383] __kmalloc_cache_noprof+0x189/0x420 [ 10.682846] kmalloc_big_oob_right+0xa9/0x370 [ 10.683262] kunit_try_run_case+0x1a5/0x480 [ 10.683745] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.684248] kthread+0x337/0x6f0 [ 10.684777] ret_from_fork+0x41/0x80 [ 10.685171] ret_from_fork_asm+0x1a/0x30 [ 10.685734] [ 10.685983] The buggy address belongs to the object at ffff888102a90000 [ 10.685983] which belongs to the cache kmalloc-8k of size 8192 [ 10.686790] The buggy address is located 0 bytes to the right of [ 10.686790] allocated 7936-byte region [ffff888102a90000, ffff888102a91f00) [ 10.687784] [ 10.687863] The buggy address belongs to the physical page: [ 10.688040] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x102a90 [ 10.688429] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.688709] flags: 0x200000000000040(head|node=0|zone=2) [ 10.689064] page_type: f5(slab) [ 10.689226] raw: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.689749] raw: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.690135] head: 0200000000000040 ffff888100042280 dead000000000122 0000000000000000 [ 10.690530] head: 0000000000000000 0000000080020002 00000000f5000000 0000000000000000 [ 10.690966] head: 0200000000000003 ffffea00040aa401 00000000ffffffff 00000000ffffffff [ 10.691392] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.691796] page dumped because: kasan: bad access detected [ 10.692029] [ 10.692125] Memory state around the buggy address: [ 10.692358] ffff888102a91e00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.692916] ffff888102a91e80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.693270] >ffff888102a91f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.693521] ^ [ 10.693704] ffff888102a91f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.694113] ffff888102a92000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.694551] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_track_caller_oob_right
[ 10.611836] ================================================================== [ 10.612251] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.613524] Write of size 1 at addr ffff888103138c78 by task kunit_try_catch/161 [ 10.614382] [ 10.614477] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.614522] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.614534] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.614553] Call Trace: [ 10.614565] <TASK> [ 10.614580] dump_stack_lvl+0x73/0xb0 [ 10.614606] print_report+0xd1/0x650 [ 10.614627] ? __virt_addr_valid+0x1db/0x2d0 [ 10.614649] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.614670] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.614692] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.614713] kasan_report+0x141/0x180 [ 10.614735] ? kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.614761] __asan_report_store1_noabort+0x1b/0x30 [ 10.614782] kmalloc_track_caller_oob_right+0x4c8/0x520 [ 10.614803] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.614825] ? __schedule+0x10cc/0x2b60 [ 10.614848] ? __pfx_read_tsc+0x10/0x10 [ 10.614868] ? ktime_get_ts64+0x86/0x230 [ 10.614893] kunit_try_run_case+0x1a5/0x480 [ 10.614917] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.614938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.614962] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.614985] ? __kthread_parkme+0x82/0x180 [ 10.615006] ? preempt_count_sub+0x50/0x80 [ 10.615031] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.615054] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.615076] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.615098] kthread+0x337/0x6f0 [ 10.615115] ? trace_preempt_on+0x20/0xc0 [ 10.615137] ? __pfx_kthread+0x10/0x10 [ 10.615155] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.615176] ? calculate_sigpending+0x7b/0xa0 [ 10.615197] ? __pfx_kthread+0x10/0x10 [ 10.615215] ret_from_fork+0x41/0x80 [ 10.615235] ? __pfx_kthread+0x10/0x10 [ 10.615275] ret_from_fork_asm+0x1a/0x30 [ 10.615305] </TASK> [ 10.615315] [ 10.629707] Allocated by task 161: [ 10.630037] kasan_save_stack+0x45/0x70 [ 10.630423] kasan_save_track+0x18/0x40 [ 10.630725] kasan_save_alloc_info+0x3b/0x50 [ 10.631061] __kasan_kmalloc+0xb7/0xc0 [ 10.631191] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.631421] kmalloc_track_caller_oob_right+0x99/0x520 [ 10.631904] kunit_try_run_case+0x1a5/0x480 [ 10.632315] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.632842] kthread+0x337/0x6f0 [ 10.633144] ret_from_fork+0x41/0x80 [ 10.633544] ret_from_fork_asm+0x1a/0x30 [ 10.633918] [ 10.633992] The buggy address belongs to the object at ffff888103138c00 [ 10.633992] which belongs to the cache kmalloc-128 of size 128 [ 10.634350] The buggy address is located 0 bytes to the right of [ 10.634350] allocated 120-byte region [ffff888103138c00, ffff888103138c78) [ 10.634991] [ 10.635159] The buggy address belongs to the physical page: [ 10.635783] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 10.636436] flags: 0x200000000000000(node=0|zone=2) [ 10.636662] page_type: f5(slab) [ 10.636796] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.637103] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.637414] page dumped because: kasan: bad access detected [ 10.637709] [ 10.637794] Memory state around the buggy address: [ 10.637981] ffff888103138b00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.638312] ffff888103138b80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.638537] >ffff888103138c00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.638843] ^ [ 10.639290] ffff888103138c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.639701] ffff888103138d00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.640168] ================================================================== [ 10.641045] ================================================================== [ 10.641551] BUG: KASAN: slab-out-of-bounds in kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.641938] Write of size 1 at addr ffff888103138d78 by task kunit_try_catch/161 [ 10.642347] [ 10.642473] CPU: 0 UID: 0 PID: 161 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.642517] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.642529] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.642549] Call Trace: [ 10.642561] <TASK> [ 10.642576] dump_stack_lvl+0x73/0xb0 [ 10.642601] print_report+0xd1/0x650 [ 10.642624] ? __virt_addr_valid+0x1db/0x2d0 [ 10.642645] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.642668] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.642690] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.642712] kasan_report+0x141/0x180 [ 10.642734] ? kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.642760] __asan_report_store1_noabort+0x1b/0x30 [ 10.642781] kmalloc_track_caller_oob_right+0x4b1/0x520 [ 10.642802] ? __pfx_kmalloc_track_caller_oob_right+0x10/0x10 [ 10.642825] ? __schedule+0x10cc/0x2b60 [ 10.642847] ? __pfx_read_tsc+0x10/0x10 [ 10.642867] ? ktime_get_ts64+0x86/0x230 [ 10.642891] kunit_try_run_case+0x1a5/0x480 [ 10.642916] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.642938] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.642961] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.642998] ? __kthread_parkme+0x82/0x180 [ 10.643020] ? preempt_count_sub+0x50/0x80 [ 10.643045] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.643080] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.643103] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.643125] kthread+0x337/0x6f0 [ 10.643142] ? trace_preempt_on+0x20/0xc0 [ 10.643164] ? __pfx_kthread+0x10/0x10 [ 10.643182] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.643204] ? calculate_sigpending+0x7b/0xa0 [ 10.643226] ? __pfx_kthread+0x10/0x10 [ 10.643254] ret_from_fork+0x41/0x80 [ 10.643274] ? __pfx_kthread+0x10/0x10 [ 10.643301] ret_from_fork_asm+0x1a/0x30 [ 10.643331] </TASK> [ 10.643341] [ 10.651464] Allocated by task 161: [ 10.651633] kasan_save_stack+0x45/0x70 [ 10.651777] kasan_save_track+0x18/0x40 [ 10.651959] kasan_save_alloc_info+0x3b/0x50 [ 10.652178] __kasan_kmalloc+0xb7/0xc0 [ 10.652428] __kmalloc_node_track_caller_noprof+0x1cb/0x500 [ 10.652827] kmalloc_track_caller_oob_right+0x19a/0x520 [ 10.653081] kunit_try_run_case+0x1a5/0x480 [ 10.653256] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.653571] kthread+0x337/0x6f0 [ 10.653821] ret_from_fork+0x41/0x80 [ 10.654006] ret_from_fork_asm+0x1a/0x30 [ 10.654193] [ 10.654331] The buggy address belongs to the object at ffff888103138d00 [ 10.654331] which belongs to the cache kmalloc-128 of size 128 [ 10.654904] The buggy address is located 0 bytes to the right of [ 10.654904] allocated 120-byte region [ffff888103138d00, ffff888103138d78) [ 10.655449] [ 10.655628] The buggy address belongs to the physical page: [ 10.655823] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x103138 [ 10.656066] flags: 0x200000000000000(node=0|zone=2) [ 10.656287] page_type: f5(slab) [ 10.656582] raw: 0200000000000000 ffff888100041a00 dead000000000122 0000000000000000 [ 10.657113] raw: 0000000000000000 0000000080100010 00000000f5000000 0000000000000000 [ 10.657617] page dumped because: kasan: bad access detected [ 10.657906] [ 10.658014] Memory state around the buggy address: [ 10.658194] ffff888103138c00: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 10.658463] ffff888103138c80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.658917] >ffff888103138d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 fc [ 10.659255] ^ [ 10.659578] ffff888103138d80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.659948] ffff888103138e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.660183] ==================================================================
Failure - log-parser-boot/kasan-bug-kasan-slab-out-of-bounds-in-kmalloc_node_oob_right
[ 10.582624] ================================================================== [ 10.583113] BUG: KASAN: slab-out-of-bounds in kmalloc_node_oob_right+0x369/0x3c0 [ 10.583530] Read of size 1 at addr ffff8881038d1000 by task kunit_try_catch/159 [ 10.584016] [ 10.584126] CPU: 0 UID: 0 PID: 159 Comm: kunit_try_catch Tainted: G B N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 10.584174] Tainted: [B]=BAD_PAGE, [N]=TEST [ 10.584186] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 10.584208] Call Trace: [ 10.584222] <TASK> [ 10.584252] dump_stack_lvl+0x73/0xb0 [ 10.584280] print_report+0xd1/0x650 [ 10.584304] ? __virt_addr_valid+0x1db/0x2d0 [ 10.584326] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.584434] ? kasan_complete_mode_report_info+0x2a/0x200 [ 10.584464] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.584485] kasan_report+0x141/0x180 [ 10.584550] ? kmalloc_node_oob_right+0x369/0x3c0 [ 10.584576] __asan_report_load1_noabort+0x18/0x20 [ 10.584596] kmalloc_node_oob_right+0x369/0x3c0 [ 10.584628] ? __pfx_kmalloc_node_oob_right+0x10/0x10 [ 10.584649] ? __schedule+0x10cc/0x2b60 [ 10.584673] ? __pfx_read_tsc+0x10/0x10 [ 10.584694] ? ktime_get_ts64+0x86/0x230 [ 10.584720] kunit_try_run_case+0x1a5/0x480 [ 10.584745] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.584767] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 10.584791] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 10.584814] ? __kthread_parkme+0x82/0x180 [ 10.584836] ? preempt_count_sub+0x50/0x80 [ 10.584862] ? __pfx_kunit_try_run_case+0x10/0x10 [ 10.584885] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.584908] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 10.584931] kthread+0x337/0x6f0 [ 10.584947] ? trace_preempt_on+0x20/0xc0 [ 10.584970] ? __pfx_kthread+0x10/0x10 [ 10.584988] ? _raw_spin_unlock_irq+0x47/0x80 [ 10.585010] ? calculate_sigpending+0x7b/0xa0 [ 10.585031] ? __pfx_kthread+0x10/0x10 [ 10.585049] ret_from_fork+0x41/0x80 [ 10.585070] ? __pfx_kthread+0x10/0x10 [ 10.585087] ret_from_fork_asm+0x1a/0x30 [ 10.585118] </TASK> [ 10.585129] [ 10.593728] Allocated by task 159: [ 10.594093] kasan_save_stack+0x45/0x70 [ 10.594575] kasan_save_track+0x18/0x40 [ 10.594970] kasan_save_alloc_info+0x3b/0x50 [ 10.595133] __kasan_kmalloc+0xb7/0xc0 [ 10.595280] __kmalloc_cache_node_noprof+0x188/0x420 [ 10.595452] kmalloc_node_oob_right+0xab/0x3c0 [ 10.595707] kunit_try_run_case+0x1a5/0x480 [ 10.595923] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 10.596442] kthread+0x337/0x6f0 [ 10.596610] ret_from_fork+0x41/0x80 [ 10.596805] ret_from_fork_asm+0x1a/0x30 [ 10.596949] [ 10.597023] The buggy address belongs to the object at ffff8881038d0000 [ 10.597023] which belongs to the cache kmalloc-4k of size 4096 [ 10.597797] The buggy address is located 0 bytes to the right of [ 10.597797] allocated 4096-byte region [ffff8881038d0000, ffff8881038d1000) [ 10.598480] [ 10.598609] The buggy address belongs to the physical page: [ 10.599147] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x1038d0 [ 10.600059] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 10.600509] flags: 0x200000000000040(head|node=0|zone=2) [ 10.600911] page_type: f5(slab) [ 10.601084] raw: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.601536] raw: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.601953] head: 0200000000000040 ffff888100042140 dead000000000122 0000000000000000 [ 10.602586] head: 0000000000000000 0000000080040004 00000000f5000000 0000000000000000 [ 10.603384] head: 0200000000000003 ffffea00040e3401 00000000ffffffff 00000000ffffffff [ 10.604065] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 10.604479] page dumped because: kasan: bad access detected [ 10.605067] [ 10.605228] Memory state around the buggy address: [ 10.605796] ffff8881038d0f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.606604] ffff8881038d0f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 10.607098] >ffff8881038d1000: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.607539] ^ [ 10.607665] ffff8881038d1080: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.607892] ffff8881038d1100: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 10.608112] ==================================================================
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog10
------------[ cut here ]------------ [ 111.153903] WARNING: CPU: 1 PID: 676 at lib/math/int_log.c:120 intlog10+0x2a/0x40 [ 111.154222] Modules linked in: [ 111.154804] CPU: 1 UID: 0 PID: 676 Comm: kunit_try_catch Tainted: G B D W N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 111.155263] Tainted: [B]=BAD_PAGE, [D]=DIE, [W]=WARN, [N]=TEST [ 111.155819] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.156387] RIP: 0010:intlog10+0x2a/0x40 [ 111.156692] Code: f3 0f 1e fa 0f 1f 44 00 00 85 ff 74 1c 55 48 89 e5 e8 ca fe ff ff 5d 89 c0 48 69 c0 a1 26 88 26 48 c1 e8 1f e9 47 57 81 02 90 <0f> 0b 90 31 c0 e9 3c 57 81 02 66 2e 0f 1f 84 00 00 00 00 00 66 90 [ 111.157692] RSP: 0000:ffff888102f57cb0 EFLAGS: 00010246 [ 111.158077] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110205eafb4 [ 111.158645] RDX: 1ffffffff2a925a0 RSI: 1ffff110205eafb3 RDI: 0000000000000000 [ 111.159040] RBP: ffff888102f57d60 R08: 0000000000000000 R09: ffffed102041f2c0 [ 111.159606] R10: ffff8881020f9607 R11: 0000000000000000 R12: 1ffff110205eaf97 [ 111.159907] R13: ffffffff95492d00 R14: 0000000000000000 R15: ffff888102f57d38 [ 111.160391] FS: 0000000000000000(0000) GS:ffff8881c3b92000(0000) knlGS:0000000000000000 [ 111.160831] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.161099] CR2: ffff88815a90b009 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 111.161566] DR0: ffffffff97631904 DR1: ffffffff97631909 DR2: ffffffff9763190a [ 111.162004] DR3: ffffffff9763190b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.162587] Call Trace: [ 111.162739] <TASK> [ 111.162840] ? intlog10_test+0xf2/0x220 [ 111.163085] ? __pfx_intlog10_test+0x10/0x10 [ 111.163295] ? __schedule+0x10cc/0x2b60 [ 111.163809] ? __pfx_read_tsc+0x10/0x10 [ 111.164107] ? ktime_get_ts64+0x86/0x230 [ 111.164486] kunit_try_run_case+0x1a5/0x480 [ 111.164660] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.165048] ? _raw_spin_lock_irqsave+0xa1/0x100 [ 111.165410] ? _raw_spin_unlock_irqrestore+0x5f/0x90 [ 111.165639] ? __kthread_parkme+0x82/0x180 [ 111.165851] ? preempt_count_sub+0x50/0x80 [ 111.166057] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.166288] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.167003] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.167490] kthread+0x337/0x6f0 [ 111.167770] ? trace_preempt_on+0x20/0xc0 [ 111.168056] ? __pfx_kthread+0x10/0x10 [ 111.168368] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.168801] ? calculate_sigpending+0x7b/0xa0 [ 111.169114] ? __pfx_kthread+0x10/0x10 [ 111.169457] ret_from_fork+0x41/0x80 [ 111.169638] ? __pfx_kthread+0x10/0x10 [ 111.169818] ret_from_fork_asm+0x1a/0x30 [ 111.170032] </TASK> [ 111.170158] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/exception-warning-cpu-pid-at-libmathint_log-intlog2
------------[ cut here ]------------ [ 111.111779] WARNING: CPU: 1 PID: 658 at lib/math/int_log.c:63 intlog2+0xdf/0x110 [ 111.112145] Modules linked in: [ 111.112473] CPU: 1 UID: 0 PID: 658 Comm: kunit_try_catch Tainted: G B D N 6.15.5-rc1 #1 PREEMPT(voluntary) [ 111.113077] Tainted: [B]=BAD_PAGE, [D]=DIE, [N]=TEST [ 111.113284] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2 04/01/2014 [ 111.114038] RIP: 0010:intlog2+0xdf/0x110 [ 111.114414] Code: 49 95 c1 e0 18 48 83 c4 08 89 d1 c1 e2 08 29 cb 01 d0 0f b7 db 41 0f af dc c1 eb 0f 01 d8 5b 41 5c 41 5d 5d c3 cc cc cc cc 90 <0f> 0b 90 31 c0 c3 cc cc cc cc 89 45 e4 e8 8f b9 56 ff 8b 45 e4 eb [ 111.115464] RSP: 0000:ffff888102f17cb0 EFLAGS: 00010246 [ 111.115790] RAX: 0000000000000000 RBX: ffff88810031fae8 RCX: 1ffff110205e2fb4 [ 111.116097] RDX: 1ffffffff2a925f4 RSI: 1ffff110205e2fb3 RDI: 0000000000000000 [ 111.116719] RBP: ffff888102f17d60 R08: 0000000000000000 R09: ffffed10205b18a0 [ 111.117121] R10: ffff888102d8c507 R11: 0000000000000000 R12: 1ffff110205e2f97 [ 111.117676] R13: ffffffff95492fa0 R14: 0000000000000000 R15: ffff888102f17d38 [ 111.117983] FS: 0000000000000000(0000) GS:ffff8881c3b92000(0000) knlGS:0000000000000000 [ 111.118486] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 111.118803] CR2: ffff88815a90b009 CR3: 000000012a8ba000 CR4: 00000000000006f0 [ 111.119216] DR0: ffffffff97631904 DR1: ffffffff97631909 DR2: ffffffff9763190a [ 111.120008] DR3: ffffffff9763190b DR6: 00000000ffff0ff0 DR7: 0000000000000600 [ 111.120724] Call Trace: [ 111.120846] <TASK> [ 111.120959] ? intlog2_test+0xf2/0x220 [ 111.121123] ? __pfx_intlog2_test+0x10/0x10 [ 111.121277] ? sysvec_apic_timer_interrupt+0x50/0x90 [ 111.122118] ? trace_hardirqs_on+0x37/0xe0 [ 111.122585] ? __pfx_read_tsc+0x10/0x10 [ 111.123093] ? ktime_get_ts64+0x86/0x230 [ 111.123493] kunit_try_run_case+0x1a5/0x480 [ 111.123966] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.124431] ? queued_spin_lock_slowpath+0x116/0xb40 [ 111.125212] ? __kthread_parkme+0x82/0x180 [ 111.125635] ? preempt_count_sub+0x50/0x80 [ 111.126040] ? __pfx_kunit_try_run_case+0x10/0x10 [ 111.126285] kunit_generic_run_threadfn_adapter+0x85/0xf0 [ 111.126864] ? __pfx_kunit_generic_run_threadfn_adapter+0x10/0x10 [ 111.127079] kthread+0x337/0x6f0 [ 111.127204] ? trace_preempt_on+0x20/0xc0 [ 111.127379] ? __pfx_kthread+0x10/0x10 [ 111.127513] ? _raw_spin_unlock_irq+0x47/0x80 [ 111.127820] ? calculate_sigpending+0x7b/0xa0 [ 111.128056] ? __pfx_kthread+0x10/0x10 [ 111.128213] ret_from_fork+0x41/0x80 [ 111.128459] ? __pfx_kthread+0x10/0x10 [ 111.128871] ret_from_fork_asm+0x1a/0x30 [ 111.129078] </TASK> [ 111.129241] ---[ end trace 0000000000000000 ]---
Failure - log-parser-boot/oops-oops-general-protection-fault-probably-for-non-canonical-address-smp-kasan-pti
KNOWN ISSUE - qemu-x86_64: Oops: general protection fault, probably for non-canonical address - KASAN: null-ptr-deref - kunit_test_null_dereference
[ 110.477293] Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI